Security Cipher

Additional Resources

Compilation of Resources Featuring Daily Bug Bounty Writeups

xss
sql injection
xxe
bug-bounty
recon
wordpress
ai
red-team
ctf
graphql
Lab
TitleLinkAuthorTagsPublication date
Same Username, Different Letters? Account Creation with Lookalike Usernameshttps://strangerwhite.medium.com/same-username-different-letters-account-creation-with-lookalike-usernames-e370b2a7d5e3?source=rss------bug_bounty-5StrangeRwhitebug-bounty-tips, bug-bounty, bug-bounty-writeup, hacking, writeup18-May-2025
Meta BBP — Stored XSS at Meta Careershttps://almuntadhar.medium.com/meta-bbp-stored-xss-at-meta-careers-c0bf074bddfa?source=rss------bug_bounty-5Muntadhar M. Ahmedcybersecurity, security, bug-bounty, meta-bug-bounty, web-vulnerabilities18-May-2025
The Most Dangerous Bug I’ve Ever Found (And No One Was Looking)https://infosecwriteups.com/the-most-dangerous-bug-ive-ever-found-and-no-one-was-looking-2e96e5079a01?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, infosec, cybersecurity, hacking, ai18-May-2025
How I Found a P1 Vulnerability That Allowed Full Account Takeoverhttps://medium.com/@hacker_space11/how-i-found-a-p1-vulnerability-that-allowed-full-account-takeover-e959fce8d882?source=rss------bug_bounty-5hacker_space11bug-bounty, bug-bounty-tips18-May-2025
️‍♂️Recon For New Bug bounty Hunters — Short Storyhttps://medium.com/@sudarshan.defcon/%EF%B8%8F-%EF%B8%8Frecon-for-new-bug-bounty-hunters-short-story-4f862a333e6d?source=rss------bug_bounty-5Sudarshan Patelreconnaissance, bug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty18-May-2025
Quantifying Cyber Risk: Moving Beyond Heat Maps to Dollar Valueshttps://medium.com/@paritoshblogs/quantifying-cyber-risk-moving-beyond-heat-maps-to-dollar-values-b4ec44d92b1c?source=rss------bug_bounty-5Paritoshbug-bounty, hacking, cybersecurity, information-security, information-technology18-May-2025
Redirect Roulette: How Poor OAuth Redirect Handling Gave Me Account Takeoverhttps://infosecwriteups.com/redirect-roulette-how-poor-oauth-redirect-handling-gave-me-account-takeover-8c21ca809e3a?source=rss------bug_bounty-5Iskiinfosec, bug-bounty, hacking, money, cybersecurity18-May-2025
$200 Bounty: Sensitive information disclosurehttps://medium.com/meetcyber/200-bounty-sensitive-information-disclosure-791799adb57b?source=rss------bug_bounty-5Monika sharmabug-bounty, technology, hacking, cybersecurity, report18-May-2025
I Found more then 10+ bug in single program: A Warning to Fellow Bug Huntershttps://medium.com/@ravindrajatav0709/i-found-more-then-10-bug-in-single-program-a-warning-to-fellow-bug-hunters-7bc95b8ea860?source=rss------bug_bounty-5Ravindrajatavbug-zero, cybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup18-May-2025
How I Discovered Sensitive Data & Directory Exposure on an Indian Government Medical Institute…https://medium.com/@adithyadhi007/how-i-discovered-sensitive-data-directory-exposure-on-an-indian-government-medical-institute-0d2fbbc5042e?source=rss------bug_bounty-5Adithya Rajbug-bounty, cybersecurity, bugbounty-writeup18-May-2025
OWASP Pentest Series (2/12)https://medium.com/@thezeeshankhan/owasp-pentest-series-2-12-cbbcb32f23ab?source=rss------bug_bounty-5TheZeeshanKhanbug-bounty, penetration-testing, security18-May-2025
DOM XSS Exploitation via postMessage in an iframehttps://osintteam.blog/dom-xss-exploitation-via-postmessage-in-an-iframe-d50df8feac5b?source=rss------bug_bounty-5Bash Overflowdom-xss-exploitation, postmessage-dom-xss, bug-bounty-tips, iframe-xss, bug-bounty18-May-2025
0 to First Bug: What I’d Do Differently If I Started Bug Bounty Todayhttps://infosecwriteups.com/0-to-first-bug-what-id-do-differently-if-i-started-bug-bounty-today-126494ba7e52?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, ai, cybersecurity, infosec, hacking17-May-2025
The Role of AI in Next-Gen Vulnerability Managementhttps://medium.com/@paritoshblogs/the-role-of-ai-in-next-gen-vulnerability-management-f2988ace3de5?source=rss------bug_bounty-5Paritoshbug-bounty, vulnerability, hacking, cybersecurity, vulnerability-management17-May-2025
Hacking My Car, and probably yours— Security Flaws in Volkswagen’s Apphttps://loopsec.medium.com/hacking-my-car-and-probably-yours-security-flaws-in-volkswagens-app-24b34c47ba89?source=rss------bug_bounty-5LoopSecvulnerability, ios, cybersecurity, bug-bounty, ethical-hacking17-May-2025
Reverse Engineering for Beginnerhttps://medium.com/@anandrishav2228/reverse-engineering-for-beginner-0bf9b20542f7?source=rss------bug_bounty-5Rishav anandbug-bounty, hacking, reverse-engineering, beginner, cybersecurity17-May-2025
This One Tool Changed My Hacking Workflow: Meet Proxifyhttps://chintalatarakaram.medium.com/the-secret-weapon-of-ethical-hackers-mastering-proxify-e42d2f3ba0ca?source=rss------bug_bounty-5Chintala Taraka Rambug-bounty, writing, tools, https-proxy, hacking17-May-2025
From IDOR to Admin Door: The Bug That Opened Everythinghttps://medium.com/@dineshnarasimhan27/from-idor-to-admin-door-the-bug-that-opened-everything-9479b4185c05?source=rss------bug_bounty-5Dinesh Narasimhanbug-bounty-tips, cybersecurity, bugbounty-writeup, bug-bounty, hacking17-May-2025
TryHackMe Light: Full Walkthrough & SQL Injection Exploithttps://medium.com/@aawart2005/tryhackme-light-full-walkthrough-sql-injection-exploit-1e25db316905?source=rss------bug_bounty-5Aawarttryhackme, thm, sqlite, thm-writeup, bug-bounty17-May-2025
VAPT vs Bug Bounty: The Security Showdown Your Organization Needs to Know Abouthttps://rootissh.in/vapt-vs-bug-bounty-the-security-showdown-your-organization-needs-to-know-about-fb555be0083f?source=rss------bug_bounty-5Atharva Deshmukhcybersecurity, bug-bounty, pentesting, cybercrime, security17-May-2025
My First Bug Bounty: How I Earned $1,000https://medium.com/@kailasv678/my-first-bug-bounty-how-i-earned-1-000-4ae2bf36039d?source=rss------bug_bounty-5Kailasvbug-bounty-writeup, cybersecurity, hacking, hackerone, bug-bounty17-May-2025
PDTM(Project Discovery Tool Manager)https://medium.com/@aysbnd00/pdtm-project-discovery-tool-manager-770802ad0ce2?source=rss------bug_bounty-5icybndpenetration-testing, enumeration, bug-bounty, vulnerability-scanning17-May-2025
How I Found the Most Weird Bug in the Bug Bounty Field — Is It Really Worth It…https://medium.com/@mahdisalhi0500/how-i-found-the-most-weird-bug-in-the-bug-bounty-field-is-it-really-worth-it-d4b60c0352a8?source=rss------bug_bounty-5CaptinSHArky(Mahdi)cybersecurity, penetration-testing, information-security, bug-bounty, hacking17-May-2025
Wide Reconhttps://medium.com/@rthunt3r/wide-recon-15ead790196f?source=rss------bug_bounty-5R T Hunterhacker, red-teaming, bug-bounty, cybersecurity, bug-bounty-tips17-May-2025
$10,500 Bounty: A Grammarly Account Takeover Vectorhttps://infosecwriteups.com/10-500-bounty-a-grammarly-account-takeover-vector-974ef90fb00a?source=rss------bug_bounty-5Monika sharmabug-bounty-tips, cybersecurity, technology, report, bug-bounty17-May-2025
$500 Bounty: A Referer Leak in Brave’s Private Tor Windowhttps://infosecwriteups.com/500-bounty-a-referer-leak-in-braves-private-tor-window-ee0c846203b5?source=rss------bug_bounty-5Monika sharmatechnology, bug-bounty, cybersecurity, hacking, penetration-testing17-May-2025
Mastering Microservices: The Ultimate Guidehttps://medium.com/@zoningxtr/mastering-microservices-the-ultimate-guide-2537811bb9d3?source=rss------bug_bounty-5Zoningxtrmicroservices, web-development, penetration-testing, cybersecurity, bug-bounty17-May-2025
How I Found Stored HTML Injection in the Invite User Feature and Earned $300https://cybersecuritywriteups.com/how-i-found-stored-html-injection-in-the-invite-user-feature-and-earned-300-3f0d106a7960?source=rss------bug_bounty-5Whitehatcybersecurity, hacking, bug-bounty-tips, bug-bounty, bugbounty-writeup17-May-2025
How I Took Admin Account via JWT Bypasshttps://medium.com/@dharaniswaran.cs22/how-i-took-admin-account-via-jwt-bypass-5bed37a8e7ac?source=rss------bug_bounty-5Dharanisvapt, json, vulnerability, bug-bounty, jwt-token17-May-2025
Token of Misfortune: How a Refresh Token Leak Let Me Regenerate Unlimited Sessionshttps://infosecwriteups.com/token-of-misfortune-how-a-refresh-token-leak-let-me-regenerate-unlimited-sessions-bb6693751c85?source=rss------bug_bounty-5Iskimoney, cybersecurity, bug-bounty, hacking, infosec17-May-2025
How I Discovered Critical Secrets in Docker Images by Scanning Every Tag and Architecturehttps://medium.com/@Ghaazy/how-i-discovered-critical-secrets-in-docker-images-by-scanning-every-tag-and-architecture-3edbc10db0c1?source=rss------bug_bounty-5Ahmed Ghazycybersecurity, infosec, bug-bounty17-May-2025
Easy Bug That Falls Between P5 and P3: Find Broken Access Control & IDOR Using AutoReisze in Burp…https://medium.com/@ahmedashrafshora/easy-bug-that-falls-between-p5-and-p3-find-broken-access-control-idor-using-autoreisze-in-burp-6f427852a788?source=rss------bug_bounty-5Ahmed Ashraf Shoraweb-penetration-testing, bug-bounty, cybersecurity, autorize, hacking17-May-2025
Sharpening Command Injections to get Full RCEhttps://infosecwriteups.com/sharpening-command-injections-to-get-full-rce-e4cf257d2c66?source=rss------bug_bounty-5Mostafa Alrefaihacking, rce, cybersecurity, pentesting, bug-bounty17-May-2025
Bug Bounty desde Cero: De la Curiosidad al Primer Hallazgohttps://medium.com/@bertolanicami/bug-bounty-desde-cero-de-la-curiosidad-al-primer-hallazgo-6642e3944764?source=rss------bug_bounty-5Cami Bertolanibug-bounty, hacking, bug-bounty-tips, cybersecurity, vulnerability17-May-2025
From 0 to $$$: Finding Rate Limit Bypasses Like a Prohttps://infosecwriteups.com/from-0-to-finding-rate-limit-bypasses-like-a-pro-6baf92b6acad?source=rss------bug_bounty-5BugBounty Universitybug-bounty-tips, infosec, penetration-testing, cybersecurity, bug-bounty16-May-2025
Part-2️‍♂️Bug Bounty Secrets They Don’t Tell You: Tricks From 100+ Reported Bugshttps://infosecwriteups.com/part-2-%EF%B8%8F-%EF%B8%8Fbug-bounty-secrets-they-dont-tell-you-tricks-from-100-reported-bugs-46429520beb3?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, cybersecurity, hacking, secrets, bug-bounty16-May-2025
Bug Bounty Burnout: When Serious Bugs Get Dismissedhttps://medium.com/@vivekps143/bug-bounty-burnout-when-serious-bugs-get-dismissed-f22cf0f0f293?source=rss------bug_bounty-5Vivek PShacking, web-development, bug-bounty, programming, burnout16-May-2025
Port- 139,445 SMB Exploitation (Series:1/ [article:2])https://infosecwriteups.com/port-139-445-smb-exploitation-series-1-article-2-6769570eb0ef?source=rss------bug_bounty-5Mr Horbioethical-hacking, hacking, bug-bounty, penetration-testing, cybersecurity16-May-2025
$750 Bounty: From X-Forwarded-Host to Stored DOM XSShttps://osintteam.blog/750-bounty-from-x-forwarded-host-to-stored-dom-xss-de0785adfe05?source=rss------bug_bounty-5Monika sharmapenetration-testing, bug-bounty, hacking, cybersecurity, technology16-May-2025
️‍♂️ From Recon to Report: How I Approach Every Bug Bounty Targethttps://osintteam.blog/%EF%B8%8F-%EF%B8%8F-from-recon-to-report-how-i-approach-every-bug-bounty-target-2663163148d5?source=rss------bug_bounty-5Vipul Sonuleosint, bug-bounty, cybersecurity, hacking, tech16-May-2025
How to escalate a SQL injection if there is a strict WAF?https://medium.com/@bug_vs_me/how-to-escalate-a-sql-injection-if-there-is-a-strict-waf-2a7798bb769e?source=rss------bug_bounty-5Deepakbug-bounty, waf-bypass, hacking, sql-injection, sql16-May-2025
$500 Bounty: Race Condition in Hacker101 CTF Group Joinhttps://infosecwriteups.com/500-bounty-race-condition-in-hacker101-ctf-group-join-d7e84651bc5f?source=rss------bug_bounty-5Monika sharmareport, technology, bug-bounty, penetration-testing, hacking16-May-2025
How a Simple Logic Flaw Led to a $3,250 Bountyhttps://infosecwriteups.com/how-a-simple-logic-flaw-led-to-a-3-250-bounty-476d747bf57a?source=rss------bug_bounty-5Monika sharmareport, technology, cybersecurity, bug-bounty, penetration-testing16-May-2025
Race Condition Seru: Ngebobol Limit Cuma Modal Request Paralelhttps://medium.com/@FufuFaf1/race-condition-seru-ngebobol-limit-cuma-modal-request-paralel-44f1da33e4fb?source=rss------bug_bounty-5FufuFafacybersecurity, bug-bounty-tips, hacking, bug-bounty-writeup, bug-bounty16-May-2025
Caching Trouble: The Public Cache That Leaked Private User Datahttps://infosecwriteups.com/caching-trouble-the-public-cache-that-leaked-private-user-data-0d410af5cb4c?source=rss------bug_bounty-5Iskicybersecurity, bug-bounty, infosec, hacking, money16-May-2025
From Guest to Admin: Chaining Pre-Account Takeover with Privilege Escalationhttps://medium.com/@kroush333/from-guest-to-admin-chaining-pre-account-takeover-with-privilege-escalation-fe970e80cd25?source=rss------bug_bounty-5MahmoudKroushbug-bounty, bug-bounty-tips, cybersecurity16-May-2025
Privilege Escalation via Response Manipulationhttps://mrshan.medium.com/privilege-escalation-via-response-manipulation-efe66697bc98?source=rss------bug_bounty-5MR SHANbug-bounty-tips, response-manipulation, burpsuite, cybersecurity, bug-bounty16-May-2025
FullMounty (Easy) PwnTillDawn Walkthrough.https://medium.com/@3L4CKCYBR/badger-easy-pwntilldawn-walkthrough-50670472cc33?source=rss------bug_bounty-53L4CKCYBR_technology, privilege-escalation, bug-bounty, cybersecurity, pwntilldawn16-May-2025
PII Leak via Emailhttps://medium.com/@hossam_hamada/pii-leak-via-email-3ff4eb5199d9?source=rss------bug_bounty-5Hossam Hamadabug-bounty, bugbounty-tips, bugcrowd, hackerone, bugbounty-writeup16-May-2025
CTF | Brute Force Login Cuma Modal Terminal Gak Perlu UI!https://inrexna.medium.com/ctf-brute-force-login-cuma-modal-terminal-gak-perlu-ui-ddd455c4bf66?source=rss------bug_bounty-5InREXnAethical-hacking, bug-bounty, cybersecurity, penetration-testing, ctf-writeup16-May-2025
How I almost made $1000 from XSS bypass attributehttps://medium.com/@0xRedFox29/how-i-almost-made-1000-from-xss-bypass-attribute-77d68f0bc33c?source=rss------bug_bounty-5kunx90bug-bounty-tips, cybersecurity, bug-bounty-writeup, bug-bounty, red-team-security16-May-2025
2fa, OTP bypass checklists 2025https://medium.com/@mohaned0101/2fa-otp-bypass-checklists-2025-4d45f92dbdaa?source=rss------bug_bounty-5mohaned alkhlototp-verification, 2fa-bypass, bug-bounty-tips, 2fa, bug-bounty16-May-2025
Open Redirect via Base64-Encoded state Parameter in OAuth Flow (returnTo field)https://medium.com/@husseinelturkey/open-redirect-via-base64-encoded-state-parameter-in-oauth-flow-returnto-field-42a0319ef296?source=rss------bug_bounty-5Hussein Elturkeybug-bounty-writeup, duplicate, open-redirect, bugcrowd, bug-bounty16-May-2025
Reflexiones sobre la creación de comunidades: El caso Bug Bounty Argentina y su réplicahttps://medium.com/@yenoyow561/reflexiones-sobre-la-creaci%C3%B3n-de-comunidades-el-caso-bug-bounty-argentina-y-su-r%C3%A9plica-f7a6cf3c9cf1?source=rss------bug_bounty-5KRAQENcybersecurity, inclusion, plágio, ethical-hacking, bug-bounty16-May-2025
How I almost made $1000 from XSS bypass attributehttps://medium.com/@0xRedFox29/how-i-almost-made-1000-from-xss-bypass-attribute-77d68f0bc33c?source=rss------bug_bounty-50xRedFox29bug-bounty-tips, cybersecurity, bug-bounty-writeup, bug-bounty, red-team-security16-May-2025
☕Best Tool for Analyzing Java Files (90% of Hackers Don’t Know This)https://infosecwriteups.com/best-tool-for-analyzing-java-files-90-of-hackers-dont-know-this-07a57d1477f9?source=rss------bug_bounty-5Abhijeet Kumawatjava, bug-bounty, infosec, hacking, cybersecurity15-May-2025
Hacking With No Tools: How to Break Web Apps Using Just Your Browser ️‍♂️https://infosecwriteups.com/hacking-with-no-tools-how-to-break-web-apps-using-just-your-browser-%EF%B8%8F-%EF%B8%8F-255861d3f623?source=rss------bug_bounty-5Vipul Sonuleinfosec, hacking, cybersecurity, bug-bounty, tech15-May-2025
$3,000 Bounty: RCE in Burp Suite via Clickjackinghttps://infosecwriteups.com/3-000-bounty-rce-in-burp-suite-via-clickjacking-3a3bac7cf431?source=rss------bug_bounty-5Monika sharmabug-bounty, hacking, penetration-testing, cybersecurity, technology15-May-2025
Blog Title: Not Your File: How Misconfigured MIME Types Let Me Upload Evil Scriptshttps://infosecwriteups.com/blog-title-not-your-file-how-misconfigured-mime-types-let-me-upload-evil-scripts-889efb18a7ce?source=rss------bug_bounty-5Iskihacking, infosec, money, bug-bounty, cybersecurity15-May-2025
Bypassing OTP Verification via Response Manipulation: A Silent Threathttps://frostyxsec.medium.com/bypassing-otp-verification-via-response-manipulation-a-silent-threat-006dc2b6fa13?source=rss------bug_bounty-5Frostynxthbug-bounty-hunter, bug-bounty-tips, bug-bounty, bug-bounty-writeup15-May-2025
CHAINING THE SCOPEhttps://sijojohnson.medium.com/chaining-the-scope-0f6fcb9e7cf4?source=rss------bug_bounty-5Sijo Johnsonsensitive-data-exposure, easy-pii-leak, pii-data, wedohacks, bug-bounty15-May-2025
QA Mindset Shift: From Bug Hunters to User Whisperershttps://medium.com/@ivan.boklach/qa-mindset-shift-from-bug-hunters-to-user-whisperers-7e9dccff0fc4?source=rss------bug_bounty-5Ivan Boklachbug-bounty, bugs, qa15-May-2025
Top Tools That Helped Me Earn $500 in 30 Dayshttps://infosecwriteups.com/top-tools-that-helped-me-earn-500-in-30-days-00123f09cd7a?source=rss------bug_bounty-5It4chis3cbug-bounty, recon, secrets, hacking, information-security15-May-2025
The Gray Code: When Hackers Wrestle With Their Shadowshttps://medium.com/meetcyber/the-gray-code-when-hackers-wrestle-with-their-shadows-0a2cb5b66e21?source=rss------bug_bounty-5Ahmad Javedhacker, hacking, bug-bounty, cybersecurity, ethical-hacking15-May-2025
GitHub Dorking Brought Us the Bountyhttps://medium.com/@nocley/github-dorking-brought-us-the-bounty-cd1c4675371e?source=rss------bug_bounty-5nocleyintigriti, bugbounty-tips, hacking, bug-bounty, bugbounty-writeup15-May-2025
Introducing SecureCrawl: The Intelligent Web Security Crawlerhttps://medium.com/@N0aziXss/introducing-securecrawl-the-intelligent-web-security-crawler-d258ec05edb8?source=rss------bug_bounty-5N0aziXssethical-hacking, cybersecurity, bug-bounty, python, web-security15-May-2025
Cybersecurity Training: Real-World Code Review Challenges on CodeVulnHunthttps://medium.com/@mithun_/cybersecurity-training-real-world-code-review-challenges-on-codevulnhunt-70a0a36e50bf?source=rss------bug_bounty-5Mithunsource-code, ctf, cybersecurity, infosec, bug-bounty15-May-2025
How Attackers Use Google Dorks to Discover Your Exposed Assetshttps://medium.com/@tejprakashbk1996/how-attackers-use-google-dorks-to-discover-your-exposed-assets-026f367c21e4?source=rss------bug_bounty-5Tejprakashgoogle-dork, security, google-search, reconnaissance, bug-bounty15-May-2025
NoSQL Injection Detection — A hands-on Exploitation Walkthroughhttps://infosecwriteups.com/nosql-injection-detection-a-hands-on-exploitation-walkthrough-03aaa19dab70?source=rss------bug_bounty-5Aditya Bhattnosql-injection, nosql, sql-injection, cybersecurity, bug-bounty15-May-2025
The “Unlimited Leave” Hack I Found at My Collegehttps://medium.com/@swarnimbandekar/the-unlimited-leave-hack-i-found-at-my-college-4c772df5f8e4?source=rss------bug_bounty-5Swarnim Bandekarethical-hacking, bug-bounty, bug-bounty-tips, hacking, penetration-testing15-May-2025
Exploring GoBuster: A Powerful Tool For Directory and File Discoveryhttps://medium.com/@natarajanck2/exploring-gobuster-a-powerful-tool-for-directory-and-file-discovery-0009c500e158?source=rss------bug_bounty-5Natarajan C Kbug-bounty, gobuster, security, browsers, violation15-May-2025
Mi Carta de reconocimiento por la NASA: lo que no se ve detrás del logrohttps://medium.com/@juanfelipeoz.rar/mi-carta-de-reconocimiento-por-la-nasa-lo-que-no-se-ve-detr%C3%A1s-del-logro-59c6cb59671c?source=rss------bug_bounty-5Juan Felipe Osorio Zseguridad-informatica, ciberseguridad, hacking, bug-bounty, nasa15-May-2025
CVE-2025-4455: Local Privilege Escalation in Patch My PC Home Updaterhttps://sneharghya.medium.com/cve-2025-4455-local-privilege-escalation-in-patch-my-pc-home-updater-58f2c2041b46?source=rss------bug_bounty-5Sneharghya Roydll-hijacking, bug-bounty, cybersecurity15-May-2025
403 Bypass Techniques for Bug Bountyhttps://medium.com/@silverxcyber/403-bypass-techniques-for-bug-bounty-dcd449733bec?source=rss------bug_bounty-5SilverXCyber403bypass, bug-bounty, 403-forbidden, bug-bounty-hunter, bug-bounty-writeup15-May-2025
Escalando Privilégios com a Determinação de um Shih Tzuhttps://medium.com/@correa-sergio/escalando-privil%C3%A9gios-com-a-determina%C3%A7%C3%A3o-de-um-shih-tzu-9df40e8a482c?source=rss------bug_bounty-5Sérgio Corrêacybersecurity, ctf, segurança-da-informação, pentest, bug-bounty15-May-2025
What crime did humans commit to attract the punishment of bedbugs!https://medium.com/@Purpledot_/what-crime-did-humans-commit-to-attract-the-punishment-of-bedbugs-5e77ee08aa6c?source=rss------bug_bounty-5Confidencemedium, problems, helping-others, bug-bounty, solutions15-May-2025
My First Year in Bug Bounty $$$https://infosecwriteups.com/my-first-year-in-bug-bounty-9c87e0b68ac4?source=rss------bug_bounty-5RivuDonbug-bounty-writeup, bug-hunter, bug-bounty-tips, bug-bounty, bug-hunting14-May-2025
JWT Exploitation: How I Forged Tokens and Took Over Accountshttps://infosecwriteups.com/jwt-exploitation-how-i-forged-tokens-and-took-over-accounts-2e7ab1cf4df8?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, bug-bounty, hacking, jwt, cybersecurity14-May-2025
Title: Filter Failure: From HTML Injection to Full-Blown XSS via Rich Text Editorshttps://infosecwriteups.com/title-filter-failure-from-html-injection-to-full-blown-xss-via-rich-text-editors-af6809e248b4?source=rss------bug_bounty-5Iskibug-bounty, money, cybersecurity, hacking, infosec14-May-2025
Ethical Hacking Guide: Penetration Testing Apache Tomcat (2025 Edition)https://medium.com/@verylazytech/ethical-hacking-guide-penetration-testing-apache-tomcat-2025-edition-01dc367f070c?source=rss------bug_bounty-5Very Lazy Techpenetration-testing, apache, tomcat, ethical-hacking, bug-bounty14-May-2025
IDOR: When One Tiny Change Exposes Everythinghttps://medium.com/@sachinpv2004/idor-when-one-tiny-change-exposes-everything-c54b6750d2fd?source=rss------bug_bounty-5SACHIN PVpentesting, idor, bug-bounty, vulnerability, owasp14-May-2025
Ditch the Patchwork of Breach-Alert Tools: Monitor Every Credential Leak from One Place with…https://medium.com/@alexandrevandammepro/ditch-the-patchwork-of-breach-alert-tools-monitor-every-credential-leak-from-one-place-with-0b7f6225ecf8?source=rss------bug_bounty-5Alexandre Vandammecyberattack, bug-bounty-tips, technology, bug-bounty, cybersecurity14-May-2025
About Mehttps://0xsakibkhan.medium.com/about-me-673842903ff2?source=rss------bug_bounty-5Muhammad Shakibhacking-tools, bug-bounty, ethical-hacking, red-team-tools, pentesting14-May-2025
End Recon Tool Overload: Centralise Enumeration & Scanning with SubDomainRadar.iohttps://medium.com/@alexandrevandammepro/end-recon-tool-overload-centralise-enumeration-scanning-with-subdomainradar-io-ae387d97cc6c?source=rss------bug_bounty-5Alexandre Vandammehacking, bug-bounty, technology, cybersecurity, bug-bounty-tips14-May-2025
CTF Day(1)https://medium.com/@ahmednarmer1/ctf-day-1-c213568b8321?source=rss------bug_bounty-5Ahmed Narmercybersecurity, bug-bounty, ctf, web-penetration-testing14-May-2025
Breaking In Through the Backdoor: Password Reset Gone Wronghttps://infosecwriteups.com/breaking-in-through-the-backdoor-password-reset-gone-wrong-6e5243c16a19?source=rss------bug_bounty-5Ehtesham Ul Haqinfosec, penetration-testing, bug-bounty, writeup, passwords14-May-2025
How Inconsistent Input Handling and Poor Email Validation Can Lead to Admin Accesshttps://infosecwriteups.com/how-inconsistent-input-handling-and-poor-email-validation-can-lead-to-admin-access-b64b25413b82?source=rss------bug_bounty-5Bash Overflowbug-bounty, bypass-email-registration, bug-bounty-tips, lack-of-email-validation, email-logic-flaws14-May-2025
HackerNote(Medium)TryHackMe Walkthroughhttps://medium.com/@blackcyb3r29/hackernote-medium-tryhackme-walkthrough-41a7080c5046?source=rss------bug_bounty-53L4CKCYBR_tryhackme, cybersecurity, bug-bounty, ctf-writeup, technology14-May-2025
The Crypto Wallet Vulnerability That Went Undetected for Over Six Yearshttps://medium.com/@john-s4d/the-crypto-wallet-vulnerability-that-went-undetected-for-over-six-years-36cd52cb600c?source=rss------bug_bounty-5John Sessfordcrypto, solana-network, bug-bounty, cryptocurrency, cybersecurity14-May-2025
CTF Day(2)https://medium.com/@ahmednarmer1/ctf-day-2-f405f7d0449d?source=rss------bug_bounty-5Ahmed Narmerbug-bounty, ctf, cybersecurity, web-penetration-testing14-May-2025
Publishing your story with allbyhunterhttps://allbyhunter.com/publishing-your-story-with-allbyhunter-a121696ff60d?source=rss------bug_bounty-5kerstanstartup, hacking, bug-bounty, prgramming, coding14-May-2025
$800 Bounty — Web Cache Deception in Shopifyhttps://medium.com/meetcyber/800-bounty-web-cache-deception-in-shopify-c8507c2d99e5?source=rss------bug_bounty-5Monika sharmabug-bounty, bug-bounty-tips, technology, cybersecurity, penetration-testing14-May-2025
Bug Bounty Tips: From Zero to First Payouthttps://medium.com/@appsecwarrior/bug-bounty-tips-from-zero-to-first-payout-6bd8c9df0c48?source=rss------bug_bounty-5appsecwarriorsecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup, penetration-testing14-May-2025
Ethical Hacking Learning Pathhttps://0xben.medium.com/ethical-hacking-learning-path-and-roadmap-5e3252f7c9de?source=rss------bug_bounty-50xBENctf, bug-bounty, ethical-hacking, learning-path, penetration-testing14-May-2025
Breaking the Rules: Deleting Confirmed Organizations Through a Backend Flawhttps://medium.com/@cyberpro151/breaking-the-rules-deleting-confirmed-organizations-through-a-backend-flaw-525dc867841c?source=rss------bug_bounty-5cyberpro151cybersecurity, bug-bounty, penetration-testing, ethical-hacking, bug-bounty-tips14-May-2025
Researcher Yuvi — My Cybersecurity Journey at 16https://medium.com/@codewithyuvi/researcher-yuvi-my-cybersecurity-journey-at-16-e3dde09fba78?source=rss------bug_bounty-5Yuvraj Guptahall-of-fame, researcher-yuvi, ethical-hacking, bug-bounty, cybersecurity13-May-2025
Bypassing CSRF Protectionshttps://medium.com/@itamar.yochpaz/bypassing-csrf-protections-7db64f26b9e5?source=rss------bug_bounty-5Itamar Yochpazhacking, cybersecurity, application-security, bug-bounty, penetration-testing13-May-2025
$256 Bounty : XSS via Web Cache Poisoning in Discoursehttps://infosecwriteups.com/256-bounty-xss-via-web-cache-poisoning-in-discourse-594d5961555e?source=rss------bug_bounty-5Monika sharmabug-bounty, cybersecurity, penetration-testing, technology, hacking13-May-2025
How Hackers Bypass Login Pages with SQL, Logic Flaws, and Headershttps://infosecwriteups.com/how-hackers-bypass-login-pages-with-sql-logic-flaws-and-headers-567a5649e701?source=rss------bug_bounty-5Vipul Sonulebug-bounty, cybersecurity, infosec, programming, hacking13-May-2025
Forget Me Not: How Broken Logout Functionality Let Me Ride Sessions Foreverhttps://infosecwriteups.com/forget-me-not-how-broken-logout-functionality-let-me-ride-sessions-forever-3435e6d98845?source=rss------bug_bounty-5Iskicybersecurity, infosec, hacking, money, bug-bounty13-May-2025
The $1,000 Recon Trick: One Command That Changed My Hunting Gamehttps://infosecwriteups.com/the-1-000-recon-trick-one-command-that-changed-my-hunting-game-58527a7f6d7c?source=rss------bug_bounty-5Abhijeet Kumawattricks, hacking, vulnerability, recon, bug-bounty13-May-2025
Inside the Shadows: Why HTTP Smuggling Still Breaks the Webhttps://medium.com/@es0557533/inside-the-shadows-why-http-smuggling-still-breaks-the-web-c81c69577fdd?source=rss------bug_bounty-5Isvcybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-writeup, https13-May-2025
The Human Firewall: Why Your Employees Are Both Your Greatest Vulnerability and Assethttps://infosecwriteups.com/the-human-firewall-why-your-employees-are-both-your-greatest-vulnerability-and-asset-76a93b879bae?source=rss------bug_bounty-5Paritoshhacking, bug-bounty, firewall, cybersecurity, networking13-May-2025
Meet URLShort: The Ultimate URL Shortener, Fuzzer & Payload Injector for Bug Bounty Hunters &…https://neerajsah.medium.com/meet-urlshort-the-ultimate-url-shortener-fuzzer-payload-injector-for-bug-bounty-hunters-9c631e83d492?source=rss------bug_bounty-5Neeraj Sahbug-bounty, fuzzing, pentesting, hacking-tools, url-shorteners13-May-2025
Exploiting File Upload Vulnerabilities: What, Why & Howhttps://medium.com/@sachinpv2004/exploiting-file-upload-vulnerabilities-what-why-how-68e159aff82a?source=rss------bug_bounty-5SACHIN PVowasp, bug-bounty, file-upload, pentesting, file-upload-vulnerability13-May-2025
How I Found a Way to Prolong Password Reset Code Expiryhttps://infosecwriteups.com/how-i-found-a-way-to-prolong-password-reset-code-expiry-6214391023de?source=rss------bug_bounty-5Ehtesham Ul Haqpasswords, bug-bounty, hacking, penetration-testing, infosec13-May-2025
Web Cachehttps://medium.com/@eddinesaad122/web-cache-6065a266ae95?source=rss------bug_bounty-5saad eddinebug-bounty, web-development, technology, security, web13-May-2025
ASUS DriverHub Vulnerability Exposes Users to Remote Code Executionhttps://wiretor.medium.com/asus-driverhub-vulnerability-exposes-users-to-remote-code-execution-1f924851eeac?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesusa, bug-bounty, hacking, malware, rce13-May-2025
Bug Bounty Roadmap 2025: The Complete Guide to Becoming a Professional Ethical Hackerhttps://medium.com/@jiniyaasma8/bug-bounty-roadmap-2025-the-complete-guide-to-becoming-a-professional-ethical-hacker-a6ff0abc69ef?source=rss------bug_bounty-5Jiniyaasmabug-bounty-tips, technology, resources, cybersecurity, bug-bounty13-May-2025
$$$ bounty via unique username bypasshttps://medium.com/legionhunters/bounty-via-unique-username-bypass-26f2c76f5ee7?source=rss------bug_bounty-5cryptoshantmoney, bug-bounty, bug-bounty-tips, cybersecurity, hacking13-May-2025
My Exceptional SSRF Findinghttps://medium.com/@nocley/my-exceptional-ssrf-finding-73e8039e3a22?source=rss------bug_bounty-5nocleyreadteam, pentest, tips-and-tricks, bug-bounty, ssrf13-May-2025
Upload Vulnshttps://medium.com/@julius.grosserode.19/upload-vulns-3c139f507b28?source=rss------bug_bounty-5Juliopath-traversal, file-upload, bug-bounty, file-upload-vulnerability, bug-bounty-tips13-May-2025
Introducing DomainRecon: Your Advanced WHOIS & DNS Intelligence Toolhttps://medium.com/@N0aziXss/introducing-domainrecon-your-advanced-whois-dns-intelligence-tool-9e2dc63ae774?source=rss------bug_bounty-5N0aziXssethical-hacking, python, bug-bounty, reconnaissance, cybersecurity13-May-2025
Template Report Bug Bounty (Bahasa Indonesia)https://medium.com/@ikhlasul0507/template-report-bug-bounty-d3ad2f9d84ee?source=rss------bug_bounty-5Ikhlasulxss-attack, bugs, bug-bounty, xs12-May-2025
$25,000 SSRF in HackerOne’s Analytics Reportshttps://osintteam.blog/25-000-ssrf-in-hackerones-analytics-reports-b9a5b3aa3d6e?source=rss------bug_bounty-5Monika sharmahacking, bug-bounty, cybersecurity, technology, penetration-testing12-May-2025
How I Earned $200 From a Simple EXIF Bug (Step by Step Guide, You Can Use Today)https://infosecwriteups.com/how-i-earned-200-from-a-simple-exif-bug-step-by-step-guide-you-can-use-today-c71dc2d82389?source=rss------bug_bounty-5BugBounty Universityosint, bug-bounty, infosec, exif, cybersecurity12-May-2025
How I Found SSTI in a Search Barhttps://infosecwriteups.com/how-i-found-ssti-in-a-search-bar-6fede0d3263c?source=rss------bug_bounty-5Umanhonlen Gabrielhacking, bug-bounty, hacker, bug-bounty-tips12-May-2025
Breaking APIs: A Bug Hunter’s Guidehttps://osintteam.blog/breaking-apis-a-bug-hunters-guide-ba20b7098364?source=rss------bug_bounty-5Aditya Bhattapi-testing, bug-bounty, api, cybersecurity, bug-hunting12-May-2025
How I Exploited a Low-Level Logic Flaw to Manipulate Product Prices Using Burp Intruderhttps://osintteam.blog/how-i-exploited-a-low-level-logic-flaw-to-manipulate-product-prices-using-burp-intruder-64143bee2322?source=rss------bug_bounty-5Bash Overflowbug-bounty, exploit-logic-flaw, bypass-price-validation, logic-flaw-bug-bounty, bug-bounty-tips12-May-2025
This Red Teaming Tools can make you a pro Hacker.https://medium.com/@anandrishav2228/this-red-teaming-tools-can-make-you-a-pro-hacker-69b5f60fd735?source=rss------bug_bounty-5Rishav anandmoney, cybersecurity, red-team, bug-bounty, hacking12-May-2025
SSRF via PDF Generator? Yes, and It Led to EC2 Metadata Accesshttps://infosecwriteups.com/ssrf-via-pdf-generator-yes-and-it-led-to-ec2-metadata-access-39b8e5b41840?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, hacking, ssrf, bug-bounty, ssrf-attack12-May-2025
The Psychology of Patch Fatigue: Why Teams Delay Fixeshttps://medium.com/@paritoshblogs/the-psychology-of-patch-fatigue-why-teams-delay-fixes-eb4690cfb38e?source=rss------bug_bounty-5Paritoshcybersecurity, vulnerability, vulnerability-management, hacking, bug-bounty12-May-2025
Top 5 Easiest Bugs for Beginners in Bug Bountyhttps://infosecwriteups.com/top-5-easiest-bugs-for-beginners-in-bug-bounty-45dd81c49e03?source=rss------bug_bounty-5Vipul Sonulehacking, bug-bounty, infosec, technology, cybersecurity12-May-2025
$10,000 Bounty: HackerOne Report Comments Leak via “Export as .zip”https://infosecwriteups.com/10-000-bounty-hackerone-report-comments-leak-via-export-as-zip-a4aed8bd7409?source=rss------bug_bounty-5Monika sharmapenetration-testing, bug-bounty, technology, hacking, cybersecurity12-May-2025
SameSite? SameMess: How I Bypassed Cookie Protections to Hijack Sessions ️‍♂️https://infosecwriteups.com/samesite-samemess-how-i-bypassed-cookie-protections-to-hijack-sessions-%EF%B8%8F-%EF%B8%8F-20520f4be7ec?source=rss------bug_bounty-5Iskibug-bounty, money, cybersecurity, hacking, infosec12-May-2025
How I Find Open Redirect Bugs Using Waybackurls, Gau & GF Toolhttps://ch4ndan.medium.com/how-i-find-open-redirect-bugs-using-waybackurls-gau-gf-tool-64ac3dcb9aa0?source=rss------bug_bounty-5Ch4ndan dasbug-bounty, cybersecurity, bug-bounty-tips, cyber-security-awareness, bug-bounty-writeup12-May-2025
Intercept phone’s traffic in burp (using actual phone)https://medium.com/@ozz0x/intercept-phones-traffic-in-burp-using-actual-phone-ca46317add92?source=rss------bug_bounty-5Ozzapi, mobile-pentesting, api-testing, mobile-bug-bounty, bug-bounty12-May-2025
Researcher Yuvi Teen Hacker to Hall of Fame: My Cybersecurity Journey at 16https://medium.com/@codewithyuvi/researcher-yuvi-teen-hacker-to-hall-of-fame-my-cybersecurity-journey-at-16-230efba091cb?source=rss------bug_bounty-5Yuvraj Guptayoungest, cybersecurity, hacking, bug-bounty, yuvi12-May-2025
$12,000 RCE in GitLab: Arbitrary File Overwrite via Path Injectionhttps://medium.com/meetcyber/12-000-rce-in-gitlab-arbitrary-file-overwrite-via-path-injection-35443b6602df?source=rss------bug_bounty-5Monika sharmacybersecurity, penetration-testing, technology, bug-bounty, hacking12-May-2025
iSCSI— Port 3260 — How to exploit?https://medium.com/@verylazytech/iscsi-port-3260-how-to-exploit-c8402da9cefb?source=rss------bug_bounty-5Very Lazy Techethical-hacking, iscsi, penetration-testing, oscp, bug-bounty12-May-2025
️ Top 25 Most Dangerous Software Weaknesses (CWE)https://medium.com/@shamzen96/%EF%B8%8F-top-25-most-dangerous-software-weaknesses-cwe-91a3e4e58f42?source=rss------bug_bounty-5Shivam Rajbug-bounty, cwe, cybersecurity12-May-2025
Researcher Yuvi — My Cybersecurity Journey at 16https://medium.com/@codewithyuvi/researcher-yuvi-teen-hacker-to-hall-of-fame-my-cybersecurity-journey-at-16-230efba091cb?source=rss------bug_bounty-5Yuvraj Guptayoungest, cybersecurity, hacking, bug-bounty, yuvi12-May-2025
bWAPP HTML Injection CheatSheet — (WebApp Pentesting 1)https://serkanbenol.medium.com/bwapp-html-injection-cheatsheet-webapp-pentesting-1-f6ae6719617a?source=rss------bug_bounty-5serkanbenolbug-bounty-hunter, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-writeup12-May-2025
The Ultimate IDOR Bug Bounty Methodology — Learn & Hunt Like a Pro (2025 Guide)https://hackersatty.medium.com/the-ultimate-idor-bug-bounty-methodology-learn-hunt-like-a-pro-2025-guide-fd79e50fd7fe?source=rss------bug_bounty-5hackersattyidor-vulnerability, bug-hunting, bug-bounty, bug-bounty-writeup, api12-May-2025
[Bug Bounty] How I Leaked Admin Metadata From a Low-Privileged Account — A Deep Dive into…https://hackersatty.medium.com/bug-bounty-how-i-leaked-admin-metadata-from-a-low-privileged-account-a-deep-dive-into-23e0d699d792?source=rss------bug_bounty-5hackersattybug-bounty, idor, bug-bounty-writeup, javascript, api-endpoint12-May-2025
Master CRLF Injection: The Underrated Bug with Dangerous Potentialhttps://infosecwriteups.com/master-crlf-injection-the-underrated-bug-with-dangerous-potential-33bb0d62e031?source=rss------bug_bounty-5coffinxpprogramming, hacking, bug-bounty, cybersecurity, technology12-May-2025
How I Found a Way to Submit LeetCode Premium Problems as a Free Userhttps://medium.com/@ShreyasMahajann/how-i-found-a-way-to-submit-leetcode-premium-problems-as-a-free-user-cb30668b976c?source=rss------bug_bounty-5Shreyas Mahajanleetcode, hacking, cybersecurity, bug-bounty, coding12-May-2025
OSINT Writeups — MIST Cyber Drill 2025https://infosecwriteups.com/osint-writeups-mist-cyber-drill-2025-2d1e398a4672?source=rss------bug_bounty-5Mr Greyctf, osint, ctf-walkthrough, bug-bounty, ctf-writeup12-May-2025
Unauthenticated Cache Purging Vulnerabilityhttps://00x.medium.com/unauthenticated-cache-purging-vulnerability-29f2641fcbb8?source=rss------bug_bounty-500xdatabug-bounty-tips, bug-bounty12-May-2025
$1,120 Bounty: Clickjacking Vulnerability in Twitter Periscopehttps://osintteam.blog/1-120-bounty-clickjacking-vulnerability-in-twitter-periscope-b46e8dfc8915?source=rss------bug_bounty-5Monika sharmapenetration-testing, bug-bounty, technology, cybersecurity, hacking12-May-2025
API Key Exposure in NASA GitHub Repository Leads to Unauthorized Access to Academic Datahttps://infosecwriteups.com/api-key-exposure-in-nasa-github-repository-leads-to-unauthorized-access-to-academic-data-816bfb6ffede?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, infosec, bug-bounty, nasa, hacking11-May-2025
$16,000 Bounty: Stored XSS in GitLabhttps://infosecwriteups.com/16-000-bounty-stored-xss-in-gitlab-a0f57e5c4245?source=rss------bug_bounty-5Monika sharmahacking, penetration-testing, technology, bug-bounty, report11-May-2025
Confessions of a Bug Bounty Hunter: Tales from the Digital Junglehttps://bevijaygupta.medium.com/confessions-of-a-bug-bounty-hunter-tales-from-the-digital-jungle-892e188bc282?source=rss------bug_bounty-5Vijay Kumar Guptabug-bounty, bug-bounty-tips, bugs, confessions, digital11-May-2025
5 Places XSS Hides in Modern Bootstrap Apps (and How to Find Them)https://medium.com/@killuaX/5-places-xss-hides-in-modern-bootstrap-apps-and-how-to-find-them-d22ec62c8359?source=rss------bug_bounty-5Abhirambootstrap, xss-vulnerability, web-security, bug-bounty, ethical-hacking11-May-2025
Bypass Fitur Ganti Email via Request API Langsunghttps://medium.com/@FufuFaf1/bypass-fitur-ganti-email-via-request-api-langsung-fac831a8dc31?source=rss------bug_bounty-5FufuFafacybersecurity, cyber-security-awareness, bug-bounty, bug-bounty-writeup11-May-2025
Bug Bounty Race: Exploiting Race Conditions for Infinite Discountshttps://infosecwriteups.com/bug-bounty-race-exploiting-race-conditions-for-infinite-discounts-a2cb2f233804?source=rss------bug_bounty-5Aditya Bhattburpsuite, hacking, race-condition, cybersecurity, bug-bounty11-May-2025
APIs Hacking : Exploiting Race Condition 101https://iaraoz.medium.com/apis-hacking-exploiting-race-condition-101-e063ea5057cb?source=rss------bug_bounty-5Israel Aráoz Severicheapi, cybersecurity, bug-bounty, hacking, penetration-testing11-May-2025
MFA Update OTP Bypasshttps://medium.com/@aburayhan01734_18069/mfa-update-otp-bypass-64e2cd1cbe86?source=rss------bug_bounty-5Md. Abu Rayhanbypass, 2fa-bypass, mfa, bug-bounty, athentication11-May-2025
The “Unlimited Leave” Hack I Found at My College — And Why I Didn’t Use Ithttps://medium.com/@swarnimbandekar/vtop-idor-d73d42d206bc?source=rss------bug_bounty-5Swarnim Bandekarbug-bounty-writeup, bug-bounty, hacking, penetration-testing, cybersecurity11-May-2025
Unauthorized Access to Meta’s Draft Profile Picture Frames: A Bug Bounty Breakdownhttps://medium.com/@kamramehak445/unauthorized-access-to-metas-draft-profile-picture-frames-a-bug-bounty-breakdown-c46f592005dd?source=rss------bug_bounty-5Mehak kamracyber, meta, bug-bounty, cyberattack, cybersecurity11-May-2025
The Hidden Language: Exploiting GraphQL for Unauthorized Data Dumphttps://infosecwriteups.com/the-hidden-language-exploiting-graphql-for-unauthorized-data-dump-8be49f30a005?source=rss------bug_bounty-5Iskihacking, bug-bounty, infosec, money, cybersecurity11-May-2025
Red Team Concepts by Mr. Davidhttps://medium.com/@darshannnaik1234/red-team-concepts-by-mr-david-5650776fd778?source=rss------bug_bounty-5Darshan Naresh Naikactive-directory, cybersecurity, bug-bounty, ethical-hacking, red-team11-May-2025
Authorization Bypass Through HTTP Response Manipulationhttps://octayus.medium.com/authorization-bypass-through-http-response-manipulation-00e318a5b722?source=rss------bug_bounty-5OctaYusbug-bounty-tips, bug-bounty, twitter, authentication, cybersecurity11-May-2025
Tracking App Data Changes with Git During Mobile App Security Reviewhttps://medium.com/@arkadiy.litvinenko/tracking-app-data-changes-with-git-during-mobile-app-security-review-520af779dd49?source=rss------bug_bounty-5Arkadiy Litvinenkoapplication-security, bug-bounty, mobile-security, penetration-testing, information-security11-May-2025
More Than Broken Access: The Real Power of IDORshttps://medium.com/@xerox0x1/more-than-broken-access-the-real-power-of-idors-a50763e9ff8d?source=rss------bug_bounty-5XeRox01idor, bug-bounty, pentesting, web-security, infosec10-May-2025
Securing and Consuming APIs in the Cloud: A Complete Journey from Provider to Customerhttps://medium.com/@zoningxtr/securing-and-consuming-apis-in-the-cloud-a-complete-journey-from-provider-to-customer-d7c0f736b84d?source=rss------bug_bounty-5Zoningxtrweb-development, bug-bounty, api, cybersecurity, penetration-testing10-May-2025
Hidden HackerOne & Bugcrowd Programs: How to Get Private Inviteshttps://infosecwriteups.com/hidden-hackerone-bugcrowd-programs-how-to-get-private-invites-74f8e8ce38c4?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, cybersecurity, bugcrowd, hackerone, infosec10-May-2025
How to Build an Internal Security Review Checklist Before Every Deployment ✅https://securrtech.medium.com/how-to-build-an-internal-security-review-checklist-before-every-deployment-2c84910293aa?source=rss------bug_bounty-5Securr - Web3 Securitysmart-contract-security, web3-security, blockchain-security, bug-bounty, smart-contract-auditing10-May-2025
Core Banking System Architecture Explained: Layers, Components, and Securityhttps://medium.com/@zoningxtr/core-banking-system-architecture-explained-layers-components-and-security-72368ff7aed8?source=rss------bug_bounty-5Zoningxtrbug-bounty, web-development, cybersecurity, penetration-testing, api10-May-2025
Beyond Patch Tuesday: Managing Vulnerabilities in Real-Timehttps://medium.com/@paritoshblogs/beyond-patch-tuesday-managing-vulnerabilities-in-real-time-63dbfa6ac92f?source=rss------bug_bounty-5Paritoshcybersecurity, patch-tuesday, vulnerability, vulnerability-management, bug-bounty10-May-2025
Blind XXE Attacks via Out-of-Band Interaction Using Burp Collaboratorhttps://bashoverflow.medium.com/blind-xxe-attacks-via-out-of-band-interaction-using-burp-collaborator-af0abd7c7d25?source=rss------bug_bounty-5Bash Overflowxxe-injection, bug-bounty, blind-xxe-vulnerability, out-of-band-xxe-attack, bug-bounty-tips10-May-2025
️‍♂️ The Unwanted Guest: How Misconfigured Firebase Gave Me All the Datahttps://medium.com/@iski/%EF%B8%8F-%EF%B8%8F-the-unwanted-guest-how-misconfigured-firebase-gave-me-all-the-data-80e0e23b7250?source=rss------bug_bounty-5Iskibug-bounty, money, hacking, infosec, cybersecurity10-May-2025
Introduction to Web Applicationshttps://medium.com/@fatimahasan022/introduction-to-web-applications-3567db23580a?source=rss------bug_bounty-5Fatimahasanpenetration-testing, web-attack, bug-bounty, web-development, web-design10-May-2025
Inside the Enemy Lines: How a Simple IDOR Unmasked a Major Malware Campaignhttps://medium.com/@red.whisperer/inside-the-enemy-lines-how-a-simple-idor-unmasked-a-major-malware-campaign-4d61c2293cf6?source=rss------bug_bounty-5Chuxbug-bounty, hacking, malware, technology, cybersecurity10-May-2025
The Vulnerability Management Playbook for Lean Security Teamshttps://medium.com/@paritoshblogs/the-vulnerability-management-playbook-for-lean-security-teams-f253be8a0c85?source=rss------bug_bounty-5Paritoshplaybook, bug-bounty, cybersecurity, hacking, vulnerability-management10-May-2025
How I Earned 100 euros in 4 Hours as a Beginner Bug Bounty Hunterhttps://medium.com/@nn.nkp007/how-i-earned-100-euros-in-4-hours-as-a-beginner-bug-bounty-hunter-623530ba8bf5?source=rss------bug_bounty-5Niranjan Prajapatiintigriti, ethical-hacking, earn-money-online, earn-money, bug-bounty10-May-2025
$12,000 Bounty: From Path Traversal to Remote Code Execution on GitLabhttps://medium.com/meetcyber/12-000-bounty-from-path-traversal-to-remote-code-execution-on-gitlab-eab315e346c3?source=rss------bug_bounty-5Monika sharmareport, technology, penetration-testing, bug-bounty, hacking10-May-2025
LockBit Ransomware Gang Hacked: Internal Data & Victim Chats Leakedhttps://wiretor.medium.com/lockbit-ransomware-gang-hacked-internal-data-victim-chats-leaked-05b1adc7e123?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, money, ai, malware10-May-2025
Inside the Enemy Lines: How a Simple IDOR Unmasked a Major Malware Campaignhttps://infosecwriteups.com/inside-the-enemy-lines-how-a-simple-idor-unmasked-a-major-malware-campaign-4d61c2293cf6?source=rss------bug_bounty-5Chuxbug-bounty, hacking, malware, technology, cybersecurity10-May-2025
Making Your First $1,000 in Bug Bounties: A Practical Roadmap for Aspiring Hackershttps://medium.com/@maxwellcross/making-your-first-1-000-in-bug-bounties-a-practical-roadmap-for-aspiring-hackers-0b74a89c76a9?source=rss------bug_bounty-5Maxwell Crosshacking, bug-bounty, programming, coding10-May-2025
HTML Injectionhttps://medium.com/@fatimahasan022/html-injection-33a2ba6d7562?source=rss------bug_bounty-5Fatimahasanbug-bounty, html-injection, ethical-hacking, hackthebox, penetration-testing10-May-2025
$9,400 Bounty: XSS in Shopify’s Jamf Pro via Exposed Swagger UIhttps://osintteam.blog/9-400-bounty-xss-in-shopifys-jamf-pro-via-exposed-swagger-ui-7b029a4be766?source=rss------bug_bounty-5Monika sharmabug-bounty, hacking, technology, cybersecurity, penetration-testing10-May-2025
Improve your cybersecurity skillshttps://medium.com/@loyalonlytoday/improve-your-cybersecurity-skills-5cdb31d40a4f?source=rss------bug_bounty-5loyalonlytodayctf, bug-bounty, penetration-testing, hacking, cybersecurity09-May-2025
XSS Explained: A Complete Guide to Cross-Site Scripting with Practical Exampleshttps://medium.com/@mazene432/xss-explained-a-complete-guide-to-cross-site-scripting-with-practical-examples-80453349b35f?source=rss------bug_bounty-5Mazen Elsayedvulnerability-assessment, cybersecurity, bug-bounty, web-penetration-testing, penetration-testing09-May-2025
️Recon Automation Like a Pro: My 5-Stage System to Catch More Bugshttps://infosecwriteups.com/%EF%B8%8Frecon-automation-like-a-pro-my-5-stage-system-to-catch-more-bugs-4fff7b7c4726?source=rss------bug_bounty-5Abhijeet Kumawatrecon, hacking, cybersecurity, bug-bounty, infosec09-May-2025
JS File Reconnaissance In Web Hackinghttps://medium.com/@SysSecureLabs/js-file-reconnaissance-in-web-hacking-436215909594?source=rss------bug_bounty-5SysSecureLabsbug-bounty, bounties, reconnaissance, files-j, recon09-May-2025
$50,000 Bounty: GitHub Access Tokenhttps://infosecwriteups.com/50-000-bounty-github-access-token-c29cb6f00182?source=rss------bug_bounty-5Monika sharmatechnology, penetration-testing, report, hacking, bug-bounty09-May-2025
$840 Bounty: How I Stole OAuth Tokens from Twitterhttps://infosecwriteups.com/840-bounty-how-i-stole-oauth-tokens-from-twitter-733f82857eda?source=rss------bug_bounty-5Monika sharmabug-bounty, penetration-testing, cybersecurity, technology, hacking09-May-2025
OttoKit WordPress Plugin Hacked: How 100K+ Sites Fell Prey to Sneaky Exploits ️‍♂️https://ismailtasdelen.medium.com/ottokit-wordpress-plugin-hacked-how-100k-sites-fell-prey-to-sneaky-exploits-%EF%B8%8F-%EF%B8%8F-3c8ddac468e8?source=rss------bug_bounty-5Ismail Tasdelencyberattack, web-security, bug-bounty, wordpress, vulnerability09-May-2025
Security Vulnerability in Hidden Parameters: IDOR Attack on Mighty App Payment Pagehttps://medium.com/@security.tecno/security-vulnerability-in-hidden-parameters-idor-attack-on-mighty-app-payment-page-e01ea2f2dc48?source=rss------bug_bounty-5TECNO Securitybug-bounty, bugs, security, apps, hacking09-May-2025
CSP? More Like Can’t Stop Payloads — Bypassing CSP to XSS Like a Prohttps://infosecwriteups.com/csp-more-like-cant-stop-payloads-bypassing-csp-to-xss-like-a-pro-90d27c2c3a40?source=rss------bug_bounty-5Iskimoney, cybersecurity, bug-bounty, infosec, hacking09-May-2025
Web Application Hacking: Where do I Even Start?https://systemweakness.com/web-application-hacking-where-do-i-even-start-a1e05c240936?source=rss------bug_bounty-5Regan Temudobug-bounty, cybersecurity, web-application-security, advice, how-to09-May-2025
HyperScanner [HxScanner] v1.4: A Fast, Beautiful HTTP & CORS Scanner for Modern Hackershttps://neerajsah.medium.com/hyperscanner-hxscanner-v1-4-a-fast-beautiful-http-cors-scanner-for-modern-hackers-749b36e2d947?source=rss------bug_bounty-5Neeraj Sahgo-programming, cybersecurity, bug-bounty, hacking, open-source09-May-2025
Mastering Rate Limit Bypass Techniqueshttps://infosecwriteups.com/mastering-rate-limit-bypass-techniques-fff9499b0f42?source=rss------bug_bounty-5coffinxppenetration-testing, hacking, bug-bounty, technology, cybersecurity09-May-2025
Squid — Port 3128 — How to exploit?https://medium.com/@verylazytech/squid-port-3128-how-to-exploit-4cc4adcff83a?source=rss------bug_bounty-5Very Lazy Techpenetration-testing, oscp, bug-bounty, ethical-hacking, exploit09-May-2025
$15,000 Bounty: Found a Critical Vulnerability in Snapchathttps://medium.com/meetcyber/15-000-bounty-found-a-critical-vulnerability-in-snapchat-377176a0f0eb?source=rss------bug_bounty-5Monika sharmatechnology, report, bug-bounty, penetration-testing, hacking09-May-2025
Mastering 403 Bypasseshttps://medium.com/@XEyeSecurity/mastering-403-bypasses-cf6d1919404e?source=rss------bug_bounty-5Cybersectoworldbug-bounty, bug-bounty-tips09-May-2025
⚔️ How I Hijacked Password Reset Links with One Sneaky Header Injectionhttps://root-geek.medium.com/%EF%B8%8F-how-i-hijacked-password-reset-links-with-one-sneaky-header-injection-47a0db51bfd9?source=rss------bug_bounty-5ASC Lagesbug-bounty-writeup, account-take-over, bug-bounty09-May-2025
Shifting Left with Vulnerability Management: Security as Codehttps://medium.com/@paritoshblogs/shifting-left-with-vulnerability-management-security-as-code-353c206db2de?source=rss------bug_bounty-5Paritoshbug-bounty, vulnerability, vulnerability-management, programming, cybersecurity08-May-2025
No Auth, No Problem: The API Vulnerability That Led to Full Account Takeoverhttps://akr3ch.medium.com/no-auth-no-problem-the-api-vulnerability-that-led-to-full-account-takeover-199c6d7e7fa7?source=rss------bug_bounty-5akr3chbug-bounty, bug-bounty-tips, hackerone, account-takeover, cybersecurity08-May-2025
Bug Hunting in JS Files: Tricks, Tools, and Real-World POCshttps://infosecwriteups.com/bug-hunting-in-js-files-tricks-tools-and-real-world-pocs-70406e3eb72e?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, vulnerability, json-web-token, json, cybersecurity08-May-2025
A Guide to SQL Injection Attacks: Hackers Don’t Want You to Know This!https://infosecwriteups.com/a-guide-to-sql-injection-attacks-hackers-dont-want-you-to-know-this-a9837f711f6b?source=rss------bug_bounty-5Dhanush Ninformation-security, bug-bounty, hacking, sql-injection, cybersecurity08-May-2025
Tool Review — TraceWeb.io Extensionhttps://infosecwriteups.com/tool-review-traceweb-io-extension-5fdf79396e21?source=rss------bug_bounty-5ne555bug-bounty, infosec, browser-extension, hacking08-May-2025
$100 Bounty: How a Spoofed Email Could Change Any Username on HackerOnehttps://infosecwriteups.com/100-bounty-how-a-spoofed-email-could-change-any-username-on-hackerone-8efd98ab44f5?source=rss------bug_bounty-5Monika sharmabug-bounty, hacking, penetration-testing, technology, cybersecurity08-May-2025
How to Escalate The Payload On The Infected Machine.https://medium.com/meetcyber/how-to-escalate-the-payload-on-the-infected-machine-1d1beaa560ef?source=rss------bug_bounty-5NnFacehacking, bug-bounty, meterpreter, ethical-hacking, metasploit08-May-2025
⚔️ Unsafe Eval = Unlimited Control: How a JS Sink Let Me Run Anythinghttps://infosecwriteups.com/%EF%B8%8F-unsafe-eval-unlimited-control-how-a-js-sink-let-me-run-anything-60794929a295?source=rss------bug_bounty-5Iskibug-bounty, infosec, hacking, cybersecurity, money08-May-2025
From Zero to Recon: Your First ASN-Based Scanning Workflowhttps://brutsecurity.medium.com/from-zero-to-recon-your-first-asn-based-scanning-workflow-b08c88709410?source=rss------bug_bounty-5Saumadip Mandalbug-bounty, nasa, bug-bounty-tips, cybersecurity08-May-2025
Complete Guide to Nuclei Vulnerability Scannerhttps://medium.com/@sksingh887378barat/complete-guide-to-nuclei-vulnerability-scanner-cc67658d30ad?source=rss------bug_bounty-5shubham kumarbug-bounty-tips, nuclei-template, vulnerability-assessment, cybersecurity, bug-bounty08-May-2025
How I Found PII on BBP, Open Door to Sensitive PDFs — But Got a Duplicatehttps://frostyxsec.medium.com/how-i-found-pii-on-bbp-open-door-to-sensitive-pdfs-but-got-a-duplicate-643fa0092e36?source=rss------bug_bounty-5Frostynxthbug-bounty-tips, bug-bounty-hunter, bug-bounty-write-up, bug-bounty08-May-2025
How I Deleted Any User’s Account— No Interaction Neededhttps://ehteshamulhaq198.medium.com/how-i-deleted-any-users-account-no-interaction-needed-faae0442ff4f?source=rss------bug_bounty-5Ehtesham Ul Haqpenetration-testing, infosec, ethical-hacking, bug-bounty, writeup08-May-2025
智能合约漏洞:区块链世界的隐秘威胁https://chartrand.medium.com/%E6%99%BA%E8%83%BD%E5%90%88%E7%BA%A6%E6%BC%8F%E6%B4%9E-%E5%8C%BA%E5%9D%97%E9%93%BE%E4%B8%96%E7%95%8C%E7%9A%84%E9%9A%90%E7%A7%98%E5%A8%81%E8%83%81-d53a3dd495cb?source=rss------bug_bounty-5Mckayla Chartrandweb3, smart-contracts, bug-bounty, security, bugbounty-tips08-May-2025
Exposing a Simple Bug That Crashed an Organization’s Forumhttps://0xmatrix.medium.com/exposing-a-simple-bug-that-crashed-an-organizations-forum-8ac532157d6a?source=rss------bug_bounty-5Mo2men Elmadyhacking, bug-bounty, penetration-testing, bugs, bug-bounty-tips08-May-2025
$700 Bounty from a 2-Year-Old Secret — Found with iScan.todayhttps://medium.com/@arshadkazmi42/700-bounty-from-a-2-year-old-secret-found-with-iscan-today-87fb07eb5f53?source=rss------bug_bounty-5Arshad Kazmiiscantoday, hackerone, bug-bounty, github08-May-2025
Exposing Shadow APIs: The Hidden Attack Surface in Modern Web Appshttps://medium.com/@tejprakashbk1996/exposing-shadow-apis-the-hidden-attack-surface-in-modern-web-apps-6fd1af0ec4e9?source=rss------bug_bounty-5tezpowasp, api, api-documentation, swagger, bug-bounty08-May-2025
From Open Redirect to Full Account Takeover: Exploiting OAuth Misconfigurationhttps://z00x.medium.com/from-open-redirect-to-full-account-takeover-exploiting-oauth-misconfiguration-35b0d215cf02?source=rss------bug_bounty-5z00xoauth, bug-bounty, open-redirect, account-takeover, cybersecurity08-May-2025
The Story Behind 4 Vulnerabilities in a Single Targethttps://medium.com/@mahmoudelsadey56/the-story-behind-4-vulnerabilities-in-a-single-target-11f89224d585?source=rss------bug_bounty-5Mahmoud elsadeybug-bounty-tips, bug-bounty, business-logic-bug, bug-bounty-writeup, race-condition08-May-2025
How I Got a Free Order by Bypassing Login — My First Real-World Bughttps://medium.com/@moh2005rr/how-i-got-a-free-order-by-bypassing-login-my-first-real-world-bug-38798b79a9d7?source=rss------bug_bounty-5Moh2005rrethical-hacking, web-security, bug-bounty, cybersecurity, burpsuite08-May-2025
$5000 Bounty: Critical Stored XSShttps://osintteam.blog/5000-bounty-critical-stored-xss-e93c1730eccc?source=rss------bug_bounty-5Monika sharmatechnology, hacking, penetration-testing, report, bug-bounty08-May-2025
Mastering Host Header Injection: Techniques, Payloads and Real-World Scenarioshttps://osintteam.blog/mastering-host-header-injection-techniques-payloads-and-real-world-scenarios-e00c9e1f85cd?source=rss------bug_bounty-5coffinxphacking, cybersecurity, technology, penetration-testing, bug-bounty08-May-2025
$500 Bounty: Parameter Pollution in HackerOne’shttps://osintteam.blog/500-bounty-parameter-pollution-in-hackerones-976bb0a3caae?source=rss------bug_bounty-5Monika sharmahacking, technology, penetration-testing, bug-bounty, report08-May-2025
A list of tools to find CORS(Cross-Origin Resource Sharing)https://medium.com/@loyalonlytoday/a-list-of-tools-to-find-cors-cross-origin-resource-sharing-37f4c5ead5a1?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, cors, hacking, bug-bounty, cybersecurity07-May-2025
Why CVSS Scores Alone Aren’t Enough in Vulnerability Managementhttps://medium.com/@paritoshblogs/why-cvss-scores-alone-arent-enough-in-vulnerability-management-219e8efad30e?source=rss------bug_bounty-5Paritoshvulnerability, cybersecurity, information-technology, bug-bounty, hacking07-May-2025
Hacking the Frontend Logic: Exploiting JavaScript Business Flawshttps://infosecwriteups.com/hacking-the-frontend-logic-exploiting-javascript-business-flaws-b6600fafd8a4?source=rss------bug_bounty-5Vipul Sonulecybersecurity, hacking, infosec, programming, bug-bounty07-May-2025
$2,900 Bounty: Public S3 Bucket Exposure in Shopifyhttps://infosecwriteups.com/2-900-bounty-public-s3-bucket-exposure-in-shopify-05b14bbf6dad?source=rss------bug_bounty-5Monika sharmacybersecurity, hacking, bug-bounty, technology, report07-May-2025
How to setup a Monthly Free VPS for Bug Huntinghttps://infosecwriteups.com/how-to-setup-a-monthly-free-vps-for-bug-hunting-d41d0fa3ed6c?source=rss------bug_bounty-5Mostafa Alrefaibug-bounty, github, cybersecurity, penetration-testing, hacking07-May-2025
JS Recon To HTML Injectionhttps://medium.com/legionhunters/js-recon-to-html-injection-4cdca8fd88cf?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitinformation-technology, bug-bounty, programming, coding, hacking07-May-2025
“ Mastering Bug Bounty Recon: Tools & Techniques to Uncover Vulnerabilities ”https://medium.com/@devillegiondevils/mastering-bug-bounty-recon-tools-techniques-to-uncover-vulnerabilities-6db1bbfef248?source=rss------bug_bounty-5Hex00bug-bounty-writeup, recon, bug-bounty, bug-bounty-tips, subdomains-enumeration07-May-2025
️‍♂️ Unlisted but Not Unseen: How I Found the Admin Panel in a JavaScript Commenthttps://infosecwriteups.com/%EF%B8%8F-%EF%B8%8F-unlisted-but-not-unseen-how-i-found-the-admin-panel-in-a-javascript-comment-f34af758b4c8?source=rss------bug_bounty-5Iskihacking, cybersecurity, bug-bounty, infosec, money07-May-2025
Exploring the Bug Bounty Program: A Gateway to Ethical Hacking and Cybersecurity Careershttps://medium.com/@narayanananand480/exploring-the-bug-bounty-program-a-gateway-to-ethical-hacking-and-cybersecurity-careers-34649bc79690?source=rss------bug_bounty-5Anand Narayanancybersecurity, bug-bounty-tips, cyber-security-courses, bug-bounty, ethical-hacking07-May-2025
How a JavaScript File Led Me to an Open Redirect Vulnerabilityhttps://systemweakness.com/how-a-javascript-file-led-me-to-an-open-redirect-vulnerability-eefce51303b2?source=rss------bug_bounty-5Shafayat Ahmed Alifbug-bounty, bug-bounty-tips, bug-bounty-writeup, open-redirect, cybersecurity07-May-2025
SubNotifierhttps://medium.com/@eliyevnahid0404/subnotifier-b8a8f2671819?source=rss------bug_bounty-5Nahid Əliyevpentesting, cybersecurity, bug-bounty07-May-2025
Unveiling Critical Weaknesses: A Rigorous Penetration Test of a Web Applicationhttps://medium.com/@tusharpuri6/unveiling-critical-weaknesses-a-rigorous-penetration-test-of-a-web-application-3b60cef532e6?source=rss------bug_bounty-5Tusharpuripenetration-testing, bug-bounty, application-security, infosec, offensive-security07-May-2025
From Cross-Subdomain Cookie Reuse to Becoming Super Admin: An Exploit Chain Walkthroughhttps://medium.com/@cyberpro151/from-cross-subdomain-cookie-reuse-to-becoming-super-admin-an-exploit-chain-walkthrough-32527caa2a11?source=rss------bug_bounty-5cyberpro151hacking, bug-bounty-tips, penetration-testing, bug-bounty, bug-bounty-writeup07-May-2025
Docker — Port 2375,2376 — How to exploit?https://medium.com/@verylazytech/docker-port-2375-2376-how-to-exploit-8faa8d70a7ab?source=rss------bug_bounty-5Very Lazy Techethical-hacking, bug-bounty, docker, exploit, penetration-testing07-May-2025
Discovering a Blind XSS Vulnerability in the Platformhttps://medium.com/@Saeiez/discovering-a-blind-xss-vulnerability-in-the-platform-1fa45a6621db?source=rss------bug_bounty-5Saeiezbug-bounty-tips, web3, ai, bug-bounty, pentesting07-May-2025
Compress-a-thon — Web Exploitation — Pentathon 2025https://medium.com/@dassomnath/compress-a-thon-web-exploitation-pentathon-2025-fea9adf9fa6b?source=rss------bug_bounty-5Somnath Dasweb-hacking, pentathon-2025-writeup, web, hacking, bug-bounty07-May-2025
Discovering a Blind XSS Vulnerability in the Platform AIhttps://medium.com/@Saeiez/discovering-a-blind-xss-vulnerability-in-the-platform-1fa45a6621db?source=rss------bug_bounty-5Saeiezbug-bounty-tips, web3, ai, bug-bounty, pentesting07-May-2025
OttoKit WordPress Plugin Exploit Hackers Create Rogue Admin Accounthttps://wiretor.medium.com/ottokit-wordpress-plugin-exploit-hackers-create-rogue-admin-account-7e654c49e719?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, rce, hacking, ai07-May-2025
Unmasking Robots.txt: What Web Crawlers Hide and relates OSINThttps://osintteam.blog/everything-about-robots-txt-file-3815dddfbfce?source=rss------bug_bounty-5127.0.0.1cybersecurity, robotstxt, osint, site-crawlers, bug-bounty07-May-2025
Shift Left Testinghttps://medium.com/@rashid.alakbarov/shift-left-testing-a9293d520eaa?source=rss------bug_bounty-5Rashid Alakbarovqa, bug-bounty, software-testing, developer06-May-2025
Undeleted Secrets: Uncovering an IDOR Vulnerability in “Recently Deleted” Itemshttps://medium.com/@0x1di0t/undeleted-secrets-uncovering-an-idor-vulnerability-in-recently-deleted-items-6d35db221008?source=rss------bug_bounty-5Wahid Najimidor-vulnerability, bug-bounty, soft-deletion, idor06-May-2025
Mastering Runtime Hooking with Frida — Real-World Challenges (Part 3)https://medium.com/@ch3tanbug/mastering-runtime-hooking-with-frida-real-world-challenges-part-3-b70a62ed4395?source=rss------bug_bounty-5CH3TANbug-bounty, reverse-engineering, jadx, mobile-security, cybersecurity06-May-2025
Query Confusion: How HTTP Parameter Pollution Made the App Spill Secretshttps://infosecwriteups.com/query-confusion-how-http-parameter-pollution-made-the-app-spill-secrets-55b09a1bc98b?source=rss------bug_bounty-5Iskicybersecurity, infosec, bug-bounty, money, hacking06-May-2025
$2000 Bounty: Stored XSS in GitLabhttps://infosecwriteups.com/2000-bounty-stored-xss-in-gitlab-c71b2d7a3c21?source=rss------bug_bounty-5Monika sharmahacking, penetration-testing, technology, bug-bounty, report06-May-2025
How Hackers Exploit CORS Misconfigurationshttps://infosecwriteups.com/how-hackers-exploit-cors-misconfigurations-35a6c5d7e0c8?source=rss------bug_bounty-5Vipul Sonuleinfosec, programming, bug-bounty, cybersecurity, hacking06-May-2025
OAuth Integration Hijack via Predictable state Parameterhttps://kariiem.medium.com/oauth-integration-hijack-via-predictable-state-parameter-facdae83e6b6?source=rss------bug_bounty-5Kariiem Gamaloauth, csrf, bug-bounty, penetration-testing06-May-2025
Email Enumeration melalui Endpoint POST /api/passwordReset/?h=https://medium.com/@FufuFaf1/email-enumeration-melalui-endpoint-post-api-passwordreset-h-80c4aa7d0159?source=rss------bug_bounty-5FufuFafacybersecurity, bug-bounty-writeup, bugcrowd, bug-bounty, hunting06-May-2025
A list of checklists for bug hunters and penetration testershttps://medium.com/@loyalonlytoday/a-list-of-checklists-for-bug-hunters-and-penetration-testers-d94d711375bd?source=rss------bug_bounty-5loyalonlytodaycybersecurity, checklist, penetration-testing, hacking, bug-bounty06-May-2025
How I Found Critical Flaws in a Medical SOAP APIhttps://medium.com/illumination/how-i-found-critical-flaws-in-a-medical-soap-api-382233398015?source=rss------bug_bounty-5om kumarcybersecurity, technology, illumination, bug-bounty, software-engineering06-May-2025
H@cking Hospital For Mass PII Leakhttps://medium.com/meetcyber/h-cking-hospital-for-mass-pii-leak-85c3d89db434?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitinformation-technology, cybersecurity, bug-bounty-writeup, hacking, bug-bounty06-May-2025
The Hidden Dangers of Misconfigured Cloud Storagehttps://medium.com/meetcyber/the-hidden-dangers-of-misconfigured-cloud-storage-c9debc08f506?source=rss------bug_bounty-5Erkan Kavascybersecurity, cloud-security, pentest, bug-bounty, cloud-storage06-May-2025
I Found Bugs in 50+ Paid Bug Bounty Programshttps://medium.com/@mehrabopi33500/i-found-bugs-in-50-paid-bug-bounty-programs-5fcf88dbc761?source=rss------bug_bounty-5Mehrabopibug-bounty, bug-bounty-writeup, bug-bounty-tips, cybersecurity, bugcrowd06-May-2025
NFS Service — Port 2049 — How to exploit?https://medium.com/@verylazytech/nfs-service-port-2049-how-to-exploit-d70875fbaeff?source=rss------bug_bounty-5Very Lazy Techoscp, nfs-server, exploit, penetration-testing, bug-bounty06-May-2025
Accidental Hacker: How I Found a Critical Data Leak Bug with Just a Few Clickshttps://zetzer.medium.com/accidental-hacker-how-i-found-a-critical-data-leak-bug-with-just-a-few-clicks-3cabd1f97aee?source=rss------bug_bounty-5Zetapenetration-testing, bug-zero, cybersecurity, bug-bounty-writeup, bug-bounty06-May-2025
A Must-Have Tool for Bug Hunters: Find Open Redirect Vulnerabilities on Linuxhttps://infosecwriteups.com/a-must-have-tool-for-bug-hunters-find-open-redirect-vulnerabilities-on-linux-21ad0c7d148e?source=rss------bug_bounty-5Elie Attiehcyber-security-awareness, cybersecurity, bug-bounty, pentesting, ethical-hacking06-May-2025
IDOR Allows Unauthorized Access to Other Users’ Personal Datahttps://brbr0s.medium.com/idor-allows-unauthorized-access-to-other-users-personal-data-8f73486cbab0?source=rss------bug_bounty-5brbr0sidor, bug-bounty-writeup, bug-bounty, bug-bounty-tips06-May-2025
How I Built a One-Click Vulnerability Report Generator with Pythonhttps://elcazad0r.medium.com/how-i-built-a-one-click-vulnerability-report-generator-with-python-e61d87983d7b?source=rss------bug_bounty-5EL_Cazad0rbug-bounty, penetration-testing-tools, github, cybersecurity, bug-bounty-tips06-May-2025
FOFA Dorking for Bug Huntershttps://medium.com/legionhunters/fofa-dorking-for-bug-hunters-a35c80bbab6e?source=rss------bug_bounty-5AbhirupKonwarosint, bug-bounty, ethical-hacking, pentesting, bug-bounty-tips06-May-2025
️‍♂️ I Reported a Security Flaw, They Silently Patched It… and Ghosted Me.https://medium.com/@rolextital/%EF%B8%8F-%EF%B8%8F-i-reported-a-security-flaw-they-silently-patched-it-and-ghosted-me-03f0a02a696b?source=rss------bug_bounty-5Rolextitalbug-bounty, cybersecurity, vulnerability, ethical-hacking, hacker06-May-2025
️ How I Earned $150 by Exploiting an XML-RPC SSRF in a WordPress Sitehttps://medium.com/@sauravkrish59/%EF%B8%8F-how-i-earned-150-by-exploiting-an-xml-rpc-ssrf-in-a-wordpress-site-51037eb58252?source=rss------bug_bounty-5@Sauravkrishhacking, ethical-hacking, bug-bounty, bug-bounty-tips, bug-bounty-writeup06-May-2025
The Ultimate Guide to API Security Testing — Cheat sheet 2025 — Part2https://t4144t.medium.com/the-ultimate-guide-to-api-security-testing-cheat-sheet-2025-part2-a7d8a69710ff?source=rss------bug_bounty-5Mohamed Talaat Saada (@t4144t)bug-bounty-writeup, bug-bounty, bug-bounty-tips, application-security, penetration-testing06-May-2025
WordPress Security Posture: More Fragile Than You Thinkhttps://medium.com/@reuvenel5/wordpress-security-posture-more-fragile-than-you-think-15497115b435?source=rss------bug_bounty-5AZwordpress, cybersecurity, bugs, application-security, bug-bounty06-May-2025
Revisiting the Past, Hacking the Futurehttps://ghostman01.medium.com/invalid-bug-c3cae222858c?source=rss------bug_bounty-5SIDDHANT SHUKLAbug-bounty, cybersecurity, programming, hacking, technology06-May-2025
Revisiting the Past, Hacking the Futurehttps://infosecwriteups.com/invalid-bug-c3cae222858c?source=rss------bug_bounty-5SIDDHANT SHUKLAbug-bounty, cybersecurity, programming, hacking, technology06-May-2025
Stop Wasting Time: Build a CTI Collection Plan That Actually Works!https://medium.com/@paritoshblogs/stop-wasting-time-build-a-cti-collection-plan-that-actually-works-6edb5181a383?source=rss------bug_bounty-5Paritoshhacking, cyber-threat-intelligence, bug-bounty, cybersecurity, threat-hunting05-May-2025
Snapdroid: One-Click Android PoC Capture for Bug Bounty Hunters & Pentestershttps://medium.com/@dr34mb0y/snapdroid-one-click-android-poc-capture-for-bug-bounty-hunters-pentesters-2f7a44bf5582?source=rss------bug_bounty-5Sid Joshiandroid-pentest, android-pentesting, snapdroid, android, bug-bounty05-May-2025
Easy Framework based Bugs Series is soon…https://medium.com/@nyany032/easy-framework-based-bugs-series-is-soon-fb8f29e21be0?source=rss------bug_bounty-5Shir0Epentesting, bug-bounty-tips, cybersecurity, bug-bounty-writeup, bug-bounty05-May-2025
Google Dorking: How to Uncover Hidden Vulnerabilities in Penetration Testing ️‍♂️https://medium.com/@vivekbhatt2002/google-dorking-how-to-uncover-hidden-vulnerabilities-in-penetration-testing-%EF%B8%8F-%EF%B8%8F-2a3386522e79?source=rss------bug_bounty-5YoungerSiblingbug-bounty, ethical-hacking, google-dorking, osint, ethical-hacking-tips05-May-2025
Clickjacked to the Core: Turning UI into a Trapdoorhttps://infosecwriteups.com/clickjacked-to-the-core-turning-ui-into-a-trapdoor-a196dde6997b?source=rss------bug_bounty-5Iskimoney, infosec, bug-bounty, cybersecurity, hacking05-May-2025
Bypassing Regex Validations to Achieve RCE: A Wild Bug Storyhttps://infosecwriteups.com/bypassing-regex-validations-to-achieve-rce-a-wild-bug-story-4c523f69b9f8?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, rce, bug-bounty, cybersecurity, hacking05-May-2025
$750 Bounty: Sensitive Data Exposurehttps://infosecwriteups.com/750-bounty-sensitive-data-exposure-c944e626c733?source=rss------bug_bounty-5Monika sharmatechnology, bug-bounty, hacking, penetration-testing, report05-May-2025
Cross-Site Request Forgery (CSRF) Made Easy: A Beginner’s Perspectivehttps://medium.com/@natarajanck2/cross-site-request-forgery-csrf-made-easy-a-beginners-perspective-037b4ba6d62a?source=rss------bug_bounty-5Natarajan C Kbug-bounty, hacking, exploitation, it-security, csrf-attack05-May-2025
une XSS simple sur la page de login CVE-2024–48410https://medium.com/@Itachi0xf/une-xss-simple-sur-la-page-de-login-cve-2024-48410-65435f4a0f84?source=rss------bug_bounty-5Itachix0fcve, xss-attack, bug-bounty05-May-2025
Subdomain Takeover: My $450 Win & How You Can Do It Toohttps://ehteshamulhaq198.medium.com/subdomain-takeover-my-450-win-how-you-can-do-it-too-3337ca0513b6?source=rss------bug_bounty-5Ehtesham Ul Haqwriteup, subdomain, penetration-testing, bug-bounty, bug-bounty-tips05-May-2025
I found Open Redirect on US Government websitehttps://medium.com/@0xpedrop/i-found-open-redirect-on-us-government-website-60a2d1d1e049?source=rss------bug_bounty-50xPedropbug-bounty-writeup, bug-bounty05-May-2025
The Unseen Battle: Why Modern Cybersecurity Demands Proactive Defense and Zero Trusthttps://medium.com/@hemran314/the-unseen-battle-why-modern-cybersecurity-demands-proactive-defense-and-zero-trust-0f63ec875784?source=rss------bug_bounty-5e0xsecopsartificial-intelligence, cybersecurity, blockchain, bug-bounty, information-technology05-May-2025
Bug Bounty : Se confronter au réel, apprendre à encaisser ️‍♂️https://medium.com/@rcottignies/bug-bounty-se-confronter-au-r%C3%A9el-apprendre-%C3%A0-encaisser-%EF%B8%8F-%EF%B8%8F-87376b539175?source=rss------bug_bounty-5Rebecca Cottigniespentest, security, bug-bounty, cybersecurity05-May-2025
Compaq HP Insight Manager — Port 2301, 2381 — How to exploithttps://medium.com/@verylazytech/compaq-hp-insight-manager-port-2301-2381-how-to-exploit-337f1175d2f8?source=rss------bug_bounty-5Very Lazy Techethical-hacking, bug-bounty, oscp, hp, exploit05-May-2025
Here we go , 2 bugs in the same programhttps://medium.com/@0xjoex/here-we-go-2-bugs-in-same-program-0cb99b42a1f4?source=rss------bug_bounty-5Youssef Hanywriteup, broken-access-control, bug-bounty, ssti, security05-May-2025
$500 Bounty for Reflected XSS on HackerOnehttps://osintteam.blog/500-bounty-for-reflected-xss-on-hackerone-29c13793bc91?source=rss------bug_bounty-5Monika sharmabug-bounty, report, penetration-testing, cybersecurity, technology05-May-2025
Hacker’s Recon Guide: Tools & Tricks to Map Any Targethttps://osintteam.blog/hackers-recon-guide-tools-tricks-to-map-any-target-f1e97d7bfdb6?source=rss------bug_bounty-5Vipul Sonuletechnology, hacking, cybersecurity, osint, bug-bounty05-May-2025
The Ultimate Guide to API Security Testing — Cheat sheet 2025 Editionhttps://t4144t.medium.com/the-ultimate-guide-to-api-security-testing-cheat-sheet-2025-edition-b64fd3d158dd?source=rss------bug_bounty-5Mohamed Talaat Saada (@t4144t)penetration-testing, bug-bounty-writeup, bug-bounty-tips, owasp-top-10, bug-bounty05-May-2025
How I Found an Host Header Injection Vulnerability Easily In (Mars)$https://zuksh.medium.com/how-i-found-an-host-header-injection-vulnerability-easily-in-mars-2a56a1c942c3?source=rss------bug_bounty-5Zukshpenetration-testing, infosec, bug-bounty, cybersecurity, host-header-injection04-May-2025
Mastering Boundary Value Analysis: Guide to Uncovering Hidden Bugshttps://medium.com/@sajith-dilshan/mastering-boundary-value-analysis-guide-to-uncovering-hidden-bugs-4eb58b43899b?source=rss------bug_bounty-5sajith dilshansoftware-testing, boundary-value-analysis, qa, qa-testing, bug-bounty04-May-2025
$505 Bounty: Denial of Service Vulnerabilityhttps://osintteam.blog/505-bounty-denial-of-service-vulnerability-bd6daef5fe8a?source=rss------bug_bounty-5Monika sharmareport, hacking, technology, bug-bounty, cybersecurity04-May-2025
Using VirusTotal Graphs and Retro Hunt for IOC Discoveryhttps://medium.com/@paritoshblogs/using-virustotal-graphs-and-retro-hunt-for-ioc-discovery-d1c4b4e209b4?source=rss------bug_bounty-5Paritoshcybersecurity, information-technology, hacking, security, bug-bounty04-May-2025
Bypassing 2FA in a Public Bug Bounty Program: A $6000 Journeyhttps://mokhansec.medium.com/bypassing-2fa-in-a-public-bug-bounty-program-a-6000-journey-bae8a5418461?source=rss------bug_bounty-5Mohsin khanbug-bounty-tips, cybersecurity, bugs, bug-bounty, bug-bounty-writeup04-May-2025
Mastering Event Handlers in JavaScript and HTML: The Complete Guide with Exampleshttps://medium.com/@zoningxtr/mastering-event-handlers-in-javascript-and-html-the-complete-guide-with-examples-60ef2c4d025b?source=rss------bug_bounty-5Zoningxtrhtml, javascript, penetration-testing, bug-bounty, coding04-May-2025
WordPress User Enumeration via author-sitemap.xml on Payapps.comhttps://medium.com/@regan_temudo/wordpress-user-enumeration-via-author-sitemap-xml-on-payapps-com-5ffad0ca1cc2?source=rss------bug_bounty-5Regan Temudowordpress-security, cybersecurity, information-security, bug-bounty, ethical-hacking04-May-2025
$800 Bounty: Account Takeover in Shopifyhttps://infosecwriteups.com/800-bounty-account-takeover-in-shopify-f4394ee37975?source=rss------bug_bounty-5Monika sharmabug-bounty, technology, penetration-testing, report, cybersecurity04-May-2025
$3750 Bounty: Account Creation with Invalid Email Addresseshttps://infosecwriteups.com/3750-bounty-account-creation-with-invalid-email-addresses-aca169eddcc7?source=rss------bug_bounty-5Monika sharmatechnology, bug-bounty, hacking, cybersecurity, report04-May-2025
Modest Payouts, Major Payoff: 4 IDORs That Netted $12Khttps://infosecwriteups.com/modest-payouts-major-payoff-4-idors-that-netted-12k-64f4ab6754c0?source=rss------bug_bounty-5Ashutosh Duttabug-bounty, cybersecurity, bugcrowd, hackerone, infosec04-May-2025
Subdomain Surfing to Server Secrets  — How I Took Over a Forgotten Subdomainhttps://infosecwriteups.com/subdomain-surfing-to-server-secrets-how-i-took-over-a-forgotten-subdomain-4e9b1147f880?source=rss------bug_bounty-5Iskihacking, servers, cybersecurity, bug-bounty, money04-May-2025
The Ultimate Guide to Email Input Field Vulnerability Testinghttps://infosecwriteups.com/the-ultimate-guide-to-email-input-field-vulnerability-testing-18f96fc42251?source=rss------bug_bounty-5coffinxptechnology, bug-bounty-tips, penetration-testing, hacking, bug-bounty04-May-2025
Mastering Bug Bounties with Burp Suite: A Comprehensive Guide to Web Securityhttps://medium.com/@benjaminmillerdev/mastering-bug-bounties-with-burp-suite-a-comprehensive-guide-to-web-security-bb63a03e6511?source=rss------bug_bounty-5Benjaminmillerdevhacking-for-defense, hacking, bugbounty-writeup, bug-bounty04-May-2025
Mastering Nikto: Advanced Bug Bounty Hunting Techniques” by Benjamin Miller.https://medium.com/@benjaminmillerdev/mastering-nikto-advanced-bug-bounty-hunting-techniques-by-benjamin-miller-62d2bc441e6a?source=rss------bug_bounty-5Benjaminmillerdevnikto, bug-bounty, hacker04-May-2025
Beautiful open redirect on Google.comhttps://biswajeetray7.medium.com/beautiful-open-redirect-on-google-com-752c98a80b7d?source=rss------bug_bounty-5Biswajeet Raybug-bounty, open-redirect, vulnerability, bounty-hunter, bugbounty-writeup04-May-2025
MQTT (Message Queuing Telemetry Transport) — Port 1883 — How to exploit?https://medium.com/@verylazytech/mqtt-message-queuing-telemetry-transport-port-1883-how-to-exploit-3ee2f6510bf4?source=rss------bug_bounty-5Very Lazy Techoscp, exploit, ethical-hacking, bug-bounty, mqtt04-May-2025
CLOUD OSINThttps://medium.com/@rr-1k/cloud-osint-0e259c256008?source=rss------bug_bounty-5rr-1kbug-bounty, infosec, osint, osint-tool, tools04-May-2025
How I Found My Favorite Bug in a Top Bug Bounty Programhttps://medium.com/@mahdisalhi0500/how-i-found-my-favorite-bug-in-a-top-bug-bounty-program-bbeb36e898f8?source=rss------bug_bounty-5CaptinSHArky(Mahdi)infosec, hacking, cybersecurity, information-technology, bug-bounty04-May-2025
Understanding Server Side Template Injection (SSTI)https://medium.com/@natarajanck2/understanding-server-side-template-injection-ssti-1cb0465dd46d?source=rss------bug_bounty-5Natarajan C Ksecurity, bugs, ssti-exploitation, it-security, bug-bounty04-May-2025
Best Bug Bounty Programs to Kickstart Your Bug Bounty Journeyhttps://ismailtasdelen.medium.com/best-bug-bounty-programs-to-kickstart-your-bug-bounty-journey-4673d1192389?source=rss------bug_bounty-5Ismail Tasdelenbug-bounty-writeup, bug-bounty, bug-bounty-hunter, bug-bounty-program, bug-bounty-tips04-May-2025
SQLi in .gov.in Exposed Millions of Aadhaar, Bank Data and Personal Datahttps://medium.com/@pkhuyar/sqli-in-gov-in-exposed-millions-of-aadhaar-bank-data-and-personal-data-0bde62a649aa?source=rss------bug_bounty-5Prashant kamkarbug-bounty-writeup, bug-bounty, cybersecurity, cyber-security-awareness, information-security04-May-2025
$750 Bounty: Two-factor Authenticationhttps://osintteam.blog/750-bounty-two-factor-authentication-5241a45e7fc1?source=rss------bug_bounty-5Monika sharmahacking, technology, report, cybersecurity, bug-bounty03-May-2025
IDOR Attacks Made Simple: How Hackers Access Unauthorized Datahttps://infosecwriteups.com/idor-attacks-made-simple-how-hackers-access-unauthorized-data-ca1158d18190?source=rss------bug_bounty-5Vipul Sonulebug-bounty, hacking, technology, cybersecurity, programming03-May-2025
$4,323 Bounty Alerthttps://infosecwriteups.com/4-323-bounty-alert-4af6e66bb8c1?source=rss------bug_bounty-5Monika sharmahacking, bug-bounty, cybersecurity, report, technology03-May-2025
Breaking in Unpardoned.https://medium.com/h7w/breaking-in-unpardoned-02f64d4f412e?source=rss------bug_bounty-5NnFacecybersecurity, hacking, bug-bounty, metasploit, ethical-hacking03-May-2025
Bugged by Backup Files: How .zip and .bak Gave Me the Source Codehttps://infosecwriteups.com/bugged-by-backup-files-how-zip-and-bak-gave-me-the-source-code-872a376b0b2b?source=rss------bug_bounty-5Iskiinfosec, cybersecurity, bug-bounty, hacking, money03-May-2025
How I Found Internal Dashboards Using Google Dorks + OSINThttps://infosecwriteups.com/how-i-found-internal-dashboards-using-google-dorks-osint-5f2c9515fcd6?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, google-dork, ai, bug-bounty, osint03-May-2025
Information Disclosure Vulnerability Writeup HackerOnehttps://medium.com/meetcyber/information-disclosure-vulnerability-writeup-hackerone-be7fbe7e7893?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, hackerone, pentesting, bug-bounty, bug-bounty-writeup03-May-2025
PPTP- Point-to-Point Tunneling Protocol — Port 1723 — How to exploit?https://medium.com/@verylazytech/pptp-point-to-point-tunneling-protocol-port-1723-how-to-exploit-8d36438849c5?source=rss------bug_bounty-5Very Lazy Techethical-hacking, oscp, bug-bounty, exploit, pptp03-May-2025
From Curiosity to Duplicated: How I Found a Critical Account Takeover Bughttps://medium.com/@Hamzawy-1/from-curiosity-to-duplicated-how-i-found-a-critical-account-takeover-bug-8e43bd035ab0?source=rss------bug_bounty-5Hamza Ahmed Youssefwriteup, bug-bounty03-May-2025
Finding more subdomains(part 4)https://medium.com/@loyalonlytoday/finding-more-subdomains-part-4-a9bdde09f052?source=rss------bug_bounty-5loyalonlytodaybug-bounty, hacking, bug-bounty-tips, penetration-testing, cybersecurity02-May-2025
Missed Horizontal Privilege Escalation in a Bug Bounty Program!https://spider7.medium.com/missed-horizontal-privilege-escalation-in-a-bug-bounty-program-d7134b2ffa01?source=rss------bug_bounty-5Zetabug-bounty-writeup, bug-bounty, bug-hunting, bug-bounty-tips, hackerone02-May-2025
$300 Bounty: SSRF to Cloud Metadatahttps://infosecwriteups.com/300-bounty-ssrf-to-cloud-metadata-4c6a7dda9818?source=rss------bug_bounty-5Monika sharmahacking, cybersecurity, technology, report, bug-bounty02-May-2025
️‍♂️ Subdomain Enumeration Automation for Bug Bounty: Save Time, Hack Smart!https://medium.com/@shadyfarouk1986/%EF%B8%8F-%EF%B8%8F-subdomain-enumeration-automation-for-bug-bounty-save-time-hack-smart-dd5d97eba1dc?source=rss------bug_bounty-5Shady Faroukbug-bounty, hacker, bounty-program, hacker-news, hackerone02-May-2025
$400 Bounty: OAuth Token Theft in One Clickhttps://osintteam.blog/400-bounty-oauth-token-theft-in-one-click-4eb29b16d6dc?source=rss------bug_bounty-5Monika sharmatechnology, hacking, cybersecurity, bug-bounty, report02-May-2025
From File Upload to Credential Theft: My $1,000 Bounty Journey with Stored XSShttps://osintteam.blog/from-file-upload-to-credential-theft-my-1-000-bounty-journey-with-stored-xss-76d70ac53817?source=rss------bug_bounty-5Krish_cyberxss-attack, infosec-write-ups, ethical-hacking, osint, bug-bounty02-May-2025
The Ultimate Guide to 403 Forbidden Bypass (2025 Edition)https://osintteam.blog/the-ultimate-guide-to-403-forbidden-bypass-2025-edition-1b2e852e503e?source=rss------bug_bounty-5coffinxpprogramming, bug-bounty, technology, bug-bounty-tips, hacking02-May-2025
Web Security & Bug Bounty: Learn Penetration Testing — Chapter 1https://medium.com/@rikisg2/web-security-bug-bounty-learn-penetration-testing-chapter-1-51af5f98bc59?source=rss------bug_bounty-5Riki SatyaGrahabug-bounty, cybersecurity, web-security, ethical-hacking, penetration-testing02-May-2025
Persistence via Registry — How Attackers Abuse the Windows Registryhttps://medium.com/@paritoshblogs/persistence-via-registry-how-attackers-abuse-the-windows-registry-186be2587c20?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, cybersecurity, information-security, hacking02-May-2025
Payloads in Plain Sight: How Open Redirect + JavaScript Led to Full Account Takeoverhttps://infosecwriteups.com/payloads-in-plain-sight-how-open-redirect-javascript-led-to-full-account-takeover-a7ae1c359679?source=rss------bug_bounty-5Iskicybersecurity, hacking, money, infosec, bug-bounty02-May-2025
My First Paid Bug Bounty: A Hidden Gallery & A Lesson in Misconfiguration 🙂https://medium.com/@gnaitikg/my-first-paid-bug-bounty-a-hidden-gallery-a-lesson-in-misconfiguration-3efefe71c8cf?source=rss------bug_bounty-5Naitik Guptaethical-hacking, bug-bounty, cybersecurity, naitikgupta02-May-2025
Privilege Escalation to Super Admin via Mass Assessment in a Multi-Tenant Laravel Apphttps://medium.com/@rahulms_71093/privilege-escalation-to-super-admin-via-mass-assessment-in-a-multi-tenant-laravel-app-526d1309de73?source=rss------bug_bounty-5Rahul M Scybersecurity, bug-bounty, penetration-testing, access-control02-May-2025
The Ultimate Web Application Hacking Checklist (2025 Edition)https://medium.com/@ZishanAdThandar/the-ultimate-web-application-hacking-checklist-2025-edition-eea1a0a23977?source=rss------bug_bounty-5ZishanAdThandarethical-hacking, web-application-security, bug-bounty, penetration-testing, cybersecurity02-May-2025
Breaking OTPs in the Real World: How Design Flaws Led to Full Account Takeoverhttps://medium.com/@Arioex/breaking-otps-in-the-real-world-how-design-flaws-led-to-full-account-takeover-46a09f95eaba?source=rss------bug_bounty-5Huntsmanbug-bounty, bug-bounty-writeup, hackerone, hacking, bug-bounty-tips02-May-2025
How I Built the Ultimate Web Hacking Checklist — And Why It’s Helping Bug Bounty Hunters Win Morehttps://medium.com/@ZishanAdThandar/how-i-built-the-ultimate-web-hacking-checklist-and-why-its-helping-bug-bounty-hunters-win-more-d6ef0cb8dc4b?source=rss------bug_bounty-5ZishanAdThandarbug-bounty, bug-bounty-tips, red-team, cybersecurity, web-app-pentesting02-May-2025
Insecure Direct Object Reference (IDOR) in a Government Portalhttps://medium.com/@dharaniswaran.cs22/insecure-direct-object-reference-idor-in-a-government-portal-c83c0c638577?source=rss------bug_bounty-5Dharanisweb-pen-testing, bug-bounty, burpsuite, idor, government02-May-2025
$1000 Bounty: Account Takeover via Host Header Injection in Password Reset Flowhttps://ehteshamulhaq198.medium.com/1000-bounty-account-takeover-via-host-header-injection-in-password-reset-flow-dc0cdb2d972b?source=rss------bug_bounty-5Ehtesham Ul Haqpenetration-testing, bug-bounty, infosec, injection, bug-bounty-tips02-May-2025
Exploiting File Inclusion: From Dot-Dot-Slash to RCE using PHP Sessions, Log Poisoning, and…https://infosecwriteups.com/exploiting-file-inclusion-from-dot-dot-slash-to-rce-using-php-sessions-log-poisoning-and-4db1bdf8ad77?source=rss------bug_bounty-5Bash Overflowbug-bounty-tips, lfi-to-rce, local-file-inclusion, bypass-lfi-filters, bug-bounty02-May-2025
Important tool for Pentesters & Bug huntershttps://medium.com/@loyalonlytoday/important-tool-for-pentesters-bug-hunters-ea33ab1269b6?source=rss------bug_bounty-5loyalonlytodaybug-bounty, bug-bounty-tips, ethical-hacking, penetration-testing, cybersecurity01-May-2025
$1000 Bounty: XSS in Phabricator’s Editorhttps://osintteam.blog/1000-bounty-xss-in-phabricators-editor-97fa74b24633?source=rss------bug_bounty-5Monika sharmahacking, technology, bug-bounty, report, penetration-testing01-May-2025
Session Reuse After Logout: Vulnerability Report on Improper Session Invalidationhttps://medium.com/@FufuFaf1/session-reuse-after-logout-vulnerability-report-on-improper-session-invalidation-3e6a8d3d1707?source=rss------bug_bounty-5FufuFafabug-bounty, cybersecurity, bugbounty-tips01-May-2025
SSRF PAYLOADS [ HARVEST CRITICAL FILES AND CREDENTIALhttps://medium.com/@rr-1k/ssrf-payloads-harvest-critical-files-and-credential-261e5b2beda4?source=rss------bug_bounty-5rr-1kinfosec, bug-bounty-writeup, bug-bounty, bug-bounty-tips, ssrf01-May-2025
Techniques Implemented last month as a Bug Hunterhttps://cybersecuritywriteups.com/techniques-implemented-last-month-as-a-bug-hunter-f0e6af9cb12e?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-writeup, bug-bounty-tips, vulnerability-management, bug-bounty, pentesting01-May-2025
Bypassing Email Verification to Hijack Any Account — No User Interaction Neededhttps://medium.com/@Tanvir0x1/bypassing-email-verification-to-hijack-any-account-no-user-interaction-needed-58539b18f36a?source=rss------bug_bounty-5Tanvir Ahmedbug-bounty, ethical-hacking, bounty-program, cybersecurity01-May-2025
Crack Windows Password [Ethical Hacking Article]https://infosecwriteups.com/crack-windows-password-ethical-hacking-article-cb3f0593fe58?source=rss------bug_bounty-5Mr Horbiopenetration-testing, bug-bounty, cybersecurity, hacking, ethical-hacking01-May-2025
Lab: Finding and exploiting an unused API endpointhttps://infosecwriteups.com/lab-finding-and-exploiting-an-unused-api-endpoint-79fa6744f21e?source=rss------bug_bounty-5Mukilan Baskaranbug-bounty, api, cybersecurity, security, ethical-hacking01-May-2025
$500 Bounty: Hijacking HackerOne via window.openerhttps://infosecwriteups.com/500-bounty-hijacking-hackerone-via-window-opener-e16700108e12?source=rss------bug_bounty-5Monika sharmabug-bounty, technology, penetration-testing, hacking, report01-May-2025
How I bypassed an IP block… without changing my IP?https://infosecwriteups.com/how-i-bypassed-an-ip-block-without-changing-my-ip-e8082a43957b?source=rss------bug_bounty-5phoenixcatalanhacking, ethical-hacking, pentesting, portswigger, bug-bounty01-May-2025
From JS File to Jackpot: How I Found API Keys and Secrets Hidden in Production Codehttps://infosecwriteups.com/from-js-file-to-jackpot-how-i-found-api-keys-and-secrets-hidden-in-production-code-87af8750b751?source=rss------bug_bounty-5Iskibug-bounty, cybersecurity, hacking, infosec, money01-May-2025
The Secrets Behind Subdomain Takeovers Nobody Shareshttps://infosecwriteups.com/the-secrets-behind-subdomain-takeovers-nobody-shares-ba6b5d7bf258?source=rss------bug_bounty-5Abhijeet Kumawathacking, cybersecurity, secrets, bug-bounty, subdomain01-May-2025
Shodan: The Search Engine That Exposes Hidden Cameras, Open Doors, and Everything Left Unsecured on…https://osintteam.blog/shodan-the-search-engine-that-exposes-hidden-cameras-open-doors-and-everything-left-unsecured-on-b76dcc3041ac?source=rss------bug_bounty-5Gokuleswaran Bbug-bounty-writeup, pentesting, shodan, bug-bounty, bug-bounty-tips01-May-2025
$1000+ Passive Recon Strategy You’re Not Using (Yet)https://it4chis3c.medium.com/1000-passive-recon-strategy-youre-not-using-yet-164f5b1e6231?source=rss------bug_bounty-5It4chis3chacking, subdomains-enumeration, subdomain, earnings, bug-bounty01-May-2025
How I Used Cloudflare’s Health Checks to Bypass Their WAF Ruleshttps://medium.com/@melege/how-i-used-cloudflares-health-checks-to-bypass-their-waf-rules-75a8a55adcc6?source=rss------bug_bounty-5Ahmed AbdElmaqsoudresponsible-disclosure, security-research, cloudflare, bug-bounty, cybersecurity01-May-2025
Pentesting Oracle TNS Listeners on Default Ports 1521–1529: Techniques, Tools & Remediationhttps://medium.com/@verylazytech/pentesting-oracle-tns-listeners-on-default-ports-1521-1529-techniques-tools-remediation-1a11b1413b0d?source=rss------bug_bounty-5Very Lazy Techethical-hacking, bug-bounty, tns, oscp, penetration-testing01-May-2025
API Hacking on Mercedes-Benzhttps://infosecwriteups.com/mercedes-benz-hacking-f36605954d5f?source=rss------bug_bounty-5SIDDHANT SHUKLAbug-bounty, infosec, cybersecurity, programming, hacking01-May-2025
$1000+ Passive Recon Strategy You’re Not Using (Yet)https://infosecwriteups.com/1000-passive-recon-strategy-youre-not-using-yet-164f5b1e6231?source=rss------bug_bounty-5It4chis3chacking, subdomains-enumeration, subdomain, earnings, bug-bounty01-May-2025
How to hunt for (P1, P2) Blind XSShttps://the7th.medium.com/how-to-hunt-for-p1-p2-blind-xss-87e027acd85b?source=rss------bug_bounty-5Mostafa Alrefaipentesting, web-security, xss-attack, hacking, bug-bounty01-May-2025
Mastering Runtime Hooking with Frida — Real-World Challenges Explained (Part 2)https://medium.com/@ch3tanbug/mastering-runtime-hooking-with-frida-real-world-challenges-explained-part-2-2520d7b1e10c?source=rss------bug_bounty-5CH3TANreverse-engineering, android-pentesting, hackerone, frida, bug-bounty01-May-2025
Review of Security Research Articles: April 2025https://medium.com/meetcyber/review-of-security-research-articles-april-2025-976925d6d181?source=rss------bug_bounty-5Lukasz Wierzbickiautomation, bug-bounty, pentesting, productivity, review01-May-2025
How I Found a $5K Bug in JavaScript — A Bug Bounty Storyhttps://krishna-cyber.medium.com/how-i-found-a-5k-bug-in-javascript-a-bug-bounty-story-dba44140efab?source=rss------bug_bounty-5Krish_cyberbug-bounty, ethical-hacking, javascript, osint, infosec-write-ups01-May-2025
JSRecon 101: Unearthing Hidden Secrets in JavaScript Files for Bug Bounty Success ️♂️https://krishna-cyber.medium.com/jsrecon-101-unearthing-hidden-secrets-in-javascript-files-for-bug-bounty-success-%EF%B8%8F-%EF%B8%8F-0ee75778da59?source=rss------bug_bounty-5Krish_cyberethical-hacking, info-sec-writeups, java, osint, bug-bounty01-May-2025
Need guidance in bug bountyhttps://medium.com/@shahin3541/need-guidance-in-bug-bounty-a5171d591dec?source=rss------bug_bounty-5Shahinbug-bounty-hunter, bug-bounty-tips, bug-hunting, bug-bounty, bug-bounty-program01-May-2025
Find secrets in JS files(bug bounty)https://medium.com/@loyalonlytoday/find-secrets-in-js-files-bug-bounty-587e29025682?source=rss------bug_bounty-5loyalonlytodaycybersecurity, penetration-testing, bug-bounty-tips, hacking, bug-bounty30-Apr-2025
Port Scanning Speed Test: RustScan vs Naabuhttps://medium.com/fmisec/rustscan-vs-naabu-9d7cfbd18424?source=rss------bug_bounty-5Patar Isac Pardomuannetwork-security, cybersecurity, penetration-testing, red-team, bug-bounty30-Apr-2025
One OTP to Rule Them All: How I Replayed a Single Response and Logged in Forever on target.comhttps://medium.com/@choudharinayan05/one-otp-to-rule-them-all-how-i-replayed-a-single-response-and-logged-in-forever-on-target-com-f58e58261607?source=rss------bug_bounty-5Nayan Choudharycybersecurity, bug-bounty, bug-bounty-tips, ethical-hacking, bug-bounty-writeup30-Apr-2025
How I Found Bugs on Adobehttps://infosecwriteups.com/how-i-found-bugs-on-adobe-16cedb79e830?source=rss------bug_bounty-5RivuDonethical-hacking, bug-bounty-tips, bug-bounty, infosec, bug-bounty-writeup30-Apr-2025
How to Detect Credential Dumping Tools like Mimikatz & LaZagne on Endpointshttps://medium.com/@paritoshblogs/how-to-detect-credential-dumping-tools-like-mimikatz-lazagne-on-endpoints-c914ec745e40?source=rss------bug_bounty-5Paritoshmimikatz, bug-bounty, cybersecurity, hacking, information-technology30-Apr-2025
$500 Bug Bounty:Open Redirection via OAuth on Shopifyhttps://infosecwriteups.com/500-bug-bounty-open-redirection-via-oauth-on-shopify-4159387482f9?source=rss------bug_bounty-5Monika sharmatechnology, hacking, bug-bounty, penetration-testing, cybersecurity30-Apr-2025
Starting out Bug Bounty as a Beginnerhttps://medium.com/@bharathi200412/starting-out-bug-bounty-as-a-beginner-12df44ccedcb?source=rss------bug_bounty-5hackerhaishayadbug-bounty, burpsuite, tools30-Apr-2025
Understanding Supply Chain Attackshttps://medium.com/meetcyber/understanding-supply-chain-attacks-19f97e8116cb?source=rss------bug_bounty-5Erkan Kavasbug-bounty, cybersecurity, attack-surface, mitre-attack, mitre-attack-framework30-Apr-2025
DOM-inated! How a Tiny JS Sink Turned Into Critical XSShttps://medium.com/@iski/dom-inated-how-a-tiny-js-sink-turned-into-critical-xss-a9a1dbe97df2?source=rss------bug_bounty-5Iskiinfosec, cybersecurity, hacking, bug-bounty, money30-Apr-2025
Caught an IDOR Vulnerability on a Private Program — Earned a Bountyhttps://cybersecuritywriteups.com/caught-an-idor-vulnerability-on-a-private-program-earned-a-bounty-a99d3ac6602b?source=rss------bug_bounty-5Whitehatcybersecurity, bug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips30-Apr-2025
LLM-powered Agent for Automated Google Dorkinghttps://medium.com/@yee-yore/llm-powered-agent-for-automated-google-dorking-dcb14d609dc2?source=rss------bug_bounty-5yee-yoreagentic-ai, bug-bounty, google, osint, large-language-models30-Apr-2025
Join WING CODE: The Free Telegram Hub for Cybersecurity Learnershttps://medium.com/@wingcode/join-wing-code-the-free-telegram-hub-for-cybersecurity-learners-6e8638f29bd1?source=rss------bug_bounty-5Wing Codebug-bounty, cyber-security-training, learn-cybersecurity, soc, cyber30-Apr-2025
Cybersecurity eBook Collection for Aspiring Hackers and Analysts — Curated by @VeryLazyTechhttps://medium.com/@verylazytech/cybersecurity-ebook-collection-for-aspiring-hackers-and-analysts-curated-by-verylazytech-87dee170b9fb?source=rss------bug_bounty-5Very Lazy Techexploitation, bug-bounty, hacker, ethical-hacking, penetration-testing30-Apr-2025
Mastering RCE: How I Exploit Remote Code Execution Bugs Like a Prohttps://infosecwriteups.com/mastering-rce-how-i-exploit-remote-code-execution-bugs-like-a-pro-ddcc816552bf?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, rce, infosec, hacking, bug-bounty30-Apr-2025
CORS InspectorCORS Inspectorhttps://medium.com/@lukas.simunovic/cors-inspectorcors-inspector-b536fd5449c4?source=rss------bug_bounty-5Lukas Simunovicbug-bounty-tips, hacking, bug-bounty, vulnerability, cybersecurity30-Apr-2025
Understanding User Input Security: Bypasses, Techniques, and Real Exampleshttps://medium.com/@mr45atwork.247/understanding-user-input-security-bypasses-techniques-and-real-examples-dade12f36653?source=rss------bug_bounty-5Mr. Lucifercybersecurity, ethical-hacking, xss-vulnerability, bug-bounty, penetration-testing30-Apr-2025
Key Security Components in Android & Security Metrics: The Foundation of App Securityhttps://justdvnsh.medium.com/key-security-components-in-android-security-metrics-the-foundation-of-app-security-e82eb5ce77de?source=rss------bug_bounty-5Divyansh Dwivedibug-bounty, android, hacking, research-and-development, security30-Apr-2025
From Internal IP Discovery to Full Database Dumphttps://medium.com/@dotHatab/from-internal-ip-discovery-to-full-database-dump-96fbd85dbc7a?source=rss------bug_bounty-5dotHatabdata-breach, information-disclosure, web-application-security, haveibeenpwned, bug-bounty30-Apr-2025
When Does URL Encoding Happen?https://medium.com/@zoningxtr/when-does-url-encoding-happen-a5ff6e88c59f?source=rss------bug_bounty-5Zoningxtrpython-programming, bug-bounty, web-development, javascript, html30-Apr-2025
Complete Guide: URL Encoding Trigger Cases with Detailed Explanations and Exampleshttps://medium.com/@zoningxtr/complete-guide-url-encoding-trigger-cases-with-detailed-explanations-and-examples-0fe80eb6be90?source=rss------bug_bounty-5Zoningxtrhtml, javascript, web-development, bug-bounty, django30-Apr-2025
April Make Me Happy (Bug Bounty Hunting)https://0xshuvo.medium.com/april-make-me-happy-bug-bounty-hunting-2af3fcf15746?source=rss------bug_bounty-5Shuvo Kumar Saharecon, infosec, bugbounty-tips, bug-bounty, dorking30-Apr-2025
Vulnerabilities You Can Find in a Payment Gatewayhttps://medium.com/@sherlock297/vulnerabilities-you-can-find-in-a-payment-gateway-338b944b0f61?source=rss------bug_bounty-5Ravindra Dagalepayments, information-technology, bug-bounty, cybersecurity, vulnerability30-Apr-2025
From Out-of-Scope to Critical: How I Earned 2500$ by Breaking the Ruleshttps://medium.com/@arrasgotcha/from-out-of-scope-to-critical-how-i-earned-2500-by-breaking-the-rules-e8165ec5ef37?source=rss------bug_bounty-5Gotcha1Gbug-bounty, cybersecurity, development, hacking, programming30-Apr-2025
IDOR : Ketika URL Bisa Jadi Kunci untuk Bobol Data Orang lainhttps://medium.com/@zakyputra628/idor-ketika-url-bisa-jadi-kunci-untuk-bobol-data-orang-lain-7b68073f56d0?source=rss------bug_bounty-5Zaky Putra Pratamacybersecurity, bug-bounty, hacking, indonesia, web-security30-Apr-2025
How I Found My First Bug: IDOR Vulnerability & Got a $$$ Bounty!https://medium.com/@zephyrus18/how-i-found-my-first-bug-idor-vulnerability-got-a-500-bounty-d11b983e1460?source=rss------bug_bounty-5Zephyruscybercrime, bug-bounty, cybersecurity, bugs, cyber-security-awareness30-Apr-2025
From Internal IP Discovery to Full Database Dumphttps://medium.com/@drhatab/from-internal-ip-discovery-to-full-database-dump-6fbbac0ff822?source=rss------bug_bounty-5Mustafa Hatabweb-app-pentesting, web-app-security, pentesting, bug-bounty, sensitive-data30-Apr-2025
Hacking Workspace for Fun & Profit: Part IIhttps://0xh7ml.medium.com/hacking-workspace-for-fun-profit-part-ii-de9cd3cc9755?source=rss------bug_bounty-5Md Saikatbroken-access-control, info-sec-writeups, idor, bug-bounty-writeup, bug-bounty30-Apr-2025
How I Earned $1700 from Stripe Bug Bountieshttps://medium.com/@Rinkesh_Patidar/how-i-earned-1700-from-stripe-bug-bounties-28173e8b0a56?source=rss------bug_bounty-5Rinkesh Patidarreport, stripe, hackerone-report, bug-bounty, bugs30-Apr-2025
MCP Prompt Injection: The AI Hack That Cuts Both Ways ️https://ismailtasdelen.medium.com/mcp-prompt-injection-the-ai-hack-that-cuts-both-ways-%EF%B8%8F-f340de123451?source=rss------bug_bounty-5Ismail Tasdelenartificial-intelligence, appsec, application-security, bug-bounty, email-security30-Apr-2025
How I Simply Bypassed a 400 Bad Request and Escalated My Access from Member to Ownerhttps://abumaryamrahmat.medium.com/%D8%A8%D8%B3%D9%85-%D8%A7%D9%84%D9%84%D9%87-%D8%A7%D9%84%D8%B1%D8%AD%D9%85%D9%86-%D8%A7%D9%84%D8%B1%D8%AD%D9%8A%D9%85-7e837698fe4b?source=rss------bug_bounty-5Abu Maryam Rahmatpenetration-testing, bug-bounty-writeup, bug-bounty, bug-bounty-tips, hackerone30-Apr-2025
$500,000 to Catch STON.fi Bugs?! Let’s Get Hunting, STONfiers!https://medium.com/@savesjustice/500-000-to-catch-ston-fi-bugs-lets-get-hunting-stonfiers-8e3c2ba6ad55?source=rss------bug_bounty-5MADEOFBLUrewards, stonfi, bug-bounty, cryptocurrency, defi29-Apr-2025
Find .JS files of your bug bounty target(JS FILES RECON)https://medium.com/@loyalonlytoday/find-js-files-of-your-bug-bounty-target-js-files-recon-306c3b169bae?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, cybersecurity, ethical-hacking, bug-bounty, bug-bounty-tips29-Apr-2025
$100 Password Reset Flawhttps://osintteam.blog/100-password-reset-flaw-7827effebca2?source=rss------bug_bounty-5Monika sharmahacking, cybersecurity, bug-bounty, penetration-testing, technology29-Apr-2025
Password Recovery? More Like Account Delivery Host Header Injection Madnesshttps://medium.com/@loayahmed686/password-recovery-more-like-account-delivery-host-header-injection-madness-b0d0eb3a3b6d?source=rss------bug_bounty-5r00tbug-bounty-writeup, bug-bounty-tips, bug-bounty, infosec29-Apr-2025
How can i find a Jenkins dashboard and ended up with Reverse Shell on shodanhttps://medium.com/@fakechan443/how-can-i-find-a-jenkins-dashboard-and-ended-up-with-reverse-shell-with-shodan-31fcfb8db8b4?source=rss------bug_bounty-5Fakhri Abbas Ailatatjenkins-pipeline, ethical-hacking, bug-bounty, bug-bounty-writeup, shodan29-Apr-2025
Shadow Copy Forensics: Detecting and Investigating VSS Tamperinghttps://medium.com/@paritoshblogs/shadow-copy-forensics-detecting-and-investigating-vss-tampering-17c5bf555230?source=rss------bug_bounty-5Paritoshhacking, detection, cybersecurity, bug-bounty, forensics29-Apr-2025
SyncVault Bug Bounty Challengehttps://medium.com/@syncvault/syncvault-bug-bounty-challenge-bfd466be173c?source=rss------bug_bounty-5SyncVaultsyncvault, airdrop, devsecops, bug-bounty, web329-Apr-2025
️ The ULTIMATE Web App Hacking Checklist for Bug Bounty Huntershttps://redxcybersec.medium.com/%EF%B8%8F-the-ultimate-web-app-hacking-checklist-for-bug-bounty-hunters-a495b436ab6f?source=rss------bug_bounty-5REDx Cybersecbug-bounty, web-security, pentesting, cybersecurity, ethical-hacking29-Apr-2025
GraphQL API hacking Series for Bug Hunters Part 02https://medium.com/@lancersiromony/graphql-api-hacking-series-for-bug-hunters-part-02-837e0bc3be06?source=rss------bug_bounty-5IronGhostgraphql-tools, api, bug-bounty, hacking, graphql29-Apr-2025
What Recruiters Look for in a Cybersecurity Resume in 2025https://infosecwriteups.com/what-recruiters-look-for-in-a-cybersecurity-resume-in-2025-dcc81fa3154e?source=rss------bug_bounty-5Abhijeet Kumawathacking, cybersecurity, bug-bounty, resume, jobs29-Apr-2025
$140 Bounty: Full Path Disclosure on ads.twitter.comhttps://infosecwriteups.com/140-bounty-full-path-disclosure-on-ads-twitter-com-bdedd140ac27?source=rss------bug_bounty-5Monika sharmabug-bounty, hacking, technology, penetration-testing, cybersecurity29-Apr-2025
How Hackers Try to Bypass 403 Forbidden Pageshttps://infosecwriteups.com/how-hackers-try-to-bypass-403-forbidden-pages-239c3f51a674?source=rss------bug_bounty-5Vipul Sonulecybersecurity, bug-bounty, hacking, tech, infosec29-Apr-2025
Not Just a Ping: How SSRF Opened the Gateway to Internal Secretshttps://infosecwriteups.com/not-just-a-ping-how-ssrf-opened-the-gateway-to-internal-secrets-d18eeccd4745?source=rss------bug_bounty-5Iskimone, bug-bounty, cybersecurity, infose, hacking29-Apr-2025
️HTML Encoding Real Cases in deephttps://medium.com/@zoningxtr/%EF%B8%8Fhtml-encoding-real-cases-in-deep-23945237edc6?source=rss------bug_bounty-5Zoningxtrweb-development, bug-bounty, javascript, penetration-testing, html29-Apr-2025
What Happens When You Request a Web Page?https://medium.com/@zoningxtr/what-happens-when-you-request-a-web-page-5e382e05d89f?source=rss------bug_bounty-5Zoningxtrjavascript, penetration-testing, bug-bounty, html, web-development29-Apr-2025
What is HTML Safe Character Encoding?https://medium.com/@zoningxtr/what-is-html-safe-character-encoding-54a687fa8949?source=rss------bug_bounty-5Zoningxtrpenetration-testing, javascript, cybersecurity, bug-bounty, html29-Apr-2025
subdomain-scanner200OKhttps://medium.com/@lukas.simunovic/subdomain-scanner200ok-fcd762413e07?source=rss------bug_bounty-5Lukas Simunovichacking-tools, hacking, bug-bounty29-Apr-2025
Bug bounty program STON.fi: $500,000 in rewardshttps://medium.com/@aqkiler/bug-bounty-program-ston-fi-500-000-in-rewards-c03c1b90c24d?source=rss------bug_bounty-5aqkilerstonfi, dex, bug-bounty, ston29-Apr-2025
Bug Bounty программа STON.fi: $500,000 в наградахhttps://medium.com/@aqkiler/bug-bounty-%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D0%B0-ston-fi-500-000-%D0%B2-%D0%BD%D0%B0%D0%B3%D1%80%D0%B0%D0%B4%D0%B0%D1%85-ca3da312326d?source=rss------bug_bounty-5aqkilerdex, bug-bounty, ston, stonfi29-Apr-2025
Exploiting SQLi for Total Clients Control in Enterprise Applicationhttps://medium.com/@es0557533/exploiting-sqli-for-total-clients-control-in-enterprise-application-e940acf34aa6?source=rss------bug_bounty-5Isvsql-injection, cybersecurity, bug-bounty, bug-bounty-writeup, bug-bounty-tips29-Apr-2025
1 Click Account Takeover | XSS | CORS Misconfiguration | JWT Forgeryhttps://infosecwriteups.com/1-click-account-takeover-xss-cors-misconfiguration-jwt-forgery-0cf73a28e236?source=rss------bug_bounty-5Raymond Van Wartxss-attack, bug-bounty, jwt, cybersecurity, account-takeover29-Apr-2025
$450 Bounty: Stole Facebook OAuth Access Tokens via Phabricatorhttps://osintteam.blog/450-bounty-stole-facebook-oauth-access-tokens-via-phabricator-4c4468268302?source=rss------bug_bounty-5Monika sharmapenetration-testing, cybersecurity, hacking, technology, bug-bounty29-Apr-2025
From Logs to ATO | How I Hacked IBMhttps://cylent.net/from-logs-to-ato-how-i-hacked-ibm-52552d95dacf?source=rss------bug_bounty-5Mohamed Talaat Saada (@t4144t)penetration-testing, bug-bounty, application-security, bug-bounty-writeup, bug-bounty-tips29-Apr-2025
I Have a Hacking Gig For YOU, Hack Them and Get Paidhttps://muhammadola.medium.com/i-have-a-hacking-gig-for-you-hack-them-and-get-paid-2cddf6442492?source=rss------bug_bounty-5Muhammadethical-hacking, stonfi, bug-bounty, ton, dex29-Apr-2025
️HTML Encoding Real Cases in deephttps://medium.com/@zoningxtr/%EF%B8%8Fhtml-encoding-real-cases-in-deep-23945237edc6?source=rss------bug_bounty-5Zoningxtrweb-development, bug-bounty, javascript, xss-attack, penetration-testing29-Apr-2025
Unlock Bounties by Simply Reading: A Smart Way to Earnhttps://infosecwriteups.com/unlock-bounties-by-simply-reading-a-smart-way-to-earn-63a1cb410450?source=rss------bug_bounty-5Reju Kolebug-bounty-writeup, cyber-security-training, bug-bounty, cybersecurity, bug-bounty-tips29-Apr-2025
Mastering Runtime Hooking with Frida — Real-World Challenges Explained (Part -1)https://medium.com/@ch3tanbug/mastering-runtime-hooking-with-frida-real-world-challenges-explained-part-1-17a7f57ea87b?source=rss------bug_bounty-5CH3TANbug-bounty, cybersecurity, reverse-engineering, frida, android-pentesting29-Apr-2025
JS-URL-Endpoint-Harvesterhttps://medium.com/@lukas.simunovic/js-url-endpoint-harvester-5885d3a69ef6?source=rss------bug_bounty-5Lukas Simunovichacking-tools, bug-bounty, scanning-tool, hacking, automation-tools29-Apr-2025
How I Made $12k in 48 Hours — By Recovering ‘Deleted’ Fileshttps://medium.com/@ibtissamhammadi/how-i-made-12k-in-48-hours-by-recovering-deleted-files-57bf7289ab9e?source=rss------bug_bounty-5Ibtissam Hammadibug-bounty, passive-income, hacking, github, cybersecurity28-Apr-2025
Hunting Suspicious DLL Side-Loading Activityhttps://medium.com/@paritoshblogs/hunting-suspicious-dll-side-loading-activity-5d919f018ac6?source=rss------bug_bounty-5Paritoshdll-sideloading, bug-bounty, hacking, hunting, cybersecurity28-Apr-2025
$500 XSS Payload in Slackhttps://osintteam.blog/500-xss-payload-in-slack-0b99de50f4df?source=rss------bug_bounty-5Monika sharmapenetration-testing, cybersecurity, technology, bug-bounty, hacking28-Apr-2025
☁️How to Setup a Custom Subdomain on xss.ht — A Complete Hacker's Guidehttps://infosecwriteups.com/%EF%B8%8Fhow-to-setup-a-custom-subdomain-on-xss-ht-a-complete-hackers-guide-a0018704c391?source=rss------bug_bounty-5Abhijeet Kumawatvulnerability, hacking, xss-attack, bug-bounty, cybersecurity28-Apr-2025
How I Found a Broken Access Control That Exposed Interview Answers?https://osintteam.blog/how-i-found-a-broken-access-control-vulnerability-that-exposed-interview-answers-e353128f6883?source=rss------bug_bounty-5Sri Shavin Kumarethical-hacking, hall-of-fame, cybersecurity, bug-bounty, bug-bounty-writeup28-Apr-2025
How i Access The Deleted Files of Someone in Google Drive | Bug Bountyhttps://ph-hitachi.medium.com/how-i-access-the-deleted-files-of-someone-in-google-drive-bug-bounty-eac134df1de4?source=rss------bug_bounty-5Ph.Hitachigoogle-vrp, google-drive, bug-bounty, hackerone, broken-access-control28-Apr-2025
How to Master Subdomain Takeovers in 2025https://infosecwriteups.com/how-to-master-subdomain-takeovers-in-2025-023f9f4817af?source=rss------bug_bounty-5Vipul Sonulehacking, infosec, bug-bounty, tech, bug-bounty-tips28-Apr-2025
$500 Bounty: For a Simple Open Redirecthttps://infosecwriteups.com/500-bounty-for-a-simple-open-redirect-a34051071a5c?source=rss------bug_bounty-5Monika sharmatechnology, penetration-testing, hacking, cybersecurity, bug-bounty28-Apr-2025
How I Earned $8947 bounty for Remote Code Execution via a Hijacked GitHub Modulehttps://nvk0x.medium.com/how-i-earned-8947-bounty-for-remote-code-execution-via-a-hijacked-github-module-91c4a4b63255?source=rss------bug_bounty-5Naveen kumawatbug-bounty-tips, hackerone, bug-bounty, bugbounty-writeup, hacking28-Apr-2025
JWT, Meet Me Outside: How I Decoded, Re-Signed, and Owned the Apphttps://infosecwriteups.com/jwt-meet-me-outside-how-i-decoded-re-signed-and-owned-the-app-95791eabcf5d?source=rss------bug_bounty-5Iskiinfosec, hacking, cybersecurity, mone, bug-bounty28-Apr-2025
GraphQL API hacking Series for bug hunters 01https://medium.com/@lancersiromony/graphql-api-hacking-series-for-bug-hunters-01-4db602685d16?source=rss------bug_bounty-5IronGhostapihacking, hacking-tools, bug-bounty, graphql, hacking28-Apr-2025
POC — CVE-2025–29306 FOXCMS /images/index.html Code Execution Vulnerabilityhttps://medium.com/@verylazytech/poc-cve-2025-29306-foxcms-images-index-html-code-execution-vulnerability-0c4db3905fd0?source=rss------bug_bounty-5Very Lazy Techcve-2025-29306, rce, hacking, foxcms, bug-bounty28-Apr-2025
GraphQL API hacking Series for Bug Hunters Part 01https://medium.com/@lancersiromony/graphql-api-hacking-series-for-bug-hunters-01-4db602685d16?source=rss------bug_bounty-5IronGhostapihacking, hacking-tools, bug-bounty, graphql, hacking28-Apr-2025
Exploiting a Referer Header for Open Redirecthttps://ehteshamulhaq198.medium.com/exploiting-a-referer-header-for-open-redirect-ee2baa4a45b5?source=rss------bug_bounty-5Ehtesham Ul Haqpenetration-testing, open-redirect, infosec, rewards, bug-bounty28-Apr-2025
The $2500 bug: Remote Code Execution via Supply Chain Attackhttps://nvk0x.medium.com/the-2500-bug-remote-code-execution-via-supply-chain-attack-3beb07ac1a4c?source=rss------bug_bounty-5Naveen kumawatbug-bounty-writeup, hackerone, bug-bounty, bug-bounty-tips, hacking28-Apr-2025
Simple Tips for Bug Bounty Beginners: Content Spoofing via HTML Injectionhttps://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-content-spoofing-via-html-injection-a0ae7c39a89a?source=rss------bug_bounty-5Anish Narayanoffensive-security, cybersecurity, bug-bounty-tips, bug-bounty-writeup, bug-bounty28-Apr-2025
The OSINT Blueprint: Elevate Your Investigation Skills to Extraordinary Levelshttps://4swolf.medium.com/the-osint-blueprint-elevate-your-investigation-skills-to-extraordinary-levels-0e7f7c832b9d?source=rss------bug_bounty-5wulfhacking-tools, bug-bounty, hackerone, osint, hacker28-Apr-2025
# Walkthrough: VulnHub Machine — Ted 1 (Full Root Access)https://medium.com/@ghostcat1337/walkthrough-vulnhub-machine-ted-1-full-root-access-12b19f4dc036?source=rss------bug_bounty-5ghostcatpenetration-testing, infosec, cybersecurity, bug-bounty, ctf-writeup28-Apr-2025
I Hijacked Accounts in 10 Minutes (IDOR Bug)https://medium.com/@ibtissamhammadi/i-hijacked-accounts-in-10-minutes-idor-bug-b44ae8e53dfa?source=rss------bug_bounty-5Ibtissam Hammadiinfosec, bug-bounty, hacking, cybersecurity, hackerone28-Apr-2025
Day 13: Visible error-based SQL injection — Zero to Hero Blind Injection — Portswiggerhttps://arayofhope7.medium.com/day-13-visible-error-based-sql-injection-zero-to-hero-blind-injection-portswigger-3da2241a1672?source=rss------bug_bounty-5RayofHopepenetration-testing, web-penetration-testing, ethical-hacking, bug-bounty, cybersecurity28-Apr-2025
VeriSource Data Breach Impacts 4 Million Peoplehttps://wiretor.medium.com/verisource-data-breach-impacts-4-million-people-fe05cce5aac4?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesusa, malware, xss-attack, bug-bounty, ai28-Apr-2025
How Breaches Start: Breaking Down 5 Real Vulnerabilities ️‍♂️https://ismailtasdelen.medium.com/how-breaches-start-breaking-down-5-real-vulnerabilities-%EF%B8%8F-%EF%B8%8F-8b1a032b0335?source=rss------bug_bounty-5Ismail Tasdelenvulnerability, application-security, bug-bounty-writeup, bug-bounty-tips, bug-bounty28-Apr-2025
Google Cloud Account Takeover via URL Parsing Confusionhttps://weirdmachine.medium.com/google-cloud-account-takeover-via-url-parsing-confusion-c5e47389b7c7?source=rss------bug_bounty-5Mohamed Benchikhaccount-take-over, bugbounty-writeup, bug-bounty, google-cloud-platform28-Apr-2025
Road to SSRF : PDF generation and filter bypass on ASP.net applicationhttps://medium.com/@supr4s.other/road-to-ssrf-pdf-generation-and-filter-bypass-on-asp-net-application-dd3aa91c0fed?source=rss------bug_bounty-5Supr4sbug-bounty, ssrf-attack28-Apr-2025
How You Can Earn Up to $100,000 with STON.fi Bug Bounty Programhttps://medium.com/@vlad2566/how-you-can-earn-up-to-100-000-with-ston-fi-bug-bounty-program-18861e0285e5?source=rss------bug_bounty-5CRYPTANUAton, stonfi, bug-bounty28-Apr-2025
WolfVision Cynap Smart Presentation Device Vulnerability Discovered: Anonymous Access Risk at…https://medium.com/@hacker_might/wolfvision-cynap-smart-presentation-device-vulnerability-discovered-anonymous-access-risk-at-4a5ed41a9f06?source=rss------bug_bounty-5hacker_mightbug-bounty-writeup, bug-bounty, cyber-security-awareness, iot, iot-security28-Apr-2025
Detecting Hidden Scheduled Tasks & At Jobs Created by Malwarehttps://medium.com/@paritoshblogs/detecting-hidden-scheduled-tasks-at-jobs-created-by-malware-c9038d5d4544?source=rss------bug_bounty-5Paritoshmalware, bug-bounty, malware-analysis, hacking, cybersecurity27-Apr-2025
How to Turn Cybersecurity Into a Full-Time Income (My Blueprint)https://infosecwriteups.com/how-to-turn-cybersecurity-into-a-full-time-income-my-blueprint-f4d70cb01f73?source=rss------bug_bounty-5Abhijeet Kumawatcareers, bug-bounty, infosec, cybersecurity, hacking27-Apr-2025
How I Found The Unauthorized account manipulation?https://doordiefordream.medium.com/how-i-found-the-unauthorized-account-manipulation-3f3312360751?source=rss------bug_bounty-5DOD cyber solutionscybersecurity, bug-bounty, ethical-hacking, technology, vulnerability27-Apr-2025
Attacking Web Applications with FFuFhttps://medium.com/@yashpawar1199/attacking-web-applications-with-ffuf-63673231452e?source=rss------bug_bounty-5Yash Pawar @HackersParadisefuzzing, web-attack, bug-bounty-writeup, ffuf, bug-bounty27-Apr-2025
Understanding XSS (Cross-Site Scripting)https://medium.com/@parthchheda777/understanding-xss-cross-site-scripting-4cfbcc7bab2e?source=rss------bug_bounty-5Parthchhedalearning, xss-attack, cybersecurity, bug-bounty27-Apr-2025
My Journey from last 85 days of Learning Pentestinghttps://medium.com/@gobbledy/my-journey-from-last-85-days-of-learning-pentesting-71fe9bad7e71?source=rss------bug_bounty-5gobbledypentesting, bug-bounty, information-security, cybersecurity27-Apr-2025
“Account Takeovers Made Easy: Critical JWT Exposure via Archived URLs”https://medium.com/@choudharinayan05/account-takeovers-made-easy-critical-jwt-exposure-via-archived-urls-1b7380c62943?source=rss------bug_bounty-5Comp_Nayan Choudharybug-bounty, cybersecurity, ethical-hacking, bug-bounty-writeup27-Apr-2025
The Future of Bug Bounties: What Ethical Hackers Need to Know!https://medium.com/@cybertalents/the-future-of-bug-bounties-what-ethical-hackers-need-to-know-2a5fba3213b9?source=rss------bug_bounty-5CyberTalentscybersecurity, ethical-hacking, careers, cyber-security-awareness, bug-bounty27-Apr-2025
Understanding CSRF (Cross Site Request Forgery)https://medium.com/@parthchheda777/understanding-csrf-cross-site-request-forgery-08d0ea732026?source=rss------bug_bounty-5Parthchhedacsrf, csrf-token, learning, bug-bounty, cybersecurity27-Apr-2025
Dalam dunia ethical hacking dan penetration testing, penguasaan sistem operasi Linux menjadi kunci…https://medium.com/@ahmadcybr21/dalam-dunia-ethical-hacking-dan-penetration-testing-penguasaan-sistem-operasi-linux-menjadi-kunci-f05308396791?source=rss------bug_bounty-5Ahmadcybrhacker, cybersecurity, whitehat, bug-bounty, linux27-Apr-2025
Login? Who Needs That? Bypassing OAuth Like a Lazy Hacker on Sunday ☀️https://infosecwriteups.com/login-who-needs-that-bypassing-oauth-like-a-lazy-hacker-on-sunday-%EF%B8%8F-76802cc8025d?source=rss------bug_bounty-5Iskicybersecurity, bug-bounty, infosec, money, hacking27-Apr-2025
a simple watch tower (:https://medium.com/@cryptoboot123/a-simple-watch-tower-19467f0bee49?source=rss------bug_bounty-5Cryptobootbug-bounty, bug-bounty-writeup, watchtower, bug-bounty-tips27-Apr-2025
POC — Remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code…https://medium.com/@verylazytech/poc-remote-and-unauthenticated-attacker-can-send-crafted-http-requests-to-execute-arbitrary-code-4b591d45ff4f?source=rss------bug_bounty-5Very Lazy Techbug-bounty, cve-2025-3248, exploit, rce, hacking27-Apr-2025
Manual Testing for Privilege Escalation and Broken Access Control My (Methodology)https://medium.com/@kroush333/manual-testing-for-privilege-escalation-and-broken-access-control-my-methodology-a3b9f41b82a2?source=rss------bug_bounty-5MahmoudKroushbug-bounty-tips, bug-bounty, cybersecurity, penetration-testing, bug-bounty-writeup27-Apr-2025
Hacking APIs: Attackers exploiting SSRFhttps://iaraoz.medium.com/hacking-apis-attackers-exploiting-ssrf-57624d575987?source=rss------bug_bounty-5Israel Aráoz Severichecybersecurity, bug-bounty, api, owasp27-Apr-2025
Vaulting over a .innerHTML sink in a Locked-Down CSPhttps://infosecwriteups.com/vaulting-over-a-innerhtml-sink-in-a-locked-down-csp-a628be8ba9dc?source=rss------bug_bounty-5SMHTahsin33dom-xss, csp, innerhtml, xss-attack, bug-bounty27-Apr-2025
The World Needs More Cyber Warriors: Here’s Why You Should Join Cybersecurity Todayhttps://medium.com/@uday7981047612/the-world-needs-more-cyber-warriors-heres-why-you-should-join-cybersecurity-today-323a5a4c7485?source=rss------bug_bounty-5Uday Venkatpenetration-testing, bug-bounty, ethical-hacking, cybersecurity, networking27-Apr-2025
From Discovery to Patch: Critical DOM XSS & Open Redirect in Toyota’s Parts Portalhttps://medium.com/@N0aziXss/from-discovery-to-patch-critical-dom-xss-open-redirect-in-toyotas-parts-portal-e36383fa1aa1?source=rss------bug_bounty-5N0aziXssweb-security, bug-bounty, ethical-hacking, open-redirect, dom-xss27-Apr-2025
Privilege Escalation via IDOR and ACL Bypass in a SaaS Applicationhttps://kumarmohank889.medium.com/privilege-escalation-via-idor-and-acl-bypass-in-a-saas-application-e079bcd2cc4a?source=rss------bug_bounty-5Mohan Kumar Nbug-bounty-tips, hacking, cybersecurity, ethical-hacking, bug-bounty27-Apr-2025
Bypassing Access control through OPTIONS Request + Method Smuggling: A Hacker One Findinghttps://ayushkr12.medium.com/smuggling-my-way-past-frontend-filters-a-fun-find-on-hackerone-4424dad3a16e?source=rss------bug_bounty-5Ayush Kumarpentesting, bug-bounty, hacking, access-control27-Apr-2025
Millions of Records Exposed via SQL Injection in a Tamil Nadu Government Portalhttps://medium.com/@dharineeshj2/millions-of-records-exposed-via-sql-injection-in-a-tamil-nadu-government-portal-0981d3827ed2?source=rss------bug_bounty-5Hack-Batbug-bounty, hacking, cybersecurity, pentesting, ethical-hacking26-Apr-2025
Microsoft Is Paying Up to $30,000 for AI Security Flawshttps://medium.com/@Cyber-AppSec/microsoft-is-paying-up-to-30-000-for-ai-security-flaws-d4f1fec247d6?source=rss------bug_bounty-5Cyber-AppSecinformation-security, cybersecurity, ai, bug-bounty, microsoft26-Apr-2025
⏱️ There were no visible errors, no hints… only the server’s hesitation told me the truth.https://infosecwriteups.com/%EF%B8%8F-there-were-no-visible-errors-no-hints-only-the-servers-hesitation-told-me-the-truth-7b4987f10444?source=rss------bug_bounty-5phoenixcatalanpentesting, bug-bounty, portswigger, ethical-hacking, hacking26-Apr-2025
Path Traversal Attack: How I Accessed Admin Secretshttps://infosecwriteups.com/path-traversal-attack-how-i-accessed-admin-secrets-fa5de1865031?source=rss------bug_bounty-5Vipul Sonulehacking, bug-bounty, cybersecurity, bug-bounty-tips, infosec26-Apr-2025
Symbolic Execution vs Traditional Static Analysis in Smart Contract Securityhttps://securrtech.medium.com/symbolic-execution-vs-traditional-static-analysis-in-smart-contract-security-97a9289bbd48?source=rss------bug_bounty-5Securr - Web3 Securitybug-bounty, smart-contract-security, smart-contract-auditing, blockchain-security, web3-security26-Apr-2025
How I Catch XSS Bugs That Most Hunters Misshttps://infosecwriteups.com/how-i-catch-xss-bugs-that-most-hunters-miss-7f226d3a1dea?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, vulnerability, hacking, xss-attack, bug-bounty26-Apr-2025
Misconfiguration on MinIO S3 Bucket (Similar to AWS S3 Misconfig)https://frostyxsec.medium.com/misconfiguration-on-minio-s3-bucket-similar-to-aws-s3-misconfig-a6754d29d011?source=rss------bug_bounty-5Frostyxsecbug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-writeup26-Apr-2025
OAuth Desync Chain: From Smuggling to Session Hijack Without Credentialshttps://medium.com/@m3681371/oauth-desync-chain-from-smuggling-to-session-hijack-without-credentials-3959cedaf579?source=rss------bug_bounty-5m6r001http2, research, oauth, bug-bounty, web-security26-Apr-2025
Breaking the Hierarchy: How I Bypassed Role Restrictions to Become Ownerhttps://medium.com/meetcyber/breaking-the-hierarchy-how-i-bypassed-role-restrictions-to-become-owner-2635e1e33d85?source=rss------bug_bounty-5Fuzzyy Duckinfo-sec-writeups, web-application-security, cybersecurity, bug-bounty, hacking26-Apr-2025
How I Bypassed Authentication on a Funded Fashion Site — And Took Over an Accounthttps://medium.com/@rolextital/how-i-bypassed-authentication-on-a-funded-fashion-site-and-took-over-an-account-8b8a9189fb4a?source=rss------bug_bounty-5Rolextitalbug-bounty, web-application-security, cybersecurity, ethical-hacking, authentication-bypass26-Apr-2025
The Hidden Param That Opened the Vault: A Dirty Param Tampering Talehttps://infosecwriteups.com/the-hidden-param-that-opened-the-vault-a-dirty-param-tampering-tale-52bfac3539fd?source=rss------bug_bounty-5Iskihacking, money, infosec, bug-bounty, cybersecurity26-Apr-2025
Waiting for admin approve , I don’t think so !https://medium.com/@abdallahehab_31039/waiting-for-admin-approve-i-dont-think-so-195a042f913e?source=rss------bug_bounty-5Abdallah Ehabethical-hacking, hunting, bug-bounty, response-manipulation26-Apr-2025
What if finding a simple bug could earn you $75,000?https://medium.com/@ndaawesome/what-if-finding-a-simple-bug-could-earn-you-75-000-de582f83cbb2?source=rss------bug_bounty-5Awesome Ndabomscrypto, bug-bounty, devops, defi, ton26-Apr-2025
How I Bypassed a WAF & Found My First XSS Bughttps://medium.com/@ibtissamhammadi/how-i-bypassed-a-waf-found-my-first-xss-bug-22429d7a3655?source=rss------bug_bounty-5Ibtissam Hammadibug-bounty, waf-bypass, xss-attack, cybersecurity, hacking26-Apr-2025
Breaking File Upload Security: Finding Hidden XSShttps://medium.com/@es0557533/breaking-file-upload-security-finding-hidden-xss-cfc6e38bcee3?source=rss------bug_bounty-5Isvbug-bounty-writeup, bug-bounty, xss-attack, bug-bounty-tips, xss-bypass26-Apr-2025
Top 10 Beginner Setup Problems in HTB and Bug Bounty (and How to Fix Them Fast)https://medium.com/@verylazytech/top-10-beginner-setup-problems-in-htb-and-bug-bounty-and-how-to-fix-them-fast-1f9a278415ea?source=rss------bug_bounty-5Very Lazy Techtryhackme, bug-bounty, htb, penetration-testing26-Apr-2025
Cybersecurity Roadmap for Beginners in 2025: Avoid These Common Mistakes on Your Learning Journeyhttps://infosecwriteups.com/cybersecurity-roadmap-for-beginners-in-2025-avoid-these-common-mistakes-on-your-learning-journey-7e8701bb1827?source=rss------bug_bounty-5Mr Horbiobug-bounty, penetration-testing, cybersecurity, ethical-hacking, roadmaps26-Apr-2025
Day 3 — Setting Up My Android Pentesting Labhttps://medium.com/@muhammedshemil25/day-3-setting-up-my-android-pentesting-lab-8a0f71de091c?source=rss------bug_bounty-5Muhammed.shemilandroid-pentesting, ethical-hacking, mobile-security, ctf, bug-bounty26-Apr-2025
My First P1https://callgh0st.medium.com/my-first-p1-ae9d09c02927?source=rss------bug_bounty-5callgh0stgenocide, github, hacking, bug-bounty, recon26-Apr-2025
XSS Vulnerability in One of the Top 10 Universities in Indiahttps://mushirsyed.medium.com/xss-vulnerability-on-one-of-the-top-10-universities-in-india-a2088fd31ef5?source=rss------bug_bounty-5Syed Mushirbug-bounty-tips, bug-bounty, bugs, xss-vulnerability, xss-attack26-Apr-2025
How I Chained Template Injections Across Pages to Trigger Reflected XSShttps://medium.com/@zoningxtr/how-i-chained-template-injections-across-pages-to-trigger-reflected-xss-5d4ef68efac5?source=rss------bug_bounty-5Zoningxtrcybersecurity, javascript, bug-bounty, penetration-testing, web-development26-Apr-2025
WooCommerce Admins Targeted by Fake Security Patches That Hijack Siteshttps://wiretor.medium.com/woocommerce-admins-targeted-by-fake-security-patches-that-hijack-sites-7bf1832f2963?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, usa, xss-attack, ai, bug-bounty26-Apr-2025
Subdomain Takeover on VDPhttps://medium.com/@vasubhan/subdomain-takeover-on-vdp-32cac749bf16?source=rss------bug_bounty-5Vasu Bhanwriteup, security-research, vdp, bug-bounty26-Apr-2025
How I Found phpinfo Exposure In telkomsigma.co.idhttps://firdausmuhammadismail.medium.com/how-i-found-phpinfo-in-telkomsigma-co-id-49c89a1b0404?source=rss------bug_bounty-5Firdaus Muhammad Ismailbug-bounty-tips, bug-bounty, vulnerability, bug-bounty-writeup, sensitive-data25-Apr-2025
How i found a RXSS by webpackhttps://medium.com/@yubanbanz/how-i-found-a-rxss-by-webpack-7e2217a3976d?source=rss------bug_bounty-5yubanbansecurity, xss-attack, bug-bounty25-Apr-2025
How to Find Hidden HackerOne & Bugcrowd Programshttps://medium.com/@ibtissamhammadi/how-to-find-hidden-hackerone-bugcrowd-programs-0149457cf048?source=rss------bug_bounty-5Ibtissam Hammadiosint, hackerone, hacking, cybersecurity, bug-bounty25-Apr-2025
Hunting Fileless Malware on Windows Systemshttps://medium.com/@paritoshblogs/hunting-fileless-malware-on-windows-systems-2243d81b1e2d?source=rss------bug_bounty-5Paritoshmalware, hacking, bug-bounty, fileless-malware, cybersecurity25-Apr-2025
Most Pro Hacker Adviced Beginners To Start with on VDP Program I Taked This Advice and After Three…https://medium.com/@youssefmohamed_84205/most-pro-hacker-adviced-beginners-to-start-with-on-vdp-program-i-taked-this-advice-and-after-three-bbc216680b6f?source=rss------bug_bounty-5Youssef Mohamedbug-bounty-tips, bug-bounty, bug-bounty-writeup, bugs, cybersecurity25-Apr-2025
From Casual Curiosity to Crucial Findings: vibe pentesting uncovers serious vulnerabilities in…https://medium.com/@kushjain0107/from-casual-curiosity-to-crucial-findings-vibe-pentesting-uncovers-serious-vulnerabilities-in-7c032383d227?source=rss------bug_bounty-5Kushal Jainbug-bounty, bug-hunting, appsec, cybsersecurity, ethical-hacking25-Apr-2025
The Fastest Way to Learn Web Hacking in 2025 (With Free Resources)https://infosecwriteups.com/the-fastest-way-to-learn-web-hacking-in-2025-with-free-resources-88c8e74a3889?source=rss------bug_bounty-5Abhijeet Kumawatchatgpt, cybersecurity, ai, hacking, bug-bounty25-Apr-2025
Earn your First $5000 Bug-Bounty.https://medium.com/@anandrishav2228/earn-your-first-5000-bug-bounty-c49495337ef0?source=rss------bug_bounty-5Rishav anandactive-directory, bug-bounty, cybersecurity, hacker, money25-Apr-2025
Secret Sauce in Robots.txt — How I Found Hidden Admin Panels and Debug URLshttps://infosecwriteups.com/secret-sauce-in-robots-txt-how-i-found-hidden-admin-panels-and-debug-urls-b7e8a11ea36f?source=rss------bug_bounty-5Iskibug-bounty, hacking, cybersecurity, money, infosec25-Apr-2025
10 Free Tools Every Beginner Bug Bounty Hunter Should Know (2025 Edition)https://medium.com/@aashifm/10-free-tools-every-beginner-bug-bounty-hunter-should-know-2025-edition-571ce494d907?source=rss------bug_bounty-5127.0.0.1bug-bounty, tools, burpsuite, exploitation, cybersecurity25-Apr-2025
$500,000 Up for Grabs: STON.fi Launches a High-Stakes Bug Bounty Program on TONhttps://medium.com/@lygophilea/500-000-up-for-grabs-ston-fi-launches-a-high-stakes-bug-bounty-program-on-ton-6a5a5b5b967f?source=rss------bug_bounty-5Lygoph_writesdefi, bug-bounty, cryptocurrency, hacking, web325-Apr-2025
Mastering Linux Privilege Escalation: Part 3 — Advanced Exploits, NFS, and Real-World Strategyhttps://medium.com/@verylazytech/mastering-linux-privilege-escalation-part-3-advanced-exploits-nfs-and-real-world-strategy-0ba8198f03dc?source=rss------bug_bounty-5Very Lazy Techbug-bounty, oscp-preparation, hacking, oscp, privilege-escalation25-Apr-2025
Understanding Template Engines & Server-Side Template Injection (SSTI)https://medium.com/@yashpawar1199/understanding-template-engines-server-side-template-injection-ssti-81ecf2fefc19?source=rss------bug_bounty-5Yash Pawar @HackersParadisessti-exploitation, penetration-testing, bug-bounty, ssti, web-hacking25-Apr-2025
Web App Reconnaissance Like a Spy ️‍♂️: Tools & Techniques for 2025https://medium.com/@vipulsonule71/web-app-reconnaissance-like-a-spy-%EF%B8%8F-%EF%B8%8F-tools-techniques-for-2025-072032e31adf?source=rss------bug_bounty-5Vipul Sonulebug-bounty-tips, bug-bounty, hacking, infosec, cybersecurity25-Apr-2025
#ERROR!https://medium.com/@zoningxtr/what-is-javascript-and-why-hackers-love-it-b6135b3d089e?source=rss------bug_bounty-5Zoningxtrpenetration-testing, web-development, cybersecurity, bug-bounty, javascript25-Apr-2025
Red Team Recruitment Testhttps://medium.com/@alirezamokhtari82/red-team-recruitment-test-899059166128?source=rss------bug_bounty-5Alireza Mokhtaribug-bounty, red-team, hacking25-Apr-2025
$5,000 Bounty: How iScan.today Helped Me Find a Verified GitHub Token with Org-Wide Write Accesshttps://medium.com/@arshadkazmi42/5-000-bounty-how-iscan-today-helped-me-find-a-verified-github-token-with-org-wide-write-access-615e999a0219?source=rss------bug_bounty-5Arshad Kazmibounties, github-token, iscan, bug-bounty, hackerone-report25-Apr-2025
Before Code Runs: Understanding the JavaScript Execution Environmenthttps://medium.com/@zoningxtr/before-code-runs-understanding-the-javascript-execution-environment-fe79047926af?source=rss------bug_bounty-5Zoningxtrbug-bounty, cybersecurity, penetration-testing, javascript, code-review25-Apr-2025
Mastering HTTPS Traffic Interception in Flutter Using Burp Suitehttps://hatemmohamedabdallah.medium.com/mastering-https-traffic-interception-in-flutter-using-burp-suite-13c02b968bf4?source=rss------bug_bounty-5Hatem Mohamed Abdallahbug-bounty-writeup, mobile-security, bug-bounty, flutter, android-security25-Apr-2025
Hidden Entrances: Where javascript: URLs Are Still Allowedhttps://medium.com/@zoningxtr/hidden-entrances-where-javascript-urls-are-still-allowed-a52842c6aee6?source=rss------bug_bounty-5Zoningxtrbug-bounty, web-development, penetration-testing, javascript, cybersecurity25-Apr-2025
Burp Suite’s Latest Arsenal: AI Power, Smarter Scanning, and Workflow Wizardhttps://bitpanic.medium.com/burp-suites-latest-arsenal-ai-power-smarter-scanning-and-workflow-wizard-42d54edf283f?source=rss------bug_bounty-5Spectat0rguytechnology, programming, bug-bounty, bug-bounty-tips, cybersecurity25-Apr-2025
OOP in Programminghttps://medium.com/@migo.ee0/oop-in-programming-bc0ca618db63?source=rss------bug_bounty-5Migo eeoop, cyebrsecurity, programming, pentesting, bug-bounty25-Apr-2025
Next.js Middleware Vulnerability: How CVE-2025–29927 Enables Authorization Bypasshttps://medium.com/@nitinsgavane/next-js-middleware-vulnerability-how-cve-2025-29927-enables-authorization-bypass-1e0293d10e24?source=rss------bug_bounty-5Nitin Gavhanemiddleware-vulnerability, authorization-bypass, nextjs, cve-2025-29927, bug-bounty25-Apr-2025
From 403 Forbidden to PII Exposure: How I Escalated a Low-Severity Bug to a High P2https://medium.com/@arrasgotcha/from-403-forbidden-to-pii-exposure-how-i-escalated-a-low-severity-bug-to-a-high-p2-915a9b814ce6?source=rss------bug_bounty-5Gotcha1Gweb, hackerone, hacking, development, bug-bounty25-Apr-2025
Null Byte Injection Attackhttps://medium.com/@adhamhashem2024/null-byte-injection-attack-a01de121e376?source=rss------bug_bounty-5Adham Hashemvulnerability, penetration-testing, bug-bounty, cybersecurity, attack25-Apr-2025
We share a pool of $500k in the Bug Bounty eventhttps://medium.com/@kiyotosage/we-share-a-pool-of-500k-in-the-bug-bounty-event-3adf9e9cce0b?source=rss------bug_bounty-5Kiyot0Sagestonfi, bug-bounty, crypto25-Apr-2025
Делим пул 500к$ в ивенте Bug Bountyhttps://medium.com/@kiyotosage/%D0%B4%D0%B5%D0%BB%D0%B8%D0%BC-%D0%BF%D1%83%D0%BB-500%D0%BA-%D0%B2-%D0%B8%D0%B2%D0%B5%D0%BD%D1%82%D0%B5-bug-bounty-b48eabc3407c?source=rss------bug_bounty-5Kiyot0Sagestonfi, crypto, bug-bounty25-Apr-2025
A list of search engines for OSINT investigators and ethical hackers(PART 2)https://medium.com/@loyalonlytoday/a-list-of-search-engines-for-osint-investigators-and-ethical-hackers-part-2-1dd7b3d54b6f?source=rss------bug_bounty-5loyalonlytodaycybersecurity, search-engines, hacking, bug-bounty, tips24-Apr-2025
Hijacking Trust: The Parallels Between Use-After-Free and Insecure Deserializationhttps://medium.com/@MasoudAbdaal/hijacking-trust-the-parallels-between-use-after-free-and-insecure-deserialization-a12c587a2987?source=rss------bug_bounty-5Masoud Abdaalexploit, insecure-deserialization, bug-bounty, c-programming, heap-memory24-Apr-2025
Arjun: The Ultimate Parameter Discovery Tool For Bug Huntershttps://medium.com/@lancersiromony/arjun-the-ultimate-parameter-discovery-tool-for-bug-hunters-6ead8aaf295b?source=rss------bug_bounty-5IronGhostbug-bounty, querystring, hacking, arjun, fuzzing24-Apr-2025
Bug Bounty: failure experience recordshttps://medium.com/@smilemil/bug-bounty-failure-experience-records-62e928efd54a?source=rss------bug_bounty-5smilemilbug-bounty24-Apr-2025
I Used AI to Write a Payload… And It Worked (Sort of)https://infosecwriteups.com/i-used-ai-to-write-a-payload-and-it-worked-sort-of-55b6860d8be9?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, ai, hacking, chatgpt, bug-bounty24-Apr-2025
From 0 to Hacker Herohttps://medium.com/@omkumar.coder/from-0-to-hacker-hero-e9b8b8c0d1af?source=rss------bug_bounty-5om kumarbug-bounty, cybersecurity, hacking, penetration-testing, ctf24-Apr-2025
Hostile Host Headers: How I Hijacked the App with One Sneaky Headerhttps://medium.com/@iski/hostile-host-headers-how-i-hijacked-the-app-with-one-sneaky-header-42c7dd82d2bc?source=rss------bug_bounty-5Iskicybersecurity, money, infosec, hacking, bug-bounty24-Apr-2025
Mastering Linux Privilege Escalation: Part 2 — Cron, Sudo, Kernel, and PATH Exploitshttps://medium.com/@verylazytech/mastering-linux-privilege-escalation-part-2-cron-sudo-kernel-and-path-exploits-ace9404ecfec?source=rss------bug_bounty-5Very Lazy Techoscp, oscp-preparation, ethical-hacking, privilege-escalation, bug-bounty24-Apr-2025
Hostile Host Headers: How I Hijacked the App with One Sneaky Headerhttps://infosecwriteups.com/hostile-host-headers-how-i-hijacked-the-app-with-one-sneaky-header-42c7dd82d2bc?source=rss------bug_bounty-5Iskicybersecurity, money, infosec, hacking, bug-bounty24-Apr-2025
How I’m Learning Web3.0(Blockchain) Bug Bounties from Scratch And Sharing Everything.https://nitin-nitingutte-gutte.medium.com/how-im-learning-web3-blockchain-bug-bounties-from-scratch-and-sharing-everything-d8cf248121b4?source=rss------bug_bounty-5Nitin Guttesolidity, blockchain, web3, bug-bounty, smart-contracts24-Apr-2025
Bypassed the Invite Flow, Gained Admin Accesshttps://medium.com/@yassentaalab51/bypassed-the-invite-flow-gained-admin-access-d37347d57468?source=rss------bug_bounty-5Killuaweb-security, bug-bounty-tips, penetration-testing, broken-access-control, bug-bounty24-Apr-2025
How I Bypassed Template Escaping and Triggered a Reflected XSS Popuphttps://medium.com/@zoningxtr/how-i-bypassed-template-escaping-and-triggered-a-reflected-xss-popup-9567d45fd31c?source=rss------bug_bounty-5Zoningxtrcybersecurity, bug-bounty, penetration-testing, web-development, javascript24-Apr-2025
Bug Hunting for Real: Tools, Tactics, and Truths No One Talks Abouthttps://ehteshamulhaq198.medium.com/bug-hunting-for-real-tools-tactics-and-truths-no-one-talks-about-661f6786d5b3?source=rss------bug_bounty-5Ehtesham Ul Haqwriteup, bug-bounty, reconnaissance, rewards, penetration-testing24-Apr-2025
Insecure Direct Object Reference (IDOR) in a Government Portalhttps://akashxak.medium.com/insecure-direct-object-reference-idor-in-a-government-portal-973758a23473?source=rss------bug_bounty-5Akash kumar Kethical-hacking, cert-in, idor-vulnerability, cybersecurity, bug-bounty24-Apr-2025
How I Reported My First Vulnerabilityhttps://medium.com/@0x004sec/how-i-reported-my-first-vulnerability-b4504ed77ec5?source=rss------bug_bounty-50x004secbug-bounty-tips, bug-bounty-writeup, xss-vulnerability, hackerone, bug-bounty24-Apr-2025
Found a bug? Get rewarded!https://medium.com/@roma_k90/found-a-bug-get-rewarded-94a922aa8ff9?source=rss------bug_bounty-5Romabug-bounty, ton, stonfi, ecosystem, money24-Apr-2025
Нашёл баг — получил награду!https://medium.com/@roma_k90/%D0%BD%D0%B0%D1%88%D1%91%D0%BB-%D0%B1%D0%B0%D0%B3-%D0%BF%D0%BE%D0%BB%D1%83%D1%87%D0%B8%D0%BB-%D0%BD%D0%B0%D0%B3%D1%80%D0%B0%D0%B4%D1%83-e936631f5e02?source=rss------bug_bounty-5Romanews, money, smart-contracts, bug-bounty, stonfi24-Apr-2025
Broken Access Control - Unauthorized users able to add customerhttps://medium.com/@MrPlufy/broken-access-control-unauthorized-users-able-to-add-customer-fd8176343650?source=rss------bug_bounty-5Ahmad Tazkiarni Ramadhanbug-bounty, cybersecurity, penetration-testing, bug-hunting, broken-access-control24-Apr-2025
Inject, Exploit, Repeat: Real-World Adventures in XSShttps://medium.com/@es0557533/inject-exploit-repeat-real-world-adventures-in-xss-a8fd8f7066c8?source=rss------bug_bounty-5Isvbug-bounty-tips, xss-attack, bug-bounty, cybersecurity, bug-bounty-writeup24-Apr-2025
A list of search engines for OSINT investigators and ethical hackers(PART 1)https://medium.com/@loyalonlytoday/a-list-of-search-engines-for-osint-investigators-and-ethical-hackers-part-1-4b035cfc271a?source=rss------bug_bounty-5loyalonlytodaycybersecurity, bug-bounty, hacking, osint, search-engines23-Apr-2025
No rate limithttps://medium.com/@eng.mahmoudbughunter/no-rate-limit-dbb663690fe6?source=rss------bug_bounty-5mahmoud faragpenetration-testing, bug-bounty, hunting23-Apr-2025
#ERROR!https://medium.com/@zoningxtr/%EF%B8%8Fxss-prevention-101-why-using-value-keeps-your-javascript-secure-52d9e062ca13?source=rss------bug_bounty-5Zoningxtrjavascript, bug-bounty, penetration-testing, web-development, xss-attack23-Apr-2025
How I Found Multiple Bugs On Dell Using Reconnaissance (OSINT)https://medium.com/@root0x30/how-i-found-multiple-bugs-on-dell-using-reconnaissance-osint-b71e06fa9031?source=rss------bug_bounty-5Mohit_Negidell, reconnaissance, osint, bug-bounty, red-team23-Apr-2025
Securing HTML Forms Against XSS: A Practical Guide with DOM Methods, Safe JavaScript, and…https://medium.com/@zoningxtr/securing-html-forms-against-xss-a-practical-guide-with-dom-methods-safe-javascript-and-74596ebc9064?source=rss------bug_bounty-5Zoningxtrweb-development, bug-bounty, javascript, html, penetration-testing23-Apr-2025
FOFA Recon for Hidden HackerOne & Bugcrowd Programshttps://medium.com/meetcyber/fofa-recon-for-hidden-hackerone-bugcrowd-programs-e285610bf8a5?source=rss------bug_bounty-5AbhirupKonwarosint, bug-bounty-tips, infosec, bug-bounty-program, bug-bounty23-Apr-2025
❌ Top 10 Mistakes Beginners Make in Bug Bounty — Avoid These!https://infosecwriteups.com/top-10-mistakes-beginners-make-in-bug-bounty-avoid-these-5140f8a5b22b?source=rss------bug_bounty-5Abhijeet Kumawathacking, bug-bounty, infosec, cybersecurity, ai23-Apr-2025
Account Takeover via Email Verification Logic Flawhttps://medium.com/@rolextital/account-takeover-via-email-verification-logic-flaw-a8755f2bc08f?source=rss------bug_bounty-5Rolextitalaccount-takeover, ethical-hacking, web-application-security, cybersecurity, bug-bounty23-Apr-2025
Stored + Reflected XSS on Live Website!https://medium.com/@Nextk/my-journey-from-being-sad-to-getting-a-xss-c0c6a59161f2?source=rss------bug_bounty-5Nextkwaf-detection, bug-bounty, filter-detection, xss-vulnerability, easy23-Apr-2025
Ultimate Bug Bounty Roadmap 2025 — From Zero to Prohttps://mrblogger.medium.com/ultimate-bug-bounty-roadmap-2025-from-zero-to-pro-51373869a243?source=rss------bug_bounty-5Mr Bloggerethical-hacking, cybersecurity, bug-bounty, books, bug-bounty-202523-Apr-2025
Mastering Linux Privilege Escalation: Part 1 — The Fundamentalshttps://medium.com/@verylazytech/mastering-linux-privilege-escalation-part-1-the-fundamentals-01e662e86b1b?source=rss------bug_bounty-5Very Lazy Techprivilege-escalation, ethical-hacking, oscp, oscp-preparation, bug-bounty23-Apr-2025
How to Find Your First Business Logic Vulnerability in a Bug Bounty Program | Step-by-Step Guide |…https://medium.com/@shaikhminhaz1975/how-to-find-your-first-business-logic-vulnerability-in-a-bug-bounty-program-step-by-step-guide-17a6f9785c93?source=rss------bug_bounty-5Shaikh Minhazvulnerability, cybersecurity, ethical-hacking, penetration-testing, bug-bounty23-Apr-2025
The Hidden Recon Routines That Don’t Show Up in Anyone’s Toolkithttps://myselfakash20.medium.com/the-hidden-recon-routines-that-dont-show-up-in-anyone-s-toolkit-0612511c8cc2?source=rss------bug_bounty-5Akash Ghoshmindset, bug-bounty, cybersecurity, technology, bug-bounty-tips23-Apr-2025
How to Create a Botnet Using One Tool: A Proof of Concept for Educational Purposes Aspiring…https://infosecwriteups.com/how-to-create-a-botnet-using-one-tool-a-proof-of-concept-for-educational-purposes-aspiring-d5e7f3d6e10f?source=rss------bug_bounty-5Elie Attiehbug-hunter, bug-bounty, penetration-testing, cybersecurity, botnet23-Apr-2025
Exposing SMTP Misconfigurations: STARTTLS and Self-Signed Certshttps://mrdineshpathro.medium.com/exposing-smtp-misconfigurations-starttls-and-self-signed-certs-01e5ff9a3367?source=rss------bug_bounty-5Dinesh Pathrobug-zero, bugs, bug-bounty-tips, bug-bounty, bug-bounty-writeup23-Apr-2025
Understanding CVEs and CVSShttps://medium.com/@sherlock297/understanding-cves-and-cvss-4f778f144aaa?source=rss------bug_bounty-5Ravindra Dagalevulnerability, cvss, cve, cybersecurity, bug-bounty23-Apr-2025
Burp, Bounce, and Break: How Web Cache Poisoning Let Me Control the Apphttps://infosecwriteups.com/burp-bounce-and-break-how-web-cache-poisoning-let-me-control-the-app-be173528ff8a?source=rss------bug_bounty-5Iskiinfosec, cybersecurity, money, bug-bounty, hacking23-Apr-2025
BB01 - Advanced Recon: Taking Your Subdomain Discovery to the Next Levelhttps://r4gh4v.medium.com/bb01-advanced-recon-taking-your-subdomain-discovery-to-the-next-level-0d2538d1f3a9?source=rss------bug_bounty-5r4gh4vsubdomains-enumeration, reconnaissance, hacker, bug-bounty, hackerone23-Apr-2025
How I Was Able to Make $50 Using Only My Mobile Phone Through Information Disclosure By Google…https://medium.com/@xhacking_z/how-i-was-able-to-make-50-using-only-my-mobile-phone-through-information-disclosure-by-google-a332a5a6e030?source=rss------bug_bounty-5Omarmy-first-bounty, bug-bounty, google-dorking, hackerone23-Apr-2025
Michael Yonesi shares his Top 5 Cybersecurity Tips You Can’t Afford to Ignorehttps://medium.com/@michael.yonesi/michael-yonesi-shares-his-top-5-cybersecurity-tips-you-cant-afford-to-ignore-5efc5e677ea7?source=rss------bug_bounty-5Michael Younsihacking, cybersecurity, bug-bounty, security23-Apr-2025
Ethically hacking Android phones with Phonesploithttps://medium.com/@zishanfiroz/ethically-hacking-android-phones-with-phonesploit-b95924d50c89?source=rss------bug_bounty-5Md Zishan Firozcybersecurity, technology, hacking, bug-bounty23-Apr-2025
Bug Bounty Recon: CIDR, ASN & Subdomain Enumeration Guidehttps://sinhaamrit.medium.com/bug-bounty-recon-cidr-asn-subdomain-enumeration-guide-25c447af9c40?source=rss------bug_bounty-5Amrit Sinhahacking, cybersecurity, tools, bug-bounty, networking23-Apr-2025
Unauthorized Users Could Disclose Information and Execute GraphQL Operations After Permission…https://medium.com/@blackarazi/unauthorized-users-could-disclose-information-and-execute-graphql-operations-after-permission-961094edf7c8?source=rss------bug_bounty-5Azhari Harahapbug-bounty-writeup, websocket, application-security, bug-bounty, graphql23-Apr-2025
One Root Cause, Many Faces: The 6 Silent CSRF That Got Buriedhttps://medium.com/@hamdiyasin135/one-root-cause-many-faces-the-6-silent-csrf-that-got-buried-2dec4472744a?source=rss------bug_bounty-5yassin hamdibug-bounty, csrf, hacking, cybersecurity23-Apr-2025
$12,000 Bounty Won: Uncovering GitLab’s Hidden Data Leak Flawhttps://osintteam.blog/12-000-bounty-won-uncovering-gitlabs-hidden-data-leak-flaw-d623b6b3cff1?source=rss------bug_bounty-5Monika sharmareport, hacking, bug-bounty, technology, penetration-testing23-Apr-2025
Directory Bruteforcing Techniques: Find Hidden Treasures in Websites ️https://medium.com/@vipulsonule71/directory-bruteforcing-techniques-find-hidden-treasures-in-websites-%EF%B8%8F-c11f2f14a7d3?source=rss------bug_bounty-5Vipul Sonulehacking, cybersecurity, tech, bug-bounty, bug-bounty-tips23-Apr-2025
Bypassing Modern WAFs: Techniques That Still Work ️https://medium.com/@vipulsonule71/bypassing-modern-wafs-techniques-that-still-work-%EF%B8%8F-35a6aec5f90f?source=rss------bug_bounty-5Vipul Sonulebug-bounty-tips, bug-bounty, penetration-testing, hacking, cybersecurity23-Apr-2025
How Android Works (And Why It Actually Matters If You Wanna Hack It)https://medium.com/@muhammedshemil25/how-android-works-and-why-it-actually-matters-if-you-wanna-hack-it-d74ded88bac1?source=rss------bug_bounty-5Muhammed.shemilmobile-security, ctf, bug-bounty, android-security, cybersecurity23-Apr-2025
BB01 — Advanced Recon: Taking Your Subdomain Discovery to the Next Levelhttps://r4gh4v.medium.com/bb01-advanced-recon-taking-your-subdomain-discovery-to-the-next-level-0d2538d1f3a9?source=rss------bug_bounty-5r4gh4vsubdomains-enumeration, reconnaissance, hacker, bug-bounty, hackerone23-Apr-2025
Phishing-Style Link Reflected on Microsoft Azure Portal — Not XSS, But Still Trickyhttps://medium.com/@melege/phishing-style-link-reflected-on-microsoft-azure-portal-not-xss-but-still-tricky-559bde6f8252?source=rss------bug_bounty-5Ahmed AbdElmaqsoudbug-bounty, security, azure, ux-design, phishing23-Apr-2025
CSRF Vulnerability in EchoStar Companyhttps://medium.com/@youssefmohamed_84205/csrf-vulnerability-in-echostar-company-ffecbc6edc24?source=rss------bug_bounty-5Youssef Mohamedbug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty23-Apr-2025
️ How I Emulated a Real XSS Vulnerability with Just an Tag — A Practical Guide to…https://medium.com/@zoningxtr/%EF%B8%8F-how-i-emulated-a-real-xss-vulnerability-with-just-an-img-tag-a-practical-guide-to-7fb69d4ec46f?source=rss------bug_bounty-5Zoningxtrpenetration-testing, xss-attack, web-development, javascript, bug-bounty23-Apr-2025
learning how systems fall aparthttps://medium.com/@orxxin/learning-how-systems-fall-apart-b7fd9e42bbb7?source=rss------bug_bounty-5or//inbug-bounty, penetration-testing, learning, infosec23-Apr-2025
One Root Cause, Many Faces: The 6 Silent CSRF That Got Buriedhttps://hamdiyasin135.medium.com/one-root-cause-many-faces-the-6-silent-csrf-that-got-buried-2dec4472744a?source=rss------bug_bounty-5yassin hamdibug-bounty, csrf, hacking, cybersecurity23-Apr-2025
When System Information is Revealed Unknowingly!!https://spider7.medium.com/silent-leaks-ketika-informasi-sistem-dibuka-tanpa-disadari-1b1343d7a1ae?source=rss------bug_bounty-5N/Apoc, bug-bounty, hacker, bug-bounty-tips22-Apr-2025
How to Start Bug Bounty in 2025 (No Experience, No Problem)https://infosecwriteups.com/how-to-start-bug-bounty-in-2025-no-experience-no-problem-89adc68da592?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, hacking, 2025, infosec, bug-bounty22-Apr-2025
Spotting Beaconing Behaviour in Windows Systems: Analysing Timing Patterns in Network Connectionshttps://medium.com/@paritoshblogs/spotting-beaconing-behaviour-in-windows-systems-analysing-timing-patterns-in-network-connections-b41d187b346e?source=rss------bug_bounty-5Paritoshnetwork, beaconing, hacking, cybersecurity, bug-bounty22-Apr-2025
How Did I Hack a Website Just by Reading Its JavaScripthttps://medium.com/developersglobal/how-did-i-hack-a-website-just-by-reading-its-javascript-809f5f755e3d?source=rss------bug_bounty-5Ibtissam Hammadihacking, stored-xss, web-security, bug-bounty, javascript22-Apr-2025
Why JWTs Valid After Logout: A Pentester’s Guide to Testing and Securing Tokenshttps://medium.com/@dr34mb0y/why-jwts-valid-after-logout-a-pentesters-guide-to-testing-and-securing-tokens-6fb232fe57d9?source=rss------bug_bounty-5Sid Joshiweb-security, secure-coding, pentesting, bug-bounty, jwt-exploitation22-Apr-2025
Why I’m Diving Into Android Pentesting in 2025https://medium.com/@muhammedshemil25/why-im-diving-into-android-pentesting-in-2025-c9c78c4f57ac?source=rss------bug_bounty-5Muhammed.shemilandroid-pentesting, bug-bounty, ctf, mobile-security, ethical-hacking22-Apr-2025
404 to 0wnage: How a Broken Link Led Me to Admin Panel Accesshttps://infosecwriteups.com/404-to-0wnage-how-a-broken-link-led-me-to-admin-panel-access-2b58e1fffaa3?source=rss------bug_bounty-5Iskiinfosec, bug-bounty, money, hacking, cybersecurity22-Apr-2025
Privilege Escalation using Client-Side Path Traversalhttps://aboalezz1.medium.com/privilege-escalation-using-client-side-path-traversal-e1d0762a966d?source=rss------bug_bounty-5Mohamed AboAlezzcybersecurity, bugbounty-writeup, bug-bounty, ethical-hacking, bug-bounty-tips22-Apr-2025
Why You’re Not Finding Bugs Yet — And How I’m Fixing Ithttps://medium.com/@k4r7h1kn/why-youre-not-finding-bugs-yet-and-how-i-m-fixing-it-072a84e4fcf4?source=rss------bug_bounty-5Karthikeyanbug-zero, bugs, bug-bounty-tips, bug-bounty, bug-bounty-writeup22-Apr-2025
NTP — Port 123/UDP — How to exploit?https://medium.com/@verylazytech/ntp-port-123-udp-how-to-exploit-051e82cdde08?source=rss------bug_bounty-5Very Lazy Techethical-hacking, bug-bounty, penetration-testing, exploit, ntp22-Apr-2025
‍Crack Into Cybersecurity: A Beginner’s Roadmap Powered by AIhttps://medium.com/@aashish21/crack-into-cybersecurity-a-beginners-roadmap-powered-by-ai-f5dc949595a6?source=rss------bug_bounty-5Aashish Bawejabug-bounty, hacking, artificial-intelligence, cybersecurity22-Apr-2025
Why Did This Simple Bug Pay $5K in 24 Hourshttps://medium.com/@ibtissamhammadi/why-did-this-simple-bug-pay-5k-in-24-hours-cc35a761ae12?source=rss------bug_bounty-5Ibtissam Hammadiprogramming, bug-bounty, technology, cybersecurity, hacking22-Apr-2025
Security Vulnerabilities in Autonomous AI Agentshttps://fdzdev.medium.com/security-vulnerabilities-in-autonomous-ai-agents-26f905b2dc36?source=rss------bug_bounty-5Facundo Fernandezbug-bounty, artificial-intelligence, ai-agent, cybersecurity, machine-learning22-Apr-2025
CVE-2023-40723: Sensitive Information Disclosure in FortiSIEM via Crafted API Requestshttps://medium.com/@knowingly_majesty_tortoise_414/cve-yyyy-xxxx-sensitive-information-disclosure-in-fortisiem-via-crafted-api-requests-10e2519fd90c?source=rss------bug_bounty-5Lance Yeawbug-bounty, security-research, security, fortinet, hacking22-Apr-2025
Sensitive Data Exposure + Public Recon = Instant Account Takeoverhttps://medium.com/@GERRR4Y/sensitive-data-exposure-public-recon-instant-account-takeover-97c2ae752720?source=rss------bug_bounty-5Aya Ayman(GERR4Y)bug-bounty, ato, osint22-Apr-2025
From Curiosity to Report: My First Bug on a Live E-commerce Sitehttps://vux06.medium.com/from-curiosity-to-report-my-first-bug-on-a-live-e-commerce-site-dfa2dc46cd88?source=rss------bug_bounty-5Vux06bug-bounty, xss-attack, sql-injection, hacking, html-injection22-Apr-2025
How I made $64k from deleted files — a bug bounty storyhttps://medium.com/@sharon.brizinov/how-i-made-64k-from-deleted-files-a-bug-bounty-story-c5bd3a6f5f9b?source=rss------bug_bounty-5Sharon Brizinovgithub, hacking, bug-bounty, security22-Apr-2025
Broken Logic, Free Features: A Deep Dive into Access Control Failureshttps://medium.com/@es0557533/broken-logic-free-features-a-deep-dive-into-access-control-failures-7b5db28f0060?source=rss------bug_bounty-5Isvbugbounty-writeup, bug-bounty, broken-access-control, bug-bounty-tips22-Apr-2025
Day 12 Blind SQL injection with conditional errors — Zero to Hero Blind Injection — Portswiggerhttps://arayofhope7.medium.com/day-12-blind-sql-injection-with-conditional-errors-zero-to-hero-blind-injection-portswigger-e94f9e3977a5?source=rss------bug_bounty-5RayofHopeethical-hacking, bug-bounty, cybersecurity, web-penetration-testing, penetration-testing22-Apr-2025
CVE-2023-40723: Agent2Shellv2https://medium.com/@knowingly_majesty_tortoise_414/cve-yyyy-xxxx-sensitive-information-disclosure-in-fortisiem-via-crafted-api-requests-10e2519fd90c?source=rss------bug_bounty-5Lance Yeawbug-bounty, security-research, security, fortinet, hacking22-Apr-2025
Bypass Verification Code in Reset Password Endpointhttps://firdausmuhammadismail.medium.com/bypass-verification-code-in-reset-password-endpoint-91c2fa97e27b?source=rss------bug_bounty-5Firdaus Muhammad Ismailbypass, verification, bug-bounty-tips, bug-bounty, vulnerability21-Apr-2025
Automated Shodan Recon (bug bounty)https://medium.com/@loyalonlytoday/automated-shodan-recon-bug-bounty-776489cf8b6c?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, automation, cybersecurity, hacking, bug-bounty21-Apr-2025
I Clicked a Random Button in Google Slides — Then Google Paid Me $2,240https://infosecwriteups.com/i-clicked-a-random-button-in-google-slides-then-google-paid-me-2-240-22e1c0ca0535?source=rss------bug_bounty-5Ibtissam Hammadigoogle, technology, google-hacking, bug-bounty, cybersecurity21-Apr-2025
The Tools I Use for Bug Bounty Hunting?https://devprogramming.medium.com/the-tools-i-use-for-bug-bounty-hunting-5e544af7df44?source=rss------bug_bounty-5DevProgrammingcybersecurity, ethical-hacking, bug-bounty, infosec, hacking21-Apr-2025
How I Found a Facebook IDOR Bug in 15 Minutes (And How You Can Too)https://medium.com/@ibtissamhammadi/how-i-found-a-facebook-idor-bug-in-15-minutes-and-how-you-can-too-3ca4c6378b7c?source=rss------bug_bounty-5Ibtissam Hammadiethical-hacking, cybersecurity, idor, facebook-security, bug-bounty21-Apr-2025
[Vulnerability Campaign] Protect TECNO deviceshttps://medium.com/@security.tecno/vulnerability-campaign-protect-tecno-devices-070e2324175a?source=rss------bug_bounty-5TECNO Securitybug-bounty, hacking, security, report21-Apr-2025
Authentication Bypass Using Logic Flaws — Real Example + Fixeshttps://infosecwriteups.com/authentication-bypass-using-logic-flaws-real-example-fixes-f80f66587b2c?source=rss------bug_bounty-5Abhijeet Kumawathacker, ai, cybersecurity, infosec, bug-bounty21-Apr-2025
️ Hacking and Securing Kubernetes: A Deep Dive into Cluster Securityhttps://infosecwriteups.com/%EF%B8%8F-hacking-and-securing-kubernetes-a-deep-dive-into-cluster-security-f84436f6544a?source=rss------bug_bounty-5Ajay Naikcybersecurity, bug-bounty, kubernetes, penetration-testing, information-security21-Apr-2025
Stored XSS Led to OAuth App Credential Theft and Info Disclosurehttps://ehteshamulhaq198.medium.com/stored-xss-led-to-oauth-app-credential-theft-and-info-disclosure-85545fca3948?source=rss------bug_bounty-5Ehtesham Ul Haqxss-attack, bug-bounty-tips, bug-bounty, penetration-testing, infosec21-Apr-2025
✅ JWT Security Testing Test Caseshttps://infosecwriteups.com/jwt-security-testing-test-cases-80db5ba4e8a1?source=rss------bug_bounty-5Ajay Naikjwt, penetration-testing, cybersecurity, bug-bounty, information-security21-Apr-2025
​​$1,200 Bounty — IDOR via Phantom API and Parameter Manipulation​https://medium.com/@cadeeper/1-200-bounty-idor-via-phantom-api-and-parameter-manipulation-1f9a9d84f467?source=rss------bug_bounty-5Invikpentesting, cybersecurity, bug-bounty, hacking, bug-bounty-writeup21-Apr-2025
️ The JSON Backdoor: How I Exploited Insecure Deserialization for RCEhttps://infosecwriteups.com/%EF%B8%8F-the-json-backdoor-how-i-exploited-insecure-deserialization-for-rce-1d8aa4130564?source=rss------bug_bounty-5Iskihacking, money, infosec, cybersecurity, bug-bounty21-Apr-2025
Find first Bug [Simple But Critical Bug] That gives you a lot of Bountyhttps://medium.com/@hrofficial62/find-first-bug-simple-but-critical-bug-that-gives-you-a-lot-of-bounty-93b4107ffd82?source=rss------bug_bounty-5Mr Horbiobug-bounty, hacking, cybersecurity, ethical-hacking, penetration-testing21-Apr-2025
Hunting in the labyrinth: Your edge lies in understanding business contexhttps://medium.com/@luthierc/hunting-in-the-labyrinth-your-edge-lies-in-understanding-business-contex-bebeced6dca2?source=rss------bug_bounty-5Luthierctechnology, cybersecurity, bug-bounty, owasp, business21-Apr-2025
Open Redirect Vulnerabilities: How Small Bugs Lead to Big Rewardshttps://medium.com/@vipulsonule71/open-redirect-vulnerabilities-how-small-bugs-lead-to-big-rewards-8d925553dabd?source=rss------bug_bounty-5Vipul Sonulecybersecurity, hacking-tools, hacking, bug-bounty-tips, bug-bounty21-Apr-2025
️ Breaking the Chain of Command: A Critical Team Management DoS via Role Update Abusehttps://medium.com/@nhlimon37/%EF%B8%8F-breaking-the-chain-of-command-a-critical-team-management-dos-via-role-update-abuse-94c1188629b9?source=rss------bug_bounty-5NH Limon ️bug-bounty21-Apr-2025
How I Changed Other Users’ Names on a data integration platform’s team management system as an…https://medium.com/@nhlimon37/how-i-changed-other-users-names-on-a-data-integration-platform-s-team-management-system-as-an-6a47cb98d0e1?source=rss------bug_bounty-5NH Limon ️bug-bounty21-Apr-2025
Web Shells: The Hidden Backdoors Lurking in Your Serverhttps://medium.com/@zrhmz12/web-shells-the-hidden-backdoors-lurking-in-your-server-3ccd3ca8e736?source=rss------bug_bounty-5Zrhmzfile-upload-vulnerability, penetration-testing, webshell, bug-bounty, vulnerability21-Apr-2025
The Blank Page That Hid a Bughttps://infosecwriteups.com/when-a-blank-page-that-hid-a-bug-c0214390d68c?source=rss------bug_bounty-5SIDDHANT SHUKLAhacking, bug-bounty, programming, cybersecurity, vulnerability21-Apr-2025
Next.js CVE-2025–29927 hackinghub walkthroughhttps://medium.com/@abhishek-ji/next-js-cve-2025-29927-hackinghub-walkthrough-f7893cdd90c4?source=rss------bug_bounty-5Abhishek Guptacybersecurity, bug-bounty-tips, bug-bounty, nextjs, web-development21-Apr-2025
Stop Paying for Dozens of Subdomain Tools and Do All Your Enumeration and Recon in One Placehttps://medium.com/@alexandrevandammepro/stop-paying-for-dozens-of-subdomain-tools-and-do-all-your-enumeration-and-recon-in-one-place-19412c592375?source=rss------bug_bounty-5Alexandre Vandammebugbounty-tips, technology, bug-bounty, cybersecurity, infosec21-Apr-2025
That One Time a Forgotten Endpoint Earned Me $$$$$https://medium.com/@dhirenkumar/that-one-time-a-forgotten-endpoint-earned-me-5367838d3ea8?source=rss------bug_bounty-5pradhaninfosec, cybersecurity, hacking, bug-bounty, writeup20-Apr-2025
MOBSF Installation Guide 2025 Apple Silicons MACShttps://medium.com/offensive-black-hat-hacking-security/mobsf-installation-guide-2025-apple-silicons-macs-0f4718f15004?source=rss------bug_bounty-5Harshad Shahcybersecurity, bug-bounty, mobile, mobile-apps, penetration-testing20-Apr-2025
Finding a Password Bypass on Instagram in less than 3 dayshttps://medium.com/@hacktheplanet/finding-a-password-bypass-on-instagram-in-less-than-3-days-b84569c242ce?source=rss------bug_bounty-5SirHaxAlotinstagram, sirhaxalot, bug-bounty, ethical-hacking20-Apr-2025
The $12,000 Redirect, a Misconfigured URLhttps://medium.com/@dhirenkumar/the-12-000-redirect-a-misconfigured-url-f27cba89b622?source=rss------bug_bounty-5pradhanbug-bounty, hacking, cybersecurity, infosec, writeup20-Apr-2025
The Critical Role of Information Security Across the Software Development Lifecycle (SDLC)https://medium.com/@rezauditore/the-critical-role-of-information-security-across-the-software-development-lifecycle-sdlc-1e69fc1f59b6?source=rss------bug_bounty-5rezauditoreprogramming, hacking, bug-bounty, sdlc, software-development20-Apr-2025
Chaining Bugs Like a Hacker: IDOR to Account Takeover in 10 Minuteshttps://infosecwriteups.com/chaining-bugs-like-a-hacker-idor-to-account-takeover-in-10-minutes-db0cba198007?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, hacking, bug-bounty, ai, cybersecurity20-Apr-2025
Get a Free Ubuntu VPS Forever for Your Projects with Superfast Internethttps://r4gh4v.medium.com/get-a-free-ubuntu-vps-forever-for-your-projects-with-superfast-internet-06259b8777f1?source=rss------bug_bounty-5r4gh4vlinux, bug-bounty, vps-hosting, hacking, vps20-Apr-2025
$1000 Bounty Won: The Amazing Winhttps://infosecwriteups.com/1000-bounty-won-the-amazing-win-22da06954089?source=rss------bug_bounty-5Monika sharmahacking, bug-bounty, bug-bounty-tips, report, technology20-Apr-2025
Winning Swags and Hall of Fame for Finding bugs.https://infosecwriteups.com/winning-swags-and-hall-of-fame-for-finding-bugs-7402555fefe3?source=rss------bug_bounty-5RivuDonbug-bounty-hunter, bug-bounty-writeup, bug-bounty-tips, bug-bounty20-Apr-2025
How I Hijacked OAuth Tokens Through a Parallel Auth Flow Race Condition — $8500 P1 Bug Bountyhttps://infosecwriteups.com/how-i-hijacked-oauth-tokens-through-a-parallel-auth-flow-race-condition-8500-p1-bug-bounty-7af1cccc4d4c?source=rss------bug_bounty-5Anmol Singh Yadavbug-bounty, hacking, bug-bounty-writeup, bug-bounty-tips20-Apr-2025
The Brain Left Unlocked: Public etcd and the Risks Beneath Kuberneteshttps://medium.com/@nijina7/the-brain-left-unlocked-public-etcd-and-the-risks-beneath-kubernetes-3e6dd122a9c5?source=rss------bug_bounty-5Nijin Kbug-bounty-tips, bug-bounty, etcd, hacking, ethical-hacking20-Apr-2025
Email Verification Bypass via Sign in with Googlehttps://xsametyigit.medium.com/email-verification-bypass-via-sign-in-with-google-a273827c4968?source=rss------bug_bounty-5Samet Yiğitbug-bounty-tips, bug-bounty, ödülavcılığı, bug-bounty-writeup20-Apr-2025
Nothing changed… except for one detail. And that was enough to hackhttps://medium.com/@phoenixcatalan/nothing-changed-except-for-one-detail-and-that-was-enough-to-hack-791f0f8bc8cb?source=rss------bug_bounty-5phoenixcatalanbug-bounty-tips, bug-bounty, portswigger, hacking, ethical-hacking20-Apr-2025
Tricking system to delete any user account: from informative to 4000$ HIGH Bountyhttps://entropydrifter.medium.com/tricking-system-to-delete-any-user-account-from-informative-to-4000-high-bounty-245944d4eaa9?source=rss------bug_bounty-5Abdullah Ahmed aka entropydrifterbug-bounty, hackerone, bug-bounty-tips, bug-bounty-writeup20-Apr-2025
How a Smart Bug Hunter Found a Big Security Hole in MTN Grouphttps://osintteam.blog/how-a-smart-bug-hunter-found-a-big-security-hole-in-mtn-group-64d661124f51?source=rss------bug_bounty-5Monika sharmabug-bounty, report, hacking, technology, bug-bounty-tips20-Apr-2025
How a Stupid Public Link Opened a Massive Data Exposure (Real Casehttps://medium.com/@Nigga_Hitam/how-a-stupid-public-link-opened-a-massive-data-exposure-real-case-1b1f75846f6c?source=rss------bug_bounty-5Nigga_hitamcybersecurity, bug-bounty20-Apr-2025
picoCTF Web Exploitation: picobrowserhttps://medium.com/@Kamal_S/picoctf-web-exploitation-picobrowser-ce806dfedd2f?source=rss------bug_bounty-5Kamal Sbug-bounty, picoctf, ctf, security-testing, picobrowser20-Apr-2025
MSRPC — Port 135, 539 — How to exploit?https://medium.com/@verylazytech/msrpc-port-135-539-how-to-exploit-1e14a8b8006b?source=rss------bug_bounty-5Very Lazy Techmsrpc, penetration-testing, ethical-hacking, hacking, bug-bounty20-Apr-2025
Lab: Exploiting an API endpoint using documentationhttps://mukibas37.medium.com/lab-exploiting-an-api-endpoint-using-documentation-0a74ce7b7118?source=rss------bug_bounty-5Mukilan Baskaranhacking, bug-bounty, security, ethical-hacking, cybersecurity20-Apr-2025
Escalating Impact: Full Account Takeover in Microsoft via XSS in Login Flowhttps://melotover.medium.com/escalating-impact-full-account-takeover-in-microsoft-via-xss-in-login-flow-f160fa79b008?source=rss------bug_bounty-5Asem Elerakyaccount-takeover, cybersecurity, cross-site-scripting, xss-attack, bug-bounty20-Apr-2025
️ Rate Limiting: The Unsung Guardian of Web Applicationshttps://medium.com/@sachinpv2004/%EF%B8%8F-rate-limiting-the-unsung-guardian-of-web-applications-37a52a96a320?source=rss------bug_bounty-5SACHIN PVcybersecurity, bug-bounty, red-team, pentesting, rate-limiting20-Apr-2025
HTTP Parameter Pollution: The Dirty Little Secret That Gave Me Full Backend Access ️https://infosecwriteups.com/http-parameter-pollution-the-dirty-little-secret-that-gave-me-full-backend-access-%EF%B8%8F-f7777c569648?source=rss------bug_bounty-5Iskicybersecurity, bug-bounty, money, infosec, hacking20-Apr-2025
Lab: Exploiting an API endpoint using documentationhttps://infosecwriteups.com/lab-exploiting-an-api-endpoint-using-documentation-0a74ce7b7118?source=rss------bug_bounty-5Mukilan Baskaranhacking, bug-bounty, security, ethical-hacking, cybersecurity20-Apr-2025
Cyber Kalki Nexus Subdomain WebScanner Pro The Ultimate Free Web Subdomain Discovery Tool for…https://medium.com/@krivadna/cyber-kalki-nexus-subdomain-webscanner-pro-the-ultimate-free-web-subdomain-discovery-tool-for-3d59d7f645a2?source=rss------bug_bounty-5Krivadnainfosec, bug-bounty, bugbounty-writeup, subdomains-enumeration, cybersecurity20-Apr-2025
Mastering Logic Bugs: A Checklist for Bug Hunters — Part 4 (tips from Pro hunters)https://medium.com/@mahdisalhi0500/mastering-logic-bugs-a-checklist-for-bug-hunters-part-4-tips-from-pro-hunters-b098618c67ca?source=rss------bug_bounty-5CaptinSHArky(Mahdi)bug-bounty, penetration-testing, information-security, cybersecurity, hacking20-Apr-2025
A list of good wordlists for bug bounty huntershttps://medium.com/@loyalonlytoday/a-list-of-good-wordlists-for-bug-bounty-hunters-7a6562df2aba?source=rss------bug_bounty-5loyalonlytodaycybersecurity, penetration-testing, wordlist, ethical-hacking, bug-bounty19-Apr-2025
Exposed Secrets in JavaScript Fileshttps://medium.com/@Abhijeet_kumawat_/exposed-secrets-in-javascript-files-430a76834952?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, hacking, cybersecurity, javascript, ai19-Apr-2025
Buy Any Product for Free via Price Tamperinghttps://medium.com/@shyam.sam0704/buy-any-product-for-free-via-price-tampering-75326ff7a767?source=rss------bug_bounty-5Shyamvulnerability-assessment, bug-hunting, bug-bounty, burpsuite, price-tampering19-Apr-2025
Reflected XSS using Bookmarkhttps://infosecwriteups.com/reflected-xss-using-bookmark-937cf27c5725?source=rss------bug_bounty-5cryptoshantjourney, hacking, cybersecurity, samsung, bug-bounty19-Apr-2025
Exposed Secrets in JavaScript Fileshttps://infosecwriteups.com/exposed-secrets-in-javascript-files-430a76834952?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, hacking, cybersecurity, javascript, ai19-Apr-2025
What Is a JavaScript Attribute?https://medium.com/@zoningxtr/what-is-a-javascript-attribute-e6b4e5b6317c?source=rss------bug_bounty-5Zoningxtrhtml, javascript, bug-bounty, penetration-testing, cybersecurity19-Apr-2025
Programming Language for Ethical Hackinghttps://infosecwriteups.com/programming-language-for-ethical-hacking-67eb8b211759?source=rss------bug_bounty-5Mr Horbiohacking, programming, bug-bounty, ethical-hacking, cybersecurity19-Apr-2025
Understanding Session Cookies and Authentication Tokenshttps://medium.com/@sachinpv2004/understanding-session-cookies-and-authentication-tokens-452bd4cc332a?source=rss------bug_bounty-5SACHIN PVbug-bounty, hacking, pentesting, cybersecurity, sessions19-Apr-2025
Hidden in Plain Sight: How Sitemap.xml Gave Me Access to Goldhttps://medium.com/@iski/hidden-in-plain-sight-how-sitemap-xml-gave-me-access-to-gold-101fc0e0bf1e?source=rss------bug_bounty-5Iskiinfosec, money, hacking, cybersecurity, bug-bounty19-Apr-2025
How I Registered the Same Username Twice — No Tools Neededhttps://strangerwhite.medium.com/how-i-registered-the-same-username-twice-no-tools-needed-284f3b46d82a?source=rss------bug_bounty-5StrangeRwhitebug-bounty-writeup, infosec, hacking, bug-bounty-tips, bug-bounty19-Apr-2025
How to detect and exploit OS Command injectionhttps://medium.com/@evyeveline1/how-to-detect-and-exploit-os-command-injection-a5d4d2423ead?source=rss------bug_bounty-5Evyevelinebug-bounty, os-command-injection, web-hacking, ethical-hacking, web-vulnerabilities19-Apr-2025
Business Logic Flaw worth $1250https://vijetareigns.medium.com/business-logic-flaw-worth-1250-35efcd1b9af9?source=rss------bug_bounty-5the_unlucky_guyhacking, bug-bounty, cybersecurity, bug-bounty-tips, bug-bounty-writeup19-Apr-2025
When “One‑Time” Isn’t One‑Time: How a Simple OTP bypass gave me Platform-Wide Account Takeoverhttps://medium.com/@ali.mezar/when-one-time-isnt-one-time-how-a-simple-otp-bypass-gave-me-platform-wide-account-takeover-0554bbd39dbc?source=rss------bug_bounty-5Ali Mezarweb-security, rate-limiting, account-takeover, bug-bounty, otp-bypass19-Apr-2025
SQL injection UNION attack, retrieving multiple values in a single column — PortSwiggerhttps://arayofhope7.medium.com/sql-injection-union-attack-retrieving-multiple-values-in-a-single-column-portswigger-65d850e9cc8e?source=rss------bug_bounty-5RayofHopecybersecurity, ethical-hacking, web-penetration-testing, penetration-testing, bug-bounty19-Apr-2025
HTML Tags and Their JavaScript-Interactive Attributes ✨https://medium.com/@zoningxtr/html-tags-and-their-javascript-interactive-attributes-7534e7de0cb1?source=rss------bug_bounty-5Zoningxtrhtml, penetration-testing, cybersecurity, bug-bounty, javascript19-Apr-2025
NetBios — Port 137,138,139 — How to exploit?https://medium.com/@verylazytech/netbios-port-137-138-139-how-to-exploit-4c0f81af3b94?source=rss------bug_bounty-5Very Lazy Techbug-bounty, netbios, hacking, ethical-hacking, penetration-testing19-Apr-2025
From Curiosity to Shell phpinfo()https://medium.com/@dhirenkumar/from-curiosity-to-shell-phpinfo-fa7a7b7e5d22?source=rss------bug_bounty-5pradhancybersecurity, bug-bounty, tips, infosec, hacking19-Apr-2025
How I Passed the eJPT Certification: Complete Journeyhttps://medium.com/@vipulsonule71/how-i-passed-the-ejpt-certification-complete-journey-a0d3a1206c06?source=rss------bug_bounty-5Vipul Sonuletech, cybersecurity, bug-bounty, hacking, medium19-Apr-2025
“How I Found a Privilege Escalation Bug by Accident and Earned $830”https://medium.com/@saddamzzz65/how-i-found-a-privilege-escalation-bug-by-accident-and-earned-830-af15a35dc3d8?source=rss------bug_bounty-5Saddamzzzethical-hacking, bug-bounty, cybersecurity, web-security, infosec19-Apr-2025
Android Application Analysis: Tools, Techniques and Tipshttps://medium.com/@mayank_prajapati/android-application-analysis-tools-techniques-and-tips-435dcf144c9c?source=rss------bug_bounty-5Mayank Kumar Prajapaticybersecurity, penetration-testing, ethical-hacking, bug-bounty, android19-Apr-2025
UI Says No to Email Change, Backend Says ‘Sure, Why Not?’”https://medium.com/@a0xtrojan/ui-says-no-to-email-change-backend-says-sure-why-not-cff45b3cfe3c?source=rss------bug_bounty-5A0X_Trojanbug-bounty, bussiness-logic-error, penetration-testing, medium, hackerone19-Apr-2025
Blind SQL injection with conditional responses — Zero to Hero Blind Injection — Portswiggerhttps://arayofhope7.medium.com/blind-sql-injection-with-conditional-responses-zero-to-hero-blind-injection-portswigger-dad0cab48d57?source=rss------bug_bounty-5RayofHopeethical-hacking, bug-bounty, web-penetration-testing, cybersecurity, penetration-testing19-Apr-2025
All about Multi-factor Authenticationhttps://hassanjawaid.medium.com/all-about-multi-factor-authentication-a131d6c20bf5?source=rss------bug_bounty-5Hassan Jawaidbug-bounty-writeup, bug-bounty19-Apr-2025
Aswan CTF Web challenges: Yaoguai Bankhttps://medium.com/@karim.engmohamed/aswan-ctf-web-challenges-yaoguai-bank-606d6dd6dd27?source=rss------bug_bounty-5Karim Mohamedctf, web, ctf-writeup, ctf-walkthrough, bug-bounty18-Apr-2025
The Hidden Dangers of an Exposed .env Filehttps://medium.com/@dharineeshj2/the-hidden-dangers-of-an-exposed-env-file-80532158c6f0?source=rss------bug_bounty-5Hack-Batbug-bounty, penetration-testing, hacking, cybersecurity, red-team18-Apr-2025
Burp Suite Beyond Basics: Hidden Features That Save Time and Find More Bugshttps://infosecwriteups.com/burp-suite-beyond-basics-hidden-features-that-save-time-and-find-more-bugs-19f15bb3bcc3?source=rss------bug_bounty-5Abhijeet Kumawatsecrets, bug-bounty, cybersecurity, burpsuite, hacking18-Apr-2025
How I Earned $300 from a Single Rate Limiting Vulnerability — Twice!https://medium.com/@whitehat29/how-i-earned-300-from-a-single-rate-limiting-vulnerability-twice-224b4be29fd0?source=rss------bug_bounty-5Whitehatbug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty, cybersecurity18-Apr-2025
What Bugs you can find as a Beginnerhttps://medium.com/@aashifm/what-bugs-you-can-find-as-a-beginner-e016b5d535d4?source=rss------bug_bounty-5127.0.0.1cybersecurity, idor, bug-bounty, open-redirect, bugs18-Apr-2025
Hours of Recon, One Vulnerable Parameter, and Boom — SQL Injection Found.https://hiddendom.medium.com/hours-of-recon-one-vulnerable-parameter-and-boom-sql-injection-found-e7f2bb74d423?source=rss------bug_bounty-5Gokuleswaran Bbug-bounty-tips, bug-bounty-writeup, sql-injection-attack, sql-injection, bug-bounty18-Apr-2025
Bypassing Like a Pro: How I Fooled the WAF and Made It Payhttps://infosecwriteups.com/bypassing-like-a-pro-how-i-fooled-the-waf-and-made-it-pay-e433193e1d9d?source=rss------bug_bounty-5Iskimoney, cybersecurity, bug-bounty, hacking, infosec18-Apr-2025
Recon Search Assistanthttps://medium.com/@bobby.S/recon-search-assistant-d8506fdc8484?source=rss------bug_bounty-50xBobbybug-bounty-tips, bug-bounty-writeup, bug-bounty, penetration-testing, google-dork18-Apr-2025
Checking for SSL Medium Strength Cipher Suites Supportedhttps://medium.com/@toon.commander/checking-for-ssl-medium-strength-cipher-suites-supported-2a27b1c021c2?source=rss------bug_bounty-5Jormungandrpentest, vulnerability, exploit, bug-bounty18-Apr-2025
WAF Bypass Masterclass: Using SQLMap with Proxychains and Tamper Scripts Against Cloudflare &…https://infosecwriteups.com/waf-bypass-masterclass-using-sqlmap-with-proxychains-and-tamper-scripts-against-cloudflare-9d46b36bae94?source=rss------bug_bounty-5coffinxpcybersecurity, hacking, bug-bounty, programming, technology18-Apr-2025
Automating GraphQL Bug Bounty Hunting with GrapeQLhttps://infosecwriteups.com/automating-graphql-bug-bounty-hunting-with-grapeql-e1e874f11c7c?source=rss------bug_bounty-5Aleksa Zatezalosoftware-development, bug-bounty, graphql, hacking, github18-Apr-2025
Rethinking Deserialization Attacks: Chaining Cloudpickle with Pandas & NumPyhttps://medium.com/@kerkroups/rethinking-deserialization-attacks-chaining-cloudpickle-with-pandas-numpy-cadebb52b69f?source=rss------bug_bounty-5Kerkroupscybersecurity, application-security, bug-bounty, penetration-testing18-Apr-2025
Click Jacking Impact Privilage Escalationhttps://firdausmuhammadismail.medium.com/click-jacking-impact-privilage-escalation-585918563f52?source=rss------bug_bounty-5Firdaus Muhammad Ismailbug-bounty-writeup, clickjacking, vulnerability, bug-bounty, poc18-Apr-2025
SMB — Port 139 445 — How to exploit?https://medium.com/@verylazytech/smb-port-139-445-how-to-exploit-8a1580797bc0?source=rss------bug_bounty-5Very Lazy Techethical-hacking, smb, penetration-testing, port-445, bug-bounty18-Apr-2025
Earn Money by Discovering Bugshttps://medium.com/@2000anujsharma/earn-money-by-discovering-bugs-b434b95ac2b7?source=rss------bug_bounty-5Let's codeinfosec, cybersecurity, ethical-hacking, makemoney-online, bug-bounty18-Apr-2025
Secret to find bugs in five minutes. Juicy reality.https://medium.com/@riazrabia/secret-to-find-bugs-in-five-minutes-juicy-reality-c7ed63cf26a8?source=rss------bug_bounty-5Rabia Riazeasy-bugs, bug-bounty-writeup, bug-bounty-tips, bug-bounty, bug-in-5-minutes18-Apr-2025
Light CTF Write-up: A Deep Dive into SQLite Injection and Enumerationhttps://medium.com/@shxdowz/light-ctf-write-up-a-deep-dive-into-sqlite-injection-and-enumeration-f0253a63171d?source=rss------bug_bounty-5Shxdowztryhackme-walkthrough, bug-bounty, tryhackme, sql-injection, writeup18-Apr-2025
I need your supporthttps://medium.com/@t79877005/i-need-your-support-02984632fd9b?source=rss------bug_bounty-5Rester Testchrome, bug-bounty, software-testing, bugs18-Apr-2025
Pre-Account Takeover: The Account Hack You Never Saw Cominghttps://medium.com/@sachinpv2004/pre-account-takeover-the-account-hack-you-never-saw-coming-25eb518b34f1?source=rss------bug_bounty-5SACHIN PVcybersecurity, bug-bounty, account-takeover, pentesting, security18-Apr-2025
Why You Shouldn’t Share Your Dreams With Everyone — SOCIAL EXPERIMENThttps://medium.com/@ph4nt0mbyt3/why-you-shouldnt-share-your-dreams-with-everyone-social-experiment-e7aae670ab02?source=rss------bug_bounty-5ph4nt0mbyt3bug-bounty, motivation18-Apr-2025
How to Find Hidden APIs and Abuse Them in Web Appshttps://medium.com/@vipulsonule71/how-to-find-hidden-apis-and-abuse-them-in-web-apps-42bd8cd91552?source=rss------bug_bounty-5Vipul Sonulebug-bounty, technology, hacking, ethical-hacking, cybersecurity18-Apr-2025
⚠️ CVE-2025-24054: Actively Exploited Vulnerability Stealing NTLM Credentials – What You Need to…https://chintalatarakaram.medium.com/%EF%B8%8F-cve-2025-24054-actively-exploited-vulnerability-stealing-ntlm-credentials-what-you-need-to-631ac46f45e3?source=rss------bug_bounty-5Chintala Taraka Rambug-bounty-writeup, bug-bounty, hacking, cybersecurity, bug-bounty-tips18-Apr-2025
Header-Fusionhttps://medium.com/@bineeg/header-fusion-3c11da41582e?source=rss------bug_bounty-5bineegidor-vulnerability, infosec, bug-bounty, hacking-tools18-Apr-2025
Race condtion & Logic Bug lead to Pre-ATOhttps://medium.com/@yassentaalab51/race-condtion-logic-bug-lead-to-pre-ato-4fb85dfb4bcc?source=rss------bug_bounty-5Killuaowasp, bug-bounty, penetration-testing, race-condition, bug-bounty-tips18-Apr-2025
F5 BIGIP PROMO CODES- UDEMYhttps://medium.com/@deepdive4learn/f5-bigip-promo-codes-udemy-6ed8534d230d?source=rss------bug_bounty-5DeepDive4learnbug-bounty, web-development, cybersecurity, python-programming, udemy18-Apr-2025
The One Parameter That Changed Everything /api/v1https://medium.com/@dhirenkumar/the-one-parameter-that-changed-everything-api-v1-2747e3b83f84?source=rss------bug_bounty-5Dhiren Kumar Pradhanhacking, bug-bounty, infosec, cybersecurity17-Apr-2025
Detecting Credential Dumping with Windows Built-In Toolshttps://medium.com/@paritoshblogs/detecting-credential-dumping-with-windows-built-in-tools-b51b8eb6f8ca?source=rss------bug_bounty-5Paritoshbug-bounty, cybersecurity, credentials, information-technology, hacking17-Apr-2025
Slow HTTP Denial of Service Attack Pada Subdomain kawasaki.co.idhttps://medium.com/@ricoandreas19/slow-http-denial-of-service-attack-pada-subdomain-kawasaki-co-id-7dca9a319057?source=rss------bug_bounty-5Rico Andreasbug-bounty, denial-of-service-attack, slow-loris, kawasaki-indonesia17-Apr-2025
‍☠️The Ultimate Subdomain Enumeration Guide: Tools, Tricks, and Hidden Secretshttps://infosecwriteups.com/%EF%B8%8Fthe-ultimate-subdomain-enumeration-guide-tools-tricks-and-hidden-secrets-bbae13df9a83?source=rss------bug_bounty-5Abhijeet Kumawatsubdomains-enumeration, infosec, bug-bounty, hacking, cybersecurity17-Apr-2025
Secret tricks to get hidden information in Bug Bountyhttps://infosecwriteups.com/secret-tricks-to-get-hidden-information-in-bug-bounty-107f3e055c4d?source=rss------bug_bounty-5Mr Horbiohacking, github, cybersecurity, penetration-testing, bug-bounty17-Apr-2025
Hacking and Securing Docker Containers: A Deep Dive into Common Vulnerabilities and Test Caseshttps://infosecwriteups.com/hacking-and-securing-docker-containers-a-deep-dive-into-common-vulnerabilities-and-test-cases-e40f2eee58f2?source=rss------bug_bounty-5Ajay Naikdocker, bug-bounty, penetration-testing, information-security, cybersecurity17-Apr-2025
From CSS to AWS: How a Stylesheet Reference Leaked Cloud Secrets ☁️https://medium.com/@iski/from-css-to-aws-how-a-stylesheet-reference-leaked-cloud-secrets-%EF%B8%8F-c55e5048777e?source=rss------bug_bounty-5Iskimoney, bug-bounty, infosec, hacking, cybersecurity17-Apr-2025
️‍♂️ “I Didn’t Plan to Find a P1… But My Script Had Other Plans ”https://infosecwriteups.com/%EF%B8%8F-%EF%B8%8F-i-didnt-plan-to-find-a-p1-but-my-script-had-other-plans-77691a46985b?source=rss------bug_bounty-5Lord Heavens3-bucket, infosecurity, s3, infosec, bug-bounty17-Apr-2025
OSINT Like a Spy: Tools and Techniques for Online Investigations ️‍♂️https://medium.com/@vipulsonule71/osint-like-a-spy-tools-and-techniques-for-online-investigations-%EF%B8%8F-%EF%B8%8F-79571a765ddb?source=rss------bug_bounty-5Vipul Sonulecybersecurity, technology, bug-bounty, ethical-hacking, hacking17-Apr-2025
The Rise of Cloud Hacking: What Every Developer Should Knowhttps://medium.com/write-a-catalyst/the-rise-of-cloud-hacking-what-every-developer-should-know-e99efe9d8e3c?source=rss------bug_bounty-5Monika sharmabug-bounty, ai, hacking, cloud, technology17-Apr-2025
Understanding All HTTP Response Codes & How to Bypass Them!https://medium.com/@gouravrathod8788/understanding-all-http-response-codes-how-to-bypass-them-677b784f8232?source=rss------bug_bounty-5Gourav Singh Rajputhttps, security, red-team, cybersecurity, bug-bounty17-Apr-2025
2FA Bypass: A Case of Insecure Implementationhttps://ehteshamulhaq198.medium.com/2fa-bypass-a-case-of-insecure-implementation-8b9e44f3d68c?source=rss------bug_bounty-5Ehtesham Ul Haq2fa-authentication, ethical-hacking, bug-bounty, penetration-testing, infosec17-Apr-2025
From Betting Addiction to Ethical Hacking: How I Discovered a Security Loophole in a Popular…https://medium.com/@pazzoamani/from-betting-addiction-to-ethical-hacking-how-i-discovered-a-security-loophole-in-a-popular-159720067f1d?source=rss------bug_bounty-5AMANI Patrickcybersecurity, cybersecurity-awareness, offensive-security, bug-bounty17-Apr-2025
How I Earned $3,245 in Bug Bounties(My First 90 Days)https://medium.com/@ibtissamhammadi/how-i-earned-3-245-in-bug-bounties-my-first-90-days-d4b8e397280d?source=rss------bug_bounty-5Ibtissam Hammadimake-money-online, cybersecurity, payu, bug-bounty, hacking17-Apr-2025
Data Disclosed: A Look into Real-World Incidentshttps://medium.com/@sachinpv2004/data-disclosed-a-look-into-real-world-incidents-acc00a02a89c?source=rss------bug_bounty-5SACHIN PVbug-bounty, pentesting, information-disclosure, cybersecurity17-Apr-2025
MASTER IN BASH WITH ONE VIDEOhttps://infosecwriteups.com/master-in-bash-with-one-video-5c77dbe3341d?source=rss------bug_bounty-5Mr Horbiopenetration-testing, cybersecurity, ethical-hacking, bug-bounty, bash17-Apr-2025
SUID Exploitation [Privilege Escalation] Tutorial | EJPT Examhttps://infosecwriteups.com/suid-exploitation-privilege-escalation-tutorial-ejpt-exam-e446f340ba3f?source=rss------bug_bounty-5Mr Horbiopenetration-testing, ethical-hacking, bug-bounty, hacker, cybersecurity17-Apr-2025
How I Took Over Accounts by Disabling 2FA Without Even Logging In | P1 — Criticalhttps://medium.com/@nebty/how-i-took-over-accounts-by-disabling-2fa-without-even-logging-in-p1-critical-a50f109e2ed4?source=rss------bug_bounty-5Nebtycybersecurity, vulnerability, authentication, bug-bounty, 2fa17-Apr-2025
How to Find Hidden SQL Injection Points During Reconhttps://medium.com/@vipulsonule71/how-to-find-hidden-sql-injection-points-during-recon-3f015328fdef?source=rss------bug_bounty-5Vipul Sonulehacking, cybersecurity, penetration-testing, tech, bug-bounty17-Apr-2025
Metasploit Basics For PenTester & Bug Bounty Hunters ⚡https://medium.com/@0b1d1/metasploit-basics-for-pentester-bug-bounty-hunters-72facfc9cdd1?source=rss------bug_bounty-50b1d1bug-bounty-writeup, bug-bounty, bug-bounty-tips, meterpreter, metasploit17-Apr-2025
Powerful One-Liner commands for Ethical Hacking & Bug Huntinghttps://medium.com/@BugRey/powerful-one-liner-commands-for-ethical-hacking-bug-hunting-dd33fd2aaa09?source=rss------bug_bounty-5./Rey~ethical-hacking, cybersecurity, bug-bounty, bug-bounty-tips17-Apr-2025
200$ by Tricking a Global Music App with One Line of Codehttps://myselfakash20.medium.com/200-by-tricking-a-global-music-app-with-one-line-of-code-de2f4ab3cd4a?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, technology, cybersecurity, bug-bounty, ethical-hacking17-Apr-2025
Top 15 Unique Extensions for Programmers: Part(3)https://osintteam.blog/top-15-unique-extensions-for-programmers-part-3-1009695a1199?source=rss------bug_bounty-5Monika sharmahacking, programming, technology, bug-bounty, extension17-Apr-2025
They Used Tools I Used Logic 0-Click Account Takeover Without Breaking a Sweathttps://medium.com/@loayahmed686/they-used-tools-i-used-logic-0-click-account-takeover-without-breaking-a-sweat-fd57c078dc82?source=rss------bug_bounty-5r00tbug-bounty, infosec, cybersecurity, bugbounty-tips, bugbounty-writeup17-Apr-2025
The 50-Day Security Marathon: How I Helped Ford Patch a Critical XSS Vulnerabilityhttps://medium.com/@N0aziXss/the-50-day-security-marathon-how-i-helped-ford-patch-a-critical-xss-vulnerability-fc6c012f40b5?source=rss------bug_bounty-5N0aziXssxss-vulnerability, enterprise-security, responsible-disclosure, web-security, bug-bounty17-Apr-2025
CVE-2025–29927 Authorization bypass vulnerability identified in Next.js.https://shauryasharma05.medium.com/cve-2025-29927-authorization-bypass-vulnerability-identified-in-next-js-9f46812c7826?source=rss------bug_bounty-5Shaurya Sharmahacking, nextjs, cybersecurity, cve, bug-bounty17-Apr-2025
How I got a Zero-Click Account Takeover Bounty — Using Nothing But Logichttps://itsahmedatef.medium.com/how-i-got-a-zero-click-account-takeover-bounty-using-nothing-but-logic-11a3ae151376?source=rss------bug_bounty-5Ahmed Atefcybersecurity, infosec, bug-bounty-writeup, account-takeover, bug-bounty17-Apr-2025
How I Discovered CVE-2025–3568: From XSS to Admin Account Takeoverhttps://medium.com/@sneharghyaroy/how-i-discovered-cve-2025-3568-from-xss-to-admin-account-takeover-6dabfcc7a320?source=rss------bug_bounty-5Sneharghya Roybug-bounty, educational, cybersecurity, ethical-hacking17-Apr-2025
“Analyzing Browser Artifacts During an Incident” : Cache, history, and login data in Chrome, Edge…https://medium.com/@paritoshblogs/analyzing-browser-artifacts-during-an-incident-cache-history-and-login-data-in-chrome-edge-47ee1a7ce2a3?source=rss------bug_bounty-5Paritoshhacking, bug-bounty, cybersecurity, incident-response, information-technology16-Apr-2025
An ultimate information-gathering tool for bug bounty hunters, Osint investigators, and pen testers.https://medium.com/@loyalonlytoday/an-ultimate-information-gathering-tool-for-bug-bounty-hunters-osint-investigators-and-pen-testers-70b8944746f6?source=rss------bug_bounty-5loyalonlytodayhacking, bug-bounty, programming, penetration-testing, cybersecurity16-Apr-2025
How a Software Engineer Earned $40,000 Through Bug Bounty Programs (In His Spare Time)https://medium.com/@cadeeper/how-a-software-engineer-earned-40-000-through-bug-bounty-programs-in-his-spare-time-a9e1834a02c9?source=rss------bug_bounty-5Invikbug-bounty, security, cybersecurity, development, software-development16-Apr-2025
How I Earned My First Bug Bounty and What It Taught Me About Ethical Hackinghttps://medium.com/@dhirenkumar/how-i-earned-my-first-bug-bounty-and-what-it-taught-me-about-ethical-hacking-f3687e212d0a?source=rss------bug_bounty-5Dhiren Kumar Pradhanhacking, bug-bounty, cybersecurity16-Apr-2025
️ Blind XSS Attack in Production: My Favorite Exploit with a Delayed Surprisehttps://infosecwriteups.com/%EF%B8%8F-blind-xss-attack-in-production-my-favorite-exploit-with-a-delayed-surprise-3f7f13427ee4?source=rss------bug_bounty-5Abhijeet Kumawatxss-attack, secrets, bug-bounty, hacking, cybersecurity16-Apr-2025
From ‘Error 404’ to ‘Cha-Ching! BugBountyhttps://medium.com/@xlr44444/from-error-404-to-cha-ching-bugbounty-18d3b839019b?source=rss------bug_bounty-5Blekhatebug-bounty-writeup, bug-bounty, bug-bounty-tips, pentesting, cybersecurity16-Apr-2025
Email Verification Bypass during Account Creation | Insecure Designhttps://raymondv.medium.com/email-verification-bypass-during-account-creation-insecure-design-09122979577f?source=rss------bug_bounty-5Raymond Van Wartinsecure-design, cybersecurity, firebase, bug-bounty16-Apr-2025
Bypassing Content-Type Restrictions to Upload Web Shellshttps://medium.com/@nevershareemail/bypassing-content-type-restrictions-to-upload-web-shells-d10fd45fa10b?source=rss------bug_bounty-5Sumit Tiwaricybersecurity, web-app-security, bug-bounty, web-app-pentesting, bug-bounty-tips16-Apr-2025
My First High-Impact Bug: Unauthenticated Unsubscribe via Token Manipulation (IDOR + PII…https://medium.com/@sauravkrish59/my-first-high-impact-bug-unauthenticated-unsubscribe-via-token-manipulation-idor-pii-872d1004a9bc?source=rss------bug_bounty-5@Sauravkrishbug-bounty-writeup, bug-bounty, bug-bounty-tips, cybersecurity16-Apr-2025
Apache Roller’s Got a Major Bug — and It’s No April Fool’s Joke!https://medium.com/@thecyberghost/apache-rollers-got-a-major-bug-and-it-s-no-april-fool-s-joke-d445fd81d8c4?source=rss------bug_bounty-5The Cyber Ghostcybersecurity, bug-bounty, cyber, cyber-security-awareness, bugs16-Apr-2025
How Race Condition Worth Me $1000 On YesWeHackhttps://medium.com/@manan_sanghvi/how-race-condition-worth-me-1000-on-yeswehack-f90be39ecb2b?source=rss------bug_bounty-5Manan Sanghvipenetration-testing, ethical-hacking, race-condition, hacking, bug-bounty16-Apr-2025
How I discovered a hidden user thanks to server responses ?https://medium.com/@phoenixcatalan/how-i-discovered-a-hidden-user-thanks-to-server-responses-b65e198f4e73?source=rss------bug_bounty-5phoenixcatalanethical-hacking, hacking, pentesting, portswigger, bug-bounty16-Apr-2025
Impostor Admin: Token Editionhttps://medium.com/@tanyago/impostor-admin-token-edition-dfcd1f5643b0?source=rss------bug_bounty-5Tanya Goyalbug-bounty, bugbounty-writeup, bug-bounty-tips, bug-bounty-program16-Apr-2025
️‍♂️ Bug Bounty Secrets They Don’t Tell You: Tricks From 100+ Reported Bugshttps://medium.com/@vipulsonule71/%EF%B8%8F-%EF%B8%8F-bug-bounty-secrets-they-dont-tell-you-tricks-from-100-reported-bugs-2fa23c613f1b?source=rss------bug_bounty-5Vipul Sonulebug-bounty, ethical-hacking, hacking, tech, cybersecurity16-Apr-2025
‍♂️ Bypassing 403/401: All the Tricks Hackers Usehttps://medium.com/@vipulsonule71/%EF%B8%8F-bypassing-403-401-all-the-tricks-hackers-use-6600b005289e?source=rss------bug_bounty-5Vipul Sonulecybersecurity, hacking, penetration-testing, bug-bounty, tech16-Apr-2025
How I Hacked RemoteBinge’s GIF Upload Filterhttps://medium.com/@worm_401/how-i-hacked-remotebinges-gif-upload-filter-5218cd45124b?source=rss------bug_bounty-5Worm_403hacking, ctf-writeup, web-security, file-upload-vulnerability, bug-bounty16-Apr-2025
Day 2: Best Free Ways to Learn Ethical Hacking by Doing!https://medium.com/@omkumar.coder/day-2-best-free-ways-to-learn-ethical-hacking-by-doing-d59617552336?source=rss------bug_bounty-5om kumartechnology, bug-bounty, software-engineering, cybersecurity, hacking16-Apr-2025
How to Bypass 503 Errors Like a Pro! ✨https://medium.com/@gouravrathod8788/how-to-bypass-503-errors-like-a-pro-10f0c110a162?source=rss------bug_bounty-5Gourav Singh Rajputpentesting, 503errorbypass, bypass, cybersecurity, bug-bounty16-Apr-2025
Bug Bounty Google Dorkshttps://medium.com/@shamzen96/bug-bounty-google-dorks-3af9c763de61?source=rss------bug_bounty-5Shivam Rajbug-bounty, dorks, pentesting, hacking, cybersecurity16-Apr-2025
The Hidden Threat in Your XML: Understanding XXE Attackshttps://medium.com/@es0557533/the-hidden-threat-in-your-xml-understanding-xxe-attacks-0d7f91bb5749?source=rss------bug_bounty-5Isvbug-bounty, cybersecurity, bug-bounty-tips, bug-bounty-writeup16-Apr-2025
IMAP — Port 143, 993 — How to exploit?https://medium.com/@verylazytech/imap-port-143-993-how-to-exploit-3bc8778916cd?source=rss------bug_bounty-5Very Lazy Techpenetration-testing, exploit, ethical-hacking, imap, bug-bounty16-Apr-2025
IRC — Ports 194,6667,6660–7000 — How to exploit?https://medium.com/@verylazytech/irc-ports-194-6667-6660-7000-how-to-exploit-5ecac016b853?source=rss------bug_bounty-5Very Lazy Techethical-hacking, bug-bounty, irc, penetration-testing, exploit15-Apr-2025
Why Most PoCs Fail: The Invisible Wall Called SSPhttps://medium.com/@pch.neurodive.fuk060/why-most-pocs-fail-the-invisible-wall-called-ssp-06c489ebfdba?source=rss------bug_bounty-5IRORIweb-security, cybersecurity, ctf, infosec, bug-bounty15-Apr-2025
BugBounty Directoryhttps://medium.com/@abhishekY495/bugbounty-directory-35609687204c?source=rss------bug_bounty-5Abhishekhacker, bug-bounty-tips, bug-bounty, bug-bounty-writeup, hackerone15-Apr-2025
How I Built a Recon Flow Out of Rage and Spitehttps://myselfakash20.medium.com/how-i-built-a-recon-flow-out-of-rage-and-spite-18ddd367149e?source=rss------bug_bounty-5Akash Ghoshhacking, bug-bounty, technology, bug-bounty-tips, cybersecurity15-Apr-2025
How I Exploited Rate Limiting to Access Admin Features (Real Case Study)https://infosecwriteups.com/how-i-exploited-rate-limiting-to-access-admin-features-real-case-study-fe25cb965a0a?source=rss------bug_bounty-5Abhijeet Kumawatsecrets, bug-bounty, cybersecurity, infosec, hacking15-Apr-2025
“How to Find Hidden API Endpoints and Secrets in JavaScript Files for Bug Bounties & Web App…https://hackersatty.medium.com/how-to-find-hidden-api-endpoints-and-secrets-in-javascript-files-for-bug-bounties-web-app-f4ea92d16954?source=rss------bug_bounty-5hackersattyapi-endpoint, bug-bounty-writeup, javascript, bug-bounty, secrets15-Apr-2025
Mastering Business Logic Price Manipulation in Bug Bounty Programshttps://frostyxsec.medium.com/mastering-business-logic-price-manipulation-in-bug-bounty-programs-4d3ac14d9837?source=rss------bug_bounty-5Frostyxsecbug-hunting, bug-bounty-tips, bug-bounty, bugbounty-writeup, bug-bounty-hunter15-Apr-2025
How Telegram’s Bot API Enables Real-Time 2FA Theft and Account Takeoverhttps://medium.com/@princep49036142/how-telegrams-bot-api-enables-real-time-2fa-theft-and-account-takeover-fa438ce9a9e0?source=rss------bug_bounty-5Prince Philiptelegram, hacker, bug-bounty, bug-bounty-writeup, ui15-Apr-2025
Cracking JWT: When the ‘None’ Algorithm Opens the Authentication Gatehttps://medium.com/@arrheniuspaelongan09/cracking-jwt-when-the-none-algorithm-opens-the-authentication-gate-5bafa942c9a5?source=rss------bug_bounty-5Arrhenius Paelonganbug-bounty, cybersecurity, hacking, penetration-testing, red-team15-Apr-2025
I Broke Into /etc/passwd Using a Null Byte and It Was Stupid Easy #HackerVibeshttps://medium.com/@RootPwned/i-broke-into-etc-passwd-using-a-null-byte-and-it-was-stupid-easy-hackervibes-54a4e86e985c?source=rss------bug_bounty-5Sumanth Yerranagulactf, web-application-security, ethical-hacking, cybersecurity, bug-bounty15-Apr-2025
Red Team Tactics vs Blue Team Defenses: Real-World Scenarioshttps://medium.com/@paritoshblogs/red-team-tactics-vs-blue-team-defenses-real-world-scenarios-d8a935b9e100?source=rss------bug_bounty-5Paritoshhacking, red-team, blue-team, bug-bounty, cybersecurity15-Apr-2025
Breaking Into HackDonalds: XXE + Middleware Abuse (CTF Writeup)https://medium.com/@cipher01x/breaking-into-hackdonalds-xxe-middleware-abuse-ctf-writeup-fa33c6bad5d8?source=rss------bug_bounty-5bretsadleahacking, bug-bounty, cybersecurity, hacking-tools, ctf-writeup15-Apr-2025
Breaking the Invite: 3 Easy-to-Find Vulnerabilities in invite users functionhttps://medium.com/@basetm307/breaking-the-invite-3-easy-to-find-vulnerabilities-in-invite-users-function-735c3b75d130?source=rss------bug_bounty-53basetbug-bounty, broken-access-control, bug-bounty-tips, privilege, idor15-Apr-2025
Hi, I’m Modather Ahmed, a penetration tester at Buguard and a part-time bug bounty hunter.https://medium.com/@modtheramohamed/hi-im-modather-ahmed-a-penetration-tester-at-buguard-and-a-part-time-bug-bounty-hunter-fb79a2229281?source=rss------bug_bounty-5Modther A Mohamedbug-bounty15-Apr-2025
How a Curious Curl and a Ghost Domain Got Me into the Dutch Government’s Hall of Famehttps://medium.com/@cyberhrsh/how-a-curious-curl-and-a-ghost-domain-got-me-into-the-dutch-governments-hall-of-fame-bf1537f4a737?source=rss------bug_bounty-5Harsh kotharihall-of-fame, bug-bounty, cybersecurity, hacker15-Apr-2025
Exposing Sensitive Data: How I Found a Critical NASA P1 Vulnerability in Publicly Accessible…https://medium.com/@sivasankardas/exposing-sensitive-data-how-i-found-a-critical-nasa-p1-vulnerability-in-publicly-accessible-57a00a9bccb9?source=rss------bug_bounty-5Sivasankar Dascybersecurity, vulnerability-research, hallof-fame, bug-bounty, nasa15-Apr-2025
From Zero Bugs to Many: My Journey into Web Pentesting and Bug Bountieshttps://medium.com/@omkumar.coder/from-zero-bugs-to-many-my-journey-into-web-pentesting-and-bug-bounties-883f516a507c?source=rss------bug_bounty-5om kumarcybersecurity, hacking, web-development, bug-bounty, technology15-Apr-2025
Breaking Into HackDonalds: XXE + Middleware Abuse (CTF Writeup)https://medium.com/@cipher01x/breaking-into-hackdonalds-xxe-middleware-abuse-ctf-writeup-5e67fadbb1bd?source=rss------bug_bounty-5bretsadleabug-bounty, hacking, ciberseguridad, ctf-writeup15-Apr-2025
Hidden Directories and Files : How Dirb, Dirsearch, and Gobuster Find the Unseenhttps://medium.com/@vipulsonule71/hidden-directories-and-files-how-dirb-dirsearch-and-gobuster-find-the-unseen-27182b2f88f6?source=rss------bug_bounty-5Vipul Sonuleai, cybersecurity, hacking, penetration-testing, bug-bounty15-Apr-2025
9 Criticals in a Row — Mind Hacking on HackerOnehttps://medium.com/@rootplinix/9-criticals-in-a-row-mind-hacking-on-hackerone-b627d1688d69?source=rss------bug_bounty-5Abu Hurayrainfosec, cybersecurity, hacking, pentesting, bug-bounty15-Apr-2025
Web Socket Securityhttps://cybertoucan.medium.com/web-socket-security-8095fd0f8981?source=rss------bug_bounty-5cybertoucanwebsocket, bug-bounty, cybersecurity, pentesting, application-security15-Apr-2025
Google Dorking for Ethical Hacking: A Beginner’s Guide to Finding Your First Bughttps://just-merwan.medium.com/google-dorking-for-ethical-hacking-a-beginners-guide-to-finding-your-first-bug-213ff2fffd1a?source=rss------bug_bounty-5Merwanskycybersecurity, google, hacking, tutorial, bug-bounty15-Apr-2025
SNMP — Ports 161, 162, 10161, and 10162/UDP — How to exploit?https://medium.com/@verylazytech/snmp-ports-161-162-10161-and-10162-udp-how-to-exploit-a9044f1eeb72?source=rss------bug_bounty-5Very Lazy Techpenetration-testing, bug-bounty, ethical-hacking, exploit, snmp15-Apr-2025
Top 15 Browser Extensions For Bug Bounty Hunter 2025: Part(2)https://osintteam.blog/top-15-browser-extensions-for-bug-bounty-hunter-2025-part-2-c2a4e525de21?source=rss------bug_bounty-5Monika sharmatechnology, hacking, bug-bounty, extension, osint15-Apr-2025
CSRF Exploit Leading to Account Takeover (ATO)https://medium.com/@magdy_ali/csrf-exploit-leading-to-account-takeover-ato-e1e89f73cb4c?source=rss------bug_bounty-5Magdy Alibug-bounty, csrf, account-takeover15-Apr-2025
Burp Suite AI: Smarter Scanning Powered by Machine Intelligencehttps://cylent.medium.com/burp-suite-ai-smarter-scanning-powered-by-machine-intelligence-7462bb1da5dc?source=rss------bug_bounty-5Mohamed Talaat (@cylent)application-security, bug-bounty, burp-suite-professional, bug-hunting, penetration-testing15-Apr-2025
Check Point Firewall — Port 264 — How to exploit?https://medium.com/@verylazytech/check-point-firewall-port-264-how-to-exploit-10453634fb26?source=rss------bug_bounty-5Very Lazy Techethical-hacking, port-264, penetration-testing, check-point-firewall, bug-bounty14-Apr-2025
​​How I Earned $800 in 10 Minutes with an IDOR Vulnerability — Just by Going the Extra Mile​​https://medium.com/@cadeeper/how-i-earned-800-in-10-minutes-with-an-idor-vulnerability-just-by-going-the-extra-mile-b8208bec852f?source=rss------bug_bounty-5Invinfo-sec-writeups, penetration-testing, bug-bounty, cybersecurity, hacker14-Apr-2025
SQL Injection Leads to $$$ Bounty: How I Found a Critical Bughttps://medium.com/@arrheniuspaelongan09/sql-injection-leads-to-bounty-how-i-found-a-critical-bug-cbacc35a2f19?source=rss------bug_bounty-5Qchadbug-bounty, hacking, penetration-testing, red-team, cybersecurity14-Apr-2025
Uncovering Hidden APIs: How One Forgotten Endpoint Made Me $500https://infosecwriteups.com/uncovering-hidden-apis-how-one-forgotten-endpoint-made-me-500-424e6388c406?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, secrets, bug-bounty, infosec, hacking14-Apr-2025
Understanding CVE-2025–29927: Next.js Security Vulnerabilityhttps://medium.com/@dasmanish6176/understanding-cve-2025-29927-next-js-security-vulnerability-6a6e20a7bcb0?source=rss------bug_bounty-5Dasmanishbug-bounty, nextjs, security, ethical-hacking, burpsuite14-Apr-2025
From Admin to Ghost: Post-Removal Access Control Bypass in Team Management Functionalityhttps://medium.com/@nhlimon37/from-admin-to-ghost-post-removal-access-control-bypass-in-team-management-functionality-155e3d7faf0d?source=rss------bug_bounty-5NH Limon ️bug-bounty-writeup, bug-bounty14-Apr-2025
From “Buck Bounty?” to My First Real Bug Bountyhttps://medium.com/@bgsswqyh/from-buck-bounty-to-my-first-real-bug-bounty-7490f1907541?source=rss------bug_bounty-5Kailaasbug-bounty-writeup, bug-bounty-tips, bug-bounty, cybersecurity14-Apr-2025
SQL injection UNION attack, retrieving data from other tables — Portswiggerhttps://arayofhope7.medium.com/sql-injection-union-attack-retrieving-data-from-other-tables-portswigger-ab892f5a9527?source=rss------bug_bounty-5RayofHopeweb-penetration-testing, bug-bounty, ethical-hacking, penetration-testing, cybersecurity14-Apr-2025
SQL Injection Leads to $$$ Bounty: How I Found a Critical Bughttps://medium.com/@arrheniuspaelongan09/sql-injection-leads-to-bounty-how-i-found-a-critical-bug-cbacc35a2f19?source=rss------bug_bounty-5Arrhenius Paelonganbug-bounty, hacking, penetration-testing, red-team, cybersecurity14-Apr-2025
Beyond the Payload: Why Understanding Vulnerabilities Matters More Than Exploiting Themhttps://revengermojo.medium.com/beyond-the-payload-why-understanding-vulnerabilities-matters-more-than-exploiting-them-72061821f88b?source=rss------bug_bounty-5RevengerMojohackermindset, revengermojo, application-security, chaining-vulnerabilities, bug-bounty14-Apr-2025
I Hacked a Website With Just ../../../etc/passwdhttps://medium.com/@RootPwned/i-hacked-a-website-with-just-etc-passwd-79fc0d592b4e?source=rss------bug_bounty-5Sumanth Yerranagulactf, web-security, bug-bounty, cybersecurity, ethical-hacking14-Apr-2025
Exposed Session Tokens via Misconfigured Endpointhttps://ehteshamulhaq198.medium.com/exposed-session-tokens-via-misconfigured-endpoint-c6676b79476e?source=rss------bug_bounty-5Ehtesham Ul Haqinfosec, bug-bounty-writeup, penetration-testing, bug-bounty, session-hijacking14-Apr-2025
LFI in the Shadows: A Bug Bounty Private Program Walkthroughhttps://medium.com/@AhmedSamy-X/lfi-in-the-shadows-a-bug-bounty-private-program-walkthrough-a76024d1314f?source=rss------bug_bounty-5Ahmedsamyinformation-security, cybersecurity, hacking, penetration-testing, bug-bounty14-Apr-2025
Click, Recon, Jackpot! ️‍♂️ How a Subdomain Led Me to an S3 Treasure Trovehttps://infosecwriteups.com/click-recon-jackpot-%EF%B8%8F-%EF%B8%8F-how-a-subdomain-led-me-to-an-s3-treasure-trove-2f65c3a80010?source=rss------bug_bounty-5Iskimoney, bug-bounty, hacking, infosec, cybersecurity14-Apr-2025
iOS-Pentesting-101: Jail Breaking iOS 16.7.x+ on iPhone 8/Xhttps://sudosuraj.medium.com/ios-pentesting-101-jail-breaking-ios-16-7-x-on-iphone-8-x-e9d62c529d38?source=rss------bug_bounty-5sudosurajios-bug-bounty, sudosuraj, bug-bounty-tips, bug-bounty, mobile-security14-Apr-2025
Account Takeover Based on Deep Understanding of the Targethttps://medium.com/@Maverick0o0/account-takeover-based-on-deep-understanding-of-the-target-9c02b8af88fa?source=rss------bug_bounty-5Erfan Tavakolibug-bounty-writeup, writeup, cybersecurity, bug-bounty-tips, bug-bounty14-Apr-2025
Hunting eval() XSS: How I Scored a $10K Bounty from Uberhttps://osintteam.blog/hunting-eval-xss-how-i-scored-a-10k-bounty-from-uber-c77aaf93574a?source=rss------bug_bounty-5Krish_cyberosint, bug-bounty, infosec-write-ups, ethical-hacking, xss-attack14-Apr-2025
Google Gemini iOS Vulnerability: Public Link Sharing Silently Leaks Entire Conversationshttps://medium.com/@warisjeet31/google-gemini-ios-vulnerability-public-link-sharing-silently-leaks-entire-conversations-e1f80cbea25c?source=rss------bug_bounty-5sin99xxbug-bounty, bug-bounty-tips, bug-bounty-writeup, cyber-security-awareness, cybersecurity14-Apr-2025
Bug Bounty | Istifadəçi hesablarının oğurlanmasına səbəb ola biləcək bir boşluq tapdım (Account…https://zeynalxan.medium.com/bug-bounty-istifad%C9%99%C3%A7i-hesablar%C4%B1n%C4%B1n-o%C4%9Furlanmas%C4%B1na-s%C9%99b%C9%99b-ola-bil%C9%99c%C9%99k-bir-bo%C5%9Fluq-tapd%C4%B1m-account-2693a2aa2520?source=rss------bug_bounty-5Zeynalxan Quliyevbug-bounty-writeup, bug-bounty, ato, account-takeover, hacker14-Apr-2025
Outsmarting the Crowd: 7 Unconventional Strategies to Dominate Bug Bounty Programshttps://cybersecuritywriteups.com/outsmarting-the-crowd-7-unconventional-strategies-to-dominate-bug-bounty-programs-e5432e5fddd2?source=rss------bug_bounty-5Krish_cyberbug-bounty, info-sec-writeups, osint, ethical-hacking, bug-bounty-writeup14-Apr-2025
HOW I GOT RCE BY THIS ‘ Single quotation Markhttps://medium.com/@amerghaith07/how-i-got-rce-by-this-single-quotation-mark-3a81be69a0d2?source=rss------bug_bounty-5Amerghaithethical-hacking, cybersecurity, sql-injection, bug-bounty, rce-vulnerability14-Apr-2025
Crafting Engaging Web Application Challenges for Your College CTFhttps://medium.com/@shashank_d_s/crafting-engaging-web-application-challenges-for-your-college-ctf-b712e10b9ed6?source=rss------bug_bounty-5D4rkHxndcapture-the-flag, penetration-testing, cybersecurity, bug-bounty, ctf14-Apr-2025
Are You Safe? The Terrifying Truth Behind Silent Attackshttps://medium.com/@Zo0L/are-you-safe-the-terrifying-truth-behind-silent-attacks-544d63139019?source=rss------bug_bounty-5Abdallah Mohammedbehind-the-shadow, cybersecurity, ethical-hacking, bug-bounty, penetration-testing14-Apr-2025
Attacking Common Services (skill assessment→Easy Level) Hack The Box Writeup/Walkthrough by…https://medium.com/@prarabdhsrivastava1403/attacking-common-services-skill-assessment-easy-level-hack-the-box-writeup-walkthrough-by-40cb4ae57d70?source=rss------bug_bounty-5Prarabdh Srivastavainfosec, hackthebox, ctf-walkthrough, penetration-testing, bug-bounty14-Apr-2025
Udemy Promo OFFERhttps://medium.com/@deepdive4learn/udemy-promo-offer-bbf015f60c6a?source=rss------bug_bounty-5DeepDive4learnpenetration-testing, cisco-certifications, promo-code, cybersecurity, bug-bounty14-Apr-2025
Stored XSS — Escalated from High to Criticalhttps://medium.com/@YourFinalSin/stored-xss-escalated-from-high-to-critical-079b5ab44444?source=rss------bug_bounty-53NVZxss-attack, bug-bounty-tips, bug-bounty, xss-vulnerability, bug-bounty-writeup13-Apr-2025
SQL injection UNION attack, finding a column containing texthttps://arayofhope7.medium.com/sql-injection-union-attack-finding-a-column-containing-text-8bb9f92b6430?source=rss------bug_bounty-5RayofHopeweb-penetration-testing, penetration-testing, ethical-hacking, cybersecurity, bug-bounty13-Apr-2025
Spynote, BadBazaar & Moonshine: The Malware Mafia That’s Eyeing Your Phonehttps://medium.com/@thecyberghost/spynote-badbazaar-moonshine-the-malware-mafia-thats-eyeing-your-phone-6b98eafb1af7?source=rss------bug_bounty-5The Cyber Ghostmalware, bug-bounty, bug-bounty-writeup, virus, cyber-security-awareness13-Apr-2025
One Random Recon, One Real Bounty: The Paytm Storyhttps://ghostman01.medium.com/ghost-paytm-xss-bounty-4f5efe6a643b?source=rss------bug_bounty-5SIDDHANT SHUKLAbug-bounty, cybersecurity, programming, hacking, vulnerability13-Apr-2025
Advanced Windows Event Log Hunting for Threat Detectionhttps://medium.com/@paritoshblogs/advanced-windows-event-log-hunting-for-threat-detection-5ae8f259d5e2?source=rss------bug_bounty-5Paritoshhacking, bug-bounty, windows, cybersecurity, threat-intelligence13-Apr-2025
How I Found a Bug in a Government Website (And Got Recognized for It) ️)https://infosecwriteups.com/how-i-found-a-bug-in-a-government-website-and-got-recognized-for-it-%EF%B8%8F-2f057a99f458?source=rss------bug_bounty-5Abhijeet Kumawathacking, bug-bounty, cybersecurity, infosec, secrets13-Apr-2025
Tricky waf bypass for reflected XSS write uphttps://medium.com/@sonahri501/not-so-cool-reflectd-xss-write-up-88da44cdc8c4?source=rss------bug_bounty-5Sonahriwaf-bypass, bug-bounty, cross-site-scripting13-Apr-2025
⚡️Oops, They Logged It! Turning LFI into Remote Shell Like a Pro ⚔️https://medium.com/@iski/%EF%B8%8Foops-they-logged-it-turning-lfi-into-remote-shell-like-a-pro-%EF%B8%8F-272e81c5315f?source=rss------bug_bounty-5Iskimoney, bug-bounty-tips, hacking, bug-bounty, cybersecurity13-Apr-2025
BURPSUITE EXTENSIONS FOR SECURITY ASSESSMENTS: ENHANCED WEB APPLICATION TESTING ️https://medium.com/@0b1d1/burpsuite-extensions-for-security-assessments-enhanced-web-application-testing-%EF%B8%8F-922d2002bf0d?source=rss------bug_bounty-50b1d1burp-suite-pro, pentesting, bug-bounty-tips, bug-bounty, pentesting-lab13-Apr-2025
Hackers Love These Info Disclosure Bugs | CVE, APIs, Buckets, 404s & More!https://medium.com/@spector-sec/hackers-love-these-info-disclosure-bugs-cve-apis-buckets-404s-more-a8b2f7103bb0?source=rss------bug_bounty-5spector-seccybersecurity, hacking, informatonal-disclosure, bug-bounty13-Apr-2025
One Random Recon, One Real Bounty: The Paytm Storyhttps://infosecwriteups.com/ghost-paytm-xss-bounty-4f5efe6a643b?source=rss------bug_bounty-5SIDDHANT SHUKLAbug-bounty, cybersecurity, programming, hacking, vulnerability13-Apr-2025
How Burp Suite AI Makes Vulnerability Testing Easy and Fasthttps://infosecwriteups.com/how-burp-suite-ai-makes-vulnerability-testing-easy-and-fast-03b6ca0ca6e5?source=rss------bug_bounty-5Monika sharmatechnology, bug-bounty, ai, burpsuite, penetration-testing13-Apr-2025
JavaScript All Important Browser Functionshttps://medium.com/@zoningxtr/javascript-all-important-browser-functions-f40423714ebb?source=rss------bug_bounty-5Zoningxtrpenetration-testing, javascript, web-development, cybersecurity, bug-bounty13-Apr-2025
Bypass no rate limit & get Application-Level DDoS Vulnerabilityhttps://frostyxsec.medium.com/bypass-no-rate-limit-get-application-level-ddos-vulnerability-bb4bae99f3a4?source=rss------bug_bounty-5Frostyxsecbug-bounty, bug-hunting, bug-bounty-tips, cybersecurity, bug-bounty-writeup13-Apr-2025
Bypass File Attachment Restrictions in Google Groups via Email Posting | Bug Bountyhttps://ph-hitachi.medium.com/bypass-file-attachment-restrictions-in-google-groups-via-email-posting-bug-bounty-5d96fe39e46d?source=rss------bug_bounty-5Ph.Hitachibug-bounty, permissionsbypass, google-vrp, google-groups, broken-access-control13-Apr-2025
1-CLick OAuth Token Hijacking via Google Apps Script – A Design Flaw Ignored? | Bug Bountyhttps://ph-hitachi.medium.com/1-click-oauth-token-hijacking-via-google-apps-script-a-design-flaw-ignored-bug-bounty-02c6997254ff?source=rss------bug_bounty-5Ph.Hitachihackerone, bug-bounty, google-vrp, google, google-app-script13-Apr-2025
$10,000 worth GitHub Access Tokens | Secret Search Operatorshttps://infosecwriteups.com/10-000-worth-github-access-tokens-secret-search-operators-c67b09062a38?source=rss------bug_bounty-5It4chis3chidden, github, bug-bounty, secrets, access-token13-Apr-2025
From Threats to Allies: Empower Moroccan Cyber Talenthttps://medium.com/@ryadserkouh/from-threats-to-allies-empower-moroccan-cyber-talent-49d0dd07d06a?source=rss------bug_bounty-5Ryad Serkouhbug-bounty, cybersecurity, morocco13-Apr-2025
How to Perform Triage on a Compromised Windows Machinehttps://medium.com/@paritoshblogs/how-to-perform-triage-on-a-compromised-windows-machine-a358edfefd4b?source=rss------bug_bounty-5Paritoshcybersecurity, triage, hacking, windows, bug-bounty13-Apr-2025
Bypass rate limit & get Application-Level DDoS Vulnerabilityhttps://frostyxsec.medium.com/bypass-no-rate-limit-get-application-level-ddos-vulnerability-bb4bae99f3a4?source=rss------bug_bounty-5Frostyxsecbug-bounty, bug-hunting, bug-bounty-tips, cybersecurity, bug-bounty-writeup13-Apr-2025
Effective tool for bug huntershttps://medium.com/@loyalonlytoday/effective-tool-for-bug-hunters-7544a430617d?source=rss------bug_bounty-5loyalonlytodayprogramming, bug-bounty, cybersecurity, hacking, bug-bounty-tips12-Apr-2025
A tool that will find secrets, endpoints, and API keys from a list of URLs(Bug Bounty Hunting)https://medium.com/@loyalonlytoday/a-tool-that-will-find-secrets-endpoints-and-api-keys-from-a-list-of-urls-bug-bounty-hunting-ccaec4babfe1?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, ethical-hacking, bug-bounty, osint, cybersecurity12-Apr-2025
This Was My First Account Takeover Without Any Tool: A Remarkable Experiencehttps://medium.com/@dineshnarasimhan27/this-was-my-first-account-takeover-without-any-tool-a-remarkable-experience-1a224d8efb73?source=rss------bug_bounty-5Dinesh Narasimhancybersecuirty, webapplicationpentest, account-take-over, penetration-testing, bug-bounty12-Apr-2025
Subdomain takeoverhttps://medium.com/@parthchheda777/subdomain-takeover-6642736285fc?source=rss------bug_bounty-5Parthchhedainfosec, pentesting, subdomain-takeover, cybersecurity, bug-bounty12-Apr-2025
SQL injection UNION attack, determining the number of columns returned by the queryhttps://arayofhope7.medium.com/sql-injection-union-attack-determining-the-number-of-columns-returned-by-the-query-01321d3953cb?source=rss------bug_bounty-5RayofHopeethical-hacking, penetration-testing, web-penetration-testing, cybersecurity, bug-bounty12-Apr-2025
Static vs Dynamic Analysis: A Web3 Security Perspectivehttps://securrtech.medium.com/static-vs-dynamic-analysis-a-web3-security-perspective-e0c11bbdde99?source=rss------bug_bounty-5Securr - Web3 Securitybug-bounty, web3-security, blockchain-security, smart-contract-security, smart-contract-auditing12-Apr-2025
Exposing a Critical Data Leak: My Experience in NASA’s Vulnerability Disclosure Programhttps://medium.com/@sivasankardas/exposing-a-critical-data-leak-my-experience-in-nasas-vulnerability-disclosure-program-7ab0ced1ba86?source=rss------bug_bounty-5Sivasankardasvulnerability-disclosure, bug-bounty, critical-vulnerabilities, nasa-vdp, data-security12-Apr-2025
How I Got Access to Other Person’s Chat History and Chat Environment!https://hiddendom.medium.com/how-i-got-access-to-other-persons-chat-history-and-chat-environment-f333cc29f3df?source=rss------bug_bounty-5Gokuleswaran Bpenetration-testing, vapt, bug-bounty-writeup, bug-bounty, bug-bounty-tips12-Apr-2025
️‍♂️ Bug Bounty Secrets They Don’t Tell You: Tricks From 100+ Reported Bugshttps://infosecwriteups.com/%EF%B8%8F-%EF%B8%8F-bug-bounty-secrets-they-dont-tell-you-tricks-from-100-reported-bugs-603e4a6bb84f?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, ai, hacking, cybersecurity, secrets12-Apr-2025
️ Mastering Nmap: From Recon to Automation in Enterprise Securityhttps://medium.com/@zoningxtr/%EF%B8%8F-mastering-nmap-from-recon-to-automation-in-enterprise-security-69f6e3a81096?source=rss------bug_bounty-5Zoningxtrlinux, penetration-testing, nmap, bug-bounty, cybersecurity12-Apr-2025
Why I’m Blogging My Cybersecurity Journey (And Why You Should Too)https://medium.com/@shewagbhai1333/why-im-blogging-my-cybersecurity-journey-and-why-you-should-too-cacfee96f931?source=rss------bug_bounty-5Shewagbhaipentesting, bug-bounty, web, blogging, community12-Apr-2025
Facebook allows malicious script execution in post,comments and direct messages( rejected bug…https://medium.com/@krivadna/facebook-allows-malicious-script-execution-in-post-comments-and-direct-messages-rejected-bug-807ad30e1401?source=rss------bug_bounty-5Krivadnainfo-sec-writeups, infosec-write-ups, bugbounty-writeup, bug-bounty, cybersecurity12-Apr-2025
I Built a Portfolio Website That’s (Almost) Unhackable — Here’s Howhttps://medium.com/@afnaan2180/i-built-a-portfolio-website-thats-almost-unhackable-here-is-how-33351d7d56f7?source=rss------bug_bounty-5Mohammed Afnaan Ahmedinfosec, bug-bounty, cybersecurity, ethical-hacking, web-development12-Apr-2025
Secrets in JavaScript : Finding API Keys and Endpoints Like a Bug Bounty Hunterhttps://medium.com/@vipulsonule71/secrets-in-javascript-finding-api-keys-and-endpoints-like-a-bug-bounty-hunter-613c66412baa?source=rss------bug_bounty-5Vipul Sonulecybersecurity, ethical-hacking, hacking, penetration-testing, bug-bounty12-Apr-2025
️ Detecting Ransomware Pre-Execution with Windows Logs & Sysmonhttps://medium.com/@paritoshblogs/%EF%B8%8F-detecting-ransomware-pre-execution-with-windows-logs-sysmon-2e34dac2ee97?source=rss------bug_bounty-5Paritoshransomware, bug-bounty, windows, hacking, cybersecurity12-Apr-2025
Exposing a Critical Data Leak: My Experience in NASA’s Vulnerability Disclosure Programhttps://medium.com/@sivasankardas/exposing-a-critical-data-leak-my-experience-in-nasas-vulnerability-disclosure-program-7ab0ced1ba86?source=rss------bug_bounty-5Sivasankar Dasvulnerability-disclosure, bug-bounty, critical-vulnerabilities, nasa-vdp, data-security12-Apr-2025
Recon Zen: Hacking With Nothing But Vibes and DevToolshttps://myselfakash20.medium.com/recon-zen-hacking-with-nothing-but-vibes-and-devtools-d809ee497d69?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, hacking, technology, cybersecurity, bug-bounty12-Apr-2025
Understanding DOM-based XSShttps://medium.com/@evyeveline1/understanding-dom-based-xss-70ea74401e7b?source=rss------bug_bounty-5Evyevelineweb-hacking, red-team, dom-based-xss, xss-vulnerability, bug-bounty12-Apr-2025
Found 3 IDOR Vulnerabilities in the Same Target!https://medium.com/@mahmoudelsadey56/found-3-idor-vulnerabilities-in-the-same-target-bc79c1c33376?source=rss------bug_bounty-5Mahmoud elsadeyweb-penetration-testing, bug-bounty-writeup, bug-bounty, penetration-testing12-Apr-2025
LDAP — Ports 389, 636, 3268, 3269 — How to exploit?https://medium.com/@verylazytech/ldap-ports-389-636-3268-3269-how-to-exploit-48af0aaac0ae?source=rss------bug_bounty-5Very Lazy Techldap, penetration-testing, bug-bounty, ethical-hacking, hacking12-Apr-2025
How I Found a Reflected XSS Bug in 45 Minutes Using ChatGPT — and Earned $800https://theindiannetwork.medium.com/how-i-found-a-reflected-xss-bug-in-45-minutes-using-chatgpt-and-earned-800-bc700c4baea8?source=rss------bug_bounty-5TheIndianNetworkchatgpt, bug-bounty-tips, bug-bounty-writeup, bug-bounty, xss-attack11-Apr-2025
A few online tools to find subdomains easily(bug bounty hunting)https://medium.com/@loyalonlytoday/a-few-online-tools-to-find-subdomains-easily-bug-bounty-hunting-64b15b2c2dcf?source=rss------bug_bounty-5loyalonlytodaysubdomains-enumeration, hacking, tips, cybersecurity, bug-bounty11-Apr-2025
How I Earned $1,000 by Exploiting a Hidden Subdomain and Chaining a CORS Misconfiguration with IDORhttps://theindiannetwork.medium.com/how-i-earned-1-000-by-exploiting-a-hidden-subdomain-and-chaining-a-cors-misconfiguration-with-idor-1dc83adf927c?source=rss------bug_bounty-5TheIndianNetworkbug-bounty, idor, subdomain, bug-bounty-writeup, bug-bounty-tips11-Apr-2025
OTP BYPASS METHODOLOGIEShttps://infosecwriteups.com/otp-bypass-methodologies-3ed951d1eb12?source=rss------bug_bounty-5Canonminibeasthacking, bug-bounty, bug-bounty-writeup, bug-bounty-tips, otp-verification11-Apr-2025
How I Pick a Good Bug Bounty Program and Earn $$$https://medium.com/@YourFinalSin/how-i-pick-a-good-bug-bounty-program-and-earn-dc7610bff549?source=rss------bug_bounty-53NVZbug-bounty, bug-bounty-tips, hackerone, bugcrowd, bug-bounty-writeup11-Apr-2025
SQL injection attack, listing the database contents on Oracle — Portswiggerhttps://arayofhope7.medium.com/sql-injection-attack-listing-the-database-contents-on-oracle-portswigger-501f25bda8fd?source=rss------bug_bounty-5RayofHopebug-bounty, ethical-hacking, penetration-testing, web-penetration-testing, cyber-security-training11-Apr-2025
I Made $5,382 in 30 Days Hunting Bugshttps://infosecwriteups.com/i-made-5-382-in-30-days-hunting-bugs-ba770a5d895a?source=rss------bug_bounty-5Ibtissam Hammaditechnology, hacking, bug-bounty, cybersecurity, make-money-online11-Apr-2025
How I Bypassed YouTube Video Ads Using API Manipulation — My Google VRP Discovery (Video PoC…https://muneebalamkhan.medium.com/how-i-bypassed-youtube-video-ads-using-api-manipulation-my-google-vrp-discovery-video-poc-9eaf91f23596?source=rss------bug_bounty-5Muneeb Alam Khanyoutube-hacks-and-tricks, cybersecurity, bug-bounty, google-hacking, api-security-testing11-Apr-2025
Oops. Team Closed it as NAhttps://infosecwriteups.com/oops-team-closed-it-as-na-547d6b20a5d7?source=rss------bug_bounty-5callgh0stgaza, mindset, bug-bounty, genocide, hacking11-Apr-2025
(Ⅱ)【Report Review】2024 OWASP Mobile Top 10 Riskshttps://medium.com/@security.tecno/%E2%85%B1-report-review-2024-owasp-mobile-top-10-risks-216b6cf6b2e3?source=rss------bug_bounty-5TECNO Securityapplication, hacking, bug-bounty, security, owasp11-Apr-2025
SSRF para RCE: Como transformei um pequeno inseto em um grande saláriohttps://medium.com/@miltonslutonadio/ssrf-para-rce-como-transformei-um-pequeno-inseto-em-um-grande-sal%C3%A1rio-e33c53bdb712?source=rss------bug_bounty-5Milton Lutonadiocybersecurity, bounty-program, red-team, bug-bounty, web-applications11-Apr-2025
I Used Shodan to Find Unprotected WordPress Sites — It Was Too Easyhttps://medium.com/@nathans_web/i-used-shodan-to-find-unprotected-wordpress-sites-it-was-too-easy-94dfb9308570?source=rss------bug_bounty-5Gandolfinfosec, shodan, bug-bounty, cybersecurity, hacking11-Apr-2025
5 Web Vulnerabilities That Paid Me the Most (And How to Find Them!)https://infosecwriteups.com/5-web-vulnerabilities-that-paid-me-the-most-and-how-to-find-them-42f3f922740d?source=rss------bug_bounty-5Abhijeet Kumawathacking, vulnerability, cybersecurity, ai, bug-bounty11-Apr-2025
Using Blind XSS to steal session cookies and log in as a different userhttps://medium.com/@evyeveline1/using-blind-xss-to-steal-session-cookies-and-log-in-as-a-different-user-937cce53d829?source=rss------bug_bounty-5Evyevelinexss-vulnerability, bug-bounty, web-hacking, xss-attack, ethical-hacking11-Apr-2025
Security Lessons from TVM’s RPC Designhttps://medium.com/@kerkroups/security-lessons-from-tvms-rpc-design-3cfc4b5c8e82?source=rss------bug_bounty-5Kerkroupsapplication-security, bug-bounty, cybersecurity11-Apr-2025
Bearer Tokens, Broken Trust, and GitHub Classroom’s Flawed Designhttps://vanshal.medium.com/bearer-tokens-broken-trust-and-github-classrooms-flawed-design-8d616adb7ee5?source=rss------bug_bounty-5Vanshal Gaurbug-bounty, cybersecurity, github, education-technology, information-security11-Apr-2025
⏰ Mastering Cron: Automate Like a Pro in Linux and Enterprise IThttps://medium.com/@zoningxtr/mastering-cron-automate-like-a-pro-in-linux-and-enterprise-it-6a5f5694a749?source=rss------bug_bounty-5Zoningxtrautomation, linux, penetration-testing, cybersecurity, bug-bounty11-Apr-2025
A Hacker’s Instinct: The Power You Unlock When You Stop Looking and Start Seeinghttps://myselfakash20.medium.com/a-hackers-instinct-the-power-you-unlock-when-you-stop-looking-and-start-seeing-2715865e13f7?source=rss------bug_bounty-5Akash Ghoshcybersecurity, bug-bounty-tips, infosec, technology, bug-bounty11-Apr-2025
Mastering Google Dorking for Bug Bounty Hunters: Secrets the Pros Use!https://cybersecuritywriteups.com/mastering-google-dorking-for-bug-bounty-hunters-secrets-the-pros-use-5798df19f343?source=rss------bug_bounty-5Krish_cyberosint, cybersecurity, bug-bounty, hacking, google-dorking11-Apr-2025
Unlocking Hidden Paths: Web Fuzzing with FFUFhttps://medium.com/@regan_temudo/unlocking-hidden-paths-web-fuzzing-with-ffuf-9f81381bd9e3?source=rss------bug_bounty-5Regan Temudoctf, cybersecurity, penetration-testing, ethical-hacking, bug-bounty11-Apr-2025
hiii bug bounty huntershttps://krishna-cyber.medium.com/hiii-bug-bounty-hunters-65dec8625cd4?source=rss------bug_bounty-5Krish_cybercybersecurity, artificial-intelligence, coding, software-development, bug-bounty11-Apr-2025
Tittle:https://medium.com/@muhammedelkesht404/tittle-a9218e507b1a?source=rss------bug_bounty-50xAdambug-bounty, bug-bounty-tips, bugs11-Apr-2025
IPsec/IKE VPN — Port 500/UDP — How to exploit?https://medium.com/@verylazytech/ipsec-ike-vpn-port-500-udp-how-to-exploit-dd240223757d?source=rss------bug_bounty-5Very Lazy Techhacking, ethical-hacking, bug-bounty, penetration-testing, ipsec11-Apr-2025
Custom Headers: The Sneaky Trick Every Hacker Should Knowhttps://medium.com/@RoBoHackermann/custom-headers-the-sneaky-trick-every-hacker-should-know-a685246cc3d0?source=rss------bug_bounty-5Rohit Suresh Boratecybersecurity, penetration-testing, vapt, bug-bounty, web-penetration-testing11-Apr-2025
Mastering Reflected XSS with Nuclei: From Zero to $1,500 Bounty!https://krishna-cyber.medium.com/mastering-reflected-xss-with-nuclei-from-zero-to-1-500-bounty-eb5115a1aaf0?source=rss------bug_bounty-5Krish_cyberosint, cybersecurity, bug-bounty, xss-attack, ethical-hacking11-Apr-2025
️ From Curious Clicks to Cyber Pro: How to Start a Career in Ethical Hacking & Cybersecurityhttps://osintteam.blog/hiii-bug-bounty-hunters-65dec8625cd4?source=rss------bug_bounty-5Krish_cybercybersecurity, artificial-intelligence, coding, software-development, bug-bounty11-Apr-2025
A must-use tool for subdomain enumeration.https://medium.com/@loyalonlytoday/a-must-use-tool-for-subdomain-enumeration-12d49bf1a02f?source=rss------bug_bounty-5loyalonlytodaycybersecurity, bug-bounty, ethical-hacking, tips, bug-bounty-tips10-Apr-2025
How I Found a WordPress Database Setup via Shodan (HackerOne)https://enterlectury.medium.com/how-i-found-a-wordpress-database-setup-via-shodan-hackerone-a5de583e2fb4?source=rss------bug_bounty-5Enterlecturycybersecurity, bug-bounty-tips, web-security, bug-bounty-writeup, bug-bounty10-Apr-2025
Cryptography great cheat-sheet for CTF’shttps://medium.com/@anandrishav2228/cryptography-great-cheat-sheet-for-ctfs-d2ada754b319?source=rss------bug_bounty-5Rishav anandbug-bounty, crypto, cybersecurity, ctf, hacking10-Apr-2025
Stop XSS in React Before Hackers Winhttps://rendiero.medium.com/stop-xss-in-react-before-hackers-win-8c2908492c01?source=rss------bug_bounty-5Rendierovulnerability, bug-bounty, hacking, react, xss-attack10-Apr-2025
Critical XXE Vulnerability Found in an Indian Government Websitehttps://medium.com/@dharineeshj2/critical-xxe-vulnerability-found-in-an-indian-government-website-0ae7ffae8fd9?source=rss------bug_bounty-5Hack-Batpentesting, red-team, bug-bounty, cybersecurity, hacking10-Apr-2025
SQL injection attack, listing the database contents on non-Oracle databases — Portswigghttps://arayofhope7.medium.com/sql-injection-attack-listing-the-database-contents-on-non-oracle-databases-portswigg-42fae517cc6e?source=rss------bug_bounty-5RayofHopebug-bounty, penetration-testing, web-penetration-testing, cyber-security-training, ethical-hacking10-Apr-2025
CloudFlare Rate Limit Bypass — OTP Bruteforce using probabilistics leads to ATOhttps://medium.com/@ph4nt0mbyt3/cloudflare-rate-limit-bypass-otp-bruteforce-using-probabilistics-leads-to-ato-511c9f3475cd?source=rss------bug_bounty-5ph4nt0mbyt3bugbounty-writeup, information-security, pentest, bug-bounty10-Apr-2025
The $1,000 Bug: How I Discovered a Critical Security Flaw (Step-by-Step Guide)https://infosecwriteups.com/the-1-000-bug-how-i-discovered-a-critical-security-flaw-step-by-step-guide-89808934e622?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, hacking, bounty-program, bug-bounty, ai10-Apr-2025
From self XSS to RCE in Ruby on railshttps://handball10.medium.com/from-self-xss-to-rce-in-ruby-on-rails-1f9f2d33c1cb?source=rss------bug_bounty-5handball10bug-bounty, remote-code-execution, ruby-on-rails, xss-attack10-Apr-2025
️‍♂️ Identifying C2 Channels: From DNS Tunnelling to HTTPS Beaconshttps://medium.com/@paritoshblogs/%EF%B8%8F-%EF%B8%8F-identifying-c2-channels-from-dns-tunnelling-to-https-beacons-6563c3d2ed5b?source=rss------bug_bounty-5Paritoshcommand-and-control, hacking, cybersecurity, bug-bounty, dns10-Apr-2025
Clickjacking Attackhttps://medium.com/@Maleesha.Rathnayaka/clickjacking-attack-b771b0771499?source=rss------bug_bounty-5Maleesha Rathnayakaweb-security, infosec, clickjacking, bug-bounty, cybersecurity10-Apr-2025
The Financial Fiasco of JavaScript Paywallshttps://medium.com/@cybercitizen.tech/the-financial-fiasco-of-javascript-paywalls-7de0b406dd8f?source=rss------bug_bounty-5CyberCitizenpaywall, bug-bounty, web-development, javascript, cybersecurity10-Apr-2025
(Ⅰ)【Report Review】2024 OWASP Mobile Top 10 Riskshttps://medium.com/@security.tecno/%E2%85%B0-report-review-2024-owasp-mobile-top-10-risks-0a3df63284bc?source=rss------bug_bounty-5TECNO Securityowasp, hacking, security, bug-bounty10-Apr-2025
Bug Bounty Recon Starter Pack: Tools, Coffee, Existential Crisishttps://myselfakash20.medium.com/bug-bounty-recon-starter-pack-tools-coffee-existential-crisis-8ca172820ede?source=rss------bug_bounty-5Akash Ghoshhacking, cybersecurity, technology, bug-bounty, bug-bounty-tips10-Apr-2025
From Markup to Database: A Comprehensive, Line-by-Line Walkthrough of HTML, JS & PHP with SQLhttps://medium.com/@zoningxtr/from-markup-to-database-a-comprehensive-line-by-line-walkthrough-of-html-js-php-with-sql-d8ba5c00b720?source=rss------bug_bounty-5Zoningxtrpenetration-testing, bug-bounty, cybersecurity, javascript, html10-Apr-2025
Top 10 Underrated Tools in a Pentester’s Arsenal (2025 Edition)https://medium.com/@gasmask/top-10-underrated-tools-in-a-pentesters-arsenal-2025-edition-568568e5418f?source=rss------bug_bounty-5gasmaskcybersecurity, penetration-testing, bug-bounty, web-application-security, beginner10-Apr-2025
A tool that will find secrets, endpoints, and API keys from a list of URLs(Bug Bounty Hunting)https://medium.com/@loyalonlytoday/a-tool-that-will-find-secrets-endpoints-and-api-keys-from-a-list-of-urls-bug-bounty-hunting-6b57fbbbf374?source=rss------bug_bounty-5loyalonlytodaycybersecurity, bug-bounty, bug-bounty-tips, ethical-hacking, tips10-Apr-2025
Rexec — Port 512 — How to exploit?https://medium.com/@verylazytech/rexec-port-512-how-to-exploit-138f9eb2d59f?source=rss------bug_bounty-5Very Lazy Techpenetration-testing, hacking, ethical-hacking, port-512, bug-bounty10-Apr-2025
How My Life Went from SSRF to LFI (and Why That’s Not a Metaphor)https://infosecwriteups.com/how-my-life-went-from-ssrf-to-lfi-and-why-thats-not-a-metaphor-a2d97297e10b?source=rss------bug_bounty-5Iskicybersecurity, bug-bounty, infosec, hacking, money10-Apr-2025
Turning 403 into 200: Bypassing Filters with Base64 to Trigger XSShttps://medium.com/@EL_cazad0r/turning-403-into-200-bypassing-filters-with-base64-to-trigger-xss-adbf5f817d85?source=rss------bug_bounty-5EL_Cazad0rbug-bounty-tips, bug-bounty, bug-bounty-writeup, ethical-hacking10-Apr-2025
Modbus — Port 502 — How to exploit?https://medium.com/@verylazytech/modbus-port-502-how-to-exploit-96b7923741ce?source=rss------bug_bounty-5Very Lazy Techport-502, modbus, bug-bounty, penetration-testing, hacking10-Apr-2025
$500-$10k worth Path Traversal | Advanced Methodologyhttps://infosecwriteups.com/500-10k-worth-path-traversal-advanced-methodology-dd80c18c5539?source=rss------bug_bounty-5It4chis3cbug-bounty, secrets, hacking, path-traversal, file-reading10-Apr-2025
The OWASP Methodology for Web Application Penetration Testinghttps://cyberw1ng.medium.com/the-owasp-methodology-for-web-application-penetration-testing-de23c07ed4bf?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, bug-bounty, owasp, cybersecurity10-Apr-2025
The OWASP Methodology for Web Application Penetration Testinghttps://osintteam.blog/the-owasp-methodology-for-web-application-penetration-testing-de23c07ed4bf?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, bug-bounty, owasp, cybersecurity10-Apr-2025
Bug Bounty Journey — Valid Report Part 5https://medium.com/@0xF3r4t/bug-bounty-journey-valid-report-part-5-7c203bbff96b?source=rss------bug_bounty-50xF3r4tmisconfiguration, bug-bounty, email-verification-bypass, aws-cognito, vdp09-Apr-2025
Account Manipulation Lead to Anonymous Account existencehttps://medium.com/@ziademad1923/account-manipulation-lead-to-anonymous-account-existence-211c1ff390a6?source=rss------bug_bounty-5Ziademadbug-bounty, account-take-over, bug-bounty-writeup09-Apr-2025
SQL injection attack, querying the database type and version on MySQL and Microsofthttps://arayofhope7.medium.com/sql-injection-attack-querying-the-database-type-and-version-on-mysql-and-microsoft-85081e7eef71?source=rss------bug_bounty-5RayofHopebug-bounty, penetration-testing, web-penetration-testing, cyber-security-awareness, ethical-hacking09-Apr-2025
OWASP Top 10 Manual Testinghttps://medium.com/@shamzen96/owasp-top-10-manual-testing-caf675448569?source=rss------bug_bounty-5Shivam Rajtesting, cybersecurity, hacking, bug-bounty, owasp-top-1009-Apr-2025
This is how i use browser to fetch JS endpoints for good paying bugshttps://infosecwriteups.com/this-is-how-i-use-browser-to-fetch-js-endpoints-for-good-paying-bugs-6bd91563f7bf?source=rss------bug_bounty-5Canonminibeasthacking-tools, bug-bounty-tips, cybersecurity, bug-bounty-writeup, bug-bounty09-Apr-2025
Google Patches Two Actively Exploited Android Vulnerabilities — Here’s What You Need to Knowhttps://medium.com/@Cyber-AppSec/google-patches-two-actively-exploited-android-vulnerabilities-heres-what-you-need-to-know-7350b60e5803?source=rss------bug_bounty-5Cyber-AppSecbug-bounty, cybersecurity, cybercrime, cybersecurity-awareness, information-security09-Apr-2025
I Bypassed 2FA Using an Old Secret Key — Here’s How I Earned $500https://medium.com/@whitehat29/i-bypassed-2fa-using-an-old-secret-key-heres-how-i-earned-500-cd92c9158f1a?source=rss------bug_bounty-5Whitehatbug-bounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips, hacking09-Apr-2025
️‍♂️ How Hackers Use Subdomain Takeover for Full Domain Controlhttps://medium.com/@vipulsonule71/%EF%B8%8F-%EF%B8%8F-how-hackers-use-subdomain-takeover-for-full-domain-control-c620b100c928?source=rss------bug_bounty-5Vipul Sonulecybersecurity, writing, hacking, bug-bounty, bug-bounty-tips09-Apr-2025
⏳ The 3-Minute Bug: How I Found a Critical Vulnerability Without a Single Toolhttps://infosecwriteups.com/the-3-minute-bug-how-i-found-a-critical-vulnerability-without-a-single-tool-750a7b2913e8?source=rss------bug_bounty-5Abhijeet Kumawatai, bug-bounty, infosec, cybersecurity, hacking09-Apr-2025
Token Tampering leads to change the user detailshttps://levi4.medium.com/token-tampering-leads-to-change-the-user-details-7bf8b5754bde?source=rss------bug_bounty-5Levi Ackermanbug-bounty, cybersecurity, networking, vulnerability, ethical-hacking09-Apr-2025
️‍♂️ Hacker’s Recon Guide: How to Fingerprint Any Website Like a Prohttps://medium.com/@vipulsonule71/%EF%B8%8F-%EF%B8%8F-hackers-recon-guide-how-to-fingerprint-any-website-like-a-pro-9166f23dd4eb?source=rss------bug_bounty-5Vipul Sonulebug-bounty, bug-bounty-tips, hacking, cybersecurity, penetration-testing09-Apr-2025
A useful tool for bug huntershttps://medium.com/@loyalonlytoday/a-useful-tool-for-bug-hunters-6d22ba356f08?source=rss------bug_bounty-5loyalonlytodayethical-hacking, tips, bug-bounty, tools, cybersecurity09-Apr-2025
5 Quick Wins: Exploit These Vulnerabilities for Huge Bug Bounty Paydayshttps://smartscanner.medium.com/5-quick-wins-exploit-these-vulnerabilities-for-huge-bug-bounty-paydays-90ad106bbe10?source=rss------bug_bounty-5SmartScannercyber-secutity, bounty-program, bounty-hunter, bug-bounty-tips, bug-bounty09-Apr-2025
How a ₹1 Gift Card Hack Cost ₹50 Lakh (PVRCinemas): Why Bug Bounty Programs Are a Business…https://osintteam.blog/how-a-1-gift-card-cost-50-lakh-pvrcinemas-why-bug-bounty-programs-are-a-business-essential-c57d50f8a95b?source=rss------bug_bounty-5Vivek PSethical-hacking, bug-bounty, programming, artificial-intelligence, cybersecurity09-Apr-2025
Chasing Bounties: Sometimes You Find Them, Sometimes They Find Youhttps://medium.com/@Ellatora/chasing-bounties-sometimes-you-find-them-sometimes-they-find-you-2db172282dfc?source=rss------bug_bounty-5Ellatoraosint, bug-bounty, friendship, cybersecurity, cyberjourney09-Apr-2025
From Broken Code to SQL Showdown: How I Found Critical Blind Injectionhttps://infosecwriteups.com/from-broken-code-to-sql-showdown-how-i-found-critical-blind-injection-9ae06e5e7010?source=rss------bug_bounty-5Iskihacking, bug-bounty-tips, money, bug-bounty, cybersecurity09-Apr-2025
Privilege escalation worth — $$$https://medium.com/@zildaxx/privilege-escalation-worth-e8cd18fc6cb7?source=rss------bug_bounty-5zildaxxbug-bounty, bug-bounty-tips09-Apr-2025
Stored HTML Injection — Email Invite Manipulationhttps://ehteshamulhaq198.medium.com/stored-html-injection-email-invite-manipulation-63022e21d5db?source=rss------bug_bounty-5Ehtesham Ul Haqinfosec, penetration-testing, bug-bounty, bug-bounty-writeup, html09-Apr-2025
The $1,000,000 Bug: How I Spent 3 Months on a Single Target and Found the Most Critical Chain of My…https://theindiannetwork.medium.com/the-1-000-000-bug-how-i-spent-3-months-on-a-single-target-and-found-the-most-critical-chain-of-my-5827cd7dc866?source=rss------bug_bounty-5TheIndianNetworkbug-bounty-tips, jwt-token, bug-bounty, bug-bounty-writeup, jwt09-Apr-2025
How I Bypassed 2FA Twice on the Same Targethttps://medium.com/@georgeughh/how-i-bypassed-2fa-twice-on-the-same-target-198c08954e82?source=rss------bug_bounty-5georgeughhbusiness-logic-bug, ethical-hacking, bug-bounty, cybersecurity09-Apr-2025
Cross-Site Scripting (XSS) Attack Identifying And Testinghttps://medium.com/@Maleesha.Rathnayaka/cross-site-scripting-xss-attack-identifying-and-testing-07dc5437e1c4?source=rss------bug_bounty-5Maleesha Rathnayakaxss-vulnerability, web-security, infosec, cybersecurity, bug-bounty09-Apr-2025
A Silent Account Takeover That Didn’t Make It — But Still Mattershttps://medium.com/@unionx24/a-silent-account-takeover-that-didnt-make-it-but-still-matters-5b189b5f1d2e?source=rss------bug_bounty-5unionx24bug-bounty, hackerone, cybersecurity, writeup09-Apr-2025
Uncommon Headers That Bypass Everything (Almost): Bug Bounty Edition — 2025https://medium.com/@gasmask/uncommon-headers-that-bypass-everything-almost-bug-bounty-edition-2025-9d2ea65b2076?source=rss------bug_bounty-5gasmaskweb-application-security, penetration-testing, cybersecurity, beginner, bug-bounty09-Apr-2025
Ingress-NGINX Under Siege: A Deep Dive into CVE-2025–1974 and Cluster Securityhttps://fr3ak-hacks.medium.com/ingress-nginx-under-siege-a-deep-dive-into-cve-2025-1974-and-cluster-security-a11744cb76d3?source=rss------bug_bounty-5Anindya Sankar Roynginx-ingress, web-hacking, wiz, bug-bounty, rce09-Apr-2025
Blind XSS: A Tale of Curiosityhttps://medium.com/@negan0/blind-xss-a-tale-of-curiosity-501d47c0256c?source=rss------bug_bounty-5negan0xs, api-sec, blind-xss, self-xss, bug-bounty09-Apr-2025
Critical Security Flaw Discovered in LSG IPL Team’s Website: Wallet Manipulation Vulnerabilityhttps://medium.com/@deepak7903800/critical-security-flaw-discovered-in-lsg-ipl-teams-website-wallet-manipulation-vulnerability-21c485c6e36f?source=rss------bug_bounty-5Deepak kumaripl, hacking, bug-bounty, information-security, cybersecurity09-Apr-2025
Finding Exposed Sensitive API Keys in JS Files — A Hacker’s Guide ️‍♂️https://medium.com/@vipulsonule71/finding-exposed-sensitive-api-keys-in-js-files-a-hackers-guide-%EF%B8%8F-%EF%B8%8F-50809fe2c52a?source=rss------bug_bounty-5Vipul Sonulebug-bounty-tips, hacking, bug-bounty, ethical-hacking, cybersecurity09-Apr-2025
Part 2: Advanced JS Extraction & Analysis Automation for Bug Bounty Reconhttps://cyberw1ng.medium.com/part-2-advanced-js-extraction-analysis-automation-for-bug-bounty-recon-5535e5e04463?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, cybersecurity, automation, bug-bounty, javascript09-Apr-2025
HTML for Deep Understandinghttps://medium.com/@zoningxtr/html-for-deep-understanding-da69c8204e55?source=rss------bug_bounty-5Zoningxtrjavascript, penetration-testing, web-development, html, bug-bounty09-Apr-2025
$100-$1000 Worth Subdomain Takeover | Easy Bounty Methodologyhttps://infosecwriteups.com/100-1000-worth-subdomain-takeover-easy-bounty-methodology-6daf9beacb31?source=rss------bug_bounty-5It4chis3csecrets, subdomain-takeover, reconnaissance, bug-bounty, hidden09-Apr-2025
Part 2: Advanced JS Extraction & Analysis Automation for Bug Bounty Reconhttps://osintteam.blog/part-2-advanced-js-extraction-analysis-automation-for-bug-bounty-recon-5535e5e04463?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, cybersecurity, automation, bug-bounty, javascript09-Apr-2025
HTTP Status Codes: Overlooked Clues in Bug Bountyhttps://medium.com/@cadeeper/http-status-codes-overlooked-clues-in-bug-bounty-f5b0efd556fc?source=rss------bug_bounty-5Invpentesting, cybersecurity, bug-bounty, vulnerability, web-security08-Apr-2025
SQL injection attack, querying the database type and version on Oracle — PortSwiggerhttps://arayofhope7.medium.com/sql-injection-attack-querying-the-database-type-and-version-on-oracle-portswigger-904487db7d3d?source=rss------bug_bounty-5RayofHopeweb-penetration-testing, vapt, bug-bounty, cyber-security-training, penetration-testing08-Apr-2025
A Beginner's Guide to Bug Bounties.https://medium.com/@richard_wachara/a-beginners-guide-to-bug-bounties-f710b10ae188?source=rss------bug_bounty-5RicOnTechhackathons, bugs, bug-bounty, ethical-hacking, hacking08-Apr-2025
Living off the Land Binaries (LOLBins): How Attackers Use Built-In Tools Against Youhttps://medium.com/@paritoshblogs/living-off-the-land-binaries-lolbins-how-attackers-use-built-in-tools-against-you-24c0cb91ba20?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, hacking, lolbin, cybersecurity08-Apr-2025
AI vs. Hackers: Can AI Help in Bug Bounty or Is It Just a Hype?https://infosecwriteups.com/ai-vs-hackers-can-ai-help-in-bug-bounty-or-is-it-just-a-hype-04ce56b454d6?source=rss------bug_bounty-5Abhijeet Kumawathacker, ai, cybersecurity, hacking, bug-bounty08-Apr-2025
How Hackers Find Social Accounts & Passwordshttps://medium.com/@vipulsonule71/how-hackers-find-social-accounts-passwords-1156e14e2faf?source=rss------bug_bounty-5Vipul Sonuletechnology, ethical-hacking, hacking, bug-bounty, cybersecurity08-Apr-2025
Helpful website to find bug bounty and VDP programshttps://medium.com/meetcyber/helpful-website-to-find-bug-bounty-and-vdp-programs-eef63aca3b04?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, cybersecurity, bug-bounty-program, bug-bounty, bug-bounty-hunter08-Apr-2025
From Recon to RCE: How AI and a cup of Boost Helped Me Turn SQLi into a Command Injection Jackpot…https://infosecwriteups.com/from-recon-to-rce-how-ai-and-a-cup-of-boost-helped-me-turn-sqli-into-a-command-injection-jackpot-1f62dc829956?source=rss------bug_bounty-5Iskicybersecurity, hacking, infosec, bug-bounty, bug-bounty-tips08-Apr-2025
Rlogin — Port 513 — How to exploit?https://medium.com/@verylazytech/rlogin-port-513-how-to-exploit-276acd0e30b6?source=rss------bug_bounty-5Very Lazy Techoscp, hacking, penetration-testing, bug-bounty, ethical-hacking08-Apr-2025
Unique MFA / Email Verification Bypass | Bug Bounty Methodologyhttps://progprnv.medium.com/unique-mfa-email-verification-bypass-bug-bounty-methodology-6f4c2d4c4c36?source=rss------bug_bounty-5progprnvbypass, methodology, cybersecurity, bug-bounty, bug-bounty-tips08-Apr-2025
No Program, No Permission — Still Got a Bounty for Doing the Right Thinghttps://medium.com/@Arioex/no-program-no-permission-still-got-a-bounty-for-doing-the-right-thing-eeb084c9bf88?source=rss------bug_bounty-5Huntsmanbug-bounty, cybersecurity, vulnerability, bug-bounty-tips, hacking08-Apr-2025
Hosting a Successful CTF event at Your College on a LAN or Using the Cloud.https://medium.com/@shashank_d_s/hosting-a-successful-ctf-event-at-your-college-on-a-lan-or-using-the-cloud-767da16c92af?source=rss------bug_bounty-5D4rkHxndcybersecurity, penetration-testing, bug-bounty, ctf, capture-the-flag08-Apr-2025
Top 5 Social Engineering Attacks and How Hackers Trick Humanshttps://medium.com/@vipulsonule71/top-5-social-engineering-attacks-and-how-hackers-trick-humans-ff8651f9e6a7?source=rss------bug_bounty-5Vipul Sonulehacking, ethical-hacking, bug-bounty, cybersecurity, ai08-Apr-2025
IDOR in Avatar Selection Allows Unauthorized Access to Premium Avatarshttps://mmnahian.medium.com/idor-in-avatar-selection-allows-unauthorized-access-to-premium-avatars-57ab276d2b6e?source=rss------bug_bounty-5mmnahianpenetration-testing, bug-bounty, web-app-security, infosec, bug-bounty-tips08-Apr-2025
Automate JavaScript (JS) Extraction for Bug Bounty Reconhttps://cyberw1ng.medium.com/automate-javascript-js-extraction-for-bug-bounty-recon-6faab744d22e?source=rss------bug_bounty-5Karthikeyan Nagarajosint, cybersecurity, bug-bounty, programming, careers08-Apr-2025
My First Valid Bug in Hacker One (VDP)Programs Using Google Dorkinghttps://medium.com/@es0557533/my-first-valid-bug-in-hacker-one-vdp-programs-using-google-dorking-913926fb8489?source=rss------bug_bounty-5Isvbug-zero, bugbounty-writeup, bug-bounty, google-dorking, bug-bounty-tips08-Apr-2025
This is how i use browser to fetch JS endpoints for good paying bugshttps://osintteam.blog/this-is-how-i-use-browser-to-fetch-js-endpoints-for-good-paying-bugs-3ca824e20aa5?source=rss------bug_bounty-5Canonminibeastbug-bounty-writeup, cybersecurity, bug-bounty, hacking-tools, bug-bounty-tips08-Apr-2025
Automate JavaScript (JS) Extraction for Bug Bounty Reconhttps://osintteam.blog/automate-javascript-js-extraction-for-bug-bounty-recon-6faab744d22e?source=rss------bug_bounty-5Karthikeyan Nagarajosint, cybersecurity, bug-bounty, programming, careers08-Apr-2025
CVE-2025–31420: wpForo <= 2.4.2 — Authenticated Privilege Escalationhttps://revan-ar.medium.com/cve-2025-31420-wpforo-2-4-2-authenticated-privilege-escalation-99b1aa7498b6?source=rss------bug_bounty-5Revan Abug-bounty, penetration-testing, wordpress-plugins, vulnerability, privilege-escalation07-Apr-2025
My Cyber Security Bug Bounty Side Hustle Paid Off My Mortgagehttps://medium.com/@swaroop.sy/my-cyber-security-bug-bounty-side-hustle-paid-off-my-mortgage-c7b31ad74219?source=rss------bug_bounty-5Swaroop Yermalkarpentesting, cybersecurity, bug-bounty, informaiton-security07-Apr-2025
BUG BOUNTY FRAUD : The Dark Side of Bug Bounty: From Rewards to Punishmenthttps://medium.com/@krivadna_87390/bug-bounty-fraud-the-dark-side-of-bug-bounty-from-rewards-to-punishment-a2b671ec64b6?source=rss------bug_bounty-5Krivadnacybersecurity, bug-bounty, info-sec-writeups, freelancing, bugbounty-writeup07-Apr-2025
Exploiting Unconventional Open Redirects by Manipulating URL Parsinghttps://medium.com/@itamar.yochpaz/exploiting-unconventional-open-redirects-by-manipulating-url-parsing-9e3eee575d31?source=rss------bug_bounty-5Itamar Yochpazhacking, ethical-hacking, bug-bounty, cybersecurity, penetration-testing07-Apr-2025
Hackers’ Hidden Playground: Exploiting Underrated Web Vulnerabilities Like a Prohttps://infosecwriteups.com/hackers-hidden-playground-exploiting-underrated-web-vulnerabilities-like-a-pro-e62ce0887ee7?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, hacker, hacking, bug-bounty, ai07-Apr-2025
AI Jailbreak walkthrough.https://medium.com/@anandrishav2228/ai-jailbreak-walkthrough-4be9229a8e53?source=rss------bug_bounty-5Rishav anandcybersecurity, hacking, bug-bounty, ai, money07-Apr-2025
#Bugbountyfraud Reddit Triaged report on Hackerone for banned URL Bypass I Clearly Proved was…https://medium.com/@krivadna_87390/bugbountyfraud-reddit-triaged-report-on-hackerone-for-banned-url-bypass-i-clearly-proved-was-0a0aff79578d?source=rss------bug_bounty-5Krivadnainfo-sec-writeups, infosec, bug-bounty, bugbounty-writeup, cybersecurity07-Apr-2025
Unmasking GraphQL: Your Next Bug Bounty Goldmine — The Deep Dive ️‍♂️https://medium.com/@shaikrief2/unmasking-graphql-your-next-bug-bounty-goldmine-the-deep-dive-%EF%B8%8F-%EF%B8%8F-759b732ddcd1?source=rss------bug_bounty-5Shxikrfbug-bounty, api-security, graphql, cybersecurity, web-security07-Apr-2025
Non-English Dorks to Find Bug Bounty & VDP Programshttps://cybersecuritywriteups.com/non-english-dorks-to-find-bug-bounty-vdp-programs-d799f0a5161c?source=rss------bug_bounty-5AbhirupKonwarosint, bug-bounty-tips, bug-bounty, ethical-hacking, pentesting07-Apr-2025
How AI Helped Me Turn a Sneaky SQL Param into a Full-Blown RFI Madnesshttps://infosecwriteups.com/how-ai-helped-me-turn-a-sneaky-sql-param-into-a-full-blown-rfi-madness-31837311f6bd?source=rss------bug_bounty-5Iskibug-bounty, hacking, bug-bounty-tips, cybersecurity, infosec07-Apr-2025
When Google Dorking becomes the ultimate Game Changer to Find a Bug on the Indian Governmenthttps://osintteam.blog/when-google-dorking-becomes-the-ultimate-game-changer-to-find-a-bug-on-the-indian-government-f1ec94642c84?source=rss------bug_bounty-5Gokuleswaran Bbug-bounty, google-dork, bug-bounty-tips, osint, dorking07-Apr-2025
The ultimate offensive security learning bundle - a combined review of Hack The Box Academy’s CPTS…https://pyth0nk1d.medium.com/the-ultimate-offensive-security-learning-bundle-a-combined-review-of-hack-the-box-academys-cpts-d9883d766770?source=rss------bug_bounty-5David Prieto Monterobug-bounty, offensive-security, certification, hackthebox, penetration-testing07-Apr-2025
Rsh — Port 514 — How to exploit?https://medium.com/@verylazytech/rsh-port-514-how-to-exploit-025554369230?source=rss------bug_bounty-5Very Lazy Techoscp, bug-bounty, penetration-testing, rsh, ethical-hacking07-Apr-2025
IDOR Exposed: How a Simple ID Can Leak Millions of Recordshttps://infosecwriteups.com/idor-exposed-how-a-simple-id-can-leak-millions-of-records-890d9f200d0a?source=rss------bug_bounty-5Elie Attiehpentesting, bug-bounty, cybersecurity, bug-bounty-tips, penetration-testing07-Apr-2025
Line Printer Daemon (LPD) — Port 515 — How to exploit?https://medium.com/@verylazytech/line-printer-daemon-lpd-port-515-how-to-exploit-841142039707?source=rss------bug_bounty-5Very Lazy Techethical-hacking, oscp, hacking, penetration-testing, bug-bounty07-Apr-2025
Hacking JavaScript files to get the Sensitive Datahttps://anishkashukla.medium.com/hacking-javascript-files-to-get-the-sensitive-data-2526416a8afd?source=rss------bug_bounty-5Anishka Shuklacybersecurity, infosec, bug-bounty, bug-bounty-tips, penetration-testing07-Apr-2025
HackingHub — Prison Hack Senaryosuhttps://aliekberkara.medium.com/hackinghub-prison-hack-senaryosu-e80bc482933f?source=rss------bug_bounty-5Ali Ekber KARAprison, cybersecurity, bug-bounty, discovery, hacking07-Apr-2025
How I Stumbled Into an SQLi at 2 AM (Instead of Doing My Job)https://medium.com/@ramshath1999/how-i-stumbled-into-an-sqli-at-2-am-instead-of-doing-my-job-4506135dea3a?source=rss------bug_bounty-5Ramshathhacking, bug-bounty, sql-injection, cybersecurity07-Apr-2025
How I Found Sensitive Information using Github Dorks in Bug Bounties — Part 3https://mukibas37.medium.com/how-i-found-sensitive-information-using-github-dorks-in-bug-bounties-part-3-750f62908508?source=rss------bug_bounty-5Mukilan Baskarancybersecurity, bug-bounty, code-review, code, github07-Apr-2025
Exposing a Major Data Leak in UPPCL: How Anyone Could Access Consumer PIIhttps://medium.com/@siddharth_1/exposing-a-major-data-leak-in-uppcl-how-anyone-could-access-consumer-pii-c65c10099db5?source=rss------bug_bounty-5Siddharthbugs, bug-bounty, security, bug-bounty-tips07-Apr-2025
Automating Google Dorking with Pythonhttps://cyberw1ng.medium.com/automating-google-dorking-with-python-fcd8601fe1f0?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, programming, cybersecurity, technology, careers07-Apr-2025
How AI Helped Me to Bypass 403 — Forbiddenhttps://infosecwriteups.com/how-ai-helped-me-to-bypass-403-forbidden-06becd32b999?source=rss------bug_bounty-5It4chis3cbug-bounty, hacking, ai, artificial-intelligence, secrets07-Apr-2025
Passive URL gathering tool for bug huntershttps://medium.com/@loyalonlytoday/passive-url-gathering-tool-for-bug-hunters-75d7385217a5?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, penetration-testing, ethical-hacking, bug-bounty-tips06-Apr-2025
Oracle Data Breach: Exploitation of CVE-2021-35587 in Oracle Access Managerhttps://medium.com/@ajeemshaik7/oracle-data-breach-exploitation-of-cve-2021-35587-in-oracle-access-manager-6584bd2d3de5?source=rss------bug_bounty-5Calix Sharptechnology, bug-bounty-tips, cybersecurity, future, bug-bounty06-Apr-2025
Can AI Hack Websites? Testing the Limits of ChatGPT and Cybersecurityhttps://infosecwriteups.com/can-ai-hack-websites-testing-the-limits-of-chatgpt-and-cybersecurity-4e2bc9635bea?source=rss------bug_bounty-5Abhijeet Kumawathacking, bug-bounty, ai, cybersecurity, chatgpt06-Apr-2025
Remix and React Router Vulnerability CVE-2025–31137 -$$$$ BOUNTYhttps://infosecwriteups.com/remix-and-react-router-vulnerability-cve-2025-31137-bounty-c0c716f44888?source=rss------bug_bounty-5Ajay Naikpenetration-testing, information-security, bug-bounty, cybersecurity, cyberattack06-Apr-2025
Error Messages From Hell: 25 Cryptic Warnings That Left Developers in Tearshttps://medium.com/@coders.stop/error-messages-from-hell-25-cryptic-warnings-that-left-developers-in-tears-a87c0c8f2082?source=rss------bug_bounty-5Coders Stopbug-bounty, software-development, programming, error-message, error-handling06-Apr-2025
Apple Filing Protocol (AFP) — PORT 548 — How to exploit?https://medium.com/@verylazytech/apple-filing-protocol-afp-port-548-how-to-exploit-eb4dbb3804f7?source=rss------bug_bounty-5Very Lazy Techethical-hacking, bug-bounty, penetration-testing, port-548, hacking06-Apr-2025
how i found the broken access control vulnerability?https://doordiefordream.medium.com/how-i-found-the-broken-access-control-vulnerability-5ad1b3083c6d?source=rss------bug_bounty-5DOD cyber solutionstechnology, cybersecurity, security, ethical-hacking, bug-bounty06-Apr-2025
Bountymine: The Cleanest Cybersecurity Guide that You Shouldn’t Misshttps://medium.com/developersglobal/bountymine-the-cleanest-cybersecurity-guide-that-you-shouldnt-miss-6f18a36451da?source=rss------bug_bounty-5Gopalakrishnanbug-bounty-tips, bug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-hunting06-Apr-2025
Another Day, Another ₹500 reward: The Not-So-Fancy Reality of Bug Huntinghttps://osintteam.blog/another-day-another-500-reward-the-not-so-fancy-reality-of-bug-hunting-545b5ce4c512?source=rss------bug_bounty-5Vivek PSprogramming, web-development, hacking, bug-bounty, ethical-hacking06-Apr-2025
SQL injection vulnerability allowing login bypass — Post Methodhttps://arayofhope7.medium.com/sql-injection-vulnerability-allowing-login-bypass-post-method-9d219a201de7?source=rss------bug_bounty-5RayofHopecyber-security-training, web-penetration-testing, penetration-testing, vapt, bug-bounty06-Apr-2025
block chain introductionhttps://doordiefordream.medium.com/block-chain-introduction-d0e1806d9c02?source=rss------bug_bounty-5DOD cyber solutionscybersecurity, bug-bounty, web3, bitcoin, blockchain06-Apr-2025
JavaScript Built-in Functionshttps://medium.com/@zoningxtr/javascript-built-in-functions-7a4070ca592a?source=rss------bug_bounty-5Zoningxtrbug-bounty, javascript, penetration-testing, javascript-development, cybersecurity06-Apr-2025
JavaScript Jump Start Series.https://medium.com/@zoningxtr/javascript-jump-start-series-4bf380051fac?source=rss------bug_bounty-5Zoningxtrjavascript, javascript-tips, penetration-testing, bug-bounty, cybersecurity06-Apr-2025
How Hackers Exploit CVE-2025–29927 in Next.js Like a Prohttps://infosecwriteups.com/how-hackers-exploit-cve-2025-29927-in-next-js-like-a-pro-9997f48ed7ce?source=rss------bug_bounty-5coffinxpbug-bounty-tips, cybersecurity, bug-bounty, technology, nextjs06-Apr-2025
How to become a BugBounty Hunter in 2025. Detailed Roadmap !!https://medium.com/@0026rsb/how-to-become-a-bugbounty-hunter-in-2025-detailed-roadmap-084f1233ef8b?source=rss------bug_bounty-5Rupesh_rsroadmaps, career-in-cybersecurity, bug-bounty06-Apr-2025
“One Click, No Consent” — How I Unsubscribed Any User from [target.com] Without Logging Inhttps://cybersecuritywriteups.com/one-click-no-consent-how-i-unsubscribed-any-user-from-target-com-without-logging-in-ef4897f73158?source=rss------bug_bounty-5Guru Prasad Pattanaikbug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips, ethical-hacking06-Apr-2025
RECON GHOST: The 83% Faster Recon Tool That Almost Broke Mehttps://mfaizananwar.medium.com/recon-ghost-the-83-faster-recon-tool-that-almost-broke-me-eb78a7b267c4?source=rss------bug_bounty-5Muhammad Faizan Anwarbug-bounty, offensive-security, cybersecurity, nmap, penetration-testing06-Apr-2025
How to Gather PII From Websites Using Pythonhttps://cyberw1ng.medium.com/how-to-gather-pii-from-websites-using-python-949d36cd8a06?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, technology, programming, bug-bounty, careers06-Apr-2025
Duty Free: A White-Hat Forum with a Shadowed Pasthttps://medium.com/@vasekpentester/duty-free-a-white-hat-forum-with-a-shadowed-past-5cc92ca1c3e7?source=rss------bug_bounty-5vasekethical-hacking, hacking, penetration-testing, bug-bounty, hacker06-Apr-2025
Duty Free как зарождался новый форум для белых хакеровhttps://medium.com/@vasekpentester/duty-free-%D0%BA%D0%B0%D0%BA-%D0%B7%D0%B0%D1%80%D0%BE%D0%B6%D0%B4%D0%B0%D0%BB%D1%81%D1%8F-%D0%BD%D0%BE%D0%B2%D1%8B%D0%B9-%D1%84%D0%BE%D1%80%D1%83%D0%BC-%D0%B4%D0%BB%D1%8F-%D0%B1%D0%B5%D0%BB%D1%8B%D1%85-%D1%85%D0%B0%D0%BA%D0%B5%D1%80%D0%BE%D0%B2-55a0e83a1564?source=rss------bug_bounty-5vasekpentesting, bug-bounty, exploit, hacking, forum06-Apr-2025
How to become a BugBounty Hunter in 2025. Detailed Roadmap !!https://medium.com/@RsHack3r/how-to-become-a-bugbounty-hunter-in-2025-detailed-roadmap-084f1233ef8b?source=rss------bug_bounty-5Rupesh_rsroadmaps, career-in-cybersecurity, bug-bounty06-Apr-2025
100 Google Dorks for Low-Hanging Bug Hunting — Hunt Like a Prohttps://osintteam.blog/100-google-dorks-for-low-hanging-bug-hunting-hunt-like-a-pro-be0a4c29e557?source=rss------bug_bounty-5Adarsh Pandeyosint, cybersecurity, bug-bounty, google, dorks05-Apr-2025
Uncover Hidden Bugshttps://osintteam.blog/uncover-hidden-bugs-851603d187dd?source=rss------bug_bounty-5Monika sharmapenetration-testing, bug-bounty, bug-bounty-tips, technology, hacking05-Apr-2025
A list of tools that will help to find XSS(cross-site scripting ) vulnerability.https://medium.com/@loyalonlytoday/a-list-of-tools-that-will-help-to-find-xss-cross-site-scripting-vulnerability-037dfe279f51?source=rss------bug_bounty-5loyalonlytodayxss-attack, tools, cybersecurity, xss-vulnerability, bug-bounty05-Apr-2025
The story of Conti: part 1https://medium.com/@jakboubmostefa/the-story-of-conti-part-1-c1285a89696f?source=rss------bug_bounty-5Mostefa Jakboubcybersecurity, ransomeware, malware, c-plus-plus-language, bug-bounty05-Apr-2025
JWT Vulnerabilities: How Misconfigurations Can Lead to Authentication Bypasshttps://bitpanic.medium.com/jwt-vulnerabilities-how-misconfigurations-can-lead-to-authentication-bypass-96d520194b6d?source=rss------bug_bounty-5Spectat0rguyai-generated-content, technology, programming, bug-bounty, cybersecurity05-Apr-2025
We Did Everything Right… and Still Got Exploited: What Went Wrong? ‼️https://securrtech.medium.com/we-did-everything-right-and-still-got-exploited-what-went-wrong-%EF%B8%8F-79b7cb973008?source=rss------bug_bounty-5Securr - Web3 Securityweb3-security, bug-bounty, smart-contract-security, smart-contract-auditing, blockchain-security05-Apr-2025
️ SSRF to RCE: How I Turned a Small Bug Into a Big Paycheckhttps://infosecwriteups.com/%EF%B8%8F-ssrf-to-rce-how-i-turned-a-small-bug-into-a-big-paycheck-574b6b889d2a?source=rss------bug_bounty-5Abhijeet Kumawathacking, ssrf, rce, bug-bounty, cybersecurity05-Apr-2025
RTSP — Port 554, 8554 — How to exploit?https://medium.com/@verylazytech/rtsp-port-554-8554-how-to-exploit-674df4aca649?source=rss------bug_bounty-5Very Lazy Techhacking, bug-bounty, port-554, ethical-hacking, penetration-testing05-Apr-2025
Day 29 — CSRF Bypass Using Domain Confusion Leads To Account Takeover (ATO)https://medium.com/@danielbelay/day-29-csrf-bypass-using-domain-confusion-leads-to-account-takeover-ato-bfd27b975e80?source=rss------bug_bounty-5dani3lbug-bounty, ato, account-takeover, cybersecurity05-Apr-2025
Open Bug Bounty — Your XSS Gymhttps://osintteam.blog/open-bug-bounty-your-xss-gym-75fed886d2c0?source=rss------bug_bounty-5RivuDonopenbugbounty, xss-attack, bug-bounty-writeup, bug-bounty, bug-bounty-tips05-Apr-2025
SQL injection vulnerability in WHERE clause allowing retrieval of hidden data — PortSwiggerhttps://arayofhope7.medium.com/sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-portswigger-12342def10ec?source=rss------bug_bounty-5RayofHopepenetration-testing, cyber-security-courses, sql-injection, bug-bounty, vapt05-Apr-2025
Scroll, Find, Boom! How I Tripped Over a Bounty in Just 3 Lines of Codehttps://myselfakash20.medium.com/scroll-find-boom-how-i-tripped-over-a-bounty-in-just-3-lines-of-code-18806bafd56c?source=rss------bug_bounty-5Akash Ghoshethical-hacking, infosec, cybersecurity, bug-bounty, bug-bounty-tips05-Apr-2025
How to Bypass Phone Number Validation for Unlimited Free Trialshttps://medium.com/@Youseef/how-to-bypass-phone-number-validation-for-unlimited-free-trials-98d8bf2f0955?source=rss------bug_bounty-5Yousseffbug-bounty, web-penetration-testing, penetration-testing, hackerone, bug-hunting05-Apr-2025
How I Bypassed Xiaomi’s Rate Limit with Just a Few Extra Slashes ///https://infosecxsalman.medium.com/how-i-bypassed-xiaomis-rate-limit-with-just-a-few-extra-slashes-425b00ded794?source=rss------bug_bounty-5Salmanbug-bounty, hackerone, security, bug-bounty-writeup, rate-limit-bypass05-Apr-2025
CORS Misconfiguration: Bug Bounty Tips to Find and Exploit These Vulnerabilitieshttps://frostyxsec.medium.com/cors-misconfiguration-bug-bounty-tips-to-find-and-exploit-these-vulnerabilities-4856d0a954af?source=rss------bug_bounty-5Frostyxsecbug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-hunting, bug-bouty-tips05-Apr-2025
The AI paradox in bug bounty: Increased efficiency or noise saturation?https://medium.com/@ce.barquet/the-ai-paradox-in-bug-bounty-increased-efficiency-or-noise-saturation-4aab10d94979?source=rss------bug_bounty-5Luthierccybersecurity, artificial-intelligence, bug-bounty, ai, technology05-Apr-2025
Bypassing OTP Verificationhttps://medium.com/@Youseef/bypassing-otp-verification-412978abb332?source=rss------bug_bounty-5Yousseffbug-bounty, cybersecurity, business-logic-flaw, web-penetration-testing05-Apr-2025
$150 IDOR️‍♂️ — How I Added My Own Dishes to a Restaurant Menuhttps://medium.com/@yahiasherif/150-idor-%EF%B8%8F-%EF%B8%8F-how-i-added-my-own-dishes-to-a-restaurant-menu-399dce077878?source=rss------bug_bounty-5Yahia Sherifbug-bounty-writeup, bug-bounty, idor, pentesting, broken-access-control05-Apr-2025
campaign monitor takeoverhttps://aarnavsaboo.medium.com/campaign-monitor-takeover-5cd796c3fe67?source=rss------bug_bounty-5Aarnav Saboopentesting, networking, cybersecurity, ethical-hacking, bug-bounty05-Apr-2025
When APIs Trust Too Much: Chat Impersonation through Broken Auth [Bug bounty write-up] — Kullai 🙂https://kullaisec.medium.com/when-apis-trust-too-much-chat-impersonation-through-broken-auth-bug-bounty-write-up-kullai-943abecaa34d?source=rss------bug_bounty-5Kullaibugbounty-writeup, pentesting, bug-bounty, cybersecurity, hacking05-Apr-2025
From Nap to P4: A Chilled Evening Bug Hunthttps://medium.com/@gourisankara357/from-nap-to-p4-a-chilled-evening-bug-hunt-e3478f20022f?source=rss------bug_bounty-5Gouri Sankar Abugcrowd, bug-bounty, infosec-write-ups, bug-hunting05-Apr-2025
Master Recon P-1: 15+ Ways of Subdomain Scraping Techniques | My 2 Years of Bug Hunting Experiencehttps://medium.com/@janpreet4340/master-recon-p-1-15-ways-of-subdomain-scraping-techniques-my-2-years-of-bug-hunting-experience-c9455a30b520?source=rss------bug_bounty-5Janpreet Singhbug-bounty, penetration-testing, subdomains-enumeration, recon, best05-Apr-2025
Hacking a File Path Traversal Vulnerability: How I Retrieved /etc/passwd & Solved the Labhttps://medium.com/@sumanth1962/hacking-a-file-path-traversal-vulnerability-how-i-retrieved-etc-passwd-solved-the-lab-4e9e1a2f8aa2?source=rss------bug_bounty-5Sumanth Yerranagulacybersecurity, bug-bounty, ethical-hacking, ctf-writeup, ctf05-Apr-2025
How i found XSS and chained it with CSRFhttps://medium.com/@alshormanmomen681/how-i-found-xss-and-chained-it-with-csrf-b99bc589ad5b?source=rss------bug_bounty-5Alshormanmomencsrf, hacking, bug-bounty, bounties, xss-attack05-Apr-2025
Bypassing WAFs in 2025: New Techniques and Evasion Tacticshttps://medium.com/@gasmask/bypassing-wafs-in-2025-new-techniques-and-evasion-tactics-fdb3508e6b46?source=rss------bug_bounty-5gasmaskcybersecurity, web-application-security, beginner, penetration-testing, bug-bounty05-Apr-2025
How I got 324$ for a PII disclosurehttps://aarnavsaboo.medium.com/324-pii-disclosure-89e6b384fab7?source=rss------bug_bounty-5Aarnav Saboovulnerability, penetration-testing, bug-bounty, hacking, cybersecurity05-Apr-2025
HackTheBox: Stocker — Bypass a Logins con Inyecciones NoSQL y Escalada de Privilegios en Node.jshttps://medium.com/@zsodex/hackthebox-stocker-bypass-a-logins-con-inyecciones-nosql-y-escalada-de-privilegios-en-node-js-d0b2666149f3?source=rss------bug_bounty-5zSodexcybersecurity, bug-bounty, hackthebox-writeup, penetration-testing05-Apr-2025
Introduction to OWASP Mobile Top 10 for Androidhttps://cyberw1ng.medium.com/introduction-to-owasp-mobile-top-10-for-android-3be718c566f8?source=rss------bug_bounty-5Karthikeyan Nagarajtechnology, programming, bug-bounty, owasp, cybersecurity05-Apr-2025
Google Rate Limit Bypass: Triggering Infinite Spam Requestshttps://medium.com/@AhmedSamy-X/google-rate-limit-bypass-triggering-infinite-spam-requests-c360019b9c7f?source=rss------bug_bounty-5Ahmedsamyethical-hacking, bug-bounty, cybersecurity, google-hacking, information-technology04-Apr-2025
A tool that will help to analyze security headers of your target domains.https://medium.com/@loyalonlytoday/a-tool-that-will-help-to-analyze-security-headers-of-your-target-domains-86aa06a3fa5c?source=rss------bug_bounty-5loyalonlytodayhacking, cybersecurity, penetration-testing, bug-bounty, programming04-Apr-2025
How I Tricked a Server (with AI) Into Leaking Its Secretshttps://infosecwriteups.com/how-i-tricked-a-server-with-ai-into-leaking-its-secrets-bb18be82b81d?source=rss------bug_bounty-5Iskihacking, cybersecurity, infosec, money, bug-bounty04-Apr-2025
IPMI — Port 623/UDP/TCP — How to exploit?https://medium.com/@verylazytech/ipmi-port-623-udp-tcp-how-to-exploit-4655ec015a0b?source=rss------bug_bounty-5Very Lazy Techhacking, penetration-testing, bug-bounty, port-623, ipmi04-Apr-2025
The Hidden XSS: A Bug Hidden in the Misthttps://ghostman01.medium.com/the-hidden-xss-a-bug-hidden-in-the-mist-907d6cc55322?source=rss------bug_bounty-5SIDDHANT SHUKLAhacking, bug-bounty, cybersecurity, ethical-hacking, hacker04-Apr-2025
Creativity Over Commands: Why Hacking is 80% Mindset, 20% Toolshttps://myselfakash20.medium.com/creativity-over-commands-why-hacking-is-80-mindset-20-tools-517c9ed75046?source=rss------bug_bounty-5Akash Ghoshhacking, cybersecurity, bug-bounty-tips, technology, bug-bounty04-Apr-2025
The Simple P3: Not a Jokehttps://infosecwriteups.com/the-simple-p3-not-a-joke-58d957aceb63?source=rss------bug_bounty-5callgh0sttest, hacking, genocide, bug-bounty, bug-bounty-tips04-Apr-2025
Automation vs. Manual Hacking: Which One Wins in Bug Bounty?https://medium.com/@Abhijeet_kumawat_/automation-vs-manual-hacking-which-one-wins-in-bug-bounty-1b7826452c69?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, hacking, infosec, cybersecurity, ai04-Apr-2025
Automation vs. Manual Hacking: Which One Wins in Bug Bounty?https://infosecwriteups.com/automation-vs-manual-hacking-which-one-wins-in-bug-bounty-1b7826452c69?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, hacking, infosec, cybersecurity, ai04-Apr-2025
Race Condition - Eating Rate Limits for Account Takeoverhttps://shahjerry33.medium.com/race-condition-eating-rate-limits-for-account-takeover-ff44b6dc8798?source=rss------bug_bounty-5Jerry Shah (Jerry)infosec, vulnerability, cybersecurity, pentesting, bug-bounty04-Apr-2025
Extract all Bug Bounty programshttps://osintteam.blog/extract-all-bug-bounty-programs-df37ebd86530?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, bug-bounty, ethical-hacking, pentesting, penetration-testing04-Apr-2025
How to Hackers hack CCTVhttps://infosecwriteups.com/how-to-hackers-hack-cctv-a55b03a4ddf8?source=rss------bug_bounty-5Mr Horbiohacking, cctv, ethical-hacking, bug-bounty, cybersecurity04-Apr-2025
Creativity Over Commands: Why Hacking is 80% Mindset, 20% Toolshttps://infosecwriteups.com/creativity-over-commands-why-hacking-is-80-mindset-20-tools-517c9ed75046?source=rss------bug_bounty-5Akash Ghoshhacking, infosec, cybersecurity, technology, bug-bounty04-Apr-2025
$150 IDOR️‍♂️ — How I Added My Own Dishes to a Restaurant Menuhttps://medium.com/@yahiasherif/150-idor-%EF%B8%8F-%EF%B8%8F-how-i-added-my-own-dishes-to-a-restaurant-menu-a0b4a78c1d8a?source=rss------bug_bounty-5Yahia Sherifbug-bounty-writeup, bug-bounty, broken-access-control, idor, pentesting04-Apr-2025
The Biggest Password Leaks in History: Lessons from Millions of Stolen Accountshttps://medium.com/@vipulsonule71/the-biggest-password-leaks-in-history-lessons-from-millions-of-stolen-accounts-30e1b9d519b3?source=rss------bug_bounty-5Vipul Sonulehacking, cybersecurity, ethical-hacking, bug-bounty, penetration-testing04-Apr-2025
Google Classroom IDOR: Mute Anyone, Even the Owner… But Ignoredhttps://v0ltex.medium.com/google-classroom-idor-mute-anyone-even-the-owner-but-ignored-58def4627507?source=rss------bug_bounty-5Abdo Rabea (VolteX)bug-bounty, broken-access-control, google-vrp, idor, writeup04-Apr-2025
Introduction to OWASP Top 10 API Vulnerabilityhttps://cyberw1ng.medium.com/introduction-to-owasp-top-10-api-vulnerability-43a239e782b7?source=rss------bug_bounty-5Karthikeyan Nagarajapi, bug-bounty, programming, cybersecurity, careers04-Apr-2025
Mastering Logic Bugs: A Checklist for Bug Hunters — Part 3: Account Takeover (ATO )https://medium.com/@mahdisalhi0500/mastering-logic-bugs-a-checklist-for-bug-hunters-part-3-account-takeover-ato-7af98ce87aa3?source=rss------bug_bounty-5CaptinSHArky(Mahdi)infosec, bug-bounty, hacking, information-security, penetration-testing04-Apr-2025
Guide to Identifying and Exploiting TOCTOU Race Conditions in Web Applicationshttps://fdzdev.medium.com/guide-to-identifying-and-exploiting-toctou-race-conditions-in-web-applications-c5f233e32b7f?source=rss------bug_bounty-5Facundo Fernandezpenetration-testing, ethical-hacking, cybersecurity, hacking, bug-bounty04-Apr-2025
Unauthenticated Admin Profile Disclosure via GraphQL IDOR — A Real-World Bug Bounty Find.https://medium.com/@yasser0hamoda1/unauthenticated-admin-profile-disclosure-via-graphql-idor-a-real-world-bug-bounty-find-f8647eae5237?source=rss------bug_bounty-5Yasser Hamodahacking, cybersecurity, bug-bounty, infosec, programming03-Apr-2025
Mobile Application Bounty Practice: SQL Injection Principles, Vulnerability Discovery and…https://medium.com/@cadeeper/mobile-application-bounty-practice-sql-injection-principles-vulnerability-discovery-and-cd3e77ef380b?source=rss------bug_bounty-5Invcybersecurity, penetration-testing, bug-bounty, web-development, hacking03-Apr-2025
How I Found a CSRF Vulnerability Leading to Account Takeover ($2,000 Bounty)https://medium.com/@nareshkandula54/how-i-found-a-csrf-vulnerability-leading-to-account-takeover-2-000-bounty-3dc408f2f134?source=rss------bug_bounty-5Naresh Kandulabug-bounty-writeup, csrf-attack, csrf-protection, bug-bounty, bugbounty-writeup03-Apr-2025
Reverse Engineering a Browser Extension Led Me to a Dangerous Exploit! ($25,000 Bounty)https://theindiannetwork.medium.com/reverse-engineering-a-browser-extension-led-me-to-a-dangerous-exploit-25-000-bounty-c7dda4601753?source=rss------bug_bounty-5TheIndianNetworkexploitation, reverse-engineering, bug-bounty, bug-bounty-tips03-Apr-2025
React Router and the Remix’ed pathhttps://medium.com/@zhero_/react-router-and-the-remixed-path-daa48d6bd6a9?source=rss------bug_bounty-5Rachid.Ahacking, bug-bounty, react, javascript, vulnerability03-Apr-2025
How to Get GraphQL Introspection via WebSockethttps://medium.com/@blackarazi/how-to-get-graphql-introspection-via-websocket-5a1cf23e7bfc?source=rss------bug_bounty-5Azhari Harahapapplication-security, graphql, api-security, bug-bounty, websocket03-Apr-2025
Advanced File Upload Techniques Worth $1000-$5000https://infosecwriteups.com/advanced-file-upload-techniques-worth-1000-5000-66ad72a124bb?source=rss------bug_bounty-5Abhijeet Kumawatfile-upload-vulnerability, hacking, bug-bounty, infosec, cybersecurity03-Apr-2025
Web Security Bug Bounty Write-Up: Bypassing Authentication via Logical Flawhttps://medium.com/@MGtrix/web-security-bug-bounty-write-up-bypassing-authentication-via-logical-flaw-40fb70e861ea?source=rss------bug_bounty-5Meysam Kheiri Koedlarctf-writeup, bug-bounty, penetration-testing, cybersecurity, web-security03-Apr-2025
Internet Printing Protocol (IPP) — Port 631 — How to exploit?https://medium.com/@verylazytech/internet-printing-protocol-ipp-port-631-how-to-exploit-d234cf91487e?source=rss------bug_bounty-5Very Lazy Techhacking, penetration-testing, ethical-hacking, port-631, bug-bounty03-Apr-2025
0-Click Account Takeover on Any Website: A Hacker’s Worst Nightmare ⚡️https://medium.com/@vipulsonule71/0-click-account-takeover-on-any-website-a-hackers-worst-nightmare-%EF%B8%8F-b11cefdb3d57?source=rss------bug_bounty-5Vipul Sonuleai, hacking, bug-bounty, cybersecurity, penetration-testing03-Apr-2025
Bypassing Email Verificationhttps://ehteshamulhaq198.medium.com/bypassing-email-verification-299d94230724?source=rss------bug_bounty-5Ehtesham Ul Haqpentesting, writeup, email-verification, bug-bounty-tips, bug-bounty03-Apr-2025
From Bug Report to HOF: My first valid bug triage from NASA VDPhttps://medium.com/@nani.yashwanth12/from-bug-report-to-hof-my-first-valid-bug-triage-from-nasa-vdp-36a8a1c65072?source=rss------bug_bounty-5Yashwanthsecurity, cybersecurity, bugcrowd, bug-bounty-writeup, bug-bounty03-Apr-2025
Privilege Escalation using SUDO || Exploit SUDO Misconfigurationhttps://medium.com/@hrofficial62/privilege-escalation-using-sudo-exploit-sudo-misconfiguration-f647313c2d72?source=rss------bug_bounty-5Mr Horbiocybersecurity, pentesting, hacking, bug-bounty, ethical-hacking03-Apr-2025
Hacking Workspace for Fun & Profit: Part Ihttps://0xh7ml.medium.com/hacking-workspace-for-fun-profit-part-i-cd28467ea5c6?source=rss------bug_bounty-5Md Saikatbug-bounty-writeup, bug-bounty, infosec03-Apr-2025
Don’t Miss Any Authentication Layer: Bypassing Password Verification for Unauthorized Account…https://hackersatty.medium.com/dont-miss-any-authentication-layer-bypassing-password-verification-for-unauthorized-account-46113106828b?source=rss------bug_bounty-5hackersattymedium, bug-bounty-writeup, bug-bounty, idor, access-control03-Apr-2025
How I Hacked The Chattisgarh High Court Government Portalhttps://medium.com/@digvijaysunil/how-i-hacked-the-chattisgarh-high-court-government-portal-3c26f56186fe?source=rss------bug_bounty-5digvijaysunilcybersecurity, vulnerability, ethical-hacking, hacking, bug-bounty03-Apr-2025
From “Not Reproducible” to Recognition: Reflected XSS on NASAhttps://medium.com/@dikstha1409/from-not-reproducible-to-recognition-reflected-xss-on-nasa-1bc008d1d459?source=rss------bug_bounty-5Dikshya Shresthanasa, bug-bounty-writeup, xss-attack, bug-bounty, recognition03-Apr-2025
Failed XSS? CRLF to the Rescuehttps://anontuttuvenus.medium.com/failed-xss-crlf-to-the-rescue-5febfc03b809?source=rss------bug_bounty-5Anon Tuttu Venusbug-bounty-writeup, penetration-testing, xss-attack, crlf-injection, bug-bounty03-Apr-2025
Email Content Html Injectionhttps://medium.com/@gadashov/email-content-html-injection-9f3132ed4056?source=rss------bug_bounty-5gadashovbug-hunting, bug-bounty, injection, penetration-testing, html-injection03-Apr-2025
Developers Mistake Leads to Bountiesss$$$…https://infosecwriteups.com/developers-mistake-leads-to-bountiesss-088cf2c2ce51?source=rss------bug_bounty-5It4chis3cbug-bounty-tips, bug-bounty, secrets, bug-bounty-writeup, mistakes03-Apr-2025
Same OTP for Email & Phone? Yep, That’s a Bug!https://strangerwhite.medium.com/same-otp-for-email-phone-yep-thats-a-bug-f346668bece6?source=rss------bug_bounty-5StrangeRwhitecybersecurity, otp-bypass, information-technology, hacking, bug-bounty03-Apr-2025
Silent Sabotage: Exploiting Stored XSS in a Chat Featurehttps://medium.com/@youssefhussein212103168/silent-sabotage-exploiting-stored-xss-in-a-chat-feature-71108606b10b?source=rss------bug_bounty-5Youssefhusseinpenetration-testing, xss-attack, stored-xss, bug-bounty, cybersecurity03-Apr-2025
How I Turned a 403 Forbidden Into a Goldminehttps://infosecwriteups.com/how-i-turned-a-403-forbidden-into-a-goldmine-738cdf1407aa?source=rss------bug_bounty-5Iskimoney, bug-bounty-tips, bug-bounty, hacking, cybersecurity03-Apr-2025
Bug bounty: It’s not competition, it’s constant evolutionhttps://medium.com/@ce.barquet/bug-bounty-its-not-competition-it-s-constant-evolution-ffa674462689?source=rss------bug_bounty-5Luthiercbug-bounty, cybersecurity, vulnerability, technology03-Apr-2025
JWT Token Manipulation: Explotando Vulnerabilidades en la Autenticación Webhttps://medium.com/@zsodex/jwt-token-manipulation-explotando-vulnerabilidades-en-la-autenticaci%C3%B3n-web-7f416c1db6b6?source=rss------bug_bounty-5zSodexcybersecurity, pentesting, hacking, bug-bounty, hackthebox03-Apr-2025
How I Uncovered a Sneaky DOM XSS Bug in a Popular Social Media Platform — And Scored a $4,000 Bug…https://theindiannetwork.medium.com/how-i-uncovered-a-sneaky-dom-xss-bug-in-a-popular-social-media-platform-and-scored-a-4-000-bug-892c7a9f3694?source=rss------bug_bounty-5TheIndianNetworkdom, dom-xss, bug-bounty, bug-bounty-tips, xss-attack02-Apr-2025
Price Tampering Vulnerability in the Supreme Court of Indiahttps://medium.com/@deepak7903800/price-tampering-vulnerability-in-the-supreme-court-of-india-4bd3046b2bb9?source=rss------bug_bounty-5Deepak kumarbug-bounty, info-sec-writeups, cybersecurity, hacking, information-security02-Apr-2025
You Say Premium Features? Well, Not Anymorehttps://medium.com/@ahmed_salem/you-say-premium-features-well-not-anymore-e15d5afc14c9?source=rss------bug_bounty-5Ahmed Salemcybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-writeup02-Apr-2025
Reverse Shell Commands and How to Detect Themhttps://medium.com/@paritoshblogs/reverse-shell-commands-and-how-to-detect-them-084884150776?source=rss------bug_bounty-5Paritoshbug-bounty, reverse-shell, information-technology, hacking, reverse-proxy02-Apr-2025
Web Security Vulnerabilities Every Pentester Should Know :https://medium.com/@shamzen96/web-security-vulnerabilities-every-pentester-should-know-742f1e0fda42?source=rss------bug_bounty-5Shivam Rajcybersecurity, bug-bounty, penetration-testing, ethical-hacking, web302-Apr-2025
5 Critical AWS Vulnerabilities You’re Responsible For (And How to Fix Them)https://medium.com/@Cyber-AppSec/5-critical-aws-vulnerabilities-youre-responsible-for-and-how-to-fix-them-f7500c3e41fb?source=rss------bug_bounty-5Cyber-AppSecaws, cyber-security-awareness, aws-security, bug-bounty, information-security02-Apr-2025
How This Simple Account Takeover Gave Me 800 EURhttps://medium.com/@dineshnarasimhan27/how-this-simple-account-takeover-gave-me-800-eur-7d88a2d13a56?source=rss------bug_bounty-5Dinesh Narasimhanbug-bounty-tips, account-takeover, bug-bounty-writeup, bug-bounty, hackerone02-Apr-2025
How I Discovered a Critical Store XSS Vulnerability and Earned a $7,000 Bounty — My Struggle…https://theindiannetwork.medium.com/how-i-discovered-a-critical-store-xss-vulnerability-and-earned-a-7-000-bounty-my-struggle-38d67b6f8ec8?source=rss------bug_bounty-5TheIndianNetworkbug-bounty-tips, xss-attack, bug-bounty, xss-vulnerability, stored-xss02-Apr-2025
How I Found an SMTP Injection Bug & Earned $800 in Just 30 Minutes!https://theindiannetwork.medium.com/ehow-i-found-an-smtp-injection-bug-earned-800-in-just-30-minutes-562f7e3b9a4a?source=rss------bug_bounty-5TheIndianNetworksmtp-injection, bug-bounty, email-spoofing, bug-bounty-tips, smtp02-Apr-2025
How I Stumbled Upon a $5$$$ Data Leak — Just by Googling!https://medium.com/@iski/how-i-stumbled-upon-a-5-data-leak-just-by-googling-99acd54fa7ac?source=rss------bug_bounty-5Iskibug-bounty, money, bug-bounty-tips, hacking, cybersecurity02-Apr-2025
Zero to Pro The Ultimate Guide to CDX API for Your Bug Bounty Recon Journey: Let’s talk about the…https://myselfakash20.medium.com/zero-to-pro-the-ultimate-guide-to-cdx-api-for-your-bug-bounty-recon-journey-lets-talk-about-the-353946e67872?source=rss------bug_bounty-5Akash Ghoshbug-bounty-writeup, cybersecurity, technology, bug-bounty, bug-bounty-tips02-Apr-2025
My First NASA Bug Hunt — A Learning Experience!https://medium.com/@warang.harmit/my-first-nasa-bug-hunt-a-learning-experience-9177b2eac0b0?source=rss------bug_bounty-5Harmit Warang (hwrng0x)cybersecurity, ethical-hacking, infosec, bug-bounty, nasa02-Apr-2025
Earn Bounty by just Reading.https://medium.com/@anandrishav2228/earn-bounty-by-just-reading-dffda7e4744f?source=rss------bug_bounty-5Rishav anandcybersecurity, bug-bounty, hacking, ai, money02-Apr-2025
How to Find Your First Bughttps://infosecwriteups.com/how-to-find-your-first-bug-52f3d57cd63e?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, infosec, hacking, cybersecurity, ai02-Apr-2025
Bug Bounty Tips: Mastering XML-RPC Exploits Like a Prohttps://frostyxsec.medium.com/bug-bounty-hunters-mastering-xml-rpc-exploits-like-a-pro-8c9fa4c003cc?source=rss------bug_bounty-5Frostyxsecbug-hunting, bug-bounty-hunter, bug-bounty-tips, bug-bounty, bug-bounty-writeup02-Apr-2025
Unlocking My First Bug Bounty: The Power of XSS Exploits Revealed!https://medium.com/@rajeevmaurya82/unlocking-my-first-bug-bounty-the-power-of-xss-exploits-revealed-cbaa0ce98cc3?source=rss------bug_bounty-5Rajeevmauryabug-bounty-tips, bug-bounty, cybersecurity, xss-attack, bug-bounty-writeup02-Apr-2025
How I Bypassed an API Security Checkhttps://medium.com/@iamshafayat/how-i-bypassed-an-api-security-check-db99fbd8551d?source=rss------bug_bounty-5Shafayat Ahmed Alifbug-bounty-writeup, cybersecurity, hacking, bug-bounty, bug-bounty-tips02-Apr-2025
8 Powerful Account Takeover (ATO) Methods and How to Exploit Themhttps://medium.com/@verylazytech/8-powerful-account-takeover-ato-methods-and-how-to-exploit-them-4bafa2bdb0d0?source=rss------bug_bounty-5Very Lazy Techpenetration-testing, hacking, bug-bounty, oscp, ethical-hacking02-Apr-2025
$25,000 Bounty just for sensitive information disclosurehttps://infosecwriteups.com/25-000-bounty-just-for-sensitive-information-disclosure-c4f6c5a81795?source=rss------bug_bounty-5Mr Horbiopentesting, hacking, cybersecurity, hackerone, bug-bounty02-Apr-2025
My Experience Reporting an XSS Vulnerability on Shein to HackerOnehttps://medium.com/@24bkdoor/my-experience-reporting-an-xss-vulnerability-on-shein-to-hackerone-f482279a5e19?source=rss------bug_bounty-524BkDoorbug-bounty, ethical-hacking, web, web-security, cybersecurity02-Apr-2025
“Hacking the Hackers!” — Saving the HackerOne from Data Breachhttps://medium.com/@avinash_/hacking-the-hackers-saving-the-hackerone-from-data-breach-75e313fa4898?source=rss------bug_bounty-5Avinash Kumarbug-bounty, bug-bounty-writeup, bug-bounty-tips, hackerone, hacking02-Apr-2025
Detecting and Blocking a Stealthy Adware: BJCAUpdate.exe Case Studyhttps://medium.com/@muhammetalgan3547/detecting-and-blocking-a-stealthy-adware-bjcaupdate-exe-case-study-d5cee8d7f248?source=rss------bug_bounty-5Muhammet ALGANhacking, cybersecurity, malware, bug-bounty02-Apr-2025
How i do reconhttps://osintteam.blog/how-i-do-recon-d24bea0ff421?source=rss------bug_bounty-5Canonminibeasthacking, bug-bounty-tips, bug-bounty-writeup, bug-bounty, reconnaissance02-Apr-2025
Cómo un Bug Bounty de $5,000 Puede Nacer de una Lectura Arbitraria de Archivos en Jenkinshttps://medium.com/@zsodex/explotaci%C3%B3n-de-jenkins-lectura-arbitraria-de-archivos-y-escalada-de-privilegios-00197146678e?source=rss------bug_bounty-5zSodexjenkins, bug-bounty, oscp-preparation, hackthebox, penetration-testing02-Apr-2025
How to Get Into Cybersecurity With No Experience? The Ultimate Beginner’s Guide (2025)https://medium.com/@noahlott/how-to-get-into-cybersecurity-with-no-experience-the-ultimate-beginners-guide-2025-43b938d6d31b?source=rss------bug_bounty-5Noah Lottbug-bounty, pentesting, beginners-guide, how-to, cybersecurity02-Apr-2025
Understanding HTTP Headers: A Bug Bounty Hunter’s Guide to Hidden Secrets️https://medium.com/@kazixabbir/understanding-http-headers-a-bug-bounty-hunters-guide-to-hidden-secrets-%EF%B8%8F-f52c5b297668?source=rss------bug_bounty-5Kazi Sabbirweb-security, bug-bounty, cybersecurity, ethical-hacking, web-development02-Apr-2025
Overprivileged API and Remote Code Execution (RCE)https://medium.com/@rkvb/overprivileged-api-and-remote-code-execution-rce-0fa5e52b022d?source=rss------bug_bounty-5RkVbinfosec, bug-bounty-writeup, cybersecurity, bug-bounty, hacking02-Apr-2025
In-Depth Explanation of Each TCP Flaghttps://medium.com/@zoningxtr/in-depth-explanation-of-each-tcp-flag-622d589b60e4?source=rss------bug_bounty-5Zoningxtrpentesting, bug-bounty, tcp, ai, cybersecurity02-Apr-2025
The “Oops, I Own Your Account” Password Reset Bughttps://medium.com/@dineshkumar_56604/the-oops-i-own-your-account-password-reset-bug-8d7d5fea980a?source=rss------bug_bounty-5Dinesh Kumarethical-hacking, cybersecurity, bug-bounty02-Apr-2025
2FA Bypass By Response Manipulationhttps://medium.com/@FuzzyyDuck/2fa-bypass-by-response-manipulation-f599c2e3341f?source=rss------bug_bounty-5Fuzzyy Duckbug-bounty, bug-bounty-writeup, authentication-bypass, 2fa-authentication, 2fa-bypass01-Apr-2025
Best Tools for Bug Bounty Hunters: A Professional Guidehttps://theindiannetwork.medium.com/best-tools-for-bug-bounty-hunters-a-professional-guide-b939335f4b9d?source=rss------bug_bounty-5TheIndianNetworkhacking-tools, bug-bounty, bug-bounty-tips, hacker, bug-bounty-writeup01-Apr-2025
PATH HIJACKING TECHNIQUE THAT HELPS IN PRIVILEGE ESCALATIONhttps://infosecwriteups.com/path-hijacking-technique-that-helps-in-privilege-escalation-b2e12207ea7a?source=rss------bug_bounty-5Mr Horbiobug-bounty, cybersecurity, pentesting, hacking, ethical-hacking01-Apr-2025
dKargo Warehouse Testnet Bug Bounty Programhttps://medium.com/dkargo-eng/dkargo-warehouse-testnet-bug-bounty-program-9d70de4d2e7f?source=rss------bug_bounty-5dKargobug-bounty, announcements, testnet, dkargo, warehouse01-Apr-2025
API Recon via Google Dorkinghttps://medium.com/developersglobal/api-recon-via-google-dorking-5e72203dccc3?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, pentesting, cybersecurity, bug-bounty, api-testing01-Apr-2025
Never leave any API endpoint request unchecked during login or sign-up!https://hiddendom.medium.com/never-leave-any-api-endpoint-request-unchecked-during-login-or-sign-up-2df8230de2ca?source=rss------bug_bounty-5Gokuleswaran Bbug-bounty-writeup, bug-bounty-tips, publications-on-medium, bug-bounty, indian-post-office01-Apr-2025
Practical SQL Injection Exploitation Cheat Sheethttps://medium.com/@verylazytech/practical-sql-injection-exploitation-cheat-sheet-75c75548f281?source=rss------bug_bounty-5Very Lazy Techsql-injection, ethical-hacking, hacking, bug-bounty, penetration-testing01-Apr-2025
A to Z বাগ বাউন্টি গাইড (HackerOne & Bugcrowd)https://medium.com/@INTELEON404/a-to-z-%E0%A6%AC%E0%A6%BE%E0%A6%97-%E0%A6%AC%E0%A6%BE%E0%A6%89%E0%A6%A8%E0%A7%8D%E0%A6%9F%E0%A6%BF-%E0%A6%97%E0%A6%BE%E0%A6%87%E0%A6%A1-hackerone-bugcrowd-e31e9eb8c8a4?source=rss------bug_bounty-5SHEIKH MOHAMMAD ADILbugcrowd, hackerone, bug-bounty, roadmaps, bug-hunting01-Apr-2025
Find open directories in your bug bounty&pentesting targets.https://medium.com/@loyalonlytoday/find-open-directories-in-your-bug-bounty-pentesting-targets-d8b96f13760f?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, bug-bounty, penetration-testing, hacking, cybersecurity01-Apr-2025
How My Name Crashed a Welcome Party: SSI to RCE Surprise! with $$$$https://medium.com/@iski/how-my-name-crashed-a-welcome-party-ssi-to-rce-surprise-with-f9b8a05ad138?source=rss------bug_bounty-5Iskihacking, bug-bounty-tips, bug-bounty, money, cybersecurity01-Apr-2025
2FA Bypass Using a Simple trickhttps://medium.com/@FuzzyyDuck/2fa-bypass-by-response-manipulation-f599c2e3341f?source=rss------bug_bounty-5Fuzzyy Duckbug-bounty, bug-bounty-writeup, authentication-bypass, 2fa-authentication, 2fa-bypass01-Apr-2025
The Road to CRTP Cert - Part 30https://medium.com/@dineshkumaar478/the-road-to-crtp-cert-part-30-7f87ad387a35?source=rss------bug_bounty-5Dineshkumaar Roffensive-security, cybersecurity, hacking, bug-bounty, hackerone01-Apr-2025
How I Hacked the Voting System: A Deep Dive into Firebase and Firestore Security Vulnerabilitieshttps://medium.com/@anonymoussaid27/how-i-hacked-the-voting-system-a-deep-dive-into-firebase-and-firestore-security-vulnerabilities-f12227d1888b?source=rss------bug_bounty-5Anonymous27hacking, cybersecurity, penetration-testing, bug-bounty, firestore-database01-Apr-2025
Top 10 SSRF (Server-Side Request Forgery) Payloads That Workhttps://medium.com/@vipulsonule71/top-10-ssrf-server-side-request-forgery-payloads-that-work-74fe68b381fa?source=rss------bug_bounty-5Vipul Sonuleai, technology, bug-bounty, cybersecurity, hacking01-Apr-2025
You need to stop making this mistake in Bug Bounty!https://medium.com/@deadoverflow/you-need-to-stop-making-this-mistake-in-bug-bounty-924725c66e68?source=rss------bug_bounty-5Imad Husanovicprogramming, cybersecurity, hacking, bug-bounty, bug-bounty-tips01-Apr-2025
Easy $300: Template Injectionhttps://infosecwriteups.com/easy-300-template-injection-2ea1fc32cf07?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, bug-bounty, template-injection, hacking, cybersecurity01-Apr-2025
How to Find API Keys Leaked in Public Repositorieshttps://medium.com/@vipulsonule71/how-to-find-api-keys-leaked-in-public-repositories-d5bfd29dedd9?source=rss------bug_bounty-5Vipul Sonuleai, bug-bounty, hacking, penetration-testing, cybersecurity01-Apr-2025
Advanced Google Dorking | Part 18https://osintteam.blog/advanced-google-dorking-part-18-c96469860e01?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, bug-bounty-tips, pentesting, ethical-hacking, cybersecurity01-Apr-2025
Business Logic Error Leads to Unauthorized Privilege Downgrade of Report Ownerhttps://som3a.medium.com/business-logic-error-leads-to-unauthorized-privilege-downgrade-of-report-owner-d34fcb43e0f3?source=rss------bug_bounty-50xSOM3Abug-bounty, pentesting, bug-bounty-tips, cybersecurity, business-logic-bug01-Apr-2025
Never leave any API endpoint request unchecked during login or sign-up!https://systemweakness.com/never-leave-any-api-endpoint-request-unchecked-during-login-or-sign-up-2df8230de2ca?source=rss------bug_bounty-5Gokuleswaran Bbug-bounty-writeup, bug-bounty-tips, publications-on-medium, bug-bounty, indian-post-office01-Apr-2025
IDOR Vulnerability in Payment Gateway Exposing User Order Detailshttps://medium.com/@Oiluminado_x86/idor-vulnerability-in-payment-gateway-exposing-user-order-details-d96d8e9453b8?source=rss------bug_bounty-5O iluminado_x86bug-bounty, cybersecurity, hacking, bug-bounty-tips31-Mar-2025
How I Hacked the IRCTC eCatering Portalhttps://medium.com/@deepak7903800/how-i-hacked-the-irctc-ecatering-portal-e25aeb074b7e?source=rss------bug_bounty-5Deepak kumarinformation-security, bug-bounty, ctf, hacking, cybersecurity31-Mar-2025
Next.js Middleware Authentication Bypass (CVE-2025–29927): Exploitation, Impact, and Mitigationhttps://medium.com/@prashunbaral/next-js-middleware-authentication-bypass-cve-2025-29927-exploitation-impact-and-mitigation-2810f6f76bd9?source=rss------bug_bounty-5Prashun Baralbug-bounty, cve-2025-29927, nextjs, vulnerability, cybersecurity31-Mar-2025
Advanced Fuzzing to find entry points to serious bugs!https://aarnavsaboo.medium.com/fuzz-yo-67c26b24c7a0?source=rss------bug_bounty-5Aarnav Saboonetworking, bug-bounty, cybersecurity, vulnerability, ethical-hacking31-Mar-2025
AI-Powered SaaS Security: The Key to Protecting an Expanding Attack Surfacehttps://medium.com/@Cyber-AppSec/ai-powered-saas-security-the-key-to-protecting-an-expanding-attack-surface-9d3e4a34364d?source=rss------bug_bounty-5Cyber-AppSecbug-bounty, bug-bounty-tips, application-security, information-technology, information-security31-Mar-2025
How I Made $9,000 in One Month from Bug Bountyhttps://eulex.medium.com/how-i-made-9-000-in-one-month-from-bug-bounty-9403147b4d07?source=rss------bug_bounty-5Milad Safdari (Eulex)bug-bounty, bug-bounty-tips, vulnerability, hacking, security-research31-Mar-2025
How I Accidentally Became the Sherlock Holmes of RCE! and made $$$https://medium.com/@iski/how-i-accidentally-became-the-sherlock-holmes-of-rce-and-made-b8857eefeecb?source=rss------bug_bounty-5Iskihacking, infosec, cybersecurity, bug-bounty, money31-Mar-2025
Why is this the ultimate SQL injection tool out there in the markethttps://medium.com/@gasmask/sqlmap-on-steroids-unleashing-sql-injection-b4602eefd4a3?source=rss------bug_bounty-5gasmaskhacking, linux, sqlmap, bug-bounty, penetration-testing31-Mar-2025
Never Underestimate Any API Key Leak. This is why I Got a Hall of Fame from “Your Dost”https://hiddendom.medium.com/never-underestimate-any-api-key-leak-this-is-why-i-got-a-hall-of-fame-from-your-dost-25ef5a32dc7e?source=rss------bug_bounty-5Gokuleswaran Bpenetration-testing, bug-bounty, bug-bounty-writeup, bug-bounty-tips, firebase31-Mar-2025
Bug Bounty Tips: Exploiting .git File Disclosure for Fun & Profithttps://frostyxsec.medium.com/bug-bounty-tips-exploiting-git-file-disclosure-for-fun-profit-5a85e82e580c?source=rss------bug_bounty-5Frostyxsecbug-hunting, bug-bounty-tips, bug-bounty, cybersecurity, bug-hunter31-Mar-2025
From LFI to RCE: How I Turned a File Read into Shell Accesshttps://medium.com/@sujeetkamblesrk/from-lfi-to-rce-how-i-turned-a-file-read-into-shell-access-073ec2e5501e?source=rss------bug_bounty-5Sujeetkamblesrkcybersecurity, bug-bounty31-Mar-2025
The Ultimate Roadmap to Becoming a Bug Bounty Hunterhttps://medium.com/@aashifm/the-ultimate-roadmap-to-becoming-a-bug-bounty-hunter-7d4e0cedf5fd?source=rss------bug_bounty-5127.0.0.1roadmaps, bug-bounty, bugs, vulnerability, tools31-Mar-2025
Bug Bounty Automation: Save Time with These Smart Hacking Scripts — @verylazytechhttps://medium.com/@verylazytech/bug-bounty-automation-save-time-with-these-smart-hacking-scripts-verylazytech-5b42f6602636?source=rss------bug_bounty-5Very Lazy Techethical-hacking, subdomain, penetration-testing, bug-bounty, hacking31-Mar-2025
DorkMine — Unleash the Power of Google Dorking Like Never Before!https://gktomic.medium.com/dorkmine-unleash-the-power-of-google-dorking-like-never-before-0eca2f05e111?source=rss------bug_bounty-5Gopalakrishnancybersecurity, google-dorking, bug-bounty-writeup, bug-bounty, bug-bounty-tips31-Mar-2025
How I Accidentally Became the Sherlock Holmes of RCE! and made $$$https://infosecwriteups.com/how-i-accidentally-became-the-sherlock-holmes-of-rce-and-made-b8857eefeecb?source=rss------bug_bounty-5Iskihacking, infosec, cybersecurity, bug-bounty, money31-Mar-2025
I Went on the Dark Web and Instantly Regretted Ithttps://medium.com/@vipulsonule71/i-went-on-the-dark-web-and-instantly-regretted-it-3fffd0583f03?source=rss------bug_bounty-5Vipul Sonuletech, cybersecurity, darkweb, hacking, bug-bounty31-Mar-2025
How I Hacked My School Website (And Reported It!)https://medium.com/@jithendhriyen/how-i-hacked-my-school-website-and-reported-it-ce5882b0f17a?source=rss------bug_bounty-5jithendhriyenvulnerability, sql-injection, bug-bounty, information-security, hacking31-Mar-2025
ClatScope: The Ultimate OSINT Tool for Bug Bounty Hunters & Cyber Sleuths!https://medium.com/@pentesterclubpvtltd/clatscope-the-ultimate-osint-tool-for-bug-bounty-hunters-cyber-sleuths-7a1ea4dbbb65?source=rss------bug_bounty-5Pentester Clubcybersecurity, ctf, bug-bounty, osint, hacking31-Mar-2025
Eyes OSINT: The Ultimate Bug Bounty Tool for Hackers & Cyber Sleuths!https://medium.com/@pentesterclubpvtltd/eyes-osint-the-ultimate-bug-bounty-tool-for-hackers-cyber-sleuths-4bcd8c89b428?source=rss------bug_bounty-5Pentester Clubbug-bounty, hacking, osint, cybersecurity, ctf31-Mar-2025
Master NFS Enumeration with RPCScan & SuperEnum | Ultimate Bug Bounty & Pentesting Guide!https://medium.com/@pentesterclubpvtltd/master-nfs-enumeration-with-rpcscan-superenum-ultimate-bug-bounty-pentesting-guide-aa4da7cf077c?source=rss------bug_bounty-5Pentester Clubcybersecurity, hacking, bug-bounty, ctf, massage-therapy31-Mar-2025
I Found a Critical Bug in JWT Authentication and Earned $10,000 — Here’s How You Can Too!https://theindiannetwork.medium.com/i-found-a-critical-bug-in-jwt-authentication-and-earned-10-000-heres-how-you-can-too-8cec94913727?source=rss------bug_bounty-5TheIndianNetworkjwt, bug-bounty, jwt-token, bug-bounty-tips, auth-bypass31-Mar-2025
My First Bug Bounty Success: Earning $500 by Uncovering a DoS Vulnerabilityhttps://medium.com/@entit_y/my-first-bug-bounty-success-earning-500-by-uncovering-a-dos-vulnerability-f0456eb72576?source=rss------bug_bounty-5Entit_ybug-bounty-writeup, web-hacking, cybersecurity, bug-bounty, bug-bounty-tips31-Mar-2025
Understanding Length Extension Attackshttps://medium.com/@mark-r/understanding-length-extension-attacks-855084c0170d?source=rss------bug_bounty-5Mark Royctf-writeup, ctf, ctf-walkthrough, bug-bounty, penetration-testing30-Mar-2025
Unauthorized Therapist Association Vulnerabilityhttps://medium.com/@EL_cazad0r/unauthorized-therapist-association-vulnerability-bd2979914af1?source=rss------bug_bounty-5EL_Cazad0rbug-bounty-writeup, bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips30-Mar-2025
The Dark Side of Bug Bounty: From Rewards to Punishmenthttps://medium.com/@krivadna_87390/the-dark-side-of-bug-bounty-from-rewards-to-punishment-544a1a6f526e?source=rss------bug_bounty-5Krivadnapenetration-testing, infosec-write-ups, bug-bounty, bugbounty-writeup, cybersecurity30-Mar-2025
This Tool Helped me to find ORIGIN IP(Automated way)https://infosecwriteups.com/this-tool-helped-me-to-find-origin-ip-automated-way-9a95632d65fe?source=rss------bug_bounty-5Canonminibeastbug-bounty, cloudflare, ip, cybersecurity, hacking30-Mar-2025
Recently, I explored an efficient Small Scope Recon approach!https://medium.com/@parthchheda777/recently-i-explored-an-efficient-small-scope-recon-approach-3c46a3bc549e?source=rss------bug_bounty-5Parthchhedapenetration-testing, cybersecurity, bug-bounty30-Mar-2025
Medium and Large Scope Reconhttps://medium.com/@parthchheda777/medium-and-large-scope-recon-8fb8dd9eab15?source=rss------bug_bounty-5Parthchhedacybersecurity, osint, penetration-testing, bug-bounty30-Mar-2025
How I Discovered an Account Takeover Vulnerability (And Earned $300!)https://cybertamarin.medium.com/how-i-discovered-an-account-takeover-vulnerability-and-earned-300-063432bf8e1c?source=rss------bug_bounty-5Cyber Tamarinethical-hacking, bug-bounty, web-security, cybersecurity30-Mar-2025
How I Made $2000 from an Easy Bughttps://infosecwriteups.com/how-i-made-2000-from-an-easy-bug-a05f48e6c7c2?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, hacking, cybersecurity, bug-bounty, money30-Mar-2025
Unlock Exclusive Discounts on My Udemy Courses!https://medium.com/@deepdive4learn/unlock-exclusive-discounts-on-my-udemy-courses-829d1635a2f1?source=rss------bug_bounty-5DeepDive4learnweb-development, penetration-testing, bug-bounty, cybersecurity, aws-certification30-Mar-2025
The $1.7 Billion Blind Spot: How Web2 Flaws Are Wrecking Web3 Projects from the Insidehttps://fr3ak-hacks.medium.com/the-1-7-billion-blind-spot-how-web2-flaws-are-wrecking-web3-projects-from-the-inside-bf03bbf1ef81?source=rss------bug_bounty-5Anindya Sankar Royweb3-security, bug-bounty, web3, web3bugbounty, cryptocurrency30-Mar-2025
How I Found a Payment Tampering Bug and Almost Paid Zero Dollars!https://infosecwriteups.com/how-i-found-a-payment-tampering-bug-and-almost-paid-zero-dollars-0933297f77f0?source=rss------bug_bounty-5Iskibug-bounty, infosec, money, cybersecurity, hacking30-Mar-2025
Privilege Escalation via Registration Feature Writeuphttps://medium.com/@malvinval/privilege-escalation-via-registration-feature-writeup-3f02c66b2391?source=rss------bug_bounty-5Malvin Valerianethical-hacking, cyber-security-awareness, bug-bounty, bug-bounty-writeup30-Mar-2025
Find Subdomains Like a Pro!https://medium.com/@dharineeshj2/find-subdomains-like-a-pro-df2c169ce153?source=rss------bug_bounty-5Hack-Batbug-bounty, security, penetration-testing, hacking, cybersecurity30-Mar-2025
NoSQL Injection: How to Exploit, Identify, and Prevent (Step-by-Step Guide)https://medium.com/@verylazytech/nosql-injection-how-to-exploit-identify-and-prevent-step-by-step-guide-a6c8b7ab60d6?source=rss------bug_bounty-5Very Lazy Techpenetration-testing, nosql, exploit, ethical-hacking, bug-bounty30-Mar-2025
How to Find P4 Bugs Easily ️‍♂️https://medium.com/@vipulsonule71/how-to-find-p4-bugs-easily-%EF%B8%8F-%EF%B8%8F-e2b35416b82d?source=rss------bug_bounty-5Vipul Sonulehacking, ethical-hacking, bug-bounty, penetration-testing, bug-bounty-tips30-Mar-2025
Cybersecurity in the Age of Remote Work: Protecting Your Workforcehttps://medium.com/@nomitvyas.suncity/cybersecurity-in-the-age-of-remote-work-protecting-your-workforce-2220310aa4df?source=rss------bug_bounty-5Nomit Vyashacking, cybersecurity, news, bug-bounty, politics30-Mar-2025
How I Uncovered Sensitive Data in a Public Config File and Injected Fake Logshttps://medium.com/@iamshafayat/how-i-uncovered-sensitive-data-in-a-public-config-file-and-injected-fake-logs-46496eb18f50?source=rss------bug_bounty-5Shafayat Ahmed Alifbug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup, bug-bounty-methodology30-Mar-2025
How I Bypassed 2 layers 2FA on a B2B Site,an awesome experience!https://take0verx0.medium.com/how-i-bypassed-2fa-on-a-b2b-site-and-earned-a-critical-bug-bounty-ea4ff9e4094b?source=rss------bug_bounty-5Shahariar Aminbug-bounty-tips, bug-bounty30-Mar-2025
Eldoria Realms — HackTheBox — Cyber Apocalypse 2025https://medium.com/@dassomnath/eldoria-realms-hackthebox-cyber-apocalypse-2025-ecde31783ec9?source=rss------bug_bounty-5Somnath Dashacking, web, bug-bounty, ctf, ctf-writeup30-Mar-2025
Bug Bounty Hunter’s Nightmare: The Dark Secrets No One Talks About! ⚠️https://theindiannetwork.medium.com/bug-bounty-hunters-nightmare-the-dark-secrets-no-one-talks-about-%EF%B8%8F-f20971abcbee?source=rss------bug_bounty-5TheIndianNetworkbug-bounty, bugs, bug-bounty-writeup, bug-bounty-tips, bug-zero30-Mar-2025
I Bypassed Admin Panel & Stole Data in Minutes! Easility Worth $7500 (Real-World Exploit)https://theindiannetwork.medium.com/i-bypassed-admin-panel-stole-data-in-minutes-easility-worth-7500-real-world-exploit-da9b23fcdb4a?source=rss------bug_bounty-5TheIndianNetworkbug-bounty-tips, bug-bounty-writeup, bug-bounty, broken-access-control, idor30-Mar-2025
Will AI Steal My Job as a Bug Hunter? The Truth About ChatGPT & Cybersecurityhttps://medium.com/dare-to-be-better/will-ai-steal-my-job-as-a-bug-hunter-the-truth-about-chatgpt-cybersecurity-48897ec03ace?source=rss------bug_bounty-5Ahmad Javedai, cybersecurity, chatgpt, bug-bounty, tech-trends29-Mar-2025
150,000 Websites Hijacked by JavaScript Injection: How Hackers Are Promoting Chinese Gambling Siteshttps://medium.com/@Cyber-AppSec/150-000-websites-hijacked-by-javascript-injection-how-hackers-are-promoting-chinese-gambling-sites-0e1e8eb2b990?source=rss------bug_bounty-5Cyber-AppSecbug-bounty, information-technology, cybercrime, cyber-security-awareness, cybersecurity29-Mar-2025
Bug Hunting & Automationhttps://medium.com/h7w/bug-hunting-automation-a284c3ff1967?source=rss------bug_bounty-5Monika sharmapenetration-testing, technology, tech, bug-bounty, bug-bounty-tips29-Mar-2025
Bug Bounty Tips: Subdomain Takeover — Explanation, Steps & Mitigationhttps://frostyxsec.medium.com/bug-bounty-tips-subdomain-takeover-explanation-steps-mitigation-d5be0ea7f8b1?source=rss------bug_bounty-5Frostyxsecbug-hunting, bug-bounty, cybersecurity, bug-bounty-tips, bug-hunter29-Mar-2025
Access Control in Smart Contracts: Why It’s Non-Negotiablehttps://securrtech.medium.com/access-control-in-smart-contracts-why-its-non-negotiable-79af14523f28?source=rss------bug_bounty-5Securr - Web3 Securityblockchain-security, bug-bounty, smart-contract-security, smart-contract-auditing, web3-security29-Mar-2025
Why You Need Your Own Recon Strategy in Bug Bounty (And Why Copy-Pasting Won’t Make You Rich )https://myselfakash20.medium.com/why-you-need-your-own-recon-strategy-in-bug-bounty-and-why-copy-pasting-wont-make-you-rich-faccc53b3d87?source=rss------bug_bounty-5Akash Ghoshbug-bounty-writeup, technology, bug-bounty, cybersecurity, bug-bounty-tips29-Mar-2025
How to Make Bug Bounty Easy?https://infosecwriteups.com/how-to-make-bug-bounty-easy-f2164a69048c?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, money, hacking, bug-bounty, cybersecurity29-Mar-2025
The “Immortal” Password Reset Link: A Bug Hunter’s Delighthttps://medium.com/@garvsanwariya60/the-immortal-password-reset-link-a-bug-hunters-delight-f3233066b8c9?source=rss------bug_bounty-5Garvsanwariyaweb-hacking, hacking, bug-bounty-tips, cyber-security-solutions, bug-bounty29-Mar-2025
Javascript Recon for Bug Bounty & Pentestinghttps://medium.com/meetcyber/javascript-recon-for-bug-bounty-pentesting-3b22617007ec?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, bug-bounty, pentesting, cybersecurity, ethical-hacking29-Mar-2025
Building the Ultimate Docker-Based Bug Bounty Machine: Part 3 — GUI Frontend & Advanced…https://medium.com/@WillFromSwiss/building-the-ultimate-docker-based-bug-bounty-machine-part-3-gui-frontend-advanced-4348d33fa0e5?source=rss------bug_bounty-5WillFromSwisshacking, bug-bounty, docker, metasploit, pentesting29-Mar-2025
Building the Ultimate Docker-Based Bug Bounty Machine: Part 2 — Workflows & Automationhttps://medium.com/@WillFromSwiss/building-the-ultimate-docker-based-bug-bounty-machine-part-2-workflows-automation-9beff4a8b55d?source=rss------bug_bounty-5WillFromSwissdocker, hacking-tools, bug-bounty, hacking, pentesting29-Mar-2025
Building the Ultimate Docker-Based Bug Bounty Machine: Part 1 — Setup & Installationhttps://medium.com/@WillFromSwiss/building-the-ultimate-docker-based-bug-bounty-machine-part-1-setup-installation-fe829bde99a6?source=rss------bug_bounty-5WillFromSwisshacking, automation-testing, pentesting, docker, bug-bounty29-Mar-2025
Mastering Web Pentesting with Nuclei: From Installation to Advanced Techniqueshttps://medium.com/@WillFromSwiss/mastering-web-pentesting-with-nuclei-from-installation-to-advanced-techniques-8c0d734078ee?source=rss------bug_bounty-5WillFromSwisshacking, pentesting, nucleus, bug-bounty, cybersecurity29-Mar-2025
Mastering F5 GTM (BIG-IP DNS): Advanced Traffic Management & Global Load Balancing!https://medium.com/@deepdive4learn/mastering-f5-gtm-big-ip-dns-advanced-traffic-management-global-load-balancing-36267066359a?source=rss------bug_bounty-5DeepDive4learncybersecurity, bug-bounty, load-balancing, dns, networking29-Mar-2025
Master F5 BIG-IP — Limited-Time Promo Codes Inside!https://medium.com/@deepdive4learn/master-f5-big-ip-limited-time-promo-codes-inside-178c0360f925?source=rss------bug_bounty-5DeepDive4learncybersecurity, web-development, penetration-testing, bug-bounty, aws29-Mar-2025
I Built the Ultimate Docker-Based Bug Bounty Machine That Transformed My Workflowhttps://medium.com/@WillFromSwiss/i-built-the-ultimate-docker-based-bug-bounty-machine-that-transformed-my-workflow-47a3bf651895?source=rss------bug_bounty-5WillFromSwissdocker, pentesting, bug-bounty, cybersecurity, hacking29-Mar-2025
What Happens on Next.js?https://cubeesecgroup.medium.com/what-happens-on-next-js-c1e8e6b2161b?source=rss------bug_bounty-5CUBeeSEC Securitiescve-2025-29927, bug-bounty, nextjs, vulnerability-assessment, penetration-testing29-Mar-2025
When Amazon Gave Me Free Storage (But I Gave It Back)https://medium.com/@iski/when-amazon-gave-me-free-storage-but-i-gave-it-back-9734c058cd05?source=rss------bug_bounty-5Iskicybersecurity, bug-bounty, s3-bucket, bug-bounty-tips, aws29-Mar-2025
Biggest Information Disclosure Bug I Found Today — Easily Worth $800+ in Bug Bounty!https://theindiannetwork.medium.com/biggest-information-disclosure-bug-i-found-today-easily-worth-800-in-bug-bounty-e2d5bcfb1569?source=rss------bug_bounty-5TheIndianNetworkinformation-technology, bug-bounty, information-disclosure, information-security, bug-bounty-tips29-Mar-2025
I Found Cache Poisoning & Earned $500 in Just a Few Minutes!https://theindiannetwork.medium.com/i-found-cache-poisoning-earned-500-in-just-a-few-minutes-78337a437d55?source=rss------bug_bounty-5TheIndianNetworkcache, cache-poisoning, bug-bounty-tips, bug-bounty-writeup, bug-bounty29-Mar-2025
I Found Host Header Injection & Got a Quick $1,000 Bounty! (Full Guide)https://theindiannetwork.medium.com/i-found-host-header-injection-got-a-quick-1-000-bounty-full-guide-0573ea19ab19?source=rss------bug_bounty-5TheIndianNetworkhost-header, bug-bounty-writeup, bug-bounty-tips, host-header-injection, bug-bounty29-Mar-2025
Reflected XSS via X-Forwarded-For Header on https://api.target.com/iphttps://medium.com/@ugs20b126_cic.rajesh/reflected-xss-via-x-forwarded-for-header-on-https-api-target-com-ip-96642a4a49ed?source=rss------bug_bounty-5Rajesh Sagarinfosec, bug-bounty, xss-vulnerability29-Mar-2025
A Next.js vulnerability lets attackers bypass middleware using trailing slashes and URL encoding.https://cubeesecgroup.medium.com/what-happens-on-next-js-c1e8e6b2161b?source=rss------bug_bounty-5CUBeeSEC Securitiescve-2025-29927, bug-bounty, nextjs, vulnerability-assessment, penetration-testing29-Mar-2025
Top 5 Websites for Information Gathering — Part 1https://cyberw1ng.medium.com/top-5-websites-for-information-gathering-part-1-90b36746f5b5?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, bug-bounty, programming, technology29-Mar-2025
Mastering Logic Bugs: A Checklist for Bug Hunters PART 2 { IDOR ‍}https://medium.com/@mahdisalhi0500/mastering-logic-bugs-a-checklist-for-bug-hunters-part-2-idor-6f411e90509d?source=rss------bug_bounty-5CaptinSHArky(Mahdi)bug-bounty, cybersecurity, hacking, penetration-testing, infosec29-Mar-2025
“No Good Deed Goes Unnoticed? Not in Cybersecurity.” : An unlucky hacker’s Storyhttps://medium.com/@nijina7/no-good-deed-goes-unnoticed-not-in-cybersecurity-an-unlucky-hackers-story-3ebbb74e5b9e?source=rss------bug_bounty-5Nijin Kcybersecurity, hacking, bugs, bug-bounty-writeup, bug-bounty29-Mar-2025
When Amazon Gave Me Free Storage (But I Gave It Back)https://awstip.com/when-amazon-gave-me-free-storage-but-i-gave-it-back-9734c058cd05?source=rss------bug_bounty-5Iskicybersecurity, bug-bounty, s3-bucket, bug-bounty-tips, aws29-Mar-2025
Finding Information Disclosure Bugs Like a Prohttps://osintteam.blog/finding-information-disclosure-bugs-like-a-pro-19f9840d3f63?source=rss------bug_bounty-5Monika sharmapenetration-testing, hacking, bug-bounty, bug-bounty-tips, technology28-Mar-2025
Understanding Web Request Methods and Responseshttps://medium.com/@aashifm/understanding-web-request-methods-and-responses-4a7abc8e1cba?source=rss------bug_bounty-5127.0.0.1http-request, http-response, cybersecurity, web-penetration-testing, bug-bounty28-Mar-2025
Earn $1000: Account Takeover by This Methodologyhttps://infosecwriteups.com/earn-1000-account-takeover-by-this-methodology-cc1cbf6d9eae?source=rss------bug_bounty-5Abhijeet Kumawataot, cybersecurity, hacking, bug-bounty, infosec28-Mar-2025
Practical OSINT Commands for Cyber Investigationshttps://medium.com/@paritoshblogs/practical-osint-commands-for-cyber-investigations-3e6b039b4b4b?source=rss------bug_bounty-5Paritoshosint, information-technology, threat-intelligence, cybersecurity, bug-bounty28-Mar-2025
DOM-Based Cross-Site Scripting (XSS)https://medium.com/@anandrishav2228/dom-based-cross-site-scripting-xss-828c223a80f3?source=rss------bug_bounty-5Rishav anandmoney, hacking, infosec, bug-bounty, cybersecurity28-Mar-2025
How I Found an Unauthorized RCE Bug in an Amazon EC2 Instance Using Censyshttps://medium.com/@swarooppatil3125/how-i-found-an-unauthorized-rce-bug-in-an-amazon-ec2-instance-using-censys-82c8bac79467?source=rss------bug_bounty-5Swarooppatilcybersecurity, money, bug-bounty, code, remote-code-execution28-Mar-2025
How to Find Hidden API Endpoints That Lead to Critical Bugshttps://medium.com/@vipulsonule71/how-to-find-hidden-api-endpoints-that-lead-to-critical-bugs-054310629e64?source=rss------bug_bounty-5Vipul Sonulepenetration-testing, hacking, bug-bounty, ai, cybersecurity28-Mar-2025
OSINT Secrets: How Hackers and Investigators Uncover Hidden Informationhttps://osintteam.blog/osint-secrets-how-hackers-and-investigators-uncover-hidden-information-5303ee570cc6?source=rss------bug_bounty-5Elie Attiehpenetration-testing, open-source-intelligence, cybersecurity, osint, bug-bounty28-Mar-2025
CVE-2025-31080 WordPress HTML Forms Plugin <= 1.5.1 Vulnerable to Cross-Site Scripting (XSS)https://abhinav-porwal.medium.com/cve-2025-31080-wordpress-html-forms-plugin-1-5-1-vulnerable-to-cross-site-scripting-xss-ae6ec99b7dd3?source=rss------bug_bounty-5Abhinav Porwalethical-hacking, bug-bounty, hacking, information-security, infosec28-Mar-2025
Is Bug Bounty Easy?https://infosecwriteups.com/is-bug-bounty-easy-f1ae04ceb8e6?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, infosecurity, cybersecurity, hacking28-Mar-2025
Critical Wallet Connection Bug Found on OpenSea Dealshttps://medium.com/@emrahcoban_84107/critical-wallet-connection-bug-found-on-opensea-deals-55f071c26288?source=rss------bug_bounty-5Emrah Çobanweb3, github, qa, bug-bounty, metamask28-Mar-2025
I Found HTTP Request Smuggling & Got a Huge Bug Bounty! (Full Exploit Guide)https://theindiannetwork.medium.com/i-found-http-request-smuggling-got-a-huge-bug-bounty-full-exploit-guide-1ac855ee1695?source=rss------bug_bounty-5TheIndianNetworkbug-bounty-tips, http-request-smuggling, bug-bounty, http-request, bug-bounty-writeup28-Mar-2025
I Found Remote Code Execution in a Cookie & Earned $5000! (Full Exploit Guide)https://theindiannetwork.medium.com/i-found-remote-code-execution-in-a-cookie-earned-5000-full-exploit-guide-d2e07d5b253c?source=rss------bug_bounty-5TheIndianNetworkrce-vulnerability, bug-bounty, remote-code-execution, rce, bug-bounty-tips28-Mar-2025
The Ultimate SSRF Testing Guide: Unleash the Hidden Web Secrets (2025)https://theindiannetwork.medium.com/the-ultimate-ssrf-testing-guide-unleash-the-hidden-web-secrets-2025-8c151068cedf?source=rss------bug_bounty-5TheIndianNetworkssrf-attack, bug-bounty-writeup, bug-bounty, ssrf, bug-bounty-tips28-Mar-2025
How A Null Character Was Used to Bypass Paymentshttps://medium.com/@diogo.gouveia2/how-a-null-character-was-used-to-bypass-payments-7b417932dede?source=rss------bug_bounty-5Diogo Gouveiapentesting, bug-bounty-writeup, cybersecurity, bug-bounty, penetration-testing28-Mar-2025
A Great tool for bug bounty hunters and Osint investigators.https://medium.com/@loyalonlytoday/a-great-tool-for-bug-bounty-hunters-and-osint-investigators-4e8c88d92f3a?source=rss------bug_bounty-5loyalonlytodaycybersecurity, bug-bounty, investigation, osint, awareness28-Mar-2025
My First Bug Report: Logical Flaw in Task Completion Allows Unauthorized Coin Increment via Request…https://medium.com/@jaga08official/my-first-bug-report-logical-flaw-in-task-completion-allows-unauthorized-coin-increment-via-request-ab63fe7259b7?source=rss------bug_bounty-5Jagabug-hunting, bug-bounty, vulnerability-disclosure, ethical-hacking, cybersecurity28-Mar-2025
The Naked-Eye Bug Hunt: Finding Flaws Without a Single Toolhttps://strangerwhite.medium.com/the-naked-eye-bug-hunt-finding-flaws-without-a-single-tool-bc4b448cefaf?source=rss------bug_bounty-5StrangeRwhitehacking, bug-bounty-tips, cybersecurity, writeup, bug-bounty28-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-125)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-125-e1adee54884d?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, ethical-hacking, bug-bounty-tips, hacking28-Mar-2025
Risk Management in Cybersecurity: Assessing Probability vs. Impacthttps://medium.com/@deepdive4learn/risk-management-in-cybersecurity-assessing-probability-vs-impact-46ea0016c083?source=rss------bug_bounty-5DeepDive4learnapi, web-development, penetration-testing, cybersecurity, bug-bounty28-Mar-2025
Why SAST is a Must-Have Skill for AppSec Professionals!https://sahildari.medium.com/why-sast-is-a-must-have-skill-for-appsec-professionals-014cc40f98fc?source=rss------bug_bounty-5Sahil Daribug-bounty, cybersecurity, appsec, sast28-Mar-2025
The Zombie Bug — Critical CVE 2025 Storyhttps://0xparth.medium.com/the-zombie-bug-critical-cve-2025-story-6cccb20ee8f5?source=rss------bug_bounty-5Parth Shuklavulnerability, ai, bug-bounty, cybersecurity, technology28-Mar-2025
This Tool Helped me to find ORIGIN IP(Automated way)https://medium.com/@canonminibeast/this-tool-helped-me-to-find-origin-ip-automated-way-d3eb76da3487?source=rss------bug_bounty-5Canonminibeasthacking, cybersecurity, bug-bounty, hacking-tools, web-pen-testing28-Mar-2025
Static Application Security Testing SAST Series: Part 1https://sahildari.medium.com/sast-series-part-1-a7cf18df0022?source=rss------bug_bounty-5Sahil Daricybersecurity, appsec, sast, path-manipulation, bug-bounty28-Mar-2025
How To Deal With Open Ports & Nmap Like a Pro?https://medium.com/@nnface/how-to-deal-with-open-ports-nmap-like-a-pro-6126ef0d9339?source=rss------bug_bounty-5NnFacecybersecurity, hacking, nmap, bug-bounty, kali-linux28-Mar-2025
Part 3: Advanced Techniques & Use Cases of Nuclei for Bug Bountyhttps://cyberw1ng.medium.com/part-3-advanced-techniques-use-cases-of-nuclei-for-bug-bounty-1fb810800b8c?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, technology, cybersecurity, careers, bug-bounty28-Mar-2025
How I Found a $10,000 Typo: A Beginner’s Guide to Bug Bounty Huntinghttps://medium.com/meetcyber/how-i-found-a-10-000-typo-a-beginners-guide-to-bug-bounty-hunting-4550f5af21fa?source=rss------bug_bounty-5Ahmad Javedtech-career, ethical-hacking, bug-bounty, cybersecurity, learn-to-code28-Mar-2025
️Insecure Direct Object Reference (IDOR) — Unauthorized Account Accesshttps://medium.com/@Oiluminado_x86/%EF%B8%8Finsecure-direct-object-reference-idor-unauthorized-account-access-dd4018b98fa9?source=rss------bug_bounty-5O iluminado_x86idor-vulnerability, bug-bounty-tips, privilege-escalation, bug-bounty, cybersecurity28-Mar-2025
How AI is Changing the Bug Bounty Landscape (And Why Hackers Aren’t Mad About It)https://cybersecuritywriteups.com/how-ai-is-changing-the-bug-bounty-landscape-and-why-hackers-arent-mad-about-it-34e2936cf640?source=rss------bug_bounty-5Ahmad Javedcybersecurity, bug-bounty, ai, ethical-hacking, penetration-testing27-Mar-2025
Information Disclosure leads To Unauthorized Access (easy github dork)https://medium.com/@Oiluminado_x86/information-disclosure-leads-to-unauthorized-access-easy-github-dork-7fb94821d30c?source=rss------bug_bounty-5O iluminado_x86bug-bounty, information-disclosure, hacking, penetration-testing27-Mar-2025
From 0 to 100K: How Gamification is Turning Bug Hunting into a Crypto-Style Grindhttps://medium.com/meetcyber/from-0-to-100k-how-gamification-is-turning-bug-hunting-into-a-crypto-style-grind-253e30b7e828?source=rss------bug_bounty-5Ahmad Javedcybersecurity, ethical-hacking, penetration-testing, pentesting, bug-bounty27-Mar-2025
How I Made $1,000 in a Day Exposing a Critical Vulnerabilityhttps://medium.com/@ibtissamhammadi/how-i-made-1-000-in-a-day-exposing-a-critical-vulnerability-3742ac0e58df?source=rss------bug_bounty-5Ibtissam Hammadipassive-income, ethical-hacking, makemoney-online, bug-bounty, cybersecurity27-Mar-2025
How to Choose the Right Bug Bounty Programs as a Beginnerhttps://osintteam.blog/how-to-choose-the-right-bug-bounty-programs-as-a-beginner-3cdfdd86b0c3?source=rss------bug_bounty-5Vivek PSbug-bounty, programming, hacking, web-development, cybersecurity27-Mar-2025
How I Found a CSRF Vulnerability in Profile Picture Deletionhttps://medium.com/@EL_cazad0r/how-i-found-a-csrf-vulnerability-in-profile-picture-deletion-b95bf8e6d579?source=rss------bug_bounty-5EL_Cazad0rbug-bounty-writeup, bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips27-Mar-2025
Facebook Reels Post Audience Privacy Misconfiguration : Meta Bug Bounty (3000 USD)https://zerocode-ph.medium.com/facebook-reels-post-audience-privacy-misconfiguration-meta-bug-bounty-3000-usd-805e39ab7948?source=rss------bug_bounty-5Syd Ricafort (0cod3)facebook-bug-bounty, meta-bug-bounty, bug-bounty27-Mar-2025
HackTheBox Certified Bug Bounty Hunter Study Notes & Guidehttps://motasemhamdan.medium.com/hackthebox-certified-bug-bounty-hunter-study-notes-guide-d05360f200dd?source=rss------bug_bounty-5Motasem Hamdaninfosec, bug-bounty, cybersecurity, hacking, hackthebox27-Mar-2025
Automate Open Redirection and XSS Testing with URL Auto Openerhttps://medium.com/@GrayWhite/automate-open-redirection-and-xss-testing-with-url-auto-opener-61af38087c54?source=rss------bug_bounty-5CrookSecxss-hunting, cybersecurity, open-redirection, url-testing, bug-bounty27-Mar-2025
Debugging PostgreSQL Installation on macOShttps://funnymous43.medium.com/debugging-postgresql-installation-on-macos-a49d2aa343a0?source=rss------bug_bounty-5hipster' Santospostgresql, backend, python, bug-bounty, database27-Mar-2025
Mastering Hydra: The Ultimate Brute-Force Cheatsheet for Ethical Hackershttps://medium.com/@cybrpunked/mastering-hydra-tool-the-biggest-cheatsheet-you-will-ever-need-7a050110a802?source=rss------bug_bounty-5Cybrpunkedinfosec, bug-bounty, cybersecurity, hacking, pentesting27-Mar-2025
The Ultimate XSS Scanner & Parameter Analysis Tool for Bug Huntershttps://medium.com/cyberscribers-exploring-cybersecurity/the-ultimate-xss-scanner-parameter-analysis-tool-for-bug-hunters-3c37111ac267?source=rss------bug_bounty-5Elie Attiehcybersecurity, bug-hunting, bug-bounty, bug-bounty-tips, bug-bounty-writeup27-Mar-2025
How I Hacked Medium (And Medium Hacked Me Back)https://osintteam.blog/how-i-hacked-medium-and-medium-hacked-me-back-c34d48f9199a?source=rss------bug_bounty-5Vivek PScybersecurity, bug-bounty, web-development, hacking, programming27-Mar-2025
HostTracer: A Powerful Tool for DNS and Hosting Reconnaissancehttps://medium.com/@GrayWhite/hosttracer-a-powerful-tool-for-dns-and-hosting-reconnaissance-e2f78ca525b4?source=rss------bug_bounty-5CrookSecreconnaissance, whois, bug-bounty, dns-lookup, hosting27-Mar-2025
RCE Via File upload And How To Fix Ithttps://medium.com/@snpxblack2006/rce-via-file-upload-and-how-to-fix-it-b2f39e745c27?source=rss------bug_bounty-5everythingBlackkkcybersecurity, hacking, bug-bounty, php, web-development27-Mar-2025
How I found 4 vulnerabilities in only 1 day?https://systemweakness.com/how-i-found-4-vulnerabilities-in-only-1-day-473a870b583a?source=rss------bug_bounty-5Imad Husanovicethical-hacking, bug-bounty-tips, bug-bounty, cybersecurity, programming27-Mar-2025
Hidden Backdoors in Web Apps: How Hackers Exploit Them ✨https://medium.com/@vipulsonule71/hidden-backdoors-in-web-apps-how-hackers-exploit-them-6f99c0abd918?source=rss------bug_bounty-5Vipul Sonulehackthebox, tryhackme, hacking, writing, bug-bounty27-Mar-2025
No Risk? Think Again — The DoS Twist That Led to $$$https://medium.com/@0xNayelx/no-risk-think-again-the-dos-twist-that-led-to-0152d6cc1327?source=rss------bug_bounty-50xNayelctf, bug-bounty-tips, pentesting, bug-bounty-writeup, bug-bounty27-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-124)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-124-5dcab5e4c9a1?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, bug-bounty-tips, hacking, bug-bounty, ethical-hacking27-Mar-2025
Advanced Techniques & Use Cases of Nuclei for Bug Bountyhttps://cyberw1ng.medium.com/advanced-techniques-use-cases-of-nuclei-for-bug-bounty-22be32c09d1b?source=rss------bug_bounty-5Karthikeyan Nagarajtechnology, careers, bug-bounty, programming, cybersecurity27-Mar-2025
Account Takeover via Leaked Email Verification Tokenhttps://medium.com/@kalvik/account-takeover-via-leaked-email-verification-token-2612fef3e2d4?source=rss------bug_bounty-5Vikash Mauryaaccount-takeover, bug-bounty-tips, bug-bounty-writeup, bug-bounty, hacking27-Mar-2025
From Blind XSS to Full Server Takeoverhttps://medium.com/@0xnuy/from-blind-xss-to-full-server-takeover-0f63ead701ab?source=rss------bug_bounty-5Nuypenetration-testing, rce, bug-bounty-writeup, bug-bounty, web-vulnerabilities26-Mar-2025
Domain and Subdomain Enumeration: A Practical Guide for Effective Reconnaissancehttps://osintteam.blog/domain-and-subdomain-enumeration-a-practical-guide-for-effective-reconnaissance-9660c40f4e37?source=rss------bug_bounty-5Dzianis Skliarosint, bug-bounty, reconnaissance, bug-bounty-tips, subdomains-enumeration26-Mar-2025
Stealing Money at the Speed of Light: Exploiting Race Conditions for Financial Fraud in…https://myselfakash20.medium.com/stealing-money-at-the-speed-of-light-exploiting-race-conditions-for-financial-fraud-in-a14c2086f5c0?source=rss------bug_bounty-5Akash Ghoshbug-bounty, programming, bug-bounty-tips, technology, cybersecurity26-Mar-2025
Top 10 Vulnerabilities Every Bug Hunter Should Exploit in 2025https://medium.com/@vipulsonule71/top-10-vulnerabilities-every-bug-hunter-should-exploit-in-2025-df28045f6fca?source=rss------bug_bounty-5Vipul Sonulehacking, ethical-hacking, penetration-testing, cybersecurity, bug-bounty26-Mar-2025
How SSRF Leads to RCE in a .NET Applicationhttps://medium.com/@0xUN7H1NK4BLE/how-ssrf-leads-to-rce-in-a-net-application-ee1b13812245?source=rss------bug_bounty-50xUN7H1NK4BLErce-vulnerability, ssrf, bug-bounty, lfi, web-exploitation26-Mar-2025
(Ⅱ) Android Identity Authentication: A Game of Cat and Mouse between Developers and “Hackers”https://medium.com/@security.tecno/%E2%85%B1-android-identity-authentication-a-game-of-cat-and-mouse-between-developers-and-hackers-b1b1789453b0?source=rss------bug_bounty-5TECNO Securitysecurity, hacking, android, development, bug-bounty26-Mar-2025
500s for $560: How I Turned Twitter into My Cash Piñatahttps://stevenfloresca.medium.com/500s-for-560-how-i-turned-twitter-into-my-cash-pi%C3%B1ata-3054e5fd66d0?source=rss------bug_bounty-5Steven Florescatwitter, security, information-security, bug-bounty-tips, bug-bounty26-Mar-2025
How Hackers Abuse XML-RPC to Launch Bruteforce and DDoS Attackshttps://infosecwriteups.com/how-hackers-abuse-xml-rpc-to-launch-bruteforce-and-ddos-attacks-40be5b310960?source=rss------bug_bounty-5coffinxphacking, wordpress, bug-bounty, penetration-testing, bug-bounty-tips26-Mar-2025
I Asked for 200 OK, Apache Gave Me Its Diary Insteadhttps://medium.com/@iski/i-asked-for-200-ok-apache-gave-me-its-diary-instead-6e5b114a6f46?source=rss------bug_bounty-5Iskibug-bounty, injective, servers, apache, bug-bounty-tips26-Mar-2025
Advanced Thick Client Penetration Testing: Techniques, Methodologies, and Execution (Part 2)…https://infosecwriteups.com/advanced-thick-client-penetration-testing-techniques-methodologies-and-execution-part-2-db5738997535?source=rss------bug_bounty-5Ajay Naikthick-client-security, cybersecurity, information-security, bug-bounty, penetration-testing26-Mar-2025
Bug Bounty Tips: How to Find Hidden API Keys in JavaScript Files Like a Pro!https://frostyxsec.medium.com/bug-bounty-tips-how-to-find-hidden-api-keys-in-javascript-files-like-a-pro-6797a31f9cf8?source=rss------bug_bounty-5Frostyxsecbug-bounty-tips, bug-bounty, bug-hunting, penetration-testing, cybersecurity26-Mar-2025
This easy attack can give you $2000 .https://medium.com/@anandrishav2228/this-easy-attack-can-give-you-2000-86e236b5caa5?source=rss------bug_bounty-5Rishav anandcybersecurity, money, servers, hacker, bug-bounty26-Mar-2025
How I Found My First P1 in a Bug Bounty Programhttps://cyxbugs.medium.com/how-i-found-my-first-p1-in-a-bug-bounty-program-a82e6c8cea46?source=rss------bug_bounty-5Cyxbug-bounty-writeup, cybersecurity, bug-bounty, pentesting26-Mar-2025
Bug Bounty 101https://meravytes.medium.com/bug-bounty-101-3e5ca050134f?source=rss------bug_bounty-5Meravytesmeravytes, bug-bounty, cybersecurity, ethical-hacking26-Mar-2025
Rate Limit Bypass in Password Reset Functionalityhttps://medium.com/@FuzzyyDuck/rate-limit-bypass-in-password-reset-functionality-bf4b997c9bae?source=rss------bug_bounty-5Fuzzyy Duckbug-bounty, rate-limit-bypass, bug-bounty-writeup, race-condition-exploit, vulnerability26-Mar-2025
The Sweetest Hack: How a ₹100 Cake Discount Gave Me a Panic Attackhttps://osintteam.blog/the-sweetest-hack-how-a-100-cake-discount-gave-me-a-panic-attack-85eaf62f7cf8?source=rss------bug_bounty-5Vivek PSweb-development, bug-bounty, hacking, programming, cybersecurity26-Mar-2025
Finding subdomains from SSL certificateshttps://medium.com/@loyalonlytoday/finding-subdomains-from-ssl-certificates-6d879a41d5d3?source=rss------bug_bounty-5loyalonlytodayreconnaissance, ethical-hacking, subdomains-enumeration, cybersecurity, bug-bounty26-Mar-2025
Windows Exploitation: Beginner’s Guide to Buffer Overflow (Old OSCP-Level)https://medium.com/@verylazytech/windows-exploitation-beginners-guide-to-buffer-overflow-old-oscp-level-de07b653f287?source=rss------bug_bounty-5Very Lazy Techbug-bounty, buffer-overflow, oscp, cybersecurity, penetration-testing26-Mar-2025
JWT (JSON Web Token) Security Risks: Common Vulnerabilities and Exploits Every Bug Hunter Should…https://infosecwriteups.com/jwt-json-web-token-security-risks-common-vulnerabilities-and-exploits-every-bug-hunter-should-d3fa4182a329?source=rss------bug_bounty-5Elie Attiehjwt, cybersecurity, pentesting, bug-bounty, bug-hunting26-Mar-2025
Understanding and Testing for Content Security Policy (CSP)https://medium.com/@MutexSec/understanding-and-testing-for-content-security-policy-csp-ab01c74a9a1f?source=rss------bug_bounty-5Exhaustedmutexbug-bounty-tips, red-team, pentesting, bug-bounty, penetration-testing26-Mar-2025
AI Safety Bug Bounty 101https://pointlessai.medium.com/ai-safety-bug-bounty-101-50f78c88781b?source=rss------bug_bounty-5PointlessAI Blogai-alignment-and-safety, ai-safety, bug-bounty, ai, bug-bounty-hunter26-Mar-2025
How to Pay High Bounty in Bug Huntinghttps://medium.com/@vipulsonule71/how-to-pay-high-bounty-in-bug-hunting-38691343f3bc?source=rss------bug_bounty-5Vipul Sonuletechnology, penetration-testing, ethical-hacking, hacking, bug-bounty26-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-123)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-123-bb98d1457663?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, bug-bounty, hacking, bug-bounty-tips26-Mar-2025
Zero Trust: Why Your Office Needs a Nightclub Bouncerhttps://medium.com/the-shortform/zero-trust-why-your-office-needs-a-nightclub-bouncer-b21afd41aad0?source=rss------bug_bounty-5Ahmad Javedhacker, hacking, zero-trust, bug-bounty, cybersecurity26-Mar-2025
web cache deception on vdp programhttps://medium.com/@Dorking1/web-cache-deception-on-private-program-eab62d869866?source=rss------bug_bounty-5Doorkingbug-bounty-writeup, penetration-testing, bug-bounty26-Mar-2025
Advanced Techniques to Bypass Restricted shell | Privilege Escalation Tutorialhttps://systemweakness.com/advanced-techniques-to-bypass-restricted-shell-privilege-escalation-tutorial-a02015ebaf49?source=rss------bug_bounty-5Mr Horbiocybersecurity, bug-bounty, ethical-hacking, penetration-testing, hacking26-Mar-2025
Zero to Hero in bug bounty by ‘Vibe Coding’https://medium.com/@nsteckercs/zero-to-hero-in-bug-bounty-by-vibe-coding-b74efc9a1259?source=rss------bug_bounty-5Zaxiebug-bounty, technology, education, cybersecurity, hacking26-Mar-2025
The Power of Nuclei for Bug Bounty Huntinghttps://cyberw1ng.medium.com/the-power-of-nuclei-for-bug-bounty-hunting-ded98a8a47a7?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, technology, bug-bounty, programming26-Mar-2025
Manipulating Response: A Deep Dive into Exploitation => $650https://ehteshamulhaq198.medium.com/manipulating-responses-a-deep-dive-into-exploitation-650-bf5933efe202?source=rss------bug_bounty-5Ehtesham Ul Haqbug-bounty, penetration-testing, infosec, writeup, cybersecurity26-Mar-2025
Inayat hussain chohan (Security Researcher’s journey )https://inayathussain.medium.com/inayat-hussain-chohan-security-researchers-journey-1bf0499e27d9?source=rss------bug_bounty-5Inayat Hussainpenetration-testing, ethical-hacking, bug-bounty, cybersecurity, information-technology26-Mar-2025
Private Keys vs Seed Phrases: What You Need to Knowhttps://medium.com/@itsamanyadav/private-keys-vs-seed-phrases-what-you-need-to-know-71fc6bb70cc4?source=rss------bug_bounty-5Its Aman Yadavbug-bounty, secuirty, seed-phrase, private-key, web3-security-audit25-Mar-2025
Discovering publicly exposed data in AWS S3 and Google Cloud Storagehttps://kkamalesh117.medium.com/discovering-publicly-exposed-data-in-aws-s3-and-google-cloud-storage-5f9583807e7d?source=rss------bug_bounty-5Kamalesh Dhacker, bug-bounty, aws, google, cybersecurity25-Mar-2025
AI vs. Bug Hunters: How ChatGPT is Rewriting the Rules of Vulnerability Discoveryhttps://medium.com/meetcyber/ai-vs-bug-hunters-how-chatgpt-is-rewriting-the-rules-of-vulnerability-discovery-6eae02514f6c?source=rss------bug_bounty-5Ahmad Javedbug-bounty-ai, bug-bounty, future-of-hacking, cybersecurity, penetration-testing25-Mar-2025
The Dark Side of Bug Bounty Hunting: Frustrations No One Talks Abouthttps://osintteam.blog/the-dark-side-of-bug-bounty-hunting-frustrations-no-one-talks-about-ad1b502a5815?source=rss------bug_bounty-5Vivek PSweb-development, bug-bounty, cybersecurity, programming, hacking25-Mar-2025
Uncovering a Hidden Logic Flow-A Deep Dive into Exploitation!https://medium.com/@AhmedSamy-X/uncovering-a-hidden-logic-flow-a-deep-dive-into-exploitation-824e1dec12cc?source=rss------bug_bounty-5Ahmedsamycybersecurity, web-exploitation, bug-bounty, penetration-testing, information-security25-Mar-2025
Introduction to Bug Bounty Programs: How to Legally Get Paid for Hacking (Yes, Really!)https://medium.com/@theautobot/introduction-to-bug-bounty-programs-how-to-legally-get-paid-for-hacking-yes-really-bfbfd84b2933?source=rss------bug_bounty-5theAutoBotbugs, bug-bounty, bug-bounty-writeup, hacking-for-defense, bug-bounty-tips25-Mar-2025
One-Click Account Hijacking on TikTokhttps://infosecwriteups.com/one-click-account-hijacking-on-tiktok-b0d211288abe?source=rss------bug_bounty-5Abhijeet Kumawathacking, tik-tok, bug-bounty, cybersecurity, infosec25-Mar-2025
Hacking APIs :SQL Injection Attackhttps://iaraoz.medium.com/hacking-apis-sql-injection-attack-7c13a7b1f6fb?source=rss------bug_bounty-5Israel Aráoz Severichebug-bounty, cybersecurity, api-development, owasp, hacking25-Mar-2025
Hacking APIs: Authentication Attackhttps://iaraoz.medium.com/hacking-apis-authentication-attack-100623725721?source=rss------bug_bounty-5Israel Aráoz Severichehacking, api, cybersecurity, bug-bounty, apps25-Mar-2025
Top Bug Bounty Platforms Every Ethical Hacker Should Knowhttps://medium.com/@dasmanish6176/top-bug-bounty-platforms-every-ethical-hacker-should-know-9fc5d736fa1d?source=rss------bug_bounty-5Dasmanishethical-hacking, infosec, bug-bounty25-Mar-2025
Which Cybersecurity Course Should I Take? A Comprehensive Guidehttps://medium.com/@verylazytech/which-cybersecurity-course-should-i-take-a-comprehensive-guide-fd5d64786efc?source=rss------bug_bounty-5Very Lazy Techethical-hacking, osep, bug-bounty, penetration-testing, oscp25-Mar-2025
Advanced Techniques for Finding and Exploiting Outdated Softwarehttps://medium.com/@shadyfarouk1986/advanced-techniques-for-finding-and-exploiting-outdated-software-f85f8862e514?source=rss------bug_bounty-5Shady Faroukhacking-training, bug-bounty, pentesting, ethical-hacking, bounty-program25-Mar-2025
Finding JavaScript Files on Websites Using Automationhttps://cyberw1ng.medium.com/finding-javascript-files-on-websites-using-automation-f8b8e03e3d66?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, bug-bounty, programming, technology25-Mar-2025
Bypass Restricted shell | Privilege Escalation Techniques [EJpt exam]https://infosecwriteups.com/bypass-restricted-shell-privilege-escalation-techniques-ejpt-exam-cfe1eb470db9?source=rss------bug_bounty-5Mr Horbioethical-hacking, bug-bounty, pentesting, cybersecurity, hacking25-Mar-2025
OS Commandhttps://medium.com/@520hazem/os-command-c1b7364ddd63?source=rss------bug_bounty-5Hazemportswigger-lab, pentesting, pentester, bug-bounty, os-command-injection25-Mar-2025
Networking Basics for Ethical Hackershttps://medium.com/@akashfalaskar/networking-basics-for-ethical-hackers-99816dc1a2b2?source=rss------bug_bounty-5Akash Falaskarcybersecurity, red-team, bug-bounty, ethical-hacking, networking25-Mar-2025
Bypassing AppLock Pattern via Shared Preferences Analysishttps://medium.com/@youssefhussein212103168/bypassing-applock-pattern-via-shared-preferences-analysis-7bf1bb631dd3?source=rss------bug_bounty-5Youssefhusseinsecurity, bug-bounty, cybersecurity, android, penetration-testing25-Mar-2025
I Want YOU, Hacker To Read This story…https://medium.com/@nnface/i-want-you-hacker-to-read-this-story-2d16079d6e36?source=rss------bug_bounty-5NnFacebug-bounty, ethical-hacking, hacking, writing, cybersecurity25-Mar-2025
Authenticationhttps://medium.com/@520hazem/authentication-ac63cf7ed785?source=rss------bug_bounty-5Hazembug-bounty, portswigger-lab, authentication, pentester, pentesting24-Mar-2025
How to Find Hidden API Endpoints That Lead to Critical Bugshttps://bitpanic.medium.com/how-to-find-hidden-api-endpoints-that-lead-to-critical-bugs-97a38ca40efe?source=rss------bug_bounty-5Spectat0rguytechnology, bug-bounty, programming, ai-generated-content, cybersecurity24-Mar-2025
Think You’re Ready for Real-World Hacking? Think Againhttps://medium.com/@timsuxwales/think-youre-ready-for-real-world-hacking-think-again-1565c6bb27ed?source=rss------bug_bounty-5Timsux Walescybersecurity, bug-bounty, penetration-testing, infosec, hacking24-Mar-2025
Metasploit Framework Commands for Penetration Testinghttps://medium.com/@paritoshblogs/metasploit-framework-commands-for-penetration-testing-505ef6063698?source=rss------bug_bounty-5Paritoshmetasploit, information-security, bug-bounty, cybersecurity, hacking24-Mar-2025
How I Found a Major Security Flaw in a Popular Platform… And They Ignored It.https://medium.com/@rakshitshetty59/how-i-found-a-major-security-flaw-in-a-popular-platform-and-they-ignored-it-dd569ce694ce?source=rss------bug_bounty-5Rakshitshettyethical-hacking, cybersecurity, bug-bounty, web-vulnerabilities, sql-injection24-Mar-2025
Account Take-over Via Password Reset Poisoninghttps://medium.com/@umd04843/account-take-over-via-password-reset-poisoning-e2a8a2f8a642?source=rss------bug_bounty-5Mohamed Usmanbug-bounty, cybersecurity, bug-bounty-tips, vapt, bug-bounty-writeup24-Mar-2025
How I Made $100,000 Discovering a Kernel Vulnerability! (With Exploit Code)https://theindiannetwork.medium.com/how-i-made-100-000-discovering-a-kernel-vulnerability-with-exploit-code-695f4ff18a78?source=rss------bug_bounty-5TheIndianNetworkbug-bounty-tips, kernel, zero-day, bug-bounty, karnel-exploit24-Mar-2025
SSRF Advanced Methodology✨https://infosecwriteups.com/ssrf-advanced-methodology-9583fdf2ae3c?source=rss------bug_bounty-5Abhijeet Kumawathacking, bug-bounty, methodology, ssrf, infosec24-Mar-2025
Exploiting JavaScript Execution in PDFs & How to Prevent Ithttps://frostyxsec.medium.com/exploiting-javascript-execution-in-pdfs-how-to-prevent-it-9e30cf3fe3ef?source=rss------bug_bounty-5Frostyxsecbug-bounty, bug-hunting, web-security, cybersecurity, vulnerability24-Mar-2025
(Ⅰ) Android Identity Authentication: A Game of Cat and Mouse between Developers and “Hackers”https://medium.com/@security.tecno/%E2%85%B0-android-identity-authentication-a-game-of-cat-and-mouse-between-developers-and-hackers-73eda7a36253?source=rss------bug_bounty-5TECNO Securityhacking, bug-bounty, blog, developer, android24-Mar-2025
The story of XSS that leads to ATOhttps://sahandami.medium.com/the-story-of-xss-that-leads-to-ato-edf23f55a47e?source=rss------bug_bounty-5SahandAmiato, account-takeover, csrf-token, bug-bounty, xs24-Mar-2025
From Zero to First Bug Bounty: A Step-by-Step Guide That Anyone Can Follow!https://osintteam.blog/from-zero-to-first-bug-bounty-a-step-by-step-guide-that-anyone-can-follow-247657eec2d7?source=rss------bug_bounty-5Vivek PSbug-bounty, web-development, hacking, cybersecurity, programming24-Mar-2025
Advanced Thick Client Penetration Testing — Techniques, Methodologies, and Execution -PART -1…https://infosecwriteups.com/advanced-thick-client-penetration-testing-techniques-methodologies-and-execution-part-1-c49c7bdb1d0b?source=rss------bug_bounty-5Ajay Naikthick-client-security, information-security, bug-bounty, cybersecurity, information-technology24-Mar-2025
How to Start Your Career in Web3 Security and Make Millions $$$$$$https://medium.com/@whhackerbsac/how-to-start-your-career-in-web3-security-and-make-millions-a07c8aa3ee62?source=rss------bug_bounty-5Bsac Hunterweb3, cybersecurity, web3-security, blockchain, bug-bounty24-Mar-2025
The Dark Side of Invite Links: A Race Condition Exploit Story (English-Hindi)https://medium.com/@ajay.kumar.695632/the-dark-side-of-invite-links-a-race-condition-exploit-story-english-hindi-257d5bd8e9c5?source=rss------bug_bounty-5Ajay Kumarbugs, bug-bounty-writeup, bug-bounty, bug-bounty-tips, bugcrowd24-Mar-2025
The Ultimate Guide to Price Manipulation Vulnerabilities: Techniques, Case Studies & Advanced…https://infosecwriteups.com/the-ultimate-guide-to-price-manipulation-vulnerabilities-techniques-case-studies-advanced-0e1a24c5ee3d?source=rss------bug_bounty-5Ajay Naikinformation-security, penetration-testing, bug-bounty, price-manipulation, cybersecurity24-Mar-2025
How to Detect API Keys and Secrets Hiding in a Web Applicationhttps://medium.com/@aviwolicki/how-to-detect-api-keys-and-secrets-hiding-in-a-web-application-8470945c229d?source=rss------bug_bounty-5Avi Wweb-application-security, bug-bounty, cybersecurity24-Mar-2025
Cybersecurity for Beginners: Protect Yourself Like a Prohttps://medium.com/@agranesamia2/cybersecurity-for-beginners-protect-yourself-like-a-pro-08cc41af9c21?source=rss------bug_bounty-5Amisaabug-bounty, cybersecurity, ethical-hacking, ctf, online-privacy24-Mar-2025
Mastering Bug Bounty Hunting: Exploring Different Types of Payloads for Effective Exploitationhttps://medium.com/@cybertips96/mastering-bug-bounty-hunting-exploring-different-types-of-payloads-for-effective-exploitation-40f922c057f4?source=rss------bug_bounty-5Cybertipsbug-bounty-tips, bug-bounty, payload24-Mar-2025
Bug Findhttps://medium.com/@ashrafulhossainrafi22/bug-find-47717daa7977?source=rss------bug_bounty-5Ashraful Hossain Rafibug-bounty24-Mar-2025
Custom Dorks to find Bug Bounty Programshttps://medium.com/developersglobal/custom-dorks-to-find-bug-bounty-programs-4867da4b9ebf?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, bug-bounty, bug-bounty-hunter, google-dork, bug-bounty-program24-Mar-2025
Automated Information Gathering from Websiteshttps://cyberw1ng.medium.com/automated-information-gathering-from-websites-9c2975861497?source=rss------bug_bounty-5Karthikeyan Nagarajtechnology, programming, bug-bounty, careers, cybersecurity24-Mar-2025
CSRFhttps://medium.com/@520hazem/dw-98bdac9232c6?source=rss------bug_bounty-5Hazembug-bounty, csrf-bypass, csrf, portswigger-lab, pentesting24-Mar-2025
CVE-2025–29927 — Bypass de Middleware en Next.jshttps://medium.com/@juanfelipeoz.rar/cve-2025-29927-bypass-de-middleware-en-next-js-80e900285cf5?source=rss------bug_bounty-5Juan Felipe Osorio Znextjs, bug-bounty, ciberseguridad, cve-2025-29927, hacking24-Mar-2025
Custom Dorks to find Bug Bounty Programshttps://osintteam.blog/custom-dorks-to-find-bug-bounty-programs-4867da4b9ebf?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, bug-bounty, bug-bounty-hunter, google-dork, bug-bounty-program24-Mar-2025
12 Windows Command Line Hacks for Incident Respondershttps://medium.com/@paritoshblogs/12-windows-command-line-hacks-for-incident-responders-d9e95ef1c3a3?source=rss------bug_bounty-5Paritoshcybersecurity, hacking, bug-bounty, information-technology, incident-response23-Mar-2025
Network Pentesting -Active/Passive Information gathering like Pro Part -2https://medium.com/@Cyber_siva/network-pentesting-active-passive-information-gathering-like-pro-part-2-cdbeec6b9300?source=rss------bug_bounty-5Siva Sankarcybersecurity, bug-bounty, networking23-Mar-2025
picoCTF Web Exploitation: SSTI1https://medium.com/@Kamal_S/picoctf-web-exploitation-ssti1-e2363b1885a0?source=rss------bug_bounty-5Kamal Sbug-bounty, picoctf, ssti, command-injection, ssti123-Mar-2025
How I Exploited an SSRF Vulnerability & Earned $5000 — Real-World Exploit!https://theindiannetwork.medium.com/how-i-exploited-an-ssrf-vulnerability-earned-5000-real-world-exploit-e8ded56ef9ce?source=rss------bug_bounty-5TheIndianNetworkssrf-vulnerability, server-side-request, bug-bounty-tips, bug-bounty, ssrf-attack23-Mar-2025
I Found a Zero-Day Exploit & Got Paid $3000 — Full Real-World Breakdown!https://theindiannetwork.medium.com/i-found-a-zero-day-exploit-got-paid-3000-full-real-world-breakdown-42cb6d307699?source=rss------bug_bounty-5TheIndianNetworkbug-bounty-tips, bug-bounty, bug-bounty-writeup, zero-day, zero-day-vulnerability23-Mar-2025
I Hacked a Million-Dollar Website with Just a Text Box — Earned $25,000! (Full Story)https://theindiannetwork.medium.com/i-hacked-a-million-dollar-website-with-just-a-text-box-earned-25-000-full-story-bef4a8ec28fe?source=rss------bug_bounty-5TheIndianNetworkxss-vulnerability, stored-xss, xss-attack, bug-bounty, bug-bounty-tips23-Mar-2025
️ How to Build a Perfect Bug Bounty Methodologyhttps://medium.com/@vipulsonule71/%EF%B8%8F-how-to-build-a-perfect-bug-bounty-methodology-0dacf715874e?source=rss------bug_bounty-5Vipul Sonulebug-bounty, technology, hacking, penetration-testing, ethical-hacking23-Mar-2025
CORShttps://medium.com/@520hazem/cors-add835d8de3b?source=rss------bug_bounty-5Hazembug-bounty, pentesting, portswigger-lab, portswigger, cors23-Mar-2025
The Ultimate Guide to Subdomain Enumeration for Bug Bounty Huntershttps://medium.com/@thexnumb/the-ultimate-guide-to-subdomain-enumeration-for-bug-bounty-hunters-73b60fca62bc?source=rss------bug_bounty-5Thexnumbinfosec, bug-bounty, cybersecurity, hacking, penetration-testing23-Mar-2025
Broken Access Control leads to Addition of Malicious Files / Inclusion of Sensitive Files.https://medium.com/@saurabhcsec/broken-access-control-leads-to-addition-of-malicious-files-inclusion-of-sensitive-files-4d0b424e1515?source=rss------bug_bounty-5Saurabhcsecbug-bounty-writeup, web-development, cybersecurity, hacking, bug-bounty23-Mar-2025
Why SAST is a Must-Have Skill for AppSec Professionals!https://sahildari.medium.com/why-sast-is-a-must-have-skill-for-appsec-professionals-6090e98eb15f?source=rss------bug_bounty-5Sahil Darisecure-coding, appsec, sast, cybersecurity, bug-bounty23-Mar-2025
️ Work-from-Home Bug Bounty: How to Get Started & Succeedhttps://medium.com/@vipulsonule71/%EF%B8%8F-work-from-home-bug-bounty-how-to-get-started-succeed-ce2ee466d9cb?source=rss------bug_bounty-5Vipul Sonulewriting-tips, bug-bounty, writing, technology, hacking23-Mar-2025
How I Got a Bug Bounty Using Only Reconhttps://medium.com/@drhtunaungkyaw1993/how-i-got-a-bug-bounty-using-only-recon-b0c0e92f2503?source=rss------bug_bounty-5Htun Aung Kyawhacking, myanmar, bug-bounty, pentest, yeswehack23-Mar-2025
Cracking a Password-Protected ZIP File with John the Ripper — A Hands-On Guidehttps://medium.com/@rundcodehero/cracking-a-password-protected-zip-file-with-john-the-ripper-a-hands-on-guide-1aea0f6b3627?source=rss------bug_bounty-5Randi Adhityas Saputracrack-passwords, bug-bounty, pentest, john-the-ripper23-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-122)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-122-5b7edf5b959c?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, hacking, bug-bounty-tips, ethical-hacking23-Mar-2025
How I Got a Bug Bounty Reward Using Only Reconhttps://medium.com/@drhtunaungkyaw1993/how-i-got-a-bug-bounty-using-only-recon-b0c0e92f2503?source=rss------bug_bounty-5Htun Aung Kyawhacking, myanmar, bug-bounty, pentest, yeswehack23-Mar-2025
Hacking with GitHub’s hidden gems for subdomain enumeration.https://medium.com/h7w/hacking-with-githubs-hidden-gems-for-subdomain-enumeration-a1266d4a019c?source=rss------bug_bounty-5Abhishek pawarprogramming, bug-bounty, github, hacking, domains23-Mar-2025
Internet Archive: Wayback Hunting for Bug Bounty Huntershttps://osintteam.blog/internet-archive-wayback-hunting-for-bug-bounty-hunters-36b112011a7c?source=rss------bug_bounty-5RivuDonwayback-machine, bug-bounty-writeup, infosec, bug-bounty-tips, bug-bounty23-Mar-2025
Subdomain Found! Now What? (Part 2)https://osintteam.blog/subdomain-found-now-what-part-2-2c2835f459ca?source=rss------bug_bounty-5Monika sharmabug-bounty, penetration-testing, hacking, bug-bounty-tips, technology23-Mar-2025
How I Accidentally Bypassed a Paywall and Got User Data for Freehttps://northstar1.medium.com/how-i-accidentally-bypassed-a-paywall-and-got-user-data-for-free-de73f98a51da?source=rss------bug_bounty-5NorthStarburp-suite-pro, bug-bounty-tips, bug-bounty, bug-bounty-writeup, idor-vulnerability23-Mar-2025
OSINT Techniques for Finding Leaked Credentials on Telegramhttps://medium.com/@0xblackd3v/osint-techniques-for-finding-leaked-credentials-on-telegram-abefee04e19e?source=rss------bug_bounty-5Blackd3vbug-bounty, bugs, cybersecurity, hacking23-Mar-2025
Understanding Privilege Escalation in Web Applicationshttps://cyberw1ng.medium.com/understanding-privilege-escalation-in-web-applications-c560e641b93b?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, technology, bug-bounty, programming23-Mar-2025
Breaking Down CVSS: Understanding Vulnerability Scores Like a Hackerhttps://medium.com/@jkyne6368/breaking-down-cvss-understanding-vulnerability-scores-like-a-hacker-de85b114d07c?source=rss------bug_bounty-5Jordillahacking, bug-bounty, cybersecurity, freelancing, aws22-Mar-2025
How I Found a $4,837 SQLi Bug in Just 17 Minuteshttps://medium.com/@ibtissamhammadi/how-i-found-a-4-837-sqli-bug-in-just-17-minutes-8a4c778d2057?source=rss------bug_bounty-5Ibtissam Hammadibug-bounty, sql, web-security, ethical-hacking, cybersecurity22-Mar-2025
Discovering and Exploiting a Path Traversal Vulnerability in Chromium’s md_browser Toolhttps://medium.com/@piyushbhor22/chromiums-path-traversal-vulnerability-ece8be276859?source=rss------bug_bounty-5Pi - The Kernel Paniccode-analysis, bug-bounty, chromium, vulnerability-assessment, path-traversal22-Mar-2025
Common and Security Vulnerabilities in Restaking Layershttps://securrtech.medium.com/common-and-security-vulnerabilities-in-restaking-layers-110c61049892?source=rss------bug_bounty-5Securr - Web3 Securityblockchain-security, web3-security, smart-contract-security, smart-contract-auditing, bug-bounty22-Mar-2025
Information Disclosure — Exposed Order Details via Shipping Status APIhttps://medium.com/@mIna_x1/information-disclosure-exposed-order-details-via-shipping-status-api-7fd177364d12?source=rss------bug_bounty-5Mina Ashrafbug-bounty, bug-bounty-writeup, cyper-security22-Mar-2025
LegionHunter VPS Setup Script for Bug Bounty & Pentestinghttps://medium.com/developersglobal/legionhunter-vps-setup-script-for-bug-bounty-pentesting-298d3ef16964?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, vps, pentesting, vps-server, linux22-Mar-2025
Microsoft 365 Copilot For Work: Image Data Exfiltration From SharePointhttps://infosecwriteups.com/microsoft-365-copilot-for-work-image-data-exfiltration-from-sharepoint-644bc818a5db?source=rss------bug_bounty-5Cyd Tsengmicrosoft, bug-bounty, cybersecurity, microsoft-copilot, vulnerability22-Mar-2025
Finding new apex domains in a unique way.https://infosecwriteups.com/finding-new-apex-domains-in-a-unique-way-87404d8dfa1d?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, bug-bounty-tips, bug-bounty, apex, cybersecurity22-Mar-2025
LFI Advanced Methodology by Abhijeethttps://medium.com/@Abhijeet_kumawat_/lfi-advanced-methodology-by-abhijeet-9993b827db53?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, cybersecurity, lfi, bug-bounty, hacking22-Mar-2025
How I Bypassed 403 Forbidden & Accessed Restricted Pages — Real-World Exploit!https://theindiannetwork.medium.com/how-i-bypassed-403-forbidden-accessed-restricted-pages-real-world-exploit-e19ccb18bbbb?source=rss------bug_bounty-5TheIndianNetworkbug-bounty-tips, bug-bounty-writeup, bug-bounty, 403-forbidden, 403-bypass22-Mar-2025
How I Deleted Accounts With Just an Email Addresshttps://medium.com/@preetham._.kumar/how-i-deleted-accounts-with-just-an-email-address-d50d60bd6308?source=rss------bug_bounty-5StunnerSeccybersecurity, hacking, bug-bounty, ethical-hacking, penetration-testing22-Mar-2025
TheHarvester: A Powerful OSINT Tool for Cybersecurity Professionalshttps://medium.com/@alidrabkih/theharvester-a-powerful-osint-tool-for-cybersecurity-professionals-cc8660876f31?source=rss------bug_bounty-5Ali Drabkihbug-bounty, tools, hacking, cybrt22-Mar-2025
Hunting Bugs: My Favorite Flawshttps://hackergod00001.medium.com/hunting-bugs-my-favorite-flaws-9b405a8b9f9d?source=rss------bug_bounty-5Hackergod00001cybersecurity, secrets, bug-bounty-tips, knowledge, bug-bounty22-Mar-2025
LFI Advanced Methodology by Abhijeethttps://infosecwriteups.com/lfi-advanced-methodology-by-abhijeet-9993b827db53?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, cybersecurity, lfi, bug-bounty, hacking22-Mar-2025
Mastering DeFi Security Through Hands-On Hacking Challengeshttps://medium.com/@schofieldleonard8/mastering-defi-security-through-hands-on-hacking-challenges-98914ed3a260?source=rss------bug_bounty-5Leonard Schofielddefi-strategy, crypto-hack, web3-security, crypto-exploit, bug-bounty22-Mar-2025
How I Made $4,500 in My First Month Bug Huntinghttps://medium.com/@ibtissamhammadi/how-i-made-4-500-in-my-first-month-bug-hunting-5985a2b6f143?source=rss------bug_bounty-5Ibtissam Hammadibug-bounty, bug-hunting, cybersecurity, hacking, technology22-Mar-2025
Web Hacking Series - Part 1: HTTP Basics – The Invisible Language of the Webhttps://medium.com/@cybertips96/web-hacking-series-part-1-http-basics-the-invisible-language-of-the-web-7e007fd06e7b?source=rss------bug_bounty-5Cybertipsbug-bounty22-Mar-2025
The Ultimate Guide to Bug Bounty Hunting: How to Get Started and Succeedhttps://medium.com/@HexaGaurd/the-ultimate-guide-to-bug-bounty-hunting-how-to-get-started-and-succeed-74bb31926190?source=rss------bug_bounty-5HexaGaurdbug-bounty-hunter, bug-bounty, cybersecurity, ethical-hacking, bugbounty-poc22-Mar-2025
✨ The Art of Reconnaissance: How Hackers Gather Intelhttps://medium.com/@vipulsonule71/the-art-of-reconnaissance-how-hackers-gather-intel-a665e9c58762?source=rss------bug_bounty-5Vipul Sonulepenetration-testing, bug-bounty, cybersecurity, ai, hacking22-Mar-2025
Pico CTF: Easy Challenges | Part - 1https://medium.com/@john1robert2000/pico-ctf-easy-challenges-part-1-8cd54e389dd0?source=rss------bug_bounty-5Rizwanbug-bounty, ctf-walkthrough22-Mar-2025
Chaining Low-Severity Bugs for Critical Impact — Turning Tiny Holes into Major Exploitshttps://osintteam.blog/chaining-low-severity-bugs-for-critical-impact-turning-tiny-holes-into-major-exploits-95a996bbda92?source=rss------bug_bounty-5Vivek PSbug-bounty, web-development, ethical-hacking, cybersecurity, programming22-Mar-2025
Shhh…Be Quiet Hacker.https://medium.com/meetcyber/shhh-be-quiet-hacker-4048643f590d?source=rss------bug_bounty-5NnFacehacking, bug-bounty, it, cybersecurity, quiet22-Mar-2025
Unauthorized Access to “About” Feature via Parameter Manipulationhttps://mmnahian.medium.com/unauthorized-access-to-about-feature-via-parameter-manipulation-b85b08796b87?source=rss------bug_bounty-5mmnahianpenetration-testing, bug-bounty, bug-bounty-tips, infosec, bug-bounty-writeup22-Mar-2025
PAT-tastrophe: How We Hacked Virtuals’ $4.6B Agentic AI & Cryptocurrency Ecosystemhttps://medium.com/@gonzo-hacks/pat-tastrophe-how-we-hacked-virtuals-4-6b-agentic-ai-cryptocurrency-ecosystem-f850b544d0f5?source=rss------bug_bounty-5Dane Sherretshacking, ai, cryptocurrency, agents, bug-bounty22-Mar-2025
How a Security Researcher Earned $1,900 Bounty for Privilege Escalationhttps://cyberw1ng.medium.com/how-a-security-researcher-earned-1-900-bounty-for-privilege-escalation-d430e24e8b1b?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, technology, programming22-Mar-2025
Next.js and the corrupt middleware: the authorizing artifacthttps://medium.com/@zhero_/next-js-and-the-corrupt-middleware-the-authorizing-artifact-14e6fb688d26?source=rss------bug_bounty-5Rachid.Ajavascript, hacking, bug-bounty, vulnerability, nextjs22-Mar-2025
How a Security Researcher Earned $1,900 Bounty for Privilege Escalationhttps://osintteam.blog/how-a-security-researcher-earned-1-900-bounty-for-privilege-escalation-d430e24e8b1b?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, technology, programming22-Mar-2025
Exploiting Blind XSS in a Signup Page: Admin Panel Takeover and Real-World Impact ($3000 P2 Private…https://medium.com/@MianHammadx0root/exploiting-blind-xss-in-a-signup-page-admin-panel-takeover-and-real-world-impact-3000-p2-private-110205e3674b?source=rss------bug_bounty-5Mian Hammadbug-bounty, xss-attack, bugbounty-writeup, blind-xss, pentesting21-Mar-2025
The Essential Guide to Bug Bounties and Responsible Disclosurehttps://medium.com/@locamartin/the-essential-guide-to-bug-bounties-and-responsible-disclosure-b4d34053c139?source=rss------bug_bounty-5Loca Martinbug-bounty21-Mar-2025
How I Made $1000 in Just 30 Minutes by Discovering an Account Takeover (ATO) Vulnerability!https://theindiannetwork.medium.com/how-i-made-1000-in-just-30-minutes-by-discovering-an-account-takeover-ato-vulnerability-84afd6c5d9ab?source=rss------bug_bounty-5TheIndianNetworkbug-bounty, account-takeover-attacks, account-takeover, bug-bounty-tips, bug-bounty-hunter21-Mar-2025
From Lockdown to Payday: Hacking a Porn Site for $1,500https://stevenfloresca.medium.com/from-lockdown-to-payday-hacking-a-porn-site-for-1-500-899bf57cc556?source=rss------bug_bounty-5Steven Florescainformation-security, hacker, bug-bounty, xss-vulnerability, security21-Mar-2025
Find Private Bug Bounty Programs without an invitehttps://osintteam.blog/find-private-bug-bounty-programs-without-an-invite-d2baf4c3be06?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, bug-bounty, bug-bounty-hunter, ethical-hacking, pentesting21-Mar-2025
File Upload Bypass: Pulling off The Ultimate Disrespecthttps://sudosuraj.medium.com/file-upload-bypass-pulling-off-the-ultimate-disrespect-d7200be31717?source=rss------bug_bounty-5sudosurajfile-upload-bypass, file-upload-vulnerability, bug-bounty-tips, sudosuraj, bug-bounty21-Mar-2025
best google dorkinghttps://mknayek101.medium.com/best-google-dorking-00ccc375d415?source=rss------bug_bounty-5MkNayekbug-bounty21-Mar-2025
How I Earned $700 in Just 10 Minutes by Finding a Path Traversal Vulnerabilityhttps://theindiannetwork.medium.com/how-i-earned-700-in-just-10-minutes-by-finding-a-path-traversal-vulnerability-ef311fe25515?source=rss------bug_bounty-5TheIndianNetworkfile-path-traversal, path-traversal, directory-traversal, directory-listing, bug-bounty21-Mar-2025
How to Route Traffic from WSL to Burp Suite on Windows: A Step-by-Step Guidehttps://infosecwriteups.com/how-to-route-traffic-from-wsl-to-burp-suite-on-windows-a-step-by-step-guide-38d58f65b21a?source=rss------bug_bounty-5coffinxphacking, burpsuite, penetration-testing, bug-bounty-tips, bug-bounty21-Mar-2025
Get $5000: GitHub Dorks & Leakshttps://infosecwriteups.com/get-5000-github-dorks-leaks-b26728099d38?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, bug-bounty, hacking, infosec, github21-Mar-2025
Advanced Bug Bounty: API Key and Token Leaks — Tools, Techniques, and Exploitationhttps://infosecwriteups.com/advanced-bug-bounty-api-key-and-token-leaks-tools-techniques-and-exploitation-7d3fcb3b5fb7?source=rss------bug_bounty-5Ajay Naikcybersecurity, information-security, api, bug-bounty, bug-bounty-tips21-Mar-2025
Top Cybersecurity Toolshttps://medium.com/@cy3ek/top-cybersecurity-tools-42b50ee678e2?source=rss------bug_bounty-5cybrklinux, hacking, tools, bug-bounty21-Mar-2025
Understanding the Psychology of Bug Bounty Triage Teams — Why Some Bugs Get Marked as Duplicates…https://infosecwriteups.com/understanding-the-psychology-of-bug-bounty-triage-teams-why-some-bugs-get-marked-as-duplicates-cab9195c6f58?source=rss------bug_bounty-5Vivek PSethical-hacking, cybersecurity, bug-bounty, programming21-Mar-2025
CSRF TO ACCOUNT TAKEOVERhttps://levi4.medium.com/csrf-to-account-takeover-83cacd848903?source=rss------bug_bounty-5Levi Ackermancybersecurity, security, web, hacking, bug-bounty21-Mar-2025
Top 10 Terminal-Based Bug Hunting Tools in 2025https://medium.com/@cybertips96/top-10-terminal-based-bug-hunting-tools-in-2025-9c61e8d79aba?source=rss------bug_bounty-5Cybertipsbug-bounty, technology21-Mar-2025
Top 10 Chrome/Brave Extensions for Bug Hunting in 2025https://medium.com/@cybertips96/top-10-chrome-brave-extensions-for-bug-hunting-in-2025-242b09b8ec45?source=rss------bug_bounty-5Cybertipstechnology, bug-bounty21-Mar-2025
5 Most Useful Websites for Bug Hunters to Knowhttps://medium.com/@vipulsonule71/5-most-useful-websites-for-bug-hunters-to-know-7094055e1e4b?source=rss------bug_bounty-5Vipul Sonulehacking, ethical-hacking, penetration-testing, bug-bounty-writeup, bug-bounty21-Mar-2025
The Power of Bug Bounty Hunting: Strengthening Your Security Posturehttps://medium.com/@jkyne6368/the-power-of-bug-bounty-hunting-strengthening-your-security-posture-dfb77a2869d3?source=rss------bug_bounty-5Jordillacybersecurity, vulnerability, penetration-testing, bug-bounty, security21-Mar-2025
What is a web fuzzer, when to use it and how to use it?https://medium.com/@pars_87944/what-is-a-web-fuzzer-when-to-use-it-and-how-to-use-it-b2e2b720fa7a?source=rss------bug_bounty-5Pars SARICActf, fuzzers, hacking, webfuzzing, bug-bounty21-Mar-2025
The Ultimate Feroxbuster Cheat Sheet: Faster & Better Than Others?https://medium.com/@cybrpunked/the-ultimate-feroxbuster-cheat-sheet-faster-better-than-others-2fbe7d875d77?source=rss------bug_bounty-5Cybrpunkedbug-bounty, ethical-hacking, red-team, cybersecurity, penetration-testing21-Mar-2025
What Is Cybersecurity? (And Why It’s Like Locking Your Front Door)https://medium.com/@ahmadjaved09/what-is-cybersecurity-and-why-its-like-locking-your-front-door-552b0772c0fa?source=rss------bug_bounty-5Ahmad Javedhacking, bug-bounty, pentesting, cybersecurity, digital-self-defense21-Mar-2025
Advanced Dorking Techniques for Bug Bounty Hunters: Part 3https://hackersatty.medium.com/advanced-dorking-techniques-for-bug-bounty-hunters-part-3-2bdadc8acf38?source=rss------bug_bounty-5hackersattyhackersatty, google-dorking, xss-attack, bug-bounty-tips, bug-bounty21-Mar-2025
Top Tools for Ethical Hackers in 2025https://medium.com/@vipulsonule71/top-tools-for-ethical-hackers-in-2025-7f15d53f14d8?source=rss------bug_bounty-5Vipul Sonulebug-bounty, ethical-hacking, tech, hacking, penetration-testing21-Mar-2025
5 Game-Changing Websites Every Bug Hunter Must Know! ️‍♂️https://medium.com/@vipulsonule71/5-most-useful-websites-for-bug-hunters-to-know-7094055e1e4b?source=rss------bug_bounty-5Vipul Sonulehacking, ethical-hacking, penetration-testing, bug-bounty-writeup, bug-bounty21-Mar-2025
Cryptographic Failures: Advanced Insights and Real-World Attackshttps://cyberw1ng.medium.com/cryptographic-failures-advanced-insights-and-real-world-attacks-bb6230f9f5be?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, bug-bounty, careers, technology, cybersecurity21-Mar-2025
Access Control Vulnerability:https://medium.com/@520hazem/access-control-vulnerability-67c0064190c9?source=rss------bug_bounty-5Hazemaccess-control, portswigger, bug-bounty, portswigger-lab, pentesting21-Mar-2025
Bypassing Open Redirect Mitigations: How I Exploited a Trusted Platformhttps://take0verx0.medium.com/bypassing-open-redirect-mitigations-how-i-exploited-a-trusted-platform-8130938083ed?source=rss------bug_bounty-5Shahariar Aminopen-redirect, bypass-wrapper, bug-bounty21-Mar-2025
Blog view count manipulation by automated requests.https://take0verx0.medium.com/blog-view-count-manipulation-by-automated-requests-942eac11c233?source=rss------bug_bounty-5Shahariar Aminbug-bounty21-Mar-2025
The rate limiting request /api/auth/_log is not used causing all APIs to crash.https://medium.com/@VulnRAM/the-rate-limiting-request-api-auth-log-is-not-used-causing-all-apis-to-crash-87dc89c4f178?source=rss------bug_bounty-5ramzey elsayed mohamedbug-bounty, bug-bounty-writeup, penetration-testing, bug-bounty-tips, bugs21-Mar-2025
Authentication Bypass Vulnerability — Impersonation on Article Commentshttps://take0verx0.medium.com/authentication-bypass-vulnerability-impersonation-on-article-comments-97169213b07c?source=rss------bug_bounty-5Shahariar Aminauthentication-bypass, bug-bounty21-Mar-2025
Business Logichttps://medium.com/@520hazem/business-logic-53377a732c8c?source=rss------bug_bounty-5Hazembusiness-logic-flaw, portswigger, portswigger-lab, bug-bounty, business-logic21-Mar-2025
$100 for a Filthy Enterprise Email Leaks in source code.https://medium.com/@rootplinix/100-for-a-filthy-enterprise-email-leaks-in-source-code-c9ddf118d9ae?source=rss------bug_bounty-5Abu Hurayrainfosec, bug-bounty, writeup, hacking, cybersecurity21-Mar-2025
How to Get Root Privilege after getting foothold [ EJPT Notes]https://infosecwriteups.com/how-to-get-root-privilege-after-getting-foothold-ejpt-notes-ce526a535ca3?source=rss------bug_bounty-5Mr Horbiocybersecurity, hacking, bug-bounty, ethical-hacking, privilege-escalation21-Mar-2025
Bug Hunting with HTTPX: A Powerful Security Tool in 2025 ✅https://medium.com/@cybertips96/bug-hunting-with-httpx-a-powerful-security-tool-in-2025-1b20a8425f62?source=rss------bug_bounty-5Cybertipstechnology, bug-bounty, hackerone-report, http-status-code21-Mar-2025
Cryptographic Failures: Advanced Insights and Real-World Attackshttps://osintteam.blog/cryptographic-failures-advanced-insights-and-real-world-attacks-bb6230f9f5be?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, bug-bounty, careers, technology, cybersecurity21-Mar-2025
Mobile Number Verification Bypass CWE-840 Business Logic Errorhttps://medium.com/@VulnRAM/mobile-number-verification-bypass-cwe-840-business-logic-error-1cd80b0bced5?source=rss------bug_bounty-5ramzey elsayed mohamedbug-bounty, pentesting, bug-bounty-writeup, bug-bounty-tips20-Mar-2025
How I Made $5000 in 1 Hour Finding 5 SQLi Vulnerabilities Manuallyhttps://medium.com/@ibtissamhammadi/how-i-made-5000-in-1-hour-finding-5-sqli-vulnerabilities-manually-bfbff1c02a47?source=rss------bug_bounty-5Ibtissam Hammadicybersecurity, sql, web-security, bug-bounty, ethical-hacking20-Mar-2025
How I Made $1,000,000 in Bug Bounties — Finding a Simple $500,000+ Vulnerability with Just a…https://theindiannetwork.medium.com/how-i-made-1-000-000-in-bug-bounties-finding-a-simple-500-000-vulnerability-with-just-a-d5e224041c6e?source=rss------bug_bounty-5TheIndianNetworkidor-vulnerability, api-security, bug-bounty-tips, bug-bounty, bug-bounty-writeup20-Mar-2025
How I Earned $2000 from SQL Injection: A Bug Hunter’s Guidehttps://theindiannetwork.medium.com/how-i-earned-2000-from-sql-injection-a-bug-hunters-guide-3fb2bb0c51bd?source=rss------bug_bounty-5TheIndianNetworkbug-bounty, sql-injection, database-hack, bug-bounty-tips, sql-injection-attack20-Mar-2025
From Zero to Hero: Hunting High-Paying Open Redirect Bugs in Web Appshttps://infosecwriteups.com/from-zero-to-hero-hunting-high-paying-open-redirect-bugs-in-web-apps-fdb80286236e?source=rss------bug_bounty-5coffinxppenetration-testing, cybersecurity, bug-bounty-tips, bug-bounty-writeup, bug-bounty20-Mar-2025
Ghost in the Machine: Advanced Persistent Threats (APTs) Hiding in Firmware and Hardware-Level…https://medium.com/@paritoshblogs/ghost-in-the-machine-advanced-persistent-threats-apts-hiding-in-firmware-and-hardware-level-e2c228c4839d?source=rss------bug_bounty-5Paritoshcybersecurity, hacking, information-technology, bug-bounty, apt20-Mar-2025
One Year of Cybersecurity Writing: Lessons, Insights & What’s Next!https://medium.com/@verylazytech/one-year-of-cybersecurity-writing-lessons-insights-whats-next-beb1cff93805?source=rss------bug_bounty-5Very Lazy Techthank-you, hacking, growth, bug-bounty, cybersecurity20-Mar-2025
Part 1: How I dumped 5,000,000 emails by reading admin panel JS code.https://medium.com/@alimuhammadsecured/how-i-dumped-5-000-000-emails-by-reading-admin-panel-js-code-bb8cfe23bcab?source=rss------bug_bounty-5Alimuhammadsecuredhacking, vulnerability, bug-bounty, red-team, ethicalhackin20-Mar-2025
✅ Step-by-Step Guide: Install WSL (Windows Subsystem for Linux) Terminalhttps://medium.com/@cybertips96/step-by-step-guide-install-wsl-windows-subsystem-for-linux-terminal-674813db62fa?source=rss------bug_bounty-5Cybertipsbug-bounty20-Mar-2025
Server-Side Request Forgery (SSRF) Explainedhttps://medium.com/@abdelrahmanahmetoglu/server-side-request-forgery-ssrf-explained-46cc1468b9ba?source=rss------bug_bounty-5Abdelrahmanahmetogluweb-security, cybersecurity, bug-bounty, web-development, ssrf20-Mar-2025
Easy $250: Discovered Exposed .env Fileshttps://medium.com/@Abhijeet_kumawat_/easy-250-discovered-exposed-env-files-762204fcedcd?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, infosec, cybersecurity, hacking, secrets20-Mar-2025
✅ Step-by-Step Guide: Install and Configure Oh My Posh in Windows Terminal (WSL)https://medium.com/@cybertips96/step-by-step-guide-install-and-configure-oh-my-posh-in-windows-terminal-wsl-080fc7d9f11c?source=rss------bug_bounty-5Cybertipspromptengineeringchatgpt, artificial-intelligence, bug-bounty, psychology, technology20-Mar-2025
Full Account Takeover via XSS: My Bug Hunting Win… or Was It?https://mushirsyed.medium.com/full-account-takeover-via-xss-my-bug-hunting-win-or-was-it-3b3fb05c25a9?source=rss------bug_bounty-5Syed Mushirxss-vulnerability, bug-hunting, account-takeover, bug-bounty, xss-attack20-Mar-2025
I Bypassed WAF To Escalate SQLI ~Reward HOFhttps://ajakcybersecurity.medium.com/i-bypassed-waf-to-escalate-sqli-reward-hof-00c5ddb0053e?source=rss------bug_bounty-5AJAK Cyber Academycybersecurity, learning, hacking, bug-bounty, penetration-testing20-Mar-2025
How to Approach a Target for Bug Hunting ✨https://medium.com/@vipulsonule71/how-to-approach-a-target-for-bug-hunting-81f8ce89cdf3?source=rss------bug_bounty-5Vipul Sonuleethical-hacking, penetration-testing, cybersecurity, bug-bounty, hacking20-Mar-2025
Mastering Recon in Bug Bounty: Advanced Techniques for 2025https://medium.com/@hackerfromhills/mastering-recon-in-bug-bounty-advanced-techniques-for-2025-1c8b5f3c43b9?source=rss------bug_bounty-5Badal kathayathacker, bug-bounty-writeup, hacking, bug-bounty-tips, bug-bounty20-Mar-2025
Improper Access Control Worth $$$ Bountyhttps://medium.com/@mohaned0101/improper-access-control-worth-bounty-e8706ab3a3ec?source=rss------bug_bounty-5mohaned alkhlotbug-bounty, bug-bounty-tips20-Mar-2025
How I Took Admin Account via JWT Bypasshttps://medium.com/@shyam.sam0704/how-i-took-admin-account-via-jwt-bypass-5eb96430c2ad?source=rss------bug_bounty-5Shyamvulnerability-management, jwt-authentication, bug-bounty-writeup, bug-bounty, jwt-exploitation20-Mar-2025
Self-Hosted vs. Third-Party Bug Bounty Platforms: Key Differences Explainedhttps://medium.com/@cybertips96/self-hosted-vs-third-party-bug-bounty-platforms-key-differences-explained-16358ac9488c?source=rss------bug_bounty-5Cybertipstechnology, programming, bug-bounty20-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-121)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-121-f00a0b2a9abe?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, hacking, bug-bounty, bug-bounty-tips, cybersecurity20-Mar-2025
When Life Gave Me a 500 Error, I Found AWS Keys Instead! $$RFhttps://medium.com/@iski/when-life-gave-me-a-500-error-i-found-aws-keys-instead-rf-b416f8ca68f8?source=rss------bug_bounty-5Iskibug-bounty, cybersecurity, bug-bounty-tips, aws20-Mar-2025
Cryptographic Failures: A Comprehensive Guidehttps://cyberw1ng.medium.com/cryptographic-failures-a-comprehensive-guide-410064fe6e4e?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, cybersecurity, careers, bug-bounty, technology20-Mar-2025
Finding and Exploiting XSS in a CRM (and getting paid for it)https://medium.com/@AlasdairGorniak/finding-and-exploiting-xss-in-a-crm-and-getting-paid-for-it-71e2767faeba?source=rss------bug_bounty-5Alasdair Gorniakxss-attack, ethical-hacking, cybersecurity, bug-bounty, hacking20-Mar-2025
No Rate Limiting on Login Endpoint — A Brute Force Vulnerabilityhttps://medium.com/@cybermanx07/no-rate-limiting-on-login-endpoint-a-brute-force-vulnerability-d1300848b445?source=rss------bug_bounty-5Cyber Manethical-hacking, web-security, cybersecurity, burpsuite, bug-bounty19-Mar-2025
Active Directory Federation Services (AD FS)https://medium.com/@paritoshblogs/active-directory-federation-services-ad-fs-1b7c38929964?source=rss------bug_bounty-5Paritoshcybersecurity, information-technology, active-directory, hacking, bug-bounty19-Mar-2025
[CVE Anniversary Activity] CVE report analysis, exclusive activity is now open!https://medium.com/@security.tecno/cve-exclusive-activity-analyze-12-cve-reports-and-start-a-reward-activity-4bab97436b06?source=rss------bug_bounty-5TECNO Securityhacking, cve, security, report, bug-bounty19-Mar-2025
From SSRF to $$$: How I Hacked Autodesk’s Rendering Service and Earned a Bug Bountyhttps://cybersecuritywriteups.com/from-ssrf-to-how-i-hacked-autodesks-rendering-service-and-earned-a-bug-bounty-da444900f7d9?source=rss------bug_bounty-5Krish_cyberosint, bug-bounty-writeup, cybersecurity, bug-bounty, info-sec-writeups19-Mar-2025
BugYatri - web2 & web3 BugBounty Platform for BugHunters!!!https://medium.com/@bugyatri/bugyatri-web2-web3-bugbounty-platform-for-bughunters-476826513b6f?source=rss------bug_bounty-5BugYatribug-bounty, bounty-program, cybersecurity, web3, web19-Mar-2025
A great tool that will be helpful in your bug bounty&pentesting journey.https://infosecwriteups.com/a-great-tool-that-will-be-helpful-in-your-bug-bounty-pentesting-journey-8ce118f4ea00?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, hacking, penetration-testing, tips19-Mar-2025
Users Without Roles/Member Roles Can Create Private Repositories And Secret Teams In Github…https://rhidayah.medium.com/users-without-roles-member-roles-can-create-private-repositories-and-secret-teams-in-github-8fec746ac684?source=rss------bug_bounty-5Rohmad Hidayahbroken-access-control, bug-bounty-writeup, privilege-escalation, bug-bounty, github19-Mar-2025
The Role of Ethical Hackers in Web3 Securityhttps://medium.com/@somtoochukwu65/the-role-of-ethical-hackers-in-web3-security-4b12579da1ef?source=rss------bug_bounty-5Divine Somtoochukwu Innocentblockchain-security, ethical-hacking, web3-security, cyber-threats-2025, bug-bounty19-Mar-2025
Users Without Roles/Member Roles Can Create Private Repositories And Secret Teams In Github…https://infosecwriteups.com/users-without-roles-member-roles-can-create-private-repositories-and-secret-teams-in-github-8fec746ac684?source=rss------bug_bounty-5Rohmad Hidayahbroken-access-control, bug-bounty-writeup, privilege-escalation, bug-bounty, github19-Mar-2025
15+ Linux Environment Variables Hackers Use (You Should Too!)https://medium.com/@verylazytech/15-linux-environment-variables-hackers-use-you-should-too-f4b9397098dd?source=rss------bug_bounty-5Very Lazy Techcybersecurity, penetration-testing, bug-bounty, environmental-variables, hacking19-Mar-2025
Hacking Open Docker Registries: Pulling, Extracting, and Exploiting Images.https://infosecwriteups.com/hacking-open-docker-registries-pulling-extracting-and-exploiting-images-339f41fbf9b4?source=rss------bug_bounty-5nav1nrce-vulnerability, docker, sql-injection, bug-bounty, unauthorized-access19-Mar-2025
How I Got Access to Berkeley University’s One Of Server Using the Legendary ‘admin: admin’ Creds!https://hiddendom.medium.com/how-i-got-access-to-berkeley-universitys-one-of-server-using-the-legendary-admin-admin-creds-64394e6b3152?source=rss------bug_bounty-5Gokuleswaran Bbug-bounty-writeup, penetration-testing, bug-bounty, ethical-hacking, bug-bounty-tips19-Mar-2025
“Secret Keys to Cash: Finding Hidden Flaws for Bug Bounties”https://medium.com/@dimpchubb/secret-keys-to-cash-finding-hidden-flaws-for-bug-bounties-c67ee06dd3eb?source=rss------bug_bounty-5VulnerabilityIntelbug-bounty-writeup, hacking, bug-bounty, penetration-testing, bug-bounty-tips19-Mar-2025
Exclusive Exploit for Sale — Unlock Advanced Security Testing Potential - $$$$ BOUNTYhttps://medium.com/@ajaynaikhack/exclusive-exploit-for-sale-unlock-advanced-security-testing-potential-bounty-197a2cda3c9c?source=rss------bug_bounty-5Ajay Naikpenetration-testing, information-technology, cybersecurity, bug-bounty, information-security19-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-120)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-120-034170afece7?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, bug-bounty-tips, hacking, ethical-hacking19-Mar-2025
HTTP Request Smuggling: Advanced Security Testing Guide and Exploitation Techniqueshttps://infosecwriteups.com/http-request-smuggling-advanced-security-testing-guide-and-exploitation-techniques-1d4dac9a826a?source=rss------bug_bounty-5Ajay Naikbug-bounty, information-security, information-technology, penetration-testing, http-request-smuggling19-Mar-2025
HTTP: The Invisible Language of the Web (And How Hackers Exploit It)https://medium.com/@sobatistacyber/http-the-invisible-language-of-the-web-and-how-hackers-exploit-it-83456833c4c5?source=rss------bug_bounty-5SoBatistahttps, bug-bounty, burpsuite, penetration-testing, hacking19-Mar-2025
No Tools, No Problem — Another Fun Bug Hunting Story!https://strangerwhite.medium.com/no-tools-no-problem-another-fun-bug-hunting-story-22c234331bfd?source=rss------bug_bounty-5StrangeRwhitehacking, information-technology, cyberaware, cybersecurity, bug-bounty19-Mar-2025
Automating Subdomain Takeover Discovery with Shell Scriptinghttps://icecream23.medium.com/automating-subdomain-takeover-discovery-with-shell-scripting-e9016ee77ddd?source=rss------bug_bounty-5Aman Bhuiyanbug-bounty, takeovers, recon, bug-bounty-writeup19-Mar-2025
DOM XSS in portswiggerhttps://medium.com/@testwebsite1244/dom-xss-in-portswigger-50678427bc0f?source=rss------bug_bounty-5Odayportswigger, burpsuite, bug-bounty19-Mar-2025
Why Threat Modeling is a Game Changer for Application Securityhttps://medium.com/@8459vismay/why-threat-modeling-is-a-game-changer-for-application-security-27a225c28f4e?source=rss------bug_bounty-5Vismay Patilcybersecurity, penetration-testing, threat-modeling, bug-bounty, ethical-hacking19-Mar-2025
️ How to Use Nuclei for Bug Huntinghttps://medium.com/@vipulsonule71/%EF%B8%8F-how-to-use-nuclei-for-bug-hunting-413f3496a335?source=rss------bug_bounty-5Vipul Sonulepenetration-testing, hacking, bug-bounty, technology, ethical-hacking19-Mar-2025
Part-3 | Deep Recon Methodology for Bug Bounty Huntershttps://infosecwriteups.com/part-3-deep-recon-methodology-for-bug-bounty-hunters-cd7139eed7e4?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, recon, hacking, infosec, bug-bounty19-Mar-2025
Hacking APIs: Bypassing Rate Limitinghttps://iaraoz.medium.com/hacking-apis-bypassing-rate-limiting-0c7bd075b86c?source=rss------bug_bounty-5Israel Aráoz Severichehacking, appsec, owasp-top-10, bug-bounty, cybersecurity19-Mar-2025
Udemy Savings: Get F5 BIG-IP Courses for Less!https://medium.com/@deepdive4learn/udemy-savings-get-f5-big-ip-courses-for-less-635e7d9cf449?source=rss------bug_bounty-5DeepDive4learncybersecurity, networking, bug-bounty, web, application-security19-Mar-2025
“Unveiled: The Dark Side of Bugcrowd — Unfair Rejections and a Warning to Hackers”https://monsifhmouri.medium.com/unveiled-the-dark-side-of-bugcrowd-unfair-rejections-and-a-warning-to-hackers-ca9d8572ad63?source=rss------bug_bounty-5MONSIF HMOURIbug-bounty, bugcrowd, ethical-hacking19-Mar-2025
$12,900 in Bounties in My First Month of Bug Hunting with Ax Frameworkhttps://medium.com/@EthicalOffsec/12-900-in-bounties-in-my-first-month-of-bug-hunting-with-ax-framework-6d530d25c1c2?source=rss------bug_bounty-50xtavianbug-bounty, bug-bounty-writeup, penetration-testing, hacking, bug-bounty-tips19-Mar-2025
$50K Bounty Just for GitHub Access Token exposurehttps://medium.com/@hrofficial62/50k-bounty-just-for-github-access-token-exposure-d92dcc34eb4d?source=rss------bug_bounty-5Mr Horbiopentesting, cybersecurity, hacking, ethical-hacking, bug-bounty19-Mar-2025
File Inclusion Vulnerabilities: Advanced Exploitation and Mitigation Techniqueshttps://cyberw1ng.medium.com/file-inclusion-vulnerabilities-advanced-exploitation-and-mitigation-techniques-6b47cb6547fd?source=rss------bug_bounty-5Karthikeyan Nagarajtechnology, cybersecurity, bug-bounty, programming, careers19-Mar-2025
♂️ “From Zero to Hero: How 2FA Bypass Turned Me Into a Bug Bounty Legend”https://osintteam.blog/%EF%B8%8F-from-zero-to-hero-how-2fa-bypass-turned-me-into-a-bug-bounty-legend-8eb0b815aaf9?source=rss------bug_bounty-5Krish_cyberbug-bounty, infosec-write-ups, osint, cybersecurity, bug-bounty-writeup19-Mar-2025
File Inclusion Vulnerabilities: Advanced Exploitation and Mitigation Techniqueshttps://osintteam.blog/file-inclusion-vulnerabilities-advanced-exploitation-and-mitigation-techniques-6b47cb6547fd?source=rss------bug_bounty-5Karthikeyan Nagarajtechnology, cybersecurity, bug-bounty, programming, careers19-Mar-2025
Dark Web and Phishing Kits: Exploring the Underground Market for Phishing Toolshttps://medium.com/@paritoshblogs/dark-web-and-phishing-kits-exploring-the-underground-market-for-phishing-tools-a645a9b962f1?source=rss------bug_bounty-5Paritoshhacking, bug-bounty, information-technology, phishing, cybersecurity18-Mar-2025
How to Hacking Amazon Simple Notification Service @amazonhttps://medium.com/@mo7mead/how-to-hacking-amazon-simple-notification-service-amazon-14ff463c402c?source=rss------bug_bounty-5mo7meadcybersecurity, bug-bounty, penetration-testing, bug-bounty-tips18-Mar-2025
Mastering F5 ASM: Web Application Security Like a Pro!https://medium.com/@deepdive4learn/mastering-f5-asm-web-application-security-like-a-pro-2f390613b68a?source=rss------bug_bounty-5DeepDive4learnowasp-top-10, web-development, cybersecurity, bug-bounty, api18-Mar-2025
ChatGPT Jailbreaking: A Sneaky Loophole That Exposes Ethical Gapshttps://medium.com/@dharineeshj2/chatgpt-jailbreaking-a-sneaky-loophole-that-exposes-ethical-gaps-1f3dcf015bf6?source=rss------bug_bounty-5Hack-Batbug-bounty, llm, hacking, cybersecurity, prompt-engineering18-Mar-2025
CRLF Injection: Guide to Finding & Exploiting Vulnerabilitieshttps://infosecwriteups.com/crlf-injection-guide-to-finding-exploiting-vulnerabilities-ec2d55805cc4?source=rss------bug_bounty-5Abhijeet Kumawatcrlf-injection, hacking, cybersecurity, infosec, bug-bounty18-Mar-2025
ZeroCopter Programs for Bug Huntinghttps://osintteam.blog/zerocopter-programs-for-bug-hunting-6b73c4d97fe5?source=rss------bug_bounty-5AbhirupKonwarbug-hunting, pentesting, bug-bounty-tips, ethical-hacking, bug-bounty18-Mar-2025
Modern XSS Challenges: Beyond the Basicshttps://infosecwriteups.com/modern-xss-challenges-beyond-the-basics-90bd9d931e30?source=rss------bug_bounty-5Dhanush Nbug-bounty-writeup, bug-bounty, security, xss-attack, bug-bounty-tips18-Mar-2025
️ How to Be an Ethical Hacker: A Complete Guidehttps://medium.com/@vipulsonule71/%EF%B8%8F-how-to-be-an-ethical-hacker-a-complete-guide-dfa8437aa2d9?source=rss------bug_bounty-5Vipul Sonulebug-bounty, ethical-hacking, cybersecurity, penetration-testing, hacking18-Mar-2025
How to find IDORs like a prohttps://medium.com/@bxrowski0x/how-to-find-idors-like-a-pro-158cf23baf23?source=rss------bug_bounty-5Omar ElSayedinfo-sec-writeups, bug-bounty, infosec, idor, cybersecurity18-Mar-2025
The Ultimate Guide to Setting Up ezXSS on Oracle Cloud Free Tier ARM Serverhttps://medium.com/@curiouskhanna/the-ultimate-guide-to-setting-up-ezxss-on-oracle-cloud-free-tier-arm-server-a60677b2ac2a?source=rss------bug_bounty-5Shubham Khannacybersecurity, blind-xss, bug-bounty, xss-attack18-Mar-2025
CSRF to XSS: Chaining Vulnerabilities for Critical Bug Bountieshttps://krishna-cyber.medium.com/csrf-to-xss-chaining-vulnerabilities-for-critical-bug-bounties-804bced55bb3?source=rss------bug_bounty-5Krish_cyberosint, infosec-write-ups, bug-bounty-writeup, bug-bounty, cybersecurity18-Mar-2025
Can You Find a $4,500 Bug in Google Slides in Under 3 Hourshttps://medium.com/@ibtissamhammadi/can-you-find-a-4-500-bug-in-google-slides-in-under-3-hours-69e9113ccfd3?source=rss------bug_bounty-5Ibtissam Hammadigoogle, bug-hunting, ethical-hacking, cybersecurity, bug-bounty18-Mar-2025
Bug Bounty Hunting in 2025: How to Earn Big with the Best Tools & Platformshttps://medium.com/@modernshubhamgupta/bug-bounty-hunting-in-2025-how-to-earn-big-with-the-best-tools-platforms-a04e66d6575f?source=rss------bug_bounty-5Shubham Rajbug-bounty-tips, bug-bounty, money-making-ideas, cybersecurity, ethical-hacking18-Mar-2025
How to Make Your First $100,000 in Bug Bountyhttps://medium.com/@hackerfromhills/how-to-make-your-first-100-000-in-bug-bounty-51e10cda8f11?source=rss------bug_bounty-5Badal kathayatbug-bounty-tips, bug-hunter, bug-bounty, hacking, bug-bounty-writeup18-Mar-2025
Hacking With Cookieshttps://medium.com/cloud-security/hacking-with-cookies-99d8308169f0?source=rss------bug_bounty-5Teri Radichelpentesting, cookies, penetration-testing, bug-bounty, hacking18-Mar-2025
Some Ways to Find More IDOR Vulnerabilitieshttps://medium.com/@vipulsonule71/some-ways-to-find-more-idor-vulnerabilities-5648f2f6baa7?source=rss------bug_bounty-5Vipul Sonuleethical-hacking, bug-bounty, penetration-testing, hacking, technology18-Mar-2025
The Ultimate Guide to CDX API for Bug Bounty Reconhttps://myselfakash20.medium.com/the-ultimate-guide-to-cdx-api-for-bug-bounty-recon-e98c36d033ed?source=rss------bug_bounty-5Akash Ghoshbug-bounty, bug-bounty-tips, bug-bounty-writeup, programming, cybersecurity18-Mar-2025
Open Redirect Vulnerability: A Detailed Overview and How I Discovered Ithttps://theindiannetwork.medium.com/open-redirect-vulnerability-a-detailed-overview-and-how-i-discovered-it-b95a228f6047?source=rss------bug_bounty-5TheIndianNetworkbug-bounty, open-redirect-vurnability, open-redirect, open-redirection, bug-bounty-tips18-Mar-2025
Understanding File Inclusion Vulnerabilities: A Practical Guidehttps://cyberw1ng.medium.com/understanding-file-inclusion-vulnerabilities-a-practical-guide-25a22c461c2b?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, technology, programming, careers, bug-bounty18-Mar-2025
How I Made $3000 in 3 Minutes with SQLihttps://medium.com/@ibtissamhammadi/how-i-made-3000-in-3-minutes-with-sqli-d32c7f29c869?source=rss------bug_bounty-5Ibtissam Hammadidatabase, bug-bounty, cybersecurity, sql, ethical-hacking17-Mar-2025
Bug Bounty: Cookie timeline utilization when the system uses multiple authentication cookieshttps://medium.com/@expression4865/bug-bounty-cookie-timeline-utilization-when-the-system-uses-multiple-authentication-cookies-7d2e6cc68c34?source=rss------bug_bounty-5expression4865bug-bounty, csrf, xss-attack17-Mar-2025
Subdomain Found! Now What? Next Steps for Bug Huntershttps://infosecwriteups.com/subdomain-found-now-what-next-steps-for-bug-hunters-df8fd79c73b7?source=rss------bug_bounty-5Monika sharmahacking, penetration-testing, bug-bounty-tips, bug-bounty, technology17-Mar-2025
[Best of February — M3Di] From Forest to Code: Transformational Security Researcher Growth Noteshttps://medium.com/@security.tecno/best-of-february-m3di-from-forest-to-code-transformational-security-researcher-growth-notes-5079ac24d1b4?source=rss------bug_bounty-5TECNO Securityapp-development, hacking, bug-bounty, hacker, security17-Mar-2025
Introduction to web3https://doordiefordream.medium.com/introduction-to-web3-b78aa109ced0?source=rss------bug_bounty-5DOD cyber solutionsweb3, blockchain, technology, bug-bounty, ethical-hacking17-Mar-2025
Bug Bounty: Cookie timeline utilization when the system uses multiple authentication cookieshttps://medium.com/@smilemil/bug-bounty-cookie-timeline-utilization-when-the-system-uses-multiple-authentication-cookies-7d2e6cc68c34?source=rss------bug_bounty-5smilemilbug-bounty, csrf, xss-attack17-Mar-2025
Best Bug Bounty Tips of 2025!https://systemweakness.com/best-bug-bounty-tips-of-2025-6f5368491526?source=rss------bug_bounty-5Imad Husanovicbug-bounty, bug-bounty-tips, programming, cybersecurity, hacking17-Mar-2025
How I Bypassed a Firewall, Leading to a Successful SQL Injection Exploithttps://medium.com/@AhmedSamy-X/how-i-bypassed-a-firewall-leading-to-a-successful-sql-injection-exploit-aa605996e163?source=rss------bug_bounty-5Ahmedsamybug-bounty-tips, sql-injection, bug-bounty, cybersecurity, web-exploitation17-Mar-2025
Master Subdomain Enumeration: Step-by-Step Guide to Installing and Using Subfinderhttps://medium.com/@GrayWhite/master-subdomain-enumeration-step-by-step-guide-to-installing-and-using-subfinder-8a9c9b1d0ee9?source=rss------bug_bounty-5CrookSechacking, bug-bounty, cybersecurity17-Mar-2025
Using the full potential of BuiltWith for bug bountyhttps://medium.com/@loyalonlytoday/using-the-full-potential-of-builtwith-for-bug-bounty-24b6145dba44?source=rss------bug_bounty-5loyalonlytodayreconnaissance, bug-bounty, cybersecurity, penetration-testing, tips17-Mar-2025
Is Your Website Vulnerable? Discover the Power of Content Security Policy (CSP)!https://medium.com/@verylazytech/is-your-website-vulnerable-discover-the-power-of-content-security-policy-csp-6b1db2c5779f?source=rss------bug_bounty-5Very Lazy Techcybersecurity, bug-bounty, vulnerability, web-penetration-testing, csp17-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-119)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-119-6da43af9002c?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, ethical-hacking, hacking, bug-bounty, cybersecurity17-Mar-2025
How to start hacking with use AIhttps://medium.com/@vipulsonule71/how-to-start-hacking-with-use-ai-29ff04942528?source=rss------bug_bounty-5Vipul Sonuleethical-hacking, bug-bounty, cybersecurity, penetration-testing, hacking17-Mar-2025
Exif Metadata Not Stripped Leak User Geolocationhttps://firdausmuhammadismail.medium.com/exif-metadata-not-stripped-leak-user-geolocation-67698e6a4ff5?source=rss------bug_bounty-5Firdaus Muhammad Ismailexif-data, bug-bounty, exiftool, server-security, bug-bounty-tips17-Mar-2025
Portswigger XSS Attack Lab 1https://medium.com/@yfhackerinfo/portswigger-xss-attack-lab-1-abf7e06b4344?source=rss------bug_bounty-5Your Friendly Hackercybersecurity, portswigger, bug-bounty, xss-attack, penetration-testing17-Mar-2025
bxbxbhttps://medium.com/@tbryzshmarhkhalh63/bxbxb-b01a7e6ce064?source=rss------bug_bounty-5شماره خاله تبریز =مشهد ـکرمان ـخوزستان ـ زاهدانـstartup, hx, artificial-intelligence, bug-bounty, software-development17-Mar-2025
How I Earned $15,000 from Bug Bounties: Buffer Overflow Exploit Explained (With Practical Code)https://theindiannetwork.medium.com/how-i-earned-15-000-from-bug-bounties-buffer-overflow-exploit-explained-with-practical-code-b662843f6e07?source=rss------bug_bounty-5TheIndianNetworkbuffer-overflow-exploits, buffer-overflow, bug-bounty, buffer-overflow-attack, bug-bounty-tips17-Mar-2025
How I Earned $12,000 Finding a Remote Command Execution Bug (With Real Exploit)https://theindiannetwork.medium.com/how-i-earned-12-000-finding-a-remote-command-execution-bug-with-real-exploit-18aaa66d2703?source=rss------bug_bounty-5TheIndianNetworkbug-bounty, bug-bounty-tips, rce, remote-command-execution, rce-vulnerability17-Mar-2025
Zero-Day Hunting for Rent: The Rise of Bug Bounty Mercenarieshttps://medium.com/dare-to-be-better/zero-day-hunting-for-rent-the-rise-of-bug-bounty-mercenaries-411c88954140?source=rss------bug_bounty-5Ahmad Javedzero-day-economy, penetration-testing, bug-bounty, hackers-for-hire, cybersecurity17-Mar-2025
Best Bug Bounty Tools for Hackers in 2025: Why Digi Astra is the Ultimate Choicehttps://medium.com/@modernshubhamgupta/best-bug-bounty-tools-for-hackers-in-2025-why-digi-astra-is-the-ultimate-choice-fd414bc41fa9?source=rss------bug_bounty-5Shubham Rajethical-hacking, bug-bounty-writeup, hacking, cybersecurity, bug-bounty17-Mar-2025
What Is Race Condition Vulnerabilityhttps://medium.com/@rawansa3ed2002/what-is-race-condition-vulnerability-e01cd1be0e9b?source=rss------bug_bounty-5Rawansaedbug-bounty, race-condition, ethical-hacking, cybersecurity, bug-hunting17-Mar-2025
Simple 2FA Bypass Techniques for Beginnershttps://cyberw1ng.medium.com/simple-2fa-bypass-techniques-for-beginners-edec48befa23?source=rss------bug_bounty-5Karthikeyan Nagarajtechnology, careers, programming, cybersecurity, bug-bounty17-Mar-2025
How to Earn $3000/Hour with a Critical Vulnerabilityhttps://medium.com/@ibtissamhammadi/how-to-earn-3000-hour-with-a-critical-vulnerability-7fe0f262d3e5?source=rss------bug_bounty-5Ibtissam Hammadibug-bounty, hacking, cybersecurity, ethical-hacking, bug-bounty-hunting17-Mar-2025
How I Discovered a P4 Bug on the U.S. Social Security Administrationhttps://osintteam.blog/how-i-discovered-a-p4-bug-on-the-u-s-social-security-administration-8236ecd2a003?source=rss------bug_bounty-5Xh081iXethical-hacking, bug-bounty-tips, infosec, bug-bounty, cybersecurity17-Mar-2025
$$$$ For Full Account Take-over, 2fa bypass, Sensitive data Exposure via Critical CORS…https://mr-pwner.medium.com/for-full-account-take-over-2fa-bypass-sensitive-data-exposure-via-critical-cors-310ee989179a?source=rss------bug_bounty-5Omarethical-hacking, cybersecurity, web-security, bug-bounty, account-takeover17-Mar-2025
Critical IDOR: Unrestricted Access to All Company Published Fileshttps://medium.com/@0xAhM3D/critical-idor-unrestricted-access-to-all-company-published-files-c8db77070e87?source=rss------bug_bounty-50xAhM3Dbug-bounty-tips, idor-vulnerability, bug-bounty, idor-poc, bug-bounty-writeup17-Mar-2025
How To Discover Hidden Endpoints️‍♂️https://medium.com/@Abhijeet_kumawat_/how-to-discover-hidden-endpoints-%EF%B8%8F-%EF%B8%8F-cc4c82c8a886?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, hacking, ai, infosec, cybersecurity17-Mar-2025
How To Discover Hidden Endpoints️‍♂️https://infosecwriteups.com/how-to-discover-hidden-endpoints-%EF%B8%8F-%EF%B8%8F-cc4c82c8a886?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, hacking, ai, infosec, cybersecurity17-Mar-2025
Simple 2FA Bypass Techniques for Beginnershttps://osintteam.blog/simple-2fa-bypass-techniques-for-beginners-edec48befa23?source=rss------bug_bounty-5Karthikeyan Nagarajtechnology, careers, programming, cybersecurity, bug-bounty17-Mar-2025
CVE-2025–26633: A Silent Threat in Windows MMC — What You Need to Knowhttps://medium.com/@jkyne6368/cve-2025-26633-a-silent-threat-in-windows-mmc-what-you-need-to-know-0f5156d97738?source=rss------bug_bounty-5Jordillainformation-security, ethical-hacking, bug-bounty, cve, cybersecurity16-Mar-2025
How I Hacked an E-Commerce Website & Found XSShttps://aiwolfie.medium.com/how-i-hacked-an-e-commerce-website-found-xss-75db71424d4a?source=rss------bug_bounty-5AIwolfiebug-bounty, bug-bounty-writeup, cybersecurity, html-injection, xss-attack16-Mar-2025
VERY BASIC - How I Solve CSRF in Portswigger Labhttps://medium.com/@aashifm/very-basic-how-i-solve-csrf-in-portswigger-lab-f090e3325a0e?source=rss------bug_bounty-5196.0.0.1cybersecurity, proxy, bug-bounty, csrf, burpsuite16-Mar-2025
My journey being hacker #1 in BOLIVIA 2024/2023https://medium.com/@vanpedrazas/my-journey-being-hacker-1-in-bolivia-2024-2023-7299d397a682?source=rss------bug_bounty-5Ivan Bernardo Pedrazas Rodriguezmotivation, life, cybersecurity, bug-bounty, life-lessons16-Mar-2025
A website that will be helpful in your bug bounty journey.https://infosecwriteups.com/a-website-that-will-be-helpful-in-your-bug-bounty-journey-de4f0f1721a8?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, ethical-hacking, cybersecurity, resources, bug-bounty16-Mar-2025
Reverse Engineering APIs with Burp2APIhttps://medium.com/@samhilliard/reverse-engineering-apis-with-burp2api-f333c7a8bab9?source=rss------bug_bounty-5Sam Hilliardbug-bounty, postman, reverse-engineering, burpsuite, pentesting16-Mar-2025
File Upload Vulnerabilities: How Hackers Exploit Them & How to Stay Securehttps://medium.com/@verylazytech/file-upload-vulnerabilities-how-hackers-exploit-them-how-to-stay-secure-fe75b4b5003c?source=rss------bug_bounty-5Very Lazy Techhacking, file-upload-bypass, unrestricted-file-upload, bug-bounty, file-upload-vulnerability16-Mar-2025
How to Start bug hunting in 2025https://medium.com/@vipulsonule71/how-to-start-bug-hunting-in-2025-6e131cefe1eb?source=rss------bug_bounty-5Vipul Sonulebug-bounty, penetration-testing, cybersecurity, hacking, technology16-Mar-2025
My journey being hacker #1 in BOLIVIA 2024/2023https://medium.com/@vanpedrazas/my-journey-being-hacker-1-in-bolivia-2024-2023-7299d397a682?source=rss------bug_bounty-5Ivan Bernardo Pedrazas Rodriguezmotivation, cybersecurity, bug-bounty, life-lessons, startup16-Mar-2025
Blind XSS: When Your Payloads Are Sneakier Than Your Exhttps://medium.com/@shadyfarouk1986/blind-xss-when-your-payloads-are-sneakier-than-your-ex-1321eec7af83?source=rss------bug_bounty-5Shady Faroukbug-bounty, vulnerability, bounty-hunter, pentesting16-Mar-2025
Ethical Hacking with ChatGPThttps://medium.com/@vipulsonule71/ethical-hacking-with-chatgpt-651bf8f00e81?source=rss------bug_bounty-5Vipul Sonulehacking, cybersecurity, bug-bounty, chatgpt, penetration-testing16-Mar-2025
Gas Level Vulnerability: Floating pragma versionhttps://medium.com/@jeetpal2007/gas-level-vulnerability-floating-pragma-version-10a7741ab096?source=rss------bug_bounty-5JEETPALbug-bounty-writeup, web3, smart-contract-security, smartcontract-audit, bug-bounty16-Mar-2025
How I Hacked an E-Commerce Website & Found XSShttps://publication.osintambition.org/how-i-hacked-an-e-commerce-website-found-xss-75db71424d4a?source=rss------bug_bounty-5AIwolfiebug-bounty, bug-bounty-writeup, cybersecurity, html-injection, xss-attack16-Mar-2025
CVE-2025–24993: A Critical Vulnerability in Microsoft Windows NTFShttps://medium.com/@jkyne6368/cve-2025-24993-a-critical-vulnerability-in-microsoft-windows-ntfs-b90782570e2d?source=rss------bug_bounty-5Jordillapenetration-testing, cve, vulnerability, ethical-hacking, bug-bounty16-Mar-2025
CRTO Review — 2025https://abhishekgk.medium.com/crto-review-2025-c3f39480a10d?source=rss------bug_bounty-5Abhishekgkcybersecurity, bug-bounty, crto, red-team, certification16-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-118)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-118-6d657a95f1e7?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, hacking, ethical-hacking, bug-bounty-tips16-Mar-2025
Day 27: The $2,200 ATO Most Bug Hunters Overlookedhttps://medium.com/@danielbelay/day-27-the-2-200-ato-most-bug-hunters-overlooked-3de76d30d96a?source=rss------bug_bounty-5dani3laccount-takeover, bug-bounty, cybersecurity16-Mar-2025
Finding CSRF Bug Bounty Program — Get $$https://firdausmuhammadismail.medium.com/finding-csrf-bug-bounty-program-get-253461291432?source=rss------bug_bounty-5Firdaus Muhammad Ismailcsrf, bug-bounty, csrf-token, vulnerability, hackerone16-Mar-2025
SQL Injection UNION Attack, Retrieving Multiple Values in a Single Columnhttps://medium.com/@marduk.i.am/sql-injection-union-attack-retrieving-multiple-values-in-a-single-column-d6c6d91be74d?source=rss------bug_bounty-5Marduk I Amportswigger-lab, bug-bounty, sqli, sql-injection, information-security16-Mar-2025
Bypassing 2FA to Impersonate Users on Drugs.comhttps://medium.com/@regan_temudo/bypassing-2fa-to-impersonate-users-on-drugs-com-66fb84b0491d?source=rss------bug_bounty-5Regan Temudoethical-hacking, bug-bounty, 2fa, vulnerability-disclosure, cybersecurity16-Mar-2025
CVE-2022–45875: Command Injection Vulnerability in Apache DolphinSchedulerhttps://sahnounoussama.medium.com/cve-2022-45875-command-injection-vulnerability-in-apache-dolphinscheduler-50acfe7dfa07?source=rss------bug_bounty-5Sahnoun Oussamacve-2022-45875, code-review, apache-dolphinscheduler, bug-bounty, ctf-walkthrough16-Mar-2025
OAuth and JWT Attackshttps://medium.com/cloud-security/oauth-and-jwt-attacks-3840fe2a113f?source=rss------bug_bounty-5Teri Radichelbug-bounty, security, penetration-testing, oauth, pentesting16-Mar-2025
CSRF in JSON Requests: A Real-World Exploit on Payout Featureshttps://medium.com/@mohamed.yasser442200/csrf-in-json-requests-a-real-world-exploit-on-payout-features-2829086ace5c?source=rss------bug_bounty-5Spider4hacking, csrf, json, bug-bounty, bug-bounty-tips16-Mar-2025
Mastering Web Recon with WebCopilothttps://osintteam.blog/mastering-web-recon-with-webcopilot-78da58bfb428?source=rss------bug_bounty-5Monika sharmapenetration-testing, bug-bounty-tips, bug-bounty, hacking, technology16-Mar-2025
How a Logic Flaw Allowed Attackers to Hijack Accountshttps://cyberw1ng.medium.com/how-a-logic-flaw-allowed-attackers-to-hijack-accounts-39509d7340e6?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, programming, technology, careers16-Mar-2025
How I Found an Open Redirect Vulnerability Easily (Worth $500!)https://infosecwriteups.com/how-i-found-an-open-redirect-vulnerability-easily-worth-500-274999bb6527?source=rss------bug_bounty-5Abhijeet Kumawathacking, infosec, bug-bounty, ai, cybersecurity16-Mar-2025
How a Logic Flaw Allowed Attackers to Hijack Accountshttps://osintteam.blog/how-a-logic-flaw-allowed-attackers-to-hijack-accounts-39509d7340e6?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, programming, technology, careers16-Mar-2025
How to Access Another’s Systems Remotely like Hacker [Ethical Hacking]https://medium.com/@hrofficial62/how-to-access-anothers-systems-remotely-like-hacker-ethical-hacking-732fca529e49?source=rss------bug_bounty-5Mr Horbiobug-bounty, cybersecurity, hacking, pentesting, ethical-hacking15-Mar-2025
A Website that will be helpful in your Bug bounty and OSINT journeyhttps://infosecwriteups.com/a-website-that-will-be-helpful-in-your-bug-bounty-and-osint-journey-2c3368346924?source=rss------bug_bounty-5loyalonlytodayinvesting, cybersecurity, tips, osint, bug-bounty15-Mar-2025
Bypassing OTP Verification: Another Bug Found Without Any Tools!https://strangerwhite.medium.com/bypassing-otp-verification-another-bug-found-without-any-tools-8b2c1013c3e7?source=rss------bug_bounty-5StrangeRwhitebug-bounty-tips, otp-bypass, bug-bounty, infosec, bugbounty-writeup15-Mar-2025
Low-Level Vulnerability: Fixed Hardcoded Datahttps://medium.com/@jeetpal2007/low-level-vulnerability-fixed-hardcoded-data-f0cc9b9d971f?source=rss------bug_bounty-5JEETPALsmart-contract-auditing, smart-contract-security, web3, smart-contracts, bug-bounty15-Mar-2025
Web 3: — writeups collectionshttps://medium.com/@jeetpal2007/web-3-writeups-collections-9f3cce5bc382?source=rss------bug_bounty-5JEETPALweb3, smart-contract-security, bug-bounty, cybersecurity15-Mar-2025
Title: How a Simple Header Lets Attackers Bypass OTP Rate Limits (And How to Fix It)https://medium.com/@PareXploit/title-how-a-simple-header-lets-attackers-bypass-otp-rate-limits-and-how-to-fix-it-a005167c6eaf?source=rss------bug_bounty-5Paresh Kukadiyaweb-security, bug-bounty, cyber-awareness, ratelimitbypass, cybersecurity15-Mar-2025
The Ultimate Guide to Writing Test Cases for Smart Contractshttps://securrtech.medium.com/the-ultimate-guide-to-writing-test-cases-for-smart-contracts-99ce93f34149?source=rss------bug_bounty-5Securr - Web3 Securitybug-bounty, smart-contract-auditing, smart-contract-security, web3-security, blockchain-security15-Mar-2025
Directory Transversal at 404 (not found)https://medium.com/@saiganesh18062003/directory-transversal-at-404-not-found-def92e74de12?source=rss------bug_bounty-5Levi Ackermanbugs, information-security, hacking, bug-bounty, cybersecurity15-Mar-2025
Day 26: Critical ATO via Business Logic Flawhttps://medium.com/@danielbelay/day-26-critical-ato-via-business-logic-flaw-87236b93eea1?source=rss------bug_bounty-5dani3laccount-takeover, cybersecurity, bug-bounty15-Mar-2025
What After choosing a target ? Recon Methodology— Bug Bounty Restart Phase 3https://infosecwriteups.com/what-after-choosing-a-target-recon-methodology-bug-bounty-restart-phase-3-8d83afee5116?source=rss------bug_bounty-5Om Aroratechnology, bug-bounty-tips, bug-bounty, cybersecurity, infosec15-Mar-2025
Broken Link Hunting The Power of Patience and Persistencehttps://enes478.medium.com/broken-link-hunting-the-power-of-patience-and-persistence-784c4cc61aa9?source=rss------bug_bounty-5Enes Özlekhackerone, bug-bounty-tips, bug-bounty, bugbounty-writeup15-Mar-2025
How to Bypass Web Application Firewalls (WAF)https://medium.com/@vipulsonule71/how-to-bypass-web-application-firewalls-waf-9210c25cbb4c?source=rss------bug_bounty-5Vipul Sonulebug-bounty, ethical-hacking, ai, hacking, cybersecurity15-Mar-2025
XSS Payload Extracted Server Private Key | $$$ Bountyhttps://medium.com/@darshannnaik1234/xss-payload-extracted-server-private-key-bounty-b20730fc0753?source=rss------bug_bounty-5Darshan Naresh Naikcybercrime, bug-bounty, technology, hacking, cyberseurity15-Mar-2025
Bug Bounty Hunting for Absolute Beginnershttps://medium.com/@hackerfromhills/bug-bounty-hunting-for-absolute-beginners-f4ec4a127705?source=rss------bug_bounty-5Badal kathayathacking, bug-bounty, bug-bounty-writeup, bug-bounty-tips, bug-hunter15-Mar-2025
CVE-2025–24813: Apache Tomcat Path Equivalence Vulnerability $$$$ BOUNTYhttps://infosecwriteups.com/cve-2025-24813-apache-tomcat-path-equivalence-vulnerability-bounty-961350b31e16?source=rss------bug_bounty-5Ajay Naikpenetration-testing, bug-bounty, information-technology, cybersecurity, information-security15-Mar-2025
Payload Generation Techniques for Bug Bounty Huntershttps://bitpanic.medium.com/payload-generation-techniques-for-bug-bounty-hunters-ab8b75bdffa6?source=rss------bug_bounty-5Spectat0rguybug-bounty, ai-generated-content, technology, programming, cybersecurity15-Mar-2025
Open Redirect — CodePolitan Vulnerability Catchhttps://firdausmuhammadismail.medium.com/open-redirect-codepolitan-vulnerability-catch-10d33baa6a71?source=rss------bug_bounty-5Firdaus Muhammad Ismailwriteup, bug-bounty, bug-hunter, vulnerability, redirect15-Mar-2025
From ‘alert(1)’ to Account Takeover: A Story of 4-digit Bounties and Bypassing HTML Sanitisershttps://medium.com/@saltify/from-alert-1-to-account-takeover-a-story-of-4-digit-bounties-and-bypassing-html-sanitisers-dd8ca0ac502b?source=rss------bug_bounty-5saltifycybersecurity, ethical-hacking, bug-bounty, infosec15-Mar-2025
How I Bypassed Verification & One Pro Tip for Bug Huntershttps://medium.com/@mahdisalhi0500/how-i-bypassed-verification-one-pro-tip-for-bug-hunters-28dc82578614?source=rss------bug_bounty-5CaptinSHArky(Mahdi)bug-bounty-writeup, bug-bounty-tips, bug-bounty, penetration-testing, infosec15-Mar-2025
Beginner’s SQL Injection Cheat Sheethttps://cyberw1ng.medium.com/beginners-sql-injection-cheat-sheet-7c0f8d217e8e?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, technology, cybersecurity, programming15-Mar-2025
Mastering JSRecon: A Comprehensive Guide to Identifying Sensitive Data in JavaScript Fileshttps://systemweakness.com/mastering-jsrecon-a-comprehensive-guide-to-identifying-sensitive-data-in-javascript-files-352771f10659?source=rss------bug_bounty-50verlo0kedexploitation, bug-bounty, javascript, bugs, js14-Mar-2025
Part-2 | Mastering 403 Forbidden Bypass Techniques✨https://cybersecuritywriteups.com/part-2-mastering-403-forbidden-bypass-techniques-707e7880fa22?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, 403-forbidden, hacking, bug-bounty, infosec14-Mar-2025
How I Found a Critical Billing Bug but Ended Up with a Duplicatehttps://medium.com/@aminouji23/how-i-found-a-critical-billing-bug-but-ended-up-with-a-duplicate-ac6934fab714?source=rss------bug_bounty-5Aminoujipentesting, information-security, infosec, bug-bounty-tips, bug-bounty14-Mar-2025
Metasploit 101: Hack Systems, Test Security, and Stay Ahead!https://medium.com/@paritoshblogs/metasploit-101-hack-systems-test-security-and-stay-ahead-799922167146?source=rss------bug_bounty-5Paritoshcybersecurity, metasploit, bug-bounty, information-technology, hacking14-Mar-2025
The Ultimate Burp Suite Playbook — Hidden Features & Automation!https://medium.com/@paritoshblogs/the-ultimate-burp-suite-playbook-hidden-features-automation-e9a07944dbd4?source=rss------bug_bounty-5Paritoshcybersecurity, ai, burpsuite, bug-bounty, hacking14-Mar-2025
When Code Flaws Strike: How Tiny Bugs Lead to Admin Account Takeovershttps://krishna-cyber.medium.com/when-code-flaws-strike-how-tiny-bugs-lead-to-admin-account-takeovers-74124a437ba3?source=rss------bug_bounty-5Krish_cyberosint, bug-bounty, bug-bounty-tips, infosec-write-ups, cybersecurity14-Mar-2025
Mastering iOS Pentesting with otoolhttps://medium.com/@prasadraj954/mastering-ios-pentesting-with-otool-0803bd65c7ed?source=rss------bug_bounty-5Raj Prasad Kuiripentesting, bug-bounty, ios-penetration-testing, mobile-pentesting, cybersecurity14-Mar-2025
Exploit ZoomEye’s Subscription “Bug” to Unlock 75 Days of Free Recon Powerhttps://medium.com/@kenilalexandra07/exploit-zoomeyes-subscription-bug-to-unlock-75-days-of-free-recon-power-eaf843a339e2?source=rss------bug_bounty-5Kenilalexandrahacking, bug-bounty, vulnerability, shodan, cve14-Mar-2025
How to Find a Job as a Bug Hunterhttps://medium.com/@vipulsonule71/how-to-find-a-job-as-a-bug-hunter-c6e9a8962299?source=rss------bug_bounty-5Vipul Sonulebug-bounty, technews, cybersecurity, hacking, technology14-Mar-2025
How to Find XSS in Bug Hunting (Automated Approach)https://medium.com/@vipulsonule71/how-to-find-xss-in-bug-hunting-automated-approach-f306cce03a76?source=rss------bug_bounty-5Vipul Sonulepenetration-testing, xss-attack, cybersecurity, hacking, bug-bounty14-Mar-2025
How I Found an IDOR Vulnerability – A Responsible Disclosure Storyhttps://medium.com/@vickyrohith70/how-i-found-an-idor-vulnerability-a-responsible-disclosure-story-def2885bbe0c?source=rss------bug_bounty-5Vickyrohithweb-applications, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-writeup14-Mar-2025
Agent T walkthrough — TryHackMehttps://medium.com/@ahmedessmat/agent-t-walkthrough-tryhackme-e6831a57af33?source=rss------bug_bounty-5Ahmed Essmatcybersecurity, agent-t, bug-bounty14-Mar-2025
10 Hacking Tools from the Future: What to Expect in 2025https://medium.com/@hxp7th/10-hacking-tools-from-the-future-what-to-expect-in-2025-efc4d8a21a6a?source=rss------bug_bounty-5Hxp7thfuturism, hacking, cybersecurity, hacking-tools, bug-bounty14-Mar-2025
Automating SQL Injection: A Practical Guide for Security Researchershttps://cyberw1ng.medium.com/automating-sql-injection-a-practical-guide-for-security-researchers-2ee75fd16b84?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, programming, technology, cybersecurity, bug-bounty14-Mar-2025
The Art of SQL Injection : A Comprehensive Guidehttps://zeusvuln.medium.com/the-art-of-sql-injection-a-comprehensive-guide-d394e8affb6d?source=rss------bug_bounty-5ZeUsVuLnbug-bounty, bug-bounty-writeup, bug-bounty-tips, cybersecurity14-Mar-2025
Skills Assessment for Web Service & API attacks: Hackthebox CBBH Coursehttps://medium.com/@treykenyon30/skills-assessment-for-web-service-api-attacks-hackthebox-cbbh-course-51b3b56feb2d?source=rss------bug_bounty-5Treykenyonweb-app-security, hackthebox, cbbh, bug-bounty, hacking14-Mar-2025
This nuclei template made me to find more bugshttps://medium.com/@canonminibeast/this-nuclei-template-made-me-to-find-more-bugs-20de8365be3d?source=rss------bug_bounty-5Canonminibeastcybersecurity, bug-bounty-writeup, bug-bounty, bug-bounty-tips, hacking14-Mar-2025
This nuclei template made me to find more bugshttps://medium.com/@canonminibeast/this-nuclei-template-made-me-to-find-more-bugs-caa8c7d6931e?source=rss------bug_bounty-5Canonminibeastbug-bounty-tips, bug-bounty-writeup, bug-bounty, recon, cybersecurity14-Mar-2025
How I Buy ₹6284 Worth of Items for Just ₹1https://cybersecuritywriteups.com/how-i-buy-6284-worth-of-items-for-just-1-14b96af18c6e?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, money, ai, bug-bounty, cybersecurity14-Mar-2025
Automating SQL Injection: A Practical Guide for Security Researchershttps://osintteam.blog/automating-sql-injection-a-practical-guide-for-security-researchers-2ee75fd16b84?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, programming, technology, cybersecurity, bug-bounty14-Mar-2025
Unauthenticated API Leaks Private Property Datahttps://medium.com/@banertheinrich/unauthenticated-api-leaks-private-property-data-f125e8fe0c4d?source=rss------bug_bounty-5Adham Heinrichbug-bounty-writeup, bug-bounty, bug-bounty-tips, idor, cybersecurity13-Mar-2025
Bug Bountyhttps://medium.com/@hihiprocybertech/bug-bounty-0e661e725299?source=rss------bug_bounty-5hihiproethical-hacking, cybersecurity, bug-bounty, bug-bounty-writeup, bug-bounty-tips13-Mar-2025
How I found my 2nd SQL injection vulnerability on the Indian Government website!https://hiddendom.medium.com/how-i-found-my-2nd-sql-injection-vulnerability-on-the-indian-government-website-e617e682e953?source=rss------bug_bounty-5Gokuleswaran Bbug-bounty-tips, sql-injection-attack, bug-bounty-writeup, sql-injection, bug-bounty13-Mar-2025
How I Hacked NASA And Received an Appreciation Letterhttps://medium.com/@Abhijeet_kumawat_/how-i-hacked-nasa-and-received-an-appreciation-letter-2d4a78a4a1f6?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, cybersecurity, nasa, hacking, infosec13-Mar-2025
How to Earn Money in Bug Hunting Using Automated Toolshttps://medium.com/@vipulsonule71/how-to-earn-money-in-bug-hunting-using-automated-tools-93382ffcd7ed?source=rss------bug_bounty-5Vipul Sonulewriting, ethical-hacking, hacking, cybersecurity, bug-bounty13-Mar-2025
How I Bypassed Email Uniqueness: Exploiting Weak Access Control in a Bug Bounty Programhttps://saconychukwu.medium.com/how-i-bypassed-email-uniqueness-exploiting-weak-access-control-in-a-bug-bounty-program-28177f3c0b29?source=rss------bug_bounty-5Sacony Chukwubug-bounty-hunter, cybersecurity, bug-bounty-writeup, bug-bounty13-Mar-2025
Bypass the Rate limiting mechanism and earn bounty of $5000 and more.https://medium.com/@anandrishav2228/bypass-the-rate-limiting-mechanism-and-earn-bounty-of-5000-and-more-dad3ef6db3ad?source=rss------bug_bounty-5Rishav anandcybersecurity, bug-bounty, hacking, money, infosec13-Mar-2025
Bypassing Windows Defender & AVs with an LNK Exploit to Gain a Reverse Shellhttps://medium.com/@dharineeshj2/bypassing-windows-defender-avs-with-an-lnk-exploit-to-gain-a-reverse-shell-09244fcefb10?source=rss------bug_bounty-5Hack-Bathacking, pentesting, cybersecurity, bug-bounty13-Mar-2025
Hacking Swagger UI - 101https://infosecwriteups.com/hacking-swagger-ui-101-ccbce66ba028?source=rss------bug_bounty-5RivuDonswagger-ui, bug-bounty, infosec, bug-bounty-tips, bug-bounty-writeup13-Mar-2025
GraphQL Vulnerabilities: A Complete Guide to Security Testing and Advanced Exploitation Techniqueshttps://infosecwriteups.com/graphql-vulnerabilities-a-complete-guide-to-security-testing-and-advanced-exploitation-techniques-5eb94af945c0?source=rss------bug_bounty-5Ajay Naikgraphql, penetration-testing, cybersecurity, bug-bounty, information-security13-Mar-2025
2FA & MFA Hacks: Bypass OTP Like a Pro — @VeryLazyTechhttps://medium.com/@verylazytech/2fa-mfa-hacks-bypass-otp-like-a-pro-verylazytech-7eb9f8c4f5c1?source=rss------bug_bounty-5Very Lazy Techotp-bypass, 2fa, mfa, bug-bounty, bypass-technique13-Mar-2025
How to Hack Wifi using | wifite Tool ️https://medium.com/@vipulsonule71/how-to-hack-wifi-using-wifite-tool-%EF%B8%8F-235a6eb67ed4?source=rss------bug_bounty-5Vipul Sonulepenetration-testing, ai, hacking, technology, bug-bounty13-Mar-2025
Get your First bounty as a newbiehttps://medium.com/@saiganesh18062003/get-your-first-bounty-as-a-newbie-fcba6a92e998?source=rss------bug_bounty-5Levi Ackermancyber, bug-bounty, bug-bounty-tips, cybersecurity, bug-bounty-writeup13-Mar-2025
Markdown Parsing Flaw Leads to Persistent System Lockdownhttps://medium.com/@syarifsajjad07/markdown-parsing-flaw-leads-to-persistent-system-lockdown-f7a0820d7685?source=rss------bug_bounty-5Syarifsajjadbug-bounty, cybersecurity, hacking, hackerone, bug-bounty-tips13-Mar-2025
How I Found Sensitive Information using Github Dorks in Bug Bounties — Part 2https://mukibas37.medium.com/find-bugs-using-github-dorking-part-2-2f80c1023592?source=rss------bug_bounty-5Mukilan Baskaranbug-bounty-writeup, ethical-hacking, cybersecurity, bug-bounty, github-dorking13-Mar-2025
How I Found a Bug in Minutes — No Tools, Just Mindful Approach to Testing!https://strangerwhite.medium.com/how-i-found-a-bug-in-minutes-no-tools-just-mindful-approach-to-testing-0dd034ff8ab9?source=rss------bug_bounty-5StrangeRwhitebug-bounty, cybersecurity, hacking, bugbounty-writeup, vulnerability13-Mar-2025
Title: “Mass Assignment Mastery: From Zero to ATO Hero in Bug Bounties ️♂️”https://krishna-cyber.medium.com/title-mass-assignment-mastery-from-zero-to-ato-hero-in-bug-bounties-%EF%B8%8F-%EF%B8%8F-d3bf53027ce7?source=rss------bug_bounty-5Krish_cyberosint, bug-bounty-tips, infosec-write-ups, hacking, bug-bounty13-Mar-2025
Understanding SQL Injection: A Deep Dive into Exploitation and Preventionhttps://cyberw1ng.medium.com/understanding-sql-injection-a-deep-dive-into-exploitation-and-prevention-0d3712bc6b93?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, technology, careers, programming13-Mar-2025
The Hidden Goldmine: Exploiting Exposed API Keys & Tokens in 2025https://cybersecuritywriteups.com/the-hidden-goldmine-exploiting-exposed-api-keys-tokens-in-2025-fc22139f4cbd?source=rss------bug_bounty-5Krish_cyberethical-hacking, cybersecurity, info-sec-writeups, api, bug-bounty13-Mar-2025
Hackyholidays CTF (Grinch Network) Write-Up | Part 2| Hacker101 CTFhttps://medium.com/@sari.mmusab/hackyholidays-ctf-grinch-network-write-up-part-2-hacker101-ctf-89d394702807?source=rss------bug_bounty-5Musab Sarıcybersecurity, ctf, bug-bounty, burpsuite, technology13-Mar-2025
Proffesional Hacker’s Breakout. NnFace’s Advices #3 “The Curve of Hacking”https://osintteam.blog/proffesional-hackers-breakout-nnface-s-advices-3-the-curve-of-hacking-b28c9875145e?source=rss------bug_bounty-5NnFacebug-bounty, bug-bounty-tips, cybersecurity, hacker, hacking13-Mar-2025
Cracking the Cache: A Bug Bounty Hunter’s Guide to Web Cache Vulnerabilities (With Real-World…https://osintteam.blog/cracking-the-cache-a-bug-bounty-hunters-guide-to-web-cache-vulnerabilities-with-real-world-33bb7b47ff1c?source=rss------bug_bounty-5Krish_cyberinfosec-write-ups, hacking, cybersecurity, bug-bounty, bug-bounty-tips13-Mar-2025
Turn website feedback into instant, actionable tickets.https://medium.com/@readybready4/turn-website-feedback-into-instant-actionable-tickets-40ef4bc14be6?source=rss------bug_bounty-5New AI Apps Dailybug-bounty, bugs, bug-report, bug-bounty-writeup, bug-bounty-tips12-Mar-2025
Cómo conseguí mi primera vulnerabilidad válida para Adobehttps://medium.com/@juanfelipeoz.rar/c%C3%B3mo-consegu%C3%AD-mi-primera-vulnerabilidad-v%C3%A1lida-para-adobe-2d6617ec51e5?source=rss------bug_bounty-5Juan Felipe Osorio Zhacking, bug-bounty-writeup, cybersecurity, bug-bounty, hackerone12-Mar-2025
100$ reward from hacking the earning sitehttps://bytesnull44.medium.com/100-reward-from-hacking-the-earning-site-803b49028df7?source=rss------bug_bounty-5Bytesnullbug-bounty, programming, developer, cybersecurity12-Mar-2025
How I Bypassed Cloudflare WAF and Achieve XSS | $500 bountyhttps://cybersecuritywriteups.com/how-i-bypassed-cloudflare-waf-and-achieve-xss-500-bounty-32914f652901?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, hacking, xss-attack, cybersecurity, infosec12-Mar-2025
Earn $$$ Hunting Bugs! A Beginner’s Guide to Bug Bounty Successhttps://medium.com/@paritoshblogs/earn-hunting-bugs-a-beginners-guide-to-bug-bounty-success-6ba585935178?source=rss------bug_bounty-5Paritoshhow-to, bug-bounty, cybersecurity, hacking, ai12-Mar-2025
Zero-Click Account Takeover via Auth Bypasshttps://medium.com/@hossam_hamada/zero-click-account-takeover-via-auth-bypass-c3130fb5a5e0?source=rss------bug_bounty-5Hossam Hamadabug-bounty-tips, bug-bounty, account-takeover, hackerone, authentication12-Mar-2025
Understanding Basic Chmodhttps://medium.com/pndsec/understanding-basic-chmod-8b93a82baf95?source=rss------bug_bounty-5Erkan Kavasethical-hacking, pentesting, linux, chmod, bug-bounty12-Mar-2025
Found Bug in Car and make $20,000 and more.https://medium.com/@anandrishav2228/found-bug-in-car-and-make-20-000-and-more-6c71152bca80?source=rss------bug_bounty-5Rishav anandbug-bounty, cybersecurity, red-team, money, cars12-Mar-2025
Network Pentesting -Active / Passive Information gathering like Pro Part -1https://medium.com/@Cyber_siva/network-pentesting-active-passive-information-gathering-like-pro-part-1-7d0ab04b1491?source=rss------bug_bounty-5Siva Sankarnetwork-security, cybersecurity, hacking, pentesting, bug-bounty12-Mar-2025
LDAP Injection Unleashed: The Hidden Exploit Hackers Use to Break In!https://medium.com/@verylazytech/ldap-injection-unleashed-the-hidden-exploit-hackers-use-to-break-in-42eb28f14325?source=rss------bug_bounty-5Very Lazy Techldap, cybersecurity, hacking, penetration-testing, bug-bounty12-Mar-2025
How I Earned $500 for Getting Trapped in a Private Facebook Eventhttps://infosecwriteups.com/how-i-earned-500-for-getting-trapped-in-a-private-facebook-event-d4b7f3fdaacd?source=rss------bug_bounty-5Vivek PScybersecurity, bug-bounty, hacking, programming, ethical-hacking12-Mar-2025
Recon Done, Now What? A Beginner’s Guide to Finding Bugs After Recon!https://systemweakness.com/recon-done-now-what-a-beginners-guide-to-finding-bugs-after-recon-e13177674833?source=rss------bug_bounty-5Taahir Mujawarrbug-bounty, bug-bounty-writeup, hacking, cybersecurity, bug-bounty-tips12-Mar-2025
How to Find Subdomain Takeover in Bug Huntinghttps://medium.com/@vipulsonule71/how-to-find-subdomain-takeover-in-bug-hunting-33aed8f43c27?source=rss------bug_bounty-5Vipul Sonuletechnology, penetration-testing, hacking, cybersecurity, bug-bounty12-Mar-2025
Ultimate List of Free Resources for Bug Bounty Huntershttps://infosecwriteups.com/ultimate-list-of-free-resources-for-bug-bounty-hunters-bfba8deb5a36?source=rss------bug_bounty-5Om Aroracybersecurity, technology, bug-bounty, programming, infosec12-Mar-2025
how i found the broken link hijacking?https://doordiefordream.medium.com/how-i-found-broken-link-hijacking-46a57e9d40c3?source=rss------bug_bounty-5Bug hunter balubug-bounty, cybersecurity, vulnerability, technology, ethical-hacking12-Mar-2025
Hacking with SSRF: A Deep Dive into Server-Side Request Forgeryhttps://medium.com/codingninjablogs/hacking-with-ssrf-a-deep-dive-into-server-side-request-forgery-e42d9011f672?source=rss------bug_bounty-5#$ubh@nk@rbug-bounty, infosec, ssrf, writeup, hacking12-Mar-2025
How Interesting 2FA Bypass Through Browser Feature Lead Me To Critical Vulnerability.https://medium.com/@dishantsingh989/how-interesting-2fa-bypass-through-browser-feature-lead-me-to-critical-vulnerability-18f9c72a8f8d?source=rss------bug_bounty-5Dishantsinghbug-bounty, cybersecurity, bug-bounty-tips, bug-bounty-writeup, hackerone12-Mar-2025
Penetration Testing: Discovery Phase & Reconnaissance Techniqueshttps://medium.com/@shoaibbinrashid11/penetration-testing-discovery-phase-reconnaissance-techniques-6e1fc9d479f5?source=rss------bug_bounty-5Shoaib Bin Rashidcybersecurity, web-security, bug-bounty, pentesting, penetration-testing12-Mar-2025
Penetration Testing er Discovery Phase: Passive & Active Reconnaissancehttps://medium.com/@shoaibbinrashid11/penetration-testing-er-discovery-phase-passive-active-reconnaissance-436b4bf5485b?source=rss------bug_bounty-5Shoaib Bin Rashidpenetration-testing, pentesting, bug-bounty, web-security, cybersecurity12-Mar-2025
Mastering 403 Bypass: Unlock Hidden Bounties Like a Pro!https://osintteam.blog/mastering-403-bypass-unlock-hidden-bounties-like-a-pro-bc8ee954c209?source=rss------bug_bounty-5Krish_cyberbug-bounty-writeup, bug-bounty, infosec-write-ups, osint, cybersecurity12-Mar-2025
Authentication Bypass leads to PII = ($$$)https://mchklt.medium.com/authentication-bypass-leads-to-pii-01d34fc7f547?source=rss------bug_bounty-5ABDELKARIM MOUCHQUELITAcybersecurity, authentication, automation, bug-bounty, hacking12-Mar-2025
Bug Hunting: Find Hidden Vulnerabilitieshttps://osintteam.blog/bug-hunting-find-hidden-vulnerabilities-32ef94af0d28?source=rss------bug_bounty-5Monika sharmabug-bounty-tips, bug-bounty, hacking, technology, penetration-testing12-Mar-2025
Simple SQL Injection: Exploiting and Preventing One of the Most Dangerous Web Vulnerabilitieshttps://cyberw1ng.medium.com/simple-sql-injection-exploiting-and-preventing-one-of-the-most-dangerous-web-vulnerabilities-f61c6841348a?source=rss------bug_bounty-5Karthikeyan Nagarajtechnology, careers, bug-bounty, programming, cybersecurity12-Mar-2025
What $5,000 Vulnerability Did Everyone Else Misshttps://medium.com/@ibtissamhammadi/what-5-000-vulnerability-did-everyone-else-miss-1afd570a280b?source=rss------bug_bounty-5Ibtissam Hammadibug-bounty, hackerone, vulnerability, ethical-hacking, cybersecurity12-Mar-2025
Investigating Nmap Scans with Wiresharkhttps://medium.com/@thecyberghost/investigating-nmap-scans-with-wireshark-bfe77af6441a?source=rss------bug_bounty-5The Cyber Ghostnmap, bug-bounty, wireshark-tutorial, cybersecurity, wireshark12-Mar-2025
Multiple Account Creation with Same Emailhttps://medium.com/@A0X-Y0S3TRX/multiple-account-creation-with-same-email-81acb37aca96?source=rss------bug_bounty-5A0X-Y0S3TRXbug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, hunting, bug-bounty12-Mar-2025
How to Write Effective Prompts for ChatGPT in Bug Bounty Huntinghttps://medium.com/@ajudeb55/how-to-write-effective-prompts-for-chatgpt-in-bug-bounty-hunting-b885dcf4f743?source=rss------bug_bounty-5Aju Debprogramming, cybersecurity, bug-bounty, chatgpt, technology11-Mar-2025
Exposed! A Massive Data Leak Uncovered with Just a Simple Google Dork ️https://medium.com/@dharineeshj2/exposed-a-massive-data-leak-uncovered-with-just-a-simple-google-dork-%EF%B8%8F-a103b640e2e5?source=rss------bug_bounty-5Hack-Batcybersecurity, bug-bounty, ethical-hacking, hacking11-Mar-2025
IDOR Unlocked: Accessing Unauthorized Data with a Simple Tweak!https://medium.com/@dharineeshj2/idor-unlocked-accessing-unauthorized-data-with-a-simple-tweak-a6a5a01a341f?source=rss------bug_bounty-5Hack-Bathacking, cybersecurity, bug-bounty, ethical-hacking11-Mar-2025
Linux Privilege Escalation [Part-1] | EJPT Noteshttps://medium.com/@hrofficial62/linux-privilege-escalation-part-1-ejpt-notes-7f978d958888?source=rss------bug_bounty-5Mr Horbiohacking, penetration-testing, ethical-hacking, cybersecurity, bug-bounty11-Mar-2025
绕过JsBridge鉴权实现账户接管https://medium.com/@xiaoshi666/%E7%BB%95%E8%BF%87jsbridge%E9%89%B4%E6%9D%83%E5%AE%9E%E7%8E%B0%E8%B4%A6%E6%88%B7%E6%8E%A5%E7%AE%A1-cf421b291484?source=rss------bug_bounty-5xiaoshibug-bounty, cybersecurity11-Mar-2025
Mastering XSS Attacks To Become Professional Bug Bounty Hunterhttps://cybersecuritywriteups.com/mastering-xss-attacks-to-become-professional-bug-bounty-hunter-816f018643b3?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, ai, cybersecurity, bug-bounty, xss-attack11-Mar-2025
PHOTOGRAPHER 1 BY OFFSEChttps://medium.com/@mickeylance001/photographer-1-by-offsec-27dbcc716805?source=rss------bug_bounty-5mickey lancectf-walkthrough, offsec, bug-bounty, penetration-testing, ctf-writeup11-Mar-2025
CORS Misconfigurations & Bypass Techniques: A Hacker’s Guide to Exploiting Weak Policieshttps://medium.com/@verylazytech/cors-misconfigurations-bypass-techniques-a-hackers-guide-to-exploiting-weak-policies-f3229b574a9a?source=rss------bug_bounty-5Very Lazy Techbug-bounty, cors, penetration-testing, ethical-hacking, hacking11-Mar-2025
Disclosure of Secrets – A $1000 Bug Bounty Winhttps://medium.com/@salaheddine_kalada/exploiting-misconfigured-azure-application-insights-a-1000-bug-bounty-win-cf16f6ad2ff0?source=rss------bug_bounty-5Salaheddinebug-bounty, bug-bounty-tips, bug-bounty-writeup, bugbounty-writeup11-Mar-2025
How to Become a Bug Bounty Hunter in 2025https://medium.com/@ebinkantony/how-to-become-a-bug-bounty-hunter-in-2025-e7a528b5cc16?source=rss------bug_bounty-5Ebin K Antonybug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty, ethical-hacking11-Mar-2025
Hijacking the CTF Event: The Story of a Host Header Injection (1000$)https://medium.com/@bajajkrrish11/hijacking-the-ctf-event-the-story-of-a-host-header-injection-1000-f6ef62006f07?source=rss------bug_bounty-5Krrish Bajajhacking, host-header-injection, bug-bounty-tips, bug-bounty, bounty-program11-Mar-2025
One Token, Two Apps: The OAuth Flaw That Can Compromise Your Accounts — A Silent Security Disasterhttps://medium.com/@rahulgairola/one-token-two-apps-the-oauth-flaw-that-can-compromise-your-accounts-a-silent-security-disaster-31cff04dcceb?source=rss------bug_bounty-5Rahul Gairolabug-bounty-tips, cybersecurity, bug-bounty-writeup, bug-bounty, oauth11-Mar-2025
How I uncover an IDOR led to access Private CVhttps://infosecwriteups.com/how-i-uncover-an-idor-led-to-access-private-cv-access-3ff5be987896?source=rss------bug_bounty-5JEETPALcybersecurity, bug-bounty-writeup, bugbounty-tips, idor, bug-bounty11-Mar-2025
WAF(Web Application Firewall) Fingerprinting.https://medium.com/infosecmatrix/waf-web-application-firewall-fingerprinting-035d008094cd?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, fingerprinting, waf, programming11-Mar-2025
Today I Found an XSS Bug: A Lesson in Web Securityhttps://theindiannetwork.medium.com/today-i-found-an-xss-bug-a-lesson-in-web-security-d3fc4e3ae5b6?source=rss------bug_bounty-5TheIndianNetworkcybersecurity, bug-bounty, ethical-hacking, cross-site-scription, xss-vulnerability11-Mar-2025
Client Side Path Traversal (CSPT) - A Deep Dive into an Overlooked Vulnerabilityhttps://0xkratos.medium.com/client-side-path-traversal-cspt-a-deep-dive-into-an-overlooked-vulnerability-cdf91baca715?source=rss------bug_bounty-5Amal PKbugbounty-writeup, cybersecurity, bug-bounty, cyber, hacking11-Mar-2025
Hijacking the CTF Event: The Story of a Host Header Injection (1000$)https://cybersecuritywriteups.com/hijacking-the-ctf-event-the-story-of-a-host-header-injection-1000-f6ef62006f07?source=rss------bug_bounty-5Krrish Bajajhacking, host-header-injection, bug-bounty-tips, bug-bounty, bounty-program11-Mar-2025
This python script saved my recon timehttps://medium.com/@canonminibeast/this-python-script-saved-my-recon-time-b780ade10b97?source=rss------bug_bounty-5Canonminibeastgoogle, bug-bounty-writeup, hacking, cybersecurity, bug-bounty11-Mar-2025
Testing for HTTP Verb Tampering: A Complete Guidehttps://infosecwriteups.com/testing-for-http-verb-tampering-a-complete-guide-ca1fba91fdb6?source=rss------bug_bounty-5Ajay Naikcybersecurity, information-security, information-technology, bug-bounty, penetration-testing11-Mar-2025
This python script saved my recon timehttps://medium.com/@canonminibeast/this-python-script-saved-my-recon-time-66d6206628a0?source=rss------bug_bounty-5Canonminibeastbug-bounty, cybersecurity, bug-bounty-writeup, hacking, website11-Mar-2025
Anomaly Detection in Network Traffic: Enhancing Cybersecurityhttps://medium.com/@paritoshblogs/anomaly-detection-in-network-traffic-enhancing-cybersecurity-2e90277c6af3?source=rss------bug_bounty-5Paritoshbug-bounty, ai, networking, hacking, cybersecurity11-Mar-2025
Account Takeover via postMessagehttps://phlmox.medium.com/account-takeover-via-postmessage-3c493c6d1354?source=rss------bug_bounty-5phlmoxbug-bounty, cybersecurity, account-takeover11-Mar-2025
When Life Throws Errors, I Throw Commands: My Command Injection Bughttps://medium.com/@iski/when-life-throws-errors-i-throw-commands-my-command-injection-bug-18969d979da4?source=rss------bug_bounty-5Iskibug-bounty, bug-bounty-tips, hacking, cybersecurity, command-injection11-Mar-2025
My First Paid Bug Bounty — Stored Blind XSShttps://medium.com/@dante.falls/my-first-paid-bug-bounty-stored-blind-xss-abe8ad06b3b3?source=rss------bug_bounty-5Dante Fallscybersecurity, web-security, bug-bounty11-Mar-2025
Day 25: From alert(origin) to ATO — An XSS Storyhttps://medium.com/@danielbelay/day-25-from-alert-origin-to-ato-an-xss-story-41c78c1fe66d?source=rss------bug_bounty-5dani3lbug-bounty, cybersecurity, account-takeover-attacks, ethical-hacking11-Mar-2025
Advanced SQL Injection (Part 2)https://medium.com/@julius.grosserode.19/advanced-sql-injection-part-2-57bf83e202b1?source=rss------bug_bounty-5Juliomysql, bug-bounty, sql, sql-injection, bug-bounty-reports11-Mar-2025
Critical SQL Injection Exploit in URL Paths: Bounty Reporthttps://cyberw1ng.medium.com/critical-sql-injection-exploit-in-url-paths-bounty-report-6bf36e066f1f?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, careers, technology, bug-bounty, cybersecurity11-Mar-2025
Beyond Alert Boxes: Exploiting DOM XSS for Full Account Takeoverhttps://ehteshamulhaq198.medium.com/beyond-alert-boxes-exploiting-dom-xss-for-full-account-takeover-094e1507d206?source=rss------bug_bounty-5Ehtesham Ul Haqinformation-security, xss-attack, bug-bounty, xss-bypass, bug-bounty-tips11-Mar-2025
From User to Admin: A Privilege Escalation via Business Logichttps://siratsami71.medium.com/from-user-to-admin-a-privilege-escalation-via-business-logic-7ae901be7d81?source=rss------bug_bounty-5Sirat Sami (analyz3r)bug-bounty, logic, privilege-escalation10-Mar-2025
How I Hijacked an Instagram Account and Discovered Open Redirection Vulnerabilitieshttps://medium.com/@josekuttykunnelthazhebinu/how-i-took-over-an-instagram-account-using-broken-link-hijacking-found-open-redirections-on-c03b0c62add6?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuprogramming, bug-bounty, cybersecurity, penetration-testing, hacking10-Mar-2025
Best Tool For Subdomain Enumerationhttps://cybersecuritywriteups.com/best-tool-for-subdomain-enumeration-f3f40a8e1748?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, bug-bounty, cybersecurity, bots, hacking10-Mar-2025
With BLUF — Always write with clarity and effectiveness!https://learningsomecti.medium.com/with-bluf-always-write-with-clarity-and-effectiveness-b4450939b841?source=rss------bug_bounty-5Andy Cwriting, cybersecurity, threat-intelligence, bug-bounty, threat-hunting10-Mar-2025
The Hidden Danger of Social Media: How Just Viewing a Post Exposes Your Datahttps://medium.com/@sulmanfarooq531/the-hidden-danger-of-social-media-how-just-viewing-a-post-exposes-your-data-b2181ec8d667?source=rss------bug_bounty-5Sulman Farooq Ssocial-media, cybersecurity, data, security, bug-bounty10-Mar-2025
Top 10 OAuth 2.0 Hacking Techniques — Part 2https://medium.com/@itamar.yochpaz/top-10-oauth-2-0-hacking-techniques-part-2-a45504ee373b?source=rss------bug_bounty-5Itamar Yochpazpenetration-testing, bug-bounty, application-security, cybersecurity, hacking10-Mar-2025
Bug Report: Authentication Redirect Issue in Sanicle-AI Platformhttps://chanmeng666.medium.com/bug-report-authentication-redirect-issue-in-sanicle-ai-platform-fedbf7c84862?source=rss------bug_bounty-5Chan Mengauthentication, bug-bounty, nextjs, nextauth, debugging10-Mar-2025
Secure Coding Practices for TEE Applications: A Guide for CA and TA Developershttps://medium.com/@security.tecno/secure-coding-practices-for-tee-applications-a-guide-for-ca-and-ta-developers-43978c4b82d4?source=rss------bug_bounty-5TECNO Securitysecurity, bug-bounty, writing, hacking, blog10-Mar-2025
How I Earned $2000 Automated Bug Bounty Huntinghttps://medium.com/@rafaelczanetti/how-i-earned-2000-automated-bug-bounty-hunting-e46ce02d645d?source=rss------bug_bounty-5Rafael Cavalcantebug-bounty10-Mar-2025
Discover the Awesome Bug Bounty Writeups GitHub Repohttps://medium.com/@a.muhzeke/discover-the-awesome-bug-bounty-writeups-github-repo-40d4bfa61241?source=rss------bug_bounty-5Anthony Mazyckthreat-hunting, bug-bounty, soc, cybersecurity10-Mar-2025
Bypassing Rate Limits Like a Pro: Advanced Exploitation Techniqueshttps://medium.com/@verylazytech/bypassing-rate-limits-like-a-pro-advanced-exploitation-techniques-a2643a6ea606?source=rss------bug_bounty-5Very Lazy Techbug-bounty, bypassing-rate-limit, 403-forbidden, web-attack, penetration-testing10-Mar-2025
Bypass To 1-Click ATOhttps://medium.com/@xiaoshi666/bypass-to-1-click-ato-ebfee258d8cc?source=rss------bug_bounty-5xiaoshibug-bounty, cybersecurity10-Mar-2025
What’s the $5 Secret Behind Exploiting IDOR Vulnerabilities? (You Won’t Believe #3)https://medium.com/@ibtissamhammadi/whats-the-5-secret-behind-exploiting-idor-vulnerabilities-you-won-t-believe-3-b8e50c21a352?source=rss------bug_bounty-5Ibtissam Hammadibug-bounty, cybersecurity, web-security, idor-vulnerability, owasp10-Mar-2025
Unexpected input lead to Functionality confusion and P4 easy bug?https://medium.com/@hamdiyasin135/unexpected-input-lead-to-functionality-confusion-and-p4-easy-bug-ba30013caddd?source=rss------bug_bounty-5yassin hamdibug-bounty, cyper-security, logic, access-control10-Mar-2025
Penetration Testing Planning Phase — Ekta Detailed Guidehttps://medium.com/@shoaibbinrashid11/penetration-testing-planning-phase-ekta-detailed-guide-23009766800a?source=rss------bug_bounty-5Shoaib Bin Rashidpenetration-testing, bug-bounty, web-security, cybersecurity, pentesting10-Mar-2025
Penetration Testing Planning Phase — A Complete Guidehttps://medium.com/@shoaibbinrashid11/penetration-testing-planning-phase-a-complete-guide-376140284df0?source=rss------bug_bounty-5Shoaib Bin Rashidweb-security, bug-bounty, cybersecurity, penetration-testing, pentesting10-Mar-2025
Penetration Testing Phases: Full Bangla Explanation with Examplehttps://medium.com/@shoaibbinrashid11/penetration-testing-phases-full-bangla-explanation-with-example-8dd3d5a5043c?source=rss------bug_bounty-5Shoaib Bin Rashidbug-bounty, cybersecurity, web-security, pentesting, penetration-testing10-Mar-2025
How I Turned Government Website Into a Phishing Machine (And How You Can Prevent It)https://medium.com/@nebty/how-i-turned-government-website-into-a-phishing-machine-and-how-you-can-prevent-it-fd70dbe57030?source=rss------bug_bounty-5Nebtybug-bounty-tips, phishing, vulnerability, bug-bounty, cybersecurity10-Mar-2025
️♂️ How I Uncovered a $1000 Vulnerability by Exploiting an “Out-of-Sync” Flawhttps://cybersecuritywriteups.com/%EF%B8%8F-%EF%B8%8F-how-i-uncovered-a-1000-vulnerability-by-exploiting-an-out-of-sync-flaw-0b377c9c411d?source=rss------bug_bounty-5Krish_cyberbug-bounty, infosec-write-ups, cybersecurity, xss-attack, osint10-Mar-2025
Article 2: Setting Up an Emulator in Android Studio with Window ,Linuxhttps://medium.com/@fancybearIN/article-2-setting-up-an-emulator-in-android-studio-with-window-linux-9b7bb490edb7?source=rss------bug_bounty-5Deepak Parkashappsec, android-app-development, android, bug-bounty, androiddev10-Mar-2025
How I Made $500 in 30 Days Using ChatGPT as My Ethical Hacking Coach! ️https://krishna-cyber.medium.com/how-i-made-500-in-30-days-using-chatgpt-as-my-ethical-hacking-coach-%EF%B8%8F-f4e8c48c4501?source=rss------bug_bounty-5Krish_cybercybersecurity, infosec-write-ups, osint, chatgpt, bug-bounty10-Mar-2025
Server Side Parameter Pollution — Deep Dive — Part 1https://medium.com/@prathmeshshendarkar/server-side-parameter-pollution-deep-dive-part-1-51aed2539c07?source=rss------bug_bounty-5Prathmesh Sprogramming, servers, bugs, web, bug-bounty10-Mar-2025
Race Conditions in Bug Bounty: From Beginner to Advancedhttps://cyberw1ng.medium.com/race-conditions-in-bug-bounty-from-beginner-to-advanced-4b48586dfc73?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, technology, programming, bug-bounty, cybersecurity10-Mar-2025
Extracting Forensic Evidence from Smartwatch Data: A CID Hackathon Experiencehttps://infosecwriteups.com/extracting-forensic-evidence-from-smartwatch-data-a-cid-hackathon-experience-8a45b6ef7d5b?source=rss------bug_bounty-5Xh081iXiot, bug-bounty, cybersecurity, infosec, ethical-hacking10-Mar-2025
How to find hidden parameters in your bug bounty targethttps://infosecwriteups.com/how-to-find-hidden-parameters-in-your-bug-bounty-target-35427ac49b91?source=rss------bug_bounty-5loyalonlytodaytips, bug-bounty-tips, cybersecurity, bug-bounty, ethical-hacking10-Mar-2025
Race Conditions in Bug Bounty: From Beginner to Advancedhttps://systemweakness.com/race-conditions-in-bug-bounty-from-beginner-to-advanced-4b48586dfc73?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, technology, programming, bug-bounty, cybersecurity10-Mar-2025
From Partial IDOR to GPS Tracking — API Flaw Explainedhttps://infosecwriteups.com/from-partial-idor-to-gps-tracking-api-flaw-explained-5eebab2af32a?source=rss------bug_bounty-5Mahendra Purbia (Mah3Sec)api, infosec, pentesting, bug-bounty, idor09-Mar-2025
“Blind CSS Exfiltration: The Bug Bounty Tactic That Earns Hackers $10k+ (Here’s How)”https://osintteam.blog/blind-css-exfiltration-the-bug-bounty-tactic-that-earns-hackers-10k-heres-how-fdb12a82826f?source=rss------bug_bounty-5Krish_cyberinfo-sec-writeups, osint, bug-bounty-writeup, bug-bounty, cybersecurity09-Mar-2025
How I Found a Google API Key Leak in a Bug Bounty Programhttps://medium.com/@AhmedSamy-X/how-i-found-a-google-api-key-leak-in-a-bug-bounty-program-c9a497efe479?source=rss------bug_bounty-5Ahmedsamypenetration-testing, hacking, api, cybersecurity, bug-bounty09-Mar-2025
The Original Bug Bounty: Alfred Hobbs and the Great Lock Controversy of 1851https://caseyjohnellis.medium.com/the-original-bug-bounty-alfred-hobbs-and-the-great-lock-controversy-of-1851-cd390705befb?source=rss------bug_bounty-5caseyjohnellisvulnerability-research, cybersecurity, bug-bounty, locksmith09-Mar-2025
Find Exposed Buckets and files, etc., with this resource.https://infosecwriteups.com/find-exposed-buckets-and-files-etc-with-this-resource-115f8865015b?source=rss------bug_bounty-5loyalonlytodaytips, bug-bounty, penetration-testing, cybersecurity, ethical-hacking09-Mar-2025
Attacking and Defending Active Directory: Real-World Scenarioshttps://medium.com/@paritoshblogs/attacking-and-defending-active-directory-real-world-scenarios-6533ca82a8d2?source=rss------bug_bounty-5Paritoshhacking, active-directory, blue-team, bug-bounty, red-team09-Mar-2025
The Art of Bug Reportinghttps://medium.com/nerd-for-tech/the-art-of-bug-reporting-13be09192741?source=rss------bug_bounty-5sajith dilshanbug-bounty, software-testing, bug-report, bug-reporting, qa09-Mar-2025
How to Use Nuclei for Bug Huntinghttps://medium.com/@vipulsonule71/how-to-use-nuclei-for-bug-hunting-0d60bea1fd92?source=rss------bug_bounty-5Vipul Sonulebug-bounty, cybersecurity, technology, ai, hacking09-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-117)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-117-8211b7ea0a72?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty, cybersecurity, ethical-hacking, hacking09-Mar-2025
Found 5 BAC in One Single App within 2 Hourshttps://medium.com/@mrro0o0tt/found-5-bac-in-one-single-app-within-2-hours-07a2307db2ca?source=rss------bug_bounty-5Whoamiidor-vulnerability, broken-access-control, bug-bounty, bug-bounty-tips, privilege-escalation09-Mar-2025
Part-2 | Deep Recon Methodology for Bug Bounty Huntershttps://cybersecuritywriteups.com/part-2-deep-recon-methodology-for-bug-bounty-hunters-2ea73cefb010?source=rss------bug_bounty-5Abhijeet Kumawatrecon, infosec, hacking, bug-bounty, cyber-security-awareness09-Mar-2025
Top 11 Bug Bounty Extensions That Will Save You Hourshttps://infosecwriteups.com/top-11-bug-bounty-extensions-that-will-save-you-hours-bea31a368529?source=rss------bug_bounty-5Om Arorabug-bounty-tips, bug-bounty, technology, cybersecurity, infosec09-Mar-2025
Big Bounty: Uncovering Critical Security Flaws in Android Appshttps://hackersatty.medium.com/big-bounty-uncovering-critical-security-flaws-in-android-apps-0935963703e6?source=rss------bug_bounty-5hackersattyjavascript, android, android-bug-bounty, bug-bounty, bug-bounty-tips09-Mar-2025
JWT Vulnerabilities in Pentesting: Exploitation Techniques & Security Best Practiceshttps://medium.com/@verylazytech/free-link-in-the-first-comment-d6d0cb759590?source=rss------bug_bounty-5Very Lazy Techethical-hacking, jwt-security, jwt-pentesting, jwt-hacking, bug-bounty09-Mar-2025
Penetration Testing: Hacking for Security — The Beginner’s Guidehttps://medium.com/@shoaibbinrashid11/penetration-testing-hacking-for-security-the-beginners-guide-2183261f8d29?source=rss------bug_bounty-5Shoaib Bin Rashidcybersecurity, penetration-testing, ethical-hacking, bug-bounty, pentesting09-Mar-2025
“Oops, I Can See Everything!”: A Funny Tale of Broken Access Controlhttps://medium.com/@bevennyamande/oops-i-can-see-everything-a-funny-tale-of-broken-access-control-9089586d5a86?source=rss------bug_bounty-50xbevenbug-bounty-writeup, bug-bounty, bug-bounty-tips09-Mar-2025
Penetration Testing: Ethical Hacking Er Shundor Duniyahttps://medium.com/@shoaibbinrashid11/penetration-testing-ethical-hacking-er-shundor-duniya-a0335e4e901f?source=rss------bug_bounty-5Shoaib Bin Rashidbug-bounty, pentesting, web-security, cybersecurity, penetration-testing09-Mar-2025
SQL Injectionhttps://medium.com/@julius.grosserode.19/sql-injection-97a239647ac7?source=rss------bug_bounty-5Juliosqli, sql-injection, sql, error-based-sql-injection, bug-bounty09-Mar-2025
Stored XSS on a HackerOne Private Bug Bounty Programhttps://medium.com/@mohaned0101/stored-xss-on-a-hackerone-private-bug-bounty-program-997d5d4a104a?source=rss------bug_bounty-5mohaned alkhlotxss-vulnerability, bug-bounty, bug-bounty-tips, xss-attack09-Mar-2025
The 5 Phases of Penetration Testing: A Complete Guidehttps://medium.com/@shoaibbinrashid11/the-5-phases-of-penetration-testing-a-complete-guide-e6a50572262c?source=rss------bug_bounty-5Shoaib Bin Rashidpenetration-testing, web-security, pentesting, bug-bounty09-Mar-2025
Bug Hunting Recon Guide: Find Hidden Vulnerabilities Like a Prohttps://osintteam.blog/bug-hunting-recon-guide-find-hidden-vulnerabilities-like-a-pro-353accfe65c4?source=rss------bug_bounty-5Monika sharmabug-bounty-tips, hacking, technology, penetration-testing, bug-bounty09-Mar-2025
From Remote Code Execution to Data Base Pwnagehttps://medium.com/@pandurangisuprit/from-remote-code-execution-to-data-base-pwnage-63404905e044?source=rss------bug_bounty-5Suprit Pandurangirce, vulnerability, critical-thinking, remote-code-execution, bug-bounty09-Mar-2025
Exposing PII and SSNs through Persistent Session Tokens — $15,000 Bug Bountyhttps://medium.com/@moblig/exposing-pii-and-ssns-through-persistent-session-tokens-15-000-bug-bounty-293ab06c1606?source=rss------bug_bounty-5Mobligbug-bounty, leaked, cybersecurity, research09-Mar-2025
How i Find IDOR lead to account takeoverhttps://yazeedeliwah.medium.com/how-i-find-idor-lead-to-account-takeover-de762cc1e101?source=rss------bug_bounty-5black_virusrecon, cybersecurity, hacking, idor, bug-bounty09-Mar-2025
$2,162 Bounty: Exploiting VGA Deadlock in Xen Hypervisor for Maximum Impacthttps://cyberw1ng.medium.com/2-162-bounty-exploiting-vga-deadlock-in-xen-hypervisor-for-maximum-impact-2a98238ac0dd?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, technology, bug-bounty, careers, programming09-Mar-2025
$2,162 Bounty: Exploiting VGA Deadlock in Xen Hypervisor for Maximum Impacthttps://osintteam.blog/2-162-bounty-exploiting-vga-deadlock-in-xen-hypervisor-for-maximum-impact-2a98238ac0dd?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, technology, bug-bounty, careers, programming09-Mar-2025
Exploiting Mass Assignment to ATOhttps://medium.com/@GERRR4Y/exploiting-mass-assignment-to-ato-ab0c1aadc2de?source=rss------bug_bounty-5Aya Ayman(GERR4Y)penetration-testing, bug-bounty08-Mar-2025
CORS Misconfiguration vs. CSRF: Battle of the Web Villains!https://medium.com/@shadyfarouk1986/cors-misconfiguration-vs-csrf-battle-of-the-web-villains-6743cb0ed08b?source=rss------bug_bounty-5Shady Faroukbug-bounty-tips, bug-bounty, bounty-program, bug-bounty-writeup08-Mar-2025
Why Custom Linux & Python Tools in Bug Bounty Beat Traditional Tools!https://medium.com/@shadyfarouk1986/why-custom-linux-python-tools-in-bug-bounty-beat-traditional-tools-db2092a8cf9c?source=rss------bug_bounty-5Shady Faroukbug-bounty-tips, bug-bounty-writeup, bug-bounty, pentesting08-Mar-2025
Deep Recon Methodology for Bug Bounty Hunters | Part-1https://medium.com/@Abhijeet_kumawat_/deep-recon-methodology-for-bug-bounty-hunters-part-1-724fa4d6324c?source=rss------bug_bounty-5Abhijeet Kumawatrecon, cybersecurtiy, bug-bounty, hacking, infosec08-Mar-2025
LostFuzzer: Passive URL Fuzzing & Nuclei DAST for Bug Huntershttps://infosecwriteups.com/lostfuzzer-passive-url-fuzzing-nuclei-dast-for-bug-hunters-a33501b9563b?source=rss------bug_bounty-5coffinxpautomation, penetration-testing, bug-bounty-tips, technology, bug-bounty08-Mar-2025
Find apex domains that are related to your bug bounty target (part 2)https://infosecwriteups.com/find-apex-domains-that-are-related-to-your-bug-bounty-target-part-2-e60644fd3cf8?source=rss------bug_bounty-5loyalonlytodayethical-hacking, cybersecurity, apex, bug-bounty, tips08-Mar-2025
Installing Burp Suite Certificate & Frida Setup for Android Penetrationhttps://cybersecuritywriteups.com/installing-burp-suite-certificate-frida-setup-for-android-penetration-b242f5c8a0a9?source=rss------bug_bounty-5Abdul Rehman Parkarbug-bounty, cybersecurity, android-pentesting, burpsuite, ethical-hacking08-Mar-2025
My First IDOR in Hindustan Timeshttps://medium.com/@ShreyasMahajann/my-first-idor-in-hindustan-times-0f93ab372de6?source=rss------bug_bounty-5Shreyas Mahajanpenetration-testing, bug-bounty, security, cybersecurity08-Mar-2025
How a Minor Rounding Error Cost a DeFi Protocol Millionshttps://securrtech.medium.com/how-a-minor-rounding-error-cost-a-defi-protocol-millions-5fedcf2b148d?source=rss------bug_bounty-5Securr - Web3 Securitysmart-contract-auditing, smart-contract-security, web3-security, blockchain-security, bug-bounty08-Mar-2025
Installing Burp Suite Certificate & Frida Setup for Android Penetration testinghttps://cybersecuritywriteups.com/installing-burp-suite-certificate-frida-setup-for-android-penetration-b242f5c8a0a9?source=rss------bug_bounty-5Abdul Rehman Parkarbug-bounty, cybersecurity, android-pentesting, burpsuite, ethical-hacking08-Mar-2025
From Zero to $8k: How I Stumbled Into a Critical Bug (And You Can Too!https://krishna-cyber.medium.com/from-zero-to-8k-how-i-stumbled-into-a-critical-bug-and-you-can-too-f5cb37832b8d?source=rss------bug_bounty-5Krish_cyberhacking, bugs, bug-bounty, osint, infosec-write-ups08-Mar-2025
The Hidden Danger: Sensitive Information Leakage via Log Files!https://cybersecuritywriteups.com/the-hidden-danger-sensitive-information-leakage-via-log-files-6244175b26be?source=rss------bug_bounty-5Krish_cyberbug-bounty, cybersecurity, programming, bug-bounty-writeup, infosec-write-ups08-Mar-2025
Article 1: Setting up Android Studio -the foundation for Android pentestinghttps://medium.com/@itsboyy0007/article-1-setting-up-android-studio-the-foundation-for-android-pentesting-de86726f486a?source=rss------bug_bounty-5Deepak Parkashbug-bounty, hacking, android, appsec, cybersecurity08-Mar-2025
Mr. Robot TryhackMehttps://medium.com/@mr.tripathy/mr-robot-tryhackme-5afa3435b75f?source=rss------bug_bounty-5Madhab Tripathybug-bounty, penetration-testing, red-team, tryhackme-walkthrough, tryhackme08-Mar-2025
How I Found Clickjacking in a Public Programhttps://medium.com/@slash0x01/how-i-found-clickjacking-in-a-public-program-9581aa6bab1f?source=rss------bug_bounty-5Slash0x01penetration-testing, bug-bounty, cybersecurity, bug-bounty-tips, bug-bounty-writeup08-Mar-2025
5 Exploitation Techniques to Exploit HTTP Parameter Pollution (HPP) in Web Applicationshttps://bitpanic.medium.com/5-exploitation-techniques-to-exploit-http-parameter-pollution-hpp-in-web-applications-ead3710f96ac?source=rss------bug_bounty-5Spectat0rguycybersecurity, bug-bounty, ai-generated-content, programming, technology08-Mar-2025
Mastering Shodan Search Engine Dorks: A Comprehensive Guide for Security Researchershttps://infosecwriteups.com/mastering-shodan-search-engine-dorks-a-comprehensive-guide-for-security-researchers-0e70e4e628cb?source=rss------bug_bounty-5Ajay Naiksearch-engines, information-technology, penetration-testing, cybersecurity, bug-bounty08-Mar-2025
Uncovering a critical bug : Zero-click ATOhttps://infosecwriteups.com/uncovering-a-critical-bug-zero-click-ato-cbec5eb33ccf?source=rss------bug_bounty-5JEETPALaccount-takeover, bugbounty-writeup, cybersecurity, bugbounty-tips, bug-bounty08-Mar-2025
Article 1: Setting up Android Studio -the foundation for Android pentestinghttps://medium.com/@fancybearIN/article-1-setting-up-android-studio-the-foundation-for-android-pentesting-de86726f486a?source=rss------bug_bounty-5Deepak Parkashbug-bounty, hacking, android, appsec, cybersecurity08-Mar-2025
The Secret to Choosing Targets That Actually Have Vulnerabilities : Bug Bounty Restart Phase 2https://omarora1603.medium.com/the-secret-to-choosing-targets-that-actually-have-vulnerabilities-bug-bounty-restart-phase-2-3af718bc89bc?source=rss------bug_bounty-5Om Arorabug-bounty, bug-bounty-tips, programming, technology, cybersecurity08-Mar-2025
Static Application Security Testing (SAST) for Xamarin Android Applicationshttps://medium.com/@k3r0/static-application-security-testing-sast-for-xamarin-android-applications-14b1bff84d14?source=rss------bug_bounty-5Kyrillos nadybug-bounty, red-team, xamarin, android, pentesting08-Mar-2025
Bypassing Authentication Like a Pro: Advanced Exploitation Techniqueshttps://javroot.medium.com/bypassing-authentication-like-a-pro-advanced-exploitation-techniques-a0a6463e4179?source=rss------bug_bounty-5Javrootcybersecurity, web-development, bug-bounty, bug-bounty-tips, infosec08-Mar-2025
Automating Information Gathering for Bug Bounty Huntershttps://cyberw1ng.medium.com/automating-information-gathering-for-bug-bounty-hunters-161f23dad2ae?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, automation, bug-bounty, cybersecurity, careers08-Mar-2025
The Secret to Choosing Targets That Actually Have Vulnerabilities : Bug Bounty Restart Phase 2https://infosecwriteups.com/the-secret-to-choosing-targets-that-actually-have-vulnerabilities-bug-bounty-restart-phase-2-3af718bc89bc?source=rss------bug_bounty-5Om Arorabug-bounty, bug-bounty-tips, programming, technology, cybersecurity08-Mar-2025
This tool helped me to find IDORhttps://medium.com/@canonminibeast/this-tool-helped-me-to-find-idor-c87a9c1a04f3?source=rss------bug_bounty-5Canonminibeastbugbout, bug-bounty, website08-Mar-2025
This tool helped me to find IDORhttps://medium.com/@canonminibeast/this-tool-helped-me-to-find-idor-c1897eee1b2d?source=rss------bug_bounty-5Canonminibeastbug-bounty, idor-vulnerability, hacking, cybersecurity, hacker08-Mar-2025
Automating Information Gathering for Bug Bounty Huntershttps://osintteam.blog/automating-information-gathering-for-bug-bounty-hunters-161f23dad2ae?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, automation, bug-bounty, cybersecurity, careers08-Mar-2025
I Found Exposing API Keys and Tokens in a Private Programhttps://medium.com/@Abhijeet_kumawat_/i-found-exposing-api-keys-and-tokens-in-a-private-program-1d02ef9e49d0?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, money, cybersecurity, infosec, hacking07-Mar-2025
I hacked space x and rewarded 2500$ Bypassing Full Payment to Regain Internet Accesshttps://bytesnull44.medium.com/i-hacked-space-x-and-rewarded-2500-bypassing-full-payment-to-regain-internet-access-bd6120483a06?source=rss------bug_bounty-5Bytesnullhacking, bug-bounty, bugcrowd, cybersecurity, hackerone07-Mar-2025
The Art of SSTI: From Detection to Dominationhttps://zeusvuln.medium.com/the-art-of-ssti-from-detection-to-domination-f5fdd2411439?source=rss------bug_bounty-5ZeUsVuLnbug-bounty-tips, bug-bounty-writeup, ssti, bug-bounty, cybersecurity07-Mar-2025
Anonymous access on SMB [Ejpt exam notes]https://medium.com/@hrofficial62/anonymous-access-on-smb-ejpt-exam-notes-b898d6f508fc?source=rss------bug_bounty-5Mr Horbiopentesting, ethical-hacking, cybersecurity, hacking, bug-bounty07-Mar-2025
Understanding DDoS Attacks: A Threat to Online Serviceshttps://medium.com/@HexaGaurd/understanding-ddos-attacks-a-threat-to-online-services-a837e459a311?source=rss------bug_bounty-5HexaGaurdcybersecurity, ddos, ddos-attack, bug-bounty, hexagaurd07-Mar-2025
I Found Exposing API Keys and Tokens in a Private Programhttps://cybersecuritywriteups.com/i-found-exposing-api-keys-and-tokens-in-a-private-program-1d02ef9e49d0?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, money, cybersecurity, infosec, hacking07-Mar-2025
How I Could Pre-Take Over Accounts on Target.com with a Simple Trick!https://medium.com/@jeetpal2007/how-i-could-pre-take-over-accounts-on-target-com-with-a-simple-trick-503599009f3c?source=rss------bug_bounty-5JEETPALcybersecurity, bug-bounty-tips, email-verification, bug-bounty, bugbounty-writeup07-Mar-2025
Bug Hunting: From Recon to Reportinghttps://osintteam.blog/bug-hunting-from-recon-to-reporting-3ad44ffd94dc?source=rss------bug_bounty-5Monika sharmabug-bounty, penetration-testing, bug-bounty-tips, technology, hacking07-Mar-2025
How to Run Tp-Link AC600(Archer T2U Plus) in Kali , and solve error.https://medium.com/@anandrishav2228/how-to-run-tp-link-ac600-archer-t2u-plus-in-kali-and-solve-error-8758c281cb8d?source=rss------bug_bounty-5Rishav anandaircrack-ng, bug-bounty, cybersecurity, tp-link, wifi07-Mar-2025
⚔️ Cyber Storm: Navigating the Digital Battlefield ⚔️https://osintteam.blog/%EF%B8%8F-cyber-storm-navigating-the-digital-battlefield-%EF%B8%8F-8cc433ce7687?source=rss------bug_bounty-5Krish_cyberjavascript, programming, technology, bug-bounty, cybersecurity07-Mar-2025
How a Hacker Mindset Can Save Your Business from Catastrophic Cyberattackshttps://medium.com/@hackrate/how-a-hacker-mindset-can-save-your-business-from-catastrophic-cyberattacks-fbaf484fc496?source=rss------bug_bounty-5Levente Molnarbug-bounty, bug-bounty-tips, penetration-testing, ethical-hacking, cybersecurity07-Mar-2025
Wayback Machine for Bug Bounty Huntinghttps://medium.com/@thexnumb/wayback-machine-for-bug-bounty-hunting-74802a454769?source=rss------bug_bounty-5Thexnumbwayback-machine, reconnaissance, bug-bounty, infosec, penetration-testing07-Mar-2025
Secret Bug Bounty Tips: $10K Dailyhttps://medium.com/@ibtissamhammadi/secret-bug-bounty-tips-10k-daily-5951273f0c29?source=rss------bug_bounty-5Ibtissam Hammadibug-bounty-program, bug-bounty-hunter, bug-bounty, cybersecurity, bug-bounty-tips07-Mar-2025
Uncovering an Account Linking Vulnerability: Persistent Unauthorized Access Without User Awarenesshttps://medium.com/@patidarbhuwan44/uncovering-an-account-linking-vulnerability-persistent-unauthorized-access-without-user-awareness-70141b5ccd2c?source=rss------bug_bounty-5Bhuwan Patidarvulnerability-disclosure, cybersecurity, bug-bounty, web-security, hacking07-Mar-2025
How to Find Vulnerabilities for Bug Hunting ️‍♂️https://medium.com/@vipulsonule71/how-to-find-vulnerabilities-for-bug-hunting-%EF%B8%8F-%EF%B8%8F-050e3a67e40e?source=rss------bug_bounty-5Vipul Sonuleai, cybersecurity, technology, bug-bounty, hacking07-Mar-2025
The Ultimate 2025 Guide to Securing a Job in Red Teaming ‍.https://medium.com/@anandrishav2228/the-ultimate-2025-guide-to-securing-a-job-in-red-teaming-6a1ef6edf1b8?source=rss------bug_bounty-5Rishav anandred-team, bug-bounty, money, hacking, cybersecurity07-Mar-2025
WordPress Misconfiguration Lead to User Files Disclosure ($$$)https://wahaz.medium.com/wordpress-misconfiguration-lead-to-user-files-disclosure-a7cbdce11df0?source=rss------bug_bounty-5Rizaldi Wahazcybersecurity, wordpress, penetration-testing, hacker, bug-bounty07-Mar-2025
Ethically Hacking a Mail Server: Finding Open Relays & Sending Phishing Emailshttps://medium.com/@dharineeshj2/ethically-hacking-a-mail-server-finding-open-relays-sending-phishing-emails-235ced92f076?source=rss------bug_bounty-5Hack-Batcybersecurity, pentesting, hacking, bug-bounty, black-hat-hacker07-Mar-2025
How To Start Bug Hunting in 2025https://medium.com/@anonyhelps.su/how-to-start-bug-hunting-in-2025-58c0c4dc1e9c?source=rss------bug_bounty-5Anonyhelps Suhacking, bug-bounty, hacking-training, earnings, cybersecurity07-Mar-2025
Email Disclosure via .git Config in project: $500 Bounty Bughttps://medium.com/@a13h1/email-disclosure-via-git-config-in-project-500-bounty-bug-ee057ca12e6f?source=rss------bug_bounty-5Abhi Sharmapenetration-testing, information-disclosure, bug-bounty, information-security, cybersecurity07-Mar-2025
Listen to my Podcast Guest Appearancehttps://medium.com/@hacktheplanet/listen-to-my-podcast-guest-appearance-493bd31a5103?source=rss------bug_bounty-5SirHaxAlottor, sirhaxalot, bug-bounty, darkweb, hacking07-Mar-2025
XSS IN OPERA-MINIhttps://davidferreira101.medium.com/xss-in-opera-mini-e0c2dd6b60c6?source=rss------bug_bounty-5David Ferreiracybersecurity, pentesting, bug-bounty07-Mar-2025
Finding Funded TRON Wallets: Is It Possible?https://medium.com/meetcyber/finding-funded-tron-wallets-is-it-possible-8e36f68f7448?source=rss------bug_bounty-5Erkan Kavasreconnaissance, trx, tron, bug-bounty, blockchain07-Mar-2025
Hunting PII Exposures — A Bug Bounty Perspectivehttps://medium.com/@blify/hunting-pii-exposures-a-bug-bounty-perspective-79212c65ab10?source=rss------bug_bounty-5Blifyinformation-security, bug-bounty, bug-bounty-tips, cybersecurity07-Mar-2025
CSPT: Your way to XSS & CSRF in Modern Appshttps://medium.com/@68abdelrahmanmohamed/cspt-your-way-to-xss-csrf-in-modern-apps-59260c8ad19a?source=rss------bug_bounty-5Abdulrahmanweb-penetration-testing, bug-bounty, penetration-testing07-Mar-2025
ZeroClick Account Takeover : A Four-Bug Chain Exploithttps://medium.com/@Cr40/zeroclick-account-takeover-a-four-bug-chain-exploit-115ce0f6fc23?source=rss------bug_bounty-5Asimbug-bounty, account-takeover, cybersecurity, penetration-testing, bug-bounty-writeup07-Mar-2025
OTP Bypass Bug in Public Bug Bounty Programhttps://infosecwriteups.com/otp-bypass-bug-in-public-bug-bounty-program-5554eafc18ab?source=rss------bug_bounty-5It4chis3cbug-bounty, otp-bypass, otp-verification, secrets, responsible-disclosure07-Mar-2025
8 Automated Methods to Discover API Keys Across Websites and API Requestshttps://cyberw1ng.medium.com/8-automated-methods-to-discover-api-keys-across-websites-and-api-requests-08d547cdbb80?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, programming, bug-bounty, automation07-Mar-2025
Day 23: Account Takeover via Response Manipulationhttps://medium.com/@danielbelay/day-23-account-takeover-via-response-manipulation-90a1fe62dd8e?source=rss------bug_bounty-5dani3lcybersecurity, bug-bounty, ethical-hacking, account-takeover-attacks07-Mar-2025
Exposed Files: The Gift That Keeps on Givinghttps://medium.com/@mahad.ahmed0x1/exposed-files-the-gift-that-keeps-on-giving-d0394df80f12?source=rss------bug_bounty-5404NotPentestedcoding, devops, web-development, cybersecurity, bug-bounty06-Mar-2025
Stored xss using PDF a bug?https://medium.com/@dsmodi484/stored-xss-using-pdf-a-bug-0690125015bb?source=rss------bug_bounty-5cryptoshantbug-bounty, lenovo, cybersecurity, pdf, hacking06-Mar-2025
How to Find Your First Bug ️‍♂️https://medium.com/@vipulsonule71/how-to-find-your-first-bug-%EF%B8%8F-%EF%B8%8F-d6a0b0ef40b3?source=rss------bug_bounty-5Vipul Sonuleai, cybersecurity, penetration-testing, bug-bounty, hacking06-Mar-2025
How To Find Low-Hanging Bugs?https://cybersecuritywriteups.com/how-to-find-low-hanging-bugs-6e8b3eb8b3ca?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, money, bug-bounty, cybersecurity, hacking06-Mar-2025
My First Bug Bounty Win: How I Found and Reported a Security Vulnerabilityhttps://heinhtetagg.medium.com/my-first-bug-bounty-win-how-i-found-and-reported-a-security-vulnerability-c41fdfd717c2?source=rss------bug_bounty-5Hein Htet Aungbug-bounty, bug-bounty-writeup06-Mar-2025
CORS Exploitation Walkthrough | Bypass & Exploit Misconfigured CORS | Ethical Hacking Tutorialhttps://medium.com/@spector-sec/cors-exploitation-walkthrough-bypass-exploit-misconfigured-cors-ethical-hacking-tutorial-db15994788d3?source=rss------bug_bounty-5spector-seccors, bug-bounty, penetration-testing, info-sec-writeups, cybersecurity06-Mar-2025
Use this unique way to find broken link hijacking bugs.https://infosecwriteups.com/use-this-unique-way-to-find-broken-link-hijacking-bugs-3081878839d4?source=rss------bug_bounty-5loyalonlytodaybroken-link, cybersecurity, penetration-testing, ethical-hacking, bug-bounty06-Mar-2025
Finding the origin IP part 2https://infosecwriteups.com/finding-the-origin-ip-part-2-c96d7488c40e?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, tips, cybersecurity, programming, bug-bounty06-Mar-2025
How I Earned $4,000+ in My First Six Months of Bug Bounty Huntinghttps://medium.com/@nchaitreddyutilities/how-i-earned-4-000-in-my-first-six-months-of-bug-bounty-hunting-e969144a368a?source=rss------bug_bounty-5Chaitanya Reddybug-bounty-tips, bug-bounty-writeup, bug-bounty, cybersecurity06-Mar-2025
Is Bug Bounty Still a Good Career in 2025?https://medium.com/@HackerNasr/is-bug-bounty-still-a-good-career-in-2025-d5ef726b07f6?source=rss------bug_bounty-5HackerNasrpentesting, bug-bounty-tips, hacking, bug-bounty, ethical-hacking06-Mar-2025
Invite Me Once, I Own Your Account!” (HINDI + ENGLISH)https://medium.com/@ajay.kumar.695632/invite-me-once-i-own-your-account-hindi-english-b27cb72fe64a?source=rss------bug_bounty-5Ajay Kumarbugs, bug-bounty-tips, bug-bounty, bug-bounty-writeup06-Mar-2025
First Italians on Ferrari’s Hall of Fame: Our Experience with the Bug Bounty Programhttps://medium.com/@br3ss/first-italians-on-ferraris-hall-of-fame-our-experience-with-the-bug-bounty-program-5c101dba71c6?source=rss------bug_bounty-5Br3ssbug-bounty, ferrari, security, cybersecurity, seo06-Mar-2025
Never Underestimate Any Error. This is why I Got Appreciation Letter from Drexel University CISOhttps://hiddendom.medium.com/never-underestimate-any-error-this-is-why-i-got-appreciation-letter-from-drexel-university-ciso-ba37a6bad077?source=rss------bug_bounty-5Gokuleswaran Bbug-bounty-tips, bug-bounty-writeup, bug-bounty, bugs, penetration-testing06-Mar-2025
How Recon → SQLi Made €€€€ Bountyhttps://medium.com/@iski/how-recon-sqli-made-bounty-425fc0fa2e92?source=rss------bug_bounty-5Iskip1-bug, sql, cybersecurity, bug-bounty, bug-bounty-tips06-Mar-2025
A list of automated recon toolshttps://cybersecuritywriteups.com/a-list-of-automated-recon-tools-f0d034429532?source=rss------bug_bounty-5loyalonlytodaybug-bounty, recon, tips, penetration-testing, cybersecurity06-Mar-2025
Easy Account Takeover Using OTP Bypasshttps://medium.com/@dharineeshj2/easy-account-takeover-using-otp-bypass-4de2079fb9b1?source=rss------bug_bounty-5Hack-Batbug-bounty, hacking, vulnerability, cybersecurity06-Mar-2025
Enhancing Bug Bounty Hunting and Web App Pentesting with mitmproxy and Burp suitehttps://medium.com/@MutexSec/enhancing-bug-bounty-hunting-and-web-app-pentesting-with-mitmproxy-and-burp-suite-1d6d0f381bd0?source=rss------bug_bounty-5Exhaustedmutexred-team, penetration-testing, proxy, bug-bounty, burpsuite06-Mar-2025
Mastering 403 Forbidden Bypass Techniques ✨https://cybersecuritywriteups.com/mastering-403-forbidden-bypass-techniques-2ab393f1c77f?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, money, hacking, cybersecurity, infosec06-Mar-2025
How to Find SQL Injection ️‍♂️https://medium.com/@vipulsonule71/how-to-find-sql-injection-%EF%B8%8F-%EF%B8%8F-c5e2113ef263?source=rss------bug_bounty-5Vipul Sonulehacking, ai, cybersecurity, bug-bounty, penetration-testing06-Mar-2025
How I Ethically Hacked a Government Portal: SQL Injection in a Gov. Portalhttps://myselfakash20.medium.com/how-i-ethically-hacked-a-government-portal-sql-injection-in-a-gov-portal-9682869e5999?source=rss------bug_bounty-5Akash Ghoshbug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty, ethical-hacking06-Mar-2025
Understanding Race Conditions in Web Applicationshttps://medium.com/@shoaibbinrashid11/understanding-race-conditions-in-web-applications-9cc7c5984471?source=rss------bug_bounty-5Shoaib Bin Rashidweb-security, penetration-testing, bug-bounty, race-condition06-Mar-2025
How I Found My First CVE – A Beginner’s Guidehttps://abhinav-porwal.medium.com/how-i-found-my-first-cve-a-beginners-guide-3cf2b56b37f0?source=rss------bug_bounty-5Abhinav Porwalcybersecurity, bug-bounty, bug-bounty-tips, information-security, hacking06-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-116)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-116-a9a65ad7f24f?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips, hacking06-Mar-2025
The art of hunting logical bugs: Exploiting business logic in modern appshttps://infosecwriteups.com/the-art-of-hunting-logical-bugs-exploiting-business-logic-in-modern-apps-a374c3650b90?source=rss------bug_bounty-5Vivek PSprogramming, cybersecurity, bug-bounty, ethical-hacking06-Mar-2025
Bug Bounty: How a Race Condition Led to Application-Level DoShttps://medium.com/@Bug_Slay3r/bug-bounty-how-a-race-condition-led-to-application-level-dos-76458ae57e9d?source=rss------bug_bounty-5Shrujal Mandawkarbug-bounty, bug-bounty-tips, race-condition, bug-bounty-writeup, bugs06-Mar-2025
“Unlock Bug Bounty Rewards by Hunting Exposed debug.loghttps://krishna-cyber.medium.com/unlock-bug-bounty-rewards-by-hunting-exposed-debug-log-0d50382a64d1?source=rss------bug_bounty-5Krish_cyberbug-bounty-tips, bug-bounty, osint, programming, infosec-write-ups6-Mar-2025
✨ Cyber Guardians Unleashed: The Dynamic Duo of SOC & SIEM ✨https://krishna-cyber.medium.com/cyber-guardians-unleashed-the-dynamic-duo-of-soc-siem-80e3ccdc4c62?source=rss------bug_bounty-5Krish_cybertechnology, javascript, cybersecurity, bug-bounty, programming6-Mar-2025
Information Disclosure: AWS Sensitive API Key Leakagehttps://cyberw1ng.medium.com/information-disclosure-aws-sensitive-api-key-leakage-0b60d3af5109?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, programming, careers, cybersecurity, cloud06-Mar-2025
How I Discovered a Stored XSS Vulnerability in JS Fileshttps://cybersecuritywriteups.com/how-i-discovered-a-stored-xss-vulnerability-in-js-files-7b527d2c8962?source=rss------bug_bounty-5Krish_cyberprogramming, bug-bounty, xss-attack, cybersecurity, bug-bounty-tips06-Mar-2025
Information Disclosure: AWS Sensitive API Key Leakagehttps://osintteam.blog/information-disclosure-aws-sensitive-api-key-leakage-0b60d3af5109?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, programming, careers, cybersecurity, cloud06-Mar-2025
How I Ethically Hacked a Government Portal: SQL Injection in a Gov. Portalhttps://infosecwriteups.com/how-i-ethically-hacked-a-government-portal-sql-injection-in-a-gov-portal-9682869e5999?source=rss------bug_bounty-5Akash Ghoshcybersecurity, bug-bounty-tips, bug-bounty, ethical-hacking, technology06-Mar-2025
How I Found Sensitive Information using Github Dorks in Bug Bounties — Part 1https://mukibas37.medium.com/how-i-found-sensitive-information-using-github-dorks-in-bug-bounties-part-1-09c9465fa902?source=rss------bug_bounty-5Mukilan Baskaranethical-hacking, github-recon, cybersecurity, infosec, bug-bounty05-Mar-2025
One Program, Three Takeovers — A Deep Dive into Subdomain Hijacking!https://medium.com/@AhmedSamy-X/one-program-three-takeovers-a-deep-dive-into-subdomain-hijacking-a97405601a14?source=rss------bug_bounty-5Ahmedsamypenetration-testing, cybersecurity, bug-bounty, subdomain-takeover05-Mar-2025
Cracking the Shield: Advanced WAF Bypass Techniques That Still Work in 2025https://myselfakash20.medium.com/cracking-the-shield-advanced-waf-bypass-techniques-that-still-work-in-2025-814cee616ccf?source=rss------bug_bounty-5Akash Ghoshcybersecurity, bug-bounty-tips, bug-bounty, technology, bug-bounty-writeup05-Mar-2025
Understanding AES-256 Encryption: The Ultimate Security Standardhttps://medium.com/@viveksheela1707/understanding-aes-256-encryption-the-ultimate-security-standard-3535a5a8128a?source=rss------bug_bounty-5Vivek Sheelauser-testing, security, security-systems, technology, bug-bounty05-Mar-2025
$150 Easy HTML Injection Vulnerabilityhttps://medium.com/@Abhijeet_kumawat_/150-easy-html-injection-vulnerability-08de8584001d?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, infosec, cybersecurity, money, hacking05-Mar-2025
Finding jwt tokens that lead to PII data leakage.https://infosecwriteups.com/finding-jwt-tokens-that-lead-to-pii-data-leakage-b047d45d97bf?source=rss------bug_bounty-5loyalonlytodaycybersecurity, programming, bug-bounty, bug-bounty-tips, ethical-hacking05-Mar-2025
Able to create an account without a phone number. (unique bug)https://infosecwriteups.com/able-to-create-an-account-without-a-phone-number-unique-bug-1fe2d14b9d54?source=rss------bug_bounty-5loyalonlytodaytips, bug-bounty-tips, ethical-hacking, cybersecurity, bug-bounty05-Mar-2025
Find new apex domains that are related to your bug bounty target.https://infosecwriteups.com/find-new-apex-domains-that-are-related-to-your-bug-bounty-target-a05fdcbf5875?source=rss------bug_bounty-5loyalonlytodaytips, penetration-testing, bug-bounty, cybersecurity, programming05-Mar-2025
2025 OWASP Vulnerabilities Complete Guide for Security Testerhttps://infosecwriteups.com/2025-owasp-vulnerabilities-complete-guide-for-security-tester-8b20f754bee4?source=rss------bug_bounty-5Ajay Naikinformation-security, penetration-testing, owasp, owasp-top-10, bug-bounty05-Mar-2025
The Curious Case of an Insecure Password Reset Flawhttps://sapienshack.medium.com/the-curious-case-of-an-insecure-password-reset-flaw-135000e4a462?source=rss------bug_bounty-5Sapienshackpentesting, penetration-testing, bug-bounty, application-security, bug-bounty-writeup05-Mar-2025
Cybersecurity Update: Major Attacks and Trendshttps://medium.com/@sivaprakash4112/cybersecurity-update-major-attacks-and-trends-981a2c4e12b0?source=rss------bug_bounty-5Sivaprakash Sivakumarcybersecurity, bug-bounty, news, cyberattack, cryptocurrency05-Mar-2025
Cache Deception Attack help you make a good Bounty.(0–1)https://medium.com/@anandrishav2228/cache-deception-attack-help-you-make-a-good-bounty-0-1-3030c21fa3e6?source=rss------bug_bounty-5Rishav anandhacking, bug-bounty, cybersecurity, cache, money05-Mar-2025
XSS :- When, Where, and How to Strike in Web and Mobile Apps! and make $$$ Easilyhttps://medium.com/@anandrishav2228/xss-when-where-and-how-to-strike-in-web-and-mobile-apps-and-make-easily-b41c2f1e73f6?source=rss------bug_bounty-5Rishav anandhacking, money, xss-attack, bug-bounty, cybersecurity05-Mar-2025
Command Injection: The Ultimate Guide to Exploiting and Preventing OS Command Executionhttps://medium.com/@verylazytech/command-injection-the-ultimate-guide-to-exploiting-and-preventing-os-command-execution-85b74f519fce?source=rss------bug_bounty-5Very Lazy Techbug-bounty, injection-payloads, prevent-injection, command-injection, os-injection05-Mar-2025
$50-$100 worth Sensitive Leaks via Google Dorks | Part 2https://infosecwriteups.com/50-100-worth-sensitive-leaks-via-google-dorks-part-2-868f4b1e7919?source=rss------bug_bounty-5It4chis3cgoogle, secrets, bug-bounty, google-hacking, google-dork05-Mar-2025
How i Bypass 403 and earn bounty $$$$https://medium.com/@anandrishav2228/how-i-bypass-403-and-earn-bounty-faddabb4b497?source=rss------bug_bounty-5Rishav anandservers, cybersecurity, money, bug-bounty, hacking05-Mar-2025
Critical IDOR Vulnerability in Order Tracking System Exposes Customer Datahttps://jxycybersec.medium.com/critical-idor-vulnerability-in-order-tracking-system-exposes-customer-data-a9dbae34d329?source=rss------bug_bounty-5Digvijay Gholasebug-bounty-tips, bug-bounty, information-security, cybersecurity, bug-bounty-writeup05-Mar-2025
100 Kali Linux Commands for Penetration Testinghttps://medium.com/@kanastain1/100-kali-linux-commands-for-penetration-testing-bf578c53b5b6?source=rss------bug_bounty-5Kanastainpenetration-testing, cybersecurity, bug-bounty, pentest05-Mar-2025
How to Become a Bug Bounty Hunter ️‍♂️https://medium.com/@vipulsonule71/how-to-become-a-bug-bounty-hunter-%EF%B8%8F-%EF%B8%8F-daac7a6a4f16?source=rss------bug_bounty-5Vipul Sonulehacking, cybersecurity, bug-bounty-tips, penetration-testing, bug-bounty05-Mar-2025
Cracking the Code: Unveiling the Hidden Dangers of Account Takeoverhttps://osintteam.blog/cracking-the-code-unveiling-the-hidden-dangers-of-account-takeover-487fb5407c2c?source=rss------bug_bounty-5Krish_cyberbug-bounty-tips, infosec-write-ups, bug-bounty, account-takeover, bug-bounty-writeup05-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-115)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-115-35780b6d6fe4?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips, hacking05-Mar-2025
How to Run a Bug Bounty Program Without the Overheadhttps://medium.com/@hackrate/how-to-run-a-bug-bounty-program-without-the-overhead-bc12bcd87c56?source=rss------bug_bounty-5Levente Molnarbug-bounty, hacking, bug-bounty-tips, ethical-hacking, cybersecurity05-Mar-2025
How I Hacked NASA and Got a P1 on Bugcrowdhttps://0xjin.medium.com/how-i-hacked-nasa-and-got-a-p1-on-bugcrowd-512541e57eab?source=rss------bug_bounty-50xJinbugbounty-writeup, ethical-hacking, bugbounty-poc, bug-bounty, bugbounty-tips05-Mar-2025
How to find IDORshttps://medium.com/@julius.grosserode.19/how-to-find-idors-595424fe5fce?source=rss------bug_bounty-5Julioidor-vulnerability, idor, owasp-top-10, api, bug-bounty05-Mar-2025
My Bug Bounty Journey: Mistakes I Made and Advice for Beginnershttps://medium.com/@aminouji23/my-bug-bounty-journey-mistakes-i-made-and-advice-for-beginners-6b4d23ba50b3?source=rss------bug_bounty-5Aminoujimethodology, bug-bounty, cybersecurity, mystery05-Mar-2025
How IDOR and Broken Access Control Exposed Private Data and Earned Me $4,000 in 1 Dayhttps://medium.com/@ibtissamhammadi/how-idor-and-broken-access-control-exposed-private-data-and-earned-me-4-000-in-1-day-dd01a07e93e4?source=rss------bug_bounty-5Ibtissam Hammadiidor, bug-bounty, web-application-security, ethical-hacking, broken-access-control05-Mar-2025
BreachSeek - Multi-Agent Automated Penetration Testerhttps://gaya3-r.medium.com/breachseek-multi-agent-automated-penetration-tester-b5fd61dab0a4?source=rss------bug_bounty-5gayatri rbug-bounty-writeup, pentesting, bug-bounty, llm-pentesting05-Mar-2025
Automating Information Gathering in Cloud Environmentshttps://cyberw1ng.medium.com/automating-information-gathering-in-cloud-environments-ee1e56a4f6bd?source=rss------bug_bounty-5Karthikeyan Nagarajautomation, osint, cloud, bug-bounty, cybersecurity05-Mar-2025
The Prefix, The Suffix, and the SQL Injection That Almost Got Awayhttps://clarkvoss.medium.com/the-prefix-the-suffix-and-the-sql-injection-that-almost-got-away-b76376cb74e1?source=rss------bug_bounty-5Clark Vosshacking, cybersecurity, security, hacking-tools, bug-bounty05-Mar-2025
Finding Exposed AWS Buckets Like a Pro! : Bug Bounty Recon [Part-2]https://medium.com/@hrofficial62/finding-exposed-aws-buckets-like-a-pro-bug-bounty-recon-part-2-81012428256f?source=rss------bug_bounty-5Mr Horbiohacking, cybersecurity, pentesting, bug-bounty, ethical-hacking04-Mar-2025
different types of burp suite extensions for bug hunting and penetration testinghttps://osintteam.blog/different-types-of-burp-suite-extensions-for-bug-hunting-and-penetration-testing-ebc80ec14aa7?source=rss------bug_bounty-5loyalonlytodaybug-bounty, penetration-testing, tips, cybersecurity, burpsuite04-Mar-2025
How I Achieved the Hall of Fame on a U.S. Government Websitehttps://medium.com/@Abhijeet_kumawat_/how-i-achieved-the-hall-of-fame-on-a-u-s-government-website-8ff6fbdcf176?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, cybersecurity, infosec, hacking, us-government04-Mar-2025
Why beginners should look for open redirect vulnerabilities: An easy win in ethical hackinghttps://medium.com/@vivekps143/why-beginners-should-look-for-open-redirect-vulnerabilities-an-easy-win-in-ethical-hacking-18fe21cf630d?source=rss------bug_bounty-5Vivek PSprogramming, hacking, cybersecurity, bugbounty-writeup, bug-bounty04-Mar-2025
Rate limit bypass lead to OTP bypass($600)https://bytesnull44.medium.com/rate-limit-bypass-lead-to-otp-bypass-600-f64f39f9e130?source=rss------bug_bounty-5Bytesnullhackerone, bug-bounty, bugcrowd, cybersecurity04-Mar-2025
The Mindset of a Successful Bug Bounty Hunter: Think Like a Hacker, Act Like a Scientisthttps://medium.com/@vivekps143/the-mindset-of-a-successful-bug-bounty-hunter-think-like-a-hacker-act-like-a-scientist-744253e2f091?source=rss------bug_bounty-5Vivek PSartificial-intelligence, bug-bounty, ethical-hacking, programming, cybersecurity04-Mar-2025
Advanced Bug Hunting Techniques: Unearthing Unique Bugs with AI and Exploitshttps://medium.com/@codelinex/advanced-bug-hunting-techniques-unearthing-unique-bugs-with-ai-and-exploits-d404b7aa9c4b?source=rss------bug_bounty-5CodelineX Pvt Ltdbug-bounty, hacking, cybersecurity04-Mar-2025
The Underground Art of Client-Side Bug Hunting: Uncovering Hidden Vulnerabilities in Web…https://medium.com/@codelinex/the-underground-art-of-client-side-bug-hunting-uncovering-hidden-vulnerabilities-in-web-899330fcb6e5?source=rss------bug_bounty-5CodelineX Pvt Ltdcybersecurity, internet, bug-bounty, hacking04-Mar-2025
I hack the online gambling via xss upload (part 2) (3500 USD)https://bytesnull44.medium.com/i-hack-the-online-gambling-via-xss-upload-part-2-3500-usd-18fb7646b506?source=rss------bug_bounty-5Bytesnullcybersecurity, bug-bounty-tips, xss-vulnerability, xss-attack, bug-bounty04-Mar-2025
The Art of WAF Bypass: Advanced Techniques and Strategies for Ethical Hackershttps://medium.com/@codelinex/the-art-of-waf-bypass-advanced-techniques-and-strategies-for-ethical-hackers-d8f05cea0353?source=rss------bug_bounty-5CodelineX Pvt Ltdhacking, cybersecurity, bug-bounty-tips, cyber-security-awareness, bug-bounty04-Mar-2025
️‍♂️ When Google Became My Personal Vulnerability Scanner and helped me to find Exposed…https://hiddendom.medium.com/%EF%B8%8F-%EF%B8%8F-when-google-became-my-personal-vulnerability-scanner-and-helped-me-to-find-exposed-d1d28d24d2ac?source=rss------bug_bounty-5Gokuleswaran Bdorks, bug-bounty-tips, bug-bounty-writeup, vulnerability, bug-bounty04-Mar-2025
I hack the online gambling via xss upload (part 1) 5000 USD)https://bytesnull44.medium.com/i-hack-the-online-gambling-via-xss-upload-part-1-5000-usd-7a27bedd03a5?source=rss------bug_bounty-5Bytesnullhacking, bugbounty-writeup, cybersecurity, bug-bounty04-Mar-2025
Critical IDOR on chat message (1000 USD)https://bytesnull44.medium.com/critical-idor-on-chat-message-1000-usd-e07f3a28730d?source=rss------bug_bounty-5Bytesnullbugbounty-tips, cybersecurity, hacking, bug-bounty04-Mar-2025
Bypassing Client-Side Controlshttps://medium.com/@muhammad4208/bypassing-client-side-controls-6f85c97747d7?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-program, bug-bounty-hunter, bug-bounty, bug-bounty-tips, web-testing4-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-114)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-114-930889caa359?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, ethical-hacking, cybersecurity, hacking, bug-bounty4-Mar-2025
$1500 Blind Sql injection via json bodyhttps://bytesnull44.medium.com/1500-blind-sql-injection-via-json-body-4091bf8b02cc?source=rss------bug_bounty-5Bytesnullvulnerability, infosec, cybersecurity, bug-bounty4-Mar-2025
Day 22: Account Takeover Worth $1000https://medium.com/@danielbelay/day-22-account-takeover-worth-1000-a07ef7dd460f?source=rss------bug_bounty-5dani3lbug-bounty, cybersecurity, account-takeover, ethical-hacking4-Mar-2025
Blind SSRF with Out-of-Band Detectionhttps://medium.com/@codingbolt.in/blind-ssrf-with-out-of-band-detection-0d53e2986a73?source=rss------bug_bounty-5codingboltethical-hacking, ssrf, bug-bounty-tips, bug-bounty, ssrf-attack04-Mar-2025
Advanced Dorking Methodology for Finding Vulnerabilities (Part 2)https://hackersatty.medium.com/advanced-dorking-methodology-for-finding-vulnerabilities-part-2-47a251b245c1?source=rss------bug_bounty-5hackersattymedium, bug-bounty-writeup, bug-bounty-tips, google-dork, bug-bounty04-Mar-2025
Unauthenticated SharePoint File Enumeration and Downloadinghttps://soltanali0.medium.com/unauthenticated-sharepoint-file-enumeration-and-downloading-a39ecc07e688?source=rss------bug_bounty-5soltanali0sharepoint, microsoft, bug-bounty, hacking04-Mar-2025
How to Use Automated Tools for Information Gatheringhttps://medium.com/@vipulsonule71/how-to-use-automated-tools-for-information-gathering-779bae995dc8?source=rss------bug_bounty-5Vipul Sonulebug-bounty, writing, technology, hacking, cybersecurity04-Mar-2025
Breaking and Fixing My Way Into Cybersecurityhttps://medium.com/@MutexSec/breaking-and-fixing-my-way-into-cybersecurity-1c888d959823?source=rss------bug_bounty-5Exhaustedmutexpenetration-testing, technology, cybersecurity, bug-bounty, journal04-Mar-2025
Footprinting & Information Gathering Master Indexhttps://medium.com/@0xizen/footprinting-information-gathering-master-index-84f00469f45a?source=rss------bug_bounty-5Shashi Raj Jhared-team, information-gathering, footprinting, bug-bounty, bug-bounty-tips04-Mar-2025
Do CTFs Really Make You Better at Hacking?https://medium.com/@HackerNasr/do-ctfs-really-make-you-better-at-hacking-3975e9295266?source=rss------bug_bounty-5HackerNasrbug-bounty-tips, hacking, ctf, bug-bounty, capture-the-flag04-Mar-2025
Top 50 Reconnaissance Tools for 2025https://medium.com/@codingbolt.in/top-50-reconnaissance-tools-for-2025-711ab067c737?source=rss------bug_bounty-5codingboltrecon, cybersecurity, bug-bounty, reconnaissance, ethical-hacking04-Mar-2025
SSRF and the Pitfalls of Blacklist-Based Input Filtershttps://medium.com/@codingbolt.in/ssrf-and-the-pitfalls-of-blacklist-based-input-filters-b19e4765fa6d?source=rss------bug_bounty-5codingboltethical-hacking, ssrf-attack, ssrf, bug-bounty, bug-bounty-tips04-Mar-2025
How I Discovered One More Easy Bug in 5 Minuteshttps://medium.com/@Abhijeet_kumawat_/how-i-discovered-one-more-easy-bug-in-5-minutes-e1f07ac766f6?source=rss------bug_bounty-5Abhijeet Kumawathacking, infosec, bug-bounty, cybersecurity, money04-Mar-2025
Guide to Downloading, Installing, and Configuring Burp Suite Professional on Kali Linuxhttps://abhinav-porwal.medium.com/guide-to-downloading-installing-and-configuring-burp-suite-professional-on-kali-linux-19ca40b0bba4?source=rss------bug_bounty-5Abhinav Porwalburp-suite-pro, bug-bounty, burpsuite, cybersecurity, ethical-hacking04-Mar-2025
Bug Bounty Journey — Valid Report Part 4https://medium.com/@0xF3r4t/bug-bounty-journey-valid-report-part-4-b7bc49aaa737?source=rss------bug_bounty-50xF3r4twayback-machine, bug-bounty04-Mar-2025
Streamline Reconnaissance with NetSanitizer: A URL Deduplication Powerhouse for Bug Bounty Huntershttps://medium.com/@iamsecure1920/streamline-reconnaissance-with-netsanitizer-a-url-deduplication-powerhouse-for-bug-bounty-hunters-a2832821b03c?source=rss------bug_bounty-5iamsecure1920 (Sai Krishna Sobila )bug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips, bounty-program04-Mar-2025
$50-$100 worth Sensitive Leaks via Google Dorks | Part 1https://infosecwriteups.com/50-100-worth-sensitive-leaks-via-google-dorks-part-1-b5e72af87513?source=rss------bug_bounty-5It4chis3cgoogle, bug-bounty, google-dork, secrets, dorking04-Mar-2025
Day 0: Starting My 100-Day Bug Bounty Journeyhttps://medium.com/@swethas274/day-0-starting-my-100-day-bug-bounty-journey-37d032c853d3?source=rss------bug_bounty-5Swethaside-hustle, bug-bounty, cybersecurity, hacking, 100daychallenge04-Mar-2025
Best Browser Extensions for Bug Hunting and Cybersecurityhttps://abhinav-porwal.medium.com/best-browser-extensions-for-bug-hunting-and-cybersecurity-5cfc4866cdab?source=rss------bug_bounty-5Abhinav Porwalinformation-security, cybersecurity, hacking, bug-bounty, bug-bounty-tips04-Mar-2025
How to Find Your First Easy Bug as a Bug Bounty Hunter (Step-by-Step Guide)https://abhinav-porwal.medium.com/how-to-find-your-first-easy-bug-as-a-bug-bounty-hunter-step-by-step-guide-151f3150ba4e?source=rss------bug_bounty-5Abhinav Porwalethical-hacking, cybersecurity, bug-bounty-writeup, bug-bounty, bug-bounty-tips04-Mar-2025
How i breached the US federal goverment and found 10,000 plus classfied infomationhttps://medium.com/@coffeeaddict_exe/how-i-breached-the-us-federal-goverment-and-found-10-000-plus-classfied-infomation-dfac687a8c44?source=rss------bug_bounty-5CoffeeAddictusa, bug-bounty, government, bug-bounty-tips, hacking04-Mar-2025
How I Made $5,000 in 3 Days with Bounty Hunting (No Experience Needed)https://medium.com/@ibtissamhammadi/how-i-made-5-000-in-3-days-with-bounty-hunting-no-experience-needed-9050f3548a84?source=rss------bug_bounty-5Ibtissam Hammadibeginners-guide, cybersecurity, ethical-hacking, bug-bounty, earn-money-online04-Mar-2025
From Zero to Hero: Your Step-by-Step Guide to Bagging Your First Bug Bounty (With Real-World…https://krishna-cyber.medium.com/from-zero-to-hero-your-step-by-step-guide-to-bagging-your-first-bug-bounty-with-real-world-0e2f63ac0030?source=rss------bug_bounty-5Krish_cyberbug-bounty, bug-bounty-writeup, bug-zero, bugs, bug-bounty-tips04-Mar-2025
Auth Bypass & Unauthorized Access via Hidden Loginhttps://medium.com/@hossam_hamada/auth-bypass-unauthorized-access-via-hidden-login-65bca9810ddc?source=rss------bug_bounty-5Hossam Hamadabug-bounty-tips, hackerone, bugbounty-writeup, bug-bounty04-Mar-2025
Sensitive API Key Leakage Report Disclosure: AWS VDPhttps://cyberw1ng.medium.com/sensitive-api-key-leakage-report-disclosure-aws-vdp-b26806e1ecd1?source=rss------bug_bounty-5Karthikeyan Nagarajcloud, programming, jobs, bug-bounty, cybersecurity04-Mar-2025
The Art of Recon: Hunting Bugs Before They Hide — Part Three (From Recon to Reward)https://zeusvuln.medium.com/the-art-of-recon-hunting-bugs-before-they-hide-part-three-from-recon-to-reward-c9eea7cf5b10?source=rss------bug_bounty-5ZeUsVuLnbug-bounty-tips, bug-bounty-writeup, reconnaissance, cybersecurity, bug-bounty04-Mar-2025
Defining the Pentest Scope: OWASP ZAP Context & Subdomainshttps://err0rsecur1ty.medium.com/defining-the-pentest-scope-owasp-zap-context-subdomains-7e5ff5dfd74d?source=rss------bug_bounty-5Zehzah M.A | ( Err0r_SecuR1ty )ethical-hacking, cybersecurity, owaspzap, bug-bounty, penetration-testing04-Mar-2025
I Discovered a Critical Security Flaw That Changed How I Protect My Data Foreverhttps://medium.com/@ibtissamhammadi/i-discovered-a-critical-security-flaw-that-changed-how-i-protect-my-data-forever-30becd75d83c?source=rss------bug_bounty-5Ibtissam Hammadicybersecurity, critical-security, ethical-hacking, bug-bounty, bug-bounty-hunting03-Mar-2025
Mastering XSS on the Fly: The Ultimate Guide to Web Vulnerabilities and Bug Bountieshttps://cybersecuritywriteups.com/mastering-xss-on-the-fly-the-ultimate-guide-to-web-vulnerabilities-and-bug-bounties-78502107ea9b?source=rss------bug_bounty-5Krish_cyberbug-bounty, idor, osint, infosec-write-ups, xss-attack03-Mar-2025
From Zero to Hero: How I Uncovered a Critical Privilege Escalation Flaw and Earned $500https://cybersecuritywriteups.com/from-zero-to-hero-how-i-uncovered-a-critical-privilege-escalation-flaw-and-earned-500-c6be96484090?source=rss------bug_bounty-5Krish_cyberosint, bug-bounty-tips, bug-bounty, info-sec-writeups, information-security03-Mar-2025
ChatGPT for Bug Bounty Hunters: Custom Payloads, Automated Scripts, and Morehttps://medium.com/@Abhijeet_kumawat_/chatgpt-for-bug-bounty-hunters-custom-payloads-automated-scripts-and-more-125aef1e9a80?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, cybersecurity, infosec, hacking, money03-Mar-2025
How to choose a target for Bug-Bounty to earn extra $$$.https://medium.com/@anandrishav2228/how-to-choose-a-target-for-bug-bounty-to-earn-extra-d081bcd93692?source=rss------bug_bounty-5Rishav anandmoney, hacking, bug-bounty-tips, cybersecurity, bug-bounty03-Mar-2025
A BIG MISCONCEPTION: “MY ORGANISATION IS NOT MATURE ENOUGH FOR BUG BOUNTY”https://medium.com/@hackrate/a-big-misconception-my-organisation-is-not-mature-enough-for-bug-bounty-93c87b131baf?source=rss------bug_bounty-5Levente Molnarcybersecurity, hacking, bug-bounty-tips, bug-bounty, ethical-hacking03-Mar-2025
Qumursqa mukofotihttps://medium.com/@buckybyte/qumursqa-mukofoti-1200f848d1b7?source=rss------bug_bounty-5Bucky Bytebug-bounty03-Mar-2025
Setting Up XSSHunter(Latest) with Docker and Cloudflare Proxyhttps://petruknisme.medium.com/setting-up-xsshunter-latest-with-docker-and-cloudflare-proxy-6c35db80762c?source=rss------bug_bounty-5Aanxsshunter, xs, web-pentesting, pentest, bug-bounty03-Mar-2025
Advanced Open Redirection Techniques and Exploitation Using Burp Suite Dynamic Analysishttps://medium.com/@shadyfarouk1986/advanced-open-redirection-techniques-and-exploitation-using-burp-suite-dynamic-analysis-6d6f5bc23f66?source=rss------bug_bounty-5Shady Faroukbug-bounty, bug-bounty-writeup, pentesting, hacking03-Mar-2025
You Have No Experience, But Want to Start Bug Bounty Hunting?https://systemweakness.com/you-have-no-experience-but-want-to-start-bug-bounty-hunting-0fd4e5d700d9?source=rss------bug_bounty-5HackerNasrbug-bounty, ethical-hacking, careers, career-advice, hacking03-Mar-2025
Server-Side Request Forgery (SSRF): Attacking Internal Networks via External Requestshttps://medium.com/ssd-secure-disclosure/server-side-request-forgery-ssrf-attacking-internal-networks-via-external-requests-333afd84ce94?source=rss------bug_bounty-5Oded van Kloetenssrf, code, bug-bounty, cybersecurity, hacking03-Mar-2025
The Curious Case of a Patched IDOR and the Rabbit Hole That Followedhttps://medium.com/@stephenuchechukwu68/the-curious-case-of-a-patched-idor-and-the-rabbit-hole-that-followed-04a40297e5fd?source=rss------bug_bounty-5Stephenuchechukwucybersecurity, ethical-hacking, bug-bounty03-Mar-2025
Secret Google Dorks to Find Bug Bounty Programshttps://medium.com/@Abhijeet_kumawat_/secret-google-dorks-to-find-bug-bounty-programs-3896014e79ce?source=rss------bug_bounty-5Abhijeet Kumawathacking, cybersecurity, google-dork, secrets, bug-bounty03-Mar-2025
Basic SSRF Against Another Back-End Systemhttps://medium.com/@codingbolt.in/basic-ssrf-against-another-back-end-system-5f285cd83b0a?source=rss------bug_bounty-5codingboltbugs, ssrf, bug-bounty-tips, ssrf-attack, bug-bounty03-Mar-2025
My First Private Bug Bounty Invitation — The Real Game Beginshttps://medium.com/@sivasankardas/my-first-private-bug-bounty-invitation-the-real-game-begins-f80af1133f25?source=rss------bug_bounty-5Sivasankardasreconnaissance, hall-of-fame, cybersecurity, bug-bounty, cross-site-scripting-xss03-Mar-2025
Asset discovery with favicon hash.https://medium.com/infosecmatrix/asset-discovery-with-favicon-hash-267cea766385?source=rss------bug_bounty-5loyalonlytodaytips, favicon, programming, cybersecurity, bug-bounty03-Mar-2025
IDOR Allows Attackers to Delete Any User’s Identity Documents | IDOR | $$$$https://medium.com/@Bug_Slay3r/idor-allows-attackers-to-delete-any-users-identity-documents-idor-18f0cc901d16?source=rss------bug_bounty-5Shrujal Mandawkarvulnerability, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bugs03-Mar-2025
Bug Bounty Hunting with Censys: Finding an Unsecured Elasticsearch Instance and Reporting Ithttps://medium.com/@hacker_might/bug-bounty-hunting-with-censys-finding-an-unsecured-elasticsearch-instance-and-reporting-it-13a619cc0b4e?source=rss------bug_bounty-5hacker_mightbug-bounty, reconnaissance, censys, bug-bounty-writeup, threat-intelligence03-Mar-2025
“I Missed $2,200 by Closing Burp Suite Too Fast — Here’s How You Can Avoid My Costly Mistake”https://cybersecuritywriteups.com/i-missed-2-200-by-closing-burp-suite-too-fast-heres-how-you-can-avoid-my-costly-mistake-91dc2e1d865d?source=rss------bug_bounty-5Krish_cyberbug-bounty, bug-bounty-tips, infosec-write-ups, cybersecurity, osint03-Mar-2025
How I Uncovered an Email Leak That Could Have Cost Millionshttps://krishna-cyber.medium.com/how-i-uncovered-an-email-leak-that-could-have-cost-millions-66500548d0b6?source=rss------bug_bounty-5Krish_cyberinfosec-write-ups, information-security, bug-bounty-tips, bug-bounty, bug-bounty-writeup03-Mar-2025
Hacking My Way to $3,000: Unmasking a Sneaky IDOR Vulnerability ️♂️https://cybersecuritywriteups.com/hacking-my-way-to-3-000-unmasking-a-sneaky-idor-vulnerability-%EF%B8%8F-%EF%B8%8F-06ebcb65ba9a?source=rss------bug_bounty-5Krish_cybervulnerability, osint, infosec-write-ups, hacking, bug-bounty03-Mar-2025
Local File Disclosure/..https://medium.com/@julius.grosserode.19/local-file-disclosure-743f88291211?source=rss------bug_bounty-5Juliolocal-file-read, bugs, bug-bounty, directory-traversal, local-file-exposure03-Mar-2025
Discovering Sensitive Information Using GitHub Dorkshttps://cyberw1ng.medium.com/discovering-sensitive-information-using-github-dorks-10fd7e032bbd?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, github, careers, programming, cybersecurity03-Mar-2025
Subdomain Takeover: How I Almost Snatched a Vulnerable Subdomain (But Was Too Late!)chttps://medium.com/@AhmedSamy-X/subdomain-takeover-how-i-almost-snatched-a-vulnerable-subdomain-but-was-too-late-c-a2a0afe7b2d9?source=rss------bug_bounty-5Ahmedsamyethical-hacking, cybersecurity, bug-bounty03-Mar-2025
Discovering 3 in a Row: BAC Read-only Vulnerabilities Total $4,182https://medium.com/@robert0/discovering-3-in-a-row-bac-read-only-vulnerabilities-total-4-182-59c93b753eb8?source=rss------bug_bounty-5Mr Robert | Ahmed M Hassanhackerone, bug-bounty, cybersecurity, bug-bounty-tips, bug-bounty-writeup03-Mar-2025
Cross-System Communication: Injection Vulnerabilities Internalshttps://kalawy.medium.com/cross-system-communication-injection-vulnerabilities-internals-19d406bb57d5?source=rss------bug_bounty-5Kalawysecurity-research, bug-bounty, sql-injection, vulnerability, web-attack03-Mar-2025
How Reading Disclosed Bug Bounty Reports Can Make You a Better Hacker — And Even Earn You Some…https://medium.com/@weaponshot/how-reading-disclosed-bug-bounty-reports-can-make-you-a-better-hacker-and-even-earn-you-some-45fb4d1adf4d?source=rss------bug_bounty-5Matyis Konghackerone, hacking, bugcrowd, cybersecurity, bug-bounty03-Mar-2025
Cómo TLS Pass Through Ayuda a Reducir el Ruido en Burp Suitehttps://medium.com/@ArtsSEC/c%C3%B3mo-tls-pass-through-ayuda-a-reducir-el-ruido-en-burp-suite-091b2b06d165?source=rss------bug_bounty-5ArtsSECbug-bounty, pentesting, security, infosec, burpsuite03-Mar-2025
Discovering Sensitive Information Using GitHub Dorkshttps://osintteam.blog/discovering-sensitive-information-using-github-dorks-10fd7e032bbd?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, github, careers, programming, cybersecurity03-Mar-2025
Web Vulnerabilities 104: Dependency Confusion — When Your App Trusts the Wrong Stranger!https://medium.com/@shadyfarouk1986/web-vulnerabilities-104-dependency-confusion-when-your-app-trusts-the-wrong-stranger-46be46fecb93?source=rss------bug_bounty-5Shady Faroukbug-bounty, bugbounty-writeup02-Mar-2025
How I Found Sensitive Information Disclosurehttps://medium.com/@Abhijeet_kumawat_/how-i-found-sensitive-information-disclosure-21533fb8c6d2?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, sensitive-information, white-hat-hacker, hacking, cybersecurity02-Mar-2025
Blind SQL Injection in Oracle Database: Exfiltrating Data with Burp Collaborator  —  SQL Injection…https://infosecwriteups.com/blind-sql-injection-in-oracle-database-exfiltrating-data-with-burp-collaborator-sql-injection-2b8062b04d51?source=rss------bug_bounty-5Bash Overflowsql-injection-oracle-db, sqli-data-exfiltration, bug-bounty, blind-sql-injection, bug-bounty-writeup02-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-113)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-113-572a98bcfbe0?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, bug-bounty, bug-bounty-tips, hacking, ethical-hacking02-Mar-2025
Day 21: Full Account Takeover via Open Redirectionhttps://medium.com/@danielbelay/day-21-full-account-takeover-via-open-redirection-5f3ca7f0c726?source=rss------bug_bounty-5dani3lbug-bounty, cybersecurity, account-takeover, account-takeover-attacks02-Mar-2025
CVE-2024–57062: The iOS App That Keeps You Logged In — Even After Uninstallinghttps://medium.com/@sahildabhilkar4/cve-2024-57062-the-ios-app-that-keeps-you-logged-in-even-after-uninstalling-ecc334997b7f?source=rss------bug_bounty-5Sahildabhilkarvulnerability-disclosure, cybersecurity, cve, bug-bounty, ios-security02-Mar-2025
This is The Easiest Bug You Can Find✨https://medium.com/@Abhijeet_kumawat_/this-is-the-easiest-bug-you-can-find-b418fade22ee?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, hacking, infosec, money, cybersecurity02-Mar-2025
Open Redirectshttps://medium.com/@julius.grosserode.19/open-redirects-7337ea352c93?source=rss------bug_bounty-5Julioxss-vulnerability, open-redirect, xss-attack, redirect, bug-bounty02-Mar-2025
The Idor vulnerability and its impact on users safelyhttps://medium.com/@Dorking1/steps-to-reproduce-the-vulnerability-df7c7c242507?source=rss------bug_bounty-5Dorking1penetration-testing, bug-bounty02-Mar-2025
I’ve just discovered a new tool that looks very promising: WPProbe, a WordPress security scanner.https://medium.com/@bidushtripathi/ive-just-discovered-a-new-tool-that-looks-very-promising-wpprobe-a-wordpress-security-scanner-266f2da3bbac?source=rss------bug_bounty-5ProgHubbug-bounty, web-development, cybersecurity, hacking, linux02-Mar-2025
TOP 10 Hacking OAuth 2.0 Techniques — Part 1https://medium.com/@itamar.yochpaz/top-10-hacking-oauth-2-0-techniques-part-1-107238663a03?source=rss------bug_bounty-5Itamar Yochpazpenetration-testing, cybersecurity, bug-bounty, application-security, hacking02-Mar-2025
HackTheBox: APKey Mobile Challengehttps://medium.com/@k3r0/hackthebox-apkey-mobile-challenge-6e3cf5647c2d?source=rss------bug_bounty-5Kyrillos nadyhackthebox, bug-bounty, android, mobile, red-team02-Mar-2025
From Web Cache Poisoning to Persistent XSS — A High Severity Bughttps://medium.com/@HackerNasr/from-web-cache-poisoning-to-persistent-xss-a-high-severity-bug-87bb6c19239d?source=rss------bug_bounty-5HackerNasrpentesting, bug-bounty, ethical-hacking, cybersecurity, hacking02-Mar-2025
2/30 Cryptographic Failures Bughttps://jooexploit.medium.com/2-30-cryptographic-failures-bug-3c8f9efa523e?source=rss------bug_bounty-5Jooexploitbug-bounty, writeup, cryptographic02-Mar-2025
Cloud Security Roadmaphttps://medium.com/offensive-black-hat-hacking-security/cloud-security-roadmap-702fdb0815ca?source=rss------bug_bounty-5Harshad Shahbug-bounty, cloud-security, penetration-testing, cloud, cybersecurity02-Mar-2025
Top 10 Tools for Bug Bounty Hunting in 2025https://bitpanic.medium.com/top-10-tools-for-bug-bounty-hunting-in-2025-52cd7c34094d?source=rss------bug_bounty-5Spectat0rguyai-generated-content, cybersecurity, technology, programming, bug-bounty02-Mar-2025
How I Uncovered IDOR, XSS, and Full Account Takeover in a Single Hunthttps://krishna-cyber.medium.com/how-i-uncovered-idor-xss-and-full-account-takeover-in-a-single-hunt-acfce2f9a84f?source=rss------bug_bounty-5Krish_cyberxss-attack, bug-bounty, hacking, idor, infosec-write-ups02-Mar-2025
Bypassing 2FA: Advanced Techniques Hackers Use & How to Stop Themhttps://medium.com/@rishishakya30/bypassing-2fa-advanced-techniques-hackers-use-how-to-stop-them-4e7de384258a?source=rss------bug_bounty-5CodelineX Pvt Ltdcybersecurity, bug-bounty02-Mar-2025
MongoDB Penetration Testing: A Comprehensive Guidehttps://infosecwriteups.com/mongodb-penetration-testing-a-comprehensive-guide-df80d829f060?source=rss------bug_bounty-5Ajay Naikinformation-technology, bug-bounty, information-security, cybersecurity, cyberattack02-Mar-2025
Finding a Publicly Accessible Asset Leak: How I Reported a Critical Vulnerability ##NASAhttps://medium.com/@ashokpandiya71/finding-a-publicly-accessible-asset-leak-how-i-reported-a-critical-vulnerability-nasa-9fd626df59f5?source=rss------bug_bounty-5Ashok kumar pareekbug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity, hall-of-fame02-Mar-2025
How I Exploited an OTP Vulnerability & Reported It! $$$https://medium.com/@Bug_Slay3r/how-i-exploited-an-otp-vulnerability-reported-it-660da35d997a?source=rss------bug_bounty-5Shrujal Mandawkarbug-bounty-writeup, vulnerability, bug-bounty-tips, bug-bounty, bugs02-Mar-2025
How to Earn Bug Bounties with GitHub: A Practical Guide for Beginnershttps://cyberw1ng.medium.com/how-to-earn-bug-bounties-with-github-a-practical-guide-for-beginners-20463cf2c125?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, programming, git, cybersecurity, bug-bounty02-Mar-2025
Day 114 — Exploring Cyber Bug Bounty Programshttps://medium.com/@thecyberkid12/day-114-exploring-cyber-bug-bounty-programs-41b0cc2790fb?source=rss------bug_bounty-5Sushrita Swainbug-bounty, cybersecurity02-Mar-2025
Day 113 — Exploring Bug Bounty Programs and Capture the Flag Challengeshttps://medium.com/@thecyberkid12/day-113-exploring-bug-bounty-programs-and-capture-the-flag-challenges-ba4d45092e1f?source=rss------bug_bounty-5Sushrita Swaincybersecurity, capture-the-flag, ctf, bug-bounty02-Mar-2025
How to Identify Sensitive Data in JavaScript Fileshttps://medium.com/@khalyylgam/how-to-identify-sensitive-data-in-javascript-files-b0bb7eb6d948?source=rss------bug_bounty-5Khalil Gammarjavascript, bug-bounty, web-exploitation02-Mar-2025
How I was able to get two account takeovers via OAuth custom scheme hijacking at the same targethttps://medium.com/@AlQa3Qa3_M0X0101/how-i-was-able-to-get-two-account-takeovers-via-oauth-custom-scheme-hijacking-at-the-same-target-6a6980ebbac1?source=rss------bug_bounty-5Mohamed redabug-bounty-tips, android-security, penetration-testing, bug-bounty01-Mar-2025
HTML Injection vulnerability in Googlehttps://medium.com/@Abhijeet_kumawat_/html-injection-vulnerability-in-google-cb2c73ca5996?source=rss------bug_bounty-5Abhijeet Kumawatmoney, bug-bounty, hacking, cybersecurity, infosec01-Mar-2025
Finding Exposed AWS Buckets Like a Pro! : Bug Bounty Reconhttps://medium.com/@hrofficial62/finding-exposed-aws-buckets-like-a-pro-bug-bounty-recon-c193cc1f9af5?source=rss------bug_bounty-5Mr Horbiocybersecurity, bug-bounty, hacking, ethical-hacking, pentesting01-Mar-2025
WordPress ‘xmlrpc.php’ (CVE-2020–28036) — old is goldhttps://osintteam.blog/wordpress-xmlrpc-php-cve-2020-28036-old-is-gold-a0b9c301fbac?source=rss------bug_bounty-5Abhishek pawarbug-bounty, ai, programming, wordpress, pi01-Mar-2025
Web Application Recon Guide :https://medium.com/@zerohackerone0/web-application-recon-guide-d010e7761d85?source=rss------bug_bounty-5Houssam Milianicybersecurity, bug-bounty, hacking01-Mar-2025
Beyond the Script: Mastering Exploratory Testing Like a Prohttps://medium.com/@sajith-dilshan/beyond-the-script-mastering-exploratory-testing-like-a-pro-b78d6c7d95fb?source=rss------bug_bounty-5sajith dilshansoftware-testing, bug-bounty, qa-engineer, qa, exploratory-testing01-Mar-2025
VPS Setup for Bug Bounty | Part2https://systemweakness.com/vps-setup-for-bug-bounty-part2-07005bf9aa7d?source=rss------bug_bounty-5AbhirupKonwarvps-hosting, information-security, pentesting, bug-bounty, ethical-hacking01-Mar-2025
How Hackers Chain Small Bugs into a Multi-Million Dollar Exploithttps://securrtech.medium.com/how-hackers-chain-small-bugs-into-a-multi-million-dollar-exploit-1bc05dd873f9?source=rss------bug_bounty-5Securr - Web3 Securitysmart-contract-security, web3-security, blockchain-security, smart-contract-auditing, bug-bounty01-Mar-2025
Advanced Dorking Methodology for Finding Vulnerabilities (Part 1)https://hackersatty.medium.com/advanced-dorking-methodology-for-finding-vulnerabilities-part-1-e3564e314819?source=rss------bug_bounty-5hackersattybug-bounty-writeup, google, medium, dorks, bug-bounty01-Mar-2025
How I Bypassed OTP Verification with Response Manipulationhttps://medium.com/@pentestersuresh01/how-i-bypassed-otp-verification-with-response-manipulation-98be8d594a3f?source=rss------bug_bounty-5Suresh Sotp-verification, bug-bounty, bug-bounty-tips, cybersecurity, bug-bounty-writeup01-Mar-2025
PUT到GET轻松收获严重漏洞https://medium.com/@xiaoshi666/put%E5%88%B0get%E8%BD%BB%E6%9D%BE%E6%94%B6%E8%8E%B7%E4%B8%A5%E9%87%8D%E6%BC%8F%E6%B4%9E-3d89cd29462d?source=rss------bug_bounty-5xiaoshibug-bounty, cybersecurity01-Mar-2025
easy business logic bug allowed me to install paid applications for my organization for freehttps://medium.com/@youssefmohamedelgohre1/easy-business-logic-bug-allowed-me-to-install-paid-applications-for-my-organization-for-free-c992c9959910?source=rss------bug_bounty-5Youssefbug-bounty-writeup, bug-hunting, business-logic, hacking, bug-bounty01-Mar-2025
P2 Blind XSShttps://medium.com/@0xchoudhary/p2-blind-xss-ff8206c45372?source=rss------bug_bounty-5Sushil Choudharyhacking, hackerone, bounty-program, hackthebox, bug-bounty01-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-112)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-112-a1a25826fe45?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, hacking, bug-bounty-tips, ethical-hacking01-Mar-2025
Bypassing Business Logic via Race Condition: A $500 Bounty Bughttps://medium.com/@a13h1/bypassing-business-logic-via-race-condition-a-500-bounty-bug-273396b17ec4?source=rss------bug_bounty-5Abhi Sharmarace-condition, infosec, bug-bounty, cybersecurity, pentesting01-Mar-2025
Start Bug Bounty and earn $$$: Top Write-Ups, POCs & Tutorialshttps://medium.com/@Abhijeet_kumawat_/start-bug-bounty-and-earn-top-write-ups-pocs-tutorials-9f88ef743524?source=rss------bug_bounty-5Abhijeet Kumawatdaily-blog, cybersecurity, infosec, bug-bounty, hacking01-Mar-2025
How Bug Bounty Programs Scam Hackers and Get Away With It!https://siratsami71.medium.com/how-bug-bounty-programs-scam-hackers-and-get-away-with-it-175fc06ea45b?source=rss------bug_bounty-5Sirat Sami (analyz3r)bug-bounty, scammer, hackerone01-Mar-2025
From Bug Bounty To Making Our Own Startup!https://medium.com/@the.air.cyborg/from-bug-bounty-to-making-our-own-startup-4887c5627823?source=rss------bug_bounty-5the_air_cyborgindie-game, enterpreneurship, startup, crowdfunding, bug-bounty01-Mar-2025
Unlock the Power of CyberEagle Scanner!https://medium.com/@ubaidhassan/unlock-the-power-of-cybereagle-scanner-2a6a37afc648?source=rss------bug_bounty-5Ubaid Khanweb, bug-bounty, penetration-testing, website, ethical-hacking01-Mar-2025
⚡ Find XSS Vulnerabilities in Just 2 Minutes! ⏳https://cybersecuritywriteups.com/find-xss-vulnerabilities-in-just-2-minutes-ba0e312bbe22?source=rss------bug_bounty-5Krish_cyberosint, xss-attack, infosec-write-ups, bug-bounty, bug-bounty-tips01-Mar-2025
Review of Security Research Articles: February 2025https://medium.com/meetcyber/review-of-security-research-articles-february-2025-be1791bd6761?source=rss------bug_bounty-5Lukasz Wierzbickibug-bounty, penetration-testing, security, productivity, review01-Mar-2025
The Accidental RCE: How a Simple File Upload Led to Remote Code Execution!https://cybersecuritywriteups.com/the-accidental-rce-how-a-simple-file-upload-led-to-remote-code-execution-c3aa19d1e8f3?source=rss------bug_bounty-5Krish_cyberrce-vulnerability, idor, osint, infosec-write-ups, bug-bounty01-Mar-2025
The Forgotten Google Services: Google Alertshttps://medium.com/pndsec/the-forgotten-google-services-google-alerts-74502ba9c963?source=rss------bug_bounty-5Erkan Kavasbug-bounty, old, google, services01-Mar-2025
Subdomain Enumeration with BBOT: Comparative Guide to Outperform Other Tools.https://sankalppatil12112001.medium.com/subdomain-enumeration-with-bbot-comparative-guide-to-outperform-other-tools-5a4b71b28343?source=rss------bug_bounty-5XoXsubdomains-enumeration, cybersecurity, hacking, bug-bounty, infosec01-Mar-2025
How a Single Vulnerability Exposed Millions!https://medium.com/@devdharan24/how-a-single-vulnerability-exposed-millions-49fdc95f4f35?source=rss------bug_bounty-5DevDhacking, security, bug-bounty, bug-bounty-writeup, cybersecurity01-Mar-2025
Exploiting PostMessage | NahamSechttps://medium.com/@julius.grosserode.19/exploiting-postmessage-nahamsec-b24cb197a299?source=rss------bug_bounty-5Juliobug-bounty, iframe, postmessage, xss-attack01-Mar-2025
Firefox and Chrome extensions for bug bounty hunters. (PART 2)https://osintteam.blog/firefox-and-chrome-extensions-for-bug-bounty-hunters-part-2-be175b813a9b?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, penetration-testing, extension, tips01-Mar-2025
VPS Subdomain Monitoringhttps://cybersecuritywriteups.com/vps-subdomain-monitoring-ac89050869e4?source=rss------bug_bounty-5AbhirupKonwarpenetration-testing, pentesting, bug-bounty-tips, bug-bounty, vps-hosting01-Mar-2025
How I Turned the Black Basta Playbook Chat Leak into $4,000 in Just 24 Hourshttps://medium.com/@ibtissamhammadi/how-i-turned-the-black-basta-playbook-chat-leak-into-4-000-in-just-24-hours-de60dff8171b?source=rss------bug_bounty-5Ibtissam Hammadicybersecurity, threat-intelligence, bug-bounty, hacking, infosec01-Mar-2025
When ‘Disabled’ Isn’t Really Disabled! — Exploiting a Weird Logic Flaw to Destroy an Organizationhttps://som3a.medium.com/when-disabled-isn-t-really-disabled-exploiting-a-weird-logic-flaw-to-destroy-an-organization-17ad3d9542d0?source=rss------bug_bounty-50xSOM3Acybersecurity, bug-bounty-writeup, business-logic-flaw, bug-bounty-tips, bug-bounty01-Mar-2025
Insecure Direct Object Reference (IDOR) Vulnerability: A Comprehensive Guidehttps://medium.com/@shadyfarouk1986/insecure-direct-object-reference-idor-vulnerability-a-comprehensive-guide-e61b66bfb20a?source=rss------bug_bounty-5Shady Faroukbugbounty-writeup, bug-bounty01-Mar-2025
$35,000 Bounty: How Inappropriate Access Control Led to GitLab Account Takeoverhttps://cyberw1ng.medium.com/35-000-bounty-how-inappropriate-access-control-led-to-gitlab-account-takeover-39e071b6d9cc?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, jobs, cybersecurity, programming01-Mar-2025
Time Management for Bug Hunters During Ramadan: Balancing Hacking and Lifehttps://medium.com/@mahdisalhi0500/time-management-for-bug-hunters-during-ramadan-balancing-hacking-and-life-1cd2bf3cea0d?source=rss------bug_bounty-5CaptinSHArky(Mahdi)time-management, information-security, cybersecurity, bug-bounty, infosec01-Mar-2025
$500 How I Found XSS Using ChatGPThttps://medium.com/@Abhijeet_kumawat_/500-how-i-found-xss-using-chatgpt-54b5492af41a?source=rss------bug_bounty-5Abhijeet Kumawathacking, infosec, bug-bounty, ai, chatgpt28-Feb-2025
root-me | web-server | lab-3 | HTTP — Open redirect walkthroughhttps://medium.com/@ssh_fsociety/root-me-web-server-lab-3-http-open-redirect-walkthrough-25cdcfb53100?source=rss------bug_bounty-5Sarthak Dukare (ssh_fsociety)bug-bounty, cybersecurity, web-application-security, infosec, penetration-testing28-Feb-2025
CSRF in 2025: “Solved” But Still Bypassablehttps://infosecwriteups.com/csrf-in-2025-solved-but-still-bypassable-942ca382ab77?source=rss------bug_bounty-5Vivek PSweb-development, cybersecurity, programming, hacking, bug-bounty28-Feb-2025
Finding an api key in a .js file in the commentshttps://infosecwriteups.com/finding-an-api-key-in-a-js-file-in-the-comments-67b30af1d451?source=rss------bug_bounty-5loyalonlytodaybug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips, tips28-Feb-2025
Find related files to your bug bounty targethttps://infosecwriteups.com/find-related-files-to-your-bug-bounty-target-4752d769eecc?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, tips, programming, penetration-testing28-Feb-2025
Day 20: Admin Account Takeover via Weird Password Reset Functionalityhttps://medium.com/@danielbelay/day-20-admin-account-takeover-via-weird-password-reset-functionality-33afb15fa4c0?source=rss------bug_bounty-5dani3laccount-takeover, ethical-hacking, cybersecurity, bug-bounty, bug-bounty-tips28-Feb-2025
Best VPS for Bug Bounty & Pentestinghttps://medium.com/meetcyber/best-vps-for-bug-bounty-pentesting-2b556c375f28?source=rss------bug_bounty-5AbhirupKonwarvps-hosting, bug-bounty-tips, penetration-testing, pentesting, bug-bounty28-Feb-2025
OWASP Mobile Top 10 | M3: Insecure Authentication/Authorizationhttps://z0enix.medium.com/owasp-mobile-top-10-m3-insecure-authentication-authorization-7b94b8f23fc3?source=rss------bug_bounty-5Mohamed Hamadoutechnology, owasp, bug-bounty, hacking, cybersecurity28-Feb-2025
The Road to CRTP Cert — Part 22https://medium.com/@dineshkumaar478/the-road-to-crtp-cert-part-22-f2a3d956448a?source=rss------bug_bounty-5Dineshkumaar Rbug-bounty, security, cybersecurity, crtp-exam, offensive-security28-Feb-2025
Severity vs. Priority in Software Testing: Key Differences & Best Practiceshttps://medium.com/@shaktisinghQA/severity-vs-priority-in-software-testing-key-differences-best-practices-eae4e5984616?source=rss------bug_bounty-5Shakti Singhbugs, bug-bounty, priority-queue, qa, testing28-Feb-2025
Hacking Netflix for $$$ — Stored XSS + IDOR to Session Hijacking & Account Takeoverhttps://medium.com/@mares.viktor/hacking-netflix-for-stored-xss-idor-to-session-hijacking-account-takeover-9ba1cdeabbf8?source=rss------bug_bounty-5Viktor Maresethical-hacking, bug-bounty, cybersecurity, netflix, penetration-testing28-Feb-2025
A Deep Dive into Open Port Vulnerabilities in Websites ‍https://medium.com/@sahilchangede2003/a-deep-dive-into-open-port-vulnerabilities-in-websites-b324b9edb8ae?source=rss------bug_bounty-538_Sahil _Changedecybersecurity, bug-bounty, cybercrime, education, cyber-security-awareness28-Feb-2025
How to Find Your First Bug and Earn Your First Bountyhttps://medium.com/@Abhijeet_kumawat_/how-to-find-your-first-bug-and-earn-your-first-bounty-c2d6572eed53?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, money, bug-bounty, infosec, hacking28-Feb-2025
بسم الله الرحمن الرحيمhttps://medium.com/@dark_zone/%D8%A8%D8%B3%D9%85-%D8%A7%D9%84%D9%84%D9%87-%D8%A7%D9%84%D8%B1%D8%AD%D9%85%D9%86-%D8%A7%D9%84%D8%B1%D8%AD%D9%8A%D9%85-acec5d231cf3?source=rss------bug_bounty-5darkzonebug-bounty-tips, bug-bounty28-Feb-2025
Natural Ways to Repel Flower-Eating Bugshttps://medium.com/@deepakbhardwaj23091994/natural-ways-to-repel-flower-eating-bugs-047a9085a74b?source=rss------bug_bounty-5Mysticbhardeating-bugs, bug-bounty-tips, flowers, bugs, bug-bounty28-Feb-2025
Useless P5 path traversal to RCE ☠️https://medium.com/@Hossam.Mesbah/useless-p5-path-traversal-to-rce-%EF%B8%8F-d2c8d3b169e2?source=rss------bug_bounty-5Hossam Mesbahbug-bounty, bug-hunting, vulnerability-management, cybersecurity, penetration-testing28-Feb-2025
Scan React Native APKs for Vulnerable npm Dependencies in 2 Minutes!https://splitunknown.medium.com/scan-react-native-apks-for-vulnerable-npm-dependencies-in-2-minutes-7579df6fe852?source=rss------bug_bounty-5JAY BHATTbug-bounty, android-hacking-tool, android-reversing, reverse-engineering, bug-bounty-tips28-Feb-2025
CORS (Cross-Origin Resource Sharing)https://medium.com/@julius.grosserode.19/cors-cross-origin-resource-sharing-53b4d5840f92?source=rss------bug_bounty-5Juliocors, cross-origin, bug-bounty, cookies28-Feb-2025
The Art of Recon: Hunting Bugs Before They Hide — Part Two (Unleashed)https://zeusvuln.medium.com/the-art-of-recon-hunting-bugs-before-they-hide-part-two-unleashed-227fbd5216b5?source=rss------bug_bounty-5ZeUsVuLnbug-bounty-tips, bugs, cybersecurity, hacking, bug-bounty28-Feb-2025
How I Discovered a P2 Level Sensitive Data Exposure Bug in a Web3 Platformhttps://cybersecuritywriteups.com/how-i-discovered-a-p2-level-sensitive-data-exposure-bug-in-a-web3-platform-4562fcbe655e?source=rss------bug_bounty-5Guru Prasad Pattanaikethical-hacking, bug-bounty-writeup, bug-bounty-tips, cybersecurity, bug-bounty28-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-111)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-111-3cd2067c4ec7?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, hacking, ethical-hacking, cybersecurity, bug-bounty28-Feb-2025
Exploiting WebView Vulnerabilities: Bypassing SOP to Access Internal App Fileshttps://medium.com/@k3r0/exploiting-webview-vulnerabilities-bypassing-sop-to-access-internal-app-files-2d95529c0293?source=rss------bug_bounty-5Kyrillos nadyandroid, mobile-app-development, red-team, bug-bounty, pentesting28-Feb-2025
10 Automation Tricks to Uncover SSRF Flawshttps://cyberw1ng.medium.com/10-automation-tricks-to-uncover-ssrf-flaws-8154529e35b4?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, careers, cybersecurity, jobs, bug-bounty28-Feb-2025
How I Could Access Anyone’s College Subscription — IDOR Strikes Again!https://medium.com/@shxsu1/how-i-could-access-anyones-college-subscription-idor-strikes-again-a4ea7c30f165?source=rss------bug_bounty-5shxsu1ethical-hacking, bug-bounty, hackerone, idor28-Feb-2025
10 Automation Tricks to Uncover SSRF Flawshttps://osintteam.blog/10-automation-tricks-to-uncover-ssrf-flaws-8154529e35b4?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, careers, cybersecurity, jobs, bug-bounty28-Feb-2025
How to Find XSS Vulnerabilities in React JS Websiteshttps://medium.com/h7w/how-to-find-xss-vulnerabilities-in-react-js-websites-46f843bb932e?source=rss------bug_bounty-5Rendierobug-bounty, secure-coding, reactjs, xss-vulnerability, web-security27-Feb-2025
How I Found an Open Redirect Vulnerability Easily (Worth $500!)https://medium.com/@Abhijeet_kumawat_/how-i-found-an-open-redirect-vulnerability-easily-worth-500-44cda132819b?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, open-redirect, bug-bounty, hacking, infosec27-Feb-2025
$1000–$25k worth API Bug Attack & Chaining Strategieshttps://infosecwriteups.com/1000-25k-worth-api-bug-attack-chaining-strategies-ded4121b5791?source=rss------bug_bounty-5It4chis3csecrets, chaining-vulnerabilities, bug-bounty, api, api-attack27-Feb-2025
Sensitive Information Disclosure on Out of scope domain Bug Bounty Writeup ($$$ USD Reward )https://medium.com/@rushikeshchaudhari124/sensitive-information-disclosure-on-out-of-scope-domain-bug-bounty-writeup-usd-reward-58adec34acfb?source=rss------bug_bounty-5Rushikesh chaudhariinformation-disclosure, bug-bounty, responsible-disclosure, hacking27-Feb-2025
Bug Bounty Methodology (Part 1: Basic)https://hackersatty.medium.com/bug-bounty-methodology-part-1-basic-ee4f3f7a4f81?source=rss------bug_bounty-5hackersattybug-bounty-tips, subdomains-enumeration, medium, bug-bounty, bug-bounty-writeup27-Feb-2025
Finding an easy bug in the profile picture field.https://infosecwriteups.com/finding-an-easy-bug-in-the-profile-picture-field-122a7aca2b42?source=rss------bug_bounty-5loyalonlytodaybugs, bug-bounty, hacking, cybersecurity, programming27-Feb-2025
I Found an XSS vulnerability in QuickRide — Here’s how you can too!https://infosecwriteups.com/i-found-an-xss-vulnerability-in-quickride-heres-how-you-can-too-9606203d9e53?source=rss------bug_bounty-5Vivek PSbug-bounty-tips, cybersecurity, bug-bounty, programming, hacking27-Feb-2025
OWASP Mobile Top 10 | M2: Inadequate Supply Chain Security ⛓https://z0enix.medium.com/owasp-mobile-top-10-m2-inadequate-supply-chain-security-771edd9ec109?source=rss------bug_bounty-5Mohamed Hamadoumobile, bug-bounty, hacking, security, owasp27-Feb-2025
Earn $500-$2000 in WordPress website Bug-Bounty Program.https://medium.com/@anandrishav2228/earn-500-2000-in-wordpress-website-bug-bounty-program-4351eb6ce647?source=rss------bug_bounty-5Rishav anandmoney, cybersecurity, bug-bounty, hacking, wordpress27-Feb-2025
How To Discover Hidden Endpoints️‍♂️https://medium.com/@Abhijeet_kumawat_/how-to-discover-hidden-endpoints-%EF%B8%8F-%EF%B8%8F-ac9356dec1d2?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, hacking, cybersecurity, socrates, infosec27-Feb-2025
The Only Guide You Need to Find XSS Like a Prohttps://sudosuraj.medium.com/the-only-guide-you-need-to-find-xss-like-a-pro-c337588f9da3?source=rss------bug_bounty-5sudosurajbug-bounty-writeup, xss-vulnerability, sudosuraj, bug-bounty, bug-bounty-tips27-Feb-2025
How to URLing for Bug Bounties -Mastering URLs : Edition 2025https://kongsec.medium.com/how-to-urling-for-bug-bounties-mastering-urls-edition-2025-a9dca9e2a97f?source=rss------bug_bounty-5Kongsecbugcrowd, hackerone, bug-bounty-tips, kongsec, bug-bounty27-Feb-2025
Bypassing Email Checks to Access Private Support Chatshttps://medium.com/@rahulgairola/bypassing-email-checks-to-access-private-support-chats-c2895b1c9ef2?source=rss------bug_bounty-5Rahul Gairolabug-bounty-writeup, bug-bounty, bug-bounty-tips, security27-Feb-2025
How I Hacked HackerOne’s 2FA in 2 Minutes for $50,000https://medium.com/@ibtissamhammadi/how-i-hacked-hackerones-2fa-in-2-minutes-for-50-000-13892c888657?source=rss------bug_bounty-5Ibtissam Hammadicybersecurity, hacking, hackerone, bug-bounty-tips, bug-bounty27-Feb-2025
A Logical Bug That Slipped Throughhttps://infosecwriteups.com/a-logical-bug-that-slipped-through-792b90850e72?source=rss------bug_bounty-5callgh0stbug-bounty, burpsuite, genocide, logic, hacking27-Feb-2025
Best Hackers Channels on Internet Worth Following! #2https://medium.com/@doby4535/best-hackers-channels-on-internet-worth-following-2-9fe4458b3a50?source=rss------bug_bounty-5Dobysecethical-hacking, bug-bounty, penetration-testing, hacking, cybersecurity27-Feb-2025
How I Discovered 5 XSS Vulnerabilities and Built an Automated XSS Scannerhttps://medium.com/@youssefhussein212103168/how-i-discovered-5-xss-vulnerabilities-and-built-an-automated-xss-scanner-4b357423ae61?source=rss------bug_bounty-5Youssefhusseinxss-attack, bug-bounty, xss-vulnerability, penetration-testing, cybersecurity27-Feb-2025
How to Find More IDORs (Insecure Direct Object References)https://medium.com/@verylazytech/how-to-find-more-idors-insecure-direct-object-references-fcabeac2f880?source=rss------bug_bounty-5Very Lazy Techoscp, ethical-hacking, idor, bug-bounty, penetration-testing27-Feb-2025
How I Found an HTML Injection in a Bug Bounty Programhttps://medium.com/@muhammedgalal66/how-i-found-an-html-injection-in-a-bug-bounty-program-81d1a9cdcfb6?source=rss------bug_bounty-5Dg0x6bugs, html, xss-attack, html-injection, bug-bounty27-Feb-2025
Restricted? Not Anymore! Exploiting a Simple race condition Flawhttps://0xmatrix.medium.com/restricted-not-anymore-exploiting-a-simple-race-condition-flaw-2adaefd45f6f?source=rss------bug_bounty-5Mo2men Elmadycybersecurity, bug-bounty-tips, bug-bounty, hacking, penetration-testing27-Feb-2025
Critical phpMyAdmin Authentication Bypass via Shodan Dorkinghttps://medium.com/@youssefhussein212103168/critical-phpmyadmin-authentication-bypass-via-shodan-dorking-9bf664d053f7?source=rss------bug_bounty-5Youssefhusseindorking, unauthorized-access, shodan, authentication-bypass, bug-bounty27-Feb-2025
Account Takeover on Hackerone using Token leakagehttps://infosecwriteups.com/account-takeover-on-hackerone-using-token-leakage-407dcf862679?source=rss------bug_bounty-5Mr Horbiobug-bounty, cybersecurity, hackerone, hacking, pentesting27-Feb-2025
Information Disclosure — The Hidden Risk in Public Reports!https://medium.com/@momenrezkk90/information-disclosure-the-hidden-risk-in-public-reports-fd4ca13fd658?source=rss------bug_bounty-5MOAMEN REZKcybersecurity, bug-bounty, security, bug-bounty-writeup, bug-bounty-tips27-Feb-2025
How I Discovered a High-Severity Information Disclosure via GitHub Dorkinghttps://medium.com/@youssefhussein212103168/how-i-discovered-a-high-severity-information-disclosure-via-github-dorking-f2a781c0a63d?source=rss------bug_bounty-5Youssefhusseinapi, pentesting, penetration-testing, cybersecurity, bug-bounty27-Feb-2025
How I Found an IDOR Vulnerability and Accessed 100000+ User Details and got $$$ Bountyhttps://harshbardhanx.medium.com/how-i-found-an-idor-vulnerability-and-accessed-100000-user-details-and-got-bounty-3f2faf8642cf?source=rss------bug_bounty-5Harsh Bardhanbug-bounty-writeup, cybersecurity, bugs, bug-bounty, bug-bounty-tips27-Feb-2025
“65 Euros for an Account Deletion Fail — When Deleted Doesn’t Mean Deleted”https://balook.medium.com/65-euros-for-an-account-deletion-fail-when-deleted-doesnt-mean-deleted-a6fb055a98ae?source=rss------bug_bounty-5baluzbug-bounty, hacking27-Feb-2025
Account Takeover via Duplicate Registration — A 1500 Euro Jackpothttps://balook.medium.com/account-takeover-via-duplicate-registration-a-1500-euro-jackpot-2912c23b3ac4?source=rss------bug_bounty-5baluzbug-bounty, web-apps, hacking, security27-Feb-2025
Introductionhttps://balook.medium.com/introduction-92e0de28f23a?source=rss------bug_bounty-5baluzhacking, bug-bounty, security27-Feb-2025
0-Click Admin Account Takeover in Netflix Dispatch Projecthttps://ltsirkov.medium.com/0-click-admin-account-takeover-in-netflix-dispatch-project-feec37326004?source=rss------bug_bounty-5Lyubomir Tsirkovvulnerability, hackerone, cybersecurity, bug-bounty27-Feb-2025
JavaScript Enumeration for Bug Bounties: Expose Hidden Endpoints & Secrets Like a Pro!https://myselfakash20.medium.com/javascript-enumeration-for-bug-bounties-expose-hidden-endpoints-secrets-like-a-pro-418c2aec318f?source=rss------bug_bounty-5Akash Ghoshbug-bounty, programming, bug-bounty-writeup, bug-bounty-tips, cybersecurity27-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-110)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-110-1cb2a3f076ae?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, bug-bounty, hacking, bug-bounty-tips, cybersecurity27-Feb-2025
25,000$ Bounty — Simple SSRF Led to AWS Credentials Exposurehttps://cyberw1ng.medium.com/25-000-bounty-simple-ssrf-led-to-aws-credentials-exposure-a6938e0875f9?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, programming, cybersecurity, jobs, careers27-Feb-2025
Admin Account Takeover in Netflix Dispatch Projecthttps://ltsirkov.medium.com/0-click-admin-account-takeover-in-netflix-dispatch-project-feec37326004?source=rss------bug_bounty-5Lyubomir Tsirkovvulnerability, hackerone, cybersecurity, bug-bounty27-Feb-2025
Hands-On Web Exploitation Course by NahamSechttps://medium.com/@julius.grosserode.19/hands-on-web-exploitation-course-by-nahamsec-8807aad7de58?source=rss------bug_bounty-5Juliohacking-hub, web-hacking, bug-bounty, ctf-walkthrough, bugbounty-tips27-Feb-2025
CSRF | NahamSec Coursehttps://medium.com/@julius.grosserode.19/csrf-nahamsec-course-f04b49eca048?source=rss------bug_bounty-5Julioself-xss, bug-bounty, csrf-protection, csrf-token, csrf27-Feb-2025
SQL Injection Unleashed: How I Learned to Hack (and Protect) Databaseshttps://osintteam.blog/sql-injection-unleashed-how-i-learned-to-hack-and-protect-databases-6cd2eb572992?source=rss------bug_bounty-5Abhishek pawarhacking, cybersecurity, programming, bug-bounty, sql26-Feb-2025
How This $999 XSS Bug Bounty Was Found in Just 17 Minuteshttps://infosecwriteups.com/how-this-999-xss-bug-bounty-was-found-in-just-17-minutes-71677d61c2c6?source=rss------bug_bounty-5Ibtissam Hammadihacking, bug-bounty, cybersecurity, web-security, programming26-Feb-2025
✨$500 HTML Injection in Snapchathttps://medium.com/@Abhijeet_kumawat_/500-html-injection-in-snapchat-9513accc6634?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, infosec, hacking, snapchat, bug-bounty26-Feb-2025
$500-$20k worth GraphQL Vulnerabilities | Advanced Tips & Trickshttps://it4chis3c.medium.com/500-20k-worth-graphql-vulnerabilities-advanced-tips-tricks-74e8f4679b91?source=rss------bug_bounty-5It4chis3cattack, graphql-vulnerability, bug-bounty, graphql, secrets26-Feb-2025
WaybackURLs for Bug Bounty: How to Find Hidden Vulnerabilities & Sensitive Datahttps://hackersatty.medium.com/waybackurls-for-bug-bounty-how-to-find-hidden-vulnerabilities-sensitive-data-aea579849c4d?source=rss------bug_bounty-5hackersattywaybackurls, bug-bounty, hackerone, medium, wayback-machine26-Feb-2025
Simple Staking V2 Public testhttps://medium.com/tokamak-network/simple-staking-v2-public-test-7eec1e137ed8?source=rss------bug_bounty-5Jasonnews, public-test, bug-bounty, tokamak-network, staking26-Feb-2025
How i Hacked the Windows machine.https://medium.com/@anandrishav2228/how-i-hacked-the-windows-machine-9c4b08b3d8be?source=rss------bug_bounty-5Rishav anandhacking, bug-bounty, money, cybersecurity, red-team26-Feb-2025
CVE-2025–1094: PostgreSQL Injection Vulnerability Exploithttps://infosecwriteups.com/cve-2025-1094-postgresql-sql-injection-vulnerability-exploit-2acf37ae399a?source=rss------bug_bounty-5Ajay Naikpenetration-testing, security, cybersecurity, bug-bounty, information-security26-Feb-2025
Bug Bounty is Broken: How Some Researchers Are Earning Money Without Hackinghttps://medium.com/@dasmanish6176/bug-bounty-is-broken-how-some-researchers-are-earning-money-without-hacking-c4155f58d49c?source=rss------bug_bounty-5Dasmanishbug-bounty, ethical-hacking, cybersecurity, sensitive-data, hackerone26-Feb-2025
OWASP Mobile Top 10 | M1: Improper Credential Usagehttps://z0enix.medium.com/owasp-mobile-top-10-m1-improper-credential-usage-bf6ee99eed69?source=rss------bug_bounty-5Mohamed Hamadoumobile, cybersecurity, hacking, penetration-testing, bug-bounty26-Feb-2025
Full Customer DB dump in Service Now and they called it “Medium Risk” — what a jokehttps://fdzdev.medium.com/full-customer-db-dump-in-service-now-and-they-called-it-medium-risk-what-a-joke-b9b31cd48172?source=rss------bug_bounty-5Facundo Fernandezhacking, data-breach, vulnerability, penetration-testing, bug-bounty26-Feb-2025
AI Agent Vulnerabilities: Structural Flaws and Exploiting Co-Pilots — A Firsthand Account.https://medium.com/@Logon_thepage/ai-agent-vulnerabilities-structural-flaws-and-exploiting-co-pilots-a-firsthand-account-70f4b221f93d?source=rss------bug_bounty-5Logon_thepagevulnerability-assessment, co-pilot, bug-bounty, ai-agent26-Feb-2025
How One Photo Can Unlock Sensitive Informationhttps://medium.com/@aalgohary950/how-one-photo-can-unlock-sensitive-information-6d65ae982cae?source=rss------bug_bounty-5KhopeshH4xpenetration-testing, information-disclosure, data-lake, bug-bounty-tips, bug-bounty26-Feb-2025
MISCONCEPTION: “ETHICAL HACKERS CAN NEVER BE TRUSTED 100%”https://medium.com/@hackrate/misconception-ethical-hackers-can-never-be-trusted-100-a11566fa2f4e?source=rss------bug_bounty-5Levente Molnarbug-bounty-tips, penetration-testing, bug-bounty, ethical-hacking, cybersecurity26-Feb-2025
Bypassing AWS S3 Bucket Restrictions: Security Testing Techniqueshttps://infosecwriteups.com/bypassing-aws-s3-bucket-restrictions-security-testing-techniques-63fe75aa9ff8?source=rss------bug_bounty-5Ajay Naikbug-bounty, penetration-testing, information-security, security-testing, cybersecurity26-Feb-2025
Maximize Your Bug Bounty Earnings: Automate Endpoint Discovery & Find High-Impact Vulnerabilitieshttps://hackersatty.medium.com/maximize-your-bug-bounty-earnings-automate-endpoint-discovery-find-high-impact-vulnerabilities-c9a530445e97?source=rss------bug_bounty-5hackersattymedium, waybackurls, bug-bounty, wayback-machine, bug-bounty-writeup26-Feb-2025
The Vending Machine Hack: How I Outsmarted a Snack Dispenser!https://krishna-cyber.medium.com/the-vending-machine-hack-how-i-outsmarted-a-snack-dispenser-033eab2e65d6?source=rss------bug_bounty-5Krish_cyberhacking, bug-bounty, cybersecurity, iot, vending-machines26-Feb-2025
$100-$20k worth Stored XSS Vulnerability | Hidden Methodshttps://infosecwriteups.com/100-20k-worth-stored-xss-vulnerability-hidden-methods-e56fe57437c4?source=rss------bug_bounty-5It4chis3cbypass, secrets, stored-xss, xss-attack, bug-bounty26-Feb-2025
The $900 Bug: How I Cashed In with SSRF & LFI Hackshttps://cybersecuritywriteups.com/the-900-bug-how-i-cashed-in-with-ssrf-lfi-hacks-a2c1e8bb159f?source=rss------bug_bounty-5Krish_cyberbug-bounty, bugs, hacking, info-sec-writeups, osint26-Feb-2025
Bypassing Authentication in Keycloak — A Deep Dive into Our Discoveryhttps://bensaad0.medium.com/bypassing-authentication-in-keycloak-a-deep-dive-into-our-discovery-40d89f2b5d45?source=rss------bug_bounty-50xBencybersecurity, bug-bounty26-Feb-2025
How I Turned Limited Access Into a $6,500 RCE Bountyhttps://medium.com/@ibtissamhammadi/how-i-turned-limited-access-into-a-6-500-rce-bounty-75cfb2344806?source=rss------bug_bounty-5Ibtissam Hammaditechnology, bug-bounty, cybersecurity, hacking, 40426-Feb-2025
No Finger? No Problem! iOS Biometrics Bypassed: Bug Bounty Win!https://medium.com/@pandurangisuprit/no-finger-no-problem-ios-biometrics-bypassed-bug-bounty-win-f17bf619a089?source=rss------bug_bounty-5Suprit Pandurangiios, cybersecurity, biometrics, bug-bounty, bypass26-Feb-2025
JUST CRASHED SYSTEM USING IMAGE AND GOT BOUNTY $ 500https://medium.com/@hrofficial62/just-crashed-system-using-image-and-got-bounty-500-eb30dc4b85a5?source=rss------bug_bounty-5Mr Horbiobug-bounty, cybersecurity, ethical-hacking, hacking, pentesting26-Feb-2025
How to Perform Information Gathering Using Google Dorkinghttps://medium.com/@vipulsonule71/how-to-perform-information-gathering-using-google-dorking-c89c33f48ccc?source=rss------bug_bounty-5Vipul Sonulepenetration-testing, cybersecurity, ethical-hacking, hacking, bug-bounty26-Feb-2025
S3 Bucket Recon: Finding Exposed AWS Buckets Like a Pro!https://infosecwriteups.com/s3-bucket-recon-finding-exposed-aws-buckets-like-a-pro-106be5ab9e1d?source=rss------bug_bounty-5coffinxpaws, bug-bounty-tips, amazon-web-services, technology, bug-bounty26-Feb-2025
When a Tiny Sensitive Leak Gave Me a Big $$$ Surprise‍️https://medium.com/@iski/when-a-tiny-sensitive-leak-gave-me-a-big-surprise-%EF%B8%8F-a5feb54d8d82?source=rss------bug_bounty-5Iskibug-bounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips, p1-bug26-Feb-2025
Project : Recuzzerhttps://medium.com/@nevildomain/project-recuzzer-d5a63c195605?source=rss------bug_bounty-5Mayh_mpython, security-tool, tools, penetration-testing, bug-bounty26-Feb-2025
Manual Exploitation SQL Injection CTF LABhttps://medium.com/@hay.chrifi/manual-exploitation-sql-injection-ctf-lab-92180f06a710?source=rss------bug_bounty-5Hayham Chrifiethical-hacking, offensive-security, ctf-writeup, bug-bounty26-Feb-2025
The $500 Cache Trick: How I Turned Cache Deception into Cold, Hard Cash!https://osintteam.blog/the-500-cache-trick-how-i-turned-cache-deception-into-cold-hard-cash-13a49a2a6d78?source=rss------bug_bounty-5Krish_cybercareers, jobs, bug-bounty, cybersecurity, programming26-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-109)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-109-1840bb5bf3e0?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, cybersecurity, hacking, bug-bounty-tips, bug-bounty26-Feb-2025
Cloud Reconnaissance: How to Gather Information from Cloud Serviceshttps://cyberw1ng.medium.com/cloud-reconnaissance-how-to-gather-information-from-cloud-services-34b2e9d42ea0?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, programming, jobs, bug-bounty, careers26-Feb-2025
How to Hack a Websitehttps://medium.com/@vipulsonule71/how-to-hack-a-website-1685484b8c6d?source=rss------bug_bounty-5Vipul Sonulecybersecurity, bug-bounty, penetration-testing, hacking, technology26-Feb-2025
Don’t miss this while working on a bounty target!https://medium.com/@sb12121111/dont-miss-this-while-working-on-a-bounty-target-fa8c8368129c?source=rss------bug_bounty-5Sadra Bakhtiarisecurity-research, ethical-hacking, cybersecurity, bug-bounty, web-security26-Feb-2025
JUST CRASHED SYSTEM USING IMAGE AND GOT BOUNTY $ 500https://infosecwriteups.com/just-crashed-system-using-image-and-got-bounty-500-eb30dc4b85a5?source=rss------bug_bounty-5Mr Horbiobug-bounty, cybersecurity, ethical-hacking, hacking, pentesting26-Feb-2025
How I found clickjacking vulnerability on a bounty targethttps://medium.com/@sb12121111/how-i-found-clickjacking-vulnerability-on-a-bounty-target-fe823f352e36?source=rss------bug_bounty-5Sadra Bakhtiariweb-security, bug-bounty, cybersecurity, ethical-hacking, security-research25-Feb-2025
Best Browser Extensions for Bug Bounty Hunters (Chrome & Firefox)https://medium.com/@ajudeb55/best-browser-extensions-for-bug-bounty-hunters-chrome-firefox-644c3470359f?source=rss------bug_bounty-5Aju Debcybersecurity, bug-bounty, technology, pentesting, programming25-Feb-2025
How I Earned My First Bug Bounty: POST BASED REFLECTED XSShttps://medium.com/@noorvb5/how-i-earned-my-first-bug-bounty-post-based-reflected-xss-570d0e89961d?source=rss------bug_bounty-5MohammedNoor Ebdahbug-bounty25-Feb-2025
$100 Bounty: Username Restriction Bypassedhttps://medium.com/@Abhijeet_kumawat_/100-bounty-username-restriction-bypassed-30f5c057c810?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, hacking, make-money, infosec, bug-bounty25-Feb-2025
$100-$20k worth Account Takeover Vulnerability | Hidden Practical Stepshttps://it4chis3c.medium.com/100-20k-worth-account-takeover-vulnerability-hidden-practical-steps-fd5dd1c8a491?source=rss------bug_bounty-5It4chis3caccount-takeover-attacks, bug-bounty, secrets, advanced, account-takeover25-Feb-2025
Extracting DOM XSS Vulnerabilities from JavaScript Fileshttps://z0enix.medium.com/extracting-dom-xss-vulnerabilities-from-javascript-files-606b0d888740?source=rss------bug_bounty-5Mohamed Hamadouhacking, penetration-testing, bug-bounty, security25-Feb-2025
How I Made $1000+ from a Simple XSS Bug — My Bug Bounty Journeyhttps://krishna-cyber.medium.com/how-i-made-1000-from-a-simple-xss-bug-my-bug-bounty-journey-82283becb91b?source=rss------bug_bounty-5Krish_cyberbug-bounty-tips, osint, bug-bounty, xss-attack, infosec25-Feb-2025
PostgreSQL Penetration Testing: A Comprehensive Guidehttps://infosecwriteups.com/postgresql-penetration-testing-a-comprehensive-guide-33d21c4dceba?source=rss------bug_bounty-5Ajay Naiksecurity, information-security, cybersecurity, bug-bounty, penetration-testing25-Feb-2025
How I Discovered a Facebook Privacy Loophole and Earned $1000https://infosecwriteups.com/how-i-discovered-a-facebook-privacy-loophole-and-earned-1000-44318d196bfc?source=rss------bug_bounty-5Vivek PSbug-bounty, hacking, cybersecurity, bug-bounty-tips, programming25-Feb-2025
Android Security Vulnerabilities and Exploitationhttps://infosecwriteups.com/android-security-vulnerabilities-and-exploitation-4ef95e970e2f?source=rss------bug_bounty-5Ajay Naikbug-bounty, penetration-testing, information-technology, cybersecurity, android25-Feb-2025
Mastering Subdomain Enumerationhttps://infosecwriteups.com/mastering-subdomain-enumeration-05fa958567cd?source=rss------bug_bounty-5Monika sharmapenetration-testing, technology, bug-bounty-tips, hacking, bug-bounty25-Feb-2025
Part 1- Exploiting Content Injection & Info Disclosure: A High-Impact Bug Worth Big Rewards!https://hackersatty.medium.com/part-1-exploiting-content-injection-info-disclosure-a-high-impact-bug-worth-big-rewards-34a25519ecc7?source=rss------bug_bounty-5hackersattyowasp-top-10, medium, hackerone, bug-bounty-tips, bug-bounty25-Feb-2025
Bypassing IP-Based OTP rate limits: A Bug bounty hunter’s guidehttps://infosecwriteups.com/bypassing-ip-based-otp-rate-limits-a-bug-bounty-hunters-guide-16ce8a1f2c71?source=rss------bug_bounty-5Vivek PSprogramming, bug-bounty-tips, cybersecurity, hacking, bug-bounty25-Feb-2025
A simple tool for GitHub Dorking that will be helpful in your bug bounty journey.https://infosecwriteups.com/a-simple-tool-for-github-dorking-that-will-be-helpful-in-your-bug-bounty-journey-d1720c15fc6d?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, cybersecurity, hacking, bug-bounty, tips25-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-72)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-72-6c721aa447b0?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, hacking, bug-bounty, skills25-Feb-2025
How to Find P3 Bugs in Bug Bountyhttps://medium.com/@vipulsonule71/how-to-find-p3-bugs-in-bug-bounty-07eee36e4696?source=rss------bug_bounty-5Vipul Sonulebug-bounty, cybersecurity, technology, hacking, ai25-Feb-2025
TryHackMe|Gobuster: The Basics Write Up (setup troubleshooting)https://medium.com/@Adhiyan24/tryhackme-gobuster-the-basics-write-up-setup-troubleshooting-5b0a3f0f48c4?source=rss------bug_bounty-5Adhiyantryhackme, troubleshooting, bug-bounty, gobuster, hacking25-Feb-2025
Mass Assignment Vulnerability in ty-api.xyz.cloud/api/v1/user/me Allows Permanent Account Lockouthttps://medium.com/@binnaryninjax/mass-assignment-vulnerability-in-ty-api-xyz-cloud-api-v1-user-me-allows-permanent-account-lockout-02b4b84defd9?source=rss------bug_bounty-5Rishav Rayamajhicybersecurity, bug-bounty25-Feb-2025
Aquatone for Ethical Hackers: Master Reconnaissance Toolshttps://devprogramming.medium.com/aquatone-for-ethical-hackers-master-reconnaissance-tools-2573b5b7d295?source=rss------bug_bounty-5DevProgrammingtools, hacking-tools, hacking, bug-bounty, penetration-testing25-Feb-2025
Scan Like a Pro: Bypass WAFs, IDS/IPS, and modern Cloud Security with Nmap Stealth Techniqueshttps://medium.com/@moldovanzsombor/scan-like-a-pro-bypass-wafs-ids-ips-and-modern-cloud-security-with-nmap-stealth-techniques-for-62a671229bc0?source=rss------bug_bounty-5Moldovan Zsomborbug-bounty, nmap, cybersecurity, hacking, recon25-Feb-2025
The $12,000 2FA Bypass — So Simple, Yet So Critical!https://medium.com/@rahulgairola/the-12-000-2fa-bypass-so-simple-yet-so-critical-e3f7d7e5751c?source=rss------bug_bounty-5Rahul Gairolabug-bounty, authentication, 2fa, bug-bounty-writeup, bug-bounty-tips25-Feb-2025
The Top 10 Most Dangerous Web3 Vulnerabilities Right Nowhttps://securrtech.medium.com/the-top-10-most-dangerous-web3-vulnerabilities-right-now-a7197f25f3f5?source=rss------bug_bounty-5Securr - Web3 Securitybug-bounty, smart-contract-security, web3-security, smart-contract-auditing, blockchain-security25-Feb-2025
3 Must-Read Bug Bounty Books to Level Up Your Skills!https://medium.com/@Abhijeet_kumawat_/3-must-read-bug-bounty-books-to-level-up-your-skills-2f6f3886ace8?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, bug-bounty, money, hacking, infosec25-Feb-2025
Think Outside The Box Again, With IDOR !https://n0x1.medium.com/think-outside-the-box-again-with-idor-94b010f958ea?source=rss------bug_bounty-5Mohammed Khalidpenetration-testing, bug-bounty, bug-bounty-writeup, bug-bounty-tips, web25-Feb-2025
A tool to find admin panels in your bug bounty targethttps://medium.com/@loyalonlytoday/a-tool-to-find-admin-panels-in-your-bug-bounty-target-c21415e83a87?source=rss------bug_bounty-5loyalonlytodaytips, ethical-hacking, cybersecurity, bug-bounty-tips, bug-bounty25-Feb-2025
Steps for Ethical Bug Huntinghttps://techhindirai.medium.com/steps-for-ethical-bug-hunting-3d187263e77b?source=rss------bug_bounty-5Rahul Kumarbug-bounty-tips, sql-injection, bug-bounty, ethical-hacking, sql25-Feb-2025
Autorize & IDOR: How a Simple Token Swap Exposed Sensitive Datahttps://hackersatty.medium.com/autorize-idor-how-a-simple-token-swap-exposed-sensitive-data-f64ee3ceada6?source=rss------bug_bounty-5hackersattypenetration-testing, medium, idor, bug-bounty-writeup, bug-bounty25-Feb-2025
Bug Bounty Misconception: “I Don’t Have Sufficient Budget to Pay Hunters”https://medium.com/@hackrate/bug-bounty-misconception-i-dont-have-sufficient-budget-to-pay-hunters-7d8b39b70c14?source=rss------bug_bounty-5Levente Molnarcybersecurity, hacking, bug-bounty-tips, bug-bounty, ethical-hacking25-Feb-2025
How to Find Bugs Easily in Bug Huntinghttps://medium.com/@vipulsonule71/how-to-find-bugs-easily-in-bug-hunting-515977caafc8?source=rss------bug_bounty-5Vipul Sonulepenetration-testing, technology, cybersecurity, hacking, bug-bounty25-Feb-2025
How I Unlocked a $5,000 Payday by Hacking a Billion-Dollar App’s Weakest Linkhttps://medium.com/@ibtissamhammadi/how-i-unlocked-a-5-000-payday-by-hacking-a-billion-dollar-apps-weakest-link-7b9f4055d46a?source=rss------bug_bounty-5Ibtissam Hammadiidor, cybersecurity, hacking, bug-bounty, vulnerability25-Feb-2025
Cyber Chat: rs0nhttps://osintteam.blog/cyber-chat-rs0n-ea9725394f6d?source=rss------bug_bounty-5The Cybersec Cafécybersecurity, penetration-testing, bug-bounty, application-security, information-security25-Feb-2025
Breaking the chain of CA Certificate detection & SSL Pinning bypass for Android applicationshttps://medium.com/@pandurangisuprit/breaking-the-chain-of-ca-certificate-detection-ssl-pinning-bypass-for-android-applications-65c4ac66d9f2?source=rss------bug_bounty-5Suprit Pandurangica-certificates, ssl-pinning-bypass, bug-bounty, security, android25-Feb-2025
7 Powerful Ways to Use ChatGPT as a Bug Bounty Assistanthttps://bitpanic.medium.com/7-powerful-ways-to-use-chatgpt-as-a-bug-bounty-assistant-c7fc26ce54fc?source=rss------bug_bounty-5Spectat0rguytechnology, ai-generated-content, programming, bug-bounty, cybersecurity25-Feb-2025
Top Hacking Books for 2025 (plus Resources) — @verylazytechhttps://medium.com/@verylazytech/top-hacking-books-for-2025-plus-resources-verylazytech-90875b0f6f93?source=rss------bug_bounty-5Very Lazy Techpython, hacking, ethical-hacking, cybersecurity, bug-bounty25-Feb-2025
XXE: When XML Becomes Your Worst Nightmarehttps://osintteam.blog/xxe-when-xml-becomes-your-worst-nightmare-291452531da2?source=rss------bug_bounty-5#$ubh@nk@rhacking, xxe, bug-bounty, infosec, owasp25-Feb-2025
How I Took Over a Vercel Subdomainhttps://medium.com/@Pentestforge/how-i-took-over-a-vercel-subdomain-e7b03dbf222d?source=rss------bug_bounty-5Joel I Patrickinformation-security, bug-bounty, ethical-hacking, infosec-write-ups, cybersecurity25-Feb-2025
How I Exploited a Hidden Race Condition to Bypass Licensing and Claim All Subdomains on the targethttps://0onoproblem.medium.com/how-i-exploited-a-hidden-race-condition-to-bypass-licensing-and-claim-all-subdomains-on-the-target-64944b148f49?source=rss------bug_bounty-50_oNoProblemvulnerability-assessment, bug-bounty-tips, vulnerability, bug-bounty, bug-bounty-writeup25-Feb-2025
web cache deception on private programhttps://medium.com/@0x_karim/web-cache-deception-on-private-program-ccce0a612d46?source=rss------bug_bounty-50xkarimhacking, hackerone, bug-bounty, bug-bounty-tips, bug-hunting25-Feb-2025
Day 19: A Tale of 0-Click Account Takeover and 2FA Bypasshttps://medium.com/@danielbelay/day-19-a-tale-of-0-click-account-takeover-and-2fa-bypass-2b2ed4914a3f?source=rss------bug_bounty-5dani3laccount-takeover-attacks, bug-bounty25-Feb-2025
cyber20 Simple Bug Bounty Automation Techniqueshttps://cyberw1ng.medium.com/cyber20-simple-bug-bounty-automation-techniques-b850db32591c?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, programming, bug-bounty, automation25-Feb-2025
20 Simple Bug Bounty Automation Techniqueshttps://osintteam.blog/cyber20-simple-bug-bounty-automation-techniques-b850db32591c?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, programming, bug-bounty, automation25-Feb-2025
I hacked a company using Elon Musk’s AI.https://medium.com/@niels_ae/i-hacked-a-company-using-elon-musks-ai-6eaa48bef222?source=rss------bug_bounty-5Nielsbug-bounty, cybersecurity, hacker24-Feb-2025
Uncovering Hidden Cloudflare Pages and Workershttps://infosecwriteups.com/uncovering-hidden-cloudflare-pages-and-workers-af602df05f1a?source=rss------bug_bounty-5Scott Lindhbug-bounty, cyber-security-awareness, hacker, penetration-testing, hackerone24-Feb-2025
Free VPS for penetration testing and bounty and part 3https://infosecwriteups.com/free-vps-for-penetration-testing-and-bounty-and-part-3-3c5b2f4642cc?source=rss------bug_bounty-5loyalonlytodayvps, cybersecurity, tips, bug-bounty, programming24-Feb-2025
Subscription? No Thanks! We Hack Our Way In!https://medium.com/@ajay.kumar.695632/subscription-no-thanks-we-hack-our-way-in-42f884f56db2?source=rss------bug_bounty-5Ajay Kumarbug-bounty, bugs, bug-bounty-tips, bug-bounty-writeup24-Feb-2025
The biggest misconception: Bug Bounty Programs are only for the largest organizationshttps://medium.com/@hackrate/the-biggest-misconception-bug-bounty-programs-are-only-for-the-largest-organizations-a31b920b9d18?source=rss------bug_bounty-5Levente Molnarcybersecurity, bug-bounty-tips, bug-bounty, hacking, ethical-hacking24-Feb-2025
Interesting Case of CSRF in [Redacted]https://one33se7en.medium.com/interesting-case-of-csrf-in-redacted-981dc2ba5f10?source=rss------bug_bounty-5one33se7enbug-bounty-tips, bug-bounty-writeup, bug-bounty24-Feb-2025
Top 5 Bugs can give you $10,000 and more.https://medium.com/@anandrishav2228/top-5-bugs-can-give-you-10-000-and-more-f51bc93a1162?source=rss------bug_bounty-5Rishav anandhacking, cybersecurity, money, bug-bounty, students24-Feb-2025
Invitation Hijacking via Self-Signup in [Redacted] Enterprisehttps://one33se7en.medium.com/invitation-hijacking-via-self-signup-in-redacted-enterprise-ab0f885a6cdd?source=rss------bug_bounty-5one33se7enbug-bounty-tips, bug-bounty-writeup, bug-bounty24-Feb-2025
$100-$5000 worth LFI Vulnerability | Advanced Tips and Trickshttps://infosecwriteups.com/100-5000-worth-lfi-vulnerability-advanced-tips-and-tricks-f68fb48324a6?source=rss------bug_bounty-5It4chis3cbypass, lfi-vulnerability, secrets, lfi, bug-bounty24-Feb-2025
LiveZilla Server XSS Vulnerabilityhttps://cybersecuritywriteups.com/livezilla-server-xss-vulnerability-81563deea5a8?source=rss------bug_bounty-5RivuDonbug-bounty, ethical-hacking, infosecurity, bug-bounty-tips, infosec24-Feb-2025
$50k BOUNTY JUST FOR GITHUB TOKEN LEAKShttps://medium.com/@hrofficial62/50k-bounty-just-for-github-token-leaks-93c901e076c4?source=rss------bug_bounty-5Mr Horbiohackerone, pentesting, bug-bounty, hacking, cybersecurity24-Feb-2025
Apple has just fixed one of the biggest usability issues with CarPlayhttps://medium.com/@mianhamdan.com/apple-has-just-fixed-one-of-the-biggest-usability-issues-with-carplay-1ed387c075d3?source=rss------bug_bounty-5Mian Hamdanartificial-intelligence, bug-bounty, apple, apple-car, apple-music24-Feb-2025
How to Find XSS Automatically in Bug Huntinghttps://medium.com/@vipulsonule71/how-to-find-xss-automatically-in-bug-hunting-a41a6220dba0?source=rss------bug_bounty-5Vipul Sonulepenetration-testing, cybersecurity, hacking, tryhackme-walkthrough, bug-bounty24-Feb-2025
NoSQL Injection Vulnerabilityhttps://infosecwriteups.com/nosql-injection-vulnerability-ead8ccd60666?source=rss------bug_bounty-5Ajay Naikcyber-security-awareness, cyberattack, penetration-testing, bug-bounty, cybersecurity24-Feb-2025
Interesting Case of CSRFhttps://one33se7en.medium.com/interesting-case-of-csrf-in-redacted-981dc2ba5f10?source=rss------bug_bounty-5one33se7enbug-bounty-tips, bug-bounty-writeup, bug-bounty24-Feb-2025
DS_Store Hunting: Uncovering Sensitive Data in Bug Bounty Programshttps://maordayanofficial.medium.com/ds-store-hunting-uncovering-sensitive-data-in-bug-bounty-programs-fc3f925c9c52?source=rss------bug_bounty-5Maor Dayan - מאור דייןbug-bounty, security-research, sensitive, python, bug-hunting24-Feb-2025
How I Found My First High-Severity Bug and Got Rewarded with 3 Trays of Red Bull!https://medium.com/@iski/how-i-found-my-first-high-severity-bug-and-got-rewarded-with-3-trays-of-red-bull-29ec0ca6a2e4?source=rss------bug_bounty-5Iskibug-bounty-writeup, bug-bounty-hunting, p1-bug, bug-bounty, bug-bounty-tips24-Feb-2025
XSS & HTML Injection via Google Dorking – A Practical Guidehttps://medium.com/@gourisankara357/xss-html-injection-via-google-dorking-a-practical-guide-b535a18fad3b?source=rss------bug_bounty-5Gouri Sankar Axss-attack, bug-bounty-tips, google, infosec, bug-bounty24-Feb-2025
“ From Zero to $500+: How LFIs Can Line Your Pockets (Real-World Examples Inside!)”https://osintteam.blog/from-zero-to-500-how-lfis-can-line-your-pockets-real-world-examples-inside-356d55cf46e3?source=rss------bug_bounty-5Krish_cyberbug-bounty-writeup, bug-bounty, osint, money, infosec-write-ups24-Feb-2025
How I Found The open redirect vulnerability?https://doordiefordream.medium.com/how-i-found-the-open-redirect-vulnerability-e0c3583b4e89?source=rss------bug_bounty-5Bug hunter baluvulnerability, ethical-hacking, technology, cybersecurity, bug-bounty24-Feb-2025
Unpatched RCE in Laravel Voyager = Big Bounties!https://osintteam.blog/unpatched-rce-in-laravel-voyager-big-bounties-2eb3ebb09253?source=rss------bug_bounty-50day storiestechnology, bug-bounty, bug-bounty-tips, penetration-testing, cybersecurity24-Feb-2025
How I Earned $9,750 in 48 Hours by Finding a Critical Security Flawhttps://medium.com/@ibtissamhammadi/how-i-earned-9-750-in-48-hours-by-finding-a-critical-security-flaw-b3ec6172a7c9?source=rss------bug_bounty-5Ibtissam Hammadicybersecurity, bug-bounty, hacking, vulnerability, idor24-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-107)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-107-983c1cd2e667?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, hacking, ethical, cybersecurity, bug-bounty-tips24-Feb-2025
Bug Bounty Recon: Turning Data into Actionable Findings (Part 3)https://medium.com/@weaponshot/bug-bounty-recon-turning-data-into-actionable-findings-part-3-924d7d001ecc?source=rss------bug_bounty-5Matyis Konghacking, recon, cybersecurity, bug-bounty24-Feb-2025
$20,000 Bounty: How a Leaked Session Cookie Led to an Account Takeoverhttps://cyberw1ng.medium.com/20-000-bounty-how-a-leaked-session-cookie-led-to-an-account-takeover-06baed26b707?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, programming, bug-bounty, cybersecurity, jobs24-Feb-2025
HOW I DISCOVERED AN XSS VULNERABILITY IN A VDP PROGRAMhttps://medium.com/@anripo2006/how-i-discovered-an-xss-vulnerability-in-a-vdp-program-7bc3880c6f22?source=rss------bug_bounty-5Antonio Rivera Pobletexss-bypass, xss-vulnerability, bug-bounty24-Feb-2025
Special Characters :^)https://medium.com/cloud-security/special-characters-9a65093c5bfe?source=rss------bug_bounty-5Teri Radichelcharacter, bug-bounty, special-character, encoding, pentesting24-Feb-2025
CÓMO DESCUBRÍ UNA VULNERABILIDAD XSS EN UN PROGRAMA VDPhttps://medium.com/@anripo2006/c%C3%B3mo-descubr%C3%AD-una-vulnerabilidad-xss-en-un-programa-vdp-c9133241cc5b?source=rss------bug_bounty-5Antonio Rivera Pobletevdp, xss-attack, bug-bounty, xss-bypass, hacking24-Feb-2025
$20,000 Bounty: How a Leaked Session Cookie Led to an Account Takeoverhttps://osintteam.blog/20-000-bounty-how-a-leaked-session-cookie-led-to-an-account-takeover-06baed26b707?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, programming, bug-bounty, cybersecurity, jobs24-Feb-2025
Resource consumption Vulnerabilityhttps://medium.com/@VulnRAM/resource-consumption-vulnerability-542d0b38152e?source=rss------bug_bounty-5ramzey elsayed mohamedbug-bounty, penetration-testing, bug-bounty-tips, bugs, bug-bounty-writeup23-Feb-2025
Firefox and Chrome extensions for bug-bounty hunters. (PART 1).https://osintteam.blog/firefox-and-chrome-extensions-for-bug-bounty-hunters-part-1-49e34f70d076?source=rss------bug_bounty-5loyalonlytodayextension, cybersecurity, tips, penetration-testing, bug-bounty23-Feb-2025
Administrator Account Takeoverhttps://medium.com/@hrofficial62/administrator-account-takeover-bf08c592bf6a?source=rss------bug_bounty-5Mr Horbiopentesting, bug-bounty, hacking, hackerone, cybersecurity23-Feb-2025
Uncovering Hidden Treasures: Mastering Wayback URLs for Bug Bounty Huntinghttps://abhayal.medium.com/uncovering-hidden-treasures-mastering-wayback-urls-for-bug-bounty-hunting-8571357b7649?source=rss------bug_bounty-5Abhayalwaybackurls, bug-bounty-tips, bug-bounty, bug-bounty-writeup, hacking23-Feb-2025
Information Disclosure Hunting: Tool Tips & Commandshttps://infosecwriteups.com/information-disclosure-hunting-tool-tips-commands-48003154e8bb?source=rss------bug_bounty-5Monika sharmatechnology, bug-bounty, hacking, penetration-testing, bug-bounty-tips23-Feb-2025
Mapping the Applicationhttps://medium.com/@muhammad4208/mapping-the-application-a922729a6772?source=rss------bug_bounty-5Muhammad Abdullah Niaziweb-mapping, bug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-program23-Feb-2025
The Journey That Changed Everything — My NASA LOR Storyhttps://medium.com/@sivasankardasdas/the-journey-that-changed-everything-my-nasa-lor-story-744ace9f3caf?source=rss------bug_bounty-5Sivasankardascybersecurity, nasa, osint, ethical-hacking, bug-bounty23-Feb-2025
Profile Avatar Unlock vulnerabilityhttps://medium.com/@ajay.kumar.695632/profile-avatar-unlock-vulnerability-c3f53fe278cd?source=rss------bug_bounty-5Ajay Kumarbug-bounty, bug-bounty-writeup, bug-bounty-tips, bugs23-Feb-2025
Web Academy Lab: CORS vulnerability with basic origin reflectionhttps://medium.com/@mehedihasanemonceh/web-academy-lab-cors-vulnerability-with-basic-origin-reflection-a6130cb49053?source=rss------bug_bounty-5Mehedi Hasan Emoncors-vulnerability, portswigger, bug-bounty, cors, pentesting23-Feb-2025
Bypassing HackerOne 2FA due to race condition.https://akashhamal0x01.medium.com/bypassing-hackerone-2fa-due-to-race-condition-8afe2dbff7c9?source=rss------bug_bounty-5Akash Hamalbug-bounty-tips, hackerone, cybersecurity, bug-bounty23-Feb-2025
Subdomain Enumeration Like Never Before: Unveiling rsecloud.com — The Hidden Gem for Advanced Reconhttps://medium.com/@hacker_might/subdomain-enumeration-like-never-before-unveiling-rsecloud-com-the-hidden-gem-for-advanced-recon-322bcd900837?source=rss------bug_bounty-5hacker_mightbug-bounty, subdomains-enumeration, bug-bounty-tips, reconnaissance, hidden-recon23-Feb-2025
Exploiting an Exposed Swagger File to Achieve RCEhttps://elhadadx.medium.com/exploiting-an-exposed-swagger-file-to-achieve-rce-cceb4d1f8ad0?source=rss------bug_bounty-50Xelhadadxpenetration-testing, security, bug-bounty, information-security, rce23-Feb-2025
Part 2: $1000 Bug Bounty Guide — Advanced JavaScript Analysis for Hidden Vulnerabilitieshttps://hackersatty.medium.com/part-2-1000-bug-bounty-guide-advanced-javascript-analysis-for-hidden-vulnerabilities-5a47645b575f?source=rss------bug_bounty-5hackersattybug-bounty-writeup, penetration-testing, bug-bounty, owasp-top-10, hacking23-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-108)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-108-fc10603a0583?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips, hacking23-Feb-2025
Cross-site scripting Lab- 2: Stored XSS into HTML context with nothing encodedhttps://medium.com/@mehedihasanemonceh/cross-site-scripting-lab-2-stored-xss-into-html-context-with-nothing-encoded-67318fe316b2?source=rss------bug_bounty-5Mehedi Hasan Emonbug-bounty, cross-site-scripting, website-security, portswigger, xss-attack23-Feb-2025
$1000-$10k worth Leaks via Github Secret Dorkshttps://infosecwriteups.com/1000-10k-worth-leaks-via-github-secret-dorks-6e13a2b7617a?source=rss------bug_bounty-5It4chis3cleaked, secrets, bug-bounty, github, github-dorking23-Feb-2025
Admin Account Takeover in Moodle!https://medium.com/@Nightbloodz/admin-account-takeover-in-moodle-093708a0f749?source=rss------bug_bounty-5Alvaro Baladainfosec, cve, cybersecurity, bug-bounty-writeup, bug-bounty23-Feb-2025
Comprehensive CEH v13 Study Guidehttps://medium.com/@verylazytech/comprehensive-ceh-v13-study-guide-965965af5c06?source=rss------bug_bounty-5Very Lazy Techethical-hacking, penetration-testing, hacking, ceh-certification, bug-bounty23-Feb-2025
Are Private Bug Bounty Programs Worth It? The Truth About Inviteshttps://medium.com/@HackerNasr/are-private-bug-bounty-programs-worth-it-the-truth-about-invites-164f94842d54?source=rss------bug_bounty-5HackerNasrcybersecurity, ethical-hacking, penetration-testing, hacking, bug-bounty23-Feb-2025
Subdomain Enumeration Like Never Before: Unveiling rsecloud.com — The Hidden Gem for Advanced Reconhttps://osintteam.blog/subdomain-enumeration-like-never-before-unveiling-rsecloud-com-the-hidden-gem-for-advanced-recon-322bcd900837?source=rss------bug_bounty-5hacker_mightbug-bounty, subdomains-enumeration, bug-bounty-tips, reconnaissance, hidden-recon23-Feb-2025
How I Found an Easy Dom xss.https://medium.com/infosecmatrix/how-i-found-an-easy-dom-xss-b93bbe09e2bf?source=rss------bug_bounty-5loyalonlytodaytips, xss-attack, bug-bounty, hacking, cybersecurity23-Feb-2025
️ Top Tools Used for Bug Huntinghttps://medium.com/@vipulsonule71/%EF%B8%8F-top-tools-used-for-bug-hunting-d1f40926733a?source=rss------bug_bounty-5Vipul Sonulehacking, technology, writing, bug-bounty, vulnerability23-Feb-2025
$100-$5000 worth File Upload Vulnerability | Advanced Techniqueshttps://infosecwriteups.com/100-5000-worth-file-upload-vulnerability-advanced-techniques-7c598837607f?source=rss------bug_bounty-5It4chis3cfile-upload-vulnerability, bug-bounty, secrets, file-upload, bypass23-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-106)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-106-f15dc8fd13f8?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, bug-bounty-tips, bug-bounty, ethical-hacking, cybersecurity23-Feb-2025
HackTheBox Challenge Only-Hackshttps://medium.com/@maxcyber882/hackthebox-challenge-only-hacks-d96d3aeb465c?source=rss------bug_bounty-5Maxcyberhackthebox, infosec, cybersecurity, bug-bounty23-Feb-2025
Bank offer IDOR Fix Bypassed: How I Accessed Unauthorized Offers and Secured a $10,000 Bounty —…https://bxmbn.medium.com/bank-offer-idor-fix-bypassed-how-i-accessed-unauthorized-offers-and-secured-a-10-000-bounty-41052b31a2fc?source=rss------bug_bounty-5bombonbug-bounty, cybersecurity, idor-vulnerability23-Feb-2025
Day 18: How a Researcher Hacked One of the Biggest Airlines Group in the Worldhttps://medium.com/@danielbelay/day-18-how-a-researcher-hacked-one-of-the-biggest-airlines-group-in-the-world-e2b896e74503?source=rss------bug_bounty-5dani3lethical-hacking, account-takeover, ato, bug-bounty23-Feb-2025
Let’s Talk About Encryption And IDORs(Yes, IDOR,s Again)— @bxmbnhttps://bxmbn.medium.com/lets-talk-about-encryption-and-idors-yes-idor-s-again-bxmbn-911bfb7a2de3?source=rss------bug_bounty-5bombonbug-bounty, encryption, idor23-Feb-2025
How I Hacked India’s Most Popular Matrimony Website and Earned a ₹10,000 Amazon Gift Cardhttps://infosecwriteups.com/how-i-hacked-indias-most-popular-matrimony-website-and-earned-a-10-000-amazon-gift-card-4dad7b6eff5d?source=rss------bug_bounty-5Vivek PScybersecurity, bug-bounty, programming, penetration-testing, hacking23-Feb-2025
Top 3 Books to get started Bug Huntinghttps://medium.com/@julius.grosserode.19/top-3-books-to-get-started-bug-hunting-e20db0ccb9c6?source=rss------bug_bounty-5Juliobug-bounty, hacking-books, hacking23-Feb-2025
Hijacking Sessions with IDOR and XSS— @bxmbnhttps://bxmbn.medium.com/hijacking-sessions-with-idor-and-xss-bxmbn-396f99761a85?source=rss------bug_bounty-5bombonidor, cross-site-scripting, bug-bounty23-Feb-2025
Account Takeover (ATO): A Practical Guide to Finding and Preventing Attackshttps://cyberw1ng.medium.com/account-takeover-ato-a-practical-guide-to-finding-and-preventing-attacks-64c071d0ae84?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, cybersecurity, bug-bounty, careers, education23-Feb-2025
Account Takeover (ATO): A Practical Guide to Finding and Preventing Attackshttps://osintteam.blog/account-takeover-ato-a-practical-guide-to-finding-and-preventing-attacks-64c071d0ae84?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, cybersecurity, bug-bounty, careers, education23-Feb-2025
How to Find XSS in Web Applications in Bug Hunting ️‍♂️https://medium.com/@vipulsonule71/how-to-find-xss-in-web-applications-in-bug-hunting-%EF%B8%8F-%EF%B8%8F-e5b3e9e27835?source=rss------bug_bounty-5Vipul Sonuletechnology, writing, bug-bounty, cybersecurity, hacking22-Feb-2025
How I Found a Confidential Business Agreement on Wayback Machinehttps://aiwolfie.medium.com/how-i-found-a-confidential-business-agreement-on-wayback-machine-efd1f0abf4cf?source=rss------bug_bounty-5AIwolfiebug-bounty, bug-bounty-writeup, cybersecurity, hacking, hackerone22-Feb-2025
SQL Injection Vulnerability Analysis and Mitigationhttps://medium.com/@shibinkodoth1/sql-injection-vulnerability-analysis-and-mitigation-4a3180976145?source=rss------bug_bounty-5Shibin Balakrishnanhacking, cybersecurity, sql, sql-injection, bug-bounty22-Feb-2025
My Approach to Bypassing Strong WAF in XSShttps://medium.com/@randixploit.shtml/my-approach-to-bypassing-strong-waf-in-xss-0c2e0864043b?source=rss------bug_bounty-5Just Rpenetration-testing, xss-attack, bug-bounty-writeup, bug-bounty, bypass22-Feb-2025
Finding the origin IP addresshttps://infosecwriteups.com/finding-the-origin-ip-address-1e9cd5073e8c?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, programming, tips, ethical-hacking22-Feb-2025
What is the Dark Web? A Complete Guide for Businesseshttps://medium.com/@08hakr/what-is-the-dark-web-a-complete-guide-for-businesses-15413b9a3aba?source=rss------bug_bounty-5Kshirsagar Hrushikeshhacking, computer-science, cybersecurity, bug-bounty, darkweb22-Feb-2025
The Dark Web: A Business Survival Guidehttps://medium.com/@cybershastra7/the-dark-web-a-business-survival-guide-dc4d36d4c3ec?source=rss------bug_bounty-5CyberShastracybersecurity, bug-bounty, darkweb, computer-science, hacking22-Feb-2025
Silent Takeover: How We Hacked Authentication Flows to Compromise 2000+ Healthcare Tenants with…https://pandyamayur2018.medium.com/silent-takeover-how-we-hacked-authentication-flows-to-compromise-2000-healthcare-tenants-with-fa51817c3086?source=rss------bug_bounty-5Mayur Pandyavapt, cybersecurity, authentication, bug-bounty, infosec22-Feb-2025
XSS Chronicles: How I Stumbled Upon a Critical API Key Leakhttps://medium.com/@soufianehabti/xss-chronicles-how-i-stumbled-upon-a-critical-api-key-leak-9ea65ffc3f5a?source=rss------bug_bounty-5Soufiane Habtibug-bounty, cybersecurity, ethical-hacking22-Feb-2025
Silent Takeover: How We Hacked Authentication Flows to Compromise 2000+ Healthcare Tenants with…https://pandyamayurrr.medium.com/silent-takeover-how-we-hacked-authentication-flows-to-compromise-2000-healthcare-tenants-with-fa51817c3086?source=rss------bug_bounty-5Mayur Pandyavapt, cybersecurity, authentication, bug-bounty, infosec22-Feb-2025
Breaking Boundaries: My Journey from limited Stored XSS to Open Redirect & a Sneaky CSRF Referrer…https://medium.com/@0xNayelx/breaking-boundaries-my-journey-from-limited-stored-xss-to-open-redirect-a-sneaky-csrf-referrer-6dc939cf7aed?source=rss------bug_bounty-50xNayelbug-bounty, security, bug-bounty-tips, writeup, bug-bounty-writeup22-Feb-2025
Identifying Our Target from Bugcrowdhttps://medium.com/@mdsahat6397/identifying-our-target-from-bugcrowd-fdb3de6a98ab?source=rss------bug_bounty-5Tasneem Sahatbugcrowd, bug-bounty22-Feb-2025
Web Security Academy: File path traversal, traversal sequences blocked with absolute path bypasshttps://medium.com/@mehedihasanemonceh/web-security-academy-file-path-traversal-traversal-sequences-blocked-with-absolute-path-bypass-99255db560d6?source=rss------bug_bounty-5Mehedi Hasan Emonbug-bounty, portswigger, cybersecurity, lfi, path-traversal22-Feb-2025
90% Hunters V/S 10% Huntershttps://bitpanic.medium.com/90-hunters-v-s-10-hunters-fa9089523181?source=rss------bug_bounty-5Spectat0rguycybersecurity, programming, bug-bounty-tips, bug-bounty, technology22-Feb-2025
1000$ Bounty in less than 30 Seconds via the power of custom wordlistshttps://0xrasputin.medium.com/1000-bounty-in-less-than-30-seconds-via-the-power-of-custom-wordlists-3f7deba5bf08?source=rss------bug_bounty-50xRasputinbug-hunting, pentesting, bug-bounty, recon22-Feb-2025
Web Application Technologieshttps://medium.com/@muhammad4208/web-application-technologies-aaa947303675?source=rss------bug_bounty-5Muhammad Abdullah Niaziweb-technology, bug-bounty-tips, bug-bounty-program, bug-bounty, bug-bounty-hunter22-Feb-2025
Exploiting the Shadows: How I Uncovered a Command Injection via OOB and Bagged $800https://medium.com/@kura1yum3/exploiting-the-shadows-how-i-uncovered-a-command-injection-via-oob-and-bagged-800-73c4bc90a130?source=rss------bug_bounty-5KuroSh1R0hackerone, bug-bounty22-Feb-2025
️‍♂️How to Find XSS in Bug Hunting ️‍♂️https://medium.com/@vipulsonule71/%EF%B8%8F-%EF%B8%8F-how-to-find-xss-in-bug-hunting-%EF%B8%8F-%EF%B8%8F-d7243160da01?source=rss------bug_bounty-5Vipul Sonulecybersecurity, ai, bug-bounty, penetration-testing, technology22-Feb-2025
$100-$200 worth 403 Bypass Techniqueshttps://infosecwriteups.com/100-200-worth-403-bypass-techniques-e4c22064091a?source=rss------bug_bounty-5It4chis3cbug-bounty, secrets, bypass, 403-forbidden, hidden22-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-105)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-105-6016b1f36174?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, bug-bounty, hacking, ethical-hacking, bug-bounty-tips22-Feb-2025
Bug Bounty Restart- Phase 1: Preparation & Mindsethttps://infosecwriteups.com/bug-bounty-restart-phase-1-preparation-mindset-57ca877a9278?source=rss------bug_bounty-5Om Aroracybersecurity, infosec, bug-bounty, bug-bounty-writeup, technology22-Feb-2025
Day 17: [$5K] Misconfigured Reset Password Leads to Account Takeover (No User Interaction ATO)https://medium.com/@danielbelay/day-17-5k-misconfigured-reset-password-leads-to-account-takeover-no-user-interaction-ato-4d378e995fc2?source=rss------bug_bounty-5dani3laccount-takeover, ato, bug-bounty22-Feb-2025
CRLF Injection: How a Simple Bug Can Earn You $1500!https://cybersecuritywriteups.com/crlf-injection-how-a-simple-bug-can-earn-you-1500-ff3aabc54a77?source=rss------bug_bounty-5Krish_cyberbug-bounty, ethical-hacking, infosec-write-ups, bug-bounty-tips, osint22-Feb-2025
The Art of Software Testing: Types, Methods, and Best Practiceshttps://i-am-tibi.medium.com/the-art-of-software-testing-types-methods-and-best-practices-608cc6770136?source=rss------bug_bounty-5Tibb.Insoftware-testing, qa-testing, qa, bugs, bug-bounty22-Feb-2025
Earn $500 with Open Redirect Vulnerabilities!https://osintteam.blog/earn-500-with-open-redirect-vulnerabilities-224d637f683c?source=rss------bug_bounty-5Krish_cyberinformation-security, bug-bounty, infosec-write-ups, osint, open-redirect22-Feb-2025
Methods and Tools for Extracting Information from Websiteshttps://medium.com/@paritoshblogs/methods-and-tools-for-extracting-information-from-websites-c26b4584ef43?source=rss------bug_bounty-5Paritoshai, bug-bounty, python, web-scraping, cybersecurity22-Feb-2025
Finding Juicy Information from GraphQLhttps://cyberw1ng.medium.com/finding-juicy-information-from-graphql-22fb09bd9e61?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, jobs, bug-bounty, programming, cybersecurity22-Feb-2025
Finding Juicy Information from GraphQLhttps://osintteam.blog/finding-juicy-information-from-graphql-22fb09bd9e61?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, jobs, bug-bounty, programming, cybersecurity22-Feb-2025
$100 Bounty: Username Restriction Bypassedhttps://medium.com/@kumawatabhijeet2002/100-bounty-username-restriction-bypassed-0d6422564c36?source=rss------bug_bounty-5Abhijeet kumawatinfosec, cybersecurity, hacking, secrets, bug-bounty21-Feb-2025
Burp Suite AI Extension for Pentesterhttps://hackerassociate.medium.com/burp-suite-ai-extension-for-pentester-742358811884?source=rss------bug_bounty-5Harshad Shahburpsuite, infosec, hacking, cybersecurity, bug-bounty21-Feb-2025
【Recognition】Excellent Security Researcher in January 2025 → iiiiiinvhttps://medium.com/@security.tecno/recognition-excellent-security-researcher-in-january-2025-iiiiiinv-29bcf9b3d91b?source=rss------bug_bounty-5TECNO Securityweb-development, apps, security, research, bug-bounty21-Feb-2025
Getting Started with Bug Bounty Hunting: A Simple Guide(Free Version)https://medium.com/@bombhajohn/getting-started-with-bug-bounty-hunting-a-simple-guide-free-version-3363ecd320c2?source=rss------bug_bounty-5Folks47gheecyber-security-awareness, bug-bounty, bug-bounty-tips, data, cybersecurity21-Feb-2025
OWASP Top 10: The Hacker’s Favorite Menu (And How to Ruin Their Appetite)https://falilu.medium.com/owasp-top-10-the-hackers-favorite-menu-and-how-to-ruin-their-appetite-12b67dfaa998?source=rss------bug_bounty-5Falilu Rahmanowasp-top-10, web-application-security, technology, cybersecurity, bug-bounty21-Feb-2025
$100 Bounty: Username Restriction Bypassedhttps://infosecwriteups.com/100-bounty-username-restriction-bypassed-0d6422564c36?source=rss------bug_bounty-5Abhijeet kumawatinfosec, cybersecurity, hacking, secrets, bug-bounty21-Feb-2025
$50-$500 worth Information Disclosure Bug Automationhttps://it4chis3c.medium.com/50-500-worth-information-disclosure-bug-automation-3afc596fa206?source=rss------bug_bounty-5It4chis3cinformation-disclosure, sensitive-data, bug-bounty, hidden, secrets21-Feb-2025
My First Bug Discovery in Facebook Bug Bounty 2025https://medium.com/@bayusetb/my-first-bug-discovery-in-facebook-bug-bounty-2025-728b14eaf6cc?source=rss------bug_bounty-5Bayusetbfacebook-bug-bounty, meta-bug-bounty, bug-bounty-writeup, idor, bug-bounty21-Feb-2025
From a Steward Security Gaurd to a Cybersecurity Startup Founder!https://ajakcybersecurity.medium.com/from-a-steward-security-gaurd-to-a-cybersecurity-startup-founder-5fed143b6b24?source=rss------bug_bounty-5AJAK Cyber Academybug-bounty, cybersecurity, startup, technology, hacking21-Feb-2025
Note-taking apps for bug bounty hunting and ethical hacking purposeshttps://medium.com/readers-club/note-taking-apps-for-bug-bounty-hunting-and-ethical-hacking-purposes-635a198ec9d9?source=rss------bug_bounty-5loyalonlytodaybug-bounty, notetaking, tips, notes, cybersecurity21-Feb-2025
How to Find Information Disclosure Bugs in Bug Huntinghttps://medium.com/@vipulsonule71/how-to-find-information-disclosure-bugs-in-bug-hunting-44954ee8b2fd?source=rss------bug_bounty-5Vipul Sonuletechnology, cybersecurity, bug-bounty, hacking, penetration-testing21-Feb-2025
Burp Suite AI Extension for Pentesterhttps://medium.com/offensive-black-hat-hacking-security/burp-suite-ai-extension-for-pentester-742358811884?source=rss------bug_bounty-5Harshad Shahburpsuite, infosec, hacking, cybersecurity, bug-bounty21-Feb-2025
Find 100+ CVEs Using These 5 Simple GitHub Dorkshttps://medium.com/@ibtissamhammadi/find-100-cves-using-these-5-simple-github-dorks-bfdde1653a20?source=rss------bug_bounty-5Ibtissam Hammadigithub, programming, infosec, bug-bounty, cybersecurity21-Feb-2025
Inside Our Car Hacking Demonstrator: A Training Platform for Automotive Cybersecurityhttps://medium.com/@maajix/inside-our-car-hacking-demonstrator-a-training-platform-for-automotive-cybersecurity-4c95035b2994?source=rss------bug_bounty-5Majixbug-bounty-tips, car-hacking, bug-bounty, automotive, hacking21-Feb-2025
Day 16: Massive Users Account Takeovers (Chaining Vulnerabilities to IDOR)https://medium.com/@danielbelay/day-16-massive-users-account-takeovers-chaining-vulnerabilities-to-idor-11d1b0731c4c?source=rss------bug_bounty-5dani3lethical-hacking, pen-testing-tool, bug-bounty, ato21-Feb-2025
Easiest Vulnerability $200 You can test it under 2 minuteshttps://progprnv.medium.com/easiest-vulnerability-200-you-can-test-it-under-2-minutes-2f45b4a0c785?source=rss------bug_bounty-5progprnvbug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty21-Feb-2025
I Earned $500 in 2 Minutes by Finding a Sensitive File!https://cybersecuritywriteups.com/i-earned-500-in-2-minutes-by-finding-a-sensitive-file-a71817a66ba9?source=rss------bug_bounty-5Krish_cyberidor, hacking, bug-bounty, ai, infosec21-Feb-2025
Pre-Seeding Trap Story: Exploiting PII Data Before It’s Loggedhttps://medium.com/@ahmedelmorsy312/pre-seeding-trap-story-exploiting-pii-data-before-its-logged-8284f47a5854?source=rss------bug_bounty-5Ahmed Elmorsibug-hunting, cybersecurity, bug-bounty, hackerone21-Feb-2025
How I Discovered a Bug to Delete Any User Account!https://medium.com/@kumawatabhijeet2002/how-i-discovered-a-bug-to-delete-any-user-account-b8ae1c60a6a9?source=rss------bug_bounty-5Abhijeet kumawatcybersecurity, bug-bounty, infosec, money, hacking21-Feb-2025
How to Find Information Disclosure Bughttps://medium.com/@vipulsonule71/how-to-find-information-disclosure-bugs-in-bug-hunting-44954ee8b2fd?source=rss------bug_bounty-5Vipul Sonuletechnology, cybersecurity, bug-bounty, hacking, penetration-testing21-Feb-2025
Announcing the Lysa (Testnet) Bug Bounty Program!https://medium.com/@GoRWAChain/announcing-the-lysa-testnet-bug-bounty-program-b73ed9adbd5c?source=rss------bug_bounty-5Go! SmartChain AIbug-bounty, blockchain, crypto, web3, cryptocurrency21-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-104)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-104-b2c76940b84b?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, hacking, bug-bounty-tips, bug-bounty, cybersecurity21-Feb-2025
How to Choose a Bug Bounty Platformhttps://medium.com/@hackrate/how-to-choose-a-bug-bounty-platform-178e0eb95202?source=rss------bug_bounty-5Levente Molnarhacking, bug-bounty-tips, cybersecurity, ethical-hacking, bug-bounty21-Feb-2025
How I Found 5 Reflected XSS in a Public Programhttps://medium.com/@mahmodziad40/how-i-found-5-reflected-xss-in-a-public-program-44b168ae6526?source=rss------bug_bounty-5httpzuzbug-bounty-writeup, bug-bounty, reflected-xss, bug-bounty-tips, xss-attack21-Feb-2025
API Loophole: How I Bypassed CAPTCHA to Create Unlimited Accountshttps://medium.com/@rahulgairola/api-loophole-how-i-bypassed-captcha-to-create-unlimited-accounts-0d21de1f96e2?source=rss------bug_bounty-5Rahul Gairolaapi-security, bug-bounty, api-security-testing, bug-bounty-tips, bug-bounty-writeup21-Feb-2025
Dynamic Application Security Testing (DAST)https://medium.com/@evoskolyey/dynamic-application-security-testing-dast-95f70aa16745?source=rss------bug_bounty-5Eugene Voskoleybug-bounty, appsec, devsecops, cybersecurity, dast21-Feb-2025
$100 worth Rate Limit Bypass Bug |Advanced Tricks & Tipshttps://it4chis3c.medium.com/100-worth-rate-limit-bypass-bug-advanced-tricks-tips-7722a98553e3?source=rss------bug_bounty-5It4chis3chidden, rate-limit, rate-limit-bypass, secrets, bug-bounty21-Feb-2025
How to Find Your First Bug and Get Paid — Bug Bounty Made Easyhttps://krishna-cyber.medium.com/how-to-find-your-first-bug-and-get-paid-bug-bounty-made-easy-da3de634265c?source=rss------bug_bounty-5Krish_cyberidor, info-sec-writeups, osint, bug-bounty, readers-club21-Feb-2025
Installing and Using Nuclei for Automated Security Scanninghttps://abhayal.medium.com/installing-and-using-nuclei-for-automated-security-scanning-1b4f53de3ae5?source=rss------bug_bounty-5Abhayalbug-bounty, reconnaissance, hacking, bug-bounty-writeup, bug-bounty-tips21-Feb-2025
Bug Report Rejected? Here’s What You Can Do.https://medium.com/@HackerNasr/bug-report-rejected-heres-what-you-can-do-b4407d7c19b8?source=rss------bug_bounty-5HackerNasrcybersecurity, hacking, penetration-testing, bug-bounty, ethical-hacking21-Feb-2025
25000$ IDOR: How a Simple ID Enumeration Exposed Private Datahttps://cyberw1ng.medium.com/25000-idor-how-a-simple-id-enumeration-exposed-private-data-7de2f60c46fd?source=rss------bug_bounty-5Karthikeyan Nagarajjobs, cybersecurity, careers, bug-bounty, programming21-Feb-2025
The Quickest Way To Learn XSS In 2025! (Free Version)https://medium.com/@bombhajohn/the-quickest-way-to-learn-xss-in-2025-free-version-b006fa64f3ed?source=rss------bug_bounty-5Folks47gheebug-bounty, cybersecurity, technology, data, bug-bounty-tips21-Feb-2025
25000$ IDOR: How a Simple ID Enumeration Exposed Private Datahttps://osintteam.blog/25000-idor-how-a-simple-id-enumeration-exposed-private-data-7de2f60c46fd?source=rss------bug_bounty-5Karthikeyan Nagarajjobs, cybersecurity, careers, bug-bounty, programming21-Feb-2025
Multiple Sensitive Data Leaks — A Deep Divehttps://aiwolfie.medium.com/multiple-sensitive-data-leaks-a-deep-dive-b913172b5146?source=rss------bug_bounty-5AIwolfiecybersecurity, osint, bug-bounty, information-disclosure, hacking20-Feb-2025
WordPress users Disclosure Bug Bounty reporthttps://aimasterprompt.medium.com/wordpress-users-disclosure-bug-bounty-report-d1e901bfc6cb?source=rss------bug_bounty-5aimastercybersecurity, wordpress, information-technology, infosec, bug-bounty20-Feb-2025
Top 10 Tools Every Bug Bounty Hunter Must Usehttps://osintteam.blog/top-10-tools-every-bug-bounty-hunter-must-use-18046e2306a8?source=rss------bug_bounty-5Abhijeet kumawathacking, tools, infosec, cybersecurity, bug-bounty20-Feb-2025
OWASP Top 10 Vulnerabilities 2025: A Comprehensive Guidehttps://osintteam.blog/owasp-top-10-vulnerabilities-2025-a-comprehensive-guide-cc0019ded233?source=rss------bug_bounty-5Ajay Naikcybersecurity, security-testing, bug-bounty, penetration-testing, application-security20-Feb-2025
CRLF Injection: Guide to Finding & Exploiting Vulnerabilitieshttps://osintteam.blog/crlf-injection-guide-to-finding-exploiting-vulnerabilities-75df64c274e6?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, crlf-injection, money, cybersecurity, hacking20-Feb-2025
How to crawl a website like a prohttps://siratsami71.medium.com/how-to-crawl-a-website-like-a-pro-008f98f41f9f?source=rss------bug_bounty-5Sirat Sami (analyz3r)pentesting, bug-bounty20-Feb-2025
$5M Critical Vulnerability Discovery: 3 Warning Signs for 2025https://medium.com/@ibtissamhammadi/5m-critical-vulnerability-discovery-3-warning-signs-for-2025-f407bb9b7998?source=rss------bug_bounty-5Ibtissam Hammadisecurity, bug-bounty, vulnerability, infosec, cybersecurity20-Feb-2025
₹1,000 in 10 mins: BookMyShow’s Open redirect bug!https://infosecwriteups.com/1-000-in-10-mins-bookmyshows-open-redirect-bug-914f47590ecf?source=rss------bug_bounty-5Vivek PScybersecurity, bug-bounty, hacking, bug-bounty-tips, programming20-Feb-2025
Core Defense Mechanismshttps://medium.com/@muhammad4208/core-defense-mechanisms-b9ac54c29e52?source=rss------bug_bounty-5Muhammad Abdullah Niazidefense-mechanism, bug-bounty-tips, web-development, bug-bounty20-Feb-2025
UUID Injection: 0-Click Superadmin ATOhttps://medium.com/@RekoJR/uuid-injection-0-click-superadmin-ato-3dc46a19c9ad?source=rss------bug_bounty-5Reko !bug-bounty-tips, bug-bounty, bug-bounty-writeup20-Feb-2025
$1000 Bug Bounty Guide: Uncovering Hidden Vulnerabilities Through JavaScript Analysishttps://hackersatty.medium.com/1000-bug-bounty-guide-uncovering-hidden-vulnerabilities-through-javascript-analysis-c3f1a698b91b?source=rss------bug_bounty-5hackersattyhacking, penetration-testing, owasp-top-10, bug-bounty-writeup, bug-bounty20-Feb-2025
Exploiting GraphQL Vulnerabilities: How Misconfigurations Can Lead to Data Leakshttps://cyberw1ng.medium.com/exploiting-graphql-vulnerabilities-how-misconfigurations-can-lead-to-data-leaks-c41d50a64cc3?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, jobs, careers, education, bug-bounty20-Feb-2025
Y2FuIHlvdSByZWNvbj8/ | can you recon? | Hacker101 CTF Write-Uphttps://medium.com/@sari.mmusab/y2fuihlvdsbyzwnvbj8-can-you-recon-hacker101-ctf-write-up-f2a446ecc9f0?source=rss------bug_bounty-5Musab Sarıcybersecurity, php, ctf, bug-bounty, writeup20-Feb-2025
Open redirect in logouthttps://medium.com/@muhmoud.barket/open-redirect-in-logout-53656dbb922c?source=rss------bug_bounty-5Mahmoud Barkatbug-bounty-writeup, bug-bounty-tips, bug-bounty20-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-103)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-103-695beef8d81c?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, hacking, ethical-hacking, bug-bounty-tips, cybersecurity20-Feb-2025
$100 worth Open Redirect Automationhttps://it4chis3c.medium.com/100-worth-open-redirect-automation-3e2f9e36bade?source=rss------bug_bounty-5It4chis3chidden, secrets, open-redirect, bug-bounty, practical20-Feb-2025
The Most Innovative Bug Bounty Platformhttps://medium.com/@hackrate/the-most-innovative-bug-bounty-platform-bcd812cb3670?source=rss------bug_bounty-5Levente Molnarbug-bounty-tips, hacking, bug-bounty, ethical-hacking, cybersecurity20-Feb-2025
Even Brahma Had Brahmastra — GarudaX Have Digi-Astra for Youhttps://medium.com/@modernshubhamgupta/even-brahma-had-brahmastra-garudax-have-digi-astra-for-you-834a75d7b337?source=rss------bug_bounty-5Shubham Rajvapt, bug-bounty, vulnerability-assessment, digi-astra, cybersecurity20-Feb-2025
Why PortSwigger Labs is Essential for Beginner bug hunterhttps://medium.com/@mehedihasanemonceh/why-portswigger-labs-is-essential-for-beginner-bug-hunter-8a940472d126?source=rss------bug_bounty-5Mehedi Hasan Emonportswigger-lab, bug-bounty, portswigger, bug-hunter, cybersecurity20-Feb-2025
Future of Bug Reporting: How AI in Chrome DevTools is Revolutionizing QAhttps://medium.com/@hafizghulamabbas/future-of-bug-reporting-how-ai-in-chrome-devtools-is-revolutionizing-qa-b2335c092541?source=rss------bug_bounty-5Hafiz Ghulam Abbas - Sr. SQA Automation Engineerqa, ai, chrome, testing, bug-bounty20-Feb-2025
Shodan for Hackers: The Search Engine for the Internet of Everythinghttps://medium.com/@ajudeb55/shodan-for-hackers-the-search-engine-for-the-internet-of-everything-1a6a7c962d85?source=rss------bug_bounty-5Aju Debprogramming, hacking, bug-bounty, cybersecurity, technology20-Feb-2025
Exploiting GraphQL Vulnerabilities: How Misconfigurations Can Lead to Data Leakshttps://osintteam.blog/exploiting-graphql-vulnerabilities-how-misconfigurations-can-lead-to-data-leaks-c41d50a64cc3?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, jobs, careers, education, bug-bounty20-Feb-2025
Top Search Engines for Hackers: The Ultimate Guidehttps://medium.com/@ajudeb55/top-search-engines-for-hackers-the-ultimate-guide-00f7ab52689e?source=rss------bug_bounty-5Aju Debprogramming, hacking, cybersecurity, bug-bounty, technology19-Feb-2025
Bug Bounty Made Me a MADMANhttps://medium.com/@thedevtaskofficial/bug-bounty-made-me-a-madman-346205a6e4af?source=rss------bug_bounty-5thedevtask officialbug-bounty, security-token, security, hacking, vulnerability19-Feb-2025
Free VPS for penetration testing and bug bounty part 2https://infosecwriteups.com/free-vps-for-penetration-testing-and-bug-bounty-part-2-d88e7ec00e2c?source=rss------bug_bounty-5loyalonlytodaycybersecurity, vps, tips, bug-bounty, awareness19-Feb-2025
Insecure Deserialization + Lab Resolutionhttps://medium.com/@0xpedrop/insecure-deserialization-lab-resolution-1f53adbf26a1?source=rss------bug_bounty-50xPedropcybersecurity, hacking, bug-bounty, bug-bounty-tips19-Feb-2025
Unauthorized Access to Internal Panel via Response Manipulationhttps://0onoproblem.medium.com/unauthorized-access-to-internal-panel-via-response-manipulation-0b6baaae9346?source=rss------bug_bounty-50_oNoProblembug-hunting, vulnerability-assessment, bug-bounty, info-sec-writeups, vulnerability19-Feb-2025
$1000 Bounty: Command Injection Vulnerabilityhttps://medium.com/infosecmatrix/1000-bounty-command-injection-vulnerability-b190222bf07a?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, money, hacking, command-injection, infosec19-Feb-2025
How i got a fileupload vulnerability so easilyhttps://infosecwriteups.com/how-i-got-a-fileupload-vulnerability-so-easily-a659421a0523?source=rss------bug_bounty-5Le_Merdienhacking, bug-bounty, networking, hackerone, penetration-testing19-Feb-2025
I Hacked FIDE.com — Call me Hacknus Carlsen!https://infosecwriteups.com/i-hacked-fide-com-call-me-hacknus-carlsen-529eeb55440d?source=rss------bug_bounty-5Vivek PSchess, hacking, programming, cybersecurity, bug-bounty19-Feb-2025
The Quickest Way To Learn XSS In 2025!https://medium.com/@bombhajohn/how-i-learned-xss-e593a9b956e3?source=rss------bug_bounty-5Folks47gheecybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-writeup, technology19-Feb-2025
How to Find Subdomain Takeover in Bug Huntinghttps://medium.com/@vipulsonule71/how-to-find-subdomain-takeover-in-bug-hunting-863b39a68755?source=rss------bug_bounty-5Vipul Sonulepenetration-testing, hacking, cybersecurity, bug-bounty, technology19-Feb-2025
Inside Agoda’s Bug Bounty Program: How We Stay Ahead of Cyber Threatshttps://medium.com/agoda-engineering/how-agoda-works-with-hackers-to-strengthen-its-security-2e4129299b8b?source=rss------bug_bounty-5Agoda Engineeringbug-bounty, engineering, cybersecurity, security, technology19-Feb-2025
How easy is it to earn from bug bounties? The truth behind ethical hacking rewardshttps://infosecwriteups.com/how-easy-is-it-to-earn-from-bug-bounties-the-truth-behind-ethical-hacking-rewards-1a88e1f58444?source=rss------bug_bounty-5Vivek PShacking, programming, cybersecurity, growth-mindset, bug-bounty19-Feb-2025
Learn how to find one of the easy p4 bughttps://cybersecuritywriteups.com/learn-how-to-find-one-of-the-easy-p4-bug-4f6bdf29044c?source=rss------bug_bounty-5loyalonlytodaybugs, penetration-testing, bug-bounty, cybersecurity, ethical-hacking19-Feb-2025
OTP Login Rate Limit Bypass — The Easiest Bug for Beginners to Discoverhttps://infosecwriteups.com/otp-login-rate-limit-bypass-the-easiest-bug-for-beginners-to-discover-74cbf2432b72?source=rss------bug_bounty-5Vivek PSethical-hacking, programming, bug-bounty-tips, web-security, bug-bounty19-Feb-2025
How I Earned a Hall of Fame Spot at UNESCO by Bypassing 403 Forbiddenhttps://infosecwriteups.com/how-i-earned-a-hall-of-fame-spot-at-unesco-by-bypassing-403-forbidden-fdb2185383f7?source=rss------bug_bounty-5Krunal Patelbug-bounty, bug-bounty-writeup, hacking, penetration-testing, hall-of-fame19-Feb-2025
Bluetooth Low Energy Hacking 101https://medium.com/@majix_de/bluetooth-low-energy-hacking-101-15a471d3e956?source=rss------bug_bounty-5Majixbluetooth, hacking, penetration-testing, pentesting, bug-bounty19-Feb-2025
How i got my name featured on Nebraska University Hall Of Fame.https://medium.com/@eabubakr21/how-i-got-my-name-featured-on-nebraska-university-hall-of-fame-fdb1c16fc0f7?source=rss------bug_bounty-5Eslam Abu Bakrpenetration-testing, information-technology, bug-bounty, ethical-hacking, cybersecurity19-Feb-2025
Linux Privilege Escalation, some ideas from tryhackme machines — part 2https://medium.com/@loaymorad11/linux-privilege-escalation-some-ideas-from-tryhackme-machines-part-2-77def0b1e361?source=rss------bug_bounty-5Loaymoradtryhackme, bug-bounty, cybersecurity, hacking, hackthebox19-Feb-2025
Beginner’s Guide: Basic Methods for Finding Android Application Vulnerabilitieshttps://medium.com/@security.tecno/beginners-guide-basic-methods-for-finding-android-application-vulnerabilities-f1da4e05341c?source=rss------bug_bounty-5TECNO Securityhacking, bug-bounty, apps, bonus, security19-Feb-2025
Critical Security Vulnerability: Unauthenticated Access to /shipments/deleted Endpoint Leads to…https://hackersatty.medium.com/critical-security-vulnerability-unauthenticated-access-to-shipments-deleted-endpoint-leads-to-7edb5d9b7f76?source=rss------bug_bounty-5hackersattyhackerone, bug-bounty-writeup, penetration-testing, bug-bounty, owasp-top-1019-Feb-2025
How to Identify a Server’s Origin IP — And hy?https://medium.com/@verylazytech/how-to-identify-a-servers-origin-ip-and-hy-b6312af71e51?source=rss------bug_bounty-5Very Lazy Techbypass, penetration-testing, cloudflare, ethical-hacking, bug-bounty19-Feb-2025
File Upload Restrictions Bypass in S3 Buckethttps://saeed0x1.medium.com/file-upload-restrictions-bypass-in-s3-bucket-87c2717664a3?source=rss------bug_bounty-5SAEEDbug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips, aws19-Feb-2025
tool to generate XSS payloads.https://medium.com/cyberscribers-exploring-cybersecurity/tool-to-generate-xss-payloads-7d8b323d187d?source=rss------bug_bounty-5loyalonlytodaycybersecurity, bug-bounty, xss-vulnerability, bugs, cross-site-scripting19-Feb-2025
$2,000 Bounty: Unauthenticated Remote Code Execution to Reverse Shell — A Real-World Examplehttps://medium.com/@krishna9823420058/2-000-bounty-unauthenticated-remote-code-execution-to-reverse-shell-a-real-world-example-fd9dff5d9c3f?source=rss------bug_bounty-5Krish_cyberosint, idor, hacking, infosec, bug-bounty19-Feb-2025
How I Made $6,000 by Exploiting JWT Manipulation on a Web3 Crypto Apphttps://medium.com/@krishna9823420058/how-i-made-6-000-by-exploiting-jwt-manipulation-on-a-web3-crypto-app-f3ab440f02b6?source=rss------bug_bounty-5Krish_cyberbug-bounty, jwt-token, osint, hacking, cybersecurity19-Feb-2025
HTTP FILTER: Streamlining HTTP Response Analysis for Security Researchershttps://yogsec.medium.com/http-filter-streamlining-http-response-analysis-for-security-researchers-9e356e2065d2?source=rss------bug_bounty-5YogSechttp-filter, httpx, bug-bounty, http-tool, hacking-tools19-Feb-2025
No Rate Limit: The Easiest Bug Bounty Payout You’re Missinghttps://medium.com/@abdulbasitpriv/no-rate-limit-the-easiest-bug-bounty-payout-youre-missing-79335e39c377?source=rss------bug_bounty-5Abdul Basit Khanbug-bounty, website, rate-limit, vulnerability, penetration-testing19-Feb-2025
How I found SQL injection vulnerability on the government organization website!https://hiddendom.medium.com/how-i-found-sql-injection-vulnerability-on-the-government-organization-website-01533dba5158?source=rss------bug_bounty-5Gokuleswaran Bbug-bounty-tips, bug-bounty, sql-injection, sql-injection-attack, bug-bounty-writeup19-Feb-2025
LFI Advanced Methodology by Abhijeethttps://infosecwriteups.com/lfi-advanced-methodology-by-abhijeet-6663bede44c6?source=rss------bug_bounty-5Abhijeet kumawatinfosec, lfi, hacking, money, bug-bounty19-Feb-2025
How to Identify a Server’s Origin IP — And Why?https://medium.com/@verylazytech/how-to-identify-a-servers-origin-ip-and-hy-b6312af71e51?source=rss------bug_bounty-5Very Lazy Techbypass, penetration-testing, cloudflare, ethical-hacking, bug-bounty19-Feb-2025
JSFScan: Automation for JavaScript Recon in Bug Bountyhttps://bevijaygupta.medium.com/jsfscan-automation-for-javascript-recon-in-bug-bounty-af3273ac61bf?source=rss------bug_bounty-5Vijay Kumar Guptarecon, automation, javascript, bug-bounty, jsfscan19-Feb-2025
Turning XSS into Account Takeover (ATO): How to Level Up Your Exploit $$$https://medium.com/@HackerNasr/turning-xss-into-account-takeover-ato-how-to-level-up-your-exploit-16126c271476?source=rss------bug_bounty-5HackerNasrcybersecurity, hacking, penetration-testing, ethical-hacking, bug-bounty19-Feb-2025
EASY P3 “Broken Access Control”https://medium.com/@a0xtrojan/easy-p3-broken-access-control-a178dcda8c58?source=rss------bug_bounty-5A0X_Trojanbug-bounty, broken-access-control, privilege-escalation, medium, bug-bounty-writeup19-Feb-2025
CAPHTBhttps://medium.com/@a.essam0_o/caphtb-32d9a8c5ded1?source=rss------bug_bounty-5A.Essamhacking, networking, ssh, privilege-escalation, bug-bounty19-Feb-2025
Bug Bounty Methodology: Exploiting Dev & Staging Environments for Maximum Bountyhttps://medium.com/@zerodaystories/bug-bounty-methodology-exploiting-dev-staging-environments-for-maximum-bounty-414419faf744?source=rss------bug_bounty-50day storiespenetration-testing, bug-bounty-writeup, bug-bounty, bug-bounty-tips, cybersecurity19-Feb-2025
$50-$100 P5 & P4 Bug Automation with Nucleihttps://cybersecuritywriteups.com/50-100-p5-p4-bug-automation-with-nuclei-e7fce9a60dfd?source=rss------bug_bounty-5It4chis3csecrets, nuclei-template, nucleus, bug-bounty, hidden19-Feb-2025
Hacked My Way Into Google’s Hall of Fame! The Relentless Bug Bounty Hunthttps://rootxabit.medium.com/hacked-my-way-into-googles-hall-of-fame-the-relentless-bug-bounty-hunt-75d9d2cdd8a0?source=rss------bug_bounty-5xabit • hacksbug-bounty, google, hacker, tryhackme, bugcrowd19-Feb-2025
The Web Application Hacker’s Handbook: Web Application (In)securityhttps://medium.com/@muhammad4208/the-web-application-hackers-handbook-web-application-in-security-b2e7df531100?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty, bug-bounty-tips, web-application-security19-Feb-2025
Subdomain Enumeration: Expanding the Attack Surfacehttps://medium.com/@muhammad4208/subdomain-enumeration-expanding-the-attack-surface-5fefe74f1d83?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty, bug-bounty-hunter, bug-bounty-program, subdomains-enumeration, bug-bounty-tips19-Feb-2025
How I Stumbled Upon India’s Government Data Leak – and Why It’s a Wake-Up Callhttps://medium.com/@warisjeet31/how-i-stumbled-upon-indias-government-data-leak-and-why-it-s-a-wake-up-call-c90695d84a29?source=rss------bug_bounty-5sin99xxinformation-technology, bug-bounty, infosec, penetration-testing, cybersecurity19-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-102)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-102-33f5cc96116c?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, hacking, bug-bounty-tips, ethical-hacking, bug-bounty19-Feb-2025
How I Found a CSRF via a misconfiguration in graphqlhttps://medium.com/@ismailismailgamal52/how-i-found-a-csrf-via-a-misconfiguration-in-graphql-42676a1e12b7?source=rss------bug_bounty-5ISMAILSHADOWbug-bounty, graphql, csrf19-Feb-2025
Did You Know … A Woman Launched the U.S. Government’s First Bug Bounty Programhttps://medium.com/did-you-know-short-fun-facts/did-you-know-a-woman-launched-the-u-s-governments-first-bug-bounty-program-3b7a32ebf00b?source=rss------bug_bounty-5Marisa Tranchitella Foltzcybersecurity, did-you-know, bug-bounty, women-in-tech, people19-Feb-2025
“There is no subdomain with no usage” How understanding this rule led to 5 Criticalshttps://kalawy.medium.com/there-is-no-subdomain-with-no-usage-how-understanding-this-rule-led-to-5-criticals-59e815ca6df2?source=rss------bug_bounty-5Kalawyinformation-disclosure, bug-bounty, ssrf, bug-hunting, hacking19-Feb-2025
EASY P3 “Broken Access Control”https://medium.com/@a0xtrojan/easy-p3-broken-access-control-7c28702cb1ee?source=rss------bug_bounty-5A0X_Trojanbroken-access-control, bug-bounty, privilege-escalation, bug-bounty-writeup, medium19-Feb-2025
How a GraphQL Misconfiguration Exposed Sensitive Information: A $25,000 Bug Bounty Reporthttps://cyberw1ng.medium.com/how-a-graphql-misconfiguration-exposed-sensitive-information-a-25-000-bug-bounty-report-a8207bc7ff11?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, cybersecurity, jobs, careers, bug-bounty19-Feb-2025
How a GraphQL Misconfiguration Exposed Sensitive Information: A $25,000 Bug Bounty Reporthttps://osintteam.blog/how-a-graphql-misconfiguration-exposed-sensitive-information-a-25-000-bug-bounty-report-a8207bc7ff11?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, cybersecurity, jobs, careers, bug-bounty19-Feb-2025
✨$500 HTML Injection in Snapchathttps://cybersecuritywriteups.com/500-html-injection-in-snapchat-c546282f1f60?source=rss------bug_bounty-5Abhijeet kumawathacking, infosec, html, snapchat, bug-bounty18-Feb-2025
How I Bypassed BookMyShow’s OTP Limit with Just a Space & Got ₹1000 for It!https://infosecwriteups.com/how-i-bypassed-bookmyshows-otp-limit-with-just-a-space-got-1000-for-it-70eab29fb6aa?source=rss------bug_bounty-5Vivek PSbug-bounty-writeup, hacking, progamming, web-security, bug-bounty18-Feb-2025
No email verification leads to an Oauth account takeover.https://infosecwriteups.com/no-email-verification-leads-to-an-oauth-account-takeover-02eb30496939?source=rss------bug_bounty-5loyalonlytodayawareness, bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips18-Feb-2025
Android App Endpoint API Discovery Using Static Analysis Methodshttps://medium.com/@BugRey/android-app-endpoint-api-discovery-using-static-analysis-methods-2cb2c83ccfbb?source=rss------bug_bounty-5./Rey~bug-bounty-tips, pentesting, penetration-testing, bug-bounty, android-security18-Feb-2025
Practical Guide Arbitrary File Uploadhttps://medium.com/@BugRey/practical-guide-arbitrary-file-upload-7c6a6e6becd6?source=rss------bug_bounty-5./Rey~bug-bounty-tips, web-security, penetration-testing, pentesting, bug-bounty18-Feb-2025
Monday Vulnerability Disclosure (February 17, 2025)https://medium.com/@bombhajohn/monday-vulnerability-disclosure-february-17-2025-08d7fe29c39b?source=rss------bug_bounty-5Folks47gheebug-bounty, data, cybersecurity, data-leak18-Feb-2025
JavaScript for Hackers: A Full Tutorialhttps://medium.com/@hrofficial62/javascript-for-hackers-a-full-tutorial-84a2be091427?source=rss------bug_bounty-5Mr Horbiocybersecurity, javascript, bug-bounty, pentesting, ethical-hacking18-Feb-2025
Hackyholidays CTF (Grinch Network) Write-Up | Part 1 | Hacker101 CTFhttps://medium.com/@sari.mmusab/hackyholidays-ctf-grinch-network-write-up-part-1-hacker101-ctf-4dcf8d1fb2ed?source=rss------bug_bounty-5Musab Sarıburpsuite, ctf, web, bug-bounty, cybersecurity18-Feb-2025
Ever Found a Valid Bug/Leaks in JavaScript Files? Part 1https://systemweakness.com/ever-found-a-valid-bug-leaks-in-javascript-files-part-1-efe1f535983b?source=rss------bug_bounty-5It4chis3cextraction, secrets, js, javascript, bug-bounty18-Feb-2025
How I Hacked My Own Phone, Found 2 Critical Vulnerabilities, and Cashed In $1,500https://medium.com/@krishna9823420058/how-i-hacked-my-own-phone-found-2-critical-vulnerabilities-and-cashed-in-1-500-139535f25fa1?source=rss------bug_bounty-5Krish_cyberbug-bounty, osint, bug-bounty-tips, cybersecurity, idor18-Feb-2025
Improper Authentication: Account TakeOverhttps://medium.com/@mvenkata.bharath/improper-authentication-account-takeover-5dc9095c0b28?source=rss------bug_bounty-5Bharath Kumarauthentication, bug-bounty, cybersecurity, information-security, security-research18-Feb-2025
Insecure Direct Object Reference — Simple casehttps://medium.com/@mvenkata.bharath/insecure-direct-object-reference-simple-case-1bc2afd4e362?source=rss------bug_bounty-5Bharath Kumarbug-bounty, cybersecurity, information-security, idor-vulnerability18-Feb-2025
Instagram Authentication Flaw in Android Apphttps://medium.com/@akashkarmakar787/instagram-authentication-flaw-in-android-app-cf2a59e6a175?source=rss------bug_bounty-5Akash Karmakarinstagram, bug-bounty, facebook, login, security18-Feb-2025
Recon — Finding Information About a Targethttps://medium.com/@yassentaalab51/recon-finding-information-about-a-target-ff146160fb1a?source=rss------bug_bounty-5Killuacybersecurity, penetration-testing, bug-bounty, recon18-Feb-2025
Unverified Email Change Flaw on Apps.Target.com: A Sneaky Account Takeover Trickhttps://infosecwriteups.com/unverified-email-change-flaw-on-apps-target-com-a-sneaky-account-takeover-trick-2d3402223f4f?source=rss------bug_bounty-5JEETPALcybersecurity, bug-bounty, bugbounty-writeup, account-takeover, bug-bounty-tips18-Feb-2025
CORS + XSS : Chaining Vulnerabilities for Critical Data Extractionhttps://medium.com/@blify/cors-xss-chaining-vulnerabilities-for-critical-data-extraction-aed9d8fbd814?source=rss------bug_bounty-5Blifysecurity, bug-bounty, hacking, bug-bounty-writeup18-Feb-2025
Mastering Bug Bounties in 2025 — The Smart Way to Hunt & Earn Bighttps://medium.com/@shaheeryasirofficial/mastering-bug-bounties-in-2025-the-smart-way-to-hunt-earn-big-df69d78ddb10?source=rss------bug_bounty-5Shaheer Yasirbug-bounty-tips, cybersecurity, hackerone, hacking, bug-bounty18-Feb-2025
Ever Found a Valid Bug/Leaks in JavaScript Files in Bug Bounties?https://infosecwriteups.com/ever-found-a-valid-bug-leaks-in-javascript-files-in-bug-bounties-81ba362612a7?source=rss------bug_bounty-5It4chis3cjs, bug-bounty, javascript, practical, secrets18-Feb-2025
$4000 Blind SQL Injection in inDrivehttps://medium.com/@kumawatabhijeet2002/4000-blind-sql-injection-in-indrive-a0a4dcd99cb9?source=rss------bug_bounty-5Abhijeet kumawathacking, infosec, sql-injection, money, bug-bounty18-Feb-2025
️‍♂️ How to Start Bug Hunting Using These 5 Simple Stepshttps://medium.com/@vipulsonule71/%EF%B8%8F-%EF%B8%8F-how-to-start-bug-hunting-using-these-5-simple-steps-1c15f227f852?source=rss------bug_bounty-5Vipul Sonulehacking, technology, machine-learning, cybersecurity, bug-bounty18-Feb-2025
How I Discovered a 0-Click Account Takeover (ATO) Vulnerability in a Flutter Applicationhttps://medium.com/@k3r0/how-i-discovered-a-0-click-account-takeover-ato-vulnerability-in-a-flutter-application-74c7a5c4dc70?source=rss------bug_bounty-5Kyrillos nadyflutter, penetration-testing, android-pentesting, hacking, bug-bounty18-Feb-2025
Registration logic error — 2500$ bug bountyhttps://theclemvp.medium.com/registration-logic-error-2500-bug-bounty-72728ce5ffd0?source=rss------bug_bounty-5Molx32security, web-security, writeup, cybersecurity, bug-bounty18-Feb-2025
Day 13: Chaining Improper Authentication to IDOR and No Rate Limit for Mass Account Takeoverhttps://medium.com/@danielbelay/day-13-chaining-improper-authentication-to-idor-and-no-rate-limit-for-mass-account-takeover-bd6be94a96c3?source=rss------bug_bounty-5dani3laccount-takeover-attacks, bug-bounty18-Feb-2025
The Highest-Paid Bug Bounty Hunters in the World (And Their Secrets)https://medium.com/@krishna9823420058/the-highest-paid-bug-bounty-hunters-in-the-world-and-their-secrets-2e0f13d4fc6a?source=rss------bug_bounty-5Krish_cybercybersecurity, infosec, ethical-hacking, hacking, bug-bounty18-Feb-2025
Finding Peace in the Chaos: A Security Researcher’s Perspectivehttps://medium.com/@thedevtaskofficial/finding-peace-in-the-chaos-a-security-researchers-perspective-06812e7ff767?source=rss------bug_bounty-5thedevtask officialsecurity, vulnerability, peace, bug-bounty, philosophy18-Feb-2025
Reconnaissance with Sn1per: Is This the Ultimate Recon Weapon?https://medium.com/@paritoshblogs/reconnaissance-with-sn1per-is-this-the-ultimate-recon-weapon-b05bf69dc8e1?source=rss------bug_bounty-5Paritoshhacking, bug-bounty, information-technology, cybersecurity, sn1per18-Feb-2025
Bug Bounty in 2025: Part 3 — Investigating 4 Open Redirect Reports at HackerOne, So You Don’t Have…https://medium.com/@halfcircassian/bug-bounty-in-2025-part-3-investigating-4-open-redirect-reports-at-hackerone-so-you-dont-have-499948a0e6b1?source=rss------bug_bounty-5Sıla Özerenbug-bounty-tips, open-redirect, bug-bounty, bug-bounty-writeup, hackerone18-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-101)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-101-ef5f9ed33841?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, hacking, ethical-hacking, bug-bounty, cybersecurity18-Feb-2025
The Biggest Bug Bounty Mythshttps://medium.com/@hackrate/the-biggest-bug-bounty-myths-ec5b56b39e5e?source=rss------bug_bounty-5Levente Molnarbug-bounty, hacking, ethical-hacking, bug-bounty-tips, cybersecurity18-Feb-2025
The Hidden Risks in Multipart/Form-Data Requestshttps://medium.com/@melodicbook/the-hidden-risks-in-multipart-form-data-requests-65a8f8557b22?source=rss------bug_bounty-5Sam Mirovbug-bounty-tips, api-security, security-research, bug-bounty, web-application-security18-Feb-2025
Advanced Techniques to Discover and Secure Exposed Credentials Onlinehttps://cyberw1ng.medium.com/advanced-techniques-to-discover-and-secure-exposed-credentials-online-977e5ec53095?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, jobs, education, cybersecurity18-Feb-2025
How to Earn $50k Finding Critical Vulnerabilities in Bug Bountyhttps://medium.com/@ibtissamhammadi/how-to-earn-50k-finding-critical-vulnerabilities-in-bug-bounty-b78806051ab8?source=rss------bug_bounty-5Ibtissam Hammaditechnology, bug-bounty, hacking, cybersecurity, programming18-Feb-2025
Steal Secrets From The Web: Master Parameter Fuzzing | Recon Part 9https://it4chis3c.medium.com/ever-used-burp-suite-to-the-fullest-recon-part-9-22c389a29ad7?source=rss------bug_bounty-5It4chis3cbug-bounty, parameter, fuzzing, extraction, secrets17-Feb-2025
How I Found an Open Redirect Vulnerability Easily (Worth $500!)https://cybersecuritywriteups.com/how-i-found-an-open-redirect-vulnerability-easily-worth-500-d677d7693c06?source=rss------bug_bounty-5Abhijeet kumawatopen-redirect, bugbounty-tips, infosec, bug-bounty, hacking17-Feb-2025
The Rise of Industrialized Cybercrime: How Threat Actors Scaled Their Operationshttps://medium.com/@paritoshblogs/the-rise-of-industrialized-cybercrime-how-threat-actors-scaled-their-operations-0e863667a383?source=rss------bug_bounty-5Paritoshcybersecurity, hacking, information-technology, cybercrime, bug-bounty17-Feb-2025
Finding Vulnerabilities with Nmaphttps://medium.com/@dasmanish6176/finding-vulnerabilities-with-nmap-713bd8693369?source=rss------bug_bounty-5Dasmanishnmap, network-security, ethical-hacking, bug-bounty, cybersecurity17-Feb-2025
Hidden method to find Bugcrowd Programshttps://medium.com/meetcyber/hidden-method-to-find-bugcrowd-programs-c6ac027be4f4?source=rss------bug_bounty-5AbhirupKonwarethical-hacking, pentesting, bug-bounty, osint, bug-bounty-tips17-Feb-2025
Bug Hunting Automationhttps://infosecwriteups.com/bug-hunting-automation-f91ce2ce70bc?source=rss------bug_bounty-5Monika sharmatechnology, penetration-testing, bug-bounty, bug-bounty-tips, hacking17-Feb-2025
API Endpoints Discovery using Kiterunnerhttps://bitpanic.medium.com/api-endpoints-discovery-using-kiterunner-ded82e092543?source=rss------bug_bounty-5Spectat0rguycybersecurity, bug-bounty, ai-generated-content, technology, programming17-Feb-2025
How a Simple Graphql Vulnerability led to Admin Dashboardhttps://medium.com/@rishi1.beria/how-a-simple-graphql-vulnerability-led-to-admin-dashboard-2fb10df3607a?source=rss------bug_bounty-5Rishi Beriapenetration-testing, hacking, cybersecurity, bug-bounty, graphql17-Feb-2025
Finding more subdomains using security trails api keyhttps://infosecwriteups.com/finding-more-subdomains-using-security-trails-api-key-0abdadd60574?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, hacking, reconnaissance, subdomain17-Feb-2025
Exploiting the Log4j Vulnerability (CVE-2021–44228) — Proof of Concept (PoC)https://medium.com/@muhammadwaseem29/exploiting-the-log4j-vulnerability-cve-2021-44228-proof-of-concept-poc-9b462b73b7a8?source=rss------bug_bounty-5Muhammad Waseemhacking, bug-bounty-tips, infosec, cybersecurity, bug-bounty17-Feb-2025
From Curiosity to $10,000: How I Found a Critical Account Takeover Bughttps://medium.com/@rahulgairola/from-curiosity-to-10-000-how-i-found-a-critical-account-takeover-bug-ca6dd169c36b?source=rss------bug_bounty-5Rahul Gairolabug-bounty-tips, bug-bounty-writeup, account-takeover, bug-bounty, authentication-bypass17-Feb-2025
A Beginner’s Guide to Bash [Special for Hackerhttps://medium.com/@hrofficial62/a-beginners-guide-to-bash-special-for-hacker-ffe5c7ce4c21?source=rss------bug_bounty-5Mr Horbiocybersecurity, pentesting, kali-linux, bug-bounty, bash17-Feb-2025
Zoho Account Takeover: How a Single Click Can Lead to Full Control over your Zoho accounthttps://infosecwriteups.com/zoho-account-takeover-how-a-single-click-can-lead-to-full-control-over-your-zoho-account-cd6f0c245272?source=rss------bug_bounty-5HackerWithOutHatinfose, javascript, bug-bounty, security17-Feb-2025
WHAT IS THE IMPORTANCE OF FINDING AQUISITIONS FOR BUG BOUNTY.https://osintteam.blog/what-is-the-importance-of-finding-aquisitions-for-bug-bounty-3d4920796dc5?source=rss------bug_bounty-5loyalonlytodayawareness, tips, cybersecurity, bug-bounty, hacking17-Feb-2025
How to Find Subdomains Using Shodan and the Favicon Hash Trick on Kali Linuxhttps://medium.com/@securitytalent/how-to-find-subdomains-using-shodan-and-the-favicon-hash-trick-on-kali-linux-8829e3d10297?source=rss------bug_bounty-5MD Mehedi Hasanfavicon-hash-trick, bug-bounty, find-subdomain17-Feb-2025
I Pasted a Simple HTML Code on BookMyShow… and Got ₹1000 for It!https://infosecwriteups.com/i-pasted-a-simple-html-code-on-bookmyshow-and-got-1000-for-it-26313f0e2115?source=rss------bug_bounty-5Vivek PSweb-security, programming, bug-bounty, bug-bounty-writeup, hacking17-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-100)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-100-ded60fc66bf5?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, ethical-hacking, bug-bounty, bug-bounty-tips, cybersecurity17-Feb-2025
Top CVEs to Watch in 2025: Hunting Critical Bugshttps://medium.com/@zerodaystories/top-cves-to-watch-in-2025-hunting-critical-bugs-3d7fee7ef95e?source=rss------bug_bounty-50day storiesbug-bounty-tips, technology, penetration-testing, cybersecurity, bug-bounty17-Feb-2025
IDOR Vulnerability in Group Profile Picture Feature($$)https://medium.com/@Tanvir0x1/idor-vulnerability-in-group-profile-picture-feature-72bbf96e0f6e?source=rss------bug_bounty-5Tanvir Ahmedbugs, bug-bounty-tips, bug-bounty17-Feb-2025
Ethical Hacking Roadmap 2025: Your Ultimate Guide to Landing a Cybersecurity Job!https://medium.com/@krishna9823420058/ethical-hacking-roadmap-2025-your-ultimate-guide-to-landing-a-cybersecurity-job-57b0367fb070?source=rss------bug_bounty-5Krish_cyberhacking, bug-bounty, ai, cybersecurity, ethical-hacking17-Feb-2025
Bug Bounty 101 for Companieshttps://medium.com/@hackrate/bug-bounty-101-for-companies-a6747ae0e3bb?source=rss------bug_bounty-5Levente Molnarbug-bounty-tips, hacking, bug-bounty, cybersecurity, ethical-hacking17-Feb-2025
How to Find SQL Injection and Get Bounty of $100, $200, $500https://medium.com/@kumawatabhijeet2002/how-to-find-sql-injection-and-get-bounty-of-100-200-500-f44e0df0ba77?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, money, sql-injection, infosec, hacking17-Feb-2025
Top 7 Payloads lists Every Bug Bounty Hunter Need To Knowhttps://medium.com/@verylazytech/top-7-payloads-lists-every-bug-bounty-hunter-need-to-know-bbb72c87c779?source=rss------bug_bounty-5Very Lazy Techpenetration-testing, bug-bounty, red-team, payload, ethical-hacking17-Feb-2025
Subdomain Bruteforcing Using Burp Suite: A Step-by-Step Guide for Ethical Hackershttps://medium.com/@hacker_might/subdomain-bruteforcing-using-burp-suite-a-step-by-step-guide-for-ethical-hackers-6f48f59b9f00?source=rss------bug_bounty-5hacker_mightbug-bounty, reconnaissance, subdomains-enumeration, brute-force, burpsuite17-Feb-2025
10 Secrets Every Bug Bounty Hunter Must Knowhttps://medium.com/@ibtissamhammadi/10-secrets-every-bug-bounty-hunter-must-know-20d71c3858a7?source=rss------bug_bounty-5Ibtissam Hammadicybersecurity, infosec, tech-career, bug-bounty, hacking17-Feb-2025
Open Redirect to Xsshttps://medium.com/@0x_karim/open-redirect-to-xss-d35eb8eb1cf4?source=rss------bug_bounty-50xkarimbug-hunting, bug-bounty-tips, bug-bounty, hackerone, hacking17-Feb-2025
Finding Exposed Credentials and Sensitive Data in Cloud, Repositories, and Logshttps://cyberw1ng.medium.com/finding-exposed-credentials-and-sensitive-data-in-cloud-repositories-and-logs-a4a4c9e5323c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, jobs, hacking, bug-bounty, cybersecurity17-Feb-2025
Bug Bounty Recon: Mastering the Art of Information Gathering (Part 1)https://medium.com/@weaponshot/bug-bounty-recon-mastering-the-art-of-information-gathering-part-1-01e24bb24462?source=rss------bug_bounty-5Matyis Kongcybersecurity, bug-bounty17-Feb-2025
Finding Exposed Credentials and Sensitive Data in Cloud, Repositories, and Logshttps://osintteam.blog/finding-exposed-credentials-and-sensitive-data-in-cloud-repositories-and-logs-a4a4c9e5323c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, jobs, hacking, bug-bounty, cybersecurity17-Feb-2025
$500 How I Found XSS Using ChatGPThttps://medium.com/@kumawatabhijeet2002/500-how-i-found-xss-using-chatgpt-ec55792e35bb?source=rss------bug_bounty-5Abhijeet kumawatxss-attack, hacking, chatgpt, bug-bounty, ai16-Feb-2025
Finding a p4 as per bug crowd vrthttps://cybersecuritywriteups.com/finding-a-p4-as-per-bug-crowd-vrt-1de5f8074cda?source=rss------bug_bounty-5loyalonlytodaybug-bounty, bugs, cybersecurity, ethical-hacking, 4ps16-Feb-2025
Bug Bounty Hunting: Automatic Vulnerability Discovery Using Fuzzershttps://medium.com/@muhammad4208/bug-bounty-hunting-automatic-vulnerability-discovery-using-fuzzers-6da56581c8ae?source=rss------bug_bounty-5Muhammad Abdullah Niaziweb-testing, bug-bounty-hunter, bug-bounty, bug-bounty-program, bug-bounty-tips16-Feb-2025
Bug Bounty Hunting: Web Vulnerability (API Testing)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-api-testing-96a49acc4f35?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-tips, bug-bounty, api-testing, bug-bounty-hunter, bug-bounty-program16-Feb-2025
Bug Bounty Hunting: Web Vulnerability (Android Hacking Apps)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-android-hacking-apps-c74f85e81c90?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-tips, bug-bounty, android-hacking-tool, bug-bounty-program, bug-bounty-hunter16-Feb-2025
IDOR Nightmare: Indian Post Office Portal Exposed Thousands of KYC Records with Article ID with…https://systemweakness.com/idor-nightmare-indian-post-office-portal-exposed-thousands-of-kyc-records-with-article-id-with-735cc35a3984?source=rss------bug_bounty-5Gokuleswaran Bidor-vulnerability, bugbounty-writeup, bug-bounty, bug-bounty-writeup, idor16-Feb-2025
Business Logic Vulnerabilitieshttps://medium.com/@0x1di0t/business-logic-vulnerabilities-843ea2a316f2?source=rss------bug_bounty-5Wahid Najimbug-bounty-writeup, business-logic-flaw, business-logic, bug-bounty, business-logic-bug16-Feb-2025
LivePwn Tool: The Ultimate Swiss Army Knife for Hackers and Bug Bounty Huntershttps://livepwn.medium.com/livepwn-tool-the-ultimate-swiss-army-knife-for-hackers-and-bug-bounty-hunters-6faac2c7157c?source=rss------bug_bounty-5livepwncybersecurity, ctf, cybertool, bug-bounty, hacking16-Feb-2025
How I Found a Sensitive Data Leak in Microsoft!”https://rootxabit.medium.com/how-i-found-a-sensitive-data-leak-in-microsoft-6c20c66d0ead?source=rss------bug_bounty-5xabit • hacksbug-bounty, hacking, hacker, medium, microsoft16-Feb-2025
CORS vs Access-Control-Allow-Originhttps://medium.com/@shadyfarouk1986/cors-vs-access-control-allow-origin-af5cecc3f4c7?source=rss------bug_bounty-5Shady Faroukbug-bounty-program, bug-bounty, bug-bounty-writeup, bug-bounty-tips16-Feb-2025
Day 11: Full Account Takeover (ATO) — A Tale of Two Bugshttps://medium.com/@danielbelay/day-11-full-account-takeover-ato-a-tale-of-two-bugs-2e630aeb56ff?source=rss------bug_bounty-5dani3lbug-bounty, account-takeover16-Feb-2025
Hacking Exposed .git Directories: Because Developers Still Don’t Learnhttps://medium.com/@mahad.ahmed0x1/hacking-exposed-git-directories-because-developers-still-dont-learn-095de0b96e2c?source=rss------bug_bounty-5404NotPentestedinformation-security, infosec, cybersecurity, penetration-testing, bug-bounty16-Feb-2025
$9,060 OS Command Injection — Private Bug Bounty P1 | 2023https://medium.com/@krishna9823420058/9-060-os-command-injection-private-bug-bounty-p1-2023-c9ac83a0fe2a?source=rss------bug_bounty-5Krish_cyberosint, bugs, hacking, infosec-write-ups, bug-bounty16-Feb-2025
Portswigger Web Security Academy : “Excessive trust in client-side controls” walkthroughhttps://medium.com/@Kinqdathacker/portswigger-web-security-academy-excessive-trust-in-client-side-controls-walkthrough-ddf5457a6e7b?source=rss------bug_bounty-5Kinqdathackerweb-hacking, penetration-testing, ctf, bug-bounty, business-logic-flaw16-Feb-2025
How To Discover Hidden Endpointshttps://medium.com/@kumawatabhijeet2002/how-to-discover-hidden-endpoints-fef261d619c1?source=rss------bug_bounty-5Abhijeet kumawatsecrets, bug-bounty, infosec, hidden, hacking16-Feb-2025
Top Web Application Penetration Testing Tools in 2025: A Comprehensive Guide for Ethical Hackershttps://medium.com/@verylazytech/top-web-application-penetration-testing-tools-in-2025-a-comprehensive-guide-for-ethical-hackers-863c0640baab?source=rss------bug_bounty-5Very Lazy Techhacking, bug-bounty, cyber, ethical-hacking, penetration-testing16-Feb-2025
Bug Bounty 101: How to Get Started and Earn Your First Rewardhttps://medium.com/@krishna9823420058/bug-bounty-101-how-to-get-started-and-earn-your-first-reward-4693846cc553?source=rss------bug_bounty-5Krish_cyberbug-bounty, information-security, ethical-hacking, osint, infosec16-Feb-2025
Discovering the Power of WaybackURLs: A Tool for Web Archiving and Reconnaissancehttps://medium.com/@cyberawareness/discovering-the-power-of-waybackurls-a-tool-for-web-archiving-and-reconnaissance-2881a1fc614e?source=rss------bug_bounty-5SourceFul Spacewayback-machine, penetration-testing, cybersecurity, bug-bounty, waybackurls16-Feb-2025
find hidden subdomainhttps://medium.com/@dark_zone/find-hidden-subdomain-5d7cc42de1e8?source=rss------bug_bounty-5darkzonebug-bounty, bug-bounty-tips16-Feb-2025
How a Simple RFI Turned into a $300 RCE Jackpot — A Hacker’s Wild Ride!https://medium.com/@krishna9823420058/how-a-simple-rfi-turned-into-a-300-rce-jackpot-a-hackers-wild-ride-207e636e2398?source=rss------bug_bounty-5Krish_cyberpenetration-testing, bug-bounty, vulnerability, cybersecurity, ethical-hacking16-Feb-2025
“Hack the Bounty: Automate Bug Hunting & Get a Free VPS to Supercharge Your Game!”https://medium.com/@krishna9823420058/hack-the-bounty-automate-bug-hunting-get-a-free-vps-to-supercharge-your-game-8ee8ed90b5dc?source=rss------bug_bounty-5Krish_cyberinfosec, cybersecurity, money, ethical-hacking, bug-bounty16-Feb-2025
How to Earn $100k as a Bug Bounty Hunterhttps://medium.com/@ibtissamhammadi/how-to-earn-100k-as-a-bug-bounty-hunter-584690e63ab4?source=rss------bug_bounty-5Ibtissam Hammadicybersecurity, ethical-hacking, bug-bounty, tech-career, programming16-Feb-2025
XSS Hunting Like a Pro: The Ultimate Guide to Finding Cross-Site Scripting Bugshttps://medium.com/@krishna9823420058/xss-hunting-like-a-pro-the-ultimate-guide-to-finding-cross-site-scripting-bugs-3a459245b4bc?source=rss------bug_bounty-5Krish_cyberosint, sql-injection, bug-bounty, xss-attack, hacking16-Feb-2025
Mastering SQL Injection: The Ultimate Guide to Finding Vulnerabilities Like a Prohttps://medium.com/@krishna9823420058/mastering-sql-injection-the-ultimate-guide-to-finding-vulnerabilities-like-a-pro-e64a0ba2d257?source=rss------bug_bounty-5Krish_cyberosint, ethical-hacking, sql-injection, bug-bounty, cybersecurity16-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-99)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-99-a31faa45f6b8?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, bug-bounty, hacking, bug-bounty-tips, ethical-hacking16-Feb-2025
Bypassing OTP via Inspect Elementhttps://medium.com/@noobsechunter/bypassing-otp-via-inspect-element-c95e8df29e54?source=rss------bug_bounty-5Whoamilearning, bug-bounty, otp-bypass, beginner16-Feb-2025
From Noob to $10k: How I Cracked the Bug Bounty Code as a Beginner! ✨https://medium.com/@krishna9823420058/from-noob-to-10k-how-i-cracked-the-bug-bounty-code-as-a-beginner-f4a672ec3169?source=rss------bug_bounty-5Krish_cyberinformation-security, bug-bounty, hacking, osint, ethical-hacking16-Feb-2025
The Ultimate Bug Bounty Hunter’s Toolkit: Must-Have Tools to Hack Your Way to Success! ️‍♂️https://medium.com/@krishna9823420058/the-ultimate-bug-bounty-hunters-toolkit-must-have-tools-to-hack-your-way-to-success-%EF%B8%8F-%EF%B8%8F-be4dfc958d4b?source=rss------bug_bounty-5Krish_cyberbug-bounty, bug-bounty-tips, hacking, ethical-hacking, osint16-Feb-2025
Hackers Assemble: The Vulniverse Sagahttps://medium.com/@abhishek-ji/hackers-assemble-the-vulniverse-saga-84992359a522?source=rss------bug_bounty-5Abhishek Guptaparuluniversity, bug-bounty, web-app-security, cybersecurity, the-hackers-meetup16-Feb-2025
How to Write the Perfect Bug Bounty Report (With Examples!)https://medium.com/@krishna9823420058/how-to-write-the-perfect-bug-bounty-report-with-examples-5d95b95559ea?source=rss------bug_bounty-5Krish_cyberbug-bounty-tips, bug-bounty, cybersecurity, osint, bug-bounty-writeup16-Feb-2025
Top 10 Platforms to Find Bug Bounty Programs in 2025: Hunt Bugs, Earn Cash, and Save the…https://medium.com/@krishna9823420058/top-10-platforms-to-find-bug-bounty-programs-in-2025-hunt-bugs-earn-cash-and-save-the-dbc9a6ac13d1?source=rss------bug_bounty-5Krish_cyberethical-hacking, osint, bug-bounty, infosec-write-ups, bug-bounty-tips16-Feb-2025
Log4j RCE Vulnerability (CVE-2021–44228) Exploitationhttps://medium.com/@muhammadwaseem29/log4j-rce-vulnerability-cve-2021-44228-exploitation-041ff74e1349?source=rss------bug_bounty-5Muhammad Waseemcyber, rce, bug-bounty-tips, bug-bounty, hacking16-Feb-2025
# Exposure of Internal PHP Source Code Leading to Credential & Sensitive Data Leakagehttps://medium.com/@bevennyamande/exposure-of-internal-php-source-code-leading-to-credential-sensitive-data-leakage-209383740e1e?source=rss------bug_bounty-50xbevenbug-bounty-writeup, bug-bounty-tips, bug-bounty16-Feb-2025
How to Extract Information from Websites: Automated OSINT Techniques and Toolshttps://cyberw1ng.medium.com/how-to-extract-information-from-websites-automated-osint-techniques-and-tools-434204e9c9dc?source=rss------bug_bounty-5Karthikeyan Nagarajjobs, osint, cybersecurity, bug-bounty, careers16-Feb-2025
Symfonos2 Security Challengehttps://medium.com/@Y_Waheed/symfonos2-security-challenge-3d6a2a514f37?source=rss------bug_bounty-5Joopenetration-testing, bug-bounty, bug-bounty-writeup, cybersecurity16-Feb-2025
How I Found My First Bug: A Beginner’s Guide to Bug Bounty Huntinghttps://medium.com/@azizkilani88/how-i-found-my-first-bug-a-beginners-guide-to-bug-bounty-hunting-f41afef630d3?source=rss------bug_bounty-5A_SKILLER_007bugbounty-tips, bug-bounty, cybersecurity16-Feb-2025
How to Extract Information from Websites: Automated OSINT Techniques and Toolshttps://osintteam.blog/how-to-extract-information-from-websites-automated-osint-techniques-and-tools-434204e9c9dc?source=rss------bug_bounty-5Karthikeyan Nagarajjobs, osint, cybersecurity, bug-bounty, careers16-Feb-2025
Breaking Architect: Matrix AI Security Challenge by Repellohttps://osintteam.blog/breaking-architect-matrix-ai-security-challenge-by-repello-6853c34a6874?source=rss------bug_bounty-5Rudrakshackerai, prompt-engineering, cybersecurity, bug-bounty, chatbots15-Feb-2025
From Recon to Exploitation: The Power of TerminatorZhttps://osintteam.blog/from-recon-to-exploitation-the-power-of-terminatorz-e86d8bf59c08?source=rss------bug_bounty-5Monika sharmatechnology, penetration-testing, bug-bounty, hacking, bug-bounty-tips15-Feb-2025
How to Easily Find Exposed Credentials in Bug Huntinghttps://osintteam.blog/how-to-easily-find-exposed-credentials-in-bug-hunting-bb70ac603bae?source=rss------bug_bounty-5RivuDonhacking, bug-bounty, infosec, bug-bounty-writeup, bug-bounty-tips15-Feb-2025
Day 10:Turned Cookie-Based XSS into Account Takeoverhttps://medium.com/@danielbelay/day-10-turned-cookie-based-xss-into-account-takeover-ea28620f2888?source=rss------bug_bounty-5dani3lbug-bounty, ethical-hacking15-Feb-2025
WEB APP PENTESTING CHECKLIST 2025https://medium.com/@shaheeryasirofficial/web-app-pentesting-checklist-2025-438eb646b47a?source=rss------bug_bounty-5Shaheer Yasiroffensive-security, web-app-security, bug-bounty, ethical-hacking, pentesting15-Feb-2025
Command Execution in Bug Bounties: How to Find, Test, and Exploithttps://rootxabit.medium.com/command-execution-in-bug-bounties-how-to-find-test-and-exploit-4f863c4a7240?source=rss------bug_bounty-5xabit • hacksbug-bounty, recon, osint, oscp, website-hacking15-Feb-2025
Rate Limits Bypassed — Business Logic Flawhttps://medium.com/@muhammad_saud/rate-limits-bypassed-business-logic-flaw-948a11dce0e4?source=rss------bug_bounty-5Msaudbug-bounty, hackerone, bug-bounty-writeup, penetration-testing, hacking15-Feb-2025
How I Earned $5,000 from a Single Bug Reporthttps://medium.com/@krishna9823420058/how-i-earned-5-000-from-a-single-bug-report-d4a793290a58?source=rss------bug_bounty-5Krish_cyberinformation-security, ethical-hacking, bug-bounty, bug-bounty-tips, osint15-Feb-2025
The Blueprint to Your First $1,000+ Bug Bounty Rewardhttps://medium.com/@krishna9823420058/the-blueprint-to-your-first-1-000-bug-bounty-reward-380e1df3b2b2?source=rss------bug_bounty-5Krish_cyberinfo-sec-writeups, bug-bounty-tips, ethical-hacking, osint, bug-bounty15-Feb-2025
How I Made $200 in 2 Minutes on HackerOne — Zomato Bug Bounty Program (With Real Example)https://medium.com/@krishna9823420058/how-i-made-200-in-2-minutes-on-hackerone-zomato-bug-bounty-program-with-real-example-a851c4042ca6?source=rss------bug_bounty-5Krish_cybercybersecurity, osint, infosec-write-ups, hacking, bug-bounty15-Feb-2025
The Ultimate Guide to Subdomain Enumeration: Brute-Forcing Hidden Subdomains with dnsx, mgwls, and…https://medium.com/@hacker_might/the-ultimate-guide-to-subdomain-enumeration-brute-forcing-hidden-subdomains-with-dnsx-mgwls-and-ffa36ad86519?source=rss------bug_bounty-5hacker_mightreconnaissance, brute-force, subdomains-enumeration, bug-bounty, bug-bounty-tips15-Feb-2025
Content Provider Exploitation: From Simple Misconfiguration to Application Lockdownhttps://medium.com/@muhammedgalal66/content-provider-exploitation-from-simple-misconfiguration-to-application-lockdown-fd09520e9d3a?source=rss------bug_bounty-5Dg0x6bug-bounty-tips, bug-bounty-writeup, android-app-testing, bug-bounty, bugs15-Feb-2025
Cache Control: An Easy P4 Vulnerabilityhttps://infosecwriteups.com/cache-control-an-easy-p4-vulnerability-746138597d10?source=rss------bug_bounty-5JEETPALcache-control, bugbounty-tips, bug-bounty-writeup, bug-bounty, cybersecurity15-Feb-2025
Exposed Admin Panel, $8000 Bounty — The Power of Shodan Recon!”https://medium.com/@rahulgairola/exposed-admin-panel-8000-bounty-the-power-of-shodan-recon-3408ce97531c?source=rss------bug_bounty-5Rahul Gairolabug-bounty-writeup, bug-bounty-tips, authentication-bypass, authentication, bug-bounty15-Feb-2025
The Ultimate Guide to Subdomain Enumeration: Brute-Forcing Hidden Subdomains with dnsx, mgwls, and…https://osintteam.blog/the-ultimate-guide-to-subdomain-enumeration-brute-forcing-hidden-subdomains-with-dnsx-mgwls-and-ffa36ad86519?source=rss------bug_bounty-5hacker_mightreconnaissance, brute-force, subdomains-enumeration, bug-bounty, bug-bounty-tips15-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-98)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-98-65be156058f4?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, hacking, bug-bounty-tips, ethical-hacking, cybersecurity15-Feb-2025
From Cookie to P1: Exploiting a Simple Flaw for Maximum Impacthttps://infosecwriteups.com/from-cookie-to-p1-exploiting-a-simple-flaw-for-maximum-impact-a05ef35c3e8c?source=rss------bug_bounty-50day storiesbug-bounty-writeup, bug-bounty-tips, cybersecurity, bug-bounty, penetration-testing15-Feb-2025
SSRF Advanced Methodology✨https://medium.com/@kumawatabhijeet2002/ssrf-advanced-methodology-ecbe289886ef?source=rss------bug_bounty-5Abhijeet kumawatmoney, infosec, ssrf, hacking, bug-bounty15-Feb-2025
Unauthorized Access to Blinkist Premium Audiobooks — A Case Studyhttps://medium.com/@rstuv/unauthorized-access-to-blinkist-premium-audiobooks-a-case-study-8b3d7e6c3c17?source=rss------bug_bounty-5rstuvbug-bounty, cybersecurity15-Feb-2025
From $0 to $2,500: My Journey Finding Critical Vulnerability Through Bug Bounty Programshttps://medium.com/@ibtissamhammadi/from-0-to-2-500-my-journey-finding-critical-vulnerability-through-bug-bounty-programs-c4d8a5059eec?source=rss------bug_bounty-5Ibtissam Hammadibug-bounty, cybersecurity, hacking, infosec, programming15-Feb-2025
Comparing Burp Suite Pro and OWASP ZAP: Which One is Right for You?https://medium.com/@shadyfarouk1986/comparing-burp-suite-pro-and-owasp-zap-which-one-is-right-for-you-56629b2dac6d?source=rss------bug_bounty-5Shady Faroukbug-bounty-tips, bug-bounty, vulnerability-assessment, bug-bounty-writeup15-Feb-2025
How a Hidden GitHub Token Led to a $50,000 Bug Bountyhttps://cyberw1ng.medium.com/how-a-hidden-github-token-led-to-a-50-000-bug-bounty-6bbec61114d9?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, jobs, careers, bug-bounty, programming15-Feb-2025
API Testing ( Port Swigger Labs ) Solutionshttps://medium.com/@youssefawad1357/api-testing-port-swigger-labs-solutions-2f8f7b949f9f?source=rss------bug_bounty-5youssef awadapi, pentesting, apihacking, penetration-testing, bug-bounty15-Feb-2025
Best Bug Bounty Platforms in 2025: A Comprehensive Comparisonhttps://medium.com/@hackrate/best-bug-bounty-platforms-in-2025-a-comprehensive-comparison-70aaa7d967eb?source=rss------bug_bounty-5Levente Molnarbug-bounty, bug-bounty-tips, ethical-hacking, cybersecurity, hacking15-Feb-2025
How a Hidden GitHub Token Led to a $50,000 Bug Bountyhttps://osintteam.blog/how-a-hidden-github-token-led-to-a-50-000-bug-bounty-6bbec61114d9?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, jobs, careers, bug-bounty, programming15-Feb-2025
A Powerful Web Crawling and OSINT Toolhttps://osintteam.blog/a-powerful-web-crawling-and-osint-tool-c0a5d118f398?source=rss------bug_bounty-5Monika sharmahacking, bug-bounty-tips, penetration-testing, bug-bounty, technology14-Feb-2025
HyperText Transfer Protocol (HTTP)https://medium.com/bug-bounty-bug-hunter-academy/hypertext-transfer-protocol-http-3719e3eda9ea?source=rss------bug_bounty-5Michael Mancusohttp-request, bug-bounty, web, https14-Feb-2025
Get Your First Bughttps://cybersecuritywriteups.com/get-your-first-bug-b50dadbea60a?source=rss------bug_bounty-5Abhijeet kumawatmoney, bug-bounty, infosec, hacking, ai14-Feb-2025
How I can trigger Remote Code Execution Via Cron Jobhttps://r0b0ts.medium.com/how-i-can-trigger-remote-code-execution-via-cron-job-b7d9d7dc9372?source=rss------bug_bounty-5r0b0tsbug-bounty-writeup, pentesting, bug-bounty, bug-bounty-tips, web-security14-Feb-2025
How to Bypass Web Application Firewalls (WAFs)https://medium.com/@vipulsonule71/how-to-bypass-web-application-firewalls-wafs-d4a0212b6fa5?source=rss------bug_bounty-5Vipul Sonuletechnology, hacking, bug-bounty, penetration-testing, cybersecurity14-Feb-2025
Crack Worldhttps://medium.com/@loaymorad11/crack-world-49be8914684d?source=rss------bug_bounty-5Loaymoradtryhackme, bug-bounty, cybersecurity, hacking14-Feb-2025
How to Find Your First Bug and Get Paid — Bug Bounty Made Easyhttps://medium.com/@krishna9823420058/how-to-find-your-first-bug-and-get-paid-bug-bounty-made-easy-cb595ef2aaee?source=rss------bug_bounty-5Krish_cyberinfosec-write-ups, bugs, hacking, bug-bounty, osint14-Feb-2025
Mastering Reconnaissance in Bug Bounty: The Art of Finding Hidden Vulnerabilitieshttps://abhayal.medium.com/mastering-reconnaissance-in-bug-bounty-the-art-of-finding-hidden-vulnerabilities-c34d87cb98c0?source=rss------bug_bounty-5Abhayalhackerone, reconnaissance, bug-bounty, vulnerability, bug-bounty-tips14-Feb-2025
Find secret in S3 Bucket and earn $500 and morehttps://medium.com/@anandrishav2228/find-secret-in-s3-bucket-and-earn-500-and-more-640b341dfe54?source=rss------bug_bounty-5Rishav anandmoney, aws, cybersecurity, amazon, bug-bounty14-Feb-2025
Day 9: CRLF to Account Takeover (Chaining Bugs)https://medium.com/@danielbelay/day-9-crlf-to-account-takeover-chaining-bugs-8e621c9be109?source=rss------bug_bounty-5dani3lbug-bounty-writeup, ethical-hacking, bug-bounty14-Feb-2025
Top CTF Competitions and Where to Practicehttps://medium.com/@BlackHat123/top-ctf-competitions-and-where-to-practice-f71c56ecfef1?source=rss------bug_bounty-5blackhatctf, competition, bug-bounty, walkthrough14-Feb-2025
Why Bug Bounty Programs Are Essential for In-Depth Vulnerability Detectionhttps://medium.com/@hackrate/why-bug-bounty-programs-are-essential-for-in-depth-vulnerability-detection-06bcfd3c6c18?source=rss------bug_bounty-5Levente Molnarcybersecurity, bug-bounty, hacking, ethical-hacking, bug-bounty-tips14-Feb-2025
$1,700 IDOR: Unauthorized Modification of Web Hosting Configurationhttps://medium.com/@a13h1/1-700-idor-unauthorized-modification-of-web-hosting-configuration-d6febc6c6a41?source=rss------bug_bounty-5Abhi Sharmabug-bounty, cybersecurity, vulnerability, idor, pentesting14-Feb-2025
How I got a Stored XSS by searching through JS files.https://medium.com/@oXnoOneXo/how-i-got-a-stored-xss-by-searching-through-js-files-fdfe2490668b?source=rss------bug_bounty-5oXnoOneXobug-bounty-tips, bug-bounty, bug-bounty-writeup14-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-97)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-97-34ad1a8bc36c?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, bug-bounty-tips, bug-bounty, cybersecurity, ethical-hacking14-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-96)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-96-c1cb10e05488?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, hacking, bug-bounty-tips, cybersecurity, ethical-hacking14-Feb-2025
Are You Missing Subdomains? The Resolver Trick You Need to Know!https://medium.com/@maakthon/are-you-missing-subdomains-the-resolver-trick-you-need-to-know-71da4abeb39d?source=rss------bug_bounty-5Mahmoud Abd Alkarimsubdomain, penetration-testing, enumeration, bug-bounty, dns14-Feb-2025
Breaking Through the Firewall: How I Bypassed a WAF and Found a Critical Bug with $1700https://myselfakash20.medium.com/breaking-through-the-firewall-how-i-bypassed-a-waf-and-found-a-critical-bug-with-1700-0680e28c8785?source=rss------bug_bounty-5Akash Ghoshprogramming, bug-bounty, bugbounty-tips, bug-bounty-writeup, cybersecurity14-Feb-2025
Easy $300: Template Injectionhttps://medium.com/@kumawatabhijeet2002/easy-300-template-injection-71e3395c53b3?source=rss------bug_bounty-5Abhijeet kumawathacking, ssti, money, bug-bounty, infosec14-Feb-2025
$1,700 IDOR: Unauthorized Modification of Web Hosting Configurationhttps://infosecwriteups.com/1-700-idor-unauthorized-modification-of-web-hosting-configuration-d6febc6c6a41?source=rss------bug_bounty-5Abhi Sharmabug-bounty, cybersecurity, vulnerability, idor, pentesting14-Feb-2025
From SQL Injection to Remote Code Execution: A Bug Bounty Hunter’s Unexpected Journeyhttps://medium.com/@gouravrathod8788/from-sql-injection-to-remote-code-execution-a-bug-bounty-hunters-unexpected-journey-bc91a3697f24?source=rss------bug_bounty-5Gourav Singh Rajputbug-bounty, cybersecurity14-Feb-2025
Hackers Wanted: Bug Bounty Program Pays $50,000 for Critical Vulnerabilitieshttps://medium.com/@ibtissamhammadi/hackers-wanted-bug-bounty-program-pays-50-000-for-critical-vulnerabilities-e113b868ee0f?source=rss------bug_bounty-5Ibtissam Hammadiethical-hacking, bug-bounty, cybersecurity, tech-career, programming14-Feb-2025
Advanced Secrets Hunting: Finding Exposed Credentials in Unconventional Placeshttps://cyberw1ng.medium.com/advanced-secrets-hunting-finding-exposed-credentials-in-unconventional-places-9aaaf52330a3?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, jobs, programming, cybersecurity14-Feb-2025
Bug Bounty Hunting: Web Vulnerability (Secure Code Review)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-secure-code-review-39c61b961afc?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-tips, bug-bounty, secure-code-review, bug-bounty-program, bug-bounty-hunter14-Feb-2025
Bug Bounty Hunting: Web Vulnerability (Information Disclosure)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-information-disclosure-b1ef91dc0208?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-hunter, information-disclosure, bug-bounty-program, bug-bounty-tips, bug-bounty14-Feb-2025
Bug Bounty Hunting: Web Vulnerability (Single Sign-On services)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-single-sign-on-services-8fc6e85e5ece?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-tips, single-sign-on, bug-bounty-hunter, bug-bounty-program, bug-bounty14-Feb-2025
Advanced Secrets Hunting: Finding Exposed Credentials in Unconventional Placeshttps://osintteam.blog/advanced-secrets-hunting-finding-exposed-credentials-in-unconventional-places-9aaaf52330a3?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, jobs, programming, cybersecurity14-Feb-2025
Powerful Burp Suite Extensionshttps://osintteam.blog/powerful-burp-suite-extensions-d1c960f376b5?source=rss------bug_bounty-5Monika sharmabug-bounty, hacking, bug-bounty-tips, penetration-testing, technology13-Feb-2025
Mastering SQL Injection: Detection, Exploitation & Automation Guidehttps://rootxabit.medium.com/mastering-sql-injection-detection-exploitation-automation-guide-7f0195fe435d?source=rss------bug_bounty-5xabit • hacksexploitation, bug-bounty, sqlinjectiontypes, zero-day-vulnerability, hacking13-Feb-2025
$10.5k Bounty Storyhttps://aimasterprompt.medium.com/10-5k-bounty-story-aa55497d77b6?source=rss------bug_bounty-5aimasterbug-bounty, programming, technology, cybersecurity, infosec13-Feb-2025
Earn $$$$ by Finding CSRF Vulnerabilities!https://infosecwriteups.com/earn-by-finding-csrf-vulnerabilities-638f876918cf?source=rss------bug_bounty-5Abhijeet kumawathacking, infosec, money, csrf, bug-bounty13-Feb-2025
️‍♂️ How to Information Gathering in Bug Hunting on Targethttps://medium.com/@vipulsonule71/%EF%B8%8F-%EF%B8%8F-how-to-information-gathering-in-bug-hunting-on-target-00de7e20afc0?source=rss------bug_bounty-5Vipul Sonulebug-bounty, hacking, cybersecurity, penetration-testing, technology13-Feb-2025
Threat Actor Attribution: A Detailed Guidehttps://medium.com/@paritoshblogs/threat-actor-attribution-a-detailed-guide-39f5b81086ac?source=rss------bug_bounty-5Paritoshcybersecurity, threat-intelligence, ai, bug-bounty, information-technology13-Feb-2025
Day 8: Self-XSS + Login & Logout CSRF + OAuth Hijackinghttps://medium.com/@danielbelay/day-8-self-xss-login-logout-csrf-oauth-hijacking-83c848ad9a1e?source=rss------bug_bounty-5dani3lethical-hacking, account-takeover, bug-bounty13-Feb-2025
How Bug Bounty Programs Have Evolved: From Early Experiments to Modern Security Frameworkshttps://medium.com/@hackrate/how-bug-bounty-programs-have-evolved-from-early-experiments-to-modern-security-frameworks-32b071e44513?source=rss------bug_bounty-5Levente Molnarethical-hacking, hacking, cybersecurity, bug-bounty, bug-bounty-tips13-Feb-2025
Bug Bounty in 2025: Part 2 — Intro to Open Redirect Vulnerability with a Conceptual Labhttps://medium.com/@halfcircassian/bug-bounty-in-2025-part-2-intro-to-open-redirect-vulnerability-with-a-conceptual-lab-c0db11537778?source=rss------bug_bounty-5Sıla Özerenbug-bounty-writeup, open-redirect, bug-bounty-tips, bug-bounty, vulnerability13-Feb-2025
3 Steps to Landing the Highest Paid Bug Bounty: $150K in 30 Dayshttps://medium.com/@ibtissamhammadi/3-steps-to-landing-the-highest-paid-bug-bounty-150k-in-30-days-662da049fb4d?source=rss------bug_bounty-5Ibtissam Hammadibug-bounty, programming, infosec, cybersecurity, ethical-hacking13-Feb-2025
How does an extension help me find a PII data bug?https://infosecwriteups.com/how-does-an-extension-help-me-find-a-pii-data-bug-a95d83043f9a?source=rss------bug_bounty-5loyalonlytodayhacking, bug-bounty, programming, cybersecurity, tips13-Feb-2025
Community Bug Bounty Campaignhttps://medium.com/bitoro-network/community-bug-bounty-campaign-853538e88021?source=rss------bug_bounty-5Kayla.Bitorobug-bounty, defi, injective, arbitrum, testnet13-Feb-2025
website leaking OTP in inspect elementhttps://cybersecuritywriteups.com/website-leaking-otp-in-inspect-element-aa38d15059c9?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, cybersecurity, bug-bounty, hacking, bugs13-Feb-2025
Can Crowdsourced Ethical Hacking Replace Yearly Penetration Testing?https://medium.com/@hackrate/can-crowdsourced-ethical-hacking-replace-yearly-penetration-testing-2c525820088b?source=rss------bug_bounty-5Levente Molnarpenetration-testing, bug-bounty, ethical-hacking, hacking, cybersecurity13-Feb-2025
Get Internship Offers During Second Year of College in Cybersecurity — offensive security domainhttps://abhishekmorla.medium.com/get-internship-offers-during-second-year-of-college-in-cybersecurity-offensive-security-domain-7caecdfaabe5?source=rss------bug_bounty-5Abhishek Morlabtech, bug-bounty, red-team, cse, cybersecurity13-Feb-2025
Locked Features, Unlocked Access: Breaking Restrictions with Response Manipulationhttps://medium.com/@0x5atab/locked-features-unlocked-access-breaking-restrictions-with-response-manipulation-c7546a39c4c7?source=rss------bug_bounty-5Muhammad Khatabbug-hunting, bug-bounty-writeup, infosec, bugbounty-writeup, bug-bounty13-Feb-2025
BUG IN QWEN AI CHATBOThttps://medium.com/@rr-1k/bug-in-qwen-ai-chatbot-77d02e89d77f?source=rss------bug_bounty-5rr-1kbug-bounty, bug-bounty-tips, deepseek, qwen, ai13-Feb-2025
Automate Open Redirect and Earn $250, $200, $100!https://cybersecuritywriteups.com/automate-open-redirect-and-earn-250-200-100-b6bfd75a5dc7?source=rss------bug_bounty-5Abhijeet kumawatmoney, infosec, hacking, bug-bounty, openai13-Feb-2025
Mr Robot CTFhttps://medium.com/@princepr99/mr-robot-ctf-305aea527bcc?source=rss------bug_bounty-5Prince P Ravicybersecurity, ethical-hacking, bug-bounty13-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-95)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-95-81b5e24c7f11?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, bug-bounty-tips, ethical-hacking, hacking13-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-94)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-94-f6432847ad99?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips, hacking13-Feb-2025
$2000 Bounty: Unauthenticated Remote Code Execution to Reverse Shell — A Real-World Examplehttps://medium.com/@krishna9823420058/2000-bounty-unauthenticated-remote-code-execution-to-reverse-shell-a-real-world-example-aee9a7c6851b?source=rss------bug_bounty-5Krish_cyberbug-bounty, info-sec-writeups, bugs, hacking, osint13-Feb-2025
Arcgis SQLi — CVE-2012–4949https://medium.com/@metogmer/arcgis-sqli-cve-2012-4949-06ea278ab6a4?source=rss------bug_bounty-5Muntadhar M. Ahmedbug-bounty, bug-hunter, hackerone, cybersecurity, sql-injection13-Feb-2025
Bug Bounty Hunting: Web Vulnerability (Remote Code Execution)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-remote-code-execution-3935b5823657?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-hunter, bug-bounty-tips, bug-bounty, remote-code-execution, bug-bounty-program13-Feb-2025
New to Bug bounty (simple way)https://medium.com/@bombhajohn/new-to-bug-bounty-simple-way-62cd38d0b9fc?source=rss------bug_bounty-5Bombhajohncybersecurity, bug-bounty, bug-bounty-tips13-Feb-2025
Bug Bounty Hunting: Web Vulnerability (Application Logic Errors and Broken Access Control)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-application-logic-errors-and-broken-access-control-cd15bb9ccc0c?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-program, broken-access-control, bug-bounty-hunter, bug-bounty-tips, bug-bounty13-Feb-2025
Finding Hidden API Keys, Tokens, and Sensitive Information in Applicationshttps://cyberw1ng.medium.com/finding-hidden-api-keys-tokens-and-sensitive-information-in-applications-d8a40a5a162a?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, bug-bounty, jobs, careers, cybersecurity13-Feb-2025
Bug Bounty Hunting: Web Vulnerability (Same-Origin Policy)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-same-origin-policy-23aabe865729?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty, bug-bounty-program, bug-bounty-hunter, same-origin-policy, bug-bounty-tips13-Feb-2025
New to Bug bounty (simple way)https://medium.com/@bombhajohn/new-to-bug-bounty-simple-way-62cd38d0b9fc?source=rss------bug_bounty-5Folks47gheecybersecurity, bug-bounty, bug-bounty-tips13-Feb-2025
Finding Hidden API Keys, Tokens, and Sensitive Information in Applicationshttps://osintteam.blog/finding-hidden-api-keys-tokens-and-sensitive-information-in-applications-d8a40a5a162a?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, bug-bounty, jobs, careers, cybersecurity13-Feb-2025
N#S# server security misconfiguration.https://medium.com/@hunter_sv/nasa-server-security-misconfiguration-4b7b9b7331b5?source=rss------bug_bounty-5Hunter_svbug-bounty12-Feb-2025
BFAC: The Ultimate Tool to Uncover Hidden Backup Fileshttps://osintteam.blog/bfac-the-ultimate-tool-to-uncover-hidden-backup-files-4a0de1f9e8de?source=rss------bug_bounty-5Monika sharmabug-bounty, technology, penetration-testing, hacking, bug-bounty-tips12-Feb-2025
How I Found an ATO in a Public Programhttps://medium.com/@khaledahmed_56157/how-i-found-an-ato-in-a-public-program-5209be3140f4?source=rss------bug_bounty-5Khaled Ahmedbug-bounty, cybersecurity, penetration-testing, vulnerability, hackerone12-Feb-2025
Earn $5000 using Subdomain Takeover: Step By Step Guidehttps://cybersecuritywriteups.com/earn-5000-using-subdomain-takeover-step-by-step-guide-eec3e8e6336d?source=rss------bug_bounty-5Abhijeet kumawatsubdomain-takeover, money, hacking, infosec, bug-bounty12-Feb-2025
Day 7: Drag & Drop XSS + Cookie Bomb for OAuth Hijackinghttps://medium.com/@danielbelay/day-7-drag-drop-xss-cookie-bomb-for-oauth-hijacking-a9b828cd9c54?source=rss------bug_bounty-5dani3lbug-bounty, ethical-hacking12-Feb-2025
Accessing Admin Portal Without Credentials via Long Redirection Responsehttps://systemweakness.com/accessing-admin-portal-without-credentials-via-long-redirection-response-da79d84bb93a?source=rss------bug_bounty-5Kushanmadurangaredirection, web-security, bug-bounty, burpsuite, hacking12-Feb-2025
Exploiting crAPI with jwt_toolhttps://medium.com/@samhilliard/in-this-post-ill-show-you-how-to-use-jwt-tool-to-analyze-and-exploit-jwt-vulnerabilities-in-97c62a0e6ac5?source=rss------bug_bounty-5Sam Hilliardweb, bug-bounty, pentesting, jwt, hacking12-Feb-2025
Let’s Build a Cybersecurity Knowledge Hub!https://medium.com/@Mike_3xploit3r/lets-build-a-cybersecurity-knowledge-hub-5686d251f632?source=rss------bug_bounty-5Mike_3xploit3rpenetration-testing-tools, penetration-testing, ethical-hacking, cybersecurity, bug-bounty12-Feb-2025
Account Takeover via Lack of Email Verification Vulnerabilityhttps://medium.com/@whitehat29/account-takeover-via-lack-of-email-verification-vulnerability-9b9be0751d8b?source=rss------bug_bounty-5Whitehatinfosec, hacking, bug-bounty-writeup, bug-bounty, bug-bounty-tips12-Feb-2025
Katana: A Fast and Powerful Web Fuzzerhttps://medium.com/meetcyber/katana-a-fast-and-powerful-web-fuzzer-fc41c757d8a0?source=rss------bug_bounty-5Erkan Kavaskatana, bug-hunting, toolkit, bug-bounty, cybersecurity12-Feb-2025
Bug Bounty Hunting: Web Vulnerability (XML External Entity)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-xml-external-entity-c4f1b4b629f3?source=rss------bug_bounty-5Muhammad Abdullah Niazixxe-attack, bug-bounty-tips, bug-bounty, bug-bounty-hunter, xxe12-Feb-2025
Currently, HackerOne Has Over 1400 Bug Bounty Programs. Is It Really That Good?https://medium.com/@hackrate/currently-hackerone-has-over-1400-bug-bounty-programs-is-it-really-that-good-eac92a515e29?source=rss------bug_bounty-5Levente Molnarbug-bounty-tips, ethical-hacking, bug-bounty, hacking, cybersecurity12-Feb-2025
How I Found Information Disclosure Vulnerability?https://doordiefordream.medium.com/how-i-found-information-disclosure-vulnerability-e673c421c104?source=rss------bug_bounty-5Bug hunter baluweb3, ethical-hacking, cybersecurity, technology, bug-bounty12-Feb-2025
Bug Bounty Hunting: Web Vulnerability (Insecure Deserialization)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-insecure-deserialization-6df3491dc33c?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-hunter, insecure-deserialization, bug-bounty-tips, bug-bounty, bug-bounty-program12-Feb-2025
Unleashing the Power of Amass: A Comprehensive Guide to Subdomain Enumeration & Network Mapping…https://medium.com/@zoningxtr/unleashing-the-power-of-amass-a-comprehensive-guide-to-subdomain-enumeration-network-mapping-4d4a9889b2c7?source=rss------bug_bounty-5Zoningxtrpenetration-testing, web-development, web3, cybersecurity, bug-bounty12-Feb-2025
Bug Bounty Hunting: Web Vulnerability (Template Injection)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-template-injection-373ee3c8b80c?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-tips, template-injection, bug-bounty-hunter, bug-bounty, bug-bounty-program12-Feb-2025
Free VPS for ethical hacking and bug bounty hunting.https://infosecwriteups.com/free-vps-for-ethical-hacking-and-bug-bounty-hunting-d9098c2fbe2a?source=rss------bug_bounty-5loyalonlytodayethical-hacking, hacking, bug-bounty, vps, cybersecurity12-Feb-2025
I Pasted a Link, Inspected the HTML, and Facebook Gave Me $1000https://infosecwriteups.com/i-pasted-a-link-inspected-the-html-and-facebook-gave-me-1000-9ed4a91e24d1?source=rss------bug_bounty-5Vivek PShacking, bug-bounty-writeup, bug-bounty-tips, programming, bug-bounty12-Feb-2025
Broken Brute-Force Protection: How to Bypass Rate Limiting in a Single Request  —  Authentication…https://infosecwriteups.com/broken-brute-force-protection-how-to-bypass-rate-limiting-in-a-single-request-authentication-a4a761fc0b5a?source=rss------bug_bounty-5Bash Overflowbypass-login-protection, brute-force-attack, bypass-rate-limiting, broken-access-control, bug-bounty12-Feb-2025
“.DS_Store” – The Accidental Treasure Map Devs Keep Handing Hackershttps://medium.com/@mahad.ahmed0x1/ds-store-the-accidental-treasure-map-devs-keep-handing-hackers-da0dceeead7d?source=rss------bug_bounty-5404NotPentestedethical-hacking, bug-bounty-tips, penetration-testing, cybersecurity, bug-bounty12-Feb-2025
Client-Side Template Injection (CSTI): A Comprehensive Guidehttps://medium.com/@verylazytech/client-side-template-injection-csti-a-comprehensive-guide-ac2f49a77aae?source=rss------bug_bounty-5Very Lazy Techinjection, ethical-hacking, web, pentesting, bug-bounty12-Feb-2025
Unleashing the Power of Sublist3r: The Ultimate Guide to Subdomain Enumerationhttps://medium.com/@zoningxtr/unleashing-the-power-of-sublist3r-the-ultimate-guide-to-subdomain-enumeration-62d1468a2933?source=rss------bug_bounty-5Zoningxtrsecurity-token, cybersecurity, web-development, bug-bounty, penetration-testing12-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-92)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-92-0cc43d2fedb2?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, bug-bounty-tips, ethical-hacking, bug-bounty, hacking12-Feb-2025
How to Automate Hunting for Open Redirecthttps://infosecwriteups.com/how-to-automate-hunting-for-open-redirect-46537cd67b35?source=rss------bug_bounty-5Spectat0rguycybersecurity, bug-bounty-tips, programming, technology, bug-bounty12-Feb-2025
$900 Bounty: Open Redirection Bughttps://cybersecuritywriteups.com/900-bounty-open-redirection-bug-aa82142b0e9d?source=rss------bug_bounty-5Abhijeet kumawathacking, bounty-program, money, bug-bounty, infosec12-Feb-2025
How I Discovered a WordPress Vulnerability: Exposed Usernames & XML-RPC Exploitationhttps://medium.com/@iamshafayat/how-i-discovered-a-wordpress-vulnerability-exposed-usernames-xml-rpc-exploitation-b35b0ec63a54?source=rss------bug_bounty-5Shafayat Ahmed Alifbug-bounty-methodology, cybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup12-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-93)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-93-d66c26764179?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, cybersecurity, hacking, ethical-hacking, bug-bounty12-Feb-2025
Bug Bounty in 2025: Part 1 — Mastering Regex for Securityhttps://medium.com/@halfcircassian/bug-bounty-in-2025-part-1-mastering-regex-for-security-3d58bcf51102?source=rss------bug_bounty-5Sıla Özerenregex, open-redirect, bug-bounty-writeup, bug-bounty-tips, bug-bounty12-Feb-2025
Facebook Bug Bounty: Can You Really Earn $500 for Finding Bugshttps://medium.com/@ibtissamhammadi/facebook-bug-bounty-can-you-really-earn-500-for-finding-bugs-4e71c81af2a2?source=rss------bug_bounty-5Ibtissam Hammadifacebook, hacking, cybersecurity, technology, bug-bounty12-Feb-2025
Hacking tools — Art of my creationhttps://medium.com/@zatikyan.sevada/hacking-tools-art-of-my-creation-2f47ab1eca18?source=rss------bug_bounty-5Zatikyan Sevadabug-bounty, hacking-tools, hacking, cybersecurity12-Feb-2025
$10,500 SSO Misconfiguration Bug on Grammarlyhttps://cyberw1ng.medium.com/10-500-sso-misconfiguration-bug-on-grammarly-438f2cb87a0c?source=rss------bug_bounty-5Karthikeyan Nagarajjobs, bug-bounty, careers, money, cybersecurity12-Feb-2025
$10,500 SSO Misconfiguration Bug on Grammarlyhttps://osintteam.blog/10-500-sso-misconfiguration-bug-on-grammarly-438f2cb87a0c?source=rss------bug_bounty-5Karthikeyan Nagarajjobs, bug-bounty, careers, money, cybersecurity12-Feb-2025
The Hidden Business Logic Error That Exists On Most E-Commerce Web Applicationhttps://medium.com/@makarov_bm/the-hidden-business-logic-error-that-exists-on-most-e-commerce-web-application-7b9be9113073?source=rss------bug_bounty-5makarovbug-bounty-writeup, business-logic, bug-bounty, web-security11-Feb-2025
HOW TO GET STARTED IN BUG BOUNTY AS A BEGINNERhttps://medium.com/@pjha80122/how-to-get-started-in-bug-bounty-as-a-beginner-af49089c375c?source=rss------bug_bounty-5Pratik Jhaethical-hacking, penetration-testing, bug-bounty, web-security, cybersecurity11-Feb-2025
Easy $1000-$10000+ Bounty Using Wayback Machinehttps://medium.com/infosecmatrix/easy-1000-10000-bounty-using-wayback-machine-cb6c5cb77543?source=rss------bug_bounty-5Abhijeet kumawatsensitive, bug-bounty, infosec, money, hacking11-Feb-2025
Finding subdomains that are hidden in the cloud.https://infosecwriteups.com/finding-subdomains-that-are-hidden-in-the-cloud-ec54412802bf?source=rss------bug_bounty-5loyalonlytodaybug-bounty, hacking, penetration-testing, cybersecurity, cloud11-Feb-2025
Threat Hunting Techniques and Generative AI: A Practical Approachhttps://medium.com/@paritoshblogs/threat-hunting-techniques-and-generative-ai-a-practical-approach-797a86ada4fd?source=rss------bug_bounty-5Paritoshinformation-technology, cybersecurity, bug-bounty, threat-hunting, ai11-Feb-2025
Notify Tutorial for Bug Huntershttps://cybersecuritywriteups.com/notify-tutorial-for-bug-hunters-8ccb8d0d0b74?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, cybersecurity, pentesting, hacking, bug-bounty-tips11-Feb-2025
Bug Bounty Hunting: Web Vulnerability (Server-side request forgery)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-server-side-request-forgery-7fb15230a807?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-program, bug-bounty-tips, bug-bounty, bug-bounty-hunter, ssrf11-Feb-2025
GitHub Dorks & Leaks: How To Find Sensitive Datahttps://medium.com/@verylazytech/github-dorks-leaks-how-to-find-sensitive-data-4e96e67f1d51?source=rss------bug_bounty-5Very Lazy Techpenetration-testing, bug-bounty, github, ethical-hacking, exploit11-Feb-2025
Finding SQL Injection Using Wayback Machinehttps://medium.com/@muhammadwaseem29/finding-sql-injection-using-wayback-machine-69409204a205?source=rss------bug_bounty-5Muhammad Waseemsql-injection, hacking, infosec, bug-bounty, cybersecurity11-Feb-2025
How Pentest-as-a-Service Works: The Ultimate Guidehttps://medium.com/@hackrate/how-pentest-as-a-service-works-the-ultimate-guide-a9bc92b28c87?source=rss------bug_bounty-5Levente Molnarethical-hacking, bug-bounty, penetration-testing, hacking, cybersecurity11-Feb-2025
Get $5000: GitHub Dorks & Leakshttps://cybersecuritywriteups.com/get-5000-github-dorks-leaks-30a6a324f368?source=rss------bug_bounty-5Abhijeet kumawathacking, infosec, money, github, bug-bounty11-Feb-2025
How to Report a Security Bug in a Chinese Government Website Responsiblyhttps://yogsec.medium.com/how-to-report-a-security-bug-in-a-chinese-government-website-responsibly-7ab8f7d5a3e1?source=rss------bug_bounty-5YogSecchina-cybersecurity, report-bug-in-chinese, hacking, bug-report, bug-bounty11-Feb-2025
Security researchers, ethical hackers, and bug bounty hunters often come across vulnerabilities in…https://yogsec.medium.com/security-researchers-ethical-hackers-and-bug-bounty-hunters-often-come-across-vulnerabilities-in-45e03a7e156c?source=rss------bug_bounty-5YogSechacking, bug-bounty, cybersecurity, cybersecurity-usa, how-to-report-bug11-Feb-2025
Using Malicious-Website-Demo for Security Research and Bug Bounty Reportshttps://yogsec.medium.com/using-malicious-website-demo-for-security-research-and-bug-bounty-reports-fbb25c6773f0?source=rss------bug_bounty-5YogSechacking-tools, sqli, bug-bounty, xs, cybersecurity11-Feb-2025
How I Found a Critical Vulnerability and Earned $4,000 in Bug Bounty Huntinghttps://medium.com/@krishna9823420058/how-i-found-a-critical-vulnerability-and-earned-4-000-in-bug-bounty-hunting-2cd8e8ad6f43?source=rss------bug_bounty-5Krish_cyberinfo-sec-writeups, osint, bugs, hacking, bug-bounty11-Feb-2025
️‍♂️ How to Choose a Target in Bug Hunting ️‍♀️https://medium.com/@vipulsonule71/%EF%B8%8F-%EF%B8%8F-how-to-choose-a-target-in-bug-hunting-%EF%B8%8F-%EF%B8%8F-2e7dd0ed5c95?source=rss------bug_bounty-5Vipul Sonulecybersecurity, ai, technology, bug-bounty, hacking11-Feb-2025
IAST-Inspired Approach to Security Testing with LLMhttps://medium.com/@pirikara077/iast-inspired-approach-to-security-testing-with-llm-8aae36f4088c?source=rss------bug_bounty-5Tomoya Yamashitallm, cybersecurity, vulnerability-assessment, bug-bounty, penetration-testing11-Feb-2025
How I gained access to Tamil Nadu’s Property Approval Portal Dashboard just with a simple…https://hiddendom.medium.com/how-i-gained-access-to-tamil-nadus-property-approval-portal-dashboard-just-with-a-simple-f0b463cc0635?source=rss------bug_bounty-5Gokuleswaran Btamil-nadu, bug-bounty-writeup, bug-bounty, bug-bounty-tips, ethical-hacking11-Feb-2025
How I found 3 CSRFs on a Public Programhttps://medium.com/@shellreaper/how-i-found-3-csrfs-on-a-public-program-e9b9ff52c1a0?source=rss------bug_bounty-5ShellReaperbug-bounty, bug-bounty-writeup, bug-bounty-tips, csrf-attack, web-security11-Feb-2025
From Brute-Force to Bounty: My $200 and Double XSS Win on Acronishttps://muzamilsheikh.medium.com/from-brute-force-to-bounty-my-200-and-double-xss-win-on-acronis-4fc7c7ccff39?source=rss------bug_bounty-5MuzamilSheikhbug-bounty-writeup, bug-bounty-tips, bug-bounty, cyber-security-awareness, cybersecurity11-Feb-2025
Restarting My Bug Bounty Journey: Why I Quit and What’s Nexthttps://infosecwriteups.com/restarting-my-bug-bounty-journey-why-i-quit-and-whats-next-16b0ae1a027b?source=rss------bug_bounty-5Om Aroratechnology, cybersecurity, bug-bounty-tips, infosec, bug-bounty11-Feb-2025
How a Simple Clickjacking Bug Can Lead to Big Security Riskshttps://cyberw1ng.medium.com/how-a-simple-clickjacking-bug-can-lead-to-big-security-risks-a61882702370?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, programming, jobs, bug-bounty, careers11-Feb-2025
Best Port Scanner for Bug Bounty: How to Install and Use Naabu Efficientlyhttps://medium.com/@hacker_might/best-port-scanner-for-bug-bounty-how-to-install-and-use-naabu-efficiently-4bffdab35ed5?source=rss------bug_bounty-5hacker_mightnaabu, port-scanning, reconnaissance, bug-bounty-tips, bug-bounty11-Feb-2025
Burp Suite — Creación de Issues Manualeshttps://medium.com/@ArtsSEC/burp-suite-creaci%C3%B3n-de-issues-manuales-ac65c5767852?source=rss------bug_bounty-5ArtsSECburpsuite, pentesting, infosec, bug-bounty, security11-Feb-2025
The 7 Most Hilarious Bugs I’ve Encountered in My Careerhttps://blog.stackademic.com/the-7-most-hilarious-bugs-ive-encountered-in-my-career-128aa23532ab?source=rss------bug_bounty-5Coders Stopsoftware-development, bug-bounty, programming, bugs, coding10-Feb-2025
Bypassed Cloudflare: XSS Pop-Uphttps://medium.com/@kumawatabhijeet2002/bypassed-cloudflare-xss-pop-up-f9c67952abcf?source=rss------bug_bounty-5Abhijeet kumawatxss-attack, infosec, hacking, bug-bounty-tips, bug-bounty10-Feb-2025
HTML Injection in Email Invitations: A Security Flaw Exploitedhttps://medium.com/@muralidharan1530/html-injection-in-email-invitations-a-security-flaw-exploited-39394f6ac266?source=rss------bug_bounty-5Murali Dharanbug-bounty-writeup, bug-bounty, bug-bounty-tips10-Feb-2025
GetSubDomains: A Fast & Efficient Subdomain Enumeration Tool ️https://yogsec.medium.com/getsubdomains-a-fast-efficient-subdomain-enumeration-tool-%EF%B8%8F-11c7d8003931?source=rss------bug_bounty-5YogSecsubfinder, subdomains-finder, bug-bounty, cybersecurity, hacking-tools10-Feb-2025
ERC-20, ERC-721, ERC-1155: How Token Standards Introduce Unique Security Riskshttps://securrtech.medium.com/erc-20-erc-721-erc-1155-how-token-standards-introduce-unique-security-risks-ed9fe5083200?source=rss------bug_bounty-5Securr - Web3 Securitysmart-contract-security, blockchain-security, bug-bounty, web3-security, smart-contract-auditing10-Feb-2025
Bypassed Cloudflare: XSS Pop-Uphttps://cybersecuritywriteups.com/bypassed-cloudflare-xss-pop-up-f9c67952abcf?source=rss------bug_bounty-5Abhijeet kumawatxss-attack, infosec, hacking, bug-bounty-tips, bug-bounty10-Feb-2025
Stored XSS into Onclick Event: Bypassing Angle Brackets, Double Quotes, and Escaped Characters —…https://infosecwriteups.com/stored-xss-into-onclick-event-bypassing-angle-brackets-double-quotes-and-escaped-characters-ee347b9e19d9?source=rss------bug_bounty-5Bash Overflowexploiting-onclick-xss, bug-bounty, portswigger-xss-lab, stored-xss-bypass, bypass-html-encoding10-Feb-2025
Bug Bounty Hunting: A Step-by-Step Guide for Beginnershttps://medium.com/cyberilluminati/bug-bounty-hunting-a-step-by-step-guide-for-beginners-05505b12769d?source=rss------bug_bounty-5IAMnkbug-bounty, cyber, bug-bounty-tips, cybersecurity, red-team10-Feb-2025
Finding more subdomains Part 3https://infosecwriteups.com/finding-more-subdomains-part-3-dee1c581c49b?source=rss------bug_bounty-5loyalonlytodaybug-bounty, ethical-hacking, infosec, tips, cybersecurity10-Feb-2025
My First Paid Bug Bounty: A $250 Reward For Session Management Vulnerabilityhttps://medium.com/@sauravkrish59/my-first-paid-bug-bounty-a-250-reward-for-session-management-vulnerability-22cb5163e05f?source=rss------bug_bounty-5Sauravkrishbug-bounty-writeup, bug-bounty-tips, bug-bounty, ethical-hacking10-Feb-2025
How to Get Started in Bug Bounty as a Beginnerhttps://medium.com/@pjha80122/how-to-get-started-in-bug-bounty-as-a-beginner-48bca31622ec?source=rss------bug_bounty-5Pratikcybersecurity, bug-bounty, ethical-hacking, web-security, penetration-testing10-Feb-2025
One of the best tool for subdomain findinghttps://medium.com/infosecmatrix/one-of-the-best-tool-for-subdomain-finding-0a066c9e0841?source=rss------bug_bounty-5loyalonlytodayethical-hacking, cybersecurity, bug-bounty, subdomain, hacking10-Feb-2025
Jira Misconfiguration Leading to Unauthorized Accesshttps://metanetwebhostingsecurity.medium.com/jira-misconfiguration-leading-to-unauthorized-access-69d32ab5a5c7?source=rss------bug_bounty-5metanetwebhosting securitycyber-security-awareness, bug-bounty, bug-bounty-writeup, bug-bounty-tips, cybersecurity10-Feb-2025
My First Year in Bug Bounty: from 0$ to 10k$ Lessons, Successes, and Encouragement for Beginnershttps://medium.com/@hhack4737/my-first-year-in-bug-bounty-from-0-to-10k-lessons-successes-and-encouragement-for-beginners-932bb8884a87?source=rss------bug_bounty-5xssor-dzbug-bounty, bug-bounty-writeup10-Feb-2025
Unveiling EXIF Metadata: How to Extract Hidden Information from Imageshttps://rootxabit.medium.com/unveiling-exif-metadata-how-to-extract-hidden-information-from-images-55e7f3c7f844?source=rss------bug_bounty-5xabit • hacksbugcrowd, hacking, 2025, exiftool, bug-bounty10-Feb-2025
How to Start Your Journey in Bug Bounty Huntinghttps://medium.com/@vipulsonule71/how-to-start-your-journey-in-bug-bounty-hunting-7e939b75a314?source=rss------bug_bounty-5Vipul Sonuletools, bug-bounty, technology, penetration-testing, cybersecurity10-Feb-2025
STIX/TAXII: The Cybersecurity Game-Changer You’re Not Using Yet!”https://medium.com/@paritoshblogs/stix-taxii-the-cybersecurity-game-changer-youre-not-using-yet-f6ac012dae31?source=rss------bug_bounty-5Paritoshthreat-intelligence, hacking, information-technology, cybersecurity, bug-bounty10-Feb-2025
How Bug Bounty Programs Work: The Ultimate Guidehttps://medium.com/@hackrate/how-bug-bounty-programs-work-the-ultimate-guide-143a7bd93451?source=rss------bug_bounty-5Levente Molnarbug-bounty-tips, cybersecurity, ethical-hacking, hacking, bug-bounty10-Feb-2025
XML-RPC Vulnerability: Easy Exploit, Easy Bounty!https://keroayman77.medium.com/xml-rpc-vulnerability-easy-exploit-easy-bounty-8019a35c700b?source=rss------bug_bounty-5Kerolos Aymanbug-bounty-writeup, bug-bounty, bug-bounty-tips10-Feb-2025
Exposed API Keys & Config Files in js file! || Bug Bountyhttps://keroayman77.medium.com/exposed-api-keys-config-files-in-js-file-bug-bounty-790b02a015ff?source=rss------bug_bounty-5Kerolos Aymanbug-bounty-tips, bug-bounty-writeup, bug-bounty10-Feb-2025
Bug Bounty Target Selection: How Hackers Find the Most Profitable & Juicy Bugs Before Anyone Else!https://myselfakash20.medium.com/bug-bounty-target-selection-how-hackers-find-the-most-profitable-juicy-bugs-before-anyone-else-061510e83698?source=rss------bug_bounty-5Akash Ghoshprogramming, bug-bounty-tips, cybersecurity, bug-bounty-writeup, bug-bounty10-Feb-2025
International Operation Dismantles Phobos Ransomware Gang: Key Arrests and 8Base Takedownhttps://medium.com/@wiretor/international-operation-dismantles-phobos-ransomware-gang-key-arrests-and-8base-takedown-61e126bb54c9?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, gangs, ai, money10-Feb-2025
Day 6: CSS Injection + Clickjacking to Account Takeoverhttps://medium.com/@danielbelay/day-6-css-injection-clickjacking-to-account-takeover-c0a0622ac250?source=rss------bug_bounty-5dani3lbug-bounty, ethical-hacking, account-takeover10-Feb-2025
Understanding and Exploiting an Open Redirect Vulnerability in NVIDIAhttps://medium.com/@g0kb0ru/understanding-and-exploiting-an-open-redirect-vulnerability-in-nvidia-3b1b429cb3c5?source=rss------bug_bounty-5g0kb0ruopen-redirect, bug-bounty, bug-bounty-writeup, pentesting, bug-bounty-tips10-Feb-2025
Bug Bounty Target Selection: How Hackers Find the Most Profitable & Juicy Bugs Before Anyone Else!https://infosecwriteups.com/bug-bounty-target-selection-how-hackers-find-the-most-profitable-juicy-bugs-before-anyone-else-061510e83698?source=rss------bug_bounty-5Akash Ghoshtechnology, programming, cybersecurity, bug-bounty-writeup, bug-bounty10-Feb-2025
Easy $250: Discovered Exposed .env Fileshttps://cybersecuritywriteups.com/easy-250-discovered-exposed-env-files-47e0d425795d?source=rss------bug_bounty-5Abhijeet kumawatmoney, bug-bounty, ai, hacking, infosec09-Feb-2025
How I got Bounty and Hall of Fame for finding easy bugshttps://infosecwriteups.com/how-i-got-bounty-and-hall-of-fame-for-finding-easy-bugs-1a72aefe6c3a?source=rss------bug_bounty-5RivuDonbug-bounty-writeup, ethical-hacking, bug-bounty, infosec, bug-bounty-tips09-Feb-2025
How to find bugs in the Microsoft IIS page.https://infosecwriteups.com/how-to-find-bugs-in-the-microsoft-iis-page-120c2050b66f?source=rss------bug_bounty-5loyalonlytodaybug-bounty, info-sec-writeups, hacking, bugs, cybersecurity09-Feb-2025
Sniper: An Automated Penetration Testing Toolhttps://osintteam.blog/sniper-an-automated-penetration-testing-tool-fb54c506f60d?source=rss------bug_bounty-5Monika sharmahacking, bug-bounty-tips, bug-bounty, technology, penetration-testing09-Feb-2025
From Duplicate to Letter of Appreciation: How I Hacked NASAhttps://medium.com/@cyberhrsh/from-duplicate-to-letter-of-appreciation-how-i-hacked-nasa-3f8b5a6c105c?source=rss------bug_bounty-5Harsh kotharinasa, swag, bug-bounty, vdp, hacking09-Feb-2025
Solidity: The Language That Powers the Crypto Revolutionhttps://medium.com/@legendh238/imagine-youre-in-a-futuristic-city-where-every-transaction-contract-and-agreement-is-1a1b49c873aa?source=rss------bug_bounty-5johanbug-bounty, bitcoin, coding, solidity-language, solidity09-Feb-2025
Takeover fresh install nextcloud server admin.https://medium.com/@nanwinata/takeover-fresh-install-nextcloud-server-admin-142b5c179fe4?source=rss------bug_bounty-5nanwnbug-bounty, nextcloud, hackerone09-Feb-2025
How I Found Reflected XSS Vulnerability on Australian Government. [CVE-2022–35653]https://systemweakness.com/how-i-found-reflected-xss-vulnerability-on-australian-government-cve-2022-35653-ead0e56db243?source=rss------bug_bounty-5Gokuleswaran Bbug-bounty-tips, xss-vulnerability, bug-bounty-writeup, xss-attack, bug-bounty09-Feb-2025
BUG BOUNTY Roadmaphttps://medium.com/@codingbolt.in/bug-bounty-roadamp-4acc1220e123?source=rss------bug_bounty-5codingboltbug-bounty-tips, bugs, bug-bounty, bug-hunting, bug-bounty-writeup09-Feb-2025
️‍♂️My Journey of Securing WHOhttps://infosecwriteups.com/%EF%B8%8F-%EF%B8%8Fmy-journey-of-securing-who-85f36c6caf0f?source=rss------bug_bounty-5cryptoshanthtml, tips, bug-bounty, hacking, cybersecurity09-Feb-2025
Automated Bug Hunting With Semgrep: Your Secret Weapon for Catching Sneaky Bugs!https://systemweakness.com/automated-bug-hunting-with-semgrep-your-secret-weapon-for-catching-sneaky-bugs-91439484acf4?source=rss------bug_bounty-5The Cyber Ghostbug-bounty, bugs, bug-bounty-writeup, cybersecurity, bug-bounty-tips09-Feb-2025
My Experience at TheDeccanCTF 2025: A Night of Cybersecurity and Challengeshttps://medium.com/@pavitr_swain/my-experience-at-thedeccanctf-2025-a-night-of-cybersecurity-and-challenges-b7dc2bc1f114?source=rss------bug_bounty-5Pavitr swainbug-bounty, cybersecurity, thedeccanctf09-Feb-2025
How AI Revolutionizes Load Balancing in NGINX, F5 LTM, and GTM ⚙️https://medium.com/@deepdive4learn/how-ai-revolutionizes-load-balancing-in-nginx-f5-ltm-and-gtm-%EF%B8%8F-ee6c8edce7d7?source=rss------bug_bounty-5DeepDive4learncybersecurity, information-technology, pentesting, bug-bounty, web-development09-Feb-2025
Best USB WiFi Adapters for Linux and Windows in 2025https://medium.com/@verylazytech/best-usb-wifi-adapters-for-linux-and-windows-in-2025-fd6dfc4bad2c?source=rss------bug_bounty-5Very Lazy Techwifi-hack, wifi, bug-bounty, penetration-testing, cybersecurity09-Feb-2025
How to Start Bug Bounty Hunting: A Beginner’s Guide with BugBoardhttps://yogsec.medium.com/how-to-start-bug-bounty-hunting-a-beginners-guide-with-bugboard-2be48dffc598?source=rss------bug_bounty-5YogSechacking-tools, bug-bounty, cybersecurity, hacking09-Feb-2025
How Amazon BBP Gave Me $400 bymistakehttps://medium.com/@thedevtaskofficial/how-amazon-bbp-gave-me-400-bymistake-1968334003ac?source=rss------bug_bounty-5thedevtask officialcybersecurity, vulnerability, penetration-testing, bug-bounty, ethical-hacking09-Feb-2025
Ghauri Tool usage for extreme SLQihttps://medium.com/@anandrishav2228/ghauri-tool-usage-for-extreme-slqi-8eb90e65ea64?source=rss------bug_bounty-5Rishav anandsqli, hacking, money, bug-bounty, cybersecurity09-Feb-2025
How I Chained 3 Vulnerabilities to Achieve Account Takeover (ATO)https://medium.com/@hhack4737/how-i-chained-3-vulnerabilities-to-achieve-account-takeover-ato-5238b8acc1ae?source=rss------bug_bounty-5xssor-dzbug-bounty-writeup, bug-bounty09-Feb-2025
Threat Hunting with Email Servers: A Practical Guidehttps://medium.com/@paritoshblogs/threat-hunting-with-email-servers-a-practical-guide-635d524d72f7?source=rss------bug_bounty-5Paritoshhacking, threat-intelligence, bug-bounty, threat-hunting, information-technology09-Feb-2025
Automating Subdomain Takeover Detection: A Step-by-Step Guidehttps://bitpanic.medium.com/automating-subdomain-takeover-detection-a-step-by-step-guide-30d692f70752?source=rss------bug_bounty-5Spectat0rguyprogramming, bug-bounty, technology, cybersecurity, bug-bounty-tips09-Feb-2025
Privacy Disclosure on m.facebook.com after add photo to the posthttps://infosecwriteups.com/title-privacy-disclosure-on-m-facebook-com-after-add-photo-to-the-post-e7e07e2083e5?source=rss------bug_bounty-5Mohamed Laajimibug-bounty-writeup, cybersecurity, bug-bounty09-Feb-2025
Automate Google Dorking And Get Bugs!https://osintteam.blog/automate-google-dorking-and-get-bugs-a34e4e06767c?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, money, ai, hacking, infosec09-Feb-2025
Mobile Pentesting with Frida: A Beginner’s Guidehttps://medium.com/meetcyber/mobile-pentesting-with-frida-a-beginners-guide-996411fa0202?source=rss------bug_bounty-5Erkan Kavasios, android, frida, mobile-pentesting, bug-bounty09-Feb-2025
How to Find Primary Domains Using crt.sh: The Ultimate Guide for Beginners and Expertshttps://medium.com/@hacker_might/how-to-find-primary-domains-using-crt-sh-the-ultimate-guide-for-beginners-and-experts-354ec0c56557?source=rss------bug_bounty-5hacker_mightreconnaissance, primary-domain, pentesting, bug-bounty, recon09-Feb-2025
How to Uncover Hidden Attack Surfaces? Recon part 6https://infosecwriteups.com/how-to-uncover-hidden-attack-surfaces-recon-part-6-61e43976ed22?source=rss------bug_bounty-5It4chis3cbug-bounty, attack-surface, hidden, port-scanning, ip-scans09-Feb-2025
How to Find Primary Domains Using crt.sh: The Ultimate Guide for Beginners and Expertshttps://osintteam.blog/how-to-find-primary-domains-using-crt-sh-the-ultimate-guide-for-beginners-and-experts-354ec0c56557?source=rss------bug_bounty-5hacker_mightreconnaissance, primary-domain, pentesting, bug-bounty, recon09-Feb-2025
Day 5: Chaining Bugs from Self-XSS to Full Account Takeoverhttps://medium.com/@danielbelay/day-5-chaining-bugs-from-self-xss-to-full-account-takeover-d01ab3759e06?source=rss------bug_bounty-5dani3lbug-bounty, ethical-hacking, account-takeover09-Feb-2025
Insecure root-path FileProvider Config Leading to Path Traversal Vulnerabilityhttps://medium.com/@k3r0/insecure-root-path-fileprovider-config-leading-to-path-traversal-vulnerability-7be2d6994aaf?source=rss------bug_bounty-5Kyrillos nadybug-bounty, mobile-app-development, penetration-testing, android, hacking09-Feb-2025
The Art of Recon: Hunting Bugs Before They Hide (Part One)https://zeusvuln.medium.com/the-art-of-recon-hunting-bugs-before-they-hide-part-one-1df269ab1d68?source=rss------bug_bounty-5ZeUsVuLnreconnaissance, bug-bounty-writeup, bug-bounty-tips, bug-bounty09-Feb-2025
Exploiting an IDOR Vulnerability in Target.com Account Management Systemhttps://bugbountylogs.medium.com/exploiting-an-idor-vulnerability-in-target-com-account-management-system-a5bec149e69f?source=rss------bug_bounty-5Bug Bounty Logsidor, cyber-security-awareness, csrf-attack, bug-bounty-tips, bug-bounty09-Feb-2025
SQL Injection and Stored Cross-Site Scripting Vulnerability in Super Store Finder Pluginhttps://medium.com/@wiretor/sql-injection-and-stored-cross-site-scripting-vulnerability-in-super-store-finder-plugin-214237191b5a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, ai, sql-injection, money09-Feb-2025
Massive Data Breach: 882,000 Patients Affected in US Health System Cyberattackhttps://medium.com/@wiretor/massive-data-breach-882-000-patients-affected-in-us-health-system-cyberattack-ce8ddca0edc0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, malware, ai, breach, bug-bounty09-Feb-2025
Exploiting Web Cache Poisoning with Multiple Headers: A Practical Guide Using Param Miner  —  Web…https://bashoverflow.medium.com/exploiting-web-cache-poisoning-with-multiple-headers-a-practical-guide-using-param-miner-web-aca990356da8?source=rss------bug_bounty-5Bash Overflowbug-bounty, bug-bounty-tips, cache-poisoning-xss, web-cache-attack, web-cache-poisoning08-Feb-2025
Selecting A Program for Bug Bounty on HackerOnehttps://vijetareigns.medium.com/selecting-a-program-for-bug-bounty-on-hackerone-e51ce8a83b2a?source=rss------bug_bounty-5the_unlucky_guybug-bounty-tips, bug-bounty-writeup, cybersecurity, hackerone, bug-bounty08-Feb-2025
Sensitive Information Disclosurehttps://medium.com/@kumawatabhijeet2002/sensitive-information-disclosure-f374fa508809?source=rss------bug_bounty-5Abhijeet kumawatmoney, hacking, infosec, bug-bounty-tips, bug-bounty08-Feb-2025
nullcon HackIM CTF Goa 2025https://aftab700.medium.com/nullcon-hackim-ctf-goa-2025-a7e9c6b1c293?source=rss------bug_bounty-5Aftab Samactf, cybersecurity, ctf-writeup, bug-bounty, nullcon08-Feb-2025
Find RXSS using Nuclei (DAST)https://cybersecuritywriteups.com/find-rxss-using-nuclei-dast-87080542adde?source=rss------bug_bounty-5AbhirupKonwarcybersecurity, pentesting, xss-attack, bug-bounty, bug-bounty-tips08-Feb-2025
Behind the Message: Two Critical XSS Vulnerabilities in Zoho’s Web Applicationshttps://infosecwriteups.com/behind-the-message-two-critical-xss-vulnerabilities-in-zohos-web-applications-86aa42887129?source=rss------bug_bounty-5HackerWithOutHatjavascript, bugbounty-writeup, bug-bounty, vulnerability, infosec08-Feb-2025
Best Browser Extensions for Bug Hunting and Cybersecurityhttps://infosecwriteups.com/best-browser-extensions-for-bug-hunting-and-cybersecurity-77faf6bd8188?source=rss------bug_bounty-5coffinxpbug-bounty, hacking, bug-bounty-tips, cybersecurity, technology08-Feb-2025
Web Security 101: Understanding LFI and RFI Attacks: A Bug Bounty Hunter’s Guidehttps://anmolvishwakarma7466.medium.com/web-security-101-understanding-lfi-and-rfi-attacks-a-bug-bounty-hunters-guide-299b6b1d76e7?source=rss------bug_bounty-5Anmolvishwakarmavulnerability, lfi, hacking, cybersecurity, bug-bounty08-Feb-2025
How to Get Your First Bug Bounty: A Beginner’s Guidehttps://medium.com/@krishna9823420058/how-to-get-your-first-bug-bounty-a-beginners-guide-c2a07bb4e792?source=rss------bug_bounty-5Krish_cyberbug-bounty-tips, bug-bounty, cybersecurity, bugbounty-writeup, ethical-hacking08-Feb-2025
BONUS for NAs! How?https://medium.com/@thedevtaskofficial/bonus-for-well-written-nas-46a55eb20bc9?source=rss------bug_bounty-5thedevtask officialethical-hacking, cybersecurity, bug-bounty, penetration-testing, vulnerability08-Feb-2025
Bug bounty triagers have blacklisted you!https://medium.com/@thedevtaskofficial/the-bug-bounty-secret-nobody-tells-you-e66c99adb013?source=rss------bug_bounty-5thedevtask officialvulnerability, ethical-hacking, cybersecurity, penetration-testing, bug-bounty08-Feb-2025
Bug Bounty Hunting: Web Vulnerability (Insecure Direct Object References)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-insecure-direct-object-references-a39038e8f7a3?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-program, bug-bounty-tips, bug-bounty, idor, bug-bounty-hunter08-Feb-2025
Lack of Clarity Costed me $500https://medium.com/@naveen_sparks/lack-of-clarity-costed-me-500-26565aeb05e7?source=rss------bug_bounty-5Naveen Kumarmfa, bug-bounty, 2fa-bypass08-Feb-2025
$500 Bounty: Unlocking Premium Job Features with a Simple API Trick!https://medium.com/@a13h1/500-bounty-unlocking-premium-job-features-with-a-simple-api-trick-1c59814ad8f4?source=rss------bug_bounty-5Abhi Sharmacybersecurity, penetration-testing, api, infosec, bug-bounty08-Feb-2025
Account Verification OTP Bypass in Microsoft Security Response Centrehttps://medium.com/@official.armanreza/account-verification-otp-bypass-in-microsoft-security-response-centre-21855731a6f5?source=rss------bug_bounty-5armanxrezabug-bounty-writeup, security, bug-bounty, microsoft, msrc08-Feb-2025
Account Takeover via Email Change: Exploiting Weak Verification to Access Support Accountshttps://medium.com/@umd04843/account-takeover-via-email-change-exploiting-weak-verification-to-access-support-accounts-a3bb8d59e753?source=rss------bug_bounty-5Mohamed Usmanaccount-takeover, cybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup08-Feb-2025
How I Found My First Bug $$$https://medium.com/@HackerNasr/how-i-found-my-first-bug-c976920cbbe3?source=rss------bug_bounty-5HackerNasrxss-attack, penetration-testing, ethical-hacking, cybersecurity, bug-bounty08-Feb-2025
Strange SQL Injection on a public programhttps://medium.com/@68abdelrahmanmohamed/strange-sql-injection-on-a-public-program-50e93a94f02a?source=rss------bug_bounty-5Abdulrahmanbug-bounty, sql-injection, web-app-security, pentesting, web-app-pentesting08-Feb-2025
My First Finding In Hackeronehttps://islammeshriff.medium.com/my-first-finding-in-hackerone-7521597ca04d?source=rss------bug_bounty-5Islam Meshrifbug-bounty, bug-bounty-writeup, information-disclosure08-Feb-2025
From Hidden XSS to Full Account Takeover – A Deep Dive into Exploiting Modern Web Applicationshttps://medium.com/@mahad.ahmed0x1/from-hidden-xss-to-full-account-takeover-a-deep-dive-into-exploiting-modern-web-applications-811380417387?source=rss------bug_bounty-5404NotPentestedweb-security, xss-attack, cybersecurity, cross-site-scripting, bug-bounty08-Feb-2025
How Subdomain Fuzzing Earned Me a $35,000 Bug Bounty!https://medium.com/@ibtissamhammadi1/how-subdomain-fuzzing-earned-me-a-35-000-bug-bounty-994b39763451?source=rss------bug_bounty-5Ibtissam hammadiweb-security, hacking, cybersecurity, bug-bounty, infosec08-Feb-2025
EASIEST P4 TO FIND IN BUG BOUNTY PART 1https://medium.com/@sahusujal.dev2004/easiest-p4-to-find-in-bug-bounty-part-1-b903ad3cea37?source=rss------bug_bounty-5Sujal Sahucybersecurity, bug-bounty, bug-bounty-tips, bugs, real-world-bug-hunting08-Feb-2025
Ethical Hacking: Reconnaissance/Footprintinghttps://medium.com/@paritoshblogs/ethical-hacking-reconnaissance-footprinting-214055abbf44?source=rss------bug_bounty-5Paritoshethical-hacking, reconnaissance, bug-bounty, information-technology, footprinting08-Feb-2025
Bug Bounty Hunting: Web Vulnerability (Race Condition)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-race-condition-2af68c166721?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-tips, bug-bounty-hunter, bug-bounty-program, bug-bounty, race-condition08-Feb-2025
Bug Bounty Hunting: Web Vulnerability (SQL injection)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-sql-injection-1abe0f72832d?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-hunter, bug-bounty, sql-injection, bug-bounty-tips, bug-bounty-program08-Feb-2025
My Journey to Earning the HTB Bug Bounty Hunter Certificate: An Honest Reviewhttps://medium.com/@Arsenelupin12/my-journey-to-earning-the-htb-bug-bounty-hunter-certificate-an-honest-review-323fb71b306a?source=rss------bug_bounty-5Wasted Resourceshacking, hackerone, bug-bounty-tips, bug-bounty, cybersecurity08-Feb-2025
Hackers Exploit Cityworks RCE Bug to Breach Microsoft IIS Servershttps://medium.com/@wiretor/hackers-exploit-cityworks-rce-bug-to-breach-microsoft-iis-servers-ad48fc0e13e9?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, money, ai, trump08-Feb-2025
HPE Notifies Employees of Data Breach After Russian Office 365 Hackhttps://medium.com/@wiretor/hpe-notifies-employees-of-data-breach-after-russian-office-365-hack-d5bfed1fd135?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicestrump, ai, malware, bug-bounty, money08-Feb-2025
2.8 Million IPs Power Large-Scale Attack on VPN and Security Deviceshttps://medium.com/@wiretor/2-8-million-ips-power-large-scale-attack-on-vpn-and-security-devices-a889473a5c36?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, usa, trump, ai, money08-Feb-2025
Just a Writeup about 2FA Bypass at a Private Program 🙂https://v0ltex.medium.com/just-a-writeup-about-2fa-bypass-at-a-private-program-509238a0a3a1?source=rss------bug_bounty-5Abdo Rabeabug-hunting, 2fa-bypass, bug-bounty-writeup, bug-bounty, pentesting08-Feb-2025
The $50,000 Mistake — A Read/Write Profile IDOR Storyhttps://medium.com/@shxsu1/the-50-000-mistake-a-read-write-profile-idor-story-c31c353446d4?source=rss------bug_bounty-5shxsu1hackerone, bug-bounty, college, hacking, idor07-Feb-2025
[PART 2] Anyone can use unlimited Trial Premium on accounts that have used Trial Premium beforehttps://aidilarf.medium.com/part-2-anyone-can-use-unlimited-trial-premium-on-accounts-that-have-used-trial-premium-before-b1ac65c9a2d6?source=rss------bug_bounty-5Aidil Ariefbugs, bug-bounty, hackerone, business-logic-bug, linkedin07-Feb-2025
How to Exploit Web Cache Poisoning with an Unkeyed Header Using Param Miner  —  Web Cache…https://bashoverflow.medium.com/how-to-exploit-web-cache-poisoning-with-an-unkeyed-header-using-param-miner-web-cache-a3ffacc546a1?source=rss------bug_bounty-5Bash Overflowbug-bounty-tips, web-cache-poisoning, bug-bounty, cache-poisoning-xss, web-cache-exploit07-Feb-2025
50+ XSS: Mass Huntinghttps://medium.com/@kumawatabhijeet2002/50-xss-mass-hunting-37e51fce5369?source=rss------bug_bounty-5Abhijeet kumawatmoney, xss-attack, hacking, infosec, bug-bounty07-Feb-2025
How I Found an Excel Sheet with 200+ Bank Testing Account Login Details!https://systemweakness.com/how-i-found-an-excel-sheet-with-200-bank-testing-account-login-details-883c38492424?source=rss------bug_bounty-5Gokuleswaran Bgoogle-dork, reconnaissance, bug-bounty, dorking, bug-bounty-tips07-Feb-2025
Do You Struggle Finding Internal/Hidden Subdomains? Recon part 5https://osintteam.blog/do-you-struggle-finding-internal-hidden-subdomains-recon-part-5-b06c99a11364?source=rss------bug_bounty-5It4chis3csubdomain-enumeration, hidden, bug-bounty, brute-force, secrets07-Feb-2025
RXSS Hacking Law Enforcementhttps://systemweakness.com/rxss-hacking-law-enforcement-434ad9b5c03f?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, bug-bounty-tips, ethical-hacking, cybersecurity, pentesting07-Feb-2025
Bug Bounty Program: Crypto Rewards for Finding Bugs in ARMswap Platformhttps://medium.com/@michaeltaylor.armswap/bug-bounty-program-crypto-rewards-for-finding-bugs-in-armswap-platform-e863185b0b07?source=rss------bug_bounty-5Michael Taylorbug-bounty, bug-bounty-program, bug-bounty-hunter, bug-bounty-tips, armswap07-Feb-2025
Exploiting CSRF in GraphQL Applicationshttps://fdzdev.medium.com/exploiting-csrf-in-graphql-applications-f262411588f7?source=rss------bug_bounty-5Facundo Fernandezbug-bounty, data-breach, penetration-testing, cybersecurity, offensive-security07-Feb-2025
How to Find Your 1st Easy Bug as a Bug Bounty Hunter (Step-by-Step Guide) On Real Live Websiteshttps://medium.com/@shaikhminhaz1975/how-to-find-your-1st-easy-bug-as-a-bug-bounty-hunter-step-by-step-guide-on-real-live-websites-cc586d51e1e7?source=rss------bug_bounty-5Shaikh Minhazethical-hacking, cybersecurity, bug-bounty, information-disclosure, how-to07-Feb-2025
How to Approach a Target for Bug Huntinghttps://medium.com/@vipulsonule71/how-to-approach-a-target-for-bug-hunting-ef45c32cf8ee?source=rss------bug_bounty-5Vipul Sonulecybersecurity, penetration-testing, hacking, bug-bounty, technology07-Feb-2025
3 Digit Codes That Decides Your Futurehttps://bitpanic.medium.com/3-digit-codes-that-decides-your-future-dd078f099b06?source=rss------bug_bounty-5Spectat0rguybug-bounty, technology, cybersecurity, web-development, bug-bounty-tips07-Feb-2025
How I Found Sensitive Log Fileshttps://medium.com/@kumawatabhijeet2002/how-i-found-sensitive-log-files-2336cd86226f?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, infosec, logistics, hacking, money07-Feb-2025
Day 3: Account Takeover via XSS in E-Signature Feature (Worth $2500)https://medium.com/@danielbelay/day-3-account-takeover-via-xss-in-e-signature-feature-worth-2500-71db9449f74b?source=rss------bug_bounty-5dani3lbugs, bug-bounty, ethical-hacking07-Feb-2025
Cloudflare Outage Disrupts Multiple Services Due to Phishing Block Mishaphttps://medium.com/@wiretor/cloudflare-outage-disrupts-multiple-services-due-to-phishing-block-mishap-4fdac4bcd365?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, cloudflare, bug-bounty, money, malware07-Feb-2025
Kimsuky Hackers Deploy Custom RDP Wrapper for Remote Accesshttps://medium.com/@wiretor/kimsuky-hackers-deploy-custom-rdp-wrapper-for-remote-access-aa9d9eae74f6?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, money, malware, ai07-Feb-2025
Bypassing Rate Limit on Password Reset Pagehttps://medium.com/@omaroymdm/bypassing-rate-limit-on-password-reset-page-63814feec6f5?source=rss------bug_bounty-5Omar Mahmoudrate-limiting, bug-bounty, pentesting07-Feb-2025
User Interface Says No, Backend Says Yes — Story of Bypassing Email Verificationhttps://som3a.medium.com/user-interface-says-no-backend-says-yes-story-of-bypassing-email-verification-b469f20a141f?source=rss------bug_bounty-50xSOM3Abug-bounty-writeup, bug-bounty, bug-bounty-tips, cybersecurity07-Feb-2025
Introducing Zerodayf, A dynamic, AI-driven code analysis vulnerability scannerhttps://medium.com/@kohihamed3/introducing-zerodayf-a-dynamic-ai-driven-code-analysis-vulnerability-scanner-7e9ab4ffb6e6?source=rss------bug_bounty-50xHamyai, bug-bounty, cve, appsec, vulnerability07-Feb-2025
Extreme Recon Dorkinghttps://medium.com/meetcyber/extreme-recon-dorking-eace7444b7c2?source=rss------bug_bounty-5AbhirupKonwarpentesting, bug-bounty-tips, api-testing, bug-bounty, ethical-hacking06-Feb-2025
The $750 API Leak: Could This Happen to You?https://deepseng.medium.com/the-750-api-leak-could-this-happen-to-you-08fb858b4af1?source=rss------bug_bounty-5Deep SenGuptacybersecurity, api, bug-bounty06-Feb-2025
How I got an Account-Takeover By Race-conditions on Login pagehttps://medium.com/@krishnast545/how-i-got-an-account-takeover-by-race-conditions-on-login-page-3775faaffb4f?source=rss------bug_bounty-5Krishnabug-bounty, bounty-hunter, web-app-security, race-condition, account-take-over06-Feb-2025
Automating Ghauri for SQLi with Bash Scripthttps://medium.com/meetcyber/automating-ghauri-for-sqli-with-bash-script-6ce8fb62c367?source=rss------bug_bounty-5Erkan Kavassqli, sql-injection, ethical-hacking, bug-bounty-tips, bug-bounty06-Feb-2025
Subdomain Enumeration: A Practical Guidehttps://medium.com/@nakshatrasirohi/subdomain-enumeration-a-practical-guide-03b2007aedd7?source=rss------bug_bounty-5Nakshatra Sirohihacking, bug-bounty, recon, reconnaissance, bug-bounty-tips06-Feb-2025
Flutsploit : Flutter on the web manifest exploiterhttps://medium.com/@raituzki/flutsploit-flutter-on-the-web-manifest-exploiter-8fc6b50b9de7?source=rss------bug_bounty-5Muhamad Raidinoor Pashasecurity, bug-bounty, exploit, flutter06-Feb-2025
How to Earn Money in Cybersecurity: A Quick Guidehttps://medium.com/@krishna9823420058/how-to-earn-money-in-cybersecurity-a-quick-guide-30422f14b2e7?source=rss------bug_bounty-5Krish_cyberearn-money-online, cyber-security-awareness, ethical-hacking, cybersecurity, bug-bounty06-Feb-2025
Old CVE in my Old Organizationhttps://medium.com/@naveen_sparks/old-cve-in-my-old-organization-b4f863049171?source=rss------bug_bounty-5Naveen Kumarcve, cve-2023-24488, bug-bounty06-Feb-2025
PHP Type Juggling Vulnerabilities: How Attackers Exploit Loose Comparisonshttps://0xkratos.medium.com/php-type-juggling-vulnerabilities-how-attackers-exploit-loose-comparisons-e4e0c78ec9e6?source=rss------bug_bounty-5Amal PKbug-bounty, bug-bounty-tips, programming, hacking, cybersecurity06-Feb-2025
DAY[4/30] CSRF (Cross-Site Request Forgery): Exploitation and Prevention in depthhttps://medium.com/@hrofficial62/csrf-cross-site-request-forgery-exploitation-and-prevention-in-depth-72ed72ebf23a?source=rss------bug_bounty-5Mr Horbiocybersecurity, bug-bounty, ethical-hacking, owasp, pentesting06-Feb-2025
Time to braking your NOS (☞゚ヮ゚)☞https://medium.com/@mahdisalhi0500/time-to-braking-your-nos-%EF%BE%9F%E3%83%AE%EF%BE%9F-834ee204bdd2?source=rss------bug_bounty-5CaptinSHArky(Mahdi)bug-bounty, information-security, penetration-testing, infosec, cybersecurity06-Feb-2025
$300 Bounty for Easy Default Credentialhttps://medium.com/@kumawatabhijeet2002/300-bounty-for-easy-default-credential-617de40114c4?source=rss------bug_bounty-5Abhijeet kumawatmedium, infosec, hacking, money, bug-bounty06-Feb-2025
DAY[3/30] XSS Attack Techniques: A Deep Dive into Exploitation and Defensehttps://medium.com/@hrofficial62/xss-attack-techniques-a-deep-dive-into-exploitation-and-defense-df62b5f66c44?source=rss------bug_bounty-5Mr Horbioethical-hacking, pentesting, cybersecurity, bug-bounty, xss-attack06-Feb-2025
Advanced Techniques for Identifying Leaked API Keys in JS Fileshttps://systemweakness.com/advanced-techniques-for-identifying-leaked-api-keys-in-js-files-bb67845e5c0e?source=rss------bug_bounty-5Reju Kolebug-bounty, javascript, bug-bounty-writeup, api, bug-bounty-tips06-Feb-2025
Mastering XSS: An Advanced Cheat Sheet for Exploiting Cross-Site Scripting Vulnerabilitieshttps://medium.com/@Arsenelupin12/mastering-xss-an-advanced-cheat-sheet-for-exploiting-cross-site-scripting-vulnerabilities-a1eb1470c3ae?source=rss------bug_bounty-5Wasted Resourcesbug-bounty, xss-vulnerability, cybersecurity, hacking, xss-attack06-Feb-2025
TikTok Bug Bounty — $250https://medium.com/@bhussain894/tiktok-bug-bounty-250-82293995c9e4?source=rss------bug_bounty-5Bilal Hussainbug-bounty, bug-bounty-writeup, ti̇ktok06-Feb-2025
How to Install and Use ZAP Tool for Web Application Security Testing: A Step-by-Step Guidehttps://yaminiyadav583.medium.com/how-to-install-and-use-zap-tool-for-web-application-security-testing-a-step-by-step-guide-f07697a5e6fc?source=rss------bug_bounty-5Yamini Yadavzap, bug-bounty, security, penetration-testing06-Feb-2025
Search Engines Every Pentester Should Knowhttps://osintteam.blog/search-engines-every-pentester-should-know-faabe0c7fb64?source=rss------bug_bounty-5Sacony Chukwubug-bounty-tips, hacking, bug-bounty, bugbounty-writeup, cybersecurity06-Feb-2025
Automating Google Dorking for Bug Bountyhttps://osintteam.blog/automating-google-dorking-for-bug-bounty-2339abb4b910?source=rss------bug_bounty-5Monika sharmatechnology, bug-bounty-tips, hacking, penetration-testing, bug-bounty06-Feb-2025
Day 2: Account Takeover via Stored XSShttps://medium.com/@danielbelay/day-2-account-takeover-via-stored-xss-ac62c49b20c1?source=rss------bug_bounty-5dani3lbug-bounty, learning06-Feb-2025
How to stop a blockchain from reaching consensus? Or 40k bounty for stalling CometBFThttps://medium.com/@unknown_feature/how-to-stop-a-blockchain-from-reaching-consensus-or-40k-bounty-for-stalling-cometbft-1b8a6959e0f0?source=rss------bug_bounty-5Anna Skirko (unknown_feature)crypto, code-review, bug-bounty, blockchain, hacking06-Feb-2025
How to Shutdown Your Computer Remotely by Pressing a Button on Your Smartwatch or Phonehttps://navnee1h.medium.com/how-to-shutdown-your-computer-remotely-by-pressing-a-button-on-your-smartwatch-or-phone-77c07e2562e9?source=rss------bug_bounty-5Navaneeth M Shacking, webhooks, bug-bounty, linux, automation06-Feb-2025
DDoS Attacks Reportedly Behind DayZ and Arma Network Outageshttps://medium.com/@wiretor/ddos-attacks-reportedly-behind-dayz-and-arma-network-outages-937a1078d4c3?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, money, ddos, bug-bounty, hacker06-Feb-2025
Hackers Exploit SimpleHelp RMM Flaws to Deploy Sliver Malwarehttps://medium.com/@wiretor/hackers-exploit-simplehelp-rmm-flaws-to-deploy-sliver-malware-51d42d46079f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, hacker, ai, bug-bounty, malware06-Feb-2025
Critical RCE Bug in Microsoft Outlook Now Exploited in Attackshttps://medium.com/@wiretor/critical-rce-bug-in-microsoft-outlook-now-exploited-in-attacks-ea10ec8761c8?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, money, bug-bounty, malware, rce06-Feb-2025
The Importance of Proxy Usage in Bug Huntinghttps://medium.com/meetcyber/the-importance-of-proxy-usage-in-bug-hunting-9896618da7fc?source=rss------bug_bounty-5Erkan Kavasethical-hacking, bug-bounty, payload, bug-bounty-tips, proxy06-Feb-2025
FINDING A DOS BUG(STEP BY STEP).https://medium.com/infosecmatrix/finding-a-dos-bug-step-by-step-22216cac37d8?source=rss------bug_bounty-5loyalonlytodaybugs, hacking, bug-bounty, cybersecurity, do05-Feb-2025
Critical Session Management Vulnerability Leading to Account Hijackinghttps://medium.com/@ahmadzuriqi4/critical-session-management-vulnerability-leading-to-account-hijacking-ec71e966265a?source=rss------bug_bounty-5Ahmadzuriqibug-bounty-tips, bug-bounty, bug-bounty-writeup, hacking, hacker05-Feb-2025
DOM-Based Reflected XSS in MTN Group’s Notification Serverhttps://medium.com/@regan_temudo/dom-based-reflected-xss-in-mtn-groups-notification-server-84289a87094e?source=rss------bug_bounty-5Regan Temudoweb-security, bug-bounty, xss-attack, cybersecurity, ethical-hacking05-Feb-2025
Get Easy $$$ Bugs by These Dorkshttps://medium.com/@kumawatabhijeet2002/get-easy-bugs-by-these-dorks-b811ca815f3c?source=rss------bug_bounty-5Abhijeet kumawatinfosec, ai, hacking, bug-bounty, money05-Feb-2025
Bypassing OTP Verification: Exposing a Critical Authentication Flawhttps://medium.com/@amanba13.ab/bypassing-otp-verification-exposing-a-critical-authentication-flaw-80a1065a432c?source=rss------bug_bounty-5Aman Bangacybersecurity, authentication, ios, bug-bounty05-Feb-2025
PII Exposure: The Data Heist You Never Knew Was Possible!https://infosecwriteups.com/pii-exposure-the-data-heist-you-never-knew-was-possible-5577b84a1074?source=rss------bug_bounty-5th3.d1p4kmisconfiguration, hacking, bug-bounty, smtp, api05-Feb-2025
Brute Forcing Financial Apps With HackerOnehttps://infosecwriteups.com/brute-forcing-financial-apps-with-hackerone-86e22add374e?source=rss------bug_bounty-5Aleksa Zatezalohackerone, vulnerability, hacking, disclosure, bug-bounty05-Feb-2025
Get Easy $$$ Bugs by These Dorkshttps://osintteam.blog/get-easy-bugs-by-these-dorks-b811ca815f3c?source=rss------bug_bounty-5Abhijeet kumawatinfosec, ai, hacking, bug-bounty, money05-Feb-2025
Accidental Information Disclosure!https://medium.com/@dopednaveen/accidental-information-disclosure-477198f071eb?source=rss------bug_bounty-5Naveen Kumarbug-bounty, bug-bounty-writeup, pentesting05-Feb-2025
10 Must-Have Burp Suite Extensions for Pro Bug Hunters ️https://medium.com/@kumawatabhijeet2002/10-must-have-burp-suite-extensions-for-pro-bug-hunters-%EF%B8%8F-e53aa3b5af48?source=rss------bug_bounty-5Abhijeet kumawatinfosec, hacking, bug-bounty, ai, money05-Feb-2025
Penetration Testing as a Service (PTaaS): The Future of Cybersecurityhttps://medium.com/@hackrate/penetration-testing-as-a-service-ptaas-the-future-of-cybersecurity-f8c0f223069b?source=rss------bug_bounty-5Levente Molnarhacking, ethical-hacking, cybersecurity, penetration-testing, bug-bounty05-Feb-2025
How to find an easy bug is worth $100https://medium.com/cyberscribers-exploring-cybersecurity/how-to-find-an-easy-bug-is-worth-100-bbee4ca57d3d?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, hacking, tips, ethical-hacking05-Feb-2025
($$$$) Critical IDOR Vulnerability Leads to User Information Disclosurehttps://medium.com/@Tanvir0x1/critical-idor-vulnerability-leads-to-user-information-disclosure-b0bb7f06aef5?source=rss------bug_bounty-5Tanvir Ahmedbug-bounty, idor05-Feb-2025
From Demo to Live: Zero-Click Account Takeover via the Same Encryption Algorithmhttps://infosecwriteups.com/from-demo-to-live-zero-click-account-takeover-via-the-same-encryption-algorithm-38b6cabfb21e?source=rss------bug_bounty-5can1337bugbounty-writeup, account-takeover, bug-bounty, cybersecurity05-Feb-2025
Accidental Information Disclosure!https://medium.com/@naveen_sparks/accidental-information-disclosure-477198f071eb?source=rss------bug_bounty-5Naveen Kumarbug-bounty, bug-bounty-writeup, pentesting05-Feb-2025
OTP Bypass on [Redacted]: Contact Forms to Unauthorized Callshttps://medium.com/@manav.surti.13728342/otp-bypass-on-redacted-contact-forms-to-unauthorized-calls-453d09837fa4?source=rss------bug_bounty-5Manav Surtibug-bounty, cybersecurity, otp-bypass05-Feb-2025
Day 1: Defeating the HttpOnly Flag for Account Takeover via RXSShttps://medium.com/@danielbelay/day-1-defeating-the-httponly-flag-for-account-takeover-via-rxss-a2fa9cbc0156?source=rss------bug_bounty-5dani3lethical-hacking, security, writeup, bug-bounty05-Feb-2025
Cyberforce 2024: How I found my first CVE OpenPLCV3https://medium.com/@alimuhammadsecured/cyberforce-2024-how-i-found-my-first-cve-openplcv3-16c058b114b0?source=rss------bug_bounty-5Alimuhammadsecuredctf, vulnerability, exploit, cve, bug-bounty05-Feb-2025
Netgear Warns of Zero-Day Vulnerabilities in WiFi Routershttps://medium.com/@wiretor/netgear-warns-of-zero-day-vulnerabilities-in-wifi-routers-ffc2d8299b8f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, netgear, usa, money, ai05-Feb-2025
All You Need To Know About Path Traversalhttps://medium.com/@ossama.cybersec/all-you-need-to-know-about-path-traversal-5a01c18e01e4?source=rss------bug_bounty-5Ossama Ahmed (@pent0ss)bug-bounty, pentesting, bug-bounty-tips, path-traversal, vulnerability05-Feb-2025
Practical and Easy Steps to Find XSS with a REAL CASE Studyhttps://medium.com/@BugRey/practical-and-easy-steps-to-find-xss-with-a-real-case-study-6959a3fbd6bf?source=rss------bug_bounty-5./Rey~web-security, penetration-testing, web-security-testing, bug-bounty-tips, bug-bounty04-Feb-2025
How I Hacked My Way Into College (and Became a Life Job Afterward)https://medium.com/@shxsu1/how-i-hacked-my-way-into-college-and-became-a-life-job-afterward-aef3e0e7e843?source=rss------bug_bounty-5shxsu1college, bug-bounty, hacking04-Feb-2025
[A Practical Guide] Exploiting SSRF with Filter Bypass via Open Redirection  —  SSRF Labshttps://bashoverflow.medium.com/a-practical-guide-exploiting-ssrf-with-filter-bypass-via-open-redirection-ssrf-labs-e0cfaa0c5774?source=rss------bug_bounty-5Bash Overflowbug-bounty, ssrf-exploitation, open-redirection-exploit, ssrf, bypassing-ssrf-filters04-Feb-2025
Bug Bounty Hunting: Lab Setup & Traffic Interception Guidehttps://medium.com/@muhammad4208/bug-bounty-hunting-lab-setup-traffic-interception-guide-d2b9956fa455?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty, bug-bounty-program, bug-bounty-tips04-Feb-2025
How I Earned 50000 United Miles(And how you can!)https://medium.com/@thedevtaskofficial/how-i-earned-50000-united-miles-and-how-you-can-793a3b47142e?source=rss------bug_bounty-5thedevtask officialcybersecurity, vulnerability, ethical-hacking, bug-bounty, penetration-testing04-Feb-2025
Exposing Millions of Apple Users’ ticket and other details! ( Part -1 )https://virtuvil.medium.com/exposing-millions-of-apple-users-ticket-and-other-details-part-1-36bf35281cd6?source=rss------bug_bounty-5Virtuvilapple, mac, iphone, bug-bounty, bugs04-Feb-2025
Hacking the Unseen: Finding Bugs Others Misshttps://medium.com/@Zebbern/hacking-the-unseen-finding-bugs-others-miss-a561efecf35d?source=rss------bug_bounty-5Zebbernbug-bounty, pentesting, cybersecurity, hacking, artificial-intelligence04-Feb-2025
How I Found 2000+ Employee Details of the Indian Government Using Just Google Dorks(And What You…https://hiddendom.medium.com/how-i-found-2000-employee-details-of-the-indian-government-using-just-google-dorks-and-what-you-d8e07afba27e?source=rss------bug_bounty-5Gokuleswaran Bbug-bounty-tips, bug-bounty, bugs, google-dork, penetration-testing04-Feb-2025
Easy Way to Find Exposed Sensitive API Keys in JS Fileshttps://infosecwriteups.com/easy-way-to-find-exposed-sensitive-api-keys-in-js-files-d9f9fccb18bb?source=rss------bug_bounty-5Abhijeet kumawatinfosec, bug-bounty, hacking, money, bug-bounty-tips04-Feb-2025
Bug Bounty Hunting: Web Hacking Reconnaissancehttps://medium.com/@muhammad4208/bug-bounty-hunting-web-hacking-reconnaissance-78ac0effbae7?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-program04-Feb-2025
How I Earned 50000 bounty(And how you can do it too)https://medium.com/@thedevtaskofficial/how-i-earned-50000-united-miles-and-how-you-can-793a3b47142e?source=rss------bug_bounty-5thedevtask officialcybersecurity, vulnerability, ethical-hacking, bug-bounty, penetration-testing04-Feb-2025
The Rising Importance of Bug Bounty Programs in the Fight Against Cybercrimehttps://medium.com/@moredevraj370/the-rising-importance-of-bug-bounty-programs-in-the-fight-against-cybercrime-266f3e03bc2a?source=rss------bug_bounty-5Devraj Morelinux, cybersecurity-course, bug-bounty, ethical-hacking-course, ransomware04-Feb-2025
Bug Bounty Hunting: Web Vulnerabilitieshttps://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerabilities-1e9b6a0d5ec3?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty, bug-bounty-hunter, bug-bounty-program, bug-bounty-tips04-Feb-2025
Mastering Burp Suite: The Ultimate Cyber Swiss Army Knife for Bug Bountieshttps://myselfakash20.medium.com/mastering-burp-suite-the-ultimate-cyber-swiss-army-knife-for-bug-bounties-df1398bb037f?source=rss------bug_bounty-5Akash Ghoshtechnology, bug-bounty-tips, bugbounty-writeup, bug-bounty, cybersecurity04-Feb-2025
XSS — Cross-site scripting (DOM-Based)https://medium.com/@F4lc0n/xss-cross-site-scripting-dom-based-e7b83ab67a1e?source=rss------bug_bounty-5F4lc0nhacking, pentest, dom-based-xss, bug-bounty, xss-vulnerability04-Feb-2025
Day[2/30] Bug Bounty for Beginners Full coursehttps://medium.com/@hrofficial62/day-2-30-bug-bounty-for-beginners-full-course-0a8de66836c0?source=rss------bug_bounty-5Mr Horbiobug-bounty, tips, ethical-hacking, pentesting, cybersecurity04-Feb-2025
Find Details of Any Phone Number Using PhoneInfogahttps://aimasterprompt.medium.com/find-details-of-any-phone-number-using-phoneinfoga-8b200015a479?source=rss------bug_bounty-5aimastertechnology, investigation, cybersecurity, bug-bounty, infosec04-Feb-2025
The Silent Breach: A Story of Leaked Token and PIIhttps://medium.com/@bughunt.bochi/the-silent-breach-a-story-of-leaked-token-and-pii-4576658030e3?source=rss------bug_bounty-5Yash Nimbalkarsecurity, bug-bounty, bug-bounty-writeup, information-security, cybersecurity04-Feb-2025
Best Hackers Channels on Internet Worth Following!https://medium.com/@doby4535/best-hackers-channels-on-internet-worth-following-a498f1caf697?source=rss------bug_bounty-5Dobysecexploit, penetration-testing, bug-bounty, hacking, ethical-hacking04-Feb-2025
Russian Hackers Exploit Zero-Day Attacks Against Ukrainehttps://medium.com/@wiretor/russian-hackers-exploit-zero-day-attacks-against-ukraine-c96042b7989e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, bug-bounty, ai, hacker, russian04-Feb-2025
Exploring a New SQLi Vulnerability: A Ghauri Experiencehttps://medium.com/meetcyber/exploring-a-new-sqli-vulnerability-a-ghauri-experience-541c588dc00d?source=rss------bug_bounty-5Erkan Kavassql-injection, bug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity04-Feb-2025
From Rookie to Bounty: How a $400 IDOR Flaw on HackerOne Cracked Open My Cybersecurity Journeyhttps://medium.com/@Arsenelupin12/from-rookie-to-bounty-how-a-400-idor-flaw-on-hackerone-cracked-open-my-cybersecurity-journey-1566b8564ae4?source=rss------bug_bounty-5Wasted Resourcesbug-bounty-tips, hacking, bug-bounty, hackthebox, cybersecurity04-Feb-2025
From alert(origin) to ATO, an XSS Storyhttps://medium.com/@remmy9/from-alert-origin-to-ato-an-xss-story-d6bd2684bdca?source=rss------bug_bounty-5Remmybug-bounty, xss-attack, cybersecurity04-Feb-2025
Live Love WAF — Skirt the firewalls or die tryinghttps://medium.com/@l_s_/live-love-waf-skirt-the-firewalls-or-die-trying-4120facb41c8?source=rss------bug_bounty-5LSbug-bounty, hacking, javascript, bug-bounty-writeup, cybersecurity04-Feb-2025
The Ghost Email Heist — Stealing Accounts from the Futurehttps://medium.com/@shxsu1/the-ghost-email-heist-stealing-accounts-from-the-future-9fce3ae1c086?source=rss------bug_bounty-5shxsu1hacking, email, brute-force, account-takeover, bug-bounty04-Feb-2025
Understanding API Security with OpenAPI: A Security Engineer’s Perspectivehttps://medium.com/cyprox-io/understanding-api-security-with-openapi-a-security-engineers-perspective-b8083c457a8a?source=rss------bug_bounty-5Orhan YILDIRIMbug-bounty, ai, web, cybersecurity, artificial-intelligence03-Feb-2025
Javascript to API Bugshttps://medium.com/cyprox-io/javascript-to-api-bugs-3b5a778e51b7?source=rss------bug_bounty-5Orhan YILDIRIMapi, vulnerability-scanning, bug-bounty, web-application-security, bug-bounty-tips03-Feb-2025
Google did an Oopsie: a simple IDOR worth $3,133.7https://infosecwriteups.com/google-did-an-oopsie-a-simple-idor-worth-3-133-7-2abefaef954d?source=rss------bug_bounty-5accalonidor, hacking, bug-bounty03-Feb-2025
Blind SSRF with Out-of-Band Detection: Step-by-Step Exploitation & Prevention  —  SSRF Labshttps://bashoverflow.medium.com/blind-ssrf-with-out-of-band-detection-step-by-step-exploitation-prevention-ssrf-labs-d8a4d890184d?source=rss------bug_bounty-5Bash Overflowportswigger-lab, ssrf, blind-ssrf, ssrf-exploitation, bug-bounty03-Feb-2025
Top 235 IDOR Bug Bounty Reportshttps://aimasterprompt.medium.com/top-235-idor-bug-bounty-reports-e00c8061fe28?source=rss------bug_bounty-5aimasterinfosec, bug-bounty, vulnerability, hacking, idor03-Feb-2025
Manually Bypassing the Client-Side Validation leading to Command Injectionhttps://medium.com/@markanthonyagudo/manually-bypassing-the-client-side-validation-leading-to-command-injection-b0aa6ee531e4?source=rss------bug_bounty-5Angelo Agudocybersecurity, security, hacking, bug-bounty, hackthebox03-Feb-2025
When the Walls Aren’t as Secure as They Seem: My Instagram Discoveryhttps://medium.com/@nowshekhari/when-the-walls-arent-as-secure-as-they-seem-my-instagram-discovery-cf29a7f40741?source=rss------bug_bounty-5Abhishek Harimeta, cybersecurity, bug-bounty, privacy, instagram03-Feb-2025
20 Comprehensive Browser Extensions You Can’t Miss as a Bug Bounty Hunterhttps://osintteam.blog/20-comprehensive-browser-extensions-you-cant-miss-as-a-bug-bounty-hunter-e33042e59a6d?source=rss------bug_bounty-5Sacony Chukwubug-bounty-tips, penetration-testing, cybersecurity, hacking, bug-bounty03-Feb-2025
FFUF Mastery: The Ultimate Web Fuzzing Guidehttps://osintteam.blog/ffuf-mastery-the-ultimate-web-fuzzing-guide-f7755c396b92?source=rss------bug_bounty-5coffinxptechnology, hacking, bug-bounty, bug-bounty-tips, cybersecurity03-Feb-2025
Finding a no-limit bug on the invite teammate page.https://cybersecuritywriteups.com/finding-a-no-limit-bug-on-the-invite-teammate-page-c495f9f86781?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, no-rate-limit, hacking, penetration-testing03-Feb-2025
Web Cache Poisoning: The Overlooked Attack with High Impacthttps://medium.com/@HackerNasr/web-cache-poisoning-the-overlooked-attack-with-high-impact-4cede5c04f7b?source=rss------bug_bounty-5HackerNasrbug-bounty, cybersecurity, penetration-testing, ethical-hacking, web-security03-Feb-2025
1 Click ATO on a public Bugcrowd Programhttps://medium.com/@68abdelrahmanmohamed/1-click-ato-on-a-public-bugcrowd-program-94ef037d0d50?source=rss------bug_bounty-5Abdulrahmanbug-bounty03-Feb-2025
Solving the Basic Pentesting CTF | TryHackMehttps://medium.com/@heshammr.robot/solving-the-basic-pentesting-ctf-tryhackme-fceb90aa1fbe?source=rss------bug_bounty-50xData Ghosthacking, tryhackme, penetration-testing, ctf, bug-bounty03-Feb-2025
Platforms and vulnerable web apps for practicing and learning web pen testinghttps://medium.com/h7w/platforms-and-vulnerable-web-apps-for-practicing-and-learning-web-pen-testing-815a86ea5247?source=rss------bug_bounty-5loyalonlytodayhacking, cybersecurity, tips, learning, bug-bounty03-Feb-2025
Best YouTube channels to learn bug hunting and penetration testinghttps://osintteam.blog/best-youtube-channels-to-learn-bug-hunting-and-penetration-testing-350b1422bbe9?source=rss------bug_bounty-5loyalonlytodayethical-hacking, cybersecurity, bug-bounty, tips, hacking03-Feb-2025
how i found xss in lenovo asset?https://doordiefordream.medium.com/how-i-found-xss-in-lenovo-asset-64cf5e58676a?source=rss------bug_bounty-5Bug hunter balutechnology, bug-bounty, cybersecurity, ethical-hacking, web303-Feb-2025
Top Hacking Gadgets for 2025https://medium.com/@verylazytech/top-hacking-gadgets-for-2025-174c5bd4f284?source=rss------bug_bounty-5Very Lazy Techhacking-gadgets, hacking, hak5, cybersecurity, bug-bounty03-Feb-2025
Mattermost Privilege Escalation — A Business Acceptable Risk?https://medium.com/@duality084/mattermost-privilege-escalation-a-business-acceptable-risk-d83b91d4413e?source=rss------bug_bounty-5Matias Ramirezbugbounty-writeup, bug-bounty-tips, mattermost, bug-bounty03-Feb-2025
Get Easy $$$ from Web Parameter Tamperinghttps://medium.com/readers-club/get-easy-from-web-parameter-tampering-df993b0136b1?source=rss------bug_bounty-5Abhijeet kumawatai, bug-bounty, hacking, infosec, money03-Feb-2025
⚡Critical XSS in DeepSeek AIhttps://systemweakness.com/critical-xss-in-deepseek-ai-b57090985e97?source=rss------bug_bounty-5It4chis3cxss-attack, ai, hacking, bug-bounty, deepseek03-Feb-2025
Find Primary Domains for Bug Bounty Using Censys Search: Complete Guidehttps://medium.com/@hacker_might/find-primary-domains-for-bug-bounty-using-censys-search-complete-guide-a26ea5eea5c2?source=rss------bug_bounty-5hacker_mightbug-bounty, reconnaissance, primary-domain, recon, bug-bounty-tips03-Feb-2025
How Loose Regex Can Earn You a Bounty for an Open Redirect Filter Bypass Bughttps://medium.com/@halfcircassian/how-bad-regex-can-earn-you-a-bounty-for-an-open-redirect-filter-bypass-bug-6845a2b83f7c?source=rss------bug_bounty-5Sıla Özerenbug-bounty-writeup, regex, bug-bounty-tips, open-redirect, bug-bounty03-Feb-2025
From Debug page to Database accesshttps://ro0od.medium.com/from-debug-page-to-database-access-e81ca8be1711?source=rss------bug_bounty-5roodbug-bounty03-Feb-2025
Discovering and Reporting a Reflective XSS Vulnerabilityhttps://medium.com/@debang5hu/discovering-and-reporting-a-reflective-xss-vulnerability-8c5e14206d17?source=rss------bug_bounty-5debang5hucross-site-scripting, blackbox-ai, cybersecurity, bug-bounty03-Feb-2025
Common Vulnerabilities Found in Bug Bounty Programs but Overlooked in Traditional Penetration…https://medium.com/@hackrate/common-vulnerabilities-found-in-bug-bounty-programs-but-overlooked-in-traditional-penetration-10edc6a9ec1e?source=rss------bug_bounty-5Levente Molnarbug-bounty, hacking, ethical-hacking, bug-bounty-tips, penetration-testing03-Feb-2025
Secator: A Powerful Security Workflow Automation Toolhttps://osintteam.blog/secator-a-powerful-security-workflow-automation-tool-41995057c731?source=rss------bug_bounty-5Monika sharmabug-bounty-tips, hacking, bug-bounty, technology, penetration-testing03-Feb-2025
Practical Guide to Finding SQL Injection (Real Case Study)https://medium.com/@BugRey/practical-guide-to-finding-sql-injection-real-case-study-3625bdb9d8c3?source=rss------bug_bounty-5./Rey~bug-bounty, bug-bounty-tips, web-security-testing, web-security, penetration-testing03-Feb-2025
Find Primary Domains for Bug Bounty Using Censys Search: Complete Guidehttps://osintteam.blog/find-primary-domains-for-bug-bounty-using-censys-search-complete-guide-a26ea5eea5c2?source=rss------bug_bounty-5hacker_mightbug-bounty, reconnaissance, primary-domain, recon, bug-bounty-tips03-Feb-2025
Top 10 Bug Bounty Platforms to Earn Money Onlinehttps://hackreveals.medium.com/top-10-bug-bounty-platforms-to-earn-money-online-fbea54cf7cbb?source=rss------bug_bounty-5Prakash Tiwaribug-bounty, side-hustle, earn-money-online, make-money-online, bug-bounty-writeup02-Feb-2025
Automate Vulnerability Detection in Burp Suite with bCheckshttps://medium.com/mr-plan-publication/automate-vulnerability-detection-in-burp-suite-with-bchecks-667b6e58a70c?source=rss------bug_bounty-5Monika sharmapentesting, bug-bounty-tips, hacking, bug-bounty, technology02-Feb-2025
XSS on GeeksforGeekshttps://cybersecuritywriteups.com/xss-on-geeksforgeeks-2eafcbbf90b0?source=rss------bug_bounty-5AbhirupKonwarpentesting, xss-attack, bug-bounty-tips, bug-bounty-writeup, bug-bounty02-Feb-2025
Bug Bounty Hunting: How the Internet Workshttps://medium.com/@muhammad4208/bug-bounty-hunting-how-the-internet-works-ca0327bf53c5?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty, bug-bounty-program, bug-bounty-tips, bug-bounty-hunter02-Feb-2025
Bug Bounty Hunting: Sustaining Your Successhttps://medium.com/@muhammad4208/bug-bounty-hunting-sustaining-your-success-6b9e3880411b?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty, bug-bounty-tips, bug-bounty-program, bug-bounty-hunter02-Feb-2025
Introducing CMS Detector — A Powerful CMS Detection Tool!https://mistry4592.medium.com/introducing-cms-detector-a-powerful-cms-detection-tool-8b7a2f1dcdc4?source=rss------bug_bounty-5Chirag-Mistrypython3, cms-detector, penetration-testing, bug-bounty, cybersecurity02-Feb-2025
Bug Bounty Huntinghttps://medium.com/@muhammad4208/bug-bounty-hunting-ac9b732559b5?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-program02-Feb-2025
Day[1/30] Bug Bounty for Beginners Full coursehttps://medium.com/@hrofficial62/day-1-30-bug-bounty-for-beginners-full-course-e88e7425c92c?source=rss------bug_bounty-5Mr Horbiohacking, pentesting, cybersecurity, bug-bounty, ethical-hacking02-Feb-2025
Hacking Routers & IoT Devices with Routersploit: A Detailed Cheat Sheethttps://medium.com/@verylazytech/hacking-routers-iot-devices-with-routersploit-a-detailed-cheat-sheet-470a54fd3621?source=rss------bug_bounty-5Very Lazy Techroutersploit, penetration-testing, hacking-router, iot-security, bug-bounty02-Feb-2025
Unveiling the Power of Shodan: A Step-by-Step Technical Guide to Internet Reconnaissancehttps://medium.com/@zoningxtr/unveiling-the-power-of-shodan-a-step-by-step-technical-guide-to-internet-reconnaissance-e61212b7407f?source=rss------bug_bounty-5Zoningxtrpython-programming, bug-bounty, penetration-testing, web-development, iot02-Feb-2025
100 DAYS OF JAVASCRIPThttps://medium.com/@KC100/100-days-of-javascript-09392b1797fc?source=rss------bug_bounty-5Keorapetse Malgasbug-bounty, ethical-hacking, 100daysofcode, cybersecurity, javascript02-Feb-2025
2 Arrested in Crackdown on Nulled and Cracked Hacking Forumshttps://medium.com/@wiretor/2-arrested-in-crackdown-on-nulled-and-cracked-hacking-forums-249ed458214a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, money, cybersecurity, lafires, ai02-Feb-2025
Apple iPhone USB-C Security Breachhttps://medium.com/@wiretor/apple-iphone-usb-c-security-breach-34011863045a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, money, malware, ai, apple02-Feb-2025
Finding Exposed Sensitive API Keys in JS Fileshttps://infosecwriteups.com/finding-exposed-sensitive-api-keys-in-js-files-5c129fb1f2c7?source=rss------bug_bounty-5Spectat0rguycybersecurity, technology, programming, bug-bounty, bug-bounty-tips02-Feb-2025
DeepSeek’s Vulnerabilities and Challenges: A Critical Analysishttps://medium.com/@HexaGaurd/deepseeks-vulnerabilities-and-challenges-a-critical-analysis-7b350644626d?source=rss------bug_bounty-5HexaGaurdethical-hacking, penetration-testing, security, bug-bounty, cybersecurity02-Feb-2025
2025: The Year to Start PTaaShttps://medium.com/@hackrate/2025-the-year-to-start-ptaas-c180f83617dd?source=rss------bug_bounty-5Levente Molnarbug-bounty, cybersecurity, hacking, ethical-hacking, penetration-testing02-Feb-2025
A $150 Bug in My Methodology!https://medium.com/@jkooo12/a-150-bug-in-my-methodology-8a51cdac53d4?source=rss------bug_bounty-5jack markezcybersecurity, hackerone, hacking, bug-bounty, writers-on-medium02-Feb-2025
Easy Peasy RXSShttps://medium.com/@dsmodi484/easy-peasy-rxss-2f4bb1ec1d38?source=rss------bug_bounty-5cryptoshantcybersecurity, bug-bounty, xss-attack, sqlmap, hacking01-Feb-2025
Finding an easy bug to get an easy $$$https://osintteam.blog/finding-an-easy-bug-to-get-an-easy-14f2426ba933?source=rss------bug_bounty-5loyalonlytodaybug-bounty, tips, penetration-testing, cybersecurity, hacking01-Feb-2025
Google: HTML Injection Bughttps://medium.com/@kumawatabhijeet2002/google-html-injection-bug-14a50e12bb96?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, money, hacking, infosec, bug-bounty-tips01-Feb-2025
The Art of Doing Source Code Reviewhttps://green-terminals.medium.com/the-art-of-doing-source-code-review-c98ae0e35f84?source=rss------bug_bounty-5Aditya Ranacybersecurity, ai, source-code-review, programming, bug-bounty01-Feb-2025
Dangerous Commands You Shouldn’t Execute in Linuxhttps://bitpanic.medium.com/dangerous-commands-you-shouldnt-execute-in-linux-fce596a45a8c?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, cybersecurity, programming, technology, bug-bounty01-Feb-2025
How to Create Advanced Custom Wordlist? Dive into Recon Part 4https://systemweakness.com/how-to-create-advanced-custom-wordlist-dive-into-recon-part-4-78c2d218a35a?source=rss------bug_bounty-5It4chis3csubdomain-enumeration, secrets, custom-wordlist, bug-bounty, wordlist01-Feb-2025
How I Earned a $500 Bounty by Exploiting a Hidden Vulnerability (Without Even Trying)https://medium.com/@thedevtaskofficial/how-i-earned-a-500-bounty-by-exploiting-a-hidden-vulnerability-without-even-trying-d22229d4d8bd?source=rss------bug_bounty-5thedevtask officialbug-bounty-tips, bug-bounty-writeup, bug-bounty, hacking, bugs01-Feb-2025
Most Overlooked & Easiest Vulnerability - Part 2https://progprnv.medium.com/most-overlooked-easiest-vulnerability-ever-existed-550f1e2dc912?source=rss------bug_bounty-5progprnvbug-bounty-writeup, bug-bounty-tips, bug-bounty, bug-bounty-program, cybersecurity01-Feb-2025
How to hack cameras easily and quicklyhttps://medium.com/@CTRL2030/how-to-hack-cameras-easily-and-quickly-babde709a9b8?source=rss------bug_bounty-5CTRLcybersecurity, hacking, bug-bounty, penetration-testing, iot01-Feb-2025
WEB REQUEST — CRUD APIhttps://medium.com/@markanthonyagudo/web-request-crud-api-962284ea5e2b?source=rss------bug_bounty-5Angelo Agudocybersecurity, bug-bounty, penetration-tester, webrequest, web-security01-Feb-2025
How I Earned a $500 Bounty by Exploiting a Hidden Vulnerability (Without Even Trying)https://medium.com/@thedevtaskofficial/how-i-earned-a-500-bounty-by-exploiting-a-hidden-vulnerability-without-even-trying-d22229d4d8bd?source=rss------bug_bounty-5thedevtask officialbug-bounty, vulnerability, penetration-testing, ethical-hacking, cybersecurity01-Feb-2025
Unauthorized Data Upload in Alibaba Cloud Object Storage Servicehttps://medium.com/@muhammadwaseem29/unauthorized-data-upload-in-alibaba-cloud-object-storage-service-cefa6abcef7f?source=rss------bug_bounty-5Muhammad Waseembug-bounty-tips, infosec, bug-bounty, cybersecurity, hacking01-Feb-2025
Collection of Wordlists for Bug Bounty Huntershttps://aimasterprompt.medium.com/collection-of-wordlists-for-bug-bounty-hunters-a07c0dee92ff?source=rss------bug_bounty-5aimastercybersecurity, bug-bounty-tips, bug-bounty, technology, infosec01-Feb-2025
Top Forensic Tools Every Investigator Should Know About | The Complete Guide to Essential Tools and…https://mhmmuneef.medium.com/top-forensic-tools-every-investigator-should-know-about-the-complete-guide-to-essential-tools-and-b32081321cf9?source=rss------bug_bounty-5Mohammed Muneefforensics, hacking, technology, bug-bounty, cybersecurity01-Feb-2025
️Nmap Command that Bug Hunters use often️https://medium.com/@shaheeryasirx1/%EF%B8%8Fnmap-command-that-bug-hunters-use-often-%EF%B8%8F-6bc599576641?source=rss------bug_bounty-5Shaheer Yasirbug-bounty, offensive-security, hacking, cybersecurity, nmap01-Feb-2025
Basics In Reverse Engineering (RE)https://medium.com/@lukwagoasuman236/basics-in-reverse-engineering-re-0591c96b5c1e?source=rss------bug_bounty-5lukewagomalware-analysis, reverse-engineering, bug-bounty, programming-languages, cybersecurity01-Feb-2025
Top Alternatives to Burp Collaborator: Using Interactsh for SSRF Detection and Bug Bounty Huntinghttps://medium.com/@hacker_might/top-alternatives-to-burp-collaborator-using-interactsh-for-ssrf-detection-and-bug-bounty-hunting-099a1e156dfc?source=rss------bug_bounty-5hacker_mightreconnaissance, discovery-projects, ssrf, ssrf-detection, bug-bounty01-Feb-2025
1000$ Bounty: OAuth Bypasshttps://cybersecuritywriteups.com/1000-bounty-oauth-bypass-97c3658729c0?source=rss------bug_bounty-5Abhijeet kumawatmoney, hacking, bug-bounty, infosec, bug-bounty-tips01-Feb-2025
PS 5 pin bypasshttps://medium.com/@momo334678/ps-5-pin-bypass-457c41aca93b?source=rss------bug_bounty-5coderMohammedprogramming, bug-bounty, playstation, automation, hacking01-Feb-2025
Easy P3 Bug | LDAP Null Bind leads to extract sensitive credentialshttps://medium.com/meetcyber/easy-p3-bug-ldap-null-bind-leads-to-extract-sensitive-credentials-0d06b8d58d99?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, vulnerability, bug-bounty-tips, pentesting, bug-bounty-writeup01-Feb-2025
picoCTF Web Exploitation: IntroToBurphttps://medium.com/@Kamal_S/picoctf-web-exploitation-introtoburp-a2b50bf8e985?source=rss------bug_bounty-5Kamal Sowasp, bug-bounty, burpsuite, picoctf, intro-to-burp01-Feb-2025
Mock Test Capen: How We Cracked Ithttps://medium.com/@aleens09/mock-test-capen-how-we-cracked-it-f735df5a6a2c?source=rss------bug_bounty-5Aleenscybersecurity, capture-the-flag, bug-bounty, hacking, ctf-writeup01-Feb-2025
Connect Burp suite to your Browser.https://medium.com/@aravindhyox/connect-burp-suite-to-your-browser-f819fada96a5?source=rss------bug_bounty-5Aravindh Yoxburpsuite, bug-bounty, browsers, hacking01-Feb-2025
My Bug Hunting Methodology Approach to Finding Bugs Easilyhttps://medium.com/@mahdisalhi0500/my-bug-hunting-methodology-approach-to-finding-bugs-easily-30082f35b455?source=rss------bug_bounty-5CaptinSHArky(Mahdi)bug-bounty-tips, hacking, bug-bounty, information-security, penetration-testing01-Feb-2025
Understanding MITRE ATT&CK Groups: A Technical Analysishttps://medium.com/@paritoshblogs/understanding-mitre-att-ck-groups-a-technical-analysis-e35773a46cd5?source=rss------bug_bounty-5Paritoshhacking, cybersecurity, information-technology, mitre-attack, bug-bounty01-Feb-2025
Texas Governor Orders Ban on DeepSeek, RedNote for Government Deviceshttps://medium.com/@wiretor/texas-governor-orders-ban-on-deepseek-rednote-for-government-devices-45faa723107e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, hacking, ai, deepseek, bug-bounty01-Feb-2025
Hackers Exploit Gemini AI to Enhance Cyberattackshttps://medium.com/@wiretor/hackers-exploit-gemini-ai-to-enhance-cyberattacks-45f360de9de5?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, ai, bug-bounty, google, hacking01-Feb-2025
Top Alternatives to Burp Collaborator: Using Interactsh for SSRF Detection and Bug Bounty Huntinghttps://osintteam.blog/top-alternatives-to-burp-collaborator-using-interactsh-for-ssrf-detection-and-bug-bounty-hunting-099a1e156dfc?source=rss------bug_bounty-5hacker_mightreconnaissance, discovery-projects, ssrf, ssrf-detection, bug-bounty01-Feb-2025
$150 Bug Bounty No Rate Limit 🙂https://cyberritzzz.medium.com/150-bug-bounty-no-rate-limit-b77cc6fa7708?source=rss------bug_bounty-5Cyb3rR1tzzzcybersecurity, bug-bounty, hackerone01-Feb-2025
AI & Digital Tools for Neurodiverse Bug Bounty Hunters — A Beginner’s Guidehttps://medium.com/@neurodiversehackers/ai-digital-tools-for-neurodiverse-bug-bounty-hunters-a-beginners-guide-b1d24fdc7bbb?source=rss------bug_bounty-5NeurodiverseHackerscybersecurity, cyber-security-awareness, organization, neurodiversity, bug-bounty01-Feb-2025
OoHow to get a Job in the Cybersecurity field [With my experience]https://medium.com/@hrofficial62/oohow-to-get-a-job-in-the-cybersecurity-field-with-my-experience-84b34ad95641?source=rss------bug_bounty-5Mr Horbiopentesting, bug-bounty, bugbounty-writeup, ethical-hacking, cybersecurity31-Jan-2025
How I used shodan to discover 3 easy bugs on VDP program?https://medium.com/@hamdiyasin135/how-i-used-shodan-to-discover-3-easy-bugs-on-vdp-program-1ddd8b291320?source=rss------bug_bounty-5yassin hamdihacking, hacker, recon, information-security, bug-bounty31-Jan-2025
Fuzzuli: A Powerful Content Discovery Tool for Bug Bounty Huntershttps://medium.com/@commanak46/fuzzuli-a-powerful-content-discovery-tool-for-bug-bounty-hunters-f33b67dd4410?source=rss------bug_bounty-5Monika sharmabug-bounty-tool, technology, bug-bounty-tips, bug-bounty, pentesting31-Jan-2025
Secret Dork Hunting Methodology (Part1)https://systemweakness.com/secret-dork-hunting-methodology-part1-6f06b5c47931?source=rss------bug_bounty-5AbhirupKonwarpenetration-testing, pentesting, bug-bounty, ethical-hacking, bug-bounty-tips31-Jan-2025
AI Security: Challenges and Practical Solutionshttps://medium.com/@paritoshblogs/ai-security-challenges-and-practical-solutions-8a78a348fe1d?source=rss------bug_bounty-5Paritoshsecurity, hacking, bug-bounty, ai, cybersecurity31-Jan-2025
Zero Trust Security: Why It’s the Future of Cyber Protection in 2025https://medium.com/@adibostoninstitute123/zero-trust-security-why-its-the-future-of-cyber-protection-in-2025-86b5f0e42fa4?source=rss------bug_bounty-5Aditya Tripathiethical-hacking, bug-bounty, cybersecurity, cybersecurity-course, security31-Jan-2025
Finding an Easy Bughttps://cybersecuritywriteups.com/finding-an-easy-bug-a326dca448ed?source=rss------bug_bounty-5loyalonlytodaytips, cybersecurity, bug-bounty, hacking, bugs31-Jan-2025
Start Web3 Bug Bounty and earn upto $1Mhttps://medium.com/@anandrishav2228/start-web3-bug-bounty-and-earn-upto-1m-e212f9468b88?source=rss------bug_bounty-5Rishav anandbug-bounty, web3, money, cybersecurity, hacking31-Jan-2025
XSS + ARP Poisoning results in full account takeoverhttps://medium.com/@amir_kazi3/xss-arp-poisoning-results-in-full-account-takeover-f3f2be2ff843?source=rss------bug_bounty-5Amirali Kazeroonicybersecurity, xss-attack, pentesting, networking, bug-bounty31-Jan-2025
How I Found Dom-XSS on My Collage Website !!!https://medium.com/@jainilborisagar123/how-i-found-dom-xss-on-my-collage-website-572453ed1227?source=rss------bug_bounty-5Jainil Borisagarbug-bounty, college, xss-attack, cybersecurity, xss-vulnerability31-Jan-2025
Dorks For Sensitive Information Disclosurehttps://medium.com/@devanshpatel930/dorks-for-sensitive-information-disclosure-31fb90ad6f21?source=rss------bug_bounty-5Devanshpatelbug-bounty, information-disclosure, bug-bounty-tips, bug-bounty-writeup, cybersecurity31-Jan-2025
Admin Panel Exploit Leaks 1 Million User Records on Logitechhttps://medium.com/@zerodaystories/admin-panel-exploit-leaks-1-million-user-records-on-logitech-3c0b20189d30?source=rss------bug_bounty-50day storiesbug-bounty-tips, penetration-testing, bug-bounty, cybersecurity, bug-bounty-writeup31-Jan-2025
SaaS platform for Subdomain Enumeration Tool for Bug Hunters and Pentestershttps://aimasterprompt.medium.com/saas-platform-for-subdomain-enumeration-tool-for-bug-hunters-and-pentesters-cf20d4b8ff18?source=rss------bug_bounty-5aimastertechnology, bug-bounty-writeup, saas, cybersecurity, bug-bounty31-Jan-2025
Admin Panel Exploit Leaks 1 Million User Records on Logitechhttps://osintteam.blog/admin-panel-exploit-leaks-1-million-user-records-on-logitech-3c0b20189d30?source=rss------bug_bounty-50day storiesbug-bounty-tips, penetration-testing, bug-bounty, cybersecurity, bug-bounty-writeup31-Jan-2025
Web Cache Deception Attack: How Hackers Trick Your Cachehttps://medium.com/@nikith_g_karkera/web-cache-deception-attack-how-hackers-trick-your-cache-e71fd64b5e23?source=rss------bug_bounty-5zer0_bugspentesting, hacking, web-cache-deception, ethical-hacking, bug-bounty31-Jan-2025
Title:The Silent Takeover: How a Tiny Oversight Led to a Major Security Riskhttps://medium.com/@thedevtaskofficial/title-the-silent-takeover-how-a-tiny-oversight-led-to-a-major-security-risk-1d051030d6e8?source=rss------bug_bounty-5thedevtask officialhacking, hacker, bug-bounty, bug-bounty-tips, bug-bounty-writeup31-Jan-2025
Account Takeover via Cookie Attribute Manipulation — A Unique Methodhttps://medium.com/@pauldipesh29/account-takeover-via-cookie-attribute-manipulation-a-unique-method-ea66a78cdb06?source=rss------bug_bounty-5Dipesh Paulowasp, hacking, ethical-hacking, bug-bounty, penetration-testing31-Jan-2025
Globe Life Data Breach May Impact an Additional 850,000 Clientshttps://medium.com/@wiretor/globe-life-data-breach-may-impact-an-additional-850-000-clients-822a0d4084c1?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, bug-bounty, globe, trump, money31-Jan-2025
Mizuno USA Data Breach: Hackers Had Access for Two Monthshttps://medium.com/@wiretor/mizuno-usa-data-breach-hackers-had-access-for-two-months-ed0ae492ada5?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmizuno, bug-bounty, money, ai, trump31-Jan-2025
Google Blocks 2.36 Million Risky Android Apps from Play Store in 2024https://medium.com/@wiretor/google-blocks-2-36-million-risky-android-apps-from-play-store-in-2024-8ae68808d046?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, bug-bounty, trump, google, money31-Jan-2025
$100 Easy Bounty p4 bug 🙂https://cyberritzzz.medium.com/100-easy-bounty-p4-bug-083943865238?source=rss------bug_bounty-5Cyb3rR1tzzzwriters-on-medium, hacking, bug-bounty, bugs, hackerone31-Jan-2025
Bug Bounty Recon Guide — Part: 1https://aimasterprompt.medium.com/bug-bounty-recon-guide-part-1-0927e7df82ef?source=rss------bug_bounty-5aimastercybersecurity, bug-bounty, bug-bounty-tips, infosec, technology30-Jan-2025
From the Dark Web to Ethical Hacking: The Journey of Monsif Hmouri in Cybersecurityhttps://monsifhmouri.medium.com/from-the-dark-web-to-ethical-hacking-the-journey-of-monsif-hmouri-in-cybersecurity-db0f5056b044?source=rss------bug_bounty-5MONSIF HMOURIanonymous, hacker, ethical-hacking, hacking, bug-bounty30-Jan-2025
Web Cache Deception: Understanding and Mitigating Security Riskshttps://0xkratos.medium.com/web-cache-deception-understanding-and-mitigating-security-risks-c35b79963a49?source=rss------bug_bounty-5Amal PKweb-security, bug-bounty, cybersecuirty, hacking, technology30-Jan-2025
️‍♂️ Mastering Recon in Bug Bounty: Tools, Techniques, and a Step-by-Step Guidehttps://medium.com/@zoningxtr/%EF%B8%8F-%EF%B8%8F-mastering-recon-in-bug-bounty-tools-techniques-and-a-step-by-step-guide-d27345269a5e?source=rss------bug_bounty-5Zoningxtrcybersecurity, penetration-testing, web3, api, bug-bounty30-Jan-2025
AppSec Logic Master on OpenBugBountyhttps://medium.com/mr-plan-publication/appsec-logic-master-on-openbugbounty-5fe67f4cd07a?source=rss------bug_bounty-5AbhirupKonwartechnology, pentesting, cybersecurity, bug-bounty, ethical-hacking30-Jan-2025
Earnings in 2025https://medium.com/@workwithsane/earnings-in-2025-1f7f344cd07d?source=rss------bug_bounty-5Saneearning-money-online, making-money, earning-money, bug-bounty, earnings30-Jan-2025
Most Overlooked & Easiest P4 Vulnerabilityhttps://progprnv.medium.com/most-overlooked-easiest-p4-vulnerability-d3a89cb10497?source=rss------bug_bounty-5progprnvbug-bounty-writeup, hacking, bug-bounty-tips, cybersecurity, bug-bounty30-Jan-2025
Ridiculously Wrong Time to Get Into Bug Bountyhttps://medium.com/@thedevtaskofficial/ridiculously-wrong-time-to-get-into-bug-bounty-364e066d6017?source=rss------bug_bounty-5thedevtaskhacking, bugcrowd, cybersecurity, hackerone, bug-bounty30-Jan-2025
Campaign: Report a Bug & Earn GUIDE Tokenshttps://bmy-guide.medium.com/campaign-report-a-bug-earn-guide-tokens-0b1d6b5613a2?source=rss------bug_bounty-5bmy.guiderewards, bmy-guide, bug-bounty, report, crypto30-Jan-2025
Ultimate Nuclei Templates: Private Collection for Quick Bountieshttps://medium.com/meetcyber/my-private-nuclei-template-collection-for-easy-bounties-ba704073d065?source=rss------bug_bounty-5coffinxpbug-bounty, technology, bug-bounty-tips, hacking, cybersecurity30-Jan-2025
3 Must-Read Bug Bounty Books to Level Up Your Skills!https://medium.com/@kumawatabhijeet2002/3-must-read-bug-bounty-books-to-level-up-your-skills-2a1c3bc2b72f?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, money, bug-bounty, hacking, books30-Jan-2025
How I Hacked the Dutch Government and Got a Lousy T-Shirthttps://medium.com/@cyberhrsh/how-i-hacked-the-dutch-government-and-got-a-lousy-t-shirt-bb0f5716bbe1?source=rss------bug_bounty-5Harsh kotharidutch, swag, hacking, dutch-government, bug-bounty30-Jan-2025
Exploring the World of Offensive Linux Security: A Deep Dive into Cyber Warfare Toolshttps://medium.com/@thecyberghost/exploring-the-world-of-offensive-linux-security-a-deep-dive-into-cyber-warfare-tools-35785e82a36d?source=rss------bug_bounty-5The Cyber Ghostoffensive-security, cybersecurity, bug-bounty, cyber-security-awareness30-Jan-2025
Advanced GitHub Dorking: More Secrets, More Automation, More Bounties!https://myselfakash20.medium.com/advanced-github-dorking-more-secrets-more-automation-more-bounties-f39dd553b1c2?source=rss------bug_bounty-5Akash Ghoshcybersecurity, bug-bounty, technology, bugbounty-writeup, bug-bounty-tips30-Jan-2025
# API Penetration Testing: Basics and Roadmap for Aspiring Security Professionalshttps://medium.com/@hack8655793/api-penetration-testing-basics-and-roadmap-for-aspiring-security-professionals-4b957e6f85ac?source=rss------bug_bounty-5CrackBugbounthuntertesting-tools, bug-bounty, api-pentesting30-Jan-2025
New Syncjacking Attack Hijacks Devices Using Chrome Extensionshttps://medium.com/@wiretor/new-syncjacking-attack-hijacks-devices-using-chrome-extensions-8d3afc416e3d?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, hacking, bug-bounty, money, ai30-Jan-2025
Ransomware Attack Disrupts New York Blood Donation Gianthttps://medium.com/@wiretor/ransomware-attack-disrupts-new-york-blood-donation-giant-a0f51c787fc6?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, trump, blood, bug-bounty, ai30-Jan-2025
Police Seizes Cracked and Nulled Hacking Forum Servers, Arrests Suspectshttps://medium.com/@wiretor/police-seizes-cracked-and-nulled-hacking-forum-servers-arrests-suspects-6f837dfec1b0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicespolice, ai, money, servers, bug-bounty30-Jan-2025
How I Bagged $300 for a Sneaky yet Simple Bughttps://medium.com/@thedevtaskofficial/how-i-bagged-300-for-a-sneaky-yet-simple-bug-f21a8a02b6e1?source=rss------bug_bounty-5thedevtaskmoney, hacking, bounty-program, money-making-ideas, bug-bounty30-Jan-2025
If Pentest-as-a-Service Is So Effective, Why Don’t Most Companies Adopt It?https://medium.com/@hackrate/if-pentest-as-a-service-is-so-effective-why-dont-most-companies-adopt-it-8b5c66ce679c?source=rss------bug_bounty-5Levente Molnarethical-hacking, cybersecurity, hacking, penetration-testing, bug-bounty30-Jan-2025
How I Earned $200 Using GitHub Dorking P=2:Advanced GitHub Dorking: More Secrets, More Automation…https://myselfakash20.medium.com/advanced-github-dorking-more-secrets-more-automation-more-bounties-f39dd553b1c2?source=rss------bug_bounty-5Akash Ghoshcybersecurity, bug-bounty, technology, bugbounty-writeup, bug-bounty-tips30-Jan-2025
Bug Bounty Hunt : Playbookhttps://santhosh-adiga-u.medium.com/bug-bounty-hunt-playbook-418866d82e84?source=rss------bug_bounty-5Santhosh Adiga Uhacking-tools, owasp-top-10, ethical-hacking, penetration-testing, bug-bounty30-Jan-2025
Google Dorking for Bug Bounty Hunters: Beginner’s Editionhttps://medium.com/@ajudeb55/google-dorking-for-bug-bounty-hunters-beginners-edition-969ecf7ccd63?source=rss------bug_bounty-5Aju Debhacking, technology, google, bug-bounty, programming30-Jan-2025
Bug Hunting Recon: Finding acquisitions of targethttps://medium.com/@ethicalhackerhuzaifa/bug-hunting-recon-finding-acquisitions-of-target-de4ec6a252a9?source=rss------bug_bounty-5Huzaifa Shaikhrecon, penetration-testing, bug-bounty-writeup, hacking, bug-bounty30-Jan-2025
Step-by-Step Guide to Solving HTB’s XSS Module: Section-by-Section Flag Solutionshttps://medium.com/@Arsenelupin12/step-by-step-guide-to-solving-htbs-xss-module-section-by-section-flag-solutions-bc07e0cb9928?source=rss------bug_bounty-5Wasted Resourceshacking, bug-bounty, cybersecurity, xss-attack, htb30-Jan-2025
Sensitive Information Disclosure in 5 minuteshttps://medium.com/@mhaziqulkhair/sensitive-information-disclosure-in-5-minutes-0de7ce868069?source=rss------bug_bounty-5Muhammad Haziqul Khairsensitive-data-exposure, web-pentesting, reconnaissance, cybersecurity, bug-bounty29-Jan-2025
Start Bug Bounty and earn $$$: Top Write-Ups, POCs & Tutorialshttps://cybersecuritywriteups.com/start-bug-bounty-and-earn-top-write-ups-pocs-tutorials-739b8a8456ab?source=rss------bug_bounty-5Abhijeet kumawathacking, infosec, bounty-program, money, bug-bounty29-Jan-2025
Discovering a Critical Vulnerability in Deepseek’s Password Reset Functionality leads to Zero Click…https://medium.com/@teamtea.ye/discovering-a-critical-vulnerability-in-deepseeks-password-reset-functionality-leads-to-zero-click-96c597fe852c?source=rss------bug_bounty-5Teamteapenetration-testing, account-takeover, deepseek-v3, deepseek, bug-bounty29-Jan-2025
Uncovering SQL Injection Vulnerabilities through JavaScript File Analysishttps://medium.com/@muhammad-/uncovering-sql-injection-vulnerabilities-through-javascript-file-analysis-d07e430ef862?source=rss------bug_bounty-5Mohammadreconnaissance, security, sql-injection, bug-bounty, web-hacking29-Jan-2025
A case study of vulnerabilities in US government systemshttps://research.ifcr.dk/a-case-study-of-vulnerabilities-in-us-government-systems-a82e9afbf6c2?source=rss------bug_bounty-5Martin Thirup Christensenbug-bounty29-Jan-2025
Uncovering Deepseek AI’s Hidden Flaw: A Dive Into Its Response Filtering Systemhttps://1-day.medium.com/uncovering-deepseek-ais-hidden-flaw-a-dive-into-its-response-filtering-system-96203b727192?source=rss------bug_bounty-51dayai, deepseek, bug-bounty, deepseek-ai, deepseek-v329-Jan-2025
2025: The Year to Start a Bug Bounty Programhttps://medium.com/@hackrate/2025-the-year-to-start-a-bug-bounty-program-6fa1b96f2013?source=rss------bug_bounty-5Levente Molnarbug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips, hacking29-Jan-2025
Top 8 Bug Bounty Books for 2025: Must-Reads for Ethical Hackershttps://medium.com/@verylazytech/top-8-bug-bounty-books-for-2025-must-reads-for-ethical-hackers-9c73d457c0f9?source=rss------bug_bounty-5Very Lazy Techcybersecurity, exploit, ethical-hacking, bug-bounty, hacking29-Jan-2025
How to Find More Subdomains for Bug Bounties? Dive into Recon part 3https://it4chis3c.medium.com/how-to-find-more-subdomains-for-bug-bounties-dive-into-recon-part-3-c9825eac2d68?source=rss------bug_bounty-5It4chis3csubdomain, subdomains-enumeration, assets, bug-bounty-tips, bug-bounty29-Jan-2025
Hackers exploiting flaws in SimpleHelp RMM to breach networkshttps://medium.com/@wiretor/hackers-exploiting-flaws-in-simplehelp-rmm-to-breach-networks-d923ec39b353?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, hacking, bug-bounty, malware, hacker29-Jan-2025
Garmin GPS Watches Crash and Enter Reboot Loop, Users Frustratedhttps://medium.com/@wiretor/garmin-gps-watches-crash-and-enter-reboot-loop-users-frustrated-d1b60092a1bb?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, ai, hacker, garmin, bug-bounty29-Jan-2025
Incident Response & Forensics: Log Analysis, Timeline Creation, and Root Cause Analysishttps://medium.com/@paritoshblogs/incident-response-forensics-log-analysis-timeline-creation-and-root-cause-analysis-95085ab1fc49?source=rss------bug_bounty-5Paritoshincident-response, cybersecurity, hacking, bug-bounty, forensics29-Jan-2025
The $500 Vulnerability: How Censys Search Led Me to a Quick Bug Bountyhttps://medium.com/@hacker_might/the-500-vulnerability-how-censys-search-led-me-to-a-quick-bug-bounty-afabeec7a176?source=rss------bug_bounty-5hacker_mightbug-bounty, reconnaissance, censys, recon, bounty-program29-Jan-2025
Easiest $225 Ever: A Simple SQL Injection Win!https://medium.com/@whoadnan01/easiest-225-ever-a-simple-sql-injection-win-f40c0a6b8e45?source=rss------bug_bounty-5WhoAdnansecurity, bug-bounty-tips, bug-hunting, bug-bounty-writeup, bug-bounty29-Jan-2025
Race Condition Attacks: Exploiting Tiny Gaps in Business Logichttps://medium.com/@HackerNasr/race-condition-attacks-exploiting-tiny-gaps-in-business-logic-c2589b9ac2e7?source=rss------bug_bounty-5HackerNasrinfosec, ethical-hacking, penetration-testing, bug-bounty, cybersecurity29-Jan-2025
How to Find More Subdomains for Bug Bounties? Dive into Recon part 3https://systemweakness.com/how-to-find-more-subdomains-for-bug-bounties-dive-into-recon-part-3-c9825eac2d68?source=rss------bug_bounty-5It4chis3csubdomain, subdomains-enumeration, assets, bug-bounty-tips, bug-bounty29-Jan-2025
Start your CTF journey now.(101)https://medium.com/@anandrishav2228/start-your-ctf-journey-now-101-fa68ed995bca?source=rss------bug_bounty-5Rishav anandctf, hacking, bug-bounty, money, cybersecurity28-Jan-2025
My Journey to Finding a Bug and Earning an Appreciation Letterhttps://medium.com/@sachinkewat809/my-journey-to-finding-a-bug-and-earning-an-appreciation-letter-88cac7109e0e?source=rss------bug_bounty-5Sachin kewatcybersecurity, hacking, oscp, vulnerability, bug-bounty28-Jan-2025
Rank Top 66 + 214 Rep on HackerOnehttps://medium.com/meetcyber/rank-top-66-214-rep-on-hackerone-c260d244ae61?source=rss------bug_bounty-5AbhirupKonwarcybersecurity, bug-bounty, hackerone, penetration-testing, ethical-hacking28-Jan-2025
Feeding Nuclei!https://clarkvoss.medium.com/feeding-nuclei-06192a30de1c?source=rss------bug_bounty-5Clark Vossbug-bounty, hacking-tools, hacking, security, cybersecurity28-Jan-2025
Opengrep : A Hype and Marketing Gimmick, let’s rename it to Privategrep.https://rohitcoder.medium.com/opengrep-a-hype-and-marketing-gimmick-lets-rename-it-to-privategrep-61225dbf9090?source=rss------bug_bounty-5Rohit kumarinfosec, bug-bounty, hacking, semgrep, cybersecurity28-Jan-2025
20 Comprehensive Browser Extensions You Can’t Miss as a Bug Bounty Hunterhttps://cybersecuritywriteups.com/20-comprehensive-browser-extensions-you-cant-miss-as-a-bug-bounty-hunter-e85b7d7c4234?source=rss------bug_bounty-5Sacony Chukwubug-bounty-tips, penetration-testing, hacking, bug-bounty, cybersecurity28-Jan-2025
️‍♂️Ultimate Guide to Finding Bugs in APIs: From Recon to Bountyhttps://medium.com/@zoningxtr/ultimate-guide-to-finding-bugs-in-apis-from-recon-to-bounty-f0cc3487780b?source=rss------bug_bounty-5Zoningxtrapi, bug-bounty, bug-bounty-tips, cybersecurity, bug-bounty-writeup28-Jan-2025
Secondary Context Leads To Company Takeover.https://medium.com/@Berserker1337/secondary-context-leads-to-company-takeover-0dc88ca751ea?source=rss------bug_bounty-5Berserkercybersecurity, web-security, vulnerability, infosec, bug-bounty28-Jan-2025
Introduction to WhiteBox Testinghttps://medium.com/@huyvo2910/introduction-to-whitebox-testing-ae4316269915?source=rss------bug_bounty-5Huy Vowhite-box-testing, bug-bounty, web-application-security, cybersecurity, penetration-testing28-Jan-2025
Web Proxyler ve Burp Suitehttps://medium.com/@onalahmet2631/web-proxyler-ve-burp-suite-c2fffb373da5?source=rss------bug_bounty-5Ahmet Önalpenetration-testing, pentesting, red-team, cybersecurity, bug-bounty28-Jan-2025
How to Exploit Reflected XSS and Bypass Cloudflare Using Waybackurls — A Bug Hunter’s Guidehttps://hackersatty.medium.com/how-to-exploit-reflected-xss-and-bypass-cloudflare-using-waybackurls-a-bug-hunters-guide-3aef1ffb80ee?source=rss------bug_bounty-5hackersattybug-bounty, bug-bounty-writeup, xss-attack, bypass-cloudflare, penetration-testing28-Jan-2025
Why Companies Are Hesitant About Bug Bounty Programshttps://medium.com/@hackrate/why-companies-are-hesitant-about-bug-bounty-programs-a5dcdea30f5c?source=rss------bug_bounty-5Levente Molnarbug-bounty-tips, hacking, cybersecurity, bug-bounty, ethical-hacking28-Jan-2025
How I Found a Ticket Booking Bug That Allowed Me to Travel Almost for Free in TNSTChttps://infosecwriteups.com/how-i-found-a-ticket-booking-bug-that-allowed-me-to-travel-almost-for-free-in-tnstc-2c7aa23aebf6?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup, infosec28-Jan-2025
CRLF Injection: A Critical Web Application Vulnerabilityhttps://0xkratos.medium.com/understanding-crlf-injection-and-its-exploitation-b8271d14452a?source=rss------bug_bounty-5Amal PKcybersecurity, vulnerability, injection, bug-bounty, web28-Jan-2025
FEW DATA BREACHES AND LEAK’S SEARCH ENGINES.https://medium.com/secure-g-o-a-t/few-data-breaches-and-leaks-search-engines-62e82e2ae682?source=rss------bug_bounty-5loyalonlytodayhacking, penetration-testing, leaked, bug-bounty, cybersecurity28-Jan-2025
XSS and CSRF ki Jodihttps://medium.com/@ajay.kumar.695632/xss-and-csrf-ki-jodi-800c3b940ddb?source=rss------bug_bounty-5Ajay Kumarpenetration-testing, bug-bounty-writeup, xss-attack, bug-bounty, bug-bounty-tips28-Jan-2025
How to Find First Bug (For Beginners)https://medium.com/@hrofficial62/how-to-find-first-bug-for-beginners-de5d82302f25?source=rss------bug_bounty-5Mr Horbiocybersecurity, penetration-testing, bug-bounty, hacking28-Jan-2025
How I Earned $200 Using GitHub Dorking: A Manual and Automated Guide to Finding Sensitive…https://myselfakash20.medium.com/how-i-earned-200-using-github-dorking-a-manual-and-automated-guide-to-finding-sensitive-ebbbfcad7296?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, bug-bounty, technology, cybersecurity, bug-bounty-writeup28-Jan-2025
Insecure Data Transport: The Hidden Danger of Downloads Without Integrity Checkshttps://medium.com/@HackerNasr/insecure-data-transport-the-hidden-danger-of-downloads-without-integrity-checks-e190883d3f14?source=rss------bug_bounty-5HackerNasrbug-bounty, cybersecurity, data-analysis, penetration-testing, ethical-hacking28-Jan-2025
The Biggest Mistake in My Bug Bounty Journey and How I Fixed Ithttps://medium.com/@mahdisalhi0500/the-biggest-mistake-in-my-bug-bounty-journey-and-how-i-fixed-it-576e2d43ea2f?source=rss------bug_bounty-5CaptinSHArky(Mahdi)penetration-testing, learning, infosec, information-security, bug-bounty28-Jan-2025
SubFinder: Automating Subdomain Enumeration for Bug Bounty in 2025https://medium.com/@halfcircassian/subfinder-automating-subdomain-enumeration-for-bug-bounty-in-2025-2fc17e385e4f?source=rss------bug_bounty-5Sıla Özerensubfinder, bug-bounty, bug-bounty-tips, bugbounty-writeup, subdomains-enumeration28-Jan-2025
What is a Supply Chain Attack?https://medium.com/@stish834/what-is-a-supply-chain-attack-84f485e371bf?source=rss------bug_bounty-5stish834computer-science, bug-bounty-tips, bug-bounty-writeup, bug-bounty, vulnerability28-Jan-2025
5 Things You Should Understand Before Jumping into Bug Bountyhttps://bitpanic.medium.com/5-things-you-should-understand-before-jumping-into-bug-bounty-813cd960c6bc?source=rss------bug_bounty-5Spectat0rguycybersecurity, technology, programming, bug-bounty, bug-bounty-tips28-Jan-2025
EU Sanctions Russian GRU Hackers for Cyberattacks Against Estoniahttps://medium.com/@wiretor/eu-sanctions-russian-gru-hackers-for-cyberattacks-against-estonia-ac7fcd59f84b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, hacker, bug-bounty, trump, money28-Jan-2025
How do I find my first CVE ?https://medium.com/@AhmadSopyan/how-do-i-find-my-first-cve-e368a89c93c5?source=rss------bug_bounty-5Ahmad Sopyancve, cybersecurity, bug-bounty, worpdress, hacking28-Jan-2025
Working SSRF Methodology For ME!https://medium.com/@sharathi72/working-ssrf-methodology-for-me-4763ae34b7db?source=rss------bug_bounty-5sharathi72bug-bounty-tips, bug-bounty, cybersecurity, methodology, bugbounty-writeup28-Jan-2025
Don’t know how to find Bounty Earning Assets? Let’s Dive Deep into Recon part 2https://it4chis3c.medium.com/dont-know-how-to-find-bounty-earning-assets-let-s-dive-deep-into-recon-part-2-7c85fdd5b6b7?source=rss------bug_bounty-5It4chis3cdmarc-record, bug-bounty-tips, dns, bug-bounty, bug-bounty-writeup28-Jan-2025
A Security Gap (PII) in a Bus Companyhttps://medium.com/meetcyber/a-security-gap-pii-in-a-bus-company-ecfe972875ff?source=rss------bug_bounty-5Erkan Kavasbug-bounty-tips, pii, bug-bounty-writeup, cybersecurity, bug-bounty28-Jan-2025
.DS_Store File: A Gift for Researchers and a Headache for Website Ownershttps://infosecwriteups.com/ds-store-file-a-gift-for-researchers-and-a-headache-for-website-owners-219724b99043?source=rss------bug_bounty-5Jioninbug-bounty, tools, information-security, mac28-Jan-2025
Pimcore 11.4.2-SQL Injection (CVE-2024–11956)https://medium.com/@maeitsec/pimcore-11-4-2-sql-injection-cve-2024-11956-869c7d5812d8?source=rss------bug_bounty-5Maeitsecbug-bounty, security28-Jan-2025
Pimcore 11.4.2-Stored XSS (CVE-2024–11954)https://medium.com/@maeitsec/pimcore-11-4-2-stored-xss-cve-2024-11954-fc262469e5b4?source=rss------bug_bounty-5Maeitsecpoc, bug-bounty, security28-Jan-2025
Practical amass — How I configure and use amass in my recon flowhttps://medium.com/@samhilliard/practical-amass-how-i-configure-and-use-amass-in-my-recon-flow-94b8814b9025?source=rss------bug_bounty-5Sam Hilliardbug-bounty-tips, recon, web, bug-bounty27-Jan-2025
IDOR Leads to Deletion of Organization Ownerhttps://medium.com/@saurabhcsec/idor-leads-to-deletion-of-organization-owner-0f0deb6a71aa?source=rss------bug_bounty-5Saurabhcsecbug-bounty-writeup, bug-bounty-tips, cybersecurity, bug-bounty27-Jan-2025
Finding an easy p4 it can be worth 200$https://medium.com/infosecmatrix/finding-a-easy-p4-it-can-be-worth-200-ddd90ffe08d8?source=rss------bug_bounty-5loyalonlytodayhacking, 4ps, ethical-hacking, bug-bounty, cybersecurity27-Jan-2025
Mastering Bug Management (Part 1)https://medium.com/@vadoliya.nikhil99/mastering-bug-management-part-1-f951e1cf46d0?source=rss------bug_bounty-5Nikhil Vadoliyaleadership, product-management, technology, bug-bounty, programming27-Jan-2025
Bypassing Web Application Firewalls with Shell Globbinghttps://0xkratos.medium.com/bypassing-web-application-firewalls-with-shell-globbing-8af82ff0cc8a?source=rss------bug_bounty-5Amal PKlinux, cybersecurity, bug-bounty, bash, waf27-Jan-2025
Duplicate Accounts Using the Same Email [BUG]: A Business Logic Vulnerabilityhttps://medium.com/@osamamohamed21212121/duplicate-accounts-using-the-same-email-bug-a-business-logic-vulnerability-d1852a589c79?source=rss------bug_bounty-5Osamamohamed (db3wy)bug-bounty-tips, bugs, bug-bounty, cybersecurity, bug-bounty-writeup27-Jan-2025
how i got $$$$ from old public bug bounty programhttps://medium.com/@ibrahimsyamgame/how-i-got-from-old-public-bug-bounty-program-aee4af074bbd?source=rss------bug_bounty-5Ibrahimsyamgamebug-bounty, bug-bounty-tips, bug-bounty-writeup27-Jan-2025
Exploring the Top 10 Free OSINT Tools for 2025https://medium.com/@verylazytech/exploring-the-top-10-free-osint-tools-for-2025-5f23d0e4e49a?source=rss------bug_bounty-5Very Lazy Techrecon, hacking, cybersecurity, bug-bounty, osint27-Jan-2025
Admin Panel Login Bypass Programs HackerOne $3000https://medium.com/@HackerPlus/admin-panel-login-bypass-programs-hackerone-3000-4e95803fff92?source=rss------bug_bounty-5HackerPlus+bug-bounty, ctf-writeup, bugcrowd, ctf, hackerone27-Jan-2025
Automating Bug Bounty with Pythonhttps://medium.com/@Chandravarma.Hattaraki/automating-bug-bounty-with-python-ca146dcc5a9d?source=rss------bug_bounty-5Chandravarma.Hattarakibugbounty-automation, pentesting, vapt, vulnerability, bug-bounty27-Jan-2025
Beginner’s Toolkit: 9 Tools That Simplified My Cybersecurity Journeyhttps://medium.com/@d3vilz50n/beginners-toolkit-9-tools-that-simplified-my-cybersecurity-journey-420c3c320d0a?source=rss------bug_bounty-5d3vilz50nethical-hacking, hacking-tools, cybersecurity, bug-bounty, cybersecurity-tools27-Jan-2025
Finding Bugs Beyond the Obvious: A Rate Limit Bypass Storyhttps://medium.com/@dev.rawal0143/finding-bugs-beyond-the-obvious-a-rate-limit-bypass-story-d627e926b7e5?source=rss------bug_bounty-5Dev Rawalrate-limit-bypass, bugs, hackerone, rate-limiting, bug-bounty27-Jan-2025
$9,500 Bug Bounty: How I Chained IDOR and BAC to Discover This Critical Vulnerabilityhttps://medium.com/@ibtissamhammadi/9-500-bug-bounty-how-i-chained-idor-and-bac-to-discover-this-critical-vulnerability-a6ff942d4bac?source=rss------bug_bounty-5Ibtissam Hammadihacking, bug-bounty, cybersecurity, infosec, programing27-Jan-2025
“From Frustration to Fulfillment:Why Bug Bounty Hunting is Worth the Effort and How to Succeed”https://medium.com/@Arsenelupin12/from-frustration-to-fulfillment-why-bug-bounty-hunting-is-worth-the-effort-and-how-to-succeed-ed632833f78d?source=rss------bug_bounty-5Wasted Resourceshacking, hackathons, bug-bounty, bug-bounty-tips, cybersecurity27-Jan-2025
Guía de Bug Bounty Hunting #1https://medium.com/@mon.cybersec/gu%C3%ADa-de-bug-bounty-hunting-1-b40f056a98d8?source=rss------bug_bounty-5Mon Patiñocybersecurity, hacking, bug-bounty, ciberseguridad, bug-bounty-tips27-Jan-2025
2 good tools for subdomain enumeration.https://osintteam.blog/2-good-tools-for-subdomain-enumeration-fdceb84ac685?source=rss------bug_bounty-5loyalonlytodaypentesting, cybersecurity, subdomains-enumeration, reconnaissance, bug-bounty27-Jan-2025
ATM | Penetration Testinghttps://medium.com/@HackerPlus/atm-penetration-testing-24a9514c6858?source=rss------bug_bounty-5HackerPlus+ctf, pentesting, atm, bug-bounty, hacker27-Jan-2025
How I found a p4 as per bug crowd vrt.https://medium.com/h7w/how-i-found-a-p4-as-per-bug-crowd-vrt-aacbd2e9d285?source=rss------bug_bounty-5loyalonlytoday4ps, bug-bounty, ethical-hacking, cybersecurity, pentesting27-Jan-2025
HTTP Request Smuggling ft TryHackMe and morehttps://medium.com/@rizn0x0cruz/http-request-smuggling-a92a5411435e?source=rss------bug_bounty-5rinz0x0cruzweb-hacking, bug-bounty, tryhackme-writeup, cybersecurity, computer-science27-Jan-2025
The Evolution of Cybersecurity: Trends, Threats, and Solutions for 2025https://0xhassan.medium.com/the-evolution-of-cybersecurity-trends-threats-and-solutions-for-2025-d7f7a7726423?source=rss------bug_bounty-5Hassan Ali Arshadcybersecurity, bug-bounty, infosec, it, information-technology27-Jan-2025
Subdomain TakeOver Programs BugCrowd $2100 Bountyhttps://medium.com/@HackerPlus/subdomain-takeover-programs-bugcrowd-2100-bounty-f47e78cdb945?source=rss------bug_bounty-5HackerPlus+bug-bounty, bug-bounty-tips, ctf-writeup, ctf, hackerone27-Jan-2025
My Journey to Finding My First XSS Vulnerabilityhttps://medium.com/@shaikrief2/my-journey-to-finding-my-first-xss-vulnerability-a342f685d7dc?source=rss------bug_bounty-5Shxikrfbug-bounty, cybersecurity, bug-bounty-writeup27-Jan-2025
Way to find IDORs or Broken access bugshttps://medium.com/@curiouskhanna/way-to-find-idors-or-broken-access-bugs-2c9a07c32281?source=rss------bug_bounty-5Shubham Khannaidor, cybersecurity, bug-bounty, hacking, broken-access-control27-Jan-2025
These books will help to learn bug bounty & penetration testing and ethical hacking. Part 1.https://cybersecuritywriteups.com/these-books-will-help-to-learn-bug-bounty-penetration-testing-and-ethical-hacking-part-1-852f54c6e075?source=rss------bug_bounty-5loyalonlytodaybooks, pdf, bug-bounty, cybersecurity, ethical-hacking26-Jan-2025
These books will help to learn bug bounty & penetration testing and ethical hacking. Final part.https://cybersecuritywriteups.com/these-books-will-help-to-learn-bug-bounty-penetration-testing-and-ethical-hacking-final-part-b1147247c9dc?source=rss------bug_bounty-5loyalonlytodaybooks, bug-bounty, pdf, hacking, cybersecurity26-Jan-2025
These books will help to learn bug bounty & penetration testing and ethical hacking—part 2.https://cybersecuritywriteups.com/these-books-will-help-to-learn-bug-bounty-penetration-testing-and-ethical-hacking-part-2-7796010139e2?source=rss------bug_bounty-5loyalonlytodaybug-bounty, pdf, books, cybersecurity, hacking26-Jan-2025
Here are some solutions on countering CTF mistake happened while panicking and over extement.https://medium.com/@shalomo.social/here-are-some-solutions-on-countering-ctf-mistake-happened-while-panicking-and-over-extement-9f090424f08b?source=rss------bug_bounty-5Shalomo Agarwarkarbug-bounty, machine-learning, cryptocurrency, programming, data-science26-Jan-2025
Securing NASA For Certificate: P3 Vulnerabilityhttps://medium.com/@manan_sanghvi/securing-nasa-for-certificate-p3-vulnerability-272a6e5f2fca?source=rss------bug_bounty-5Manan Sanghvimanan-sanghvi, bug-bounty, nasa, penetration-testing, hacking26-Jan-2025
Finding an easy p4 bug.https://medium.com/cyberscribers-exploring-cybersecurity/finding-an-easy-p4-bug-489d91e9c754?source=rss------bug_bounty-5loyalonlytodaycybersecurity, hacking, bug-bounty, bugs, penetration-testing26-Jan-2025
Técnicas Avanzadas para Analizar y Comprender Web Application Firewalls (WAF)https://medium.com/@kimera71/t%C3%A9cnicas-avanzadas-para-analizar-y-comprender-web-application-firewalls-waf-515713cf6edd?source=rss------bug_bounty-5Kimerared-team, bug-bounty, waf, pentesting26-Jan-2025
Light: TryHackMe Writeuphttps://medium.com/@samyakkatiyar2/light-tryhackme-writeup-230c3d6c26ca?source=rss------bug_bounty-5Samyakkatiyarctf-writeup, ethical-hacking, cybersecurity, bug-bounty, application-security26-Jan-2025
Beginner’s Guide to Bug Bounty: Easy Tips for Finding Open Redirect Vulnerabilitieshttps://medium.com/@anishnarayan/beginners-guide-to-bug-bounty-easy-tips-for-finding-open-redirect-vulnerabilities-ffda668e6533?source=rss------bug_bounty-5Anish Narayanbug-bounty-tips, open-redirect, bug-bounty, bug-bounty-writeup, bug-bounty-hunting26-Jan-2025
Unlock the Full Potential of the Wayback Machine for Bug Bountyhttps://infosecwriteups.com/unlock-the-full-potential-of-the-wayback-machine-for-bug-bounty-8b6f57e2637d?source=rss------bug_bounty-5coffinxpbug-bounty-tips, technology, tech, hacking, bug-bounty26-Jan-2025
How I “Hacked” discord.rockshttps://medium.com/@iusedarchbtw/how-i-hacked-discord-rocks-8044266b4775?source=rss------bug_bounty-5Wuemelidiscord, bug-bounty26-Jan-2025
Waybackurls: The Ultimate Tool for Recon in Bug Bounty Huntinghttps://medium.com/@verylazytech/waybackurls-the-ultimate-tool-for-recon-in-bug-bounty-hunting-3465a1786162?source=rss------bug_bounty-5Very Lazy Techrecon, waybackurls, hacking, bug-bounty, cybersecurity26-Jan-2025
Ransomware Gang Exploits SSH Tunnels for Stealthy VMware ESXi Accesshttps://medium.com/@wiretor/ransomware-gang-exploits-ssh-tunnels-for-stealthy-vmware-esxi-access-1f281b18deb8?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, malware, ai, hacking, bug-bounty26-Jan-2025
Mastering Amass: The Ultimate Recon Toolkithttps://medium.com/@muhammad4208/mastering-amass-the-ultimate-recon-toolkit-d66a56627849?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-tips, reconnaissance, enumeration, bug-bounty26-Jan-2025
Silver Platter | TryHackMe | Walkthroughhttps://medium.com/@lkmn1/silver-platter-tryhackme-walkthrough-7ae5719aa8c0?source=rss------bug_bounty-5Lukman Ardiyansyahhacking, pentesting, linux, cybersecurity, bug-bounty26-Jan-2025
How I Gained Admin Access Through DeepLink Hijackinghttps://medium.com/@k3r0/privilege-escalation-via-deeplink-hijacking-23b30f74b0ff?source=rss------bug_bounty-5Kyrillos nadypenetration-testing, hacking, mobile-app-development, bug-bounty, android26-Jan-2025
If Bug Bounty Programs Are So Effective, Why Don’t Most Companies Have Them?https://medium.com/@hackrate/if-bug-bounty-programs-are-so-effective-why-dont-most-companies-have-them-fbba2f221089?source=rss------bug_bounty-5Levente Molnarbug-bounty, hacking, cybersecurity, ethical-hacking, bug-bounty-tips26-Jan-2025
Netgate Needs a Bug Bountyhttps://medium.com/cloud-security/netgate-needs-a-bug-bounty-90ae5eebe821?source=rss------bug_bounty-5Teri Radichelbug-bounty, ubiquiti, pfsense, troubleshooting, net-gate26-Jan-2025
Exploiting XSS To Steal Cookieshttps://osintteam.blog/exploiting-xss-to-steal-cookies-f0aebdcd815b?source=rss------bug_bounty-5The Cybersec Cafébug-bounty-tips, penetration-testing, cybersecurity, bug-bounty, information-security25-Jan-2025
Threat Hunting with Python (Cybersecurity)https://medium.com/@paritoshblogs/threat-hunting-with-python-cybersecurity-b90b76415972?source=rss------bug_bounty-5Paritoshcybersecurity, threat-hunting, bug-bounty, programming, python25-Jan-2025
How I Turned a Tiny Security Flaw into a $250 Bountyhttps://medium.com/@ramshath1999/how-i-turned-a-tiny-security-flaw-into-a-250-bounty-90a0227d6c6f?source=rss------bug_bounty-5Ramshathpentesting, bug-bounty, bug-bounty-tips, bug-bounty-writeup25-Jan-2025
How I Discovered a Bypass in WhatsApp’s “View Once” Featurehttps://medium.com/@ramshath1999/how-i-discovered-a-bypass-in-whatsapps-view-once-feature-aea3bdf6405a?source=rss------bug_bounty-5Ramshathhacking, bug-bounty, pentesting, meta25-Jan-2025
How to Bypass SSL Pinning for Android Apps: A Step-by-Step Guide for Security Testinghttps://medium.com/@usmandasthaheer/how-to-bypass-ssl-pinning-for-android-apps-a-step-by-step-guide-for-security-testing-13f2f4d10a2e?source=rss------bug_bounty-5The Cyber Monkeybug-bounty, penetration-testing, bug-bounty-tips, cybersecurity25-Jan-2025
Practical Bug Bounty: A Complete Guide to Finding & Reporting Vulnerabilitieshttps://santhosh-adiga-u.medium.com/practical-bug-bounty-a-complete-guide-to-finding-reporting-vulnerabilities-b46a79910ab8?source=rss------bug_bounty-5Santhosh Adiga Ubug-bounty, ethical-hacking, penetration-testing, cybersecurity25-Jan-2025
Hello everyone!https://medium.com/@sahusujal.dev2004/hello-everyone-8550eb37820f?source=rss------bug_bounty-5Sujal Sahubug-bounty-tips, bug-bounty, bounty-program, bug-bounty-dorks, bug-bounty-program25-Jan-2025
JSON Web Token (JWT) Vulnerabilities: Breaking Tokens for Fun and Profithttps://medium.com/@HackerNasr/json-web-token-jwt-vulnerabilities-breaking-tokens-for-fun-and-profit-cf36fc0122db?source=rss------bug_bounty-5HackerNasrweb-security, bug-bounty, infosec, pentesting, ethical-hacking25-Jan-2025
Business Logic Vulnerability — IDOR (Insecure Direct Object Reference)https://medium.com/@ilhambachtiar578/business-logic-vulnerability-idor-insecure-direct-object-reference-3dfe04298392?source=rss------bug_bounty-5Ilhambachtiaridor, penteration-testing, idor-vulnerability, bug-bounty, cybersecurity25-Jan-2025
FINDING UNIQUE BUG BOUNTY PROGRAMShttps://medium.com/@sahusujal.dev2004/hello-everyone-8550eb37820f?source=rss------bug_bounty-5Sujal Sahubug-bounty-tips, bug-bounty, bounty-program, bug-bounty-dorks, bug-bounty-program25-Jan-2025
$35K Bug Bounty: Python Scripts Crack Subdomainshttps://medium.com/@ibtissamhammadi/35k-bug-bounty-python-scripts-crack-subdomains-bd2a131cc372?source=rss------bug_bounty-5Ibtissam Hammadipython-hacking, bug-bounty, ethical-hacking, cybersecurity, network-security25-Jan-2025
OSINT (Reconnaissance) section: What is GithubDorking ?https://medium.com/@nagavicyn2/osint-reconnaissance-section-what-is-githubdorking-0145221d1206?source=rss------bug_bounty-5Jioninbug-bounty, github, github-dorking, reconnaissance, osint25-Jan-2025
Hemos lanzado un programa de recompensas por errores de $500,000 para identificar vulnerabilidades…https://medium.com/@dolaresciberneticos/hemos-lanzado-un-programa-de-recompensas-por-errores-de-500-000-para-identificar-vulnerabilidades-d4c16fe7ec84?source=rss------bug_bounty-5Carlos Melgarproof-system, expander-polyhdera, zero-knowledge, bug-bounty, expander25-Jan-2025
How I Found a Vulnerability in Lemonsqueezy’s Checkout Flowhttps://medium.com/@rstuv/how-i-found-a-vulnerability-in-lemonsqueezys-checkout-flow-393cc7026ab0?source=rss------bug_bounty-5rstuvbug-bounty, cybersecurity25-Jan-2025
Zyxel Warns of Critical Firewall Issues Due to Faulty Updatehttps://medium.com/@wiretor/zyxel-warns-of-critical-firewall-issues-due-to-faulty-update-1bedcc5ad085?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, bug-bounty, zynel, malware, hacking25-Jan-2025
Privilege Escalation in GraphQL : Exploiting Finance Role Token to Access Admin Data : Part 1https://hackersatty.medium.com/privilege-escalation-in-graphql-exploiting-finance-role-token-to-access-admin-data-part-1-7a017a7aeb89?source=rss------bug_bounty-5hackersattyidor, vulnerability, medium, bug-bounty, graphql25-Jan-2025
PayPal Agrees to $2 Million Settlement Over 2022 Data Breachhttps://medium.com/@wiretor/paypal-agrees-to-2-million-settlement-over-2022-data-breach-672e1b417dcc?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, malware, bug-bounty, paypal, money25-Jan-2025
Subdomain enumeration technique to discover critical vulnerabilities…https://mahim-firoj.medium.com/subdomain-enumeration-technique-to-discover-critical-vulnerabilities-dfb4f4daa1af?source=rss------bug_bounty-5Md. Mahim Bin Firojvulnerability-assessment, subdomain, cybersecurity, bug-bounty, enumeration25-Jan-2025
Shodan Dorking : 50+ Dorks To Uncover Hidden Worldhttps://bitpanic.medium.com/shodan-dorking-50-dorks-to-uncover-hidden-world-41e10819b7c8?source=rss------bug_bounty-5Spectat0rguycybersecurity, bug-bounty-tips, programming, bug-bounty, technology25-Jan-2025
Comprehensive Guide to SQL Injection Attacks: Understanding and Prevention | By Gentil Securityhttps://gentilsecurity.medium.com/comprehensive-guide-to-sql-injection-attacks-understanding-and-prevention-by-gentil-security-8f02e3461344?source=rss------bug_bounty-5Gentil Securitypenetration-testing, sql-injection, cybersecurity, web-vulnerabilities, bug-bounty25-Jan-2025
Full GitHub Dorking guide: for OSINT and BugBounty (Reconnaissance)https://infosecwriteups.com/full-github-dorking-guide-for-osint-and-bugbounty-reconnaissance-27557fb67ee0?source=rss------bug_bounty-5Jioningithub, reconnaissance, bug-bounty, osint, github-dorking25-Jan-2025
Making use of Javascript Source Maps (js.map) files in Bug Bounty — Information gathering tipshttps://medium.com/@0x_Ju1ian/making-use-of-javascript-source-maps-js-map-files-in-bug-bounty-information-gathering-tips-87deddf1aa8d?source=rss------bug_bounty-50x_Ju1ianbug-bounty-tips, bug-bounty24-Jan-2025
$200 Easy Directory Listing Vulnerability on a US Websitehttps://cybersecuritywriteups.com/200-easy-directory-listing-vulnerability-on-a-us-website-7d35fcda8aa2?source=rss------bug_bounty-5Abhijeet kumawatinfosec, bug-bounty, hacking, medium, money24-Jan-2025
CTF vs. Bug Bounty: Navigating Two Worlds of Cybersecurityhttps://medium.com/@mehakchoradia1/ctf-vs-bug-bounty-navigating-two-worlds-of-cybersecurity-919ed152bed3?source=rss------bug_bounty-5Mehakchoradiaguidance, cybersecurity, capture-the-flag, careers, bug-bounty24-Jan-2025
How I Found a Stripe Key Disclosure Leading to PII Exposurehttps://medium.com/@nihaltikka/how-i-found-a-stripe-key-disclosure-leading-to-pii-exposure-6e57d5fca9d5?source=rss------bug_bounty-5EL_Cazad0rbug-bounty, bug-bounty-tips, bug-bounty-writeup, penetration-testing24-Jan-2025
Broken Link : My Story Of Hijacking a Twitter Handlehttps://bitpanic.medium.com/broken-link-my-story-of-hijacking-a-twitter-handle-f087536db8c5?source=rss------bug_bounty-5Spectat0rguycybersecurity, technology, programming, bug-bounty, bug-bounty-tips24-Jan-2025
How to Spot XSS Bugs on Any Websitehttps://medium.com/h7w/how-to-spot-xss-bugs-on-any-website-5b4eed955c35?source=rss------bug_bounty-5Rendieropenetration-testing, xss-attack, red-team, bug-bounty, vulnerability24-Jan-2025
Bug Bounty Scams in 2025: How to Identify Fake Opportunities and Safeguard Yourselfhttps://medium.com/@adibostoninstitute123/bug-bounty-scams-in-2025-how-to-identify-fake-opportunities-and-safeguard-yourself-e08cd7af5bce?source=rss------bug_bounty-5Aditya Tripathicybersecurity, learn-ethical-hacking, bug-bounty, cybersecurity-course, ethical-hacking-course24-Jan-2025
Subdomain Enumeration: A Practical Guidehttps://medium.com/@nakshatrasirohi/subdomain-enumeration-a-practical-guide-31eb662d3bfb?source=rss------bug_bounty-5Nakshatra Sirohireconnaissance, bug-bounty, bug-bounty-tips, hacking-tools, recon24-Jan-2025
Exploiting XSS via Markdown on Xiaomihttps://medium.com/@n45ht/exploiting-xss-via-markdown-on-xiaomi-ad93519a42f5?source=rss------bug_bounty-5N45HTweb-security, cross-site-scripting, xs, bug-bounty, markdown24-Jan-2025
Bypassed Access Control Using a Simple Method-Based Request Trick  —  Access Control Labshttps://bashoverflow.medium.com/bypassed-access-control-using-a-simple-method-based-request-trick-access-control-labs-61ec15242d88?source=rss------bug_bounty-5Bash Overflowbypass-access-control, http-method-based-bypass, privilege-escalation, bug-bounty, access-control-flaw24-Jan-2025
Linux Basics for Hackers, Developers, and System Administratorshttps://medium.com/@v1xtron/linux-basics-for-hackers-developers-and-system-administrators-419b828f2a98?source=rss------bug_bounty-5v1xtronbug-bounty, bug-bounty-writeup, ethical-hacking, linux, system-administration24-Jan-2025
Currently Bugcrowd has over 1400 bug bounty programs. Is it really so good?https://medium.com/@hackrate/currently-bugcrowd-has-over-1400-bug-bounty-programs-is-it-really-so-good-383130cfb406?source=rss------bug_bounty-5Levente Molnarcybersecurity, ethical-hacking, bug-bounty, hacking, bug-bounty-tips24-Jan-2025
Become a Bug Bounty Expert: Tips to Maximize Your Earningshttps://medium.com/@ramanidhaval11/become-a-bug-bounty-expert-tips-to-maximize-your-earnings-1cd13984631a?source=rss------bug_bounty-5Er Dhaval Ramaniai, cybersecurity, bug-bounty24-Jan-2025
Admin Panel Exploit to Access Logitech Dashboardhttps://medium.com/@asingh25377/admin-panel-exploit-to-access-logitech-dashboard-e4c3943dbf21?source=rss------bug_bounty-5aman singhbugbounty-writeup, bugs, bug-bounty24-Jan-2025
CORS Misconfigurations: How Poor Policies Open Doors to Exploitshttps://medium.com/@HackerNasr/cors-misconfigurations-how-poor-policies-open-doors-to-exploits-ef0af71e0302?source=rss------bug_bounty-5HackerNasrpenetration-testing, infosec, bug-bounty, ethical-hacking, web-security24-Jan-2025
Best Linux Distros for Cyber Security , Web & App Developmenthttps://bitpanic.medium.com/best-linux-distros-for-cyber-security-web-app-development-72422faa37a2?source=rss------bug_bounty-5Spectat0rguybug-bounty, web-development, cybersecurity, technology, programming24-Jan-2025
SQL injection in largest Electricity Board of Sri Lankahttps://infosecwriteups.com/sql-injection-in-largest-electricity-board-of-sri-lanka-1a55c12104bd?source=rss------bug_bounty-5coffinxptechnology, sql-injection, sql, hacking, bug-bounty24-Jan-2025
Bypassing Rate Limit Protection to Account Takeoverhttps://medium.com/@sohailahmed0x0/bypassing-rate-limit-protection-to-account-takeover-fe44598fc1df?source=rss------bug_bounty-5Sohail Ahmedbrute-force, rate-limiting, cybersecurity, bug-bounty, pentesting24-Jan-2025
Setting up Lab for Active Directoryhttps://medium.com/@sohailahmed0x0/setting-up-lab-for-active-directory-9b0cb69041cd?source=rss------bug_bounty-5Sohail Ahmedcybersecurity, infosec, bug-bounty, active-directory, pentesting24-Jan-2025
Escalate P3 SSRF TO P1https://medium.com/@anonanoon9/escalate-p3-ssrf-to-p1-a9ed4eaaefeb?source=rss------bug_bounty-5Yazeed Bilalbug-bounty, bug-bounty-strategy, bug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup23-Jan-2025
Easy $10,000 bounty using Wayback Machinehttps://blog.bugbountyhunter.xyz/easy-10-000-bounty-using-wayback-machine-1b08e3b1cafe?source=rss------bug_bounty-5Japz Divinobug-bounty-tips, bug-bounty-writeup, hackerone, bug-bounty23-Jan-2025
Create Your Free Red Teaming Lab at Zero Cost!https://medium.com/@paritoshblogs/create-your-free-red-teaming-lab-at-zero-cost-d2547b2de11a?source=rss------bug_bounty-5Paritoshcybersecurity, how-to, bug-bounty, hacking, pentesting23-Jan-2025
A Simple P2 Bug Via Forced Browsinghttps://medium.com/@cyberpro151/a-simple-p2-bug-via-forced-browsing-d4926a82891f?source=rss------bug_bounty-5cyberpro151bug-bounty, bug-bounty-writeup, bug-bounty-tips, broken-access-control, cybersecurity23-Jan-2025
Get sonyliv free subscriptionshttps://medium.com/@hrofficial62/get-sonyliv-free-subscriptions-fcc58f89bae6?source=rss------bug_bounty-5Mr Horbiobug-bounty, bugbounty-writeup, cybersecurity, pentesting, hacki23-Jan-2025
Exposed Credentials Guide: Not just in client javascripts || 101 case studieshttps://medium.com/@illoyscizceneghposter/exposed-credentials-guide-not-just-in-client-javascripts-101-case-studies-131b765e07a2?source=rss------bug_bounty-5Illoy Scizceneghposterbug-bounty, hacking, infosec23-Jan-2025
Security Risks of Medium Paywall Bypass Methods.https://pwndecoco.medium.com/security-risks-of-medium-paywall-bypass-methods-28b92f557a3a?source=rss------bug_bounty-5Pwndec0c0bug-bounty, hacking, bug-bounty-writeup, bug-bounty-tips, medium23-Jan-2025
$600 Vulnerability: My First Bug Hunting Journeyhttps://asyary.medium.com/600-vulnerability-my-first-bug-hunting-journey-98b961a62f4b?source=rss------bug_bounty-5Asyary Raihanbug-bounty, bug-hunting, bug-bounty-writeup, hacking, cybersecurity23-Jan-2025
Introducing AZEx Incentivized Testnethttps://medium.com/@AZEX.io/introducing-azex-incentivized-testnet-04ddc32d83a1?source=rss------bug_bounty-5AZEXtestnet, berachain, defi, azex, bug-bounty23-Jan-2025
How a Vulnerability in Cinema Booking Systems Can Block Seats and Impact Revenuehttps://medium.com/@anonymousshetty2003/how-a-vulnerability-in-cinema-booking-systems-can-block-seats-and-impact-revenue-c28e93d26616?source=rss------bug_bounty-5Anonymousshettybug-bounty-writeup, bug-bounty, ethical-hacking, hacking, cybersecurity23-Jan-2025
Finding more subdomains.(part 2)https://medium.com/readers-club/finding-more-subdomains-part-2-07a64b331b43?source=rss------bug_bounty-5loyalonlytodaycybersecurity, penetration-testing, subdomains-enumeration, hacking, bug-bounty23-Jan-2025
$5,000 Bug Bounty: The Hacker’s Unexpected Goldminehttps://medium.com/@ibtissamhammadi/5-000-bug-bounty-the-hackers-unexpected-goldmine-b87ab9fd0c3b?source=rss------bug_bounty-5Ibtissam Hammadibug-bounty, ethical-hacking, cybersecurity, infosec, tech-jobs23-Jan-2025
OSINT (Reconnaissance) section: What is GitDorking ?https://medium.com/@nagavicyn2/osint-reconnaissance-section-what-is-gitdorking-3215520de9c7?source=rss------bug_bounty-5Jioningithub, osint, recon, bug-bounty, pentesting23-Jan-2025
Next.js, cache, and chains: the stale elixirhttps://medium.com/@zhero_/next-js-cache-and-chains-the-stale-elixir-a4c6b3062e1b?source=rss------bug_bounty-5Rachid.Ajavascript, cve, hacking, nextjs, bug-bounty23-Jan-2025
The Ultimate Guide to Hacking AWS S3: Find Vulnerable Buckets and Earn Big $$$$https://medium.com/@nebty/the-ultimate-guide-to-hacking-aws-s3-find-vulnerable-buckets-and-earn-big-5b089d921814?source=rss------bug_bounty-5Nebtypenetration-testing, cybersecurity, ethical-hacking, bug-bounty, s323-Jan-2025
Biggest innovation in Penetration Testing so farhttps://medium.com/@hackrate/biggest-innovation-in-penetration-testing-so-far-d6fac4800119?source=rss------bug_bounty-5Levente Molnarethical-hacking, bug-bounty, penetration-testing, cybersecurity, hacking23-Jan-2025
How To Convert Your Android Device In A Recon Device ?https://bitpanic.medium.com/how-to-convert-your-android-device-in-a-recon-device-4ad22c3bbdab?source=rss------bug_bounty-5Spectat0rguybug-bounty, technology, programming, bug-bounty-tips, cybersecurity23-Jan-2025
How I Found a Bug in Sony and Earned Exclusive Swag!https://medium.com/@josekuttykunnelthazhebinu/how-i-found-a-bug-in-sony-and-earned-exclusive-swag-f565d56c395e?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binubug-bounty, cybersecurity, programming, technology, vulnerability23-Jan-2025
Essential Tools and Technologies Every SOC Analyst Must Master to Stay Ahead in Cybersecurityhttps://mhmmuneef.medium.com/essential-tools-and-technologies-every-soc-analyst-must-master-to-stay-ahead-in-cybersecurity-50d76cc87ec5?source=rss------bug_bounty-5Mohammed Muneefhacking, bug-bounty, cybersecurity, technology, soc23-Jan-2025
CTI REPORT - LockBit 3.0:https://medium.com/@muhammetalgan3547/cti-report-lockbit-3-0-33e224e1d8d6?source=rss------bug_bounty-5Muhammet ALGANbug-bounty, cybersecurity, incident-response, cyber-threat-intelligence, hacking23-Jan-2025
Unique ways to Recon for Bug Hunters: Short series [Part 1]https://osintteam.blog/unique-ways-to-recon-for-bug-hunters-short-series-part-1-7e91f3fcfe25?source=rss------bug_bounty-5RivuDonethical-hacking, infosec, bug-bounty-tips, bug-bounty-writeup, bug-bounty22-Jan-2025
Polluting My Way to Victory: How I Found HTTP Parameter Pollution (HPP) and Exploited It Like a Prohttps://myselfakash20.medium.com/polluting-my-way-to-victory-how-i-found-http-parameter-pollution-hpp-and-exploited-it-like-a-pro-c4cf39ec90fe?source=rss------bug_bounty-5Akash Ghoshcybersecurity, bug-bounty, bug-bounty-writeup, technology, bug-bounty-tips22-Jan-2025
Appreciation Letter from NASA for Uncovering Unauthorized file Accesshttps://medium.com/@hackxb12/appreciation-letter-from-nasa-for-uncovering-unauthorized-file-access-a1d1497a33e6?source=rss------bug_bounty-5Bhautik Patelcybersecurity, bug-bounty22-Jan-2025
Threat Hunting Using Powershellhttps://medium.com/@paritoshblogs/threat-hunting-using-powershell-ce8502307b65?source=rss------bug_bounty-5Paritoshprogramming, threat-hunting, bug-bounty, cybersecurity, powershell22-Jan-2025
Earn $100–500 after Pentesting OAuthhttps://medium.com/@anandrishav2228/earn-100-500-after-pentesting-oauth-02018371d4c2?source=rss------bug_bounty-5Rishav anandpentesting, money, cybersecurity, oauth, bug-bounty22-Jan-2025
Polluting My Way to Victory: How I Found HTTP Parameter Pollution (HPP) and Exploited It Like a Prohttps://osintteam.blog/polluting-my-way-to-victory-how-i-found-http-parameter-pollution-hpp-and-exploited-it-like-a-pro-c4cf39ec90fe?source=rss------bug_bounty-5Akash Ghoshcybersecurity, programming, bug-bounty, bug-bounty-writeup, technology22-Jan-2025
BY USING JAVASCRIPT ANALYSIS GOT 200$ for JUST AN API TOKEN Leak [Information Disclosure…https://medium.com/@hrofficial62/by-using-javascript-analysis-got-200-for-just-an-api-token-leak-information-disclosure-a2f1868ab94f?source=rss------bug_bounty-5Mr Horbioethical-hacking, bug-bounty, cybersecurity, pentesting, hacking22-Jan-2025
What if XML-RPC.php file show 403 Forbiddenhttps://medium.com/@hrofficial62/what-if-xml-rpc-php-file-show-403-forbidden-0ba7141a8d52?source=rss------bug_bounty-5Mr Horbiobug-bounty, hacking, penetration-testing, wordpress, cybersecurity22-Jan-2025
Recon | Subdomainshttps://z0enix.medium.com/recon-subdomains-230f37ea97b1?source=rss------bug_bounty-5Mohamed Hamadourecon, subdomain, bug-bounty, bug-bounty-tips22-Jan-2025
CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)https://z0enix.medium.com/cwe-79-improper-neutralization-of-input-during-web-page-generation-cross-site-scripting-db5719c34014?source=rss------bug_bounty-5Mohamed Hamadoubug-bounty, vulnerability22-Jan-2025
Account Tackoverhttps://z0enix.medium.com/account-tackover-765357c12e45?source=rss------bug_bounty-5Mohamed Hamadoubug-bounty, bug-bounty-tips22-Jan-2025
How I Hacked a User Management System and Found 3 Critical GraphQL Vulnerabilitieshttps://medium.com/@4bdo/how-i-hacked-a-user-management-system-and-found-3-critical-graphql-vulnerabilities-4362eff1a38f?source=rss------bug_bounty-54bd0_m4g3dinfosec, cybersecurity, data-privacy, bug-bounty, ethical-hacking22-Jan-2025
Understanding Privilege Escalation in Linux and Windows Systems - [Part 1]https://bashoverflow.medium.com/understanding-privilege-escalation-in-linux-and-windows-systems-part-1-f9c98c8a0a14?source=rss------bug_bounty-5Bash Overflowprivilege-escalation, penetration-testing, bug-bounty, linux-priv-esc, windows-priv-escalation22-Jan-2025
CertificateFinder: A Game-Changer for All Hidden Subdomains(freeGUI tool)https://anontriager.medium.com/certificatefinder-a-game-changer-for-all-hidden-subdomains-freegui-tool-c9c58c910b3c?source=rss------bug_bounty-5Anonymous Traigerjobs, hacking, bug-bounty, programming, developer22-Jan-2025
My Bug Bounty Journey: A Middle-Class Kid’s Quest for Free and Beyondhttps://medium.com/@vivekps143/my-bug-bounty-journey-a-middle-class-kids-quest-for-free-and-beyond-1cd6b65240d6?source=rss------bug_bounty-5Vivek PSbug-bounty-writeup, web-security, hacking, bug-bounty22-Jan-2025
The Biggest Bug Bounty Payouts of All Time and What We Learnedhttps://medium.com/@hackrate/the-biggest-bug-bounty-payouts-of-all-time-and-what-we-learned-0a35c8a327c2?source=rss------bug_bounty-5Levente Molnarbug-bounty, cybersecurity, ethical-hacking, hacking, bug-bounty-tips22-Jan-2025
IPany VPN Breached in Supply-Chain Attack: Hackers Deploy SlowStepper Malwarehttps://medium.com/@wiretor/ipany-vpn-breached-in-supply-chain-attack-hackers-deploy-slowstepper-malware-ba0ae1c2ddb9?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacker, ai, malware, hacking22-Jan-2025
️ How to Stay Anonymous Online: A Hacker’s Perspectivehttps://medium.com/@atnoforcybersecurity/%EF%B8%8F-how-to-stay-anonymous-online-a-hackers-perspective-920b4bdc2401?source=rss------bug_bounty-5ATNO For Cybersecurity | Hackingbug-bounty, cybersecurity, cyberattack, cybercrime22-Jan-2025
Easy Hacking with Google Dorking — Finding NASA High P2 Vulnerabilityhttps://abhirdd.medium.com/easy-hacking-with-google-dorking-finding-nasa-high-p2-vulnerability-8b9797eac370?source=rss------bug_bounty-5Abhi Rantia Dharmawanbug-bounty-tips, bugcrowd, bug-bounty, bug-bounty-writeup, nasa22-Jan-2025
Intent Redirect: Unlocking Hidden Pathways in Android Applicationshttps://medium.com/@k3r0/intent-redirect-unlocking-hidden-pathways-in-android-applications-8f3390965236?source=rss------bug_bounty-5Kyrillos nadyandroid-app-development, hacking, mobile-app-development, bug-bounty, pentesting22-Jan-2025
Basic Windows CMD Commands for Hackers: A Guide to Privilege Escalationhttps://medium.com/@ajudeb55/basic-windows-cmd-commands-for-hackers-a-guide-to-privilege-escalation-99ad396aadf6?source=rss------bug_bounty-5Aju Debbug-bounty, money, technology, programming, cybersecurity21-Jan-2025
From Order to Exploit: A Deep Dive into Restaurant Network Securityhttps://medium.com/@davimouar/from-order-to-exploit-a-deep-dive-into-restaurant-network-security-64aeaf3a6f64?source=rss------bug_bounty-5Davi Mouraprogramming, bug-bounty, cybersecurity, hacking, security21-Jan-2025
Comprehensive XSS Learning Roadmaphttps://medium.com/@shuklaneel525/comprehensive-xss-learning-roadmap-6f48585d8fe8?source=rss------bug_bounty-5NEEL SHUKLAcross-site-scripting, bug-bounty-tips, cybersecurity, ethical-hacking, bug-bounty21-Jan-2025
Earn $1000–2000 by identifying Common vulnerability in Tech.https://medium.com/@anandrishav2228/earn-1000-2000-by-identifying-common-vulnerability-in-tech-e8fd44da2a1c?source=rss------bug_bounty-5Rishav anandbug-bounty, security, hacking, cyber, money21-Jan-2025
These Hackers Earn 7 figure incomehttps://medium.com/@BlackHat123/these-hackers-earn-7-figure-income-73013c4225f4?source=rss------bug_bounty-5blackhatbug-bounty, ethical-hacking, earn-money-online, hackerone, hacker21-Jan-2025
How a Routine Security Test Led to My First CVE and Bug Bounty: Lessons in API Security and Beyondhttps://tech.cashfree.com/how-a-routine-security-test-led-to-my-first-cve-and-bug-bounty-lessons-in-api-security-and-beyond-8f0da2bb553e?source=rss------bug_bounty-5Anubhav Sharmavulnerability, api-security, infosec, bug-bounty, cybersecurity21-Jan-2025
I found my first bug [Google Dorking]https://medium.com/@krishnathegr817/i-found-my-first-bug-google-dorking-30c974be94f2?source=rss------bug_bounty-5Krishna Agarwalcybersecurity, bug-bounty, first-bug21-Jan-2025
Easy MFA Setup bypass Lead to unauthorized access to PII data Of usershttps://medium.com/@0xOsman/easy-mfa-setup-bypass-lead-to-unauthorized-access-to-pii-data-of-users-443d41ae98a3?source=rss------bug_bounty-5Abdalah Osman2fa-bypass, bug-bounty, bugbounty-writeup, bugbounty-tips21-Jan-2025
“My Journey as a Bug Hunter: Reporting to the Dutch Government”https://cybersecuritywriteups.com/my-journey-as-a-bug-hunter-reporting-to-the-dutch-government-7bfd18d616fa?source=rss------bug_bounty-5Taha Diwanhacking, dutch-government, bug-bounty, cybersecurity, ethical-hacking21-Jan-2025
Bug Bounty Insights: 10 Key Findings - ZeroClick Account Takeover - Part 5https://medium.com/@maakthon/bug-bounty-insights-10-key-findings-zeroclick-account-takeover-part-5-a6acb3dce5e7?source=rss------bug_bounty-5Mahmoud Abd Alkarimweb-development, bug-bounty, hacking, account-takeover, bugbounty-writeup21-Jan-2025
How AI and Free Open-Source Tools are Revolutionizing Bug Bounty Huntinghttps://medium.com/@zoningxtr/how-ai-and-free-open-source-tools-are-revolutionizing-bug-bounty-hunting-37241798177b?source=rss------bug_bounty-5Zoningxtrbug-bounty, cybersecurity, penetration-testing21-Jan-2025
Unauthenticated Vulnerabilities: Maximum Impact $$$https://medium.com/@HackerNasr/unauthenticated-vulnerabilities-maximum-impact-9b51b4a0c719?source=rss------bug_bounty-5HackerNasrinformation-security, cyberattack, bug-bounty, cybersecurity, vulnerability21-Jan-2025
How to Install MobSF on Kali Linux for Android Application Pentesting (2025)https://medium.com/@usmandasthaheer/how-to-install-mobsf-on-kali-linux-for-android-application-pentesting-2025-50c4948a1c0d?source=rss------bug_bounty-5Usman Dasthaheerpenetration-testing, bug-bounty, cybersecurity, kali-linux21-Jan-2025
7-Zip Fixes Bug That Bypasses Windows MoTW Security Warningshttps://medium.com/@wiretor/7-zip-fixes-bug-that-bypasses-windows-motw-security-warnings-569ac8a89068?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, bug-bounty, 7zip, money, malware21-Jan-2025
Hi everyone, and welcome to this lab project: Finding Open Service Ports Using Kali Linux.https://medium.com/@.rai/hi-everyone-and-welcome-to-this-lab-project-finding-open-service-ports-using-kali-linux-9be24cde101e?source=rss------bug_bounty-5Gamuchiraiopen-source, metasploitable, nmap, kali, bug-bounty21-Jan-2025
The correct approach to testing for privilege escalation bugs...❕❗https://medium.com/@mahdisalhi0500/the-correct-approach-to-testing-for-privilege-escalation-bugs-d03bd9281a3e?source=rss------bug_bounty-5CaptinSHArky(Mahdi)infosec, bug-bounty-tips, penetration-testing, information-security, bug-bounty21-Jan-2025
How to transition from Pentesting to Bug Bounty Huntinghttps://medium.com/@hackrate/how-to-transition-from-pentesting-to-bug-bounty-hunting-f98398c4ea0a?source=rss------bug_bounty-5Levente Molnarpenetration-testing, hacking, bug-bounty, cybersecurity, ethical-hacking21-Jan-2025
WordPress Hacking 2025https://medium.com/infosec-notes/wordpress-hacking-2025-03985e7d2e08?source=rss------bug_bounty-5Mr Horbiowordpress, pentesting, cybersecurity, ethical-hacking, bug-bounty21-Jan-2025
response manipulation leads to access admin panelhttps://medium.com/@ajax12395/response-manipulation-leads-to-access-admin-panel-2295655c646d?source=rss------bug_bounty-5xlr7bug-bounty20-Jan-2025
How I Turned a $10 RFI Bug into a $300 RCE Bounty (Step-by-Step Guide)https://medium.com/@ibtissamhammadi/how-i-turned-a-10-rfi-bug-into-a-300-rce-bounty-step-by-step-guide-75042267969a?source=rss------bug_bounty-5Ibtissam Hammadiweb-security, rce, rfi, infosec, bug-bounty20-Jan-2025
Found HTML Injection in Emails! Earned HOFhttps://medium.com/@dsmodi484/found-html-injection-in-emails-earned-hof-24a8a8223f29?source=rss------bug_bounty-5cryptoshantcybersecurity, hacking, security, html, bug-bounty20-Jan-2025
Insecure Direct Object Reference (iDOR) via Programs HackerOnehttps://medium.com/@HackerPlus/insecure-direct-object-reference-idor-via-programs-hackerone-3c8e261b7ca3?source=rss------bug_bounty-5HackerPlus+ctf, bug-bounty, bug-bounty-writeup, bug-bounty-tips, hackerone20-Jan-2025
How to Prepare for Incident Response ? A Step-by-Step Guide for Studentshttps://mhmmuneef.medium.com/how-to-prepare-for-incident-response-a-step-by-step-guide-for-students-fcf9f77cc56b?source=rss------bug_bounty-5Mohammed Muneefbug-bounty, study-abroad, cybersecurity, technology, incident-response20-Jan-2025
Unlock Hidden Backups with wayBackupFinder.pyhttps://anmolksachan.medium.com/unlock-hidden-backups-with-waybackupfinder-py-7b98041a82d9?source=rss------bug_bounty-5Anmol K Sachanwriteup, bug-bounty, backup, automation, pentesting20-Jan-2025
Various Methods to Exploit Insecure Direct Object Reference (IDOR)https://medium.com/@sahusujal.dev2004/various-methods-to-exploit-insecure-direct-object-reference-idor-f50a131fe651?source=rss------bug_bounty-5Sujal Sahubug-reporting, bug-bounty, writeup, web-penetration-testing, bug-bounty-tips20-Jan-2025
How to Turn Bug Bounty Scopes into Goldmines: Recon Techniques That Workhttps://medium.com/@HackerNasr/how-to-turn-bug-bounty-scopes-into-goldmines-recon-techniques-that-work-4b6a1bd4979d?source=rss------bug_bounty-5HackerNasrcyber-security-awareness, bug-bounty-writeup, bug-bounty, security-research, cybersecurity20-Jan-2025
Using Tor Network to Bypass Rate Limitshttps://saeed0x1.medium.com/using-tor-network-to-bypass-rate-limits-9fe2b174c316?source=rss------bug_bounty-5SAEEDbug-bounty-writeup, bug-bounty-tips, tor, bug-bounty, cybersecurity20-Jan-2025
Agent Sudo 2.0https://medium.com/@pavanboss/agent-sudo-2-0-1d92f6232ff8?source=rss------bug_bounty-5PavanBossbug-bounty, sudo, agents, thm, ctf20-Jan-2025
Reconnaissance — Finding Apex/Root Domainshttps://it4chis3c.medium.com/reconnaissance-finding-apex-root-domains-b822cf54663e?source=rss------bug_bounty-5It4chis3csecrets, bug-bounty, apex-domain, reconnaissance, bug-bounty-tips20-Jan-2025
Security Session #2https://medium.com/@mon.cybersec/security-session-2-7b2ec1a2d03e?source=rss------bug_bounty-5Mon Worksburpsuite, hacking, bug-bounty, security, ciberseguridad20-Jan-2025
The ROI of Bug Bounty Programs: Cost vs. Impacthttps://medium.com/@hackrate/the-roi-of-bug-bounty-programs-cost-vs-impact-591de5eb3630?source=rss------bug_bounty-5Levente Molnarethical-hacking, bug-bounty-tips, hacking, cybersecurity, bug-bounty20-Jan-2025
Using Tor Network to Bypass Rate Limitshttps://systemweakness.com/using-tor-network-to-bypass-rate-limits-9fe2b174c316?source=rss------bug_bounty-5SAEEDbug-bounty-writeup, bug-bounty-tips, tor, bug-bounty, cybersecurity20-Jan-2025
40+ Google Dorks For Low Hanging Fruitshttps://bitpanic.medium.com/40-google-dorks-for-low-hanging-fruits-d8fc3d5d7a8d?source=rss------bug_bounty-5Spectat0rguycybersecurity, bug-bounty, programming, bug-bounty-tips, technology20-Jan-2025
HTML Injection At Email Via Programs HackerOnehttps://medium.com/@HackerPlus/html-injection-at-email-via-programs-hackerone-07f2e6652523?source=rss------bug_bounty-5HackerPlus+bug-bounty-tips, ctf, bugcrowd, bug-bounty, hackerone20-Jan-2025
Discovering backups, secrets, and more using the wayBackupFinder.py tool.https://anmolksachan.medium.com/discovering-backups-secrets-and-more-using-the-waybackupfinder-py-tool-b97f67e95c50?source=rss------bug_bounty-5Anmol K Sachanwayback-machine, bug-bounty, pentesting, bug-bounty-tips, osint20-Jan-2025
A Beginner’s Guide to Testing for Directory Traversal Attackshttps://medium.com/@mcooter/a-beginners-guide-to-testing-for-directory-traversal-attacks-300e7af275bd?source=rss------bug_bounty-5Michael Cooterbug-bounty, oswa, directory-traversal, hacking, web-application-security20-Jan-2025
Exploiting Race Condition Bugshttps://medium.com/@vuk.ivanovic9000/exploiting-race-condition-bugs-41af288c9e0f?source=rss------bug_bounty-5Vuk Ivanovicrace-condition, exploitation, burpsuite, infosec, bug-bounty20-Jan-2025
A List of Known and Unknown Bug Bounty Platformshttps://medium.com/meetcyber/a-list-of-known-and-unknown-bug-bounty-platforms-c7e8a87e59f8?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, hacking, ethical-hacking20-Jan-2025
How I found S3 buckets in Bug bountieshttps://infosecwriteups.com/how-i-found-s3-buckets-in-bug-bounties-501faf76c3f9?source=rss------bug_bounty-5Mukilan Baskaranbug-bounty, s3, s3-bucket, aws, aws-hacking20-Jan-2025
How I Made $500 in 30 Days Using ChatGPT as My Hacking Mentorhttps://medium.com/@ibtissamhammadi/how-i-made-500-in-30-days-using-chatgpt-as-my-hacking-mentor-113226deed78?source=rss------bug_bounty-5Ibtissam Hammadiethical-hacking, hacking, cybersecurity, chatgpt, bug-bounty20-Jan-2025
What is a WAF ? How it works ?https://medium.com/@rohitmaity001/what-is-a-waf-how-it-works-931a5f6fee84?source=rss------bug_bounty-5Rohit Maityhow-it-works, cyber, cybersecurity, cyber-securty, bug-bounty20-Jan-2025
PicoCTF Writeup — Web Gauntlethttps://medium.com/@sobatistacyber/picoctf-writeup-web-gauntlet-7c3b8c7c7946?source=rss------bug_bounty-5SoBatistapenetration-testing, hacking, ctf, sql-injection, bug-bounty20-Jan-2025
Hackers Deploy Malicious npm Packages to Steal Solana Wallet Keys via Gmail SMTPhttps://medium.com/@wiretor/hackers-deploy-malicious-npm-packages-to-steal-solana-wallet-keys-via-gmail-smtp-cfdae9876dec?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, hacking, hacker, ai, bug-bounty20-Jan-2025
Easy P4: Cloudflare Bypass, Origin IP Found (Part 2)https://sudosuraj.medium.com/easy-p4-cloudflare-bypass-origin-ip-found-part-2-5ffc615bff1f?source=rss------bug_bounty-5sudosurajcloudflare, bug-bounty-tips, bug-bounty-writeup, bug-bounty, sudosuraj20-Jan-2025
SQL Injection Vulnerability in Microsoft’s DevBlogs [devblogs.microsoft.com]https://zhenwarx.medium.com/sql-injection-vulnerability-in-microsofts-devblogs-devblogs-microsoft-com-690792213d1f?source=rss------bug_bounty-5Zhenwarxbug-bounty, sql-injection, microsoft20-Jan-2025
Incident Response in Digital Forensics | A Beginners-Friendly Guidehttps://mhmmuneef.medium.com/incident-response-in-digital-forensics-a-beginners-friendly-guide-7ec0b4789519?source=rss------bug_bounty-5Mohammed Muneefhacking, information-technology, technology, bug-bounty, cybersecurity20-Jan-2025
Finding my First SQL Injection On HackerOnehttps://infosecwriteups.com/finding-my-first-sql-injection-on-hackerone-6a031ab5aa1c?source=rss------bug_bounty-5Aleksa Zatezalohackerone, sql-injection, bug-bounty, burpsuite, hacking19-Jan-2025
Unlimited XSS | This is the Dumbest Way to Find XSS Bughttps://medium.com/readers-club/unlimited-xss-this-is-the-dumbest-way-to-find-xss-bug-6ee92de5df38?source=rss------bug_bounty-5Abhijeet kumawatinfosec, xss-attack, money, bug-bounty, hacking19-Jan-2025
From Path Traversal to RCE: A $40,000 Bug Bounty Journeyhttps://medium.com/@ibtissamhammadi/from-path-traversal-to-rce-a-40-000-bug-bounty-journey-a8316994ab3d?source=rss------bug_bounty-5Ibtissam Hammadiinfosec, hacking-tutorial, remote-code-execution, bug-bounty, web-security19-Jan-2025
Monsif Hmouri: بين الأخلاقيات التقنية والنضال من أجل العدالةhttps://monsifhmouri.medium.com/monsif-hmouri-%D8%A8%D9%8A%D9%86-%D8%A7%D9%84%D8%A3%D8%AE%D9%84%D8%A7%D9%82%D9%8A%D8%A7%D8%AA-%D8%A7%D9%84%D8%AA%D9%82%D9%86%D9%8A%D8%A9-%D9%88%D8%A7%D9%84%D9%86%D8%B6%D8%A7%D9%84-%D9%85%D9%86-%D8%A3%D8%AC%D9%84-%D8%A7%D9%84%D8%B9%D8%AF%D8%A7%D9%84%D8%A9-dd651dada725?source=rss------bug_bounty-5MONSIF HMOURIbug-bounty, cybersecurity, palestinian-cause, digital-activism, ethical-hacking19-Jan-2025
Choosing Your First Program in Bug Bounties: A Beginner’s Guidehttps://it4chis3c.medium.com/choosing-your-first-program-in-bug-bounties-a-beginners-guide-6b27c58316da?source=rss------bug_bounty-5It4chis3cbug-bounty-writeup, bug-bounty-tips, secrets, roadmaps, bug-bounty19-Jan-2025
How i am Starting my Bug Hunting..?https://medium.com/@Charon19d/how-i-am-starting-my-bug-hunting-7a727e3dfb74?source=rss------bug_bounty-5Charon19dhacking, learning, cybersecurity, bug-bounty, bug-hunting19-Jan-2025
Command Injection for Beginners: From Detection to Exploitationhttps://medium.com/@HackerNasr/command-injection-for-beginners-from-detection-to-exploitation-8e7816dcb53d?source=rss------bug_bounty-5HackerNasrcyber-secuity, bug-bounty, information-security, security-research19-Jan-2025
Wolf Haldenstein Data Breach Impacts 3.4 Million Individualshttps://medium.com/@wiretor/wolf-haldenstein-data-breach-impacts-3-4-million-individuals-8e567c04e0b6?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, money, ai, hacker, bug-bounty19-Jan-2025
Star Blizzard Hackers Abuse WhatsApp to Target High-Value Diplomatshttps://medium.com/@wiretor/star-blizzard-hackers-abuse-whatsapp-to-target-high-value-diplomats-beed8a06a0ec?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, hacker, money, bug-bounty, malware19-Jan-2025
CVE-2024–57767: Critical Server-Side Request Forgery (SSRF) Vulnerabilityhttps://medium.com/@wiretor/cve-2024-57767-critical-server-side-request-forgery-ssrf-vulnerability-722db6cbba17?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, ai, bug-bounty, money, ssrf19-Jan-2025
How I Found a SQL Injection Vulnerability in websitehttps://medium.com/@Bl4cky/how-i-found-a-sql-injection-vulnerability-in-website-56a8b2b1edab?source=rss------bug_bounty-5Bl4ckypenetration-testing, sqlmap, bug-bounty, sql-injection, pentest19-Jan-2025
API Testinghttps://0xy37.medium.com/api-testing-9de53e7736d3?source=rss------bug_bounty-5Yara AlHumaidan (0xy37)bug-bounty, security, api, api-testing19-Jan-2025
From Low to Whoa: Elevating a P5 SSRF to a P3https://medium.com/@loayahmed686/from-low-to-whoa-elevating-a-p5-ssrf-to-a-p3-6db1afdbde4c?source=rss------bug_bounty-5r00tbug-bounty-tips, bug-bounty, bug-bounty-writeup19-Jan-2025
How Did a Simple Path Traversal to RCE Bug Land Me $40K?https://medium.com/@ibtissamhammadi/how-did-a-simple-path-traversal-to-rce-bug-land-me-40k-e20aecb162b0?source=rss------bug_bounty-5Ibtissam Hammadicybersecurity, information-security, ethical-hacking, bug-bounty18-Jan-2025
The Road to CRTP Cert — Part 16https://medium.com/@dineshkumaar478/the-road-to-crtp-cert-part-16-edc129cf1277?source=rss------bug_bounty-5Dineshkumaar Rpentesting, hacking, cybersecurity, active-directory, bug-bounty18-Jan-2025
How to Stay Anonymous While Doing OSINThttps://medium.com/@paritoshblogs/how-to-stay-anonymous-while-doing-osint-519f607fa79d?source=rss------bug_bounty-5Paritoshthreat-intelligence, osint, hacking, bug-bounty, chatgpt18-Jan-2025
Bug Bounty | Privilege Escalation From Admin To Ownerhttps://medium.com/@yog_sahare/bug-bounty-privilege-escalation-from-admin-to-owner-90d86e2395e6?source=rss------bug_bounty-5Yog Saharebug-bounty, bug-bounty-writeup, privilege-escalation, vulnerability, idor-vulnerability18-Jan-2025
Google XSS Gamehttps://medium.com/@PhilopaterSh/google-xss-game-6dbd1c8b3eb8?source=rss------bug_bounty-5Philopater Shenoudagoogle-xss-game, xss-attack, xss-challenge, web-penetration-testing, bug-bounty18-Jan-2025
AI-Powered Recon: Unearthing PII from Non-English Fileshttps://bunny0417.medium.com/ai-powered-recon-unearthing-pii-from-non-english-files-4bf9e91e6b6b?source=rss------bug_bounty-5Aayush kumarbugbounty-writeup, infosec, bug-bounty-tips, bug-bounty, ai-security18-Jan-2025
This 200 Dorks cheats can change your life.https://medium.com/@anandrishav2228/this-200-dorks-cheats-can-change-your-life-13217162aba4?source=rss------bug_bounty-5Rishav anandhacking, bug-bounty, money, google-dork, cybersecurity18-Jan-2025
Threat Hunting Tool: Email Analyzerhttps://hackerassociate.medium.com/threat-hunting-tool-email-analyzer-19518c7d2645?source=rss------bug_bounty-5Harshad Shahinfosec, bug-bounty, cyberattack, threat-hunting, cybersecurity18-Jan-2025
WIFI Hacking , user and password hacking [How hackers get Password of any wifi network]https://medium.com/@hrofficial62/wifi-hacking-user-and-password-hacking-how-hackers-get-password-of-any-wifi-network-015ae6575bed?source=rss------bug_bounty-5Mr Horbiobug-bounty, hacking, wifi, cybersecurity, pentesting18-Jan-2025
Comprehensive Scripts for Red teaminghttps://saconychukwu.medium.com/comprehensive-scripts-for-red-teaming-72c3d2980369?source=rss------bug_bounty-5Sacony Chukwuhacking, cybersecurity, bug-bounty-writeup, bug-bounty, bug-bounty-tips18-Jan-2025
Basic Linux Commands Every Newbie Bug Bounty Hunter Should Knowhttps://bitpanic.medium.com/basic-linux-commands-every-newbie-bug-bounty-hunter-should-know-d990da113f1c?source=rss------bug_bounty-5Spectat0rguycybersecurity, bug-bounty-tips, bug-bounty, technology, programming18-Jan-2025
Unlocking the Doors: How I Took Over Accounts with a Single Flaw!https://medium.com/@omdubey170/unlocking-the-doors-how-i-took-over-accounts-with-a-single-flaw-239900ab5ee9?source=rss------bug_bounty-5Omdubeybug-bounty-tips, bug-bounty-writeup, bugs, cybersecurity, bug-bounty18-Jan-2025
Re-captcha token generating secret key leaking identified via way back machinehttps://medium.com/@swaroopvenkat828/re-captcha-token-generating-secret-key-leaking-identified-via-way-back-machine-8b7fc04e90f8?source=rss------bug_bounty-5swaroop 04|16bug-bounty, wayback-machine, bug-bounty-writeup, bugbounty-tips, sensitive-information18-Jan-2025
Master Bug Bounty Recon: Using GoWitness and Eyeballer to Uncover Juicy Subdomainshttps://medium.com/@hacker_might/master-bug-bounty-recon-using-gowitness-and-eyeballer-to-uncover-juicy-subdomains-c7f79a3f3d06?source=rss------bug_bounty-5hacker_mightrecon, bug-bounty-tips, tools, bug-bounty, reconnaissance18-Jan-2025
Game Real-Time Communication Is Vulnerability higher impact than XSS and ATOhttps://medium.com/@bylyblyblybly/game-real-time-communication-is-vulnerability-higher-impact-than-xss-and-ato-c3d6b9ba77e5?source=rss------bug_bounty-5Bylyblyblyblybug-bounty, gamehacking, android-bugs, cyper-security, android-security18-Jan-2025
Stored XSS to Admin in Unauthenticated-WordPresshttps://infosecwriteups.com/stored-xss-to-admin-in-unauthenticated-wordpress-cb76bae66623?source=rss------bug_bounty-5c0d3x27bug-bounty, javascript, cybersecurity, hacking, software-development18-Jan-2025
Tools Used by Bug Bounty Hunters: A Comprehensive Guidehttps://medium.com/@ajudeb55/tools-used-by-bug-bounty-hunters-a-comprehensive-guide-c5286a0da36a?source=rss------bug_bounty-5Aju Debcybersecurity, bug-bounty, hacking, programming, python18-Jan-2025
IDOR to Partial Access and ACCOUNT TAKEOVER in a Top 5 Cloud Storage Platformhttps://q19.medium.com/idor-to-partial-access-and-account-takeover-in-a-top-5-cloud-storage-platform-844707a2cc01?source=rss------bug_bounty-5Q19hacking, security, bug-bounty, vulnerability18-Jan-2025
Otelier Data Breach Exposes Info, Hotel Reservations of Millionshttps://medium.com/@wiretor/otelier-data-breach-exposes-info-hotel-reservations-of-millions-14e75e47e589?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, ai, malware, breach, bug-bounty18-Jan-2025
Malicious PyPi Package Steals Discord Auth Tokens from Developershttps://medium.com/@wiretor/malicious-pypi-package-steals-discord-auth-tokens-from-developers-2a6707bb84f7?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, ai, money, bug-bounty, python18-Jan-2025
Tool Overviewhttps://xss0r.medium.com/tool-overview-6c255fe7ec9b?source=rss------bug_bounty-5xss0rxss0, bug-bounty, xss0rrecon, recon18-Jan-2025
Find First Bug for Beginner Bounty Huntershttps://infosecwriteups.com/find-first-bug-for-beginner-bounty-hunters-533f2da9dab1?source=rss------bug_bounty-5Mr Horbiohacking, ethical-hacking, pentesting, bug-bounty, cybersecurity18-Jan-2025
WIFI Hacking , user and password hacking [How hackers get Password of any wifi network]https://infosecwriteups.com/wifi-hacking-user-and-password-hacking-how-hackers-get-password-of-any-wifi-network-015ae6575bed?source=rss------bug_bounty-5Mr Horbiobug-bounty, hacking, wifi, cybersecurity, pentesting18-Jan-2025
Zero Click Account Takeover — JWT Token Manipulation via Programs HackerOnehttps://medium.com/@HackerPlus/zero-click-account-takeover-jwt-token-manipulation-via-programs-hackerone-07da3868ada9?source=rss------bug_bounty-5HackerPlus+bugcrowd, js, hackerone, jwt, bug-bounty18-Jan-2025
Cross-Site Scripting (XSS) attackshttps://medium.com/@rishuraj2666/cross-site-scripting-xss-attacks-cbb84d7f912d?source=rss------bug_bounty-5Rishurajxss-vulnerability, cybersecurity, security-researchers, hacking, bug-bounty18-Jan-2025
S3Bucket Enumeration and Takeoverhttps://medium.com/@sahusujal.dev2004/s3bucket-enumeration-and-takeover-f1ff24ad8187?source=rss------bug_bounty-5Sujal Sahubug-bounty, s3-bucket, cybersecurity, information-disclosure, bucket-takeover18-Jan-2025
How I Discovered a Password Reset Vulnerability on a Web Applicationhttps://medium.com/@Dorking1/how-i-discovered-a-password-reset-vulnerability-on-a-web-application-14fe29f9499c?source=rss------bug_bounty-5Dorking1penetration-testing, bug-bounty, cybersecurity18-Jan-2025
Day 2 — Hacker101 MicroCMS v1 Flag 3 Write-Uphttps://medium.com/@devinmack39/hacker101-microcms-v1-flag-3-write-up-db82e442b922?source=rss------bug_bounty-5Devin McCullumappsec, learning, bug-bounty17-Jan-2025
Critical Vulnerability Alert: CVE-2025-22949 – Tenda AC9 Router Command Injectionhttps://medium.com/@muhammetalgan3547/critical-vulnerability-alert-cve-2025-22949-tenda-ac9-router-command-injection-3fe10252a835?source=rss------bug_bounty-5Muhammet ALGANbug-bounty, network-security, hacking, vulnerability, cybersecurity17-Jan-2025
Android Intent Redirection: A Hacker’s Gateway to Internal Componentshttps://medium.com/@0x3adly/android-intent-redirection-a-hackers-gateway-to-internal-components-ebe126bbb2e0?source=rss------bug_bounty-5Anas Eladly ( 0x3adly )cybersecurity, bug-bounty, mobile-security, penetration-testing, android17-Jan-2025
One More Easy Bug | HTML Injectionhttps://medium.com/@kumawatabhijeet2002/one-more-easy-bug-html-injection-4279fccabbc6?source=rss------bug_bounty-5Abhijeet kumawatinfosec, money, bug-bounty, hacking, bug-bounty-tips17-Jan-2025
One More Easy Bug | HTML Injectionhttps://cybersecuritywriteups.com/one-more-easy-bug-html-injection-4279fccabbc6?source=rss------bug_bounty-5Abhijeet kumawatinfosec, money, bug-bounty, hacking, bug-bounty-tips17-Jan-2025
Stored DOM-based XSS Vulnerability on VPSServer.comhttps://medium.com/@hasanfahad769/stored-dom-based-xss-vulnerability-on-vpsserver-com-f96980104e4b?source=rss------bug_bounty-5Fahad Hossainbug-bounty, cybersecurity, web-security-testing17-Jan-2025
Focusing on Expired Sessions to Uncover IDOR Vulnerabilitieshttps://medium.com/@alvinbijo_174/focusing-on-expired-sessions-to-uncover-idor-vulnerabilities-75f5055c7452?source=rss------bug_bounty-5session-xbugs, bug-bounty, bug-bounty-tips, bugbounting, bugbounty-writeup17-Jan-2025
Collected XSS Payloads ⛏✌️⬇️https://medium.com/@alvinbijo_174/collected-xss-payloads-%EF%B8%8F-%EF%B8%8F-da7df1be4bbb?source=rss------bug_bounty-5session-xhacking, bugbounty-tips, idor, bugbounty-writeup, bug-bounty17-Jan-2025
Privilege Escalation in 5 minutes: When you’re just one URL away from becoming the Boss…https://medium.com/@forte.social/privilege-escalation-in-5-minutes-when-youre-just-one-url-away-from-becoming-the-boss-32a1f0934a0b?source=rss------bug_bounty-5eSecFortebug-bounty, bugbounty-tips, hacking, privilege-escalation, web-app-security17-Jan-2025
Account Takeover: Trading OAuth Codes for fun and profithttps://medium.com/@sazouki/account-takeover-trading-oauth-codes-for-fun-and-profit-f65463e9a6c9?source=rss------bug_bounty-5Sazoukibugbounty-writeup, bug-bounty17-Jan-2025
Hacker101 MicroCMS v1 Flag 3 Write-Uphttps://medium.com/@devinmack39/hacker101-microcms-v1-flag-3-write-up-db82e442b922?source=rss------bug_bounty-5Devin McCullumappsec, learning, bug-bounty17-Jan-2025
Why You Should Start a Bug Bounty Program for Your Mobile Applicationshttps://medium.com/@hackrate/why-you-should-start-a-bug-bounty-program-for-your-mobile-applications-a476c3646978?source=rss------bug_bounty-5Levente Molnarcybersecurity, bug-bounty, ethical-hacking, bug-bounty-tips, hacking17-Jan-2025
XSS: Bypass CloudFront WAFhttps://medium.com/@n45ht/xss-bypass-cloudfront-waf-9d0c8a12dc33?source=rss------bug_bounty-5N45HTbug-bounty-writeup, cross-site-scripting, xs, bug-bounty-tips, bug-bounty17-Jan-2025
How I Hacked Hackers Accounthttps://0xshuvo.medium.com/how-i-hacked-hackers-account-d5409b095133?source=rss------bug_bounty-5Shuvo Kumar Sahabugbounty-writeup, idor, infose, bug-bounty, bugbounty-tips17-Jan-2025
Account Takeover via IDOR form JWT Programs HackerOne 2500$https://medium.com/@HackerPlus/account-takeover-via-idor-form-jwt-programs-hackerone-2500-0a378fe2c951?source=rss------bug_bounty-5HackerPlus+hackerone, hacker, bug-hunting, bugcrowd, bug-bounty17-Jan-2025
The rise of scammer bug bounty programs — and the reason I quit bug bounty hunting.https://medium.com/@brotheralameen/the-rise-of-scammer-bug-bounty-programs-and-the-reason-i-quit-bug-bounty-hunting-4cc661c92e09?source=rss------bug_bounty-5Alameen Karim Meralibugs, bug-bounty-writeup, bug-bounty, bug-bounty-tips, cybersecurity17-Jan-2025
Leaking PII at Scale: How Third Parties Can Unintentionally Put Your Data at Risk.https://medium.com/@omarahmed_13016/leaking-pii-at-scale-how-third-parties-can-unintentionally-put-your-data-at-risk-6101fcb3d5e0?source=rss------bug_bounty-5Omar Ahmedhacking, writeup, vulnerability, hackerone, bug-bounty17-Jan-2025
Web Directory Free Plugin <= 1.7.2: Unauthenticated LFI Exploit (CVE-2024-3673)https://bashoverflow.medium.com/web-directory-free-plugin-1-7-2-unauthenticated-lfi-exploit-cve-2024-3673-f3721f79477d?source=rss------bug_bounty-5Bash Overflowcve-2024-3673, unauthenticated-lfi, bug-bounty, bug-bounty-tips, exploiting-lfi17-Jan-2025
US Sanctions Chinese Firm and Hacker Behind Treasury and Telecom Hackshttps://medium.com/@wiretor/us-sanctions-chinese-firm-and-hacker-behind-treasury-and-telecom-hacks-c25cfb0ae32a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, money, ai, hacking, malware17-Jan-2025
US Cracks Down on North Korea’s IT Worker Army with New Sanctionshttps://medium.com/@wiretor/us-cracks-down-on-north-koreas-it-worker-army-with-new-sanctions-e95efd40850a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, north, malware, money, ai17-Jan-2025
W3 Total Cache Plugin Flaw Exposes Over 1 Million WordPress Sites to Attackshttps://medium.com/@wiretor/w3-total-cache-plugin-flaw-exposes-over-1-million-wordpress-sites-to-attacks-15e0b6ace4e0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, marketing, ai, malware, hacker17-Jan-2025
100 Free Tools To Supercharge Your Bug Bounty Journeyhttps://bitpanic.medium.com/100-free-tools-to-supercharge-your-bug-bounty-journey-747ffb5d4bef?source=rss------bug_bounty-5Spectat0rguycybersecurity, bug-bounty, bug-bounty-tips, programming, technology17-Jan-2025
Finding a easy p4 it can be worth 200$https://medium.com/infosecmatrix/finding-a-easy-p4-it-can-be-worth-200-5d65a9faad0b?source=rss------bug_bounty-5loyalonlytodayhacking, ethical-hacking, bugs, bug-bounty, cybersecurity16-Jan-2025
Day One — HACKER 101 MicroCMS v1 Flag 1 — CTFhttps://medium.com/@devinmack39/day-one-hacker-101-microcms-v1-flag-1-ctf-eb606905eea7?source=rss------bug_bounty-5Devin McCullumbug-bounty, web-app-security, learning-and-development, ctf-writeup, sql-injection16-Jan-2025
This is The Easiest Bug You Can Find✨https://cybersecuritywriteups.com/this-is-the-easiest-bug-you-can-find-feadc3ef95a5?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, money, hacking, infosec, easy16-Jan-2025
Capturing of Network Traffic Using Wireshark Toolhttps://mhmmuneef.medium.com/capturing-of-network-traffic-using-wireshark-tool-09a9926f18dd?source=rss------bug_bounty-5Mohammed Muneefnetworking, cybersecurity, technology, bug-bounty, hacking16-Jan-2025
Kicking Off 2025: Findings on U.S. Department of Energyhttps://cybersecuritywriteups.com/kicking-off-2025-findings-on-u-s-department-of-energy-a92149e43102?source=rss------bug_bounty-5Guru Prasad Pattanaik || TH3N00BH4CK3Rethical-hacking, bug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips16-Jan-2025
How to Tackle Vulnerable JavaScript Dependencies: Lessons from the Kerala Government Websitehttps://medium.com/@ashwin74/how-to-tackle-vulnerable-javascript-dependencies-lessons-from-the-kerala-government-website-220722709ac4?source=rss------bug_bounty-5ASHWIN KUMARbug-bounty-tips, bug-bounty-writeup, bug-bounty, cybersecurity, javascript16-Jan-2025
Bug Bounty is live: Code breakers, welcome to Apillon!https://blog.apillon.io/bug-bounty-is-live-code-breakers-welcome-to-apillon-6dd4ff40fc82?source=rss------bug_bounty-5Apillonapillon-news, web3, bug-bounty, web3-development, rewards-programs16-Jan-2025
Cybersecurity with AI Roadmap in 2025https://medium.com/@anandrishav2228/cybersecurity-with-ai-roadmap-in-2025-25ced0372d5b?source=rss------bug_bounty-5Rishav anandroadmaps, hacking, ai, bug-bounty, cybersecurity16-Jan-2025
My first step into Bug Bountyhttps://medium.com/@n4itr0_07/my-first-step-into-bug-bounty-718d967e0576?source=rss------bug_bounty-5N4!TR0 07bug-bounty-writeup, sql-injection, bug-bounty-tips, security, bug-bounty16-Jan-2025
Hack The Box Curling Writeup:[Linux][Retired]https://medium.com/@vignesh6872610/hack-the-box-curling-writeup-linux-retired-7be2cc094707?source=rss------bug_bounty-5Vignesh Pbug-bounty-tips, hackthebox-writeup, retiredmachine, hackthebox, bug-bounty16-Jan-2025
CISA Adds Two New Actively Exploited Vulnerabilities to Known Exploited Vulnerabilities Cataloghttps://medium.com/@shalomo.social/cisa-adds-two-new-actively-exploited-vulnerabilities-to-known-exploited-vulnerabilities-catalog-023c1bd81754?source=rss------bug_bounty-5Shalomo Agarwarkarcybersecurity, data-science, business, programming, bug-bounty16-Jan-2025
Using Full potential of Virustotal for Bugbountyhttps://osintteam.blog/using-full-potential-of-virustotal-for-bugbounty-51d27750f588?source=rss------bug_bounty-5loyalonlytodayhacking, bug-bounty, bugs, ethical-hacking, cybersecurity16-Jan-2025
A Journey of Limited Path Traversal To RCE With $40,000 Bounty!https://medium.com/@HX007/a-journey-of-limited-path-traversal-to-rce-with-40-000-bounty-fc63c89576ea?source=rss------bug_bounty-5HX007programming, hacking, cybersecurity, security, bug-bounty16-Jan-2025
OTP BYPASS TECHNIQUE its My StOry [sweet and sour]https://medium.com/infosec-notes/otp-bypass-technique-its-my-story-sweet-and-sour-3e96b9eb63a0?source=rss------bug_bounty-5Mr Horbiopentesting, hacking, bug-bounty, cybersecurity, ethical-hacking16-Jan-2025
Java Script file analysis to find bugshttps://medium.com/@hrofficial62/java-script-file-analysis-to-find-bugs-1fb865fee83e?source=rss------bug_bounty-5Mr Horbioethical-hacking, pentesting, bug-bounty, hacking, cybersecurity16-Jan-2025
Bug Bounty Unlocked: Secrets, Strategies, and Mindset Hacks for Successhttps://it4chis3c.medium.com/bug-bounty-unlocked-secrets-strategies-and-mindset-hacks-for-success-e5d94a632220?source=rss------bug_bounty-5It4chis3cmindset, secrets, bug-bounty, bug-bounty-tips, bug-bounty-writeup16-Jan-2025
Bounty Hunters Take Note: How Leaked Zoom Links Can Unveil Security Flawshttps://bevijaygupta.medium.com/bounty-hunters-take-note-how-leaked-zoom-links-can-unveil-security-flaws-9f524423b5bc?source=rss------bug_bounty-5Vijay Kumar Guptazoom-meetings, securityflaw, bug-bounty, security, zoom16-Jan-2025
Hackers Leak Configs and VPN Credentials for 15,000 FortiGate Deviceshttps://medium.com/@wiretor/hackers-leak-configs-and-vpn-credentials-for-15-000-fortigate-devices-c9586b6e6051?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, money, vpn, hacker, bug-bounty16-Jan-2025
How to pass EMAPT examhttps://medium.com/@nomad8061/how-to-pass-emapt-exam-78bed982d061?source=rss------bug_bounty-5Ahmed Badryine, bug-bounty, bug-bounty-writeup, bug-bounty-tips, emapt16-Jan-2025
Exploring CORS Misconfiguration Vulnerabilities in Modern Applicationshttps://rootast.medium.com/exploring-cors-misconfiguration-vulnerabilities-in-modern-applications-def492a23e95?source=rss------bug_bounty-5Arash Shahbazicross-origin-resource, pentest, owasp-top-10, web-application-security, bug-bounty16-Jan-2025
The Top 8 Kali Linux Tools For 2025https://mhmmuneef.medium.com/the-top-8-kali-linux-tools-for-2025-d5904319b1d7?source=rss------bug_bounty-5Mohammed Muneefbug-bounty, technology, hacking, kali-linux, cybersecurity16-Jan-2025
What You Can Expect: A Personal Introduction and Blog Overviewhttps://medium.com/@T3chnocr4t/what-you-can-expect-a-personal-introduction-and-blog-overview-3a0a6cc984f6?source=rss------bug_bounty-5T3chnocr4tbug-bounty-writeup, writeup, bug-bounty-tips, cybersecurity, bug-bounty15-Jan-2025
Metasploit for Beginners — A Guide to the Powerful Exploitation Frameworkhttps://medium.com/@manishmshiva/metasploit-for-beginners-a-guide-to-the-powerful-exploitation-framework-a8b4245c8893?source=rss------bug_bounty-5Manish Shivanandhancybersecurity, bug-bounty, penetration-testing, metasploit, ethical-hacking15-Jan-2025
Hack with your mind! That’s enough?https://osintteam.blog/hack-with-your-mind-thats-enough-1c6b645d1384?source=rss------bug_bounty-5Abu Hurayrainfosec, ethical-hacking, cybersecurity, bug-bounty, hacking15-Jan-2025
NTLM Auth Disclosing Internal System Info via HTTP/2 to HTTP/1.1 Downgradehttps://medium.com/meetcyber/ntlm-auth-disclosing-internal-system-info-via-http-2-to-http-1-1-downgrade-603cc35c2dc4?source=rss------bug_bounty-5AbhirupKonwarpentesting, cybersecurity, bug-bounty, infosec, vulnerability15-Jan-2025
kya medium account jo suspend ho giya vo vapes aya ga .??https://medium.com/@subhash_9358/kya-medium-account-jo-suspend-ho-giya-vo-vapes-aya-ga-1d480676922e?source=rss------bug_bounty-5Schoudharybug-bounty, culture, cryptocurrency, business, artificial-intelligence15-Jan-2025
Bypassing Razer’s WAF for XSShttps://medium.com/@n45ht/bypassing-razers-waf-for-xss-afcaea744ab4?source=rss------bug_bounty-5N45HTbug-bounty-tips, bug-bounty-writeup, bug-bounty, xs, cross-site-scripting15-Jan-2025
My 2nd Bounty on the Same Company Again: ¥15,000 for a Medium Bughttps://medium.com/@dibyaranjanmohanta2806/my-2nd-bounty-on-the-same-company-again-15-000-for-a-medium-bug-e3dd70c0d40a?source=rss------bug_bounty-5Dibyaranjanmohantamoney, currency, reporting, bug-bounty, japan15-Jan-2025
Exploiting IDOR in a Support Portal Chatbothttps://infosecwriteups.com/exploiting-idor-in-a-support-portal-chatbot-f1d0617bace1?source=rss------bug_bounty-5Supun Halangoda (Suppa)bug-bounty, idor-vulnerability, bugbounty-tips, cybersecurity15-Jan-2025
EMC Mainnet Is Live! Join the Bug Bounty Blitz Program and Earn Rewards!https://medium.com/@EdgeMatrixChain/emc-mainnet-is-live-join-the-bug-bounty-blitz-program-and-earn-rewards-f309b16ee396?source=rss------bug_bounty-5EMC ( Edge Matrix Chain)ai, mainnet, depin, emc, bug-bounty15-Jan-2025
Stored XSS Found in Query Parameters of dhtmlxGrid.js on NASA.gov Subdomain (P3)https://medium.com/@aleenscode/stored-xss-found-in-query-parameters-of-dhtmlxgrid-js-on-nasa-gov-subdomain-p3-2b343fa5f045?source=rss------bug_bounty-5Aleenscodebug-bounty, hackerone, bugcrowd, cross-site-scripting, cybersecurity15-Jan-2025
User Enumeration: From Overlooked to Medium-Impact Bughttps://infosecwriteups.com/user-enumeration-from-overlooked-to-medium-impact-bug-48bbefa2ab3b?source=rss------bug_bounty-5callgh0stgenocide, bug-bounty, hacking, email, palestine15-Jan-2025
The Future of Bug Bounty and Penetration Testinghttps://medium.com/@hackrate/the-future-of-bug-bounty-and-penetration-testing-bce3f23cb095?source=rss------bug_bounty-5Levente Molnarbug-bounty, penetration-testing, ethical-hacking, hacking, cybersecurity15-Jan-2025
I found Reflected XSS on another university’s websitehttps://medium.com/@Bl4cky/hunting-reflected-xss-uncovering-vulnerabilities-on-university-websites-daa6c5ac790d?source=rss------bug_bounty-5Bl4ckyxss-attack, pentest, reflected-xss, bug-bounty15-Jan-2025
What Is Bug Bounty Hunting? A Complete Guidehttps://medium.com/@atnoforcybersecurity/what-is-bug-bounty-hunting-a-complete-guide-58f7019e5871?source=rss------bug_bounty-5ATNO For Cybersecurity | Hackingbug-bounty, hacking, network-security, cybersecurity15-Jan-2025
Allstate Faces Lawsuit for Tracking Drivers Without Permissionhttps://medium.com/@wiretor/allstate-faces-lawsuit-for-tracking-drivers-without-permission-e53b2cf5ed6b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, malware, money, hacker, bug-bounty15-Jan-2025
Web Cache Poisoning: Turning Speed into a Security Nightmarehttps://medium.com/@bughunt.bochi/web-cache-poisoning-turning-speed-into-a-security-nightmare-b2cde92e1036?source=rss------bug_bounty-5Bochixxcyber-security-awareness, ethical-hacking, vulnerability, bug-bounty, web-cache-poisoning15-Jan-2025
Zero Day Alert: Google OAuth Flaw Could Expose Abandoned Accountshttps://medium.com/@wiretor/zero-day-alert-google-oauth-flaw-could-expose-abandoned-accounts-40dbaa77260d?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, money, bug-bounty, zero-day, business15-Jan-2025
FBI Deletes Chinese PlugX Malware from Thousands of US Computershttps://medium.com/@wiretor/fbi-deletes-chinese-plugx-malware-from-thousands-of-us-computers-f212a3f27f14?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, ai, hacker, fbi, money15-Jan-2025
Basics of Bypassing Authentication Mechanismshttps://bitpanic.medium.com/cracking-the-code-how-hackers-bypass-authentication-mechanisms-efa9a09f41ea?source=rss------bug_bounty-5Spectat0rguybug-bounty, bug-bounty-tips, technology, cybersecurity, programming15-Jan-2025
How I Found and Reported a Critical Credential Stuffing Bug Worth $2000https://medium.com/@sc128496/how-i-found-and-reported-a-critical-credential-stuffing-bug-worth-2000-a76d3b4eebb2?source=rss------bug_bounty-5Sahil Choudharytechnology, information-security, hacking, cybersecurity, bug-bounty15-Jan-2025
how I found a Google map it’s worth 300$https://cybersecuritywriteups.com/how-i-found-a-google-map-its-worth-300-99da8061fc67?source=rss------bug_bounty-5loyalonlytodaycybersecurity, bug-bounty, ethical-hacking, hacking, bugs15-Jan-2025
Best Resources for Learning Cybersecurity: A Student’s Guidehttps://medium.com/@himzyoti.talukdar1234/best-resources-for-learning-cybersecurity-a-students-guide-002694679378?source=rss------bug_bounty-5Himjyoti talukdarpenetration-testing, ctf, infosec, bug-bounty, cybersecurity15-Jan-2025
How i found RXSS in href Attributehttps://medium.com/@mohaned0101/how-i-found-rxss-in-href-attribute-13a85e4e2c4d?source=rss------bug_bounty-5mohaned alkhlotxss-attack, bug-bounty, bug-bounty-tips, xss-vulnerability15-Jan-2025
Account Takeover in Mobile Apps: How to Exploit Vulnerabilitieshttps://medium.com/meetcyber/account-takeover-in-mobile-apps-how-to-exploit-vulnerabilities-dc1b55ef6891?source=rss------bug_bounty-5Erkan Kavasaccount-take-over, mobile-app-development, phishing, bug-bounty, cybersecurity15-Jan-2025
Tips to find Stored XSS [Bug_Bounty_Tips]https://medium.com/infosec-notes/tips-to-find-stored-xss-bug-bounty-tips-86cb62a529c8?source=rss------bug_bounty-5Mr Horbiobug-bounty, xss-attack, bugbounty-writeup, cybersecurity, pentesting14-Jan-2025
OWASP Top 10 Testing Guide V4 Checklisthttps://medium.com/@enigma_/owasp-top-10-testing-guide-v4-checklist-02448c971539?source=rss------bug_bounty-5enigma_owasp, oscp, infosec, cybersecurity, bug-bounty14-Jan-2025
The Road to CRTP Cert — Part 15https://medium.com/@dineshkumaar478/the-road-to-crtp-cert-part-15-d9ab41f827a4?source=rss------bug_bounty-5Dineshkumaar Rcybersecurity, bug-bounty, active-directory, hacking, offensive-security14-Jan-2025
OWASP Top 10 Testing Guide V4 Checklisthttps://infosecwriteups.com/owasp-top-10-testing-guide-v4-checklist-02448c971539?source=rss------bug_bounty-5enigma_owasp, oscp, infosec, cybersecurity, bug-bounty14-Jan-2025
Mobile Pentesting Toolshttps://hackerassociate.medium.com/mobile-pentesting-tools-479b797cd6a5?source=rss------bug_bounty-5Harshad Shahcybersecurity, infosec, pentesting, bug-bounty, mobile-app-development14-Jan-2025
From Zero to Bounty — My Journey as a Bug Hunterhttps://medium.com/@joaovmb15/from-zero-to-bounty-my-journey-as-a-bug-hunter-44d2bd63f657?source=rss------bug_bounty-50xJotavebug-hunter, bug-hunting, cybersecurity, bug-bounty14-Jan-2025
Nmap Cheat Sheet: Essential Commands and Advanced Techniques for Scanninghttps://medium.com/@verylazytech/nmap-cheat-sheet-essential-commands-and-advanced-techniques-for-scanning-2274e21654e0?source=rss------bug_bounty-5Very Lazy Techoscp, vulnerability, cybersecurity, nmap, bug-bounty14-Jan-2025
Reflected XSS protected by very strict CSP, with dangling markup attack (Port Swigger XSS Lab)https://medium.com/@hackllego/reflected-xss-protected-by-very-strict-csp-with-dangling-markup-attack-port-swigger-xss-lab-e8811c2e476d?source=rss------bug_bounty-5Hackllegobug-hunting, pentesting, bug-bounty, bug-bounty-tips, web-security14-Jan-2025
Simple Tips for Bug Bounty Beginners: Finding Open AWS S3 buckets, impact, and causeshttps://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-open-aws-s3-buckets-impact-and-causes-52f252bcddfa?source=rss------bug_bounty-5Anish Narayancybersecurity, bug-bounty-writeup, programming, bug-bounty-tips, bug-bounty14-Jan-2025
Improper Authentication in a famous Trading websitehttps://medium.com/@anonymousshetty2003/improper-authentication-in-a-famous-trading-website-0ffd27fb665e?source=rss------bug_bounty-5Anonymousshettybug-bounty, otp-bypass, cybersecurity, ethical-hacking, improper-access-control14-Jan-2025
How I found an account take over by session fixation (Bugbounty)https://medium.com/@leomsec/how-i-found-an-account-take-over-by-session-fixation-bugbounty-f2551f19be3e?source=rss------bug_bounty-5Leonardohacking, hacker, bug-bounty-tips, bug-bounty, web-hacking14-Jan-2025
Bug Bounty Programs: YES or NO?https://medium.com/@hackrate/bug-bounty-programs-yes-or-no-6b866eea8b01?source=rss------bug_bounty-5Levente Molnarethical-hacking, bug-bounty-tips, hacking, cybersecurity, bug-bounty14-Jan-2025
Day 4. The 100-Day Bug Bounty Challenge: Understanding SQL Injection Classic(In-band)https://mahhesshh.medium.com/day-4-the-100-day-bug-bounty-challenge-understanding-sql-injection-classic-in-band-2b8854d2e0e5?source=rss------bug_bounty-5Mahesh Dhakadhacking, sql-injection, bug-bounty, sqli, cybersecurity14-Jan-2025
7 Ways to Be Better at Bug Bounty Huntinghttps://bitpanic.medium.com/7-ways-to-be-better-at-bug-bounty-hunting-7eae956e500d?source=rss------bug_bounty-5Spectat0rguytechnology, bug-bounty-tips, programming, bug-bounty, cybersecurity14-Jan-2025
Improper Authentication in a famous Trading websitehttps://medium.com/@anonymousshetty2003/improper-authentication-in-a-famous-trading-website-0ffd27fb665e?source=rss------bug_bounty-5Anonymousshettybug-bounty, cybersecurity, ethical-hacking, improper-access-control, bug-bounty-tips14-Jan-2025
How to Use Wireshark: Comprehensive Tutorial + Tipshttps://mhmmuneef.medium.com/how-to-use-wireshark-comprehensive-tutorial-tips-24252ed2673d?source=rss------bug_bounty-5Mohammed Muneefbug-bounty, wireshark, cybersecurity, hacking, technology14-Jan-2025
Guía: instalación de VM + Kalihttps://medium.com/@mon.cybersec/gu%C3%ADa-instalaci%C3%B3n-de-vm-kali-fb7230a5263c?source=rss------bug_bounty-5Mon Workskali-linux, hacking, virtualbox, ciberseguridad, bug-bounty14-Jan-2025
The Definitive Guide to GitHub Recon: Lessons from Analyzing 100+ Reportshttps://medium.com/@iamakashce19010/the-definitive-guide-to-github-recon-lessons-from-analyzing-100-reports-bd5d4891a815?source=rss------bug_bounty-5Akashbug-bounty-tips, bug-bounty, bug-bounty-writeup14-Jan-2025
From Containers to Host: Privilege Escalation Techniques in Dockerhttps://medium.com/@kankojoseph4/from-containers-to-host-privilege-escalation-techniques-in-docker-487fe2124b8e?source=rss------bug_bounty-5Joseph "Sk4r1” KANKObug-bounty, cybersecurity, hacking, ethical-hacking, docker13-Jan-2025
Hire a hackerhttps://medium.com/@carl19722401/hire-a-hack-c54710808c3c?source=rss------bug_bounty-5Dimitris Nicholascybersecurity, hire-a-hacker, find-a-hacker, bug-bounty, ethical-hacking13-Jan-2025
Stored CSRF via Uploaded HTML File in User Account Document Sectionhttps://medium.com/@dee.gholase/stored-csrf-via-uploaded-html-file-in-user-account-document-section-dbe98e9184a3?source=rss------bug_bounty-5Digvijay Gholasebug-bounty-tips, bug-bounty, infosec, bug-bounty-writeup, cybersecurity13-Jan-2025
JavaScript Reconhttps://anontriager.medium.com/javascript-recon-efd981a85cfc?source=rss------bug_bounty-5Anonymous Traigerjobs, cybersecurity, hacker, programming, bug-bounty13-Jan-2025
Diving in Android Securityhttps://anontriager.medium.com/diving-in-android-security-a93f017b16f0?source=rss------bug_bounty-5Anonymous Traigerjobs, hacking, troubleshooting, cybersecurity, bug-bounty13-Jan-2025
Emerging Cyber Threats: The Latest Trends in Ransomware, Phishing, and APTshttps://medium.com/@paritoshblogs/emerging-cyber-threats-the-latest-trends-in-ransomware-phishing-and-apts-e3393f6410bc?source=rss------bug_bounty-5Paritoshcybersecurity, ransomware, threat-intelligence, hacking, bug-bounty13-Jan-2025
How I got my name on WHO’s Hall of Famehttps://infosecwriteups.com/how-i-got-my-name-on-whos-hall-of-fame-060d57662b16?source=rss------bug_bounty-5RivuDonbug-bounty, bug-bounty-tips, cybersecurity, hall-of-fame, infosec13-Jan-2025
Stored CSRF via Uploaded HTML File in User Account Document Sectionhttps://jxycybersec.medium.com/stored-csrf-via-uploaded-html-file-in-user-account-document-section-dbe98e9184a3?source=rss------bug_bounty-5Digvijay Gholasebug-bounty-tips, bug-bounty, infosec, bug-bounty-writeup, cybersecurity13-Jan-2025
Remember, the key is to stay motivated at every step.https://medium.com/@rhonnysharma783/linkedin-linkedin-com-in-rhonny-99f682300332?source=rss------bug_bounty-5Rhonnysharmabug-zero, bug-bounty, bug-bounty-tips, bugs, bug-bounty-writeup13-Jan-2025
Breaking into Jenkins for funhttps://medium.com/@24bkdoor/breaking-into-jenkins-for-fun-7070496521eb?source=rss------bug_bounty-524BkDoorcybersecurity, jenkins, hacking, web-development, bug-bounty13-Jan-2025
Crack the Code — Part 2https://it4chis3c.medium.com/crack-the-code-part-2-aeaa5055251e?source=rss------bug_bounty-5It4chis3cbug-bounty, roadmap-to-success, bug-bounty-writeup, bug-bounty-tips, roadmaps13-Jan-2025
MASS HUNTING TO FIND XSS(CROSS SITE SCRIPTING)https://medium.com/h7w/mass-hunting-to-find-xss-cross-site-scripting-fd8218822dca?source=rss------bug_bounty-5loyalonlytodaycross-site-scripting, xss-attack, hacking, bugs, bug-bounty13-Jan-2025
Does Your Company Need a Bug Bounty Program?https://medium.com/@hackrate/does-your-company-need-a-bug-bounty-program-22d8dc5c1e7f?source=rss------bug_bounty-5Levente Molnarethical-hacking, bug-bounty-tips, hacking, bug-bounty, cybersecurity13-Jan-2025
This is How I Turned an Informative Bug into a Valid $500 Bughttps://infosecwriteups.com/this-is-how-i-turned-an-informative-bug-into-a-valid-500-bug-174ffeb94737?source=rss------bug_bounty-5Shubham Bhamarefacebook-bug-bounty, bug-bounty-tips, cybersecurity, bug-bounty, infosec13-Jan-2025
Building Your Own Bug Bounty Lab: A Hands-On Guide with Metasploit and Morehttps://myselfakash20.medium.com/building-your-own-bug-bounty-lab-a-hands-on-guide-with-metasploit-and-more-9595a71fc4c6?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, bug-bounty, cybersecurity, technology, bug-bounty-writeup13-Jan-2025
Critical Vulnerability Discovered: CVE-2025–22567https://medium.com/@wiretor/critical-vulnerability-discovered-cve-2025-22567-b0e4d9d852c1?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, hacker, xss-attack, hacking13-Jan-2025
Top Hacking Tools and Skills You Need to Learn in 2025https://medium.com/@verylazytech/top-hacking-tools-and-skills-you-need-to-learn-in-2025-70cb90650c0f?source=rss------bug_bounty-5Very Lazy Techcybersecurity, hacking, bug-bounty, 2025, linux13-Jan-2025
I Changed Someone’s Profile Picture… And They Had No Idea!!https://infosecwriteups.com/i-changed-someones-profile-picture-and-they-had-no-idea-a1dc621d12c4?source=rss------bug_bounty-5Krishnadev P Melevilabug-bounty, cybersecurity, infosec, pentesting, burp13-Jan-2025
Bug Bounty Kültürü Neden Önemlidir?https://medium.com/@omermertkaya/bug-bounty-k%C3%BClt%C3%BCr%C3%BC-neden-%C3%B6nemlidir-cdb126ede8cb?source=rss------bug_bounty-5Ömer Mert KAYAsecurity-awareness, cybersecurity, bug-bounty, vulnerability-management, proactive-security13-Jan-2025
How to Make Nmap Recognize New Serviceshttps://mhmmuneef.medium.com/how-to-make-nmap-recognize-new-services-af44e6f9c20e?source=rss------bug_bounty-5Mohammed Muneefcybersecurity, technology, networking, bug-bounty13-Jan-2025
Building Your Own Bug Bounty Lab: A Hands-On Guide with Metasploit and Morehttps://infosecwriteups.com/building-your-own-bug-bounty-lab-a-hands-on-guide-with-metasploit-and-more-9595a71fc4c6?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, bug-bounty, cybersecurity, technology, bug-bounty-writeup13-Jan-2025
How To Bypass CSRF Defenses With XSShttps://medium.com/@dante.falls/how-to-bypass-csrf-defenses-with-xss-44a124b7646a?source=rss------bug_bounty-5Dante Fallsinformation-security, web-security, cybersecurity, bug-bounty13-Jan-2025
Get Your First Bug Bounty with Burp Suite’s Match and Replace Featurehttps://medium.com/@mahdisalhi0500/get-your-first-bug-bounty-with-burp-suites-match-and-replace-feature-7a32f81a3cb0?source=rss------bug_bounty-5CaptinSHArky(Mahdi)infosec, penetration-testing, cybersecurity, bug-bounty-tips, bug-bounty13-Jan-2025
Methodology for Detecting IDOR Vulnerabilityhttps://medium.com/@dogxxx10/methodology-for-detecting-idor-vulnerability-1590b14d45a9?source=rss------bug_bounty-5Dogx0xbug-bounty-writeup, web-hacking, bug-bounty-tips, hacking, bug-bounty13-Jan-2025
Bug Bounty vs VDP: Building Effective Security Programs with Hacker Collaborationhttps://medium.com/@dzianisskliar29/bug-bounty-vs-vdp-building-effective-security-programs-with-hacker-collaboration-0a7db1b3f2df?source=rss------bug_bounty-5Dzianis Skliarhackerone, bugcrowd, intigriti, bug-bounty, attack-surface-management13-Jan-2025
Security Session #1https://medium.com/@mon.cybersec/security-session-1-9457a0f5bd27?source=rss------bug_bounty-5Mon Worksbug-bounty, pentesting, ciberseguridad, cybersecurity, hacking13-Jan-2025
The Ultimate IDOR Testing Checklisthttps://medium.com/@muhammetalgan3547/the-ultimate-idor-testing-checklist-ba4a7c094def?source=rss------bug_bounty-5Muhammet ALGANcybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty12-Jan-2025
How i Hacked into NASA & got Hall-Of-Fame, Acknowledgement -2025https://medium.com/@securityinsights/how-i-hacked-into-nasa-got-hall-of-fame-acknowledgement-2025-d22815f09e29?source=rss------bug_bounty-5Mehboob Khanhacking, cybersecurity, nasa, ethical-hacking, bug-bounty12-Jan-2025
How to find my first bounty $$$$$https://systemweakness.com/how-to-find-my-first-bounty-68ba0022dcf0?source=rss------bug_bounty-5Mr Horbiopentesting, cybersecurity, hacking, ethical-hacking, bug-bounty12-Jan-2025
How I Found This Crazy PII Data Leak Worth 500$https://medium.com/@sc128496/how-i-found-this-crazy-pii-data-leak-worth-500-e39d6dd19133?source=rss------bug_bounty-5Sahil Choudharyoutside-the-box, think-different, cybersecurity, reconnaissance, bug-bounty12-Jan-2025
The Road to CRTP Cert — Part 14https://medium.com/@dineshkumaar478/the-road-to-crtp-cert-part-14-b7f9cb8bd87f?source=rss------bug_bounty-5Dineshkumaar Rinfosec, vapt, penetration-testing, red-team, bug-bounty12-Jan-2025
Server-Side Vulnerabilities | #5 File Upload Vulnerabilitieshttps://medium.com/@agapehearts/server-side-vulnerabilities-5-file-upload-vulnerabilities-7f5f68688cc7?source=rss------bug_bounty-5Agape HearTsvulnerability, bug-bounty, ethical-hacking, portswigger, bugs12-Jan-2025
10 Best Bug Bounty Platforms to Earn Money Onlinehttps://hackreveals.medium.com/10-best-bug-bounty-platforms-to-earn-money-online-e5b83767ac20?source=rss------bug_bounty-5Prakash Tiwaribug-bounty, cybersecurity, bug-bounty-tips, bug-bounty-program, osint12-Jan-2025
How I Got Access to Over 60,000 Traders’ Datahttps://0xglss.medium.com/how-i-got-access-to-over-60-000-traders-data-b6043b2363c3?source=rss------bug_bounty-50xglssadmin-panel, account-takeover, xss-attack, bug-bounty, penetration-testing12-Jan-2025
hunting #2https://medium.com/@dark_zone/hunting-2-f06b275adf5c?source=rss------bug_bounty-5darkzonebug-bounty12-Jan-2025
Day 3. The 100-Day Bug Bounty Challenge: Understanding DOM-Based XSS (Cross-Site Scripting)https://mahhesshh.medium.com/day-2-the-100-day-bug-bounty-challenge-understanding-dom-based-xss-cross-site-scripting-96b2bf92a7f0?source=rss------bug_bounty-5Mahesh Dhakadxss-attack, cybersecurity, dom-xss, bug-bounty, cross-site-scripting12-Jan-2025
nform“SOCMINT: The Digital Crystal Ball of Cybersecurity and Beyond”https://medium.com/@paritoshblogs/nform-socmint-the-digital-crystal-ball-of-cybersecurity-and-beyond-1dfddad6193b?source=rss------bug_bounty-5Paritoshhacking, socmint, information-technology, bug-bounty, cybersecurity12-Jan-2025
How To Get free burpsuite professionalhttps://cybersecuritywriteups.com/how-to-get-free-burpsuite-professional-f124ebaf529d?source=rss------bug_bounty-5loyalonlytodaybug-bounty, hacking, burpsuite, penetration-testing, cybersecurity12-Jan-2025
Unmasking a Captcha Bypass Vulnerability: Step-by-Step Walkthroughhttps://medium.com/@vishalsharma445500/unmasking-a-captcha-bypass-vulnerability-step-by-step-walkthrough-6131519a3788?source=rss------bug_bounty-5Vishal Sharmacybersecurity, ethical-hacking, vulnerability, penetration-testing, bug-bounty12-Jan-2025
IDOR & UUIDs to leak PIIhttps://medium.com/@CANITEY/idor-uuids-to-leak-pii-7675130ab784?source=rss------bug_bounty-5CANITEYidor, cybersecurity, bug-bounty-tips, bug-bounty-writeup, bug-bounty12-Jan-2025
How Improper cache storage lead to Make me $$$https://medium.com/@test123cybertest/how-improper-cache-storage-lead-to-make-me-4de4c003b376?source=rss------bug_bounty-5praveenarsh0xx0bug-bounty, tips-and-tricks, cybersecurity, ethical-hacking, penetration-testing12-Jan-2025
Logic Bugs in Payment Gatewayhttps://bitpanic.medium.com/logic-bugs-in-payment-gateway-25d5d48068c4?source=rss------bug_bounty-5Spectat0rguytechnology, cybersecurity, bug-bounty-tips, programming, bug-bounty12-Jan-2025
A Simple Bug to Get Started in Bug Bountyhttps://medium.com/infosecmatrix/a-simple-bug-to-get-started-in-bug-bounty-599121c1b997?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, hacking, bugs, pentesting12-Jan-2025
How i found Broken Access Controlhttps://medium.com/@gitlime71/how-i-found-broken-access-control-c3377d3df60e?source=rss------bug_bounty-5Raccoonbug-bounty, pentesting, bug-bounty-tips, bug-bounty-writeup, penetration-testing12-Jan-2025
The State of Web3 Security in 2024https://medium.com/coinmonks/the-state-of-web3-security-in-2024-f3713fbe9e04?source=rss------bug_bounty-5Raidersbug-bounty, web3, blockchain, hacking, security12-Jan-2025
The Art of Note-Taking in Bug Bounty Huntinghttps://medium.com/@mahdisalhi0500/the-art-of-note-taking-in-bug-bounty-hunting-9b28876316e3?source=rss------bug_bounty-5CaptinSHArky(Mahdi)infosec, information-security, penetration-testing, bug-bounty, bug-bounty-tips12-Jan-2025
Portswigger Web Security Academy : File path traversal, simple case walkthroughhttps://medium.com/@Kinqdathacker/portswigger-web-security-academy-file-path-traversal-simple-case-walkthrough-d04418d04b76?source=rss------bug_bounty-5Kinqdathackerpath-traversal, web-security, hacking, web-app-security, bug-bounty12-Jan-2025
Server-side vulnerabilities | #4 Server-Side Request Forgeryhttps://medium.com/@agapehearts/server-side-vulnerabilities-4-server-side-request-forgery-71b7c525eadc?source=rss------bug_bounty-5Agape HearTsservers, bug-bounty, ethical-hacking, cybersecurity, bugs11-Jan-2025
Crawling for Emails In Websites  — OSINT Methodologyhttps://osintteam.blog/crawling-for-emails-in-websites-osint-methodology-602e2b274c6e?source=rss------bug_bounty-5Jason Jacobs, MSc.osint, bug-bounty, cybersecurity11-Jan-2025
LFI Bug can help you make $500 and more.(Noob-Advance)https://medium.com/@anandrishav2228/lfi-bug-can-help-you-make-500-and-more-noob-advance-be001cb2d152?source=rss------bug_bounty-5Rishav anandcybersecurity, money, bug-bounty, hacking, lfi11-Jan-2025
How to Hack Single Page Applications (SPAs): Modern Techniqueshttps://medium.com/@bootstrapsecurity/how-to-hack-single-page-applications-spas-modern-techniques-4f69c020b0ff?source=rss------bug_bounty-5BootstrapSecuritybug-bounty-tips, hacking, bug-bounty, api, ethical-hacking11-Jan-2025
Understanding Large Language Models (LLMs): The Power of AI in Text Generationhttps://medium.com/@paritoshblogs/understanding-large-language-models-llms-the-power-of-ai-in-text-generation-dce8c1ddeb7b?source=rss------bug_bounty-5Paritoshchatgpt, llm, ai, hacking, bug-bounty11-Jan-2025
From Innocent Messages to Total Takeover: How I Hacked a Professional Network!https://medium.com/@lordofheaven1234/from-innocent-messages-to-total-takeover-how-i-hacked-a-professional-network-2033537d5d6a?source=rss------bug_bounty-5Lord Heavenblind-xss, bug-bounty, hacking, account-takeover11-Jan-2025
GOT 700$ BOUNTY BY Store XSS VULNERABILITYhttps://medium.com/@hrofficial62/got-700-bounty-by-store-xss-vulnerability-bc48f2e31e46?source=rss------bug_bounty-5Mr Horbiobug-bounty-tips, ethical-hacking, cybersecurity, bug-bounty, xss-attack11-Jan-2025
Microsoft ADFS Reconhttps://medium.com/meetcyber/microsoft-adfs-recon-e56fcace8551?source=rss------bug_bounty-5AbhirupKonwarcybersecurity, infosec, bug-bounty, penetration-testing, bug-bounty-tips11-Jan-2025
Breaking Vercel’s Clone URL with a Simple XSS Exploithttps://medium.com/@n45ht/breaking-vercels-clone-url-with-a-simple-xss-exploit-8f55b21f32eb?source=rss------bug_bounty-5N45HTbug-bounty, hacking, bug-bounty-writeup, cross-site-scripting, xs11-Jan-2025
Telefónica Confirms Internal Ticketing System Breach After Data Leakhttps://medium.com/@wiretor/telef%C3%B3nica-confirms-internal-ticketing-system-breach-after-data-leak-6067f759f65d?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, money, malware, bug-bounty, ai11-Jan-2025
The Subdomain They Forgot — How I Chained Bugs for a $1,000 Bountyhttps://myselfakash20.medium.com/the-subdomain-they-forgot-how-i-chained-bugs-for-a-1-000-bounty-094d89758489?source=rss------bug_bounty-5Akash Ghoshbug-bounty, cybersecurity, bug-bounty-tips, technology, bug-bounty-writeup11-Jan-2025
Secure Code Review Assessment for Javascript (Full Stack NextJS)https://medium.com/@0xNayelx/secure-code-review-assessment-for-javascript-full-stack-nextjs-59651da6fb24?source=rss------bug_bounty-50xNayelsource-code, ctf-writeup, pentesting, bug-bounty, offensive-security11-Jan-2025
Exposing the Weak Points: Vulnerabilities in REST APIshttps://bitpanic.medium.com/exposing-the-weak-points-vulnerabilities-in-rest-apis-8e4acb4861b0?source=rss------bug_bounty-5Spectat0rguyprogramming, bug-bounty-tips, cybersecurity, technology, bug-bounty11-Jan-2025
Crack the Code: Your Bug Bounty Hunting Journey Starts Herehttps://it4chis3c.medium.com/crack-the-code-your-bug-bounty-hunting-journey-starts-here-e61701f8cb36?source=rss------bug_bounty-5It4chis3cbug-bounty-tips, bug-bounty-writeup, bug-bounty, tryhackme, hackthebox11-Jan-2025
Critical IDOR Vulnerability: Unauthorized Users Can Modify Company’s PayPal Emailhttps://medium.com/@mahdisalhi0500/critical-idor-vulnerability-unauthorized-users-can-modify-companys-paypal-email-92bf24ae19df?source=rss------bug_bounty-5CaptinSHArky(Mahdi)infosec, bug-bounty, bug-bounty-tips, ethical-hacking, pentesting11-Jan-2025
EXIF Metadata-Based XSS Attacks: A Web Security Researchhttps://medium.com/@enesonder001/exif-metadata-based-xss-attacks-a-web-security-research-e88c7ea7b69b?source=rss------bug_bounty-5enes önderbugs, bug-bounty-tips, xss-attack, xss-vulnerability, bug-bounty11-Jan-2025
GOT 700$ BOUNTY BY Store XSS VULNERABILITYhttps://systemweakness.com/got-700-bounty-by-store-xss-vulnerability-bc48f2e31e46?source=rss------bug_bounty-5Mr Horbiobug-bounty-tips, ethical-hacking, cybersecurity, bug-bounty, xss-attack11-Jan-2025
Day 08: My Bug Bounty Challenge … 0–100k without knowledge in one year!https://medium.com/@dogxxx10/day-08-my-bug-bounty-challenge-0-100k-without-knowledge-in-one-year-70422a5cd7eb?source=rss------bug_bounty-5Dogx0xhacking, bug-bounty-writeup, bug-bounty, bug-bounty-tips, hacking-training10-Jan-2025
Finding a easy p3https://medium.com/h7w/finding-a-easy-p3-a16186613391?source=rss------bug_bounty-5loyalonlytodaybug-bounty, ethical-hacking, cybersecurity, hacking, penetration-testing10-Jan-2025
30+ Standard Linux Commands for Beginner or Intermediate Usershttps://medium.com/@BetterBy0x01/30-standard-linux-commands-for-beginner-or-intermediate-users-eacae976d92c?source=rss------bug_bounty-5Ashutosh Singh Patelcommand-line, linux, hacking, bug-bounty, security10-Jan-2025
Server-side vulnerabilities | #3 AUTHENTICATIONhttps://medium.com/@agapehearts/server-side-vulnerabilities-3-authentication-ff80ac2efdb4?source=rss------bug_bounty-5Agape HearTsbugs, bug-bounty, ethical-hacking, authentication, web-applications10-Jan-2025
The Road to CRTP Cert — Part 13https://medium.com/@dineshkumaar478/the-road-to-crtp-cert-part-13-8d14193f660f?source=rss------bug_bounty-5Dineshkumaar Ractive-directory, hacking, cybersecurity, security, bug-bounty10-Jan-2025
Mastering HTTP Request Smuggling: Bypassing Firewalls and Filtershttps://medium.com/@bootstrapsecurity/mastering-http-request-smuggling-bypassing-firewalls-and-filters-a3d69bcbe4d9?source=rss------bug_bounty-5BootstrapSecurityhacking, ethical-hacking, bug-bounty-tips, api, bug-bounty10-Jan-2025
How I got CERT-EU Hall of Famehttps://cybersecuritywriteups.com/how-i-got-cert-eu-hall-of-fame-e65b3e72510b?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, bug-bounty, pentesting, bug-bounty-writeup, cybersecurity10-Jan-2025
PoC — Vulnérabilité Cache Varnish PURGE DDoS by @GupS3Chttps://medium.com/@GupS3C/poc-vuln%C3%A9rabilit%C3%A9-cache-varnish-purge-ddos-by-gups3c-9ce181fe7fca?source=rss------bug_bounty-5GupS3Cbug-bounty, bug-bounty-writeup, varnish-cache, bug-hunt, pentesting10-Jan-2025
Web Application Pentesting Roadmaphttps://medium.com/@codingbolt.in/web-application-pentesting-roadmap-4013e89b963b?source=rss------bug_bounty-5codingboltpentesting, web-pen-testing, bug-bounty, penetration-testing, bug-hunting10-Jan-2025
Finding Hidden Subdomains with OSINT Toolshttps://infosecwriteups.com/finding-hidden-subdomains-with-osint-tools-ad7e411587ee?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, technology, cybersecurity, careers10-Jan-2025
From Directory Traversal to Full Account Takeover: A Researcher’s Journeyhttps://medium.com/@sulmanfarooq531/from-directory-traversal-to-full-account-takeover-a-researchers-journey-150044cbf109?source=rss------bug_bounty-5Sulman Farooq Sdirectory-traversal, cybersecurity, path-traversal, bug-bounty, account-takeover10-Jan-2025
Missing Rate Limit on Several Endpoints $1300https://ehteshamulhaq198.medium.com/missing-rate-limit-on-several-endpoints-1300-60f37e16be6b?source=rss------bug_bounty-5Ehtesham Ul Haqtechnology, hacking, infosec, cybersecurity, bug-bounty10-Jan-2025
My Worst Informative Report //false positive Bughttps://medium.com/@0xoroot/my-worst-informative-report-false-positive-bug-6117039012cb?source=rss------bug_bounty-50xorootbug-bounty-tips, programming, hacking, bug-bounty, bounty-program10-Jan-2025
how i found the “Insufficient Authorization in Password Change Endpoint” vulnerability ?https://doordiefordream.medium.com/how-i-found-the-insufficient-authorization-in-password-change-endpoint-vulnerability-1f0e943daeea?source=rss------bug_bounty-5Bug hunter baluhacking, bug-bounty, cybersecurity, ethical-hacking, vulnerability10-Jan-2025
MirrorFace Hackers Targeting Japanese Government & Politicians Since 2019https://medium.com/@wiretor/mirrorface-hackers-targeting-japanese-government-politicians-since-2019-080121705345?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, ai, malware, hacking, bug-bounty10-Jan-2025
Data Breach Alert: BayMark Health Services Targeted by Ransomware Attackhttps://medium.com/@wiretor/data-breach-alert-baymark-health-services-targeted-by-ransomware-attack-5c4cf81d8e79?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, hacking, money, ai10-Jan-2025
How to Identify Overlooked Bugs in Android Applications: A Bug Bounty Hunter’s Guidehttps://bitpanic.medium.com/how-to-identify-overlooked-bugs-in-android-applications-a-bug-bounty-hunters-guide-5c194ed283a4?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, bug-bounty, technology, programming, cybersecurity10-Jan-2025
A New Bug Hunting Story: Open Redirection Vulnerabilityhttps://medium.com/meetcyber/a-new-bug-hunting-story-open-redirection-vulnerability-33a1b6374f88?source=rss------bug_bounty-5Erkan Kavasbug-bounty, open-redirection, bug-bounty-writeup, bug-bounty-tips, cybersecurity10-Jan-2025
Behind the Scenes: How I Discovered Flaws in a Rewards and Recognition Portalhttps://medium.com/@niraj1mahajan/behind-the-scenes-how-i-discovered-flaws-in-a-rewards-and-recognition-portal-27948a75c4d4?source=rss------bug_bounty-5Niraj Mahajanbug-bounty, idor, broken-access-control, hacking, cybersecurity10-Jan-2025
Race Condition to Bypass Rate-Limiting: A new technique made by Nillsxhttps://infosecwriteups.com/race-condition-to-bypass-rate-limiting-a-new-technique-made-by-nillsx-6a60f41dbae6?source=rss------bug_bounty-5Nillsxbug-bounty, ethical-hacking, race-condition, bug-bounty-writeup, rate-limit10-Jan-2025
Revisiting a Simple SQL Injection Methodologyhttps://infosecwriteups.com/revisiting-a-simple-sql-injection-methodology-ecd42634a21e?source=rss------bug_bounty-5Jason Jacobs, MSc.bug-bounty, ethical-hacking, cybersecurity, penetration-testing10-Jan-2025
Day 09: My Bug Bounty Challenge … 0–100k without knowledge in one year!https://medium.com/@dogxxx10/day-09-my-bug-bounty-challenge-0-100k-without-knowledge-in-one-year-220c7c6bb0cf?source=rss------bug_bounty-5Dogx0xhacking, hackthebox, bug-bounty-writeup, bug-bounty-tips, bug-bounty10-Jan-2025
Telegram Leaks PII, doesn’t care.https://medium.com/@hacktheplanet/telegram-leaks-pii-doesnt-care-c75465be1cc2?source=rss------bug_bounty-5sirhaxalothacking, telegram, bug-bounty, security09-Jan-2025
Discovering Hidden Subdomains: Tools, Techniqueshttps://medium.com/@bootstrapsecurity/discovering-hidden-subdomains-tools-techniques-7c874c4f5966?source=rss------bug_bounty-5BootstrapSecurityhacking, api, bug-bounty, ethical-hacking, bug-bounty-tips09-Jan-2025
The following content is purely fictional written with the intent to motivate the reader.https://medium.com/@personaldevelop100/the-following-content-is-purely-fictional-written-with-the-intent-to-motivate-the-reader-6b23c19d70d8?source=rss------bug_bounty-5Personal_huntbug-bounty, motivation, bug-hunting09-Jan-2025
Finding subdomains using goole dorking.https://medium.com/infosecmatrix/finding-subdomains-using-goole-dorking-4d6966e70637?source=rss------bug_bounty-5loyalonlytodaydorking, penetration-testing, bug-bounty, hacking, cybersecurity09-Jan-2025
Hack. Earn. Secure the Future: Bug Bounties in 2025https://sagarjethi.medium.com/hack-earn-secure-the-future-bug-bounties-in-2025-0e2d05fcb364?source=rss------bug_bounty-5Sagar Jethihackathons, earn, bug-bounty, smart-contract-auditing, blockchain-developer09-Jan-2025
NTLM Authentication Disclosure Vulnerability Reporthttps://medium.com/@dasmanish6176/ntlm-authentication-disclosure-vulnerability-report-b47029c2e491?source=rss------bug_bounty-5Dasmanishvapt, web-app-security, active-directory, ethical-hacking, bug-bounty09-Jan-2025
How I get 7 open redirect and 7 XSS in public program!https://medium.com/@mohamed.yasser442200/how-i-get-7-open-redirect-and-7-xss-in-public-program-7518a3f26b49?source=rss------bug_bounty-5Spider4bug-bounty, security, bug-bounty-tips, xss-attack, bug-bounty-writeup09-Jan-2025
From Exploit to Payday-Chaining Stored XSS in PDF Upload to Full AccountTakeover via Email change…https://medium.com/@meljith6355484/from-exploit-to-payday-chaining-stored-xss-in-pdf-upload-to-full-accounttakeover-via-email-change-d36e855e0575?source=rss------bug_bounty-5Meljith Pereirahacking, ethical-hacking, xss-attack, bugcrowd, bug-bounty09-Jan-2025
Unlock the Ultimate Resource Hub for Security Researchershttps://infosecwriteups.com/unlock-the-ultimate-resource-hub-for-security-researchers-9fa52bbff1ff?source=rss------bug_bounty-5JEETPALbug-bounty-hunter, bug-bounty, bugbounty-writeup, cybersecurity, bugbounty-tips09-Jan-2025
Exposing Sensitive Data: A Wake-Up Call for Nokia's Securityhttps://medium.com/@gourisankara357/exposing-sensitive-data-a-wake-up-call-for-nokias-security-c5ba75fddd22?source=rss------bug_bounty-5Gouri Sankar Ainfo-sec-writeups, bug-bounty, infosec-write-ups, cybersecurity, bugs09-Jan-2025
Biggest Misconceptions About Bug Bounty Programs (From a Company Perspective)https://medium.com/@hackrate/biggest-misconceptions-about-bug-bounty-programs-from-a-company-perspective-42481997d40d?source=rss------bug_bounty-5Levente Molnarcybersecurity, bug-bounty-tips, bug-bounty, hacking, ethical-hacking09-Jan-2025
Critical [9.8] SQL Injection in a Major Indonesian Web Hosting Platformhttps://medium.com/@n45ht/critical-9-8-sql-injection-in-a-major-indonesian-web-hosting-platform-8bda5d2913d3?source=rss------bug_bounty-5N45HTbug-bounty-writeup, bug-bounty, vulnerability, sql-injection, hacking09-Jan-2025
Hacking made easy with XSSIFYhttps://aravind07.medium.com/hacking-made-easy-with-xssify-9637890cd33b?source=rss------bug_bounty-5Gnana Aravind Khacking, security, xss-attack, cybersecurity, bug-bounty09-Jan-2025
Stay Ahead of Cyber Threats, Top Websites for Real-Time Updates and Insightshttps://medium.com/@b.mythili123/stay-ahead-of-cyber-threats-top-websites-for-real-time-updates-and-insights-57a1b384cdfa?source=rss------bug_bounty-5Hello Lovehackthebox, tryhackme, cybersecurity, bug-bounty, hacking09-Jan-2025
Top 10 Overlooked Business Logic Flaws in Web Applicationshttps://bitpanic.medium.com/top-10-overlooked-business-logic-flaws-in-web-applications-6745d42f3786?source=rss------bug_bounty-5Spectat0rguybug-bounty, technology, cybersecurity, bug-bounty-tips, programming09-Jan-2025
From N/A to $$$: A Simple Python Script Led to Application-Level DoShttps://hashimamin.medium.com/from-n-a-to-a-simple-python-script-led-to-application-level-dos-83a65f75b7dc?source=rss------bug_bounty-5Hashim Aminbug-bounty, privilege-escalation, infosec, cybersecurity, pentesting09-Jan-2025
Urgent: Patch SonicWall SSLVPN Vulnerability Nowhttps://medium.com/@wiretor/urgent-patch-sonicwall-sslvpn-vulnerability-now-385713cdfa2f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, hacking, money, sonicwall09-Jan-2025
The Great FAQ Collection About Bug Bountyhttps://medium.com/@hackrate/the-great-faq-collection-about-bug-bounty-87421d970ddd?source=rss------bug_bounty-5Levente Molnarhacking, bug-bounty-tips, bug-bounty, cybersecurity, ethical-hacking09-Jan-2025
What Is Cross Site Scripting (XSS)?https://medium.com/@dante.falls/what-is-cross-site-scripting-xss-d74b19920d8e?source=rss------bug_bounty-5Dante Fallsinformation-security, bug-bounty, web-security, cybersecurity, xss-attack09-Jan-2025
How I Discovered a Delete CSRF Vulnerabilityhttps://medium.com/@Ursula-/how-i-discovered-a-delete-csrf-vulnerability-a46d4bc2e700?source=rss------bug_bounty-5Fatma Mustafabug-hunting, bug-bounty, bug-bounty-writeup09-Jan-2025
Threat Hunting with MITRE ATT&CK: A Proactive Approach to Cyber Defencehttps://medium.com/@paritoshblogs/threat-hunting-with-mitre-att-ck-a-proactive-approach-to-cyber-defence-a84945f61bda?source=rss------bug_bounty-5Paritoshbug-bounty, hacking, cybersecurity, mitre-attck, threat-hunting08-Jan-2025
A Beginner’s Guide to Pentesting GraphQL APIshttps://medium.com/@suprajabaskaran8/a-beginners-guide-to-pentesting-graphql-apis-395fa1878f6a?source=rss------bug_bounty-5Suprajabaskarangraphql, cybersecurity, bug-bounty, bugbounty-writeup, hacking08-Jan-2025
First bounty — Second Order Stored XSS on club.paris2024.orghttps://medium.com/@swaroopvenkat828/first-bounty-second-order-stored-xss-on-club-paris2024-org-9a3ad7fe7c7f?source=rss------bug_bounty-5swaroop 04|16bug-bounty-tips, bug-bounty, bug-bounty-writeup08-Jan-2025
Weird JavaScript fileshttps://medium.com/@dsmodi484/weird-javascript-files-7e6e7296e914?source=rss------bug_bounty-5cryptoshanthacking, cybersecurity, javascript, bug-bounty, tips08-Jan-2025
File Upload Vulnerabilities: Techniques and Payloadshttps://medium.com/@bootstrapsecurity/file-upload-vulnerabilities-techniques-and-payloads-b0bdf97eb298?source=rss------bug_bounty-5BootstrapSecurityhacking, ethical-hacking, bug-bounty-tips, bug-bounty, api08-Jan-2025
ChatGPT for Bug Bounty Hunters: Custom Payloads, Automated Scripts, and Morehttps://medium.com/@kumawatabhijeet2002/chatgpt-for-bug-bounty-hunters-custom-payloads-automated-scripts-and-more-8a15690c3fa5?source=rss------bug_bounty-5Abhijeet kumawatinfosec, chatgpt, hacking, bug-bounty, bug-bounty-tips08-Jan-2025
A Beginner’s Guide to Pentesting GraphQL APIshttps://infosecwriteups.com/a-beginners-guide-to-pentesting-graphql-apis-395fa1878f6a?source=rss------bug_bounty-5Suprajabaskarangraphql, cybersecurity, bug-bounty, bugbounty-writeup, hacking08-Jan-2025
POC — WordPress File Upload plugin, in the wfu_file_downloader.phphttps://medium.com/@verylazytech/poc-wordpress-file-upload-plugin-in-the-wfu-file-downloader-php-57a173ab9e90?source=rss------bug_bounty-5Very Lazy Techwordpress-plugins, cve-2024-9047, cybersecurity, bug-bounty, hacking08-Jan-2025
Day 0. The 100-Day Bug Bounty Challenge: Sharing 100 Vulnerabilities in 100 Dayshttps://medium.com/@mahhesshh/day-0-the-100-day-bug-bounty-challenge-sharing-100-vulnerabilities-in-100-days-17308f82d741?source=rss------bug_bounty-5Mahesh Dhakadcybersecurity, bug-bounty, hacking, vulnerability, 100daychallenge08-Jan-2025
How a YouTube Video Led Me to $650: My Host Header Injection Adventurehttps://medium.com/@trffnsec/how-a-youtube-video-led-me-to-650-my-host-header-injection-adventure-696fd82b2886?source=rss------bug_bounty-5TrffnSecethical-hacking, cybersecurity, bug-bounty, website-testing08-Jan-2025
The Rate Limit bypass which almost killed my brainhttps://siratsami71.medium.com/this-rate-limit-bypass-which-almost-killed-my-brain-1905749a5f4d?source=rss------bug_bounty-5Sirat Sami (analyz3r)brute-force, hackerone, bug-bounty08-Jan-2025
Automate-XSS Five-In-One Toolhttps://medium.com/@saket590/automate-xss-five-in-one-tool-95a947545b2c?source=rss------bug_bounty-5Dr. Saket Acharyabug-bounty, hacking, xss-vulnerability, xss-attack, xss-bypass08-Jan-2025
Day 0. The 100-Day Bug Bounty Challenge: Sharing 100 Vulnerabilities in 100 Dayshttps://mahhesshh.medium.com/day-0-the-100-day-bug-bounty-challenge-sharing-100-vulnerabilities-in-100-days-17308f82d741?source=rss------bug_bounty-5Mahesh Dhakadcybersecurity, bug-bounty, hacking, vulnerability, 100daychallenge08-Jan-2025
Weird JavaScript fileshttps://infosecwriteups.com/weird-javascript-files-7e6e7296e914?source=rss------bug_bounty-5cryptoshanthacking, cybersecurity, javascript, bug-bounty, tips08-Jan-2025
Leaky Response, Easy Takeover!https://medium.com/@tanyago/leaky-response-easy-takeover-25367c18f0dc?source=rss------bug_bounty-5Tanya Goyalbug-bounty, bug-bounty-tips, bug-bounty-writeup08-Jan-2025
Why Companies Should Adopt a Bug Bounty Programhttps://medium.com/@hackrate/why-companies-should-adopt-a-bug-bounty-program-cd4e1a492989?source=rss------bug_bounty-5Levente Molnarbug-bounty, hacking, cybersecurity, ethical-hacking, bug-bounty-tips08-Jan-2025
How I Ethically Hacked the Indian Army for the Second Timehttps://cybersecuritywriteups.com/how-i-ethically-hacked-the-indian-army-for-the-second-time-edf6ec4495f8?source=rss------bug_bounty-5Guru Prasad Pattanaik || TH3N00BH4CK3Rcybersecurity, bug-bounty-writeup, ethical-hacking, bug-bounty-tips, bug-bounty08-Jan-2025
Blind OS Command Injection with Output Redirectionhttps://osintteam.blog/blind-os-command-injection-with-output-redirection-1d08c3793ff1?source=rss------bug_bounty-5The Cybersec Cafécybersecurity, bug-bounty, penetration-testing, bug-bounty-tips, information-security08-Jan-2025
No Session Expiry after log-out, attacker can reuse the old cookieshttps://mknayek101.medium.com/no-session-expiry-after-log-out-attacker-can-reuse-the-old-cookies-b90a4a45032d?source=rss------bug_bounty-5MkNayekpenetration-testing, cybersecurity, bug-bounty-tips, bug-bounty, pentesting08-Jan-2025
Disclosure of any bpost.be username via emailhttps://mknayek101.medium.com/disclosure-of-any-bpost-be-username-via-email-afde00aff7d9?source=rss------bug_bounty-5MkNayekpenetration-testing, pentesting, bug-bounty-tips, bug-bounty, cybersecurity08-Jan-2025
User information disclosed via API endpointhttps://mknayek101.medium.com/user-information-disclosed-via-api-endpoint-80a1b82e3f3a?source=rss------bug_bounty-5MkNayekpenetration-testing, web-hacking, pentesting, bug-bounty-tips, bug-bounty08-Jan-2025
AI Security Insights from HackerOne’s 8th Annual Security Reporthttps://medium.com/ai-security-hub/ai-security-insights-from-hackerones-8th-annual-security-report-f775473c1226?source=rss------bug_bounty-5Tal Eliyahuhackerone, bug-bounty, hacking, cybersecurity, artificial-intelligence08-Jan-2025
PowerSchool Hacked: 18K Customers and 60M Students’ Privacy Compromisedhttps://medium.com/@wiretor/powerschool-hacked-18k-customers-and-60m-students-privacy-compromised-e418e3ed8ccc?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, ai, malware, powerschool, bug-bounty08-Jan-2025
UN Aviation Agency Hit by Cyberattack: 42K Recruitment Records Stolenhttps://medium.com/@wiretor/un-aviation-agency-hit-by-cyberattack-42k-recruitment-records-stolen-6a51c8817d7f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, bug-bounty, un, ai, malware08-Jan-2025
Green Bay Packers Pro Shop Breach: Over 8,500 Credit Cards Stolen!https://medium.com/@wiretor/green-bay-packers-pro-shop-breach-over-8-500-credit-cards-stolen-e99ea97bf154?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, green-bay, ai, malware, bug-bounty08-Jan-2025
CISA Alerts: Critical Oracle WebLogic & Mitel Vulnerabilities Exploited!https://medium.com/@wiretor/cisa-alerts-critical-oracle-weblogic-mitel-vulnerabilities-exploited-136f227dcfb0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, programming, malware, business, bug-bounty08-Jan-2025
Breaking Barriers: Understanding and Mastering WAF Bypass Techniqueshttps://bitpanic.medium.com/breaking-barriers-understanding-and-mastering-waf-bypass-techniques-2277150d2574?source=rss------bug_bounty-5Spectat0rguycybersecurity, bug-bounty, technology, programming, bug-bounty-tips08-Jan-2025
Day 07: My Bug Bounty Challenge … 0–100k without knowledge in one year!https://medium.com/@dogxxx10/day-07-my-bug-bounty-challenge-0-100k-without-knowledge-in-one-year-cc5eff18ae10?source=rss------bug_bounty-5Dogx0xbug-bounty-writeup, bug-bounty, web-hacking, hacking, bug-bounty-tips08-Jan-2025
Detect Open Redirect Vulnerabilities with RedirXploithttps://angixblack.medium.com/detect-open-redirect-vulnerabilities-with-redirxploit-946ac287846f?source=rss------bug_bounty-5Angix blackbugs, open-redirect, tools, bug-bounty, bug-bounty-tips07-Jan-2025
How i found ssti injection (Server-side template injection)on yeswehack platform in public programhttps://medium.com/@ravindrajatav0709/how-i-found-ssti-injection-server-side-template-injection-on-yeswehack-platform-in-public-program-bfde6a89f477?source=rss------bug_bounty-5Ravindrajatavbug-bounty, bugbounty-writeup, bug-bounty-tips, bugs, cybersecurity07-Jan-2025
Getting Started with Bug Bounty Hunting in 2025: A Real World Guidehttps://medium.com/@hackbynight/getting-started-with-bug-bounty-hunting-in-2025-a-real-world-guide-051a3fb36376?source=rss------bug_bounty-5hackbynightbug-bounty-tips, bug-bounty, cybersecurity, information-security, hacking07-Jan-2025
Server-Side Template Injection (SSTI): Advanced Exploitation Techniqueshttps://medium.com/@bootstrapsecurity/server-side-template-injection-ssti-advanced-exploitation-techniques-2d8ccdf6270f?source=rss------bug_bounty-5BootstrapSecurityethical-hacking, bug-bounty-tips, bug-bounty, api, hacking07-Jan-2025
Finding more subdomainshttps://medium.com/@loyalonlytoday/finding-more-subdomains-8b1abb32f3e5?source=rss------bug_bounty-5loyalonlytodayreconnaissance, hacking, bug-bounty-tips, cybersecurity, bug-bounty07-Jan-2025
Burp Suite + Form Deletion = Admin Storage Nightmarehttps://infosecwriteups.com/burp-suite-form-deletion-admin-storage-nightmare-240618a8c983?source=rss------bug_bounty-5callgh0sthumanity, hacking, gaza, genocide, bug-bounty07-Jan-2025
Web Application Penetration Testing Checklisthttps://saconychukwu.medium.com/web-application-penetration-testing-checklist-3da7d3be8f1a?source=rss------bug_bounty-5Sacony Chukwubug-bounty-tips, hacking, bug-bounty, bug-bounty-writeup, cybersecurity07-Jan-2025
Automated Penetration Testing: A Guide to Domain Collectionhttps://medium.com/@security.tecno/automated-penetration-testing-a-guide-to-domain-collection-a79df50d74a0?source=rss------bug_bounty-5TECNO Securityweb, hacking, bug-bounty, security07-Jan-2025
Hack The Box UpDown[Retired][Linux]https://medium.com/@vignesh6872610/hack-the-box-updown-retired-linux-5e0a9f6ec84e?source=rss------bug_bounty-5Vignesh Phtb-writeup, hackthebox-walkthrough, retiredmachine, bug-bounty, linux07-Jan-2025
P4 Bugs and POC | Part-9https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-9-16b5a8ffb52d?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, bug-bounty-tips, hacking, infosec, money07-Jan-2025
bug-bounty Rate Limit vulnerabilityhttps://medium.com/@eslamatef396/bug-bounty-rate-limit-vulnerability-cb81481456bc?source=rss------bug_bounty-5UnStoppableweb-penetration-testing, rate-limiting, bug-bounty07-Jan-2025
CVE-2024–12033: A Critical WordPress Vulnerability in Jupiter X Corehttps://medium.com/@wiretor/cve-2024-12033-a-critical-wordpress-vulnerability-in-jupiter-x-core-38ac3380b909?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, wordpress, malware, rce, cve07-Jan-2025
CVE-2024–12532: Vulnerability in BWD Elementor Addons Pluginhttps://medium.com/@wiretor/cve-2024-12532-vulnerability-in-bwd-elementor-addons-plugin-da1a34bd2f99?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, malware, wordpress, hacking, bug-bounty07-Jan-2025
CVE-2024–12711: Vulnerability in RSVP and Event Management Pluginhttps://medium.com/@wiretor/cve-2024-12711-vulnerability-in-rsvp-and-event-management-plugin-2a0b374807e1?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, malware, ai, bug-bounty, hacking07-Jan-2025
Critical Infrastructure Ransomware Attack Tracker Surpasses 2,000 Incidents!https://medium.com/@wiretor/critical-infrastructure-ransomware-attack-tracker-surpasses-2-000-incidents-431f5531a2af?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, bug-bounty, hacking, business, malware07-Jan-2025
Bug Bounty Hunting Prerequisiteshttps://it4chis3c.medium.com/bug-bounty-hunting-prerequisites-964560919547?source=rss------bug_bounty-5It4chis3croadmaps, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-hunting07-Jan-2025
The Most Groundbreaking Bug Bounty Discoveries That Changed Cybersecurity Foreverhttps://medium.com/@hackrate/the-most-groundbreaking-bug-bounty-discoveries-that-changed-cybersecurity-forever-a2a39e7e10af?source=rss------bug_bounty-5Levente Molnarhacking, bug-bounty, bug-bounty-tips, ethical-hacking, cybersecurity07-Jan-2025
Beginners Introduction To Server Side Request Forgeryhttps://bitpanic.medium.com/beginners-introduction-to-server-side-request-forgery-85c3a35eb726?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, programming, bug-bounty, cybersecurity, technology07-Jan-2025
My Journey to Finding Two XSS Vulnerabilities on a Bug Bounty Websitehttps://medium.com/@mickaelbenlolo/my-journey-to-finding-two-xss-vulnerabilities-on-a-bug-bounty-website-b6a1e38425df?source=rss------bug_bounty-5Mickael Benlolopenetration-testing, xss-vulnerability, cybersecurity, bug-bounty07-Jan-2025
Humorous XSS Vulnerabilities in a Movie Websitehttps://medium.com/meetcyber/humorous-xss-vulnerabilities-in-a-movie-website-3600d7828661?source=rss------bug_bounty-5Erkan Kavasxss-vulnerability, cybersecurity, xss-challenge, xss-attack, bug-bounty07-Jan-2025
Day 06: My Bug Bounty Challenge ... 0–100k without knowledge in one year!https://medium.com/@dogxxx10/day-06-my-bug-bounty-challenge-0-100k-without-knowledge-in-one-year-5ed71536fd89?source=rss------bug_bounty-5Dogx0xbug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty, web-hacking07-Jan-2025
P4 Bugs and POC | Part 7https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-7-a379f057ba96?source=rss------bug_bounty-5Abhijeet kumawathacking, bug-bounty, infosec, bug-bounty-tips, money06-Jan-2025
Day 27 of 30 Day — 30 Vulnerabilities | Server-Side Template Injection (SSTI)https://it4chis3c.medium.com/day-27-of-30-day-30-vulnerabilities-server-side-template-injection-ssti-12f933587800?source=rss------bug_bounty-5It4chis3cbug-bounty, 30dayswritingchallenge, ssti, bug-bounty-tips, bug-bounty-writeup06-Jan-2025
From oos — getting bounty Improper Access Control to create an commentor account on the application.https://medium.com/@swaroopvenkat828/from-oos-getting-bounty-improper-access-control-to-create-an-commentor-account-on-the-application-027b517928bb?source=rss------bug_bounty-5swaroop 04|16bug-bounty-tips, bugbounty-writeup, bug-bounty06-Jan-2025
Bypassing API Authentication: Exploiting Token Reuse and Expiryhttps://medium.com/@bootstrapsecurity/bypassing-api-authentication-exploiting-token-reuse-and-expiry-0432e7689659?source=rss------bug_bounty-5BootstrapSecuritybug-bounty, api, bug-bounty-tips, ethical-hacking, hacking06-Jan-2025
Missing SPF BUG HUNTINGhttps://medium.com/@cybertips96/missing-spf-bug-hunting-121294c9572e?source=rss------bug_bounty-5Cybertipsbug-bounty06-Jan-2025
How I Found PII at NASA Using Google Dorkinghttps://medium.com/@salaheddine_kalada/how-i-found-pii-at-nasa-using-google-dorking-6447a89decc7?source=rss------bug_bounty-5Salaheddine KALADAbug-bounty-tips, bug-bounty-writeup, bug-bounty-program, bug-bounty, bug-bounty-hunter06-Jan-2025
How I Got My First Critical Bug ## Easy Bughttps://medium.com/@0xoroot/how-i-got-my-first-critical-bug-easy-bug-fb5d1631bcd4?source=rss------bug_bounty-50xorootcritical-thinking, bug-bounty, penetration-testing, hacking, bugs06-Jan-2025
How I Was Able to Block Any Usernamehttps://infosecwriteups.com/how-i-was-able-to-block-any-username-5707a1fbd25c?source=rss------bug_bounty-5JEETPALbug-bounty-tips, cybersecurity, bug-bounty-writeup, business-logic-flaw, bug-bounty06-Jan-2025
Chrome Extension Hacked: - A Wake-Up Call for Users.https://medium.com/@forte.social/chrome-extension-hacked-a-wake-up-call-for-users-c0c8de0281aa?source=rss------bug_bounty-5eSecFortebug-bounty-tips, cybersecurity, chrome-extension, bug-bounty, hacking06-Jan-2025
The Evolution of Bug Bounties: A Decade of Digital Vigilancehttps://medium.com/@hackrate/the-evolution-of-bug-bounties-a-decade-of-digital-vigilance-99b1e86421b0?source=rss------bug_bounty-5Levente Molnarethical-hacking, hacking, bug-bounty-tips, bug-bounty, cybersecurity06-Jan-2025
How IBM Helped Me Get Private Invites on Hacker1https://medium.com/@oxab/how-ibm-helped-me-get-private-invites-on-hacker1-ffbe3c1b26d3?source=rss------bug_bounty-5Oxabbugbounting, bug-bounty-tips, bug-bounty, bug-bounty-writeup06-Jan-2025
Introduction to My Bug Bounty Hunting Serieshttps://it4chis3c.medium.com/introduction-to-my-bug-bounty-hunting-series-79a68dcb07a6?source=rss------bug_bounty-5It4chis3cbug-hunting, bug-bounty, bug-bounty-writeup, web-security, bug-bounty-tips06-Jan-2025
Comprehensive Command and Control Tools for Red Teaming Operationshttps://saconychukwu.medium.com/comprehensive-command-and-control-tools-for-red-teaming-operations-23e458d830c0?source=rss------bug_bounty-5Sacony Chukwubug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity, ethical-hacking06-Jan-2025
Advanced C# Offensive Frameworks for Red Team Operationshttps://saconychukwu.medium.com/advanced-c-offensive-frameworks-for-red-team-operations-a001cac7e10f?source=rss------bug_bounty-5Sacony Chukwuethical-hacking, bug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips06-Jan-2025
Exploiting Session Hijacking Vulnerability: My Bug Bounty Experiencehttps://medium.com/@mickaelbenlolo/exploiting-session-hijacking-vulnerability-my-bug-bounty-experience-659706a24a93?source=rss------bug_bounty-5Mickael Benlolobug-bounty, session-hijacking, penetration-testing, cybersecurity06-Jan-2025
Chasing Bugs, Finding Purpose: My Journey to the First Bounty!https://medium.com/@he4dr0/chasing-bugs-finding-purpose-my-journey-to-the-first-bounty-cf610c0f023e?source=rss------bug_bounty-5he4dr0bug-bounty, hackerone, security-research, information-disclosure, journey06-Jan-2025
How I Found My First Bughttps://medium.com/@dibyaranjanmohanta2806/i-found-my-first-bug-52e20e37b429?source=rss------bug_bounty-5Dibyaranjanmohantabugs, my-first-bug, bug-bounty, bug-bounty-tips, bug-bounty-writeup06-Jan-2025
Eagerbee Backdoor Targets Middle Eastern Government Orgs & ISPshttps://medium.com/@wiretor/eagerbee-backdoor-targets-middle-eastern-government-orgs-isps-e0246bb044c4?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbackdoor, bug-bounty, business, malware, ai06-Jan-2025
Cryptocurrency Wallet Drainers Stole $500 Million in 2024https://medium.com/@wiretor/cryptocurrency-wallet-drainers-stole-500-million-in-2024-7e1da1edb1b7?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, malware, crypto, bug-bounty, ai06-Jan-2025
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tipshttps://mhmmuneef.medium.com/thn-weekly-recap-top-cybersecurity-threats-tools-and-tips-b11776bb3c7b?source=rss------bug_bounty-5Mohammed Muneeftechnology, cybersecurity, bug-bounty, cybercrime, hacking06-Jan-2025
Breaking News: Chinese Hackers Breach U.S. Telecom Networks!https://medium.com/@wiretor/breaking-news-chinese-hackers-breach-u-s-telecom-networks-be8249641716?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, cve, ai, malware06-Jan-2025
A List Of Default Admin Panel Passwords to Boost Your Bug Bountyhttps://bitpanic.medium.com/a-list-of-default-admin-panel-passwords-to-boost-your-bug-bounty-67af4c4f45b2?source=rss------bug_bounty-5Spectat0rguycybersecurity, programming, bug-bounty, technology, bug-bounty-tips06-Jan-2025
HR Admin Account Takeover: Chaining Stored XSS and IDOR in a Human Resource Apphttps://medium.com/@abdullah12987654/hr-admin-account-takeover-chaining-stored-xss-and-idor-in-a-human-resource-app-9718c9e77d34?source=rss------bug_bounty-5Abdullahcyebrsecurity, offensive-security, bug-bounty, ethical-hacking, hacking06-Jan-2025
Bug Bounty — How I Found an XSS Vulnerability Through a “Change Email” Option!https://medium.com/@mickaelbenlolo/bug-bounty-how-i-found-an-xss-vulnerability-through-a-change-email-option-3ed57ba2d11f?source=rss------bug_bounty-5Mickael Benloloxss-vulnerability, penetration-testing, bug-bounty, cybersecurity06-Jan-2025
How I Found My First Bug (RXSS)https://medium.com/@a0xtrojan/how-i-found-my-first-bug-rxss-2ac44e94d628?source=rss------bug_bounty-5A0X_Trojantips-and-tricks, xss-attack, bug-bounty, penetration-testing, web-app-security06-Jan-2025
Hidden Dangers of XSS Vulnerabilities — Real Casehttps://medium.com/meetcyber/hidden-dangers-of-xss-vulnerabilities-real-case-22177daa6fc8?source=rss------bug_bounty-5Erkan Kavasxss-bypass, cybersecurity, xss-attack, bug-bounty, xss-vulnerability06-Jan-2025
Day 0 — 05 : M y Bug Bounty Challenge 0–100k without knowledge in one year!https://medium.com/@dogxxx10/day-0-05-m-y-bug-bounty-challenge-0-100k-without-knowledge-in-one-year-94f090fdf54a?source=rss------bug_bounty-5Dogxxxbug-bounty-writeup, hacking, bug-bounty, bug-bounty-tips, web-hacking06-Jan-2025
P4 Bugs and POC | Part-8https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-8-2b4ed878c53a?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, money, bug-bounty-tips, infosec, hacking06-Jan-2025
How I Exposed IDOR and Path Traversal Vulnerabilities in a Parking Portalhttps://medium.com/@br3ss/how-i-exposed-idor-and-path-traversal-vulnerabilities-in-a-parking-portal-0ae8e4940306?source=rss------bug_bounty-5Br3ssidor, cybersecurity, hacking, path-traversal, bug-bounty06-Jan-2025
P4 Bugs and POC | Part-8https://infosecwriteups.com/p4-bugs-and-poc-part-8-2b4ed878c53a?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, money, bug-bounty-tips, infosec, hacking06-Jan-2025
My First Bug Report in Microsoft Windows Task Managerhttps://medium.com/@abdullah.farwees/my-first-bug-report-in-microsoft-windows-task-manager-726972722e50?source=rss------bug_bounty-5Abdullah Farwees - Video Audio Software Engineermicrosoft-bug, microsoft-bug-bounty, bug-bounty-tips, bugs, bug-bounty05-Jan-2025
From Recon to Exploitation: 100 Linux Commands Every Pentester Must Knowhttps://medium.com/@rundcodehero/from-recon-to-exploitation-100-linux-commands-every-pentester-must-know-e8f118226de6?source=rss------bug_bounty-5Randi Adhityas Saputrabug-bounty, linux-tutorial, cybersecurity, command-line, penetration-testing05-Jan-2025
Exploiting CORS Misconfigurations: A Bug Bounty Case Studyhttps://medium.com/@mickaelbenlolo/exploiting-cors-misconfigurations-a-bug-bounty-case-study-8e85a868c3c8?source=rss------bug_bounty-5Mickael Benlolobug-bounty, cybersecurity, entry-level, pentesting05-Jan-2025
Frontrunning Vulnerability: What It Is, How to Exploit, Prevent, and Mitigate Ithttps://infosecwriteups.com/frontrunning-vulnerability-what-it-is-how-to-exploit-prevent-and-mitigate-it-19149db077bd?source=rss------bug_bounty-5JEETPALcybersecurity, front-running, web3, bugbounty-writeup, bug-bounty05-Jan-2025
Peering into the Shadows: How an Empty Domain Led to a Full-Blown Exploitation Chainhttps://medium.com/@tusharpuri6/peering-into-the-shadows-how-an-empty-domain-led-to-a-full-blown-exploitation-chain-b06219d92d0e?source=rss------bug_bounty-5Tusharpuribug-bounty, penetration-testing, application-security, offensive-security, infosec05-Jan-2025
Easy P4: Cloudflare Bypass, Origin IP Found (Part 1)https://sudosuraj.medium.com/easy-p4-cloudflare-bypass-origin-ip-found-part-1-685d27e73dd0?source=rss------bug_bounty-5sudosurajhackerone, bug-bounty, sudosuraj, bug-bounty-writeup, info-sec-writeups05-Jan-2025
Comprehensive Reconnaissance Tools for Red Teaming and OSINT Operationshttps://saconychukwu.medium.com/comprehensive-reconnaissance-tools-for-red-teaming-and-osint-operations-17b06b698548?source=rss------bug_bounty-5Sacony Chukwupenetration-testing, bug-bounty, hacking05-Jan-2025
Comprehensive Phishing Tools for Red Teaming and Delivery Tacticshttps://saconychukwu.medium.com/comprehensive-phishing-tools-for-red-teaming-and-delivery-tactics-cf30c615ab24?source=rss------bug_bounty-5Sacony Chukwuethical-hacking, penetration-testing, hacking, bug-bounty05-Jan-2025
Bug Bounty — Finding and Exploiting a Cookie Security Flaw: A Deep Dive into PHPSESSID and Missing…https://medium.com/@mickaelbenlolo/bug-bounty-finding-and-exploiting-a-cookie-security-flaw-a-deep-dive-into-phpsessid-and-missing-3aca0db6c1cd?source=rss------bug_bounty-5Mickael Benlolopenetration-testing, bug-bounty, cybersecurity, entry-level05-Jan-2025
Discovering SQLi Vulnerabilities Through Deeper Analysishttps://medium.com/@erkankavas/discovering-sqli-vulnerabilities-through-deeper-analysis-4e305dfbc181?source=rss------bug_bounty-5Erkan Kavascybersecurity, bug-bounty-tips, bug-bounty-writeup, sqli, bug-bounty05-Jan-2025
How I was able to Sign Up at one of the Company Panels ? P3 $$$https://19whoami19.medium.com/how-i-was-able-to-sign-up-at-one-of-the-company-panels-p3-c824d76e36e9?source=rss------bug_bounty-5WHO AM I ?cybersecurity, bug-bounty, pentesting, broken-access-control05-Jan-2025
Finding and Reporting an XSS Vulnerability: My Bug Bounty Journeyhttps://medium.com/@mickaelbenlolo/finding-and-reporting-an-xss-vulnerability-my-bug-bounty-journey-0bc4a4609d34?source=rss------bug_bounty-5Mickael Benloloentry-level, xss-vulnerability, cybersecurity, penetration-testing, bug-bounty05-Jan-2025
Strategies to Maximize Your Earnings on Bug Bounty Platformshttps://bitpanic.medium.com/strategies-to-maximize-your-earnings-on-bug-bounty-platforms-6053aaf0a781?source=rss------bug_bounty-5Spectat0rguycybersecurity, information-technology, technology, bug-bounty, bug-bounty-tips05-Jan-2025
CVE-2025–0224: Provision-ISR SH-4050A-2 Server.js Information Disclosurehttps://medium.com/@wiretor/cve-2025-0224-provision-isr-sh-4050a-2-server-js-information-disclosure-42df13998a66?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicescve, ai, bug-bounty, malware, business05-Jan-2025
CVE-2025–0226: Information Disclosure Vulnerability in Tsinghua Unigroup Electronic Archives…https://medium.com/@wiretor/cve-2025-0226-information-disclosure-vulnerability-in-tsinghua-unigroup-electronic-archives-cf44084fc78c?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, malware, ai, business05-Jan-2025
Account Deletion Flaw Exposes Chats, Researcher Gets $1,000 (5/30DAYS)https://medium.com/@zerodaystories/account-deletion-flaw-exposes-chats-researcher-gets-1-000-5-30days-d51245c30c65?source=rss------bug_bounty-50day storiestechnology, bug-bounty, penetration-testing, hacking, cybersecurity05-Jan-2025
Bug Bounty Goldmine: The Wildest Cybersecurity Discoverieshttps://medium.com/@hackrate/bug-bounty-goldmine-the-wildest-cybersecurity-discoveries-bb6d1be478dd?source=rss------bug_bounty-5Levente Molnarethical-hacking, bug-bounty-tips, bug-bounty, hacking, cybersecurity05-Jan-2025
Top 8 Bug Bounty Platforms in 2025https://hackers-guild-blog.medium.com/top-8-bug-bounty-platforms-in-2025-84a1f6b7b226?source=rss------bug_bounty-5Hackers Guildbug-bounty, hacking, osint, hacker, bug-bounty-program05-Jan-2025
Brute Force Attack (Owaspbwa Lab, Hydra Tool)https://medium.com/@BetterBy0x01/brute-force-attack-owaspbwa-lab-hydra-tool-f3cd947f86bb?source=rss------bug_bounty-5Ashutosh Singh Patelbug-bounty, hacking, security, attack, owasp04-Jan-2025
Besides bXSShttps://wanderication.medium.com/besides-bxss-681f3d97cda9?source=rss------bug_bounty-5Jay Wanderybug-bounty, xss-attack04-Jan-2025
Account TakeOver | Abusing the Application logic flaw in the reset password functionalityhttps://wanderication.medium.com/account-takeover-abusing-the-application-logic-flaw-in-the-reset-password-functionality-1b0a92caafca?source=rss------bug_bounty-5Jay Wanderyaccount-takeover-attacks, bug-bounty04-Jan-2025
Account Takeover via Facebook Oauthhttps://anontriager.medium.com/account-takeover-via-facebook-oauth-cd1f6219f7dd?source=rss------bug_bounty-5Anonymous Traigerbug-bounty, programming, jobs, hacker, cybersecurity04-Jan-2025
Top 15 Vulnerable Web Applications and Websites for Ethical Hacking Practicehttps://saconychukwu.medium.com/top-15-vulnerable-web-applications-and-websites-for-ethical-hacking-practice-d2062e5bc383?source=rss------bug_bounty-5Sacony Chukwupentesting, bug-bounty, hacking04-Jan-2025
Boost Cybersecurity with Bug Bounty Programshttps://medium.com/@ramanidhaval11/boost-cybersecurity-with-bug-bounty-programs-26498ce74226?source=rss------bug_bounty-5Er Dhaval Ramanicybersecurity, bug-bounty, cyber-security-awareness, bugbounty-writeup04-Jan-2025
How I Discovered an Email Disclosure Vulnerabilityhttps://infosecwriteups.com/how-i-discovered-an-email-disclosure-vulnerability-bf798d3f3228?source=rss------bug_bounty-5JEETPALbug-bounty-writeup, cybersecurity, bug-bounty, bugbounty-tips04-Jan-2025
Bug Bash: 11 Creeping Critters Every QA Tester Must Squash!https://medium.com/@divyarajsinhdev/bug-bash-11-creeping-critters-every-qa-tester-must-squash-31d4da2f7805?source=rss------bug_bounty-5Divyarajsinh Dodiabug-bounty, software-testing, qa, automation, software-development04-Jan-2025
List of Top Bug Bounty Platforms for 2025https://medium.com/@hackrate/list-of-top-bug-bounty-platforms-for-2025-a13d86290a14?source=rss------bug_bounty-5Levente Molnarpenetration-testing, ethical-hacking, cybersecurity, bug-bounty, hacking04-Jan-2025
The Power of Swagger UI Docs-Broken access controlhttps://medium.com/@hamdiyasin135/the-power-of-swagger-ui-docs-broken-access-control-a3b57fb035bd?source=rss------bug_bounty-5yassin hamdiaccess-control, hackerone, bug-bounty04-Jan-2025
P4 Bugs and PoC | Part 4https://infosecwriteups.com/p4-bugs-and-poc-part-4-c65113b489b0?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, money, bug-bounty-tips, infosec, hacking04-Jan-2025
Microsoft Vulnerability Exploitation — [IDOR] — Unbinding of Any Microsoft Account’s Recovery Emailhttps://medium.com/@iamjamehas/microsoft-vulnerability-exploitation-idor-unbinding-of-any-microsoft-accounts-recovery-email-0f6dcf50820e?source=rss------bug_bounty-5jamehadvzero-day, red-team, exploits-zero-day, microsoft, bug-bounty04-Jan-2025
API Fuzzing for Bug Bounty: Unlock the Secrets of Vulnerable APIshttps://bevijaygupta.medium.com/api-fuzzing-for-bug-bounty-unlock-the-secrets-of-vulnerable-apis-d8b297280caa?source=rss------bug_bounty-5Vijay Kumar Guptaapi, fuzzing, vulnerability, bug-bounty, api-vulnerabilities04-Jan-2025
Bad Tenable Plugin Updates Take Down Nessus Agents Worldwidehttps://medium.com/@wiretor/bad-tenable-plugin-updates-take-down-nessus-agents-worldwide-baf7c48c34a3?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, xss-attack, ai, malware, bug-bounty04-Jan-2025
New Android Malware Alert: FireScam Targets RuStore Users!https://medium.com/@wiretor/new-android-malware-alert-firescam-targets-rustore-users-b5de983bd805?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, rce, ai, bug-bounty, xss-attack04-Jan-2025
Find XSS Vulnerabilities in Minuteshttps://medium.com/@phirojshah20/find-xss-vulnerabilities-in-minutes-912d02d2b848?source=rss------bug_bounty-5Phirojshahbugs, bug-bounty, bug-bounty-tips, xss-vulnerability, cybersecurity04-Jan-2025
Detecting GraphQL Injection: Tools and Techniques for Security Testershttps://bitpanic.medium.com/detecting-graphql-injection-tools-and-techniques-for-security-testers-f3742d0388aa?source=rss------bug_bounty-5Spectat0rguytechnology, programming, bug-bounty-tips, bug-bounty, cybersecurity04-Jan-2025
How I Found P1 Vulnerability Using Google Dorkhttps://h0x1d.medium.com/how-i-found-a-p1-vulnerability-using-google-dork-33ac0250df89?source=rss------bug_bounty-5Hamed Mohamed - h0x1dbug-bounty, bug-bounty-writeup, bug-bounty-tips04-Jan-2025
My First Year in Bug Bountyhttps://cyxbugs.medium.com/my-first-year-in-bug-bounty-42f39a42fc7f?source=rss------bug_bounty-5Cyxbug-bounty-tips, cybersecurity, hacking, bug-bounty04-Jan-2025
Nikto : VulnerabilityScanner COMMANDShttps://jawstar.medium.com/nikto-vulnerabilityscanner-commands-578b76344097?source=rss------bug_bounty-5Jawstarpenetration-testing, technology, cybersecurity, bug-bounty, nikto04-Jan-2025
P4 Bugs and POC | Part 5https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-5-556962ec83f7?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, money, infosec, hacking, bug-bounty-tips04-Jan-2025
What Is Cross Site Request Forgery?https://medium.com/@dante.falls/what-is-cross-site-request-forgery-a52a48562f58?source=rss------bug_bounty-5Dante Fallscybersecurity, information-security, web-security, bug-bounty04-Jan-2025
Detecting GraphQL Injection: Tools and Techniques for Security Testershttps://medium.com/infosecmatrix/detecting-graphql-injection-tools-and-techniques-for-security-testers-f3742d0388aa?source=rss------bug_bounty-5Spectat0rguytechnology, programming, bug-bounty-tips, bug-bounty, cybersecurity04-Jan-2025
SQL Injection: A Beginner’s Guide PART 1https://medium.com/@hamzamabdulrhman/sql-injection-a-beginners-guide-part-1-0bdb41ec8609?source=rss------bug_bounty-5Hamza M. Abdulrhmanbug-bounty, sql-injection, hacking, sql, sql-server03-Jan-2025
How My Journey Started as a Bug Bounty Hunterhttps://virpalsinh.medium.com/how-my-journey-started-as-a-bug-bounty-hunter-67641b57d01f?source=rss------bug_bounty-5virpalsinhinformation-security, cybersecurity, careers, ethical-hacking, bug-bounty03-Jan-2025
What is an Advanced Persistent Threat (APT)?https://ritikshrivas.medium.com/what-is-an-advanced-persistent-threat-apt-bbf9bb366e2d?source=rss------bug_bounty-5Ritik Shrivasbug-bounty, information-security, vulnerability, cybersecurity, information-technology03-Jan-2025
P4 Bugs and POC | Part 1https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-1-0dab3517bbe9?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, money, infosec, hacking, bug-bounty-tips03-Jan-2025
How I Uncovered an LFI in 15 Seconds: The Tale of a Curious Hacker and an Unprepared Serverhttps://medium.com/@shyamfdo82/how-i-uncovered-an-lfi-in-15-seconds-the-tale-of-a-curious-hacker-and-an-unprepared-server-e49925452007?source=rss------bug_bounty-5Shyamfdocybersecurity, red-team, hacking, penetration-testing, bug-bounty03-Jan-2025
Use SQL-Map at its best.https://medium.com/@anandrishav2228/use-sql-map-at-its-best-64180f9ad279?source=rss------bug_bounty-5Rishav anandhacker, money, cybersecurity, bug-bounty, sql03-Jan-2025
Bug Bounty Methodology Version 2025https://medium.com/@techinsights5/bug-bounty-methodology-version-2025-4cb701838658?source=rss------bug_bounty-5TechInsightsbug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup, bug-bounty-methodology03-Jan-2025
PDF.js Arbitrary JavaScript Code Execution (CVE-2024-4367)https://infosecwriteups.com/pdf-js-arbitrary-javascript-code-execution-cve-2024-4367-be4a64f877df?source=rss------bug_bounty-5coffinxpcve, bug-bounty-tips, bug-bounty, bug-bounty-writeup, pdf03-Jan-2025
What is a Hacker?https://hackers-guild-blog.medium.com/what-is-a-hacker-c957e390855b?source=rss------bug_bounty-5Hackers Guildbounty-program, osint, cybersecurity, hacking, bug-bounty03-Jan-2025
Here’s 24 web-application hacking tools:https://saconychukwu.medium.com/heres-24-web-application-hacking-tools-17369f7f5097?source=rss------bug_bounty-5Sacony Chukwubug-bounty03-Jan-2025
My First RCE Vulnerabilityhttps://medium.com/@RekoJR/my-first-rce-vulnerability-636cdc9f2dab?source=rss------bug_bounty-5Reko !bug-bounty, bug-bounty-writeup03-Jan-2025
PDF.js Arbitrary JavaScript Code Execution (CVE-2024-4367)https://infosecwriteups.com/pdf-js-arbitrary-javascript-code-execution-cve-2024-4367-be4a64f877df?source=rss------bug_bounty-5coffinxpbug-bounty-tips, bug-bounty, bug-bounty-writeup, technology, xss-attack03-Jan-2025
How to Start Penetration Testing: Tools, Techniques, and Tips.https://cybersaurabh.medium.com/how-to-start-penetration-testing-tools-techniques-and-tips-bfbf09a0130a?source=rss------bug_bounty-5The Saurabh Palpenetration-testing, bug-bounty-writeup, bug-bounty, ethical-hacking, hacking03-Jan-2025
Free Labs to Practice XSShttps://medium.com/@MaMad4Ever/free-labs-to-practice-xss-08b11016ba05?source=rss------bug_bounty-5MaMadxss-attack, xss-vulnerability, penetration-testing, xss-challenge, bug-bounty03-Jan-2025
The Ultimate Guide to Top Bug Bounty Platforms in 2025https://medium.com/@hackrate/the-ultimate-guide-to-top-bug-bounty-platforms-in-2025-b6d6c3442188?source=rss------bug_bounty-5Levente Molnarbug-bounty, ethical-hacking, cybersecurity, hacking, penetration-testing03-Jan-2025
MFA Bypass Exposed: A C Flaw in Two-Factor Authenticationhttps://medium.com/@swaroopvenkat828/mfa-bypass-exposed-a-c-flaw-in-two-factor-authentication-6e126b1cfbd0?source=rss------bug_bounty-5swaroop 04mfa, bug-bounty, mfa-bypass, 2025, bugbounty-writeup03-Jan-2025
Siri Privacy Crisis: Apple Faces $95 Million Settlement for Secret Recordings!https://medium.com/@wiretor/siri-privacy-crisis-apple-faces-95-million-settlement-for-secret-recordings-32472ca8e705?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, business, apple, siri, ai03-Jan-2025
€10B Cybersecurity Giant Denies Space Bears Ransomware Breach Claimshttps://medium.com/@wiretor/10b-cybersecurity-giant-denies-space-bears-ransomware-breach-claims-464a80206f57?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, ai, business, malware03-Jan-2025
Hackers’ New Trick — DoubleClickjacking Hijacks Your Accounts Without a Tracehttps://medium.com/@wiretor/hackers-new-trick-doubleclickjacking-hijacks-your-accounts-without-a-trace-d812ec920ac8?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, malware, hacker, bug-bounty, ai03-Jan-2025
Over 3 Million Mail Servers Exposed: Time to Encrypt!https://medium.com/@wiretor/over-3-million-mail-servers-exposed-time-to-encrypt-1c1065932c89?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, ai, malware, bug-bounty, hacking03-Jan-2025
Improper Access Control in APIs Earns $3,900 Bounty(4/30 DAYS)https://medium.com/@zerodaystories/improper-access-control-in-apis-earns-3-900-bounty-4-30-days-5a8668695b84?source=rss------bug_bounty-50day storiespenetration-testing, bug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips03-Jan-2025
Time based user enumeration [identitytoolkit.googleapis.com]https://medium.com/bug-bounty/time-based-user-enumeration-identitytoolkit-googleapis-com-72b2710b380a?source=rss------bug_bounty-5Philippe Delteiluser-enumeration, google-api, bug-bounty03-Jan-2025
P4 Bugs and PoC | Part 2https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-2-0842039eddf3?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, infosec, bug-bounty, money, hacking03-Jan-2025
PicoCTF Writeups — dont-use-client-sidehttps://medium.com/@sobatistacyber/picoctf-writeups-dont-use-client-side-1cda7ae1cc87?source=rss------bug_bounty-5SoBatistactf, bug-bounty, picoctf, hacking, penetration-testing03-Jan-2025
Mastering 403 Bypass Techniques: A Penetration Tester’s Guidehttps://bitpanic.medium.com/mastering-403-bypass-techniques-a-penetration-testers-guide-f3a1cb16b9a3?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, cybersecurity, technology, programming, bug-bounty03-Jan-2025
Python libraries every Hacker should knowhttps://infosecwriteups.com/python-libraries-every-hacker-should-know-97fb5dae2efd?source=rss------bug_bounty-5Abhishek pawarhacking, programming, cybersecurity, python, bug-bounty03-Jan-2025
#ERROR!https://medium.com/@cybertips96/-d6a3961c1fdd?source=rss------bug_bounty-5Cybertipsbug-bounty03-Jan-2025
Vulnerability Testing Techniqueshttps://medium.com/@phirojshah20/vulnerability-testing-techniques-b9498fefd4b3?source=rss------bug_bounty-5Phirojshahbug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty, bugs03-Jan-2025
P4 Bugs and PoC | Part 3https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-3-8ca9776c87bc?source=rss------bug_bounty-5Abhijeet kumawatinfosec, hacking, bug-bounty-tips, bug-bounty, money03-Jan-2025
TOP 10 VULNERABILITIES IN CYBER SECURITYhttps://medium.com/@saiganesh18062003/top-10-vulnerabilities-in-cyber-security-337bb7a28760?source=rss------bug_bounty-5Levi Ackermansecurity, cybersecurity, technology, bug-bounty, security-services03-Jan-2025
Be Aware Of It, Hacker! How To Keep Yourself Off Dangerous Triggers During Hacking Story!https://medium.com/@nnface/be-aware-of-it-hacker-how-to-keep-yourself-off-dangerous-triggers-during-hacking-story-b4e0962c05a7?source=rss------bug_bounty-5NnFacescammer-alert, cybersecurity, bug-bounty, scam, hacking03-Jan-2025
How I Found an Open AWS S3 Bucket and Used It to Take Over a Subdomainhttps://medium.com/@bochamekh21/how-i-found-an-open-aws-s3-bucket-and-used-it-to-take-over-a-subdomain-75736e90c945?source=rss------bug_bounty-5Boubker Chamekhsubdomain-takeover, bug-bounty, hacking, hackerone, bug-bounty-writeup03-Jan-2025
P4 Bugs and PoC | Part 3https://infosecwriteups.com/p4-bugs-and-poc-part-3-8ca9776c87bc?source=rss------bug_bounty-5Abhijeet kumawatinfosec, hacking, bug-bounty-tips, bug-bounty, money03-Jan-2025
Security Misconfiguration (Tryhackme)https://medium.com/@BetterBy0x01/security-misconfiguration-tryhackme-9c763a743a71?source=rss------bug_bounty-5Ashutosh Singh Pateltryhackme-writeup, tryhackme, hacking, security, bug-bounty02-Jan-2025
Zero Click Account Takeoverhttps://anontriager.medium.com/zero-click-account-takeover-7f8bdcda2236?source=rss------bug_bounty-5Anonymous Traigerrewards, bug-bounty, programing, hacking, cybersecurity02-Jan-2025
hunting #1https://medium.com/@dark_zone/hunting-1-ee308e923359?source=rss------bug_bounty-5darkzonebug-bounty02-Jan-2025
A Recon Tool That Uses AI to Predict Subdomainshttps://medium.com/@kumawatabhijeet2002/a-recon-tool-that-uses-ai-to-predict-subdomains-73a41aaa774d?source=rss------bug_bounty-5Abhijeet kumawatai, bug-bounty, infosec, hacking, recon02-Jan-2025
Code Analysis can help you make $200-$500 (C,C++,Node and general codes)https://medium.com/@anandrishav2228/code-analysis-can-help-you-make-200-500-c-c-node-and-general-codes-cb7752617931?source=rss------bug_bounty-5Rishav anandmoney, programming, cybersecurity, bug-bounty, code02-Jan-2025
WP-CRON Leading to a Complete Denial of Service (DoS) for Bank ‘X’https://cybersecuritywriteups.com/wp-cron-leading-to-a-complete-denial-of-service-dos-for-bank-x-82de725dfa4f?source=rss------bug_bounty-5Guru Prasad Pattanaikethical-hacking, cyber-security-awareness, cyberattack, bug-bounty, cybersecurity02-Jan-2025
【Activities Guide】A detailed overview of the TECNO Security Response Center’s security incentive…https://medium.com/@security.tecno/activities-guide-a-detailed-overview-of-the-tecno-security-response-centers-security-incentive-6e43effd8d37?source=rss------bug_bounty-5TECNO Securitybug-bounty, hacking, security, activity02-Jan-2025
How to Build a Cloud Security Monitoring Dashboard !https://medium.com/@paritoshblogs/how-to-build-a-cloud-security-monitoring-dashboard-81951b57613f?source=rss------bug_bounty-5Paritoshcloud-security, bug-bounty, hacking, cybersecurity, cloud02-Jan-2025
Google Dorks Checklist for Bug Bounty — Bug Bounty Thursdayhttps://medium.com/@kerstan/google-dorks-checklist-for-bug-bounty-bug-bounty-thursday-ab5ccadb91b2?source=rss------bug_bounty-5kerstancybersecurity, bug-bounty, hacking02-Jan-2025
Zendesk Access Token Disclosed in a JavaScript File Allowing Ticket Accesshttps://medium.com/@aloneh1/zendesk-access-token-disclosed-in-a-javascript-file-allowing-ticket-access-cfc5ba637dde?source=rss------bug_bounty-5Anzilbug-bounty, vapt, cybersecurity, bug-bounty-writeup02-Jan-2025
Finding Hidden API-Keys & How to Use themhttps://medium.com/@sumitcfe/finding-hidden-api-keys-how-to-use-them-9c8a187d922b?source=rss------bug_bounty-5Sumit Jainvulnerability, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bugs02-Jan-2025
US Arrests Army Soldier Over AT&T, Verizon Hacking | Linked to Presidential Call Log Leakshttps://medium.com/@wiretor/us-arrests-army-soldier-over-at-t-verizon-hacking-linked-to-presidential-call-log-leaks-25897c6b4e0b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacker, bug-bounty, malware, ai, business02-Jan-2025
Rhode Islanders’ Data Breach: Protect Yourself from Cyberattacks Today!https://medium.com/@wiretor/rhode-islanders-data-breach-protect-yourself-from-cyberattacks-today-1c0f4f79b40b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, business, bug-bounty, hacking, ai02-Jan-2025
Election Interference Exposed: Iranian and Russian Cyber Tactics in the Spotlighthttps://medium.com/@wiretor/election-interference-exposed-iranian-and-russian-cyber-tactics-in-the-spotlight-3e9059006021?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, hacking, business, ai, bug-bounty02-Jan-2025
Three Russian-German Nationals Charged with Spying for Russiahttps://medium.com/@wiretor/three-russian-german-nationals-charged-with-spying-for-russia-838f9b0d39d4?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, ransomware, hacking, secret-service, bug-bounty02-Jan-2025
postMessage XSShttps://medium.com/@rootast/postmessage-xss-f5402c9e219c?source=rss------bug_bounty-5Arash Shahbazijavascript, api, xss-attack, bug-bounty, postmessage02-Jan-2025
WP-CRON Leading to a Complete Denial of Service (DoS) for Bank ‘X’https://cybersecuritywriteups.com/wp-cron-leading-to-a-complete-denial-of-service-dos-for-bank-x-82de725dfa4f?source=rss------bug_bounty-5Guru Prasad Pattanaik || TH3N00BH4CK3Rethical-hacking, cyber-security-awareness, cyberattack, bug-bounty, cybersecurity02-Jan-2025
A Guide to MITRE ATT&CK Cloud Matrices: Simplified with Exampleshttps://medium.com/@paritoshblogs/a-guide-to-mitre-att-ck-cloud-matrices-simplified-with-examples-2f6588b9ac0e?source=rss------bug_bounty-5Paritoshcloud, bug-bounty, hacking, cloud-computing, cybersecurity01-Jan-2025
Refer Friends, Win Credit Rewards!https://medium.com/@security.tecno/refer-friends-win-credit-rewards-574795eeb6a9?source=rss------bug_bounty-5TECNO Securitybug-bounty, hacker, rewards, security01-Jan-2025
Bug Bounty Journey in 2024https://medium.com/@suganthankumaralingam/bug-bounty-journey-in-2024-e4f23874f991?source=rss------bug_bounty-5Suganthankumaralingambug-bounty-writeup, bug-zero, hackerone, bug-bounty-tips, bug-bounty01-Jan-2025
Bypassing Email verification through HTTP response interceptionhttps://callgh0st.medium.com/bypassing-email-verification-through-http-response-interception-7644a907899a?source=rss------bug_bounty-5callgh0stemail, bug-bounty, gaza, hacking, support01-Jan-2025
Win the Race | Exploiting Race Condition Vulnerabilityhttps://medium.com/codingninjablogs/win-the-race-exploiting-race-condition-vulnerability-21ba7297f039?source=rss------bug_bounty-5#$ubh@nk@rinfosec, bug-bounty, web-security, race-condition, hacking01-Jan-2025
My first 100 Days with Bug Bounties.https://medium.com/@rootplinix/my-first-100-days-with-bug-bounties-7c4f69f73d3d?source=rss------bug_bounty-5Abu Hurayrabug-bounty, infosec, vulnerability, cybersecurity, hacking01-Jan-2025
Bypassing Email verification through HTTP response interceptionhttps://infosecwriteups.com/bypassing-email-verification-through-http-response-interception-7644a907899a?source=rss------bug_bounty-5callgh0stemail, bug-bounty, gaza, hacking, support01-Jan-2025
Understanding DNS for Bug Bounty Huntinghttps://medium.com/@mastergojo122/understanding-dns-for-bug-bounty-hunting-428ec422aac6?source=rss------bug_bounty-5Wahid Najimdns-servers, dns, bug-bounty, bug-bounty-writeup01-Jan-2025
Advanced Enumeration Techniqueshttps://medium.com/@phirojshah20/advanced-enumeration-techniques-45cbeb429231?source=rss------bug_bounty-5Phirojshahbugs, cybersecurity, bug-bounty, bug-bounty-tips01-Jan-2025
Discovery and Probing Toolshttps://medium.com/@phirojshah20/discovery-and-probing-tools-5bb0a594b5d2?source=rss------bug_bounty-5Phirojshahbug-bounty-tips, cybersecurity, bug-bounty01-Jan-2025
Bug Bounty Hunting Methodology 2025https://medium.com/@phirojshah20/bug-bounty-hunting-methodology-2025-797bf8ae4c27?source=rss------bug_bounty-5Phirojshahbug-bounty, bug-hunting, reconnaissance, cybersecurity, bugs01-Jan-2025
CVE-2024–56803: Ghostty Vulnerability Allows Command Injectionhttps://medium.com/@wiretor/cve-2024-56803-ghostty-vulnerability-allows-command-injection-23e41eb1e8ad?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, ai, bug-bounty, business, malware01-Jan-2025
Uncover Hidden Web Paths with Recursive Dirbustinghttps://bitpanic.medium.com/uncover-hidden-web-paths-with-recursive-dirbusting-6befea8ab485?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, technology, bug-bounty, cybersecurity, programming01-Jan-2025
Over 3.1 Million Fake Stars on GitHub: A Threat to Trust & Security ️https://medium.com/@wiretor/over-3-1-million-fake-stars-on-github-a-threat-to-trust-security-%EF%B8%8F-f6af3a43224d?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, bug-bounty, malware, hacking, business01-Jan-2025
This Simple GraphQL SSRF Bug Earned Me $3,000 (3/30 DAYS)https://medium.com/@zerodaystories/this-simple-graphql-ssrf-bug-earned-me-3-000-3-30-days-9bd13e2c2f9d?source=rss------bug_bounty-50day storiesbug-bounty, penetration-testing, bug-bounty-writeup, cybersecurity, bug-bounty-tips01-Jan-2025
Dive into Go: A Full Guide for Penetration Testers, Bounty Hunters, and Developershttps://medium.com/@v1xtron/dive-into-go-a-full-guide-for-penetration-testers-bounty-hunters-and-developers-5cc013d3f5c6?source=rss------bug_bounty-5v1xtrongo, learn-to-code, programming-languages, bug-bounty01-Jan-2025
Welcome to our first article on this account!https://medium.com/@Dorking1/welcome-to-our-first-article-on-this-account-f7eb4049b768?source=rss------bug_bounty-5Dorking1bug-bounty, penetration-testing, cybersecurity01-Jan-2025
This Simple GraphQL SSRF Bug Earned $3,000 (3/30 DAYS)https://medium.com/@zerodaystories/this-simple-graphql-ssrf-bug-earned-me-3-000-3-30-days-9bd13e2c2f9d?source=rss------bug_bounty-50day storiesbug-bounty, penetration-testing, bug-bounty-writeup, cybersecurity, bug-bounty-tips01-Jan-2025
File upload bypass — Fuzz magic bytes / Mime types with ffufhttps://medium.com/@opabravo/file-upload-bypass-fuzz-magic-bytes-mime-types-with-ffuf-b218171533d4?source=rss------bug_bounty-5Fate Walkerffuf, fuzzing, penetration-testing, file-upload-vulnerability, bug-bounty31-Dec-2024
From Hidden Parameter to Account Takeoverhttps://medium.com/@radwan0x/from-hidden-parameter-to-account-takeover-e6905f35d93a?source=rss------bug_bounty-5Mohamed Radwanbug-bounty, csrf-attack, bug-bounty-tips31-Dec-2024
Vertical Privilege Escalation from Manager to Owner: A Bug Bounty Storyhttps://medium.com/@swaroopvenkat828/vertical-privilege-escalation-from-manager-to-owner-a-bug-bounty-story-7a039eb0b938?source=rss------bug_bounty-5swaroop 04privilege-escalation, bug-bounty-tips, bug-bounty31-Dec-2024
Sensitive Data Exposure (Tryhackme)https://medium.com/@BetterBy0x01/sensitive-data-exposure-tryhackme-111ed71542af?source=rss------bug_bounty-5Ashutosh Singh Patelsecurity, data, tryhackme, hacking, bug-bounty31-Dec-2024
Mastering XSS in a single read!https://anontriager.medium.com/mastering-xss-in-a-single-read-40bc850427bd?source=rss------bug_bounty-5Anonymous Traigerbug-bounty, hacker, programming, cybersecurity, jobs31-Dec-2024
Mastering 403 Forbidden Bypass Techniques Part-2✨https://medium.com/@kumawatabhijeet2002/mastering-403-forbidden-bypass-techniques-part-2-658af618d5b0?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, 403-forbidden, hacking, infosec, bug-bounty31-Dec-2024
How I Discovered Exposed .env Files on a Subdomain of a Popular Exam Proctoring Websitehttps://medium.com/@anonymousshetty2003/how-i-discovered-exposed-env-files-on-a-subdomain-of-a-popular-exam-proctoring-website-50f1847a9e59?source=rss------bug_bounty-5Anonymousshettyinformation-disclosure, hacking, bug-bounty, cybersecurity, bug-bounty-tips31-Dec-2024
How I Discovered a Leaked cAdvisor Panel Dashboard on a Websitehttps://medium.com/@anonymousshetty2003/how-i-discovered-a-leaked-cadvisor-panel-dashboard-on-a-website-1f097b526b3e?source=rss------bug_bounty-5Anonymousshettycybersecurity, shodan, hacking, bug-bounty, bug-hunting31-Dec-2024
API Pentesting: Unrestricted Resource Consumptionhttps://devilwrites.medium.com/api-pentesting-unrestricted-resource-consumption-2692bf368575?source=rss------bug_bounty-5hackerdevilapi, api-penetration-testing, owasp, api-security, bug-bounty31-Dec-2024
Advanced Analysis: XSS Vulnerability in an AI-Powered Chatbot Servicehttps://medium.com/@MianHammadx0root/advanced-analysis-xss-vulnerability-in-an-ai-powered-chatbot-service-53212f545624?source=rss------bug_bounty-5Mian Hammadxss-attack, cybersecurity, ai-chat-bot, ai, bug-bounty31-Dec-2024
How I Discovered an 8.2 Severity bug on hackerone for Account Takeover via HTML Injectionhttps://medium.com/@ravindrajatav0709/how-i-discovered-an-8-2-severity-bug-on-hackerone-for-account-takeover-via-html-injection-3e5b0ec32cc9?source=rss------bug_bounty-5Ravindrajatavbugs, bug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty31-Dec-2024
My First Year in Bug Bounty Huntinghttps://0xshuvo.medium.com/my-first-year-in-bug-bounty-hunting-2b5c2cb9c205?source=rss------bug_bounty-5Shuvo Kumar Sahabug-bounty-hunter, bug-bounty-writeup, bug-bounty, bug-bounty-tips, infosec31-Dec-2024
OTP Bypass Leads to $2000 (2/30 DAYS)https://medium.com/@zerodaystories/otp-bypass-leads-to-2000-2-30-days-7845b2580e7e?source=rss------bug_bounty-50day storiesbug-bounty-tips, bug-bounty-writeup, bug-bounty, cybersecurity, penetration-testing31-Dec-2024
2024 Bug Bounty Achievementshttps://medium.com/readers-club/2024-bug-bounty-achievements-15c5195031d3?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, cybersecurity, failure, growth-mindset, never-give-up31-Dec-2024
How was I able to lock any user’s account?https://zerocode-ph.medium.com/how-was-i-able-to-lock-any-users-account-4303ff175a04?source=rss------bug_bounty-5Syd Ricafort (0cod3)bug-bounty31-Dec-2024
The Struggles of Manual Security Testers in an Automation-Heavy Bug Bounty Erahttps://mixbanana.medium.com/the-struggles-of-manual-security-testers-in-an-automation-heavy-bug-bounty-era-22cccf32fc13?source=rss------bug_bounty-5MixBananapenetration-testing, security, bug-bounty, cybersecurity31-Dec-2024
U.S. Treasury Breached via Remote Support Platform: Lessons for Cybersecurity Professionalshttps://medium.com/@wiretor/u-s-treasury-breached-via-remote-support-platform-lessons-for-cybersecurity-professionals-bd25d69ee856?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, bug-bounty, ai, xss-attack, hacker31-Dec-2024
Session Hijacking Vulnerability in Password Reset Flow Leading to Cross-Account Accesshttps://medium.com/@iPsalmy/session-hijacking-vulnerability-in-password-reset-flow-leading-to-cross-account-access-4823d88e680a?source=rss------bug_bounty-5iPsalmypenetration-testing, cybersecurity, application-security, information-security, bug-bounty31-Dec-2024
My story of hacking Dutch Government | by Chinmaya Ranahttps://chinmayarana.medium.com/my-story-of-hacking-dutch-government-by-chinmaya-rana-b54ea26c92dd?source=rss------bug_bounty-5Chinmaya Ranahacking, readteam, bug-bounty, cybersecurity, web-security31-Dec-2024
Unleashing My Recon Weapon: A Custom Bash Tool for Bug Bountyhttps://medium.com/@kumawatabhijeet2002/unleashing-my-recon-weapon-a-custom-bash-tool-for-bug-bounty-d946b5f26dd9?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, bug-bounty-tips, recon, hacking, infosec31-Dec-2024
This is a writeup of how can I get critical $$$$ bounty from PII Disclosure - Broken Accesshttps://medium.com/@0xNayelx/this-is-a-writeup-of-how-can-i-get-critical-bounty-from-pii-disclosure-broken-access-7a113e5dc50c?source=rss------bug_bounty-50xNayelbug-bounty-writeup, ctf-writeup, cybersecurity, bug-bounty-tips, bug-bounty31-Dec-2024
SQLi Time-Based Blind Finding Methodshttps://medium.com/@erkankavas/sqli-time-based-blind-finding-methods-cdef02de2d0e?source=rss------bug_bounty-5Erkan Kavassqli, ethical-hacking, bug-bounty, bug-bounty-tips, hacking31-Dec-2024
Old School Out-of-Band (OOB) SQL Injection Manual Approachhttps://anontuttuvenus.medium.com/old-school-out-of-band-oob-sql-injection-manual-approach-cc50b81c5984?source=rss------bug_bounty-5Anon Tuttu Venuswebapplicationpentest, sql-injection, bug-bounty, owasp-top-10, sqli31-Dec-2024
Alhamdulillah ❤️https://medium.com/@momenrezkk90/alhamdulillah-%EF%B8%8F-4c8ba456bec1?source=rss------bug_bounty-5MOAMEN REZKbug-bounty, cybersecurity, penetration-testing, bugs, red-team31-Dec-2024
Mastering Wfuzz: Uncover Hidden Web Vulnerabilitiesehttps://medium.com/@kumawatabhijeet2002/mastering-wfuzz-uncover-hidden-web-vulnerabilitiese-351cbbef18d6?source=rss------bug_bounty-5Abhijeet kumawathacking, bug-bounty-tips, bug-bounty, infosec, medium30-Dec-2024
Sql Injection Vulnerability via Registration Formhttps://medium.com/@kevstrs_/sql-injection-vulnerability-via-registration-form-ccaf7bbddd0b?source=rss------bug_bounty-5kevstrs_sql-injection, bug-bounty, injection, pentesting30-Dec-2024
How I was able to delete a production backend server in my first finding.https://gr3yg05t.medium.com/how-i-was-able-to-delete-a-production-backend-server-in-my-first-finding-5dcce8aa093c?source=rss------bug_bounty-5Mr Greybug-bounty, bug-bounty-tips, info-sec-writeups, infosec, bug-bounty-writeup30-Dec-2024
Triaging an LFI Vulnerability Reporthttps://anontriager.medium.com/triaging-an-lfi-vulnerability-report-ad9a33016f0c?source=rss------bug_bounty-5Anonymous Traigerjobs, programming, money, bug-bounty, cybersecurity30-Dec-2024
US Healthcare Providers May Be Hit With New Cybersecurity Ruleshttps://mhmmuneef.medium.com/us-healthcare-providers-may-be-hit-with-new-cybersecurity-rules-61aa2655ea79?source=rss------bug_bounty-5Mohammed Muneefhealthcare-technology, cybersecurity-awareness, news, bug-bounty, technology30-Dec-2024
️‍♂️ Enhancing Bug Bounty Programs in an AI-Driven Markethttps://infosecwriteups.com/%EF%B8%8F-%EF%B8%8F-enhancing-bug-bounty-programs-in-an-ai-driven-market-e512b0b2766a?source=rss------bug_bounty-5Tal Eliyahubug-bounty, genai, artificial-intelligence, security, cybersecurity30-Dec-2024
DNS Tunneling to Bypass Firewall.https://medium.com/@anandrishav2228/dns-tunneling-to-bypass-firewall-ab5e9d91bd7b?source=rss------bug_bounty-5Rishav anandfirewall, bug-bounty, money, hacking, cybersecurity30-Dec-2024
When APIs Can’t Keep Up: How I Exploited Misconfigured Rate Limits to Crash the Partyhttps://myselfakash20.medium.com/when-apis-cant-keep-up-how-i-exploited-misconfigured-rate-limits-to-crash-the-party-e5be48d4cacd?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, bug-bounty, bug-bounty-writeup, technology, cybersecurity30-Dec-2024
Exploiting SQLi to Query Database Version on MySQL and Microsofthttps://osintteam.blog/exploiting-sqli-to-query-database-version-on-mysql-and-microsoft-8d38a3ec42b4?source=rss------bug_bounty-5The Cybersec Cafésql-injection, cybersecurity, information-security, penetration-testing, bug-bounty30-Dec-2024
Server-side vulnerabilities | #1 PATH TRAVERSALhttps://medium.com/@agapehearts/server-side-vulnerabilities-1-path-traversal-5df782acb60d?source=rss------bug_bounty-5Agape HearTsethical-hacking, portswigger, servers, cybersecurity, bug-bounty30-Dec-2024
CSRF Enable 2FA allow User Lose Access to Their Account.https://anjarwilujeng.medium.com/csrf-enable-2fa-allow-user-lose-access-to-their-account-331eaed89d25?source=rss------bug_bounty-5AWesomebug-bounty, bug-bounty-writeup, csrf30-Dec-2024
Hacker Nedir ve Türleri Nelerdir?https://medium.com/@gzmpyrz99/hacker-nedir-ve-t%C3%BCrleri-nelerdir-abff0e616fbf?source=rss------bug_bounty-5Gizem Poyrazblue-team, hacker, red-team, scriptkkiddie, bug-bounty30-Dec-2024
When APIs Can’t Keep Up: How I Exploited Misconfigured Rate Limits to Crash the Partyhttps://infosecwriteups.com/when-apis-cant-keep-up-how-i-exploited-misconfigured-rate-limits-to-crash-the-party-e5be48d4cacd?source=rss------bug_bounty-5Akash Ghoshbug-bounty, hacking, programming, technology, cybersecurity30-Dec-2024
Weirdest access control vulnerability I have ever found…https://siratsami71.medium.com/weirdest-access-control-vulnerability-i-have-ever-found-b3ea97019fad?source=rss------bug_bounty-5Sirat Sami (analyz3r)hackerone, security, pentesting, bug-bounty30-Dec-2024
What Bug Bounty Hunters Don’t Tell You.https://medium.com/@padhyepushkar/what-bug-bounty-hunters-dont-tell-you-78969ca0916a?source=rss------bug_bounty-5Pushkar Padhyebug-bounty, bug-bounty-writeup, bug-bounty-tips, blogging, knowledge30-Dec-2024
Unauthorized Account Deletion via Email Spoofinghttps://medium.com/@Salmansaifeldin/unauthorized-account-deletion-via-email-spoofing-dbfccad287c7?source=rss------bug_bounty-5Salman SaifEl-Dinbug-bounty-tips, cybersecurity, bug-bounty30-Dec-2024
Unlocking Secrets: How to Create Your Own Wordlist for Hidden Directories and Endpoints ✨https://medium.com/@kumawatabhijeet2002/unlocking-secrets-how-to-create-your-own-wordlist-for-hidden-directories-and-endpoints-9d78539857b3?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, hacking, bug-bounty, medium, infosec30-Dec-2024
Bug Bounty Insights: 10 Key Findings - Email Verification Flaws - Part 4https://medium.com/@maakthon/bug-bounty-insights-10-key-findings-email-verification-flaws-part-4-49412c461450?source=rss------bug_bounty-5Mahmoud Abd Alkarimbug-bounty-tips, security-research, bug-bounty, cybersecurity, broken-access-control30-Dec-2024
Delete any comment without admin privilegehttps://medium.com/@a.essam0_o/delete-any-comment-without-admin-privilege-d5af9105ed9d?source=rss------bug_bounty-5A.Essamattack, bug-bounty, web, hacking, pentesting30-Dec-2024
PortSwigger — Authenticationhttps://medium.com/@rzashirinov38/portswigger-authentication-e3760f4d1411?source=rss------bug_bounty-5Rza Shirinovportswigger, authentication, web, bug-bounty, login30-Dec-2024
Hidden Gems: Simple Exploits Overlooked by Most Bug Huntershttps://bitpanic.medium.com/hidden-gems-simple-exploits-overlooked-by-most-bug-hunters-3113cc1db4b8?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, bug-bounty, technology, cybersecurity, programming30-Dec-2024
Apache MINA CVE-2024–52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serializationhttps://medium.com/@wiretor/apache-mina-cve-2024-52046-cvss-10-0-flaw-enables-rce-via-unsafe-serialization-1d042d0ad53e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesxss-attack, malware, hacking, bug-bounty, apache-mina30-Dec-2024
Outdated D-Link Routers Under Siege: Botnets Exploit Vulnerabilitieshttps://medium.com/@wiretor/outdated-d-link-routers-under-siege-botnets-exploit-vulnerabilities-24fa380d9e2e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, ai, xss-attack, hacking30-Dec-2024
US Cracks Down on Foreign Exploitation of Personal Informationhttps://medium.com/@wiretor/us-cracks-down-on-foreign-exploitation-of-personal-information-1c57dd844750?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, usa, bug-bounty, hacker, xss-attack30-Dec-2024
Telecom Giants Secure Networks After Salt Typhoon Espionage Scandalhttps://medium.com/@wiretor/telecom-giants-secure-networks-after-salt-typhoon-espionage-scandal-106159c959ba?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesxss-attack, bug-bounty, malware, ai, hacking30-Dec-2024
Useful Extensions for Bug Bounty Huntinghttps://medium.com/@phirojshah20/useful-extensions-for-bug-bounty-hunting-0a1f4e32344c?source=rss------bug_bounty-5Phirojshahcybersecurity, bug-bounty, bugs, bug-bounty-tips, extension30-Dec-2024
How to Find Origin IP of any Website Behind a WAFhttps://infosecwriteups.com/how-to-find-origin-ip-of-any-website-behind-a-waf-c85095156ef7?source=rss------bug_bounty-5coffinxpbug-bounty-tips, waf-bypass, bug-bounty, technology, recon30-Dec-2024
Mastering the Art of Bug Bounty Hunting: A Step-by-Step Guidehttps://medium.com/@kumawatabhijeet2002/mastering-the-art-of-bug-bounty-hunting-a-step-by-step-guide-8eaabfe1cbf6?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, infosec, hacking, free, bug-bounty-tips30-Dec-2024
Discovered 30 BOLA + IDOR vulnerabilities in a single subdomain (BBP).https://im4x.medium.com/discovered-30-bola-idor-vulnerabilities-in-a-single-subdomain-bbp-a382e4554e71?source=rss------bug_bounty-5Ahmed Najehhacking, bug-bounty, hackerone30-Dec-2024
How I Took Over Millions of Instagram Accounts Using SQL Injection Method & Takeover via Filtering…https://pwn0sec.medium.com/how-i-took-over-millions-of-instagram-accounts-using-sql-injection-method-takeover-via-filtering-cd858d486a54?source=rss------bug_bounty-5PwnOsec Research Groupsindonesian, bug-bounty, pemerintah-indonesia, bug-bounty-tips30-Dec-2024
Breaking app’s logic workflow to decrease the payments’ amountshttps://medium.com/@bag0zathev2/breaking-apps-logic-workflow-to-decrease-the-payments-amounts-9c9f44efe23d?source=rss------bug_bounty-5Fares Walid (SirBugs)cybersecurity, bug-bounty, bug-hunting, payment-gateway, payments29-Dec-2024
Command Injection (Tryhackme and Owaspbwa)https://medium.com/@BetterBy0x01/command-injection-tryhackme-and-owaspbwa-6765b324c99d?source=rss------bug_bounty-5Ashutosh Singh Patelcommand-injection, security, bug-hunting, hacking, bug-bounty29-Dec-2024
how i found the parameter tempering vulnerability?https://doordiefordream.medium.com/how-i-found-the-parameter-tempering-vulnerability-09c4ea5f9675?source=rss------bug_bounty-5Bug hunter balubug-bounty, hacking, cybersecurity, ethical-hacking, web329-Dec-2024
Cross-Domain Referrer Leakage (Bug Bounty)https://anontriager.medium.com/cross-domain-referrer-leakage-bug-bounty-5c7fb967883d?source=rss------bug_bounty-5Anonymous Traigerbug-bounty, cybersecurity, bug-bounty-tips, jobs, bug-bounty-writeup29-Dec-2024
How to find SSRF, Bypass Cloudflare, and extract AWS metadatahttps://anontriager.medium.com/how-to-find-ssrf-bypass-cloudflare-and-extract-aws-metadata-46d1ee6d1857?source=rss------bug_bounty-5Anonymous Traigercybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty, jobs29-Dec-2024
Uncovering Race Conditions in Endpoint API Key Generationhttps://anjarwilujeng.medium.com/uncovering-race-conditions-in-endpoint-api-key-generation-dec3abf31a83?source=rss------bug_bounty-5AWesomerace-condition, bug-bounty-writeup, bug-bounty29-Dec-2024
HTB Write-Up: Retrieving the Flag via cURL | 使用 cURL 提取 Flaghttps://medium.com/@lixinlovestudy/htb-write-up-retrieving-the-flag-via-curl-%E4%BD%BF%E7%94%A8-curl-%E6%8F%90%E5%8F%96-flag-5987084868bb?source=rss------bug_bounty-5Lixin Zhanghackthebox, writeup, bug-bounty29-Dec-2024
Complete Guide to SQL Injection Detection: A Security Researcher’s Handbookhttps://medium.com/@phirojshah20/complete-guide-to-sql-injection-detection-a-security-researchers-handbook-c3b25d40bdb6?source=rss------bug_bounty-5Phirojshahcybersecurity, bug-bounty, sql, sql-injection, bugs29-Dec-2024
Apk Bug Boundy Guidehttps://medium.com/@adithyakrishnav001/apk-bug-boundy-guide-7968d04baf7e?source=rss------bug_bounty-5Adithyakrishna Vhacking, android, bug-bounty, apk, aad129-Dec-2024
Crack the Code: A Beginner’s Blueprint to Cybersecurity Successhttps://medium.com/@divyesh.jagad/crack-the-code-a-beginners-blueprint-to-cybersecurity-success-6aa6546a89bd?source=rss------bug_bounty-5Divyesh Jagadinfosec, cybersecurity, bug-bounty, beginner, income29-Dec-2024
Hunting Hidden Gems: Bug Bounties in the Code of JavaScripthttps://medium.com/@loayahmed686/hunting-hidden-gems-bug-bounties-in-the-code-of-javascript-f369a6617204?source=rss------bug_bounty-5r00tcode-review, bug-bounty-tips, bug-bounty29-Dec-2024
BEST AUTOMATED TOOLS THAT YOU NEED TO KNOW NOW ?????https://jawstar.medium.com/best-automated-tools-that-you-need-to-know-now-f7c883f0487c?source=rss------bug_bounty-5Jawstarautomation-testing, automation, penetration-testing, vulnerability, bug-bounty29-Dec-2024
OWASP Top 10 2025: What to Expecthttps://infosecwriteups.com/owasp-top-10-2025-what-to-expect-22b8ede0c428?source=rss------bug_bounty-5Aditya Sawantpenetration-testing, bug-bounty, information-security, owasp, cybersecurity29-Dec-2024
Brazilian Hacker Charged with Extorting $3.2M in Bitcoin After Breaching 300,000 Accountshttps://medium.com/@wiretor/brazilian-hacker-charged-with-extorting-3-2m-in-bitcoin-after-breaching-300-000-accounts-22a888c20177?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesxss-attack, ai, business, bug-bounty, malware29-Dec-2024
Ruijie Networks’ Cloud Platform Vulnerabilities Could Expose 50,000 Devices to Remote Attackshttps://medium.com/@wiretor/ruijie-networks-cloud-platform-vulnerabilities-could-expose-50-000-devices-to-remote-attacks-0c71e3e230b0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacker, bug-bounty, ai, business, malware29-Dec-2024
Critical Alert: CVE-2024–12356 Command Injection Vulnerability in BeyondTrust RS & PRAhttps://medium.com/@wiretor/critical-alert-cve-2024-12356-command-injection-vulnerability-in-beyondtrust-rs-pra-6e8df2f63471?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, bug-bounty, ai, bus, malware29-Dec-2024
Hackers Target ZAGG Customers in Third-Party Breach: Credit Card Data Exposedhttps://medium.com/@wiretor/hackers-target-zagg-customers-in-third-party-breach-credit-card-data-exposed-8d2ac0f66ba2?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, business, bug-bounty, malware, hacker29-Dec-2024
Mastering DIRB: Your Guide to Uncovering Hidden Web Directorieshttps://medium.com/@kumawatabhijeet2002/mastering-dirb-your-guide-to-uncovering-hidden-web-directories-d336f6dafa36?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, hacking, infosec, free, bug-bounty-tips29-Dec-2024
Every Flask app hides a story—be the one to uncover ithttps://bitpanic.medium.com/every-flask-app-hides-a-story-be-the-one-to-uncover-it-32f2942f7927?source=rss------bug_bounty-5Spectat0rguyinformation-security, cybersecurity, technology, bug-bounty, bug-bounty-tips29-Dec-2024
How I Unsubscribed 100+ Emails Including CEO*CTO*CISO* Etc Of The Company With Out User Interactionhttps://medium.com/@alexandermr289/how-i-unsubscribed-100-emails-including-ceo-cto-ciso-etc-of-the-company-with-out-user-interaction-f6d78320ddaf?source=rss------bug_bounty-5Mr_alexanderosint, cybersecurity, medium, bug-bounty, darkweb29-Dec-2024
HTML Injectionhttps://medium.com/@mastergojo122/html-injection-b6f4151c7d6a?source=rss------bug_bounty-5Wahid Najimhtml-injection, bug-bounty-writeup, cybersecurity, bug-bounty29-Dec-2024
403/401 Bypass Methods + Bash Automation + Your Support 😉https://anontriager.medium.com/403-401-bypass-methods-bash-automation-your-support-5468b93599fd?source=rss------bug_bounty-5Anonymous Traigerbug-bounty, cybersecurity, bugbounty-tips, bug-bounty-writeup28-Dec-2024
The Bug Bounty Reconnaissance Framework (BBRF)https://anontriager.medium.com/the-bug-bounty-reconnaissance-framework-bbrf-9e6d5d814551?source=rss------bug_bounty-5Anonymous Traigerbug-bounty, cybersecurity, bugbounty-tips, bug-bounty-writeup28-Dec-2024
You can find hardcoded API-Key, Secret, Token Etc…https://anontriager.medium.com/you-can-find-hardcoded-api-key-secret-token-etc-d27130c481a8?source=rss------bug_bounty-5Anonymous Traigercybersecurity, bugbounty-poc, bug-bounty, bugbounting, bug-bounty-tips28-Dec-2024
Exploiting Weak Password Change Mechanisms: Real-World Scenarioshttps://medium.com/@alvinbijo_174/exploiting-weak-password-change-mechanisms-real-world-scenarios-84394158e9d8?source=rss------bug_bounty-5session-xbug-bounty-tips, bug-bounty28-Dec-2024
IDOR Flaw Leads to $1160 Bounty (1/30 DAYS)https://medium.com/@zerodaystories/idor-flaw-leads-to-1160-bounty-1-30-days-406cd288bebb?source=rss------bug_bounty-50day storiesbug-bounty, cybersecurity, bug-bounty-tips, bug-bounty-writeup, penetration-testing28-Dec-2024
How I was able to delete MFA of any user without Authenticationhttps://medium.com/@sharp488/how-i-was-able-to-delete-mfa-of-any-user-without-authentication-814904b506a2?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbug-bounty-writeup, information-security, bug-bounty-hunter, bug-bounty-tips, bug-bounty28-Dec-2024
Bug Hunting Methodology: A Comprehensive Guidehttps://medium.com/@phirojshah20/bug-hunting-methodology-a-comprehensive-guide-619978852f89?source=rss------bug_bounty-5Phirojshahrecon, reconnaissance, bug-bounty, bug-bounty-tips, cybersecurity28-Dec-2024
Best Cyber Security tools You Must Know before 2024 ENDShttps://medium.com/meetcyber/best-cyber-security-tools-you-must-know-before-2024-ends-c207bd6ba0cd?source=rss------bug_bounty-5Abhishek pawarbug-bounty, hacking, news, cybersecurity, ethical-hacking28-Dec-2024
Default Credentials Put 15,000+ Four-Faith Routers at Riskhttps://medium.com/@wiretor/default-credentials-put-15-000-four-faith-routers-at-risk-65d235b23cfe?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacker, malware, business, bug-bounty, ai28-Dec-2024
✈️ Japan Airlines Hit by Cyberattack: A Wake-Up Call for Aviation Cybersecurity! ✈️https://medium.com/@wiretor/%EF%B8%8F-japan-airlines-hit-by-cyberattack-a-wake-up-call-for-aviation-cybersecurity-%EF%B8%8F-dfddcafa3d34?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, xss-attack, hacking, japan, bug-bounty28-Dec-2024
Volkswagen Leak Reveals 800,000 Cars’ Data: Precision Geo-Locations Exposed!https://medium.com/@wiretor/volkswagen-leak-reveals-800-000-cars-data-precision-geo-locations-exposed-80acc7587581?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, ai, bug-bounty, hacking, business28-Dec-2024
Chinese Hackers Target U.S. Telecoms: What You Need to Knowhttps://medium.com/@wiretor/chinese-hackers-target-u-s-telecoms-what-you-need-to-know-4637ca456eeb?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, bug-bounty, malware, ai, business28-Dec-2024
Mastering Gobuster: Unveiling Hidden Paths in Web Applicationshttps://medium.com/@kumawatabhijeet2002/mastering-gobuster-unveiling-hidden-paths-in-web-applications-2c7b6bb2fb1d?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, bug-bounty-tips, hidden, hacking, infosec28-Dec-2024
Admin Hunter: Fast and Efficient Admin Panel Discoveryhttps://medium.com/@rootspaghetti/admin-hunter-fast-and-efficient-admin-panel-discovery-6461e818942c?source=rss------bug_bounty-5Root@Spaghettibug-bounty-tips, bug-bounty28-Dec-2024
Logic Flaw: Turning an Invitation Function into a Revenue Blockerhttps://gr3yg05t.medium.com/logic-flaw-turning-an-invitation-function-into-a-revenue-blocker-b4523dc46dde?source=rss------bug_bounty-5Mr Greybug-bounty-writeup, bug-bounty-tips, bug-bounty, business-logic-flaw, infosec27-Dec-2024
Most commonly found Vulnerabilities in Web Applications.https://medium.com/paktolus-engineering/most-commonly-found-vulnerabilities-in-web-applications-01dfb54530e2?source=rss------bug_bounty-5Jay Shankarpenetration-testing, web-vulnerabilities, bug-bounty-writeup, bug-bounty, vapt-services27-Dec-2024
Logic Flaw: Using Invitation Function to Block Other Accountshttps://gr3yg05t.medium.com/logic-flaw-turning-an-invitation-function-into-a-revenue-blocker-b4523dc46dde?source=rss------bug_bounty-5Mr Greybug-bounty-writeup, bug-bounty-tips, bug-bounty, business-logic-flaw, infosec27-Dec-2024
Cookie Replayhttps://vikasrai11.medium.com/cookie-replay-e379800e40b2?source=rss------bug_bounty-5Vikas Raipenetration-testing, bug-bounty, vulnerability, security-token, cybersecurity27-Dec-2024
How i accidentally found a 1-click account takeover bughttps://infosecwriteups.com/how-i-accidentally-found-a-1-click-account-takeover-bug-dd27a512dd22?source=rss------bug_bounty-5callgh0staccount-takeover, transparency, gaza, bug-bounty, hacking27-Dec-2024
Is 2025 the Year to Begin Bug Bounty Hunting? Here’s What you need to Know ..https://medium.com/@techinsights5/is-2025-the-year-to-begin-bug-bounty-hunting-heres-what-you-need-to-know-3e61bcf14a4b?source=rss------bug_bounty-5TechInsightsethical-hacking, bug-bounty-tips, bug-bounty-writeup, bug-bounty, cybersecurity27-Dec-2024
AdsPower「安全众测计划」后,What’s Next?https://medium.com/@AdsPowerHK/adspower-%E5%AE%89%E5%85%A8%E4%BC%97%E6%B5%8B%E8%AE%A1%E5%88%92-%E5%90%8E-whats-next-01a612937c93?source=rss------bug_bounty-5AdsPower 指紋瀏覽器bug-bounty, 指纹浏览器, adspower27-Dec-2024
The WAF Gambit: How I Bypassed a Client’s Web Application Firewall and Exposed a Vulnerabilityhttps://medium.com/@GHOSTWIELD/the-waf-gambit-how-i-bypassed-a-clients-web-application-firewall-and-exposed-a-vulnerability-d8f47452429a?source=rss------bug_bounty-5GhostWieldcybersecurity, money, hacking, trends, bug-bounty27-Dec-2024
Game Hacking: Exploiting Executables and Librarieshttps://medium.com/@k3r0/game-hacking-exploiting-executables-and-libraries-27c1b144732a?source=rss------bug_bounty-5Kyrillos nadyhacking, android, bug-bounty, penetration-testing, games27-Dec-2024
Bug Bounty Hunting Using Android: A Mobile Hacker’s Toolkithttps://bitpanic.medium.com/bug-bounty-hunting-using-android-a-mobile-hackers-toolkit-195ea39cccd6?source=rss------bug_bounty-5Spectat0rguyinformation-security, bug-bounty, technology, bug-bounty-tips, cybersecurity27-Dec-2024
Hackers Exploit CVE-2024–3393 to Disable Palo Alto Networks Firewallshttps://medium.com/@wiretor/hackers-exploit-cve-2024-3393-to-disable-palo-alto-networks-firewalls-00e89bb60c11?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, xss-attack, malware, hacking27-Dec-2024
Beware of ‘OtterCookie’ Malware: Devs Targeted with Fake Job Offers!https://medium.com/@wiretor/beware-of-ottercookie-malware-devs-targeted-with-fake-job-offers-01367c51f639?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, malware, bug-bounty, hacking, ai27-Dec-2024
Chrome Extensions Hijacked: Protect Your Data Now!https://medium.com/@wiretor/chrome-extensions-hijacked-protect-your-data-now-8bd0e43d8473?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesxs, hacking, malware, bug-bounty, ai27-Dec-2024
Mastering FFUF: The Ultimate Fuzzing Toolkithttps://medium.com/@kumawatabhijeet2002/mastering-ffuf-the-ultimate-fuzzing-toolkit-e16a85416c5c?source=rss------bug_bounty-5Abhijeet kumawathacking, bug-bounty, bug-bounty-tips, infosec, medium27-Dec-2024
BPP [$750]Arbitrary File Upload Vulnerability To Remote Code Execution (RCE) Outside the Platform.https://aryasec.medium.com/bpp-750-arbitrary-file-upload-vulnerability-to-remote-code-execution-rce-outside-the-platform-9093b51d044d?source=rss------bug_bounty-5Tengku Arya Saputrarce-vulnerability, penetration-testing, bug-bounty, rce, bug-bounty-writeup27-Dec-2024
Must-Have Browser Extensions for Bug Bounty Huntershttps://aiwolfie.medium.com/must-have-browser-extensions-for-bug-bounty-hunters-58edff558912?source=rss------bug_bounty-5AIwolfiebug-bounty, bug-bounty-tips, hacking, ethical-hacking, bug-bounty-writeup27-Dec-2024
Bug Chain: pre-auth takeover to permanent access.https://gr3yg05t.medium.com/bug-chain-pre-auth-takeover-to-permanent-access-4d92829ed816?source=rss------bug_bounty-5Mr Greybug-bounty-tips, bug-bounty, infosec, bug-bounty-writeup, business-logic-flaw27-Dec-2024
Bug Bounty Hunting Using Android: A Mobile Hacker’s Toolkithttps://medium.com/infosecmatrix/bug-bounty-hunting-using-android-a-mobile-hackers-toolkit-195ea39cccd6?source=rss------bug_bounty-5Spectat0rguyinformation-security, bug-bounty, technology, bug-bounty-tips, cybersecurity27-Dec-2024
Uncovering Amazon S3 Bucket Vulnerabilities: A Comprehensive Guide for Ethical Hackershttps://medium.com/@kumawatabhijeet2002/uncovering-amazon-s3-bucket-vulnerabilities-a-comprehensive-guide-for-ethical-hackers-124790bf9e62?source=rss------bug_bounty-5Abhijeet kumawats3, amazon, hacking, bug-bounty-tips, bug-bounty26-Dec-2024
How i Found WCP To DoS Attack Worth of $$$https://medium.com/@RekoJR/how-i-found-wcp-to-dos-attack-worth-of-f1a14553be82?source=rss------bug_bounty-5Reko !bug-bounty-tips, cache, bug-bounty26-Dec-2024
My Second Year into Bug Bounties — From Google Dorks to Manual Huntinghttps://medium.com/@vedantroy/my-second-year-into-bug-bounties-from-google-dorks-to-manual-hunting-ea8f80dc5b21?source=rss------bug_bounty-5Vedant Roybugbounty-writeup, cybersecurity, bugs, bug-bounty, bug-bounty-tips26-Dec-2024
Find XSS Vulnerabilities in Just 2 Minuteshttps://coffinxp.medium.com/find-xss-vulnerabilities-in-just-2-minutes-d14b63d000b1?source=rss------bug_bounty-5coffinxpxss-attack, hacking, automation, bug-bounty-tips, bug-bounty26-Dec-2024
Uncovering Amazon S3 Bucket Vulnerabilities: A Comprehensive Guide for Ethical Hackershttps://medium.com/infosecmatrix/uncovering-amazon-s3-bucket-vulnerabilities-a-comprehensive-guide-for-ethical-hackers-124790bf9e62?source=rss------bug_bounty-5Abhijeet kumawats3, amazon, hacking, bug-bounty-tips, bug-bounty26-Dec-2024
Easy Bounties: JavaScript (JS) File Analysishttps://aditya-narayan.medium.com/easy-bounties-javascript-js-file-analysis-72ba5eb44822?source=rss------bug_bounty-5Aditya Narayanbug-bounty-writeup, cybersecurity, writers-on-medium, bug-bounty-tips, bug-bounty26-Dec-2024
Stuxnet: The Virus That Shook the Worldhttps://medium.com/@zerodaystories/stuxnet-the-virus-that-shook-the-world-27e7f1349c8f?source=rss------bug_bounty-50day storiestechnology, science, bug-bounty, cybersecurity, hacking26-Dec-2024
Unauthenticated RCE Bug Bounty POC | Private Bug Bounty Program | CVE-2020–11798https://pwn0sec.medium.com/unauthenticated-rce-bug-bounty-poc-private-bug-bounty-program-cve-2020-11798-dbbb626b9fdb?source=rss------bug_bounty-5PwnOsec Research Groupsferari, bug-bounty-tips, bug-bounty26-Dec-2024
Access Granted !https://vikasrai11.medium.com/access-granted-5f4747775247?source=rss------bug_bounty-5Vikas Raibug-bounty, cybersecurity, acces, vulnerability26-Dec-2024
Traditional Pentest vs. Bug Bounty Program: The Pros, The Cons, and How to Do It Righthttps://medium.com/@hackrate/traditional-pentest-vs-bug-bounty-program-the-pros-the-cons-and-how-to-do-it-right-f2d8beff40bf?source=rss------bug_bounty-5Levente Molnarpenetration-testing, ethical-hacking, hacking, cybersecurity, bug-bounty26-Dec-2024
Apache Traffic Control Vulnerability Let Attackers Inject Malicious SQL Commandshttps://mhmmuneef.medium.com/apache-traffic-control-vulnerability-let-attackers-inject-malicious-sql-commands-66188cbcd84d?source=rss------bug_bounty-5Mohammed Muneefhacking, bug-bounty, information-security, technology, cybersecurity26-Dec-2024
Critical SQL Injection Vulnerability in Apache Traffic Controlhttps://medium.com/@wiretor/critical-sql-injection-vulnerability-in-apache-traffic-control-a28cedca8b93?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, malware, xss-attack, bug-bounty, ai26-Dec-2024
IBM AIX Vulnerability: Attackers Can Trigger DoS Conditionhttps://medium.com/@wiretor/ibm-aix-vulnerability-attackers-can-trigger-dos-condition-5a5532a8ba66?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, bug-bounty, hacker, xss-attack, malware26-Dec-2024
Find Secrets in Hidden Directories Using Fuzzing ️https://medium.com/@kumawatabhijeet2002/find-secrets-in-hidden-directories-using-fuzzing-%EF%B8%8F-21a9a96c3246?source=rss------bug_bounty-5Abhijeet kumawatfuzzing, infosec, bug-bounty, hacking, bounty-program26-Dec-2024
How I found an IDOR on Achmeahttps://medium.com/@nayeems3c/how-i-found-idor-on-achmea-cf9ce4b7d908?source=rss------bug_bounty-5Nayeem Islambug-bounty, idor, penetration-testing, bug-bounty-writeup, web-security26-Dec-2024
Earn up to $30,000 by just thinking like a pro hacker while pentesting.https://medium.com/@anandrishav2228/earn-up-to-30-000-by-just-thinking-like-a-pro-hacker-while-pentesting-da8e5984ccb9?source=rss------bug_bounty-5Rishav anandbug-bounty, hacker, money, penetration-testing, cybersecurity26-Dec-2024
Fuzzing with AFL++https://medium.com/@arohablue/introduction-to-fuzzing-with-afl-42d37ea78386?source=rss------bug_bounty-5Aroha bluebug-bounty, afl, fuzzing, kali, security26-Dec-2024
XSS Via SVG File Uploadhttps://abhishekgk.medium.com/xss-via-svg-file-upload-5c30af809107?source=rss------bug_bounty-5Abhishekgkbug-bounty, file-upload-vulnerability, bug-bounty-tips, xss-attack, bug-bounty-writeup26-Dec-2024
Interesting Technique to Enumerate Table Names in MySQL 8.xhttps://j3x.medium.com/interesting-technique-to-enumerate-table-names-in-mysql-8-x-668857d43186?source=rss------bug_bounty-5Amdjed Zerrouguibug-bounty, cybersecurity, hacking, penetration-testing26-Dec-2024
Bug Critical Flaw: Default Password to Super Admin!https://medium.com/@firdansp/bug-critical-flaw-default-password-to-super-admin-ef20c4214231?source=rss------bug_bounty-50verRidabugs, cybersecurity, bug-bounty, bug-bounty-tips, hacker25-Dec-2024
Business logic: I can order anything from your account without paying for ithttps://gr3yg05t.medium.com/business-logic-i-can-order-anything-from-your-account-without-paying-for-it-86ef070e01dd?source=rss------bug_bounty-5Mr Greyinfosec, bug-bounty, business-logic-flaw, infosec-write-ups, bug-bounty-writeup25-Dec-2024
My First Encounter with Stored XSS ️‍♂️https://infosecwriteups.com/my-first-encounter-with-stored-xss-%EF%B8%8F-%EF%B8%8F-88e167582b7e?source=rss------bug_bounty-5cryptoshantcybersecurity, bug-bounty, hacking, stored-xss, success25-Dec-2024
How I accidentally found an IDOR bug in Google slides and rewarded $3,133.70https://medium.com/@atikqur007/how-i-accidentally-found-an-idor-bug-in-google-slides-and-rewarded-3-133-70-96866fac3af1?source=rss------bug_bounty-5Atikqur Rahmanbugbounty-writeup, cybersecurity, bug-bounty, google, pentesting25-Dec-2024
Escalating a duplicate Access Control bug to hijack Google Calendar Accounts for a €300 Bountyhttps://medium.com/@saltify/escalating-a-duplicate-access-control-bug-to-hijack-google-calendar-accounts-for-a-300-bounty-a5358cfc868f?source=rss------bug_bounty-5saltifyinfosec, bug-bounty, ethical-hacking, cybersecurity25-Dec-2024
API Pentesting: Broken Object Property Level Authorizationhttps://devilwrites.medium.com/api-pentesting-broken-object-property-level-authorization-21d65939ad24?source=rss------bug_bounty-5hackerdevilapi-security, api, owasp, penetration-testing, bug-bounty25-Dec-2024
Autentic Platform Launches Bug Bounty Program to Strengthen Securityhttps://autentic.medium.com/autentic-platform-launches-bug-bounty-program-to-strengthen-security-0aaad03b4a6e?source=rss------bug_bounty-5Autentic RWAautentic, bug-bounty25-Dec-2024
10 of the biggest cybersecurity stories of 2024https://mhmmuneef.medium.com/10-of-the-biggest-cybersecurity-stories-of-2024-45037b13530f?source=rss------bug_bounty-5Mohammed Muneefnews, medium, bug-bounty, technology, hacker25-Dec-2024
10 Burp Suite Extensions you must have in your arsenalhttps://bitpanic.medium.com/10-burp-suite-extensions-you-must-have-in-your-arsenal-a3ce81fefb05?source=rss------bug_bounty-5Spectat0rguybug-bounty, technology, infosec, cybersecurity, bug-bounty-tips25-Dec-2024
Cross-Site Scripting (XSS): Techniques, Bypasses, and Detectionhttps://medium.com/@rootast/cross-site-scripting-xss-techniques-bypasses-and-detection-927af5a55d02?source=rss------bug_bounty-5Arash shahbazixss-attack, javascript, hacker, methodology, bug-bounty25-Dec-2024
How Would I Start Cybersecurity If I Knew This? A 1-Year Roadmap for 2025https://medium.com/@afilalbadr2/how-would-i-start-cybersecurity-if-i-knew-this-a-1-year-roadmap-for-2025-c069ba183dc0?source=rss------bug_bounty-5Afilalbadrjob-preparation, active-directory-attack, hacking, bug-bounty, penetration-testing25-Dec-2024
The Ultimate Checklist for Detecting IDOR and Broken Access Control Vulnerabilitieshttps://thexssrat.medium.com/the-ultimate-checklist-for-detecting-idor-and-broken-access-control-vulnerabilities-b1585dd4e999?source=rss------bug_bounty-5Thexssrathacking, bug-bounty, hacker, broken-access-control, bug-bounty-tips25-Dec-2024
How Would I Start Cybersecurity If I Knew This? A 1-Year Roadmap for 2025https://medium.com/@GHOSTWIELD/how-would-i-start-cybersecurity-if-i-knew-this-a-1-year-roadmap-for-2025-c069ba183dc0?source=rss------bug_bounty-5GhostWieldjob-preparation, active-directory-attack, hacking, bug-bounty, penetration-testing25-Dec-2024
Website Enumeration and Information Gathering [Part 2]https://medium.com/@BetterBy0x01/website-enumeration-and-information-gathering-part-2-3588cf9e0529?source=rss------bug_bounty-5Ashutosh Singh Patelsecurity, bug-bounty, hacking, bug-bounty-tips24-Dec-2024
How I Test for Open Redirecthttps://osintteam.blog/how-i-test-for-open-redirect-271cd0d0ae55?source=rss------bug_bounty-5Cybersec with Hemmarsbug-bounty, cybersecurity, technology, open-redirect, bug-bounty-writeup24-Dec-2024
Find Bug in 10 Minutes: Critical SQL File Leak Reveals Sensitive Datahttps://medium.com/@firdansp/find-bug-in-10-minutes-critical-sql-file-leak-reveals-sensitive-data-84e48fece4bb?source=rss------bug_bounty-50verRidabug-bounty-tips, bug-bounty, bugs, cybersecurity, writeup24-Dec-2024
Important Windows Events Every SOC Analyst Should Knowhttps://medium.com/@paritoshblogs/important-windows-events-every-soc-analyst-should-know-ed91bce15ed2?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, chatgpt, cybersecurity, hacking24-Dec-2024
Rickdiculouslyeasy 1 — VulnHub Write-uphttps://medium.com/@aminouji23/rickdiculouslyeasy-1-vulnhub-write-up-eb59e824baa7?source=rss------bug_bounty-5Aminoujivulnhub, bug-bounty, ctf-writeup, penetration-testing, cybersecurity24-Dec-2024
Bug Bounty Journey — Valid Report Part 2https://medium.com/@0xF3r4t/bug-bounty-journey-valid-report-part-2-0f3a075e2a65?source=rss------bug_bounty-50xF3r4twaybackurls, bug-bounty-writeup, bug-bounty24-Dec-2024
Bug Bounty Journey — Valid Report 1https://medium.com/@0xF3r4t/bug-bounty-journey-valid-report-1-ffc38d6799a4?source=rss------bug_bounty-50xF3r4tdirsearch, bug-bounty, vdp24-Dec-2024
Penetration Testing Tools — The Basicshttps://medium.com/@iamshafayat/penetration-testing-tools-the-basics-46367acc653e?source=rss------bug_bounty-5Shafayat Ahmed Alifpentest, cybersecurity, bug-bounty, pentest-tools, penetration-testing24-Dec-2024
500$ Secrets: Uncovering Critical Vulnerabilities with Advanced JavaScript Analysishttps://hackersatty.medium.com/500-secrets-uncovering-critical-vulnerabilities-with-advanced-javascript-analysis-ab9a970dc8e8?source=rss------bug_bounty-5hackersattymedium, bug-bounty, javascript, hackerone, bug-bounty-tips24-Dec-2024
A Seemingly Harmless Bug That Could Cost a Company Millionshttps://bitpanic.medium.com/a-seemingly-harmless-bug-that-could-cost-a-company-millions-aeada3a31bae?source=rss------bug_bounty-5Spectat0rguycybersecurity, technology, programming, bug-bounty, bug-bounty-tips24-Dec-2024
Why 2025 Will Be the Year of Bug Bountyhttps://medium.com/@hackrate/why-2025-will-be-the-year-of-bug-bounty-9811e3987e78?source=rss------bug_bounty-5Levente Molnarpenetration-testing, cybersecurity, ethical-hacking, hacking, bug-bounty24-Dec-2024
RISE OF 0-DAYhttps://medium.com/@zerodaystories/rise-of-0-day-cd35fe1c8e62?source=rss------bug_bounty-50day storiespenetration-testing, hacker, technology, bug-bounty, hacking24-Dec-2024
Seven Critical Vulnerabilities Found in Premium WPLMS WordPress Pluginshttps://medium.com/@wiretor/seven-critical-vulnerabilities-found-in-premium-wplms-wordpress-plugins-c3ce57c55bae?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, xss-attack, bug-bounty, hacking, ai24-Dec-2024
New Glutton Malware Exploits Popular PHP Frameworkshttps://medium.com/@wiretor/new-glutton-malware-exploits-popular-php-frameworks-2a5914f89407?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, ai, malware, hacking, bug-bounty24-Dec-2024
Advent of Cyber 2024 [ Day 24 ] Writeup with Answers | TryHackMe Walkthroughhttps://medium.com/infosecmatrix/advent-of-cyber-2024-day-24-writeup-with-answers-tryhackme-walkthrough-18393b422649?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, tryhackme, hacking, careers24-Dec-2024
From Broken Access Control to First Bountyhttps://infosecwriteups.com/from-broken-access-control-to-first-bounty-01712b1dab53?source=rss------bug_bounty-5callgh0stgaza, bug-bounty, palestine, hacking, access-control24-Dec-2024
Received an Appreciation Letter from NASAhttps://medium.com/@kumawatabhijeet2002/received-an-appreciation-letter-from-nasa-927c3d1ae828?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, nasa, appreciation, xss-attack, infosec24-Dec-2024
A Seemingly Harmless Bug That Could Cost a Company Millionshttps://medium.com/infosecmatrix/a-seemingly-harmless-bug-that-could-cost-a-company-millions-aeada3a31bae?source=rss------bug_bounty-5Spectat0rguycybersecurity, technology, programming, bug-bounty, bug-bounty-tips24-Dec-2024
Breaking Through the Limits: How I Bypassed Rate-Limiting with IP and Username Rotationhttps://medium.com/@abdelrahhmanhisham/breaking-through-the-limits-how-i-bypassed-rate-limiting-with-ip-and-username-rotation-d8de230aec2a?source=rss------bug_bounty-5Abdelrahhmanhishambug-bounty-tips, bug-bounty, rate-limit, exploit, rate-limit-bypass23-Dec-2024
How I Discovered Private Programs and New Programs Set to Launch on HackerOnehttps://medium.com/@hossam_hamada/how-i-discovered-private-programs-and-new-programs-set-to-launch-on-hackerone-a85117a70d7b?source=rss------bug_bounty-5Hossam Hamadahacking, bugbounty-writeup, hackerone, bug-bounty, bugbounty-tips23-Dec-2024
Website Enumeration & Information Gathering [Part 1]https://medium.com/@BetterBy0x01/website-enumeration-information-gathering-part-1-8392422178da?source=rss------bug_bounty-5Ashutosh Singh Patelbug-hunting, enumeration, bug-bounty, information-gathering23-Dec-2024
Website Leak (gov): Sensitive Credentials and API Keys Exposedhttps://medium.com/@firdansp/website-leak-gov-sensitive-credentials-and-api-keys-exposed-44b2ebbebb7b?source=rss------bug_bounty-50verRidabug-bounty, bug-bounty-tips, cybersecurity, bugs, red-team23-Dec-2024
PROTOTYPE POLLUTION VULNERABILITYhttps://medium.com/@0xpedrop/prototype-pollution-vulnerability-f62e1c59a3fd?source=rss------bug_bounty-5Pedro Paulo D.bug-bounty-tips, cybersecurity, bug-bounty23-Dec-2024
Google Dorks to Find Bug Bounty Programshttps://medium.com/infosecmatrix/google-dorks-to-find-bug-bounty-programs-003a80375d13?source=rss------bug_bounty-5Abhijeet kumawathacking, google, dorks, infosec, bug-bounty23-Dec-2024
Shield Your Enterprise: Tackling Cyber Threats Head-Onhttps://medium.com/@paritoshblogs/shield-your-enterprise-tackling-cyber-threats-head-on-fd26be10c366?source=rss------bug_bounty-5Paritoshai, hacking, cybersecurity, information-technology, bug-bounty23-Dec-2024
Bash Scripting: Guide for Security & Bug Bounty Huntershttps://infosecwriteups.com/bash-scripting-guide-for-security-bug-bounty-hunters-cybersecurity-d07794c33412?source=rss------bug_bounty-5Mukilan Baskaransecurity-researchers, bug-bounty, cybersecurity, information-security, penetration-testing23-Dec-2024
POC — CVE-2024–50623- Cleo Unrestricted file upload and downloadhttps://medium.com/@verylazytech/poc-cve-2024-50623-cleo-unrestricted-file-upload-and-download-382afa5a15db?source=rss------bug_bounty-5Very Lazy Techunrestricted-file-upload, vulnerability, exploit, bug-bounty, cve-2024-5062323-Dec-2024
Bug Bounty Pemula Kusus Peretasan Aplikasi Webhttps://medium.com/@mansorihack/bug-bounty-pemula-kusus-peretasan-aplikasi-web-cb7e8ea75f75?source=rss------bug_bounty-5Mansorihackbug-bounty, cybersecurity, readteam23-Dec-2024
How I Found an XSS Bug That Made Websites Scream “Alert!”https://aiwolfie.medium.com/how-i-found-an-xss-bug-that-made-websites-scream-alert-1b6f9eebcf14?source=rss------bug_bounty-5AIwolfiepentesting, xss-attack, ethical-hacking, bug-bounty, hacking23-Dec-2024
Exploiting Password Reset Link After Email Changehttps://medium.com/@0xboody/exploiting-password-reset-link-after-email-change-17fe2babc01e?source=rss------bug_bounty-5Abdelrahman Sayedbug-bounty-writeup, bug-bounty, bug-bounty-tips, penetration-testing23-Dec-2024
Blazing-Fast Recon & Vulnerability Scanning with SubDomainRadar.iohttps://medium.com/@alexandrevandammepro/blazing-fast-recon-vulnerability-scanning-with-subdomainradar-io-701baef23ff2?source=rss------bug_bounty-5Alexandre Vandammebug-bounty, cybersecurity, vulnerability, bug-bounty-tips, bounty-program23-Dec-2024
Stop Data Breaches in Their Tracks with LeakRadar.iohttps://medium.com/@alexandrevandammepro/stop-data-breaches-in-their-tracks-with-leakradar-io-cc3c4b887c14?source=rss------bug_bounty-5Alexandre Vandammebug-bounty, data, bug-bounty-writeup, bug-bounty-tips, cybersecurity23-Dec-2024
Dutch DPA Fines Netflix €4.75 Million for GDPR Violationshttps://medium.com/@wiretor/dutch-dpa-fines-netflix-4-75-million-for-gdpr-violations-d2ad59170118?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, bug-bounty, malware, ai, business23-Dec-2024
North Korean Hackers Steal $1.3 Billion in Crypto in 2024https://medium.com/@wiretor/north-korean-hackers-steal-1-3-billion-in-crypto-in-2024-d53c409930df?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, malware23-Dec-2024
Italy Fines OpenAI €15 Million for ChatGPT GDPR Violationshttps://medium.com/@wiretor/italy-fines-openai-15-million-for-chatgpt-gdpr-violations-42a93c87a4fe?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, ai, business, hacking23-Dec-2024
[$$$ Bug Bounty Write Up] SSRF in OAuth Implementation of a Client Applicationhttps://medium.com/@ahmedfadel6162/bug-bounty-write-up-ssrf-in-oauth-implementation-of-a-client-application-57ba02539e20?source=rss------bug_bounty-5Ahmed Fadelbug-bounty, penetration-testing, cybersecurity, hacking23-Dec-2024
This Is How I Bypassed The Most Critical Security Check!https://medium.com/@mdnafeed3/this-is-how-i-bypassed-the-most-critical-security-check-00e9ba525ebc?source=rss------bug_bounty-5H4cker-Nafeedbug-bounty, bug-bounty-tips, cybersecurity, hacking, technology23-Dec-2024
EWPTX Examination Structure and Contenthttps://medium.com/@vishalsuwalkab/ewptx-examination-structure-and-content-577d81379c39?source=rss------bug_bounty-5Vishalsuwalkabcybersecurity, ewptx, ejpt, ine, bug-bounty23-Dec-2024
How Technology Can Enhance Information Security in Organizationshttps://medium.com/@bi___ya/how-technology-can-enhance-information-security-in-organizations-9b0ce5029472?source=rss------bug_bounty-5biyainformation-security, bug-bounty, company, hacking, business23-Dec-2024
Bug Bounty Isn’t Always Fair: A Researcher’s Perspectivehttps://medium.com/@ph4nt0mbyt3/bug-bounty-isnt-always-fair-a-researcher-s-perspective-be0a62b9f0eb?source=rss------bug_bounty-5ph4nt0mbyt3bug-bounty23-Dec-2024
How to Make Money with WebSocket: 10 Vulnerabilities You Should Be Aware Ofhttps://im4x.medium.com/what-is-wss-fa2476eeddc1?source=rss------bug_bounty-5Ahmed Najehbug-bounty, hacker, hackerone, websocket, wss23-Dec-2024
EWPTX Examination Structure and Content Part(2)https://medium.com/@vishalsuwalkab/ewptx-examination-structure-and-content-577d81379c39?source=rss------bug_bounty-5Vishalsuwalkabcybersecurity, ewptx, ejpt, ine, bug-bounty23-Dec-2024
Very Basic Beginner Bug Bounty Methodology: Practical Tips and Techniques for Web Appshttps://thexssrat.medium.com/very-basic-beginner-bug-bounty-methodology-practical-tips-and-techniques-for-web-apps-3cf9104e7f50?source=rss------bug_bounty-5Thexssrathacks, hacking, bug-bounty-tips, bug-bounty23-Dec-2024
100 CLI Flags and Tricks Every Bug Bounty Hunter Should Knowhttps://thexssrat.medium.com/100-cli-flags-and-tricks-every-bug-bounty-hunter-should-know-959813992077?source=rss------bug_bounty-5Thexssrathacks, hacking, cli, bug-bounty-tips, bug-bounty23-Dec-2024
Reflected XSS bypass WAF & Page notfoundhttps://kresec.medium.com/reflected-xss-bypass-waf-page-notfound-e149db1ee6c4?source=rss------bug_bounty-5KreSecxss-attack, security, bug-bounty22-Dec-2024
Automate MAC Address Change on Arch Linux at Boothttps://theexploitlab.medium.com/automate-mac-address-change-on-arch-linux-at-boot-893f6ccdb1b4?source=rss------bug_bounty-5The Exploit Labbug-bounty, bugs, macchanger, cybersecurity22-Dec-2024
Different terms, same services across providers (AWS, Azure, GCP)https://medium.com/@RaunakGupta1922/different-terms-same-services-across-providers-aws-azure-gcp-2337af0640db?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitgcp, azure, bug-bounty, aws, devops22-Dec-2024
API pentesting: Broken Authenticationhttps://infosecwriteups.com/api-pentesting-broken-authentication-987658c691c0?source=rss------bug_bounty-5hackerdevilpenetration-testing, owasp, bug-bounty, api-security, api22-Dec-2024
Top 7 Cybersecurity Certificates in 2025https://osintteam.blog/top-7-cybersecurity-certificates-in-2025-26228b661f1d?source=rss------bug_bounty-5Tahir Ayoubtechnology, ai, ethical-hacking, bug-bounty, cybersecurity22-Dec-2024
Day 24 of 30 Days — 30 Vulnerabilities | Web Cache Poisoninghttps://it4chis3c.medium.com/day-24-of-30-days-30-vulnerabilities-web-cache-poisoning-790697f073da?source=rss------bug_bounty-5It4chis3c30dayswritingchallenge, bug-bounty-tips, bug-bounty, web-cache-poisoning22-Dec-2024
Unveiling default Security Flaws with the defaulty Nmap Scripthttps://medium.com/@defaulty.io/unveiling-default-security-flaws-with-the-defaulty-nmap-script-800d97654a15?source=rss------bug_bounty-5Defaulty.iohacking, bug-bounty, compliance, pentesting, cybersecurity22-Dec-2024
Bug Bounty Hunting With Burp Suite (Intercept, Repeater & Intruder)https://medium.com/@BetterBy0x01/bug-bounty-hunting-with-burp-suite-intercept-repeater-intruder-cdcb3e3966bf?source=rss------bug_bounty-5Ashutosh Singh Patelbug-hunting, burpsuite, bug-bounty, proxy22-Dec-2024
10 Minutes to Finding Your First Open Redirect Bughttps://medium.com/@k4r7h1kn/10-minutes-to-finding-your-first-open-redirect-bug-68f764d6b5d3?source=rss------bug_bounty-5Karthikeyancybersecurity, bug-bounty-tips, bug-bounty, hacking, open-redirect22-Dec-2024
How to Enable HTTPS Using a Free SSL Certificate from Certbothttps://medium.com/@awsdevops183/how-to-enable-https-using-a-free-ssl-certificate-from-certbot-99b71f808b1e?source=rss------bug_bounty-5Madhukar Reddysecurity, bug-bounty, tls, amazon-web-services, devops22-Dec-2024
open redirect GET — Basedhttps://medium.com/@zpx15266/open-redirect-get-based-bc86e62c3af2?source=rss------bug_bounty-5ramzey elsayed mohamedcve, bug-bounty, bug-bounty-writeup, bugs, penetration-testing22-Dec-2024
SSRF Burpsuite Extensionhttps://hackerassociate.medium.com/ssrf-burpsuite-extension-b494d4e70b28?source=rss------bug_bounty-5Harshad Shahhacking, infosec, bug-bounty, cybersecurity, penetration-testing22-Dec-2024
Chasing P3 Bug: My Hunt for Vulnerabilities in the ‘Wishlists’ Functionality and Its Resultshttps://medium.com/@nebty/chasing-p3-bug-my-hunt-for-vulnerabilities-in-the-wishlists-functionality-and-its-results-86b6e79b9274?source=rss------bug_bounty-5Nebtycybersecurity, bug-bounty-tips, idor, ethical-hacking, bug-bounty22-Dec-2024
So, You want a strong bug bounty methodology?https://medium.com/@shaheen101sec/so-you-want-a-strong-bug-bounty-methodology-57fdef27cad6?source=rss------bug_bounty-5Shaheen101secbug-bounty-writeup, cybersecurity, bug-bounty, pentesting, bug-bounty-tips22-Dec-2024
Exposed‼️ How a Simple Bug Uncovered a Default Credential Data Leak on Indonesia Governmenthttps://medium.com/@firdansp/exposed-how-a-simple-bug-uncovered-a-default-credential-data-leak-on-indonesia-government-ba73f2175e81?source=rss------bug_bounty-50verRidadata-leak, bugs, cybersecurity, bug-bounty, bug-bounty-tips22-Dec-2024
How I Found My First Bug Using Shodanhttps://medium.com/@bughunt.bochi/how-i-found-my-first-bug-using-shodan-3d8826a7655b?source=rss------bug_bounty-5Bochixxbug-bounty, bug-bounty-writeup, pentesting, ethical-hacking22-Dec-2024
SSRF Burpsuite Extensionhttps://medium.com/offensive-black-hat-hacking-security/ssrf-burpsuite-extension-b494d4e70b28?source=rss------bug_bounty-5Harshad Shahhacking, infosec, bug-bounty, cybersecurity, penetration-testing22-Dec-2024
The Top 2 Strategies for Finding Your First XSS Vulnerability — Part 2https://medium.com/@halfcircassian/the-top-2-strategies-for-finding-your-first-xss-vulnerability-part-2-8bae7b49cc6d?source=rss------bug_bounty-5Sıla Özerencybersecurity, web-application-security, bug-bounty, xss-attack, dom-manipulation22-Dec-2024
Payment Bypass Guide for Bug Bounty | 69 case studieshttps://medium.com/@illoyscizceneghposter/payment-bypass-guide-for-bug-bounty-69-case-studies-15379b4f76fa?source=rss------bug_bounty-5Illoy Scizceneghposterbug-bounty, bug-bounty-tips, cybersecurity21-Dec-2024
The Bounty Hunters: Bug Bounty Programshttps://medium.com/@investigator515/the-bounty-hunters-bug-bounty-programs-8dcd24d5bafa?source=rss------bug_bounty-5Investigator515hacking, technology, information-security, bug-bounty, cybersecurity21-Dec-2024
How I Exploited an OTP Bypass Vulnerability on a Cryptocurrency Platformhttps://medium.com/@anonymous512/how-i-exploited-an-otp-bypass-vulnerability-on-a-cryptocurrency-platform-2a817b02b3ea?source=rss------bug_bounty-5Wafa Abbasaccount-hacking, bug-bounty, authentication-bypass, otp-bypass, vulnerability21-Dec-2024
Mastering 403 Forbidden Bypass Techniques ✨https://medium.com/@kumawatabhijeet2002/mastering-403-forbidden-bypass-techniques-4ab1482afe49?source=rss------bug_bounty-5Abhijeet kumawatbounty-program, infosec, 403-forbidden, hacking, bug-bounty21-Dec-2024
Kali Linux 2024.4: 14 New Tools to Supercharge Your Penetration Testing Arsenalhttps://bitpanic.medium.com/kali-linux-2024-4-14-new-tools-to-supercharge-your-penetration-testing-arsenal-543ff8370091?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, technology, cybersecurity, programming, bug-bounty21-Dec-2024
Understanding Tycoon 2FA Phishing: A New Era of Security Threatshttps://medium.com/@paritoshblogs/understanding-tycoon-2fa-phishing-a-new-era-of-security-threats-19fb14dc83a5?source=rss------bug_bounty-5Paritoshcybersecurity, information-technology, hacking, tycoon-phshing, bug-bounty21-Dec-2024
Malicious Rspack & Vant Packages Exploited Using Stolen NPM Tokenshttps://medium.com/@wiretor/malicious-rspack-vant-packages-exploited-using-stolen-npm-tokens-0b69df1512fd?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, ai, business, hacking, bug-bounty21-Dec-2024
FlowerStorm: The New Microsoft Phishing Threat Filling the Void Left by Rockstar2FAhttps://medium.com/@wiretor/flowerstorm-the-new-microsoft-phishing-threat-filling-the-void-left-by-rockstar2fa-578144a14487?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, bug-bounty, microsoft, hacking, malware21-Dec-2024
LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damageshttps://medium.com/@wiretor/lockbit-developer-rostislav-panev-charged-for-billions-in-global-ransomware-damages-bee0bfc4c9b9?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, malware, bug-bounty, business, ai21-Dec-2024
Kali Linux 2024.4: 14 New Tools to Supercharge Your Penetration Testing Arsenalhttps://medium.com/infosecmatrix/kali-linux-2024-4-14-new-tools-to-supercharge-your-penetration-testing-arsenal-543ff8370091?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, technology, cybersecurity, programming, bug-bounty21-Dec-2024
Mastering 403 Forbidden Bypass Techniques ✨https://medium.com/infosecmatrix/mastering-403-forbidden-bypass-techniques-4ab1482afe49?source=rss------bug_bounty-5Abhijeet kumawatbounty-program, infosec, 403-forbidden, hacking, bug-bounty21-Dec-2024
Blind XXE with OOB Interaction via XML Parameter Entitieshttps://osintteam.blog/blind-xxe-with-oob-interaction-via-xml-parameter-entities-97244bf2b85e?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafécybersecurity, bug-bounty-tips, information-security, bug-bounty, pentesting20-Dec-2024
CSRF On Delete Profile: High Severity(7.1) HackerOnehttps://medium.com/@josuofficial327/csrf-on-delete-profile-high-severity-7-1-hackerone-33bdb598ef67?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binubug-bounty-writeup, bug-bounty, ethical-hacking, bug-bounty-program, cybersecurity20-Dec-2024
Part-2 | Deep Recon Methodology for Bug Bounty Huntershttps://medium.com/@kumawatabhijeet2002/part-2-deep-recon-methodology-for-bug-bounty-hunters-644077ee41d4?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-writeup, infosec, bugs, bug-bounty, hacking20-Dec-2024
The Most Easiest OTP Bypass Vulnerability I’ve Found: A Critical Flaw in Session Managementhttps://medium.com/@ajay.kumar.695632/the-most-easiest-otp-bypass-vulnerability-ive-found-a-critical-flaw-in-session-management-09b1555dbf9e?source=rss------bug_bounty-5Ajay Kumarbug-hunting, bug-bounty, bug-bounty-tips, bugs, bug-bounty-writeup20-Dec-2024
The Secret World of Hackers: A Beginner’s Guide to Understanding Cyber Attackshttps://medium.com/@paritoshblogs/the-secret-world-of-hackers-a-beginners-guide-to-understanding-cyber-attacks-81377a0b477e?source=rss------bug_bounty-5Paritoshai, information-technology, cybersecurity, bug-bounty, hacking20-Dec-2024
Utilizing machine learning to collect more subdomains using subwizhttps://medium.com/@demonia/utilizing-machine-learning-to-collect-more-subdomains-using-subwiz-2d65cec1ee80?source=rss------bug_bounty-5Mohammed Diefbug-bounty, recon, cybersecurity, reconnaissance, bug-bounty-tips20-Dec-2024
Information Disclosure On Password cancel Endpointhttps://medium.com/@regan_temudo/information-disclosure-on-password-cancel-endpoint-4b6f43cc5fd7?source=rss------bug_bounty-5Regan Temudocybersecurity, information-disclosure, bug-bounty, ethical-hacking, csrf20-Dec-2024
OSI Model Explanationhttps://medium.com/@hossennaim547/osi-model-explanation-09259ce7a5af?source=rss------bug_bounty-5naimHOSSENbug-bounty, hacking, osi-model, cybersecurity20-Dec-2024
Simple ATO in private program.https://medium.com/@oXnoOneXo/simple-ato-in-private-program-890cd1485675?source=rss------bug_bounty-5oXnoOneXobug-bounty-tips, bug-bounty-writeup, bug-bounty20-Dec-2024
From Comments to Command Execution: How an E-Book Platform Gave Me RCEhttps://imooaaz.medium.com/from-comments-to-command-execution-how-an-e-book-platform-gave-me-rce-f27a079ca584?source=rss------bug_bounty-5Moaaz Afifibug-bounty, penetration-testing, cybersecurity, rce-vulnerability, xss-attack20-Dec-2024
Unlocking Web Security: A Deep Dive into the OWASP Top 10https://medium.com/@rootast/unlocking-web-security-a-deep-dive-into-the-owasp-top-10-d669199277bd?source=rss------bug_bounty-5Arash shahbazicybersecurity, students, owasp-top-10, bug-bounty, university20-Dec-2024
Discover All Paths in Next.js Websiteshttps://rhashibur75.medium.com/discover-all-paths-in-next-js-websites-43e319b24be9?source=rss------bug_bounty-5Kazi Hashibur Rahmanbug-bounty, bug-bounty-tips, bug-bounty-writeup, nextjs, penetration-testing20-Dec-2024
Ascension Data Breach: 5.6M Health Records Stolen by Black Basta Ransomwarehttps://medium.com/@wiretor/ascension-data-breach-5-6m-health-records-stolen-by-black-basta-ransomware-a8d2f7ba6856?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, business, malware, ai20-Dec-2024
Android Malware on Amazon Appstore Disguised as Health Apphttps://medium.com/@wiretor/android-malware-on-amazon-appstore-disguised-as-health-app-3cda80dfc856?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, ai, hacking, malware20-Dec-2024
SQL Injection via ORDER BY Parameterhttps://medium.com/@mfthylmaz/sql-injection-via-order-by-parameter-a7cb7d04017f?source=rss------bug_bounty-5mfthylmazsql-injection, bug-bounty, web-security, hacking20-Dec-2024
Essential Stuff For Your First Hacking Trip. Hacking Gadgets #2 “Assortment For The Little Hacker”https://medium.com/h7w/essential-stuff-for-your-first-hacking-trip-hacking-gadgets-2-assortment-for-the-little-hacker-e886dba68a11?source=rss------bug_bounty-5NnFacehacking, trip, technology, bug-bounty, cybersecurity19-Dec-2024
No Rate Limit Vulnerability on a US Government Websitehttps://medium.com/@kumawatabhijeet2002/no-rate-limit-vulnerability-on-a-us-government-website-ae47402b663d?source=rss------bug_bounty-5Abhijeet kumawatinfosec, bug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty19-Dec-2024
How I Got $1000 AWS Credits and Maximized Its Potentialhttps://medium.com/@awsdevops183/how-i-got-1000-aws-credits-and-maximized-its-potential-e08650930171?source=rss------bug_bounty-5Madhukar Reddyaws, devops, python, cybersecurity, bug-bounty19-Dec-2024
The Day I Found a Cross-Site Scripting (XSS) Vulnerability in a Bug Bounty Programhttps://medium.com/@awsdevops183/the-day-i-found-a-cross-site-scripting-xss-vulnerability-in-a-bug-bounty-program-4edec6f09bed?source=rss------bug_bounty-5Madhukar Reddycybersecurity, bug-bounty, devsecops, cross-site-scripting19-Dec-2024
First Google Chrome v8 JIT bug bounty before Christmas .https://vxrl.medium.com/first-google-chrome-v8-jit-bug-bounty-before-christmas-1338fb2c8255?source=rss------bug_bounty-5VXRLgoogle, v8, chromium, psvr, bug-bounty19-Dec-2024
Exploiting a Rate Limiting Bug in the Chat Section of a Health Application (got me $200)https://medium.com/@awsdevops183/exploiting-a-rate-limiting-bug-in-the-chat-section-of-a-health-application-got-me-200-a06ca465707f?source=rss------bug_bounty-5Madhukar Reddydevsecops, cybersecurity, information-technology, bug-bounty, burpsuite19-Dec-2024
POC — CVE-2024–9935 — PDF Generator Addon for Elementor Page Builder <= 1.7.5https://medium.com/@verylazytech/poc-cve-2024-9935-pdf-generator-addon-for-elementor-page-builder-1-7-5-2c3436b95fb1?source=rss------bug_bounty-5Very Lazy Techbug-bounty, arbitrary-file-download, cybersecurity, lfi, cve-2024-993519-Dec-2024
The Day I Found a Cross-Site Scripting (XSS) Vulnerability in a Bug Bounty Program ( $411)https://medium.com/@awsdevops183/the-day-i-found-a-cross-site-scripting-xss-vulnerability-in-a-bug-bounty-program-4edec6f09bed?source=rss------bug_bounty-5Madhukar Reddycybersecurity, bug-bounty, devsecops, cross-site-scripting19-Dec-2024
How I Bypassed View-Only Mode with a Simple Trick ( duplicate bug ‍ )https://medium.com/@mahdisalhi0500/how-i-bypassed-view-only-mode-with-a-simple-trick-duplicate-bug-92e1ec91a8d7?source=rss------bug_bounty-5CaptinSHArky(Mahdi)security, information-security, bug-bounty, penetration-testing, infosec19-Dec-2024
How i Found X-Forwarded Header Injection — Server Be Like, ‘Ab Toh Trust Issues Ho Rahe Hain!’https://aiwolfie.medium.com/how-i-found-x-forwarded-header-injection-server-be-like-ab-toh-trust-issues-ho-rahe-hain-220e100332a3?source=rss------bug_bounty-5AIwolfiecybersecurity, bug-bounty, servers, ethical-hacking, host-header-injection19-Dec-2024
Subdomain Takeover guides, methodology and exploit POCshttps://aditya-narayan.medium.com/subdomain-takeover-guides-methodology-and-exploit-pocs-9f5dd632c175?source=rss------bug_bounty-5Aditya Narayanbug-bounty-writeup, subdomain-takeover, bug-bounty-tips, reconnaissance, bug-bounty19-Dec-2024
Installing Xposed Framework for Enhanced Penetration Testing (SSLunpinning)https://medium.com/@sumith.ec12/installing-xposed-framework-for-enhanced-penetration-testing-sslunpinning-d50fbb2354c6?source=rss------bug_bounty-5sumith p vbug-bounty, vapt, pentesting, security-testing, ssl-pinning-bypass19-Dec-2024
HTML Injection to Mass Phishinghttps://infosecwriteups.com/html-injection-to-mass-phishing-5701d495cdc2?source=rss------bug_bounty-5Bharat Singhphishing, bug-bounty, cybersecurity, penetration-testing, bug-bounty-writeup19-Dec-2024
Zero-Click Account Takeover Through Response Manipulationhttps://medium.com/@abdullayman04/zero-click-account-takeover-through-response-manipulation-ee786a7a06dd?source=rss------bug_bounty-5Abdullah Aymancybersecurity, bug-bounty, account-takeover, penetration-testing19-Dec-2024
How I Found an Authentication Bypass Vulnerability in the Password Change Processhttps://medium.com/@ajay.kumar.695632/how-i-found-an-authentication-bypass-vulnerability-in-the-password-change-process-160359fae1bc?source=rss------bug_bounty-5Ajay Kumarbugs, bug-bounty-writeup, bug-bounty-tips, bug-bounty, bug-hunting19-Dec-2024
HACKING NASA TO GET APPRECIATION LETTERhttps://medium.com/@click2jit/hacking-nasa-to-get-appreciation-letter-a6ff93a3bcbc?source=rss------bug_bounty-5Prasenjit Malakarcybersecurity, bug-bounty, ethical-hacking, programming, xss-attack19-Dec-2024
Interpol Replaces “Pig Butchering” with “Romance Baiting” to Protect Victimshttps://medium.com/@wiretor/interpol-replaces-pig-butchering-with-romance-baiting-to-protect-victims-4c702d62adaa?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, ai, bug-bounty, malware, hacker19-Dec-2024
Beginners Guide for Exploiting Race Conditionshttps://bitpanic.medium.com/beginners-guide-for-exploiting-race-conditions-ab73c843b44a?source=rss------bug_bounty-5Spectat0rguybug-bounty, programming, cybersecurity, bug-bounty-tips, technology19-Dec-2024
“Do Your Best, and Let Allah Do the Rest” led me to a Privilege Escalation Bughttps://medium.com/@mrasg/do-your-best-and-let-allah-do-the-rest-leads-me-to-privilege-escalation-bug-60a3c028c802?source=rss------bug_bounty-5Ahmed Samir Ghallabpentesting, penetration-testing, bug-bounty, bug-bounty-tips, bug-bounty-writeup19-Dec-2024
Successfully Gained Full Admin Access and Changed the Password Through Token Manipulation ⚔️https://medium.com/@momenrezkk90/successfully-gained-full-admin-access-and-changed-the-password-through-token-manipulation-%EF%B8%8F-fe91fc0d9a0f?source=rss------bug_bounty-5Momenrezkpenetration-testing, bug-bounty, cybersecurity18-Dec-2024
Easiest P1 $$$$$!https://medium.com/@mrsingh10978/easiest-p1-702990960a50?source=rss------bug_bounty-5Anonymous Traigerbug-bounty-program, bug-bounty-hunter, bug-bounty, bug-bounty-writeup, bug-bounty-tips18-Dec-2024
Mobile Application Bounty Practice: SQL Injection Principles, Vulnerability Discovery and…https://medium.com/@security.tecno/mobile-application-bounty-practice-sql-injection-principles-vulnerability-discovery-and-3921ad2e6998?source=rss------bug_bounty-5TECNO Securityhacking, security, sql, bug-bounty18-Dec-2024
FROM STRUGGLES TO SUCCESS: MY JOURNEY TO THE NASA HALL OF FAMEhttps://rootxabit.medium.com/from-struggles-to-success-my-journey-to-the-nasa-hall-of-fame-38700dd6303a?source=rss------bug_bounty-5sudo-xabitinfo-sec-writeups, bugcrowd, bug-bounty, hacked, nasa18-Dec-2024
Admin Panel Access via Default Credentialshttps://infosecwriteups.com/admin-panel-access-via-default-credentials-215b92b030bb?source=rss------bug_bounty-5cryptoshantbug-bounty-tips, pentesting, bug-bounty, hall-of-fame, hacking18-Dec-2024
Rate Limit Bypass Using Response Manipulation.https://aman0.medium.com/rate-limit-bypass-using-response-manipulation-dcce19aff7ef?source=rss------bug_bounty-5Aman Hweb3, bug-bounty, infosec, bug-bounty-tips, penetration-testing18-Dec-2024
$150 Easy HTML Injection Vulnerabilityhttps://medium.com/@kumawatabhijeet2002/150-easy-html-injection-vulnerability-5c176b5d07fa?source=rss------bug_bounty-5Abhijeet kumawathacking, bounty-program, infosec, bug-bounty, bug-bounty-tips18-Dec-2024
What is Passive Reconnaissance? ️‍♂️https://theexploitlab.medium.com/what-is-passive-reconnaissance-%EF%B8%8F-%EF%B8%8F-4de8a9ce5003?source=rss------bug_bounty-5The Exploit Labhacking, bugs, bug-bounty, bug-bounty-tips18-Dec-2024
How to Use Enum4linux for SMB Enumeration in Kali Linuxhttps://theexploitlab.medium.com/how-to-use-enum4linux-for-smb-enumeration-in-kali-linux-d96e27f9391d?source=rss------bug_bounty-5The Exploit Labbug-bounty, smb, bug-bounty-tips, bugs18-Dec-2024
How to Use Corsy for CORS Misconfiguration Scanninghttps://theexploitlab.medium.com/how-to-use-corsy-for-cors-misconfiguration-scanning-7ba7b22ee9d5?source=rss------bug_bounty-5The Exploit Labcors, hacking, bug-bounty, bug-bounty-tips18-Dec-2024
Useful Wordlists for Bug Bounty Huntershttps://medium.com/@iamshafayat/useful-wordlists-for-bug-bounty-hunters-09f9b3cd2344?source=rss------bug_bounty-5Shafayat Ahmed Alifbug-bounty, cybersecurity, penetration-testing, bug-bounty-tips, bug-bounty-writeup18-Dec-2024
Step-by-Step Guide to Building Secure Web Applications with OWASP Top 10https://medium.com/@dhatchu9715/step-by-step-guide-to-building-secure-web-applications-with-owasp-top-10-7c603dda58f3?source=rss------bug_bounty-5Dhatchuowasp, bug-bounty, hacking, networking, cybersecurity18-Dec-2024
Bug Bounty Findings: 10 Major Vulnerabilities Exposed in Cloverleaf’s Application - BAC in GraphQL…https://medium.com/@maakthon/bug-bounty-findings-10-major-vulnerabilities-exposed-in-cloverleafs-application-bac-in-graphql-0ae1ee0eb4d5?source=rss------bug_bounty-5Mahmoud Abd Alkarimcybersecurity, bug-bounty, broken-access-control, bug-bounty-writeup, security-research18-Dec-2024
The Dark Side of Shodanhttps://yasinspace.medium.com/the-dark-side-of-shodan-2d9b422e28a8?source=rss------bug_bounty-5Yasinred-team, hacking, bug-bounty, shodan, bug-bounty-tips18-Dec-2024
This 200$ Gadget Can Hack Anythinghttps://osintteam.blog/this-200-gadget-can-hack-anything-c482888871e3?source=rss------bug_bounty-5Tahir Ayoubbug-bounty, cybersecurity, technology, cybercrime, hacking18-Dec-2024
Best python scripts for cybersecurity analysthttps://medium.com/@paritoshblogs/best-python-scripts-for-cybersecurity-analyst-d5ebc91b4cdb?source=rss------bug_bounty-5Paritoshinformation-technology, cybersecurity, hacking, bug-bounty, python18-Dec-2024
Turning a Known Issue into €100 Bounty: My Bug Bounty Breakthrough✨https://medium.com/@anmolv77654/turning-a-known-issue-into-a-100-bounty-my-bug-bounty-breakthrough-3bd89c281ea9?source=rss------bug_bounty-5AnmolSecSavvyweb-security, cybersecurity, bug-bounty, ethical-hacking, bug-bounty-tips18-Dec-2024
$750 Domain Hijacking Vulnerabilityhttps://1-day.medium.com/750-domain-hijacking-vulnerability-f6e4b4445711?source=rss------bug_bounty-51daybug-bounty, information-security, penetration-testing, ethical-hacking, bug-bounty-tips18-Dec-2024
Meta Hit with $264M Fine! Irish DPC Takes a Stand on Facebook Data Breachhttps://medium.com/@wiretor/meta-hit-with-264m-fine-irish-dpc-takes-a-stand-on-facebook-data-breach-60cb69abe3df?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, bug-bounty, ai, business, malware18-Dec-2024
Beware of New Ledger Phishing Attack: Protect Your Crypto Wallet!https://medium.com/@wiretor/beware-of-new-ledger-phishing-attack-protect-your-crypto-wallet-a048705d2b58?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, ai, hacking, business18-Dec-2024
CVE-2024–54385 | WordPress Pluginhttps://medium.com/@malvinval/cve-2024-54385-wordpress-plugin-7ff0f8e5ad1d?source=rss------bug_bounty-5Malvin Valeriancve, hacking, cybersecurity, bug-bounty, wordpress17-Dec-2024
200$ DLL Hijacking Attackhttps://cybersecuritywriteups.com/200-dll-hijacking-attack-fdb4fd46fea9?source=rss------bug_bounty-5AbhirupKonwarcybersecurity, penetration-testing, bug-bounty, bug-bounty-writeup, bug-bounty-tips17-Dec-2024
OSINT AND DORKING TOOLShttps://medium.com/@reazatih/osint-and-dorking-tools-67dc970d049d?source=rss------bug_bounty-5Re@Zaosint, hacking, dorks, bug-bounty17-Dec-2024
Utilizing MITRE ATT&CK Framework: Examples and Practical Applicationshttps://medium.com/@paritoshblogs/utilizing-mitre-att-ck-framework-examples-and-practical-applications-0c4ea468ad53?source=rss------bug_bounty-5Paritoshmitre-attck, hacking, threat-intelligence, bug-bounty, cybersecurity17-Dec-2024
Open Redirect to XSS: Chaining Vulnerabilities for Maximum Impacthttps://medium.com/@iPsalmy/open-redirect-to-xss-chaining-vulnerabilities-for-maximum-impact-36ae8dd9f198?source=rss------bug_bounty-5iPsalmyweb-application-security, bug-bounty, xss-attack17-Dec-2024
API Keys Attack: How to Find and Exploit Secrets in Web Applicationshttps://medium.com/@bootstrapsecurity/api-keys-attack-how-to-find-and-exploit-secrets-in-web-applications-1896d75d716b?source=rss------bug_bounty-5BootstrapSecurityethical-hacking, bug-bounty, api, hacking, hacking-team17-Dec-2024
Top 9 Books to Master Bug Hunting and Penetration Testinghttps://osintteam.blog/top-9-books-to-master-bug-hunting-and-penetration-testing-c40039b330bb?source=rss------bug_bounty-5Bicitro Biswashacking, cybersecurity, bug-bounty, books, penetration-testing17-Dec-2024
Exposing Facebook’s Hidden Goldmine: Creators’ Private Data at Riskhttps://gtm0x01.medium.com/exposing-facebooks-hidden-goldmine-creators-private-data-at-risk-01317f3f0031?source=rss------bug_bounty-5Gtm Mänôzgraphql, hacking, facebook, infosec, bug-bounty17-Dec-2024
SubScanX: A Powerful Recon Tool for Bug Bounty and Pentestinghttps://medium.com/@rootspaghetti/subscanx-a-powerful-recon-tool-for-bug-bounty-and-pentesting-ed229128a661?source=rss------bug_bounty-5Root@Spaghettibug-bounty-tips, bug-bounty17-Dec-2024
Documenting Bug Bounty Journey and Current Approachhttps://aditya-narayan.medium.com/documenting-bug-bounty-journey-and-current-approach-334db57e857e?source=rss------bug_bounty-5Aditya Narayanbug-bounty-tips, writeup, hacker, bug-bounty, cybersecurity17-Dec-2024
How I got Appreciation Letters for finding bugs.https://infosecwriteups.com/how-i-got-appreciation-letters-for-finding-bugs-e935f42e2f71?source=rss------bug_bounty-5Rivek Raj Tamang ( RivuDon )hacking, cybersecurity, ethical-hacking, bug-bounty, bug-bounty-tips17-Dec-2024
How I Broke the Speed Limit: A Bug Bounty Tale of Bypassing Rate Limitinghttps://infosecwriteups.com/how-i-broke-the-speed-limit-a-bug-bounty-tale-of-bypassing-rate-limiting-29a1ec4e8681?source=rss------bug_bounty-5Akash Ghoshbug-bounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips, technology17-Dec-2024
6 AI Tools Used by Hackers 2025https://ai.plainenglish.io/6-ai-tools-used-by-hackers-2025-dfdda79cf51f?source=rss------bug_bounty-5Tahir Ayoubchatgpt, hacking, ai, cybersecurity, bug-bounty17-Dec-2024
403 Bypass changing http method onlyhttps://rahman0x01.medium.com/403-bypass-changing-http-method-only-f0a32b43a3c8?source=rss------bug_bounty-5rahman0x01hunting, ethical-hacking, bug-bounty17-Dec-2024
Cybersecurity Alert: Texas Tech University System Data Breach Impacts 1.4 Million Patients!https://medium.com/@wiretor/cybersecurity-alert-texas-tech-university-system-data-breach-impacts-1-4-million-patients-caceb8096be9?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, ai, hacking, business17-Dec-2024
FBI ALERT: HiatusRAT Malware Attacks Targeting Web Cameras & DVRs!https://medium.com/@wiretor/fbi-alert-hiatusrat-malware-attacks-targeting-web-cameras-dvrs-37f2eeb2bd01?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, business, hacking, fbi, malware17-Dec-2024
Easy 100$ in public Hackerone program under 3 minuteshttps://medium.com/@loayahmed686/easy-100-in-public-hackerone-program-under-3-minutes-69b20e185d3b?source=rss------bug_bounty-5r00tbug-bounty17-Dec-2024
Uncovering Vulnerabilities Through Swagger UI Directory Enumerationhttps://hackersatty.medium.com/uncovering-vulnerabilities-through-swagger-ui-directory-enumeration-49e6b43558cd?source=rss------bug_bounty-5hackersattycybersecurity, javascript, vulnerability, bug-bounty, swagger17-Dec-2024
Top 5 Ways to Hack APIs and find good bugshttps://medium.com/@sreedeep200/top-5-ways-to-hack-apis-and-find-good-bugs-dfd4a7bbb623?source=rss------bug_bounty-5Sreedeep cvcybersecurity, hacking, api, security, bug-bounty17-Dec-2024
Exploiting Access Control Misconfiguration: Privilege Escalation via Improper PATCH Method…https://medium.com/@momenrezkk90/exploiting-access-control-misconfiguration-privilege-escalation-via-improper-patch-method-b653bb92ada6?source=rss------bug_bounty-5Momenrezkbug-bounty, privilege-escalation, cybersecurity, penetration-testing17-Dec-2024
HTB University CTF 2024 Web challenges writeup: Armaxis[very easy]https://medium.com/@0xNayelx/htb-university-ctf-2024-web-challenges-writeup-armaxis-very-easy-404ac9f101b8?source=rss------bug_bounty-50xNayelsecurity, web-security, htb, ctf, bug-bounty16-Dec-2024
HTB University CTF 2024 Web challenges writeup: Breaking Bank[easy]https://medium.com/@0xNayelx/htb-university-ctf-2024-web-challenges-writeup-breaking-bank-easy-1c3064092abc?source=rss------bug_bounty-50xNayelwriteup, htb, bug-bounty, ctf, security16-Dec-2024
Advanced Google Dorking | Part14https://systemweakness.com/advanced-google-dorking-part14-79b21e11ae25?source=rss------bug_bounty-5AbhirupKonwarpenetration-testing, cybersecurity, ethical-hacking, bug-bounty, bug-bounty-tips16-Dec-2024
How I Got 200 euro bounty?https://doordiefordream.medium.com/how-i-got-200-euro-bounty-03bcce712a51?source=rss------bug_bounty-5Bug hunter baluhacking, vulnerability, ethical-hacking, bug-bounty, cybersecurity16-Dec-2024
Master the Art of Cyber Defense: Top Open-Source Tools for Threat Intelligence!https://medium.com/@paritoshblogs/master-the-art-of-cyber-defense-top-open-source-tools-for-threat-intelligence-7c575e69b853?source=rss------bug_bounty-5Paritoshcybersecurity, hacking, bug-bounty, information-technology, threat-intelligence16-Dec-2024
How I Discovered SSTI Vulnerability in Just 5 Minutes | $300 Bountyhttps://medium.com/@kumawatabhijeet2002/how-i-discovered-ssti-vulnerability-in-just-5-minutes-f7ac31f3f6b0?source=rss------bug_bounty-5Abhijeet kumawatinfose, hacking, bug-bounty-tips, bug-bounty, penetration-testing16-Dec-2024
Unmasking a Privacy Oversight: A Deep Dive into Persistent User Datahttps://medium.com/@najeebkm010/unmasking-a-privacy-oversight-a-deep-dive-into-persistent-user-data-5ee433397021?source=rss------bug_bounty-5Najeebkmbug-bounty, information-disclosure, cyber, security16-Dec-2024
RCE in 2 Universitieshttps://osintteam.blog/rce-in-2-universities-d2f13a2a2afb?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, cybersecurity, cyberattack, penetration-testing, bug-bounty-tips16-Dec-2024
Ethical Dilemmas in Using AI for Security Testing and Bug Bountieshttps://pointlessai.medium.com/ethical-dilemmas-in-using-ai-for-security-testing-and-bug-bounties-ad6d75e6fab7?source=rss------bug_bounty-5PointlessAI Mediumchatgpt, bug-bounty, bugbounty-writeup, ai16-Dec-2024
My Bug Hunting Methodology: Reconhttps://gentilsecurity.medium.com/my-bug-hunting-methodology-recon-cbc6821708d8?source=rss------bug_bounty-5GenTiLreconnaissance, cybersecurity, hacking, bug-hunting, bug-bounty16-Dec-2024
How to Hack JSON Web Tokens (JWT): Weak Implementations for Critical Vulnerabilitieshttps://medium.com/@bootstrapsecurity/how-to-hack-json-web-tokens-jwt-weak-implementations-for-critical-vulnerabilities-75462988cb11?source=rss------bug_bounty-5BootstrapSecurityethical-hacking, cybersecurity, jwt-token, bug-bounty, bug-bounty-tips16-Dec-2024
A Beginner's guide for Starting Web3 Bug Bountyhttps://bitpanic.medium.com/how-to-start-web3-bug-bounty-30f7f968ae11?source=rss------bug_bounty-5Spectat0rguybug-bounty, cybersecurity, web3, bug-bounty-tips, technology16-Dec-2024
My Bug Hunting Methodology: Recon | by ahmedhamdy0xhttps://gentilsecurity.medium.com/my-bug-hunting-methodology-recon-cbc6821708d8?source=rss------bug_bounty-5GenTiLreconnaissance, cybersecurity, hacking, bug-hunting, bug-bounty16-Dec-2024
2FA Testing Tips for Bug Bounty Huntershttps://bevijaygupta.medium.com/2fa-testing-tips-for-bug-bounty-hunters-d6d77322e1b4?source=rss------bug_bounty-5Vijay Guptabug-bounty, bug-bounty-tips, 2fa-authentication, bugs, 2fa16-Dec-2024
How I Discovered a High-Severity Vulnerability on Discord (and got rewarded)https://mirzebaba.medium.com/how-i-discovered-a-high-severity-vulnerability-on-discord-and-got-rewarded-bb327902fbb9?source=rss------bug_bounty-5Mirzəbabavulnerabilit, discord, ethical-hacking, cybersecurity, bug-bounty16-Dec-2024
Clop Ransomware Gang Behind Major Cleo Data Breachhttps://medium.com/@wiretor/clop-ransomware-gang-behind-major-cleo-data-breach-421b729bafde?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, ai, hacking, business16-Dec-2024
ConnectOnCall Breach Exposes 900K+ Records! Don’t Be Next — Get Wire Tor Protection Todayhttps://medium.com/@wiretor/connectoncall-breach-exposes-900k-records-dont-be-next-get-wire-tor-protection-today-d4dd7de3570d?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, bug-bounty, malware, ai, business16-Dec-2024
Winnti Hackers Strike Again: New ‘Glutton’ Backdoor Exposed!https://medium.com/@wiretor/winnti-hackers-strike-again-new-glutton-backdoor-exposed-5cd7bbb0faf0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, business, hacking, malware, ai16-Dec-2024
[Hacking Scope] Exposure for tons of secret documentshttps://medium.com/@nagashygaballah/hacking-scope-exposure-for-tons-of-secret-documents-5ba5c3906600?source=rss------bug_bounty-5111xNagashybug-bounty, penetration-testing, hacking16-Dec-2024
Traditional Penetration Testing vs. Bug Bounty Programshttps://medium.com/@hackrate/traditional-penetration-testing-vs-bug-bounty-programs-bb792a4d0d3f?source=rss------bug_bounty-5Levente Molnarethical-hacking, penetration-testing, bug-bounty, hacking, cybersecurity16-Dec-2024
From Minor Glitches to Major Wins: How I Chained CSRF and IDOR for a Critical Exploithttps://osintteam.blog/from-minor-glitches-to-major-wins-how-i-chained-csrf-and-idor-for-a-critical-exploit-0b110170cd9c?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, programming, cybersecurity, technology, bug-bounty16-Dec-2024
Searching web security lessons?https://medium.com/@l1ttlewing/searching-web-security-lessons-8a4dbefd0d04?source=rss------bug_bounty-5littlewinginfosec, cybersecurity, bug-bounty, information-security, web-security16-Dec-2024
Wordlists Every Pentester Must Have !!https://theartificialthinker.medium.com/wordlists-every-pentester-must-have-7ad4c1e46ce5?source=rss------bug_bounty-5Abhishek pawarethical-hacking, hacker, tech, pentest, bug-bounty16-Dec-2024
JWT Auth Gone Wild: The Unexpected Twist!https://medium.com/@ProwlSec/jwt-auth-gone-wild-the-unexpected-twist-a0b2ed943225?source=rss------bug_bounty-5ProwlSecjwt, bugs, bug-bounty, hacking, pentesting15-Dec-2024
What are Low Hanging Bugs? | Easy way to find them️‍♂️https://medium.com/@kumawatabhijeet2002/what-are-low-hanging-bugs-easy-way-to-find-them-%EF%B8%8F-%EF%B8%8F-399b37b354b7?source=rss------bug_bounty-5Abhijeet kumawathacking, bug-bounty-tips, infose, bugs, bug-bounty15-Dec-2024
MSSQL (Microsoft SQL Server) — Port 1433https://medium.com/@verylazytech/mssql-microsoft-sql-server-port-1433-bc26d0bbdca9?source=rss------bug_bounty-5Very Lazy Techpenetration-testing, mssql, oscp, bug-bounty, cybersecurity15-Dec-2024
Automotive Penetration Testing Checklisthttps://infosecwriteups.com/automotive-penetration-testing-checklist-8bbe83091c47?source=rss------bug_bounty-5Ajay Naikpenetration-testing, cybersecurity, information-technology, information-security, bug-bounty15-Dec-2024
SQL Injection Vulnerability on a Security Awareness website: From Database Dump to cPanel Accesshttps://medium.com/@anonymousshetty2003/sql-injection-vulnerability-on-a-security-awareness-website-from-database-dump-to-cpanel-access-4bb3645eef07?source=rss------bug_bounty-5Anonymousshettybug-bounty, sql-injection, cybersecurity, ethical-hacking15-Dec-2024
How i found a Email Spoofing vulnerability to perform Phishing Attackshttps://medium.com/@anonymousshetty2003/how-i-found-a-email-spoofing-vulnerability-to-perform-phishing-attacks-00ec2cc934bb?source=rss------bug_bounty-5Anonymousshettyemail-spoofing, cybersecurity, bug-bounty, ethical-hacking15-Dec-2024
ShadowJS: JavaScript File Discovery Toolhttps://medium.com/@rootspaghetti/shadowjs-javascript-file-discovery-tool-1ede2f3172b6?source=rss------bug_bounty-5Root@Spaghettibug-bounty-tips, bug-bounty15-Dec-2024
Ultimate Django Vulnerability Checklisthttps://bitpanic.medium.com/ultimate-django-vulnerability-checklist-ceb7f428c45f?source=rss------bug_bounty-5Spectat0rguytechnology, cybersecurity, python, bug-bounty, bug-bounty-tips15-Dec-2024
LKQ Hacked: Cyberattack Disrupts Canadian Unit Operations and Exposes Company Datahttps://medium.com/@wiretor/lkq-hacked-cyberattack-disrupts-canadian-unit-operations-and-exposes-company-data-7db6b9763011?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, xs, bug-bounty, lkq, hacking15-Dec-2024
Russia Blocks Viber: Latest Move to Censor Communicationshttps://medium.com/@wiretor/russia-blocks-viber-latest-move-to-censor-communications-9dce4d823d67?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesrussia, malware, viber, hacking, bug-bounty15-Dec-2024
JavaScript BugBounty Methodhttps://medium.com/@cc1a2bb/javascript-bugbounty-method-5b789bfa7f44?source=rss------bug_bounty-5cc1a2bhacking, cybersecurity, javascript, bug-bounty, bug-bounty-tips15-Dec-2024
Cybersecurity Roadmap 2025https://hackerassociate.medium.com/cybersecurity-roadmap-2025-f7ad9d4ac49c?source=rss------bug_bounty-5Harshad Shahcybersecurity, infosec, bug-bounty, penetration-testing, hacking14-Dec-2024
Simplifying Reconnaissance: Building a Custom Bug Hunting Discord Bothttps://medium.com/@najeebkm010/simplifying-reconnaissance-building-a-custom-bug-hunting-discord-bot-6792ab4249bf?source=rss------bug_bounty-5Najeebkmbug-bounty-tool, bug-bounty, cybersecurity14-Dec-2024
How I Discovered a $7,000 Critical Vulnerability: IDOR to BAC to Account Takeoverhttps://medium.com/@najeebkm010/how-i-discovered-a-7-000-critical-vulnerability-idor-to-bac-to-account-takeover-0c195eae2ed2?source=rss------bug_bounty-5Najeebkmbug-bounty-writeup, bug-bounty14-Dec-2024
10 day with Me | OWASP Top 10 | Day -1: Broken Access Controlhttps://infyra.medium.com/10-day-with-me-owasp-top-10-day-1-broken-access-control-e75572ce157e?source=rss------bug_bounty-5Md. EMTIAZ AHMEDbroken-access-control, owasp, owasp-top-10, bug-bounty, cybersecurity14-Dec-2024
Exploiting API Rate Limiting: Bypassing Restrictionshttps://medium.com/@bootstrapsecurity/exploiting-api-rate-limiting-bypassing-restrictions-c89a1bd61aee?source=rss------bug_bounty-5BootstrapSecurityapi-security, development, rate-limiting, hacking, bug-bounty14-Dec-2024
How I Found a Broken Link Hijacking Vulnerability in 2 Minutes | $250 Bountyhttps://medium.com/@kumawatabhijeet2002/how-i-found-a-broken-link-hijacking-vulnerability-in-2-minutes-250-bounty-0d991eb9c61b?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, bugs, infosec, broken-link-hijacking, hacking14-Dec-2024
My First Critical Bug: Exposing 3.5 Lakh+ PII! ️https://infosecwriteups.com/my-first-critical-bug-exposing-3-5-lakh-pii-%EF%B8%8F-fbad616ddbea?source=rss------bug_bounty-5cryptoshanthacking, bug-bounty-tips, penetration-testing, cybersecurity, bug-bounty14-Dec-2024
Git Information Leak: How to Exploit an Exposed .git Repository on a Web Serverhttps://medium.com/@burhankhansodhar/git-information-leak-how-to-exploit-an-exposed-git-repository-on-a-web-server-ac190ae18928?source=rss------bug_bounty-5Itz Burhan Khanpenetration-testing, web-server, directory-listing, bug-bounty, git14-Dec-2024
Are you looking for an Intigriti alternative?https://medium.com/@hackrate/are-you-looking-for-an-intigriti-alternative-4128a25888ed?source=rss------bug_bounty-5Levente Molnarcybersecurity, bug-bounty, hacking, ethical-hacking, penetration-testing14-Dec-2024
Dubai Police Identity Used in Sophisticated UAE Mobile Scamshttps://medium.com/@wiretor/dubai-police-identity-used-in-sophisticated-uae-mobile-scams-36b9d149db17?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, malware, hacking, ai, bug-bounty14-Dec-2024
Using Platform Profiles to send Fake in Information: A Security Risk Good logic bughttps://medium.com/@mahdisalhi0500/using-platform-profiles-to-send-fake-in-information-a-security-risk-good-logic-bug-0510d73802b8?source=rss------bug_bounty-5CaptinSHArky(Mahdi)penetration-testing, cybersecurity, bug-bounty-tips, bug-bounty, security14-Dec-2024
P4 bug’s and their POC steps | Part 9https://osintteam.blog/p4-bugs-and-their-poc-steps-part-9-c1f873227917?source=rss------bug_bounty-5socalledhackerinfosec, bug-bounty, bug-bounty-tips, cybersecurity, hacking14-Dec-2024
Reflected XSS on Gaming Blog Websitehttps://medium.com/@enigma_/reflected-xss-on-gaming-blog-website-edc448d613a3?source=rss------bug_bounty-5enigma_writeup, bug-bounty-writeup, hackin, penetration-testing, bug-bounty13-Dec-2024
Introducing ShodanSpider v2: Your Ultimate Free Tool for CVE Searching and Shodan Data Analysis…https://shubhamrooter.medium.com/introducing-shodanspider-v2-your-ultimate-free-tool-for-cve-searching-and-shodan-data-analysis-ba7c7b3097b0?source=rss------bug_bounty-5Shubham Tiwaricybersecurity, shodanspider, bug-bounty, redteam-tool, pentesting13-Dec-2024
#ERROR!https://medium.com/meetcyber/hidden-ace-up-hackers-sleeve-hacking-gadgets-1-phone-on-a-simmy-8b3d3cd540cf?source=rss------bug_bounty-5NnFacecybersecurity, hacking, termux, kali-linux, bug-bounty13-Dec-2024
Deep Recon Methodology for Bug Bounty Hunters | Part-1https://medium.com/@kumawatabhijeet2002/deep-recon-methodology-for-bug-bounty-hunters-part-1-54bdac09dcf4?source=rss------bug_bounty-5Abhijeet kumawatinfosec, bug-bounty, methodology, bug-bounty-tips13-Dec-2024
Critical Unauthorized Access to Admin Pages via Vulnerable Endpointshttps://hackersatty.medium.com/critical-unauthorized-access-to-admin-pages-via-vulnerable-endpoints-e8799b3f7f69?source=rss------bug_bounty-5hackersattyadmin-panel, javascript, bug-bounty, hackerone, hackersatty13-Dec-2024
Third Party Services Takeover using Oauth Misconfigurationhttps://infosecwriteups.com/third-party-services-takeover-using-oauth-misconfiguration-8888a0c1ad86?source=rss------bug_bounty-5Ronak Patelinformation-security, cybersecurity, ethical-hacking, bug-bounty13-Dec-2024
Idor Is Easy ! You may Don’t know ! The Longest PrivEsc I’ve ever faced on Public BBPhttps://medium.com/@Ahmex000/idor-is-easy-you-may-dont-know-the-longest-privesc-i-ve-ever-faced-on-public-bbp-1bf67cd699d8?source=rss------bug_bounty-5Ahmex000bug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-hunting, bugbounty-writeup13-Dec-2024
How I Found and Fixed XSS on a Website: A Bug Hunter’s Talehttps://medium.com/@mayankmalaviya3/how-i-found-and-fixed-xss-on-a-website-a-bug-hunters-tale-bc7351043928?source=rss------bug_bounty-5Mayank Malaviya (Aiwolfie)hacking, bug-bounty, security, xss-attack, vulnerability13-Dec-2024
429 Bypasser Extension Guidehttps://medium.com/@raxomara/429-bypasser-extension-guide-1d4f86b7d630?source=rss------bug_bounty-5Raxomaracybersecurity, 429-bypasser, rate-limit-bypass, bug-bounty, bug-bounty-tips13-Dec-2024
Make Penetration Testing Sexy Againhttps://medium.com/@hackrate/make-penetration-testing-sexy-again-with-hackgate-51c556944c0b?source=rss------bug_bounty-5Levente Molnarethical-hacking, bug-bounty, cybersecurity, penetration-testing, hacking13-Dec-2024
The Growing Threat of Identity Attacks in Cybersecurityhttps://medium.com/@paritoshblogs/the-growing-threat-of-identity-attacks-in-cybersecurity-5e847cf4ab6d?source=rss------bug_bounty-5Paritoshinformation-technology, hacking, cybersecurity, identity, bug-bounty13-Dec-2024
Bug Bounty Training Programhttps://bevijaygupta.medium.com/bug-bounty-training-program-78c927572385?source=rss------bug_bounty-5Vijay Guptabug-bounty-writeup, bug-bounty, bug-bounty-tips, bugs, bug-zero13-Dec-2024
A Beginner’s Guide to Testing for Server-Side Request Forgery (SSRF)https://medium.com/@mcooter/a-beginners-guide-to-testing-for-server-side-request-forgery-ssrf-9a4b5e16fdd2?source=rss------bug_bounty-5Michael Cooterbug-bounty, ssrf, oswa, web-application-security, hacking13-Dec-2024
Android vs iOS Security Introhttps://medium.com/@in3tinct/android-vs-ios-security-intro-4a9b5ecc65cf?source=rss------bug_bounty-5Vaibhavsecurity, android, bug-bounty, ios, mobile-app-development13-Dec-2024
Bug Bounty Findings: 10 Major Vulnerabilities Exposed in Cloverleaf’s Application — IDOR — Part 2https://medium.com/@maakthon/bug-bounty-findings-10-major-vulnerabilities-exposed-in-cloverleafs-application-idor-part-2-932746b6b445?source=rss------bug_bounty-5Mahmoud Abd Alkarimsecurity-research, web-application-security, cybersecurity, bug-bounty, bug-bounty-writeup13-Dec-2024
APIS are so easy to exploithttps://medium.com/@momen_besher/apis-are-so-easy-to-exploit-80bf65941e28?source=rss------bug_bounty-5steve55555api, vulnerability, bug-bounty-tips, cybersecurity, bug-bounty13-Dec-2024
【Award-winning Survey】About Security Vulnerability Submission Functionhttps://medium.com/@security.tecno/award-winning-survey-about-security-vulnerability-submission-function-c3113e2baec0?source=rss------bug_bounty-5TECNO Securityrewards, bugs, surveys, hacking, bug-bounty12-Dec-2024
[Bugbounty]SQLI — Data Exfiltration via DNShttps://medium.com/@kauenavarro/bugbounty-sqli-data-exfiltration-via-dns-3e68ece08205?source=rss------bug_bounty-5Kauê Navarrohacking, sqli, bug-hunter, bug-bounty, bugcrowd12-Dec-2024
How I Bypassed Email Confirmation: A Playful Journey into the World of Bug Huntinghttps://medium.com/@mrasg/how-i-bypassed-email-confirmation-a-playful-journey-into-the-world-of-bug-hunting-30f72d6c2fb6?source=rss------bug_bounty-5Ahmed Samir Ghallabpentesting, bug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty12-Dec-2024
Measuring the Success of Bug Bounty Programs: Outdated vs. Modern Approacheshttps://medium.com/@hackrate/measuring-the-success-of-bug-bounty-programs-outdated-vs-modern-approaches-9cf87655092b?source=rss------bug_bounty-5Levente Molnarethical-hacking, penetration-testing, cybersecurity, hacking, bug-bounty12-Dec-2024
How I hacked Universityhttps://medium.com/@Wantet/how-i-hacked-university-76097e703cb5?source=rss------bug_bounty-5Wantetpenetration-testing, university, bug-bounty, hacking12-Dec-2024
How to Find and Identify Race Condition Vulnerabilities as a Penetration Testerhttps://cyberw1ng.medium.com/how-to-find-and-identify-race-condition-vulnerabilities-as-a-penetration-tester-9d9ecce6ed56?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, hacking, careers, technology12-Dec-2024
Bug Bounty Findings: 10 Major Vulnerabilities Exposed in Cloverleaf’s Application - Open Redirect …https://medium.com/@maakthon/bug-bounty-findings-10-major-vulnerabilities-exposed-in-cloverleafs-web-application-part-1-95f659ff7d0a?source=rss------bug_bounty-5Mahmoud Abd Alkarimweb-application-security, cybersecurity, bug-bounty-writeup, bug-bounty, security-research12-Dec-2024
Account Takeover using SSO Loginshttps://rikeshbaniya.medium.com/account-takeover-using-sso-logins-fa35f28a358b?source=rss------bug_bounty-5Rikesh Baniyabugcrowd, bug-bounty-writeup, bug-bounty-tips, hackerone, bug-bounty12-Dec-2024
Hack The Box Academy — File Inclusion — Skills Assessmenthttps://medium.com/@d4nglz17/hack-the-box-academy-file-inclusion-skills-assessment-1ca0283a9a06?source=rss------bug_bounty-5Danglzhackthebox, penetration-testing, bug-bounty-writeup, bug-bounty, information-security12-Dec-2024
Identity & Access Alert: Microsoft MFA Bypassed via AuthQuake Attack!https://medium.com/@wiretor/identity-access-alert-microsoft-mfa-bypassed-via-authquake-attack-fc57043fe39a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, microsoft, bug-bounty, ai, business12-Dec-2024
Critical Alert: Hackers Exploit Hunk Companion WordPress Plugin!https://medium.com/@wiretor/critical-alert-hackers-exploit-hunk-companion-wordpress-plugin-50fcf5834f84?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, wordpress, hacking, bug-bounty, malware12-Dec-2024
€XXX bounty for 2FA disabled without password and OTP by response manipulationhttps://osintteam.blog/xxx-bounty-for-2fa-disabled-without-password-and-otp-by-response-manipulation-499ba5234a4f?source=rss------bug_bounty-5socalledhackerhacking, bug-bounty, infosec, cybersecurity, bug-bounty-tips12-Dec-2024
“Bypasseando controles en un POS” (Un poco de humo… del bueno)https://medium.com/@andresbe.be/bypasseando-controles-en-un-pos-un-poco-de-humo-del-bueno-b18b6ecbc775?source=rss------bug_bounty-5Andres Barrosobypass-restriction, point-of-sale-device, bug-bounty12-Dec-2024
How a Race Condition Became an Account Takeover Vulnerabilityhttps://medium.com/@mrasg/how-a-race-condition-became-an-account-takeover-vulnerability-756f14990f38?source=rss------bug_bounty-5Ahmed Samir Ghallabbug-bounty-writeup, bug-bounty-tips, security, pentesting, bug-bounty12-Dec-2024
“Bypasseando controles en un POS”https://medium.com/@andresbe.be/bypasseando-controles-en-un-pos-un-poco-de-humo-del-bueno-b18b6ecbc775?source=rss------bug_bounty-5Andres Barrosobypass-restriction, point-of-sale-device, bug-bounty12-Dec-2024
Exposed Git Directory P1 Bughttps://medium.com/@abhirupkonwar04/exposed-git-directory-p1-bug-5fd272a62f51?source=rss------bug_bounty-5AbhirupKonwarvulnerability-management, pentesting, bug-bounty-tips, bug-bounty, bug-bounty-writeup11-Dec-2024
We Faced a Brute Force Attack — Here’s What Saved Us!https://medium.com/@paritoshblogs/we-faced-a-brute-force-attack-heres-what-saved-us-1d33547eca61?source=rss------bug_bounty-5Paritoshinformation-technology, hacking, cybersecurity, bug-bounty, brute-force11-Dec-2024
Exposed Git Directory P1 Bughttps://systemweakness.com/exposed-git-directory-p1-bug-5fd272a62f51?source=rss------bug_bounty-5AbhirupKonwarvulnerability-management, pentesting, bug-bounty-tips, bug-bounty, bug-bounty-writeup11-Dec-2024
Email Flooding Without Knowing Victim Email Via CSRFhttps://0xshuvo.medium.com/email-flooding-without-knowing-victim-email-via-csrf-8de8bf5de3a3?source=rss------bug_bounty-5Shuvo Kumar Sahaemail-flooding, csrf, bug-bounty, bugbounty-writeup, bug-bounty-tips11-Dec-2024
How I Earned My First $100 in a Bug Bounty Program (And How You Can Too!)https://medium.com/@divyesh.jagad/how-i-earned-my-first-100-in-a-bug-bounty-program-and-how-you-can-too-57b58b37226a?source=rss------bug_bounty-5Divyesh Jagadpassive-income, data-security, bug-bounty, ethical-hacking, cybersecurity11-Dec-2024
Easy SQLI in just 30 minuteshttps://medium.com/@mohammed01550038865/easy-sqli-in-just-30-minutes-0296038bb473?source=rss------bug_bounty-5Muhammed Mubarakbug-bounty, hackerone, sql-injection, bugcrowd, writing-tips11-Dec-2024
IDOR leads to leak private user’s datahttps://medium.com/@banertheinrich/idor-leads-to-leak-private-users-data-3a2b59f58826?source=rss------bug_bounty-5Adham Heinrichidor, bug-bounty, idor-vulnerability, cybersecurity, penetration-testing11-Dec-2024
Hackrate PTaaS Powered by HackGATE: Redefining Penetration Testinghttps://medium.com/@hackrate/hackrate-ptaas-powered-by-hackgate-redefining-penetration-testing-cb91c07ecc8f?source=rss------bug_bounty-5Levente Molnarpenetration-testing, bug-bounty, ethical-hacking, cybersecurity, hacking11-Dec-2024
Data Breach: 446K Patients & Employees Affected at Center for Vein Restorationhttps://medium.com/@wiretor/data-breach-446k-patients-employees-affected-at-center-for-vein-restoration-a75cf6fc1a5e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, bug-bounty, hacking, malware, business11-Dec-2024
Urgent Warning: Ivanti CSA Flaw Exposes Admin Controls to Hackers!https://medium.com/@wiretor/urgent-warning-ivanti-csa-flaw-exposes-admin-controls-to-hackers-d6937ede4389?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, ivanti, ransomware, business11-Dec-2024
Critical WPForms Flaw Exposes 6M Sites to Unauthorized Stripe Refundshttps://medium.com/@wiretor/critical-wpforms-flaw-exposes-6m-sites-to-unauthorized-stripe-refunds-da9f48a7bfd0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, wpforms, business, malware11-Dec-2024
How I Secured The Indian Army?https://cybersecuritywriteups.com/how-i-secured-the-indian-army-9a80ba399202?source=rss------bug_bounty-5Guru Prasad Pattanaikbug-bounty-tips, cybersecurity, ethical-hacking, bug-bounty-writeup, bug-bounty11-Dec-2024
Mastering JavaScript, Can It Make You an XSS Bug Hunter?https://rendiero.medium.com/mastering-javascript-can-it-make-you-an-xss-bug-hunter-a0f0aaba0c6f?source=rss------bug_bounty-5Rendierohacking, penetration-testing, bug-bounty, xss-attack, javascript10-Dec-2024
Email and home address disclosure using unauthenticated API endpoint worth $500https://vijetareigns.medium.com/email-and-home-address-disclosure-using-unauthenticated-api-endpoint-worth-500-4a497ff0678c?source=rss------bug_bounty-5the_unlucky_guycybersecurity, bug-bounty, application-security, bug-bounty-writeup, bug-bounty-tips10-Dec-2024
Investigating a Linux Machine Security Breach Without Tools!https://medium.com/@paritoshblogs/investigating-a-linux-machine-security-breach-without-tools-464e14bdeab0?source=rss------bug_bounty-5Paritoshhacking, information-technology, linux, bug-bounty, cybersecurity10-Dec-2024
$500 Bypassing Cloudflare WAF to Achieve XSShttps://medium.com/@kumawatabhijeet2002/500-bypassing-cloudflare-waf-to-achieve-xss-f3b9c4acb702?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, xss-vulnerability, bug-bounty-writeup, bug-bounty-tips, bugs10-Dec-2024
HackerOne 香港汇丰接收赏金https://medium.com/@dem0ns/hackerone-%E9%A6%99%E6%B8%AF%E6%B1%87%E4%B8%B0%E6%8E%A5%E6%94%B6%E8%B5%8F%E9%87%91-353356389bc9?source=rss------bug_bounty-5猫猫虫hsbc, h1, bug-bounty, hackerone, 挖洞10-Dec-2024
One way hackers stole API keys, Passwords, Tokens and Secrets.https://osintteam.blog/one-way-hackers-stole-api-keys-passwords-tokens-and-secrets-4e731435bbd4?source=rss------bug_bounty-5Pwndec0c0programming, bug-bounty, cybersecurity, hacking, web-development10-Dec-2024
Zoho QEngine: Arbitrary File Readhttps://infosecwriteups.com/zoho-qengine-arbitrary-file-read-08df3d1e167e?source=rss------bug_bounty-5Jayateertha Guruprasadhacking, cybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup10-Dec-2024
NASA P2 Google Dorkinghttps://medium.com/@srinathkk99/nasa-p3-google-dorking-f7bd4b56d395?source=rss------bug_bounty-5Srinath K Kcybersecurity, bug-bounty, nasa, vulnerability, appreciation10-Dec-2024
The Ultimate Guide to Starting a Bug Bounty Program: A Company’s Perspectivehttps://medium.com/@hackrate/the-ultimate-guide-to-starting-a-bug-bounty-program-a-companys-perspective-4feebb585ac4?source=rss------bug_bounty-5Levente Molnarethical-hacking, hacking, penetration-testing, cybersecurity, bug-bounty10-Dec-2024
I Found 7 Log4j (RCE) in a Single Program!https://medium.com/@rootplinix/i-found-7-log4j-rce-in-a-single-program-5afb7d02dd06?source=rss------bug_bounty-5Abu Hurayrabug-bounty-tips, cybersecurity, bug-bounty-writeup, log4shell, bug-bounty10-Dec-2024
Must-Have Hacking Extensions For Bugbounty Huntershttps://medium.com/@The_scratch/must-have-hacking-extensions-for-bugbounty-hunters-5de4c56c6963?source=rss------bug_bounty-5Scratchreconnaissance, bug-bounty, cybersecurity, hacking, bug-bounty-tips10-Dec-2024
Naabu: A Fast and Efficient Port Scanning Toolhttps://medium.com/@rootspaghetti/naabu-a-fast-and-efficient-port-scanning-tool-a5f8a4cf0641?source=rss------bug_bounty-5Root@Spaghettibug-bounty-tips, hacking, bug-bounty10-Dec-2024
OAuth Account Hijacking via redirect_urihttps://osintteam.blog/oauth-account-hijacking-via-redirect-uri-ae8ca7a66930?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafébug-bounty, pentesting, bug-bounty-tips, information-security, cybersecurity10-Dec-2024
How i bypassed 403 forbidden (private method)https://medium.com/@reazatih/how-i-bypassed-403-forbidden-private-method-fc066c11f90f?source=rss------bug_bounty-5Re@Zacybersecurity, bug-bounty, penetration-testing, 403-forbidden, hacking10-Dec-2024
$50M Crypto Heist Linked to North Korean Hackers in Radiant Capital Attackhttps://medium.com/@wiretor/50m-crypto-heist-linked-to-north-korean-hackers-in-radiant-capital-attack-71be5b6515d7?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, ai, crypto, bug-bounty, malware10-Dec-2024
Chinese Cyber Attack Targets European IT Firms Using Visual Studio Code for Supply-Chain…https://medium.com/@wiretor/chinese-cyber-attack-targets-european-it-firms-using-visual-studio-code-for-supply-chain-761a472b00b2?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, ai, bug-bounty, malware, hacking10-Dec-2024
Romanian Energy Supplier Electrica Hit by Ransomware Attack ⚡https://medium.com/@wiretor/romanian-energy-supplier-electrica-hit-by-ransomware-attack-8e1b3d8e453d?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, hacking, malware, romania, bug-bounty10-Dec-2024
OpenWrt Sys upgrade Flaw: Hackers Can Push Malicious Firmware Imageshttps://medium.com/@wiretor/openwrt-sys-upgrade-flaw-hackers-can-push-malicious-firmware-images-088a0d23a1b0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, openwrt, business, bug-bounty, hacking10-Dec-2024
Mastering Bug Bounty Recon: Essential Techniques for Ethical Hackershttps://medium.com/@verylazytech/mastering-bug-bounty-recon-essential-techniques-for-ethical-hackers-549c5b472975?source=rss------bug_bounty-5Very Lazy Techsubdomain-enumeration, bug-bounty, github-recon, ethical-hacking, bug-bounty-techniques10-Dec-2024
How I Bypassed OTP Like a Devil, Leading to Full Account Takeoverhttps://infosecwriteups.com/how-i-bypassed-otp-like-a-devil-leading-to-full-account-takeover-7bb7a673f7a0?source=rss------bug_bounty-5Ranjanaccount-takeover, bug-bounty, ethical-hacking, otp-bypass, hacking10-Dec-2024
How I Earned Over 100 Points on HackerOne with Email Spoofing.https://j0nasdias.medium.com/how-i-earned-over-100-points-on-hackerone-with-email-spoofing-1ae0c4bc6aba?source=rss------bug_bounty-5Jonas Dias Rebelopentest, vulnerability, email-spoofing, hackerone, bug-bounty10-Dec-2024
NASA P3 Google Dorkinghttps://cybersecuritywriteups.com/nasa-p3-google-dorking-6779970b6f03?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-writeup, cybersecurity, bug-bounty-tips, pentesting, bug-bounty09-Dec-2024
Vote Manipulation & Debug Exposure, Another Interesting Finding…https://medium.com/@josuofficial327/vote-manipulation-debug-exposure-another-interesting-finding-ec31f8cb939c?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuprogramming, bug-bounty-tips, penetration-testing, cybersecurity, bug-bounty09-Dec-2024
How I Exploited Amazon Cognito Misconfigurations to Access Confidential S3 Datahttps://1-day.medium.com/how-i-exploited-amazon-cognito-misconfigurations-to-access-confidential-s3-data-badb62cabfab?source=rss------bug_bounty-51daybug-bounty-writeup, writeup, pentesting, bug-bounty, aws09-Dec-2024
From Couch to Cloud: Bug Hunting Made Easy!https://udayshelke17-40981.medium.com/from-couch-to-cloud-bug-hunting-made-easy-993039c8208b?source=rss------bug_bounty-5sudo udayhacking, bug-bounty, cybersecurity, cloud-security, bug-bounty-tips09-Dec-2024
How I Earned $$$ | Open Redirectionhttps://medium.com/@A0X-Y0S3TRX/how-i-earned-open-redirection-c26e191dbff2?source=rss------bug_bounty-5A0X-Y0S3TRXbug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-bounty-hunter, bug-bounty-program09-Dec-2024
The List of Top Penetration Testing as a Service (PTaaS) Platforms for 2024https://medium.com/@hackrate/the-list-of-top-penetration-testing-as-a-service-ptaas-platforms-for-2024-e04969614042?source=rss------bug_bounty-5Levente Molnarethical-hacking, cybersecurity, bug-bounty, hacking, penetration-testing09-Dec-2024
How I Exploited Amazon Cognito Misconfigurations to Access Confidential S3 Datahttps://awstip.com/how-i-exploited-amazon-cognito-misconfigurations-to-access-confidential-s3-data-badb62cabfab?source=rss------bug_bounty-51daybug-bounty-writeup, writeup, pentesting, bug-bounty, aws09-Dec-2024
VPS for Hackers: Top Picks for Bug Bounty and Cloud Pentesters Enthusiasts 2025https://hackerassociate.medium.com/vps-for-hackers-top-picks-for-bug-bounty-and-cloud-pentesters-enthusiasts-2025-195b17eea9f7?source=rss------bug_bounty-5Harshad Shahcybersecurity, bug-bounty, penetration-testing, infosec, vps09-Dec-2024
Exposed Prometheus Server Endpointhttps://osintteam.blog/exposed-prometheus-server-endpoint-cfb8e82e441b?source=rss------bug_bounty-5AbhirupKonwarpentesting, bug-bounty, bug-bounty-writeup, vulnerability-management, bug-bounty-tips09-Dec-2024
2.9 Billion Records Compromised in NPD Breach: The Largest Data Leak Ever!https://medium.com/@wiretor/2-9-billion-records-compromised-in-npd-breach-the-largest-data-leak-ever-9edaa25d362c?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, ransomware, bug-bounty, breach, malware09-Dec-2024
One Phishing Hit Leads to Massive Breach: 11K Children’s Data Exposedhttps://medium.com/@wiretor/one-phishing-hit-leads-to-massive-breach-11k-childrens-data-exposed-f8bb80abc574?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesphising, business, malware, bug-bounty, hacking09-Dec-2024
Eight Suspected Phishers Arrested in Belgium, Netherlands for Multi-Million Euro Fraud Schemehttps://medium.com/@wiretor/eight-suspected-phishers-arrested-in-belgium-netherlands-for-multi-million-euro-fraud-scheme-2df2e53d1fe3?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, phishing, business, malware, scam09-Dec-2024
How to Earn Money with Bug Bounties and Other Platformshttps://medium.com/@tuteja_lovish/how-to-earn-money-with-bug-bounties-and-other-platforms-6a248db1a94d?source=rss------bug_bounty-5Lovish Kumarsecurity-token, bugs, bug-bounty, security, bounties09-Dec-2024
QR Codes Bypass Browser Isolation for Malicious C2 Communication ️https://medium.com/@wiretor/qr-codes-bypass-browser-isolation-for-malicious-c2-communication-%EF%B8%8F-6dddc201d532?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, hacking, business, bug-bounty, qr-code09-Dec-2024
Server Security Misconfiguration: Misconfigured DNS — High-Impact Subdomain Takeover (P2)https://medium.com/@mathewskuruvila32/server-security-misconfiguration-misconfigured-dns-high-impact-subdomain-takeover-p2-cb9e7ccadf2d?source=rss------bug_bounty-5Mathews kuruvilavulnerability, hacking, ethical-hacking, web-app-development, bug-bounty09-Dec-2024
The HackerOne-Wayback Machine Saga: An Unofficial Vulnerability or Just Public Oversight?https://huntrai.medium.com/the-hackerone-wayback-machine-saga-an-unofficial-vulnerability-or-just-public-oversight-22c1fb0112bb?source=rss------bug_bounty-5Aditya sunnybug-bounty, bugs, hacking09-Dec-2024
How I Discovered a Critical Vulnerability in WhatsApp’s Admin Systemhttps://huntrai.medium.com/how-i-discovered-a-critical-vulnerability-in-whatsapps-admin-system-ce0a3f2bbcb2?source=rss------bug_bounty-5Aditya sunnyinfosec, bug-bounty, hackerone, hacking, bugs09-Dec-2024
1-Click Account Takeover (ATO) via CORS Misconfigurationhttps://medium.com/@mohammed01550038865/1-click-account-takeover-ato-via-cors-misconfiguration-64dc26d24917?source=rss------bug_bounty-5Muhammed Mubarakhackerone, bugcrowd, bug-bounty-tips, ato, bug-bounty09-Dec-2024
From Dev to Disaster: My Hilarious First Attempt at Bug Bounties with Burp Suite Prohttps://medium.com/@zero_4583/from-dev-to-disaster-my-hilarious-first-attempt-at-bug-bounties-with-burp-suite-pro-20fddd3ad295?source=rss------bug_bounty-5Nathan Vincentbug-bounty, burpsuite, appsec, penetration-testing08-Dec-2024
Misconfigurations That Paid Me Big: How I Exploited Them (And How You Can Stop Me)https://systemweakness.com/misconfigurations-that-paid-me-big-how-i-exploited-them-and-how-you-can-stop-me-788a5375aa3c?source=rss------bug_bounty-5Akash Ghoshtechnology, bug-bounty, cybersecurity, bug-bounty-writeup, programming08-Dec-2024
$400 Bounty in 10 sechttps://systemweakness.com/400-bounty-in-10-sec-14d26c2976ec?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-writeup, pentesting, bug-bounty-tips, cybersecurity, bug-bounty08-Dec-2024
Critical Authentication Bypass & Account Takeover via Attacker’s MFA Codehttps://medium.com/@sharp488/critical-authentication-bypass-account-takeover-via-attackers-mfa-code-fadf36fe6e34?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbug-bounty, information-technology, bug-bounty-writeup, bug-bounty-tips, information-security08-Dec-2024
WhiteLevel Error Page / Spring Boot Actuators Huntinghttps://0xshuvo.medium.com/whitelevel-error-page-spring-boot-actuators-hunting-b0290c4ccdbd?source=rss------bug_bounty-5Shuvo Kumar Sahabug-bounty-writeup, bug-bounty, infosec, bug-hunting, exploit08-Dec-2024
The Dark Side of AI: Inside PyTorch’s Unpatched Vulnerabilitieshttps://medium.com/@piyushbhor22/the-dark-side-of-ai-inside-pytorchs-unpatched-vulnerabilities-0d8ce74fc9b5?source=rss------bug_bounty-5Pi - The Kernel Panicmachine-learning, pytorch, zero-day, exploits-zero-day, bug-bounty08-Dec-2024
All About Pentesting & Securing Checkouts and Transactionshttps://infosecwriteups.com/all-about-pentesting-securing-checkouts-and-transactions-f7bb1de4fd7b?source=rss------bug_bounty-5Xcheaterbug-bounty, appsec, payment-gateway08-Dec-2024
Exploiting PHP Insecure Deserializationhttps://medium.com/@mayank_prajapati/exploiting-php-insecure-deserialization-2e301557f12f?source=rss------bug_bounty-5Mayank Kumar Prajapatibug-bounty, cybersecurity, red-team, ethical-hacking, penetration-testing08-Dec-2024
$200 Recon Bug Bountyhttps://medium.com/infosecmatrix/200-recon-bug-bounty-3538566b94dc?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, pentesting, bug-bounty-writeup, ethical-hacking, bug-bounty08-Dec-2024
The Ultimate Guide to Starting a Penetration Testing as a Service (PTaaS) Project for Your Companyhttps://medium.com/@hackrate/the-ultimate-guide-to-starting-a-penetration-testing-as-a-service-ptaas-project-for-your-company-5d7919eed353?source=rss------bug_bounty-5Levente Molnarbug-bounty, hacking, penetration-testing, ethical-hacking, cybersecurity08-Dec-2024
PoC: Bypass Input with SQL Injection to Gaining Information in SMK Maarif Terpadu Cicalengka and…https://medium.com/@baracarlo/poc-bypass-input-with-sql-injection-to-gaining-information-in-smk-maarif-terpadu-cicalengka-and-51d56cfbbd60?source=rss------bug_bounty-5Baradikasql-injection, cybersecurity, bug-hunting, bug-bounty08-Dec-2024
How I Found Info disclosure vulnerability?https://doordiefordream.medium.com/how-i-found-info-disclosure-vulnerability-32fa9e9b9a45?source=rss------bug_bounty-5Bug hunter baluethical-hacking, hacking, cybersecurity, bug-bounty, web308-Dec-2024
Russia’s ‘BlueAlpha’ APT Hides in Cloudflare Tunnelshttps://medium.com/@wiretor/russias-bluealpha-apt-hides-in-cloudflare-tunnels-7d7372615241?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, malware, business, russia08-Dec-2024
Top 5 Must-Read Books to Master Web Penetration Testing (Beginners & Beyond)https://medium.com/@verylazytech/top-5-must-read-books-to-master-web-penetration-testing-beginners-beyond-9bf99651445f?source=rss------bug_bounty-5Very Lazy Techhacking, bug-bounty, penetration-testing, web-development, web-penetration-testing08-Dec-2024
How I Found a Critical Vulnerability and Earned $4,000 in Bug Bounty Huntinghttps://medium.com/@zack0x01_/how-i-found-a-critical-vulnerability-and-earned-4-000-in-bug-bounty-hunting-2ce4a1227fdc?source=rss------bug_bounty-5zack0x01idor, cybersecurity, bug-bounty, hacking08-Dec-2024
Mastering Git Conflicts: A Developer’s Guide to Seamless Merges ️⚡https://rajuhemanth456.medium.com/mastering-git-conflicts-a-developers-guide-to-seamless-merges-%EF%B8%8F-19718b819da0?source=rss------bug_bounty-5Hemanth Rajubug-bounty, coding, software-development, interview, github08-Dec-2024
Privilege Escalation via Impersonation Features featurehttps://medium.com/@0x_xnum/privilege-escalation-via-impersonation-features-feature-c49cf3a3dc03?source=rss------bug_bounty-5Ahmed Tarekprivilege-escalation, hacking, bug-bounty-tips, bug-bounty, pentesting08-Dec-2024
Mastering Internet Scanning: How to Use ZMap and Censys for Ethical Hacking — Part 1https://systemweakness.com/mastering-internet-scanning-how-to-use-zmap-and-censys-for-ethical-hacking-part-1-2ca54401e2e0?source=rss------bug_bounty-5hacker_mightreconnaissance, recon, ip-security, zmap, bug-bounty08-Dec-2024
Unlocking Cybersecurity with Censys: A Guide to Ethical Hacking, Bug Bounties, and Pentesting —…https://systemweakness.com/unlocking-cybersecurity-with-censys-a-guide-to-ethical-hacking-bug-bounties-and-pentesting-4e1c6e4358c3?source=rss------bug_bounty-5hacker_mightfun, bug-bounty, recon, censys, osint08-Dec-2024
Mastering Subdomain Visualization: Using Aquatone for Effective Reconnaissanchttps://medium.com/@kalkumbe7745/mastering-subdomain-visualization-using-aquatone-for-effective-reconnaissanc-6409c7846c2c?source=rss------bug_bounty-5Rutvik Kalkumbeethical-hacking, cybersecurity, bug-bounty, security, aquatone08-Dec-2024
How I Test for Cross-Site Scriptinghttps://osintteam.blog/how-i-test-for-cross-site-scripting-9262de5e949d?source=rss------bug_bounty-5Cybersec with Hemmarswriting, technology, cybersecurity, bug-bounty08-Dec-2024
My First Bounty of ₹₹₹https://osintteam.blog/my-first-bounty-of-37c2d40cbdd9?source=rss------bug_bounty-5cryptoshantpassword-reset, bug-bounty, journey, cybersecurity, hacking07-Dec-2024
From Low Privileges to Owner Rights: A Wild Journey Through an ATO Vulnerabilityhttps://medium.com/@mrasg/from-low-privileges-to-owner-rights-a-wild-journey-through-an-ato-vulnerability-cb21c468634c?source=rss------bug_bounty-5Ahmed Samir Ghallabbug-bounty-tips, bug-bounty-writeup, cybersecurity, hacking, bug-bounty07-Dec-2024
P3 Bug in Few Minuteshttps://medium.com/meetcyber/p3-bug-in-few-minutes-006f57913f71?source=rss------bug_bounty-5AbhirupKonwarpentesting, cybersecurity, bug-bounty, infosec, bug-bounty-tips07-Dec-2024
How I Found an ATO Vulnerability in Stripe Program in an Overlooked Cornerhttps://medium.com/@mrasg/how-i-found-an-ato-vulnerability-in-stripe-program-in-an-overlooked-corner-dce7d2cdaaf9?source=rss------bug_bounty-5Ahmed Samir Ghallabsecurity, bug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty07-Dec-2024
How to Make a Clickjacking Vulnerability Scanner with Pythonhttps://infosecwriteups.com/how-to-make-a-clickjacking-vulnerability-scanner-with-python-a53f48e70b58?source=rss------bug_bounty-5Muhammad Abdullahipython, cybersecurity, bug-bounty, hacking, python-programming07-Dec-2024
Beyond signUP OR resetPassword || Send , Confirm AND Setting !https://medium.com/@0xAwali/beyond-signup-or-resetpassword-send-confirm-and-setting-d153f3ab6e17?source=rss------bug_bounty-5Mahmoud M. Awaliweb-security, bug-bounty07-Dec-2024
5 Ways I Got RCE’s In the Wildhttps://medium.com/@red.whisperer/5-ways-i-got-rces-99a78901ba33?source=rss------bug_bounty-5Chuxcybersecurity, hacking, bug-bounty, technology, programming07-Dec-2024
Code Flaws and Consequences: The Bug That Exposed PIIhttps://medium.com/@CANITEY/code-flaws-and-consequences-the-bug-that-exposed-pii-3de5251e1484?source=rss------bug_bounty-5CANITEYpenetration-testing, bugbounty-writeup, pentesting, cybersecurity, bug-bounty07-Dec-2024
When One Isn’t Enough: Multiple SQL Injections Found in 1 VDPhttps://osintteam.blog/when-one-isnt-enough-multiple-sql-injections-found-in-1-vdp-f45de0b4c674?source=rss------bug_bounty-5#$ubh@nk@rhackerone, infosec, sql-injection, bug-bounty, web-security07-Dec-2024
Ransomware Breach Exposes 310K Patient Records at Anna Jaques Hospitalhttps://medium.com/@wiretor/ransomware-breach-exposes-310k-patient-records-at-anna-jaques-hospital-8548c120ad63?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, hacking, bug-bounty, business, malware07-Dec-2024
Ultralytics AI Supply Chain Breach: Cryptominer Infects Thousands!https://medium.com/@wiretor/ultralytics-ai-supply-chain-breach-cryptominer-infects-thousands-5a0d82d1c32e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmachine-learning, hacking, bug-bounty, malware, ai07-Dec-2024
New Windows Zero-Day Alert: NTLM Credentials at Risk!https://medium.com/@wiretor/new-windows-zero-day-alert-ntlm-credentials-at-risk-ad6256807d0c?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, bug-bounty-tips, windows, hacking07-Dec-2024
Police Shut Down Manson Cybercrime Market & Arrest Key Suspects!https://medium.com/@wiretor/police-shut-down-manson-cybercrime-market-arrest-key-suspects-29bdcbaae6cf?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, bus, bug-bounty, malware, manson07-Dec-2024
11 Must-Read Blogs to Understand IDORhttps://saminbinh.medium.com/11-best-blogs-to-learn-idor-7769511d5e05?source=rss------bug_bounty-5SAMIN BIN HUMAYUNinformation-technology, cybersecurity, bug-bounty, idor, idor-vulnerability07-Dec-2024
How I discovered my first CVEhttps://medium.com/@zumiyumi/how-i-discovered-my-first-cve-7b1e2987326c?source=rss------bug_bounty-5Zumi Yumibug-bounty, xss-attack, cve, code-review, cybersecurity07-Dec-2024
Hackers Aren’t Built by Tools — They Build the Toolshttps://shuvonsec.medium.com/hackers-arent-built-by-tools-they-build-the-tools-6581f38dbb34?source=rss------bug_bounty-5Shariar Shahnawaz Shuvonhacking, bug-bounty, information-security, cybersecurity, bug-bounty-tips07-Dec-2024
Why Are You Not Identifying Bugs in Website 2025https://osintteam.blog/why-are-you-not-identifying-bugs-in-website-2025-8ff218815b7d?source=rss------bug_bounty-5Tahir Ayoubhacking, cyber-security-awareness, bug-bounty-tips, bug-bounty, hackathons06-Dec-2024
How I Found 3x XSS in 6 Seconds! Without Automated Toolshttps://medium.com/@embossdotar/how-i-found-3x-xss-in-6-seconds-without-automated-tools-b0c852dea66f?source=rss------bug_bounty-5embossdotarcybersecurity-awareness, hacking, bug-bounty, cybersecurity, ethical-hacking06-Dec-2024
10 RXSS on HackerOne VDPshttps://medium.com/infosecmatrix/10-rxss-on-hackerone-vdps-5162d3ee42af?source=rss------bug_bounty-5AbhirupKonwarinfosec, cybersecurity, xss-attack, bug-bounty, pentesting06-Dec-2024
From Newbie to Pro: My Journey to a $3,000 Bug Bountyhttps://myselfakash20.medium.com/from-newbie-to-pro-my-journey-to-a-3-000-bug-bounty-61abe935e3db?source=rss------bug_bounty-5Akash Ghoshtechnology, bug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips06-Dec-2024
The Art of Pwning Okta For Profit and Funhttps://whoisshuvam.medium.com/the-art-of-pwning-okta-for-profit-and-fun-075dedbc4715?source=rss------bug_bounty-5Suvam Adhikaribug-bounty-tips, cybersecurity, info-sec-writeups, bug-bounty, hackerone06-Dec-2024
“The Hidden GPS Threat: Unstripped Metadata on Redacted.com led 5K Rubel in bounties” ️‍♂️https://infosecwriteups.com/the-hidden-gps-threat-unstripped-metadata-on-redacted-com-led-5k-rubel-in-bounties-%EF%B8%8F-%EF%B8%8F-fd044d2031b6?source=rss------bug_bounty-5JEETPALbug-bounty, bug-bounty-writeup, exif-data, cybersecurity, bugbounty-tips06-Dec-2024
10 Essential Tips for Bug Bounty Beginners: A Fun, Practical, and Slightly Cheeky Guide to Kicking…https://medium.com/@mrasg/10-essential-tips-for-bug-bounty-beginners-a-fun-practical-and-slightly-cheeky-guide-to-kicking-c7da8a9b1b31?source=rss------bug_bounty-5Ahmed Samir Ghallabhacking, cybersecurity, penetration-testing, bug-bounty, bug-bounty-tips06-Dec-2024
Atrium Health Data Breach Impacts 585,000 People: Why Healthcare Cybersecurity Needs Immediate…https://medium.com/@wiretor/atrium-health-data-breach-impacts-585-000-people-why-healthcare-cybersecurity-needs-immediate-38a479e96e39?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, bug-bounty, marketing, business, malware06-Dec-2024
️ BREAKING: U.S. Arrests Scattered Spider Suspect Behind Telecom Hacks & Phishing Scams ️https://medium.com/@wiretor/%EF%B8%8F-breaking-u-s-arrests-scattered-spider-suspect-behind-telecom-hacks-phishing-scams-%EF%B8%8F-cd44ea215b09?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, business, ransomware, malware, hacking06-Dec-2024
Now let’s set Frida For SSL Pinning Bypass.https://aman0.medium.com/now-lets-set-frida-for-ssl-pinning-bypass-9ee8ae11b7b5?source=rss------bug_bounty-5Aman Hpenetration-testing, bug-bounty, mobile-app-development, infosec, hacking06-Dec-2024
List of Top Bug Bounty Platforms for 2024https://medium.com/@hackrate/list-of-top-bug-bounty-platforms-for-2024-fc31553c2e78?source=rss------bug_bounty-5Levente Molnarpenetration-testing, cybersecurity, vulnerability, bug-bounty, ethical-hacking06-Dec-2024
Path Traversal Vulnerabilities in Web Applications: Understanding CVE-2024–9935 and How to Protect…https://chintalatarakaram.medium.com/path-traversal-vulnerabilities-in-web-applications-understanding-cve-2024-9935-and-how-to-protect-40de3cca8ac8?source=rss------bug_bounty-5Chintala Taraka Ramvulnerability, bug-bounty, python, education, web-development06-Dec-2024
How I Found 3x XSS in 6 Seconds! Without Automated Toolshttps://medium.com/meetcyber/how-i-found-3x-xss-in-6-seconds-without-automated-tools-b0c852dea66f?source=rss------bug_bounty-5embossdotarcybersecurity-awareness, hacking, bug-bounty, cybersecurity, ethical-hacking06-Dec-2024
A01: Broken Access Control and A05: Security Misconfiguration Leads to Unauthenticated Access to…https://medium.com/@enigma_/a01-broken-access-control-and-a05-security-misconfiguration-leads-to-unauthenticated-access-to-0897e3bec491?source=rss------bug_bounty-5enigmacybersecurity, bug-bounty, vulnerability, penetration-testing, ethical-hacking06-Dec-2024
How I Turned a Low-Hanging Fruit Bug Into Mass Unauthorized Deletion of Invited Membershttps://medium.com/@ahmedsamirghallab/how-i-turned-a-low-hanging-fruit-bug-into-mass-unauthorized-deletion-of-invited-members-6f195deffe11?source=rss------bug_bounty-5Ahmed Samir Ghallabbug-bounty, bug-bounty-tips, bug-bounty-writeup, hacking, penetration-testing05-Dec-2024
How To Find Sensitive Log Files Easily..https://medium.com/@josuofficial327/how-to-find-sensitive-log-files-easily-1dd14bb5f221?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuethical-hacking, vulnerability, bug-bounty-tips, bug-bounty-writeup, bug-bounty05-Dec-2024
Mission: Exploit – Advanced Bug Bounty Techniques Inspired by James Bondhttps://bitpanic.medium.com/mission-exploit-advanced-bug-bounty-techniques-inspired-by-james-bond-a891ee3d0ef9?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, bug-bounty, cybersecurity, programming, technology05-Dec-2024
How I Achieved a Full Account Takeover Through Information Disclosurehttps://medium.com/@ahmedsamirghallab/how-i-achieved-a-full-account-takeover-through-information-disclosure-16c6f697b76e?source=rss------bug_bounty-5Ahmed Samir Ghallabbug-bounty-tips, penetration-testing, bug-bounty-writeup, bug-bounty, cybersecurity05-Dec-2024
How Note-Taking and Hacktivity Analysis Led to Privilege Escalationhttps://medium.com/@ahmedsamirghallab/how-note-taking-and-hacktivity-analysis-led-to-privilege-escalation-627aaf3bbd84?source=rss------bug_bounty-5Ahmed Samir Ghallabpentesting, bug-bounty-tips, bug-bounty-writeup, security, bug-bounty05-Dec-2024
Unveiling the Unseen: A Journey from Simple Recon Using Shodan to Leaking AWS Secretshttps://medium.com/@security.tecno/unveiling-the-unseen-a-journey-from-simple-recon-using-shodan-to-leaking-aws-secrets-bc7bed1ad16f?source=rss------bug_bounty-5TECNO Securityhacking, security, writing, bug-bounty05-Dec-2024
How Note-Taking and Hacktivity Analysis Led to Privilege Escalationhttps://medium.com/@mrasg/how-note-taking-and-hacktivity-analysis-led-to-privilege-escalation-627aaf3bbd84?source=rss------bug_bounty-5Ahmed Samir Ghallabpentesting, bug-bounty-tips, bug-bounty-writeup, security, bug-bounty05-Dec-2024
How I Achieved a Full Account Takeover Through Information Disclosurehttps://medium.com/@mrasg/how-i-achieved-a-full-account-takeover-through-information-disclosure-16c6f697b76e?source=rss------bug_bounty-5Ahmed Samir Ghallabbug-bounty-tips, penetration-testing, bug-bounty-writeup, bug-bounty, cybersecurity05-Dec-2024
How I Turned a Low-Hanging Fruit Bug Into Mass Unauthorized Deletion of Invited Membershttps://medium.com/@mrasg/how-i-turned-a-low-hanging-fruit-bug-into-mass-unauthorized-deletion-of-invited-members-6f195deffe11?source=rss------bug_bounty-5Ahmed Samir Ghallabbug-bounty, bug-bounty-tips, bug-bounty-writeup, hacking, penetration-testing05-Dec-2024
How Two Hardcoded Credentials Led To Payment System Takeover, Exposed 20,000 Credit Cards & Enabled…https://medium.com/@Berserker1337/how-two-hardcoded-credentials-led-to-payment-system-takeover-exposed-20-000-credit-cards-enabled-04b0ac232786?source=rss------bug_bounty-5Berserkerbug-hunting, bug-bounty, writeup, cybersecurity, web-security05-Dec-2024
Fix “Failed to load BApp” Burp Suite Extensions!https://medium.com/@d3vilz50n/fix-failed-to-load-bapp-burp-suite-extensions-923efa10659d?source=rss------bug_bounty-5d3vilz50nhacking-tools, hacking, fix, bug-bounty, burpsuite05-Dec-2024
How I Earned My First Bug Bounty: A Beginner’s Storyhttps://medium.com/@kingstar75114/how-i-earned-my-first-bug-bounty-a-beginners-story-58e8a3023cc6?source=rss------bug_bounty-5TehanG07bugs, bug-hunting, bug-bounty-tips, bug-bounty, bug-hunter05-Dec-2024
Correct Innerstanding + Overstandinghttps://medium.com/@onelovemafia/correct-innerstanding-overstanding-8d3cfd9baa7d?source=rss------bug_bounty-5OneLoveMafiadeep-learning, mysticism, bug-bounty, game-development, zen05-Dec-2024
Earn $10,000 XSS in Android Apps Scratch to Advance.https://medium.com/@anandrishav2228/earn-10-000-xss-in-android-apps-scratch-to-advance-cb3aa6c2b98f?source=rss------bug_bounty-5Rishav anandhacking, bug-bounty, cybersecurity, xss-attack, money05-Dec-2024
AZEx Testnet Campaign is LIVEhttps://medium.com/@AZEX.io/azex-testnet-campaign-is-live-ac553c18af8a?source=rss------bug_bounty-5AZEXberachain, bug-bounty, testnet, dois, azex05-Dec-2024
How I Exploited Passkey to Gain Unauthorized Access and TakeOver Invited Accountshttps://medium.com/@mrasg/how-i-exploited-passkey-to-gain-unauthorized-access-and-takeover-invited-accounts-b8b4547ffe70?source=rss------bug_bounty-5Ahmed Samir Ghallabpenetration-testing, pentesting, bug-bounty-tips, bug-bounty-writeup, bug-bounty05-Dec-2024
How I Broke Into My Dev Friend’s Website in Less Than 24 Hourhttps://infosecwriteups.com/how-i-broke-into-my-dev-friends-website-in-less-than-24-hour-6fdb31ad65a1?source=rss------bug_bounty-5sM0ky4hacking, bug-bounty, cyberattack, cybersecurity, bug-bounty-writeup05-Dec-2024
The Story of How I Hacked an International University in Indonesiahttps://infosecwriteups.com/the-story-of-how-i-hacked-an-international-university-in-indonesia-ec819a8c8fc0?source=rss------bug_bounty-5JCbug-bounty-tips, infosec, cybersecurity, bug-bounty-writeup, bug-bounty05-Dec-2024
Penetration Testing on Steroids: Revolutionizing Ethical Hacking with Hackrate and HackGATEhttps://medium.com/@hackrate/penetration-testing-on-steroids-revolutionizing-ethical-hacking-with-hackrate-and-hackgate-7edaf7244075?source=rss------bug_bounty-5Levente Molnarcybersecurity, penetration-testing, ethical-hacking, cybersecurity-news, bug-bounty05-Dec-2024
Practical Bug Bounty — TCM Academy | Report writing, Bypass, Best Programs.https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-report-writing-bypass-best-programs-710516804f53?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamipenetration-testing, cybersecurity, ethical-hacking, web-penetration-testing, bug-bounty05-Dec-2024
Chinese Hackers Salt Typhoon Breach Global Telecom Networkshttps://medium.com/@wiretor/chinese-hackers-salt-typhoon-breach-global-telecom-networks-00b40e0ce07e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicestelecom, bug-bounty, business, hacking, networking05-Dec-2024
New DroidBot Malware Targets 77 Banking & Crypto Apps!https://medium.com/@wiretor/new-droidbot-malware-targets-77-banking-crypto-apps-1b5105a66625?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbots, hacking, bug-bounty, business, malware05-Dec-2024
UK Cracks Down on Russian Money Laundering Networkshttps://medium.com/@wiretor/uk-cracks-down-on-russian-money-laundering-networks-4dfae89f9000?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, uk, business, malware, bug-bounty05-Dec-2024
⚠️ Critical Zero-Day Uncovered: Mitel MiCollab Wide Open to Attackers! ⚠️https://medium.com/@wiretor/%EF%B8%8F-critical-zero-day-uncovered-mitel-micollab-wide-open-to-attackers-%EF%B8%8F-cdc36da3552e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, zero-day, business, programming05-Dec-2024
Bug Huntinghttps://medium.com/meetcyber/bug-hunting-ff366260d8df?source=rss------bug_bounty-5Nazrul Islam Ranabug-hunting, platform, hacker, xx, bug-bounty05-Dec-2024
From Frustration to Exploitation: How a Link Shortener Helped Me Bypass WAFhttps://imooaaz.medium.com/from-frustration-to-exploitation-how-a-link-shortener-helped-me-bypass-waf-03724dca1592?source=rss------bug_bounty-5Moaaz Afifibug-bounty, bugs, bug-bounty-tips, bug-bounty-writeup, cybersecurity05-Dec-2024
How I Climbed to #1 Hackerhttps://medium.com/@CipherHawk/how-i-climbed-to-1-hacker-ffb52e2799c3?source=rss------bug_bounty-5CipherHawknetworking, bug-bounty-tips, cybersecurity, hacking, bug-bounty04-Dec-2024
Modern Security Vulnerabilities: Lessons from Recent Breacheshttps://medium.com/@SakshifromKushoAI/modern-security-vulnerabilities-lessons-from-recent-breaches-b925a6928bbf?source=rss------bug_bounty-5Sakshi from KushoAIsecure-coding, cybersecurity, bug-bounty, app-security, data-breach04-Dec-2024
Path Traversal, bypass file extension validation with null byteshttps://medium.com/@sulthanyluthfi/path-traversal-bypass-file-extension-validation-with-null-bytes-0cedc4fb53f5?source=rss------bug_bounty-5Luthfi Sulthanycybersecurity, bug-bounty, burpsuite, penetration-testing, path-traversal04-Dec-2024
Firebase URL Exploitation: Taking Over Android Databases Like a Pro!https://infosecwriteups.com/firebase-url-exploitation-taking-over-android-databases-like-a-pro-79a00844496d?source=rss------bug_bounty-5JEETPALbug-bounty, android, cybersecurirty, bug-bounty-tips, bugbountywriteup04-Dec-2024
How to Bypass Firewalls and IDS on Filtered Ports: The Ultimate Step-by-Step Guide to Advanced…https://medium.com/@shaikhminhaz1975/how-to-bypass-firewalls-and-ids-on-filtered-ports-the-ultimate-step-by-step-guide-to-advanced-9cb238d66450?source=rss------bug_bounty-5Shaikh Minhazfirewall, step-by-step-guide, cybersecurity, bug-bounty, penetration-testing04-Dec-2024
Critical RCE Vulnerability in Veeam Service Provider Console — Update Now! ️https://medium.com/@wiretor/critical-rce-vulnerability-in-veeam-service-provider-console-update-now-%EF%B8%8F-1e147e98458b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, hacking, rce, business04-Dec-2024
Critical RCE Flaw Discovered in WhatsUp Gold (CVE-2024–8785) — Update Immediately! ️https://medium.com/@wiretor/critical-rce-flaw-discovered-in-whatsup-gold-cve-2024-8785-update-immediately-%EF%B8%8F-8b6e69c183ab?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, bug-bounty, ransomware, malware, rce04-Dec-2024
Backdoor Discovered in Solana’s Web3.js npm Library: Crypto Wallets at Riskhttps://medium.com/@wiretor/backdoor-discovered-in-solanas-web3-js-npm-library-crypto-wallets-at-risk-605bcb02a292?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, solana-network, business, malware, bug-bounty04-Dec-2024
CORS Implementation & Various Headers, CORS series (Part 2)https://medium.com/@vipulparveenjain/cors-implementation-various-headers-cors-series-part-2-895a04ef481d?source=rss------bug_bounty-5Vipul Jainbug-bounty, cors-vulnerability, cross-origin-resource, web-security, hacking04-Dec-2024
Bug Bounty Methodology Checklist for Web Applications (B2B Apps)https://thexssrat.medium.com/bug-bounty-methodology-checklist-for-web-applications-b2b-apps-b876a20236d0?source=rss------bug_bounty-5Thexssratbug-bounty-tips, hacker, bug-bounty, hacks, hacking04-Dec-2024
My Experience at the 2024 FIRST & AfricaCERT Symposium: A CyberGirl’s Perspective- Part Finalhttps://medium.com/@.rai/my-experience-at-the-2024-first-africacert-symposium-a-cybergirls-perspective-part-final-b190349785b4?source=rss------bug_bounty-5Gamuchiraiforensics, osint, bug-bounty, open-source, digital-marketing04-Dec-2024
SQL injection UNION attack, finding a column containing texthttps://medium.com/@Laxious8848/sql-injection-union-attack-finding-a-column-containing-text-10a0e36cc062?source=rss------bug_bounty-5Laxioussql-injection, web-penetration-testing, union-based-sql-injection, bug-bounty, web-pen-testing04-Dec-2024
Why Penetration Testing as a Service (PTaaS) Outperforms Traditional Pentest Providershttps://medium.com/@hackrate/why-penetration-testing-as-a-service-ptaas-outperforms-traditional-pentest-providers-7b1e6b0a6d0a?source=rss------bug_bounty-5Levente Molnarcybersecurity, ethical-hacking, bug-bounty, penetration-testing03-Dec-2024
Bug Bounty Tips Series: 10 Ways To Find HTTP Host Header Injection Vulnerabilityhttps://medium.com/@alishoaib5929/bug-bounty-tips-series-10-ways-to-find-http-host-header-injection-vulnerability-1ad56c9dddd2?source=rss------bug_bounty-5Shoaib Aliweb-hacking, bug-bounty, bug-bounty-writeup, bug-bounty-tips, web-security03-Dec-2024
The Art of Blind Command Injection: Unlocking Internal Secretshttps://medium.com/@yogeshbhandage/the-art-of-blind-command-injection-unlocking-internal-secrets-917daa755463?source=rss------bug_bounty-5Yogesh Bhandagebug-bounty, bug-bounty-tips, hacking, penetration-testing, command-injection03-Dec-2024
20 Bug Bounty CrowdSourced Platformshttps://systemweakness.com/20-bug-bounty-crowdsourced-platforms-a4c486c85671?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, pentesting, infosec, ethical-hacking, bug-bounty03-Dec-2024
Practical Bug Bounty — TCM Academy | Other Common Vulnerabilitieshttps://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-other-common-vulnerabilities-433dc6b1b3bc?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamipenetration-testing, ethical-hacking, bug-bounty, cybersecurity, tcm-academy03-Dec-2024
Story Of 15 Vulnerabilities in one public BBP !https://medium.com/@Ahmex000/story-of-15-vulnerabilities-in-one-buplic-bbp-561e68213991?source=rss------bug_bounty-5Ahmex000bug-bounty-hunter, bug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips03-Dec-2024
Critical Bug: Deny Sign-In & Steal Sensitive Info on Behalf of Victimshttps://infosecwriteups.com/critical-bug-deny-sign-in-steal-sensitive-info-on-behalf-of-victims-cad4ced9227d?source=rss------bug_bounty-5JEETPALcybersecurity, bugbounty-tips, auth-bypass, bug-bounty, bug-bounty-writeup03-Dec-2024
Ensuring Comprehensive Ethical Hacking with Penetration Testing as a Servicehttps://medium.com/@hackrate/ensuring-comprehensive-ethical-hacking-with-penetration-testing-as-a-service-9b67734f46cd?source=rss------bug_bounty-5Levente Molnarethical-hacking, penetration-testing, bug-bounty, cybersecurity03-Dec-2024
Tricky & Simple EXIF protection Bypasshttps://saurabhsanmane.medium.com/tricky-simple-exif-protection-bypass-5d0babd908f3?source=rss------bug_bounty-5Saurabh sanmanebug-bounty, information-disclosure, vulnerability, ethical-hacking, cybersecurity03-Dec-2024
Exploring Lightning Bounties: The Intersection of Open-Source and Bitcoinhttps://medium.com/@mabramo11/exploring-lightning-bounties-the-intersection-of-open-source-and-bitcoin-8555c6403310?source=rss------bug_bounty-5Mike Abramobug-bounty, lightning-bounties, open-source, bitcoin, lightning-network03-Dec-2024
Cisco Warns of Attacks Exploiting Decade-Old ASA Vulnerabilityhttps://medium.com/@wiretor/cisco-warns-of-attacks-exploiting-decade-old-asa-vulnerability-11462bd60f7b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesprogramming, business, hacking, bug-bounty, cisco03-Dec-2024
Energy Sector Contractor ENGlobal Targeted in Ransomware Attackhttps://medium.com/@wiretor/energy-sector-contractor-englobal-targeted-in-ransomware-attack-a56112b119d3?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, energy, business, bug-bounty, malware03-Dec-2024
Docker/Kubernetes (K8s)Penetration Testing Checklisthttps://infosecwriteups.com/docker-kubernetes-k8s-penetration-testing-checklist-4d0a13c38495?source=rss------bug_bounty-5Ajay Naikpenetration-testing, bug-bounty, docker, kubernetes, cybersecurity03-Dec-2024
How to Create an Android Payload in Just 1 Minute | Ethical Hackinghttps://bjamali.medium.com/how-to-create-an-android-payload-in-just-1-minute-ethical-hacking-bc109b368909?source=rss------bug_bounty-5Babar Ali Jamalipenetration-testing, ethical-hacking, android, bug-bounty, cybersecurity03-Dec-2024
Crack the Code: Earn Up to $500K in InceptionLRT’s Bug Bounty Programhttps://medium.com/@InceptionLRT/crack-the-code-earn-up-to-500k-in-inceptionlrts-bug-bounty-program-3b5d2feb6ed6?source=rss------bug_bounty-5InceptionLRTcrypto, restaking, bug-bounty, defi, ethereum03-Dec-2024
What is Cybersecurityhttps://twanstcodes.medium.com/what-is-cybersecurity-52e71fe7dfa2?source=rss------bug_bounty-5Twana Muhammedit, programming, cybersecurity, bug-bounty03-Dec-2024
Mastering Bug Bounty Hunting with White Rabbit Neo AIhttps://medium.com/@curiouskhanna/mastering-bug-bounty-hunting-with-white-rabbit-neo-ai-452a3bc3adce?source=rss------bug_bounty-5Shubham Khannahackerone, bug-bounty, ai, security-researchers03-Dec-2024
Python — Program Security Headershttps://medium.com/@ibnu.rusdianto55/python-program-security-headers-966786261d5f?source=rss------bug_bounty-5Ibnu Rusdiantopython, bug-bounty, security-header, indonesia, keamanan-siber03-Dec-2024
How I got access to Credentials easilyhttps://medium.com/infosecmatrix/how-i-got-access-to-credentials-easily-00ced4ba15bd?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, cybersecurity, ethical-hacking, google-dork, pentest02-Dec-2024
How to Master Advanced Threat Huntinghttps://medium.com/@paritoshblogs/how-to-master-advanced-threat-hunting-bcfb9d1e159c?source=rss------bug_bounty-5Paritoshcybersecurity, threat-hunting, hacking, ai, bug-bounty02-Dec-2024
CTFLearn Series| Challenge 96 : Forensics 101 — Walkthroughhttps://medium.com/@rishikeshkhot26/ctflearn-series-challenge-96-forensics-101-walkthrough-13100d9f45fb?source=rss------bug_bounty-5Rishikesh_Khothacking, forensics, bug-bounty, capture-the-flag, cybersecurity02-Dec-2024
Some Easiest P4 Bugshttps://icecream23.medium.com/some-easiest-p4-bugs-561cd710a7e1?source=rss------bug_bounty-5Aman Bhuiyanethical-hacking, bugbounty-tips, bug-bounty, p4-bugs, bug-hunter02-Dec-2024
All UPI IDs in India have Predictable Patterns that allow the disclosure of mail IDs!https://infosecwriteups.com/all-upi-ids-in-india-have-predictable-patterns-that-allow-the-disclosure-of-mail-ids-eede37a35758?source=rss------bug_bounty-5JEETPALupi, cybersecurity, bugbounty-tips, bug-bounty, bug-bounty-writeup02-Dec-2024
Command Injection: Mastering Exploitation Techniques with a Comprehensive Cheatsheethttps://medium.com/@verylazytech/command-injection-mastering-exploitation-techniques-with-a-comprehensive-cheatsheet-6f549fee46b8?source=rss------bug_bounty-5Very Lazy Techethical-hacking, command-injection, cybersecurity, bug-bounty, oscp02-Dec-2024
$3 Billion Crypto Exchange XT Allegedly Hackedhttps://medium.com/@wiretor/3-billion-crypto-exchange-xt-allegedly-hacked-c560c9572168?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicescrypto, xt, malware, bug-bounty, ransomeware02-Dec-2024
Hackers Steal $17 Million from Uganda’s Central Bankhttps://medium.com/@wiretor/hackers-steal-17-million-from-ugandas-central-bank-533dcbabbeff?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacked, ransomeware, bug-bounty, bank-hacked, malware02-Dec-2024
Small Bugs, Big Bounties: A Hacker’s Guide to Quick Winshttps://myselfakash20.medium.com/small-bugs-big-bounties-a-hackers-guide-to-quick-wins-46a75dbc3573?source=rss------bug_bounty-5Akash Ghoshprogramming, technology, bug-bounty, bug-bounty-tips, cybersecurity02-Dec-2024
Critical Vulnerability Discovered in Zabbix Network Monitoring Toolhttps://medium.com/@wiretor/critical-vulnerability-discovered-in-zabbix-network-monitoring-tool-df358293a1a9?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomeware, malware, bug-bounty, zabbix, hacking02-Dec-2024
From File Upload To LFI: A Journey To Exploitationhttps://medium.com/@red.whisperer/from-file-upload-to-lfi-a-journey-to-exploitation-02ab5e1a7d0a?source=rss------bug_bounty-5Chuxbug-bounty, cybersecurity, hacking, ethical-hacking, infosec02-Dec-2024
Small Bugs, Big Bounties: A Hacker’s Guide to Quick Winshttps://infosecwriteups.com/small-bugs-big-bounties-a-hackers-guide-to-quick-wins-46a75dbc3573?source=rss------bug_bounty-5Akash Ghoshprogramming, hacking, technology, bug-bounty, cybersecurity02-Dec-2024
Unpacking an IDOR-Based Exploit in International Shipping (70 Million+ PII Data Breach)https://medium.com/@susapr/unpacking-an-idor-based-exploit-in-international-shipping-70-million-pii-data-breach-8c29cf33347d?source=rss------bug_bounty-5susaprbug-bounty-writeup, cybersecurity, data-breach, information-technology, bug-bounty02-Dec-2024
How I got my first Hall of Fame - Bug Bountyhttps://medium.com/@pranavrp77/how-i-got-my-first-hall-of-fame-bug-bounty-d296637e37dd?source=rss------bug_bounty-5Pranav Patilbug-bounty, hacking, bug-bounty-writeup, bug-bounty-tips, cybersecurity02-Dec-2024
Command Injection: Mastering Exploitation Techniques with a Comprehensive Cheatsheethttps://systemweakness.com/command-injection-mastering-exploitation-techniques-with-a-comprehensive-cheatsheet-6f549fee46b8?source=rss------bug_bounty-5Very Lazy Techethical-hacking, command-injection, cybersecurity, bug-bounty, oscp02-Dec-2024
Understanding the Scope: Navigating Website Pentesting and Bug Bounty Targetshttps://medium.com/@zero_4583/understanding-the-scope-navigating-website-pentesting-and-bug-bounty-targets-a6ab701df932?source=rss------bug_bounty-5Nathan Vincentappsec, bug-bounty, pentesting, scopes01-Dec-2024
Critical Account Takeover (MFA + Auth Bypass) due to Cookie Misconfigurationhttps://medium.com/@sharp488/critical-account-takeover-mfa-auth-bypass-due-to-cookie-misconfiguration-3ca7d1672f9d?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbug-bounty, hackerone, information-security, bug-bounty-writeup, bug-bounty-tips01-Dec-2024
Week 4: A Drive to Recharge and Reconnecthttps://mokhansec.medium.com/week-4-a-drive-to-recharge-and-reconnect-4d0f8b7258d0?source=rss------bug_bounty-5Mohsin khanbug-bounty-writeup, bug-bounty-tips, bugs, cybersecurity, bug-bounty01-Dec-2024
From Minor Bug to Major DoS: My Journey with Web Cache Poisoninghttps://crunkcode.medium.com/from-minor-bug-to-major-dos-my-journey-with-web-cache-poisoning-4b721e5358f4?source=rss------bug_bounty-5Ayushkrweb-exploitation, web-cache-poisoning, bug-bounty, pentesting01-Dec-2024
Exploiting Facebook Ads: $2100 Bug Bounty for Role Management DoShttps://infosecwriteups.com/exploiting-facebook-ads-2100-bug-bounty-for-role-management-dos-afe09c1ecbb0?source=rss------bug_bounty-5Kiril Krivoguzfacebook, cybersecurity, hacking, information-security, bug-bounty01-Dec-2024
Smart Contract Funds Lost Due to Missing Address Validation: $80M in Danger!https://medium.com/@jeetpal2007/smart-contract-funds-lost-due-to-missing-address-validation-80m-in-danger-a4ec7d823a3f?source=rss------bug_bounty-5JEETPALsmartcontract-audit, cybsersecurity, zeroaddress, web3, bug-bounty01-Dec-2024
How I Discovered an API Security Issue: My First Bug Bounty Bloghttps://hackersatty.medium.com/how-i-discovered-an-api-security-issue-my-first-bug-bounty-blog-7deec48453ff?source=rss------bug_bounty-5hackersattybug-bounty, hackersatty, bug-bounty-writeup, swagger-ui, api-security01-Dec-2024
Hack IOT devices to earn $100–$200 in an hour.https://medium.com/@anandrishav2228/hack-iot-devices-to-earn-100-200-in-an-hour-f211a54e87f3?source=rss------bug_bounty-5Rishav anandcybersecurity, penetration-testing, money, bug-bounty, iot01-Dec-2024
Ketika Validasi MIME Type Tak Cukup: Perbaikan Aman untuk Upload Filehttps://medium.com/@ferizco/ketika-validasi-mime-type-tak-cukup-perbaikan-aman-untuk-upload-file-4df4ac6ec0ff?source=rss------bug_bounty-5Ferizcobug-bounty, security, cybersecurity, web-development, php01-Dec-2024
Firmware Penetration Testing Checklisthttps://infosecwriteups.com/firmware-penetration-testing-checklist-9d5e70388371?source=rss------bug_bounty-5Ajay Naikpenetration-testing, security, information-technology, bug-bounty, cybersecurity01-Dec-2024
Basics of SQL Injectionhttps://medium.com/@mayank_prajapati/basics-of-sql-injection-88ab0e57588b?source=rss------bug_bounty-5Mayank Kumar Prajapatipenetration-testing, vulnerability, hacking, bug-bounty-tips, bug-bounty01-Dec-2024
Why I Failed This November: A Clown’s Reflection on Failurehttps://jackhavoltrey.medium.com/why-i-failed-this-november-a-clowns-reflection-on-failure-3223fec4451e?source=rss------bug_bounty-5Jack Havoltreybug-bounty-tips, bug-bounty01-Dec-2024
Execution of a clickjacking attack on Gemini (Google’s AI-powered assistant) - which I recently…https://systemweakness.com/execution-of-a-clickjacking-attack-on-gemini-googles-ai-powered-assistant-which-i-recently-45e60a98316a?source=rss------bug_bounty-5NIKHIL KUMAR GANDLApenetration-testing, cybersecurity, bug-bounty, application-security, information-security01-Dec-2024
From Minor Bug to Major DoS: My Journey with Web Cache Poisoninghttps://ayushkr12.medium.com/from-minor-bug-to-major-dos-my-journey-with-web-cache-poisoning-4b721e5358f4?source=rss------bug_bounty-5Ayushkrweb-exploitation, web-cache-poisoning, bug-bounty, pentesting01-Dec-2024
Russia Arrests Cybercriminal Wazawaka Tied to Ransomware Gangshttps://medium.com/@wiretor/russia-arrests-cybercriminal-wazawaka-tied-to-ransomware-gangs-9354c557f1d5?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, hacking, wazawaka, malware, bug-bounty01-Dec-2024
SpyLoan Android Malware Installed Over 8 Million Times on Google Play!https://medium.com/@wiretor/spyloan-android-malware-installed-over-8-million-times-on-google-play-d0331b3c762e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, hacking, ransomeware, bug-bounty, spyloan01-Dec-2024
picoCTF Web Exploitation: Unminifyhttps://medium.com/@Kamal_S/picoctf-web-exploitation-unminify-6dd45341b7f5?source=rss------bug_bounty-5Kamal Sowasp, unminify, ctf, bug-bounty, picoctf01-Dec-2024
Exploring Alternatives to Cobalt: Why Hackrate Stands Outhttps://medium.com/@hackrate/exploring-alternatives-to-cobalt-why-hackrate-stands-out-67473c1e74e6?source=rss------bug_bounty-5Levente Molnarcybersecurity, bug-bounty, ethical-hacking, penetration-testing01-Dec-2024
Web Shell Upload via Extension Blacklist Bypass — File Upload Vulnerabilityhttps://medium.com/@rcxsecurity/web-shell-upload-via-extension-blacklist-bypass-file-upload-vulnerability-f98ee877aff1?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafécybersecurity, hacking, information-security, bug-bounty, pentesting01-Dec-2024
The Ultimate Guide to Top Pentest-as-a-Service Providers in 2024https://medium.com/@hackrate/the-ultimate-guide-to-top-pentest-as-a-service-providers-in-2024-f03b0408b0a5?source=rss------bug_bounty-5Levente Molnarethical-hacking, cybersecurity, penetration-testing, bug-bounty, hacking01-Dec-2024
SQL injection UNION attack, determining the number of columns returned by the queryhttps://medium.com/@Laxious8848/sql-injection-union-attack-determining-the-number-of-columns-returned-by-the-query-4792d89ad93f?source=rss------bug_bounty-5Laxioussql-injection, web-pen-testing, web-penetration-testing, bug-bounty, union-based-sql-injection01-Dec-2024
Out of Scope, Out of Mind? Thehttps://medium.com/@talatumsolutions/out-of-scope-out-of-mind-the-0e5f558c43ba?source=rss------bug_bounty-5Talatum-solutionstalatum, hacking, cyber-security-solutions, pentesting, bug-bounty30-Nov-2024
Turn Cybersecurity Tricks Into Cash: Here’s How You Can Start Todayhttps://medium.com/@divyesh.jagad/turn-cybersecurity-tricks-into-cash-heres-how-you-can-start-today-9ccfff1ee0f4?source=rss------bug_bounty-5Divyesh Jagadtrending, bug-bounty, freelancing, infosec, remote-working30-Nov-2024
Privilege Escalation via Role Persistence Vulnerabilityhttps://medium.com/@aalgohary950/privilege-escalation-via-role-persistence-vulnerability-0c22a002d6ff?source=rss------bug_bounty-5C1pher_1hacking, penetration-testing, bug-bounty, access-control, privilege-escalation30-Nov-2024
Discovery of Xss / Html Injection by analyzing target source codehttps://medium.com/@gheeX/discovery-of-xss-html-injection-by-analyzing-target-source-code-0bc7a96c3ca4?source=rss------bug_bounty-5Ghee1337vulnerability, bug-bounty-writeup, bug-bounty-tips, xss-attack, bug-bounty30-Nov-2024
Delete Account Functionality Helped Me Earn $250https://vijetareigns.medium.com/delete-account-functionality-helped-me-earn-250-21baa23c4034?source=rss------bug_bounty-5the_unlucky_guybug-bounty-tips, bug-bounty, bug-bounty-writeup, application-security, cybersecurity30-Nov-2024
Marianas Web — The Danger Part of the Internet!https://medium.com/@TahirAyoub/marianas-web-the-danger-part-of-the-internet-be69e3118e3d?source=rss------bug_bounty-5Tahir Ayoubcybersecurity, darkweb, bug-bounty, deep-web, hacking30-Nov-2024
A massive security breach at Andrew Tate’s platform The Real World has exposed the personal…https://medium.com/@wiretor/a-massive-security-breach-at-andrew-tates-platform-the-real-world-has-exposed-the-personal-576892ffca1c?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, malware, expose, andrew-tate30-Nov-2024
5 Side Hustles For Ethical Hackershttps://medium.com/@red.whisperer/5-side-hustles-for-ethical-hackers-8f3e0ca983ed?source=rss------bug_bounty-5Chuxethical-hacking, cybersecurity, hacking, bug-bounty, side-hustle30-Nov-2024
The Ultimate Guide to Top Ethical Hacking Platforms in 2024https://medium.com/@hackrate/the-ultimate-guide-to-top-ethical-hacking-platforms-in-2024-adcfc808caea?source=rss------bug_bounty-5Hackratebug-bounty, cybersecurity, ethical-hacking, penetration-testing30-Nov-2024
⚠️ Microsoft Hacking Warning 450 Million Windows Users Must Now Act! ️https://medium.com/@wiretor/%EF%B8%8F-microsoft-hacking-warning-450-million-windows-users-must-now-act-%EF%B8%8F-a7be6255a338?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, windows, ransomeware, breached, bug-bounty30-Nov-2024
Russian Script Kiddie Builds Massive DDoS Botnethttps://medium.com/@wiretor/russian-script-kiddie-builds-massive-ddos-botnet-bac1b6c57e9f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, programming, hacking, russian30-Nov-2024
P4 bug’s and their POC steps | Part 8https://osintteam.blog/p4-bugs-and-their-poc-steps-part-8-910ee6ba5710?source=rss------bug_bounty-5socalledhackercybersecurity, infosec, bug-bounty, hacking, bug-bounty-tips30-Nov-2024
X(twitter) & my first real bughttps://medium.com/@elkhawaga1900/x-twitter-my-first-real-bug-7c7d26bef48f?source=rss------bug_bounty-5sponge2003bug-bounty, duplicate30-Nov-2024
The Ultimate Guide to Top Ethical Hacking Platforms in 2024https://medium.com/@hackrate/the-ultimate-guide-to-top-ethical-hacking-platforms-in-2024-adcfc808caea?source=rss------bug_bounty-5Levente Molnarbug-bounty, cybersecurity, ethical-hacking, penetration-testing30-Nov-2024
The Ultimate Guide to Top Bug Bounty Platforms in 2024https://medium.com/@hackrate/the-ultimate-guide-to-top-bug-bounty-platforms-in-2024-08f53b117063?source=rss------bug_bounty-5Hackrateethical-hacking, cybersecurity, penetration-testing, bug-bounty29-Nov-2024
The Ultimate Guide to Top Bug Bounty Platforms in 2024: Why Hackrate Stands Outhttps://medium.com/@hackrate/the-ultimate-guide-to-top-bug-bounty-platforms-in-2024-why-hackrate-stands-out-d402c86c407b?source=rss------bug_bounty-5Hackratepenetration-testing, bug-bounty, ethical-hacking, cybersecurity29-Nov-2024
Exploring Alternatives to HackerOne: Why Hackrate Stands Outhttps://medium.com/@hackrate/exploring-alternatives-to-hackerone-why-hackrate-stands-out-894092aec0aa?source=rss------bug_bounty-5Hackrateethical-hacking, penetration-testing, cybersecurity, bug-bounty, hacking29-Nov-2024
How To Become Up-To-Date Hacker? 8 Gold Points To Stay Informed During Lifetime-Hacking Storyhttps://osintteam.blog/how-to-become-up-to-date-hacker-8-gold-points-to-stay-informed-during-lifetime-hacking-story-2e95f33c5d6f?source=rss------bug_bounty-5NnFacebug-bounty, cybersecurity, kali-linux, hacking, technology29-Nov-2024
Advanced Google Dorking | Part7https://systemweakness.com/advanced-google-dorking-part7-a8df43d00743?source=rss------bug_bounty-5AbhirupKonwarinfosec, pentesting, ethical-hacking, cybersecurity, bug-bounty29-Nov-2024
Email Verification Bypass Vulnerability: A Critical Flaw Exploitedhttps://medium.com/@muralidharan1530/email-verification-bypass-vulnerability-a-critical-flaw-exploited-1d7a316b2514?source=rss------bug_bounty-5Murali Dharanbounties, bug-bounty-writeup, bug-bounty, bugs, bug-bounty-tips29-Nov-2024
POC — CVE-2024–21534 Jsonpath-plus vulnerable to Remote Code Execution (RCE) due to improper input…https://medium.com/@verylazytech/poc-cve-2024-21534-jsonpath-plus-vulnerable-to-remote-code-execution-rce-due-to-improper-input-a466ae69aa92?source=rss------bug_bounty-5Very Lazy Techcybersecurity, cve, exploit, cve-2024-21534, bug-bounty29-Nov-2024
hackthebox-Administrator-walkthroughhttps://medium.com/@ryuzakiryuga31/hackthebox-administrator-walkthrough-217d01374d00?source=rss------bug_bounty-5R09shbug-bounty, hackthebox, network-security, network-penetration-test, system-administration29-Nov-2024
Google Dorking Made Simpler with GFUhttps://medium.com/@sheryx00/google-dorking-made-simpler-with-gfu-20c67c5c8fc4?source=rss------bug_bounty-5Sheryx00google-dork, open-source, bug-bounty, pentesting, bug-bounty-tips29-Nov-2024
Authentication Bypass Vulnerability 🙂https://aman0.medium.com/authentication-bypass-vulnerability-a7b8fff3361f?source=rss------bug_bounty-5Aman Hauthentication-bypass, vulnerability, penetration-testing, bug-bounty-tips, bug-bounty29-Nov-2024
Exploring Alternatives to Bugcrowd: Why Hackrate Stands Outhttps://medium.com/@hackrate/exploring-alternatives-to-bugcrowd-why-hackrate-stands-out-8d54235f62d1?source=rss------bug_bounty-5Hackratebug-bounty, cybersecurity, penetration-testing, ethical-hacking29-Nov-2024
The Ultimate Bug Bounty Roadmap Zero to Prohttps://medium.com/@adinesh02/the-ultimate-bug-bounty-roadmap-zero-to-pro-56440ac4cef2?source=rss------bug_bounty-5DINESH Atechnology, tech, bug-bounty, hacking, cybersecurity29-Nov-2024
Phishing-as-a-Service (PhaaS): “Rockstar 2FA” Targets Microsoft 365 with AiTM Attackshttps://medium.com/@wiretor/phishing-as-a-service-phaas-rockstar-2fa-targets-microsoft-365-with-aitm-attacks-572617422ea5?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, xs, phaa, american-dream, hacking29-Nov-2024
Critical Flaw in ProjectSend Under Active Exploitation — Protect Your Servers!https://medium.com/@wiretor/critical-flaw-in-projectsend-under-active-exploitation-protect-your-servers-c0903ab96a68?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesxs, malware, bug-bounty, hacking, pentest29-Nov-2024
Unmasking Open Redirect Vulnerabilities: A Real-World Discoveryhttps://medium.com/@360Security/unmasking-open-redirect-vulnerabilities-a-real-world-discovery-348081e5d03e?source=rss------bug_bounty-5Anand Patelpenetration-testing, vapt, bug-bounty, web-security, cybersecurity29-Nov-2024
Hacking AI — Understanding LLM Attacks and Prompt Injectionshttps://medium.com/@anmol.sh/hacking-ai-understanding-llm-attacks-and-prompt-injections-9354f26a8353?source=rss------bug_bounty-5Anmol Shahai, hacking, penetration-testing, artificial-intelligence, bug-bounty29-Nov-2024
Website’s for fake mobile numbers and sms services.https://osintteam.blog/websites-for-fake-mobile-numbers-and-sms-services-9057442ef82b?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, bug-bounty-tips, tips, hacking28-Nov-2024
30 Best Hacking Promptshttps://medium.com/@TahirAyoub/30-best-hacking-prompts-0c10ee61edf4?source=rss------bug_bounty-5Tahir Ayoubbug-bounty, hacking, chatgpt, cybersecurity, ai28-Nov-2024
The More Confident You Are About Your Testing, The Bigger the Bug You Missedhttps://manishsaini74.medium.com/the-more-confident-you-are-about-your-testing-the-bigger-the-bug-you-missed-189fe169c005?source=rss------bug_bounty-5Manish Sainibug-bounty, test-automation, software-engineering, software-testing, quality-assurance28-Nov-2024
8 Shocking Ways to Protect Your Identity Onlinehttps://medium.com/@paritoshblogs/8-shocking-ways-to-protect-your-identity-online-fe13ad3b92e1?source=rss------bug_bounty-5Paritoshai, identity, hacking, cybersecurity, bug-bounty28-Nov-2024
Finding Low-Hanging Bugs: A Practical Guide with Commandshttps://medium.com/@ayansheikh45689/finding-low-hanging-bugs-a-practical-guide-with-commands-d6fb9159857d?source=rss------bug_bounty-5Ayanpenetration-testing, bug-finding, bug-bounty, ethical-hacking, cybersecurity28-Nov-2024
Finding more subdomains.(part 2)https://infosecwriteups.com/finding-more-subdomains-part-2-1850ead4dd92?source=rss------bug_bounty-5loyalonlytodaybug-bounty, penetration-testing, reconnaissance, cybersecurity, hacking28-Nov-2024
JWTs: A Comedy of Errors and Exploitshttps://jackhavoltrey.medium.com/jwts-a-comedy-of-errors-and-exploits-81d1fb25d24d?source=rss------bug_bounty-5Jack Havoltreybug-bounty, authentication, bug-bounty-tips, jwt, web-development28-Nov-2024
Bug Bounty Chronicles: Exploiting the PUT Method for Remote Code Execution (RCE)https://medium.com/@pawarpushpak36/bug-bounty-chronicles-exploiting-the-put-method-for-remote-code-execution-rce-c2782bea61da?source=rss------bug_bounty-5Pawarpushpakbug-zero, remote-code-execution, bug-bounty-tips, bug-bounty, infosec28-Nov-2024
The Art of Account Take Over #1: Chaining XSS and non-HttpOnly Session Cookiehttps://xdead4f.medium.com/the-art-of-account-take-over-1-chaining-xss-and-non-httponly-session-cookie-8e474bc83e5c?source=rss------bug_bounty-50xdead4fxs, penetration-testing, bug-bounty, cybersecurity28-Nov-2024
How to find Access control vulnerabilities useful Tips PART (1)☢https://medium.com/@mahmodziad40/how-to-find-access-control-vulnerabilities-useful-tips-part-1-56ca1a9c60ce?source=rss------bug_bounty-5httpzuzportswigger, penetration-testing, access-control, bug-bounty-tips, bug-bounty28-Nov-2024
UK Hospital Network Hit by Cyberattack, Procedures Postponedhttps://medium.com/@wiretor/uk-hospital-network-hit-by-cyberattack-procedures-postponed-3b9622eec715?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, malware, cyberattack, uk-hospital-attack, bug-bounty28-Nov-2024
T-Mobile Detects Network Intrusion Attempts from Wireline Providerhttps://medium.com/@wiretor/t-mobile-detects-network-intrusion-attempts-from-wireline-provider-ee7fab1a7eac?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, xs, t-mobile, hacking28-Nov-2024
Malicious npm Library @0xengine/xmlrpc Steals Data and Mines Cryptocurrencyhttps://medium.com/@wiretor/malicious-npm-library-0xengine-xmlrpc-steals-data-and-mines-cryptocurrency-50171f172ef7?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, xs, bug-bounty, malware, ransomeware28-Nov-2024
Exploiting CSRF and OTP Reuse: How Weak Token Management Enables Password Reset Attacks, Leading…https://medium.com/@iPsalmy/exploiting-csrf-and-otp-reuse-how-weak-token-management-enables-password-reset-attacks-leading-to-c2f6b914f398?source=rss------bug_bounty-5iPsalmybug-bounty, infosec, web-application-security, api-security, cybersecurity28-Nov-2024
#HappyThanksgiving from Wire Tor!https://medium.com/@wiretor/happythanksgiving-from-wire-tor-5a655498f35f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, happy-thanksgiving, happy-thanksgiving-day, malware28-Nov-2024
Private IP Disclosure in Bug Bounty Programs: Understanding the Risk and Rewardhttps://medium.com/@shamzen96/private-ip-disclosure-in-bug-bounty-programs-understanding-the-risk-and-reward-6441aa866db0?source=rss------bug_bounty-5Shivam Rajbug-bounty, bug-bounty-tips27-Nov-2024
The P2 Bug You Could Miss Without Reading the Documentationhttps://mokhansec.medium.com/the-p2-bug-you-could-miss-without-reading-the-documentation-b0eacc3b7587?source=rss------bug_bounty-5Mohsin khancybersecurity, bugs, bug-bounty-tips, bug-bounty-writeup, bug-bounty27-Nov-2024
Easy Way To Root Your Virtual Device 🙂https://aman0.medium.com/easy-way-to-root-your-virtual-device-9d1a2aa99ea1?source=rss------bug_bounty-5Aman Hpenetration-testing, mobile-app-development, root-android-phone, bug-bounty, app-security-testing27-Nov-2024
Install MassDNS in Linuxhttps://medium.com/@mohamdaminporsalari/install-massdns-in-linux-4a5937829972?source=rss------bug_bounty-5MaMadbug-bounty, dns, massdns, pentesting, bug-bounty-tool27-Nov-2024
How I Turned NASA’s Search Bar into a Phishing Gatewayhttps://systemweakness.com/how-i-turned-nasas-search-bar-into-a-phishing-gateway-697de30859b0?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, cybersecurity, technology, bug-bounty, programming27-Nov-2024
0-Click ATO: How I Can Take Over Every Account on the Websitehttps://medium.com/@aesmail034/0-click-ato-how-i-can-take-over-every-account-on-the-website-9a69c9afb57c?source=rss------bug_bounty-5Ahmed Esmailhackerone, bug-bounty, cybersecurity, account-takeover27-Nov-2024
Race Condition Exploit Enables Free Plan Users to Access Premium Featureshttps://medium.com/@rawansa3ed2002/race-condition-exploit-enables-free-plan-users-to-access-premium-features-9619d0fa0a53?source=rss------bug_bounty-5Rawansaedbug-bounty, race-condition, hackerone, penetration-testing, cybersecurity27-Nov-2024
System Hacking Techniquehttps://medium.com/@TahirAyoub/system-hacking-technique-ac376bd3f0ef?source=rss------bug_bounty-5Tahir Ayoubbug-bounty, hacking-tools, cybersecurity, hacking, computer-security27-Nov-2024
Install MassDNS in Linuxhttps://medium.com/@MaMad4Ever/install-massdns-in-linux-4a5937829972?source=rss------bug_bounty-5MaMadbug-bounty, dns, massdns, pentesting, bug-bounty-tool27-Nov-2024
Introducing JSNinja: Your Ultimate JavaScript Bug Hunting Companion ️‍♂️https://medium.com/@vikas0vks/introducing-jsninja-your-ultimate-javascript-bug-hunting-companion-%EF%B8%8F-%EF%B8%8F-bee1fcc4bd75?source=rss------bug_bounty-5Vikasinformation-security, bug-bounty-tips, bug-bounty27-Nov-2024
SMB Enumeration and Exploitation: Master Ports 139 and 445 for Penetration Testinghttps://medium.com/@verylazytech/smb-enumeration-and-exploitation-master-ports-139-and-445-for-penetration-testing-ddca90a384c5?source=rss------bug_bounty-5Very Lazy Techbug-bounty, oscp, smb, hacking, cybersecurity27-Nov-2024
Understanding Ethical Hacking: The Key to Cybersecurityhttps://medium.com/@harshkatiyar5556/understanding-ethical-hacking-the-key-to-cybersecurity-454c6671c5f9?source=rss------bug_bounty-5Harsh Katiyarweb3, mind-hacking-techniques, ethical-hacking, cybersecurity, bug-bounty27-Nov-2024
How to Find DNS Rebinding Vulnerabilities in Bug Bounty Huntinghttps://dineshpathro9.medium.com/how-to-find-dns-rebinding-vulnerabilities-in-bug-bounty-hunting-3323da71f5ee?source=rss------bug_bounty-5Hunterbugs, bug-bounty-tips, bug-bounty, bug-zero27-Nov-2024
0-Click ATO: How I Can Take Over Every Account on the Websitehttps://som3a.medium.com/0-click-ato-how-i-can-take-over-every-account-on-the-website-9a69c9afb57c?source=rss------bug_bounty-5Ahmed Esmailhackerone, bug-bounty, cybersecurity, account-takeover27-Nov-2024
IDOR Allows an Admin to Add SuperAdmin (Which is not allowed)https://medium.com/@mrro0o0tt/idor-allows-an-admin-to-add-superadmin-which-is-not-allowed-239fcc82ff69?source=rss------bug_bounty-5Whoamiidor-vulnerability, bug-bounty, broken-access-control, business-logic-bug, bug-bounty-tips27-Nov-2024
Researchers Unveil “Bootkitty” — The First UEFI Bootkit Targeting Linux Kernels!https://medium.com/@wiretor/researchers-unveil-bootkitty-the-first-uefi-bootkit-targeting-linux-kernels-30ff7b7c6819?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceszero-day, cve, bug-bounty, malware, bootkitty27-Nov-2024
Interpol Arrests 1,000+ in Massive ‘Operation Serengeti’ Anti-Cybercrime Crackdownhttps://medium.com/@wiretor/interpol-arrests-1-000-in-massive-operation-serengeti-anti-cybercrime-crackdown-45ffa24e6f4a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, xss-attack, interpol, hacking, bug-bounty27-Nov-2024
New NachoVPN Attack: Rogue VPN Servers Installing Malicious Updates ️https://medium.com/@wiretor/new-nachovpn-attack-rogue-vpn-servers-installing-malicious-updates-%EF%B8%8F-262c85645850?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, vpn, malware, bug-bounty, programming27-Nov-2024
JS Review and Abuse GraphQL Result 10xBAC + Admin Panel ATOhttps://medium.com/@0xbugatti/js-review-and-abuse-graphql-result-10xbac-admin-panel-ato-0f013fe471ea?source=rss------bug_bounty-50xbugattiowasp-top-10, bug-bounty, bugbounty-writeup, web-app-security, bugbounty-tips27-Nov-2024
How I abled to get users/admins PII Disclosurehttps://medium.com/@a7madhacck/how-i-abled-to-get-users-admins-pii-disclosure-6c02fef82c11?source=rss------bug_bounty-5Ahmad Yusseftechnology, hackerone, bug-bounty-writeup, cybersecurity, bug-bounty27-Nov-2024
Automating the Setup of a Bug Bounty Toolkithttps://dineshpathro9.medium.com/automating-the-setup-of-a-bug-bounty-toolkit-05b3e589eb84?source=rss------bug_bounty-5hunterbug-bounty, bug-bounty-tips, bugs, hacking26-Nov-2024
VOIP Penetration Testing Checklisthttps://infosecwriteups.com/voip-penetration-testing-checklist-890bb4e09bac?source=rss------bug_bounty-5Ajay Naiksecurity, information-technology, penetration-testing, cybersecurity, bug-bounty26-Nov-2024
Find Website Vulnerabilities with One Hacking Toolhttps://medium.com/@TahirAyoub/find-website-vulnerabilities-with-one-hacking-tool-0008a908c6fd?source=rss------bug_bounty-5Tahir Ayoubcybersecurity, bug-bounty-tips, bug-bounty, hacking, tools26-Nov-2024
Bugbounty Hunting: The First Step After Finding Your Targethttps://dineshpathro9.medium.com/bugbounty-hunting-the-first-step-after-finding-your-target-998267eeeb28?source=rss------bug_bounty-5Hunterbug-bounty-tips, bug-bounty, bug-zero, bugs26-Nov-2024
Challenges and Pitfalls of Automating Bug Bounty Submissions with AIhttps://pointlessai.medium.com/challenges-and-pitfalls-of-automating-bug-bounty-submissions-with-ai-adb06ab0d2c6?source=rss------bug_bounty-5PointlessAI Mediumai, bug-bounty, cybersecurity, chatgpt, vulnerability-management26-Nov-2024
IBM Fixes RCE Vulnerabilities in Data Virtualization Manager and Security SOARhttps://medium.com/@wiretor/ibm-fixes-rce-vulnerabilities-in-data-virtualization-manager-and-security-soar-dfbc178710f5?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, rce, bug-bounty, malware, ibm26-Nov-2024
Firefox and Windows Zero-Days Exploited by Russian RomCom Hackers: A Cybersecurity Wake-Up Call!https://medium.com/@wiretor/firefox-and-windows-zero-days-exploited-by-russian-romcom-hackers-a-cybersecurity-wake-up-call-a8029dacd27b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, malware, windows-hacking, bug-bounty, firefox-hacked26-Nov-2024
Critical Vulnerabilities Discovered in Popular Anti-Spam Plugin for WordPress ️https://medium.com/@wiretor/critical-vulnerabilities-discovered-in-popular-anti-spam-plugin-for-wordpress-%EF%B8%8F-353b3a727d7e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacked, malware, wordpress, ransomware, bug-bounty26-Nov-2024
Find Website Vulnerabilities with One Hacking Toolhttps://blog.cubed.run/find-website-vulnerabilities-with-one-hacking-tool-0008a908c6fd?source=rss------bug_bounty-5Tahir Ayoubcybersecurity, bug-bounty-tips, bug-bounty, hacking, tools26-Nov-2024
How I Hacked NASAhttps://vikram1337.medium.com/how-i-hacked-nasa-74f4ada6e90c?source=rss------bug_bounty-5Vikramwriteup, pentesting, bug-bounty, nasa26-Nov-2024
race condition on BBPhttps://medium.com/@mohanad9837/race-condition-on-bbp-7294e8582ade?source=rss------bug_bounty-5mohanedbug-bounty, race-condition25-Nov-2024
Why Subdomain Enumeration ?https://ahmed-rezk.medium.com/why-subdomain-enumeration-3e4570dd9aba?source=rss------bug_bounty-5Ahmed Rezkcybersecurity, red-teaming, bug-bounty-tips, pentesting, bug-bounty25-Nov-2024
Privilege Escalation in Collaborative Platforms — BugBountyhttps://medium.com/@Zero-Ray/privilege-escalation-in-collaborative-platforms-bugbounty-e1e240384b43?source=rss------bug_bounty-5Mahmoud Fawzyprivilege-escalation, bug-bounty, bug-bounty-hunter, bugcrowd, bug-bounty-writeup25-Nov-2024
HOW I FOUND MY FIRST XSS BUGhttps://medium.com/@Zeroo_sec/how-i-found-my-first-xss-bug-553225548d29?source=rss------bug_bounty-5Ranjanethical-hacking, hacking, bug-bounty, bug-bounty-tips25-Nov-2024
Google Dorks for Bug Bounty: The Ultimate Guidehttps://medium.com/@verylazytech/google-dorks-for-bug-bounty-the-ultimate-guide-e7611b533aee?source=rss------bug_bounty-5Very Lazy Techethical-hacking, google-dork, google-hacking, penetration-testing, bug-bounty25-Nov-2024
Google dorking the right way.https://osintteam.blog/google-dorking-the-right-way-27b0eeb31212?source=rss------bug_bounty-5an0nbilbug-bounty-tips, bug-bounty, programming, ethical-hacking, cybersecurity25-Nov-2024
Microlise Data Breach Confirmed: SafePay Ransomware Group Claims Responsibility ️https://medium.com/@wiretor/microlise-data-breach-confirmed-safepay-ransomware-group-claims-responsibility-%EF%B8%8F-035e36e25afc?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesusa, ransomeware, bug-bounty, malware, xs25-Nov-2024
Bangkok Busts High-Tech SMS Scam Operationhttps://medium.com/@wiretor/bangkok-busts-high-tech-sms-scam-operation-e13909a2625f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, bug-bounty, hacking, malware, xxe25-Nov-2024
Finastra Data Breach: What Financial Institutions Need to Know ️https://medium.com/@wiretor/finastra-data-breach-what-financial-institutions-need-to-know-%EF%B8%8F-df9e960c90c7?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, pentest, hacking, xs25-Nov-2024
SSRF To Internal Data Access Via PDF Print Featurehttps://bishal0x01.medium.com/ssrf-to-internal-data-access-via-pdf-print-feature-b8e6a912844a?source=rss------bug_bounty-5Bishal Shresthassrf, bug-bounty, information-security25-Nov-2024
Bug Bounty Tips and Trickshttps://bevijaygupta.medium.com/bug-bounty-tips-and-tricks-7b25317c8e7e?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bug-zero, bug-bounty-writeup, bugs, bug-bounty25-Nov-2024
Google Dorks for Bug Bounty: The Ultimate Guidehttps://systemweakness.com/google-dorks-for-bug-bounty-the-ultimate-guide-e7611b533aee?source=rss------bug_bounty-5Very Lazy Techethical-hacking, google-dork, google-hacking, penetration-testing, bug-bounty25-Nov-2024
here is how I got my first bounty $$$https://medium.com/@mohanad9837/here-is-how-i-got-my-first-bounty-78c18da7feeb?source=rss------bug_bounty-5mohanedxss-vulnerability, xss-bypass, bug-bounty, xss-attack25-Nov-2024
GitTrash: Digging Deep into Git Repositories for Hidden Treasureshttps://medium.com/@sheryx00/gittrash-digging-deep-into-git-repositories-for-hidden-treasures-dfa6b3ff9251?source=rss------bug_bounty-5Sheryx00pentesting, bug-bounty, open-source, git24-Nov-2024
SSRF(Server-Side Request Forgery)https://medium.com/@mukkagopi50/ssrf-server-side-request-forgery-50329b7e39fb?source=rss------bug_bounty-5Gopi Mukkavapt, ssrf, ssrf-attack, vulnerability-assessment, bug-bounty24-Nov-2024
Mastering Web Application Pentesting Part — IIhttps://infosecwriteups.com/mastering-web-application-pentesting-part-ii-f02898bf48e3?source=rss------bug_bounty-5Mukilan Baskaranweb-security, infosec, bug-bounty, cybersecurity, computer-security24-Nov-2024
Week 3: When the Drive to Work Fadeshttps://mokhansec.medium.com/week-3-when-the-drive-to-work-fades-3e94a89559c0?source=rss------bug_bounty-5Mohsin khanbug-bounty-writeup, bugs, bug-bounty-tips, bug-bounty, cybersecurity24-Nov-2024
Hacking WordPress: Where to Begin?https://0x4a6f76616e.medium.com/hacking-wordpress-where-to-begin-60179dc403d9?source=rss------bug_bounty-5Jovanbug-bounty, hacking, pentesting, vulnerability, wordpress24-Nov-2024
7 Steps guide to CNAME Subdomain Takeoverhttps://bitpanic.medium.com/7-steps-guide-to-cname-subdomain-takeover-f10eebd7e952?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, cybersecurity, information-security, bug-bounty24-Nov-2024
Cyberattack at French Hospital Exposes Health Data of 750,000 Patientshttps://medium.com/@wiretor/cyberattack-at-french-hospital-exposes-health-data-of-750-000-patients-01b8f62893d1?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicespentest, hacking, xs, malware, bug-bounty24-Nov-2024
Microsoft Disrupts ONNX Phishing-as-a-Service Operation ️https://medium.com/@wiretor/microsoft-disrupts-onnx-phishing-as-a-service-operation-%EF%B8%8F-a1b5535f5d9a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, malware, xs, bug-bounty, pentest24-Nov-2024
Microsoft Tests Third-Party Passkey Support in Windows 11: A Passwordless Futurehttps://medium.com/@wiretor/microsoft-tests-third-party-passkey-support-in-windows-11-a-passwordless-future-92a5fe28571a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmicrosoft, pentest, bug-bounty, hacking, xs24-Nov-2024
Hackers Exploit Avast Anti-Rootkit Driver to Disable Security Defenseshttps://medium.com/@wiretor/hackers-exploit-avast-anti-rootkit-driver-to-disable-security-defenses-13df8a3c313e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, ransomware, bug-bounty, malware, xss-attack24-Nov-2024
How I got 50euro bounty?https://doordiefordream.medium.com/how-i-got-50euro-bounty-71dcf4c6e335?source=rss------bug_bounty-5Bug hunter baluhtml, cybersecurity, technology, vulnerability, bug-bounty24-Nov-2024
Recon. Useful Tips for Bug Bounty — PART 1https://medium.com/@dzchalevich/recon-useful-tips-for-bug-bounty-part-1-0defee9bc7cf?source=rss------bug_bounty-5theroo@tttweb-security, bug-bounty-tips, bug-bounty, penetration-testing, recon24-Nov-2024
Happy hunting!https://medium.com/@hacker_33169/happy-hunting-eae0a858b540?source=rss------bug_bounty-5B3ntl3ycybersecurity, bug-bounty, penetration-testing24-Nov-2024
Beginner’s Guide to Ethical Hacking: What I Learned from My First Bug Bountyhttps://medium.com/@yarmuhammadnizamani556/beginners-guide-to-ethical-hacking-what-i-learned-from-my-first-bug-bounty-724a9f97f38b?source=rss------bug_bounty-5Curious Mindethical-hacking, cybersecurity, bug-bounty24-Nov-2024
Android Pentesting can make you $500/day.https://medium.com/@anandrishav2228/android-pentesting-can-make-you-500-day-818158f9b43d?source=rss------bug_bounty-5Rishav anandcybersecurity, android, hacking, money, bug-bounty24-Nov-2024
How I do my recon and end up finding hidden assets and vulnerabilities before anyone else Pt.2https://medium.com/@demonia/how-i-do-my-recon-and-end-up-finding-hidden-assets-and-vulnerabilities-before-anyone-else-pt-2-2c8dd13d6c19?source=rss------bug_bounty-5Mohammed Diefcybersecurity, information-security, bug-bounty, hackerone, recon24-Nov-2024
IDOR is NOT only on the IDhttps://medium.com/@mshulkhan/idor-is-not-only-on-the-id-8e94b5cc193e?source=rss------bug_bounty-5M Shulkhangoogle-bug, bug-bounty, hacking, hackerkamp150, sysbraykr24-Nov-2024
My Bug Bounty Hunting Methodologyhttps://cybersechemmars.medium.com/my-bug-bounty-hunting-methodology-51ac0a891978?source=rss------bug_bounty-5Cybersec with Hemmarscybersecurity, writing, bug-bounty, bug-bounty-writeup24-Nov-2024
TryHackMe | NoSQLi Walkthroughhttps://medium.com/@k3r0/tryhackme-nosqli-walkthrough-155c6380f5b3?source=rss------bug_bounty-5Kyrillos nadypenetration-testing, bug-bounty, nosql, web-penetration-testing, hacking24-Nov-2024
Bug House Exterminator in Wilton: Your Ultimate Guide to a Pest-Free Homehttps://medium.com/@muhammadmohsinsiddique46/bug-house-exterminator-in-wilton-your-ultimate-guide-to-a-pest-free-home-47d56773c394?source=rss------bug_bounty-5Muhammadmohsinsiddiquebed-bug-extermination, bug-bounty, wilton, bugs23-Nov-2024
7 Main Sins Of A Hacker, What To Stay Away From During Hacking Story?https://medium.com/h7w/7-main-sins-of-a-hacker-what-to-stay-away-from-during-hacking-story-115d749952e2?source=rss------bug_bounty-5NnFacefaith, hacking, bug-bounty, cybersecurity, kali-linux23-Nov-2024
HTML INJECTION- My Second Major Bountyhttps://medium.com/@josuofficial327/html-injection-my-second-major-bounty-cb7c3b32ce60?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuowasp-top-10, bug-bounty-tips, cybersecurity, penetration-testing, bug-bounty23-Nov-2024
Building a Bug Bounty Journey: Exploring Web Security with a Custom CMShttps://medium.com/@zero_4583/building-a-bug-bounty-journey-exploring-web-security-with-a-custom-cms-06dffc81e969?source=rss------bug_bounty-5Nathan Vincentphp, appsec, cms-development, bug-bounty23-Nov-2024
Why Bug Bounty Is Just for You 🙂https://infosecwriteups.com/why-bug-bounty-is-just-for-you-61541deb62b8?source=rss------bug_bounty-5Satyam Pathaniabug-bounty, money, cybersecurity, infosec, technology23-Nov-2024
Disallowed but Discoverable: The Hacker’s robots.txt Playbookhttps://myselfakash20.medium.com/disallowed-but-discoverable-the-hackers-robots-txt-playbook-73dca570f23e?source=rss------bug_bounty-5Akash Ghoshbug-bounty, cybersecurity, technology, programming, bug-bounty-writeup23-Nov-2024
Vulnerable WordPress October 2024 (Zahhak Castle)https://medium.com/@onhexgroup/vulnerable-wordpress-october-2024-zahhak-castle-fb7da609b5e1?source=rss------bug_bounty-5Onhexgroupinformation-security, infosec, cybersecurity, bug-bounty, wordpress23-Nov-2024
North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedInhttps://medium.com/@wiretor/north-korean-hackers-steal-10m-with-ai-driven-scams-and-malware-on-linkedin-25daddc61809?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, malware, ai, programming23-Nov-2024
Over 2,000 Palo Alto Firewalls Hacked Using Recently Patched Bugshttps://medium.com/@wiretor/over-2-000-palo-alto-firewalls-hacked-using-recently-patched-bugs-ccc83ef8b4d6?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, hacking, hacked, xss-attack23-Nov-2024
Chinese Hackers Target Linux with WolfsBane Malwarehttps://medium.com/@wiretor/chinese-hackers-target-linux-with-wolfsbane-malware-c4a313c0e63f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceschinese, linux, hacking, malware, bug-bounty23-Nov-2024
Cyber Alert: APT28 Hackers Breach US Firm with Innovative “Nearest Neighbor Attack”https://medium.com/@wiretor/cyber-alert-apt28-hackers-breach-us-firm-with-innovative-nearest-neighbor-attack-9245d88841d8?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, apt-28, hacking, xss-attack23-Nov-2024
Ubuntu Users Alert: Decade-Old Needrestart Flaws Expose Root Privilege Riskshttps://medium.com/@wiretor/ubuntu-users-alert-decade-old-needrestart-flaws-expose-root-privilege-risks-a504f5d2b949?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesusa, ubuntu, penetration-testing, bug-bounty, malware23-Nov-2024
Step into my Professional Life(:Finding my first Bug:)https://medium.com/@anshjain722/step-into-my-professional-life-finding-my-first-bug-e8175b1d9601?source=rss------bug_bounty-5Ansh Jaincybersecurity, xss-vulnerability, vulnerability, bugs, bug-bounty23-Nov-2024
Methods to bypass 403 & 401https://infosecwriteups.com/methods-to-bypass-403-401-38df4cec069e?source=rss------bug_bounty-5Dishant Modipenetration-testing, cybersecurity, bug-bounty-tips, bug-bounty, hacking23-Nov-2024
How I Discovered an Email Change Vulnerability Leading to Pre-Account Takeover | p2https://medium.com/@dhananjay_00/how-i-discovered-an-email-change-vulnerability-leading-to-pre-account-takeover-p2-7e76e0002eef?source=rss------bug_bounty-5Dhananjay Pathakbug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty, hacking23-Nov-2024
Why I Switched from Cloud to Local Password Managementhttps://expectme.medium.com/why-i-switched-from-cloud-to-local-password-management-2b79448495dc?source=rss------bug_bounty-5Mamoud Eidbug-bounty, privacy, cybersecurity23-Nov-2024
Bug Bounty Beginner’s Roadmap-02https://medium.com/@sheikh.mohammad.adil.71/bug-bounty-beginners-roadmap-02-3236f15df715?source=rss------bug_bounty-5SHEIKH MOHAMMAD ADILroadmaps, ethical-hacking, bounty-program, bug-bounty23-Nov-2024
My OSWA Experiencehttps://medium.com/@zumyumi/my-oswa-experience-eaa4e94d1797?source=rss------bug_bounty-5Zumi Yumioswe, oscp, web, oswa, bug-bounty23-Nov-2024
️‍♂️ Bug Bounty Beginner’s Roadmap-01https://medium.com/@sheikh.mohammad.adil.71/%EF%B8%8F-%EF%B8%8F-ultimate-bug-bounty-roadmap-ee81e805ad6b?source=rss------bug_bounty-5SHEIKH MOHAMMAD ADILbug-bounty, ethical-hacking, hackerone, cybersecurity, roadmaps23-Nov-2024
File path traversal, validation of file extension with null byte bypasshttps://medium.com/@Laxious8848/file-path-traversal-validation-of-file-extension-with-null-byte-bypass-6625f4a4fbec?source=rss------bug_bounty-5Laxiousweb-penetration-testing, lfi, lfi-vulnerability, bug-bounty, web-pen-testing22-Nov-2024
File path traversal, validation of start of pathhttps://medium.com/@Laxious8848/file-path-traversal-validation-of-start-of-path-063e8995a55d?source=rss------bug_bounty-5Laxiouslfi, web-penetration-testing, web-pen-testing, lfi-vulnerability, bug-bounty22-Nov-2024
Ghost Tap Exploits NFC Payments for Fraudhttps://medium.com/@wiretor/ghost-tap-exploits-nfc-payments-for-fraud-dc2a263ff603?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, ransomware, hacking, programming, bug-bounty22-Nov-2024
Oracle Agile PLM Vulnerability Exploited in the Wild: Protect Your Data!https://medium.com/@wiretor/oracle-agile-plm-vulnerability-exploited-in-the-wild-protect-your-data-129f8d9ac922?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, ransomware, malware, pentest, hacking22-Nov-2024
File path traversal, traversal sequences stripped with superfluous URL-decodehttps://medium.com/@Laxious8848/file-path-traversal-traversal-sequences-stripped-with-superfluous-url-decode-0b303cfe5b69?source=rss------bug_bounty-5Laxiousweb-penetration-testing, web-pen-testing, bug-bounty, lfi-vulnerability, lfi22-Nov-2024
Resolving the “externally-managed-environment” Error in Pythonhttps://medium.com/@prathameshbagul/resolving-the-externally-managed-environment-error-in-python-b91650d45946?source=rss------bug_bounty-5Prathbug-bounty, python, pentesting, kali-linux, cybersecurity22-Nov-2024
ShodanSpider: A Powerful Tool for Cybersecurity Researchhttps://shubhamrooter.medium.com/shodanspider-a-powerful-tool-for-cybersecurity-research-02eac3ed75e2?source=rss------bug_bounty-5Shubham Tiwaribug-bounty, security-analytics, vapt, shodan, bug-hunting22-Nov-2024
My Journey Finding Bugs on NASAhttps://cybersecuritywriteups.com/my-journey-finding-bugs-on-nasa-a2296d142b0a?source=rss------bug_bounty-5Shridhar Rajaputbug-bounty-writeup, inspiration, cybersecurity, bug-bounty, information-technology22-Nov-2024
Why Bug Bounty Could Be a Career for You 🙂https://osintteam.blog/why-bug-bounty-could-be-a-career-for-you-17b6b7b66e16?source=rss------bug_bounty-5Satyam Pathaniamoney, technology, cybersecurity, bug-bounty, infosec22-Nov-2024
Unveiling a Critical Bug in One of the World’s Largest Banks: My Barclays Storyhttps://cybersecuritywriteups.com/unveiling-a-critical-bug-in-one-of-the-worlds-largest-banks-my-barclays-story-34a9fb5f5140?source=rss------bug_bounty-5Guru Prasad Pattanaikbug-bounty-tips, bug-bounty, cybersecurity, bug-bounty-writeup, ethical-hacking22-Nov-2024
The $900 Bug: My Journey Through SSRF and LFI Exploitshttps://myselfakash20.medium.com/the-900-bug-my-journey-through-ssrf-and-lfi-exploits-222feb276deb?source=rss------bug_bounty-5Akash Ghoshprogramming, technology, cybersecurity, hacking, bug-bounty22-Nov-2024
IDOR Checklist 2025https://medium.com/@mohanad9837/idor-checklist-2025-443575a389d4?source=rss------bug_bounty-5mohanedidor, bug-bounty, idor-vulnerability22-Nov-2024
Finding and Exploiting open SMB service [bug bounty write-up].https://medium.com/@sugamdangal52/finding-and-exploiting-open-smb-service-bug-bounty-write-up-492d72cd2fa3?source=rss------bug_bounty-5Sugam Dangalethical-hacking, bug-bounty, bug-hunting, hacking, bug-bounty-writeup22-Nov-2024
Forbidden Bypass Cloudflare Zero Trust — English Versionhttps://medium.com/@j0hnZ3RA/forbidden-bypass-cloudflare-zero-trust-english-version-436efff4a548?source=rss------bug_bounty-5j0hnZ3RAbug-bounty, red-team, pentesting, security22-Nov-2024
Forbidden Bypass Cloudflare Zero Trusthttps://medium.com/@j0hnZ3RA/forbidden-bypass-cloudflare-zero-trust-6bcc7ad464ee?source=rss------bug_bounty-5j0hnZ3RAsecurity, pentesting, bypass, red-team, bug-bounty22-Nov-2024
They Ignored My Bug Report but Fixed It Silently: My Experience with Enhancvhttps://medium.com/@0xw01f/they-ignored-my-bug-report-but-fixed-it-silently-my-experience-with-enhancv-a8ffe5e3e790?source=rss------bug_bounty-5w01fcybersecurity, bug-bounty, vulnerability, responsibility, ethics22-Nov-2024
HTML encode ilə XSS və HTML İnjection hücumlarının qarşısının alınmasıhttps://medium.com/@rootelvin/html-encode-il%C9%99-xss-v%C9%99-html-i%CC%87njection-h%C3%BCcumlar%C4%B1n%C4%B1n-qar%C5%9F%C4%B1s%C4%B1n%C4%B1n-al%C4%B1nmas%C4%B1-01e21dfe11b5?source=rss------bug_bounty-5Elvin Nuruyevappsec-testing, web-pentesting, cyber-security-solutions, secure-coding, bug-bounty22-Nov-2024
captainX404https://medium.com/@captainX404/captainx404-b41a7f1e3ff3?source=rss------bug_bounty-5captainX404bug-bounty22-Nov-2024
Reconnaissance on archive URLshttps://medium.com/@mayank_prajapati/reconnaissance-on-archive-urls-4125ce7544ed?source=rss------bug_bounty-5Mayank Kumar Prajapatibug-bounty-tips, cybersecurity, bugs, bug-bounty, hacking22-Nov-2024
HTML encode ilə XSS və HTML İnjection hücumlarının qarşısının alınmasıhttps://elvinnuruyev.medium.com/html-encode-il%C9%99-xss-v%C9%99-html-i%CC%87njection-h%C3%BCcumlar%C4%B1n%C4%B1n-qar%C5%9F%C4%B1s%C4%B1n%C4%B1n-al%C4%B1nmas%C4%B1-01e21dfe11b5?source=rss------bug_bounty-5Elvin Nuruyevappsec-testing, web-pentesting, cyber-security-solutions, secure-coding, bug-bounty22-Nov-2024
Cloud Hacking : flaws.cloud level 1 walkthroughhttps://medium.com/@Kinqdathacker/cloud-hacking-flaws-cloud-level-1-walkthrough-9f966da07e82?source=rss------bug_bounty-5Kinqdathackerctf-writeup, cloud-security, bug-bounty, s3-bucket, hacking22-Nov-2024
How i finded a p4 as per bugcrowd.https://osintteam.blog/how-i-finded-a-p4-as-per-bugcrowd-c7c72718583a?source=rss------bug_bounty-5loyalonlytodayhacking, tips, bugs, bug-bounty, cybersecurity21-Nov-2024
Master My Skill Student got highest bounty of $5000 by Vikrant Sharmahttps://medium.com/@mastermyskill/master-my-skill-student-got-highest-bounty-of-5000-by-vikrant-sharma-287a9b46522e?source=rss------bug_bounty-5Master My Skillbug-bounty21-Nov-2024
Unlock the $4 Million Bounty: Join Microsoft’s Zero Day Quest!https://byteshiva.medium.com/unlock-the-4-million-bounty-join-microsofts-zero-day-quest-87c6e50c1010?source=rss------bug_bounty-5Sivainfosec, cybersecurity, microsoftzerodayquest, hacking, bug-bounty21-Nov-2024
Unique XSS Earned Me a $$$ Bountyhttps://wgetkb.medium.com/unique-xss-earned-me-a-bounty-b7156c36fd32?source=rss------bug_bounty-5Prasad KBbounty-program, xss-vulnerability, infosec, bug-bounty, security21-Nov-2024
Insecure direct object referenceshttps://medium.com/@Laxious8848/insecure-direct-object-references-2ce01fa76018?source=rss------bug_bounty-5Laxiousweb-pen-testing, idor, idor-vulnerability, webapplicationpentest, bug-bounty21-Nov-2024
HTB — Learn the basics of Penetration Testing: Meowhttps://medium.com/@febrywiji12/htb-learn-the-basics-of-penetration-testing-meow-6158f97c3c6e?source=rss------bug_bounty-5Sheperd01telnet, hackthebox, ctf, bug-bounty, tutorial21-Nov-2024
How to Find Open Redirect Vulnerabilities: A Comprehensive Guidehttps://medium.com/@rupaitanudas/how-to-find-open-redirect-vulnerabilities-a-comprehensive-guide-e2b6e8c965c6?source=rss------bug_bounty-5Rupaitanudasopen-redirect, bug-bounty, web-application-security21-Nov-2024
BugBoard: The Ultimate Dashboard for Bug Huntershttps://medium.com/@abhinavsingwal/bugboard-the-ultimate-dashboard-for-bug-hunters-1fc7177117bb?source=rss------bug_bounty-5Abhinavsingwalbug-bounty, hacking, hacker, bugboard, hacking-tools21-Nov-2024
Introduction to CORS-Cross-origin resource sharing & SOP-Same Origin Policy, CORS series (Part 1)https://medium.com/@vipulparveenjain/introduction-to-cors-cross-origin-resource-sharing-sop-same-origin-policy-cors-series-part-1-149ad6f77cf6?source=rss------bug_bounty-5Vipul Jainhacking, bug-bounty, web-security-testing, cors-vulnerability, cross-origin-resource21-Nov-2024
Antivirus Evasion for Beginners: A Step-by-Step Guide to Bypassing AV for Penetration Testershttps://medium.com/@verylazytech/antivirus-evasion-for-beginners-a-step-by-step-guide-to-bypassing-av-for-penetration-testers-e600de35be20?source=rss------bug_bounty-5Very Lazy Techpenetration-testing, bug-bounty, antivirus-evasion, bypassing-av, hacking21-Nov-2024
How I Hacked a Website While Dancinghttps://medium.com/@shaikhminhaz1975/how-i-hacked-a-website-while-dancing-22c3e1cd3431?source=rss------bug_bounty-5Shaikh Minhazhacking, cybersecurity, how-to, ethical-hacking, bug-bounty21-Nov-2024
BugBoard: The Ultimate Dashboard for Bug Huntershttps://medium.com/@abhinavsingwal/bugboard-the-ultimate-dashboard-for-bug-hunters-1fc7177117bb?source=rss------bug_bounty-5Abhinav Singwalbug-bounty, hacking, hacker, bugboard, hacking-tools21-Nov-2024
Bypass Email Verification in Mozillahttps://0d-amr.medium.com/bypass-email-verification-in-mozilla-2ab45ac36c42?source=rss------bug_bounty-5Amrbug-bounty-tips, cybersecurity, ethical-hacking, penetration-testing, bug-bounty21-Nov-2024
Mastering Web Application Pentesting with TryhackMehttps://infosecwriteups.com/mastering-web-application-pentesting-with-tryhackme-24257ef182c5?source=rss------bug_bounty-5Mukilan Baskarantryhackme, cybersecurity, bug-bounty, tryhackme-walkthrough, infosec21-Nov-2024
PART 2: THE NEXT CHAPTER IN MY NASA BUG HUNTING JOURNEYhttps://rootxabit.medium.com/part-2-the-next-chapter-in-my-nasa-bug-hunting-journey-1d6338c5f017?source=rss------bug_bounty-5sudo-xabithacking-nasa, bug-bounty, india, tips, nasa21-Nov-2024
File path traversal, simple casehttps://medium.com/@Laxious8848/file-path-traversal-simple-case-d0dd8c493981?source=rss------bug_bounty-5Laxiouslfi, webapplicationpentest, lfi-vulnerability, bug-bounty, web-pen-testing21-Nov-2024
File path traversal, traversal sequences stripped non-recursivelyhttps://medium.com/@Laxious8848/file-path-traversal-traversal-sequences-stripped-non-recursively-647780ace38e?source=rss------bug_bounty-5Laxiousweb-penetration-testing, web-pen-testing, lfi, bug-bounty, lfi-vulnerability21-Nov-2024
File path traversal, traversal sequences blocked with absolute path bypasshttps://medium.com/@Laxious8848/file-path-traversal-traversal-sequences-blocked-with-absolute-path-bypass-b909ad161fa2?source=rss------bug_bounty-5Laxiousbug-bounty, web-pentesting, web-penetration-testing, lfi-vulnerability, lfi21-Nov-2024
HTB — Learn the basics of Penetration Testing: Meowhttps://medium.com/@febrywiji/htb-learn-the-basics-of-penetration-testing-meow-6158f97c3c6e?source=rss------bug_bounty-5Sheperd01telnet, hackthebox, ctf, bug-bounty, tutorial21-Nov-2024
Worth 10000$ Cracking the Price Barrier: Exploiting Price Tampering on an E-Commerce Websitehttps://medium.com/@kumawatabhijeet2002/worth-10000-cracking-the-price-barrier-exploiting-price-tampering-on-an-e-commerce-website-19e3f82f52aa?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, bug-bounty-writeup, bug-bounty-tips, bugs20-Nov-2024
How I was able to Take over a Subdomain and got Hall of Famehttps://rivudon.medium.com/how-i-was-able-to-take-over-a-subdomain-and-got-hall-of-fame-aca4aaca761b?source=rss------bug_bounty-5Rivek Raj Tamang ( RivuDon )subdomain-takeover, ethical-hacking, bug-bounty-tips, bug-hunting, bug-bounty20-Nov-2024
Web vulnerability bounty rules updatehttps://medium.com/@security.tecno/web-vulnerability-bounty-rules-update-20bcf6f6e3da?source=rss------bug_bounty-5TECNO Securityhacking, web, security, bug-bounty20-Nov-2024
Bypassing Password Reuse Restriction A Security Flaw.https://aman0.medium.com/bypassing-password-reuse-restriction-a-security-flaw-1bf2210d9bbd?source=rss------bug_bounty-5Aman Hbug-bounty-writeup, vulnerability, information-security, penetration-testing, bug-bounty20-Nov-2024
The $2,200 ATO Most Bug Hunters Overlooked by Closing Intruder Too Soonhttps://mokhansec.medium.com/the-2-200-ato-most-bug-hunters-overlooked-by-closing-intruder-too-soon-505f21d56732?source=rss------bug_bounty-5Mohsin khancybersecurity, bug-bounty, bug-bounty-writeup, bugs, bug-bounty-tips20-Nov-2024
Reflected Cross-Site Scripting (XSS) via POST request:https://ak-rizk.medium.com/reflected-cross-site-scripting-xss-via-post-request-f0d54ee84f99?source=rss------bug_bounty-5A-RIZKxss-attack, web-hacking, pentesting, bug-bounty20-Nov-2024
How Hidden 3xXSS got revealedhttps://medium.com/@0xbugatti/how-hidden-3xxss-got-revealed-b42f041d36f6?source=rss------bug_bounty-50xbugattibug-bounty, bug-bounty-writeup, web-app-security, web-app-pentesting, bug-bounty-tips20-Nov-2024
How I Earned $650 Using Just Recon: A Bug Hunter’s Success Storyhttps://myselfakash20.medium.com/how-i-earned-650-using-just-recon-a-bug-hunters-success-story-4d78788e46a5?source=rss------bug_bounty-5Akash Ghoshbug-bounty, programming, penetration-testing, cybersecurity, technology20-Nov-2024
Swiss Army Knife of Top Bug Huntershttps://bitpanic.medium.com/swiss-army-knife-of-top-bug-hunters-dd1bf237c513?source=rss------bug_bounty-5Spectat0rguyinformation-security, bug-bounty-tips, cybersecurity, cyber-security-awareness, bug-bounty20-Nov-2024
Honey, did you leave the APIs open again?https://medium.com/@l_s_/honey-you-left-the-apis-open-again-c382a3a2d917?source=rss------bug_bounty-5LShacking, api, bug-bounty, cybersecurity, bug-bounty-writeup20-Nov-2024
Introduction to Bug Bountyhttps://medium.com/@hakoje3813/introduction-to-bug-bounty-5461825079ad?source=rss------bug_bounty-5Hackeraidp, bug-bounty20-Nov-2024
How to Start in the Masochistic World of Bug Bounty — what nobody told you before.https://j0nasdias.medium.com/how-to-start-in-the-masochistic-world-of-bug-bounty-what-nobody-told-you-before-22b789933cdd?source=rss------bug_bounty-5Jonas Dias Rebelointigriti, hackerone, xs, pentest, bug-bounty20-Nov-2024
GhostFilter: Automating URL Filtering for Smarter Bug Huntinghttps://osintteam.blog/ghostfilter-automating-url-filtering-for-smarter-bug-hunting-d779d8fc844f?source=rss------bug_bounty-5SIDDHANT SHUKLAhacking, bug-bounty-tips, bug-bounty, ctf, cybersecurity20-Nov-2024
Importance of Shodan in Bug Hunting: Your Ultimate Guide to Finding Hidden Gemshttps://osintteam.blog/importance-of-shodan-in-bug-hunting-your-ultimate-guide-to-finding-hidden-gems-45cf87201d11?source=rss------bug_bounty-5Akash Ghoshbug-bounty, bug-bounty-writeup, bug-bounty-tips, cybersecurity, infosec19-Nov-2024
Finding subdomains those are hidden in cloud.https://osintteam.blog/finding-subdomains-those-are-hidden-in-cloud-f0c13d3d80ea?source=rss------bug_bounty-5loyalonlytodaybug-bounty, bugs, tips, cybersecurity, hacking19-Nov-2024
【Vulnerability Campaign】Earn Your Thanksgiving Bonus Rebatehttps://medium.com/@security.tecno/vulnerability-campaign-earn-your-thanksgiving-bonus-rebate-95847ac8b144?source=rss------bug_bounty-5TECNO Securityhacking, security, bonus, bug-bounty19-Nov-2024
OTP Bypass — Weak brute-force protectionhttps://medium.com/@Jitheshjithu/otp-bypass-weak-brute-force-protection-42c3f6b7899d?source=rss------bug_bounty-5Jitheshbug-bounty-tips, brute-force, bug-bounty, otp-bypass, burpsuite19-Nov-2024
How a CSRF Vulnerability Can Be Exploited to Target Email Accounts — A Practical Walkthroughhttps://medium.com/@muhammedgalal66/how-a-csrf-vulnerability-can-be-exploited-to-target-email-accounts-a-practical-walkthrough-60e6c2eac31f?source=rss------bug_bounty-5Dg0x6bug-bounty, bounty-program, bug-hunting, csrf, hunting19-Nov-2024
The Easiest $$$ I Made from a Business Logic Vulnerabilityhttps://medium.com/@0xsussy/the-easiest-i-made-from-a-business-logic-vulnerability-5c11a31ca455?source=rss------bug_bounty-5Hamza Khaledbugbounty-writeup, bugbounty-poc, bug-bounty, bugbounty-tips19-Nov-2024
Enumeração de subdomínios através da homepagehttps://medium.com/@sarkis093/enumera%C3%A7%C3%A3o-de-subdom%C3%ADnios-atrav%C3%A9s-da-homepage-971d7aa341bf?source=rss------bug_bounty-5sarkis093shell, pentesting, red-team, osint, bug-bounty19-Nov-2024
From User to Admin: The Art of Privilege Escalationhttps://bootcampsecurity.medium.com/from-user-to-admin-the-art-of-privilege-escalation-b80a4cd1e89b?source=rss------bug_bounty-5Garv Katariacybersecurity, privilege-escalation, ethical-hacking, bug-bounty-tips, bug-bounty19-Nov-2024
Common Security Risks in Browser Extensionshttps://medium.com/@Parag_Bagul/common-security-risks-in-browser-extensions-e61422499f7c?source=rss------bug_bounty-5ParagBagulbrowser-extension, web-browser-extension, cybersecurity, bug-bounty, extension-development19-Nov-2024
Exploiting Business Logic Flaws in e-commerce platformshttps://medium.com/@Pentestforge/exploiting-business-logic-flaws-in-e-commerce-platforms-c3042a240c4a?source=rss------bug_bounty-5Joel I Patrickethical-hacking, bug-bounty, cybersecurity, web-exploitation, hacking19-Nov-2024
Unlock Bug Bounty Brilliance: The Ultimate Guide to Browser Extensions That Supercharge Your…https://osintteam.blog/unlock-bug-bounty-brilliance-the-ultimate-guide-to-browser-extensions-that-supercharge-your-fbb323e29dc0?source=rss------bug_bounty-5Akash Ghoshbug-bounty, bug-bounty-tips, extension, bug-bounty-writeup, cybersecurity19-Nov-2024
Critical Remote Code Execution (RCE) Bug in VMware vCenter Server Now Exploited in Active…https://medium.com/@wiretor/critical-remote-code-execution-rce-bug-in-vmware-vcenter-server-now-exploited-in-active-a03c8fe37d02?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesprogramming, hacking, pentesting, bug-bounty, malware19-Nov-2024
Maxar Data Breach: U.S. Space Tech Giant Compromisedhttps://medium.com/@wiretor/maxar-data-breach-u-s-space-tech-giant-compromised-391640982117?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, pentest, programming, malware, bug-bounty19-Nov-2024
Chinese Hackers Exploit Fortinet VPN Zero-Day to Steal Credentialshttps://medium.com/@wiretor/chinese-hackers-exploit-fortinet-vpn-zero-day-to-steal-credentials-b10232aaabef?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, hacking, bug-bounty, progamming, malware19-Nov-2024
How I Uncovered an Unsubscribe Exploit While Checking My Internship Applicationshttps://expl0it32.medium.com/how-i-uncovered-an-unsubscribe-exploit-while-checking-my-internship-applications-9661aacad8f9?source=rss------bug_bounty-5eXpl0it_32hacking, cybersecurity, idor, bug-report, bug-bounty19-Nov-2024
HOW I FOUND A BUG IN NASAhttps://rootxabit.medium.com/how-i-found-a-bug-in-nasa-f76800eaf3b9?source=rss------bug_bounty-5sudo-xabitbug-bounty, hacking, hall-of-fame, nasa, vdp19-Nov-2024
Bug bounty hunting : Profitable Pursuit or Time Trap?https://medium.com/@Arsenelupin12/bug-bounty-hunting-profitable-pursuit-or-time-trap-a99ecb11358f?source=rss------bug_bounty-5Lupinbug-bounty, bug-bounty-tips, hackthebox, cybersecurity, hacking19-Nov-2024
SQL injection vulnerability in where clause allowing retrieval of hidden datahttps://medium.com/@Laxious8848/sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-c6ca0c949382?source=rss------bug_bounty-5Laxiouspenetration-testing, bug-bounty, webapplicationpentest, error-based-sql-injection, sql-injection19-Nov-2024
BUG BOUNTY HUNTINGhttps://medium.com/@muazutopclass/bug-bounty-hunting-0536a314d4e4?source=rss------bug_bounty-5Mu'azu S. Ahmedcybersecurity, money, bug-bounty, techie-delight, freelancing19-Nov-2024
Easy admin Access By Gaming with JSONhttps://medium.com/@0xbugatti/easy-admin-access-by-gaming-with-json-5ec5313e2236?source=rss------bug_bounty-50xbugattibug-bounty, web-security, penetration-testing, bug-bounty-tips, bug-bounty-writeup19-Nov-2024
Bug bounty hunting : Profitable Pursuit or Time Trap?https://medium.com/@Arsenelupin12/bug-bounty-hunting-profitable-pursuit-or-time-trap-a99ecb11358f?source=rss------bug_bounty-5Wasted Resourcesbug-bounty, bug-bounty-tips, hackthebox, cybersecurity, hacking19-Nov-2024
Hackers’ Cache Hotlisthttps://medium.com/h7w/hackers-cache-hotlist-5649742c35b1?source=rss------bug_bounty-5Lukasz Wierzbickibug-bounty, pentesting, hacking, articles, security18-Nov-2024
How SubDomainRadar.io Simplifies Your Recon Workflowhttps://medium.com/@alexandrevandammepro/how-subdomainradar-io-simplifies-your-recon-workflow-173e4061ceb3?source=rss------bug_bounty-5Alexandre Vandammeinfosec, cyberattack, bug-bounty, hacking, cybersecurity18-Nov-2024
File Upload - Upload. Intercept. Exploit.https://p4n7h3rx.medium.com/file-upload-upload-intercept-exploit-b5aa18cb8e9d?source=rss------bug_bounty-5p4n7h3rxbug-bounty, pentesting, pentest, bug-bounty-tips, hacking18-Nov-2024
BioCorp CTFhttps://ghostman01.medium.com/biocorp-ctf-99a072260842?source=rss------bug_bounty-5SIDDHANT SHUKLActf, web-hacking, bug-bounty, cybersecurity, hacking18-Nov-2024
M4 — Insufficient Input/Output Validationhttps://medium.com/@tamires.scruz/m4-insufficient-input-output-validation-fccc6cfc2561?source=rss------bug_bounty-5Tamy Angelcybersecurity, android, pentesting, bug-bounty, vulnerability18-Nov-2024
From Novice to Pro: My Journey to Earning Through Bug Bounty Huntinghttps://myselfakash20.medium.com/from-novice-to-pro-my-journey-to-earning-through-bug-bounty-hunting-3f123d19c39a?source=rss------bug_bounty-5Akash Ghoshbug-bounty-writeup, ethical-hacking, bug-bounty, cybersecurity, bug-bounty-tips18-Nov-2024
Automating XXE Exploitation: A Write-Up on Intigriti CTF 2024 BioCorp Challengehttps://osintteam.blog/biocorp-ctf-99a072260842?source=rss------bug_bounty-5SIDDHANT SHUKLActf, web-hacking, bug-bounty, cybersecurity, hacking18-Nov-2024
How I Hacked an Entire Company’s IT Infrastructure by Uncovering a Critical Bug Through Effective…https://medium.com/@0xbedo/how-i-hacked-an-entire-companys-it-infrastructure-by-uncovering-a-critical-bug-through-effective-8322d4d763a8?source=rss------bug_bounty-50xbedobug-bounty, aem, pentesting, cybersecurity, security18-Nov-2024
Top 9 Books on Cyber Securityhttps://medium.com/@bicitrobiswas/top-9-books-on-cyber-security-e3984ec1e48b?source=rss------bug_bounty-5Bicitro Biswascybersecurity, hacking, programming, bug-bounty, students18-Nov-2024
How I Found an IDOR Vulnerability in a Local News App and What You Can Learn From Ithttps://medium.com/@sulmanfarooq531/how-i-found-an-idor-vulnerability-in-a-local-news-app-and-what-you-can-learn-from-it-0b02a2ab91d5?source=rss------bug_bounty-5Sulman Farooq Scybersecurity, bug-bounty, idor-vulnerability, idor18-Nov-2024
How to Use Proxy for Bug Huntinghttps://medium.com/@Progsky/how-to-use-proxy-for-bug-hunting-64e08cb33cc1?source=rss------bug_bounty-5Progskybug-hunting, ethical-hacking, ethical-hacking-tools, bug-bounty, cybersecurity18-Nov-2024
AI vs. Human: Why Bug Bounty Hunting Still Needs Human Intuitionhttps://pointlessai.medium.com/ai-vs-human-why-bug-bounty-hunting-still-needs-human-intuition-40b6e023c184?source=rss------bug_bounty-5PointlessAIbug-bounty-tips, ai, bug-bounty, chatgpt, vulnerability-management18-Nov-2024
Data Breaches Demand Proactive Security: AnnieMac Hack Impacts 171,000 Individuals ️https://medium.com/@wiretor/data-breaches-demand-proactive-security-anniemac-hack-impacts-171-000-individuals-%EF%B8%8F-27a46bece7d2?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesanniemac-hacked, bug-bounty, data-breach, programming, hacked18-Nov-2024
Phishing Emails Using SVG Attachments: A Growing Threathttps://medium.com/@wiretor/phishing-emails-using-svg-attachments-a-growing-threat-c531fe9d3806?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, phising, hacking, email18-Nov-2024
How to Start a Career in Cybersecurity: A Step-by-Step Guide for Beginnershttps://medium.com/@griffin_dev.il/how-to-start-a-career-in-cybersecurity-a-step-by-step-guide-for-beginners-77a5457aa6e7?source=rss------bug_bounty-5GriFfin_Dev.iLethical-hacking, cybersecurity, cyber-security-awareness, bug-bounty, careers18-Nov-2024
B-Huntershttps://medium.com/@ebraamemil/b-hunters-a5b53aa9df42?source=rss------bug_bounty-5Ebraam Emilbug-bounty-tips, framework, bug-bounty18-Nov-2024
2FA simple bypasshttps://medium.com/@kcaaditya976/2fa-simple-bypass-1eb82080b914?source=rss------bug_bounty-5Laxiousbug-bounty, web-application-security, web-penetration-testing, mfa-bypass, web-pentesting18-Nov-2024
CTF Walkthrough: Grayboardhttps://medium.com/@nehalrajesh10/ctf-walkthrough-grayboard-c5955fff6410?source=rss------bug_bounty-5Nehal Pillaictf, bug-bounty, ctf-walkthrough18-Nov-2024
Breaking into Bug Bounties: A Guide to Hunting Business Logic and BAC Vulnerabilities in B2B…https://thexssrat.medium.com/breaking-into-bug-bounties-a-guide-to-hunting-business-logic-and-bac-vulnerabilities-in-b2b-58a8f4a89711?source=rss------bug_bounty-5Thexssratidor-vulnerability, penetration-testing, bug-bounty, hacking, hacker18-Nov-2024
2FA simple bypasshttps://medium.com/@Laxious8848/2fa-simple-bypass-1eb82080b914?source=rss------bug_bounty-5Laxiousbug-bounty, web-application-security, web-penetration-testing, mfa-bypass, web-pentesting18-Nov-2024
Vietnamese Hackers Unleash PXA Stealer: Targeting Sensitive Data Across Europe and Asiahttps://medium.com/@wiretor/vietnamese-hackers-unleash-pxa-stealer-targeting-sensitive-data-across-europe-and-asia-2d0723c11ff1?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, ransomeware, xss-attack, hacking, bug-bounty17-Nov-2024
DEEPDATA Malware Exploits Fortinet Flaw to Steal VPN Credentialshttps://medium.com/@wiretor/deepdata-malware-exploits-fortinet-flaw-to-steal-vpn-credentials-2605280c2e8c?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomeware, xss-attack, bug-bounty, hacking, malware17-Nov-2024
Botnet Exploits GeoVision Zero-Day to Install Mirai Malwarehttps://medium.com/@wiretor/botnet-exploits-geovision-zero-day-to-install-mirai-malware-98ce1622dc21?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, bug-bounty, usa, malware, hacking17-Nov-2024
Comprehensive Guide to Exploitation Techniques for Bug Bounty Hunters: From Beginner to Advancedhttps://myselfakash20.medium.com/comprehensive-guide-to-exploitation-techniques-for-bug-bounty-hunters-from-beginner-to-advanced-b32001326b9e?source=rss------bug_bounty-5Akash Ghoshbug-bounty-writeup, exploitation, bug-bounty-tips, cybersecurity, bug-bounty17-Nov-2024
The $300 Journey from RFI to RCE that Changed Everythinghttps://medium.com/@dhabaleshward/the-300-journey-from-rfi-to-rce-that-changed-everything-2b4c00c05da0?source=rss------bug_bounty-5Dhabaleshwar Daspenetration-testing, bug-bounty, vulnerability, ethical-hacking, cybersecurity17-Nov-2024
How I Found open-redirect vulnerability using virus total?https://doordiefordream.medium.com/how-i-found-open-redirect-using-virus-total-460d721b9596?source=rss------bug_bounty-5balu bandibug-bounty-tips, ethical-hacking, bug-bounty, cybersecurity, vulnerability17-Nov-2024
Week 2: Hard Work Transforms into a 5-Digit Paydayhttps://mokhansec.medium.com/week-2-hard-work-transforms-into-a-5-digit-payday-8087819bccd9?source=rss------bug_bounty-5Mohsin khanbug-bounty-tips, bugs, cybersecurity, bug-bounty, bug-bounty-writeup17-Nov-2024
Exposing Open Redirect Vulnerabilities: JavaScript File Analysis in HTTP History Burp Suitehttps://medium.com/@gheeX/exposing-open-redirect-vulnerabilities-javascript-file-analysis-in-http-history-burp-suite-c64bd1c93c54?source=rss------bug_bounty-5Ghee1337bug-bounty-writeup, javascript, vulnerability, bug-bounty-tips, bug-bounty17-Nov-2024
XSS in Registration Form: A Bug Bounty Successhttps://medium.com/@ziadsakr/xss-in-registration-form-a-bug-bounty-success-6fb9450b0e66?source=rss------bug_bounty-5Ziad Sakrxss-bypass, xss-vulnerability, bug-bounty, xss-attack, firewall17-Nov-2024
8 Advanced Techniques For Novice Bug Bounty Huntershttps://bitpanic.medium.com/8-advanced-techniques-for-novice-bug-bounty-hunters-ab6110185e55?source=rss------bug_bounty-5Spectat0rguycybersecurity, information-security, cyber-security-awareness, bug-bounty, bug-bounty-tips17-Nov-2024
SQL injection vulnerability allowing login bypasshttps://medium.com/@kcaaditya976/sql-injection-vulnerability-allowing-login-bypass-1e9f7bd45adf?source=rss------bug_bounty-5Laxioussql, web-penetration-testing, web-pentesting, bug-bounty, sql-injection17-Nov-2024
Bug bounty Cheatsheethttps://medium.com/@shardulsawant67/bug-bounty-cheatsheet-b87d3250bc2e?source=rss------bug_bounty-5Shardul Sawantbug-bounty, bug-bounty-cheatsheet, web-penetration-testing, hacking, website-hacking17-Nov-2024
API Hacktics: Unveiling Vulnerabilities in Modern Web APIshttps://myselfakash20.medium.com/api-hacktics-unveiling-vulnerabilities-in-modern-web-apis-e41cc09a2b9d?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, cybersecurity, bug-bounty-writeup, bugs, bug-bounty17-Nov-2024
How to Find P4 Vulnerabilities and Information Disclosure Bugs | Step-by-Step Guide to All Key…https://medium.com/@shaikhminhaz1975/how-to-find-p4-vulnerabilities-and-information-disclosure-bugs-step-by-step-guide-to-all-key-6ba8fc84c882?source=rss------bug_bounty-5Shaikh Minhazpenetration-testing, how-to-find-bug, information-disclosure, ethical-hacking, bug-bounty17-Nov-2024
Hunting for Default Credentials: A Deeper Dive into the Toolkithttps://medium.com/@defaulty.io/hunting-for-default-credentials-a-deeper-dive-into-the-toolkit-2b3edde86f01?source=rss------bug_bounty-5Defaulty.iocybersecurity, information-security, hacking, bug-bounty, penetration-testing17-Nov-2024
FB OAuth Misconfigurationhttps://xsametyigit.medium.com/fb-oauth-misconfiguration-d6c2f5d067d8?source=rss------bug_bounty-5Samet Yiğitbug-bounty-writeup, bug-bounty-tips, bug-bounty17-Nov-2024
OWASP Top 10–2021 Tryhackme Writeuphttps://infosecwriteups.com/owasp-top-10-2021-tryhackme-writeup-56f2a04c895e?source=rss------bug_bounty-5Mukilan Baskarancybersecurity, bug-bounty, infosec, information-security, web-security17-Nov-2024
DOM XSS in document.write sink using source location.searchhttps://medium.com/@kcaaditya976/dom-xss-in-document-write-sink-using-source-location-search-cc0ba7b461c2?source=rss------bug_bounty-5Laxiousxss-attack, web-pen-testing, dom-xss, bug-bounty, xss-vulnerability17-Nov-2024
Who needs credentials, when you have the phone number…?https://medium.com/@thelazypentester/who-needs-credentials-when-you-have-the-phone-number-fc0c8f51b87e?source=rss------bug_bounty-5Jobsonidor, bug-bounty, hacking, cybersecurity, sensitive-information17-Nov-2024
API Hacktics: Unveiling Vulnerabilities in Modern Web APIshttps://osintteam.blog/api-hacktics-unveiling-vulnerabilities-in-modern-web-apis-e41cc09a2b9d?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, cybersecurity, bug-bounty-writeup, bugs, bug-bounty17-Nov-2024
Lemons: A Bug Bounty Analogyhttps://medium.com/@lixipluv/lemons-a-bug-bounty-analogy-ef427f514b2a?source=rss------bug_bounty-5Lixipluvlemon, introduction, bug-bounty16-Nov-2024
Race condition — can cause a flood of forgotten password verification SMS requestshttps://medium.com/@viperblitzz/race-condition-can-cause-a-flood-of-forgotten-password-verification-sms-requests-1775a375653d?source=rss------bug_bounty-5Viperblitzzbug-bounty-tips, bug-hunting, bug-bounty16-Nov-2024
Chaining CSRF and an Open-Redirect leads to sensitive information disclosurehttps://medium.com/@rvanwart_49640/chaining-csrf-and-an-open-redirect-leads-to-sensitive-information-disclosure-5915b24bc53b?source=rss------bug_bounty-5Raymond Van Wartbug-bounty, cybersecurity, web-application-security16-Nov-2024
Heroku Subdomain Takeoverhttps://xsametyigit.medium.com/heroku-subdomain-takeover-39b9f1ce7c4c?source=rss------bug_bounty-5Samet Yiğitbug-bounty-writeup, bug-bounty, subdomain-takeover, bug-bounty-tips16-Nov-2024
Secret OSINT Tricks to Dig Up Hidden Info Online!https://medium.com/@paritoshblogs/secret-osint-tricks-to-dig-up-hidden-info-online-5401ffdd9c89?source=rss------bug_bounty-5Paritoshbug-bounty, hacking, osint, cybersecurity, information-technology16-Nov-2024
Chaining CSRF and an Open-Redirect leads to sensitive information disclosurehttps://raymondv.medium.com/chaining-csrf-and-an-open-redirect-leads-to-sensitive-information-disclosure-5915b24bc53b?source=rss------bug_bounty-5Raymond Van Wartbug-bounty, cybersecurity, web-application-security16-Nov-2024
How I Helped Secure Millions of Users’ Medical Reports — Bug Bounty!https://kumarmohank889.medium.com/how-i-helped-secure-millions-of-users-medical-reports-bug-bounty-bccf61a8ecee?source=rss------bug_bounty-5Mohan Kumar Ncybersecurity, hacking, bug-bounty-tips, ethical-hacking, bug-bounty16-Nov-2024
Mastering Recon for Bug Hunters, Part 4: Advanced Strategies & Real-World Exampleshttps://myselfakash20.medium.com/mastering-recon-for-bug-hunters-part-4-advanced-strategies-real-world-examples-5de1a7aa7f84?source=rss------bug_bounty-5Akash Ghoshbugs, bug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips16-Nov-2024
Account takover via forget passwordhttps://medium.com/@amirreza.marzban/account-takover-via-forget-password-4ec6514f29ee?source=rss------bug_bounty-5AmirReza Marzbanbug-bounty, bug-bounty-writeup, hacking, account-takeover, bug-bounty-hunter16-Nov-2024
Account takover of an online casinohttps://bug-abdelilah.medium.com/account-takover-of-an-online-casino-e13987835266?source=rss------bug_bounty-5abdelilahbug-bounty, xss-attack, penetration-testing, cybersecurity, account-takeover16-Nov-2024
How Did I Get My First Collaboration Bounty Of $1000?https://medium.com/@pguru978/how-did-i-get-my-first-collaboration-bounty-of-1000-dc64ec02a6c7?source=rss------bug_bounty-5Guru Prasad Pattanaikbug-bounty, bug-bounty-writeup, ethical-hacking, cybersecurity, bug-bounty-tips16-Nov-2024
Exploiting Android Activities with Drozer: A Step-by-Step Guidehttps://medium.com/@ayushkumar12021987/exploiting-android-activities-with-drozer-a-step-by-step-guide-ebc9b564758d?source=rss------bug_bounty-5Ayush Kumarbug-bounty, pentesting, android, bug-bounty-writeup, security16-Nov-2024
How I Turned a Low Blind SSRF Into a Critical Vulnerability With Strategic Impact Escalationhttps://medium.com/@DrakenKun/how-i-turned-a-low-blind-ssrf-into-a-critical-vulnerability-with-strategic-impact-escalation-536505cc4352?source=rss------bug_bounty-5DrakenKunweb-security, pentesting, bug-bounty, ssrf, cybersecurity16-Nov-2024
Sensitive Data Exposure in a Moodle Config Filehttps://medium.com/@mrcix/sensitive-data-exposure-in-a-moodle-config-file-648ca3d54676?source=rss------bug_bounty-5mrci0x1bug-bounty, information-security, web-security16-Nov-2024
These Two Tools Helped Me Earn $40K in Bountieshttps://medium.com/@alwalxed/these-two-tools-helped-me-earn-40k-in-bounties-8c688b9deccd?source=rss------bug_bounty-5Awaosint, cybersecurity, bug-bounty, golang, tools16-Nov-2024
Bypass of Username Policy: Breaking the Rules with a Simple Trickhttps://medium.com/@mrcix/bypass-of-username-policy-breaking-the-rules-with-a-simple-trick-fcf7ce97925c?source=rss------bug_bounty-5mrci0x1bug-bounty-tips, penetration-testing, bug-bounty-writeup, web-security, bug-bounty16-Nov-2024
How Did I Get My First Collaboration Bounty Of $1000?https://cybersecuritywriteups.com/how-did-i-get-my-first-collaboration-bounty-of-1000-dc64ec02a6c7?source=rss------bug_bounty-5Guru Prasad Pattanaikbug-bounty, bug-bounty-writeup, ethical-hacking, cybersecurity, bug-bounty-tips16-Nov-2024
$500 Bounty for Account Takeover on European Bug Bounty Platformhttps://0vulns.medium.com/500-bounty-for-account-takeover-on-european-bug-bounty-platform-cd5af3edb1ec?source=rss------bug_bounty-50vulnscybersecurity, bug-bounty15-Nov-2024
HOW I HACKED BILLION ANDROID USERS SOCIAL AND 3rd PARTY ACCOUNT | A STORY ABOUT 5000$ BUG |…https://medium.com/@karthithehacker/how-i-hacked-billion-android-users-social-and-3rd-party-account-a-story-about-5000-bug-54d8b6ce75df?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, bugbounty-writeup15-Nov-2024
NahamStore CTF Çözümü: Web Güvenlik Açıklarıyla Bug Bounty Pratiğihttps://berkkahya0.medium.com/nahamstore-ctf-%C3%A7%C3%B6z%C3%BCm%C3%BC-web-g%C3%BCvenlik-a%C3%A7%C4%B1klar%C4%B1yla-bug-bounty-prati%C4%9Fi-a1b3d7133329?source=rss------bug_bounty-5Berk Kahyabug-bounty, tryhackme, nahamstore, ctf-writeup, cybersecurity15-Nov-2024
Simple RXSS di website insight.kontan.co.idhttps://medium.com/@0xRedFox29/simple-rxss-di-website-insight-kontan-co-id-cfb39dd64a3a?source=rss------bug_bounty-5kunx90bug-bounty-tips, bug-bounty15-Nov-2024
TAKEOVERhttps://medium.com/@mukkagopi50/takeover-16aa79977e6b?source=rss------bug_bounty-5Gopi Mukkaaccount-takeover-attacks, vulnerability, bug-bounty, takeovers15-Nov-2024
Server-Side Request Forgery (SSRF)https://medium.com/@mukkagopi50/server-side-request-forgery-ssrf-80d168fd82f7?source=rss------bug_bounty-5Gopi Mukkabug-bounty, vulnerability, ssrf15-Nov-2024
How to Test for DNS Zone Transfer Attackshttps://dineshpathro9.medium.com/how-to-test-for-dns-zone-transfer-attacks-bf7c604bb28a?source=rss------bug_bounty-5hunterbug-bounty, bug-bounty-writeup, hacking, bugs, bug-bounty-tips15-Nov-2024
How I Exploited a Vulnerability to Change a User’s Backup Email Address (Easy P1 vulnerability)https://medium.com/@hasap134/how-i-exploited-a-vulnerability-to-change-a-users-backup-email-address-easy-p1-vulnerability-f854041f8e91?source=rss------bug_bounty-5Beescocybersecurity, vulnerability, bug-bounty, bug-bounty-tips, bugs15-Nov-2024
Earn $5000 After Learning How to Bypass the Rate Limiting for API Bug Hunting .https://medium.com/@anandrishav2228/earn-5000-after-learning-how-to-bypass-the-rate-limiting-for-api-bug-hunting-89dc40289120?source=rss------bug_bounty-5Rishav anandapi, money, cybersecurity, bug-bounty, hacking-tools15-Nov-2024
TALE OF A VULNERABILITY WHICH LEADS TO ACCOUNT TAKEOVER OF GOVERNMENT ANDROID APPLICATIONhttps://medium.com/@karthithehacker/tale-of-a-vulnerability-which-leads-to-account-takeover-of-government-android-application-6f47a57b8cfb?source=rss------bug_bounty-5Karthikeyan.Vvapt, bug-bounty, android15-Nov-2024
Easy $20,160 bug from hackeronehttps://medium.com/@loaymorad11/easy-20-160-bug-from-hackerone-aeac67ce3e81?source=rss------bug_bounty-5Loaymoradcybersecurity, penetration-testing, bug-bounty, hackerone, bugbounty-writeup15-Nov-2024
How did I found Account Takeover Vulnerability on takeuforward.orghttps://rajukani100.medium.com/how-did-i-found-account-takeover-vulnerability-on-takeuforward-org-735630b4167c?source=rss------bug_bounty-5Raj Ukanihacking, cyber-security-awareness, bug-bounty, bug-bounty-writeup, developer15-Nov-2024
Today How to get $500 Bounty on HackerOne — P3https://medium.com/@bugbounty_learners/today-how-to-get-500-bounty-on-hackerone-p3-345fa44f76a3?source=rss------bug_bounty-5bugbounty_learnersbug-bounty-writeup, bugs, bug-bounty-tips, software-development, bug-bounty15-Nov-2024
My first bountyhttps://medium.com/@josuofficial327/my-first-bounty-fdddb7ef5611?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binupenetration-testing, ethical-hacking, bug-bounty-writeup, bug-bounty, bug-bounty-tips15-Nov-2024
These books will help to learn bug bounty & penetration testing and ethical hacking. Part 1 .https://osintteam.blog/these-books-will-help-to-learn-bug-bounty-penetration-testing-and-ethical-hacking-part-1-635781cd3aaa?source=rss------bug_bounty-5loyalonlytodaytips, books, hacking, bug-bounty, cybersecurity15-Nov-2024
Known Brands, Government Domains, and More Hijacked via Sitting Ducks Attacks!https://medium.com/@wiretor/known-brands-government-domains-and-more-hijacked-via-sitting-ducks-attacks-fddd61bd6105?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesusa, hacking, ransomware, malware, bug-bounty15-Nov-2024
New Glove Infostealer Malware Bypasses Chrome’s Cookie Encryption: A Growing Threathttps://medium.com/@wiretor/new-glove-infostealer-malware-bypasses-chromes-cookie-encryption-a-growing-threat-e4377ef1f2a7?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, programming, hacking15-Nov-2024
Critical Plugin Flaw Exposed 4 Million WordPress Websites to Takeoverhttps://medium.com/@wiretor/critical-plugin-flaw-exposed-4-million-wordpress-websites-to-takeover-7cf7b5984ab4?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesprogramming, ransomware, malware, bug-bounty, wordpress15-Nov-2024
CSRF leads to delete accounthttps://xsametyigit.medium.com/csrf-leads-to-delete-account-711dde21af1e?source=rss------bug_bounty-5Samet Yiğitbug-bounty-tips, bugbounty-writeup, bug-bounty15-Nov-2024
How I Got Access to an Admin Portal by Response Manipulationhttps://medium.com/@anonymousshetty2003/how-i-got-access-to-an-admin-portal-by-response-manipulation-d2abeec7ce58?source=rss------bug_bounty-5Anonymousshettycybersecurity, bug-bounty, bug-bounty-writeup, bug-bounty-tips, ethical-hacking15-Nov-2024
3 reflected XSS in one programhttps://xsametyigit.medium.com/3-reflected-xss-in-one-program-c50469c6d522?source=rss------bug_bounty-5Samet Yiğitbug-bounty-writeup, bug-bounty, bug-bounty-tips15-Nov-2024
New Script — Leakix CLI by VECERThttps://medium.com/@vecert/new-script-leakix-cli-by-vecert-68abbf35d08d?source=rss------bug_bounty-5VECERTpentesting, leakix, osint, bug-bounty15-Nov-2024
2 good tools for subdomain enumration.https://osintteam.blog/2-good-tools-for-subdomain-enumration-ca3ee36fbf81?source=rss------bug_bounty-5loyalonlytodaytips, hacking, bug-bounty, subdomains-enumeration, cybersecurity14-Nov-2024
Beginner's guide for Input Data Validation Checklisthttps://bitpanic.medium.com/beginners-guide-for-input-data-validation-checklist-2f9d5ef4a341?source=rss------bug_bounty-5Spectat0rguycybersecurity, information-technology, bug-bounty, cyber-security-awareness, bug-bounty-tips14-Nov-2024
Critical File Upload Vulnerabilities: Exploits and Mitigation Strategieshttps://medium.com/@security.tecno/critical-file-upload-vulnerabilities-exploits-and-mitigation-strategies-90230e8a31bf?source=rss------bug_bounty-5TECNO Securityblog, scurity, bug-bounty, hacking14-Nov-2024
Is HackerOne Support Service Degrading?https://medium.com/@abdulparkar/is-hackerone-support-service-degrading-cbfa6adc1027?source=rss------bug_bounty-5Abdul Rehman Parkarprogramming, hackerone, cybersecurity, ethical-hacking, bug-bounty14-Nov-2024
ISRO: YouTube Broken Link Hijackhttps://infosecwriteups.com/isro-youtube-broken-link-hijack-304a92001b47?source=rss------bug_bounty-5Dishant Modibug-bounty, bug-bounty-tips, broken-link, hall-of-fame, vulnerability14-Nov-2024
Helpful Resources for Bug Huntershttps://medium.com/meetcyber/helpful-resources-for-bug-hunters-53dbe011cdd4?source=rss------bug_bounty-5AbhirupKonwarethical-hacking, bug-bounty-tips, bug-bounty, pentesting, hacking14-Nov-2024
How i hacked NASA (WARNING: Dad Jokes)https://medium.com/@rootplinix/how-i-hacked-nasa-warning-dad-jokes-7424faec5790?source=rss------bug_bounty-5Abu Hurayrahacking, cybersecurity-awareness, bug-bounty, cybersecurity, bug-bounty-tips14-Nov-2024
Finding Security Design Flaw in a FAANG to later be ghosted by Recruiter: A funny Talehttps://medium.com/bug-bounty-hunting/finding-security-design-flaw-in-a-faang-to-later-be-ghosted-by-recruiter-a-funny-tale-73e73fb0d6aa?source=rss------bug_bounty-5Ronnie Josephgoogle, netflix, bug-bounty, cybersecurity, meta14-Nov-2024
AI in Bug Bounty Hunting: A Step-by-Step Tutorial for Beginnershttps://prakash888kpk.medium.com/ai-in-bug-bounty-hunting-a-step-by-step-tutorial-for-beginners-673e24aed66c?source=rss------bug_bounty-5Lets Unlearnmachine-learning, bug-bounty, bug-bounty-tips, ai, bug-bounty-writeup14-Nov-2024
How I Uncovered an SSRF Vulnerability in a Private HackerOne Programhttps://medium.com/@josuofficial327/how-i-uncovered-an-ssrf-vulnerability-in-a-private-hackerone-program-4c3146b414ff?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuethical-hacking, bugbounty-writeup, bug-bounty-tips, bug-bounty, bug-bounty-writeup14-Nov-2024
Basics of Stored XSS and Demohttps://medium.com/@kcaaditya976/basics-of-stored-xss-and-demo-d410714a77c0?source=rss------bug_bounty-5Laxiousbug-bounty, cybersecurity, bug-bounty-hunting, xss-attack, stored-xss14-Nov-2024
Bug Report: Broken Access Control in Google Photoshttps://medium.com/@abhinavsingwal/bug-report-broken-access-control-in-google-photos-d9c10ca8c472?source=rss------bug_bounty-5Abhinavsingwalgoogle-vulnerability, bug-bounty, google-bug-report, bug-report, google-photos-bug14-Nov-2024
My Journey to Drugs Hall of Fame in just 10 minuteshttps://medium.com/@bugbounty_learners/my-journey-to-drugs-hall-of-fame-in-just-10-minutes-dcd03240e42a?source=rss------bug_bounty-5bugbounty_learnersbug-bounty-tips, bug-bounty-writeup, bugs, web-development, bug-bounty14-Nov-2024
Mastering Reconnaissance Part 3: Unleashing Advanced Exploitation and Post-Recon Tacticshttps://myselfakash20.medium.com/mastering-reconnaissance-part-3-unleashing-advanced-exploitation-and-post-recon-tactics-b81369678040?source=rss------bug_bounty-5Akash Ghoshcybersecurity, bug-bounty-tips, bug-bounty-writeup, bugbounty-writeup, bug-bounty14-Nov-2024
CISA & FBI Confirm China Hacked Telecom Providers for Spying: What Does This Mean for Your…https://medium.com/@wiretor/cisa-fbi-confirm-china-hacked-telecom-providers-for-spying-what-does-this-mean-for-your-f523b2459c75?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, pentest, bug-bounty, malware, ransomeware14-Nov-2024
Idaho Man Sentenced to 10 Years for Hacking, Data Theft, and Extortionhttps://medium.com/@wiretor/idaho-man-sentenced-to-10-years-for-hacking-data-theft-and-extortion-003b243e419f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesprogramming, malware, bug-bounty, zero-day, hacking14-Nov-2024
Windows Zero-Day Exploited by Russia Triggered With File Drag-and-Drop, Delete Actionshttps://medium.com/@wiretor/windows-zero-day-exploited-by-russia-triggered-with-file-drag-and-drop-delete-actions-0dd82469e486?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, usa, hacking, bug-bounty, ransomware14-Nov-2024
Storm-1811’s Quick-Assist phishing could have been worsehttps://mrsheepsheep.medium.com/storm-1811s-quick-assist-phishing-could-have-been-worse-fd84e04b0daa?source=rss------bug_bounty-5Alexandre Souleaucybersecurity, xss-attack, bug-bounty, microsoft14-Nov-2024
Server-Side Request Forgery $(SSRF)$ allows internal ports scanninghttps://medium.com/h7w/server-side-request-forgery-ssrf-allows-internal-ports-scanning-ef7edf6534b7?source=rss------bug_bounty-5socalledhackerhacking, infosec, cybersecurity, bug-bounty-tips, bug-bounty14-Nov-2024
Bypass Rate-Limit via X-Forwarded-Forhttps://medium.com/@null.x.b1ty/bypass-rate-limit-via-x-forwarded-for-ea26c7a25a90?source=rss------bug_bounty-5Snoop-doghackerone, bug-bounty14-Nov-2024
How i Finded a easy dom xss.https://infosecwriteups.com/how-i-finded-a-easy-dom-xss-6499afc21b5d?source=rss------bug_bounty-5loyalonlytodaybug-bounty, tips, hacking, xss-attack, cybersecurity14-Nov-2024
SQL Injection: How I Secured Personal Information (PII) of 1.1M Job Seekershttps://infosecwriteups.com/sql-injection-how-i-secured-personal-information-pii-of-1-1m-job-seekers-7f7c55d11fbc?source=rss------bug_bounty-5brutexploitercybersecurity, software-engineering, bug-bounty, technology, programming14-Nov-2024
Exposing a Data Leak Vulnerability: My Journey to Discoveryhttps://infosecwriteups.com/exposing-a-data-leak-vulnerability-my-journey-to-discovery-d7222b48d81c?source=rss------bug_bounty-5Abhishek Bhujangsecurity, hacking, bug-hunting, ethical-hacking, bug-bounty14-Nov-2024
Discovering My First Vulnerability in a Few Minuteshttps://medium.com/@jagdishdammala/discovering-my-first-vulnerability-in-a-few-minutes-6bbc9419cbfc?source=rss------bug_bounty-5Jagdish Dammalabug-bounty14-Nov-2024
Account Takeover: How I Gained Access to Any User Account Through a Simple Registration Flawhttps://0d-amr.medium.com/account-takeover-how-i-gained-access-to-any-user-account-through-a-simple-registration-flaw-96f9f6bdc0ae?source=rss------bug_bounty-5Amrctf, pentesting, hacking, bug-bounty, security14-Nov-2024
Exploiting SSTI Vulnerability on an E-commerce Website: A Professional Walkthroughhttps://medium.com/@MianHammadx0root/exploiting-ssti-vulnerability-on-an-e-commerce-website-a-professional-walkthrough-6cc95afb2b38?source=rss------bug_bounty-5Mian Hammadbug-bounty, server-side, server-security, penetration-testing, ssti13-Nov-2024
How I Found an SQL Injection in coupon codehttps://medium.com/@gheeX/how-i-found-an-sql-injection-in-coupon-code-f31d6eb1a720?source=rss------bug_bounty-5Ghee1337bug-bounty, infosec, bug-bounty-tips, sql-injection, bug-bounty-writeup13-Nov-2024
Breaking In with Guest: My First Bug Bountyhttps://ghostman01.medium.com/guest-admin-a7c70aa10ddb?source=rss------bug_bounty-5SIDDHANT SHUKLAhacking, bug-bounty, bug-bounty-writeup, cybersecurity, bug-hunting13-Nov-2024
Introducing Loxs: The Ultimate Multi-Vulnerability Scanner for Web Applicationshttps://anishalx.medium.com/introducing-loxs-the-ultimate-multi-vulnerability-scanner-for-web-applications-907ed2b2004b?source=rss------bug_bounty-5Anish alxhacking-tools, python, pentesting, hacking, bug-bounty13-Nov-2024
1500$ Open Reduction Bug: Performed Restricted Actions in login pagehttps://medium.com/@bugbounty_learners/1500-open-reduction-bug-performed-restricted-actions-in-login-page-4194359c1fc2?source=rss------bug_bounty-5bugbounty_learnersbug-bounty-writeup, bug-bounty-tips, web-development, bug-bounty, open-redirect13-Nov-2024
Blind XSS Bug Hunting Methodologyhttps://osintteam.blog/blind-xss-bug-hunting-methodology-b997c37a9620?source=rss------bug_bounty-5AbhirupKonwarpentesting, cybersecurity, ethical-hacking, xss-attack, bug-bounty13-Nov-2024
A Deep Dive into Nmap Scripts for Web Application Testinghttps://systemweakness.com/a-deep-dive-into-nmap-scripts-for-web-application-testing-6a9b3a06995e?source=rss------bug_bounty-5Khaleel Khanhacking, nmap, infosec, bug-bounty, cybersecurity13-Nov-2024
SQL Injection UNION Attack, Retrieving Data from Other Tableshttps://medium.com/@marduk.i.am/sql-injection-union-attack-retrieving-data-from-other-tables-38f471813c57?source=rss------bug_bounty-5Marduk I Ambug-bounty, information-security, sql-injection, portswigger-lab, sqli13-Nov-2024
Easy Bug: How I Uncovered and Re-Exploited a Resolved Vulnerability from a Disclosed Reporthttps://medium.com/@cvjvqmmsm/easy-bug-how-i-uncovered-and-re-exploited-a-resolved-vulnerability-from-a-disclosed-report-ab2211a98b7b?source=rss------bug_bounty-5Barbarossabug-bounty, bugbounty-writeup13-Nov-2024
Common Mistakes in Coding: How to Avoid Themhttps://medium.com/@kharodawalam/common-mistakes-in-coding-how-to-avoid-them-9e5c881b0473?source=rss------bug_bounty-5Mohammed Kharodawalamistakes-to-avoid, bug-bounty, data-structure-algorithm, programming, software-development13-Nov-2024
Mobile Application Penetration Testing Checklisthttps://infosecwriteups.com/mobile-application-penetration-testing-checklist-460deadf3d9f?source=rss------bug_bounty-5Ajay Naikinformation-security, penetration-testing, information-technology, cybersecurity, bug-bounty13-Nov-2024
5 Golden Tips to Land Your First Job in Offensive Securityhttps://medium.com/@eran25670/5-golden-tips-to-land-your-first-job-in-offensive-security-e960b4215dc7?source=rss------bug_bounty-5Erancybersecurity, offensive-security, penetration-testing, bug-bounty-tips, bug-bounty13-Nov-2024
clickjacking: definição, impactos, mecanismo e prevençãohttps://medium.com/@Poystick/clickjacking-defini%C3%A7%C3%A3o-impactos-mecanismo-e-preven%C3%A7%C3%A3o-46e05a89614b?source=rss------bug_bounty-5Tarcísio Luchesihacking, bug-bounty, programação12-Nov-2024
Mastering Reconnaissance Part 2: Advanced Scanning, Content Discovery, and Automation for Bug…https://myselfakash20.medium.com/mastering-reconnaissance-part-2-advanced-scanning-content-discovery-and-automation-for-bug-8903a7c190a6?source=rss------bug_bounty-5Akash Ghoshbugbounty-writeup, bug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips12-Nov-2024
Your Guide to Web Reconnaissance: Mastering the Art of Information Gatheringhttps://medium.com/@secinfinitylabs/your-guide-to-web-reconnaissance-mastering-the-art-of-information-gathering-32dfee5f2deb?source=rss------bug_bounty-5Secinfinity Labsinformation-gathering, information-security, penetration-testing, bug-bounty-tips, bug-bounty12-Nov-2024
Top 10 Threat Actors of 2024https://medium.com/@alexandermr289/top-10-threat-actors-of-2024-4ac605357291?source=rss------bug_bounty-5Mr_alexanderosint, cybersecurity, bug-bounty, news, medium12-Nov-2024
Become a Writer for Cybersecurity Write-ups!https://cybersecuritywriteups.com/become-a-writer-for-cybersecurity-write-ups-3f1e780323a8?source=rss------bug_bounty-5Abdul Rehman Parkarbug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips, bugbounty-writeup12-Nov-2024
Showing Impact is Your friend (500$+500$ bounties)https://medium.com/@noureldin1042/showing-impact-is-your-friend-500-500-bounties-2ed87f3a64b7?source=rss------bug_bounty-5Noureldin(0x_5wf)programming-languages, bug-bounty, bug-bounty-tips, programming, bug-bounty-writeup12-Nov-2024
Exploring docker-compose.yaml leads to sensitive disclosurehttps://medium.com/@raituzki/exploring-docker-compose-yaml-leads-to-sensitive-disclosure-1feaa3d3317f?source=rss------bug_bounty-5Muhamad Raidinoor Pashahacking, bug-bounty-tips, docker, yaml, bug-bounty12-Nov-2024
How I hacked 100 hackershttps://corneacristian.medium.com/how-i-hacked-100-hackers-5c3c313e8a1a?source=rss------bug_bounty-5Cristian Corneabug-bounty, intelligence, hacking, cybersecurity, penetration-testing12-Nov-2024
Bug Bounty | Here’s Why Your Way To Success Doesn’t Lie In Learninghttps://medium.com/@sM0ky4/bug-bounty-heres-why-your-way-to-success-doesn-t-lie-in-learning-bc72d4000b88?source=rss------bug_bounty-5sM0ky4cybersecurity, bug-bounty-tips, bug-bounty, time-management12-Nov-2024
How Can You Be Sure That Ethical Hackers Are TRULY Ethical?https://medium.com/@hackrate/how-can-you-be-sure-that-ethical-hackers-are-truly-ethical-17ee0fcc6058?source=rss------bug_bounty-5Hackratebug-bounty, ethical-hacking, hacking, penetration-testing, cybersecurity12-Nov-2024
HTTP Desync Attack (Request Smuggling) - Mass Account Takeoverhttps://medium.com/@bugbounty_learners/http-desync-attack-request-smuggling-mass-account-takeover-0292fcc8c4a4?source=rss------bug_bounty-5bugbounty_learnersbug-bounty, web-development, bug-bounty-tips, bug-bounty-writeup, bugs12-Nov-2024
Complete Guide to Securing Web Applications on Ports 80 and 443https://medium.com/@verylazytech/complete-guide-to-securing-web-applications-on-ports-80-and-443-a123def0b82c?source=rss------bug_bounty-5Very Lazy Techowasp-top-10, web-application-security, bug-bounty, penetration-testing, web-security12-Nov-2024
Advanced Techniques for Bypassing Web Filters: A Practical Guide to Identifying and Exploiting XSS…https://thexssrat.medium.com/advanced-techniques-for-bypassing-web-filters-a-practical-guide-to-identifying-and-exploiting-xss-f6cadeedf9ca?source=rss------bug_bounty-5Thexssrathacks, bug-bounty, penetration-testing, xss-attack, hacking12-Nov-2024
M3 — Insecure Authentication/Authorizationhttps://medium.com/@tamires.scruz/m3-insecure-authentication-authorization-cedf6e94d1ce?source=rss------bug_bounty-5Tamy Angelbug-bounty, owasp, pentesting, android, cybersecurity12-Nov-2024
SHODAN Cheat Sheet — A Comprehensive Guide to Shodan: The Search Engine for Hackershttps://medium.com/@iamshafayat/shodan-cheat-sheet-a-comprehensive-guide-to-shodan-the-search-engine-for-hackers-451b403f328f?source=rss------bug_bounty-5Shafayat Ahmed Alifcheatsheet, shodan, cybersecurity, ethical-hacking, bug-bounty12-Nov-2024
Exploiting Server-Side Template Injection (SSTI) with a Custom Exploit: PortSwigger Lab Walkthroughhttps://medium.com/@0xA4zOo0/exploiting-server-side-template-injection-ssti-with-a-custom-exploit-portswigger-lab-walkthrough-a661d5c47001?source=rss------bug_bounty-5A Z Obug-bounty, ssti, hacking12-Nov-2024
Complete Guide to pentesting Web Applications on Ports 80 and 443https://medium.com/@verylazytech/complete-guide-to-securing-web-applications-on-ports-80-and-443-a123def0b82c?source=rss------bug_bounty-5Very Lazy Techowasp-top-10, web-application-security, bug-bounty, penetration-testing, web-security12-Nov-2024
How I Hijacked an Abandoned Twitter Account and Why Broken Link Hijacking Mattershttps://medium.com/@anonymousshetty2003/how-i-hijacked-an-abandoned-twitter-account-and-why-broken-link-hijacking-matters-0128e0f562c8?source=rss------bug_bounty-5Anonymousshettyethical-hacking, broken-link-hijacking, cybersecurity, bug-bounty12-Nov-2024
How AI is Making Bug Bounties More Accessible for New Hackershttps://pointlessai.medium.com/how-ai-is-making-bug-bounties-more-accessible-for-new-hackers-726f9a058eac?source=rss------bug_bounty-5PointlessAIbug-bounty-tips, ai, bug-bounty, vulnerability-management12-Nov-2024
How I Discovered a Private Key Leak on a Company’s Subdomainhttps://medium.com/@anonymousshetty2003/how-i-discovered-a-private-key-leak-on-a-companys-subdomain-929100e7a561?source=rss------bug_bounty-5Anonymousshettybug-bounty, cybersecurity, ethical-hacking12-Nov-2024
Top Cybersecurity Tools Every Professional Should Knowhttps://medium.com/@paritoshblogs/top-cybersecurity-tools-every-professional-should-know-0aff34558518?source=rss------bug_bounty-5Paritoshinformation-security, chatgpt, bug-bounty, cybersecurity, hacking12-Nov-2024
North Korean Hackers Use Flutter Apps to Evade macOS Securityhttps://medium.com/@wiretor/north-korean-hackers-use-flutter-apps-to-evade-macos-security-e22221dd9696?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicespentesting, malware, bug-bounty, ransomware, hacking12-Nov-2024
Massive Data Breach Affects Millions of Hot Topic Customershttps://medium.com/@wiretor/massive-data-breach-affects-millions-of-hot-topic-customers-b03fe562e0f7?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicespentesting, malware, bug-bounty, ransomware12-Nov-2024
Form I-9 Compliance Data Breach Impacts Over 190,000 Peoplehttps://medium.com/@wiretor/form-i-9-compliance-data-breach-impacts-over-190-000-people-adee0a89694c?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, malware, hacking, bug-bounty, pentesting12-Nov-2024
Finding more infromation about a email using a osint tool.https://osintteam.blog/finding-more-infromation-about-a-email-using-a-osint-tool-d557a0579414?source=rss------bug_bounty-5loyalonlytodaycybersecurity, osint, bug-bounty, hacking, osint-investigation12-Nov-2024
️‍♂️Recon For New Bug bounty Hunters — Short Storyhttps://sud-defcon.medium.com/%EF%B8%8F-%EF%B8%8Frecon-for-new-bug-bounty-hunters-short-story-2992e780fbbb?source=rss------bug_bounty-5Sudarshan Patelreconnaissance, bug-bounty-tips, bug-bounty, recon, bug-bounty-writeup12-Nov-2024
Hacking Knowledge Around The Corner. From Where To Learn Hacking Skills?https://medium.com/meetcyber/hacking-knowledge-around-the-corner-c2a48214d052?source=rss------bug_bounty-5NnFacecybersecurity, kali-linux, bug-bounty, hacking, knowledge12-Nov-2024
Volt Typhoon Botnet Rebuilds After FBI Crackdownhttps://medium.com/@wiretor/volt-typhoon-botnet-rebuilds-after-fbi-crackdown-e23a74459ff6?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, programming, malware, ransomeware, bug-bounty12-Nov-2024
Extract full photos/videos database from any locked Google Pixel phonehttps://medium.com/@rus1r105/extract-full-photos-videos-database-from-any-locked-google-pixel-phone-be6da35ad93d?source=rss------bug_bounty-5rus1r105cybersecurity, android, google-vrp, bug-bounty, writeup11-Nov-2024
How I Found an HTML Injection in Email Vulnerability on Samsung, Leading to a $$$$ Paydayhttps://cybersecuritywriteups.com/how-an-html-injection-vulnerability-in-samsung-emails-led-to-a-payday-3dcfccc12a36?source=rss------bug_bounty-5Taha Diwanbug-bounty, cybersecurity, ethical-hacking, penetration-testing, web-penetration-testing11-Nov-2024
[2024 Thanksgiving] Security Technology Research Writing Activityhttps://medium.com/@security.tecno/2024-thanksgiving-security-technology-research-writing-activity-325e4b0fd9c8?source=rss------bug_bounty-5TECNO Securitywriting, research, bug-bounty, security11-Nov-2024
Hacking Active Directory and Earn upto $30,000.https://medium.com/@anandrishav2228/hacking-active-directory-and-earn-upto-30-000-9561858a3c8f?source=rss------bug_bounty-5Rishav anandbug-bounty, active-directory, money, hacking, cybersecurity11-Nov-2024
Recon JavaScript Files with Rarely Encountered Techniqueshttps://zucki.medium.com/recon-javascript-files-with-rarely-encountered-techniques-5882a3ad1955?source=rss------bug_bounty-5Marzuckibug-bounty, automation, recon, automation-testing, javascript11-Nov-2024
#Task 20 - HTTP Request Sumgling — Basics & Types -> Only for Bignershttps://medium.com/@bugbounty_learners/task-1-http-request-sumgling-basics-types-only-for-bigners-2157461dca3e?source=rss------bug_bounty-5bugbounty_learnerscybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty, web-development11-Nov-2024
GetSimpleCMS CSRF | Parol Dəyişdirmə Funksiyasında Tapdığım CSRF boşluğuhttps://zeynalxan.medium.com/getsimplecms-csrf-parol-d%C9%99yi%C5%9Fdirm%C9%99-funksiyas%C4%B1nda-tapd%C4%B1%C4%9F%C4%B1m-csrf-bo%C5%9Flu%C4%9Fu-8786c125453e?source=rss------bug_bounty-5Zeynalxan Quliyevcsrf-attack, csrf, ato, bug-bounty, cybersecurity11-Nov-2024
PRE-ACCOUNT TAKEOVER through Oauth misconfiguration on a mailing websitehttps://infosecwriteups.com/pre-account-takeover-through-misconfigured-oauth-on-a-mailing-website-b906a5c118e9?source=rss------bug_bounty-5Harishcybersecurity, ethical-hacking, cyber-security-awareness, bug-bounty-tips, bug-bounty11-Nov-2024
Jumping into Bug Bounty Automationhttps://bitpanic.medium.com/jumping-into-bug-bounty-automation-4739abdb6d15?source=rss------bug_bounty-5Spectat0rguyinformation-security, cybersecurity, bug-bounty, information-technology, infosec11-Nov-2024
Won’t Fix Vulnerabilities in Google Colabhttps://0xjin.medium.com/wont-fix-vulnerabilities-in-google-colab-fcd3b6581746?source=rss------bug_bounty-50xJinbug-bounty, bug-bounty-writeup, google, bug-bounty-tips11-Nov-2024
Exposing the Dark Side of Google Dorks: How I Extracted Millions of Emails.https://pwndecoco.medium.com/exposing-the-dark-side-of-google-dorks-how-i-extracted-millions-of-emails-0fe0f7f6db8b?source=rss------bug_bounty-5Pwndec0c0hacking, cybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty11-Nov-2024
Server-Side Template Injection in an Unknown Language with a Documented Exploit — SSTI…https://medium.com/@rcxsecurity/server-side-template-injection-in-an-unknown-language-with-a-documented-exploit-ssti-de01a069b946?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Caféhacking, information-security, pentesting, bug-bounty, cybersecurity11-Nov-2024
P4 bug’s and their POC steps | Part 7 | $Easy Money$https://medium.com/h7w/p4-bugs-and-their-poc-steps-part-7-easy-money-d7cb9270f539?source=rss------bug_bounty-5socalledhackerinfosec, hacking, cybersecurity, bug-bounty-tips, bug-bounty11-Nov-2024
How I Found a Critical 9.8 Bug — Directory Listing leads to Critical P1 Exposure of PII and morehttps://medium.com/@enigma_/how-i-found-a-critical-9-8-9c4d14d82e20?source=rss------bug_bounty-5enigmaowasp, bug-bounty, directory-listing, ethical-hacking, hacker10-Nov-2024
Addressing OWASP Top 10 Vulnerabilities: Why You Need Wire Tor’s Pentesting Serviceshttps://medium.com/@wiretor/addressing-owasp-top-10-vulnerabilities-why-you-need-wire-tors-pentesting-services-5d2f374c3f22?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbreached, hacking, usa, bug-bounty, malware10-Nov-2024
How I was able to inject my malicious link in Email Confirmation Link ( Link Injection / Open…https://infosecwriteups.com/how-i-able-to-inject-my-malicious-link-in-email-confirmation-link-link-injection-open-redirect-dbf95075f89c?source=rss------bug_bounty-5Abdul Rehman Parkarcybersecurity, bug-bounty-writeup, infosec-write-ups, ethical-hacking, bug-bounty10-Nov-2024
Mastering Reconnaissance: The Ultimate Guide for Bug Hunters (Part 1)https://myselfakash20.medium.com/mastering-reconnaissance-the-ultimate-guide-for-bug-hunters-part-1-b91a2367ee65?source=rss------bug_bounty-5Akash Ghoshbug-bounty-writeup, bug-bounty, bug-bounty-tips, recon, bugbounty-writeup10-Nov-2024
Week 1: Documenting My Journey as a Full-Time Bug Hunterhttps://mokhansec.medium.com/week-1-documenting-my-journey-as-a-full-time-bug-hunter-fbe1bbefeb79?source=rss------bug_bounty-5Mohsin khanbugs, bug-bounty-tips, bug-bounty-writeup, bug-bounty10-Nov-2024
From P5(Informational)to Medium(P3) : How I was able to achieve it it in Dept of Defense VDP?https://medium.com/@tirqwork1/from-p5-informational-to-medium-p3-how-i-was-able-to-achieve-it-it-in-dept-of-defense-vdp-76e5eda28b5a?source=rss------bug_bounty-5ARoyus-dept-of-defense, data-protection, hackerone, bug-bounty, cybersecurity10-Nov-2024
From System Administrator to Bug Bounty Hunter: A Journey into Web Securityhttps://medium.com/@zero_4583/from-system-administrator-to-bug-bounty-hunter-a-journey-into-web-security-9b37bb52dde2?source=rss------bug_bounty-5Nathan Vincentapp-security, learning-to-code-journey, bug-bounty, secure-coding10-Nov-2024
How I was able to inject malicious link in Email Confirmation Link ( Link Injection / Open…https://cybersecuritywriteups.com/how-i-able-to-inject-my-malicious-link-in-email-confirmation-link-link-injection-open-redirect-dbf95075f89c?source=rss------bug_bounty-5Abdul Rehman Parkarcybersecurity, bug-bounty-writeup, infosec-write-ups, ethical-hacking, bug-bounty10-Nov-2024
How a Unique Combination Opened the Door to an IDORhttps://infosecwriteups.com/how-a-unique-combination-opened-the-door-to-an-idor-f44a3efe51e8?source=rss------bug_bounty-5Supun Halangoda (Suppa)cybersecurity, bug-bounty-writeup, bug-bounty-tips, secure-coding, bug-bounty10-Nov-2024
POC — CVE-2024–10914 Command Injection Vulnerability in `name` parameter for D-Link NAShttps://medium.com/@verylazytech/poc-cve-2024-10914-command-injection-vulnerability-in-name-parameter-for-d-link-nas-194e70f68120?source=rss------bug_bounty-5Very Lazy Techcommand-injection, cybersecurity, cve-2024-10914, bug-bounty, remote-code-execution10-Nov-2024
CRLF Injection Zero to Masterhttps://medium.com/@bugbounty_learners/crlf-injection-zero-to-master-17a93afc33a3?source=rss------bug_bounty-5bugbounty_learnersbug-bounty-tips, bug-bounty-writeup, bug-bounty, software-development, web-development10-Nov-2024
Possible subdomain takeovers gives me 1000 dollarshttps://medium.com/lucky-vulnerabilities/possible-subdomain-takeovers-gives-me-1000-dollars-9f3ad682ddce?source=rss------bug_bounty-5Lucky Vulnerabilitiesbug-bounty, bug-bounty-tips, bug-hunting, updates, news10-Nov-2024
HackTheBox: Information Gatheringhttps://medium.com/@rodripadisec/hackthebox-information-gathering-7af3526f13f5?source=rss------bug_bounty-5pad1ryoshireconnaissance, web3, hackthebox-academy, hackthebox, bug-bounty10-Nov-2024
Understanding Common Windows Commands and How Threat Actors Use Them:https://medium.com/@wtrentond/understanding-common-windows-commands-and-how-threat-actors-use-them-34298408e163?source=rss------bug_bounty-5Trent Wtech, cybersecurity, microsoft, bug-bounty, technology10-Nov-2024
Double Race Condition : Breaking Ruleshttps://sayedv2.medium.com/double-race-condition-breaking-rules-88850372afb8?source=rss------bug_bounty-5Mohamed Sayedcybersecurity, bugbounty-writeup, race-condition, bugbounty-tips, bug-bounty10-Nov-2024
Ethical Hacking — How It Helps Prevent Cyber Attackshttps://medium.com/@RocketMeUpCybersecurity/ethical-hacking-how-it-helps-prevent-cyber-attacks-41d3d791c7c9?source=rss------bug_bounty-5RocketMe Up Cybersecurityethical-hacking, bug-bounty, cyberattack, penetration-testing, vulnerability-assessment10-Nov-2024
Hackers Evade Detection with New ZIP File Concatenation Technique!https://medium.com/@wiretor/hackers-evade-detection-with-new-zip-file-concatenation-technique-3bd29544f96e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransom, bug-bounty, hacking, pentesting, malware10-Nov-2024
HackTheBox: Information Gatheringhttps://pad1ryoshi.medium.com/hackthebox-information-gathering-7af3526f13f5?source=rss------bug_bounty-5pad1ryoshireconnaissance, web3, hackthebox-academy, hackthebox, bug-bounty10-Nov-2024
30 Books To Learn H@ackinghttps://osintteam.blog/30-books-to-learn-h-acking-2911c57f148c?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitprogramming, bug-bounty, books, technology, hacking10-Nov-2024
Understanding Common Windows Commands and How Threat Actors Use Them:https://medium.com/@wtrentond/understanding-common-windows-commands-and-how-threat-actors-use-them-34298408e163?source=rss------bug_bounty-5Trent Wtech, artificial-intelligence, cybersecurity, bug-bounty, technology10-Nov-2024
Possible subdomain takeovers gives me 1000 dollarshttps://medium.com/lucky-vulnerabilities/possible-subdomain-takeovers-gives-me-1000-dollars-9f3ad682ddce?source=rss------bug_bounty-5Lucky Vulnerabilitiesbug-bounty, bug-bounty-tips, bug-hunting, updates, news10-Nov-2024
BugBounty — Mastering the Basics (along with Resources)[Part-3]https://medium.com/@iabhipathak/bugbounty-mastering-the-basics-along-with-resources-part-3-1619f6854e20?source=rss------bug_bounty-5Abhinav Pathaksecurity, privacy, cybersecurity, hacking, bug-bounty09-Nov-2024
Analyzing JavaScript Files for Retrieving Admin Credentialshttps://medium.com/@abdullah12987654/analyzing-javascript-files-for-retrieving-admin-credentials-0c6f25ff507a?source=rss------bug_bounty-5Abdullahweb-vulnerabilities, pentesting, cyber-security-services, hacking, bug-bounty09-Nov-2024
IDOR and Excessive Data Exposure in Mobile Application — The Tale of an IDOR # 02https://medium.com/@abdullah12987654/idor-and-excessive-data-exposure-in-mobile-application-9bab953ea2b6?source=rss------bug_bounty-5Abdullahbug-bounty, idor-vulnerability, hacking, cyber-security-services, pentesting09-Nov-2024
Username restrictions bypass on Hackerone programhttps://medium.com/@bugbounty_learners/username-restrictions-bypass-on-hackerone-program-61f4c8ff8b44?source=rss------bug_bounty-5bugbounty_learnersbug-bounty-writeup, bug-bounty, bug-zero, bug-bounty-tips, bugs09-Nov-2024
API Security Penetration Testing Checklisthttps://infosecwriteups.com/api-security-testing-penetration-testing-checklist-bb2969906ec1?source=rss------bug_bounty-5Ajay Naikinfosec, information-security, information-technology, bug-bounty, cybersecurity09-Nov-2024
how i found 3 open redirect bugs on hackerone public program?https://doordiefordream.medium.com/how-i-found-3-open-redirect-bugs-on-hackerone-public-program-d6f75850996b?source=rss------bug_bounty-5balu bandiethical-hacking, hacking, cybersecurity, vulnerability, bug-bounty09-Nov-2024
How I Accidentally Found a ‘Cache Magic Trick’ — aka Unauthenticated PURGE on Varnish (Hold My…https://medium.com/@mayankmalaviya3/how-i-accidentally-found-a-cache-magic-trick-aka-unauthenticated-purge-on-varnish-hold-my-5e13e5056618?source=rss------bug_bounty-5Mayank Malaviya (Aiwolfie)bug-bounty, unauthenticated-purge, penetration-testing, security, unauthenticated09-Nov-2024
“Hack Smarter, Not Harder: Google Dorks for Fast Bug Hunting and Recon”https://myselfakash20.medium.com/hack-smarter-not-harder-google-dorks-for-fast-bug-hunting-and-recon-3029a4004cfd?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, bugs, bug-bounty, bug-bounty-writeup09-Nov-2024
John the Ripper in Cybersecurityhttps://infosecwriteups.com/john-the-ripper-in-cybersecurity-46c8f5c3a99f?source=rss------bug_bounty-5Ajay Naikcybersecurity-training, cybersecurity, bug-bounty, information-technology, penetration-testing09-Nov-2024
Predicting Cyber Threats: Can We Use Threat Intelligence to Forecast Attacks Like Weather?https://medium.com/@paritoshblogs/predicting-cyber-threats-can-we-use-threat-intelligence-to-forecast-attacks-like-weather-4f57175b25ec?source=rss------bug_bounty-5Paritoshinformation-technology, bug-bounty, hacking, threat-intelligence, cybersecurity09-Nov-2024
Critical Vulnerabilities in Aruba Access Points: What You Need to Know!https://medium.com/@wiretor/critical-vulnerabilities-in-aruba-access-points-what-you-need-to-know-7053d6349bf1?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicespentesting, malware, bug-bounty, ransomware, hacking09-Nov-2024
D-Link Exposes 60,000+ NAS Devices to Unpatched Critical Flawhttps://medium.com/@wiretor/d-link-exposes-60-000-nas-devices-to-unpatched-critical-flaw-c06b62cf67e9?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, hacking, xss-attack, malware, bug-bounty09-Nov-2024
Critical Veeam RCE Vulnerability Exploited in New Frag Ransomware Attackshttps://medium.com/@wiretor/critical-veeam-rce-vulnerability-exploited-in-new-frag-ransomware-attacks-ae75d32f6bb0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, malware, ransomware, xss-attack09-Nov-2024
Palo Alto Networks Warns of Potential PAN-OS RCE Vulnerability! ️https://medium.com/@wiretor/palo-alto-networks-warns-of-potential-pan-os-rce-vulnerability-%EF%B8%8F-148d8b8da5a9?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, xss-attack, malware, hacking, ransomware09-Nov-2024
How to Integrate Artificial Intelligence in Bug Bounty?https://bitpanic.medium.com/how-to-integrate-artificial-intelligence-in-bug-bounty-fab592ae6c80?source=rss------bug_bounty-5Spectat0rguybug-bounty, cybersecurity, ai, penetration-testing09-Nov-2024
My Obsidian Setuphttps://cybersechemmars.medium.com/my-obsidian-setup-b3e96516feaa?source=rss------bug_bounty-5Cybersec with Hemmarsnotetaking, cybersecurity, notes, bug-bounty, obsidian09-Nov-2024
Broken Authentication: Full Methodology for Identifying and Exploiting Vulnerabilitieshttps://dineshpathro9.medium.com/broken-authentication-full-methodology-for-identifying-and-exploiting-vulnerabilities-63a55c3d4399?source=rss------bug_bounty-5hunterbug-zero, bug-bounty, bugs, bug-bounty-tips, bug-bounty-writeup09-Nov-2024
Advanced Techniques for CSRF (Cross-Site Request Forgery) Attacks: A Full Methodology Guidehttps://dineshpathro9.medium.com/advanced-techniques-for-csrf-cross-site-request-forgery-attacks-a-full-methodology-guide-8db29faecc01?source=rss------bug_bounty-5hunterbug-bounty-tips, csrf, bug-zero, bugs, bug-bounty09-Nov-2024
CVE-2023–27350 : PaperCut Tryhackme Write uphttps://jawstar.medium.com/cve-2023-27350-papercut-tryhackme-write-up-2237fe48d3a7?source=rss------bug_bounty-5Jawstartechnology, bug-bounty, tryhackme, software-development, cybersecurity09-Nov-2024
Escalating RXSS with HttpOnly SameSite Session Cookieshttps://medium.com/@dhakatedeep909/escalating-rxss-with-httponly-samesite-session-cookies-a1ba3b9e50c1?source=rss------bug_bounty-5Deep Dhakate AKA intrud3rcybersecurity, hacking, bug-bounty09-Nov-2024
RCE by finding secret hidden files via Encryption and hashinghttps://medium.com/@karim.engmohamed/%D8%A7%D9%84%D8%B3%D9%84%D8%A7%D9%85-%D8%B9%D9%84%D9%8A%D9%83%D9%85-e37717c23cfd?source=rss------bug_bounty-5Karim Mohamedhacker, cybersecurity, hackerone, bug-bounty, bug-bounty-tips09-Nov-2024
Fast Setup Mobile Apps Pentest With Burpsuite And memuhttps://zucki.medium.com/fast-setup-mobile-apps-pentest-with-burpsuite-and-memu-567d661b6bb9?source=rss------bug_bounty-5Marzuckiandroid-pentesting, android, pentesting, mobile-apps, bug-bounty08-Nov-2024
Why is recon so very important? API key exposure by only reconhttps://medium.com/@karim.engmohamed/why-is-recon-so-very-important-api-key-exposure-by-only-recon-f8aff4ab1ac3?source=rss------bug_bounty-5Karim Mohamedcybersecurity, hacking, bug-bounty-tips, bug-bounty, bug-bounty-writeup08-Nov-2024
Advanced Google Dorking Techniques for Bug Bounty Hunting: Finding Responsible Disclosure Programs…https://dineshpathro9.medium.com/advanced-google-dorking-techniques-for-bug-bounty-hunting-finding-responsible-disclosure-programs-5a00a0d9d0e9?source=rss------bug_bounty-5DiNeSh_PaThRobug-bounty, bugbounty-writeup, web-app-security, dorks, bug-bounty-tips08-Nov-2024
Metasploit Guide :- Main weapon of Hackershttps://medium.com/@anandrishav2228/metasploit-guide-main-weapon-of-hackers-a791e72df686?source=rss------bug_bounty-5Rishav anandmetasploit, cybersecurity, money, hacker, bug-bounty08-Nov-2024
SQL Injection UNION Attack, Finding a Column Containing Texthttps://medium.com/@marduk.i.am/sql-injection-union-attack-finding-a-column-containing-text-ee28ff48eb30?source=rss------bug_bounty-5Marduk I Amsqli, portswigger-lab, bug-bounty, infosec, sql-injection08-Nov-2024
What to Do After Choosing a Bug Bounty Target? Part 2 | Bug Bounty Guidehttps://medium.com/@js8971105/what-to-do-after-choosing-a-bug-bounty-target-part-2-bug-bounty-guide-811affb17572?source=rss------bug_bounty-5cyberghostinfo-sec-writeups, ethical-hacking, reconnaissance-techniques, bug-bounty, cybersecurity08-Nov-2024
CyberDef Dokumentasi | Time-Based Blind SQLIhttps://hack4funacademy.medium.com/cyberdef-dokumentasi-time-based-blind-sqli-7db756ddf2ad?source=rss------bug_bounty-5Hack4Fun Academybug-bounty, hacking, cybersecurity08-Nov-2024
Finding My First Bug: The Power of Understanding Website Logic ‍♀️https://medium.com/@mahdisalhi0500/finding-my-first-bug-the-power-of-understanding-website-logic-%EF%B8%8F-4197dd08cf29?source=rss------bug_bounty-5CaptinSHArky(Mahdi)infosec, bug-bounty, bug-bounty-tips, ethical-hacking, information-security08-Nov-2024
How to Get Started in Web App Bug Bounty: Practical Steps to Keep You Motivated! ️‍♂️https://medium.com/@soorajv910/how-to-get-started-in-web-app-bug-bounty-practical-steps-to-keep-you-motivated-%EF%B8%8F-%EF%B8%8F-c6c1507c84fd?source=rss------bug_bounty-5sooraj vhacking, bug-bounty, bugcrowd, bug-bounty-tips, hackerone08-Nov-2024
How i earned easy$$$ by deleting user comments on any posthttps://medium.com/thedeephub/how-i-earned-easy-by-deleting-user-comments-on-any-post-c2e226f2157a?source=rss------bug_bounty-5Le_Merdienpentesting, cybersecurity, bug-bounty, penetration-testing, hacker08-Nov-2024
“XSS ve Context Örnekleri”https://medium.com/@sgzldmrc/xss-ve-context-%C3%B6rnekleri-6ba2bc976c1f?source=rss------bug_bounty-5Serdar Güzeldemircixss-attack, bug-bounty, cyber-security-awareness, xss-bypass08-Nov-2024
How to Prepare for the OSEP Roadmap — A Comprehensive Guide for Cybersecurity Professionalshttps://medium.com/@verylazytech/how-to-prepare-for-the-osep-roadmap-a-comprehensive-guide-for-cybersecurity-professionals-f3fecede5919?source=rss------bug_bounty-5Very Lazy Techhacking, ethical-hacking, bug-bounty, osep, cybersecurity08-Nov-2024
20 Open Redirect Bugs in Few Minuteshttps://systemweakness.com/20-open-redirect-bugs-in-few-minutes-c9fdabf75642?source=rss------bug_bounty-5AbhirupKonwarpentesting, bug-bounty, bug-bounty-tips, cybersecurity, vulnerability08-Nov-2024
Web App Fingerprinting in 9 Stepshttps://bitpanic.medium.com/web-app-fingerprinting-in-9-steps-5b86615b56f7?source=rss------bug_bounty-5Spectat0rguybug-bounty, cybersecurity, bugbounty-tips08-Nov-2024
Email HTML injection with a simple tiphttps://medium.com/@mohamed.yasser442200/email-html-injection-with-a-simple-tip-aeab346fbefc?source=rss------bug_bounty-5Spider4bug-bounty, hunting, bugcrowd, cybersecurity, pentesting08-Nov-2024
Unpatched Vulnerabilities in Mazda Infotainment Systems Pose Serious Security Riskshttps://medium.com/@wiretor/unpatched-vulnerabilities-in-mazda-infotainment-systems-pose-serious-security-risks-b634ae8883d8?source=rss------bug_bounty-5WIRE TORbug-bounty, malware, ransomware, hacking, pentesting08-Nov-2024
Texas Oilfield Supplier Newpark Resources Hit by Ransomware Attackhttps://medium.com/@wiretor/texas-oilfield-supplier-newpark-resources-hit-by-ransomware-attack-fc374aa6b8dc?source=rss------bug_bounty-5WIRE TORbug-bounty, ransomware, pentesting, malware, hacking08-Nov-2024
Malwarebytes Acquires AzireVPN to Enhance Privacy and Security Offeringshttps://medium.com/@wiretor/malwarebytes-acquires-azirevpn-to-enhance-privacy-and-security-offerings-194b3bf42554?source=rss------bug_bounty-5WIRE TORbug-bounty, ransomware, hacking, pentesting, malware08-Nov-2024
Hackers Leveraging Winos4.0: A Growing Threat in Post-Exploitation Attackshttps://medium.com/@wiretor/hackers-leveraging-winos4-0-a-growing-threat-in-post-exploitation-attacks-e830dac3766b?source=rss------bug_bounty-5WIRE TORmalware, hacking, ransomware, bug-bounty, xss-attack08-Nov-2024
A Comprehensive Toolkit for Web Penetration Testing and Bug Huntinghttps://dineshpathro9.medium.com/a-comprehensive-toolkit-for-web-penetration-testing-and-bug-hunting-21a7b01d722f?source=rss------bug_bounty-5DiNeSh_PaThRobug-bounty, bug-zero, hacking, bug-bounty-tips, web-app-security08-Nov-2024
Top Search Engines for Pentestershttps://osintteam.blog/top-search-engines-for-pentesters-6fa90ffb6aa0?source=rss------bug_bounty-5D.Haddadcybersecurity, bug-bounty, penetration-testing, hacking-tools, osint08-Nov-2024
Unpatched Vulnerabilities in Mazda Infotainment Systems Pose Serious Security Riskshttps://medium.com/@wiretor/unpatched-vulnerabilities-in-mazda-infotainment-systems-pose-serious-security-risks-b634ae8883d8?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, ransomware, hacking, pentesting08-Nov-2024
Texas Oilfield Supplier Newpark Resources Hit by Ransomware Attackhttps://medium.com/@wiretor/texas-oilfield-supplier-newpark-resources-hit-by-ransomware-attack-fc374aa6b8dc?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, ransomware, pentesting, malware, hacking08-Nov-2024
Malwarebytes Acquires AzireVPN to Enhance Privacy and Security Offeringshttps://medium.com/@wiretor/malwarebytes-acquires-azirevpn-to-enhance-privacy-and-security-offerings-194b3bf42554?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, ransomware, hacking, pentesting, malware08-Nov-2024
Hackers Leveraging Winos4.0: A Growing Threat in Post-Exploitation Attackshttps://medium.com/@wiretor/hackers-leveraging-winos4-0-a-growing-threat-in-post-exploitation-attacks-e830dac3766b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, hacking, ransomware, bug-bounty, xss-attack08-Nov-2024
Google Dorking in Bug Hunting: Uncovering Hidden Vulnerabilitieshttps://myselfakash20.medium.com/google-dorking-in-bug-hunting-uncovering-hidden-vulnerabilities-aebe773f73be?source=rss------bug_bounty-5Akash Ghoshbug-bounty, bug-bounty-writeup, dorking, bugs, bug-bounty-tips07-Nov-2024
My first acknowledgement from Government NCIIPC India (A unit of NTRO) of my bug Bounty journey…https://medium.com/@subhajit_taki77/my-first-acknowledgement-from-government-nciipc-india-a-unit-of-ntro-of-my-bug-bounty-journey-fda6637766f9?source=rss------bug_bounty-5Subhajit_Taki77cybersecurity, bug-bounty, acknowledgement, nciipc07-Nov-2024
Bypass Rich Text Editors lead to Stored XSS - $500 Rewardshttps://medium.com/@bugbounty_learners/bypass-rich-text-editors-lead-to-stored-xss-500-rewards-077e22eba20f?source=rss------bug_bounty-5bugbounty_learnersbug-bounty-writeup, bug-bounty, bugs, bug-bounty-tips07-Nov-2024
Why Bug Bounty Failures Occur — Key Insights for Successhttps://r3dw4n4hm3d.medium.com/why-bug-bounty-failures-occur-key-insights-for-success-2813349c5e1a?source=rss------bug_bounty-5R3DW4N 4HM3Dbug-bounty, vulnerabilityresearch, cybersecurity, ethical-hacking07-Nov-2024
Exploring the OWASP API Security Top 10: A Guide to Securing Your APIshttps://medium.com/@ad.abhi0013/exploring-the-owasp-api-security-top-10-a-guide-to-securing-your-apis-5ee4456cb9c3?source=rss------bug_bounty-5Abhishek Adhikaribug-bounty, owasp-api-security-top-10, api07-Nov-2024
Account Takeover for Google SSO Usershttps://7odamoo.medium.com/account-takeover-for-google-sso-users-b50f99b49f0d?source=rss------bug_bounty-5Mahmoud Hamedbug-bounty, pentesting07-Nov-2024
From an Out-of-Scope Bug to Unlocking Lifetime Premium Accounts in Mozillahttps://0d-amr.medium.com/from-an-out-of-scope-bug-to-unlocking-lifetime-premium-accounts-in-mozilla-fe96371d814c?source=rss------bug_bounty-5Amrctf, bug-bounty, penetration-testing, cyber-secuity07-Nov-2024
Exposing hidden DOS techniques laying in plain sight.https://medium.com/@omarahmed_13016/exposing-hidden-dos-techniques-laying-in-plain-sight-29965ab1d53b?source=rss------bug_bounty-5Omar Ahmedhacking, vulnerability, bug-bounty-writeup, bug-bounty, bug-bounty-tips07-Nov-2024
No Rate Limiting — Bughttps://medium.com/@Jitheshjithu/no-rate-limiting-bug-7107cfc5d175?source=rss------bug_bounty-5Jitheshbug-bounty-writeup, no-rate-limit, bugs, bug-bounty, bug-bounty-tips07-Nov-2024
Canada Orders TikTok to Close Canadian Operations Amid Growing Security Concernshttps://medium.com/@wiretor/canada-orders-tiktok-to-close-canadian-operations-amid-growing-security-concerns-45b40c461986?source=rss------bug_bounty-5WIRE TORhacking, xss-attack, malware, bug-bounty, pentesting07-Nov-2024
SteelFox Malware Hits Hard: Protect Your System This Black Friday & Cyber Monday with 50% Off…https://medium.com/@wiretor/steelfox-malware-hits-hard-protect-your-system-this-black-friday-cyber-monday-with-50-off-d96831583b9e?source=rss------bug_bounty-5WIRE TORhacking, breached, bug-bounty, malware, usa07-Nov-2024
How to Find CSRF Vulnerabilities Using Kali Linux: A Full Methodologyhttps://dineshpathro9.medium.com/how-to-find-csrf-vulnerabilities-using-kali-linux-a-full-methodology-070a21aee0b5?source=rss------bug_bounty-5DiNeSh_PaThRobug-bounty-tips, bug-bounty, hacking, csrf, bugbounty-writeup07-Nov-2024
North Korean Hackers Target macOS Users with Fake Crypto PDFshttps://medium.com/@wiretor/north-korean-hackers-target-macos-users-with-fake-crypto-pdfs-d6d93c347dfe?source=rss------bug_bounty-5WIRE TORusa, pentesting, malware, hacking, bug-bounty07-Nov-2024
Uygulamalarla XSS’e Gerçekçi Bir Yaklaşımhttps://medium.com/@sgzldmrc/uygulamalarla-xsse-ger%C3%A7ek%C3%A7i-bir-yakla%C5%9F%C4%B1m-a3e82ae0be3a?source=rss------bug_bounty-5Serdar Güzeldemircixss-attack, bug-bounty, xss-vulnerability, web-app-security, cross-site-scripting07-Nov-2024
OAuth Misconfiguration Pre-Account Takeoverhttps://medium.com/h7w/oauth-misconfiguration-pre-account-takeover-535beb8d1987?source=rss------bug_bounty-5socalledhackerinfosec, hacking, bug-bounty-tips, cybersecurity, bug-bounty07-Nov-2024
China-Aligned MirrorFace Hackers Target EU Diplomats with World Expo 2025 Baithttps://medium.com/@wiretor/china-aligned-mirrorface-hackers-target-eu-diplomats-with-world-expo-2025-bait-a289ad3ec600?source=rss------bug_bounty-5WIRE TORbug-bounty, hacking, malware, usa, xss-attack07-Nov-2024
How To Automate Your Broad Scope Reconhttps://thexssrat.medium.com/how-to-automate-your-broad-scope-recon-a4ff998dea0e?source=rss------bug_bounty-5Thexssratbug-bounty-writeup, hacks, bug-bounty-tips, hacking, bug-bounty07-Nov-2024
Understanding Broken Access Control (BAC): A Comprehensive Guidehttps://thexssrat.medium.com/understanding-broken-access-control-bac-a-comprehensive-guide-c0e325c43b04?source=rss------bug_bounty-5Thexssrathacking, broken-access-control, hacker, hacks, bug-bounty07-Nov-2024
Developers Don’t Care About Securityhttps://medium.com/@krishanthan2022.4.4/developers-dont-care-about-security-e4814ecc4907?source=rss------bug_bounty-5R.Krishanthanbug-bounty, web-security, penetration-testing, vulnerability, development06-Nov-2024
Stored HTML Injection to Stored Url Redirectionhttps://medium.com/@abdullah12987654/stored-html-injection-to-stored-url-redirection-40a1c8452f12?source=rss------bug_bounty-5Abdullahhtml-injection, url-redirection, hacking, bug-bounty, pentesting06-Nov-2024
FUZZING That Leads to Internal Source Code!https://medium.com/@rootplinix/fuzzing-that-leads-to-internal-source-code-ef992143c015?source=rss------bug_bounty-5Abu Hurayrainfosec, cybersecurity, bug-bounty, hacking06-Nov-2024
OAuth Under Siege: The Dangers of Account Impersonationhttps://medium.com/@ProwlSec/oauth-under-siege-the-dangers-of-account-impersonation-df0e780f1c4f?source=rss------bug_bounty-5ProwlSechacking, tips, account-takeover, bug-bounty, bug-hunting06-Nov-2024
How I Earned $350 Exploiting Clickjacking Vulnerability to Trigger XSS Attackhttps://medium.com/@abdulparkar/how-i-earned-350-exploiting-clickjacking-vulnerability-to-trigger-xss-attack-23b3216ca640?source=rss------bug_bounty-5Abdul Rehman Parkarbug-bounty-tips, bug-bounty-writeup, bug-bounty, hacking, ethical-hacking06-Nov-2024
SQL Injection UNION Attack, Determining the Number of Columns Returned by the Queryhttps://medium.com/@marduk.i.am/sql-injection-union-attack-determining-the-number-of-columns-returned-by-the-query-a740b76989fe?source=rss------bug_bounty-5Marduk I Amportswigger-lab, bug-bounty, sql-injection, sqli, information-security06-Nov-2024
XSS Restction bypass on Hackerone programhttps://medium.com/@bugbounty_learners/xss-restction-bypass-on-hackerone-program-a7b37636425d?source=rss------bug_bounty-5bugbounty_learnersbug-bounty, pentesting, bugs, bug-bounty-tips, cybersecurity06-Nov-2024
A Step-by-Step Guide to the Bug Hunting Process: From Reconnaissance to Reportinghttps://myselfakash20.medium.com/a-step-by-step-guide-to-the-bug-hunting-process-from-reconnaissance-to-reporting-9991b06314b8?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, bugbounty-writeup, bug-bounty-writeup, bug-hunting, bug-bounty06-Nov-2024
Mastering Bug Hunting: A Beginner’s Guide to Effective Methodologieshttps://medium.com/@secinfinitylabs/mastering-bug-hunting-a-beginners-guide-to-effective-methodologies-fc7491625645?source=rss------bug_bounty-5Secinfinity Labsbug-hunting, infosecurity, cybersecurity, bug-bounty-tips, bug-bounty06-Nov-2024
Bug Hunting Reconhttps://medium.com/@prajwalpatil453/bug-hunting-recon-840455f4d71a?source=rss------bug_bounty-5Anonstrkbug-bounty, reconnaissance, bug-bounty-tips, methodology06-Nov-2024
Manipulated All Files on Server of a HackerOne Targethttps://systemweakness.com/manipulated-all-files-on-server-of-a-hackerone-target-7b60a6dad117?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, pentesting, bug-bounty-tips, infosec, cybersecurity06-Nov-2024
My First and easiest Bug i have foundhttps://aboalezz1.medium.com/my-first-and-easiest-bug-i-have-found-3b7daee5d2f9?source=rss------bug_bounty-5Mohamed AboAlezzweb-hacking, bug-hunting, bug-bounty, bug-bounty-writeup, bug-bounty-tips06-Nov-2024
Understanding Types of Privileged Accounts and Their Security Riskshttps://bitpanic.medium.com/understanding-types-of-privileged-accounts-and-their-security-risks-935605f2232c?source=rss------bug_bounty-5Bit Paniccybersecurity, bugbounty-writeup, bug-bounty06-Nov-2024
All About JWT Vulnerabilitieshttps://medium.com/@0x_xnum/all-about-jwt-vulnerabilities-ef7314c4dd02?source=rss------bug_bounty-5Ahmed Tarekjwt-exploitation, bugbounty-writeup, bug-bounty, authentication, hacking06-Nov-2024
Most Commonly Used Tools in Bug Bountyhttps://medium.com/@halildeniz313/most-commonly-used-tools-in-bug-bounty-4603382ecee3?source=rss------bug_bounty-5Halildenizweb-security, cyber-security-awareness, bug-bounty-tips, cybersecurity, bug-bounty06-Nov-2024
An IDOR and Auth Bypass That Led to Mass Account Takeover — KSFEhttps://1-day.medium.com/an-idor-and-auth-bypass-that-led-to-mass-account-takeover-ksfe-db04cec8d730?source=rss------bug_bounty-51daybug-bounty-writeup, hacking, bug-bounty, penetration-testing, writeup06-Nov-2024
⚠️ Cyberattack Causes Statewide Outage in Washington Courtshttps://medium.com/@wiretor/%EF%B8%8F-cyberattack-causes-statewide-outage-in-washington-courts-cb9bcd6264a4?source=rss------bug_bounty-5WIRE TORxss-attack, malware, usa, hacking, bug-bounty06-Nov-2024
Nokia Breached by IntelBroker: Source Code Allegedly Stolenhttps://medium.com/@wiretor/nokia-breached-by-intelbroker-source-code-allegedly-stolen-a1fa5b62a10a?source=rss------bug_bounty-5WIRE TORmalware, hacked, bug-bounty, hacking, xss-attack06-Nov-2024
INTERPOL Disrupts Over 22,000 Malicious Servers in Global Crackdown on Cybercrimehttps://medium.com/@wiretor/interpol-disrupts-over-22-000-malicious-servers-in-global-crackdown-on-cybercrime-9f4e2840dc6e?source=rss------bug_bounty-5WIRE TORbug-bounty, pentesting, malware, xss-attack, hacking06-Nov-2024
Microchip Technology Reports $21.4 Million Loss From Ransomware Attackhttps://medium.com/@wiretor/microchip-technology-reports-21-4-million-loss-from-ransomware-attack-a123d2609b91?source=rss------bug_bounty-5WIRE TORbug-bounty, malware, trump, usa, hacking06-Nov-2024
Bypassing Promo Code Validation via Response Manipulation Enabled the Creation of a Business…https://anas0x1.medium.com/bypassing-promo-code-validation-via-response-manipulation-enabled-the-creation-of-a-business-3f926b19c0bb?source=rss------bug_bounty-5Anas Ibrahimpenetration-testing, bug-bounty-tips, bug-bounty-writeup, bug-bounty06-Nov-2024
IDOR Vulnerability Allowed the Deletion of Any User from an Administrator Account.https://anas0x1.medium.com/idor-vulnerability-allowed-the-deletion-of-any-user-from-an-administrator-account-da64e79ce1b0?source=rss------bug_bounty-5Anas Ibrahimbug-bounty, bug-bounty-tips, bug-bounty-writeup, penetration-testing, idor06-Nov-2024
Behind the Scenes: How I Hacked one of the largest Amusement Park in the Philippines.https://medium.com/hacking101/behind-the-scenes-how-i-hacked-one-of-the-largest-amusement-park-in-the-philippines-be38566ed563?source=rss------bug_bounty-5Pwndec0c0bug-bounty-tips, bug-bounty-writeup, penetration-testing, bug-bounty, hacking06-Nov-2024
Essential Bug Hunting Tools for Beginners: Start Your Journey in Cybersecurityhttps://myselfakash20.medium.com/essential-bug-hunting-tools-for-beginners-start-your-journey-in-cybersecurity-ea51e1f26068?source=rss------bug_bounty-5Akash Ghoshbugbounty-writeup, bug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty05-Nov-2024
How I Got Paid for an Out-of-Scope Vulnerabilityhttps://medium.com/@abdulparkar/how-i-got-paid-for-an-out-of-scope-vulnerability-4e51eb93db5c?source=rss------bug_bounty-5Abdul Rehman Parkarbug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips, infosec-write-ups05-Nov-2024
Remote Code Execution (RCE): An In-Depth Guide with practicalhttps://medium.com/@anandrishav2228/remote-code-execution-rce-an-in-depth-guide-with-practical-7082a7e17e97?source=rss------bug_bounty-5Rishav anandcybersecurity, money, ai, hacker, bug-bounty05-Nov-2024
IDOR Leading To Improper Access Controlhttps://medium.com/@shadykhaled2002/idor-leading-to-improper-access-control-c3999aa28fc4?source=rss------bug_bounty-5Le_Merdiencybersecurity, bug-bounty, pentesting, penetration-testing05-Nov-2024
Alert: Reflected XSS Detectedhttps://osintteam.blog/alert-reflected-xss-detected-57850c34a61e?source=rss------bug_bounty-5Dishant Modixss-attack, penetration-testing, bug-bounty-tips, bug-bounty, cybersecurity05-Nov-2024
Lesser-Known Tools for Web Bug Bounty Huntinghttps://medium.com/@halildeniz313/lesser-known-tools-for-web-bug-bounty-hunting-e10a95fa25bd?source=rss------bug_bounty-5Halildenizweb-security, cyber-security-awareness, bug-bounty-tips, bug-bounty, cybersecurity05-Nov-2024
Vulnerabilities Weaponizing — Cross-site Scripting (XSS)https://medium.com/@aufzayed/vulnerabilities-weaponizing-cross-site-scripting-xss-608a4f45321c?source=rss------bug_bounty-5Abdelrhman Zayedexploit-development, red-teaming, penetration-testing, cybersecurity, bug-bounty05-Nov-2024
€50 bounty — Long String DOS Attack Bug and POC Stepshttps://medium.com/h7w/50-bounty-long-string-dos-attack-bug-and-poc-steps-eaa8a5777263?source=rss------bug_bounty-5socalledhackercybersecurity, infosec, bug-bounty, bug-bounty-tips, hacking05-Nov-2024
Zero-Day FOMO: The Fear of Missing Out on the Next Big Exploithttps://medium.com/@paritoshblogs/zero-day-fomo-the-fear-of-missing-out-on-the-next-big-exploit-d3b42d35323c?source=rss------bug_bounty-5Paritoshzero-day, vulnerability, cybersecurity, hacking, bug-bounty05-Nov-2024
SIP OPTIONS Abuse And Flood Vulnerability (exploit Voip)https://medium.com/@zpx15266/sip-options-abuse-and-flood-vulnerability-exploit-voip-b9bc030909ae?source=rss------bug_bounty-5ramzey elsayed mohamedbug-bounty-writeup, penetration-testing, bug-bounty, bug-bounty-tips, bugs05-Nov-2024
How I Got Paid for an Out-of-Scope Vulnerability $$$https://medium.com/@abdulparkar/how-i-got-paid-for-an-out-of-scope-vulnerability-4e51eb93db5c?source=rss------bug_bounty-5Abdul Rehman Parkarbug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips, infosec-write-ups05-Nov-2024
Tips to Avoid Duplicates or N/A Reports in Bug Bounty Programshttps://bitpanic.medium.com/tips-to-avoid-duplicates-or-n-a-reports-in-bug-bounty-programs-a067a4e54d5e?source=rss------bug_bounty-5Bit Paniccybersecurity, bug-bounty05-Nov-2024
55 YouTube Channels to Learn HACKING!!!!!https://osintteam.blog/55-youtube-channels-to-learn-hacking-b5167d3125d9?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitbug-bounty, hacking, technology, programming, cybersecurity05-Nov-2024
How I found my first bug!https://medium.com/@karim.engmohamed/how-i-found-my-first-bug-b1f21046deb7?source=rss------bug_bounty-5Karim Mohamedpython, bug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty05-Nov-2024
Unleashing the Bug Hunter Within: A Curated Toolkit and Proven Processhttps://pwndecoco.medium.com/unleashing-the-bug-hunter-within-a-curated-toolkit-and-proven-process-fb2f89c7f1f0?source=rss------bug_bounty-5Pwndec0c0programming, cybersecurity, penetration-testing, bug-bounty, hacking05-Nov-2024
Google Fixes Dangerous Android Exploitshttps://medium.com/@wiretor/google-fixes-dangerous-android-exploits-6e6be3465e6c?source=rss------bug_bounty-5WIRE TORusa, hacking, breached, malware, bug-bounty05-Nov-2024
Easy logic bug that leaks the email for every userhttps://medium.com/@banertheinrich/easy-logic-bug-that-leaks-the-email-for-every-user-ef2d9d0cf088?source=rss------bug_bounty-5Adham Heinrichbug-bounty, cybersecurity, hackerone, bug-bounty-tips, bug-bounty-writeup04-Nov-2024
Panduan “Bug Bounty Programs pada Aplikasi Laravel” berdasarkan kerangka yang telah disusun:https://medium.com/@_azwar/panduan-bug-bounty-programs-pada-aplikasi-laravel-berdasarkan-kerangka-yang-telah-disusun-7cc3b230397c?source=rss------bug_bounty-5azwarlaravel, bug-bounty04-Nov-2024
Cloud flare bypass leads to Account Takeover via Password Reset Poisoninghttps://medium.com/@abdulparkar/cloud-flare-bypass-leads-to-account-takeover-via-password-reset-poisoning-ba349d784b97?source=rss------bug_bounty-5Abdul Rehman Parkarbug-bounty, ethical-hacking, bug-bounty-writeup, cybersecurity, bug-bounty-tips04-Nov-2024
How to Find the Best Resources for Learning Bug Bounty and Cybersecurity |PRO Tiphttps://medium.com/@shaikhminhaz1975/how-to-find-the-best-resources-for-learning-bug-bounty-and-cybersecurity-pro-tip-d5e915e82539?source=rss------bug_bounty-5Shaikh Minhazpenetration-testing, best, cybersecurity, bug-bounty, ethical-hacking04-Nov-2024
Vibe Yo’Tribehttps://medium.com/@onelovemafia/vibe-yotribe-3d8a0c098ee2?source=rss------bug_bounty-5OneLoveMafiaclimate-change, machine-learning, bug-bounty, blockchain, philosophy04-Nov-2024
How to Configure Proxies in Browser for Bug-Bountyhttps://medium.com/@anandrishav2228/how-to-configure-proxies-in-browser-for-bug-bounty-c175c5513e1a?source=rss------bug_bounty-5Rishav anandvpn, proxy, cybersecurity, money, bug-bounty04-Nov-2024
Bypass the Blocked IP address while Pentesting.https://medium.com/@anandrishav2228/bypass-the-blocked-ip-address-while-pentesting-c4c02a8dc14d?source=rss------bug_bounty-5Rishav anandmoney, cybersecurity, bug-bounty, ip-address, hacking04-Nov-2024
bugbountytraining靶场(四)https://medium.com/@starkxun5215/bugbountytraining%E9%9D%B6%E5%9C%BA-%E5%9B%9B-378fa157f500?source=rss------bug_bounty-5xun starkbug-bounty04-Nov-2024
Breaking the Rules: How a Race Condition Allowed Me to Bypass the Limitshttps://medium.com/@manibharathi.b/breaking-the-rules-how-a-race-condition-allowed-me-to-bypass-the-limits-by-mani-d6840746a04e?source=rss------bug_bounty-5Mani Bharathi Bbug-bounty-tips, bug-bounty, cybersecurity, vulnerability, bug-bounty-writeup04-Nov-2024
Account takeover for $3000https://sushantdhopat.medium.com/account-takeover-for-3000-722ee6f5fbde?source=rss------bug_bounty-5sushantdhopatbug-bounty, infosec04-Nov-2024
Exploit exposed zendesk API Token for $1000https://sushantdhopat.medium.com/exploit-exposed-zendesk-api-token-for-1000-847966489070?source=rss------bug_bounty-5sushantdhopatinfosec, bug-bounty, information-security04-Nov-2024
IDOR leading to broken functionalityhttps://medium.com/@shadykhaled2002/idor-leading-to-broken-functionality-3b464213fa76?source=rss------bug_bounty-5Le_Merdienpenetration-testing, cybersecurity, pentesting, bug-bounty04-Nov-2024
The OAuth Oversight: When Configuration Errors Turn into Account Hijackshttps://medium.com/@nightcoders0/the-oauth-oversight-when-configuration-errors-turn-into-account-hijacks-5ed1f9c83d16?source=rss------bug_bounty-5Nightcoderspentesting, hacking, bug-bounty, bug-bounty-tips, bug-bounty-writeup04-Nov-2024
How I Found a €100 Bug at DCU: From “Not Applicable” to Cashing In!https://medium.com/@trffnsec/how-i-found-a-100-bug-at-dcu-from-not-applicable-to-cashing-in-2e58699a8faa?source=rss------bug_bounty-5TrffnSecbugbounty-writeup, hacking, bug-bounty-tips, ethical-hacking, bug-bounty04-Nov-2024
Essential One-Liner Commands for Bug Bounty Hunters and Pentestershttps://infosecwriteups.com/essential-one-liner-commands-for-bug-bounty-hunters-and-pentesters-7648ec305c66?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, automation, cybersecurity04-Nov-2024
How I Found HTML Injection?https://medium.com/@gitlime71/how-i-found-html-injection-bdbbf2861d95?source=rss------bug_bounty-5Raccoonbug-bounty, penetration-testing, bug-bounty-writeup04-Nov-2024
Columbus Ransomware Attack: Data of 500,000 Stolenhttps://medium.com/@wiretor/columbus-ransomware-attack-data-of-500-000-stolen-93076d58689c?source=rss------bug_bounty-5WIRE TORmalware, pentesting, usa, pentest, bug-bounty04-Nov-2024
Unveiling the “Pygmy Goat” Malware: A New Threat in Cybersecurityhttps://medium.com/@wiretor/unveiling-the-pygmy-goat-malware-a-new-threat-in-cybersecurity-aaeb360f9497?source=rss------bug_bounty-5WIRE TORbug-bounty, hacking, usa, malware, pentesting04-Nov-2024
Meet “Interlock” Ransomware — A New Threat Targeting FreeBSD Servershttps://medium.com/@wiretor/meet-interlock-ransomware-a-new-threat-targeting-freebsd-servers-4be6ba312c62?source=rss------bug_bounty-5WIRE TORhacking, malware, pentesting, bug-bounty, usa04-Nov-2024
Introducing SubdomainRadar.io:https://medium.com/@alexandrevandammepro/introducing-subdomainradar-io-727d765445f2?source=rss------bug_bounty-5Alexandre Vandammebug-bounty, vulnerability, bug-bounty-tips, osint, security04-Nov-2024
Essential One-Liner Commands for Bug Bounty Hunters and Pentestershttps://systemweakness.com/essential-one-liner-commands-for-bug-bounty-hunters-and-pentesters-7648ec305c66?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, automation, cybersecurity04-Nov-2024
ExploiterX — Vulnerability Scanner Toolhttps://anishalx.medium.com/exploiterx-vulnerability-scanner-tool-bc1796e278a1?source=rss------bug_bounty-5Anishweb3, python, bug-bounty, penetration-testing, hacking03-Nov-2024
Must-Have Tools for Cybersecurity Researchers: A Complete Installation Guidehttps://myselfakash20.medium.com/must-have-tools-for-cybersecurity-researchers-a-complete-installation-guide-5738022e535f?source=rss------bug_bounty-5Akash Ghoshcybersecurity, tools, bug-bounty, recon, reconnaissance03-Nov-2024
AcquiFinder | a tool to grab acquisitions of a company by Crunchbasehttps://medium.com/@AmmarxLe0x/acquifinder-a-tool-to-grab-acquisitions-of-a-company-by-crunchbase-6315db784813?source=rss------bug_bounty-5xLe0xbug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty-program, bug-bounty03-Nov-2024
“Keyed In” Compromising an entire organization through their APIhttps://medium.com/@s1renhead/keyed-in-compromising-an-entire-organization-through-their-api-2ed6cb54eec5?source=rss------bug_bounty-5S1renheadbug-bounty-writeup, bug-bounty, hacking, bug-bounty-tips03-Nov-2024
[Hacking impact] Acees admin panelhttps://medium.com/@nagashygaballah/hacking-impact-acees-admin-panel-a4326a36e208?source=rss------bug_bounty-5111xNagashyhacker, hackerone, hacking, bug-bounty, security03-Nov-2024
How I Discovered RXSS Bug on Microsoft subdomain !!!https://medium.com/@sayantichy/how-i-discovered-rxss-bug-on-microsoft-subdomain-21082191ad10?source=rss------bug_bounty-5Sayanti Chowdhuryxss-vulnerability, bug-bounty, xss-attack, first-bug, reflected-xss03-Nov-2024
Getting Back on the Cybersecurity Write-Ups: Return to Mediumhttps://mukibas37.medium.com/getting-back-on-the-cybersecurity-write-ups-return-to-medium-1ac51c9edde9?source=rss------bug_bounty-5Mukilan Baskarancybersecurity, infosec, back-to-writing, ctf, bug-bounty03-Nov-2024
A Comprehensive Guide to SQL Injection: Types, Hunting Methods, and Toolshttps://medium.com/@n4itr0_07/a-comprehensive-guide-to-sql-injection-types-hunting-methods-and-tools-8d716dd34355?source=rss------bug_bounty-5N4!TR0 07sql-injection, bug-bounty, bug-bounty-tips, bugbounty-writeup, cybersecurity03-Nov-2024
IDOR Exploit: Gaining Unauthorized Control Over Users’ Shopping Basketshttps://0xmatrix.medium.com/idor-exploit-gaining-unauthorized-control-over-users-shopping-baskets-122650091cf5?source=rss------bug_bounty-5Mo2men Elmadybug-bounty, hacking, idor, penetration-testing, bugs03-Nov-2024
Dstat.cc DDoS Site Seized & Two Suspects Arrested in Germanyhttps://medium.com/@wiretor/dstat-cc-ddos-site-seized-two-suspects-arrested-in-germany-c8d44187b181?source=rss------bug_bounty-5WIRE TORbug-bounty, malware, hacking, pentesting, usa03-Nov-2024
CRA Breach Exposed: Over 62,000 Taxpayer Accounts Compromised!https://medium.com/@wiretor/cra-breach-exposed-over-62-000-taxpayer-accounts-compromised-62bc0cf3cb9a?source=rss------bug_bounty-5WIRE TORmalware, bug-bounty, hacking, pentesting, usa03-Nov-2024
FBI Arrests Suspect in SEC Account Hack: What This Means for Cybersecurityhttps://medium.com/@wiretor/fbi-arrests-suspect-in-sec-account-hack-what-this-means-for-cybersecurity-735d8dd72512?source=rss------bug_bounty-5WIRE TORhacking, usa, bug-bounty, pentesting, malware03-Nov-2024
Becoming a Web Security Specialist: Essential Insights and a Roadmaphttps://medium.com/@halildeniz313/becoming-a-web-security-specialist-essential-insights-and-a-roadmap-91032925d1aa?source=rss------bug_bounty-5Halildenizcyber-security-awareness, bug-bounty, cybersecurity, web-security, ethical-hacking03-Nov-2024
Time Based SQL Injection Bug Hunting Methodologyhttps://medium.com/@abhirupkonwar04/time-based-sql-injection-bug-hunting-methodology-be485de5ab9e?source=rss------bug_bounty-5AbhirupKonwarethical-hacking, bug-bounty, cybersecurity, sql-injection, pentesting02-Nov-2024
Time Based SQL Injection Bug Hunting Methodologyhttps://osintteam.blog/time-based-sql-injection-bug-hunting-methodology-be485de5ab9e?source=rss------bug_bounty-5AbhirupKonwarethical-hacking, bug-bounty, cybersecurity, sql-injection, pentesting02-Nov-2024
Simple Tips for Bug Bounty Beginners: Escalating to XSS (XSS Series Part — 2)https://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-escalating-to-xss-xss-series-part-2-1d6b75ecf942?source=rss------bug_bounty-5Anish Narayantechnology, programming, cybersecurity, bug-bounty-writeup, bug-bounty02-Nov-2024
Breaking Into Information Security as a Fresher: A Guide to Starting Your Journeyhttps://medium.com/@nitinbasera11/breaking-into-information-security-as-a-fresher-a-guide-to-starting-your-journey-caa253c0f5ae?source=rss------bug_bounty-5Nitinbaserabug-bounty, security, cybersecurity, web-app-security, infosec02-Nov-2024
My Journey as a Bug Bounty Hunter and Web3 Enthusiast: Tips for Beginnershttps://medium.com/@veerendravamshi/my-journey-as-a-bug-bounty-hunter-and-web3-enthusiast-tips-for-beginners-50aa0bfbfc78?source=rss------bug_bounty-5Veerendra Vamshiblockchain, bug-bounty, web3, cryptocurrency, defi02-Nov-2024
Hacking For Free. Dodging Paying For Hacking Knowledge System | Primary Hacking School #9https://medium.com/@nnface/hacking-for-free-dodging-paying-for-hacking-knowledge-system-primary-hacking-school-9-c86f6dd3752c?source=rss------bug_bounty-5NnFacehacking, cybersecurity, kali-linux, money, bug-bounty02-Nov-2024
Microsoft Acknowledges Outlook Freezing Issue and Offers Workaroundshttps://medium.com/@wiretor/microsoft-acknowledges-outlook-freezing-issue-and-offers-workarounds-52fa28e41f13?source=rss------bug_bounty-5WIRE TORhacking, ransomware, malware, pentesting, bug-bounty02-Nov-2024
Account Takeover Via Google Auth Misconfigurationhttps://medium.com/@abdulparkar/account-takeover-via-google-auth-misconfiguration-af4a59dd82e7?source=rss------bug_bounty-5Abdul Rehman Parkarethical-hacking, bug-bounty-tips, hacking, bug-bounty, bug-bounty-writeup02-Nov-2024
bugbountytraining靶场(三)https://medium.com/@starkxun5215/bugbountytraining%E9%9D%B6%E5%9C%BA-%E4%B8%89-dfe55be3123f?source=rss------bug_bounty-5xun starkbug-bounty01-Nov-2024
Hard Server-Side Request Forgery (SSRF) A bypass method to RCE and Port Scanhttps://medium.com/@sarvour/hard-server-side-request-forgery-ssrf-a-bypass-method-to-rce-and-port-scan-61adf085d62a?source=rss------bug_bounty-5sarvourpentesting, security, rce, bug-bounty, writeup01-Nov-2024
Template Engines Injection 101https://medium.com/@0xAwali/template-engines-injection-101-4f2fe59e5756?source=rss------bug_bounty-5Mahmoud M. Awalibug-bounty, hacking01-Nov-2024
Web Application Basics — Tryhackme Walkthroughhttps://medium.com/@TRedEye/web-application-basics-tryhackme-walkthrough-ee6a0cf2f1f6?source=rss------bug_bounty-5TRedEyecybersecurity, hacking, bug-bounty, website, tryhackme01-Nov-2024
Configuring Burp Suite with Firefox (Step-by-Step)https://harshbardhanx.medium.com/configuring-burp-suite-with-firefox-step-by-step-40f56a706546?source=rss------bug_bounty-5Harsh Bardhanbug-bounty, cybersecurity, bug-bounty-writeup, burpsuite, bug-bounty-tips01-Nov-2024
Hackers Target Critical Zero-Day Vulnerabilities in PTZ Camerashttps://medium.com/@wiretor/hackers-target-critical-zero-day-vulnerabilities-in-ptz-cameras-d2d5023d329d?source=rss------bug_bounty-5WIRE TORpentest, zero-day, malware, bug-bounty, ransomware01-Nov-2024
qBittorrent Security Flaw Fixed After 14 Years Upgrade Now!https://medium.com/@wiretor/qbittorrent-security-flaw-fixed-after-14-years-upgrade-now-bfa491d214bb?source=rss------bug_bounty-5WIRE TORxss-attack, bug-bounty, hacking, malware, pentesting01-Nov-2024
New LightSpy Spyware Version Targets iPhones with Advanced Surveillance Tacticshttps://medium.com/@wiretor/new-lightspy-spyware-version-targets-iphones-with-advanced-surveillance-tactics-154f8887cd42?source=rss------bug_bounty-5WIRE TORhacking, apple, xss-attack, bug-bounty, malware01-Nov-2024
The Pen-Tester’s Muse: Writing Exploits into Earnings on Mediumhttps://medium.com/illumination/the-pen-testers-muse-writing-exploits-into-earnings-on-medium-a739abaab422?source=rss------bug_bounty-5Quintius Walkerbug-bounty, cybersecurity, poetry, creativity, poetry-on-medium01-Nov-2024
Reasons for Failure in Bug Bounty Programs and the Path to Successhttps://medium.com/@halildeniz313/reasons-for-failure-in-bug-bounty-programs-and-the-path-to-success-af19917f4be9?source=rss------bug_bounty-5Halildenizbug-bounty-tips, cybersecurity, bug-bounty, pentesting, ethical-hacking01-Nov-2024
bugbountytraining靶场(二)https://medium.com/@starkxun5215/bugbountytraining%E9%9D%B6%E5%9C%BA-%E4%BA%8C-669c3ac29651?source=rss------bug_bounty-5xun starkbug-bounty31-Oct-2024
How HTML injection can help to make $1000.https://medium.com/@anandrishav2228/how-html-injection-can-help-to-make-1000-531c6f7b6672?source=rss------bug_bounty-5Rishav anandhtml, ai, bug-bounty, money, cybersecurity31-Oct-2024
HOW I FOUND CVE-2023–35813?https://doordiefordream.medium.com/how-i-found-cve-2023-35813-c239c2f03192?source=rss------bug_bounty-5balu bandicve, ethical-hacking, bug-bounty, cybersecurity, writing31-Oct-2024
OAuth Account Takeover (ATO) Vulnerability via Email Manipulationhttps://medium.com/@muhammedgalal66/oauth-account-takeover-ato-vulnerability-via-email-manipulation-94e0e942bcb8?source=rss------bug_bounty-5Dg0x6account-takeover-attacks, account-takeover, bug-bounty-tips, hackerone, bug-bounty31-Oct-2024
SSRF to Internal Port Scanning on Self-Hosted Platformhttps://infosecwriteups.com/ssrf-to-internal-port-scanning-on-self-hosted-platform-05a17a461eed?source=rss------bug_bounty-5JEETPALssrf, bugbounty-tips, bug-bounty, bug-bounty-writeup, cybersecurity31-Oct-2024
7 Real-Life Bug Bounties That Made Headlines: Lessons You Can’t Afford to Miss!https://medium.com/@qaafqasim/7-real-life-bug-bounties-that-made-headlines-lessons-you-cant-afford-to-miss-4b812b2caafa?source=rss------bug_bounty-5Qasim Mahmood Khalidcyber-security-awareness, bug-bounty-writeup, bug-bounty, ethical-hacking, cybersecurity31-Oct-2024
Responsible Discovery, Irresponsible Response: The Cost of Punishing Security Researchershttps://khalifayakub.medium.com/responsible-discovery-irresponsible-response-the-cost-of-punishing-security-researchers-8bbb15f66ab7?source=rss------bug_bounty-5Mohammed Yakub Khalifaethics, cybersecurity-awareness, cybersecurity, bug-bounty, ethical-hacking31-Oct-2024
0-Click ATO Via reset password weird scenariohttps://medium.com/@mos693570/0-click-ato-via-reset-password-weird-scenario-9afa4a88e413?source=rss------bug_bounty-5Mo Salahbug-bounty31-Oct-2024
Could a Simple IDOR Vulnerability in Facebook Affects the Outcome of US Elections?https://medium.com/@bazzounbassem/could-a-simple-idor-vulnerability-in-facebook-affects-the-outcome-of-us-elections-c17bc5e12e30?source=rss------bug_bounty-5Bassem M Bazzounethical-hacking, bug-bounty, us-election-2024, cybersecurity31-Oct-2024
How One Accidental Find Led to Full App Security Testinghttps://medium.com/@hasirhamdan77/how-one-accidental-find-led-to-full-app-security-testing-ea1c317174cb?source=rss------bug_bounty-5Hasirhamdanjwt-exploitation, application-security, bug-bounty, mobile-security, hacking31-Oct-2024
Comprehensive Bug Bounty Hunting Methodology (2024 Edition)https://xalgord.medium.com/comprehensive-bug-bounty-hunting-checklist-2024-edition-4abb3a9cbe66?source=rss------bug_bounty-5Krishna Kaushalcybersecurity, bug-bounty-tips, bug-bounty, hacking, reconnaissance31-Oct-2024
Tale of Zendesk 0 day and a potential 25K $ bountyhttps://rikeshbaniya.medium.com/tale-of-zendesk-0-day-and-a-potential-25k-bounty-61bcf9c5dc06?source=rss------bug_bounty-5Rikesh Baniyabug-bounty-writeup, bug-bounty-tips, hackerone, security-research, bug-bounty31-Oct-2024
XML Upload Challenge: Breaking Boundaries with External Entitieshttps://medium.com/@josh.beck2006/xml-upload-challenge-breaking-boundaries-with-external-entities-79677649485f?source=rss------bug_bounty-5Josh Beckcybersecurity, ctf-writeup, bug-bounty31-Oct-2024
Hunting for IDOR and BAC Vulnerabilities in B2B Applications with Burp Suite’s Authorize Extensionhttps://thexssrat.medium.com/hunting-for-idor-and-bac-vulnerabilities-in-b2b-applications-with-burp-suites-authorize-extension-597877b53d94?source=rss------bug_bounty-5Thexssratidor, broken-access-control, bug-bounty, bug-bounty-tips, burpsuite31-Oct-2024
LottieFiles Hacked: A Cautionary Tale for the Crypto Community!https://medium.com/@wiretor/lottiefiles-hacked-a-cautionary-tale-for-the-crypto-community-8cc3b6cf9148?source=rss------bug_bounty-5WIRE TORmalware, xss-attack, hacking, usa, bug-bounty31-Oct-2024
Protecting E-Commerce: Understanding the Phish n’ Ships Campaignhttps://medium.com/@wiretor/protecting-e-commerce-understanding-the-phish-n-ships-campaign-619cc4f3d150?source=rss------bug_bounty-5WIRE TORmalware, hacking, usa, bug-bounty, xss-attack31-Oct-2024
Ex-Disney Employee Charged with Hacking: A Cautionary Tale!https://medium.com/@wiretor/ex-disney-employee-charged-with-hacking-a-cautionary-tale-d9174351fd7c?source=rss------bug_bounty-5WIRE TORmalware, bug-bounty, xss-attack, usa, hacking31-Oct-2024
File Transfer Cheatsheet: Windows and Linuxhttps://medium.com/@verylazytech/file-transfer-cheatsheet-windows-and-linux-1e36ec9a22ac?source=rss------bug_bounty-5Very Lazy Techfile-transfer, bug-bounty, post-exploitation, exfiltration, cybersecurity30-Oct-2024
Hacking your first OAuth on the Web application: Account takeover using Redirect and State…https://medium.com/@security.tecno/hacking-your-first-oauth-on-the-web-application-account-takeover-using-redirect-and-state-5e857c7b1d43?source=rss------bug_bounty-5TECNO Securityresearch-reports, hacking, bug-bounty, security30-Oct-2024
Discovered a Unique Email Verification Bypasshttps://mo9khu93r.medium.com/discovered-a-unique-email-verification-bypass-47bb1e955a13?source=rss------bug_bounty-5mo9khu93rpenetration-testing, email-verification, hacking, cybersecurity, bug-bounty30-Oct-2024
Apple $1,000,000 Bounty: Zero-Click Exploit Achieves Kernel Execution and PAC Bypass on Latest iOS…https://medium.com/@vintaconnect/apple-1-000-000-bounty-zero-click-exploit-achieves-kernel-execution-and-pac-bypass-on-latest-ios-7cdf35ff8bc6?source=rss------bug_bounty-5VintaConnectapple, apple-bug-bounty, ios, kernel, bug-bounty30-Oct-2024
CVE-2024–27954 — WordPress Automatic Plugin < 3.92.1 — Arbitrary File Download and SSRFhttps://infosecwriteups.com/cve-2024-27954-wordpress-automatic-plugin-3-92-1-arbitrary-file-download-and-ssrf-34f2e938db54?source=rss------bug_bounty-5Ajay Naikbug-bounty, penetration-testing, wordpress, cybersecurity, bug-bounty-hunter30-Oct-2024
$200-$10,000 for Command Injection Bug .https://medium.com/@anandrishav2228/200-10-000-for-command-injection-bug-2279041f3478?source=rss------bug_bounty-5Rishav anandhacking, cybersecurity, bug-bounty, money, command-injection30-Oct-2024
My First Remote Code Execution (RCE)https://medium.com/@prasenjitkantipaul/my-first-remote-code-execution-rce-ea9c3e32943f?source=rss------bug_bounty-5Prasenjit Kanti Paulbug-bounty, bug-bounty-tips, bug-bounty-hunter, rce, bug-bounty-writeup30-Oct-2024
CVE-2024–4577 — PHP CGI Argument Injection Remote Code Executionhttps://infosecwriteups.com/cve-2024-4577-php-cgi-argument-injection-remote-code-execution-294ed4758e4f?source=rss------bug_bounty-5Ajay Naikmedium, penetration-testing, bug-bounty, cybersecurity, information-technology30-Oct-2024
A Guide to Burp Suite for Ethical Hackershttps://medium.com/@codingbolt.in/a-guide-to-burp-suite-for-ethical-hackers-e1b985470547?source=rss------bug_bounty-5codingboltpenetration-testing, cybersecurity, bug-bounty, burpsuite, ethical-hacking30-Oct-2024
Multi-Step Process with No Access Control on One Step — Access Control Vulnerabilityhttps://medium.com/@rcxsecurity/multi-step-process-with-no-access-control-on-one-step-access-control-vulnerability-599aee989521?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafépentesting, cybersecurity, penetration-testing, information-security, bug-bounty30-Oct-2024
Chaining Four Vulnerabilities Leading to Account Takeoverhttps://medium.com/@jke3595/chaining-four-vulnerabilities-leading-to-account-takeover-664f18508600?source=rss------bug_bounty-5Joel I Patrickbounty-program, ethical-hacking, security, bug-bounty, cybersecurity30-Oct-2024
Predictable Initial Passwords vulnerabilityhttps://medium.com/@istibaroudissou/predictable-initial-passwords-vulnerability-3292322bfdd4?source=rss------bug_bounty-5Istibarou DISSOUvulnerability, bug-bounty, pentesting30-Oct-2024
Lets Get into the Real field.https://harshbardhanx.medium.com/lets-get-into-the-real-field-b2c9278d0b63?source=rss------bug_bounty-5Harsh Bardhanbug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty-hunter30-Oct-2024
Email Spoofinghttps://medium.com/@hacragon/email-spoofing-1a81728f92b3?source=rss------bug_bounty-5Subin Kumardmarc-record, email-spoofing, bug-bounty30-Oct-2024
Exposed Git Configs Lead to 15,000 Stolen Cloud Credentials: The WireTor Solutionhttps://medium.com/@wiretor/exposed-git-configs-lead-to-15-000-stolen-cloud-credentials-the-wiretor-solution-d6de23eaca26?source=rss------bug_bounty-5WIRE TORmalware, election2024, usa, bug-bounty, pentesting30-Oct-2024
WIRE TOR — The Ethical Hacking Serviceshttps://medium.com/@wiretor/wire-tor-the-ethical-hacking-services-bac69e4fa28a?source=rss------bug_bounty-5WIRE TORbug-bounty, pentesting, malware, xss-attack, hacking30-Oct-2024
Protect Yourself from Election Scams: Insights from WireTorhttps://medium.com/@wiretor/protect-yourself-from-election-scams-insights-from-wiretor-1e118e682f76?source=rss------bug_bounty-5WIRE TORbug-bounty, pentesting, xss-attack, hacking, malware30-Oct-2024
Spooktacular Halloween Sale: 50% Off!https://medium.com/@wiretor/spooktacular-halloween-sale-50-off-f1967438dac0?source=rss------bug_bounty-5WIRE TORpentesting, bug-bounty, usa, hacking, halloween30-Oct-2024
Automating Bug Bounty Hunts with Bash: A Beginner-Friendly Guidehttps://pwndecoco.medium.com/automating-bug-bounty-hunts-with-bash-a-beginner-friendly-guide-3fc2b3d7f341?source=rss------bug_bounty-5Pwndec0c0hacking, bug-bounty-tips, penetration-testing, bug-bounty, cybersecurity30-Oct-2024
Full Account Takeover at One of the Largest E-Commerce Companieshttps://m0uka.medium.com/full-account-takeover-at-one-of-the-largest-e-commerce-companies-8cf416e9dc7e?source=rss------bug_bounty-5m0ukahackerone, hacking, bug-bounty, bugcrowd, security-research29-Oct-2024
Account Linked Domains Takeoverhttps://medium.com/@ph4nt0mbyt3/account-linked-domains-takeover-852cab92e018?source=rss------bug_bounty-5ph4nt0mbyt3pentesting, bug-bounty, pentest29-Oct-2024
How to find Information Disclouser in any WebTech or Mobile App. and Earn upto $500-$2000https://medium.com/@anandrishav2228/how-to-find-information-disclouser-in-any-webtech-or-mobile-app-and-earn-upto-500-2000-7bda67bbe754?source=rss------bug_bounty-5Rishav anandcybersecurity, money, api, bug-bounty, hacker29-Oct-2024
From Study Stress to Critical Account Takeover: How a Gym Break and a Little Curiosity Uncovered a…https://medium.com/@CipherHawk/from-study-stress-to-critical-account-takeover-how-a-gym-break-and-a-little-curiosity-uncovered-a-d15cfc2e142b?source=rss------bug_bounty-5CipherHawkbug-bounty, hackerone, hacking, yeswehack, bugbounty-tips29-Oct-2024
How I get Open Redirect Vulnerability in BBP ?https://medium.com/@keroayman77/how-i-get-open-redirect-vulnerability-in-bbp-6006e5a34602?source=rss------bug_bounty-5Kerolos Aymanbug-bounty-writeup, bug-bounty29-Oct-2024
Web cache poisoning explainedhttps://medium.com/@ad.abhi0013/web-cache-poisoning-explained-f3ddc4bfbf94?source=rss------bug_bounty-5Abhishek Adhikaricybersecurity, web-cache-poisoning, bug-bounty29-Oct-2024
Find Open Redirect in Just 2 min - $1000https://medium.com/@mdnafeed3/find-open-redirect-in-just-2-min-1000-c527bb3e65fb?source=rss------bug_bounty-5H4cker-Nafeedcybersecurity, bug-bounty, bug-bounty-tips29-Oct-2024
How can SQL injection, CSRF, and XSS attacks be prevented in Golang — Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-can-sql-injection-csrf-and-xss-attacks-be-prevented-in-golang-bug-bounty-tuesday-2f857b2e4b53?source=rss------bug_bounty-5kerstangolang, coding, cybersecurity, hacking, bug-bounty29-Oct-2024
How I Started My Bug Bounty Journey…!!!https://harshbardhanx.medium.com/how-i-started-my-bug-bounty-journey-1b9683fa6252?source=rss------bug_bounty-5Harsh Bardhanbug-hunting, bug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips29-Oct-2024
My step by step process on how I do Bug Bounty Hunting: From finding targets to Submission of the…https://pwndecoco.medium.com/my-step-by-step-process-on-how-i-do-bug-bounty-hunting-from-finding-targets-to-submission-of-the-c3ad5d4b07ad?source=rss------bug_bounty-5Pwndec0c0penetration-testing, bug-bounty, cybersecurity, bug-bounty-writeup, hacking29-Oct-2024
How do SSL Scanners Workhttps://medium.com/@serhatcck/how-do-ssl-scanners-work-b4977308e981?source=rss------bug_bounty-5Serhat ÇİÇEKcryptography, application-security, bug-bounty, hacking, pentesting29-Oct-2024
Data Breach Affects 800,000 Citizens in Italyhttps://medium.com/@wiretor/data-breach-affects-800-000-citizens-in-italy-1f977df0cab6?source=rss------bug_bounty-5WIRE TORbug-bounty, malware, italian, pentesting, hacking29-Oct-2024
Massive PSAUX Ransomware Attack Targets 22,000 CyberPanel Instances!https://medium.com/@wiretor/massive-psaux-ransomware-attack-targets-22-000-cyberpanel-instances-2925859c759c?source=rss------bug_bounty-5WIRE TORhacking, bug-bounty, usa, malware, cybersecurity29-Oct-2024
WIRE TOR — The Ethical Hacking Serviceshttps://medium.com/@wiretor/wire-tor-the-ethical-hacking-services-47ef9ecf7471?source=rss------bug_bounty-5WIRE TORhacking, bug-bounty, malware, usa, pentesting29-Oct-2024
Payment Bypass via API Request to Activate Premium Plan on Private Bug Bounty Programhttps://medium.com/@sharp488/payment-bypass-via-api-request-to-activate-premium-plan-on-private-bug-bounty-program-bbd7fc91ef99?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbug-bounty, information-technology, bug-bounty-tips, bugs, information-security28-Oct-2024
How to find a Race-condition Bug and make $1300https://medium.com/@anandrishav2228/how-to-find-a-race-condition-bug-and-make-1300-66d7e14040e9?source=rss------bug_bounty-5Rishav anandrace-condition, hacker, bug-bounty, cybersecurity, money28-Oct-2024
$150,000 Evmos Vulnerability Through Reading Documentationhttps://medium.com/@jjordanjjordan/150-000-evmos-vulnerability-through-reading-documentation-d26328590a7a?source=rss------bug_bounty-5jayjonah.ethbug-bounty, crypto, web3, ethereum, blockchain28-Oct-2024
Blind Cross Site Scripting in License Applicationhttps://medium.com/@abdullah12987654/blind-cross-site-scripting-in-license-application-aa865c0e0496?source=rss------bug_bounty-5Abdullahpenetration-testing, cross-site-scripting, xss-vulnerability, hacking, bug-bounty28-Oct-2024
HTTP Request Smuggling: From Needs More Info to Confirmed Impact!https://medium.com/@rezauditore/http-request-smuggling-from-needs-more-info-to-confirmed-impact-9b36349355ca?source=rss------bug_bounty-5rezauditorebug-bounty, http-request, peace, lgbtq, hacking28-Oct-2024
Best AI Tool to Learn Hacking 2025https://medium.com/@TahirAyoub/best-ai-tool-to-learn-hacking-2025-e30b11c551c8?source=rss------bug_bounty-5Tahir Ayoubai, cybersecurity, artificial-intelligence, bug-bounty, hacking28-Oct-2024
Easy 400$ Bounty on Hackerone Public BBPhttps://medium.com/@kaforybory/easy-400-bounty-on-hackerone-public-bbp-b7a9aa2d6767?source=rss------bug_bounty-5Hassan Makkicybersecurity, infosec, bug-bounty-tips, penetration-testing, bug-bounty28-Oct-2024
Exposing a Data Leak Vulnerability: My Journey to Discoveryhttps://infosecwriteups.com/exposing-a-data-leak-vulnerability-my-journey-to-discovery-7be93ce2c5b0?source=rss------bug_bounty-5Abhishek Bhujangethical-hacking, security, bug-bounty, bug-hunting, hacking28-Oct-2024
Ethical Hacking and Bug Bounty Programs —  Harnessing Hackers for Goodhttps://medium.com/@RocketMeUpCybersecurity/ethical-hacking-and-bug-bounty-programs-harnessing-hackers-for-good-ac8417374af0?source=rss------bug_bounty-5RocketMe Up Cybersecuritysecurity-testing, vulnerability-assessment, white-hat-hacker, ethical-hacking, bug-bounty28-Oct-2024
My first bug bountyhttps://medium.com/@zatikyan.sevada/my-first-bug-bounty-5dc382b7cd50?source=rss------bug_bounty-5Zatikyan Sevadacybersecurity, information-disclosure, bug-bounty, hacking-tools28-Oct-2024
Portswigger Lab: Reflected XSS in a JavaScript URL with some characters blockedhttps://medium.com/@iamdeusx/portswigger-lab-reflected-xss-in-a-javascript-url-with-some-characters-blocked-fa15ae95d90e?source=rss------bug_bounty-5DeusXbug-bounty, portswigger, cybersecurity, ctf28-Oct-2024
LLM Pentest Services at Wire Tor️https://medium.com/@wiretor/llm-pentest-services-at-wire-tor-%EF%B8%8F-e2617eb98a89?source=rss------bug_bounty-5WIRE TORcybersecurity, malware, hacking, usa, bug-bounty28-Oct-2024
Breaking Down My Bug Bounty Find: Exploiting EC-Council’s iClass Platformhttps://medium.com/@salaheddine_kalada/breaking-down-my-bug-bounty-find-exploiting-ec-councils-iclass-platform-68bd9a6c8460?source=rss------bug_bounty-5Salaheddine KALADAresponsible-disclosure, ethical-hacking, bug-bounty-writeup, bug-bounty, cybersecurity28-Oct-2024
How I Leveraged HTML Injection to Create an Account Using Someone Else’s Emailhttps://infosecwriteups.com/how-i-leveraged-html-injection-to-create-an-account-using-someone-elses-email-b80f83ab9465?source=rss------bug_bounty-5Devanshcybersecurity, html-injection, bug-bounty, information-security27-Oct-2024
Use Burp Suite Community version like a professional version Save upto $449https://medium.com/@anandrishav2228/use-burp-suite-community-version-like-a-professional-version-2225e9d0404f?source=rss------bug_bounty-5Rishav anandburpsuite, hacking, bug-bounty, money, cybersecurity27-Oct-2024
My Roadmap and the Tools I plan to use to aid my journey.https://cybersechemmars.medium.com/my-roadmap-and-the-tools-i-plan-to-use-to-aid-my-journey-4f720504fce6?source=rss------bug_bounty-5Cybersec with Hemmarsbug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips27-Oct-2024
Unauthorized Privilege Escalation: Gaining Command Line Access on Unpermitted Company Devices $$$$https://sp1der0x.medium.com/unauthorized-privilege-escalation-gaining-command-line-access-on-unpermitted-company-devices-1a67e55f1b63?source=rss------bug_bounty-5Spiderhacking, business-logic, privilege-escalation, access-control, bug-bounty27-Oct-2024
Bypassing File Upload Defenses: My Journey from Simple Bypass to Near RCEhttps://medium.com/@dsmodi484/bypassing-file-upload-defenses-my-journey-from-simple-bypass-to-near-rce-ffbd23400efa?source=rss------bug_bounty-5Dishant Modibug-bounty, vulnerability, file-upload, methodology, rce27-Oct-2024
How to find bugs in Microsoft iis page.https://infosecwriteups.com/how-to-find-bugs-in-microsoft-iis-page-ef336a229abc?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, cybersecurity, hacking, tips, bug-bounty27-Oct-2024
How I Leveraged HTML Injection to Create an Account Using Someone Else’s Emailhttps://infosecwriteups.com/how-i-leveraged-html-injection-to-create-an-account-using-someone-elses-email-b80f83ab9465?source=rss------bug_bounty-5Devansh Doshicybersecurity, html-injection, bug-bounty, information-security27-Oct-2024
Fog & Akira Ransomware Exploit SonicWall VPN: Is Your Network Safe?https://medium.com/@wiretor/fog-akira-ransomware-exploit-sonicwall-vpn-is-your-network-safe-81da77b75cae?source=rss------bug_bounty-5WIRE TORpentesting, hacking, cybersecurity, usa, bug-bounty27-Oct-2024
China-Backed Cyber Attack: Donald Trump and JD Vance Targeted!https://medium.com/@wiretor/china-backed-cyber-attack-donald-trump-and-jd-vance-targeted-004518c60c89?source=rss------bug_bounty-5WIRE TORmalware, bug-bounty, usa, hacking, cybersecurity27-Oct-2024
Unauthorized Privilege Escalation: Gaining Command Line Access on Unpermitted Company Devices $$$$https://sp1der0x.medium.com/unauthorized-privilege-escalation-gaining-command-line-access-on-unpermitted-company-devices-1a67e55f1b63?source=rss------bug_bounty-5Sp1der0xhacking, business-logic, privilege-escalation, access-control, bug-bounty27-Oct-2024
Firefox&Chrome extensions for bugbounty hunters.(PART 2)https://osintteam.blog/firefox-chrome-extensions-for-bugbounty-hunters-part-2-c3febcb6e64b?source=rss------bug_bounty-5loyalonlytodaytips, hacking, penetration-testing, cybersecurity, bug-bounty26-Oct-2024
Free vps for hacking and bug bounty hunting.https://osintteam.blog/free-vps-for-hacking-and-bug-bounty-hunting-921d1dda71ce?source=rss------bug_bounty-5loyalonlytodaybug-bounty, hacking, tips-and-tricks, vps, cybersecurity26-Oct-2024
Bug Bounty with AI in Real-Time: The Future of Cybersecurityhttps://prakash888kpk.medium.com/bug-bounty-with-ai-in-real-time-the-future-of-cybersecurity-b3f783c7f0de?source=rss------bug_bounty-5Lets Unlearntips-and-tricks, ai, bug-bounty26-Oct-2024
Find CSRF and get a bounty of $900 Quicklyhttps://medium.com/@anandrishav2228/find-csrf-and-get-a-bounty-of-900-quickly-a9c3bf311dfb?source=rss------bug_bounty-5Rishav anandmoney, bug-bounty, cybersecurity, hacker, ai26-Oct-2024
One idea Uncovers Authentication Bypass & Session management flawhttps://medium.com/@CipherHawk/one-idea-uncovers-authentication-bypass-session-management-flaw-2e1536f5c52d?source=rss------bug_bounty-5CipherHawkbug-bounty, hackerone, vulnerability, bugcrowd, hacking26-Oct-2024
How to Handle Burnout as a Bug Bounty Hunter: Step-by-Step Guidehttps://bevijaygupta.medium.com/how-to-handle-burnout-as-a-bug-bounty-hunter-step-by-step-guide-173bdc11386d?source=rss------bug_bounty-5Vijay Guptaburnout, bug-bounty-writeup, bug-bounty, bugs, bug-bounty-tips26-Oct-2024
Curious Case of a Feedback Linkhttps://medium.com/@thelazypentester/curious-case-of-a-feedback-link-0b1f5b208df0?source=rss------bug_bounty-5Jobsonsensitive-information, bug-bounty, cybersecurity, hacking, burpsuite26-Oct-2024
Bug Hunting Methodologyhttps://medium.com/@prajwalpatil453/bug-hunting-methodology-0780e74958be?source=rss------bug_bounty-5Anonstrkcybersecurity, bug-bounty-tips, bug-bounty, methodology, bug-hunting26-Oct-2024
500$ Idor vulnerability.https://medium.com/@noureldin1042/500-idor-vulnerability-dfc5d6f31119?source=rss------bug_bounty-5Noureldin(0x_5wf)programming, hacking, bug-bounty, bug-bounty-writeup, bug-bounty-tips26-Oct-2024
INICON: A One-Stop Recon Tool for Bug Bounty Huntershttps://medium.com/@jwalanth/inicon-a-one-stop-recon-tool-for-bug-bounty-hunters-8e1dcfa90a6c?source=rss------bug_bounty-5Kira61(Jwalanth)cybersecurity, python, pentesting, reconnaissance, bug-bounty26-Oct-2024
How I Discovered an Easy 2FA Vulnerability on Logitechhttps://medium.com/@dhananjay_00/how-i-discovered-an-easy-2fa-vulnerability-on-logitech-ff0d07178b04?source=rss------bug_bounty-5Dhananjay Pathakbug-bounty-tips, bug-bounty, bugbounty-writeup, hackerone, hacking26-Oct-2024
Dependency Confusion Unleashed: How One Misconfiguration Can Compromise an Entire Systemhttps://medium.com/@omargamal4em/dependency-confusion-unleashed-how-one-misconfiguration-can-compromise-an-entire-system-e0df2a26c341?source=rss------bug_bounty-5omar gamalbug-bounty-writeup, bug-bounty, bug-bounty-hunter, bug-bounty-tips26-Oct-2024
AIO Web App Pentesting Checklisthttps://cristivlad.medium.com/aio-web-app-pentesting-checklist-afe277d735dd?source=rss------bug_bounty-5Cristi Vladcybersecurity, bug-bounty, infosec, penetration-testing, pentesting26-Oct-2024
Apple Paying Big Bucks for Security Flaws: Your Chance to Cash In!https://medium.com/@v55232352/apple-paying-big-bucks-for-security-flaws-your-chance-to-cash-in-edb0f4f5ad21?source=rss------bug_bounty-5Patrick Hoovercyber-security-services, bug-bounty, apple-security-update26-Oct-2024
SQL Injections and the cute $2000 bountyhttps://medium.com/@nireshpandian19/sql-injections-and-the-cute-2000-bounty-2d18441ee0e3?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty, bug-bounty-writeup, idor-vulnerability, bug-bounty-tips, sql-injection26-Oct-2024
Bind Shells: A Practical Guidehttps://medium.com/@learntheshell/bind-shells-a-practical-guide-9c00b3d7ad74?source=rss------bug_bounty-5LearnTheShellcybersecurity, bug-bounty, pentesting, bind-shell, bug-bounty-tips26-Oct-2024
Cronjobs for hackers (bugbounty article)https://medium.com/@bag0zathev2/cronjobs-for-hackers-bugbounty-article-7d51588d0fd5?source=rss------bug_bounty-5Fares Walid (SirBugs)cybersecurity, bugbounty-tips, cronjob, bug-bounty, hacking26-Oct-2024
BugBounty — Mastering the Basics (along with Resources)[Part-1]https://medium.com/@iabhipathak/bugbounty-mastering-the-basics-along-with-resources-part-1-47d30eb3d19a?source=rss------bug_bounty-5Abhinav Pathakbug-bounty, cybersecurity, security, ethical-hacking, hacking26-Oct-2024
DVWA : Brute Force Vulnerability Solution (Low & Medium Security Level)https://medium.com/@Kamal_S/dvwa-brute-force-vulnerability-solution-low-medium-security-level-9c01eadf3720?source=rss------bug_bounty-5Kamal Sdvwa, burpsuite, brute-force, owasp, bug-bounty26-Oct-2024
New Cisco ASA and FTD Features: Blocking VPN Brute-Force Password Attacks!https://medium.com/@wiretor/new-cisco-asa-and-ftd-features-blocking-vpn-brute-force-password-attacks-c9065ef3ccfd?source=rss------bug_bounty-5WIRE TORpresidential-election-usa, cybersecurity, usa, bug-bounty, hacking26-Oct-2024
New Windows Driver Signature Bypass Enables Rootkit Installs!https://medium.com/@wiretor/new-windows-driver-signature-bypass-enables-rootkit-installs-42d64a4e973a?source=rss------bug_bounty-5WIRE TORbug-bounty, cybersecurity, networking, hacking, malware26-Oct-2024
Black Basta Ransomware Targets Teams: Stay Vigilant!https://medium.com/@wiretor/black-basta-ransomware-targets-teams-stay-vigilant-a76d8550003c?source=rss------bug_bounty-5WIRE TORhacking, cybersecurity, malware, xss-attack, bug-bounty26-Oct-2024
Hunting for Open Redirect Vulnerabilities: A Beginner to Expert Guidehttps://medium.com/@360Security/hunting-for-open-redirect-vulnerabilities-a-beginner-to-expert-guide-c33dd1ac1875?source=rss------bug_bounty-5360 Securityweb-security, penetration-testing, vulnerability, cybersecurity, bug-bounty26-Oct-2024
Red Hat SSO 7.6 Host Header Injection Vulnerabilityhttps://medium.com/@mark.roy.1337/exploiting-and-securing-red-hat-sso-7-6-host-header-injection-vulnerability-654424f6889a?source=rss------bug_bounty-5Mark R.vulnerability, bug-bounty, cybersecurity25-Oct-2024
TECNO Security Year-End Reward Sprint Preview: Grand Prizes Await You!https://medium.com/@security.tecno/tecno-security-year-end-reward-sprint-preview-grand-prizes-await-you-7dec791e12ce?source=rss------bug_bounty-5TECNO Securitybug-bounty, hacking, bonus, security25-Oct-2024
How I Bypassed Rate Limit on Loginhttps://mo9khu93r.medium.com/how-i-bypassed-rate-limit-on-login-b600b15158ef?source=rss------bug_bounty-5mo9khu93rbug-bounty, hacking, cybersecurity, pentesting, rate-limit-bypass25-Oct-2024
Remote Code Execution - Rage of Race Condition on Gen AIhttps://shahjerry33.medium.com/remote-code-execution-rage-of-race-condition-on-gen-ai-6f4cbc1a0e62?source=rss------bug_bounty-5Jerry Shah (Jerry)cybersecurity, penetration-testing, infosec, vulnerability, bug-bounty25-Oct-2024
Bug punya severity & priorityhttps://ilhamday.medium.com/bug-punya-severity-priority-5552885eebd6?source=rss------bug_bounty-5Ilham Ferrytesting, bug-bounty, qa, quality-assurance, software-development25-Oct-2024
Red Hat SSO 7.6 Host Header Injection Vulnerabilityhttps://medium.com/@mark-r/exploiting-and-securing-red-hat-sso-7-6-host-header-injection-vulnerability-654424f6889a?source=rss------bug_bounty-5Mark R.vulnerability, bug-bounty, cybersecurity25-Oct-2024
Advance AI Test Cases For Penetration Testinghttps://infosecwriteups.com/advance-ai-testcases-for-penetration-testing-d61b2196311d?source=rss------bug_bounty-5Ajay Naikinformation-technology, cyberattack, cybersecurity, bug-bounty, ai25-Oct-2024
Exploiting BAC: Unlimited Likes in Comment Sectionshttps://medium.com/@RaunakGupta1922/exploiting-bac-unlimited-likes-in-comment-sections-64f173b951fe?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitbug-bounty-tips, cybersecurity, programming, bug-bounty, technology25-Oct-2024
Information Disclosure in Top 500 Company through Source Codehttps://medium.com/@anonymousshetty2003/information-disclosure-in-top-500-company-through-source-code-fe91a7806acc?source=rss------bug_bounty-5Anonymousshettybug-bounty, cybersecurity, hacking, information-disclosure, security25-Oct-2024
WordPress Penetration Testing: A Hacker’s Playbookhttps://systemweakness.com/wordpress-penetration-testing-a-hackers-playbook-bb97b8a009b1?source=rss------bug_bounty-5Ahmed Makawipenetration-testing, ethical-hacking, wordpress, bug-bounty25-Oct-2024
How to install WhatWeb & usage samples.https://pwndecoco.medium.com/how-to-install-whatweb-usage-samples-8b735fc4d645?source=rss------bug_bounty-5Pwndec0c0penetration-testing, whatweb, bug-bounty, cybersecurity, linux25-Oct-2024
My step by step process on how I do Bug Bounty Hunting: From finding targets to Submission of the…https://pwndecoco.medium.com/my-step-by-step-process-on-how-i-do-bug-bounty-program-from-finding-targets-to-submission-of-the-d25939b2a1b3?source=rss------bug_bounty-5Pwndec0c0bug-bounty-tips, bug-bounty-writeup, bug-bounty, penetration-testing, cybersecurity25-Oct-2024
Uncovering Vulnerabilities: My Discovery of Hashed Passwords on a Dutch Government Websitehttps://medium.com/@anonymousshetty2003/uncovering-vulnerabilities-my-discovery-of-hashed-passwords-on-a-dutch-government-website-f30969e6ebbc?source=rss------bug_bounty-5Anonymousshettycybersecurity, security, bug-bounty, hacking, information-disclosure25-Oct-2024
Finding Cross-Site Scripting (XSS) vulnerabilities in Bug bounty programhttps://medium.com/@curiouskhanna/finding-cross-site-scripting-xss-vulnerabilities-in-bug-bounty-program-2a40bef4c8d7?source=rss------bug_bounty-5Shubham Khannacybersecurity, earn-money-online, research, bug-bounty25-Oct-2024
Cracking JWT Tokens: A Path to Identifying Bugs and Earn upto $700https://medium.com/@anandrishav2228/cracking-jwt-tokens-a-path-to-identifying-bugs-and-earn-upto-700-4028bcdcbebf?source=rss------bug_bounty-5Rishav anandbug-bounty, hacking, money, token, cybersecurity24-Oct-2024
50€ Rabbit Hole — Plain as Cake Bugshttps://medium.com/@rootplinix/50-rabbit-hole-plain-as-cake-bugs-e3e0940f93ce?source=rss------bug_bounty-5Abu Hurayrabug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips, cybersecurity24-Oct-2024
IDOR+Privilege Escalation+No Rate Limit+Business Logic into a Single Vulnerabilityhttps://medium.com/@hossam_hamada/idor-privilege-escalation-no-rate-limit-business-logic-into-a-single-vulnerability-1e6acc9a3884?source=rss------bug_bounty-5Hossam Hamadahackerone, idor, bug-bounty, privilege-escalation, business-logic24-Oct-2024
Bug Bounty Burnout: Stay Motivated and Mentally Stronghttps://bevijaygupta.medium.com/bug-bounty-burnout-stay-motivated-and-mentally-strong-9408b92fa6c8?source=rss------bug_bounty-5Vijay Guptamentally-strong, bug-bounty, motivation, bug-bounty-tips, bugs24-Oct-2024
Critical Threat for WordPress Developers and Users, if You are Using a General Password to login…https://medium.com/@a5adujjaman/critical-threat-for-wordpress-developers-and-users-if-you-are-using-a-general-password-to-login-359ff16fcc45?source=rss------bug_bounty-5Asadujjaman Asifsecurity, two-factor-authentication, bug-bounty, wordpress, wordpress-security24-Oct-2024
Web3 BBP Journal: Oct.24, 2024https://medium.com/@harryfyx/web3-bbp-journal-oct-24-2024-d3c7083ac416?source=rss------bug_bounty-5hhhkbbug-bounty24-Oct-2024
Bugcrowd Triage is Terriblehttps://medium.com/@cybersecnoneed/bugcrowd-triage-is-terrible-97065059aaff?source=rss------bug_bounty-5Cybersecnoneedbug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-bounty-hunter, bug-bounty-program24-Oct-2024
Unreleased function leads to 150$ bountyhttps://medium.com/@noureldin1042/unreleased-function-leads-to-150-bounty-c8521e3e3ba8?source=rss------bug_bounty-5Noureldin(0x_5wf)bug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-hunting, programming24-Oct-2024
How I Accessed Microsoft’s ServiceNow — Exposing ALL Microsoft Employee emails, Chat Support…https://medium.com/@moblig/how-i-accessed-microsofts-servicenow-exposing-all-microsoft-employee-emails-chat-support-5f8d535eb63b?source=rss------bug_bounty-5Mobligbug-bounty, cybersecurity, microsoft, news24-Oct-2024
Seprate Active and Dead Subdomains part 4https://osintteam.blog/seprate-active-and-dead-subdomains-part-4-18f092dc8423?source=rss------bug_bounty-5Mr Abdullahbugbounty-writeup, subdomains-enumeration, hacking, bug-bounty, web-hacking24-Oct-2024
Smart recon to PWN the panelhttps://ro0od.medium.com/smart-recon-to-pwn-the-panel-a23b0b9466bb?source=rss------bug_bounty-5roodhacking, bug-bounty, hackerone, writeup, bug-bounty-tips24-Oct-2024
Penalized for Responsible Disclosurehttps://geochen.medium.com/penalized-for-responsible-disclosure-e36b3f57dc8a?source=rss------bug_bounty-5George Chenbig-four, hacking, bug-bounty, cybersecurity, responsible-disclosure24-Oct-2024
Bug Bounty with AI: Enhancing Cybersecurity Through Artificial Intelligencehttps://prakash888kpk.medium.com/bug-bounty-with-ai-enhancing-cybersecurity-through-artificial-intelligence-fc679204b800?source=rss------bug_bounty-5Lets Unlearnai-tools, bug-bounty, ai, bugs, bounties24-Oct-2024
Cheat Sheet : Utilisation de Nuclei pour les Tests de Sécurité et bhttps://medium.com/@Itachi0xf/cheat-sheet-utilisation-de-nuclei-pour-les-tests-de-s%C3%A9curit%C3%A9-et-b-e4d9d57aff32?source=rss------bug_bounty-5Itachix0fhacking, cheatsheet, learning, bug-bounty24-Oct-2024
Das CRUD-Prinziphttps://medium.com/@rainer_zufall111/das-crud-prinzip-786530d1a302?source=rss------bug_bounty-5R4In3RZuf4LLcybersecurity, hacking, bug-bounty, api24-Oct-2024
How i found exposed db creds on .gov sitehttps://medium.com/@jenroots/how-i-found-exposed-db-creds-on-gov-site-24588d9eb9c8?source=rss------bug_bounty-5Jenrootsbug-bounty-tips, information-security, penetration-testing, bugs, bug-bounty24-Oct-2024
Second Strike: Uncovering a GraphQL IDOR That Let Me Delete Anyones Posthttps://dukrov.medium.com/second-strike-uncovering-a-graphql-idor-that-let-me-delete-anyones-post-7c6fefd71db7?source=rss------bug_bounty-5͏ ͏Dukrovbug-bounty, hackerone, cybersecurity, bugbounty-tips, hacking24-Oct-2024
How to Handle Burnout as a Bug Bounty Hunter: Step By Step guidehttps://medium.com/@shaikhminhaz1975/how-to-handle-burnout-as-a-bug-bounty-hunter-step-by-step-guide-c83b06c4fc1f?source=rss------bug_bounty-5Shaikh Minhazburnout-prevention, stress-management, cybersecurity, stress, bug-bounty23-Oct-2024
How to Find CVEs, Report Them, and Leverage Them for Career Growth and Bounties of $$$$$.https://medium.com/@anandrishav2228/how-to-find-cves-report-them-and-leverage-them-for-career-growth-and-bounties-of-3b62538c64d1?source=rss------bug_bounty-5Rishav anandai, money, cybersecurity, cve, bug-bounty23-Oct-2024
One Payload for Bugbounty(X$$)!https://pwndecoco.medium.com/one-payload-for-bugbounty-x-ace7dfd4859d?source=rss------bug_bounty-5Pwndec0c0penetration-testing, bugbounty-tips, bug-bounty, hacking, bugbounty-writeup23-Oct-2024
Hacking Tools That You Need To Learnhttps://aircorridor.medium.com/hacking-tools-that-you-need-to-learn-2d8ebb8b47aa?source=rss------bug_bounty-5Aircorridorbug-bounty, cybersecurity, linux, tools, hacking23-Oct-2024
Improper Access Control — Generic: How I Gained Full Control Over an Admin Panelhttps://medium.com/@rezauditore/improper-access-control-generic-how-i-gained-full-control-over-an-admin-panel-c82587a1a09f?source=rss------bug_bounty-5rezauditorebug-bounty, lgbtq, appsec, ethical-hacking, api23-Oct-2024
How I Discovered Sensitive App_ID and App_Key Disclosure in a JavaScript File and Earned $150https://medium.com/@dhananjay_00/how-i-discovered-sensitive-app-id-and-app-key-disclosure-in-a-javascript-file-and-earned-150-ad3fb7f942bc?source=rss------bug_bounty-5Dhananjay Pathakpenetration-testing, cybersecurity, hacking, bug-bounty, hackerone23-Oct-2024
Understanding SMTP User Enumeration via MX Record Attackshttps://hackerhalt.medium.com/smtp-user-enumeration-mx-record-4e5761d52e57?source=rss------bug_bounty-5Hacker Haltpentesting, bugcrowd, bug-bounty, hackerone23-Oct-2024
Entering The Dark Web And Explaining The Art Of Deep Anonymity | Primary Hacking School #8https://medium.com/@nnface/entering-the-dark-web-and-explaining-the-art-of-deep-anonymity-primary-hacking-school-8-20239706e4fc?source=rss------bug_bounty-5NnFacedarkweb, web, hacking, kali-linux, bug-bounty23-Oct-2024
Eyeglass Adventures: From Typos to Admin Access — A Hacker’s Talehttps://medium.com/@khode4li/eyeglass-adventures-from-typos-to-admin-access-a-hackers-tale-0a3149acd6e9?source=rss------bug_bounty-5Khod4lisecurity, mass-assignment, bug-bounty, broken-access-control, vulnerability23-Oct-2024
Stored XSS Critical or NOT?https://medium.com/@mrro0o0tt/stored-xss-critical-or-not-da9eb9b19029?source=rss------bug_bounty-5Whoamibug-bounty-hunter, bug-bounty-tips, bug-bounty, hacking, bug-bounty-writeup23-Oct-2024
Requisições Web  —  Tudo que você deve saber para começar em cybersegurançahttps://medium.com/@malwarilia/requisi%C3%A7%C3%B5es-web-tudo-que-voc%C3%AA-deve-saber-para-come%C3%A7ar-em-cyberseguran%C3%A7a-ef01a89b250c?source=rss------bug_bounty-5Marília Rochabug-bounty-tips, pentesting, cybersecurity, infosec, bug-bounty22-Oct-2024
Bug Bounty Methodology for SQL Injection with Waybash URLshttps://pwn0sec.medium.com/bug-bounty-methodology-for-sql-injection-with-waybash-urls-d1d13d0ebdaa?source=rss------bug_bounty-5Imhunterandbug-bounty-tips, waybash, sql-injection, bug-bounty-writeup, bug-bounty22-Oct-2024
Oracle SQL Injection | Database Reconhttps://systemweakness.com/oracle-sql-injection-database-recon-0c384d4a085a?source=rss------bug_bounty-5AbhirupKonwarcybersecurity, sql-injection, bug-bounty, pentesting, bug-bounty-tips22-Oct-2024
Forget password OTP flaw lead to Account Takeover.https://medium.com/@bughunt789/forget-password-otp-flaw-lead-to-account-takeover-b3f2b847952b?source=rss------bug_bounty-5BUG HUNTERbug-bounty, bug-bounty-writeup, response-manipulation, account-takeover, account-takeover-attacks22-Oct-2024
How I Hacked Over 150k PII on a Programhttps://medium.com/@rootplinix/how-i-hacked-over-150k-pii-on-a-program-f58b8b141d4a?source=rss------bug_bounty-5Abu Hurayrapii-data, infosec, hackerone, bug-bounty-tips, bug-bounty22-Oct-2024
SQL Injection Attack, Listing the Database Contents on Oraclehttps://medium.com/@marduk.i.am/sql-injection-attack-listing-the-database-contents-on-oracle-3be23e33a43d?source=rss------bug_bounty-5Marduk I Amsqli, information-security, sql-injection, portswigger-lab, bug-bounty22-Oct-2024
Discovery of Reflected XSS Vulnerability on a Global Car Website #2https://medium.com/@gg20205959/discovery-of-reflected-xss-vulnerability-on-a-global-car-website-2-ddfc7ba9f67d?source=rss------bug_bounty-5VulnSniperxss-attack, xss-vulnerability, bug-bounty, penetration-testing22-Oct-2024
LLM Penetration Testing Checklisthttps://infosecwriteups.com/llm-penetration-testing-checklist-87eda0ce2991?source=rss------bug_bounty-5Ajay Naikinformation-technology, information-security, penetration-testing, cybersecurity, bug-bounty22-Oct-2024
Security Flaw in Styra’s OPA Exposes NTLM Hashes to Remote Attackershttps://medium.com/@wiretor/security-flaw-in-styras-opa-exposes-ntlm-hashes-to-remote-attackers-f4c9ce201de8?source=rss------bug_bounty-5WIRE TORpenetration-testing, hacking, bug-bounty, cybersecurity, usa22-Oct-2024
Shodan Secrets | Hack Hidden Files Easilyhttps://osintteam.blog/shodan-secrets-hack-hidden-files-easily-94de007def73?source=rss------bug_bounty-5AbhirupKonwarcybersecurity, bug-hunting, shodan, bug-bounty, pentesting22-Oct-2024
Hunting Broken Object Level Authorizationhttps://blackhawkk.medium.com/hunting-broken-object-level-authorization-9b499fc0f327?source=rss------bug_bounty-5Tanmay Bhattacharjeebug-bounty, api-sec, owasp22-Oct-2024
Single endpoint leads to two bounties!(400$)https://medium.com/@noureldin1042/single-endpoint-leads-to-two-bounties-400-7dd96cf601c7?source=rss------bug_bounty-5Noureldin(0x_5wf)bug-bounty, bug-hunting, bug-bounty-writeup, hackerone, bug-bounty-tips22-Oct-2024
Breaking Boundaries: Discovering Session Invalidation Failures in User Roleshttps://medium.com/@hawkeye69669/breaking-boundaries-discovering-session-invalidation-failures-in-user-roles-84711777f9f2?source=rss------bug_bounty-5Hawkeyebug-bounty-tips, bug-bounty, infosec-write-ups, bug-bounty-writeup, infosec22-Oct-2024
Google Warns of Samsung Zero-Day Exploited in the Wildhttps://medium.com/@wiretor/google-warns-of-samsung-zero-day-exploited-in-the-wild-fb98c84b3e06?source=rss------bug_bounty-5WIRE TORusa, cybersecurity, hacking, bug-bounty, malware22-Oct-2024
Critical Vulnerabilities Expose mbNET.mini and Helmholz Industrial Routers to Attackshttps://medium.com/@wiretor/critical-vulnerabilities-expose-mbnet-mini-and-helmholz-industrial-routers-to-attacks-feac904b23b5?source=rss------bug_bounty-5WIRE TORusa, hacking, bug-bounty, cybersecurity, pentesting22-Oct-2024
Ransomware Alert: Cicada3301 Emerges as Successor to BlackCathttps://medium.com/@wiretor/ransomware-alert-cicada3301-emerges-as-successor-to-blackcat-e0e468472e08?source=rss------bug_bounty-5WIRE TORpentesting, bug-bounty, cybersecurity, usa, hacking22-Oct-2024
How i tricked Crypto Trading Site into sending Dangerous email to it’s Usershttps://medium.com/@Rahulkrishnan_R_Panicker/how-i-tricked-crypto-trading-site-into-sending-dangerous-email-to-its-users-a11a972c470f?source=rss------bug_bounty-5Rahulkrishnan R Panickerbug-bounty, bug-bounty-tips, bug-bounty-writeup, pentesting, security21-Oct-2024
Oops, Nykaa! How I Almost Ordered ₹1 Lakh Worth of Makeup (Without Even Logging In!)https://medium.com/@lungfu-chingchung/oops-nykaa-how-i-almost-ordered-1-lakh-worth-of-makeup-without-even-logging-in-f10679e0d8c9?source=rss------bug_bounty-5LungFulearning, firstwriteup, mastmaula, security, bug-bounty21-Oct-2024
Another Dark Reality of Bug Huntinghttps://bevijaygupta.medium.com/another-dark-reality-of-bug-hunting-0c8fa62e9867?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, dark-reality, bug-bounty, bugs, bug-zero21-Oct-2024
How to Use nslookup from Beginner to Advanced: A Comprehensive Guidehttps://medium.com/@anandrishav2228/how-to-use-nslookup-from-beginner-to-advanced-a-comprehensive-guide-846ad93955e4?source=rss------bug_bounty-5Rishav anandmoney, cybersecurity, hacker, bug-bounty, dns21-Oct-2024
How I Found and Reported a High Severity Stored XSS Vulnerability in the UK Ministry of Defence: A…https://medium.com/@sagarjondhle/how-i-found-and-reported-a-critical-stored-xss-vulnerability-in-the-uk-ministry-of-defence-a-bug-e44497befaa8?source=rss------bug_bounty-5IronPurushbug-bounty, cybersecurity, information-technology, education21-Oct-2024
Hacking LLMNR and NBT-NShttps://medium.com/@nishcyber22/hacking-llmnr-and-nbt-ns-3187458ee89d?source=rss------bug_bounty-50xn1shpenetration-testing, hacking, cybersecurity, windows-hacking, bug-bounty21-Oct-2024
HTTP para Pentesters: Tudo que você precisa saberhttps://medium.com/@malwarilia/introdu%C3%A7%C3%A3o-ao-http-para-pentesters-tudo-que-voc%C3%AA-precisa-saber-f3cce97d42e9?source=rss------bug_bounty-5Marília Rochaoffensive-security, segurança-da-informação, cybersecurity, bug-bounty, pentes21-Oct-2024
What’s Session Managementhttps://medium.com/@vishalsahu1604/whats-session-management-306c08a9afcf?source=rss------bug_bounty-5Vishal Sahoobug-bounty, cybersecurity, website-traffic, website, website-development21-Oct-2024
Unlocking Cybersecurity with Censys: A Guide to Ethical Hacking, Bug Bounties, and Pentesting —…https://medium.com/@vulnlabresearcher/unlocking-cybersecurity-with-censys-a-guide-to-ethical-hacking-bug-bounties-and-pentesting-f4c29e89ac54?source=rss------bug_bounty-5VulnResearcherpassive-network-scanning, internet-scanning-tools, censys-tutorial, bug-bounty, ethical-hacking21-Oct-2024
CSRF-ATTACK-PREVENTION-GUIDEhttps://osintteam.blog/csrf-attack-prevention-guide-3afe8791af6d?source=rss------bug_bounty-5Asad Mohsincyber-security-awareness, cybersecuirty, cyber-attack-prevention, bug-bounty, csrf21-Oct-2024
How No rate limiting got me 150$ in 5 minutes.https://medium.com/@noureldin1042/how-no-rate-limiting-got-me-150-in-5-minutes-e0abbec48f35?source=rss------bug_bounty-5Noureldin(0x_5wf)bug-bounty, bounty-hunter, penetration-testing, bounty-program, bug-hunting21-Oct-2024
How i found 22 LFI in the same program using automation trickshttps://medium.com/@zomasec/how-i-found-22-lfi-in-the-same-program-using-automation-tricks-3ea303d24f4a?source=rss------bug_bounty-5Hazem El-Sayedbug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips, web-security21-Oct-2024
My First $100 Bounty: Exploiting IDOR Vulnerability in Account Sectionhttps://medium.com/@tinu7494/my-first-100-bounty-exploiting-idor-vulnerability-in-account-section-fc81d28dbed9?source=rss------bug_bounty-5Whitehatbug-bounty, penetration-testing, bug-bounty-tips, hacking, cybersecurity21-Oct-2024
How Sensitive Information Disclosure Can Lead to Account Takeoverhttps://medium.com/@D2Cy/how-sensitive-information-disclosure-can-lead-to-account-takeover-vulnerabilities-4d18d2a3711d?source=rss------bug_bounty-5Devanshinformation-security, bug-bounty, idor, account-takeover21-Oct-2024
Mastering Arsenal (How to Use the Nuclei Tool Effectively)https://medium.com/@bitthr3at/mastering-arsenal-how-to-use-the-nuclei-tool-effectively-5ff976dfaeb0?source=rss------bug_bounty-5Naman Gupta (Bitthr3at)nucleus, scanning, bug-bounty, pentest, tools21-Oct-2024
Microsoft Blocks Windows 11 24H2 on Select ASUS Models: A Cautionary Tale for Usershttps://medium.com/@wiretor/microsoft-blocks-windows-11-24h2-on-select-asus-models-a-cautionary-tale-for-users-5fc3314e0cfa?source=rss------bug_bounty-5WIRE TORcybersecurity, bug-bounty, pentest, usa, hacking21-Oct-2024
Cisco Takes DevHub Portal Offline Following Hacker Leak of Sensitive Datahttps://medium.com/@wiretor/cisco-takes-devhub-portal-offline-following-hacker-leak-of-sensitive-data-b6ca5cffe3c3?source=rss------bug_bounty-5WIRE TORpentesting, hacking, usa, bug-bounty, cybersecurity21-Oct-2024
Massive WordPress Breach: Over 6,000 Sites Hacked by Infostealing Malware Plugins! ️https://medium.com/@wiretor/massive-wordpress-breach-over-6-000-sites-hacked-by-infostealing-malware-plugins-%EF%B8%8F-2a4cb7e80d0c?source=rss------bug_bounty-5WIRE TORpentest, usa, pentesting, bug-bounty, cybersecurity21-Oct-2024
North Korean Hackers Exploit Microsoft Zero-Day: APT37’s “Code-on-Toast” Attack Uncoveredhttps://medium.com/@wiretor/north-korean-hackers-exploit-microsoft-zero-day-apt37s-code-on-toast-attack-uncovered-c10af50cf040?source=rss------bug_bounty-5WIRE TORcybersecurity, usa, bug-bounty, hacking, malware21-Oct-2024
My Bug Hunting Journey Beginshttps://medium.com/@ahmsyhmi/my-bug-hunting-journey-begins-c75c291ffe9c?source=rss------bug_bounty-5Ahmad Syahmibug-bounty-tips, bug-bounty, cybersecurity, bug-bounty-hunter, bug-hunting20-Oct-2024
How i got 300euro bounty?https://doordiefordream.medium.com/how-i-got-300euro-bounty-5e25f0a212de?source=rss------bug_bounty-5balu bandiethical-hacking, hacking, bug-bounty, writeup, cybersecurity20-Oct-2024
How I Found My First P1 Bug ??https://medium.com/@prajwalpatil453/how-i-found-my-first-p1-bug-705b6ba5e3e2?source=rss------bug_bounty-5Anonstrkbug-bounty-tips, cybersecurity, tips-and-tricks, vdp, bug-bounty20-Oct-2024
How Much Does Penetration Testing Cost?https://securitylit.medium.com/how-much-does-penetration-testing-cost-945fdb94e973?source=rss------bug_bounty-5Security Lit Limitedit-security, penetration-testing, pentesting, services, bug-bounty20-Oct-2024
Is CISSP Certification Still Worth It in 2025? Find Out Why You Should Consider It!https://securitylit.medium.com/is-cissp-certification-still-worth-it-in-2025-find-out-why-you-should-consider-it-dda36a443f80?source=rss------bug_bounty-5Security Lit Limitedpenetration-testing, it-security, bug-bounty, cybersecurity20-Oct-2024
Bypassing Email Uniqueness Check: A Logic Flaw Disrupting Password Recoveryhttps://medium.com/@0xoroot/bypassing-email-uniqueness-check-a-logic-flaw-disrupting-password-recovery-95464c95b664?source=rss------bug_bounty-50xorootbug-bounty-tips, broken-access-control, hacking, bug-bounty, hackerone20-Oct-2024
Mastering SQLMap Tool for Effective SQL Injection Testinghttps://medium.com/@prasanna.acharya/mastering-sqlmap-tool-for-effective-sql-injection-testing-38911178d3f6?source=rss------bug_bounty-5Prasanna Acharyasqlmap, sql-injection, bug-bounty-tips, web-penetration-testing, bug-bounty20-Oct-2024
Mastering Internet Scanning: How to Use ZMap and Censys for Ethical Hacking — Part 1https://medium.com/@vulnlabresearcher/mastering-internet-scanning-how-to-use-zmap-and-censys-for-ethical-hacking-part-1-9d05feb7a382?source=rss------bug_bounty-5VulnResearcherbug-bounty, ethical-hacking, network-scanning, cybersecurity, zmap-tutorial20-Oct-2024
Hack Application Pattern Lockhttps://medium.com/@k3r0/hack-application-pattern-lock-5ade6b8128dc?source=rss------bug_bounty-5Kyrillos nadybug-bounty, pentesting, hacking, mobi̇le, android20-Oct-2024
Bug Bounty Roadmap for Beginner’shttps://medium.com/@kumawatabhijeet2002/bug-bounty-roadmap-for-beginners-de747ab39036?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, hacking, bugbounty-writeup, bug-bounty-tips20-Oct-2024
The Deceptive Dance of Self-XSS: How to Protect Yourself from Your Own Browserhttps://medium.com/@mrutunjayasenapati0/the-deceptive-dance-of-self-xss-how-to-protect-yourself-from-your-own-browser-303ffe642073?source=rss------bug_bounty-5Mrutunjaya Senapatixss-attack, bug-bounty, vulnerability, bugs, hacking20-Oct-2024
My Adventure in Bug Bounty: Sharing My Very First Successful Discoveryhttps://medium.com/@prateek.baghela/my-adventure-in-bug-bounty-sharing-my-very-first-successful-discovery-526124148107?source=rss------bug_bounty-5Prateek Baghelacybersecurity, hacking, ethical-hacking, bug-bounty20-Oct-2024
My first SQLi vulnerabilityhttps://medium.com/@rimed.software/my-first-sqli-vulnerability-f1eaab78eadf?source=rss------bug_bounty-5muhammed demirowasp-top-10, bug-bounty, bug-bounty-writeup, sqli, cybersecurity20-Oct-2024
Halloween Special Offer: 25% Off All Cybersecurity Services!https://medium.com/@wiretor/halloween-special-offer-25-off-all-cybersecurity-services-01ff60356d66?source=rss------bug_bounty-5WIRE TORhacking, bug-bounty, halloween, cybersecurity, usa20-Oct-2024
Finally I got My First Bounty | From Self Hosted Programhttps://medium.com/@the.air.cyborg/finally-i-got-my-first-bounty-from-self-hosted-program-71ffe09473c4?source=rss------bug_bounty-5the_air_cyborgclickjacking, bugbounty-writeup, bug-bounty, bugbounty-tips, clickbait20-Oct-2024
Mastering Nmap Firewall Evasion Techniques: A Detailed Guidehttps://medium.com/@anandrishav2228/mastering-nmap-firewall-evasion-techniques-a-detailed-guide-f5d5b9f00587?source=rss------bug_bounty-5Rishav anandfirewall, bug-bounty, nmap, cybersecurity, money20-Oct-2024
How to Start Hacking: A Comprehensive Guide to Ethical Hacking and Penetration Testing for…https://medium.com/@verylazytech/how-to-start-hacking-a-comprehensive-guide-to-ethical-hacking-and-penetration-testing-for-db6e3fcd63ea?source=rss------bug_bounty-5Very Lazy Techbug-bounty, books, how-to-start-hacking, penetration-testing, cybersecurity20-Oct-2024
Superior Tool Untuk Melakukan Google Dorking Dalam Mencari Kerentanan Websitehttps://medium.com/@bimosp56/superior-tool-untuk-melakukan-google-dorking-dalam-mencari-kerentanan-website-ec7719b05a5b?source=rss------bug_bounty-5Bimo Salasa Putrabug-bounty, bigbountyrecon, vulnerability-assessment, google-dorking, vulnerability20-Oct-2024
FINDING A DOS BUG(STEP BY STEP).https://osintteam.blog/finding-a-dos-bug-step-by-step-5f13d361dc90?source=rss------bug_bounty-5loyalonlytodayhacking, penetration-testing, bug-bounty-tips, cybersecurity, bug-bounty20-Oct-2024
$$$ Bounty for PII disclosure through APIhttps://osintteam.blog/bounty-for-pii-disclosure-through-api-71b660bc984b?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitcybersecurity, hacking, bug-bounty, ethical-hacking, technology20-Oct-2024
Security Misconfigurations in Docker Containers: My $500 Win!https://osintteam.blog/security-misconfigurations-in-docker-containers-my-500-win-241af85882b2?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitethical-hacking, hacking, bug-bounty, cybersecurity, technology20-Oct-2024
Exploiting Auth0 Misconfigurations: A Case Study on Account Linking Vulnerabilitieshttps://medium.com/@iknowhatodo/exploiting-auth0-misconfigurations-a-case-study-on-account-linking-vulnerabilities-76fb6b9703f8?source=rss------bug_bounty-5Hossam Ahmedsecurity, penetration-testing, bug-bounty, information-security20-Oct-2024
What are Cookies? and How Attackers Take Privilege of Cookieshttps://medium.com/@vishalsahu1604/what-are-cookies-and-how-attackers-take-privilege-of-cookies-a016145c5fff?source=rss------bug_bounty-5Vishal Sahoowebsite-development, bug-bounty, technology, cybersecurity, website20-Oct-2024
How I could steal Telegram OTPs using SMS relayshttps://medium.com/@cyberletmewin/how-i-could-steal-telegram-otps-using-sms-relays-4672769c98e3?source=rss------bug_bounty-5Abdelkhalek Beraoud (letmewin)telegram, information-security, mobile-network, cybersecurity, bug-bounty20-Oct-2024
VDP vs CVD vs Bug Bountyhttps://medium.com/@ali.abdollahi/vdp-vs-cvd-vs-bug-bounty-bc2402038e4f?source=rss------bug_bounty-5Ali Abdollahicybersecurity, security, information-security, vulnerability, bug-bounty20-Oct-2024
Hackers Exploit Roundcube Webmail Vulnerability to Steal Login Credentialshttps://medium.com/@wiretor/hackers-exploit-roundcube-webmail-vulnerability-to-steal-login-credentials-6b2761a7dd81?source=rss------bug_bounty-5WIRE TORhacking, pentest, usa, cybersecurity, bug-bounty20-Oct-2024
Hackers Exploit Redbox Kiosks: A Wake-Up Call for Digital Securityhttps://medium.com/@wiretor/hackers-exploit-redbox-kiosks-a-wake-up-call-for-digital-security-1d19e18f3a80?source=rss------bug_bounty-5WIRE TORhacking, usa, cybersecurity, malware, bug-bounty20-Oct-2024
How to Find XSS in Real-Life Bug Bounty Targetshttps://medium.com/@rupaitanudas/how-to-find-xss-in-real-life-bug-bounty-targets-319177706ad8?source=rss------bug_bounty-5Rupaitanudasxss-attack, bug-bounty, tips-and-tricks20-Oct-2024
Internet Archive Breached Again: Urgent Call for Enhanced Cybersecurityhttps://medium.com/@wiretor/internet-archive-breached-again-urgent-call-for-enhanced-cybersecurity-4cb161fc5408?source=rss------bug_bounty-5WIRE TORcybersecurity, bug-bounty, usa, malware, hacking20-Oct-2024
how did I lose $5000?https://medium.com/@mr.matrex00.7/how-did-i-lose-5000-6bf4a5c7cbf7?source=rss------bug_bounty-5Mr Matrexhackthebox, tryhackme, bug-bounty, bug-bounty-tips, bug-bounty-writeup20-Oct-2024
Unveiling Hidden Vulnerabilities: A Journey into E-Commerce Securityhttps://medium.com/@CipherHawk/unveiling-hidden-vulnerabilities-a-journey-into-e-commerce-security-db7993b788cc?source=rss------bug_bounty-5CipherHawkbug-bounty-tips, bug-bounty, bugcrowd, cybersecurity, hackerone20-Oct-2024
VDP vs CVD vs Bug Bountyhttps://systemweakness.com/vdp-vs-cvd-vs-bug-bounty-bc2402038e4f?source=rss------bug_bounty-5Ali Abdollahicybersecurity, security, information-security, vulnerability, bug-bounty20-Oct-2024
How I Found My First Easy P3 Vulnerability in HackerOne Bug Bounty‍https://medium.com/@aryan9868/how-i-found-my-first-easy-p3-vulnerability-in-hackerone-bug-bounty-f9227942c6c0?source=rss------bug_bounty-5h4ck3rrawatbugs, bug-bounty-tips, bugbounty-writeup, hackerone, bug-bounty19-Oct-2024
Google Dorking Queries to find vulnurable targetshttps://medium.com/@kanishk.k1410/google-dorkingqueries-to-find-vulnurable-targets-89ee672b6996?source=rss------bug_bounty-5Kanishk Kumargoogle-dorking, hacking, technology, bug-bounty, offensive-security19-Oct-2024
How a NoSQL Injection Attack Helped Me Earn $500: A Step-by-Step Guidehttps://medium.com/@anandrishav2228/how-a-nosql-injection-attack-helped-me-earn-500-a-step-by-step-guide-51370a95bb93?source=rss------bug_bounty-5Rishav anandbug-bounty, ai, money, nosql, cybersecurity19-Oct-2024
A Comprehensive Guide to API Fuzzing: Strengthen Your API Securityhttps://medium.com/@Code_With_Ssn/a-comprehensive-guide-to-api-fuzzing-strengthen-your-api-security-5c00aac974b0?source=rss------bug_bounty-5N4!TR0 07api-fuzzing, api, bug-bounty, bug-bounty-writeup, reconnaissance19-Oct-2024
From JavaScript Analysis To UUID Pattern Exploration Revealed a Critical IDOR!https://medium.com/@ozomarzu/from-javascript-analysis-to-uuid-pattern-exploration-revealed-a-critical-idor-5c526451e7ec?source=rss------bug_bounty-5CyberOzbug-bounty-tips, js, idor, bug-bounty-writeup, bug-bounty19-Oct-2024
Password Brute-Forcing: The Cybersecurity Game Show You Didn’t Sign Up Forhttps://medium.com/@mrutunjayasenapati0/password-brute-forcing-the-cybersecurity-game-show-you-didnt-sign-up-for-c03052aedeeb?source=rss------bug_bounty-5Mrutunjaya Senapatihacking, vulnerability, bug-bounty, passwords, bugs19-Oct-2024
How I Uncovered a Hidden XSS Vulnerability in a Global Car Websitehttps://medium.com/@gg20205959/how-i-uncovered-a-hidden-xss-vulnerability-in-a-global-car-website-1e0b86a86a7a?source=rss------bug_bounty-5VulnSniperxss-attack, xss-vulnerability, hacking, alerts, bug-bounty19-Oct-2024
How I Uncovered a High-Severity Vulnerability Using a Single HTTP Headerhttps://medium.com/@ahmeedhisham2019/how-i-uncovered-a-high-severity-vulnerability-using-a-single-http-header-bf678a2775dc?source=rss------bug_bounty-5CipherHawkcybersecurity, ethical-hacking, hackerone, bug-bounty-tips, bug-bounty19-Oct-2024
SubdomainRadar.io — The best Subdomain Finder And Port Scannerhttps://medium.com/@alexandrevandammepro/subdomainradar-io-the-best-subdomain-finder-and-port-scanner-a5390b5fee67?source=rss------bug_bounty-5Alexandre Vandammesubdomains-enumeration, osint, bug-bounty, infose, cybersecurity19-Oct-2024
How I am starting my Bug Bounty Hunting Journeyhttps://cybersechemmars.medium.com/how-i-am-starting-my-bug-bounty-hunting-journey-6d807a367d80?source=rss------bug_bounty-5Cybersec with Hemmarsbug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter, cybersecurity19-Oct-2024
Get easy $50,000 bugbounty hunting from hackerone programhttps://medium.com/@loaymorad11/get-easy-50-000-bugbounty-hunting-from-hackerone-program-e5a119d2af0c?source=rss------bug_bounty-5Loaymoradhackerone, writeup, information-disclosure, cybersecurity, bug-bounty19-Oct-2024
Attack on Zendeskhttps://medium.com/@skirkanna/attack-on-zendesk-6f4f3adf3458?source=rss------bug_bounty-5Anna Skirko (unknown_feature)bug-bounty, apple, zendesk, supply-chain, slack19-Oct-2024
How I Uncovered a High-Severity Vulnerability Using a Single HTTP Headerhttps://medium.com/@CipherHawk/how-i-uncovered-a-high-severity-vulnerability-using-a-single-http-header-bf678a2775dc?source=rss------bug_bounty-5CipherHawkcybersecurity, ethical-hacking, hackerone, bug-bounty-tips, bug-bounty19-Oct-2024
How I Found a Subdomain Takeover Bug and Earned a $500 Bountyhttps://medium.com/@D2Cy/how-i-found-a-subdomain-takeover-bug-and-earned-a-500-bounty-0edc139fe994?source=rss------bug_bounty-5D2Cyinformation-security, bug-bounty, bug-bounty-writeup, cybersecurity, subdomain-takeover19-Oct-2024
XSShttps://medium.com/@cyberviperx/xss-f5daee1b9e95?source=rss------bug_bounty-5Majd abuleilxss-vulnerability, bug-bounty, cybersecurity, hacking, xss-attack19-Oct-2024
6 BEST Hacking Books for Learning Cybersecurityhttps://medium.com/illumination/6-best-hacking-books-for-learning-cybersecurity-bbe0e9bdf0ae?source=rss------bug_bounty-5Tahir Ayoubpenetration-testing, bug-bounty, hacking, cybersecurity, ethical-hacking19-Oct-2024
Alabama Man Arrested for SEC Social Media Hack That Caused Bitcoin Price Spikehttps://medium.com/@wiretor/alabama-man-arrested-for-sec-social-media-hack-that-caused-bitcoin-price-spike-eebee5fe0a88?source=rss------bug_bounty-5WIRE TORinformation-technology, cybersecurity, malware, xss-attack, bug-bounty19-Oct-2024
Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Varianthttps://medium.com/@wiretor/russian-romcom-attacks-target-ukrainian-government-with-new-singlecamper-rat-variant-89d740937358?source=rss------bug_bounty-5WIRE TORcybersecurity, xss-attack, hacking, bug-bounty, usa19-Oct-2024
Attention WordPress Users! Critical Jetpack Vulnerability Fixed!https://medium.com/@wiretor/attention-wordpress-users-critical-jetpack-vulnerability-fixed-f52d455499fe?source=rss------bug_bounty-5WIRE TORbug-bounty, usa, sqli, malware, hacking19-Oct-2024
How I Found a Subdomain Takeover Bug and Earned a $500 Bountyhttps://medium.com/@D2Cy/how-i-found-a-subdomain-takeover-bug-and-earned-a-500-bounty-0edc139fe994?source=rss------bug_bounty-5Devanshinformation-security, bug-bounty, bug-bounty-writeup, cybersecurity, subdomain-takeover19-Oct-2024
2FA Bypass via OAuth Linkinghttps://medium.com/@sharp488/2fa-bypass-via-oauth-linking-c8a640519ae8?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbug-bounty-tips, bug-bounty, hacking, information-security, information-technology18-Oct-2024
Stored XSS & Privilege Escalation in Profile Field -Private Programhttps://cyb3rc4t.medium.com/stored-xss-privilege-escalation-in-profile-field-private-program-2bdde55e34b2?source=rss------bug_bounty-5CYB3RC4Tinfosec, bugbounty-writeup, bug-bounty, security, privilege-escalation18-Oct-2024
Managing and Modifying URLs in SubScope for Bug Bounty Programs: A Comprehensive Guidehttps://medium.com/@hunthubspace/managing-and-modifying-urls-in-subscope-for-bug-bounty-programs-a-comprehensive-guide-667df5ed07ab?source=rss------bug_bounty-5hunThubautomation, bug-bounty, penetration-testing, cybersecurity, bug-bounty-tips18-Oct-2024
I found this Bug in just 5 min. Only and Earn $300.https://medium.com/@anandrishav2228/i-found-this-bug-in-just-5-min-only-and-earn-300-6b57528a7291?source=rss------bug_bounty-5Rishav anandcors, bug-bounty, cybersecurity, money, vulnerability18-Oct-2024
Exploiting Session Fixation via Stored XSS and Cookie Jar Overflow Attackhttps://akashc99.medium.com/exploiting-session-fixation-via-stored-xss-and-cookie-jar-overflow-attack-7cf8d60e1f9e?source=rss------bug_bounty-5Akash ccybersecurity, web-app-security, bug-bounty, bug-hunter, hacking18-Oct-2024
A Security Researcher’s Journey: Uncovering an Account Takeover Vulnerabilityhttps://medium.com/@cybershree/a-security-researchers-journey-uncovering-an-account-takeover-vulnerability-624763bd4ecd?source=rss------bug_bounty-5Shridhar Rajaputcybersecurity, security, bug-bounty-tips, vulnerability, bug-bounty18-Oct-2024
The Harsh Reality of Bug Bounty Hunting Bugcrowdhttps://medium.com/@cybershree/the-harsh-reality-of-bug-bounty-hunting-on-bugcrowd-aac3b29e9f43?source=rss------bug_bounty-5Shridhar Rajaputbugcrowd, cybersecurity, bugbounty-writeup, bugs, bug-bounty18-Oct-2024
Exploring Session Hijacking: How Attackers Compromise Web Sessionshttps://medium.com/@mrutunjayasenapati0/exploring-session-hijacking-how-attackers-compromise-web-sessions-6a1c78e6c718?source=rss------bug_bounty-5Mrutunjaya Senapativulnerability, bug-bounty, sessions, bug-bounty-tips, hacking18-Oct-2024
IDOR: User Information Disclosurehttps://systemweakness.com/idor-user-information-disclosure-7c6951a55a7a?source=rss------bug_bounty-5Aswin Thambi Panikulangaracybersecurity, bug-bounty, hacking, bug-bounty-tips, bugbounty-writeup18-Oct-2024
How Do Hackers Crack ANY Softwarehttps://medium.com/@TahirAyoub/how-do-hackers-crack-any-software-8e8e201bb169?source=rss------bug_bounty-5Tahir Ayoubhacking, bug-bounty, cybersecurity, medium, pentesting18-Oct-2024
Business logic vulnerability : Permanent Comments lockhttps://sayedv2.medium.com/business-logic-vulnerability-permanent-comments-lock-f118087967ba?source=rss------bug_bounty-5Mohamed Sayedsecurity, bug-bounty, cybersecurity, business-logic, infosec18-Oct-2024
How I Earned $150 for Reporting a Simple Parameter Bughttps://medium.com/@janmaciejewski07/how-i-earned-150-for-reporting-a-simple-parameter-bug-90734441dcd5?source=rss------bug_bounty-5Jan Maciejewskiprogramming, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-program18-Oct-2024
Easy P3 Bug: A Spoofing Vulnerabilityhttps://medium.com/@cybershree/easy-p3-bug-a-spoofing-vulnerability-ca73a62b6f48?source=rss------bug_bounty-5Shridhar Rajaputcybersecurity, penetration-testing, bug-bounty, linkedin, information-technology18-Oct-2024
Easy P4 Bug #2: Account Deletion Lacks Password Verificationhttps://medium.com/@cybershree/p4-bug-2-account-deletion-lacks-password-verification-a8633a00c9fc?source=rss------bug_bounty-5Shridhar Rajaputcybersecurity, bugs, security-research, bug-bounty, information-technology18-Oct-2024
Easy P4 Bug : Failure to Invalidate Sessions Post Password Changehttps://medium.com/@cybershree/easy-p4-bug-failure-to-invalidate-sessions-post-password-change-56a3aee9e8cc?source=rss------bug_bounty-5Shridhar Rajaputcybersecurity, bug-bounty, information-technology, hackerone, ethical-hacking18-Oct-2024
The Harsh Reality of Bug Bounty Hunting on Bugcrowdhttps://medium.com/@cybershree/the-harsh-reality-of-bug-bounty-hunting-on-bugcrowd-aac3b29e9f43?source=rss------bug_bounty-5Shridhar Rajaputbugcrowd, cybersecurity, bugbounty-writeup, bugs, bug-bounty18-Oct-2024
Microsoft Unveils macOS Vulnerability: A Deep Dive into the HM Surf Flaw ️https://medium.com/@wiretor/microsoft-unveils-macos-vulnerability-a-deep-dive-into-the-hm-surf-flaw-%EF%B8%8F-1bb8b77b2a63?source=rss------bug_bounty-5WIRE TORcybersecurity, cve, bug-bounty, hacking, zero-day18-Oct-2024
Hong Kong Crime Ring Swindles Victims Out of $46M Using Deepfakeshttps://medium.com/@wiretor/hong-kong-crime-ring-swindles-victims-out-of-46m-using-deepfakes-9dc8cb713248?source=rss------bug_bounty-5WIRE TORhacking, usa, shell, sql, bug-bounty18-Oct-2024
Omni Family Health Impacts 470,000 Individualshttps://medium.com/@wiretor/omni-family-health-impacts-470-000-individuals-d20a82cd0ac8?source=rss------bug_bounty-5WIRE TORusa, sql, rce, bug-bounty, hacking18-Oct-2024
Another Dark Reality of Bug Huntinghttps://medium.com/@akashmotkar001/another-dark-reality-of-bug-hunting-6539c60dac31?source=rss------bug_bounty-5Akashmotkarethical-hacking, hacking, bug-bounty, bugs, cybersecurity18-Oct-2024
How Do Hackers Crack ANY Softwarehttps://medium.com/h7w/how-do-hackers-crack-any-software-8e8e201bb169?source=rss------bug_bounty-5Tahir Ayoubhacking, bug-bounty, cybersecurity, medium, pentesting18-Oct-2024
Bug Bounty Tools that make you Rich and Independent and Help earn upto $100–$50,000https://medium.com/@anandrishav2228/bug-bounty-tools-that-make-you-rich-and-independent-and-help-earn-upto-100-50-000-eddc92485bae?source=rss------bug_bounty-5Rishav anandhacking, tools, bug-bounty, money, cybersecurity17-Oct-2024
Bug Bounty Millionaires: Are You Missing Out on Easy Money?https://medium.com/@paritoshblogs/bug-bounty-millionaires-are-you-missing-out-on-easy-money-e5b10a9e2cc1?source=rss------bug_bounty-5Paritoshinformation-technology, cybersecurity, money, bug-bounty, hacking17-Oct-2024
Electron JS Application Penetration Testinghttps://medium.com/@ajaynaikhack/electron-js-application-penetration-testing-b0809af324f6?source=rss------bug_bounty-5Ajay Naikcybersecurity, bug-bounty, information-security, electronjs, penetration-testing17-Oct-2024
How to Find XSS in Bug Bounty Programs: A Step-by-Step Guide with Source Code Exampleshttps://medium.com/@shaikhminhaz1975/how-to-find-xss-in-bug-bounty-programs-a-step-by-step-guide-with-source-code-examples-804e4b8a225d?source=rss------bug_bounty-5Shaikh Minhazcybersecurity, step-by-step-guide, penetration-testing, xss-attack, bug-bounty17-Oct-2024
Your approach to finding XSS would change after you read thishttps://medium.com/@nireshpandian19/your-approach-to-finding-xss-would-change-after-you-read-this-8292fcafefc1?source=rss------bug_bounty-5JAI NIRESH Jidor-vulnerability, bug-bounty, cybersecurity, bug-bounty-writeup, idor17-Oct-2024
Electron JS Application Penetration Testinghttps://infosecwriteups.com/electron-js-application-penetration-testing-b0809af324f6?source=rss------bug_bounty-5Ajay Naikcybersecurity, bug-bounty, information-security, electronjs, penetration-testing17-Oct-2024
E-commerce website vulnerability bounty practice sharing(II)https://medium.com/@security.tecno/e-commerce-website-vulnerability-bounty-practice-sharing-ii-739d47705908?source=rss------bug_bounty-5TECNO Securitysecurity, hacking, bonus, bug-bounty17-Oct-2024
IDOR lead to Restriction Bypass!!https://kumarmohank889.medium.com/idor-lead-to-restriction-bypass-7f42d593ffd4?source=rss------bug_bounty-5Mohan Kumar Nbug-bounty-tips, bug-bounty, bug-bounty-writeup, cybersecurity, hacking17-Oct-2024
Over 7 Million WooCommerce Sites Affected by a Simple HTML Injection: CVE-2024–9944 Analysishttps://dropn0w.medium.com/over-7-million-woocommerce-sites-affected-by-a-simple-html-injection-cve-2024-9944-analysis-ce81c918c39a?source=rss------bug_bounty-5dropcve, cybersecurity, bug-bounty, woocommerce, wordpress17-Oct-2024
Advanced IDOR Exploitation: Discovering Hidden Vulnerabilities Through Delayed Object Creationhttps://medium.com/@ashfquejahan5/advanced-idor-exploitation-discovering-hidden-vulnerabilities-through-delayed-object-creation-beb9da9e036f?source=rss------bug_bounty-5jahanajbug-bounty, idor, web17-Oct-2024
Unmasking Server-Side Request Forgery (SSRF): How Attackers Exploit Internal Systemshttps://medium.com/@mrutunjayasenapati0/unmasking-server-side-request-forgery-ssrf-how-attackers-exploit-internal-systems-286b5b71a46a?source=rss------bug_bounty-5Mrutunjaya Senapatibug-bounty, vulnerability, ethical-hacking, hacking, ssrf-attack17-Oct-2024
Bug Bounty — IDOR lead to Restriction Bypass!!https://kumarmohank889.medium.com/idor-lead-to-restriction-bypass-7f42d593ffd4?source=rss------bug_bounty-5Mohan Kumar Nbug-bounty-tips, bug-bounty, bug-bounty-writeup, cybersecurity, hacking17-Oct-2024
Maximizing Web3 Security with Bug Bounty Program Datahttps://securrtech.medium.com/maximizing-web3-security-with-bug-bounty-program-data-1434315dbcdb?source=rss------bug_bounty-5Securrweb3-security, blockchain-technology, bug-bounty, smart-contract-auditing, web317-Oct-2024
Walkthrough for the Appointment Machine — Hack The Box (HTB) Challengehttps://medium.com/@jessemridley/walkthrough-for-the-appointment-machine-hack-the-box-htb-challenge-b228fe34e2f5?source=rss------bug_bounty-5Jesse Ridleyethical-hacking, cybersecurity, bug-bounty, technology, penetration-testing17-Oct-2024
FROM OUT OF SCOPE TO ACCEPTEDhttps://medium.com/@nightcoders0/from-out-of-scope-to-accepted-4f52e626b734?source=rss------bug_bounty-5Nightcodersbugs, bug-bounty-writeup, ethical-hacking, bug-bounty, bug-bounty-tips17-Oct-2024
Hack The Box Challenge: Day 4 — Knowledge Check Walkthroughhttps://medium.com/@jessemridley/hack-the-box-challenge-day-4-knowledge-check-walkthrough-ce22f62d0854?source=rss------bug_bounty-5Jesse Ridleycybersecurity, freelancing, technology, bug-bounty, hacking17-Oct-2024
Payload Pursuit: XSS Challengehttps://medium.com/@josh.beck2006/payload-pursuit-xss-challenge-40105e34379c?source=rss------bug_bounty-5Josh Beckcybersecurity, ctf-writeup, bug-bounty, ctf17-Oct-2024
ACCESS MEDIUM PAID BLOGS FOR YOUR RESEARCH IN BUG BOUNTYhttps://medium.com/@anonymousshetty2003/access-medium-paid-blogs-for-your-research-in-bug-bounty-b19395d20e0b?source=rss------bug_bounty-5Anonymousshettycybersecurity, hacking, ethical-hacking, bug-bounty17-Oct-2024
$600 Bug Bounty: How I Poked Microservices and Got Paid!https://osintteam.blog/600-bug-bounty-how-i-poked-microservices-and-got-paid-9e1bbe0f45e8?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitvulnerability, programming, cybersecurity, bug-bounty, penetration-testing17-Oct-2024
Breaking News: Sudan Brothers Charged in DDoS Attack Service Disruption!https://medium.com/@wiretor/breaking-news-sudan-brothers-charged-in-ddos-attack-service-disruption-856290eb0dfb?source=rss------bug_bounty-5WIRE TORusa, virus, bug-bounty, hacking, trojan17-Oct-2024
Vulnerability Discovered in Kubernetes Image Builder!https://medium.com/@wiretor/vulnerability-discovered-in-kubernetes-image-builder-5846cf32cb80?source=rss------bug_bounty-5WIRE TORbug-bounty, usa, hacking, europe, virus17-Oct-2024
Use Case: Bypassing In-App Purchase By Payment Client-Side Validationhttps://secfathy0x1.medium.com/use-case-bypassing-in-app-purchase-by-payment-client-side-validation-e87e2c775a9c?source=rss------bug_bounty-5Mohamed K. Fathybug-bounty-writeup, hacking, bug-bounty, android, cybersecurity17-Oct-2024
I Can Crash Anyone’s Instagram Post - Zero Day-Permanent DoS | Meta | BugBounty | 2024https://prathapilango.medium.com/i-can-crash-anyones-instagram-post-zero-day-permanent-dos-meta-bugbounty-2024-a2e50ac15caf?source=rss------bug_bounty-5Prathapilangocyebrsecurity, bug-bounty, bug-bounty-writeup, meta-bug-bounty, info-sec-writeups17-Oct-2024
Admin Panel Takeover Using a Leaky JS Filehttps://medium.com/@RaunakGupta1922/admin-panel-takeover-using-a-leaky-js-file-dc41fac0f86d?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitjavascript, programming, technology, bug-bounty, cybersecurity16-Oct-2024
How I Deleted Users from the Database on Private Bug Bounty Programhttps://medium.com/@sharp488/how-i-deleted-users-from-the-database-on-private-bug-bounty-program-f1939e83dd6f?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbugs, bug-bounty, information-technology, information-security, bug-bounty-tips16-Oct-2024
Birdie Flies in to Save the Day: Our Custom Bug Tracking Tool for Android & iOS Appshttps://engineering.probo.in/birdie-flies-in-to-save-the-day-our-custom-bug-tracking-tool-for-android-ios-apps-3834ab2bc434?source=rss------bug_bounty-5Probocoding, app-development, engineering, bug-bounty, prediction-markets16-Oct-2024
How Website Workhttps://medium.com/@Joshua_su/how-website-work-3df5e4e93a61?source=rss------bug_bounty-5Joshua Suksakorncurl, cybersecurity, website, bug-bounty16-Oct-2024
How to Find API Bugs and Earn Big with Bug Bounties upto $20,000https://medium.com/@anandrishav2228/how-to-find-api-bugs-and-earn-big-with-bug-bounties-upto-20-000-12358743fcf9?source=rss------bug_bounty-5Rishav anandmoney, api, bug-bounty, hacker, cybersecurity16-Oct-2024
Admin Panel Takeover Using a Leaky JS Filehttps://osintteam.blog/admin-panel-takeover-using-a-leaky-js-file-dc41fac0f86d?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitjavascript, programming, technology, bug-bounty, cybersecurity16-Oct-2024
Quantity Manipulation Allows Purchases at Reduced Priceshttps://medium.com/@abdelrahman0x01/quantity-manipulation-allows-purchases-at-reduced-prices-d2e998b82a02?source=rss------bug_bounty-5Abdelrahman0x01bug-bounty, information-security, cybersecurity, penetration-testing, cyberattack16-Oct-2024
How I do my recon and end up finding hidden assets and vulnerabilities before anyone else Pt.1https://medium.com/@demonia/how-i-do-my-recon-and-end-up-finding-hidden-assets-and-vulnerabilities-before-anyone-else-pt-1-30777f987c93?source=rss------bug_bounty-5Mohammed Diefreconnaissance, bug-bounty, hacking, bug-bounty-tips, cybersecurity16-Oct-2024
Cracking the HTB Cap Box: A Step-by-Step Walkthroughhttps://medium.com/@vignesh6872610/cracking-the-htb-cap-box-a-step-by-step-walkthrough-0b08a4fff3f9?source=rss------bug_bounty-5Vignesh Pcap, hackthebox, retiredmachine, bug-bounty-tips, bug-bounty16-Oct-2024
How to Earn money online using Cybersecurity knowledgehttps://medium.com/@rashad.desk/how-to-earn-money-online-using-cybersecurity-knowledge-ece1078969f4?source=rss------bug_bounty-5Rashadul Islamfreelancing, cybersecurity, earn-money-online, bug-bounty16-Oct-2024
Unauthorized SQL Injection: Turning ‘No Entry’ Signs into Dollar Signs!https://medium.com/@Xt3sY/unauthorized-sql-injection-turning-no-entry-signs-into-dollar-signs-80dcf1168dbd?source=rss------bug_bounty-5Pushkar Bhagatbug-bounty, hacking, hackerone, bugcrowd, hacker16-Oct-2024
Hidden Reflected XSS via Android Application in VDPhttps://cyb3rc4t.medium.com/hidden-reflected-xss-via-android-application-in-vdp-68f4210196f1?source=rss------bug_bounty-5CYB3RC4Tbug-bounty-tips, security, infosec, android-pentesting, bug-bounty16-Oct-2024
Insecure direct object referenceshttps://medium.com/@codingbolt.in/insecure-direct-object-references-8daea91886f4?source=rss------bug_bounty-5codingboltbug-bounty, ethical-hacking, idor, cybersecurity, owasp16-Oct-2024
User ID controlled by request parameter with password disclosurehttps://medium.com/@codingbolt.in/user-id-controlled-by-request-parameter-with-password-disclosure-98e4f9ebe167?source=rss------bug_bounty-5codingboltethical-hacking, owasp, owasp-top-10, bug-bounty, cybersecurity16-Oct-2024
User ID controlled by request parameter with data leakage in redirecthttps://medium.com/@codingbolt.in/user-id-controlled-by-request-parameter-with-data-leakage-in-redirect-65b571611c7b?source=rss------bug_bounty-5codingboltcybersecurity, ethical-hacking, owasp-top-10, owasp, bug-bounty16-Oct-2024
User ID controlled by request parameter, with unpredictable user IDshttps://medium.com/@codingbolt.in/user-id-controlled-by-request-parameter-with-unpredictable-user-ids-b9e12542330d?source=rss------bug_bounty-5codingboltcybersecurity, bug-bounty, owasp-top-10, ethical-hacking, owasp16-Oct-2024
User ID controlled by request parameterhttps://medium.com/@codingbolt.in/user-id-controlled-by-request-parameter-7a0bb3006f68?source=rss------bug_bounty-5codingboltcybersecurity, owasp, owasp-top-10, bug-bounty, ethical-hacking16-Oct-2024
User role can be modified in user profilehttps://medium.com/@codingbolt.in/user-role-can-be-modified-in-user-profile-eb1a28631358?source=rss------bug_bounty-5codingboltcybersecurity, bug-bounty, owasp-top-10, owasp, ethical-hacking16-Oct-2024
Exposing Vulnerabilities: The Power of Google Dorking in Cybersecurity Part-2https://medium.com/@abhilov/exposing-vulnerabilities-the-power-of-google-dorking-in-cybersecurity-part-2-90dbf2e68ded?source=rss------bug_bounty-5Abhilov Guptabug-bounty, dorking, google, cybersecurity, hacking16-Oct-2024
HOW I FIND XXS REFLECTED IN 5 SEChttps://medium.com/@mr.matrex00.7/xxxs-reflected-in-external-programme-1d234bd3b3c3?source=rss------bug_bounty-5Mr Matrexxss-attack, xss-vulnerability, hunter, bug-bounty16-Oct-2024
WAF Bypass — Parameter Poisoninghttps://medium.com/@unrealdenis2020/waf-bypass-parameter-poisoning-21ad6e0db83c?source=rss------bug_bounty-5E1nZwaf, bugbounty-writeup, waf-bypass, parameter-poisoning, bug-bounty16-Oct-2024
Hidden Reflected XSS via Android Application in VDPhttps://cyb3rc4t.medium.com/hidden-reflected-xss-via-android-application-in-vdp-68f4210196f1?source=rss------bug_bounty-5CYB3RC4Tbug-bounty-tips, cybersecurity, infosec, bug-bounty, hackerone16-Oct-2024
Zero-Hero Hacker By Reading. Top 5 Books Designed For Hackers | Primary Hacking School #7https://medium.com/@nnface/zero-hero-hacker-by-reading-top-5-books-designed-for-hackers-primary-hacking-school-7-559618b200b3?source=rss------bug_bounty-5NnFacecybersecurity, linux, hacking, bug-bounty, kali-linux16-Oct-2024
How Google Dorking Helps me to Earn more than $2,000 in Bug Bounty.https://medium.com/@anandrishav2228/how-google-dorking-helps-me-to-earn-more-than-2-000-in-bug-bounty-b2ac959b3905?source=rss------bug_bounty-5Rishav anandcybersecurity, google, bug-bounty, money, advanced15-Oct-2024
5 Cybersecurity Projects You Can Build This Weekend (with Python)https://medium.com/@paritoshblogs/5-cybersecurity-projects-you-can-build-this-weekend-with-python-74bf03c3ba5d?source=rss------bug_bounty-5Paritoshbug-bounty, python, coding, cybersecurity, hacking15-Oct-2024
Perform a Command Injection Attack in Large Language Models (LLMs)https://medium.com/@360Security/perform-a-command-injection-attack-in-large-language-models-llms-86cd7db5e528?source=rss------bug_bounty-5360 Securitypenetration-testing, llm, cybersecurity, bug-bounty, ai15-Oct-2024
Sensitive Information Disclosure (Critical Finding)https://medium.com/@bughunt789/sensitive-information-disclosure-critical-finding-8fcbd7fe1704?source=rss------bug_bounty-5BUG HUNTERbắc, bug-bounty, sensitive-information, idor15-Oct-2024
Best AI Tool Used by Hacker 2025https://medium.com/@TahirAyoub/best-ai-tool-used-by-hacker-2025-715ab6ac8843?source=rss------bug_bounty-5Tahir Ayoubai, hacking, cybersecurity, ethical-hacking, bug-bounty15-Oct-2024
Google Dorks for Bug Bounty | Find Sensitive Informationhttps://medium.com/@shardulsawant67/google-dorks-for-bug-bounty-find-sensitive-information-6ed3e165bc02?source=rss------bug_bounty-5Shardul Sawantenumeration, hacking, google-dork, google-hacking, bug-bounty15-Oct-2024
The 50 Ultimate Fuzzing Guide for Bug Bounty Hunters: Mastering FUZZINGhttps://medium.com/@pankajkryadav1/the-50-ultimate-fuzzing-guide-for-bug-bounty-hunters-mastering-fuzzing-9f70e5474dc5?source=rss------bug_bounty-5Pankaj kr Yadavbug-bounty-tips, bug-bounty, fuzzing, web-security, ethical-hacking15-Oct-2024
How I got Account Take Over in a Bug Bounty Programhttps://hiroki-sawada.medium.com/how-i-got-account-take-over-in-a-bug-bounty-program-df3412c46274?source=rss------bug_bounty-5Hiroki Sawadabugcrowd, xss-attack, account-takeover, bug-bounty, hackerone15-Oct-2024
Mass Account Takeover via simple IDOR and funny OTP Bypasshttps://medium.com/@manibharathi.b/mass-account-takeover-via-simple-idor-and-funny-otp-bypass-23c12979e92d?source=rss------bug_bounty-5Mani Bharathi Bbug-bounty, hacker, cybersecurity, ethical-hacking, bug-bounty-tips15-Oct-2024
Insufficient Workflow Validationhttps://medium.com/@rcxsecurity/insufficient-workflow-validation-795d90f881dc?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafepenetration-testing, cybersecurity, hacking, information-security, bug-bounty15-Oct-2024
How I Discovered My First Bug: Worth $150 for Information Exposure Through Debug Logs (CWE-215)https://medium.com/@rupaitanudas/how-i-discovered-my-first-bug-worth-150-for-information-exposure-through-debug-logs-cwe-215-6a66dd10b21b?source=rss------bug_bounty-5Rupaitanudasyeswehack, hacking, ethical-hacking, hackerone, bug-bounty15-Oct-2024
How I Accessed an Admin Panel Without Touching the Keyboardhttps://medium.com/@ranjanyadav2003/how-i-accessed-an-admin-panel-without-touching-the-keyboard-43ad45a06f8d?source=rss------bug_bounty-5Ranjan_Yadavbug-bounty, hacking, cybersecurity, web-security, programming15-Oct-2024
How I Accidentally Deleted My Medium Account While Hacking Medium (Oops)https://medium.com/@vivekps143/how-i-accidentally-deleted-my-medium-account-while-hacking-medium-oops-82aa44c6bc69?source=rss------bug_bounty-5Vivek PSbug-hunter, bloging, automation, developer, bug-bounty15-Oct-2024
Peeling Back the Layers: Exploring Critical Security Flaws in Chatbot Systemshttps://medium.com/@tusharpuri6/peeling-back-the-layers-exploring-critical-security-flaws-in-chatbot-systems-940e14d62ac6?source=rss------bug_bounty-5Tusharpuriinfosec, bug-bounty, application-security, penetration-testing, offensive-security15-Oct-2024
Attacking organisations with big scope: Part 2https://medium.com/@sabirasdev/attacking-organisations-with-big-scope-part-2-6a0ee0387551?source=rss------bug_bounty-5S A B I Rcybersecurity, cyberattack, reconnaissance, bug-bounty, dorking15-Oct-2024
Best AI Tool Used by Hacker 2025https://infosecwriteups.com/best-ai-tool-used-by-hacker-2025-715ab6ac8843?source=rss------bug_bounty-5Tahir Ayoubai, hacking, cybersecurity, ethical-hacking, bug-bounty15-Oct-2024
How I Accessed an Admin Panel Without Touching the Keyboardhttps://medium.com/@ranjanyadav2003/how-i-accessed-an-admin-panel-without-touching-the-keyboard-43ad45a06f8d?source=rss------bug_bounty-5Ranjanbug-bounty, hacking, cybersecurity, web-security, programming15-Oct-2024
OAuth: A Backdoor in Disguise — a $7500 Study Casehttps://xdead4f.medium.com/oauth-a-backdoor-in-disguise-a-7500-study-case-3383a4012295?source=rss------bug_bounty-50xdead4fcyber-sec, security-reseach, cybersecurity, bug-bounty, cyber-security-writeup14-Oct-2024
Web3 BBP journal:https://medium.com/@harryfyx/web3-bbp-journal-777d830f35d0?source=rss------bug_bounty-5hhhkbweb3, bug-bounty14-Oct-2024
Passively Found Secrets in Javascript File on a Private Bug Bounty Programhttps://medium.com/@sharp488/passively-found-secrets-in-javascript-file-on-a-private-bug-bounty-program-36eb29c2a35c?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbug-bounty, bug-bounty-tips, burpsuite-extension, burpsuite, bug-bounty-writeup14-Oct-2024
Bug bounty programs pada aplikasi Laravel memungkinkan penemuan celah keamanan (vulnerabilities)…https://medium.com/@_azwar/bug-bounty-programs-pada-aplikasi-laravel-memungkinkan-penemuan-celah-keamanan-vulnerabilities-7db40b405794?source=rss------bug_bounty-5azwarbug-bounty, vulnerability, laravel14-Oct-2024
ColdRoot Malwarehttps://medium.com/@reemmoslem34/coldroot-malware-de44cf04e319?source=rss------bug_bounty-5Rem Khalidbug-bounty, cyberattack, cybersecurity, hacking, malware14-Oct-2024
Zerologon Exploithttps://medium.com/@reemmoslem34/zerologon-exploit-ce83a5a8ef3b?source=rss------bug_bounty-5Rem Khalidbug-bounty, hacking, malware, cybersecurity, cyberattack14-Oct-2024
List of the Best Free Labs to Start Learning Cybersecurity on TryHackMehttps://medium.com/@malwarilia/list-of-the-best-free-labs-to-start-learning-cybersecurity-on-tryhackme-b94c1803c496?source=rss------bug_bounty-5Marília Rochabug-bounty, information-security, cybersecurity, pentest, cyberattack14-Oct-2024
Finding XSS Vulnerabilities and earn upto $200-$10,000 easily .https://medium.com/@anandrishav2228/finding-xss-vulnerabilities-and-earn-upto-200-10-000-easily-0aab2c725882?source=rss------bug_bounty-5Rishav anandcompany, xss-attack, bug-bounty, cybersecurity, money14-Oct-2024
Bug on ParrotCTFhttps://infosecwriteups.com/bug-on-parrotctf-e64424b0d043?source=rss------bug_bounty-5SIDHARTH PANDAparrotctf, bug-bounty, extention, hacking14-Oct-2024
TERGET WEBSITE RECON PROCESShttps://medium.com/@MdAktarujaman.ehp/terget-website-recon-process-d8e38649782e?source=rss------bug_bounty-5Md Aktarujjamanbug-bounty, hacking, penetration-testing, target, website14-Oct-2024
GraphQL Hacking 101: Finding and Exploiting APIs for Fun and Profithttps://medium.com/@v1xtron/graphql-hacking-101-finding-and-exploiting-apis-for-fun-and-profit-af34b5ea15f3?source=rss------bug_bounty-5v1xtrongraphql, reconnaissance, bug-bounty-tips, bug-bounty, penetration-testing14-Oct-2024
Attacking organisation with big scope: Part 1https://medium.com/@sabirasdev/attacking-organisation-with-big-scope-part-1-631fdc00e973?source=rss------bug_bounty-5S A B I Rcyber-security-awareness, reconnaissance, cybersecurity, bug-bounty14-Oct-2024
10 Habits to Become A PRO Hacker!https://medium.com/@TahirAyoub/10-habits-to-become-a-pro-hacker-3c826b650192?source=rss------bug_bounty-5Tahir Ayoubbug-bounty, habits, hacking, cybersecurity, ethical-hacking14-Oct-2024
JWT Authentication Bypass leads to Admin Control Panelhttps://infosecwriteups.com/jwt-authentication-bypass-leads-to-admin-control-panel-dfa6efcdcbf5?source=rss------bug_bounty-5Hohkybug-bounty, bug-bounty-writeup, account-takeover, jwt-token, hacking14-Oct-2024
❤Bug Bounty tool List❤https://medium.com/@shardulsawant67/bug-bounty-tool-list-fee6620c0048?source=rss------bug_bounty-5Shardul Sawantbug-bounty-tool, website-hosting, bug-bounty, bug-bounty-tips, web-enumeration14-Oct-2024
Social media account hijacking — VDPhttps://medium.com/@embossdotar/social-media-account-hijacking-vdp-fa674b25af44?source=rss------bug_bounty-5embossdotarcybersecurity, bug-bounty, it-security, vulnerability, hacking14-Oct-2024
Exposing 100,000 User Data : Massive API Bug Exposinghttps://medium.com/@360Security/exposing-100-000-user-data-massive-api-bug-exposing-037b56cfe98d?source=rss------bug_bounty-5360 Securitycybersecurity, bug-bounty, penetration-testing, information-security, api-security14-Oct-2024
10 Habits to Become A PRO Hacker!https://osintteam.blog/10-habits-to-become-a-pro-hacker-3c826b650192?source=rss------bug_bounty-5Tahir Ayoubbug-bounty, habits, hacking, cybersecurity, ethical-hacking14-Oct-2024
Blind SSRF Vulnerabilityhttps://medium.com/@guravtushar231/blind-ssrf-vulnerability-97d2f1decfe6?source=rss------bug_bounty-5Tushar_infosecbug-bounty, cybersecurity, ethical-hacking, ssrf, hacking14-Oct-2024
Pokémon Developer Game Freak Hacked: 2,600 Employees’ Data Leaked!https://medium.com/@wiretor/pok%C3%A9mon-developer-game-freak-hacked-2-600-employees-data-leaked-9e00ad9b3b0e?source=rss------bug_bounty-5WIRE TORvirus, pentest, malware, bug-bounty, hacking14-Oct-2024
10 Habits to Become A PRO Hacker!https://infosecwriteups.com/10-habits-to-become-a-pro-hacker-3c826b650192?source=rss------bug_bounty-5Tahir Ayoubbug-bounty, habits, hacking, cybersecurity, ethical-hacking14-Oct-2024
0dSSRF | Automate Finding SSRF & External Service Interactions & Open Redirectshttps://kariiem.medium.com/0dssrf-automate-finding-ssrf-external-service-interactions-open-redirects-944be6770a02?source=rss------bug_bounty-5Kariiem Gamalbug-bounty, bug-bounty-tips, ssrf, web-pen-testing, pentesting14-Oct-2024
P4 bug’s and their POC steps | Part 6https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-6-8e3aa981673a?source=rss------bug_bounty-5socalledhackerbugs, infosec, web-security, bug-bounty, cybersecurity14-Oct-2024
IDOR chained with JWT token cracking leads to edit, view and deletion of 160000 user accounts.https://aswinthambipanik07.medium.com/idor-chained-with-jwt-token-cracking-leads-to-edit-view-and-deletion-of-160000-user-accounts-65e65e6dc1f1?source=rss------bug_bounty-5Aswin Thambi Panikulangarabug-bounty, bug-bounty-tips, jwt, hacking, cybersecurity13-Oct-2024
No Rate Limit on Forgot Password: Leading to Email Flooding or mail bombinghttps://medium.com/@mrutunjayasenapati0/no-rate-limit-on-forgot-password-leading-to-email-flooding-or-mail-bombing-c68d842d6eaf?source=rss------bug_bounty-5Mrutunjaya Senapaticybersecurity, linux, hunting, bug-bounty, hacking13-Oct-2024
How I got Time Based SQL Injection in an Old Public Bug Bounty Programhttps://medium.com/@kshunya/how-i-got-time-based-sql-injection-in-an-old-public-bug-bounty-program-f6260cd4e75e?source=rss------bug_bounty-5Vishal Barotethical-hacking, bug-bounty, vapt, cybersecurity, penetration-testing13-Oct-2024
IDOR : Step by Step guide to Account Takeover of Any Userhttps://medium.com/@360Security/idor-step-by-step-guide-to-account-takeover-of-any-user-cb90bbcfd0fc?source=rss------bug_bounty-5360 Securityinformation-security, cybersecurity, bug-bounty, penetration-testing, vulnerability13-Oct-2024
Recon Nədir və Niyə Əhəmiyyətlidir? : Zəifliklərin Aşkar Edilməsi və Etik Hakerlik (Bölüm 2)https://zeynalxan.medium.com/recon-n%C9%99dir-v%C9%99-niy%C9%99-%C9%99h%C9%99miyy%C9%99tlidir-z%C9%99iflikl%C9%99rin-a%C5%9Fkar-edilm%C9%99si-v%C9%99-etik-hakerlik-b%C3%B6l%C3%BCm-2-c4b554db0c8e?source=rss------bug_bounty-5Zeynalxan Quliyevrecon, recon-nece-edilir, bug-bounty-tips, recon-nədir, bug-bounty13-Oct-2024
⚠️ How to crash a PC Forever ⚠️https://medium.com/@emailrajdeepmishra/%EF%B8%8F-how-to-crash-a-pc-forever-%EF%B8%8F-09aa122c1844?source=rss------bug_bounty-5RAJDEEP MISHRAbug-bounty, cybersecurity, ethical-hacking, crash, bugs13-Oct-2024
Breaking the Game: Score Manipulation and Leaderboard Takeoverhttps://aminudin.medium.com/breaking-the-game-score-manipulation-and-leaderboard-takeover-b3ab16d02060?source=rss------bug_bounty-5Aminudinbug-bounty-tips, bug-bounty-writeup, bugs, bug-bounty13-Oct-2024
A Deep Dive into Subdomain Management Using SubScopehttps://medium.com/@hunthubspace/a-deep-dive-into-subdomain-management-using-subscope-43f8653b4593?source=rss------bug_bounty-5hunThubpenetration-testing, bug-bounty, bug-bounty-tips, cybersecurity, automation13-Oct-2024
Bypassing Location Restrictions on a Android App Using Fridahttps://medium.com/@omdubey170/hello-pentester-07209d5d8d42?source=rss------bug_bounty-5Omdubeyandroid, bug-bounty, android-pentesting, hacking, cybersecurity13-Oct-2024
The Great Photo Heist: IDOR Vulnerability Strikes Againhttps://rofes1337.medium.com/the-great-photo-heist-idor-vulnerability-strikes-again-6ed9a47c8c74?source=rss------bug_bounty-5Yousef Muhammedelkhirhackerone, bug-bounty, poc, idor-vulnerability, idor-poc13-Oct-2024
Creating a Honeypot: A Practical Guide to Understanding Cybersecurity Threatshttps://medium.com/@paritoshblogs/creating-a-honeypot-a-practical-guide-to-understanding-cybersecurity-threats-9d2e63e90892?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, cybersecurity, hacking, honeypot13-Oct-2024
“The Biggest Mistake Holding You Back in Bug Bounty Hunting: Why You’re Not Making Progress”https://medium.com/@mahdisalhi0500/the-biggest-mistake-holding-you-back-in-bug-bounty-hunting-why-youre-not-making-progress-1475eef8f04b?source=rss------bug_bounty-5CaptinSHArky(Mahdi)infosec, hacking, ethical-hacking, cybersecurity, bug-bounty13-Oct-2024
Cracking WordPress Security with WPScan: A Bug Bounty Hunter’s Journey ️️‍♂️https://medium.com/@gouravrathod8788/cracking-wordpress-security-with-wpscan-a-bug-bounty-hunters-journey-%EF%B8%8F-%EF%B8%8F-%EF%B8%8F-c9389c94cc6b?source=rss------bug_bounty-5Gourav Singh Rajputcybersecurity, bug-bounty, bug-bounty-tips, wordpress13-Oct-2024
From simple recon to PWN wordpress admin panel writeuphttps://ro0od.medium.com/from-simple-recon-to-pwn-wordpress-admin-panel-writeup-622156a1c9b2?source=rss------bug_bounty-5roodbug-bounty, writeup, infosec-write-ups, infosec13-Oct-2024
How to create a custom daemon using shell scriptshttps://medium.com/@mysticraganork66/how-to-create-a-custom-daemon-using-shell-scripts-ce27c13657d1?source=rss------bug_bounty-50verlo0kedhacking, cybersecurity, writeup, daemon, bug-bounty13-Oct-2024
Unleashing the Power of Kali Linux Daemonshttps://systemweakness.com/unleashing-the-power-of-kali-linux-daemons-c19133db43ec?source=rss------bug_bounty-50verlo0kedbug-bounty, penetration-testing, docker, hacking, cybersecurity13-Oct-2024
Cache Deception | 450$https://medium.com/@0x_karim/cache-deception-450-a02cd655b33f?source=rss------bug_bounty-50xkarimbug-bounty, bug-bounty-tips, hacking, web-security, bugs13-Oct-2024
OAuth Misconfiguration: How I Hijacked Accounts with 0 Clicks and Got Paid!https://osintteam.blog/oauth-misconfiguration-how-i-hijacked-accounts-with-0-clicks-and-got-paid-df8f7a20b438?source=rss------bug_bounty-5Raunak Gupta Aka Biscuittechnology, programming, cybersecurity, bug-bounty, javascript13-Oct-2024
Open Redirect to XSS to Account Takeover to $$$$https://osintteam.blog/open-redirect-to-xss-to-account-takeover-to-de8739f9a4f0?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitjavascript, technology, programming, cybersecurity, bug-bounty13-Oct-2024
UNION Tabanlı SQL Injectionhttps://medium.com/@kenes7667/union-tabanl%C4%B1-sql-injection-bcc023156b64?source=rss------bug_bounty-5EnessKoçbug-bounty, sql-injection12-Oct-2024
Automation in Cyber Defence: The Future of Securing Digital Frontiershttps://medium.com/@paritoshblogs/automation-in-cyber-defence-the-future-of-securing-digital-frontiers-992fa1ceb552?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, coding, cybersecurity, automation12-Oct-2024
Clickjacking Is Worth Reporting Nowadays? | Removing all confusion on Clickjacking bugs.https://medium.com/@the.air.cyborg/clickjacking-is-worth-reporting-nowadays-removing-all-confusion-on-clickjacking-bugs-a1c77fc4e5b8?source=rss------bug_bounty-5the_air_cyborgclickjacking, bug-bounty-tips, bugbounty-writeup, bug-bounty, vulnerability12-Oct-2024
Port Scanning Essentials for Bug Bounty Researchershttps://bevijaygupta.medium.com/port-scanning-essentials-for-bug-bounty-researchers-de52c6aa7b8a?source=rss------bug_bounty-5Vijay Guptabug-bounty, port-scanning, bounty-program, bugs, bug-bounty-tips12-Oct-2024
Cracking ATO via Email HTML Injectionhttps://medium.com/@dsmodi484/cracking-ato-via-email-html-injection-edd19c8e1b8f?source=rss------bug_bounty-5Dishant Modiemail, injection, vulnerability, html, bug-bounty12-Oct-2024
How I Discovered Account Takeover (ATO) via Cross-Site Scripting (XSS)https://osintteam.blog/how-i-discovered-account-takeover-ato-via-cross-site-scripting-xss-34698ee54009?source=rss------bug_bounty-5JEETPALato, bug-bounty-tips, xss-attack, bug-bounty, bug-bounty-writeup12-Oct-2024
Understanding Server-Side Request Forgery (SSRF): A Critical Web Vulnerabilityhttps://medium.com/@mrutunjayasenapati0/understanding-server-side-request-forgery-ssrf-a-critical-web-vulnerability-11a7ee2d87f7?source=rss------bug_bounty-5Mrutunjaya Senapatiowasp, vulnerability, hacking, ssrf, bug-bounty12-Oct-2024
Cybersecurity Breach Forces Calgary Public Library to Shut Down All Locations ️https://medium.com/@wiretor/cybersecurity-breach-forces-calgary-public-library-to-shut-down-all-locations-%EF%B8%8F-f1c0921f40e8?source=rss------bug_bounty-5WIRE TORhacked, bug-bounty, hacker, data, breach12-Oct-2024
Unlocking Some Effective Information Gathering Methodologieshttps://medium.com/@prasanna.acharya/unlocking-some-effective-information-gathering-methodologies-1f67787019d1?source=rss------bug_bounty-5Prasanna Acharyabug-bounty, web-security, bug-bounty-tips, information-gathering, web-penetration-testing12-Oct-2024
From NA to P1, How i was able to get access to a Bank Admin Panelhttps://medium.com/@yousefmoh15/from-na-to-p1-how-i-was-able-to-get-access-to-a-bank-admin-panel-52e5f9ef7ef5?source=rss------bug_bounty-5Yousef Mohamedhacking, bug-bounty, wordpress, bugcrowd12-Oct-2024
Uncovering Path Traversal Vulnerabilities Through Host Monitoringhttps://mchklt.medium.com/uncovering-path-traversal-vulnerabilities-through-host-monitoring-c8abb65f48f5?source=rss------bug_bounty-5ABDELKARIM MOUCHQUELITAautomation, ethical-hacking, penetration-testing, bug-bounty-hunter, bug-bounty12-Oct-2024
Uncovering Path Traversal Through Host Monitoringhttps://mchklt.medium.com/uncovering-path-traversal-vulnerabilities-through-host-monitoring-c8abb65f48f5?source=rss------bug_bounty-5ABDELKARIM MOUCHQUELITAautomation, ethical-hacking, penetration-testing, bug-bounty-hunter, bug-bounty12-Oct-2024
Effective Port Scanning for Finding Vulnerabilities in Bug Bountieshttps://bevijaygupta.medium.com/effective-port-scanning-for-finding-vulnerabilities-in-bug-bounties-0c16871a7e0b?source=rss------bug_bounty-5Vijay Guptabug-bounty, bugs, bug-bounty-tips, vulnerability, port-scanning11-Oct-2024
Bug Hunting Recon Methodology | Part2 | LegionHunterhttps://osintteam.blog/bug-hunting-recon-methodology-part2-legionhunter-4bb925e3e1bf?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, pentesting, infosec, cybersecurity, bug-bounty-tips11-Oct-2024
How to Find SQL Vulnerabilities in Web Applications and Websites and Earn up to $500—$10,000https://medium.com/@anandrishav2228/how-to-find-sql-vulnerabilities-in-web-applications-and-websites-and-earn-up-to-500-10-000-f0935e9d4892?source=rss------bug_bounty-5Rishav anandbug-bounty, money, ai, cybersecurity, india11-Oct-2024
How I Made $6,200 in a Single Bug Bounty Using SubdomainRadar.iohttps://medium.com/@alexandrevandammepro/how-i-made-6-200-in-a-single-bug-bounty-using-subdomainradar-io-a557f2baae0b?source=rss------bug_bounty-5Alexandre Vandammepentesting, cybersecurity, osint, bug-bounty, bug-bounty-tips11-Oct-2024
How I Got $250 with a Weak Signup Flowhttps://infosecwriteups.com/how-i-got-250-with-a-weak-signup-flow-3d87d34059fa?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitbug-bounty, technology, programming, cybersecurity11-Oct-2024
Hacking Documentaries and Movies for Bug Bounty Huntershttps://medium.com/cyberscribers-exploring-cybersecurity/hacking-documentaries-and-movies-for-bug-bounty-hunters-92e02b6ab264?source=rss------bug_bounty-5Tahir Ayoubcybersecurity, documentary, hacking, security, bug-bounty11-Oct-2024
CVE-2024–0195 Improper Control of Generation of Code (‘Code Injection’)https://infosecwriteups.com/cve-2024-0195-improper-control-of-generation-of-code-code-injection-c292836e03ec?source=rss------bug_bounty-5Ajay Naikvulnerability, bugs, bug-bounty, cyber-security-awareness, cybersecurity11-Oct-2024
Introduction to Netcathttps://medium.com/@Code_With_Ssn/introduction-to-netcat-af57e11ee756?source=rss------bug_bounty-5N4!TR0 07bug-bounty-writeup, bug-bounty-tips, netcat, bug-bounty, cybersecurity11-Oct-2024
One Cookie Paid Me $500 in under a minutehttps://medium.com/@nireshpandian19/one-cookie-paid-me-500-in-under-a-minute-8a9fb1a034ae?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty-tips, cybersecurity, programming, technology, bug-bounty11-Oct-2024
Lenfi Successfully Concludes Its Bug Bounty Programhttps://medium.com/@lenfi/lenfi-successfully-concludes-its-bug-bounty-program-e317df3967b2?source=rss------bug_bounty-5Lenfidefi, bug-bounty, cardano, project-catalyst, lenfi11-Oct-2024
File Path Traversal Sequences Stripped Non-Recursivelyhttps://medium.com/@rcxsecurity/file-path-traversal-sequences-stripped-non-recursively-6d8a6a2d92d4?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafeinformation-security, cybersecurity, red-team, penetration-testing, bug-bounty11-Oct-2024
Understanding Security Logging and Monitoring Failures: A Crucial Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-security-logging-and-monitoring-failures-a-crucial-vulnerability-in-web-security-d63a7b42062e?source=rss------bug_bounty-5Mrutunjaya Senapatihacking, vulnerability, bugs, bug-bounty, owasp11-Oct-2024
How I discovered 2FA bypass leading to potential ATO lead funds loss in a web3https://medium.com/@jeetpal2007/how-i-discovered-2fa-bypass-leading-to-potential-ato-lead-funds-loss-in-a-web3-dc19f5588fbd?source=rss------bug_bounty-5JEETPALcybersecurity, bug-bounty, bugbounty-writeup, ato, web311-Oct-2024
How I discovered 2FA bypass leading to potential ATO lead funds loss in a web3https://medium.com/h7w/how-i-discovered-2fa-bypass-leading-to-potential-ato-lead-funds-loss-in-a-web3-e498ce26b29e?source=rss------bug_bounty-5JEETPALbug-bounty, bugbounty-writeup, ato, web3, cybersecurity11-Oct-2024
Broken Access Control Vulnerability in an Order Management Systemhttps://medium.com/@omdubey170/broken-access-control-vulnerability-in-an-order-management-system-8a1097b03926?source=rss------bug_bounty-5Omdubeybug-bounty, infosec, hacking, cybersecurity, vulnerability11-Oct-2024
Effective Domain Management for Bug Bounty Programs Using SubScopehttps://medium.com/@hunthubspace/effective-domain-management-for-bug-bounty-programs-using-subscope-f74b7a0db428?source=rss------bug_bounty-5hunThubprogramming, penetration-testing, automation, bug-bounty, bug-bounty-tips11-Oct-2024
Endpoint confusion lead to 2FA bypasshttps://medium.com/@mohamed0xmuslim/endpoint-confusion-lead-to-2fa-bypass-67015dbb4c70?source=rss------bug_bounty-5Muhammad_Mostafabug-bounty-hunter, bug-bounty, bug-bounty-writeup, penetration-testing, bug-bounty-tips11-Oct-2024
CVE-2024-44000 - WordPress Debug Log Exposure Leading to Session Cookie Hijackinghttps://infosecwriteups.com/cve-2024-44000-wordpress-debug-log-exposure-leading-to-session-cookie-hijacking-afcfada02c44?source=rss------bug_bounty-5Ajay Naikvulnerability, vulnerability-management, penetration-testing, cybersecurity, bug-bounty11-Oct-2024
Bypass WAF & Grab a $200 Bug Bounty!https://osintteam.blog/bypass-waf-grab-a-200-bug-bounty-4442621cd90a?source=rss------bug_bounty-5Raunak Gupta Aka Biscuittechnology, bug-bounty, cybersecurity, javascript, programming11-Oct-2024
Firefox&Chrome extensions for bugbounty hunters.https://osintteam.blog/firefox-chrome-extensions-for-bugbounty-hunters-4006707ee87b?source=rss------bug_bounty-5loyalonlytodaycybersecurity, hacking, penetration-testing, bug-bounty, tips11-Oct-2024
Bypass WAF & Grab a $300 Bug Bounty!https://osintteam.blog/bypass-waf-grab-a-200-bug-bounty-4442621cd90a?source=rss------bug_bounty-5Raunak Gupta Aka Biscuittechnology, bug-bounty, cybersecurity, javascript, programming11-Oct-2024
Unlocking the Potential of OSINT: Shaping the Future of Intelligence in Our Data-Driven Worldhttps://medium.com/@narayanadasbalaji2004/unlocking-the-potential-of-osint-shaping-the-future-of-intelligence-in-our-data-driven-world-b0cda62d6bb5?source=rss------bug_bounty-5Narayanadas Balajihacking, osint, cybersecurity, bugbounty-tips, bug-bounty10-Oct-2024
Streamlining Your Bug Bounty Projects: Adding and Managing Programs via SubScopehttps://medium.com/@hunthubspace/streamlining-your-bug-bounty-projects-adding-and-managing-programs-via-subscope-e394acfdf711?source=rss------bug_bounty-5hunThubautomation, bug-bounty-tips, bug-bounty, penetration-testing, cybersecurity10-Oct-2024
How I Earned $250 for Reporting a simple Bug To CodaPaymentshttps://medium.com/@aligoodluck427/how-i-earned-250-for-reporting-a-simple-bug-to-codapayments-b8f1be275138?source=rss------bug_bounty-5Aligoodluckbugbounty-tips, bug-bounty, bugbounty-automation, bugbounty-writeup, bugbounty-poc10-Oct-2024
First Bug, Big Win: How a $100 IDOR Bug Kicked-off My Bug Bounty Journeyhttps://dukrov.medium.com/first-bug-big-win-how-a-100-idor-bug-kicked-off-my-bug-bounty-journey-69e2e7179477?source=rss------bug_bounty-5͏ ͏Dukrovhackerone, bugbounty-tips, hacking, cybersecurity, bug-bounty10-Oct-2024
How i got my first Letter of Appreciation + Hall of Famehttps://rivudon.medium.com/how-i-got-my-first-letter-of-appreciation-hall-of-fame-a3c0079e60ef?source=rss------bug_bounty-5Rivek Raj Tamang ( RivuDon )bug-bounty-tips, bug-bounty, infosec, information-security, cybersecurity10-Oct-2024
Critical IDOR Vulnerability leads to PII leakagehttps://snc0pe.medium.com/critical-idor-vulnerability-leads-to-pii-leakage-684795ede850?source=rss------bug_bounty-5Snc0pebug-bounty, web-app-security, idor10-Oct-2024
How to Use ChatGPT Effectively for Bug Bounty Huntinghttps://medium.com/@anandrishav2228/how-to-use-chatgpt-effectively-for-bug-bounty-hunting-47ff0762139e?source=rss------bug_bounty-5Rishav anandchatgpt, money, ai, bug-bounty, cybersecurity10-Oct-2024
The Truth About Bug Bounty Hunting.https://medium.com/@thebughunttribe/the-truth-about-bug-bounty-hunting-597e54acd2a0?source=rss------bug_bounty-5The Hunt Tribebug-bounty-hunter, bug-bounty, bugs, bugbounty-tips, bugbounty-writeup10-Oct-2024
Forced OAuth Profile Linking Lead to Account Takeoverhttps://medium.com/@0xtal3at/forced-oauth-profile-linking-lead-to-account-takeover-954114158818?source=rss------bug_bounty-50Xtal3atbug-bounty, bugbounty-writeup, cybersecurity10-Oct-2024
Understanding Software and Data Integrity Failures: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-software-and-data-integrity-failures-a-critical-vulnerability-in-web-security-9d3f96f20bb9?source=rss------bug_bounty-5Mrutunjaya Senapatihacking, bugs, bug-bounty, vulnerability, owasp10-Oct-2024
Bypassing Multiple Checks on Android Applications: A Security Researcher’s Experiencehttps://medium.com/@sc128496/bypassing-multiple-checks-on-android-applications-a-security-researchers-experience-2ec1a3005b60?source=rss------bug_bounty-5Sahil Choudharyandroid, pentesting, bug-bounty, cybersecurity, reverse-engineering10-Oct-2024
How i found my first open redirecthttps://medium.com/@yagomartins30/how-i-found-my-first-open-redirect-cd9ca60d307d?source=rss------bug_bounty-5Yago Martinshacking, bug-bounty, programming, writeup, pentesting10-Oct-2024
Top 10 Cybersecurity Tools Every Business Should Use in 2024https://cyberconsultingcompany.medium.com/top-10-cybersecurity-tools-every-business-should-use-in-2024-f7b93c208722?source=rss------bug_bounty-5Cyber Consulting Companycyber, cyber-security-awareness, cyber-security-solutions, bug-bounty, cyber-security-services09-Oct-2024
Unlock Unlimited Access to ChatGPT-4: A Step-by-Step Guide to Using Images and Files Without Limitshttps://medium.com/@shaikhminhaz1975/unlock-unlimited-access-to-chatgpt-4-a-step-by-step-guide-to-using-images-and-files-without-limits-0f1db3ca57d8?source=rss------bug_bounty-5Shaikh Minhazbug-bounty, gpt-4, cybersecurity, free, chatgpt09-Oct-2024
Bug Hunting Recon Methodology | Part1 | LegionHunterhttps://systemweakness.com/bug-hunting-recon-methodology-part1-legionhunter-975b7bbe3231?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, pentesting, bug-hunting, legionhunter, bug-bounty-tips09-Oct-2024
Port Scanning Demystified for Bug Bounty Successhttps://bevijaygupta.medium.com/port-scanning-demystified-for-bug-bounty-success-a820c2c632cd?source=rss------bug_bounty-5Vijay Guptaport-scanning, bug-bounty-tips, bugs, bug-zero, bug-bounty09-Oct-2024
E-commerce website vulnerability bounty practice sharing: Pre-Authentication takeover, API security…https://medium.com/@security.tecno/e-commerce-website-vulnerability-bounty-practice-sharing-pre-authentication-takeover-api-security-b27b51edfaff?source=rss------bug_bounty-5TECNO Securityhacking, web, security, bug-bounty09-Oct-2024
How I Found SSRF in 5 minuteshttps://medium.com/@gguzelkokar.mdbf15/how-i-found-ssrf-in-5-minutes-a3a58e3d53e1?source=rss------bug_bounty-5Gökhan Güzelkokarbug-bounty, web-security, application-security, hacking, ssrf09-Oct-2024
Curated List of Awesome Hacker Search Engines for Penetration Testing and Cybersecurity…https://osintteam.blog/curated-list-of-awesome-hacker-search-engines-for-penetration-testing-and-cybersecurity-9f0b9cb63a1d?source=rss------bug_bounty-5Ajay Naikvulnerability, information-security, cybersecurity, bug-bounty, bug-bounty-tips09-Oct-2024
How to Start Your Hacking Journey and Choose the Right Role in Cybersecurityhttps://medium.com/@harshkatiyar5556/how-to-start-your-hacking-journey-and-choose-the-right-role-in-cybersecurity-9eff1ec5e7f2?source=rss------bug_bounty-5Harsh Katiyarethical-hacking, bug-bounty, careers, penetration-testing, cybersecurity09-Oct-2024
My Active Subdomain Enumeration Techniquehttps://mr-abdullah.medium.com/my-active-subdomain-enumeration-technique-57a508343fc4?source=rss------bug_bounty-5Mr Abdullahbug-bounty, web-hacking, enumeration, hacking, information09-Oct-2024
SSRF via Flawed Request Parsinghttps://medium.com/@rcxsecurity/ssrf-via-flawed-request-parsing-7b32a119f047?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafepenetration-testing, information-security, hacking, cybersecurity, bug-bounty09-Oct-2024
Understanding Identification and Authentication Failures: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-identification-and-authentication-failures-a-critical-vulnerability-in-web-security-88a4bcbcc783?source=rss------bug_bounty-5Mrutunjaya Senapatibug-bounty, bugs, vulnerability, hacking, owasp09-Oct-2024
Understanding Vulnerable and Outdated Components: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-vulnerable-and-outdated-components-a-critical-vulnerability-in-web-security-f8a9a9ae0b10?source=rss------bug_bounty-5Mrutunjaya Senapatiowasp, hacking, bug-bounty, vulnerability, bugs09-Oct-2024
No Easy P1s on the fly if your site runs WP or Drupalhttps://medium.com/@nireshpandian19/no-easy-p1s-on-the-fly-if-your-site-runs-wp-or-drupal-a7700650f86b?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty, wordpress, bug-bounty-writeup, ethical-hacking, idor09-Oct-2024
Finding a no ratelimit bug on invite teammate page.https://osintteam.blog/finding-a-no-ratelimit-bug-on-invite-teammate-page-02c97e845b00?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, cybersecurity, bug-bounty, tips, hacking09-Oct-2024
Easy P1s on the fly if your site runs WP or Drupalhttps://medium.com/@nireshpandian19/no-easy-p1s-on-the-fly-if-your-site-runs-wp-or-drupal-a7700650f86b?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty, wordpress, bug-bounty-writeup, ethical-hacking, idor09-Oct-2024
Race Condition leads to Cache Poisoning ?!https://ltidi.medium.com/race-condition-leads-to-cache-poisoning-77bdfb9483fd?source=rss------bug_bounty-5LTiDiweb-cache-poisoning, bug-bounty08-Oct-2024
Unlocking Hidden Vulnerabilities: How to Automate Your Bug Bounty Game with GitHub Actionshttps://theshaco.com/unlocking-hidden-vulnerabilities-how-to-automate-your-bug-bounty-game-with-github-actions-3f6c9501fe64?source=rss------bug_bounty-5Khaleel Khanhacking, bug-bounty, bug-bounty-tips, cybersecurity, infosec08-Oct-2024
From Ports to Payouts: Scanning Strategies for Bug Bountieshttps://bevijaygupta.medium.com/from-ports-to-payouts-scanning-strategies-for-bug-bounties-a2861077a0d8?source=rss------bug_bounty-5Vijay Guptascanning, bug-bounty-tips, bug-bounty, payouts, ports08-Oct-2024
How I Discovered an Email Verification Bypasshttps://mo9khu93r.medium.com/how-i-discovered-an-email-verification-bypass-e487270a61d3?source=rss------bug_bounty-5mo9khu93rvulnerability, hacking, bug-bounty, cybersecurity, pentesting08-Oct-2024
Understanding and Detecting XSS Vulnerabilities: A Complete Guidehttps://medium.com/@anandrishav2228/understanding-and-detecting-xss-vulnerabilities-a-complete-guide-4d3a85e4bed0?source=rss------bug_bounty-5Rishav anandai, bug-bounty, testing, cybersecurity, money08-Oct-2024
A quick P2 vulnerability, just like that !https://medium.com/@nireshpandian19/a-quick-p2-vulnerability-just-like-that-5fc4f25f3b09?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty, hackerone, bug-bounty-writeup, idor, ethical-hacking08-Oct-2024
Methods to Bypass Captchas: A Deep Dive into Common Techniqueshttps://medium.com/@dasmanish6176/methods-to-bypass-captchas-a-deep-dive-into-common-techniques-309006f28923?source=rss------bug_bounty-5Dasmanishbug-bounty, ethical-hacking, vapt, captcha08-Oct-2024
How i found endpoints from reading hacker-one reportshttps://medium.com/@anonymousshetty2003/how-i-found-endpoints-from-reading-hacker-one-reports-20cfd6f0f62c?source=rss------bug_bounty-5Anonymousshettycybersecurity, hacking, dorking, bug-bounty08-Oct-2024
Blind XSS Practical Guide — Bug Bounty Tuesdayhttps://medium.com/@kerstan/blind-xss-practical-guide-bug-bounty-tuesday-3126bd52fae6?source=rss------bug_bounty-5kerstanhacking, cybersecurity, bug-bounty08-Oct-2024
ironCTF 2024 Writeuphttps://medium.com/@pphreak313/ironctf-2024-writeup-782f41854341?source=rss------bug_bounty-5Shlok Kctf-writeup, cybersecurity, bug-bounty, ctf08-Oct-2024
From 401 — Unauthorized Access to 3000 $ Bounty from Microsoft.https://medium.com/@bashir69emceeaka5/from-401-unauthorized-access-to-3000-bounty-from-microsoft-53b086379a08?source=rss------bug_bounty-5Bashir Mohammedred-team, microsoft, bug-bounty, bugbounty-writeup, security08-Oct-2024
How I Hacked an Admin Panel in Just 2 Minuteshttps://medium.com/@ranjanyadav2003/how-i-hacked-an-admin-panel-in-just-2-minutes-19d145820ee7?source=rss------bug_bounty-5Ranjan_Yadavbug-bounty, cybersecurity08-Oct-2024
CVE-2024–25600: WordPress Bricks Builder Remote Code Execution Vulnerability -$$$$ BOUNTYhttps://infosecwriteups.com/cve-2024-25600-wordpress-bricks-builder-remote-code-execution-vulnerability-bounty-997d488fd54e?source=rss------bug_bounty-5Ajay Naikbug-bounty, cyberattack, rewards, cybersecurity, information-technology08-Oct-2024
Exploiting NoSQL operator injection to extract unknown fieldshttps://medium.com/@codingbolt.in/exploiting-nosql-operator-injection-to-extract-unknown-fields-b0d58bea9bbe?source=rss------bug_bounty-5codingboltcybersecurity, bug-bounty, nosql-injection, nosql, ethical-hacking08-Oct-2024
Exploiting NoSQL injection to extract datahttps://medium.com/@codingbolt.in/exploiting-nosql-injection-to-extract-data-70fea37ed111?source=rss------bug_bounty-5codingboltethical-hacking, nosql-injection, cybersecurity, nosql, bug-bounty08-Oct-2024
Exploiting NoSQL operator injection to bypass authenticationhttps://medium.com/@codingbolt.in/exploiting-nosql-operator-injection-to-bypass-authentication-9239353b9424?source=rss------bug_bounty-5codingboltethical-hacking, nosql-injection, bug-bounty, cybersecurity, nosql08-Oct-2024
How Disabling 2FA Could End with a Bug?https://7odamoo.medium.com/hacking-hackerone-how-disabling-2fa-could-end-with-a-bug-b637c154ce06?source=rss------bug_bounty-5Mahmoud Hamedbug-bounty, pentesting08-Oct-2024
Breaking into the Shoutcast Server of a Multimedia Companyhttps://medium.com/@anonymousshetty2003/breaking-into-the-shoutcast-server-of-a-multimedia-company-e13dae3b17a3?source=rss------bug_bounty-5Anonymousshettycybersecurity, hacking, bug-bounty, vapt, wapt08-Oct-2024
Understanding Security Misconfiguration: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-security-misconfiguration-a-critical-vulnerability-in-web-security-4c87a5de4937?source=rss------bug_bounty-5Mrutunjaya Senapatihacking, owasp, bug-bounty, server-misconfiguration, vulnerability08-Oct-2024
Account Takeover via Hidden Parameters in BBPhttps://cyb3rc4t.medium.com/account-takeover-via-hidden-parameters-in-bbp-f65ce42ca96f?source=rss------bug_bounty-5CYB3RC4Tbounty-program, bug-bounty, infosec, account-takeover, hackerone8-Oct-2024
Using ‘Waymore’ to Uncover Archived Treasures and Customer Datahttps://sl4x0.medium.com/using-waymore-to-uncover-archived-treasures-and-customer-data-a969474447a7?source=rss------bug_bounty-5Abdelrhman Allam (sl4x0)bugcrowd, hackerone, web-security, pentesting, bug-bounty8-Oct-2024
How I got a 5000 $ Bounty from Microsofthttps://medium.com/@bashir69emceeaka5/how-i-got-a-5000-bounty-from-microsoft-fb2e27fd40f7?source=rss------bug_bounty-5Bashir Mohammedred-team, bug-bounty-tips, security, bug-bounty-writeup, bug-bounty8-Oct-2024
How I got a 5000 $ Bounty from Microsofthttps://medium.com/@bashir69emceeaka5/how-i-got-a-5000-bounty-from-microsoft-fb2e27fd40f7?source=rss------bug_bounty-5Bashir Mohamedred-team, bug-bounty-tips, security, bug-bounty-writeup, bug-bounty08-Oct-2024
From 401 — Unauthorized Access to 3000 $ Bounty from Microsoft.https://medium.com/@bashir69emceeaka5/from-401-unauthorized-access-to-3000-bounty-from-microsoft-53b086379a08?source=rss------bug_bounty-5Bashir Mohamedred-team, microsoft, bug-bounty, bugbounty-writeup, security08-Oct-2024
HOW TO INSTALL GO IN KALILINUX.https://osintteam.blog/how-to-install-go-in-kalilinux-95924b5e9cde?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, hacking, go, tips08-Oct-2024
Top 10 BurpSuite Extensions Every Bug Bounty Hunter Needshttps://osintteam.blog/top-10-burpsuite-extensions-every-bug-bounty-hunter-needs-67b6fddf612b?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitprogramming, ethical-hacking, hacking, burpsuite, bug-bounty08-Oct-2024
Asset discovery with favicon hash.https://osintteam.blog/asset-discovery-with-favicon-hash-515d1c8a85cd?source=rss------bug_bounty-5loyalonlytodayhacking, tips, bug-bounty-tips, cybersecurity, bug-bounty07-Oct-2024
Finding a easy p4 as per bugcrowd vrthttps://osintteam.blog/finding-a-easy-p4-as-per-bugcrowd-vrt-3e5c132f28d0?source=rss------bug_bounty-5loyalonlytodaybugs, tips, bug-bounty, cybersecurity, hacking07-Oct-2024
Bug Bounty VS Motivationhttps://osintteam.blog/bug-bounty-vs-motivation-27c3c37f2c28?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitprogramming, motivation, hacking, cybersecurity, bug-bounty07-Oct-2024
Subdomain Enumeration | BBOT ✅>= Subfinder + Sublist3r + Assetfinder + Amass ❌https://medium.com/@kumawatabhijeet2002/subdomain-enumeration-bbot-subfinder-sublist3r-assetfinder-amass-e4880cf4ab5b?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, subdomain-takeover, subdomain-enumeration, bug-bounty, bug-bounty-writeup07-Oct-2024
Scanning Kerentanan Website zero.webappsecurity.comhttps://medium.com/@bimosp56/scanning-kerentanan-website-zero-webappsecurity-com-ce1d10f730b7?source=rss------bug_bounty-5Bimo Salasa Putracybersecurity, scanning, bug-bounty, vulnerabili, pentesting07-Oct-2024
Chinese Hackers Breach US Court Wiretap Systemhttps://medium.com/@wiretor/chinese-hackers-breach-us-court-wiretap-system-b7181fbe93b2?source=rss------bug_bounty-5WIRE TORcybersecurity, bug-bounty, hacking, pentesting, xss-attack07-Oct-2024
How a Simple Bug Could Have Taken Down Your Instagram Tagshttps://medium.com/@kiril.krivogyz/how-a-simple-bug-could-have-taken-down-your-instagram-tags-d3247e931c9d?source=rss------bug_bounty-5Kiril Krivogyzbug-bounty, bug-bounty-tips, bug-bounty-writeup, hacking, instagram07-Oct-2024
Accidental Exposure of Private GraphQL Fieldshttps://medium.com/@codingbolt.in/accidental-exposure-of-private-graphql-fields-729b3fb99471?source=rss------bug_bounty-5codingboltapi, bug-bounty, graphql, cybersecurity, api-penetration-testing07-Oct-2024
Exploiting server-side parameter pollution in a REST URLhttps://medium.com/@codingbolt.in/exploiting-server-side-parameter-pollution-in-a-rest-url-2ed599aafdbc?source=rss------bug_bounty-5codingboltcybersecurity, bugs, api-penetration-testing, api-testing, bug-bounty07-Oct-2024
Exploiting a mass assignment vulnerabilityhttps://medium.com/@codingbolt.in/exploiting-a-mass-assignment-vulnerability-07dd9e598302?source=rss------bug_bounty-5codingboltapi-testing, api-penetration-testing, bug-bounty, apihacking, cybersecurity07-Oct-2024
Finding and Exploiting an Unused API Endpointhttps://medium.com/@codingbolt.in/finding-and-exploiting-an-unused-api-endpoint-0a79f47f38f1?source=rss------bug_bounty-5codingboltbugs, cybersecurity, bug-bounty, api-penetration-testing, api-testing07-Oct-2024
Introducing Bug Bounty Program For Thorn Protocolhttps://thornprotocol.medium.com/introducing-bug-bounty-program-for-thorn-protocol-4d7a89d898e0?source=rss------bug_bounty-5Thorn Protocolbug-bounty07-Oct-2024
xmlrpc.php allows SSRF!https://take0verx0.medium.com/xmlrpc-php-allows-ssrf-5357049d43e9?source=rss------bug_bounty-5Shahariar Aminbug-bounty, cybersecurity, bug-bounty-tips07-Oct-2024
cURL for API Testing & Automation: Advanced Commands for Penetration Testers and Developershttps://theshaco.com/curl-for-api-testing-automation-advanced-commands-for-penetration-testers-and-developers-67b2ce7d8f4f?source=rss------bug_bounty-5Khaleel Khanhacking, infosec, kali-linux, cybersecurity, bug-bounty07-Oct-2024
Finding a Hidden GraphQL Endpointhttps://medium.com/@codingbolt.in/finding-a-hidden-graphql-endpoint-56001ab29f85?source=rss------bug_bounty-5codingboltgraphql, api, api-testing, cybersecurity, bug-bounty07-Oct-2024
How I Got my First Bounty €€ ?https://medium.com/@muralidharan1530/how-i-got-my-first-bounty-776e8487f9a0?source=rss------bug_bounty-5Murali Dharanbug-bounty-tips, bug-bounty-writeup, bug-bounty, bugs07-Oct-2024
Finding DOM XSS via File Uploadhttps://medium.com/@0Xdarsh/finding-dom-xss-via-file-upload-2a533a97cfaa?source=rss------bug_bounty-50Xdarshpentesting, web-penetration-testing, bug-hunting, bug-bounty07-Oct-2024
My 2nd bounty : Referer-based access control + Response manipulationhttps://medium.com/@adebayosec/my-2nd-bounty-referer-based-access-control-response-manipulation-2ab7f54d083f?source=rss------bug_bounty-5Toriouspenetration-testing, broken-access-control, hacking, bug-bounty, cybersecurity07-Oct-2024
Bypassing GraphQL brute force protectionshttps://medium.com/@codingbolt.in/bypassing-graphql-brute-force-protections-5cce7b3657c8?source=rss------bug_bounty-5codingboltapi, api-testing, cybersecurity, bug-bounty, graphql07-Oct-2024
First Bug report as a beginner in Bug Bountyhttps://blue3dot.medium.com/first-bug-report-as-a-beginner-in-bug-bounty-367e406cd960?source=rss------bug_bounty-5Manikanta Ginfo-sec-writeups, hackerone, cybersecurity, bug-bounty07-Oct-2024
How I found Cache Deception in a private bug bounty program.https://medium.com/@mos693570/how-i-found-cache-deception-in-a-private-bug-bounty-program-0e3056d15858?source=rss------bug_bounty-5Mo Salahweb-cache-deception, bug-bounty07-Oct-2024
IDOR Attack Slips Through the Cracks: Vulnerability Scanners Miss Critical Security Flaw!https://medium.com/@Aman-Gupta.cse/idor-attack-slips-through-the-cracks-vulnerability-scanners-miss-critical-security-flaw-c0061ea8c122?source=rss------bug_bounty-5Aman Guptabug-bounty, news, idor-vulnerability, cybersecurity, automation07-Oct-2024
tool to generate xss payloads.https://medium.com/h7w/tool-to-generate-xss-payloads-09bf1e519121?source=rss------bug_bounty-5loyalonlytodayhacking, bug-bounty-tips, cybersecurity, bug-bounty, xss-attack07-Oct-2024
5 Most Usefull Programming Language For Hackers | Primary Hacking School #6https://medium.com/@nnface/5-most-usefull-programming-language-for-hackers-primary-hacking-school-6-21b5979f0fe6?source=rss------bug_bounty-5NnFaceprogramming, kali-linux, cybersecurity, bug-bounty, hacking07-Oct-2024
How i get to find no rate limit bug worth $300https://medium.com/@sreejihkn43073/how-i-get-to-find-no-rate-limit-bug-worth-300-5036b0abbc7f?source=rss------bug_bounty-5Sreejihknbugcrowd, cybersecurity, bug-bounty, no-rate-limit, bug-bounty-tips06-Oct-2024
What To Do After Installing Kali #2? | Primary Hacking School #5https://medium.com/@nnface/what-to-do-after-installing-kali-2-primary-hacking-school-5-e9a4a8272dfa?source=rss------bug_bounty-5NnFacecybersecurity, hacking, kali-linux, bug-bounty, linux06-Oct-2024
Enhancing Vulnerability Detection: Leveraging Shodan and ChatGPT for Efficient CIDR Scanninghttps://medium.com/@malzureedi/enhancing-vulnerability-detection-leveraging-shodan-and-chatgpt-for-efficient-cidr-scanning-48970d4b94fa?source=rss------bug_bounty-5Malzureedired-team, bug-bounty-tips, cybersecurity, penetration-testing, bug-bounty06-Oct-2024
Exploiting server-side parameter pollution in a query stringhttps://medium.com/@codingbolt.in/exploiting-server-side-parameter-pollution-in-a-query-string-38768943c6ca?source=rss------bug_bounty-5codingboltbug-bounty-tips, bug-bounty, api-security, cybersecurity, bug-bounty-writeup06-Oct-2024
I Studied 100+ SSRF Reports, and Here’s What I Learnedhttps://infosecwriteups.com/i-studied-100-ssrf-reports-and-heres-what-i-learned-1654c72ee2df?source=rss------bug_bounty-5Aditya Sawantbug-bounty, cybersecurity, penetration-testing, appsec, bug-bounty-tips06-Oct-2024
Exploiting an API endpoint using documentationhttps://medium.com/@codingbolt.in/exploiting-an-api-endpoint-using-documentation-d07d3cedfddc?source=rss------bug_bounty-5codingboltbug-bounty, api-penetration-testing, cybersecurity, bug-bounty-tips, api-testing06-Oct-2024
High-Risk Vulnerabilities in Apache HTTP Server’s mod_proxy Encoding Problem Allow Authentication…https://infosecwriteups.com/high-risk-vulnerabilities-in-apache-http-servers-mod-proxy-encoding-problem-allow-authentication-cbe8d422738d?source=rss------bug_bounty-5Ajay Naikcybersecurity, cyberattack, bug-bounty, vulnerability, bug-bounty-tips06-Oct-2024
Understanding Insecure Design: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-insecure-design-a-critical-vulnerability-in-web-security-1185e989ba0c?source=rss------bug_bounty-5Mrutunjaya Senapatibug-bounty, vulnerability, insecure-design, owasp, hacking06-Oct-2024
How i found the rxss on hackerone vdp program?https://doordiefordream.medium.com/how-i-found-the-rxss-on-hackerone-vdp-program-c14530481c90?source=rss------bug_bounty-5balu bandiethical-hacking, cybersecurity, bug-bounty, xss-attack, bugs06-Oct-2024
How I Secured the Data of 15 Million Consumers: Uncovering Critical Vulnerabilities in Gujarat’s…https://medium.com/@yashprajapati791/how-i-secured-the-data-of-15-million-consumers-uncovering-critical-vulnerabilities-in-gujarats-6dc453323851?source=rss------bug_bounty-5Yash Virendra Prajapatiresponsible-disclosure, bug-bounty, unauthorized-access, trending, ethical-hacking06-Oct-2024
Conditional Error Blind SQLi — Real World vs. Portswigger Labshttps://medium.com/@rodriguezjorgex/conditional-error-blind-sqli-real-world-vs-portswigger-labs-75d8eaee8c13?source=rss------bug_bounty-5Rodriguezjorgexsql-injection, bug-bounty, hacking06-Oct-2024
Race Condition , Allows creation of unlimited projects, bypassing free-tier limits.https://dark0x.medium.com/race-condition-allows-creation-of-unlimited-projects-bypassing-free-tier-limits-109dd91c6783?source=rss------bug_bounty-5Mahmoud Hatem (0xDark)sybersecurity, bugs, bug-bounty, hacking, bug-bounty-writeup06-Oct-2024
Network Penetration Testing: A Comprehensive Guide to Securing Your Infrastructurehttps://systemweakness.com/network-penetration-testing-a-comprehensive-guide-to-securing-your-infrastructure-64ce44712dd2?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, technology, bug-bounty, hacking, careers06-Oct-2024
Why I Quit Bug Bounty Hunting 🙁https://infosecwriteups.com/why-i-quit-bug-bounty-hunting-95e81c907a6f?source=rss------bug_bounty-5Satyam Pathaniabug-bounty, technology, hacking, cybersecurity, information-technology06-Oct-2024
Critical Vulnerabilities in porte_plume plugin to Remote Exploits -$$$$ Bounty -CVE-2024–7954https://infosecwriteups.com/critical-vulnerabilities-in-porte-plume-plugin-to-remote-exploits-bounty-cve-2024-7954-3dbee45134ac?source=rss------bug_bounty-5Ajay Naikbug-bounty, rewards, information-security, cybersecurity, penetration-testing06-Oct-2024
Finding a easy bug in profile picture field.https://infosecwriteups.com/finding-a-easy-bug-in-profile-picture-field-a9b5f853a5bf?source=rss------bug_bounty-5loyalonlytodaycybersecurity, bug-bounty, bug-bounty-tips, hacking, penetration-testing06-Oct-2024
Unrestricted File Upload in AWS S3 Buckethttps://infosecwriteups.com/unrestricted-file-upload-in-aws-s3-bucket-2a764a3965f4?source=rss------bug_bounty-5mo9khu93rpentesting, aws, bug-bounty, hacking, cybersecurity06-Oct-2024
Understanding XSS Vulnerability For Beginners: A Deep Dive into Web Security Riskshttps://medium.com/@error.not.known.404/understanding-xss-vulnerability-a-deep-dive-into-web-security-risks-189276a2d695?source=rss------bug_bounty-5Errorhacking, bug-bounty, ethical-hacking, security, bug-bounty-tips06-Oct-2024
Write-Up — Telegram Anonymous Chat Hack Bothttps://medium.com/@EroHack/write-up-telegram-anonymous-chat-hack-bot-ad3497f813ed?source=rss------bug_bounty-5EroHackbug-bounty, telegram-bot, hacking, pentesting, writeup05-Oct-2024
Sensitive Data Leak using Cors Misconfiguration in prominent Domain Registrarhttps://infosecwriteups.com/sensitive-data-leak-using-cors-misconfiguration-in-prominent-domain-registrar-b3010e4e6501?source=rss------bug_bounty-5Ronak Patelbug-bounty, bug-bounty-writeup, ethical-hacking, information-security05-Oct-2024
SQL Injection Due To Weak Filtering in PHPhttps://medium.com/@bountyget/sql-injection-due-to-weak-filtering-in-php-51f9e8d705c0?source=rss------bug_bounty-5Dhiren Kumar Pradhansql-injection, info-sec-writeups, bug-bounty, secure-coding, infosec05-Oct-2024
Burp Suite and Android: A Step-by-Step Connection Guide #part 1https://medium.com/@mahdisalhi0500/burp-suite-and-android-a-step-by-step-connection-guide-part-1-550dab3aa4c5?source=rss------bug_bounty-5CaptinSHArky(Mahdi)penetration-testing, androidhacking, infosec, ethical-hacking, bug-bounty05-Oct-2024
Uncovering Hidden Vulnerabilities: How I Earned Two Bounties for the Same Issuehttps://medium.com/@milanjain7906/uncovering-hidden-vulnerabilities-how-i-earned-two-bounties-for-the-same-issue-f55cf960110d?source=rss------bug_bounty-5Milanjainbug-bounty, hacker, bugbounty-writeup, hacking, cybersecurity05-Oct-2024
Resource Exhaustion: Leveraging Denial-of-Service Attacks for Maximum Impacthttps://medium.com/@tusharpuri6/unleashing-the-chaos-my-dive-into-denial-of-service-dos-attacks-1ad06478b89a?source=rss------bug_bounty-5Tusharpuripenetration-testing, infosec, bug-bounty, application-security, offensive-security05-Oct-2024
#6. Bug Bounty Series: Vertical Privilege Escalation via Session Storagehttps://cyb3rmind.medium.com/6-bug-bounty-series-vertical-privilege-escalation-via-session-storage-be377380bfe4?source=rss------bug_bounty-5Cyb3r M!ndspenetration-testing, bug-bounty-tips, privilege-escalation, hacking, bug-bounty05-Oct-2024
Understanding Coordinated Vulnerability Disclosure (CVD) & Vulnerability Disclosure Programs (VDP)https://medium.com/@yotamperkal/understanding-coordinated-vulnerability-disclosure-cvd-vulnerability-disclosure-programs-vdp-27ea33c882e0?source=rss------bug_bounty-5Yotam Perkalinformation-security, cybersecurity, bug-bounty, ethical-hacking, vulnerability-management05-Oct-2024
Understanding Injection: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-injection-a-critical-vulnerability-in-web-security-7c5c5b692958?source=rss------bug_bounty-5Mrutunjaya Senapatiowasp, bug-bounty, hacking, injection, vulnerability05-Oct-2024
WHAT IS THE IMPORTANCE OF FINDING AQUISITIONS FOR BUG BOUNTY.https://osintteam.blog/what-is-the-importance-of-finding-aquisitions-for-bug-bounty-02688ef90553?source=rss------bug_bounty-5loyalonlytodaybug-bounty, tips, cybersecurity, hacking, bug-bounty-tips05-Oct-2024
Bug Bounty VS Procrastinationhttps://osintteam.blog/bug-bounty-vs-procrastination-66fadc0a3ace?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitprogramming, bug-bounty, patience, procrastination, cybersecurity05-Oct-2024
Subdomain Enumeration & Takeovers  (Part-3: Takeovers)https://medium.com/@bitthr3at/subdomain-enumeration-takeovers-part-3-takeovers-e5c2b66be7fa?source=rss------bug_bounty-5Naman Gupta (Bitthr3at)bug-bounty, recon, web, attack-surface, subdomain-takeover05-Oct-2024
Power of SQL Injection: How a Simple Query Can Lead to Complete Database Compromisehttps://cyberw1ng.medium.com/power-of-sql-injection-how-a-simple-query-can-lead-to-complete-database-compromise-11ddbefd9e9a?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, cybersecurity, technology, bug-bounty05-Oct-2024
Full Privilege Escalation from Agent to Admin Leads to Team Takeoverhttps://medium.com/@abdelrahman0x01/full-privilege-escalation-from-agent-to-admin-leads-to-team-takeover-2819507af2f1?source=rss------bug_bounty-5Abdelrahman0x01cybersecurity, cyberattack, bug-bounty-tips, penetration-testing, bug-bounty05-Oct-2024
My First XSS Vulnerability Discovery on WebApphttps://medium.com/@sultonhasan017/my-first-xss-vulnerability-discovery-on-webapp-60cfad40f67a?source=rss------bug_bounty-5Sulton hasanbug-bounty, dom-based-xss, xss-vulnerability, penetration-testing05-Oct-2024
Well, now that you’ve put your mind in the right direction and started testing a website, the first…https://medium.com/@shaikhminhaz1975/well-now-that-youve-put-your-mind-in-the-right-direction-and-started-testing-a-website-the-first-c900776d6f89?source=rss------bug_bounty-5Shaikh Minhazbrute-force, bug-bounty, ethical-hacking, cybersecurity, penetration-testing04-Oct-2024
Guarding the Gateway: Understanding and Preventing File Upload Attackshttps://medium.com/@wintersoldiers/guarding-the-gateway-understanding-and-preventing-file-upload-attacks-b116abd5eef0?source=rss------bug_bounty-5Winter_Soldiersfile-upload-vulnerability, web-security, hacking, bug-bounty, rce-vulnerability04-Oct-2024
Directory Brute-Forcing: All Methods You Need to Know — File Extension, Status Filter, and…https://medium.com/@shaikhminhaz1975/well-now-that-youve-put-your-mind-in-the-right-direction-and-started-testing-a-website-the-first-c900776d6f89?source=rss------bug_bounty-5Shaikh Minhazbrute-force, bug-bounty, ethical-hacking, cybersecurity, penetration-testing04-Oct-2024
SQL injection with filter bypass via XML encodinghttps://medium.com/@codingbolt.in/sql-injection-with-filter-bypass-via-xml-encoding-754808d7d29a?source=rss------bug_bounty-5codingboltbug-bounty, sql-injection-attack, sql-injection, bug-bounty-tips, cybersecurity04-Oct-2024
Identifying the LLM Attack Surface: A Beginner’s Guidehttps://medium.com/@360Security/identifying-the-llm-attack-surface-a-beginners-guide-190b6e1c0aba?source=rss------bug_bounty-5Anandllm, bug-bounty, vapt, penetration-testing, cybersecurity04-Oct-2024
GraphQL vs REST: Comparison and exploithttps://medium.com/@kabi_777/graphql-vs-rest-comparison-and-security-insights-f481f3389e43?source=rss------bug_bounty-5Kabi_777bug-bounty, bug-bounty-writeup, bug-bounty-hunter, cybersecurity, bug-bounty-tips04-Oct-2024
Unlocking Cybersecurity: The Power of Bug Bounty Programs in 2024https://medium.com/@eyowas1994/unlocking-cybersecurity-the-power-of-bug-bounty-programs-in-2024-d77d33137e64?source=rss------bug_bounty-5CyberSec Tacticsethical-hacking, bug-bounty, cybersecurity, hacking, web-security04-Oct-2024
From File Upload to Remote Code Execution (RCE)https://medium.com/@lukasz.wierzbicki/from-file-upload-to-remote-code-execution-rce-d8f210b22a8c?source=rss------bug_bounty-5Lukasz Wierzbickisecurity-testing, security-research, bug-bounty, pentesting, pentest04-Oct-2024
Broken Access Control — Unprotected admin functionalityhttps://medium.com/@codingbolt.in/broken-access-control-unprotected-admin-functionality-9905f57fa88a?source=rss------bug_bounty-5codingboltaccess-control, privilege-escalation, cybersecurity, bug-bounty, broken-access-control04-Oct-2024
A Methodology Guide to Bypassing RASP and Root Detection in Mobile Apps with Fridahttps://medium.com/@abhijithknamboothiri96/a-methodology-guide-to-bypassing-rasp-and-root-detection-in-mobile-apps-with-frida-17e4f97b88bc?source=rss------bug_bounty-5Abhijith Namboothirycybersecurity, mobile-pentesting, penetration-testing, bug-bounty, security04-Oct-2024
Understanding Cryptographic Failures: A Key Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-cryptographic-failures-a-key-vulnerability-in-web-security-bb024a4c41ca?source=rss------bug_bounty-5Mrutunjaya Senapatiowasp-top-10, bug-bounty, web-penetration-testing, cyrptography, hacking04-Oct-2024
How to choose the Correct Severity or CVSS Score for a Bug: A Practical Guidehttps://medium.com/@a13h1/how-to-choose-the-correct-severity-or-cvss-score-for-a-bug-a-practical-guide-7a83be0096f3?source=rss------bug_bounty-5Abhi Sharmacybersecurity, bug-bounty, bug-bounty-tips, hacking, infosec04-Oct-2024
Are you ready to take over entire infrastructure?https://medium.com/@alex122303q/are-you-ready-to-take-over-entire-infrastructure-a93d2a0f902c?source=rss------bug_bounty-5Nebtyctf, malicious-document, standoff365, bug-bounty, penetration-testing04-Oct-2024
US Trading Account Fund Exploit: An IDOR Vulnerability Walkthroughhttps://medium.com/@360Security/us-trading-account-fund-exploit-an-idor-vulnerability-walkthrough-a61ba5186874?source=rss------bug_bounty-5360 Securityvapt, web-security, bug-bounty, cybersecurity, penetration-testing04-Oct-2024
Identifying the LLM Attack Surface: A Beginner’s Guidehttps://medium.com/@360Security/identifying-the-llm-attack-surface-a-beginners-guide-190b6e1c0aba?source=rss------bug_bounty-5360 Securityllm, bug-bounty, vapt, penetration-testing, cybersecurity04-Oct-2024
Command Injection: How Exploiting User Input Can Lead to Full System Compromisehttps://systemweakness.com/command-injection-how-exploiting-user-input-can-lead-to-full-system-compromise-6becf5b981a1?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, hacking, technology, bug-bounty04-Oct-2024
one of the best tool for subdomains finding.https://osintteam.blog/one-of-the-best-tool-for-subdomains-finding-0769dff261f4?source=rss------bug_bounty-5loyalonlytodaybug-bounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips, hacking04-Oct-2024
easy bug bounty as a beginner part 1https://medium.com/@canonminibeast/easy-bug-bounty-as-a-beginner-part-1-38833747da8d?source=rss------bug_bounty-5Canonminibeasthacking-tools, hacking, web-penetration-testing, bug-bounty, bugbounty-poc04-Oct-2024
Are you ready to take over entire infrastructure?https://medium.com/@nebty/are-you-ready-to-take-over-entire-infrastructure-a93d2a0f902c?source=rss------bug_bounty-5Nebtyctf, malicious-document, standoff365, bug-bounty, penetration-testing04-Oct-2024
Some XSS Situationhttps://medium.com/@haticezkmnl/some-xss-situation-31fa64e113fe?source=rss------bug_bounty-5Hatice Zehra Kamanlıcyber, xss-attack, bug-bounty, exploitation, cybersecurity03-Oct-2024
OTP Bypass Methods | Bug Bountyhttps://medium.com/@arrheniuspaelongan09/otp-bypass-methods-bug-bounty-4a988573c12a?source=rss------bug_bounty-5Qchadprogramming, bug-bounty, penetration-testing, technology, hacking03-Oct-2024
Understanding Broken Access Control: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-broken-access-control-a-critical-vulnerability-in-web-security-6ebd33ad4d35?source=rss------bug_bounty-5Mrutunjaya Senapatibug-bounty, web-penetration-testing, owasp, hacking, broken-access-control03-Oct-2024
Hacker Kali Toolkit Zero-Hero | Primary Hacking School #4https://medium.com/@nnface/hacker-kali-toolkit-zero-hero-primary-hacking-school-4-a489aafb7f75?source=rss------bug_bounty-5NnFacelinux, cybersecurity, hacking, bug-bounty, kali-linux03-Oct-2024
Visible error-based SQL injectionhttps://medium.com/@codingbolt.in/visible-error-based-sql-injection-46b8bafe9059?source=rss------bug_bounty-5codingboltbug-bounty-tips, sql-injection, bug-bounty, sql-injection-attack, cybersecurity03-Oct-2024
Blind SQL injection with conditional errorshttps://medium.com/@codingbolt.in/blind-sql-injection-with-conditional-errors-f7c05ef531ad?source=rss------bug_bounty-5codingboltsql-injection, cybersecurity, sql-injection-attack, bug-bounty-tips, bug-bounty03-Oct-2024
Blind SQL injection with conditional responseshttps://medium.com/@codingbolt.in/blind-sql-injection-with-conditional-responses-7ffa3a1ac84d?source=rss------bug_bounty-5codingboltbug-bounty-tips, sql-injection, bug-bounty, sql-injection-attack, cybersecurity03-Oct-2024
SQL injection UNION attack, retrieving multiple values in a single columnhttps://medium.com/@codingbolt.in/sql-injection-union-attack-retrieving-multiple-values-in-a-single-column-ed5ce734abf2?source=rss------bug_bounty-5codingboltsql-injection-attack, cybersecurity, bug-bounty-tips, bug-bounty, sql-injection03-Oct-2024
SQL injection UNION attack, retrieving data from other tableshttps://medium.com/@codingbolt.in/sql-injection-union-attack-retrieving-data-from-other-tables-11cc211f5ad3?source=rss------bug_bounty-5codingboltsql-injection-attack, sql-injection, bug-bounty, cybersecurity, bug-bounty-tips03-Oct-2024
DNS — Port 53 — Pentestinghttps://medium.com/@verylazytech/dns-port-53-pentesting-7b8ca6307d54?source=rss------bug_bounty-5Very Lazy Techcybersecurity, bug-bounty, hacking, dns-exploit, dns03-Oct-2024
VDP: Broken Session Management Allows Unlimited Free Scans on Pentesting Websitehttps://medium.com/@enigma_/vdp-broken-session-management-allows-unlimited-free-scans-on-pentesting-website-99467dce1d3c?source=rss------bug_bounty-5enigmapenetration-testing, hacking, owasp, bug-bounty, bug-bounty-writeup03-Oct-2024
Subdomain Enumeration & Takeovers (Part-2: Active Enumeration)https://medium.com/@bitthr3at/subdomain-enumeration-takeovers-part-2-active-enumeration-304cb3381813?source=rss------bug_bounty-5Naman Gupta (Bitthr3at)recon, subdomain-enumeration, web, bug-bounty, attack-surface03-Oct-2024
How I hacked RD Sharma’s Publisher Website?https://abhayvis.medium.com/how-i-hacked-rd-sharmas-publisher-website-7a76b3cb12ae?source=rss------bug_bounty-5Abhay Vishwakarmasql-injection, hacking, bug-bounty03-Oct-2024
Blind SQL injection with out-of-band data exfiltrationhttps://medium.com/@codingbolt.in/blind-sql-injection-with-out-of-band-data-exfiltration-0a08129bfad5?source=rss------bug_bounty-5codingboltsql-injection, cybersecurity, bug-bounty-tips, sql-injection-attack, bug-bounty03-Oct-2024
Blind SQL injection with out-of-band interactionhttps://medium.com/@codingbolt.in/blind-sql-injection-with-out-of-band-interaction-e44f6f75bc47?source=rss------bug_bounty-5codingboltbug-bounty-tips, sql-injection-attack, cybersecurity, sql-injection, bug-bounty03-Oct-2024
Blind SQL injection with time delays and information retrievalhttps://medium.com/@codingbolt.in/blind-sql-injection-with-time-delays-and-information-retrieval-fa38f3618a99?source=rss------bug_bounty-5codingboltsql-injection-attack, cybersecurity, sql-injection, bug-bounty, bug-bounty-tips03-Oct-2024
Blind SQL injection with time delayshttps://medium.com/@codingbolt.in/blind-sql-injection-with-time-delays-94cc5d962902?source=rss------bug_bounty-5codingboltcybersecurity, sql-injection-attack, bug-bounty, sql-injection, bug-bounty-tips03-Oct-2024
Pre-Account Takeover via Facebook OAuth Misconfigurationhttps://nyein-chan-aung.medium.com/pre-account-takeover-via-facebook-oauth-misconfiguration-e16b984b7953?source=rss------bug_bounty-5Nyein Chan Aungbug-bounty-tips, takeovers, bug-bounty03-Oct-2024
XML External Entity (XXE) Injection: How Malicious XML Payloads Can Breach Your Applicationhttps://systemweakness.com/xml-external-entity-xxe-injection-how-malicious-xml-payloads-can-breach-your-application-4837f732781e?source=rss------bug_bounty-5Karthikeyan Nagarajtechnology, cybersecurity, hacking, bug-bounty, careers03-Oct-2024
How ChatGPT Made Me a Hacker.https://medium.com/@wajeehakhan9797/how-chatgpt-made-me-a-hacker-b89b1cce992b?source=rss------bug_bounty-5Wajeeha Khanlearning, openai, large-language-models, hacking, bug-bounty03-Oct-2024
Critical Vulnerabilities in DrayTek Vigor Routers: Over 700,000 Devices Exposed to Remote Exploits…https://infosecwriteups.com/critical-vulnerabilities-in-draytek-vigor-routers-over-700-000-devices-exposed-to-remote-exploits-2f3f731b50d9?source=rss------bug_bounty-5Ajay Naikcybersecurity, penetration-testing, bug-bounty, rewards, hacking03-Oct-2024
Blind SQL injection with out-of-band data exfiltrationhttps://systemweakness.com/blind-sql-injection-with-out-of-band-data-exfiltration-0a08129bfad5?source=rss------bug_bounty-5codingboltsql-injection, cybersecurity, bug-bounty-tips, sql-injection-attack, bug-bounty03-Oct-2024
Critical Information Disclosure Vulnerability via CNAME (AUTOMATED SCAN)https://offsec01.medium.com/critical-information-disclosure-vulnerability-via-cname-automated-scan-be0f6597ac5e?source=rss------bug_bounty-5Facundo Fernandezbug-bounty, penetration-testing, ethical-hacking, hacking, cybersecurity03-Oct-2024
https://forms.gle/bHE9FbPTuzYzREAz7https://medium.com/@a1il7j99h/https-forms-gle-bhe9fbptuzyzreaz7-5f9f5d561a4b?source=rss------bug_bounty-5Re$@T!l<cyber, bug-bounty, hacker02-Oct-2024
How I Earned $4000+ from a Simple Information Disclosure Bughttps://medium.com/@rajauzairabdullah/how-i-earned-4000-from-a-simple-information-disclosure-bug-d644c47803c1?source=rss------bug_bounty-5Raja Uzair Abdullahinformation-disclosure, bug-bounty-tips, bug-bounty, penetration-testing02-Oct-2024
Seri Belajar APT (Advanced Persistent Threat) Secara Sederhana Pada Target OS Linux — Pengumpulan…https://medium.com/@mrp.bpp/seri-belajar-apt-advanced-persistent-threat-secara-sederhana-pada-target-os-linux-pengumpulan-967c3c2f46cc?source=rss------bug_bounty-5Mada Perdhanahacking, apt, linux-hacking, bug-bounty, ethical-hacking-tips02-Oct-2024
Seri Belajar APT (Advanced Persistent Threat) Secara Sederhana Pada Target OS Linux — Pengumpulan…https://medium.com/@mrp.bpp/seri-belajar-apt-advanced-persistent-threat-secara-sederhana-pada-target-os-linux-pengumpulan-4cbd83db98af?source=rss------bug_bounty-5Mada Perdhanaapt, nmap, hacking, bug-bounty, ethical-hacking-tips02-Oct-2024
How i got my first bounty of $$$https://rivudon.medium.com/how-i-got-my-first-bounty-of-e163f970d1e0?source=rss------bug_bounty-5Rivek Raj Tamang ( RivuDon )infosec, hackerone, bug-bounty-tips, bug-bounty02-Oct-2024
Mastering Code Qualityhttps://python.plainenglish.io/mastering-code-quality-2f595404d547?source=rss------bug_bounty-5rahul bhatiacoverage, python, code-quality, bug-bounty, bug-detection02-Oct-2024
$175 Prototype Pollution Vulnerability — My first bountyhttps://1-day.medium.com/175-prototype-pollution-vulnerability-my-first-bounty-197738a32330?source=rss------bug_bounty-51daywriteup, penetration-testing, bug-bounty, hacking, bug-bounty-writeup02-Oct-2024
Boost Your Code Quality with Python Coveragehttps://python.plainenglish.io/mastering-code-quality-2f595404d547?source=rss------bug_bounty-5rahul bhatiacoverage, python, code-quality, bug-bounty, bug-detection02-Oct-2024
Comment j’ai découvert une vulnérabilité d’Information Disclosure sur un site que j’utilisehttps://medium.com/@Itachi0xf/comment-jai-d%C3%A9couvert-une-vuln%C3%A9rabilit%C3%A9-d-information-disclosure-sur-un-site-que-j-utilise-3a9fed9daa02?source=rss------bug_bounty-5Itachix0finformation-disclosure, hacking, apihacking, bug-bounty02-Oct-2024
How to Find Bugs and Vulnerabilities Using ChatGPT: Guaranteed Resultshttps://bevijaygupta.medium.com/how-to-find-bugs-and-vulnerabilities-using-chatgpt-guaranteed-results-288ff81dfe40?source=rss------bug_bounty-5Vijay Guptabugs, bug-bounty, vulnerability, bug-bounty-tips, chatgpt02-Oct-2024
SQL injection attack, listing the database contents on non-Oracle databaseshttps://medium.com/@codingbolt.in/sql-injection-attack-listing-the-database-contents-on-non-oracle-databases-718de8ba755a?source=rss------bug_bounty-5codingboltbugs, bug-bounty, cybersecurity, sql-injection, bug-bounty-tips02-Oct-2024
SQL injection UNION attack, determining the number of columns returned by the queryhttps://medium.com/@codingbolt.in/sql-injection-union-attack-determining-the-number-of-columns-returned-by-the-query-f04154bd5b3c?source=rss------bug_bounty-5codingboltsql-injection-attack, sql-injection, bug-bounty, bug-bounty-tips, cybersecurity02-Oct-2024
Exfiltration of Data from a Standalone PChttps://roadtooscp.medium.com/exfiltration-of-data-from-a-standalone-pc-00a538f0f773?source=rss------bug_bounty-5RoadToOSCPbug-bounty, hacking, red-teaming, malware, data-security02-Oct-2024
Découverte d’une vulnérabilité XSS avec contournement de la CSP via unpkg.comhttps://medium.com/@Itachi0xf/d%C3%A9couverte-dune-vuln%C3%A9rabilit%C3%A9-xss-avec-contournement-de-la-csp-via-unpkg-com-02437e0eac34?source=rss------bug_bounty-5Itachix0fhacking, xss-attack, csp-bypass, bug-bounty, xss-bypass02-Oct-2024
“A Vulnerability, A Treasure: Go on a Fun Treasure Hunt with OWASP Top 10!”https://medium.com/@rootspaghetti/a-vulnerability-a-treasure-go-on-a-fun-treasure-hunt-with-owasp-top-10-d9fe21911856?source=rss------bug_bounty-5Root@Spaghettihacking, bug-bounty, bug-bounty-tips02-Oct-2024
SQL injection attack, listing the database contents on Oraclehttps://medium.com/@codingbolt.in/sql-injection-attack-listing-the-database-contents-on-oracle-ceb843466f32?source=rss------bug_bounty-5codingboltsql-injection, bug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty02-Oct-2024
Exploiting Blind XSS to Access Admin Dashboard for Bounty Rewardshttps://medium.com/@arrheniuspaelongan09/exploiting-blind-xss-to-access-admin-dashboard-for-bounty-rewards-fcdd54ddea7c?source=rss------bug_bounty-5Qchadtechnology, hacking, bug-bounty, penetration-testing, hacker02-Oct-2024
Which path to choose in cybersecurity?https://medium.com/@mr_prey3r/which-path-to-choose-in-cybersecurity-ca048e621ba0?source=rss------bug_bounty-5Rubayet Hasan aka MR_Prey3rcybersecurity, hacking, bug-bounty, ethical-hacking02-Oct-2024
OWASP Top 10: 2021 vs. 2017 — A Comparative Analysishttps://medium.com/@mrutunjayasenapati0/owasp-top-10-2021-vs-2017-a-comparative-analysis-70990e5570f8?source=rss------bug_bounty-5Mrutunjaya Senapatibug-bounty, bugs, vulnerability, owasp, hacking02-Oct-2024
Deep Dive in Reconnaissancehttps://medium.com/@bitthr3at/deep-dive-in-reconnaissance-a1e88cfdebf5?source=rss------bug_bounty-5Naman Gupta (Bitthr3at)recon, subdomains-enumeration, bug-bounty, web, attack-surface02-Oct-2024
Bug Bounty Proqramlarına Giriş: Zəifliklərin Aşkar Edilməsi və Etik Hakerlik (Bölüm 1)https://zeynalxan.medium.com/bug-bounty-proqramlar%C4%B1na-giri%C5%9F-z%C9%99iflikl%C9%99rin-a%C5%9Fkar-edilm%C9%99si-v%C9%99-etik-hakerlik-b%C3%B6l%C3%BCm-1-8caa7eb90dd8?source=rss------bug_bounty-5Zeynalxan Quliyevetik-xaker, bug-bounty, whitehat, bug-bounty-nədir, hakerlik2-Oct-2024
A Comprehensive Bug Bounty Checklist for Beginners.https://medium.com/@anandrishav2228/a-comprehensive-bug-bounty-checklist-for-beginners-f96ba591cf3d?source=rss------bug_bounty-5Rishav anandcomputer-science, security, cybersecurity, engineering, bug-bounty2-Oct-2024
Cross-Origin Resource Sharing (CORS) Misconfiguration: How Attackers Exploit Weak Policies to Steal…https://cyberw1ng.medium.com/cross-origin-resource-sharing-cors-misconfiguration-how-attackers-exploit-weak-policies-to-steal-5902af92d71f?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, technology, bug-bounty, cybersecurity2-Oct-2024
SQL injection UNION attack, finding a column containing texthttps://medium.com/@codingbolt.in/sql-injection-union-attack-finding-a-column-containing-text-09d913162e0f?source=rss------bug_bounty-5codingboltsql-injection, sql-injection-attack, bug-bounty, cybersecurity, bug-bounty-tips2-Oct-2024
Reverse Shells: A Practical Guidehttps://medium.com/@learntheshell/reverse-shells-a-practical-guide-af1815bc3127?source=rss------bug_bounty-5LearnTheShellbug-bounty, bug-bounty-tips, reverse-shell, cybersecurity, pentesting02-Oct-2024
Secrets Manager exposed (HasiCorp Vault)https://medium.com/@manumanram2/secrets-manager-exposed-hasicorp-vault-7075539a9e1e?source=rss------bug_bounty-5SrPatoManinformation-disclosure, hacking, bug-bounty02-Oct-2024
Cross-Origin Resource Sharing (CORS) Misconfiguration: How Attackers Exploit Weak Policies to Steal…https://systemweakness.com/cross-origin-resource-sharing-cors-misconfiguration-how-attackers-exploit-weak-policies-to-steal-5902af92d71f?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, technology, bug-bounty, cybersecurity02-Oct-2024
Utilizing AI Model for Hacking: Bypassing CAPTCHAs using AI leads to Account Takeover | Bug Bountyhttps://ph-hitachi.medium.com/utilizing-ai-model-for-hacking-bypassing-captchas-using-ai-leads-to-account-takeover-bug-bounty-028804b779a0?source=rss------bug_bounty-5Ph.Hitachivulnerability, bug-bounty, captcha, security, ai01-Oct-2024
Chaining Application-Level DoS with CSRF: A Sneaky Exploit to Block User Loginshttps://medium.com/@dsmodi484/chaining-application-level-dos-with-csrf-a-sneaky-exploit-to-block-user-logins-4caaac781883?source=rss------bug_bounty-5Dishant Modihackerone, bug-bounty, csrf, python, vulnerability01-Oct-2024
Top 10 Documentation Every Hacker Should Knowhttps://medium.com/@RaunakGupta1922/top-10-documentation-every-hacker-should-know-f28e73f7c207?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitethical-hacking, cybersecurity, bug-bounty, programming, infosec01-Oct-2024
Mastering XSS (Cross-Site Scripting) Attacks: A Comprehensive Guide to become Professional Bug…https://medium.com/@kumawatabhijeet2002/mastering-xss-cross-site-scripting-attacks-a-comprehensive-guide-to-become-professional-bug-6251058c576e?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, xss-vulnerability, bug-bounty-tips, dom-based-xss, xss-attack01-Oct-2024
Don’t Miss Out! The Best Platforms to Report Vulnerabilities and Earn Big!https://medium.com/@paritoshblogs/dont-miss-out-the-best-platforms-to-report-vulnerabilities-and-earn-big-787bbb03607a?source=rss------bug_bounty-5Paritoshhow-to, vulnerability, hacking, bug-bounty, cybersecurity01-Oct-2024
Why can’t Bug Bounty Hunter find a bug?https://m0hitrawat.medium.com/why-cant-bug-bounty-hunter-find-a-bug-b5c9bc72a30d?source=rss------bug_bounty-5Mohit Rawatpentesting-checklist, bug-bounty, bug-bounty-writeup, pentesting-guide, bug-bounty-tips01-Oct-2024
Android Application Pentesting Part 2 ‍ | Android Platform Architecturehttps://dkcyberz.medium.com/android-application-pentesting-part-2-android-platform-architecture-0db5e27f209a?source=rss------bug_bounty-5Harpy Hunterandroid-pentesting, bug-bounty, bugbounty-writeup, pentesting, ethical-hacking01-Oct-2024
Understanding the OWASP Top 10: Your Guide to Web Application Securityhttps://medium.com/@mrutunjayasenapati0/understanding-the-owasp-top-10-your-guide-to-web-application-security-fab59537db8b?source=rss------bug_bounty-5Mrutunjaya Senapatihacking, bug-bounty, owasp-top-10, hunting, bounty-program01-Oct-2024
Why Web3Projects Should Start with Smaller Bug Bountieshttps://medium.com/@rangashree.rangaraja/why-web3projects-should-start-with-smaller-bug-bounties-a391777bc559?source=rss------bug_bounty-5Rangashree Rangarajabug-bounty, web3-security, web3, blockchain, blockchain-technology01-Oct-2024
Exploiting the Unprotected: How I Gained Unauthorized Access to Redishttps://medium.com/@impratikdabhi/exploiting-the-unprotected-how-i-gained-unauthorized-access-to-redis-5070eea7da35?source=rss------bug_bounty-5Pratik Dabhihacking, hacking-tools, bugcrowd, hackerone, bug-bounty01-Oct-2024
Taming Post Clapshttps://medium.engineering/taming-post-claps-273d97ce1ced?source=rss------bug_bounty-5Ryan Lattanzidynamodb, software-development, programming, bug-bounty01-Oct-2024
4 Burpsuite Intruder Attack Types You Should Know —Bug Tuesdayhttps://medium.com/@kerstan/4-burpsuite-intruder-attack-types-you-should-know-bug-tuesday-5c7a0900cb56?source=rss------bug_bounty-5kerstanbug-bounty, hacking, cybersecurity01-Oct-2024
Escalating stored XSS to Account Takeoverhttps://nyein-chan-aung.medium.com/escalating-stored-xss-to-account-takeover-28c549cd5f6b?source=rss------bug_bounty-5Nyein Chan Aungbug-bounty, bug-bounty-writeup, bug-bounty-tips01-Oct-2024
Unauthenticated PHP Object Injection in GiveWP Plugin for WordPresshttps://infosecwriteups.com/unauthenticated-php-object-injection-in-givewp-plugin-for-wordpress-5fffa8df79c8?source=rss------bug_bounty-5Ajay Naikrewards, hacking, bug-bounty, vulnerability, cybersecurity01-Oct-2024
File Upload (RCE) to Bounty | HackerOnehttps://starlox.medium.com/file-upload-rce-to-bounty-hackerone-928e8e5b375e?source=rss------bug_bounty-5#$ubh@nk@rinfosec, hacking, pentesting, bug-bounty, cybersecurity01-Oct-2024
Sneaking into your documents: How I hacked DigiLocker?https://medium.com/codechef-vit/sneaking-into-your-documents-how-i-hacked-digilocker-ae6dc44267fb?source=rss------bug_bounty-5Prateek Srivastavabug-bounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips, penetration-testing01-Oct-2024
Cross-Site Request Forgery (CSRF): How Attackers Exploit Trust to Hijack User Actionshttps://systemweakness.com/cross-site-request-forgery-csrf-how-attackers-exploit-trust-to-hijack-user-actions-94d29d787e47?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, bug-bounty, technology, hacking01-Oct-2024
How I Manipulated A User’s Email: A CSRF PoC Walkthrough from TCM Academyhttps://medium.com/@trixiahorner/csrf-walkthrough-5876cdf437ea?source=rss------bug_bounty-5Trixia Hornercybersecurity, hacking, bug-bounty, vulnerability, website01-Oct-2024
Nmap: A Comprehensive Guide for Web Application Bug Huntinghttps://medium.com/@anandrishav2228/nmap-a-comprehensive-guide-for-web-application-bug-hunting-d8c2a0ef360a?source=rss------bug_bounty-5Rishav anandcybersecurity, nmap, bug-bounty, engineering, hacking01-Oct-2024
Bug in a Mailing List Exposed Hundreds of American Universities: How I Found and Exploited the…https://medium.com/@sarvagnpathak/bug-in-a-mailing-list-exposed-hundreds-of-american-universities-how-i-found-and-exploited-the-cf5df54baf37?source=rss------bug_bounty-5Sarvagn Pathakcybersecurity, bug-bounty, awareness, hacking01-Oct-2024
AllSafe Challengeshttps://medium.com/@soliman_almansor/all-safe-challenges-599a09cce447?source=rss------bug_bounty-5Soliman Almansorhacking, bug-bounty, information-security, android-pentesting, infosec01-Oct-2024
Excited to announce our Industrial Security Training Program at @security_lit!https://securitylit.medium.com/excited-to-announce-our-industrial-security-training-program-at-security-lit-82a21753634e?source=rss------bug_bounty-5Security Lit Limitedit-security, cybersecurity, penetration-testing, bug-bounty, traning01-Oct-2024
Open Redirect Bug | wedohackshttps://wedohack.medium.com/open-redirect-bug-wedohacks-26012e51d50c?source=rss------bug_bounty-5WE DO HACKSopen-redirect, bug-bounty, bugs, bug-hunting, hacking01-Oct-2024
CORS Vulnerability with Trusted Insecure Protocolshttps://medium.com/@rcxsecurity/cors-vulnerability-with-trusted-insecure-protocols-09df3304e3d8?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafebug-bounty, information-security, penetration-testing, cybersecurity, hacking01-Oct-2024
Remote code Executionhttps://medium.com/@roshiniyathakula/remote-code-execution-9b2e9f26963d?source=rss------bug_bounty-5Roshiniyathakularce-vulnerability, penetration-testing, bug-bounty, reverse-shell, hacking30-Sep-2024
Uncovering Hidden Subdomains with Favicons: Advanced Enumeration Techniqueshttps://systemweakness.com/uncovering-hidden-subdomains-with-favicons-advanced-enumeration-techniques-e92cb30cbcc3?source=rss------bug_bounty-5Khaleel Khanbug-bounty-tips, hacking, cybersecurity, infosec, bug-bounty30-Sep-2024
Discovering Facebook OAuth Misconfigurations: A Journey into Pre-Account Takeoverhttps://medium.com/@cybershree/discovering-facebook-oauth-misconfigurations-a-journey-into-pre-account-takeover-92a38254cbec?source=rss------bug_bounty-5cybershreebug-bounty, bug-bounty-tips, writing, cybersecurity, bugcrowd30-Sep-2024
Android Application Penetration Testing Part 1 ‍ | Introductionhttps://dkcyberz.medium.com/android-application-penetration-testing-part-1-introduction-738351fe8806?source=rss------bug_bounty-5Harpy Hunterbug-bounty, pentesting, mobile-pentesting, android-pentesting, bugbounty-writeup30-Sep-2024
How to use AI for Bug Bounty in 2024https://medium.com/@anandrishav2228/how-to-use-ai-for-bug-bounty-in-2024-39ef4d2a518a?source=rss------bug_bounty-5Rishav anandai, networking, security, cybersecurity, bug-bounty30-Sep-2024
SQL Injection vulnerability in CRMEB v.5.2.2 — $$$$ Bountyhttps://osintteam.blog/sql-injection-vulnerability-in-crmeb-v-5-2-2-bounty-7bc056a19cce?source=rss------bug_bounty-5Ajay Naikvulnerability, sql, rewards, bug-bounty, sql-injection30-Sep-2024
Easy P2 — Pre account takeover via Facebook OAuth misconfigurationhttps://sudosuraj.medium.com/easy-p2-pre-account-takeover-via-facebook-oauth-misconfiguration-23c681ba8f07?source=rss------bug_bounty-5sudosurajcybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup, penetration-testing30-Sep-2024
SQL Injection Vulnerability on Login Page Allows Unauthorized Database Dumphttps://medium.com/@harshitha431/sql-injection-sqli-9675e21cc54a?source=rss------bug_bounty-5Harshithabug-bounty, vulnerability, hacking, penetration-testing, sql-injection30-Sep-2024
Prototype Pollution: How a JavaScript Quirk Can Lead to Complete Application Takeoverhttps://cyberw1ng.medium.com/prototype-pollution-how-a-javascript-quirk-can-lead-to-complete-application-takeover-9adb5e4f6b6b?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, hacking, cybersecurity, technology30-Sep-2024
CVE-2024–23897 — Jenkins File Read Vulnerability — POChttps://medium.com/@verylazytech/cve-2024-23897-jenkins-file-read-vulnerability-poc-6a1dfdbfd6f2?source=rss------bug_bounty-5Very Lazy Techcve-2024-23897, jenkins, cybersecurity, bug-bounty, pentesting30-Sep-2024
XSS + OAuth Misconfigs = Token Theft and ATOhttps://7odamoo.medium.com/xss-oauth-misconfigs-token-theft-and-ato-d0837c44cd31?source=rss------bug_bounty-5Mahmoud Hamedpenetration-testing, bug-bounty, cybersecurity30-Sep-2024
How to Use Medusa for Fast, Multi-Protocol Brute-Force Attackshttps://medium.com/@stealthsecurity/how-to-use-medusa-for-fast-multi-protocol-brute-force-attacks-0627997c5686?source=rss------bug_bounty-5Stealth Securityethical-hacking, penetration-testing, cybersecurity, bug-bounty, hacking30-Sep-2024
Prototype Pollution: How a JavaScript Quirk Can Lead to Complete Application Takeoverhttps://infosecwriteups.com/prototype-pollution-how-a-javascript-quirk-can-lead-to-complete-application-takeover-9adb5e4f6b6b?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, hacking, cybersecurity, technology30-Sep-2024
OWASP juice shop -How I get account takeover from XSShttps://medium.com/@abdo-eg/owasp-juice-shop-how-i-get-account-takeover-from-xss-ae3cfc978381?source=rss------bug_bounty-5Abdullah Ahmedxss-attack, owasp, hashing, bug-bounty, ato29-Sep-2024
Hacking with Linux: Your Ultimate Guide to Cyber Security Masteryhttps://medium.com/@RaunakGupta1922/hacking-with-linux-your-ultimate-guide-to-cyber-security-mastery-e8f8bb38510c?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitcybersecurity, linux, ethical-hacking, bug-bounty, hacking29-Sep-2024
OWASP juice-shop login as an admin using SQLi and OSINThttps://medium.com/@abdo-eg/owasp-juice-shop-login-as-an-admin-using-sqli-and-osint-90c4abc4322b?source=rss------bug_bounty-5Abdullah Ahmedweb-security, ethical-hacking, owasp, bug-bounty, penetration-testing29-Sep-2024
H7CTF — WEB CHALLENGEShttps://medium.com/@josangeorge27/h7ctf-web-challenges-db1883775dfd?source=rss------bug_bounty-5Josan Georgectf, ctf-walkthrough, cybersecurity, bug-bounty, web-application-security29-Sep-2024
Essential Port Scanning Skills for Bug Bounty Huntershttps://bevijaygupta.medium.com/essential-port-scanning-skills-for-bug-bounty-hunters-f0e09f3612ce?source=rss------bug_bounty-5Vijay Guptabug-bounty, port-scanning, bug-zero, bugs, bug-bounty-tips29-Sep-2024
Bypassing Filters: SSRF Exploitation via DNS Rebinding with Just 1 in 30 Successful Requestshttps://mokhansec.medium.com/bypassing-filters-ssrf-exploitation-via-dns-rebinding-with-just-1-in-30-successful-requests-2fdc3a9cfd7d?source=rss------bug_bounty-5Mohsin khanbug-bounty-writeup, bug-bounty-tips, bug-bounty, ssrf, bugs29-Sep-2024
Privacy concern bughttps://osintteam.blog/privacy-concern-bug-72b30aead215?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, tips, bug-bounty, cybersecurity, hacking29-Sep-2024
How to Find Bugs and Vulnerabilities Using ChatGPT: Guaranteed Resultshttps://medium.com/@shaikhminhaz1975/how-to-find-bugs-and-vulnerabilities-using-chatgpt-guaranteed-results-3b630fae4691?source=rss------bug_bounty-5Shaikh Minhazbug-bounty, chatgpt, penetration-testing, cybersecurity, how-to29-Sep-2024
Find Vulnerabilities With This Single Nmap Commandhttps://medium.com/@josuofficial327/find-vulnerabilities-with-this-single-nmap-command-a4476c16c82c?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuethical-hacking, cybersecurity, vulnerability, bug-bounty-tips, bug-bounty29-Sep-2024
Performing a Dependency Confusion Attack with Remote Code Execution (RCE): A Step-by-Step Guidehttps://medium.com/@360Security/performing-a-dependency-confusion-attack-with-remote-code-execution-rce-a-step-by-step-guide-8d6055aa53e4?source=rss------bug_bounty-5Anandvapt, cybersecurity, sdlc, rce, bug-bounty29-Sep-2024
Critical bug in MediaTek Chips:CVE-2024–20017https://medium.com/@dudleydaniel.raj2005/critical-bug-in-mediatek-chips-cve-2024-20017-6e955ad56923?source=rss------bug_bounty-5Hydra_101mediatek, chips, cybersecurity, bug-bounty, wifi29-Sep-2024
Mastering Advanced Google Dorks for Ethical Hacking and Vulnerability Discoveryhttps://osintteam.blog/mastering-advanced-google-dorks-for-ethical-hacking-and-vulnerability-discovery-6d9e3dde0433?source=rss------bug_bounty-5Ajay Naikbug-bounty, cybersecurity, rewards, medium, google-dork29-Sep-2024
SMTP/s — Port 25,465,587 For pentestershttps://medium.com/@verylazytech/smtp-s-port-25-465-587-3e5706e081e9?source=rss------bug_bounty-5Very Lazy Techbug-bounty, cybersecurity, smtp, penetration-testing, hacking29-Sep-2024
how i found union based sql injection in hackerone public vdp program?https://doordiefordream.medium.com/how-i-found-union-based-sql-injection-in-hackerone-public-vdp-program-7c76d61f6c77?source=rss------bug_bounty-5cybersecurity researcherethical-hacking, cyber-security-awareness, bug-bounty-writeup, bug-bounty, cybersecurity29-Sep-2024
KidRecon: The Ultimate Automated Subdomain Reconnaissance Tool for Ethical Hackershttps://angixblack.medium.com/kidrecon-the-ultimate-automated-subdomain-reconnaissance-tool-for-ethical-hackers-afb8ed8ea883?source=rss------bug_bounty-5Angix blackinfosec, bug-bounty, recon, automation, bug-bounty-tips29-Sep-2024
Server-Side Request Forgery (SSRF): How Attackers Can Exploit Internal Networkshttps://systemweakness.com/server-side-request-forgery-ssrf-how-attackers-can-exploit-internal-networks-417ed78ae69b?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, technology, cybersecurity29-Sep-2024
Best Bug Bounty and VA/PT Tools in 2024: Use Cases & Commandshttps://medium.com/@anandrishav2228/best-bug-bounty-and-va-pt-tools-in-2024-use-cases-commands-42986d594190?source=rss------bug_bounty-5Rishav anandcybersecurity, bug-bounty, company, pentesting, computer-science29-Sep-2024
Why is Bug Triage Important in Software Testing?https://medium.com/@divyarajsinhdev/why-is-bug-triage-important-in-software-testing-678decfb727f?source=rss------bug_bounty-5Divyarajsinh Dodiaautomation, qa, bug-bounty, testing29-Sep-2024
Understanding Bug Triage: A Crucial Process for Efficient Software Testinghttps://medium.com/@divyarajsinhdev/understanding-bug-triage-a-crucial-process-for-efficient-software-testing-790b9b353177?source=rss------bug_bounty-5Divyarajsinh Dodiatest, qa, automation, bug-bounty, testing29-Sep-2024
DVWA : Cross Site Scripting (XSS) Vulnerability Solution (Low Security Level)https://medium.com/@Kamal_S/dvwa-cross-site-scripting-xss-vulnerability-solution-low-security-level-452396997b5a?source=rss------bug_bounty-5Kamal Ssecurity-testing, xs, bug-bounty, dvwa, owasp29-Sep-2024
Mac Spoofinghttps://bob218.medium.com/mac-spoofing-ad0b180f3fad?source=rss------bug_bounty-5bob218cybersecurity, network-security, cyberattack, osint, bug-bounty29-Sep-2024
Life Sucks P-1https://medium.com/@janpreet9697/life-sucks-p-1-182d702bab02?source=rss------bug_bounty-5Janpreetcybersecurity, life, engineering, bug-bounty, motivation29-Sep-2024
How Bug Bounty Programs can enable widespread fraudhttps://medium.com/@hacktheplanet/how-bug-bounty-programs-can-enable-widespread-fraud-b027f36a49ef?source=rss------bug_bounty-5SirHaxAlotbug-bounty, hacking, fraud, cybersecurity28-Sep-2024
Stories of a sporadic bug bounty hunterhttps://jayaye15.medium.com/stories-of-a-sporadic-bug-bounty-hunter-a09cd32cf0a2?source=rss------bug_bounty-5jb00giecybersecurity, sql-injection, bug-bounty28-Sep-2024
My First Bounty Report Experiencehttps://medium.com/@sreedeepcs.gurukripa/my-first-bounty-report-experience-71095e5c34cd?source=rss------bug_bounty-5ambuheckerbug-bounty, cybersecurity, bug-hunting, hacking28-Sep-2024
Account Takeover and DoS: Weaponizing Enumeration, IDOR, and Registration Floodinghttps://medium.com/@tusharpuri6/account-takeover-and-dos-weaponizing-enumeration-idor-and-registration-flooding-4b88fce20f4b?source=rss------bug_bounty-5Tusharpuripenetration-testing, bug-bounty, offensive-security, application-security, infosec28-Sep-2024
Exploiting a Logic Bug in Discounts Code Generationhttps://medium.com/@sam_0x0/exploiting-a-logic-bug-in-discount-code-generation-a7f624bb396f?source=rss------bug_bounty-5Eslam Omarbug-bounty, logic-bug, hackerone, bug-bounty-tips, bug-bounty-writeup28-Sep-2024
Exploring the Role of Port Scanning in Bug Bounty Huntinghttps://bevijaygupta.medium.com/exploring-the-role-of-port-scanning-in-bug-bounty-hunting-a365e9006b6e?source=rss------bug_bounty-5Vijay Guptaport-scanning, bug-bounty-hunter, scanning, bug-bounty, bugs28-Sep-2024
Essential Tools for Bug Bounty Huntershttps://medium.com/@jatniwalafizza786/essential-tools-for-bug-bounty-hunters-3c2788cf64ae?source=rss------bug_bounty-5Jatniwalafizzacybersecurity, cybersecurity-course, bug-bounty-courses, bug-bounty28-Sep-2024
500$ Email Verification Token Leaks in Requesthttps://medium.com/@0xchoudhary/500-email-verification-token-leaks-in-request-4f0b5ff4b121?source=rss------bug_bounty-5Sushil Choudharyhackerone, bug-bounty, hacking, bounty-program, bugbounty-writeup28-Sep-2024
Top 20 Must-Have Hacking Gadgets for Cybersecurity Professionalshttps://medium.com/@ajaynaikhack/top-20-must-have-hacking-gadgets-for-cybersecurity-professionals-bec4dfe896cf?source=rss------bug_bounty-5Ajay Naikcybersecurity, bug-bounty, gadgets, hacking, information-security28-Sep-2024
Security Misconfiguration: Identifying and Preventing This Common Vulnerabilityhttps://medium.com/@mrutunjayasenapati0/security-misconfiguration-identifying-and-preventing-this-common-vulnerability-14ab1c4989ac?source=rss------bug_bounty-5Mrutunjaya Senapativulnerability, hacking, security-misconfiguration, bug-bounty, penetration-testing28-Sep-2024
Insecure Direct Object References (IDOR): Understanding and Preventing This Vulnerabilityhttps://medium.com/@mrutunjayasenapati0/insecure-direct-object-references-idor-understanding-and-preventing-this-vulnerability-4c8e831f17b4?source=rss------bug_bounty-5Mrutunjaya Senapatibug-bounty, idor, idor-vulnerability, vulnerability, hacking28-Sep-2024
Exploiting a Logic Bug in Discount Codes Generationhttps://medium.com/@sam_0x0/exploiting-a-logic-bug-in-discount-code-generation-a7f624bb396f?source=rss------bug_bounty-5Eslam Omarbug-bounty, logic-bug, hackerone, bug-bounty-tips, bug-bounty-writeup28-Sep-2024
Why Go is the Perfect Choice for CLIshttps://medium.com/@rezauditore/why-go-is-the-perfect-choice-for-clis-477281989ace?source=rss------bug_bounty-5rezauditorepeace, lgbtq, golang, bug-bounty, programming28-Sep-2024
Exposed private key leads to Google cloud service account takeover — Privilege Escalationhttps://vettrivel007.medium.com/exposed-private-key-leads-to-google-cloud-service-account-takeover-privilege-escalation-6f031e20c819?source=rss------bug_bounty-5VETTRIVELbug-bounty-tips, bounty-program, pentesting, bug-bounty, cybersecurity28-Sep-2024
Broken Authentication: A Common Vulnerability Exposing User Accountshttps://cyberw1ng.medium.com/broken-authentication-a-common-vulnerability-exposing-user-accounts-2b48b6f9b644?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, cybersecurity, technology28-Sep-2024
Nuclei ile Zafiyet Tespitihttps://medium.com/@alperenkeskk/nuclei-ile-zafiyet-tespiti-ec94aa180aab?source=rss------bug_bounty-5Alperen Keskincyber-security-awareness, bug-bounty-tips, security, tools, bug-bounty28-Sep-2024
HackTheBox Broken Authentication (Skills Assessment)https://medium.com/@N0UR0X01/hackthebox-broken-authentication-skills-assessment-c43feaab1a52?source=rss------bug_bounty-5N0UR0x01htb-writeup, htb-academy, bug-bounty, htb-academy-writeup, broken-authentication28-Sep-2024
How to google dork effectively for private and other bug bounty programshttps://medium.com/@malikirtizameg/how-to-google-dork-effectively-for-private-and-other-bug-bounty-program-d54f9e7b4d57?source=rss------bug_bounty-5bug bountypenetration-testing, python, bug-bounty, cybersecurity, hacking28-Sep-2024
Full Account Takeover via Facebook OAuth Misconfigurationhttps://medium.com/@0x_xnum/full-account-takeover-via-facebook-oauth-misconfiguration-9e30fe1c1da1?source=rss------bug_bounty-5Ahmed Tarekbug-bounty, oauth, bugbounty-writeup, bugcrowd, account-takeover28-Sep-2024
SQL injection attack, querying the database type and version on MySQL and Microsofthttps://medium.com/@codingbolt.in/sql-injection-attack-querying-the-database-type-and-version-on-mysql-and-microsoft-162715c6cd0e?source=rss------bug_bounty-5codingboltsql-injection-attack, sql-injection, bug-bounty-writeup, bug-bounty, bug-bounty-tips28-Sep-2024
SQL injection attack, querying the database type and version on Oraclehttps://medium.com/@codingbolt.in/sql-injection-attack-querying-the-database-type-and-version-on-oracle-f78a035c654d?source=rss------bug_bounty-5codingboltbug-bounty-tips, sql-injection, bug-bounty-writeup, bug-bounty, sql-injection-attack28-Sep-2024
ORM HQL Injectionhttps://medium.com/@oscuridad1010/orm-hql-injection-e072207e8942?source=rss------bug_bounty-5Gamiel Manbiotaninfosec, hackerone, bugcrowd, developer, bug-bounty28-Sep-2024
How to use built with for bugbountyhttps://osintteam.blog/how-to-use-built-with-for-bugbounty-9f58ba501f5a?source=rss------bug_bounty-5loyalonlytodayhacking, bug-bounty-tips, cybersecurity, bug-bounty, recon28-Sep-2024
P4 bug’s and their POC steps | Part 5https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-5-242eddd02fd0?source=rss------bug_bounty-5socalledhackerinfosec, hacking, bug-bounty, web-security, bug-bounty-tips28-Sep-2024
Level Up your Bug Bounty Game — to P1s and P2s Series : PART 1https://medium.com/@nireshpandian19/level-up-your-bug-bounty-game-to-p1s-and-p2s-series-part-1-edaa702c8499?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty-writeup, bug-bounty, cybersecurity, ethical-hacking, bug-hunting27-Sep-2024
Web App Hacking Tips & Trick—Celah File Upload — Bagian 1https://medium.com/@mrp.bpp/web-app-hacking-tips-trick-celah-file-upload-bagian-1-1df16a844279?source=rss------bug_bounty-5Mada Perdhanafile-upload-vulnerability, hacking, bug-bounty-tips, bug-bounty, web-hacking27-Sep-2024
Sedikit Tips & Trick Saat Testing API — Bagian 2https://medium.com/@mrp.bpp/sedikit-tips-trick-saat-testing-api-bagian-2-a548a85bcea6?source=rss------bug_bounty-5Mada Perdhanaweb-hacking, api-hacing, bug-bounty, bug-hunting, bug-bounty-tips27-Sep-2024
Sedikit Tips & Trick Saat Testing API — Bagian 1https://medium.com/@mrp.bpp/sedikit-tips-trick-saat-testing-api-bagian-1-3983017fec4d?source=rss------bug_bounty-5Mada Perdhanahacking-apis, web-hacking, bug-bounty, bug-bounty-tips, bug-hunting27-Sep-2024
Deep Dive in Reconnaissance (Chapter 1 [part-2] — Root Domain Enumeration)https://medium.com/@bitthr3at/deep-dive-in-reconnaissance-chapter-1-part-2-root-domain-enumeration-87765a50d125?source=rss------bug_bounty-5Naman Gupta (Bitthr3at)appsec, recon, osint, attack-surface-discovery, bug-bounty27-Sep-2024
How to Become a Bug Bounty Hunter: A Complete Guide for Beginnershttps://medium.com/@anandrishav2228/how-to-become-a-bug-bounty-hunter-a-complete-guide-for-beginners-316c27bb2c8c?source=rss------bug_bounty-5Rishav anandbug-bounty, hackerspaces, hacking, website, cybersecurity27-Sep-2024
SQL injection vulnerability allowing login bypasshttps://medium.com/@codingbolt.in/sql-injection-vulnerability-allowing-login-bypass-7f1de7d77a6a?source=rss------bug_bounty-5codingboltbug-bounty, sql-injection, bug-bounty-tips, bug-bounty-writeup, cybersecurity27-Sep-2024
SQL injection vulnerability in WHERE clause allowing retrieval of hidden datahttps://medium.com/@codingbolt.in/sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-8ea2be5f13df?source=rss------bug_bounty-5codingboltbug-bounty-tips, bug-bounty-writeup, sql-injection, bugs, bug-bounty27-Sep-2024
NMAP Usagehttps://medium.com/@mohanmecktro/nmap-usage-780a7f4ccdcc?source=rss------bug_bounty-5Mohan Mecktrohacking-tools, nmap, bug-bounty, penetration-testing, kali27-Sep-2024
Web App Hacking Tips & Trick — Celah File Upload — Bagian 2https://medium.com/@mrp.bpp/web-app-hacking-tips-trick-celah-file-upload-bagian-2-fdc536d3045e?source=rss------bug_bounty-5Mada Perdhanafile-upload-vulnerability, bug-bounty, web-hacking, bug-bounty-tips, hacking27-Sep-2024
Cross-Site Request Forgery (CSRF): Understanding the Threat and How to Mitigate Ithttps://medium.com/@mrutunjayasenapati0/cross-site-request-forgery-csrf-understanding-the-threat-and-how-to-mitigate-it-fb5db007f13b?source=rss------bug_bounty-5Mrutunjaya Senapatihunting, hacking, vulnerability, csrf, bug-bounty27-Sep-2024
5 Key Factors to Help You Choose the Best Bug Bounty Program on HackerOnehttps://medium.com/@blackarazi/5-key-factors-to-help-you-choose-the-best-bug-bounty-program-on-hackerone-b27bb2159d07?source=rss------bug_bounty-5Azhari Harahapbug-bounty-tips, hackerone, bug-bounty-program, bug-bounty27-Sep-2024
I Spent a Month on a Private Program and Earned $$$$$https://mokhansec.medium.com/i-spent-a-month-on-a-private-program-and-earned-c57b4c3d7dba?source=rss------bug_bounty-5Mohsin khanbug-bounty-tips, bugs, bug-bounty27-Sep-2024
What is Bug Bountyhttps://medium.com/@iabhipathak/what-is-bug-bounty-fc9fe6a73e16?source=rss------bug_bounty-5Abhinav Pathakinformation-security, hacking, bug-bounty, security, cybersecurity27-Sep-2024
Unlocking Success: My Journey to Bypassing 2FA and Winning My First Bounty $800https://medium.com/@mihad0x1/unlocking-success-my-journey-to-bypassing-2fa-and-winning-my-first-bounty-800-c6e7654feea4?source=rss------bug_bounty-5mihad0x1hacking, security-research, bugbounty-writeup, bug-bounty, hacker27-Sep-2024
High vs. Low Severity Bugs: A Complete Guide to Bug Classification in Software and Cybersecurityhttps://medium.com/@shoaibjamal663/classification-of-bugs-high-vs-low-severity-bugs-62ce16630ddf?source=rss------bug_bounty-5Muhammad Shoaib Jamalsoftware-development, bugs, risk-management, cybersecurity, bug-bounty27-Sep-2024
NoSQL Injection Attackshttps://medium.com/@majix_de/nosql-injection-attacks-1397fd366c28?source=rss------bug_bounty-5Majixhacking, bug-bounty, penetration-testing, nosql, bug-bounty-tips27-Sep-2024
️ Information Disclosure Vulnerability: Exposing API Keys and Tokens in a Private Programhttps://medium.com/@kumawatabhijeet2002/%EF%B8%8F-information-disclosure-vulnerability-exposing-api-keys-and-tokens-in-a-private-program-e06c4d110552?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, information-disclosure, vulnerability, bug-bounty-tips, pii-data27-Sep-2024
From Enumeration to Takeover: Crack the Code of Subdomain Vulnerabilities!https://enigma96.medium.com/from-enumeration-to-takeover-crack-the-code-of-subdomain-vulnerabilities-4fea92cd0374?source=rss------bug_bounty-5enigmabug-bounty-tips, pentesting, bug-bounty, bugs, hacking27-Sep-2024
How a Simple Exploit Can Lead to a $500 Bounty — Cache Deceptionhttps://infosecwriteups.com/how-a-simple-exploit-can-lead-to-a-500-bounty-cache-deception-8da0583f6013?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, technology, bug-bounty, cybersecurity, careers27-Sep-2024
How I Found an Authentication Flaw in a Chat Featurehttps://medium.com/@krishnast545/my-first-high-severity-bug-how-i-found-an-authentication-flaw-in-a-chat-feature-58fb0f939a4a?source=rss------bug_bounty-5Krishnabugs, bug-bounty27-Sep-2024
Privilege Escalation on Amazon Linux (SageMaker)https://medium.com/@rickconsole/privilege-escalation-on-amazon-linux-sagemaker-cf115042ea5f?source=rss------bug_bounty-5Rick Consolebug-bounty, cloud-computing, cybersecurity, aws, penetration-testing27-Sep-2024
Web App Hacking Tips & Trick — Celah File Upload — Bagian 3https://medium.com/@mrp.bpp/web-app-hacking-tips-trick-celah-file-upload-bagian-3-8ec192d1633b?source=rss------bug_bounty-5Mada Perdhanahacking, bug-hunting, bug-bounty-tips, bug-bounty, file-upload-vulnerability27-Sep-2024
Web Cache Poisoning with Multiple Headershttps://medium.com/@rcxsecurity/web-cache-poisoning-with-multiple-headers-d4e27497288e?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafeinformation-security, information-technology, penetration-testing, cybersecurity, bug-bounty27-Sep-2024
It’s not a bug. It really is a feature.https://medium.com/@info_11548/its-not-a-bug-it-really-is-a-feature-b758f1454970?source=rss------bug_bounty-5Cloette Zager with FranGuardian Corporationbug-bounty, features, featured, featured-stories, bugs27-Sep-2024
Vulnerability: Multiple Vulnerabilities in Linux CUPS (CVSS 9.9)https://infosecwriteups.com/vulnerability-multiple-vulnerabilities-in-linux-cups-cvss-9-9-49dbdcd73cb0?source=rss------bug_bounty-5Ajay Naikbug-bounty, vulnerability, rewards, information-security, cybersecurity27-Sep-2024
my first easy IDOR in a big companyhttps://medium.com/@malikirtizameg/my-first-easy-idor-in-a-big-company-104ee6c4a7ff?source=rss------bug_bounty-5bug bountybug-bounty-tips, cybersecurity, bug-bounty, hacking, ethical-hacking27-Sep-2024
Shodan Revealed: How to Discover Vulnerabilities Across the Webhttps://medium.com/@RejuKole.com/shodan-revealed-how-to-discover-vulnerabilities-across-the-web-925a382bb9bd?source=rss------bug_bounty-5Reju Kolebug-bounty, ethical-hacking, shodan, bug-bounty-tips, web27-Sep-2024
The Art of the Phantom Deposit: a study on vulnerabilities in crypto exchangeshttps://medium.com/@silviosaturnowk/the-art-of-the-phantom-deposit-a-study-on-vulnerabilities-in-crypto-exchanges-3a356153bfe2?source=rss------bug_bounty-5Silvio Saturnoexploit, cybersecurity, bug-bounty, smart-contracts, solidity27-Sep-2024
How to install Subdominator & how to find subdomains using Subdominator !!https://medium.com/@sherlock297/how-to-install-subdominator-how-to-find-subdomains-using-subdominator-fe9b48be2aea?source=rss------bug_bounty-5Ravindra Dagalewindows, tools, tutorial, bug-bounty, subdominator26-Sep-2024
10 Essential Blog Sites For Bug Bounty Huntershttps://medium.com/@RaunakGupta1922/10-essential-blog-sites-for-bug-bounty-hunters-8309cbbe3756?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitknowledge, learning, articles, hacking, bug-bounty26-Sep-2024
Deep Dive in Reconnaissance (Chapter 1 [part-1] — Root Domain Enumeration)https://medium.com/@bitthr3at/deep-dive-in-reconnaissance-chapter-1-part-1-root-domain-enumeration-7ddfda1283fd?source=rss------bug_bounty-5Naman Gupta (Bitthr3at)osint, appsec, recon, attack-surface-discovery, bug-bounty26-Sep-2024
Exploiting SMTP on Metasploitable 2: Unveiling the Power of Port 25https://medium.com/@thefellowhacker/exploiting-smtp-on-metasploitable-2-unveiling-the-power-of-port-25-4fab583855f8?source=rss------bug_bounty-5Taahir Mujawarrhacker, hacking, cybersecurity, technology, bug-bounty26-Sep-2024
Cross-Site Scripting (XSS): Understanding and Mitigating a Common Web Vulnerabilityhttps://medium.com/@mrutunjayasenapati0/cross-site-scripting-xss-understanding-and-mitigating-a-common-web-vulnerability-fe82824c24f5?source=rss------bug_bounty-5Mrutunjaya Senapatihacking, hunting, xss-attack, vulnerability, bug-bounty26-Sep-2024
Story of Time Machines: Where Archived URLs and Juicy Information Handshake Each Otherhttps://medium.com/@security.tecno/story-of-time-machines-where-archived-urls-and-juicy-information-handshake-each-other-11efd831da46?source=rss------bug_bounty-5TECNO Securitysecurity, bug-bounty, research, hacking26-Sep-2024
Vulnerable WordPress August 2024 (Museum of Ostad Bohtouni)https://medium.com/@onhexgroup/vulnerable-wordpress-august-2024-museum-of-ostad-bohtouni-dad683a3ef15?source=rss------bug_bounty-5Onhexgroupwordpress-security, wordpress, bug-bounty, info, cybersecurity26-Sep-2024
Top 7 Free Cybersecurity Tools Every Beginner Must Try Today!https://medium.com/@paritoshblogs/top-7-free-cybersecurity-tools-every-beginner-must-try-today-44eea1aa91b8?source=rss------bug_bounty-5Paritoshbug-bounty, hacking, projects, cybersecurity, free26-Sep-2024
Analyzing a Real HTTP Request Smuggling Attack. What Happened here?https://medium.com/@rezauditore/analyzing-a-real-http-request-smuggling-attack-what-happened-here-19dbc6edf9a4?source=rss------bug_bounty-5rezauditorepentesting, bug-bounty, ctf-writeup, lgbtq, tips26-Sep-2024
CVE-2024–45519 in Zimbra — Bounty 1000 USDhttps://infosecwriteups.com/cve-2024-45519-in-zimbra-bounty-1000-usd-0304b2a813f3?source=rss------bug_bounty-5Ajay Naikhacking, vulnerability, bug-bounty, rewards, cybersecurity26-Sep-2024
Mastering IDS: A Comprehensive Guide with Snort Implementationhttps://medium.com/@hackeraakash2002/mastering-ids-a-comprehensive-guide-with-snort-implementation-4ccc8192a0cf?source=rss------bug_bounty-5HackwithAJnetwork-security, bug-bounty, hacking, cyber-security-awareness, ids-ips26-Sep-2024
SSH Hacking: How to Exploit Port 22 Vulnerabilities for Penetration Testinghttps://medium.com/@verylazytech/ssh-hacking-how-to-exploit-port-22-vulnerabilities-for-penetration-testing-601d257ee491?source=rss------bug_bounty-5Very Lazy Techcybersecurity, hacking, penetration-testing, bug-bounty, exploit26-Sep-2024
Bug bounty – Recon Tips for subdomain enumerationhttps://medium.com/@tharunteja725_8686/bug-bounty-recon-tips-for-subdomain-enumeration-0b3d51ad1cc8?source=rss------bug_bounty-5Chidurala Tharun tejabug-bounty-tips, bug-bounty-writeup, bug-bounty, cybersecurity, oscp26-Sep-2024
Akamai WAF Bypass Lead To Discover 30 XSS bugshttps://medium.com/@nagashygaballah/akamai-waf-bypass-lead-to-discover-30-xss-bugs-bea0f8be1dd4?source=rss------bug_bounty-5111xNagashytips-and-tricks, cybersecurity, xss-attack, penetration-testing, bug-bounty26-Sep-2024
SUBDOMAIN ENUMERATION — BUGBOUNTYhttps://medium.com/@tharunteja725_8686/subdomain-enumeration-bugbounty-2831b70ee735?source=rss------bug_bounty-5Chidurala Tharun tejapenetration-testing, bug-bounty, cybersecurity, oscp, bug-bounty-tips26-Sep-2024
Reflected XSS with event handlers and href attributes blockedhttps://medium.com/@codingbolt.in/reflected-xss-with-event-handlers-and-href-attributes-blocked-b333eb18942e?source=rss------bug_bounty-5codingboltxss-attack, xss-vulnerability, cyberattack, cybersecurity, bug-bounty26-Sep-2024
Reflected XSS with AngularJS sandbox escape and CSPhttps://medium.com/@codingbolt.in/reflected-xss-with-angularjs-sandbox-escape-and-csp-e68867138b6f?source=rss------bug_bounty-5codingboltxss-attack, cybersecurity, bug-bounty, cybercrime, bug-bounty-tips26-Sep-2024
Reflected XSS with AngularJS sandbox escape without stringshttps://medium.com/@codingbolt.in/reflected-xss-with-angularjs-sandbox-escape-without-strings-e434c669ac56?source=rss------bug_bounty-5codingboltbug-bounty, xss-attack, cyberattack, cybersecurity, bug-bounty-tips26-Sep-2024
Exploiting XSS to perform CSRFhttps://medium.com/@codingbolt.in/exploiting-xss-to-perform-csrf-1aac291690bd?source=rss------bug_bounty-5codingboltxss-attack, bug-bounty-writeup, bug-bounty-tips, bug-bounty, cybersecurity26-Sep-2024
How To Configure Metasploitable Machine To Hack? | Primary Hacking School #3https://medium.com/@nnface/how-to-configure-metasploitable-machine-to-hack-primary-hacking-school-3-083cd63c47cf?source=rss------bug_bounty-5NnFacehacking-tools, hacking, bug-bounty, cybersecurity, kali-linux26-Sep-2024
White Hat vs Black Hat Hackers: What’s the Real Difference & Which One Are You?https://codingrasi.medium.com/white-hat-vs-black-hat-hackers-whats-the-real-difference-which-one-are-you-f2c7327d77a7?source=rss------bug_bounty-5CodingRasiyoutube-creators, hacking, bug-bounty, ethical-hacking, hacker26-Sep-2024
Reflected XSS protected by CSP, with CSP bypasshttps://medium.com/@codingbolt.in/reflected-xss-protected-by-csp-with-csp-bypass-58d46ec1fc71?source=rss------bug_bounty-5codingboltxss-attack, xss-vulnerability, bug-bounty, bug-bounty-tips, cybersecurity26-Sep-2024
Reflected XSS protected by very strict CSP, with dangling markup attackhttps://medium.com/@codingbolt.in/reflected-xss-protected-by-very-strict-csp-with-dangling-markup-attack-029d16b86163?source=rss------bug_bounty-5codingboltxss-vulnerability, xss-attack, bug-bounty-tips, bug-bounty, cybersecurity26-Sep-2024
SSRF Simplified (OWASP 2021-A10)https://medium.com/@kannnannmk/ssrf-simplified-owasp-2021-a10-62586a3468f4?source=rss------bug_bounty-5Neelamegha Kannan Spenetration-testing, vulnerability, cybersecurity, bug-bounty, information-security26-Sep-2024
Reflected XSS in a JavaScript URL with some characters blockedhttps://medium.com/@codingbolt.in/reflected-xss-in-a-javascript-url-with-some-characters-blocked-7decfa413c79?source=rss------bug_bounty-5codingboltbug-bounty-tips, cybersecurity, bugs, xss-attack, bug-bounty26-Sep-2024
Finding subdomains using security trails api keyhttps://osintteam.blog/finding-subdomains-using-security-trails-api-key-8b45d5a4629e?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, hacking, bug-bounty-tips, cybersecurity, bug-bounty26-Sep-2024
IDORS — leaking 1.5 crore user detailshttps://medium.com/@nireshpandian19/idors-leaking-1-5-crore-user-details-5bbc3b9368e2?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty, idor-vulnerability, ethical-hacking, idor, cybersecurity25-Sep-2024
Exploring the Role of Port Scanning in Bug Bounty Huntinghttps://bevijaygupta.medium.com/exploring-the-role-of-port-scanning-in-bug-bounty-hunting-169a1d723bb0?source=rss------bug_bounty-5Vijay Guptaport-scanning, bug-bounty, bugs, bug-bounty-writeup, bug-bounty-tips25-Sep-2024
My First Easy IDOR: A Simple Guide to Understanding Insecure Direct Object Referenceshttps://medium.com/@Alireza.salmani/my-first-easy-idor-a-simple-guide-to-understanding-insecure-direct-object-references-8b48aa1da8ea?source=rss------bug_bounty-5Alireza Salmanibug-bounty, access-control, ethical-hacking, web-application-security, cybersecurity25-Sep-2024
Golang edge case: when “defer” will never work out in your codehttps://waclawthedev.medium.com/golang-edge-case-when-defer-will-never-work-out-in-your-code-f783518679e9?source=rss------bug_bounty-5Wacław The Developergolang, bug-bounty, defer, go, backend25-Sep-2024
Finding a p4 as per bugcrowd vrthttps://medium.com/@loyalonlytoday/finding-a-p4-as-per-bugcrowd-vrt-9f08278a75ae?source=rss------bug_bounty-5loyalonlytodaybug-bounty, penetration-testing, web-hacking, bugbounty-writeup, bugs25-Sep-2024
How I Discovered DOM XSS by Analyzing Javascript Codehttps://medium.com/@fajarsylvana/how-i-discovered-dom-xss-by-analyzing-javascript-code-6fa57c680a0e?source=rss------bug_bounty-5Fajar Sylvanapentesting, bug-bounty-tips, hacking, penetration-testing, bug-bounty25-Sep-2024
FTP Hacking: How to Exploit Port 21 Vulnerabilities for Penetration Testinghttps://medium.com/@verylazytech/ftp-hacking-how-to-exploit-port-21-vulnerabilities-for-penetration-testing-bbd65e2238da?source=rss------bug_bounty-5Very Lazy Technetwork-security, ethical-hacking, bug-bounty, cybersecurity, penetration-testing25-Sep-2024
Cracking the Code: How I Took Over Admin Accounts Across Organizationshttps://medium.com/@ismailsaid1603/cracking-the-code-how-i-took-over-admin-accounts-across-organizations-5d135ba152b4?source=rss------bug_bounty-5Esmail Saied (0xSp1DeR)tips-and-tricks, hackerone, bugcrowd, bugbounty-writeup, bug-bounty25-Sep-2024
How I proved impact with Google Map API Keyhttps://r0b0ts.medium.com/how-i-proved-impact-with-google-map-api-key-7aa801616abb?source=rss------bug_bounty-5r0b0tsbug-bounty-writeup, bug-bounty-tips, bugbounty-writeup, bug-bounty, bug-bounty-hunter25-Sep-2024
website leaking otp in inspect elemethttps://osintteam.blog/website-leaking-otp-in-inspect-elemet-8da71ae4004d?source=rss------bug_bounty-5loyalonlytodaybug-bounty, hacking, bugbounty-writeup, bug-bounty-tips, penetration-testing25-Sep-2024
Reflected XSS into a JavaScript string with single quote and backslash escapedhttps://medium.com/@codingbolt.in/reflected-xss-into-a-javascript-string-with-single-quote-and-backslash-escaped-621b6a187f04?source=rss------bug_bounty-5codingboltbugs, bug-bounty-tips, xss-attack, bug-bounty, xss-vulnerability25-Sep-2024
Reflected XSS in canonical link taghttps://medium.com/@codingbolt.in/reflected-xss-in-canonical-link-tag-c4902808a6e7?source=rss------bug_bounty-5codingboltxss-attack, bug-hunting, bug-bounty, bug-bounty-tips, bugs25-Sep-2024
Kerentanan Kritis : Bypass Autentikasi (CVE-2024–7593) pada Ivanti vTM: Penjelasan dan Tindakan…https://medium.com/@mrp.bpp/kerentanan-bypass-autentikasi-kritis-cve-2024-7593-pada-ivanti-vtm-penjelasan-dan-tindakan-77d159f53199?source=rss------bug_bounty-5Mada Perdhanabug-bounty, hacking, ivanti-service-manager, exploit, 0-day-attacks25-Sep-2024
Eksfiltrasi Data Menggunakan Komunikasi DNS (Out-of-Band)https://medium.com/@mrp.bpp/eksfiltrasi-data-menggunakan-komunikas-idns-out-of-band-7932a1ab335f?source=rss------bug_bounty-5Mada Perdhanaoob, bug-bounty, bug-bounty-tips, hacking25-Sep-2024
Exploiting cross-site scripting to steal cookieshttps://medium.com/@codingbolt.in/exploiting-cross-site-scripting-to-steal-cookies-8f57e316e8d3?source=rss------bug_bounty-5codingboltbug-bounty-tips, xss-attack, xss-vulnerability, cookies, bug-bounty25-Sep-2024
Understanding Common Web Vulnerabilities: A Guide for Beginnershttps://medium.com/@mrutunjayasenapati0/understanding-common-web-vulnerabilities-a-guide-for-beginners-398e8987cc4f?source=rss------bug_bounty-5Mrutunjaya Senapatibeginner, bug-bounty, vulnerability, beginners-guide, guides-and-tutorials25-Sep-2024
Reflected XSS into a template literal with angle brackets, single, double quotes, backslash and…https://medium.com/@codingbolt.in/reflected-xss-into-a-template-literal-with-angle-brackets-single-double-quotes-backslash-and-5acbbd9f2631?source=rss------bug_bounty-5codingboltbug-bounty, bug-bounty-writeup, bug-bounty-tips, xss-attack25-Sep-2024
Stored XSS into onclick event with angle brackets and double quotes HTML-encoded and single quotes…https://medium.com/@codingbolt.in/stored-xss-into-onclick-event-with-angle-brackets-and-double-quotes-html-encoded-and-single-quotes-9af43308602b?source=rss------bug_bounty-5codingboltbug-bounty-tips, bug-bounty, xss-vulnerability, bugs, xss-attack25-Sep-2024
Reflected XSS into a JavaScript string with angle brackets and double quotes HTML-encoded and…https://medium.com/@codingbolt.in/reflected-xss-into-a-javascript-string-with-angle-brackets-and-double-quotes-html-encoded-and-e1ad9b482189?source=rss------bug_bounty-5codingboltbug-bounty-tips, xss-attack, xss-vulnerability, bugs, bug-bounty25-Sep-2024
Skrip Otomatisasi XSS (Cross-Site Scripting)https://medium.com/@mrp.bpp/skrip-otomatisasi-xss-cross-site-scripting-6b6064da0408?source=rss------bug_bounty-5Mada Perdhanabug-bounty, xss-attack, tools, hacking, bug-bounty-tips25-Sep-2024
How to Create a Fun, Engaging, and Long-Lasting Bug Bounty Program for Your Communityhttps://medium.com/@GrowthKingdom/how-to-create-a-fun-engaging-and-long-lasting-bug-bounty-program-for-your-community-f67da7fb230a?source=rss------bug_bounty-5Growth Kingdomdapps, blockchain, web3, crypto, bug-bounty25-Sep-2024
Understanding SQL Injection: A Deep Dive into One of the Most Common Web Vulnerabilitieshttps://medium.com/@mrutunjayasenapati0/understanding-sql-injection-a-deep-dive-into-one-of-the-most-common-web-vulnerabilities-2c5d031180c6?source=rss------bug_bounty-5Mrutunjaya Senapatisql-injection, hacking, injection, bug-bounty, sql25-Sep-2024
How Bug Bounties Strengthen Defenses -InITScienceAIhttps://medium.com/@initscienceaiandlooklivenews/how-bug-bounties-strengthen-defenses-initscienceai-c727d3b8a2d3?source=rss------bug_bounty-5InITScienceAibug-bounty-tips, bugs, bugbounting, bug-bounty, bug-bounty-hunter24-Sep-2024
Advanced Port Scanning Techniques for Bug Bounty Programshttps://bevijaygupta.medium.com/advanced-port-scanning-techniques-for-bug-bounty-programs-fd22a049ed37?source=rss------bug_bounty-5Vijay Guptabugs, bug-bounty, bug-bounty-tips, port-scanning, bug-zero24-Sep-2024
test:test not Part 2https://medium.com/@bxrowski0x/test-test-not-part-2-492fb030c8c2?source=rss------bug_bounty-5Omar ElSayedbug-bounty, keycloak, bug-bounty-tips, bug-bounty-writeup, cybersecurity24-Sep-2024
Unlocking Web3 Success: Why Code4rena & Codehawk Are the Ultimate Bug Bounty Platforms for Newbieshttps://medium.com/@firmanregar/unlocking-web3-success-why-code4rena-codehawk-are-the-ultimate-bug-bounty-platforms-for-newbies-c1c041117934?source=rss------bug_bounty-5Firman Siregarbug-bounty, smart-contract-security24-Sep-2024
Mastering Subdomain Takeoverhttps://medium.com/@verylazytech/mastering-subdomain-takeover-48d9b9d593a9?source=rss------bug_bounty-5Very Lazy Techsubdomain-takeover, cybersecurity, bug-bounty, subdomain, hacking24-Sep-2024
DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encodedhttps://medium.com/@codingbolt.in/dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-51f3b873d180?source=rss------bug_bounty-5codingbolthacking, web-hacking, bug-bounty, xss-attack, xss-vulnerability24-Sep-2024
DOM XSS in document.write sink using source location.search inside a select elementhttps://medium.com/@codingbolt.in/dom-xss-in-document-write-sink-using-source-location-search-inside-a-select-element-80223838d4af?source=rss------bug_bounty-5codingboltxss-attack, xss-vulnerability, bug-bounty, hacking, bugs24-Sep-2024
What Are Bugs in Cybersecurity? Understanding the Basicshttps://medium.com/@shoaibjamal663/what-are-bugs-in-cybersecurity-understanding-the-basics-84f2f9ef7304?source=rss------bug_bounty-5Muhammad Shoaib Jamalbugs, cybersecurity, vulnerability, bug-bounty, bug-bounty-tips24-Sep-2024
Price Tampering | Buying course at ₹1!https://medium.com/@anchalrajawat009/price-tampering-buying-course-at-1-09759112e9a4?source=rss------bug_bounty-5Aanchal Singh Rajawatbug-bounty, business-logic-flaw, hacking24-Sep-2024
$1500-P1-Business logic/Failed Defense Vulnerabilityhttps://itsravikiran25.medium.com/1500-p1-business-logic-failed-defense-vulnerability-0b1915aca994?source=rss------bug_bounty-5ravikiraNinfosec, cybersecurity, bug-bounty, hacking, bugbounty-tips24-Sep-2024
Panduan Bagi Pemula untuk Memasuki Dunia Bug Bountyhttps://medium.com/@mrp.bpp/panduan-bagi-pemula-untuk-memasuki-dunia-bug-bounty-bba812d0f680?source=rss------bug_bounty-5Mada Perdhanabug-bounty-writeup, bug-bounty, bug-bounty-tips, bug-bounty-hunter, panduan-pemula24-Sep-2024
Going Crazy with Farming VDPs: Extplorer Admin Panel Bypass & Remote Code Execution (RCE)https://infosecwriteups.com/going-crazy-with-farming-vdps-extplorer-admin-panel-bypass-remote-code-execution-rce-ed6ae27bbce9?source=rss------bug_bounty-5YoungVandainfosec, technology, cybersecurity, hacking, bug-bounty24-Sep-2024
Unlock the Hidden Doors of the Android World: Legendary Recon Tools for Bug Bounty!https://medium.com/@rootspaghetti/unlock-the-hidden-doors-of-the-android-world-legendary-recon-tools-for-bug-bounty-9065e3aa6268?source=rss------bug_bounty-5Root@Spaghettibug-bounty, bug-bounty-tips24-Sep-2024
An IDOR leads to leak users detailshttps://medium.com/@mohameddiv77/an-idor-leads-to-leak-users-details-b54a2280e0f9?source=rss------bug_bounty-5Mohamed Ibrahimbug-bounty-tips, bug-bounty24-Sep-2024
diffrent types of burpsuite extenstions for bughuntinghttps://medium.com/@loyalonlytoday/diffrent-types-of-burpsuite-extenstions-for-bughunting-d411b3d002e1?source=rss------bug_bounty-5loyalonlytodayhacking, bugs, bug-bounty-tips, bug-bounty, burpsuite24-Sep-2024
Reflected XSS with some SVG markup allowedhttps://medium.com/@codingbolt.in/reflected-xss-with-some-svg-markup-allowed-e7aafbf02378?source=rss------bug_bounty-5codingboltxss-attack, xss-vulnerability, ethical-hacking, bug-bounty, cybersecurity24-Sep-2024
Reflected XSS into HTML context with most tags and attributes blockedhttps://medium.com/@codingbolt.in/reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-0bb80ac37064?source=rss------bug_bounty-5codingboltbug-bounty, xss-attack, bug-bounty-tips, xss-vulnerability, bug-bounty-writeup24-Sep-2024
$1500-P1-Business logic/Failed Defense Vulnerabilityhttps://itsravikiran25.medium.com/1500-p1-business-logic-failed-defense-vulnerability-0b1915aca994?source=rss------bug_bounty-5r@v!k!r@ncybersecurity, bug-bounty, hacking, infosec-write-ups, bugbounty-tips24-Sep-2024
Mendapatkan Akses SMTP Melalui Celah SQL Injectionhttps://rdnzx.medium.com/mendapatkan-akses-smtp-melalui-celah-sql-injection-f6d593fcad5e?source=rss------bug_bounty-5Radian IDcybersecurity, bug-bounty, sql-injection, bug-bounty-writeup, bug-bounty-tips24-Sep-2024
You Won’t Find Any Vulnerabilities Without This Technique: Get Your First Bug Bountyhttps://medium.com/@shaikhminhaz1975/you-wont-find-any-vulnerabilities-without-this-technique-get-your-first-bug-bounty-dee2af93e607?source=rss------bug_bounty-5Shaikh Minhazcybersecurity, red-team, penetration-testing, vulnerability, bug-bounty23-Sep-2024
Master the subdomain hunting Part 2https://infosecwriteups.com/master-the-subdomain-hunting-part-2-dea0ee035019?source=rss------bug_bounty-5ʏᴀꜱʜʜ2fa, subdomain, bug-bounty-tips, bugs, bug-bounty23-Sep-2024
Automate Bug Hunting With This Toolhttps://medium.com/@josuofficial327/automate-bug-hunting-with-this-tool-68dfbbaaa0b1?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binucybersecurity, info-sec-writeups, ethical-hacking, bug-bounty, bug-bounty-hunter23-Sep-2024
From Developer to Hacker: Breaking into GraphQLhttps://medium.com/@jonathanmondaut/from-developer-to-hacker-breaking-into-graphql-6083c80b4588?source=rss------bug_bounty-5Jonathan Mondautbug-bounty, graphql, hacker, hacking, technology23-Sep-2024
Unlocking Bug Bounties: The Power of Port Scanninghttps://bevijaygupta.medium.com/unlocking-bug-bounties-the-power-of-port-scanning-ebca71c898a7?source=rss------bug_bounty-5Vijay Guptaport-scanning, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bugs23-Sep-2024
Best Platforms to Learn for Becoming a Pentester or Bug Bounty Hunterhttps://rendiero.medium.com/best-platforms-to-learn-for-becoming-a-pentester-or-bug-bounty-hunter-6c6aa8cbdd64?source=rss------bug_bounty-5Rendierobug-bounty, penetration-testing, hacker, learning, resources23-Sep-2024
RXSS with My Approachhttps://medium.com/@nomad8061/rxss-with-my-approach-c9a989d3ba0b?source=rss------bug_bounty-5Ahmed Badrybug-bounty-tips, bug-bounty-writeup, bug-zero, bugs, bug-bounty23-Sep-2024
From CORS Misconfiguration to Account Takeoverhttps://medium.com/@majix_de/from-cors-misconfiguration-to-account-takeover-1231f263a90e?source=rss------bug_bounty-5Majixbug-bounty-tips, bug-bounty, hacking, penetration-testing, programming23-Sep-2024
Unauthenticated API Endpoint to Create Support Ticket Worth $500https://vijetareigns.medium.com/unauthenticated-api-endpoint-to-create-support-ticket-worth-500-789e91ad9a00?source=rss------bug_bounty-5the_unlucky_guybug-bounty, cybersecurity, bug-bounty-tips, bugbounty-writeup, bug-bounty-writeup23-Sep-2024
DOM XSS using Web Messages and a JavaScript URLhttps://medium.com/@rcxsecurity/dom-xss-using-web-messages-and-a-javascript-url-dcced7fa4195?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafeinformation-technology, information-security, cybersecurity, penetration-testing, bug-bounty23-Sep-2024
Uncovering a Stored XSS Vulnerability on Drugs.comhttps://medium.com/@regan_temudo/uncovering-a-stored-xss-vulnerability-on-drugs-com-1748ccbecc16?source=rss------bug_bounty-5Regan Temudocross-site-scripting, bug-bounty, xx, cybersecurity, stored-xxs23-Sep-2024
How to Guide to SQL Injection Testing: Manual Testing Techniques and SQLMap Usagehttps://medium.com/@mustafa_kamal/how-to-guide-to-sql-injection-testing-manual-testing-techniques-and-sqlmap-usage-5e45046b07bf?source=rss------bug_bounty-5Mustafa Khansql, hacking, bug-bounty, sql-injection, sqlmap23-Sep-2024
finding a easy p4https://medium.com/@loyalonlytoday/finding-a-easy-p4-08272e48f778?source=rss------bug_bounty-5loyalonlytodaybugs, penetration-testing, bug-bounty, bugbounty-writeup, bug-bounty-tips23-Sep-2024
Bypassing restrictions using special charactershttps://medium.com/@youssefmoner2022/bypassing-restrictions-using-special-characters-8f11af75d278?source=rss------bug_bounty-5Youssefmonerbug-bounty, hacking, vulnerability23-Sep-2024
Turning a Closed Bug Report into $650: The Art of Demonstrating Impact!https://hasanka-amarasinghe.medium.com/turning-a-closed-bug-report-into-650-the-art-of-demonstrating-impact-730a3df78df8?source=rss------bug_bounty-5Hasanka Amarasinghebugbounty-writeup, salesforce, bug-bounty, infosec, cybersecurity23-Sep-2024
Cross-Site-Scripting (XSS): Understanding and Mitigating Web Vulnerabilitieshttps://medium.com/@RejuKole.com/cross-site-scripting-xss-understanding-and-mitigating-web-vulnerabilities-b2b5a2c606fc?source=rss------bug_bounty-5Reju Kolebug-bounty-tips, bug-bounty, web, xss-attack, xss-vulnerability23-Sep-2024
Reflected XSS into a JavaScript string with angle brackets HTML encodedhttps://medium.com/@codingbolt.in/reflected-xss-into-a-javascript-string-with-angle-brackets-html-encoded-b9b60f4b2823?source=rss------bug_bounty-5codingboltxss-attack, bug-bounty, bugs, xss-vulnerability, bug-bounty-tips23-Sep-2024
Stored XSS into anchor href attribute with double quotes HTML-encodedhttps://medium.com/@codingbolt.in/stored-xss-into-anchor-href-attribute-with-double-quotes-html-encoded-9f384d27aa95?source=rss------bug_bounty-5codingboltbug-bounty-tips, bugs, bug-bounty, xss-attack, xss-vulnerability23-Sep-2024
750$ in 5 Minutes - XXE to LFIhttps://skramthu.medium.com/750-in-5-minutes-xxe-to-lfi-897bca9c304c?source=rss------bug_bounty-5Ramhackerone, money, security, bug-bounty, infosec23-Sep-2024
How to Guide SQL Injection: Manual Testing Techniques and SQLMap Usagehttps://medium.com/@mustafa_kamal/how-to-guide-to-sql-injection-testing-manual-testing-techniques-and-sqlmap-usage-5e45046b07bf?source=rss------bug_bounty-5Mustafa Khansql, hacking, bug-bounty, sql-injection, sqlmap23-Sep-2024
When a Session Token Isn’t Enough, A Full Account Takeover Storyhttps://medium.com/@ahmedramadan.ar16148/when-a-session-token-isnt-enough-a-full-account-takeover-story-cf99421bb1e3?source=rss------bug_bounty-5Ahmed Ramadanoauth2, oauth, penetration-testing, authentication, bug-bounty23-Sep-2024
Hacking The butler — Jenkins hacking 101https://thexssrat.medium.com/hacking-the-butler-jenkins-hacking-101-e437ed557460?source=rss------bug_bounty-5Thexssrathacks, bug-bounty, hacking, jenkins23-Sep-2024
P4 bug’s and their POC steps | Part 4https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-4-fd81b91fd368?source=rss------bug_bounty-5socalledhackerbugs, web-security, infosec, bug-bounty, cybersecurity23-Sep-2024
TECNO Security Response Center 3rd Anniversary | Safeguarding Product Security, Grateful for Our…https://medium.com/@security.tecno/tecno-security-response-center-3rd-anniversary-safeguarding-product-security-grateful-for-our-550016adce10?source=rss------bug_bounty-5TECNO Securitybirthday, security, hacking, bug-bounty22-Sep-2024
Practical Incident Response: A Step-by-Step Guidehttps://medium.com/@paritoshblogs/practical-incident-response-a-step-by-step-guide-290dadca6e2d?source=rss------bug_bounty-5Paritoshinformation-technology, incident-response, cybersecurity, bug-bounty, ai22-Sep-2024
5 unique Lesser-known methods to find vulnerabilities for bug bounty huntershttps://harish45.medium.com/5-unique-lesser-known-methods-to-find-vulnerabilities-for-bug-bounty-hunters-03799e73c153?source=rss------bug_bounty-5Harishcybersecurity, bug-bounty, bug-bounty-tips, ethical-hacking, hackerrank22-Sep-2024
Port Scanning Tactics to Boost Your Bug Bounty Successhttps://bevijaygupta.medium.com/port-scanning-tactics-to-boost-your-bug-bounty-success-5d46191fa92e?source=rss------bug_bounty-5Vijay Guptabugs, bug-bounty-tips, bug-bounty, tactics, port-scanning22-Sep-2024
How I Leveraged Open Redirect to Account Takeoverhttps://medium.com/@abdelrahman0x01/how-i-leveraged-open-redirect-to-account-takeover-b0ff213d23dc?source=rss------bug_bounty-5Abdelrahman0x01cyberattack, account-takeover, penetration-testing, cybersecurity, bug-bounty22-Sep-2024
Finding emails for this issue. Finding a easy bug to get a easy $$$https://medium.com/@loyalonlytoday/finding-emails-for-this-issue-finding-a-easy-bug-to-get-a-easy-5bc4cd00d112?source=rss------bug_bounty-5loyalonlytodaybug-bounty, penetration-testing, bugbounty-writeup, hacking, bug-bounty-tips22-Sep-2024
How i got 250 euro bountyhttps://doordiefordream.medium.com/how-i-got-250-euro-bounty-9e523fdf807d?source=rss------bug_bounty-5cybersecurity researcherbug-bounty, bugs, cybersecurity, ethical-hacking22-Sep-2024
How I Discovered an Account Takeover from a Reset Password Vulnerabilityhttps://medium.com/@bountyget/how-i-discovered-an-account-takeover-from-a-reset-password-vulnerability-aa39fe0896b5?source=rss------bug_bounty-5Dhiren Kumar Pradhancybersecurity, infosec, bug-bounty-writeup, bug-bounty-tips, bug-bounty22-Sep-2024
From Simple File Import to Full Server Exposure: The Power of SSRF Exploitationhttps://medium.com/@tusharpuri6/from-simple-file-import-to-full-server-exposure-the-power-of-ssrf-exploitation-64ee925e54dc?source=rss------bug_bounty-5Tusharpuriinfosec, bug-bounty, penetration-testing, offensive-security, application-security22-Sep-2024
5 unique Lesser-known methods to find vulnerabilities for bug bounty huntershttps://osintteam.blog/5-unique-lesser-known-methods-to-find-vulnerabilities-for-bug-bounty-hunters-03799e73c153?source=rss------bug_bounty-5Harishcybersecurity, bug-bounty, bug-bounty-tips, ethical-hacking, hackerrank22-Sep-2024
How I was decrypting the traffic and getting from low privilege user to full admin accesshttps://sadc0d3r.medium.com/how-i-was-decrypting-the-traffic-and-getting-from-low-privilege-user-to-full-admin-access-6a2f3b743ac5?source=rss------bug_bounty-5Ahmed Rabeaa Mosaa (SadC0d3r)penetration-test, penetration-testing, cybersecurity, web-attack, bug-bounty22-Sep-2024
How I Hacked Into a Nationwide University Database System Exposing Thousands of Student Recordshttps://1-day.medium.com/how-i-hacked-into-a-nationwide-university-database-system-exposing-thousands-of-student-records-65dce4e4ee23?source=rss------bug_bounty-51daybug-bounty-writeup, penetration-testing, writeup, hacking, bug-bounty22-Sep-2024
Join any project = Criticalhttps://medium.com/@etfchg18/join-any-project-critical-b3625d09876e?source=rss------bug_bounty-5iiiwaleedbug-bounty, web-security, bug-bounty-tips22-Sep-2024
Top 3 subdomain takeovershttps://infosecwriteups.com/top-3-subdomain-takeovers-ea51ecd911fd?source=rss------bug_bounty-5Hicham Almakroudiethical-hacking, hackerone, subdomain-takeover, bug-report, bug-bounty22-Sep-2024
#1 Bug Hunting: Subdomain Enumeration — Explainedhttps://infosecwriteups.com/1-bug-hunting-subdomain-enumeration-explained-389e6fcb3f62?source=rss------bug_bounty-5Om Maniyacybersecurity, enumeration, bug-bounty, programming, bug-bounty-tips21-Sep-2024
Understanding Insecure Deserializationhttps://medium.com/@kannnannmk/understanding-insecure-deserialization-faea7bc5ff5e?source=rss------bug_bounty-5Neelamegha Kannan Sbug-bounty, insecure-deserialization, bug-bounty-tips, cybersecurity, penetration-testing21-Sep-2024
Mastering Port Scanning for Bug Bounty Huntershttps://bevijaygupta.medium.com/mastering-port-scanning-for-bug-bounty-hunters-226c8d007023?source=rss------bug_bounty-5Vijay Guptaport-scanning, bug-bounty-tips, bug-bounty, bugs, port-scan21-Sep-2024
Email Injection | Unseen Threathttps://medium.com/@abolfazl.vaziri/email-injection-unseen-threat-6db7e32ab656?source=rss------bug_bounty-5Abolfazl Vaziriemail, email-attack, bug-bounty, hacking, email-injection21-Sep-2024
My First CVE: A Dream Realizedhttps://medium.com/@mAd13/my-first-cve-a-dream-realized-8bad3ede900a?source=rss------bug_bounty-5Makwana Abhikhacking, cve, cybersecurity, cve-2024-8042, bug-bounty21-Sep-2024
DOM-based XSS: Exploiting `document.write` with `location.search`https://medium.com/@codingbolt.in/dom-based-xss-exploiting-document-write-with-location-search-b5276b34b51b?source=rss------bug_bounty-5Coding Boltxss-attack, bug-bounty, xss-vulnerability, bug-hunting, bugs21-Sep-2024
Some Token Leak Can Lead to Disclose a Lot of Users’ Personal Datahttps://r0b0ts.medium.com/some-token-leak-can-lead-to-disclose-a-lot-of-users-personal-data-6b5b7748ccec?source=rss------bug_bounty-5r0b0tsbug-bounty-writeup, pentesting, bug-bounty, web-security, bug-bounty-tips21-Sep-2024
500$: Open Redirect Vulnerabilityhttps://medium.com/@a13h1/500-open-redirect-vulnerability-9cc9fd4d9b7b?source=rss------bug_bounty-5Abhi Sharmaprogramming, cybersecurity, open-redirect, infosec, bug-bounty21-Sep-2024
My First CVE: A Dream Realizedhttps://medium.com/@mAd13/my-first-cve-a-dream-realized-8bad3ede900a?source=rss------bug_bounty-5Abhik Makwanahacking, cve, cybersecurity, cve-2024-8042, bug-bounty21-Sep-2024
Simple IDOR vulnerability can lead to leak Email address of all usershttps://r0b0ts.medium.com/simple-idor-vulnerability-can-lead-to-leak-email-address-of-all-users-055ada3ba3fc?source=rss------bug_bounty-5r0b0tsbug-bounty, bug-bounty-tips, bug-bounty-writeup, web-security, pentesting21-Sep-2024
How Hackers Crack Active Directory Passwords and Exploit MFA : Are You Next?https://medium.com/@paritoshblogs/how-hackers-crack-active-directory-passwords-and-exploit-mfa-are-you-next-11cfdd0feb20?source=rss------bug_bounty-5Paritoshchatgpt, active-directory, hacking, bug-bounty, cybersecurity21-Sep-2024
Welcome to My Cybersecurity Journeyhttps://medium.com/@mrutunjayasenapati0/welcome-to-my-cybersecurity-journey-e795aebd096d?source=rss------bug_bounty-5Mrutunjaya Senapatiethical-hacking, bugs, bug-bounty, bug-bounty-tips, cybersecurity21-Sep-2024
DOM-based XSS: Exploiting `document.write` with `location.search`https://medium.com/@codingbolt.in/dom-based-xss-exploiting-document-write-with-location-search-b5276b34b51b?source=rss------bug_bounty-5codingboltxss-attack, bug-bounty, xss-vulnerability, bug-hunting, bugs21-Sep-2024
Reflected XSS into Attribute with HTML-Encodedhttps://medium.com/@codingbolt.in/reflected-xss-into-attribute-with-html-encoded-ffe97e2c1439?source=rss------bug_bounty-5codingboltbugs, xss-vulnerability, xss-attack, bug-bounty, cybersecurity21-Sep-2024
Taking ffuf Fuzzing Furtherhttps://medium.com/@learntheshell/taking-ffuf-fuzzing-further-016be44d0b07?source=rss------bug_bounty-5LearnTheShellbug-bounty, hacking, ffuf, bug-bounty-tips, fuzzing21-Sep-2024
Finding a easy Bughttps://medium.com/@loyalonlytoday/finding-a-easy-bug-caed2e199b1d?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, hacking, bug-bounty, bug-bounty-tips, bugbounty-writeup21-Sep-2024
DOM XSS in jQuery: The Danger of `href` Attribute with `location.search` Sourcehttps://medium.com/@codingbolt.in/dom-xss-in-jquery-the-danger-of-href-attribute-with-location-search-source-b2d883cbec59?source=rss------bug_bounty-5codingboltbug-hunting, bug-bounty, xss-attack, bug-bounty-tips, bugs21-Sep-2024
DOM-based XSS: The Case of `innerHTML` and `location.search`https://medium.com/@codingbolt.in/dom-based-xss-the-case-of-innerhtml-and-location-search-373c47866c56?source=rss------bug_bounty-5codingboltbug-bounty, bug-bounty-writeup, xss-vulnerability, xss-attack, bug-bounty-tips21-Sep-2024
Accessing full history of Firepad users.https://medium.com/@adityaahuja.work/accessing-full-history-of-firepad-users-ddc889e73936?source=rss------bug_bounty-5Aditya Ahujaowasp-top-10, cybersecurity, bug-bounty, information-disclosure, cyber-awareness21-Sep-2024
test:test type of bughttps://medium.com/@bxrowski0x/test-test-type-of-bug-cfb352d9bf85?source=rss------bug_bounty-5Omar ElSayedbug-bounty, cybersecurity, keycloak, bug-bounty-writeup, bug-bounty-tips21-Sep-2024
XSS via Cookie Injection: A Deep Dive into the Discoveryhttps://medium.com/@ayushkr99732/xss-via-cookie-injection-a-deep-dive-into-the-discovery-9ef70e22eceb?source=rss------bug_bounty-5Ayushkrpentesting, cross-site-scripting, bug-bounty, cookie-injection21-Sep-2024
Persistent XSS via Cookie Injection: A Deep Dive into the Discoveryhttps://medium.com/@ayushkr99732/xss-via-cookie-injection-a-deep-dive-into-the-discovery-9ef70e22eceb?source=rss------bug_bounty-5Ayushkrpentesting, cross-site-scripting, bug-bounty, cookie-injection21-Sep-2024
Safety above all else! MoreLogin joins Bugrap Bug Bounty Platformhttps://medium.com/@moreloginbrowser/safety-above-all-else-morelogin-joins-bugrap-bug-bounty-platform-b92a99d7e4d7?source=rss------bug_bounty-5MoreLogin Browsersecurity, bug-bounty, antidetect-browser, white-hat-hacker, cybersecurity20-Sep-2024
Common Job Roles in Cyber Securityhttps://medium.com/@RaunakGupta1922/common-job-roles-in-cyber-security-e792d367af67?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitcyber-security-awareness, bug-bounty, diversity, jobs, hacking20-Sep-2024
A Perfect Story Which help to Understand Bug Bountyhttps://medium.com/@Butcher_hell/a-perfect-story-which-help-to-understand-bug-bounty-c0a699239629?source=rss------bug_bounty-5W H I Z H A W Kcybersecurity, storytelling, hacking, bug-bounty, technology20-Sep-2024
How to Learn and Participate in Bug Bountieshttps://rendiero.medium.com/how-to-learn-and-participate-in-bug-bounties-1a2e71dd190b?source=rss------bug_bounty-5Rendierocybersecurity, beginners-guide, learning, bug-bounty, hacking20-Sep-2024
Bypassing Rate Limits: All Known Techniqueshttps://medium.com/@raxomara/bypassing-rate-limits-all-known-techniques-25891bb5ca59?source=rss------bug_bounty-5Raxomararate-limit-bypass, bug-bounty-tips, security-research, cybersecurity, bug-bounty20-Sep-2024
Finding a easy p4https://medium.com/@loyalonlytoday/finding-a-easy-p4-e32c47c8b54a?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bugs20-Sep-2024
The Ultimate Guide to Forgot Password Test Cases ‍https://medium.com/@chinmaya_ramana/the-ultimate-guide-to-forgot-password-test-cases-059e483fdc40?source=rss------bug_bounty-5Chinmaya Ramanasecurity, hacking, bug-bounty, web-application-security, application-security20-Sep-2024
Clickjacking Vulnerability to trigger Reflacted XSShttps://medium.com/@g52238317/clickjacking-vulnerability-to-trigger-reflacted-xss-9029cc5fd676?source=rss------bug_bounty-5Abdelrhman Yassercybersecurity, clickjacking, xss-attack, bug-bounty20-Sep-2024
Bypassing Date Restrictions in an Educational Platform: A Logic Flaw Exploithttps://medium.com/@ahmed_ashraf/bypassing-date-restrictions-in-an-educational-platform-a-logic-flaw-exploit-fdd3d0e3a1cb?source=rss------bug_bounty-5Ahmedashrafbusiness-logic-flaw, privilege-escalation, cybersecurity, bug-bounty, penetration-testing20-Sep-2024
Bug Bounty Dark Reality: The Hidden Truth of Successful Bug Huntinghttps://medium.com/@yashpawar1199/bug-bounty-dark-reality-the-hidden-truth-of-successful-bug-hunting-0b9ed547802d?source=rss------bug_bounty-5Yash Pawar @HackersParadisebug-bounty-dark-reality, bug-bounty, howu-hnters-find-bugs, bounty-efforts-fail, successful-bug-hunting20-Sep-2024
Unlocking Restricted Features: A Vulnerability Analysis of Organization’s Role Managementhttps://0xmatrix.medium.com/unlocking-restricted-features-a-vulnerability-analysis-of-organizations-role-management-aa6a4f7bd0d3?source=rss------bug_bounty-5Mo2men Elmadyhacking, penetration-testing, bug-bounty-tips, bug-bounty, cybersecurity20-Sep-2024
Exploiting GraphQL API Suggestionshttps://nir-choubey-2011.medium.com/exploiting-graphql-api-suggestions-7695e5b8c3ef?source=rss------bug_bounty-5niraj choubeyapi-security, bug-bounty, security, graphql-security20-Sep-2024
Safety above all else! MoreLogin joins Bugrap Bug Bounty Platformhttps://medium.com/@moreloginbrowser/safety-above-all-else-morelogin-joins-bugrap-bug-bounty-platform-cdc178fd6e7e?source=rss------bug_bounty-5MoreLogin Browserbug-bounty, cybersecurity, morelogin, antidetect-browser, security19-Sep-2024
Best Bug Bounty and Pentesting Methodology for Beginners: A Step-by-Step Guidehttps://bevijaygupta.medium.com/best-bug-bounty-and-pentesting-methodology-for-beginners-a-step-by-step-guide-a68170d3acc8?source=rss------bug_bounty-5Vijay Guptabugs, penetration-testing, bug-bounty, bug-bounty-tips, pentesting19-Sep-2024
How to get shodan membership upgrade for freehttps://medium.com/@hichamalmakroudi/how-to-get-shodan-membership-upgrade-for-free-4f21122d2d73?source=rss------bug_bounty-5Hicham Almakroudishodan, hacking-tools, ethical-hacking, bug-bounty, free19-Sep-2024
Nikto A Powerful Web Server Scanner for Vulnerability Assessmenthttps://medium.com/@yashpawar1199/nikto-a-powerful-web-server-scanner-for-vulnerability-assessment-1bd257204f41?source=rss------bug_bounty-5Yash Pawar @HackersParadisebug-bounty, hacking, penetration-testing, cybersecurity, nikto19-Sep-2024
How a 403 bypass got me a bountyhttps://medium.com/@ehsameer/how-a-403-bypass-got-me-a-bounty-7b2d58c0fd88?source=rss------bug_bounty-5ehsameerbug-bounty-tips, bugbounty-writeup, bug-bounty, hackerone19-Sep-2024
How Hackers Trick You Into Actions You Never Meant to Do !https://medium.com/@yassentaalab51/how-hackers-trick-you-into-actions-you-never-meant-to-do-c0993c8f1bbe?source=rss------bug_bounty-5Yassen Taalabowasp, penetration-testing, bug-bounty, cybersecurity, clickjacking19-Sep-2024
How to install Bug Bounty Hunting Tools on Linux and Windows by using Golang(Go)[ProjectDiscovery]https://medium.com/@abdulrahman.muhammad.qarni52/getting-started-with-projectdiscovery-tools-on-linux-and-windows-70e644f1198c?source=rss------bug_bounty-5OxLegacy52hacking, tools-for-hacking, bug-bounty-writeup, bug-bounty-tips, bug-bounty19-Sep-2024
Finding a easy bug to get a easy $$$https://medium.com/@loyalonlytoday/finding-a-easy-bug-to-get-a-easy-f008b2b25f73?source=rss------bug_bounty-5loyalonlytodayhacking, bug-bounty-tips, penetration-testing, bugbounty-writeup, bug-bounty19-Sep-2024
Primary Hacking School #2 After Installing Kalihttps://medium.com/@nnface/primary-hacking-school-2-after-installing-kali-6a226c68e7de?source=rss------bug_bounty-5NnFacekali-linux, linux, bug-bounty, cybersecurity, hacking19-Sep-2024
Understanding File Permissions and Ownershiphttps://cyberw1ng.medium.com/understanding-file-permissions-and-ownership-d73c07f373e2?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, technology, bug-bounty, careers, cybersecurity19-Sep-2024
How I hacked multiple Indian universities (AGAIN).https://medium.com/@alimuhammadsecured/how-i-hacked-multiple-indian-universities-again-d1b9c2a0e01d?source=rss------bug_bounty-5Alimuhammadsecuredctf, cybersecurity, hacking, bug-bounty, malware19-Sep-2024
How Hackers Trick You Into Actions You Never Meant to Do !https://medium.com/@yassentaalab51/how-hackers-trick-you-into-actions-you-never-meant-to-do-c0993c8f1bbe?source=rss------bug_bounty-5Killuaowasp, penetration-testing, bug-bounty, cybersecurity, clickjacking19-Sep-2024
Understanding File Permissions and Ownershiphttps://systemweakness.com/understanding-file-permissions-and-ownership-d73c07f373e2?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, technology, bug-bounty, careers, cybersecurity19-Sep-2024
[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node packagehttps://medium.com/@p0lyxena/2-500-bug-bounty-write-up-remote-code-execution-rce-via-unclaimed-node-package-6b9108d10643?source=rss------bug_bounty-5Fuleki Ioanbugcrowd, bug-bounty, writeup, cybersecurity, remote-code-execution18-Sep-2024
Write up : Business Logic Flaw in Payment Discount Calculation Allows Excessive Discount…https://medium.com/@jakboubmostefa/write-up-business-logic-flaw-in-payment-discount-calculation-allows-excessive-discount-19d567f5da18?source=rss------bug_bounty-5Mostefa Jakboubvulnerability, bug-bounty, cybersecurity18-Sep-2024
10 Essential Browser Extensions for Bug Bounty Huntershttps://medium.com/@firdansp/10-essential-browser-extensions-for-bug-bounty-hunters-f17f8b001bcc?source=rss------bug_bounty-50verRidabug-bounty-tips, writeup, bug-hunting, extension, bug-bounty18-Sep-2024
How to Perform a Cybersecurity Risk Assessment: The Simple Guidehttps://medium.com/@paritoshblogs/how-to-perform-a-cybersecurity-risk-assessment-the-simple-guide-b37d1b986682?source=rss------bug_bounty-5Paritoshbug-bounty, risk, hacking, chatgpt, cybersecurity18-Sep-2024
Leveling Up the Wrong Way: Exploiting API Vulnerabilities in Game Progressionhttps://aminudin.medium.com/leveling-up-the-wrong-way-exploiting-api-vulnerabilities-in-game-progression-19f883f48da8?source=rss------bug_bounty-5Aminudinhacker, bug-bounty, bug-bounty-tips18-Sep-2024
Scanning ip’s got from virustotalhttps://medium.com/@loyalonlytoday/scanning-ips-got-from-virustotal-7baa7398ba83?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, bug-bounty, penetration-testing, hacking, bug-bounty-writeup18-Sep-2024
Mastering Cybersecurity “A Guide to Effective Learning”https://rendiero.medium.com/mastering-cybersecurity-a-guide-to-effective-learning-9e32bd8c5926?source=rss------bug_bounty-5Rendierocybersecurity, bug-bounty, penetration-testing, hacking, learning18-Sep-2024
Scanning ip’s got from virustotal to find a bughttps://medium.com/@loyalonlytoday/scanning-ips-got-from-virustotal-7baa7398ba83?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, bug-bounty, penetration-testing, hacking, bug-bounty-writeup18-Sep-2024
The Reality of Cybersecurity Jobs: Why Freshers Should Focus on Defense✨ Over Hackinghttps://medium.com/@mohammedthoufeeq_25137/the-reality-of-cybersecurity-jobs-why-freshers-should-focus-on-defense-over-hacking-002cd641a453?source=rss------bug_bounty-5Mohamed Thoufeeqcybersecurity, hacking, cyberattack, programming, bug-bounty18-Sep-2024
😞The Reality of Cybersecurity Jobs: Why Freshers Should Focus on Defense✨ Over Hacking 😎https://medium.com/@shari7a0x/protect-your-account-zero-click-account-takeover-for-admin-support-through-password-update-d155c7966b6e?source=rss------bug_bounty-5Shari7a0xbug-bounty-tips, bug-bounty, ato, bugs18-Sep-2024
Real Bug Bounty & Penetration Testing on Live Websites: Step-by-Step Guide (Part 2)https://medium.com/@shaikhminhaz1975/real-bug-bounty-penetration-testing-on-live-websites-step-by-step-guide-part-2-19ca30b17b93?source=rss------bug_bounty-5Shaikh Minhazethical-hacking, bug-bounty, cybersecurity, penetration-testing, chatgpt18-Sep-2024
How Black Hat Hackers Hack into your Telegram Groups !!!https://medium.com/@josuofficial327/how-black-hat-hackers-hack-into-your-telegram-groups-6970a93a20e1?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binupenetration-testing, ethical-hacking, bug-bounty, hacking, cybersecurity18-Sep-2024
Missing Rate Limit Vulnerability: How to Test and Identify Ithttps://medium.com/@octayus/missing-rate-limit-vulnerability-how-to-test-and-identify-it-2f3937e903e6?source=rss------bug_bounty-5OctaYuscybersecurity, infosec, hacking, bug-bounty, twitter18-Sep-2024
How I Utilized AI to Discover an Amazon S3 Bucket Takeover Vulnerability in Red Bull’s Bug Bounty…https://medium.com/@mohamedsaqibc/how-i-utilized-ai-to-discover-an-amazon-s3-bucket-takeover-vulnerability-in-red-bulls-bug-bounty-503d3c4d995f?source=rss------bug_bounty-5Mohamed Saqib Chacking, artificial-intelligence, cybersecurity, bug-bounty18-Sep-2024
Hunting APIs for Bounties: How to Hack and Win Big in Bug Bounties!https://medium.com/@rootspaghetti/hunting-apis-for-bounties-how-to-hack-and-win-big-in-bug-bounties-942d0f4e0885?source=rss------bug_bounty-5Root@Spaghettihacking, bug-bounty, bug-bounty-tips18-Sep-2024
P4 bug’s and their POC steps | Part 3https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-3-298087630cac?source=rss------bug_bounty-5socalledhackerweb, web-security, p4-bugs, bug-bounty, vulnerability18-Sep-2024
Live Bug Bounty Walkthrough: How to Hunt & Report Bugs Effectively (Part 2)https://medium.com/cyberscribers-exploring-cybersecurity/real-bug-bounty-penetration-testing-on-live-websites-step-by-step-guide-part-2-19ca30b17b93?source=rss------bug_bounty-5Shaikh Minhazethical-hacking, bug-bounty, cybersecurity, penetration-testing, chatgpt18-Sep-2024
Using Application Functionality to Exploit Insecure Deserializationhttps://medium.com/@rcxsecurity/using-application-functionality-to-exploit-insecure-deserialization-b4e7c6abdae1?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafeinformation-security, penetration-testing, bug-bounty, information-technology, cybersecurity17-Sep-2024
First-Time Penetration Testing: How to Uncovered Critical Flaws at a Company (Interactive Guide)https://medium.com/@paritoshblogs/first-time-penetration-testing-how-to-uncovered-critical-flaws-at-a-company-interactive-guide-4275f79c02ce?source=rss------bug_bounty-5Paritoshhacking, bug-bounty, ai, penetration-testing, cybersecurity17-Sep-2024
From GitHub Recon to Hotstar Admin Access: A Deep Dive into Security Flawshttps://infosecwriteups.com/from-github-recon-to-hotstar-admin-access-a-deep-dive-into-security-flaws-2e4ae0ec937e?source=rss------bug_bounty-5Vishal Vishwakarmahacking, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-writeup17-Sep-2024
“ part 2 Beginner’s Bug Bounty Methodology: A Journey from Writeups to Real-World Application”https://medium.com/@mahdisalhi0500/part-2-beginners-bug-bounty-methodology-a-journey-from-writeups-to-real-world-application-5d62f79e039f?source=rss------bug_bounty-5CaptinSHArky(Mahdi)cybersecurity, bug-bounty-tips, bug-bounty, ethical-hacking, infose17-Sep-2024
How To Find Clickjacking Easily…https://medium.com/@josuofficial327/how-to-find-clickjacking-under-a-minute-751089be3f74?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binupenetration-testing, bug-bounty, cybersecurity, info-sec-writeups, bug-bounty-tips17-Sep-2024
#5. Bug Bounty Series: $$$ by AWS S3 Bucket misconfigurationshttps://cyb3rmind.medium.com/5-bug-bounty-series-by-aws-s3-bucket-misconfigurations-fb645057d03e?source=rss------bug_bounty-5Cyb3r M!ndspenetration-testing, takeovers, bug-bounty, subdomain-takeover, s3-bucket17-Sep-2024
How I got my first $$$ bounty?https://medium.com/@yashsomalkar/how-i-got-my-first-bounty-098d75ae650d?source=rss------bug_bounty-5Rudrakshackerbug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips, idor-vulnerability17-Sep-2024
Platforms and vulnerable webapps for practing and learning webpentestinghttps://medium.com/@loyalonlytoday/platforms-and-vulnerable-webapps-for-practing-and-learning-webpentesting-b76df42e3ec4?source=rss------bug_bounty-5loyalonlytodaybug-bounty, penetration-testing, hacking, bugbounty-writeup, web-penetration-testing17-Sep-2024
Direct Volume Access Attackhttps://medium.com/@reemmoslem34/direct-volume-access-attack-dfbb2d73e406?source=rss------bug_bounty-5Rem Khalidbug-bounty, cryptocurrency, malware, hacking, cybersecurity17-Sep-2024
Dll Side Loading Attackhttps://medium.com/@reemmoslem34/dll-side-loading-attack-80ea716fd588?source=rss------bug_bounty-5Rem Khalidpython, malware, cybersecurity, hacking, bug-bounty17-Sep-2024
A bypass on GitLab’s Login Email Verification via OAuth ROPC flow.https://cybxis.medium.com/a-bypass-on-gitlabs-login-email-verification-via-oauth-ropc-flow-e194242cad96?source=rss------bug_bounty-5cybxishackerone, gitlab, oauth2, bug-bounty17-Sep-2024
Type of Cyber Securityhttps://medium.com/@RaunakGupta1922/type-of-cyber-security-c43047a34fe7?source=rss------bug_bounty-5Raunak Gupta Aka Biscuithacking, bug-bounty, social-media, cybersecurity, basics16-Sep-2024
Menguasai Reconnaissance: Metode lengkap untuk mengumpulkan informasihttps://hack4funacademy.medium.com/menguasai-reconnaissance-metode-lengkap-untuk-mengumpulkan-informasi-acdeba7dc054?source=rss------bug_bounty-5Hack4Fun Academyprogramming, bug-bounty, hacking, cybersecurity, networking16-Sep-2024
How to Set Up Proxychains in Kali Linuxhttps://medium.com/@vignesh6872610/how-to-set-up-proxychains-in-kali-linux-ddd44c3502af?source=rss------bug_bounty-5Vignesh Pbug-bounty, bug-bounty-writeup, proxychains, linux-tutorial, bug-bounty-tips16-Sep-2024
Three Months of Full-Time Bug Bounty Hunting as a Newbie in 2024https://medium.com/@nchaitreddyutilities/three-months-of-full-time-bug-bounty-hunting-as-a-newbie-in-2024-a941977b61f1?source=rss------bug_bounty-5Chaitanya Reddybug-bounty-tips, cybersecurity, bug-bounty, writeup16-Sep-2024
WhatsApp View Once Privacy Issue Initial Fix Assessment: The Good, the Bad and The Uglyhttps://medium.com/@TalBeerySec/whatsapp-view-once-privacy-issue-initial-fix-assessment-the-good-the-bad-and-the-ugly-be97ec1cc2e5?source=rss------bug_bounty-5Tal Be'erysecurity, web-development, bug-bounty, privacy, whatsapp16-Sep-2024
Guide to Finding and Exploiting Web Cache Poisoninghttps://systemweakness.com/guide-to-finding-and-exploiting-web-cache-poisoning-f32d0962d28d?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, careers, technology, bug-bounty16-Sep-2024
The Curious Case Of MutantBedrog’s Trusted-Types CSP Bypasshttps://blog.confiant.com/the-curious-case-of-mutantbedrogs-trusted-types-csp-bypass-950b19a38b4f?source=rss------bug_bounty-5Eliya Steinbug-bounty, malvertising, hacking, cybersecurity, threat-intelligence16-Sep-2024
How I Found Live Traffic Exposure on a Public Server: One of my interesting findingshttps://medium.com/@josuofficial327/how-i-found-live-traffic-exposure-on-a-public-server-one-of-my-interesting-findings-0ecde16813a8?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binubug-bounty, cybersecurity, penetration-testing, bugbounty-writeup, bug-bounty-hunter16-Sep-2024
Using Full potential of Virustotal for Bugbountyhttps://medium.com/@loyalonlytoday/using-full-potential-of-virustotal-for-bugbounty-8d80221ab2e4?source=rss------bug_bounty-5loyalonlytodaybugbounty-tips, penetration-testing, hacking, bug-bounty, bugbounty-writeup16-Sep-2024
How i accidently found a server side template injectionhttps://medium.com/@malikirtizameg/how-i-accidently-found-a-server-side-template-injection-f5e7aec0b64d?source=rss------bug_bounty-5Insbat Arshadcybersecurity, bug-bounty, programming, devops, python16-Sep-2024
CloudSek CTF 2024 Writeuphttps://naumankh4n.medium.com/cloudsek-ctf-aug-2024-writeup-6b4409675f88?source=rss------bug_bounty-5Nauman Khanhacking, bug-bounty, ctf, penetration-testing, ctf-writeup16-Sep-2024
Subdomain takeover amazon S3https://medium.com/@hichamalmakroudi/subdomain-takeover-amazon-s3-21de0af8a1d3?source=rss------bug_bounty-5Hicham Almakroudibug-bounty, aws, hacking, s3, subdomain-takeover16-Sep-2024
How To Get Easy critical 0 click account takeover on public bug bounty program at hackerone !https://medium.com/@kaforybory/how-to-get-easy-critical-0-click-account-takeover-on-public-bug-bounty-program-at-hackerone-8b1859cc7738?source=rss------bug_bounty-5Hassan Makkiinfosec, bug-bounty-tips, cybersecurity, bug-bounty, bug-hunting16-Sep-2024
Structure your recon files before they structure youhttps://medium.com/@paractmol/structure-your-recon-files-before-they-structure-you-ba3509a182f0?source=rss------bug_bounty-5paractmolgolang, recon, tools, bug-bounty, automation-tools16-Sep-2024
How to Kick Off Your Journey into Bug Hunting: A Beginner's Guidehttps://medium.com/@justluke5691/how-to-kick-off-your-journey-into-bug-hunting-a-beginners-guide-eb5a551f4edb?source=rss------bug_bounty-5K. Niraj Chandra Singhabug-bounty, technology, cybersecurity16-Sep-2024
very easy and helpfull for new hunters, how i accidently found a server side template injectionhttps://medium.com/@malikirtizameg/how-i-accidently-found-a-server-side-template-injection-f5e7aec0b64d?source=rss------bug_bounty-5Insbat Arshadcybersecurity, bug-bounty, programming, devops, python16-Sep-2024
Structure your recon files before they become unstructuredhttps://medium.com/@paractmol/structure-your-recon-files-before-they-structure-you-ba3509a182f0?source=rss------bug_bounty-5paractmolgolang, recon, tools, bug-bounty, automation-tools16-Sep-2024
#3 HOW TO FIND OPEN REDIRECT EASILY ???https://medium.com/@josuofficial327/3-how-to-find-open-redirect-easily-fd8a7ea6e12b?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuthreat-intelligence, bug-bounty, bug-bounty-tips, threat-hunting, cybersecurity15-Sep-2024
Subdomain Takeovers for Beginnershttps://medium.com/@hichamalmakroudi/subdomain-takeovers-for-beginners-a51ed74db543?source=rss------bug_bounty-5Hicham Almakroudisubdomain-takeover, bug-bounty, bug-bounty-tips, ethical-hacking, hacking15-Sep-2024
XSS — Cross Site Scriptinghttps://medium.com/@codingboltacademy/xss-cross-site-scripting-65e1981817df?source=rss------bug_bounty-5Coding Bolt Academyxss-vulnerability, xss-attack, bug-bounty, cross-site-scripting, ethical-hacking15-Sep-2024
IDOR — Broken Access Controlhttps://medium.com/@codingboltacademy/idor-broken-access-control-efeb6698919f?source=rss------bug_bounty-5Coding Bolt Academyethical-hacking, penetration-testing, cybersecurity, bug-bounty, idor15-Sep-2024
How i got 100$ bountyhttps://medium.com/@mukkumukku110/how-i-got-100-bounty-b3dd58e82e00?source=rss------bug_bounty-5bughunterbug-bounty, bugs, bug-bounty-writeup, bug-bounty-tips15-Sep-2024
Hunting for Corporate Accounts: Exploiting IDOR and Parameter Pollution in Web Applicationshttps://medium.com/@tusharpuri6/hunting-for-corporate-accounts-exploiting-idor-and-parameter-pollution-in-web-applications-1792294e0c48?source=rss------bug_bounty-5Tusharpuribug-bounty, application-security, penetration-testing, offensive-security, infosec15-Sep-2024
Live Bug Bounty & Penetration Testing on Real Websites: Step-by-Step Guide (Part 1)https://medium.com/@shaikhminhaz1975/live-bug-bounty-penetration-testing-on-real-websites-step-by-step-guide-part-1-971ccc9b9587?source=rss------bug_bounty-5Shaikh Minhazbug-bounty, bug-bounty-tips, penetration-testing, cybersecurity, information-gathering15-Sep-2024
SQL Injetionhttps://medium.com/@adhikarisudip869/sql-injetion-f6f5f4291cbc?source=rss------bug_bounty-5Sudip Adhikarisql, sql-injection, bug-bounty15-Sep-2024
How to Find IDOR Vulnerabilities: A Guide for Bug Bounty Hunters and Developershttps://cyberw1ng.medium.com/how-to-find-idor-vulnerabilities-a-guide-for-bug-bounty-hunters-and-developers-3d2ba2a766f5?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, cybersecurity, technology, careers15-Sep-2024
BugBounty platforms Listhttps://medium.com/@loyalonlytoday/bugbounty-platforms-list-ed3a5af3a8a2?source=rss------bug_bounty-5loyalonlytodaybugbounty-writeup, bug-bounty-tips, hacking, bug-bounty, penetration-testing15-Sep-2024
Automating the CORS Vulnerability Scanhttps://angixblack.medium.com/automating-the-cors-vulnerability-scan-66d57752cc36?source=rss------bug_bounty-5Angix blackcors, infosec, pentesting, bug-bounty, corsan15-Sep-2024
A very easy bug anyone can findhttps://medium.com/@malikirtizameg/a-very-easy-bug-anyone-can-find-8d2b11a768c7?source=rss------bug_bounty-5Insbat Arshadprogramming, cybersecurity, bug-bounty, software-engineering, devops15-Sep-2024
How to Find IDOR Vulnerabilities: A Guide for Bug Bounty Hunters and Developershttps://systemweakness.com/how-to-find-idor-vulnerabilities-a-guide-for-bug-bounty-hunters-and-developers-3d2ba2a766f5?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, cybersecurity, technology, careers15-Sep-2024
Mastering WordPress Pentesting: The Ultimate Resource Guidehttps://medium.com/@RaunakGupta1922/mastering-wordpress-pentesting-the-ultimate-resource-guide-423bc1e1ddef?source=rss------bug_bounty-5Raunak Gupta Aka Biscuithacking, cybersecurity, wordpress, bug-bounty, wordpress-plugins14-Sep-2024
Telnet Takedown: The Port 23 Exploit on Metasploitable 2, Part IIIhttps://medium.com/@thefellowhacker/telnet-takedown-the-port-23-exploit-on-metasploitable-2-part-iii-a10a6e15b468?source=rss------bug_bounty-5Taahir Mujawarrcybersecurity, bug-bounty, metasploitable, hacking, penetration-testing14-Sep-2024
Open Redirect via Image Uploadhttps://medium.com/@osamamohamed21212121/open-redirect-via-image-upload-bf6f87f8d447?source=rss------bug_bounty-5Osamamohamedbug-bounty-tips, bug-bounty, bugs, bug-zero, bug-bounty-writeup14-Sep-2024
SSRF Via Image Uploadhttps://medium.com/@osamamohamed21212121/ssrf-via-image-upload-f046e2d0e692?source=rss------bug_bounty-5Osamamohamedbug-bounty, bug-zero, bug-bounty-writeup, bugs, bug-bounty-tips14-Sep-2024
Critical Data Breach Exposed: A Deep Dive into a Government Agency’s Security Flawhttps://medium.com/@contact.adnanks/critical-data-breach-exposed-a-deep-dive-into-a-government-agencys-security-flaw-3c4a9b431de6?source=rss------bug_bounty-5Adnan K Sbug-bounty-tips, security, cybersecurity, bug-bounty-writeup, bug-bounty14-Sep-2024
Unlocking Admin Privileges: How I Exploited an IDOR Vulnerabilityhttps://medium.com/@cybsersec/unlocking-admin-privileges-how-i-exploited-an-idor-vulnerability-6829b595889a?source=rss------bug_bounty-5Cybserseccybersecurity, security-research, bug-bounty14-Sep-2024
Unlocking Admin Privileges: How I Exploited an IDOR Vulnerabilityhttps://medium.com/@Krypton09/unlocking-admin-privileges-how-i-exploited-an-idor-vulnerability-6829b595889a?source=rss------bug_bounty-5Kryptoncybersecurity, security-research, bug-bounty14-Sep-2024
How I Discovered a Major Security Flaw in Keltron’s Server Using Google Dorkinghttps://medium.com/@contact.adnanks/how-i-discovered-a-major-security-flaw-in-keltrons-server-using-google-dorking-f8bb3c784803?source=rss------bug_bounty-5Adnan K Scybersecurity, security, owncloud, bug-bounty-tips, bug-bounty14-Sep-2024
how to install kali linux on windows using wsl(windows subsystem linux)https://medium.com/@loyalonlytoday/how-to-install-kali-linux-on-windows-using-wsl-windows-subsystem-linux-92019022ac57?source=rss------bug_bounty-5loyalonlytodaybug-bounty, penetration-testing, wsl-2, hacking, wsl14-Sep-2024
fisher: Cybertalents Cybersecurity Bootcamp Cohort 8https://medium.com/@bridget4/fisher-cybertalents-cybersecurity-bootcamp-cohort-8-cfb9aa6b7a6c?source=rss------bug_bounty-5Bridgetcareers, bug-bounty, cybersecurity, learning, cyber-talents14-Sep-2024
What is Prototype Pollution?https://systemweakness.com/what-is-prototype-pollution-4e2049f68fca?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, technology, careers, hacking, cybersecurity14-Sep-2024
How I Discovered a Major Security Flaw in Keltron’s Server Using Google Dorkinghttps://medium.com/@contact.adnanks/how-i-discovered-a-major-security-flaw-in-keltrons-server-using-google-dorking-e8a8c1dae09b?source=rss------bug_bounty-5Adnan K Shacking, bug-bounty, cybersecurity, ethical-hacking, bug-bounty-tips14-Sep-2024
How I Gained Access to a Corporate CCTV Surveillance System Using Shodanhttps://medium.com/@contact.adnanks/how-i-gained-access-to-a-corporate-cctv-surveillance-system-using-shodan-daac1fa3b37a?source=rss------bug_bounty-5Adnan K Sbug-bounty, surveillance, cctv, cybersecurity, hacking14-Sep-2024
How I Discovered a Critical Vulnerability and Took Over an Organization Using Burp Suitehttps://medium.com/@contact.adnanks/how-i-discovered-a-critical-vulnerability-and-took-over-an-organization-using-burp-suite-fb2d52adc944?source=rss------bug_bounty-5Adnan K Sresearch, bug-bounty-tips, cybersecurity, bug-bounty, ethical-hacking14-Sep-2024
Critical Data Breach Exposed: A Deep Dive into a Government Agency’s Security Flaw (Part 2)https://medium.com/@contact.adnanks/critical-data-breach-exposed-a-deep-dive-into-a-government-agencys-security-flaw-part-2-ba190920e945?source=rss------bug_bounty-5Adnan K Sbug-bounty, grafana, research-reports, cybersecurity, bug-bounty-tips14-Sep-2024
Let the Hunt Begin with Nuclei: The Secret Weapon of the Bug Bounty World!https://medium.com/@rootspaghetti/let-the-hunt-begin-with-nuclei-the-secret-weapon-of-the-bug-bounty-world-9b2491d3a9cb?source=rss------bug_bounty-5Root@Spaghettibug-bounty-tips, hacking, bug-bounty14-Sep-2024
Mastering GraphQL API Pentesting: The Ultimate Resource Guidehttps://medium.com/@RaunakGupta1922/mastering-graphql-api-pentesting-the-ultimate-resource-guide-7755c08bddd2?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitvulnerability, cybersecurity, graphql, bug-bounty, hacking13-Sep-2024
Deleting a folder led to the deactivation of the company’s accounts.https://medium.com/@hossam_hamada/deleting-a-folder-led-to-the-deactivation-of-the-companys-accounts-3759b6b92927?source=rss------bug_bounty-5Hossam Hamadabug-bounty-tips, hackerone, bug-bounty, penetration-testing, bugcrowd13-Sep-2024
#2 ANOTHER EASY BUG- HTML INJECTIONhttps://medium.com/@josuofficial327/2-another-easy-bug-html-injection-0447a79b6c66?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binubug-bounty-hunter, bug-bounty, linux, vulnerability, cybersecurity13-Sep-2024
How Unguessable IDOR Worth me €1000 On Intigritihttps://medium.com/@manan_sanghvi/how-unguessable-idor-worth-me-1000-on-intigriti-7ab6f928b3d9?source=rss------bug_bounty-5Manan Sanghvibounty-program, bug-bounty, intigriti, idor, hacking13-Sep-2024
Logic Flaw: I Can Block You from Accessing Your Own Accounthttps://medium.com/@hashimamin/logic-flaw-i-can-block-you-from-accessing-your-own-account-63fc2a88bb72?source=rss------bug_bounty-5Hashim Aminbug-bounty-tips, bug-bounty, bugs, ethical-hacking, infosec13-Sep-2024
What is an Open Redirect Vulnerability? And How to Find Ithttps://systemweakness.com/what-is-an-open-redirect-vulnerability-and-how-to-find-it-7d94a3b9d0ef?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, technology, bug-bounty, hacking13-Sep-2024
Log4j Exploit Lab: Reverse Shell with JNDI Exploit Kithttps://medium.com/@josh.beck2006/log4j-exploit-lab-reverse-shell-with-jndi-exploit-kit-21f015204e29?source=rss------bug_bounty-5Josh Beckbug-bounty, cybersecurity, ctf13-Sep-2024
How to find and exploit bugsnag API Keyhttps://medium.com/@socalledhacker/how-to-find-and-exploit-bugsnag-api-key-312e0f216735?source=rss------bug_bounty-5socalledhackercybersecurity, bug-bounty, web-security, bug-bounty-tips, infosec13-Sep-2024
How to Write an Effective Bug Bounty Report: Tips, Structure, and Exampleshttps://infosecwriteups.com/how-to-write-an-effective-bug-bounty-report-tips-structure-and-examples-3248d81dd759?source=rss------bug_bounty-5Abhi Sharmabug-bounty, hacking, bug-bounty-tips, cybersecurity, infosec13-Sep-2024
Finding a easy p4 it can be worth 200$https://medium.com/@loyalonlytoday/finding-a-easy-p4-it-can-be-worth-200-10d6682f6923?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, bug-bounty, bugbounty-writeup, website-hacking, hacking13-Sep-2024
Subdomain Enumeration Part 2 (Manual & Automation)https://osintteam.blog/subdomain-enumeration-part-2-manual-automation-77a46d93e2ed?source=rss------bug_bounty-5Mr Abdullahethical-hacking, hacking, web-hacking, bug-bounty, bug-bounty-tips13-Sep-2024
Unleashing GitHub Dorks: The Ultimate Hack for Finding Hidden Secrets in Bug Bounties!https://enigma96.medium.com/unleashing-github-dorks-the-ultimate-hack-for-finding-hidden-secrets-in-bug-bounties-125b83fd9c93?source=rss------bug_bounty-5enigmagithub-dorking, penetration-testing, bug-bounty, hackin, bug-bounty-tips13-Sep-2024
Stored XSS via Image Uploadhttps://medium.com/@osamamohamed21212121/stored-xss-via-image-upload-b75edecf1e54?source=rss------bug_bounty-5Osamamohamedbug-bounty-tips, bugs, bug-bounty, bug-zero, bug-bounty-writeup13-Sep-2024
IDOR in Bug Bounty Programhttps://medium.com/@osamamohamed21212121/idor-in-bug-bounty-program-8fbbffe32f6e?source=rss------bug_bounty-5Osamamohamedbug-bounty, bugs, bug-bounty-writeup, bug-zero, bug-bounty-tips13-Sep-2024
Mastering Dirsearch: Finding Hidden Web Directorieshttps://medium.com/@bootstrapsecurity/mastering-dirsearch-finding-hidden-web-directories-f57327c06fed?source=rss------bug_bounty-5BootstrapSecurityethical-hacking, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-hunter12-Sep-2024
Computer Security: How Bureaucracies Ignore Unexploded Ordinancehttps://kf106.medium.com/computer-security-how-bureaucracies-ignore-unexploded-ordinance-319e8e931ad5?source=rss------bug_bounty-5Keir Finlow-Batesbureaucracy, bug-bounty, security, cybersecurity, hacker12-Sep-2024
The Secrets to Writing Threat Intelligence Reports That Actually Stop Cyber Attacks!https://medium.com/@paritoshblogs/the-secrets-to-writing-threat-intelligence-reports-that-actually-stop-cyber-attacks-330fd6fc37a5?source=rss------bug_bounty-5Paritoshai, hacking, threat-intelligence, bug-bounty, cybersecurity12-Sep-2024
Password Reset Flaws: Key Methods for Finding Vulnerabilitieshttps://medium.com/@dsmodi484/password-reset-flaws-key-methods-for-finding-vulnerabilities-eb843440e06c?source=rss------bug_bounty-5Dishant Modibug-bounty, vulnerability, bug-bounty-tips, account-takeover, testing12-Sep-2024
Leveraging GreyNoise for Enhanced Threat Detection and Intelligencehttps://medium.com/@ajaynaikhack/leveraging-greynoise-for-enhanced-threat-detection-and-intelligence-437aac815d38?source=rss------bug_bounty-5Ajay Naikrewards, vulnerability, cybersecurity, bug-bounty, threat-detection12-Sep-2024
Insecure Direct Object Reference (IDOR)https://medium.com/@security.tecno/insecure-direct-object-reference-idor-ffecf6cbc211?source=rss------bug_bounty-5TECNO Securitybug-bounty, security, research, hacking12-Sep-2024
Mastering IDOR: The Ultimate Resource Guidehttps://medium.com/@RaunakGupta1922/mastering-idor-the-ultimate-resource-guide-84e44052f70c?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitbug-bounty, hacking, cybersecurity, college, idor12-Sep-2024
[IDOR] View other users’ transaction detailshttps://rhidayah.medium.com/idor-view-other-users-transaction-details-73c0c80aada6?source=rss------bug_bounty-5Rohmad Hidayahbroken-access-control, idor, bug-bounty, idor-vulnerability, information-disclosure12-Sep-2024
Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOShttps://mikko-kenttala.medium.com/zero-click-calendar-invite-critical-zero-click-vulnerability-chain-in-macos-a7a434fc887b?source=rss------bug_bounty-5Mikko Kenttälävulnerability, macos, information-security, bug-bounty12-Sep-2024
Hide & Seek - Hidden Open Redirect | Bug Huntinghttps://mo9khu93r.medium.com/hide-seek-hidden-open-redirect-bug-hunting-88499f5e0e99?source=rss------bug_bounty-5mo9khu93rhacking, pentesting, bug-bounty, cybersecurity, kali-linux12-Sep-2024
Hydra for bruteforcinghttps://medium.com/@tharunteja725_8686/hydra-for-bruteforcing-3784a98bab6a?source=rss------bug_bounty-5Chidurala Tharun tejahacking, oscp, bug-bounty, bug-bounty-tips, cybersecurity12-Sep-2024
How an Open Redirect Vulnerability Got a Bug Bounty of $500https://cyberw1ng.medium.com/how-an-open-redirect-vulnerability-got-a-bug-bounty-of-500-13ece7a987d8?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, technology, bug-bounty, careers, cybersecurity12-Sep-2024
My first Account-take-overhttps://medium.com/@osamamohamed21212121/my-first-account-take-over-f6590c4a3a54?source=rss------bug_bounty-5Osamamohamedbugs, bug-bounty, bug-zero, bug-bounty-writeup, bug-bounty-tips12-Sep-2024
My journey to find CSRF (Cross-Site Request Forgery )https://medium.com/@osamamohamed21212121/my-journey-to-find-csrf-cross-site-request-forgery-ddf1e1bd579d?source=rss------bug_bounty-5Osamamohamedbug-bounty-writeup, bug-bounty-tips, bug-bounty, bugs, bug-zero12-Sep-2024
Stored XSS via File upload(using .svg file Extension )https://ch4ndan.medium.com/stored-xss-via-file-upload-using-svg-file-extension-515e23536d4d?source=rss------bug_bounty-5Ch4ndan dascybersecurity, xss-attack, bug-bounty, bugs, bug-bounty-tips12-Sep-2024
My first XSS: Reflected XSShttps://medium.com/@osamamohamed21212121/my-first-xss-reflected-xss-0949992b94ab?source=rss------bug_bounty-5Osamamohamedbugs, bug-bounty-tips, bug-bounty, bug-zero, bug-bounty-writeup12-Sep-2024
Hack Google Like a Pro: Automate Google Dorks with Bash for Bug Bounties!https://enigma96.medium.com/hack-google-like-a-pro-automate-google-dorks-with-bash-for-bug-bounties-7611818a4bf0?source=rss------bug_bounty-5enigmahacker, bug-bounty, pentesting, bug-bounty-tips, dorks12-Sep-2024
How to learn Game Hacking in 6 minutes | Part 1https://medium.com/@deadoverflow/how-to-learn-game-hacking-in-10-minutes-part-1-19991004fd99?source=rss------bug_bounty-5Imad Husanovicgames, hacking, bug-bounty-tips, bug-bounty, cybersecurity12-Sep-2024
How to learn Game Hacking in 6 minutes | Part 1https://systemweakness.com/how-to-learn-game-hacking-in-10-minutes-part-1-19991004fd99?source=rss------bug_bounty-5Imad Husanovicgames, hacking, bug-bounty-tips, bug-bounty, cybersecurity12-Sep-2024
Introduction to Bug Bounty Huntinghttps://medium.com/@kanishkar22052004/introduction-to-bug-bounty-hunting-183f133c7d0d?source=rss------bug_bounty-5Kanishkarbug-bounty, ethical-hacking, cybersecurity11-Sep-2024
Understanding the OWASP Top 10 in 2024https://bootstrapsecurity.medium.com/understanding-the-owasp-top-10-in-2024-245b600737f9?source=rss------bug_bounty-5BootstrapSecuritybug-bounty-tips, bug-bounty, ethical-hacking, cybersecurity, infosec-write-ups11-Sep-2024
Understanding the OWASP Top 10 in 2024https://medium.com/@bootstrapsecurity/understanding-the-owasp-top-10-in-2024-245b600737f9?source=rss------bug_bounty-5BootstrapSecuritybug-bounty-tips, bug-bounty, ethical-hacking, cybersecurity, infosec-write-ups11-Sep-2024
HTB Academy: Information Gathering — Web Edition (Updated).https://medium.com/@mazalwebdesign/htb-academy-information-gathering-web-edition-updated-50058fdec55e?source=rss------bug_bounty-5maz4lhtb-walkthrough, htb-writeup, penetration-testing, bug-bounty, ethical-hacking11-Sep-2024
API Bug Bounty Hunting: Reconnaissance and Reverse Engineering an APIhttps://towardsdev.com/api-bug-bounty-hunting-reconnaissance-and-reverse-engineering-an-api-1d61f82b5d72?source=rss------bug_bounty-5Adithyakrishna Vcybersecurity, bug-bounty, hacking, api11-Sep-2024
NGINX HTTP/3 QUIC Module Vulnerability -CVE-2024–35200https://infosecwriteups.com/nginx-http-3-quic-module-vulnerability-cve-2024-35200-e2f6aaea2a68?source=rss------bug_bounty-5Ajay Naikbug-bounty, security, cve, vulnerability, rewards11-Sep-2024
BIG-IP HSB vulnerability CVE-2024–39778https://medium.com/@ajaynaikhack/big-ip-hsb-vulnerability-cve-2024-39778-9fd33cc4d5e5?source=rss------bug_bounty-5Ajay Naikrewards-and-recognition, vulnerability, bug-bounty, security11-Sep-2024
Why Django’s [DEBUG=True] is a Goldmine for Hackershttps://medium.com/@verylazytech/why-djangos-debug-true-is-a-goldmine-for-hackers-01486289607d?source=rss------bug_bounty-5Very Lazy Techhacking, cybersecurity, django, bug-bounty, misconfiguration11-Sep-2024
Best Bug Bounty and Pentesting Methodology for Beginners(Step By Step)https://medium.com/@shaikhminhaz1975/best-bug-bounty-and-pentesting-methodology-for-beginners-step-by-step-b6167128156a?source=rss------bug_bounty-5Shaikh Minhazcybersecurity, methodology, penetration-testing, bug-bounty, ethical-hacking11-Sep-2024
MY First Bug Hunt: A Beginner’s Guide to Cybersecurity with Google Dorkshttps://medium.com/@KpCyberInfo/my-first-bug-hunt-a-beginners-guide-to-cybersecurity-with-google-dorks-b62a28214d38?source=rss------bug_bounty-5Krunal Patelbug-bounty, cybersecurity, google-dork, beginner, security11-Sep-2024
How Finding an SQL Injection Vulnerability Earned a $1000 Bug Bountyhttps://systemweakness.com/how-finding-an-sql-injection-vulnerability-earned-a-1000-bug-bounty-af2ee0b62f6c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, technology, bug-bounty, hacking11-Sep-2024
Interesting Story of an Account Takeover Vulnerabilityhttps://medium.com/@deepanshudev369/interesting-story-of-an-account-takeover-vulnerability-140a45a058a3?source=rss------bug_bounty-5Deepanshu(golu369)cybersecurity, ethical-hacking, vulnerability-assessment, bug-bounty, research11-Sep-2024
P4 bug’s and their POC steps | Part 2https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-2-17b6583c57d9?source=rss------bug_bounty-5socalledhackerweb-security, hacking, bug-bounty-tips, vulnerability, bug-bounty11-Sep-2024
Pemburuan Hacker Penpie: Menyediakan Hingga 10% dari Dana yang Dikembalikan sebagai Hadiahhttps://blog.penpiexyz.io/pemburuan-hacker-penpie-menyediakan-hingga-10-dari-dana-yang-dikembalikan-sebagai-hadiah-6e81cc0f610b?source=rss------bug_bounty-50xJultoshidefi, bahasa, bug-bounty, investasi, crypto11-Sep-2024
Primary Hacking School #1 Installing Kalihttps://medium.com/@nnface/primary-hacking-school-1-installing-kali-a3e249c41730?source=rss------bug_bounty-5NnFacebug-bounty, cybersecurity, hacking, linux, kali-linux11-Sep-2024
How I Stole a Player Spot with Simple XSShttps://medium.com/@ali_guell/how-i-stole-a-player-spot-with-simple-xss-6a8fa2776a84?source=rss------bug_bounty-5black_wheatearwriteup, bug-bounty, hacking, web-development, cybersecurity11-Sep-2024
Securing Your Applications Against CSRF Attacks: Best Practices for Cybersecurity Expertshttps://medium.com/@kpishear/securing-your-applications-against-csrf-attacks-best-practices-for-cybersecurity-experts-4e572b9fc032?source=rss------bug_bounty-5kpishearbug-bounty, tech, cybersecurity, trading, technology10-Sep-2024
Free Bug Bounty Course For Beginners ️https://medium.com/@amanktec12/free-bug-bounty-course-for-beginners-%EF%B8%8F-f126b9907c96?source=rss------bug_bounty-5Cyberxealfree-bug-hunting-course, free, course, bug-bounty, bug-hunting10-Sep-2024
Would you mind to tell me what your bank balance is? No? Okay, I’ll hack it.https://infosecwriteups.com/would-you-mind-to-tell-me-what-your-bank-balance-is-no-okay-ill-hack-it-b3f49810cfe2?source=rss------bug_bounty-5Manav Bankatwalabank-hack, cybersecurity, information-security, idor, bug-bounty10-Sep-2024
My first Hall of Fame (HoF) | Bug Bounty Journey.https://rivudon.medium.com/my-first-hall-of-fame-hof-bug-bounty-journey-59a56b1e96c2?source=rss------bug_bounty-5Rivek Raj Tamang ( RivuDon )bug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips, infosec-writeup10-Sep-2024
The “Who Needs Secure Attachments Anyway?” Sagahttps://medium.com/@shobitsharma/the-who-needs-secure-attachments-anyway-saga-6026dc61a371?source=rss------bug_bounty-5Shobit Sharmabug-bounty, cybersecurity, bug-bounty-tips, infosec-write-ups, bug-bounty-writeup10-Sep-2024
How Hackers Can Steal Your Data in 15 Secondshttps://medium.com/@kerstan/how-hackers-can-steal-your-data-in-15-seconds-798bbed9cbac?source=rss------bug_bounty-5kerstanhacking, cybersecurity, bug-bounty10-Sep-2024
Basic Challenge Level 11https://aftab700.medium.com/basic-challenge-level-11-eaa689246c31?source=rss------bug_bounty-5Aftab Samactf, cybersecurity, information-security, bug-bounty, ethical-hacking10-Sep-2024
Basic Challenge Level 10https://aftab700.medium.com/basic-challenge-level-10-afaac3919778?source=rss------bug_bounty-5Aftab Samacybersecurity, bug-bounty, ctf-writeup, ctf, information-security10-Sep-2024
Basic Challenge Level 9https://aftab700.medium.com/basic-challenge-level-9-588ab110cc2d?source=rss------bug_bounty-5Aftab Samactf-writeup, ctf, bug-bounty, information-security, cybersecurity10-Sep-2024
OWASP top 10 A09:Security Logging and Monitoring failureshttps://medium.com/@shivamsharma.ss484/owasp-top-10-a09-security-logging-and-monitoring-failures-e2f4bdc50fbe?source=rss------bug_bounty-5Shivamsharmaowasp, hacking, cybersecurity, owasp-top-10, bug-bounty10-Sep-2024
‘find’ command for Reconhttps://medium.com/@DatBoyBlu3/find-command-for-recon-4f3cf296c5d5?source=rss------bug_bounty-5Daniel Edwardscybersecurity, linux, bug-bounty, unix, penetration-testing10-Sep-2024
Top Reconnaissance Tools for Ethical Security Testinghttps://medium.com/@ajaynaikhack/top-reconnaissance-tools-for-ethical-security-testing-2b4088106b81?source=rss------bug_bounty-5Ajay Naikreconnaissance, ethical-hacking, bug-bounty, rewards, vulnerability10-Sep-2024
Introducing FavFreak: Unlock the Power of Favicon Hashing for Bug Bounty Huntinghttps://medium.com/@unreal_umber_hyena_37/introducing-favfreak-unlock-the-power-of-favicon-hashing-for-bug-bounty-hunting-0361dbb629c3?source=rss------bug_bounty-5Cyber Sentinel Xsecurity, cybersecurity, penetration-testing, bug-bounty, ethical-hacking10-Sep-2024
How I got RCE on an Indian university without admin credentials Tale of directory listing, SQL…https://medium.com/@alimuhammadsecured/how-i-got-rce-on-an-indian-university-without-admin-credentials-tale-of-directory-listing-sql-1f77e2933011?source=rss------bug_bounty-5Alimuhammadsecuredbug-bounty, bug-bounty-writeup, ctf, rce, hacking10-Sep-2024
TryHackMe | Simple CTF | Walkthrough | By HexaHunterhttps://hexahunter.medium.com/tryhackme-simple-ctf-walkthrough-by-hexahunter-b9457e4d7d16?source=rss------bug_bounty-5Momal Nazweb-security, penetration-testing, tryhackme-walkthrough, ctf-writeup, bug-bounty09-Sep-2024
Mastering Reconnaissance with Nmap: Unveiling Your Target’s Secretshttps://infosecwriteups.com/mastering-reconnaissance-with-nmap-unveiling-your-targets-secrets-ec940d05a140?source=rss------bug_bounty-5Ajay Naikcybersecurity, information-security, nmap, bug-bounty, infosec-write-ups09-Sep-2024
Self-XSS to ATO via Quick Login featurehttps://thecatfather.medium.com/self-xss-to-ato-via-quick-login-feature-532df12d1c08?source=rss------bug_bounty-5The CatFatherbug-bounty-writeup, bug-bounty, bug-bounty-tips09-Sep-2024
Exploiting Firestore Database Rules: A Pathway to Data Breacheshttps://medium.com/@S3THU/exploiting-firestore-database-rules-a-pathway-to-data-breaches-aa945476cc16?source=rss------bug_bounty-5Sethu Satheeshfirebase, hacking, cybersecurity, bug-bounty, pentesting09-Sep-2024
Google Dorks for Bug Bounty Part 3: Exposing Hidden Admin Panels & Login Portalshttps://enigma96.medium.com/google-dorks-for-bug-bounty-part-3-exposing-hidden-admin-panels-login-portals-52b600e3f10b?source=rss------bug_bounty-5enigmabug-bounty, bug-bounty-tips, pentesting, hacking, penetration-testing09-Sep-2024
2nd Order SQL Injectionhttps://medium.com/@bountyget/2nd-order-sql-injection-e2ac60e792a4?source=rss------bug_bounty-5Dhiren Kumar Pradhanbug-bounty-tips, sql-injection, cybersecurity, penetration-testing, bug-bounty09-Sep-2024
{إِنَّ اللَّهَ وَمَلائِكَتَهُ يُصَلُّونَ عَلَى النَّبِيِّ يَا أَيُّهَا الَّذِينَ آمَنُوا صَلُّوا…https://medium.com/@mahdisalhi0500/%D8%A5%D9%90%D9%86%D9%8E%D9%91-%D8%A7%D9%84%D9%84%D9%8E%D9%91%D9%87%D9%8E-%D9%88%D9%8E%D9%85%D9%8E%D9%84%D8%A7%D8%A6%D9%90%D9%83%D9%8E%D8%AA%D9%8E%D9%87%D9%8F-%D9%8A%D9%8F%D8%B5%D9%8E%D9%84%D9%8F%D9%91%D9%88%D9%86%D9%8E-%D8%B9%D9%8E%D9%84%D9%8E%D9%89-%D8%A7%D9%84%D9%86%D9%8E%D9%91%D8%A8%D9%90%D9%8A%D9%90%D9%91-%D9%8A%D9%8E%D8%A7-%D8%A3%D9%8E%D9%8A%D9%8F%D9%91%D9%87%D9%8E%D8%A7-%D8%A7%D9%84%D9%8E%D9%91%D8%B0%D9%90%D9%8A%D9%86%D9%8E-%D8%A2%D9%85%D9%8E%D9%86%D9%8F%D9%88%D8%A7-%D8%B5%D9%8E%D9%84%D9%8F%D9%91%D9%88%D8%A7-4cdb13f5ff52?source=rss------bug_bounty-5CaptinSHArky(Mahdi)hacking, information-security, ethical-hacking, bug-bounty, information-technology09-Sep-2024
SQL Injection Attack, Listing the Database Contents on Non-Oracle Databaseshttps://medium.com/@marduk.i.am/sql-injection-attack-listing-the-database-contents-on-non-oracle-databases-825485566585?source=rss------bug_bounty-5Marduk I Ambug-bounty, portswigger-lab, sqli, information-security, sql-injection09-Sep-2024
Hunting for Hidden API Endpoints Using Katana and Hakralerhttps://anasbetis023.medium.com/hunting-for-hidden-api-endpoints-using-katana-and-hakraler-ba0bd6b9611f?source=rss------bug_bounty-5Anas H Hmaidybug-bounty, penetration-testing, bug-bounty-tips, cybersecurity09-Sep-2024
Optimal Ethical Hacker Setup for Penetration Testinghttps://infosecwriteups.com/optimal-ethical-hacker-setup-for-penetration-testing-4847a8afbe45?source=rss------bug_bounty-5Ajay Naiksecurity, bug-bounty, vulnerability, desktop09-Sep-2024
Unveiling Hidden Threats: Advanced Recon Techniques and the Path to Automationhttps://medium.com/@rootspaghetti/unveiling-hidden-threats-advanced-recon-techniques-and-the-path-to-automation-4c1b3dd885a3?source=rss------bug_bounty-5Root@Spaghettibug-bounty-tips, bug-bounty, hacking09-Sep-2024
P4 bug’s and their POC steps | Part 1https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-1-1cef0152d1a5?source=rss------bug_bounty-5socalledhackervulnerability, p4-bugs, hacking, web-app-security, bug-bounty09-Sep-2024
How HTTP Request Smuggling Vulnerability Gets You a $750 Bug Bountyhttps://cyberw1ng.medium.com/how-http-request-smuggling-vulnerability-gets-you-a-750-bug-bounty-3dfe9063fd8d?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, cybersecurity, technology09-Sep-2024
Introducing CorScan: A Comprehensive Tool for CORS Vulnerability Detectionhttps://angixblack.medium.com/introducing-corscan-a-comprehensive-tool-for-cors-vulnerability-detection-4ce83be6870e?source=rss------bug_bounty-5Angix blackpenetration-testing, bug-bounty, cors, bugbounty-automation, corscan09-Sep-2024
Lap 1: JWT authentication bypass via unverified signaturehttps://abdelrahmansalaheldeen.medium.com/lap-1-jwt-authentication-bypass-via-unverified-signature-8e450a7b2f59?source=rss------bug_bounty-5Abdelrahman Salaheldeencybersecurity, web-application-security, web-app-pentesting, jwt, bug-bounty08-Sep-2024
The Only Oscp Tip You Needhttps://medium.com/@issam.qsous/the-only-oscp-tip-you-need-cfac65948f68?source=rss------bug_bounty-5Essam Qsousoscp, bug-bounty, cybersecurity, pentesting, hacking08-Sep-2024
JSON Web Token attacks (JWT)https://abdelrahmansalaheldeen.medium.com/json-web-token-attacks-jwt-c082d76f3e4c?source=rss------bug_bounty-5Abdelrahman Salaheldeenjwt, web-penetration-testing, web-application-security, bug-bounty, cybersecurity08-Sep-2024
0-Click Mass Account Takeover via Password Reset Functionalityhttps://0d-samii.medium.com/0-click-mass-account-takeover-via-password-reset-functionality-68cdf27e028d?source=rss------bug_bounty-50d_samiibugs, bug-bounty-tips, bug-bounty, cybersecurity08-Sep-2024
How To Stay Ahead of 99% of Bug Bounty Huntershttps://bevijaygupta.medium.com/how-to-stay-ahead-of-99-of-bug-bounty-hunters-d77030705ed5?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bugs, hackthebox, bug-bounty, bounty-hunter08-Sep-2024
Discovering a Stored XSS Vulnerability on a Bug Bounty Programhttps://anmolvishwakarma7466.medium.com/discovering-a-stored-xss-vulnerability-on-a-bug-bounty-program-8dad1b475695?source=rss------bug_bounty-5Anmolvishwakarmaxss-attack, appsec, bug-bounty-tips, bug-bounty, bug-bounty-writeup08-Sep-2024
Found Bugs, Got Paid, Stayed Poor: Making a Living with Bug Bountieshttps://bevijaygupta.medium.com/found-bugs-got-paid-stayed-poor-making-a-living-with-bug-bounties-a30355564d32?source=rss------bug_bounty-5Vijay Guptamoney-making-ideas, bug-bounty-tips, bug-bounty, money-management, bugs08-Sep-2024
Nmap: The Best Network Scanning Utility for Security Experthttps://medium.com/@mohanmecktro/nmap-the-best-network-scanning-utility-for-security-expert-ea7a6fd01efb?source=rss------bug_bounty-5Mohan Mecktrobug-bounty-hunter, penetration-testing, bug-bounty, nmap, kali-linux-tools08-Sep-2024
How I Become Google HOFhttps://medium.com/@lijoparappur/how-i-become-google-hof-ef697b8b5963?source=rss------bug_bounty-5Lijoparappurbug-bounty, google-hacking08-Sep-2024
How i found xss in goverment website with one tools.https://medium.com/@sulthanyluthfi/how-i-found-xss-in-goverment-website-with-one-tools-5dd5d431ed03?source=rss------bug_bounty-5Luthfi Sulthanyxss-attack, bug-bounty, linux, penetration-testing, cybersecurity08-Sep-2024
Day 30of 30 Day — 30 Vulnerabilities | Cross-Site Request Forgery (CSRF)https://medium.com/@kumawatabhijeet2002/day-30of-30-day-30-vulnerabilities-cross-site-request-forgery-csrf-062ff53c5efd?source=rss------bug_bounty-5Abhijeet kumawat30dayswritingchallenge, bug-bounty, bug-bounty-tips, csrf08-Sep-2024
My recon methodology for hunting CVE-2021–42063 led to discovering an RXSS vulnerability in the…https://medium.com/@karthithehacker/my-recon-methodology-for-hunting-cve-2021-42063-led-to-discovering-an-rxss-vulnerability-in-the-27a7aa435fd3?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, infosec, bugbounty-writeup, ethical-hacking, cybersecurity08-Sep-2024
The Weak Link in Two-Factor Authentication: Exploiting Reusable OTPshttps://medium.com/@tusharpuri6/the-weak-link-in-two-factor-authentication-exploiting-reusable-otps-ed30bd8bf4da?source=rss------bug_bounty-5Tusharpurioffensive-security, bug-bounty, penetration-testing, vulnerability, application-security08-Sep-2024
OWASP top 10 A08:Software and Data Integrity Failureshttps://medium.com/@shivamsharma.ss484/owasp-top-10-a08-software-and-data-integrity-failures-bd41b5f9db2c?source=rss------bug_bounty-5Shivamsharmaowasp-top-10, bug-bounty, cybersecurity, hacking, owasp08-Sep-2024
Post-Exploitation Techniques: What Happens After a Hack?https://cyberw1ng.medium.com/post-exploitation-techniques-what-happens-after-a-hack-961ddc068fb6?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, technology, hacking, cybersecurity, careers08-Sep-2024
Post-Exploitation Techniques: What Happens After a Hack?https://systemweakness.com/post-exploitation-techniques-what-happens-after-a-hack-961ddc068fb6?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, technology, hacking, cybersecurity, careers08-Sep-2024
Bug Bounty Road ️ Map ️https://osintteam.blog/bug-bounty-road-%EF%B8%8F-map-%EF%B8%8F-b42c14750a6a?source=rss------bug_bounty-5Mr Abdullahbug-bounty-roadmap, bug-bounty, bug-bounty-writeup, ethical-hacking, cybersecurity07-Sep-2024
Users without roles are able to find out whether the “Invite other people” feature on a Pinterest…https://rhidayah.medium.com/users-without-roles-are-able-to-find-out-whether-the-invite-other-people-feature-on-a-pinterest-b1cf86305337?source=rss------bug_bounty-5Rohmad Hidayahpinterest, bug-bounty, privacy, business-logic-flaw07-Sep-2024
Exploiting the Silent Threat: Time-Based Blind SQL Injection via the Object_ID Parameterhttps://harshit3.medium.com/exploring-time-based-blind-sql-injection-vulnerability-via-the-object-id-parameter-7cd377c6e00d?source=rss------bug_bounty-5Harshitowasp, vulnerability, cybersecurity, bug-bounty, information-security07-Sep-2024
Account takeover through no rate limitshttps://rhidayah.medium.com/account-takeover-through-no-rate-limits-3d7a82a69779?source=rss------bug_bounty-5Rohmad Hidayahaccount-takeover, no-rate-limit, bug-bounty, broken-authentication07-Sep-2024
The Rise of AI in Cybersecurity: Opportunities and Threatshttps://bootstrapsecurity.medium.com/the-rise-of-ai-in-cybersecurity-opportunities-and-threats-531b42f9bef9?source=rss------bug_bounty-5BootstrapSecuritybug-bounty-tips, bug-bounty, cybersecurity, ethical-hacking, ai-in-cybersecurity07-Sep-2024
how i finded a google map it’s worths 300$https://systemweakness.com/how-i-finded-a-google-map-its-worths-300-9fe5fe32e6de?source=rss------bug_bounty-5loyalonlytodaybugs, penetration-testing, hacking, bug-bounty, bug-bounty-tips07-Sep-2024
Subdomain Takeover : The Hacker’s Jackpot (And How You Can Hit It Too!)https://medium.com/@Kaizen2977/subdomain-takeover-the-hackers-jackpot-and-how-you-can-hit-it-too-76d49b916bc1?source=rss------bug_bounty-5Kapil Chotaliabug-bounty, subdomain-takeover, subdomains-enumeration, hacking, penetration-testing07-Sep-2024
Users without roles are able to find out whether the “Invite other people” feature on a Pinterest…https://rhidayah.medium.com/users-without-roles-are-able-to-find-out-whether-the-invite-other-people-feature-on-a-pinterest-b1cf86305337?source=rss------bug_bounty-5Rohmad Hidayahpinterest, bug-bounty, privacy, bugcrowd, business-logic-flaw07-Sep-2024
Day 29 of 30 Day — 30 Vulnerabilities | Remote Code Execution (RCE)https://medium.com/@kumawatabhijeet2002/day-29-of-30-day-30-vulnerabilities-remote-code-execution-rce-eb3f8f7ccf62?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, rce, bug-bounty, 30dayswritingchallenge, remote-code-execution07-Sep-2024
Vulnerability Scannerhttps://medium.com/@hydra_/vulnerability-scanner-1ad628218979?source=rss------bug_bounty-5hydrabug-bounty, vulnerability-scanner, infosec07-Sep-2024
Understanding window.postMessage() and Its XSS Riskshttps://medium.com/@spideyyy/understanding-window-postmessage-and-its-xss-risks-5a96bcd90428?source=rss------bug_bounty-5spideycybersecurity, bug-bounty, web-security, hacking, xss-attack07-Sep-2024
Find Your First 5 Bug Bounties in Easy Wayshttps://infosecwriteups.com/find-your-first-5-bug-bounties-in-easy-ways-3aaca5c57a2d?source=rss------bug_bounty-5Subh Dhunganahackerone, infosec, cybersecurity, bug-bounty, hacking07-Sep-2024
My recon methodology for hunting CVE-2021–42063 led to discovering an RXSS vulnerability in the…https://medium.com/@karthithehacker/my-recon-methodology-for-hunting-cve-2021-42063-led-to-discovering-an-rxss-vulnerability-in-the-80bd4ca0f623?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, infosec, cybersecurity07-Sep-2024
Hunting in the Cyber World: Effective Recon Strategies for a Successful Bug Bountyhttps://medium.com/@rootspaghetti/hunting-in-the-cyber-world-effective-recon-strategies-for-a-successful-bug-bounty-8ec5f27bd9ae?source=rss------bug_bounty-5Root@Spaghettibug-bounty, cybersecurity, hacking, bug-bounty-tips07-Sep-2024
850$ IDOR:Unauthorized Session Revokation of any userhttps://infosecwriteups.com/850-idor-unauthorized-session-revokation-of-any-user-93f9cb92fdfe?source=rss------bug_bounty-5Abhi Sharmacybersecurity, infosec, idor, bug-bounty, programming07-Sep-2024
Google Dorks Secrets: Discover Hidden Endpoints & Parameters with Google Dorkshttps://enigma96.medium.com/google-dorks-secrets-discover-hidden-endpoints-parameters-with-google-dorks-7c3bb3257ef9?source=rss------bug_bounty-5enigmaweb-security-testing, hacking, bug-bounty-tips, bug-bounty, penetration-testing07-Sep-2024
cyberExploring Client-Side Desync: Understanding the Risk and Mitigating the Threathttps://cyberw1ng.medium.com/cyberexploring-client-side-desync-understanding-the-risk-and-mitigating-the-threat-b375dec78f21?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, technology, cybersecurity, careers07-Sep-2024
Day 28 of 30 Day — 30 Vulnerabilities | DOM-based XSShttps://medium.com/@kumawatabhijeet2002/day-28-of-30-day-30-vulnerabilities-dom-based-xss-e7bfadc56b2f?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, 30dayswritingchallenge, bug-bounty-tips, dom-based-xss06-Sep-2024
Bounty Hunter’s Handbook: Practical Tips for Bug Huntinghttps://medium.com/@security.tecno/bounty-hunters-handbook-practical-tips-for-bug-hunting-b3a8b03d1101?source=rss------bug_bounty-5TECNO Securityhacking, hunting, tips, bug-bounty06-Sep-2024
[$12000] 3 Critical 0-click TikTok Account Takeover Vulnerabilities, 2FA bypass & more security…https://vojtechcekal.medium.com/12000-3-critical-0-click-tiktok-account-takeover-vulnerabilities-2fa-bypass-more-security-78554827cfc3?source=rss------bug_bounty-5Vojtech Cekalvulnerability, bug-bounty-writeup, bug-bounty-tips, cybersecurity, bug-bounty06-Sep-2024
OAuth Based CSRF: Exploiting The Flaw In Implementation Of State Parameterhttps://medium.com/@cyberpro151/oaauth-based-csrf-exploiting-the-flaw-in-implementation-of-state-parameter-36bfae68aa65?source=rss------bug_bounty-5cyberpro151bug-bounty, cybersecurity, appsec, hacking, pentest06-Sep-2024
Google Map API Key Exposure $$$ | Just 2 Minutes | Don’t Miss Your Bountyhttps://dkcyberz.medium.com/google-map-api-key-exposure-just-2-minutes-dont-miss-your-bounty-380eac7b9dd9?source=rss------bug_bounty-5Harpy Hunterbug-bounty-tips, bugbounty-writeup, google-map-api, bug-bounty, owasp-top-1006-Sep-2024
Google Dork Mastery Part 1 : Finding Hidden Critical Files with Google Dorks Like a Prohttps://enigma96.medium.com/google-dork-mastery-part-1-finding-hidden-critical-files-with-google-dorks-like-a-pro-d28ad159e9ae?source=rss------bug_bounty-5enigmapenetration-testing, hacking, bug-bounty-tips, web-security, bug-bounty06-Sep-2024
Master Mobile Traffic Hacking: Intercept Android App Data with Burp Suitehttps://medium.com/@WillFromSwiss/master-mobile-traffic-hacking-intercept-android-app-data-with-burp-suite-9278163310ad?source=rss------bug_bounty-5WillFromSwisscybersecurity, application-security, hacking, android, bug-bounty06-Sep-2024
As Luck Would Have It — tales of good fortune in bug bountyhttps://medium.com/@l_s_/as-luck-would-have-it-tales-of-good-fortune-in-bug-bounty-9c56d31b3ef5?source=rss------bug_bounty-5LSinfosec, information-security, bug-bounty-writeup, hacking, bug-bounty06-Sep-2024
How I Explored Further and Chained HTTP Request Smuggling with Other Vulnerabilitieshttps://cyberw1ng.medium.com/how-i-explored-further-and-chained-http-request-smuggling-with-other-vulnerabilities-cfb974e1e8aa?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, technology, hacking, bug-bounty, cybersecurity06-Sep-2024
How 100% Manual Hacking (Without Even Kali And Burp) Led To 2 Medium Vulnerabilities On YesWeHackhttps://medium.com/@manan_sanghvi/how-100-manual-hacking-without-even-kali-and-burp-led-to-2-medium-vulnerabilities-on-yeswehack-bbda00fcd84e?source=rss------bug_bounty-5Manan Sanghvivulnerability, bug-bounty, xss-attack, cybersecurity, ethical-hacking05-Sep-2024
Day 27 of 30 Day — 30 Vulnerabilities | Server-Side Template Injection (SSTI)https://medium.com/@kumawatabhijeet2002/day-27-of-30-day-30-vulnerabilities-server-side-template-injection-ssti-f12c851d7e08?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, server-side-technology, 30dayswritingchallenge, ssti, bug-bounty-tips05-Sep-2024
Exploiting Salesforce Lightning Permissions Issueshttps://medium.com/@theodorejackson.us/exploiting-salesforce-lightning-permissions-issues-5c04f202c887?source=rss------bug_bounty-5Ted Jacksonpentesting, bug-bounty, security, salesforce, cybersecurity05-Sep-2024
RCE Exploits Explained: Techniques & Tools in 2024https://bootstrapsecurity.medium.com/rce-exploits-explained-techniques-tools-in-2024-79dbbbc67ba6?source=rss------bug_bounty-5BootstrapSecurityethical-hacking, vulnerability-assessment, cybersecurity, bug-bounty-tips, bug-bounty05-Sep-2024
What is WAF? & Secret Techniques to Bypass Ithttps://medium.com/huntersec-security/what-is-waf-secret-techniques-to-bypass-it-2a4de4768131?source=rss------bug_bounty-5Ajay Naikbug-bounty, firewall-security, infosec05-Sep-2024
SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuffhttps://medium.com/@ali.zamini/ssti-in-bug-bounty-program-the-time-i-played-with-handlebars-and-broke-stuff-7dc1f9834a3d?source=rss------bug_bounty-5Ali Zaminibug-hunting, bug-bounty, hacking, web-app-pentesting, ssti05-Sep-2024
Blocking Users from Registrationhttps://medium.com/@patidarbhuwan44/blocking-users-from-registration-e3a584f25e4b?source=rss------bug_bounty-5Bhuwan Patidarbug-bounty, hacking, bug-bounty-tips, web, cybersecurity05-Sep-2024
Uncover Hidden Subdomains with Sublist3r and curl: Boost Your Bug Hunting Successhttps://enigma96.medium.com/uncover-hidden-subdomains-with-sublist3r-and-curl-boost-your-bug-hunting-success-a80b180a9377?source=rss------bug_bounty-5enigmabug-bounty, bug-bounty-tips, penetration-testing, hacking, web-security05-Sep-2024
Find SSRF , LFI , XSS using httpx , waybackurls , gf , gau , qsreplacehttps://medium.com/@SatyamPathania/find-ssrf-lfi-xss-using-httpx-waybackurls-gf-gau-qsreplace-96c4794e404c?source=rss------bug_bounty-5Satyam Pathaniaearn-money-online, cybersecurity, bug-bounty, hacking, money05-Sep-2024
Cybersecurity 101 : Subdomain Scanner ทำงานยังไง ?https://medium.com/@nengapi/cybersecurity-101-subdomain-scanner-%E0%B8%97%E0%B8%B3%E0%B8%87%E0%B8%B2%E0%B8%99%E0%B8%A2%E0%B8%B1%E0%B8%87%E0%B9%84%E0%B8%87-04c9993620ed?source=rss------bug_bounty-5Neng Apichetsubdomain, bug-bounty, subdomain-enumeration, cybersecurity05-Sep-2024
Practical Bug Bounty — TCM Academy | Automated Toolshttps://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-automated-tools-ed177aab16f6?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamiweb-penetration-testing, bug-bounty, penetration-testing, ethical-hacking, cybersecurity05-Sep-2024
Dependency Confusion: A Namespace Takeover Storyhttps://medium.com/@sakshirathore3478/dependency-confusion-a-namespace-takeover-story-fa334533bd50?source=rss------bug_bounty-5Sakshi Rathorebug-bounty-tips, webapplicationpentest, bug-bounty, cybersecurity, bug-bounty-hunter05-Sep-2024
Reflected XSS | US Department of Education Recognitionhttps://codingninjablogs.tech/reflected-xss-us-department-of-education-recognition-270ec27e7f5f?source=rss------bug_bounty-5#$ubh@nk@rvulnerability, bug-bounty, cybersecurity, infosec, hacking05-Sep-2024
My first Bug : Uncovering a Reflected XSS with a Simple Payloadhttps://medium.com/@firdansp/my-first-bug-uncovering-a-reflected-xss-with-a-simple-payload-270b5e3742bb?source=rss------bug_bounty-5Firda Nureliaxs, bug-bounty, bug-bounty-tips, xss-vulnerability, writeup05-Sep-2024
How I Discovered an HTTP Request Smuggling Vulnerability in a Major Web Consolehttps://cyberw1ng.medium.com/how-i-discovered-an-http-request-smuggling-vulnerability-in-a-major-web-console-5188b2b4c539?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, technology, bug-bounty, cybersecurity05-Sep-2024
Hidden Reflected XSS on 403 Page.https://medium.com/@Hacker_Yogi/hidden-reflected-xss-on-403-page-0cbb46683138?source=rss------bug_bounty-5Ruben (Hacker_Yogi)pentesting, bug-bounty-tips, information-security, xss-attack, bug-bounty05-Sep-2024
Broken Authentication Leads to the Ability to Unsubscribe Other Users' Payment Remindershttps://medium.com/@blackarazi/broken-authentication-leads-to-the-ability-to-unsubscribe-other-users-payment-reminders-0fdb1a63edec?source=rss------bug_bounty-5Azhari Harahapbug-bounty, broken-authentication, api-security, application-security, bug-bounty-writeup04-Sep-2024
Ultimate FFUF Cheatsheet: Advanced Fuzzing Tactics for Pro Bug Hunters!https://medium.com/h7w/ultimate-ffuf-cheatsheet-advanced-fuzzing-tactics-for-pro-bug-hunters-492598750150?source=rss------bug_bounty-5Khaleel Khanhacking-tools, bug-bounty, hacking, cybersecurity, infosec04-Sep-2024
dirsearch: Panduan Lengkap untuk Pengumpulan Informasi Web yang Efektif!https://medium.com/@adriansyah1230/dirsearch-panduan-lengkap-untuk-pengumpulan-informasi-web-yang-efektif-c7fdee43b2d4?source=rss------bug_bounty-5Adrian Syah Abidinbug-bounty, cybersecurity, infosec, dirsearch, pentesting04-Sep-2024
Aquatone: Solusi Cerdas untuk Inspeksi Visual Website yang Mendalam!https://medium.com/@adriansyah1230/aquatone-solusi-cerdas-untuk-inspeksi-visual-website-yang-mendalam-68811f0735c7?source=rss------bug_bounty-5Adrian Syah Abidincybersecurity, aquatone, keamanan-informasi, bug-bounty, infosec04-Sep-2024
A Comprehensive Guide to FFUF for Bug Huntershttps://maelstromenigma.medium.com/a-comprehensive-guide-to-ffuf-for-bug-hunters-76942e90f92b?source=rss------bug_bounty-5enigmawebservices-testing, bug-bounty-tips, bug-bounty, bug-hunting, recon04-Sep-2024
Nmap: Pemindai Keamanan Jaringan yang Kuat dan Alat Unggulan untuk Pengumpulan Informasi!https://medium.com/@adriansyah1230/nmap-pemindai-keamanan-jaringan-yang-kuat-dan-alat-unggulan-untuk-pengumpulan-informasi-ce2186eda0d1?source=rss------bug_bounty-5Adrian Syah Abidinnmap-command, cybersecurity, infosec, bug-bounty, nmap04-Sep-2024
Subdomain Enumeration | BBOT ✅>= Subfinder + Sublist3r + Assetfinder + Amasshttps://dkcyberz.medium.com/bbot-subfinder-sublist3r-assetfinder-amass-subdomain-enumeration-c42bbbf76052?source=rss------bug_bounty-5Harpy Hunterbug-bounty, subdomain-takeover, bugbounty-tips, subdomains-enumeration, bugbounty-writeup04-Sep-2024
OWASP Amass: Alat Canggih untuk Pengumpulan Informasi dan Strategi Pemetaan Serangan yang Efektif!https://medium.com/@adriansyah1230/owasp-amass-alat-canggih-untuk-pengumpulan-informasi-dan-strategi-pemetaan-serangan-yang-efektif-7859ad0515ad?source=rss------bug_bounty-5Adrian Syah Abidinmassa, owasp, bug-bounty, pentest, cybersecurity04-Sep-2024
Day 26 of 30 Day — 30 Vulnerabilities | Race Conditionshttps://medium.com/@kumawatabhijeet2002/day-26-of-30-day-30-vulnerabilities-race-conditions-e6b761e006b1?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, bug-bounty, 30dayswritingchallenge, race-condition04-Sep-2024
reNgine: Framework Otomatisasi Terbaik untuk Pengumpulan Informasi dan Pengujian Penetrasi Web!https://medium.com/@adriansyah1230/rengine-framework-otomatisasi-terbaik-untuk-pengumpulan-informasi-dan-pengujian-penetrasi-web-13e338edff02?source=rss------bug_bounty-5Adrian Syah Abidininfosec, bug-bounty, keamanan-informasi, rengine, cybersecurity04-Sep-2024
Exploring the World of `magicRecon`: A Fun Guide to Target Information Gatheringhttps://medium.com/@rootspaghetti/exploring-the-world-of-magicrecon-a-fun-guide-to-target-information-gathering-03a9e2bb7e39?source=rss------bug_bounty-5Root@Spaghetticybersecurity, bug-bounty-tips, hacking, bug-bounty04-Sep-2024
Zomatoooo! IDOR in Saved Paymentshttps://prateeksrivastavaa.medium.com/zomatoooo-idor-in-saved-payments-f8c014879741?source=rss------bug_bounty-5Prateek Srivastavabug-bounty-writeup, bug-bounty, cybersecurity, penetration-testing, bug-bounty-tips04-Sep-2024
Openredirect CSRF SSRF XSS And Sqli vulnerabilityhttps://medium.com/@shadowhackr_87285/openredirect-csrf-ssrf-xss-and-sqli-vulnerability-6a9f3a5662e2?source=rss------bug_bounty-5Shadowhackrxss-attack, cybersecurity, bug-bounty, vulnerability, sql04-Sep-2024
Zero-Day Exploits: An Inconspicuous Dangerhttps://medium.com/@mohanmecktro/zero-day-exploits-an-inconspicuous-danger-7e3ca32c164e?source=rss------bug_bounty-5Mohan Mecktrobug-bounty-tips, cyber, cybersecurity, bug-bounty, hacking04-Sep-2024
Decoding the Enigma: A Deep Dive into the /home/000~ROOT~000/ Directoryhttps://soltanali0.medium.com/decoding-the-enigma-a-deep-dive-into-the-home-000-root-000-directory-3be592f05525?source=rss------bug_bounty-5soltanali0information-security, bug-bounty, directory-listing, security-research, lfi04-Sep-2024
TeamCity Takedown: Breach, Backup, and Break-in.https://medium.com/@josh.beck2006/teamcity-takedown-breach-backup-and-break-in-3ce333b63788?source=rss------bug_bounty-5Josh Beckcybersecurity, bug-bounty, ctf-writeup04-Sep-2024
Advanced Strategies to Defend Against HTTP Request Smuggling: A Deep Divehttps://cyberw1ng.medium.com/advanced-strategies-to-defend-against-http-request-smuggling-a-deep-dive-ba7c0abe911a?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, bug-bounty, technology, penetration-testing04-Sep-2024
Shodan: Senjata Rahasia Wajib Bagi Peretas dan Peneliti Keamanan untuk Pengumpulan Informasi yang…https://medium.com/@adriansyah1230/shodan-senjata-rahasia-wajib-bagi-peretas-dan-peneliti-keamanan-untuk-pengumpulan-informasi-yang-a3f86dd47eed?source=rss------bug_bounty-5Adrian Syah Abidininfosec, shodan, bug-bounty, hacking, cybersecurity03-Sep-2024
Bug Bounty: Your Guide to Ethical Hacking, Rewards, and the Best Learning Resourceshttps://medium.com/@akatrigger53/bug-bounty-your-guide-to-ethical-hacking-rewards-and-the-best-learning-resources-071c6eb14a27?source=rss------bug_bounty-5Akansh Pandaybug-bounty, hacking, darkweb, cybersecurity03-Sep-2024
How to overcome the pause point in BugBountyhttps://anonysm.medium.com/how-to-overcome-the-pause-point-in-bugbounty-02b849cfcff8?source=rss------bug_bounty-5Muthu Dcybersecurity, bug-bounty, penetration-testing, motivation, hacking03-Sep-2024
DNSDumpster: Eksplorasi Informasi Domain Mendalamhttps://medium.com/@adriansyah1230/dnsdumpster-eksplorasi-informasi-domain-mendalam-d20fa2635596?source=rss------bug_bounty-5Adrian Syah Abidinkeamanan-informasi, cybersecurity, infosec, bug-bounty, dnsdumpster03-Sep-2024
Day 25 of 30 Day — 30 Vulnerabilities | HTTP Request Smugglinghttps://medium.com/@kumawatabhijeet2002/day-25-of-30-day-30-vulnerabilities-http-request-smuggling-722c3f01dbc4?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, http-request-smuggling, bug-bounty-tips, 30dayswritingchallenge03-Sep-2024
How to Bypass Web Application Firewalls (WAFs)https://bootstrapsecurity.medium.com/how-to-bypass-web-application-firewalls-10cec76e8276?source=rss------bug_bounty-5BootstrapSecuritybugbounty-tips, cybersecurity, ethical-hacking, bug-bounty03-Sep-2024
The removed employee can see whether the users he invited to the victim’s Pinterest business…https://rhidayah.medium.com/the-removed-employee-can-see-whether-the-users-he-invited-to-the-victims-pinterest-business-085d2ee8e14e?source=rss------bug_bounty-5Rohmad Hidayahbugcrowd, bug-bounty, pinterest, business-logic-flaw03-Sep-2024
[IDOR] Update another user’s profilehttps://rhidayah.medium.com/idor-update-another-users-profile-79d0158ae60c?source=rss------bug_bounty-5Rohmad Hidayahidor, bug-bounty03-Sep-2024
Pre account takeover via google sign inhttps://rhidayah.medium.com/pre-account-takeover-via-google-sign-in-bb442f4c32a2?source=rss------bug_bounty-5Rohmad Hidayahbug-bounty, account-takeover03-Sep-2024
P3 (Medium) : How I Gain Access To NASA's Internal Workspace?!https://medium.com/@srishavinkumar/p3-medium-how-i-gain-access-to-nasas-internal-workspace-d0896fee563c?source=rss------bug_bounty-5Sri Shavin Kumarbug-bounty, bug-bounty-tips, cybersecurity, technology, programming03-Sep-2024
Improper Authorization via Mass Assignment of Membership Parametershttps://ahmedtamer0.medium.com/improper-authorization-via-mass-assignment-of-membership-parameters-7245925b09f5?source=rss------bug_bounty-5Ahmed Tamerbug-hunting, api, mass-assignment, writeup, bug-bounty03-Sep-2024
How Bypassed KonyLab Code Protectionhttps://medium.com/@xmosb7/how-bypassed-konylab-code-protection-cac53da01ad1?source=rss------bug_bounty-5Mahmoud Mosbahmobilesec, infosec, cybersecurity, cyberattack, bug-bounty03-Sep-2024
Subdomain Enumeration part 1 (Manual & Automation)https://mrunknown124154.medium.com/subdomain-enumeration-part-1-manual-automation-45108388bdb2?source=rss------bug_bounty-5Mr Abdullahsubdomains-enumeration, hacking, bug-bounty, web-hacking, web-penetration-testing03-Sep-2024
API VULNERABILITIEShttps://medium.com/@adithyakrishnav001/api-vulnerabilities-9b68a0bd87a8?source=rss------bug_bounty-5Adithyakrishna Vcybersecurity, hacking, aad1, api-security, bug-bounty03-Sep-2024
HTTP Request Smuggling: The Hidden Web Threat You Need to Know Abouthttps://cyberw1ng.medium.com/http-request-smuggling-the-hidden-web-threat-you-need-to-know-about-71ff45c7f94a?source=rss------bug_bounty-5Karthikeyan Nagarajtechnology, cybersecurity, bug-bounty, hacking, careers03-Sep-2024
My First Bounty: How I Exploited a CORS Misconfigurationhttps://anas0x1.medium.com/my-first-bounty-how-i-exploited-a-cors-misconfiguration-bc1f9137b272?source=rss------bug_bounty-5Anas Ibrahimcors, bug-bounty, bug-hunting, hackerone, cybersecurity03-Sep-2024
How I Discovered a Hidden XSS and What I Learnedhttps://medium.com/@issam.qsous/how-i-discovered-a-hidden-xss-and-what-i-learned-9a34995ebbd2?source=rss------bug_bounty-5Essam Qsousweb-development, hacking, penetration-testing, security, bug-bounty03-Sep-2024
The Accidental Discoveryhttps://medium.com/@Kinqdathacker/the-accidental-discovery-8ed6f9622b0c?source=rss------bug_bounty-5Kinqdathackercybersecurity, hacking, technology, web-hacking, bug-bounty02-Sep-2024
Day 23 of 30 Days — 30 Vulnerabilities | JSON Web Token (JWT) Attackshttps://medium.com/@kumawatabhijeet2002/day-23-of-30-days-30-vulnerabilities-json-web-token-jwt-attacks-e77c719fe22d?source=rss------bug_bounty-5Abhijeet kumawatweb, bug-bounty, bug-bounty-tips, 30dayswritingchallenge02-Sep-2024
Advanced Web Application Security Checklisthttps://securitycipher.medium.com/advanced-web-application-security-checklist-6f7ed5917c72?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)cybersecurity, bug-bounty-tips, bug-bounty, technology, security02-Sep-2024
How I Hacked into Yamaha using CVE 2017-5487https://medium.com/@josuofficial327/how-i-found-an-easy-cve-in-yamaha-964366a34b59?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binucybersecurity, bug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-bounty-tips02-Sep-2024
[Specially Customized] TECNO Security 3rd Anniversary Bug Hunting Competition!https://medium.com/@security.tecno/specially-customized-tecno-security-3rd-anniversary-bug-hunting-competition-8a4e6501e91e?source=rss------bug_bounty-5TECNO Securitybug-bounty, bounty-program, hacking, hunting02-Sep-2024
Hunting JavaScript Files for Bug Huntershttps://bevijaygupta.medium.com/hunting-javascript-files-for-bug-hunters-7355df2215ec?source=rss------bug_bounty-5Vijay Guptahunting, javascript, bugs, bug-bounty, bug-hunting02-Sep-2024
A Story About How i Found CVE-2020–27838 in TVH responsible disclosurehttps://medium.com/@karthithehacker/a-story-about-how-i-found-cve-2020-27838-in-tvh-responsible-disclosure-16946f8f8faf?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, cybersecurity, infosec, web-security02-Sep-2024
Advanced Web Application Security Checklisthttps://infosecwriteups.com/advanced-web-application-security-checklist-6f7ed5917c72?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)cybersecurity, bug-bounty-tips, bug-bounty, technology, security02-Sep-2024
Business logic / Failed defense Vulnerability in bug bountyhttps://itsravikiran25.medium.com/business-logic-failed-defense-vulnerability-in-bug-bounty-4ab932a1a200?source=rss------bug_bounty-5Ravikiranbug-bounty-writeup, cybersecurity, penetration-testing, bug-bounty, hacking02-Sep-2024
A Story About How i Found CVE-2020–27838 in TVH responsible disclosurehttps://infosecwriteups.com/a-story-about-how-i-found-cve-2020-27838-in-tvh-responsible-disclosure-16946f8f8faf?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, cybersecurity, infosec, web-security02-Sep-2024
HTML Form Injection Vulnerability in Gmailhttps://medium.com/@h4x0r_dz/html-form-injection-vulnerability-in-gmail-152a01f6d423?source=rss------bug_bounty-5h4x0r_dzgoogle, web, bug-bounty, vulnerability, security02-Sep-2024
Easy 500$ Bounty with Host Header Injection By Ramthullahttps://skramthu.medium.com/easy-500-bounty-with-host-header-injection-by-ramthulla-bb556ebd4c46?source=rss------bug_bounty-5Raminfosec-write-ups, bounty-program, hackerone, bug-bounty, bugbounty-writeup02-Sep-2024
Pentesting vs Bug Bounty: Apa Perbedaannya dan Bagaimana Tahapannya?https://medium.com/@adriansyah1230/pentesting-vs-bug-bounty-apa-perbedaannya-dan-bagaimana-tahapannya-182cc05a2721?source=rss------bug_bounty-5Adrian Syah Abidinhacking, bug-bounty, pentesting, cybersecurity02-Sep-2024
How to Automate Subdomain Takeover Finding: Low Hang Fruit…https://dkcyberz.medium.com/how-to-automate-subdomain-takeover-finding-low-hang-fruit-5733f2794df1?source=rss------bug_bounty-5Harpy Hunterbug-bounty-tips, how-to-takeover-s3-bucket, bug-bounty, bug-bounty-writeup, subdomain-takeover02-Sep-2024
Secure your Instagram Account Today, Or be a victim.https://mayur-jadhav.medium.com/secure-your-instagram-account-today-or-be-a-victim-9f476937a5e2?source=rss------bug_bounty-5Mayur Jadhavbug-bounty, social-media, hacking, cybersecurity02-Sep-2024
26.18 Lab: Web cache poisoning via HTTP/2 request tunnellinghttps://cyberw1ng.medium.com/26-18-lab-web-cache-poisoning-via-http-2-request-tunnelling-72abd219dc68?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, technology, careers, hacking, bug-bounty02-Sep-2024
SSRF via DNS Rebinding That Leads to Several Clouds Access (Arabic)https://medium.com/@Berserker1337/ssrf-via-dns-rebinding-that-leads-to-several-clouds-access-arabic-db9f9a9c530c?source=rss------bug_bounty-5Berserkerbug-bounty, infosec02-Sep-2024
Lessons Learned #1: One line of code can make your application vulnerable (Pre-Auth RCE in Metabase…https://medium.com/appsec-untangled/lessons-learned-1-one-line-of-code-can-make-your-application-vulnerable-pre-auth-rce-in-metabase-a8579ca0102d?source=rss------bug_bounty-5Mohamed AboElKheirthreat-modeling, vulnerability, bug-bounty, application-security, cybersecurity02-Sep-2024
Insider Secrets to Earning $100 to $250 in Bug Bountieshttps://medium.com/@ajaynaikhack/insider-secrets-to-earning-100-to-250-in-bug-bounties-9dd6adb2a304?source=rss------bug_bounty-5Ajay Naikcybersecurity, bug-bounty02-Sep-2024
The Wild World of Path Traversal: Sneaking Around the Web’s Dark Cornershttps://cluelesszay.medium.com/the-wild-world-of-path-traversal-sneaking-around-the-webs-dark-corners-088f5522e371?source=rss------bug_bounty-5zaythecluelessdevpath-traversal, web-security, cybersecurity, bug-bounty, ethical-hacking01-Sep-2024
Race condition to bypass email verify, part #2https://siratsami71.medium.com/race-condition-to-bypass-email-verify-part-2-5efca002cf24?source=rss------bug_bounty-5Sirat Sami (analyz3r)bug-bounty-tips, cybersecurity, bugbounty-writeup, bug-bounty01-Sep-2024
How I found exif metdata leak and earned small bountyhttps://medium.com/@deepk007/how-i-found-exif-metdata-leak-and-earned-small-bounty-34c93de2fa2e?source=rss------bug_bounty-5DEepbug-bounty, ethical-hacking, hacking, bug-bounty-tips, cybersecurity01-Sep-2024
Advanced Techniques for Exploiting SSRF Vulnerabilitieshttps://bootstrapsecurity.medium.com/advanced-techniques-for-exploiting-ssrf-vulnerabilities-9996cade3a64?source=rss------bug_bounty-5BootstrapSecuritybug-bounty-tips, bug-bounty-hunter, cybersecurity, ethical-hacking, bug-bounty01-Sep-2024
Port Scanning for Bug Bountieshttps://bevijaygupta.medium.com/port-scanning-for-bug-bounties-1b660ea41483?source=rss------bug_bounty-5Vijay Guptabug-fixes, port-scanning, bugs, bug-bounty, bug-bounty-tips01-Sep-2024
Subdomain Discovery Toolhttps://medium.com/@World-Breaker/subdomain-discovery-tool-7403e38a760f?source=rss------bug_bounty-5usu@rioZ3r0python, enum, enumeration, subdomain, bug-bounty01-Sep-2024
OWASP A05 :Security Misconfigurationhttps://medium.com/@shivamsharma.ss484/owasp-a05-security-misconfiguration-10518396c757?source=rss------bug_bounty-5Shivamsharmaowasp, owasp-top-10, cybersecurity, bug-bounty, oscp01-Sep-2024
A Story About How I Found XSS in ASUShttps://infosecwriteups.com/a-story-about-how-i-found-xss-in-asus-cb233ce3bb9c?source=rss------bug_bounty-5Karthikeyan.Vbugbounty-tips, infosec, bugbounty-writeup, bug-bounty, bugbounty-poc01-Sep-2024
# 5 Install OWASP Juice Shop on Kali Linux — Guide for Burp Suitehttps://securitycipher.medium.com/5-install-owasp-juice-shop-on-kali-linux-guide-for-burp-suite-6b31c1ece398?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)bug-bounty-tips, security, technology, cybersecurity, bug-bounty01-Sep-2024
How I found My first P1 Bug which ended up ….$?https://medium.com/@yashsomalkar/how-i-found-my-first-p1-bug-which-ended-up-5e6cffdbb066?source=rss------bug_bounty-5Yashsomalkarbugbounty-writeup, bugbounty-poc, aws, bug-bounty, cybersecurity01-Sep-2024
How I Got $250 For My Second Bug In HackerOnehttps://medium.com/@likithteki76/how-i-got-250-for-my-second-bug-in-hackerone-35c75cbd84bd?source=rss------bug_bounty-5Likith Tekihackerone, bug-bounty, bug-bounty-tips, bug-hunting, bugbounty-writeup01-Sep-2024
26.18 Lab: Bypassing access controls via HTTP/2 request tunnelinghttps://cyberw1ng.medium.com/26-18-lab-bypassing-access-controls-via-http-2-request-tunneling-f92ae50661bc?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, bug-bounty, cybersecurity, careers01-Sep-2024
How I found My first P1 Bug which ended up ….$?https://medium.com/@yashsomalkar/how-i-found-my-first-p1-bug-which-ended-up-5e6cffdbb066?source=rss------bug_bounty-5Rudrakshackerbugbounty-writeup, bugbounty-poc, aws, bug-bounty, cybersecurity01-Sep-2024
How I Got $250 For My Second Bug on HackerOnehttps://medium.com/@likithteki76/how-i-got-250-for-my-second-bug-in-hackerone-35c75cbd84bd?source=rss------bug_bounty-5Likith Tekihackerone, bug-bounty, bug-bounty-tips, bug-hunting, bugbounty-writeup01-Sep-2024
26.17 Lab: Exploiting HTTP request smuggling to perform web cache deceptionhttps://cyberw1ng.medium.com/26-17-lab-exploiting-http-request-smuggling-to-perform-web-cache-deception-69a6e9654b7e?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, careers, bug-bounty, cybersecurity31-Aug-2024
All You Need to know About Broken Authentication and Session Managementhttps://medium.com/@ahmed.hilal/all-you-need-to-know-about-broken-authentication-and-session-management-26920f100714?source=rss------bug_bounty-5X0_AhMeD_0Xbug-bounty, pentesting, cybersecurity, bugs, vulnerability31-Aug-2024
DEPENDENCY CONFUSION CAN LEAD TO P5 OR P2 BASED ON LUCKhttps://medium.com/@anonymousshetty2003/dependency-confusion-can-lead-to-p5-or-p2-based-on-luck-64a5b94b80c1?source=rss------bug_bounty-5Anonymousshettyhacking, dependency-confusion, cybersecurity, bug-bounty31-Aug-2024
“Boost Your Productivity: Essential Tips for Organizing Your Work as a Bug Bounty Hunter”https://medium.com/@mahdisalhi0500/boost-your-productivity-essential-tips-for-organizing-your-work-as-a-bug-bounty-hunter-8de1517dc6a4?source=rss------bug_bounty-5Mahdisalhibug-bounty, bug-bounty-tips, ethical-hacking, infosec, hacking31-Aug-2024
HOW I GOT ACCESS TO ACCOUNT BY OTP BYPASShttps://medium.com/@anonymousshetty2003/how-i-got-access-to-account-by-otp-bypass-c49eb0490744?source=rss------bug_bounty-5Anonymousshettycybersecurity, hacking, bug-bounty, otp-bypass31-Aug-2024
Bug bounty Hunting 101https://medium.com/@sys_br3ach3r/bug-bounty-hunting-101-7d2258a3b21d?source=rss------bug_bounty-5sys_br3ach3rbug-bounty-tips, bug-bounty31-Aug-2024
OTP bypass through the Response manipulationhttps://itsravikiran25.medium.com/otp-bypass-through-the-response-manipulation-4f25ab36f60b?source=rss------bug_bounty-5Ravikirancybersecurity, bugbounty-writeup, bug-bounty, hacking, otp-bypass31-Aug-2024
The Discovery of CVE-2024–5947: Authentication Bypass in Deep Sea Electronics DSE855https://medium.com/@karthithehacker/the-discovery-of-cve-2024-5947-authentication-bypass-in-deep-sea-electronics-dse855-5fa2e89cbdfb?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, infosec, information-security, bugbounty-tips, bugbounty-writeup31-Aug-2024
Using Default Credential to Admin Account Takeoverhttps://ch4ndan.medium.com/using-default-credential-to-admin-account-takeover-04c557e67969?source=rss------bug_bounty-5Ch4ndan dasbugs, bug-bounty-tips, hacking, bug-bounty, cybersecurity31-Aug-2024
How to Take Over a Subdomain Through S3 Bucket Takeover…https://dkcyberz.medium.com/how-to-take-over-a-subdomain-through-s3-bucket-takeover-a53238499b81?source=rss------bug_bounty-5Harpy Hunterbug-bounty, bug-hunting, hackerone, s3-bucket, subdomain-takeover31-Aug-2024
How to Get Started in Bug Bounty Hunting: A Comprehensive Beginner’s Guidehttps://shubhdhungana.medium.com/how-to-get-started-in-bug-bounty-hunting-a-comprehensive-beginners-guide-4cdaf3dcd910?source=rss------bug_bounty-5Subh Dhunganabug-bounty, cybersecurity, hacking, hackerone, infosec31-Aug-2024
Most Asked Questions from Cybersecurity Beginners with Answershttps://medium.com/@cham3leon/most-asked-questions-from-cybersecurity-beginners-with-answers-91b7c680e967?source=rss------bug_bounty-5cham3leonfaq, cybersecurity, guides-and-tutorials, pentesting, bug-bounty31-Aug-2024
The Discovery of CVE-2024–5947: Authentication Bypass in Deep Sea Electronics DSE855https://infosecwriteups.com/the-discovery-of-cve-2024-5947-authentication-bypass-in-deep-sea-electronics-dse855-5fa2e89cbdfb?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, infosec, information-security, bugbounty-tips, bugbounty-writeup31-Aug-2024
Bypassing CSP via URL Parser Confusions : XSS on Netlify’s Image CDNhttps://sudhanshur705.medium.com/bypassing-csp-via-url-parser-confusions-xss-on-netlifys-image-cdn-755a27065fd9?source=rss------bug_bounty-5Sudhanshu Rajbharbug-bounty, csp, xss-attack31-Aug-2024
Parameter tampering result in product price manipulationhttps://medium.com/@RaunakGupta1922/parameter-tampering-result-in-product-price-manipulation-356c07a571e5?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitbusiness, cybersecurity, hacking, college, bug-bounty31-Aug-2024
IIS welcome page to source code review to LFI!https://medium.com/@omarahmed_13016/iis-welcome-page-to-source-code-review-to-lfi-23ec581049f5?source=rss------bug_bounty-5Omar Ahmedbug-bounty, hackerone, application-security, bug-bounty-tips31-Aug-2024
How to Get Started in Bug Bounty Hunting: A Comprehensive Beginner’s Guidehttps://infosecwriteups.com/how-to-get-started-in-bug-bounty-hunting-a-comprehensive-beginners-guide-4cdaf3dcd910?source=rss------bug_bounty-5Subh Dhunganabug-bounty, cybersecurity, hacking, hackerone, infosec31-Aug-2024
From Reset to Takeover: The Exploitation Potential of IDOR in Password Recovery Systemshttps://medium.com/@tusharpuri6/from-reset-to-takeover-the-exploitation-potential-of-idor-in-password-recovery-systems-5d1b6f53530a?source=rss------bug_bounty-5Tusharpuribug-bounty, application-security, penetration-testing, offensive-security, authentication31-Aug-2024
How to find webcams using the Google Dorking.https://bob218.medium.com/how-to-find-webcams-using-the-google-dorking-4c7b491fa856?source=rss------bug_bounty-5bob218hacking, bug-bounty, osint, cybersecurity, google-dork31-Aug-2024
How Attackers Sneak in Hidden Requests and What You Can Do About Ithttps://cyberw1ng.medium.com/how-attackers-sneak-in-hidden-requests-and-what-you-can-do-about-it-cc085f245b4e?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing31-Aug-2024
Day 23 of 30 Days — 30 Vulnerabilities | JSON Web Token (JWT) Attackshttps://medium.com/@kumawatabhijeet2002/day-23-of-30-days-30-vulnerabilities-json-web-token-jwt-attacks-d9509595ebd8?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, bug-bounty, jwt-token, jwt-authentication, 30dayswritingchallenge30-Aug-2024
New trick to make self xss impactfulhttps://medium.com/@Rahulkrishnan_R_Panicker/new-trick-to-make-self-xss-impactful-073d52a07d4f?source=rss------bug_bounty-5Rahulkrishnan R Panickerbug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty, xss-attack30-Aug-2024
How to install dnsReaper and use of dnsReaperhttps://medium.com/@sherlock297/how-to-install-dnsreaper-and-use-of-dnsreaper-bc69d66d8c08?source=rss------bug_bounty-5Ravindra Dagalednsreaper, tools, bug-bounty, how-to, subdomain-takeover30-Aug-2024
Google Dorkshttps://medium.com/@twinkspap/google-dorks-c83abf0918ef?source=rss------bug_bounty-5twinksbug-bounty, google-dork, learning, skills, cybersecurity30-Aug-2024
Top 100Vulnerabilities: Identifying and Addressing Security Riskshttps://medium.com/@0xvan/top-100vulnerabilities-identifying-and-addressing-security-risks-bce861b5fa31?source=rss------bug_bounty-50xvanbug-bounty-tips, security, cybersecurity, bug-bounty, web-security30-Aug-2024
./Fingerprinting Web Technologieshttps://gauravdavre.medium.com/fingerprinting-web-technologies-fde6631f9ef7?source=rss------bug_bounty-5Gaurav Davrebug-bounty, cybersecurity, open-source-intelligence, reconnaissance, web-technology30-Aug-2024
26.16 Lab: Exploiting HTTP request smuggling to perform web cache poisoninghttps://cyberw1ng.medium.com/26-16-lab-exploiting-http-request-smuggling-to-perform-web-cache-poisoning-fa35ac4fdf4c?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, bug-bounty, careers, cybersecurity30-Aug-2024
Unlock Hidden Web Vulnerabilities: Advanced ParamSpider Tactics Every Hacker Must Know!https://systemweakness.com/unlock-hidden-web-vulnerabilities-advanced-paramspider-tactics-every-hacker-must-know-62487db3e8c8?source=rss------bug_bounty-5Khaleel Khanpenetration-testing, bug-bounty, hacking, infosec, cybersecurity30-Aug-2024
The Easiest Bug For Beginnershttps://medium.com/@josuofficial327/the-easiest-bug-for-beginners-491986cbc53c?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binubug-bounty-hunter, cybersecurity, ethical-hacking, hacking, bug-bounty30-Aug-2024
The Hunt for XXE to LFI: How I Uncovered CVE-2019–9670 in a Bug Bounty Programhttps://medium.com/@karthithehacker/the-hunt-for-xxe-to-lfi-how-i-uncovered-cve-2019-9670-in-a-bug-bounty-program-5668e4afa806?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, information-security, infosec, bugbounty-writeup, bug-bounty-tips30-Aug-2024
When Giving Out Cheap Hotel Deals Go Wrong:https://medium.com/@ralph.andalis92/when-giving-out-cheap-hotel-deals-go-wrong-bfea34fa3cde?source=rss------bug_bounty-5Ralph Andalisbug-bounty-tips, pentesting, bug-bounty, web-application-security, web-security30-Aug-2024
My Five Minute Critical Vulnerability Discovery on Hackeronehttps://medium.com/@0xvan/my-five-minute-critical-vulnerability-discovery-on-hackerone-067258333c80?source=rss------bug_bounty-50xvanbug-bounty-writeup, bug-bounty-tips, ethical-hacking, pentesting, bug-bounty30-Aug-2024
DVWA Cheat Sheet (Low & Medium)https://medium.com/@loaysalah276/dvwa-cheat-sheet-low-medium-c7490e76f1b5?source=rss------bug_bounty-5Loay Salahbug-bounty, cybersecurity, penetration-testing, owasp-top-10, dvwa30-Aug-2024
Understanding Bugcrowd’s Vulnerability Rating Taxonomy (VRT):https://medium.com/@js8971105/understanding-bugcrowds-vulnerability-rating-taxonomy-vrt-d5bc946443b5?source=rss------bug_bounty-5jatin singhbug-bounty, web-security, hacking, vrt, web30-Aug-2024
Top 100 Vulnerabilities: Identifying and Addressing Security Riskshttps://medium.com/@0xvan/top-100vulnerabilities-identifying-and-addressing-security-risks-bce861b5fa31?source=rss------bug_bounty-50xvanbug-bounty-tips, security, cybersecurity, bug-bounty, web-security30-Aug-2024
Subdomain Analysis for Bug Bounty Hunting: A Comprehensive Guidehttps://bughunteralltime.medium.com/subdomain-analysis-for-bug-bounty-hunting-a-comprehensive-guide-920e33a59a91?source=rss------bug_bounty-5Bug_Hunter_All_Timebug-bounty30-Aug-2024
How to Hunt for Sensitive Directories in Bug Bounty Huntinghttps://bughunteralltime.medium.com/how-to-hunt-for-sensitive-directories-in-bug-bounty-hunting-f61a7f61d8fb?source=rss------bug_bounty-5Bug_Hunter_All_Timebug-bounty-tips, bug-bounty, hacking30-Aug-2024
How to Map Out a Target for Bug Bounty Huntinghttps://bughunteralltime.medium.com/how-to-map-out-a-target-for-bug-bounty-hunting-acea0ed59783?source=rss------bug_bounty-5Bug_Hunter_All_Timebug-bounty-tips, bug-bounty, hacking, bugs30-Aug-2024
How To FindWeb Technology Identification for Effective Bug Bounty Huntinghttps://bughunteralltime.medium.com/how-to-findweb-technology-identification-for-effective-bug-bounty-hunting-a0f57c80b67b?source=rss------bug_bounty-5Bug_Hunter_All_Timehacking, bug-bounty-tips, bug-bounty, bug-fixes, web-development30-Aug-2024
Interview joke 2: Application Security (Prod.https://medium.com/@kannnannmk/interview-joke-2-application-security-prod-7a0c4c6cdd1a?source=rss------bug_bounty-5Neelamegha Kannan Sbug-bounty, application-security, code-review, pentesting, bug-bounty-tips30-Aug-2024
Easy Subdomain Enumeration Tools & Commandshttps://medium.com/@josuofficial327/easy-subdomain-enumeration-tools-commands-5f8a8fe0f3a0?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binucybersecurity, ethical-hacking, bug-bounty-tips, bug-hunting, bug-bounty30-Aug-2024
Interview joke 1: Application Security (Prod.https://medium.com/@kannnannmk/application-security-prod-3868c0b8cb64?source=rss------bug_bounty-5Neelamegha Kannan Sbug-bounty-tips, interview, bug-bounty, web-security, application-security30-Aug-2024
OWASP A04:2021 INSECURE DESIGNhttps://medium.com/@shivamsharma.ss484/owasp-a04-2021-insecure-design-34ef11e83e6f?source=rss------bug_bounty-5Shivamsharmaowasp, owasp-top-10, bug-bounty, hacking, cybersecurity30-Aug-2024
A Comprehensive AI Security Model for Penetration Testing leverages advanced AI techniques to…https://medium.com/@ajaynaik_16635/a-comprehensive-ai-security-model-for-penetration-testing-leverages-advanced-ai-techniques-to-9caa4febfc21?source=rss------bug_bounty-5Ajay Naikbug-bounty-tips, bug-bounty, ai-security, ethical-hacking30-Aug-2024
Bad Effect Of Bug In Domain.https://medium.com/@nazmulhasan017191/bad-effect-of-bug-in-domain-e0cfd62cb3bc?source=rss------bug_bounty-5Nazmul Hasantechnical-analysis, information-security, cybersecurity, bug-hunting, bug-bounty30-Aug-2024
How to Find Clickjacking Vulnerabilities Using the Command Line in Kali Linuxhttps://bughunteralltime.medium.com/how-to-find-clickjacking-vulnerabilities-using-the-command-line-in-kali-linux-a07cc64437f3?source=rss------bug_bounty-5Bug_Hunter_All_Timebug-bounty-tips, hacking, bugs, bug-bounty30-Aug-2024
Understanding Log Stealer and Its Role in Security Testing — Part 1https://medium.com/haktrak-cybersecurity-squad/understanding-log-stealer-and-its-role-in-security-testing-part-1-5f2223b47847?source=rss------bug_bounty-5YoKo Khosecurity-testing, stealer-logs, stealer-malware, broken-access-control, bug-bounty30-Aug-2024
Understanding Stealer Logs and Its Role in Security Testing — Part 1https://medium.com/haktrak-cybersecurity-squad/understanding-log-stealer-and-its-role-in-security-testing-part-1-5f2223b47847?source=rss------bug_bounty-5YoKo Khostealer-logs, stealer-malware, red-team, broken-access-control, bug-bounty30-Aug-2024
A Comprehensive AI Security Model for Penetration Testing leverages advanced AI techniques to…https://medium.com/@ajaynaikhack/a-comprehensive-ai-security-model-for-penetration-testing-leverages-advanced-ai-techniques-to-9caa4febfc21?source=rss------bug_bounty-5Ajay Naikbug-bounty-tips, bug-bounty, ai-security, ethical-hacking30-Aug-2024
Overview CVE-2024–38063 is a critical zero-click remote code execution (RCE) vulnerability…https://medium.com/@ajaynaikhack/overview-cve-2024-38063-is-a-critical-zero-click-remote-code-execution-rce-vulnerability-9be862382548?source=rss------bug_bounty-5Ajay Naikhacking, bug-bounty, cve, network-security, windows30-Aug-2024
Day 22 of 30 Days — 30 Vulnerabilities | Business Logic Flawshttps://medium.com/@kumawatabhijeet2002/day-22-of-30-days-30-vulnerabilities-business-logic-flaws-734c2f4b0575?source=rss------bug_bounty-5Abhijeet kumawatbusiness-logic, bug-bounty-tips, business-logic-flaw, 30dayswritingchallenge, bug-bounty29-Aug-2024
Part -2: Uncovering a Critical Parameter Tampering Vulnerability on a Major OTT Platformhttps://medium.com/@sulmanfarooq531/uncovering-a-critical-parameter-tampering-vulnerability-on-a-major-ott-platform-e3342cd3437c?source=rss------bug_bounty-5Sulman Farooq Scybersecurity, bug-bounty, http-parameter-pollution, ethical-hacking, ott29-Aug-2024
How Hackers Use Cross-Site Scripting to Break Through Web Application Firewalls!https://theshaco.com/how-hackers-use-cross-site-scripting-to-break-through-web-application-firewalls-ab101f1778a1?source=rss------bug_bounty-5Khaleel Khanweb-development, cybersecurity, infosec, hacking, bug-bounty29-Aug-2024
Practical Bug Bounty — TCM Academy | Module 8 pt.3 (SSTI, XXE, Insecure File Uploads)https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-8-pt-3-ssti-xxe-insecure-file-uploads-1ed7056ea0c7?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamibug-bounty, web-penetration-testing, cybersecurity, ethical-hacking, tcm-academy29-Aug-2024
Part 2 — How I Found Vulnerabilities in NASA and Got into the Hall of Fame — 4 Bugs | Karthikeyan…https://systemweakness.com/part-2-how-i-found-vulnerabilities-in-nasa-and-got-into-the-hall-of-fame-4-bugs-karthikeyan-79c3ec17a336?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, cybersecurity, hacking, bug-bounty29-Aug-2024
Disable Any Customer Ability To Create Service Account With Business Logic Vulnerabilityhttps://medium.com/@bilalresearcher/disable-any-customer-ability-to-create-service-account-with-business-logic-vulnerability-05ab37901a4a?source=rss------bug_bounty-5Bilal Researcherhacking, bug-bounty-writeup, cybersecurity, bug-bounty, bugbounty-writeup29-Aug-2024
Reflected XSS To Account Takeover Without Stealing Session Cookiehttps://medium.com/@bilalresearcher/reflected-xss-to-account-takeover-without-stealing-session-cookie-413e522aac40?source=rss------bug_bounty-5Bilal Researcherhacking, bug-bounty-writeup, bug-bounty, bugbounty-writeup, cybersecurity29-Aug-2024
Detecting Blind Injection Attacks with Discord Webhookshttps://medium.com/@bilalresearcher/detecting-blind-injection-attacks-with-discord-webhooks-9a9d3b566bf1?source=rss------bug_bounty-5Bilal Researcherhacking, cybersecurity, bugbounty-writeup, bug-bounty, bug-bounty-writeup29-Aug-2024
A Beautiful Bug: Interesting URL scheme bypass + Race Conditionhttps://medium.com/@bilalresearcher/a-beautiful-bug-interesting-url-scheme-bypass-race-condition-e8ff79361740?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bugbounty-writeup, hacking, cybersecurity, bug-bounty-writeup29-Aug-2024
Stored XSS to Account Takeover (AWS Cognito)https://medium.com/@bilalresearcher/stored-xss-to-account-takeover-aws-cognito-bd29d241e5d1?source=rss------bug_bounty-5Bilal Researcherxss-vulnerability, bug-bounty-tips, bugbounty-writeup, cybersecurity, bug-bounty29-Aug-2024
My Journey to the United Nations Hall of Fame: A Story of Lucky Mehttps://medium.com/@siddharth_1/my-journey-to-the-united-nations-hall-of-fame-a-story-of-lucky-me-d489d93bd363?source=rss------bug_bounty-5Siddharthcybersecurity, united-nations, vulnerability, bug-bounty, bug-bounty-writeup29-Aug-2024
XSS Web Application Firewall Bypass Techniqueshttps://medium.com/@bilalresearcher/xss-web-application-firewall-bypass-techniques-e10476b5fa72?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-writeup, hacking, bugbounty-writeup, cybersecurity29-Aug-2024
OAuth CSRF: Exploiting the Authorization Code Flow for Account Takeoverhttps://medium.com/@bilalresearcher/oauth-csrf-exploiting-the-authorization-code-flow-for-account-takeover-b1e3790416b7?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bugbounty-writeup, cybersecurity, hacking, bug-bounty-writeup29-Aug-2024
Two Factor Authentication Bypass via using Victim’s DeviceIDhttps://medium.com/@bilalresearcher/two-factor-authentication-bypass-via-using-victims-deviceid-1fc10bfe95c9?source=rss------bug_bounty-5Bilal Researcherhacking, bugbounty-writeup, bug-bounty-writeup, bug-bounty, cybersecurity29-Aug-2024
Bypassed an Admin Panel Using SQL Payloadshttps://medium.com/@bilalresearcher/bypassed-an-admin-panel-using-sql-payloads-572574b41d1c?source=rss------bug_bounty-5Bilal Researcherbug-bounty, hacking, cybersecurity, bug-bounty-writeup, bugbounty-writeup29-Aug-2024
Hunting JavaScript File for Bug Huntershttps://medium.com/@bilalresearcher/hunting-javascript-file-for-bug-hunters-ae4af0479a9c?source=rss------bug_bounty-5Bilal Researchercybersecurity, bugbounty-writeup, hacking, bug-bounty, bug-bounty-writeup29-Aug-2024
Common 403 Bypasses Part 2https://medium.com/@bilalresearcher/common-403-bypasses-part-2-80fd094a86fe?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, hacking, bug-bounty, cybersecurity, bug-bounty-writeup29-Aug-2024
Common 403 Bypasses Part 1https://medium.com/@bilalresearcher/common-403-bypasses-part-1-a693a8413108?source=rss------bug_bounty-5Bilal Researchercybersecurity, bugbounty-writeup, bug-bounty-writeup, bug-bounty, hacking29-Aug-2024
Advanced SQLMap Customizationhttps://medium.com/@bilalresearcher/advanced-sqlmap-customization-34d04b6c0984?source=rss------bug_bounty-5Bilal Researchercybersecurity, hacking, bug-bounty, bug-bounty-writeup, bugbounty-writeup29-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-91)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-91-bcac49fd0f29?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, cybersecurity, money, bug-bounty, hacking28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-90)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-90-0f7e5ae09f8c?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, hacking, ethical-hacking, money28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-89)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-89-f7771af9355f?source=rss------bug_bounty-5Mehedi Hasan Rafidmoney, bug-bounty, hacking, cybersecurity, ethical-hacking28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-88)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-88-5fba54f61fd0?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, money, hacking, cybersecurity, ethical-hacking28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-87)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-87-d78ff97837fd?source=rss------bug_bounty-5Mehedi Hasan Rafidmoney, hacking, cybersecurity, ethical-hacking, bug-bounty28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-86)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-86-dfcf154a34d3?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, cybersecurity, money, bug-bounty, ethical-hacking28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-85)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-85-46305e104b6f?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, ethical-hacking, cybersecurity, bug-bounty, money28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-84)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-84-d3a454db9673?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking, money, cybersecurity, hacking28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-83)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-83-45728838a32c?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, hacking, bug-bounty, cybersecurity, money28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-82)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-82-8c89ec5c5ef7?source=rss------bug_bounty-5Mehedi Hasan Rafidmoney, bug-bounty, hacking, cybersecurity, ethical-hacking28-Aug-2024
Day 21 of 30 Days — 30 Vulnerabilities | OAuth Misconfigurationshttps://medium.com/@kumawatabhijeet2002/day-21-of-30-days-30-vulnerabilities-oauth-misconfigurations-693c16cf5476?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, web-security-testing, bug-bounty-tips, 30dayswritingchallenge, oauth28-Aug-2024
How to Scan a Range of IP Addresses with Nmaphttps://medium.com/@sherlock297/how-to-scan-a-range-of-ip-addresses-with-nmap-d802dc168846?source=rss------bug_bounty-5Ravindra Dagaletools, nmap, information-technology, bug-bounty, security28-Aug-2024
The Secret to Finding Anyone’s Digital Footprint: Master OSINT in 7 Easy Steps!https://medium.com/@paritoshblogs/the-secret-to-finding-anyones-digital-footprint-master-osint-in-7-easy-steps-bd278a058c73?source=rss------bug_bounty-5Paritoshinformation-technology, cybersecurity, osint, hacking, bug-bounty28-Aug-2024
Exploiting Second-Order IDOR Vulnerabilitieshttps://medium.com/@bountyget/exploiting-second-order-idor-vulnerabilities-6d2554eb1319?source=rss------bug_bounty-5Dhiren Kumar Pradhanbug-bounty, infosec, information-security, bug-bounty-tips, bug-bounty-writeup28-Aug-2024
Exploiting IDORs in APIs That Use Static Keywordshttps://medium.com/@bountyget/exploiting-idors-in-apis-that-use-static-keywords-f94b7797634a?source=rss------bug_bounty-5Dhiren Kumar Pradhaninformation-security, bug-bounty-writeup, bug-bounty-tips, infosec, bug-bounty28-Aug-2024
IDOR : Deleting Comments Like a Boss!https://medium.com/@tanyago/idor-deleting-comments-like-a-boss-0413a375024f?source=rss------bug_bounty-5Tanya Goyalbug-bounty, bug-bounty-tips, bug-bounty-writeup, idor, bug-hunting28-Aug-2024
25.7 Lab: Password reset poisoning via dangling markuphttps://cyberw1ng.medium.com/25-7-lab-password-reset-poisoning-via-dangling-markup-cee4cc5a20f3?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing28-Aug-2024
The Ultimate List of Browser Extensions for Bug Bounty Huntershttps://medium.com/@k4r7hx/the-ultimate-list-of-browser-extensions-for-bug-bounty-hunters-5e349437e063?source=rss------bug_bounty-5Karthikeyanextension, ethical-hacking, bug-bounty, penetration-testing, web28-Aug-2024
How important Cookies can be?https://medium.com/@alireza.razaghzadegan1999/how-important-cookies-can-be-86c7a3fdd790?source=rss------bug_bounty-5Alireza Razaghzadegantechnology, website, bug-bounty, security28-Aug-2024
Blind Command Injection Leads to Nothing!!https://medium.com/@kush.kira/blind-command-injection-leads-to-nothing-ea56f6662a58?source=rss------bug_bounty-5Kiraos-command-injection, command-injection, ssrf, bug-bounty, hacking28-Aug-2024
OTP Bypassing with Response Manipulationhttps://medium.com/@sahilkushwaha275/otp-bypassing-with-response-manipulation-238498b02737?source=rss------bug_bounty-5S33NUbug-hunting, cybersecurity, hacking, pentesting, bug-bounty28-Aug-2024
Dramatic Surge in Password-Stealing Attacks Targeting Amazon, Facebook, and Google Usershttps://medium.com/@realahmedmoses/dramatic-surge-in-password-stealing-attacks-targeting-amazon-facebook-and-google-users-011f6bd3315a?source=rss------bug_bounty-5Moses Ahmedtechnology, coding, bug-bounty, cybersecurity, programming28-Aug-2024
How To Get Stored Xss & RCE Using Bypass Signature & Extension Via File Upload |_|https://medium.com/@bilalresearcher/how-to-get-stored-xss-rce-using-bypass-signature-extension-via-file-upload-9b3e8d9348cd?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, bugbounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips27-Aug-2024
Find Blind XSS like a pro.https://medium.com/@bilalresearcher/find-blind-xss-like-a-pro-ddc9ef8d5e89?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, bug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips27-Aug-2024
The only recon methodology you need to know.https://medium.com/@bilalresearcher/the-only-recon-methodology-you-need-to-know-9feb257ca4a2?source=rss------bug_bounty-5Bilal Researcherbug-bounty, idor, bug-bounty-writeup, cybersecurity, bugbounty-writeup27-Aug-2024
Advanced Web Cache Poisoning Techniques (Part 2): Tools, Methods, and Exploitshttps://medium.com/@bilalresearcher/advanced-web-cache-poisoning-techniques-part-2-tools-methods-and-exploits-b379aeb7ab36?source=rss------bug_bounty-5Bilal Researcheridor, hacking, bug-bounty-writeup, bug-bounty, bugbounty-writeup27-Aug-2024
Unraveling Web Cache Poisoning: A Deep Dive (Part 1)https://medium.com/@bilalresearcher/unraveling-web-cache-poisoning-a-deep-dive-part-1-49fa00e81d1a?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, cybersecurity, idor, bug-bounty, bug-bounty-writeup27-Aug-2024
Finding IDOR Vulnerabilities: Key Endpoints and Resourceshttps://medium.com/@bilalresearcher/finding-idor-vulnerabilities-key-endpoints-and-resources-e4c2457aa231?source=rss------bug_bounty-5Bilal Researcheridor, bug-bounty-writeup, bugbounty-writeup, bug-bounty, hacking27-Aug-2024
How I was able to discover ATO Via IDOR vulnerabilityhttps://medium.com/@bilalresearcher/how-i-was-able-to-discover-ato-via-idor-vulnerability-c31d074a62e8?source=rss------bug_bounty-5Bilal Researchercybersecurity, hacking, bug-bounty, bug-bounty-writeup, bugbounty-writeup27-Aug-2024
SAML Authentication Bypass Leading to Admin Panel Accesshttps://medium.com/@bilalresearcher/saml-authentication-bypass-leading-to-admin-panel-access-751380db249e?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bugbounty-writeup, cybersecurity, bug-bounty-writeup, hacking27-Aug-2024
Critical Security Vulnerability Discovered on Reserve Bank of India’s Website: A Wake-Up Call…https://medium.com/@psychomong/critical-security-vulnerability-discovered-on-reserve-bank-of-indias-website-a-wake-up-call-06fd08db0559?source=rss------bug_bounty-5psychomongbugs, hacker, bug-bounty, no-rate-limit, hacking27-Aug-2024
Day 20 0f 30 Days — 30 Vulnerabilities | Host Header Injectionhttps://medium.com/@kumawatabhijeet2002/day-20-0f-30-days-30-vulnerabilities-host-header-injection-9bc006b4734c?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-writeup, bug-bounty, host-header-injection, bug-bounty-tips, hostattack27-Aug-2024
Day 19 of 30 Days — 30 Vulnerabilities | Rate Limiting Bypasshttps://medium.com/@kumawatabhijeet2002/day-19-of-30-days-30-vulnerabilities-rate-limiting-bypass-896c8e2bdfc1?source=rss------bug_bounty-5Abhijeet kumawat30dayswritingchallenge, bug-bounty-tips, bug-bounty, rate-limit-bypass27-Aug-2024
24.13 Lab: Internal cache poisoninghttps://cyberw1ng.medium.com/24-13-lab-internal-cache-poisoning-2c328e4d4a6d?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing27-Aug-2024
Practical Bug Bounty — TCM Academy | Module 8 pt. 2 (XSS, CMDI)https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-8-pt-2-xss-cmdi-b8728aa5261d?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamibug-bounty, xss-attack, web-penetration-testing, ethical-hacking, cybersecutiy27-Aug-2024
$15k RCE Through Monitoring Debug Modehttps://medium.com/@0xold/15k-rce-through-monitoring-debug-mode-4f474d8549d5?source=rss------bug_bounty-50xoldlocal-file-inclusion, pentesting, hacking, bug-bounty, rce27-Aug-2024
Exploiting IDORs via JSON Globbinghttps://medium.com/@bountyget/exploiting-idors-via-json-globbing-e4c6e2c0535c?source=rss------bug_bounty-5Dhiren Kumar Pradhanpenetration-testing, idor, bug-bounty-tips, bug-bounty, bug-bounty-writeup27-Aug-2024
How i get OTP bypass leads to ATOhttps://kiraadx.medium.com/how-i-get-otp-bypass-leads-to-ato-a7645ade3a90?source=rss------bug_bounty-5KiRaaDxbug-bounty-tips, bug-bounty, bug-bounty-writeup27-Aug-2024
Discovering Two Out-of-Scope Blind/Stored XSS Vulnerabilities in an Admin Panel on a Public Bug…https://medium.com/@octayus/discovering-two-out-of-scope-blind-stored-xss-vulnerabilities-in-an-admin-panel-on-a-public-bug-c0262fa35238?source=rss------bug_bounty-5OctaYusbug-bounty, python, xss-attack, penetration-testing, cybersecurity27-Aug-2024
CSRF Bypass Using Domain Confusion Leads To ATOhttps://infosecwriteups.com/csrf-bypass-using-domain-confusion-leads-to-ato-ac682dd17722?source=rss------bug_bounty-5Osama Alybug-bounty, cybersecurity, hackerone27-Aug-2024
How did I manage to get my first p2 vulnerability using only ffufhttps://medium.com/@loayahmed686/how-did-i-manage-to-get-my-first-p2-vulnerability-using-only-ffuf-a8a70d965d33?source=rss------bug_bounty-5r00tbug-bounty, cybersecurity27-Aug-2024
Fundora on Testnet Bounty Hunt: Spotting Bugs and Reaping Rewardshttps://gingerjoygames.medium.com/fundora-on-testnet-bounty-hunt-spotting-bugs-and-reaping-rewards-7529ec61b1cc?source=rss------bug_bounty-5Ginger Joy Gamesgames, testnet, mobile-games, web3, bug-bounty27-Aug-2024
Monitoring Gitlab Snippets for secrets with TruffleHoghttps://medium.com/@learntheshell/monitoring-gitlab-snippets-for-secrets-with-trufflehog-5c77281ff5b7?source=rss------bug_bounty-5LearnTheShelltrufflehog, bug-bounty, git, bug-bounty-tips, gitlab27-Aug-2024
How I Got Sensitive Directory Using Shodanhttps://ch4ndan.medium.com/how-i-got-sensitive-directory-using-shodan-10e5b91cda86?source=rss------bug_bounty-5Ch4ndan dasbug-bounty, cybersecurity, bug-bounty-tips, bugs, information-disclosure27-Aug-2024
Unveiling the Secrets of Malware Traffic: Analyzing Malware Infected pcap with Wiresharkhttps://medium.com/@dsksatheesh35/unveiling-the-secrets-of-malware-traffic-analyzing-malware-infected-pcap-with-wireshark-5989a9b013fd?source=rss------bug_bounty-5D Satheesh Kumarmalware-analysis, bug-bounty, cybersecurity, wireshark, network-security27-Aug-2024
HTML Injection in email via fname fieldhttps://medium.com/@hossam_hamada/html-injection-in-email-via-fname-field-564c3657e8ad?source=rss------bug_bounty-5Hossam Hamadapenetration-testing, bug-bounty, hackerone, bugcrowd, html-injection27-Aug-2024
How I Took Over Two Subdomains: A Step-by-Step Guidehttps://medium.com/@0xSphinx/how-i-took-over-two-subdomains-a-step-by-step-guide-df5d9eecbb2e?source=rss------bug_bounty-50xSphinxcybersecurity, security, aws, hacking, bug-bounty27-Aug-2024
Day 17 of 30 Days — 30 Vulnerabilities | Path/Directory Traversalhttps://medium.com/@kumawatabhijeet2002/day-17-of-30-days-30-vulnerabilities-path-directory-traversal-008e92c07f23?source=rss------bug_bounty-5Abhijeet kumawat30dayswritingchallenge, bug-bounty-tips, path-traversal, bug-bounty26-Aug-2024
Thief Raccoon — Login Phishing Toolhttps://medium.com/@bountyget/thief-raccoon-login-phishing-tool-59c574687aae?source=rss------bug_bounty-5Bountygetpython3, infosec, info-sec-writeups, bug-bounty, penetration-testing26-Aug-2024
From Developer to Hacker — Entering the Red teamhttps://medium.com/@jonathanmondaut/from-developer-to-hacker-entering-the-red-team-8b50989b9464?source=rss------bug_bounty-5Jonathan Mondautbug-bounty, youtube, networking, twitter, cybersecurity26-Aug-2024
New Malware Uses PHP Exploit to Backdoor Windows Systems - Stay Informed!https://medium.com/@realahmedmoses/new-malware-uses-php-exploit-to-backdoor-windows-systems-stay-informed-8df12e89391a?source=rss------bug_bounty-5Moses Ahmedtechnology, bug-bounty, data-science, cybersecurity, programming26-Aug-2024
Password Reset Glitch Leads to Instant Account Takeoverhttps://bevijaygupta.medium.com/password-reset-glitch-leads-to-instant-account-takeover-a4e67b667eaf?source=rss------bug_bounty-5Vijay Guptavulnerability, reset, bug-bounty, passwords, glitch26-Aug-2024
DNS enumeration methodology and techniqueshttps://systemweakness.com/dns-enumeration-methodology-and-techniques-1945fa4164fd?source=rss------bug_bounty-5Harsh Hatejkali-linux, cybersecurity, linux, subdomains-enumeration, bug-bounty26-Aug-2024
Account Take Over | P1 — Criticalhttps://irsyadsec.medium.com/account-take-over-p1-critical-5468ce8218b9?source=rss------bug_bounty-5Irsyad Muhammad Fawwazwriteup, bugcrowd, bug-bounty, cybersecurity, bug-bounty-tips26-Aug-2024
Understanding Robots.txt: The Key to Managing Web Crawlershttps://medium.com/@kanishk.k1410/understanding-robots-txt-the-key-to-managing-web-crawlers-04eda892ec92?source=rss------bug_bounty-5Kanishk Kumarinformation-technology, investigation, cybersecurity, osint, bug-bounty26-Aug-2024
Hacking My College panel using University Website Like a Prohttps://medium.com/@RaunakGupta1922/hacking-my-college-panel-using-university-website-like-a-pro-9dd075133dce?source=rss------bug_bounty-5Raunak Gupta Aka Biscuithacking, bugbounty-writeup, college, cybersecurity, bug-bounty26-Aug-2024
Exposing Hidden Risks: Uncovering Sensitive Data on a Government Website using Google Dorkshttps://medium.com/@sulmanfarooq531/exposing-hidden-risks-uncovering-sensitive-data-on-a-government-website-using-google-dorks-51748e4f3695?source=rss------bug_bounty-5Sulman Farooq Scybersecurity, government, google-dork, google, bug-bounty26-Aug-2024
“Like” Bypass on Customer Reviews — €500 bountyhttps://medium.com/@asharm.khan7/like-bypass-on-customer-reviews-500-bounty-b8d45a98c096?source=rss------bug_bounty-5Ashar Mahmoodhacking-for-defense, ethical-hacking, bug-bounty, bug-bounty-tips, hacking26-Aug-2024
Best Attack Surface Visualization Toolshttps://netlas.medium.com/best-attack-surface-visualization-tools-8034e681807d?source=rss------bug_bounty-5Netlas.iobug-bounty, penetration-testing, attack-surface, cybersecurity, attack-surface-management26-Aug-2024
Meet Dobby: Your New Bug Bounty Assistanthttps://medium.com/@h3llbl4ckk/meet-dobby-your-new-bug-bounty-assistant-f5bebfeb7607?source=rss------bug_bounty-5Mehmet Kayacybersecurity, github, open-source, hacking, bug-bounty26-Aug-2024
Account Takeover (Same OTP)https://medium.com/@raxomara/account-takeover-same-otp-81bfba35d9b3?source=rss------bug_bounty-5Raxomaraaccount-takeover, bug-bounty-tips, cybersecurity, bug-bounty, race-condition26-Aug-2024
WebSec — CSRF/XSRF (Cross-Site Request Forgery)https://medium.com/@meryemddalgali/websec-csrf-xsrf-cross-site-request-forgery-6c048c6323d1?source=rss------bug_bounty-5Meryem Dalgalıbug-bounty, web-security, xsrf, csrf-attack, vulnerability26-Aug-2024
24.12 Lab: Cache key injection vulnerabilitieshttps://cyberw1ng.medium.com/24-12-lab-cache-key-injection-vulnerabilities-22429a13eebf?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, cybersecurity, penetration-testing26-Aug-2024
Day 18 of 30 Days — 30 Vulnerabilities | Insecure Deserializationhttps://medium.com/@kumawatabhijeet2002/day-18-of-30-days-30-vulnerabilities-insecure-deserialization-29656c0d212a?source=rss------bug_bounty-5Abhijeet kumawatserialization, insecure-design, 30dayswritingchallenge, bug-bounty-tips, bug-bounty26-Aug-2024
How I was able to give verification badge to any YouTube channel and bypass needed requirementshttps://xtt0k.medium.com/how-i-was-able-to-give-verification-badge-to-any-youtube-channel-and-bypass-needed-requirements-b88855afe4b7?source=rss------bug_bounty-5Vojtech Cekalyoutube, bug-bounty, bounty-hunter, bugs, vulnerability26-Aug-2024
OSINT, ChatGPT, and Password Spraying to Takeover System Administrator Accounthttps://medium.com/@mmaulanaabdullah/osint-chatgpt-and-password-spraying-to-takeover-system-administrator-account-b0a6295edbbc?source=rss------bug_bounty-5M Maulana Abdullahcybersecurity, infosec, chatgpt, ai, bug-bounty26-Aug-2024
How I found XSS and open redirect in Kamiapp.com accidentallyhttps://medium.com/@alimuhammadsecured/how-i-found-xss-and-open-redirect-in-kamiapp-com-accidentally-2ff0d3c2b61b?source=rss------bug_bounty-5Alimuhammadsecuredbbp, ctf, bug-bounty, hacking26-Aug-2024
How do I chain multiple Nuclei templates together in a single scan?https://medium.com/@sherlock297/how-do-i-chain-multiple-nuclei-templates-together-in-a-single-scan-621a3fb8787f?source=rss------bug_bounty-5Ravindra Dagalelinux, bug-bounty, how-to, cybersecurity, tips25-Aug-2024
How to get your first valid bug by reading disclosed reportshttps://anonysm.medium.com/how-to-get-your-first-valid-bug-by-reading-disclosed-reports-2663c9987bf3?source=rss------bug_bounty-5Muthu Dcybersecurity, ethical-hacking, bug-bounty, hacking, penetration-testing25-Aug-2024
Bypass Brute-force IP Blockhttps://icecream23.medium.com/bypass-brute-force-ip-block-870a4329c3be?source=rss------bug_bounty-5Aman Bhuiyanethical-hacking, bypassing, ip, bug-bounty25-Aug-2024
The Evolution of Phishing Attacks: A Growing Cybersecurity Challengehttps://medium.com/@paritoshblogs/the-evolution-of-phishing-attacks-a-growing-cybersecurity-challenge-800b0eeacf00?source=rss------bug_bounty-5Paritoshphishing, hacking, social-media, cybersecurity, bug-bounty25-Aug-2024
Vulnerable WordPress July 2024 (Ash-e_doogh)https://medium.com/@onhexgroup/vulnerable-wordpress-july-2024-ash-e-doogh-c7e71d7d94d5?source=rss------bug_bounty-5Onhexgroupwordpress-security, wordpress, bug-bounty, cybersecurity, infosec25-Aug-2024
Finding origin ip addresshttps://systemweakness.com/finding-origin-ip-address-672ca2e2967b?source=rss------bug_bounty-5loyalonlytodaybugbounty-writeup, bug-bounty, bug-bounty-tips, hacking, penetration-testing25-Aug-2024
Explore Koii Network’s DEPIN world with a $10,000 Bug Bounty rewardhttps://medium.com/coinmonks/explore-koii-networks-depin-world-with-a-10-000-bug-bounty-reward-6a57a5450a44?source=rss------bug_bounty-5xeefoxai, koii, depin, koii-network, bug-bounty25-Aug-2024
Defensive Strategies and Best Practices to Protect Against Web Cache Poisoninghttps://cyberw1ng.medium.com/defensive-strategies-and-best-practices-to-protect-against-web-cache-poisoning-7d9b855658c7?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, bug-bounty, penetration-testing, careers25-Aug-2024
HOW TO START IN BUG BOUNTY HUNTINGhttps://medium.com/@gouravrathod8788/how-to-start-in-bug-bounty-hunting-848f5c74807f?source=rss------bug_bounty-5Gourav Singh Rajputcybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty25-Aug-2024
TOP USEFUL CYBR SECURITY & BUG HUNTING TOOLhttps://medium.com/@gouravrathod8788/top-useful-cybr-security-bug-hunting-tool-de9ae281e12f?source=rss------bug_bounty-5Gourav Singh Rajputcybersecurity, hacking-tools, bug-bounty, ethical-hacking, hacking25-Aug-2024
Solving the Prompt Airlines CTFhttps://infosecwriteups.com/solving-the-prompt-airlines-ctf-2235c725050b?source=rss------bug_bounty-5hackerdevilbug-bounty, ctf, ctf-writeup, promptairlines, cybersecurity25-Aug-2024
Hitting the jackpot with RCE!https://medium.com/@gokulsspace/hitting-the-jackpot-with-rce-43755cac1415?source=rss------bug_bounty-5Gokulsspacepentesting, cybersecurity, kerala, ethical-hacking, bug-bounty25-Aug-2024
How I was able to Edit/Read Users Workspaces/Data without any access to ithttps://medium.com/@octayus/how-i-was-able-to-edit-read-users-workspaces-data-without-any-access-to-it-aed616dbde8e?source=rss------bug_bounty-5OctaYusinformation-technology, cybersecurity, infosec, bug-bounty, bounty-program25-Aug-2024
How I got $24000 Bounty from a Log4j RCE in Apple App Store.https://medium.com/@meharhuzaifa777/exploiting-log4j-rce-in-apple-app-store-ca99a549de1f?source=rss------bug_bounty-5Meharhuzaifacybersecurity, bug-bounty-writeup, ethical-hacking, bug-bounty25-Aug-2024
Intruder + Frida to Account Takeoverhttps://medium.com/@bilalresearcher/intruder-frida-to-account-takeover-548d4dd785ef?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-writeup, cybersecurity, bugbounty-writeup, hacking25-Aug-2024
Using E-Notation to bypass Access Control restrictions to access arbitrary user PII-discussionshttps://medium.com/@bilalresearcher/using-e-notation-to-bypass-access-control-restrictions-to-access-arbitrary-user-pii-discussions-d16bbad42394?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, idor, hacking, cybersecurity, bug-bounty25-Aug-2024
PwnOS-1 Walkthroughhttps://erdemstar.medium.com/pwnos-1-walkthrough-fec01bd0e8d4?source=rss------bug_bounty-5Erdemstarbug-bounty, oscp-preparation, oscp, cybersecurity, security25-Aug-2024
Kioptrix Level 4 Walkthroughhttps://erdemstar.medium.com/kioptrix-level-4-walkthrough-96d46095c789?source=rss------bug_bounty-5Erdemstaroscp-preparation, bug-bounty-tips, oscp, cybersecurity, bug-bounty25-Aug-2024
LOLbins / LOLBAS Attack !https://medium.com/@reemmoslem34/lolbins-lolbas-attack-006aad1ac364?source=rss------bug_bounty-5Rem Khalidbug-bounty, cybersecurity, malware, python, cryptocurrency25-Aug-2024
What Really Provides Security in the Cloud?https://medium.com/@paritoshblogs/what-really-provides-security-in-the-cloud-2f0cc83d113a?source=rss------bug_bounty-5Paritoshinformation-technology, bug-bounty, information-security, cybersecurity, infosec24-Aug-2024
Practical Bug Bounty — TCM Academy | Module 8https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-8-44663b4f87e3?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamisqli, bug-bounty, sql-injection, tcm-academy, web-penetration-testing24-Aug-2024
Cross-Site Origin Policy (CORS)https://itsravikiran25.medium.com/cross-site-origin-policy-cors-c82e4b0208f8?source=rss------bug_bounty-5Ravikiraninfosec-write-ups, vulnerability-assessment, cybersecurity, bug-bounty, cors24-Aug-2024
Exploiting Privilege Escalation via Role Parameter Manipulationhttps://medium.com/@tusharpuri6/exploiting-privilege-escalation-via-role-parameter-manipulation-5f8df062eb71?source=rss------bug_bounty-5Tusharpuripenetration-testing, offensive-security, privilege-escalation, application-security, bug-bounty24-Aug-2024
MASS HUNTING TO FIND XSS(CROSS SITE SCRIPTING)https://systemweakness.com/mass-hunting-to-find-xss-cross-site-scripting-27cc687e58e0?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, xss-vulnerability, bugbounty-automation, bug-bounty, bug-bounty-tips24-Aug-2024
Unleash Your Inner Hacker with Koii’s $10,000 Bug Bounty Challengehttps://medium.com/nest-of-rin/unleash-your-inner-hacker-with-koiis-10-000-bug-bounty-challenge-d37c23969df1?source=rss------bug_bounty-5Rinkoii-network, koii, developer, hackathons, bug-bounty24-Aug-2024
Top 5 Vulnerabilities That Can Earn You Big in Bug Bountieshttps://medium.com/@verylazytech/top-5-vulnerabilities-that-can-earn-you-big-in-bug-bounties-4541878d7e19?source=rss------bug_bounty-5Very Lazy Techethical-hacking, cybersecurity, hacking, bug-bounty, cyber24-Aug-2024
What I Learned from Reading 217* Subdomain Takeover Bug Reportshttps://bevijaygupta.medium.com/what-i-learned-from-reading-217-subdomain-takeover-bug-reports-5c6caae2b5da?source=rss------bug_bounty-5Vijay Guptasubdomain, bugs, bug-report, subdomain-takeover, bug-bounty24-Aug-2024
Reset password Checklisthttps://medium.com/@hozayfan782/reset-password-checklist-1ebabdd6c0f3?source=rss------bug_bounty-5Hozayfa Nasserbug-bounty, bug-bounty-writeup, bug-bounty-tips, cybersecurity, research24-Aug-2024
How do I run Nuclei in silent mode to avoid unnecessary output?https://medium.com/@sherlock297/how-do-i-run-nuclei-in-silent-mode-to-avoid-unnecessary-output-25fbb9d2e26d?source=rss------bug_bounty-5Ravindra Dagalenucleus, information-security, bug-bounty, output, how-to24-Aug-2024
Unauthorized Deletion of Forms by Low-Level Unlicensed Users: A 500$ Access Control Bughttps://medium.com/@a13h1/unauthorized-deletion-of-forms-by-low-level-unlicensed-users-a-500-access-control-bug-98dc50c8c193?source=rss------bug_bounty-5Abhi Sharmaprogramming, bug-bounty, infosec, cybersecurity, access-control24-Aug-2024
Essential Resources for Exploiting Web Cache Poisoning: Tools, Techniques, and Learning Materialshttps://cyberw1ng.medium.com/essential-resources-for-exploiting-web-cache-poisoning-tools-techniques-and-learning-materials-cbbef5221392?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, penetration-testing, cybersecurity, bug-bounty24-Aug-2024
Beware of fake bug bounty programs, my real life experiencehttps://harish45.medium.com/beware-of-fake-bug-bounty-programs-my-real-life-experience-ce009d435ed8?source=rss------bug_bounty-5Harishbug-bounty, cybersecurity-awareness, cybersecurity, ethical-hacking, bug-bounty-tips24-Aug-2024
Find Bugs From Google Dorkshttps://ch44nd.medium.com/find-bugs-from-google-dorks-ec574c01471b?source=rss------bug_bounty-5Chandan dasbug-bounty, information-disclosure, bugs, hacking, google-dork24-Aug-2024
One-click Account Take Overhttps://medium.com/@bilalresearcher/one-click-account-take-over-50e4128c990d?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, hacking, bug-bounty-tips, bugbounty-writeup, bug-bounty24-Aug-2024
0-click Full Account Takeoverhttps://medium.com/@bilalresearcher/0-click-full-account-takeover-0ddc951e14ae?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, bug-bounty, hacking, bug-bounty-tips, bugbounty-writeup24-Aug-2024
Drupal Website Takeover | Admin Dashboardhttps://medium.com/@bilalresearcher/drupal-website-takeover-admin-dashboard-6ae4a34d0689?source=rss------bug_bounty-5Bilal Researcherhacking, bug-bounty-writeup, bug-bounty-tips, bugbounty-writeup, bug-bounty24-Aug-2024
STRIPE Live Key Exposed:: Bounty: $1000https://medium.com/@bilalresearcher/stripe-live-key-exposed-bounty-1000-57018f1d4520?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-writeup, bug-bounty-program, hacking, bug-bounty-tips24-Aug-2024
[GraphQL IDOR]Leaking credit card information of 1000s of users [External Audit]https://medium.com/@bilalresearcher/graphql-idor-leaking-credit-card-information-of-1000s-of-users-external-audit-1404256b761f?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, hacking, bugbounty-writeup, bug-bounty-tips, bug-bounty24-Aug-2024
Exposing Database Creds via SVN: A $400 Discoveryhttps://medium.com/@bilalresearcher/exposing-database-creds-via-svn-a-400-discovery-fa7c2de288bf?source=rss------bug_bounty-5Bilal Researcherbug-bounty-tips, bug-bounty-writeup, bug-bounty, hacking, bugbounty-writeup24-Aug-2024
SQL Injections for bug bountyhttps://medium.com/@boogsta/sql-injections-for-bug-bounty-3a608babd9b1?source=rss------bug_bounty-5Boogstahacking, bug-bounty, cybersecurity, programming, cyber24-Aug-2024
Chain of Rate Limit Bypass and Weak Token Expiry Leads To Account Take Overhttps://medium.com/@bilalresearcher/chain-of-rate-limit-bypass-and-weak-token-expiry-leads-to-account-take-over-0cf794fef31c?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-writeup, bugbounty-writeup, bug-bounty-tips, hacking24-Aug-2024
CSRF Bypass Combined with IDOR To Complete Account Takeover!https://medium.com/@bilalresearcher/csrf-bypass-combined-with-idor-to-complete-account-takeover-588b34b9cf60?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, bug-bounty-tips, bug-bounty, hacking, bugbounty-writeup24-Aug-2024
User information disclosure via message reactionshttps://medium.com/@bilalresearcher/user-information-disclosure-via-message-reactions-affc72cfd8de?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, hacking, bug-bounty-writeup, bug-bounty-tips, bug-bounty24-Aug-2024
IDOR Lead to Data Leakhttps://medium.com/@bilalresearcher/idor-lead-to-data-leak-6943ade0a3d6?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-tips, bugbounty-writeup, bug-bounty-writeup, hacking24-Aug-2024
XSS & IDOR & CSRF to ATOhttps://medium.com/@bilalresearcher/xss-idor-csrf-to-ato-0e898876789d?source=rss------bug_bounty-5Bilal Researcherbug-bounty-tips, bug-bounty-writeup, hacking, bugbounty-writeup, bug-bounty24-Aug-2024
How I Turned a Rate-Limit Bypass into an Account Takeoverhttps://medium.com/@bilalresearcher/how-i-turned-a-rate-limit-bypass-into-an-account-takeover-5a50b0f4dc6a?source=rss------bug_bounty-5Bilal Researcherbug-bounty-tips, bugbounty-writeup, bug-bounty-writeup, hacking, bug-bounty24-Aug-2024
$$$ Bypassing SSRF Restrictions on a Google Product: A Journey Through DNS Rebindinghttps://medium.com/@bilalresearcher/bypassing-ssrf-restrictions-on-a-google-product-a-journey-through-dns-rebinding-caaf00ebe479?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, bug-bounty-writeup, bug-bounty-tips, bug-bounty, hacking24-Aug-2024
Discovering a Session Persistence Vulnerability That Led to a $$$$ Bountyhttps://medium.com/@bilalresearcher/discovering-a-session-persistence-vulnerability-that-led-to-a-bounty-bbf3dd526f01?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, bug-bounty-tips, hacking, bug-bounty-writeup, bug-bounty24-Aug-2024
Bypassing methods that I used to find CSRF vulnerabilitieshttps://medium.com/@bilalresearcher/bypassing-methods-that-i-used-to-find-csrf-vulnerabilities-0709cc8a3c4d?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, bugbounty-writeup, bug-bounty, bug-bounty-tips, hacking24-Aug-2024
Mobile Pentesting: A Walkthrough of the First 10 Challenges on Injured Android App-Part1https://medium.com/@mly57003/mobile-pentesting-a-walkthrough-of-the-first-10-challenges-on-injured-android-app-part1-0e85c600494f?source=rss------bug_bounty-5mohamed alibug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-hunter24-Aug-2024
Can AI and ML Stop Cyber Attacks?https://medium.com/@paritoshblogs/can-ai-and-ml-stop-cyber-attacks-291c6425d0e8?source=rss------bug_bounty-5Paritoshai, cybersecurity, machine-learning, bug-bounty, chatgpt23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-81)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-81-833084004f21?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking, money, cybersecurity, hacking23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-80)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-80-ae2ad3c7f971?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, bug-bounty, hacking, money23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-79)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-79-415c1bd4f7c3?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, hacking, money, ethical-hacking, cybersecurity23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-78)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-78-85e87ffc94f9?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking, money, cybersecurity, hacking23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-77)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-77-b9b1354812cc?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, bug-bounty, cybersecurity, money, hacking23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-76)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-76-07a4d8f583c0?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, bug-bounty, cybersecurity, skills, hacking23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-75)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-75-8d5930bd46dc?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, skills, hacking, ethical-hacking, bug-bounty23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-74)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-74-778fd4767e52?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, bug-bounty, ethical-hacking, hacking, skills23-Aug-2024
Elevate Your Cybersecurity Skills with Expert Training and Penetration Testing!https://imranthe3rd3ye.medium.com/elevate-your-cybersecurity-skills-with-expert-training-and-penetration-testing-b16e8b122642?source=rss------bug_bounty-5Md. Imran Chowdhurylearn-hacking, ethical-hacking, penetration-testing, kali-linux, bug-bounty23-Aug-2024
Monitoring Gists for secrets with Trufflehoghttps://medium.com/@learntheshell/monitoring-gists-with-trufflehog-612b7d9dbab5?source=rss------bug_bounty-5LearnTheShellgithub, git, bug-bounty, trufflehog, bug-bounty-tips23-Aug-2024
Hidden in Plain Sight: Uncovering RCE on a Forgotten Axis2 Instancehttps://medium.com/@domenicoveneziano/hidden-in-plain-sight-uncovering-rce-on-a-forgotten-axis2-instance-86ddc91f1415?source=rss------bug_bounty-5Domenico Venezianobug-bounty-tips, bug-bounty-writeup, bug-bounty23-Aug-2024
Finally, SSL Pinning for Flutter Bypassed After Frustration..https://wahaz.medium.com/finally-ssl-pinning-for-flutter-bypassed-after-frustration-4573e15ed18e?source=rss------bug_bounty-5Rizaldi Wahazbug-bounty, cybersecurity, hacking, flutter, penetration-testing23-Aug-2024
How I Got an Appreciation Letter from NASA for Finding a Simple Bughttps://infosecwriteups.com/how-i-got-an-appreciation-letter-from-nasa-for-finding-a-simple-bug-8812852d0337?source=rss------bug_bounty-5Om Arorabug-bounty, programming, technology, cybersecurity, infosec23-Aug-2024
Web Cache Poisoning: Understanding the Threat and How to Protect Your Websitehttps://cyberw1ng.medium.com/web-cache-poisoning-understanding-the-threat-and-how-to-protect-your-website-82ebaba2f0e8?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, hacking, careers, bug-bounty23-Aug-2024
Day 16 of 30 Days — 30 Vulnerabilities | Subdomain Takeoverhttps://medium.com/@kumawatabhijeet2002/day-16-of-30-days-30-vulnerabilities-subdomain-takeover-01088ad1d525?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, subdomain-takeover, bug-bounty, 30dayswritingchallenge23-Aug-2024
how i got into the server of our university.https://medium.com/@mesterx54/how-i-got-into-the-server-of-our-university-aae2782bcc64?source=rss------bug_bounty-5Abdeladime Mk (mesterx54)bug-bounty, rce, bug-bounty-tips, sqli, pentesting23-Aug-2024
Stealing Admin Cookies: An XSS Challenge from TCM Security’s Practical Bug Bounty Coursehttps://medium.com/@trixiahorner/stealing-admin-cookies-an-xss-challenge-from-tcm-securitys-practical-bug-bounty-course-b08a990cca84?source=rss------bug_bounty-5Trixia Hornerpenetration-testing, ethical-hacking, hacking, cybersecurity, bug-bounty23-Aug-2024
Boost Subdomain Discovery with Subfinder and API Integrationshttps://saurabh-jain.medium.com/integrating-shodan-and-censys-api-keys-into-subfinder-c28452af2efb?source=rss------bug_bounty-5Saurabh Jainbug-bounty-writeup, bug-bounty, subdomains-enumeration, subfinder, hacking23-Aug-2024
Response Manipulation FTW: Understanding and Exploiting Response Manipulationhttps://medium.com/@security.tecno/response-manipulation-ftw-understanding-and-exploiting-response-manipulation-6ad2d81f2eb4?source=rss------bug_bounty-5TECNO Securitysecurity, reserach, hacking, bug-bounty22-Aug-2024
10 Secrets Ethical Hackers Don’t Want You to Know (But We’re Revealing Them Anyway!)https://medium.com/@paritoshblogs/10-secrets-ethical-hackers-dont-want-you-to-know-but-we-re-revealing-them-anyway-094ca920c3d8?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, hacking, information-technology, ethical-hacking22-Aug-2024
CORRUPT SEBI INDIA JEOPARDIZING DIRECTOES FINANCIAL INFO, ZOMATO BUG BOUNTY HACKERONE FRAUDhttps://medium.com/@krivadna_87390/corrupt-sebi-india-jeopardizing-directoes-financial-info-zomato-bug-bounty-hackerone-fraud-f27145ccfad8?source=rss------bug_bounty-5Krivadnaandroid, social-media, bug-bounty, cybersecurity, bugbounty-writeup22-Aug-2024
Grep tips for Javascript Analysis | Bug Bountyhttps://0xmaruf.medium.com/grep-tips-for-javascript-analysis-bug-bounty-7dce88266121?source=rss------bug_bounty-5Md Maruf Hosan (0xMaruf)cybersecurity, bug-bounty-tips, bug-bounty22-Aug-2024
TESLA MOTORS VIN NUMBER LEAK THROUGH IT’S API ENDPOINT, THEY CALL IT NO SECURITY IMPACT..https://medium.com/@krivadna_87390/tesla-motors-vin-number-leak-through-its-api-endpoint-they-call-it-no-security-impact-bb30fb5f1314?source=rss------bug_bounty-5Krivadnaandroid, bug-bounty, penetration-testing, bugbounty-writeup, cybersecurity22-Aug-2024
CORRUPT SEBI INDIA JEOPARDIZING DIRECTOR'S FINANCIAL INFO • PAN NUMBER LEAK ZOMATO BUG BOUNTY…https://medium.com/@krivadna_87390/corrupt-sebi-india-jeopardizing-directoes-financial-info-zomato-bug-bounty-hackerone-fraud-f27145ccfad8?source=rss------bug_bounty-5Krivadnaandroid, social-media, bug-bounty, cybersecurity, bugbounty-writeup22-Aug-2024
Exposing Source Code via SVN: A $400 Discoveryhttps://infosecwriteups.com/exposing-source-code-via-svn-a-400-discovery-9fc54b3f3f31?source=rss------bug_bounty-5Vipul Sahubug-bounty-tips, bug-bounty, information-security, cybersecurity22-Aug-2024
安全賞金計劃來了,獎金最高達¥6000!https://medium.com/@AdsPowerHK/%E5%AE%89%E5%85%A8%E8%B3%9E%E9%87%91%E8%A8%88%E5%8A%83%E4%BE%86%E4%BA%86-%E7%8D%8E%E9%87%91%E6%9C%80%E9%AB%98%E9%81%94-6000-672c3dcf1483?source=rss------bug_bounty-5AdsPower 指紋瀏覽器adspower, 指纹浏览器, 漏洞, bug-bounty, 指纹浏览器ip22-Aug-2024
Automating the Hunt for Reflected XSS: Essential One-Liners for Web Securityhttps://medium.com/@garvsanwariya60/automating-the-hunt-for-reflected-xss-essential-one-liners-for-web-security-025bbd82f95d?source=rss------bug_bounty-5Garvsanwariyaxss-attack, cybersecurity, hacking, web-security, bug-bounty22-Aug-2024
Instagram and Meta 2FA Bypass by Unprotected Backup Code Retrieval in Accounts Centerhttps://medium.com/@scriptshuva/instagram-and-meta-2fa-bypass-by-unprotected-backup-code-retrieval-in-accounts-center-c735ff650f10?source=rss------bug_bounty-5Shuva Sahabug-bounty-writeup, bug-bounty, facebook-bug-bounty, 2fa-bypass, meta-bug-bounty22-Aug-2024
Exposing Database Creds via SVN: A $400 Discoveryhttps://infosecwriteups.com/exposing-source-code-via-svn-a-400-discovery-9fc54b3f3f31?source=rss------bug_bounty-5Vipul Sahubug-bounty-tips, bug-bounty, information-security, cybersecurity22-Aug-2024
How I can easily get four P1 at NASA using Simple Google Dorking.https://k4tedu.medium.com/how-i-can-easily-get-four-p1-at-nasa-using-simple-google-dorking-d4457bec1971?source=rss------bug_bounty-5k4tedubug-bounty, dorking, penetration-testing, nasa-vdp, pentest-web22-Aug-2024
WebSec — SSTI (Server Site Template Injection)https://medium.com/@meryemddalgali/websec-ssti-server-site-template-injection-1a9603caa51e?source=rss------bug_bounty-5Meryem Dalgalıvulnerability, application-security, bug-bounty, pentest-learnings, web-security22-Aug-2024
Bypassing methods that I used to find CSRF vulnerabilitieshttps://anonysm.medium.com/bypassing-methods-that-i-used-to-find-csrf-vulnerabilities-b7dbf88cdb0a?source=rss------bug_bounty-5Muthu Dcybersecurity, ethical-hacking, hacking, bug-bounty, penetration-testing22-Aug-2024
How I Found Vulnerabilities in NASA and Got into the Hall of Fame — 4 Bugshttps://infosecwriteups.com/how-i-found-vulnerabilities-in-nasa-and-got-into-the-hall-of-fame-4-bugs-78e0fc4cc5cc?source=rss------bug_bounty-5Karthikeyan Nagarajhall-of-fame, careers, cybersecurity, bug-bounty, hacking22-Aug-2024
Easy Bug | Email Spoofinghttps://saeidmicro.medium.com/easy-bug-email-spoofing-5d1bfc1a885e?source=rss------bug_bounty-5Saeid Khaterbug-bounty22-Aug-2024
Blind SSRFhttps://saeidmicro.medium.com/blind-ssrf-ee5f0e6ed86f?source=rss------bug_bounty-5Saeid Khaterbug-bounty22-Aug-2024
Battle of the Web Security Titans: Burp Suite vs. OWASP ZAPhttps://shaifsec.medium.com/battle-of-the-web-security-titans-burp-suite-vs-owasp-zap-e3da58d36203?source=rss------bug_bounty-5Shaif Alipenetration-testing, bug-bounty, web-security, cybersecurity, shaifsec22-Aug-2024
Advanced Web Cache Poisoning Techniques (Part 2): Tools, Methods, and Exploitshttps://medium.com/@dsmodi484/advanced-web-cache-poisoning-techniques-part-2-tools-methods-and-exploits-d35619d4bd75?source=rss------bug_bounty-5Dishant Modiresources, vulnerability, web-cache-poisoning, bug-bounty, methodology21-Aug-2024
Secrets of Red Teaming: Must-Know Tips and Tricks for Beginners!https://medium.com/@paritoshblogs/secrets-of-red-teaming-must-know-tips-and-tricks-for-beginners-7a0dbf8eb021?source=rss------bug_bounty-5Paritoshred-teaming, hacking, bug-bounty, pentesting, cybersecurity21-Aug-2024
Beyond the Login The Path Traversal Attackhttps://medium.com/@rajqureshi07/beyond-the-login-the-path-traversal-attack-30c1cfc09b3a?source=rss------bug_bounty-5Raj Qureshibug-bounty, information-technology, infosec, bug-bounty-tips, information-security21-Aug-2024
Deploying Rust Smart Contractshttps://medium.com/@bugbountydegen/deploying-rust-smart-contracts-7a22e04c4cd9?source=rss------bug_bounty-5bugbountydegenrust, bug-bounty, smart-contract-security, blockchain21-Aug-2024
Forging a Path to Account Takeover: Copy Password Reset Link Vulnerability worth $$$$.https://medium.com/@bilalresearcher/forging-a-path-to-account-takeover-copy-password-reset-link-vulnerability-worth-3135c3df60d6?source=rss------bug_bounty-5Bilal Researcherbug-bounty-tips, bug-bounty-writeup, bug-bounty, hacking, cybersecurity21-Aug-2024
[Account Take Over] through reset password token leaked in response, 2500 € Rewardhttps://medium.com/@bilalresearcher/account-take-over-through-reset-password-token-leaked-in-response-2500-reward-97cc22d0b65d?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-writeup, cybersecur, hacking, bugbounty-writeup21-Aug-2024
Discovering a $5000 RCE via Dependency Confusion Vulnerabilityhttps://medium.com/@bilalresearcher/discovering-a-5000-rce-via-dependency-confusion-vulnerability-9a1cd88ddb0c?source=rss------bug_bounty-5Bilal Researcherbug-bounty, cybersecurity, hacking, bug-bounty-tips, bug-bounty-writeup21-Aug-2024
A Simple 2FA Bypasshttps://medium.com/@bilalresearcher/a-simple-2fa-bypass-368a2861c6df?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, bug-bounty, hacking, bug-bounty-tips, cybersecurity21-Aug-2024
Account Takeover using IDOR in Password reset Functionalityhttps://medium.com/@bilalresearcher/account-takeover-using-idor-in-password-reset-functionality-b736a85f4f02?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bugbounty-writeup, cybersecurity, info-sec-writeups, bug-bounty-writeup21-Aug-2024
How I got my first $13500 bounty through Parameter Polluting (HPP)https://medium.com/@bilalresearcher/how-i-got-my-first-13500-bounty-through-parameter-polluting-hpp-237bd8cdfeff?source=rss------bug_bounty-5Bilal Researcherbug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty, cybersecurity21-Aug-2024
Authorization bypass due to cache misconfigurationhttps://rikeshbaniya.medium.com/authorization-bypass-due-to-cache-misconfiguration-fde8b2332d2d?source=rss------bug_bounty-5Rikesh Baniyasecurity-research, bug-bounty-writeup, hackerone, bug-bounty-tips, bug-bounty21-Aug-2024
The Future of Web Cache Poisoning Defense: Anticipating New Threats and Adopting Next-Generation…https://cyberw1ng.medium.com/the-future-of-web-cache-poisoning-defense-anticipating-new-threats-and-adopting-next-generation-56a62d115bcd?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, penetration-testing, bug-bounty, hacking21-Aug-2024
Race Condition on Likes of Product Leads to Products can appear more popularhttps://medium.com/@omdubey170/race-condition-on-likes-of-product-leads-to-products-can-appear-more-popular-a39038d16203?source=rss------bug_bounty-5Omdubeycache, bug-bounty-tips, security, bug-bounty, race-condition21-Aug-2024
Authorization bypass due to cache misconfigurationhttps://medium.com/@bilalresearcher/authorization-bypass-due-to-cache-misconfiguration-7407aa1c6374?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, bug-bounty-writeup, bug-bounty, hacking, cybersecurity21-Aug-2024
Day 15 of 30 Days — 30 Vulnerabilities | ClickJackinghttps://medium.com/@kumawatabhijeet2002/day-15-of-30-days-30-vulnerabilities-clickjacking-33e38c25d528?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, 30-day-challenge, bug-bounty-tips, 30dayswritingchallenge, clickjacking20-Aug-2024
Information Disclosure : 80+ Emails and LongID Disclosed !!https://pushkarhax.medium.com/information-disclosure-80-emails-and-longid-disclosed-8952e2c6978b?source=rss------bug_bounty-5Pushkar Nandwalkarbugbounty-tips, offensive-security, bug-bounty, cybersecurity, hacking20-Aug-2024
Unveiling a Critical Vulnerability: Exposing AWS Credentials in a Penetration Testhttps://notifybugme.medium.com/unveiling-a-critical-vulnerability-exposing-aws-credentials-in-a-penetration-test-2f7119a7c816?source=rss------bug_bounty-5Santosh Kumar Sha (@killmongar1996)penetration-testing, bug-bounty, ethical-hacking, security, aws20-Aug-2024
How a Lazy Bug Bounty Hunter got a place on NASA HOF ( An XSS Story).https://medium.com/@trffnsec/how-a-lazy-bug-bounty-hunter-got-a-place-on-nasa-hof-an-xss-story-e14fccc326e2?source=rss------bug_bounty-5Augustinetriffinxss-attack, bug-bounty, cybersecurity, hacking, nasa20-Aug-2024
How a Lazy Bug Bounty Hunter got a place on NASA HOF ( An XSS Story).https://medium.com/@trffnsec/how-a-lazy-bug-bounty-hunter-got-a-place-on-nasa-hof-an-xss-story-e14fccc326e2?source=rss------bug_bounty-5TrffnSecxss-attack, bug-bounty, cybersecurity, hacking, nasa20-Aug-2024
My first XSS: Reflected XSS in hidden parameterhttps://anonysm.medium.com/my-first-xss-reflected-xss-in-hidden-parameter-4142a02edfb1?source=rss------bug_bounty-5Muthu Dcybersecurity, hacking, penetration-testing, ethical-hacking, bug-bounty20-Aug-2024
cyberseReal-World Applications and Case Studies: Combating Web Cache Poisoning in Complex…https://cyberw1ng.medium.com/cybersereal-world-applications-and-case-studies-combating-web-cache-poisoning-in-complex-5bf41b0073c1?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, penetration-testing, hacking, bug-bounty20-Aug-2024
Invitation link hijacking on a bug bounty programhttps://harish45.medium.com/invitation-link-hijacking-on-a-bug-bounty-program-50d3b92d5532?source=rss------bug_bounty-5Harishhackerone, bugcrowd, bug-bounty, bug-bounty-tips, ethical-hacking20-Aug-2024
Best Directory Brute-forcing Tools for Beginner Bug Huntershttps://medium.com/@josuofficial327/best-directory-brute-forcing-tools-for-beginner-bug-hunters-3388dd97c055?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuethical-hacking, bug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup19-Aug-2024
0-click Full Account Takeoverhttps://dynnyd20.medium.com/0-click-full-account-takeover-9bb6b4d692a9?source=rss------bug_bounty-5dynnyd20cybersecurity, pentest, ato, bug-bounty, pentesting19-Aug-2024
Beyond Web Caching Vulnerabilitieshttps://medium.com/@0xAwali/beyond-web-caching-vulnerabilities-c617d8cdbb85?source=rss------bug_bounty-5Mahmoud M. Awaliweb-security, bug-bounty19-Aug-2024
Discovering a Session Persistence Vulnerability That Led to a $$$$ Bountyhttps://anonysm.medium.com/discovering-a-session-persistence-vulnerability-225e4b38e605?source=rss------bug_bounty-5Muthu Dcybersecurity, penetration-testing, infosec, bug-bounty, ethical-hacking19-Aug-2024
Advanced Techniques for Mitigating Web Cache Poisoning Attackshttps://cyberw1ng.medium.com/advanced-techniques-for-mitigating-web-cache-poisoning-attacks-8f818fd7eb00?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, cybersecurity, bug-bounty, penetration-testing19-Aug-2024
How to Bypass Company Email Feature While Creating an Accounthttps://medium.com/@josuofficial327/how-to-bypass-company-email-feature-while-creating-an-account-f792b37a231f?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binubug-bounty-hunter, cybersecurity, bug-bounty-tips, vulnerability, bug-bounty18-Aug-2024
BugBounty WriteUp — Creative thinking is our everything (Race Condition + Business Logic Error)https://medium.com/@bilalresearcher/bugbounty-writeup-creative-thinking-is-our-everything-race-condition-business-logic-error-c7cfcc6d9125?source=rss------bug_bounty-5Bilal Researcherhacking, writeup, bug-bounty, penetration-testing, programming18-Aug-2024
Bug Bounty Writeup: $2500 Reward for Session Hijack via Chained Attackhttps://medium.com/@bilalresearcher/bug-bounty-writeup-2500-reward-for-session-hijack-via-chained-attack-b5ad443bc9b9?source=rss------bug_bounty-5Bilal Researcherethical-hacking, cybersecurity, xss-attack, bug-bounty-tips, bug-bounty18-Aug-2024
How Automation Detected Default Admin Credential Worth $500https://medium.com/@bilalresearcher/how-automation-detected-default-admin-credential-worth-500-9f2c3ed460c4?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, bug-bounty, bug-bounty-tips, cybersecurity18-Aug-2024
Accessing deleted comment for $$: A Bug Bounty Writeuphttps://medium.com/@bilalresearcher/accessing-deleted-comment-for-a-bug-bounty-writeup-085e836660c1?source=rss------bug_bounty-5Bilal Researchercybersecurity, bug-bounty, writeup, bug-bounty-tips, bug-bounty-writeup18-Aug-2024
PII Disclosure Worth $750https://medium.com/@bilalresearcher/pii-disclosure-worth-750-1f9caeac484f?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-tips, bugbounty-writeup, cybersecurity, bug-bounty-writeup18-Aug-2024
Burp Suite Filtering Trick — Reducing Log Noise with TLS Pass-Throughhttps://systemweakness.com/burp-suite-filtering-trick-reducing-log-noise-with-tls-pass-through-468d00fbc7dc?source=rss------bug_bounty-5Khaleel Khanethical-hacking, infosec, bug-bounty-tips, cybersecurity, bug-bounty18-Aug-2024
Day 15 of 30 Days — 30 Vulnerabilities | ClickJackinghttps://it4chis3c.medium.com/day-15-of-30-days-30-vulnerabilities-clickjacking-592505aff54d?source=rss------bug_bounty-5It4chis3cweb-security, bug-bounty, clickjacking, 30dayswritingchallenge, bug-bounty-tips18-Aug-2024
How I Bypassed 2FA and Earned My First Bounty $$$https://anonysm.medium.com/how-i-bypassed-2fa-and-earned-my-first-bounty-3fdc58938347?source=rss------bug_bounty-5Muthu Dcybersecurity, bug-bounty, ethical-hacking, hacking, penetration-testing18-Aug-2024
SQL Vulnerability in WordPress Automatic Plugin (CVE-2024–27956)https://roadtooscp.medium.com/sql-vulnerability-in-wordpress-automatic-plugin-cve-2024-27956-3635f1d32b4e?source=rss------bug_bounty-5RoadToOSCPbug-bounty, penetration-testing, wordpress-plugins, ethical-hacking, wordpress-security18-Aug-2024
HTML Injection in Mobile App Support Ticket Form on target.techhttps://medium.com/@shobitsharma/html-injection-in-mobile-app-support-ticket-form-on-target-tech-f45d2de510af?source=rss------bug_bounty-5Shobit Sharmahtml-injection, owasp, bug-bounty, vulnerability, bug-bounty-tips18-Aug-2024
Advanced Techniques and Emerging Trends in Web Cache Poisoninghttps://cyberw1ng.medium.com/advanced-techniques-and-emerging-trends-in-web-cache-poisoning-d2c8d3807d46?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing18-Aug-2024
Title: Mastering CSRF Exploits with Port Swigger Academy Lab: How to Bypass SameSite Strict via…https://medium.com/@dsksatheesh35/title-mastering-csrf-exploits-with-port-swigger-academy-lab-how-to-bypass-samesite-strict-via-7976c3f42d12?source=rss------bug_bounty-5D Satheesh Kumarpenetration-testing, bug-bounty, csrf-attack, csrf-bypass, ctf-walkthrough18-Aug-2024
Day 14 of 30 Days — 30 Vulnerabilities | HTTP Parameter Pollution (HPP) Vulnerabilityhttps://medium.com/@kumawatabhijeet2002/day-14-of-30-days-30-vulnerabilities-http-parameter-pollution-hpp-vulnerability-6c767a9227d8?source=rss------bug_bounty-5Abhijeet kumawathttp-parameter-pollution, bug-bounty-tips, 30dayswritingchallenge, bug-bounty18-Aug-2024
XSS CHECKLISThttps://medium.com/@mehmetfarisacar/xss-checklist-a2bf18ed6992?source=rss------bug_bounty-5Mehmet Faris Acarbug-bounty, xss-vulnerability, cybersecurity, xss-attack18-Aug-2024
Day 13 of 30 Days — 30 Vulnerabilities | XML External Entity (XXE)https://medium.com/@kumawatabhijeet2002/day-13-of-30-days-30-vulnerabilities-xml-external-entity-xxe-93118ac3a167?source=rss------bug_bounty-5Abhijeet kumawatxxe-attack, 30dayswritingchallenge, xxe, bug-bounty, bug-bounty-tips17-Aug-2024
Everything about CSP (Content Security Policy)and bypassing it Like a PRO!!https://shauryasharma05.medium.com/everything-about-csp-content-security-policy-and-bypassing-it-like-a-pro-290d3b06b721?source=rss------bug_bounty-5Shaurya Sharmabugbounty-writeup, cybersecurity, bug-bounty, hacking, bug-bounty-tips17-Aug-2024
A Step-by-Step Guide to Installing and Using dirsearchhttps://medium.com/@sherlock297/a-step-by-step-guide-to-installing-and-using-dirsearch-7833d9dbe6c3?source=rss------bug_bounty-5Ravindra Dagaletools, dirsearch, bug-bounty, tips, information-technology17-Aug-2024
Targeting Hidden API Endpoints in IDOR Exploitshttps://systemweakness.com/targeting-hidden-api-endpoints-in-idor-exploits-269b6ae0f16e?source=rss------bug_bounty-5Khaleel Khaninfosec, bug-bounty, cybersecurity, hacking, bug-bounty-tips17-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-73)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-73-210a9520bff3?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, money, hacking, bug-bounty17-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-72)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-72-a2bf155d3162?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, ethical-hacking, cybersecurity, money, bug-bounty17-Aug-2024
Broken Access Control in a Crypto Trading Platform | Auth Bypass worth $$$$https://medium.com/@midnight-mihir/how-i-found-broken-access-control-in-a-crypto-trading-platform-auth-bypass-worth-b0048eb87e09?source=rss------bug_bounty-5Mihirethical-hacking, bug-bounty-tips, bug-bounty, cybersecurity17-Aug-2024
Another 1500$: CR/LF Injectionhttps://infosecwriteups.com/1500-cr-lf-injection-59152daaf413?source=rss------bug_bounty-5Abhi Sharmacrlf-injection, infosec, bug-bounty, programming, cybersecurity17-Aug-2024
Security Flaws in Privilege Downgrades: How Users Can Exploit API Keys and Privilege escalationhttps://medium.com/@Az3m/security-flaws-in-privilege-downgrades-how-users-can-exploit-api-keys-and-privilege-escalation-886b37c2344d?source=rss------bug_bounty-5Az3mbug-bounty-tips, privilege-escalation, bugs, bug-bounty17-Aug-2024
Sub-finder tool methodologyhttps://medium.com/@tharunteja725_8686/sub-finder-tool-methodology-1dcb2622b0d5?source=rss------bug_bounty-5Chidurala Tharun tejabug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty-hunter17-Aug-2024
IDOR Vulnerabilities Between Admin Privilege Users in the Same Organizationhttps://medium.com/@Az3m/idor-vulnerabilities-between-admin-privilege-users-in-the-same-organization-7718192bba0e?source=rss------bug_bounty-5Az3mbug-bounty-tips, idor, bug-bounty, idor-vulnerability17-Aug-2024
How Find Multi open redirect Bugs with Bing search enginehttps://medium.com/@Az3m/how-find-multi-open-redirect-bugs-with-bing-search-engine-14d953b707ec?source=rss------bug_bounty-5Az3mbugs, open-redirect, bug-bounty-tips, bug-bounty17-Aug-2024
Boost Your Bug Bounty Game: Get Started with Free VPS on Krutrim Cloudhttps://infosecwriteups.com/boost-your-bug-bounty-game-get-started-with-free-vps-on-krutrim-cloud-6a37444a9ce0?source=rss------bug_bounty-5Vicky Aryankrutrim-cloud, bug-bounty, vps, cloud, hacking17-Aug-2024
Understanding Web Cache Poisoning: How It Works and How to Prevent Ithttps://cyberw1ng.medium.com/understanding-web-cache-poisoning-how-it-works-and-how-to-prevent-it-55af897e1eb5?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, bug-bounty, cybersecurity, hacking17-Aug-2024
$$$ Bypassing SSRF Restrictions on a Google Product: A Journey Through DNS Rebindinghttps://anonysm.medium.com/bypassing-ssrf-restrictions-on-a-google-product-a-journey-through-dns-rebinding-a4e9d18213af?source=rss------bug_bounty-5Muthu Dbug-bounty, cybersecurity, ethical-hacking, penetration-testing, hacking17-Aug-2024
Understanding Open Redirect Vulnerabilities: A Simple Discoveryhttps://shaifsec.medium.com/understanding-open-redirect-vulnerabilities-a-simple-discovery-476a675839f7?source=rss------bug_bounty-5Shaif Aliweb-security, cybersecurity, shaifsec, penetration-testing, bug-bounty17-Aug-2024
Top 20 Open Redirect Bug Bounty Reportshttps://medium.com/@thenumberof9/top-20-open-redirect-bug-bounty-reports-610c57fb006f?source=rss------bug_bounty-5TheNumberOf-9host-redirect, bug-bounty, open-redirect, hacking, ethical-hacking16-Aug-2024
How to find a easy bug it worth $100https://medium.com/@sangamahesh650/how-to-find-a-easy-bug-it-worth-100-7485f9bf638f?source=rss------bug_bounty-5loyalonlytodaybugbounty-writeup, hacking, bug-bounty-tips, penetration-testing, bug-bounty16-Aug-2024
The Bug Bounty Billionairehttps://medium.com/@shwetapapnai783/the-bug-bounty-billionaire-acaa5e64959e?source=rss------bug_bounty-5Shweta Papnaisecurity, cybersecurity, billionaires, bug-bounty, technology16-Aug-2024
️ Reconnaissance and Vulnerability Scanning Script️https://securitycipher.medium.com/%EF%B8%8F-reconnaissance-and-vulnerability-scanning-script-%EF%B8%8F-086f4051eeba?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)cybersecurity, coding, technology, bug-bounty, hacking16-Aug-2024
Complete Guide on Attack Surface Discoveryhttps://osintteam.blog/complete-guide-on-attack-surface-discovery-d684710d6a3e?source=rss------bug_bounty-5Netlas.iobug-bounty, attack-surface, attack-surface-discovery, cybersecurity, penetration-testing16-Aug-2024
Easy Critical Bugs: Uncovering Treasure Troves in Adobe Experience Manager (AEM)https://anonysm.medium.com/easy-critical-bugs-uncovering-treasure-troves-in-adobe-experience-manager-aem-59ce8656ef9b?source=rss------bug_bounty-5Muthu Dpenetration-testing, bug-bounty, cybersecurity, pentesting, hacking16-Aug-2024
Two Factor Authentication Bypass via using Victim’s DeviceIDhttps://medium.com/@cyberpro151/two-factor-authentication-bypass-via-using-victims-deviceid-b46afb4fe7a5?source=rss------bug_bounty-5cyberpro151application-security, hacking, bug-bounty, cybersecurity, hackerone16-Aug-2024
BlackhatOps #1: A Syndicate Of Hackershttps://medium.com/@red.whisperer/blackhatops-1-a-syndicate-of-hackers-3f599f6f9c63?source=rss------bug_bounty-5Chuxcybersecurity, pentesting, red-team, bug-bounty, hacking16-Aug-2024
Forced SSO Session Fixationhttps://infosecwriteups.com/forced-sso-session-fixation-5d3b457b79cb?source=rss------bug_bounty-5Serj Novoselovbug-bounty, vulnerability, penetration-testing, information-security, writeup16-Aug-2024
24.10 Lab: Web cache poisoning to exploit a DOM vulnerability via a cache with strict cacheability…https://cyberw1ng.medium.com/24-10-lab-web-cache-poisoning-to-exploit-a-dom-vulnerability-via-a-cache-with-strict-cacheability-78d30bb559e4?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, bug-bounty, cybersecurity16-Aug-2024
500$ From Meta by reporting a HTMLi(Accidental Bug)https://armx64.medium.com/500-from-meta-by-reporting-a-htmli-accidental-bug-fef2e5a0f4c4?source=rss------bug_bounty-5A.R Maheerbug-bounty, accidental-bug16-Aug-2024
NewLine Character Cause DoS: Folder & File Deletion Flawhttps://medium.com/@bilalresearcher/newline-character-cause-dos-folder-file-deletion-flaw-2b128252720b?source=rss------bug_bounty-5Bilal Researcherinfosec, denial-of-service, programming, cybersecurity, bug-bounty16-Aug-2024
1000$ IDOR : Unauthorized Project Inclusion in Expensehttps://medium.com/@bilalresearcher/1000-idor-unauthorized-project-inclusion-in-expense-da9176a96015?source=rss------bug_bounty-5Bilal Researcherbug-bounty, cybersecurity, idor, information-security, broken-access-control16-Aug-2024
Bypass Plan Restriction & Get 350$ Bountyhttps://medium.com/@bilalresearcher/bypass-plan-restriction-get-350-bounty-105790e994cb?source=rss------bug_bounty-5Bilal Researcherprivilege-escalation, bug-bounty, cybersecurity, programming, access-control16-Aug-2024
How I Earned $469 Bounty: Bypassing Plan Restrictionhttps://medium.com/@bilalresearcher/how-i-earned-469-bounty-bypassing-plan-restriction-6c215221b6f6?source=rss------bug_bounty-5Bilal Researcheraccess-control, infosec, bug-bounty, cybersecurity, programming16-Aug-2024
$800 Improper Authorization Flaw: Unauthorized Project Reclaiming Post Transferhttps://medium.com/@bilalresearcher/800-improper-authorization-flaw-unauthorized-project-reclaiming-post-transfer-d99ee6b2708c?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-tips, idor, idor-vulnerability, cybersecurity16-Aug-2024
921$ Privilege Escalation: Unauthorized User Addition to Shared APP Connectionshttps://medium.com/@bilalresearcher/921-privilege-escalation-unauthorized-user-addition-to-shared-app-connections-681d807ccd1e?source=rss------bug_bounty-5Bilal Researcherprogramming, bug-bounty, privilege-escalation, cybersecurity, hacking16-Aug-2024
500$: MFA bypass By Race Conditionhttps://medium.com/@bilalresearcher/500-mfa-bypass-by-race-condition-8952b6718b89?source=rss------bug_bounty-5Bilal Researchercybersecurity, 2fa, programming, bug-bounty, race-condition16-Aug-2024
The UI Slip I Hit 750$: UI Manipulation Leading to Unauthorized Permission Changeshttps://medium.com/@bilalresearcher/the-ui-slip-i-hit-750-ui-manipulation-leading-to-unauthorized-permission-changes-23c544918111?source=rss------bug_bounty-5Bilal Researchercybersecurity, user-interface, programming, bug-bounty, hacking16-Aug-2024
1500$: CR/LF Injectionhttps://medium.com/@bilalresearcher/1500-cr-lf-injection-09b7ae3cfaef?source=rss------bug_bounty-5Bilal Researcherbug-bounty, crlf-injection, cybersecurity, hacking, programming16-Aug-2024
$500 for Cracking Invitation Code For Unauthorized Access & Account Takeoverhttps://medium.com/@bilalresearcher/500-for-cracking-invitation-code-for-unauthorized-access-account-takeover-b0b693b2ae47?source=rss------bug_bounty-5Bilal Researcherbug-bounty, cybersecurity, account-takeover16-Aug-2024
Exploiting phar stream wrapperhttps://rudrasarkar.medium.com/exploiting-phar-stream-wrapper-d2140592c6e7?source=rss------bug_bounty-5Rudra Sarkarsource-code-analysis, php, bug-bounty, hackthebox15-Aug-2024
Unauthorized Deletion of Reports via Folder Manipulationhttps://medium.com/@hossam_hamada/unauthorized-deletion-of-reports-via-folder-manipulation-d0760582e168?source=rss------bug_bounty-5Hossam Hamadaidor, hackerone, idor-vulnerability, bug-bounty, bugcrowd15-Aug-2024
Day 12: Mastering Server Side Request Forgery Vulnerability — Essential Tricks & Techniques Based…https://medium.com/@kumawatabhijeet2002/day-12-mastering-server-side-request-forgery-vulnerability-essential-tricks-techniques-based-21dc8b576e37?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, ssrf-bug, ssrf, ssrf-attack, bug-bounty-tips15-Aug-2024
Hacking Large Corporations: The Art and Science of Reconnaissancehttps://harshit3.medium.com/hacking-large-corporations-the-art-and-science-of-reconnaissance-1a6fc8f90616?source=rss------bug_bounty-5Harshitbug-bounty, information-technology, corporations, cybersecurity, ethical-hacking15-Aug-2024
23.7 Lab: Server-side template injection with a custom exploithttps://cyberw1ng.medium.com/23-7-lab-server-side-template-injection-with-a-custom-exploit-263dcc38653e?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, bug-bounty, cybersecurity15-Aug-2024
Fourth Layer And Attacks !https://medium.com/@reemmoslem34/fourth-layer-and-attacks-7bcdbbf6b53c?source=rss------bug_bounty-5Rem Khalidcybersecurity, security, bug-bounty15-Aug-2024
2FA Bypass - IDN Mischiefhttps://shahjerry33.medium.com/2fa-bypass-idn-mischief-157f06cb6904?source=rss------bug_bounty-5Jerry Shah (Jerry)vulnerability, bug-bounty, infosec, cybersecurity, 2fa15-Aug-2024
Cracking the Armour: Bypassed WAF using Ibrahimxss Tool for easyhttps://medium.com/@jitinyaduvanshi/cracking-the-armour-bypassed-waf-using-ibrahimxss-tool-for-easy-6867cfcd850b?source=rss------bug_bounty-5Jitinyaduvanshicybersecurity, xss-attack, bug-bounty15-Aug-2024
Swisstronik: A Blockchain Solution for Privacy and Compliance.https://medium.com/@danishkhatri023/swisstronik-a-blockchain-solution-for-privacy-and-compliance-73c662eadf7a?source=rss------bug_bounty-5Danish Khatritestnet, blockchain, gui̇de, bug-bounty, swisstronik15-Aug-2024
Protecting against multi-step SQL injections: A shield for your datahttps://medium.com/@Progsky/protecting-against-multi-step-sql-injections-a-shield-for-your-data-bf14e41dc412?source=rss------bug_bounty-5Progskybug-bounty, web-security, hacking15-Aug-2024
Passenger Information Disclosure Vulnerability Over the MQTT Protocolhttps://medium.com/@moradloo1779/passenger-information-disclosure-vulnerability-over-the-mqtt-protocol-667402289583?source=rss------bug_bounty-5Moradloobugbounty-writeup, bug-bounty, pentest15-Aug-2024
Account takeover on 8 years old public programhttps://medium.com/@pranshux0x/account-takeover-on-8-years-old-public-program-c0c0a30cfdd2?source=rss------bug_bounty-5priyanshu shakyaaccount-takeover, bug-bounty, bug-bounty-tips, hacking, vulnerability14-Aug-2024
New Bug Bounty Alerthttps://medium.com/@vic-thor/new-bug-bounty-alert-874fefd2ea6b?source=rss------bug_bounty-5victech, online, technology, cybersecurity, bug-bounty14-Aug-2024
XSS Tipleri için Test Caselerhttps://medium.com/@NadirSensoy/xss-tipleri-i%C3%A7in-test-caseler-ce006d2cd57f?source=rss------bug_bounty-5Nadir Sensoyxss-attack, bug-bounty, xss-vulnerability, cybersecurity14-Aug-2024
My journey towards Bug Bounty and Ambassador World Cup 2023 Recaphttps://bhattaraiprashant98.medium.com/my-journey-towards-bug-bounty-and-ambassador-world-cup-2023-recap-bc5fc1d00e72?source=rss------bug_bounty-5Prashant Bhattaraibug-bounty, hacking, hackerone, cybersecurity14-Aug-2024
Server-side template injection in Web App Penetration Testing | 2024https://cyberw1ng.medium.com/server-side-template-injection-in-web-app-penetration-testing-2024-67961a32cadd?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, penetration-testing, bug-bounty, hacking14-Aug-2024
Automate your Google Dorking to Find Bugshttps://mrunknown124154.medium.com/automate-your-google-dorking-to-find-bugs-f7d86dc2d279?source=rss------bug_bounty-5Mr Abdullahbug-bounty, cybersecurity, google-dorking, cyber-security-awareness, dorking14-Aug-2024
Authentication Bypass -MFA , Account Takeover…https://medium.com/@prakashchand72/authentication-bypass-mfa-account-takeover-32166aedb3b9?source=rss------bug_bounty-5ASTUTEbypass, hacking, bug-bounty, authentication-bypass, account-takeover14-Aug-2024
My journey towards Bug Bounty and Ambassador World Cup 2023 Recaphttps://g0ndaar.medium.com/my-journey-towards-bug-bounty-and-ambassador-world-cup-2023-recap-bc5fc1d00e72?source=rss------bug_bounty-5Prashant Bhattaraibug-bounty, hacking, hackerone, cybersecurity14-Aug-2024
Open S3 Buckets Through Reconnaissancehttps://offsec01.medium.com/open-s3-buckets-through-reconnaissance-920f8b35be47?source=rss------bug_bounty-5Facundo Fernandezbug-bounty-tips, bug-bounty, penetration-testing, hacking, offensive-security14-Aug-2024
A Critical 403 Bypass Vulnerability Lead to a Staging Environment with User Enumerationhttps://ay0ub-n0uri.medium.com/a-critical-403-bypass-vulnerability-lead-to-a-staging-environment-with-user-enumeration-25b94ebadcfa?source=rss------bug_bounty-5Ay0ub N0urioffensive-security, bug-bounty-tips, penetration-testing, cybersecurity, bug-bounty14-Aug-2024
How I Prevented a Data Breach by Reporting an IDOR in a System Exposing over 500,000 US Passportshttps://offsec01.medium.com/how-i-prevented-a-data-breach-by-reporting-an-idor-in-a-system-exposing-over-500-000-us-passports-bc6bec99aa3d?source=rss------bug_bounty-5Facundo Fernandezpassport, bug-bounty, penetration-testing, data-breach, hacking14-Aug-2024
Identifying and Exploiting SQL Injection Vulnerabilitieshttps://im4x.medium.com/identifying-and-exploiting-sql-injection-vulnerabilities-cdfaa90b7b04?source=rss------bug_bounty-5Ahmed Najehbug-bounty, bugs, sqlmap14-Aug-2024
Finding a easy p3 bughttps://medium.com/@sangamahesh650/finding-a-easy-p3-bug-05b54f70e14c?source=rss------bug_bounty-5loyalonlytodaybugbounty-writeup, bug-bounty-tips, penetration-testing, bug-bounty, hacking13-Aug-2024
Hidden Form Fields Reveal Test Answers for Easy Perfect Scorehttps://osintteam.blog/hidden-form-fields-reveal-test-answers-for-easy-perfect-score-c4d202416ad7?source=rss------bug_bounty-5enigmabug-bounty, ethical-hacking, penetration-testing, cybersecurity, misconfiguration13-Aug-2024
NoSQL Injection | Try Hack Mehttps://ahmed-makawi.medium.com/nosql-injection-try-hack-me-e624fa71743f?source=rss------bug_bounty-5Ahmed Makawicybersecurity, bug-bounty, it, penetration-testing, sql-injection13-Aug-2024
Role-based Privilege Escalation Worth $2000 in a bug bounty programhttps://medium.com/@_K3rnel/role-based-privilege-escalation-worth-2000-in-a-bug-bounty-program-0ca40a4cecb9?source=rss------bug_bounty-5_K3rnelbugbounting, bug-bounty, bugs, bug-bounty-tips, bugbounty-writeup13-Aug-2024
Threat Modeling 101: Mapping OWASP Top 10 to STRIDEhttps://justm0rph3u5.medium.com/threat-modeling-101-mapping-owasp-top-10-to-stride-cb8e8613e396?source=rss------bug_bounty-5Divyanshustride, bug-bounty, owasp, threat-model, pasta13-Aug-2024
23.6 Lab: Server-side template injection in a sandboxed environmenthttps://cyberw1ng.medium.com/23-6-lab-server-side-template-injection-in-a-sandboxed-environment-f731eacf2530?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, penetration-testing, cybersecurity, careers13-Aug-2024
Logic Flaw: User Account Lockouthttps://medium.com/@raxomara/logic-flaw-user-account-lockout-8865c622cef0?source=rss------bug_bounty-5Raxomarapenetration-testing, bug-bounty, cybersecurity, bug-bounty-tips, bug-hunting13-Aug-2024
NoSQL Injection | Try Hack Mehttps://systemweakness.com/nosql-injection-try-hack-me-e624fa71743f?source=rss------bug_bounty-5Ahmed Makawicybersecurity, bug-bounty, it, penetration-testing, sql-injection13-Aug-2024
My first bounty report was a duplicatehttps://medium.com/@World-Breaker/my-first-bounty-report-was-a-duplicate-ad2ba4ec595e?source=rss------bug_bounty-5usu@rioZ3r0bug-bounty13-Aug-2024
Effortless Go Language Setup: Installing Go Lang Like a Pro!https://imran407704.medium.com/effortless-go-language-setup-installing-go-lang-like-a-pro-e668c51454c3?source=rss------bug_bounty-5Imranbug-bounty, go-language, go-language-tutorial13-Aug-2024
How I Discovered a Directory Listing Vulnerability on a NASA Subdomainhttps://medium.com/@shubhammpawar7438/how-i-discovered-a-directory-listing-vulnerability-on-a-nasa-subdomain-979883e47874?source=rss------bug_bounty-5Shubham pawarvulnerability-disclosure, bug-bounty, cybersecurity, web-security, nasa-security13-Aug-2024
How To Get free burpsuite professionalhttps://medium.com/@sangamahesh650/how-to-get-free-burpsuite-professional-b6ebca7a60a3?source=rss------bug_bounty-5loyalonlytodaybug-bounty, pentesting, bug-bounty-tips, hacking, bugbounty-writeup13-Aug-2024
Breaking the Barrier: Admin Panel Takeover Worth $3500https://medium.com/@noob.assassin/breaking-the-barrier-admin-panel-takeover-worth-3500-78da79089ca3?source=rss------bug_bounty-5Aditya Sharmabug-bounty-tips, bug-bounty, hacker, hacking, vulnerability13-Aug-2024
Simple but Elegant DOM XSS on Hidden Parameter— Bypassing Filterhttps://medium.com/@YourFinalSin/simple-but-elegant-dom-xss-on-hidden-parameter-bypassing-filter-ab58ca1e6135?source=rss------bug_bounty-5SINxss-vulnerability, bug-bounty, xss-attack, bug-bounty-tips, bug-bounty-writeup13-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-71)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-71-3232e47be803?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, cybersecurity, bug-bounty, skills, ethical-hacking13-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-70)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-70-f603b2fde234?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, bug-bounty, hacking, cybersecurity, skills13-Aug-2024
Insecure Direct Object Referencehttps://medium.com/@yassentaalab51/insecure-direct-object-reference-6bddf9be8dcd?source=rss------bug_bounty-5Yassen Taalabidor, bug-bounty, owasp, cybersecurity, broken-access-control13-Aug-2024
CloudBrute — Awesome Cloud Enumeratorhttps://medium.com/@pentesterclubpvtltd/cloudbrute-awesome-cloud-enumerator-b6d86e168b2c?source=rss------bug_bounty-5Pentester Clubbug-bounty, hacking, ethical-hacking, cybersecurity, cloud-computing13-Aug-2024
Embedding Beacon Payloads in PDF Fileshttps://medium.com/@pentesterclubpvtltd/embedding-beacon-payloads-in-pdf-files-e789820f340b?source=rss------bug_bounty-5Pentester Clubhacking, cobalt-strike, bug-bounty, cybersecurity, pdf13-Aug-2024
DOM XSS — Simple but Elegant on Hidden Parameter— Bypassing Filterhttps://medium.com/@YourFinalSin/simple-but-elegant-dom-xss-on-hidden-parameter-bypassing-filter-ab58ca1e6135?source=rss------bug_bounty-5SINxss-vulnerability, bug-bounty, xss-attack, bug-bounty-tips, bug-bounty-writeup13-Aug-2024
Common Types of Bugs in Software Testinghttps://medium.com/optimizory-apps/common-types-of-bugs-in-software-testing-aea2ff2138bd?source=rss------bug_bounty-5Divyansh Vatsbug-bounty, bugs, software-testing12-Aug-2024
How to balance bug fix costs with software performance?https://medium.com/@harleyrose981/how-to-balance-bug-fix-costs-with-software-performance-92e9df481c36?source=rss------bug_bounty-5Harley Roseweb3, technology, bug-bounty, web-development, seo12-Aug-2024
3rd Anniversary Fun Activity: TECNO Security Bug Bounty Rules Challenging Testhttps://medium.com/@security.tecno/3rd-anniversary-fun-activity-tecno-security-bug-bounty-rules-challenging-test-d6dac9f552e7?source=rss------bug_bounty-5TECNO Securitytesting, bug-bounty, activity, security12-Aug-2024
5 Minutes to Take Over the System Administrator Account of a GPS Tracker Solution Providerhttps://medium.com/@mmaulanaabdullah/5-minutes-for-taking-over-system-administrator-account-of-gps-tracker-solution-provider-system-24bd083f1559?source=rss------bug_bounty-5M Maulana Abdullahapi, disruption, bug-bounty, information-security, infosec12-Aug-2024
Maintaining Software Excellence: The Importance of Bug Fixes and Maintenancehttps://medium.com/@harleyrose981/maintaining-software-excellence-the-importance-of-bug-fixes-and-maintenance-87db9a864a5f?source=rss------bug_bounty-5Harley Rosetechnology, software-development, web-development, tech, bug-bounty12-Aug-2024
From Fries to Flaws : My Journey into Web App Security (Part V)https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-v-f0ea86e55845?source=rss------bug_bounty-5OiQpenetration-testing, vulnerability, bug-bounty-tips, cybersecurity, bug-bounty12-Aug-2024
The Importance of Functionality and Usability in Web Applicationshttps://medium.com/@owaisbagali2/the-importance-of-functionality-and-usability-in-web-applications-65f5cf44374d?source=rss------bug_bounty-5OwaisBself-awareness, bug-bounty, audi, software-testing, basics12-Aug-2024
Earned $188 in bug bounty simply through the invitation feature.https://medium.com/@Mu1berry/earned-188-in-bug-bounty-simply-through-the-invitation-feature-534486d6ec1c?source=rss------bug_bounty-5Mu1berrybugcrowd, vulnerability, money, bug-bounty, hacker12-Aug-2024
Detecting Blind Injection Attacks with Discord Webhookshttps://osintteam.blog/detecting-injection-attacks-with-discord-webhooks-5df22a5679c5?source=rss------bug_bounty-5mrunoriginalweb-application-security, cybersecurity, bug-bounty, information-security, ethical-hacking12-Aug-2024
New Reconnaissance Methodologies/Tools for Bug Bounty Hunting & Ethical Hackinghttps://medium.com/@retr0x/new-reconnaissance-methodologies-tools-for-bug-bounty-hunting-ethical-hacking-be7ca14a7ae2?source=rss------bug_bounty-5R3tr0x | Vinay Kumarcyber, ethical-hacking, cyber-security-awareness, cybersecurity, bug-bounty12-Aug-2024
“My Journey to Earning the First Bounty”https://medium.com/@asharm.khan7/my-journey-to-earning-the-first-bounty-5314d1780f84?source=rss------bug_bounty-5Ashar Mahmoodbug-bounty, hacking, cyber-security-awareness, ethical-hacking, find-your-first-bug12-Aug-2024
21.4 Lab: Exploiting insecure output handling in LLMshttps://cyberw1ng.medium.com/21-4-lab-exploiting-insecure-output-handling-in-llms-4b17d8401fe6?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, cybersecurity, bug-bounty, careers12-Aug-2024
Getting all ips from Shodan easyhttps://medium.com/@sangamahesh650/getting-all-ips-from-shodan-easy-400706799e53?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, hacking, bugbounty-writeup, penetration-testing, bug-bounty12-Aug-2024
Cross-Site Scripting Explained: Protect Your Website from Modern Threatshttps://7hecoder.medium.com/secure-your-site-xss-guide-d780dd2ad098?source=rss------bug_bounty-5Aamir Khanxss-vulnerability, web-development, secure-coding, bug-bounty, cybersecurity12-Aug-2024
The Hidden Threat: How Reverse Shells Packaged as .pyz Files Evade Detectionhttps://medium.com/@psychomong/the-hidden-threat-how-reverse-shells-packaged-as-pyz-files-evade-detection-e82d1f234187?source=rss------bug_bounty-5psychomonghacker, hacking, meta, bug-bounty, whatsapp12-Aug-2024
How Much Did I Make in My First Year of Bug Bounty Work?https://medium.com/@bountyget/how-much-did-i-make-in-my-first-year-of-bug-bounty-work-2f0583002db6?source=rss------bug_bounty-5Bountygetinfosec-write-ups, bug-bounty, earn-money-online, bug-bounty-tips, hacking12-Aug-2024
How I Hacked Into the World’s Top Universities Including MIT Cambridge & University of Oxfordhttps://medium.com/@josuofficial327/how-i-hacked-into-the-worlds-top-universities-including-mit-cambridge-university-of-oxford-a2e209d8abf7?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binucybersecurity, bug-bounty, vulnerability, ethical-hacking, hacking12-Aug-2024
Stored XSS in LibreOfficehttps://bunny0417.medium.com/stored-xss-in-libreoffice-ed4ad22e0f56?source=rss------bug_bounty-5Aayush kumarbug-bounty-tips, xs, libreoffice, stored-xss, bug-bounty11-Aug-2024
From Fries to Flaws : My Journey into Web App Security (Part IV)https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-iv-956c3fcbec68?source=rss------bug_bounty-5OiQbug-bounty, web-app-security, vulnerability, bug-bounty-tips, penetration-testing11-Aug-2024
Internal and External Network penetration Testinghttps://gaya3-r.medium.com/internal-and-external-network-penetration-testing-6a9421394618?source=rss------bug_bounty-5gayatri rtools, bug-bounty, penetration-testing, owasp11-Aug-2024
How I found my first P3 bug (disclosure of PII/Privilege Escalation)https://medium.com/@the.bugcrowd.testerpawan/how-i-found-my-first-p3-bug-disclosure-of-pii-privilege-escalation-148dbf610334?source=rss------bug_bounty-5the_air_cyborgbug-bounty-tips, bugbounty-writeup, bug-bounty11-Aug-2024
Introduction to JWThttps://medium.com/@chanpreetkaur2005/introduction-to-jwt-f69162b59c24?source=rss------bug_bounty-5Chanpreet Kaurweb-exploitation, cybersecurity, bug-bounty, jwt, web-development11-Aug-2024
20.10 Lab: Using PHAR deserialization to deploy a custom gadget chainhttps://cyberw1ng.medium.com/20-10-lab-using-phar-deserialization-to-deploy-a-custom-gadget-chain-39270975163f?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, careers, cybersecurity11-Aug-2024
Udemy Course off 50% CYBER082024https://cyberbruharmy.medium.com/udemy-course-off-50-cyber082024-c61d755d2714?source=rss------bug_bounty-5CyberBruhArmybug-bounty, firewall, bug-bounty-tips, security, cybersecurity11-Aug-2024
Hacking the System: How I Beat Subscription Restrictions in Admin Controlshttps://0xmatrix.medium.com/hacking-the-system-how-i-beat-subscription-restrictions-in-admin-controls-5684fd90279a?source=rss------bug_bounty-5Mo2men Elmadyhacking, bugs, penetration-testing, red-team, bug-bounty11-Aug-2024
How I Got $150 on HackerOne for My First Bughttps://medium.com/@likithteki76/how-i-got-150-on-hackerone-for-my-first-bug-8af0ed515e79?source=rss------bug_bounty-5Likith Tekibug-bounty-tips, 2fa-bypass, vulnerability, bug-bounty, ethical-hacking11-Aug-2024
IDOR — How I Leaked Data of 50k+ Usershttps://medium.com/@YourFinalSin/idor-how-i-leaked-data-of-50k-users-bc44201e777a?source=rss------bug_bounty-5SINidor, bug-bounty-hunter, bug-bounty-writeup, bug-bounty, bug-bounty-tips10-Aug-2024
How I got my first $13500 bounty through Parameter Polluting (HPP)https://infosecwriteups.com/how-i-got-my-first-13500-bounty-through-parameter-polluting-hpp-179666b8e8bb?source=rss------bug_bounty-5rAmpancisthacking, bug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips10-Aug-2024
IDOR — Exposing private forms $$$https://medium.com/@hellother18/idor-exposing-private-forms-0204c1ed560a?source=rss------bug_bounty-5Manthan_ mahalehacking, cybersecurity, ethical-hacking, bug-bounty, bugbounty-writeup10-Aug-2024
Day 8 of 30 Days — 30 Vulnerabilities | Security Misconfigurationhttps://medium.com/@kumawatabhijeet2002/day-8-of-30-days-30-vulnerabilities-security-misconfiguration-5d8ee574e7e3?source=rss------bug_bounty-5Abhijeet kumawatsecurity-misconfiguration, bug-bounty, bug-bounty-tips10-Aug-2024
What is a Bug Bounty Program?https://medium.com/@pasan62nanayakkara/what-is-a-bug-bounty-program-f64c90197229?source=rss------bug_bounty-5Ravindu Nanayakkarabug-bounty, cybersecurity, security10-Aug-2024
$800 Improper Authorization Flaw: Unauthorized Project Reclaiming Post Transferhttps://medium.com/@a13h1/800-improper-authorization-flaw-unauthorized-project-reclaiming-post-transfer-15fe36976604?source=rss------bug_bounty-5Abhi Sharmaimproper-authorization, cybersecurity, bug-bounty, idor, programming10-Aug-2024
Practice Lab Setup for Application Security Testinghttps://medium.com/@Kamal_S/practice-lab-setup-for-application-security-testing-9fa2c9b45917?source=rss------bug_bounty-5Kamal Sbug-bounty, vapt, security-testing, appsec, owasp10-Aug-2024
The Evolution of Deserialization Attacks: Understanding the Risks and Future Trendshttps://cyberw1ng.medium.com/the-evolution-of-deserialization-attacks-understanding-the-risks-and-future-trends-0e485ec7e833?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, cybersecurity, hacking, bug-bounty10-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-69)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-69-fa42b90989a1?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, bug-bounty, skills, hacking, cybersecurity10-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-68)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-68-8e3af48d1c65?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, ethical-hacking, cybersecurity, bug-bounty, skills10-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-67)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-67-01756817b60c?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, skills, ethical-hacking, bug-bounty, hacking10-Aug-2024
How to Mitigate SQL Injectionhttps://medium.com/@dhiren.pradhan263/how-to-mitigate-sql-injection-20a26cfa96f5?source=rss------bug_bounty-5Dhiren Pradhansecurity, bug-bounty, information-security09-Aug-2024
How to find P1 SQL injection in indian website.https://medium.com/@padhyepushkar/how-to-find-p1-sql-injection-in-indian-website-59ad091a9e1b?source=rss------bug_bounty-5Pushkar Padhyebug-bounty09-Aug-2024
How to Mitigate SQL Injectionhttps://medium.com/@bountyget/how-to-mitigate-sql-injection-20a26cfa96f5?source=rss------bug_bounty-5Bountygetsecurity, bug-bounty, information-security09-Aug-2024
Bug Bounty Programs Launched in August 2024https://medium.com/@vic-thor/bug-bounty-programs-launched-in-august-2024-ab698f18b7c5?source=rss------bug_bounty-5vicbug-bounty, technology, tech, money, cybersecurity09-Aug-2024
Part 3: Enhancing Database Items in Angular using the Decorator Design Pattern: Bug Prevention…https://medium.com/@nemanjablagojevic/part-3-enhancing-database-items-in-angular-using-the-decorator-design-pattern-bug-prevention-e965373a6219?source=rss------bug_bounty-5Nemanja Blagojevicsingleton, programming, angular, bug-bounty, ecommerce-web-development09-Aug-2024
From Developer to Hacker: Putting on the White Hathttps://medium.com/@jonathanmondaut/from-developer-to-hacker-putting-on-the-white-hat-b4292af8c1d4?source=rss------bug_bounty-5Jonathan Mondautcybersecurity, technology, bug-bounty, ethical-hacking, programming09-Aug-2024
How I Turned a Rate-Limit Bypass into an Account Takeoverhttps://anonysm.medium.com/how-i-turned-a-rate-limit-bypass-into-an-account-takeover-4588541c2d29?source=rss------bug_bounty-5Muthu Dethical-hacking, hacking, pentesting, bug-bounty, penetration-testing09-Aug-2024
Enriching Nuclei results with Vulnerability Intelhttps://medium.com/@nvi_90805/enriching-nuclei-results-with-vulnerability-intel-d760b756b066?source=rss------bug_bounty-5NVI - North Vulnerability Intelligencevulnerability, cve, bug-bounty, nuclei-template, exploit09-Aug-2024
Mastering Subfinder for Subdomain Enumeration: A Quick Guide for Bug Bounty Huntershttps://medium.com/@k4r7hx/mastering-subfinder-for-subdomain-enumeration-a-quick-guide-for-bug-bounty-hunters-5d6c3d471896?source=rss------bug_bounty-5Karthikeyansubdomain-enumeration, subdomains-enumeration, subdomain, bug-bounty, subdomain-takeover09-Aug-2024
Bug Bounty Methodology — Step By Step Guide To Find Subdomains And Vulnerable URLshttps://medium.com/@shaikhminhaz1975/bug-bounty-methodology-step-by-step-guide-to-find-subdomains-and-vulnerable-urls-18bdd76e979f?source=rss------bug_bounty-5Shaikh Minhazcybersecurity, reconnaissance, subdomains-enumeration, bug-bounty, methodology09-Aug-2024
20 Essential Google Dorking Queries to find vulnerable targetshttps://offsec01.medium.com/20-essential-google-dorking-queries-to-find-vulnerable-targets-a98b657dc66d?source=rss------bug_bounty-5Facundo Fernandezoffensive-security, google-dorking, hacking-training, bug-bounty, hacking09-Aug-2024
Day 7 of 30 Days — 30 Vulnerability | IDOR (Insecure Direct Object Reference)https://medium.com/@kumawatabhijeet2002/day-7-of-30-days-30-vulnerability-idor-insecure-direct-object-reference-79b8051d67e2?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, 30dayswritingchallenge, idor-vulnerability, idor, bug-bounty-tips09-Aug-2024
How dirsearch Uncovered a $750 Bountyhttps://medium.com/@bountyget/how-dirsearch-uncovered-a-750-bounty-fd215c925eb7?source=rss------bug_bounty-5Bountygetinfosec, dirsearch, wordlist, bug-bounty, hackerone09-Aug-2024
What After Recon ? Part 01 Bug Bounty Methodologyhttps://omarora1603.medium.com/what-after-recon-part-01-bug-bounty-methodology-25ff3705a738?source=rss------bug_bounty-5Om Arorainfosec, bug-bounty, bug-bounty-writeup, methodology, hacking09-Aug-2024
Embracing Proactive Security Measures: Future-Proofing Against PHAR Deserialization and Beyondhttps://cyberw1ng.medium.com/embracing-proactive-security-measures-future-proofing-against-phar-deserialization-and-beyond-49e1dec9000d?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, hacking, penetration-testing, bug-bounty09-Aug-2024
How i hacked NASA? NASA VDP.https://medium.com/@momos1337/how-i-hacked-nasa-bug-bounty-6975b833eb45?source=rss------bug_bounty-5Fadhli Almunawarcybersecurity, bug-bounty09-Aug-2024
How dirsearch Uncovered a $750 Bountyhttps://medium.com/@bountyget/how-dirsearch-uncovered-a-750-bounty-fd215c925eb7?source=rss------bug_bounty-5Bountygetinfosec, dirsearch, wordlist, info-sec-writeups, bug-bounty09-Aug-2024
L6 — Postbookhttps://scissor07.medium.com/l6-postbook-8d5b322a0801?source=rss------bug_bounty-5scissor_sevenwriteup, cybersecurity, bug-bounty, hackerone, ctf08-Aug-2024
Web App Security Scanner- Vex Scannerhttps://medium.com/@pentesterclubpvtltd/web-app-security-scanner-vex-scanner-e150e9a03ffc?source=rss------bug_bounty-5Pentester Clubcybersecurity, scalability, bug-bounty, hacking, security08-Aug-2024
OAuth Impersonation Attack: Misconfiguration of Facebook and Google OAuth Leading to Account…https://medium.com/@security.tecno/oauth-impersonation-attack-misconfiguration-of-facebook-and-google-oauth-leading-to-account-9f838439de31?source=rss------bug_bounty-5TECNO Securitybug-bounty, security, hacker08-Aug-2024
Hijacking User Privileges: The Story of a Patched Vulnerability in Open Bug Bountyhttps://take0verx0.medium.com/hijacking-user-privileges-the-story-of-a-patched-vulnerability-in-open-bug-bounty-4db81fa0fd1f?source=rss------bug_bounty-5Shahariar Aminbug-bounty, bug-bounty-tips, web-security, openbugbounty08-Aug-2024
Last Week in tech — 5th editionhttps://medium.com/@azefox/last-week-in-tech-5th-edition-0f559055dcf6?source=rss------bug_bounty-5Azefoxcloud-computing, ai, bug-bounty, infosec, news08-Aug-2024
O manual do Hacker Modernohttps://medium.com/@espectrx/o-manual-do-hacker-moderno-2a715e35184c?source=rss------bug_bounty-5Rafael Henriquehackingrévolution, hackerone, hacker-ético, bug-bounty, hacking08-Aug-2024
Building a Resilient Security Framework: Long-Term Strategies for Combating PHAR Deserialization…https://cyberw1ng.medium.com/building-a-resilient-security-framework-long-term-strategies-for-combating-phar-deserialization-de5b38c6aff2?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, hacking, penetration-testing, careers08-Aug-2024
Easiest P3 You May Not Knowhttps://muneebalamkhan.medium.com/easiest-p3-you-may-not-know-54ae73cd3361?source=rss------bug_bounty-5Muneeb Alam Khanbug-bounty-tips, penetration-testing, bug-bounty, bounty-hunter, penetration-test07-Aug-2024
SSRF: Blacklist and Whitelist-Based Input Filtershttps://infosecwriteups.com/ssrf-blacklist-and-whitelist-based-input-filters-1c602b872731?source=rss------bug_bounty-5Neetroxcybersecurity, cyber-security-awareness, bug-bounty, cyberattack, technology07-Aug-2024
Client-Side Desync in HTTP: Understanding the Vulnerabilities and How to Mitigate Themhttps://medium.com/@miladkeivanfar/client-side-desync-in-http-understanding-the-vulnerabilities-and-how-to-mitigate-them-f3552164a6c9?source=rss------bug_bounty-5Milad keivanfarsecurity, pentesting, desync, bug-bounty, smuggling07-Aug-2024
Nahamsec’s Intro to Bug Bounty Labs: Your Setup Guidehttps://medium.com/@k4r7hx/nahamsecs-intro-to-bug-bounty-labs-your-setup-guide-145199ee948a?source=rss------bug_bounty-5Karthikeyanbug-bounty, ethical-hacking, penetration-testing, nahamstore, hacking07-Aug-2024
ALL ABOUT TRAVA BUG BOUNTY — FINDING THE FAULTS IN TRAVA.FINANCEhttps://blog.trava.finance/all-about-trava-bug-bounty-finding-the-faults-in-trava-finance-ebdcf476c1d6?source=rss------bug_bounty-5Trava.Financedapps, web3, bug-bounty, blockchain07-Aug-2024
Easiest P3/P4 security misconfiguration to make $$ as a beginner.https://medium.com/@sugamdangal52/easiest-p3-p4-security-misconfiguration-to-make-as-a-beginner-d4f019ad4b85?source=rss------bug_bounty-5Sugam Dangalbug-bounty-program, bug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-bounty-tips07-Aug-2024
Real-World Applications and Case Studies of PHAR Deserialization Defensehttps://cyberw1ng.medium.com/real-world-applications-and-case-studies-of-phar-deserialization-defense-f65b67c503aa?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, bug-bounty, hacking07-Aug-2024
Day 5 of 30 Days — 30 Vulnerabilities | Open Redirectshttps://medium.com/@kumawatabhijeet2002/day-5-of-30-days-30-vulnerabilities-open-redirects-386ea2fa1a66?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, bug-bounty-tips, open-redirect, 30dayschallenge, 30dayswritingchallenge07-Aug-2024
Mastering Dirsearch for Bug Huntinghttps://medium.com/@josuofficial327/mastering-dirsearch-for-bug-hunting-f34272c0ba28?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binubug-bounty, bug-bounty-tips, ethical-hacking, cybersecurity, hacking06-Aug-2024
SSRF to Server Takeover PoC (Bug Bounty Writeup)https://medium.com/@malvinval/ssrf-to-server-takeover-poc-bug-bounty-writeup-82d6715e333d?source=rss------bug_bounty-5Malvin Valeriancybersecurity, ethical-hacking, bug-bounty-tips, hacking, bug-bounty06-Aug-2024
From Fries to Flaws : My Journey into Web App Security (Part III)https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-iii-ce91eb384da7?source=rss------bug_bounty-5OiQpenetration-testing, broken-access-control, web-app-security, bug-bounty, bug-bounty-tips06-Aug-2024
My First Bug Bounty: CORS Misconfigurationhttps://r0b0ts.medium.com/my-first-bug-bounty-cors-misconfiguration-3e6f38835c4e?source=rss------bug_bounty-5r0b0tsbug-bounty-writeup, bug-bounty, secu, bug-bounty-tips, bug-bounty-hunter06-Aug-2024
Reflected HTML injection leads to redirection and what’s not!https://medium.com/@shahariarwalid/reflected-html-injection-leads-to-redirection-and-whats-not-3de256b16c30?source=rss------bug_bounty-5Shahariar Aminbug-bounty, web-hacking, poc06-Aug-2024
Race Condition About The User Version and Ignoredhttps://r0b0ts.medium.com/race-condition-about-the-user-version-and-ignored-c98fec642d1b?source=rss------bug_bounty-5r0b0tsbug-bounty-tips, bug-bounty-writeup, bug-bounty, security, bug-bounty-hunter06-Aug-2024
Mastering Network Reconnaissance with Nmap: A Comprehensive Guidehttps://medium.com/@WillFromSwiss/mastering-network-reconnaissance-with-nmap-a-comprehensive-guide-e37fe3cdf8ff?source=rss------bug_bounty-5WillFromSwisspentesting, hacking, bug-bounty, recon, nmap06-Aug-2024
Bypass Admin Panel Access Steps — Bug Tuesdayhttps://medium.com/@kerstan/bypass-admin-panel-access-steps-bug-tuesday-36e7be470dae?source=rss------bug_bounty-5kerstancybersecurity, bug-bounty, hacking06-Aug-2024
Discovering and Exploiting an XSS Vulnerability in an Admin Panelhttps://soltanali0.medium.com/discovering-and-exploiting-an-xss-vulnerability-in-an-admin-panel-8abbc97931fd?source=rss------bug_bounty-5soltanali0admin-panel, xss-attack, hackerone, bug-bounty-tips, bug-bounty06-Aug-2024
Reflected HTML injection leads to redirection and what’s not!https://take0verx0.medium.com/reflected-html-injection-leads-to-redirection-and-whats-not-3de256b16c30?source=rss------bug_bounty-5Shahariar Aminbug-bounty, web-hacking, poc06-Aug-2024
Advanced Defense Mechanisms and Continuous Monitoring Against PHAR Deserializationhttps://cyberw1ng.medium.com/advanced-defense-mechanisms-and-continuous-monitoring-against-phar-deserialization-00512489faf1?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, careers, hacking06-Aug-2024
Hacking OWASP Juice Shop: Part 5- Privilege Escalation via Manipulated User Registrationhttps://infosecwriteups.com/hacking-owasp-juice-shop-part-5-privilege-escalation-via-manipulated-user-registration-4b1c5227aa81?source=rss------bug_bounty-5callgh0sthacking, manipulation, logic, privilege-escalation, bug-bounty06-Aug-2024
From Secure to Breached: The Journey from Confidence to Compromisehttps://medium.com/@armandjasharaj/from-secure-to-breached-the-journey-from-confidence-to-compromise-38fcb7e9ef7c?source=rss------bug_bounty-5Armand Jasharajpenetration-testing, bug-bounty, cybersecurity, information-security06-Aug-2024
Understanding and Mitigating Open Redirection Vulnerability (CVE-2021–36580) in Webmail/Basic…https://medium.com/@anonymousshetty2003/understanding-and-mitigating-open-redirection-vulnerability-cve-2021-36580-in-webmail-basic-24b12c3df17d?source=rss------bug_bounty-5Anonymousshettyopen-redirection, ethical-hacking, cybersecurity, bug-bounty06-Aug-2024
How to Use Netcat as a Persistent Backdoor Utility?https://medium.com/@pentesterclubpvtltd/how-to-use-netcat-as-a-persistent-backdoor-utility-57bb01cbf9cc?source=rss------bug_bounty-5Pentester Clubhacking, bug-bounty-tips, bug-bounty, metasploit, cybersecurity06-Aug-2024
Ping a site to find out information about it.https://medium.com/@pentesterclubpvtltd/ping-a-site-to-find-out-information-about-it-43efdb62b4a0?source=rss------bug_bounty-5Pentester Clubcyber-security-awareness, bug-bounty, cybersecurity, ping, cybercrime05-Aug-2024
Maltego — The Automated OSINT Tool for Ethical Hackershttps://medium.com/@pentesterclubpvtltd/maltego-the-automated-osint-tool-for-ethical-hackers-d6bc5737812e?source=rss------bug_bounty-5Pentester Clubbug-bounty, ethical-hacking, maltego, cybersecurity, osint05-Aug-2024
Recon-ng — Complete Scan — Emails, Sub Domains & Hidden Fileshttps://medium.com/@pentesterclubpvtltd/recon-ng-complete-scan-emails-sub-domains-hidden-files-b357cffd1e0b?source=rss------bug_bounty-5Pentester Clubscan, recon, enumeration, cybersecurity, bug-bounty05-Aug-2024
Perform Network Tracerouting in Linux Machineshttps://medium.com/@pentesterclubpvtltd/perform-network-tracerouting-in-linux-machines-28b6bf57bf71?source=rss------bug_bounty-5Pentester Clubbug-bounty, machine-learning, linux, networking, cybersecurity05-Aug-2024
Gather Information About a Target Website Using Photonhttps://medium.com/@pentesterclubpvtltd/gather-information-about-a-target-website-using-photon-839612a85319?source=rss------bug_bounty-5Pentester Clubweb-design, cybersecurity, bug-bounty, web-development, web305-Aug-2024
Mirror a Target Website Using HTTrack website Copierhttps://medium.com/@pentesterclubpvtltd/mirror-a-target-website-using-httrack-website-copier-0489c23d66b3?source=rss------bug_bounty-5Pentester Clubweb3, website-design, web-development, cybersecurity, bug-bounty05-Aug-2024
Extract Companys Website Data Using Web Data Extractorhttps://medium.com/@pentesterclubpvtltd/extract-companys-website-data-using-web-data-extractor-a2957c56fd3f?source=rss------bug_bounty-5Pentester Clubdata, website, bug-bounty, web3, cybersecurity05-Aug-2024
Gather Personal Information Using PeekYou online People Search Servicehttps://medium.com/@pentesterclubpvtltd/gather-personal-information-using-peekyou-online-people-search-service-8a523a180f0d?source=rss------bug_bounty-5Pentester Clubdata, bug-bounty, cybersecurity, people, search-engine-optimizati05-Aug-2024
Mastering Angry IP Scanner: Unleashing the Power of Network Diagnosticshttps://medium.com/@pentesterclubpvtltd/mastering-angry-ip-scanner-unleashing-the-power-of-network-diagnostics-43388a593650?source=rss------bug_bounty-5Pentester Clubnetworking, bug-zero, cybersecurity, bug-bounty, angry05-Aug-2024
Uncover the Shocking Truth Behind HTTP Header Injection Attacks: Protect Yourself Now!https://systemweakness.com/the-hidden-danger-lurking-in-your-http-headers-3f93474933cb?source=rss------bug_bounty-5Khaleel Khanhacking, bug-bounty, cybersecurity, infosec, web-development05-Aug-2024
Exploit Public-Facing Application conceptshttps://medium.com/@alimostafaeiorg/exploit-public-facing-application-concepts-95c9d9efe76b?source=rss------bug_bounty-5Ali Mostafaeipentest, exploit, xs, exploit-public-facing, bug-bounty05-Aug-2024
You might have never understood the OSI Model this way.https://medium.com/@rohillachhavi12/you-might-have-never-understood-the-osi-model-this-way-2b3d234c5bac?source=rss------bug_bounty-5Chhavi Rohillanetworking, technology, bug-bounty, learning, cybersecurity05-Aug-2024
SQL Injection Part 1️⃣https://infosecwriteups.com/sql-injection-part-1%EF%B8%8F%E2%83%A3-eead93a673a2?source=rss------bug_bounty-5Neetroxcybersecurity, sql, data, bug-bounty, cyber-security-awareness05-Aug-2024
Discovering and Exploiting an XSS Vulnerability in a Bug Bounty Program Scopehttps://medium.com/@anonymousshetty2003/discovering-and-exploiting-an-xss-vulnerability-in-a-bug-bounty-program-scope-383327e7f290?source=rss------bug_bounty-5Anonymousshettycybersecurity, bug-bounty, xss-vulnerability, ethical-hacking05-Aug-2024
From Detection to Notification: Security Automation to Earn $$$$https://vijetareigns.medium.com/from-detection-to-notification-security-automation-to-earn-4ea1a13576bc?source=rss------bug_bounty-5the_unlucky_guybugbounty-writeup, cybersecurity, technology, bug-bounty, automation05-Aug-2024
How i found Host Header Injection on SpaceXhttps://medium.com/@gitlime71/how-i-found-host-header-injection-on-spacex-3a9b45db70e8?source=rss------bug_bounty-5Raccoonpenetration-testing, bug-bounty, pentesting, hacking, bug-bounty-tips05-Aug-2024
Zero-Click account Take-overhttps://0xebn-taimia.medium.com/zero-click-account-take-over-deb0fae7a6c1?source=rss------bug_bounty-50xEbn-Taimiabug-bounty, cybersecurity, bugs, ato05-Aug-2024
Advanced Techniques and Defenses Against PHAR Deserialization Exploitshttps://cyberw1ng.medium.com/advanced-techniques-and-defenses-against-phar-deserialization-exploits-c65074fa5035?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, hacking, careers05-Aug-2024
Day 3 of 30 Days — 30 Vulnerability | CSRFhttps://medium.com/@kumawatabhijeet2002/day-3-of-30-days-30-vulnerability-csrf-3958560fb941?source=rss------bug_bounty-5Abhijeet kumawatvulnerability, bug-bounty, cybersecurity, csrf-attack05-Aug-2024
Unveiling Remote Code Execution in AI chatbot workflowshttps://infosecwriteups.com/unveiling-remote-code-execution-in-ai-chatbot-workflows-3c7f633f63c3?source=rss------bug_bounty-5Anurag__Vermaethical-hacking, infosec, penetration-testing, bugs, bug-bounty05-Aug-2024
How I Got Critical P2 Bug on Google VRPhttps://medium.com/@rhashibur75/how-i-got-critical-p2-bug-on-google-vrp-165017145af8?source=rss------bug_bounty-5Kazi Hashibur Rahmangoogle-bug, bugs, bug-bounty-tips, bug-bounty, google04-Aug-2024
Insecure Deserialization — Why it is a vulnerabilityhttps://medium.com/@nanak.singh/insecure-deserialization-why-it-is-a-vulnerability-74e22e878cf4?source=rss------bug_bounty-5Nanak Singh Khuranaweb-security, insecure-deserialization, hacking, bug-bounty04-Aug-2024
Simple Authentication Bypass By Response Manipulation.https://medium.com/@test123cybertest/simple-authentication-bypass-by-response-manipulation-44ba530e803b?source=rss------bug_bounty-5praveenarsh0xx0hacking, tips-and-tricks, cybersecurity, pentest, bug-bounty04-Aug-2024
Hacking OWASP Juice Shop: Part 3- Exploiting Insufficient Server-Side Checks:::Bypassing Input…https://infosecwriteups.com/hacking-owasp-juice-shop-part-3-exploiting-insufficient-server-side-checks-bypassing-input-6b4368449c2f?source=rss------bug_bounty-5callgh0sthacking, input-validation, burpsuite, consistency, bug-bounty04-Aug-2024
SQL Injection Attack, Querying the Database Type and Version on MySQL and Microsofthttps://medium.com/@marduk.i.am/sql-injection-attack-querying-the-database-type-and-version-on-mysql-and-microsoft-caf947d0208a?source=rss------bug_bounty-5Marduk I Amsqli, sql-injection, bug-bounty, information-security, portswigger-lab04-Aug-2024
Hacking OWASP Juice Shop: Part4 — Exploiting Payment and Input Validation Loopholeshttps://infosecwriteups.com/hacking-owasp-juice-shop-part4-exploiting-payment-and-input-validation-loopholes-59f6b8485c3e?source=rss------bug_bounty-5callgh0stprompt, bypass, consistency, hacking, bug-bounty04-Aug-2024
Simple logic flaw lead to P3 bug in public BBPhttps://medium.com/@mohamed0xmuslim/simple-logic-flaw-lead-to-p3-bug-in-public-bbp-7cf21a4fb7c6?source=rss------bug_bounty-5Muhammad_Mostafabug-bounty, bugcrowd, bugbounty-writeup, bug-bounty-tips, hackerone04-Aug-2024
curityPHAR Deserialization: Exploiting Hidden Vulnerabilities in PHPhttps://cyberw1ng.medium.com/curityphar-deserialization-exploiting-hidden-vulnerabilities-in-php-c68891254c13?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, cybersecurity, penetration-testing, hacking04-Aug-2024
Kioptrix Level 3 Walkthroughhttps://erdemstar.medium.com/kioptrix-level-3-walkthrough-25dce894e7e3?source=rss------bug_bounty-5Erdemstaroscp-preparation, bug-bounty, pentesting, oscp, bug-bounty-tips04-Aug-2024
Exploiting Negative Quantity Manipulation for Total Price Reductionhttps://medium.com/@adhammedhat101/s-e615c50a1798?source=rss------bug_bounty-5SemZcybersecurity, bug-bounty, bugbounty-writeup, penetration-testing, web-app-security04-Aug-2024
Don’t Know Where to Look for Bugs? A Beginner’s Guide to Bug Huntinghttps://medium.com/@paritoshblogs/dont-know-where-to-look-for-bugs-a-beginner-s-guide-to-bug-hunting-780780eec09b?source=rss------bug_bounty-5Paritoshbug-bounty-tips, bug-bounty, information-technology, information-security, cybersecurity03-Aug-2024
How I prevented a mass leak of user data at one of the largest Tech companieshttps://medium.com/@syarifsajjad07/how-i-prevented-a-mass-leak-of-user-data-at-one-of-the-largest-tech-companies-caea05474af8?source=rss------bug_bounty-5Syarifsajjadhackerone, bug-bounty-tips, cybersecurity, bug-bounty, bugbounty-writeup03-Aug-2024
30 Days — 30 Vulnerability Challengehttps://it4chis3c.medium.com/30-days-30-vulnerability-challenge-28edae3b25d4?source=rss------bug_bounty-5It4chis3cbug-bounty-tips, bug-bounty, 30dayswritingchallenge03-Aug-2024
Day 1 of 30 Days — 30 Vulnerabilities Tips & Trickshttps://it4chis3c.medium.com/day-1-of-30-days-30-vulnerabilities-tips-tricks-4cff7b2756a2?source=rss------bug_bounty-5It4chis3c30dayswritingchallenge, xss-attack, xss-vulnerability, bug-bounty-tips, bug-bounty03-Aug-2024
How I Hacked and Secured a Croatian Government Website: A White Hat Journeyhttps://harshit3.medium.com/how-i-hacked-and-secured-a-croatian-government-website-a-white-hat-journey-d452fbb8e711?source=rss------bug_bounty-5Harshitethical-hacking, bug-bounty, security, vulnerability, cybersecurity03-Aug-2024
How a Host Header Injection Bug Earned Me My Fourth Hall of Fame Spot at Applehttps://medium.com/@MohaseenK/how-a-host-header-injection-bug-earned-me-my-fourth-hall-of-fame-spot-at-apple-b5d880acbba2?source=rss------bug_bounty-5Mohaseeninfosec, hall-of-fame, hackerone, bug-bounty, apple03-Aug-2024
Your AI Conversations Aren’t Safe: How We Stole Themhttps://h0tak88r.medium.com/your-ai-conversations-arent-safe-how-we-stole-them-02c17db2ed72?source=rss------bug_bounty-5sallambug-bounty-tips, prompt-injection-attack, ai-hacking, bug-bounty, oauth03-Aug-2024
How I Earned $469 Bounty: Bypassing Plan Restrictionhttps://medium.com/@a13h1/how-i-earned-469-bounty-bypassing-plan-restriction-58f6d3120b6e?source=rss------bug_bounty-5Abhi Sharmaaccess-control, programming, infosec, cybersecurity, bug-bounty03-Aug-2024
How to Find Vulnerabilities and Bugs with the Help of ChatGPT and Get Bountyhttps://medium.com/@shaikhminhaz1975/how-to-find-vulnerabilities-and-bugs-with-the-help-of-chatgpt-and-get-bounty-f1ee5b6b0dd0?source=rss------bug_bounty-5Shaikh Minhazbug-bounty-with-ai, bug-bounty, chatgpt, cybersecurity, find-bug-with-chatgpt03-Aug-2024
how I found a critical bug using response manipulationhttps://matrixm0x1.medium.com/how-i-found-a-critical-bug-using-response-manipulation-4403a562db12?source=rss------bug_bounty-5matrixm0x1security, vulnerability, cybersecurity, bugs, bug-bounty03-Aug-2024
20.9 Lab: Developing a custom gadget chain for PHP deserializationhttps://cyberw1ng.medium.com/20-9-lab-developing-a-custom-gadget-chain-for-php-deserialization-c173ff462156?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing03-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-66)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-66-9a60c229db5e?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, skills, hacking, bug-bounty, cybersecurity03-Aug-2024
How could privilege escalation vulnerability lead to full account takeover?https://medium.com/@moxallam/how-could-privilege-escalation-vulnerability-lead-to-full-account-takeover-0d49d3d5fbee?source=rss------bug_bounty-53llampentesting, web-application-security, bug-bounty, cyber-security-services, bug-bounty-writeup03-Aug-2024
Uncovering a Reflected XSS Vulnerability in an Insurance Company’s Websitehttps://medium.com/@anonymousshetty2003/uncovering-a-reflected-xss-vulnerability-in-an-insurance-companys-website-ee56c3492381?source=rss------bug_bounty-5Anonymousshettybug-bounty, cybersecurity, ethical-hacking03-Aug-2024
Discovering a Reflected XSS Vulnerability in an Shopping Websitehttps://medium.com/@anonymousshetty2003/discovering-a-reflected-xss-vulnerability-in-an-shopping-website-d9ea72be73ef?source=rss------bug_bounty-5Anonymousshettybug-bounty, xss-vulnerability, ethical-hacking, cybersecurity03-Aug-2024
The first $100 from Bug Hunterhttps://medium.com/@osamamohamed21212121/the-first-100-from-bug-hunter-aaee9a0ac547?source=rss------bug_bounty-5Osamamohamedcybersecurity, security, vulnerability, bug-bounty, bus03-Aug-2024
How I Escalated N/A to High and Got Rewarded £££: Bug Hunting Journeyhttps://medium.com/@iamrizwanvp/how-i-escalated-n-a-to-medium-and-got-rewarded-bug-hunting-journey-c6e6097fe93c?source=rss------bug_bounty-5iamrizwanvpbug-bounty, penetration-testing, cybersecurity, bugbounty-writeup03-Aug-2024
From Fries to Flaws : My Journey into Web App Security (Part II)https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-ii-6127ecc7d93f?source=rss------bug_bounty-5OiQbug-bounty, web-application-security, cybersecurity, xss-vulnerability, bug-bounty-tips03-Aug-2024
Tips about bug bounty for complete begginershttps://medium.com/@mrkimia097/tips-about-bug-bounty-for-complete-begginers-0fa1c85594ad?source=rss------bug_bounty-5Mrkimiabug-bounty, hacker, bugbounty-tips03-Aug-2024
How I Escalated N/A to High and Got Rewarded $$$: Bug Hunting Journeyhttps://medium.com/@iamrizwanvp/how-i-escalated-n-a-to-medium-and-got-rewarded-bug-hunting-journey-c6e6097fe93c?source=rss------bug_bounty-5iamrizwanvpbug-bounty-tips, bug-bounty, penetration-testing, cybersecurity, bugbounty-writeup03-Aug-2024
#4. Bug Bounty Series: Exploiting Boolean-based SQL Injectionhttps://cyb3rmind.medium.com/4-bug-bounty-series-exploiting-boolean-based-sql-injection-3455d800892e?source=rss------bug_bounty-5Cyb3r M!ndspentesting, hacking, bug-bounty, sql-injection02-Aug-2024
Bounty Hunting — Complete Guide (Part-65)https://medium.com/@rafid19/bounty-hunting-complete-guide-part-65-885040ada45a?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, hacking, cybersecurity, ethical-hacking, bug-bounty02-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-64)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-64-aa6bc5c45197?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, hacking, skills, bug-bounty02-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-63)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-63-fdea83c2c38f?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, ethical-hacking, skills, hacking02-Aug-2024
Best youtube channels to learn bughunting and penetration testinghttps://medium.com/@sangamahesh650/best-youtube-channels-to-learn-bughunting-and-penetration-testing-eea2e78a202a?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, bug-bounty-writeup, bugbounty-tips, bug-bounty-tips, bug-bounty02-Aug-2024
Finding subdomains from googlehttps://medium.com/@sangamahesh650/finding-subdomains-from-google-7f370fe60ad1?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, bugbounting, bug-bounty, bug-bounty-tips, bug-bounty-writeup02-Aug-2024
Search engines for hackers and bughuntershttps://medium.com/@sangamahesh650/search-engines-for-hackers-and-bughunters-16139aa60752?source=rss------bug_bounty-5loyalonlytodaybugbounty-writeup, bug-bounty-tips, bug-bounty, hacking, penetration-testing02-Aug-2024
Finding more subdomainshttps://medium.com/@sangamahesh650/finding-more-subdomains-1f5221e79310?source=rss------bug_bounty-5loyalonlytodaybug-bounty, bugbounty-tips, bug-bounty-tips02-Aug-2024
Overview of API Penetration Testinghttps://medium.com/@aakashgupthagwapt/overview-of-api-penetration-testing-2065f6722f4e?source=rss------bug_bounty-5Aakashgupthapenetration-testing, api-penetration-testing, bug-bounty, cybersecurity, api02-Aug-2024
20.8 Lab: Developing a custom gadget chain for Java deserializationhttps://cyberw1ng.medium.com/20-8-lab-developing-a-custom-gadget-chain-for-java-deserialization-01b85e1e998a?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, hacking, bug-bounty, cybersecurity02-Aug-2024
I found RCE on Viber.https://medium.com/@deadoverflow/i-found-rce-on-viber-432cf9e17eb0?source=rss------bug_bounty-5Imad Husanoviccyber-security-awareness, programming, hacking, rce, bug-bounty02-Aug-2024
Email Verification Bypass Easy-P4https://medium.com/@Ajakcybersecurity/email-verification-bypass-easy-p4-70039d0b8fd9?source=rss------bug_bounty-5AjakCybersecuritytechnology, penetration-testing, bug-bounty, hacking, ethical-hacking02-Aug-2024
Client-Side XSS: The DOM-based Debacle (Cross Site Scripting)https://medium.com/@godsxfinger/client-side-xss-the-dom-based-debacle-cross-site-scripting-7a14904934d9?source=rss------bug_bounty-5Aadi (godsxfinger)xs, web-app-security, bug-bounty, cybersecurity, bug-bounty-tips01-Aug-2024
Serialization and Deserialization: Advanced Concepts and Best Practiceshttps://cyberw1ng.medium.com/serialization-and-deserialization-advanced-concepts-and-best-practices-c6562fce9e4b?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, penetration-testing, cybersecurity01-Aug-2024
Understanding Cross-Site Scripting (XSS)https://medium.com/@soheilvanaee.net/understanding-cross-site-scripting-xss-5610d02cc5c4?source=rss------bug_bounty-5Soheilvanaee Netbug-bounty, cybersecurity, web-hacking01-Aug-2024
First Bug Report: HTML Injection Vulnerability ️‍♂️https://medium.com/@youseftamereg/first-bug-report-html-injection-vulnerability-%EF%B8%8F-%EF%B8%8F-7a5e042d6548?source=rss------bug_bounty-5yousef tamerhtml-injection, writeup, bug-bounty01-Aug-2024
Wasabi Bucket Takeover | Bug Bountyhttps://mo9khu93r.medium.com/wasabi-bucket-takeover-bug-bounty-7520e8decde7?source=rss------bug_bounty-5mo9khu93rethical-hacking, cybersecurity, subdomain-takeover, bug-bounty31-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-62)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-62-4ff0fce045ca?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, skills, bug-bounty, hacking31-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-61)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-61-1c6514a2067b?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, cybersecurity, bug-bounty, skills, hacking31-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-60)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-60-76ea9ba1551c?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, bug-bounty, hacking, cybersecurity, ethical-hacking31-Jul-2024
Step-by-Step Guide On How to Find Your First Bug in Web Applicationshttps://medium.com/@shaikhminhaz1975/step-by-step-guide-on-how-to-find-your-first-bug-in-web-applications-0080f6a7f945?source=rss------bug_bounty-5Shaikh Minhazcybersecurity, bug-bounty, vulnerability, information-disclosure, ethical-hacking31-Jul-2024
How To Find Your 1st Bug For Bug Bounty Hunters (Step by Step Guide) Guarantee Resulthttps://medium.com/@shaikhminhaz1975/step-by-step-guide-on-how-to-find-your-first-bug-in-web-applications-0080f6a7f945?source=rss------bug_bounty-5Shaikh Minhazcybersecurity, bug-bounty, vulnerability, information-disclosure, ethical-hacking31-Jul-2024
SAML Authentication Bypass Leading to Admin Panel Accesshttps://medium.com/@0x_xnum/saml-authentication-bypass-leading-to-admin-panel-access-24f23812ed76?source=rss------bug_bounty-5Ahmed Tarekbug-bounty, saml, privilege-escalation, broken-access-control, authentication-bypass31-Jul-2024
Don’t know where to look for bugs ?? In Depth Recon Bug Bounty — Part 02https://omarora1603.medium.com/dont-know-where-to-look-for-bugs-in-depth-recon-bug-bounty-part-02-9d7c55e045aa?source=rss------bug_bounty-5Om Arorabug-bounty-writeup, hacking, bug-bounty, methodology, infosec31-Jul-2024
My Journey into Cybersecurity: Learning Bug Bounty from Scratchhttps://medium.com/@akashathare411/my-journey-into-cybersecurity-learning-bug-bounty-from-scratch-abc2b45f04c5?source=rss------bug_bounty-5Akash Atharelearning, cybersecurity, bug-bounty, iit, masters-degree31-Jul-2024
Serialization and Deserialization: An Essential Guidehttps://cyberw1ng.medium.com/serialization-and-deserialization-an-essential-guide-30552a9cf379?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, cybersecurity, penetration-testing31-Jul-2024
Hack and make money — Bug Bountyhttps://medium.com/@victoras.croitoru/hack-and-make-money-bug-bounty-d9db818eb33e?source=rss------bug_bounty-5viconline, ethical-hacking, hacking, money, bug-bounty31-Jul-2024
NgeSec Bebas #3 — How to Avoid N/A on Submissionshttps://muh-hidayat7799.medium.com/ngesec-bebas-3-how-to-avoid-n-a-on-submissions-9acf14ef7ba1?source=rss------bug_bounty-5Muhamad Hidayatmethodology, risk-management, bug-bounty, app-security, penetration-testing31-Jul-2024
Don’t know where to look for bugs ?? In Depth Recon Bug Bounty — Part 02https://infosecwriteups.com/dont-know-where-to-look-for-bugs-in-depth-recon-bug-bounty-part-02-9d7c55e045aa?source=rss------bug_bounty-5Om Arorabug-bounty-writeup, hacking, bug-bounty, methodology, infosec31-Jul-2024
Why bug bounty program should be a part of your security strategy — ET CISOhttps://nowitsanurag.medium.com/why-bug-bounty-program-should-be-a-part-of-your-security-strategy-et-ciso-ad5abf991292?source=rss------bug_bounty-5Anuragcybersecurity, bug-bounty, ransomware, vulnerability31-Jul-2024
Uncovering Sensitive Information: A Case Study on a Government Websitehttps://medium.com/@anonymousshetty2003/uncovering-sensitive-information-a-case-study-on-a-government-website-1f5ad0e158ec?source=rss------bug_bounty-5Anonymousshettyhacking, ethical-hacking, bug-bounty, wpscan, cybersecurity31-Jul-2024
Stored XSS: When Bad Code Happens to Good Websites (Cross Site Scripting)https://medium.com/@godsxfinger/stored-xss-when-bad-code-happens-to-good-websites-a5d6b4e629ca?source=rss------bug_bounty-5Aadi (godsxfinger)bug-bounty, cross-site-scripting, xs, web-app-security, cybersecurity31-Jul-2024
Reflected XSS: Navigating the Web’s Wild West (Cross-Site Scripting)https://medium.com/@godsxfinger/reflected-xss-navigating-the-webs-wild-west-cross-site-scripting-a1e092e58b73?source=rss------bug_bounty-5Aadi (godsxfinger)cybersecurity, cross-site-scripting, xs, bug-bounty, web-app-security31-Jul-2024
From Fries to Flaws : My Journey into Web App Security (Part I)https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-i-958c67c20771?source=rss------bug_bounty-5OiQweb-application-security, web-vulnerabilities, bug-bounty, bug-bounty-tips, cybersecurity31-Jul-2024
ICMTC Final CTF 2024 Web Hackig Challengeshttps://medium.com/@medohythem2019/icmtc-final-ctf-2024-web-hackig-challenges-5135cccf09ba?source=rss------bug_bounty-50xdragonbug-bounty, hacking, pentesting, ctf30-Jul-2024
LFI WITH PHPINFO TO RCEhttps://infosecwriteups.com/lfi-with-phpinfo-to-rce-78318f0dc9ce?source=rss------bug_bounty-5c0d3x27bug-bounty, hacking-tools, hacking, web-development, cybersecurity30-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-59)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-59-a0a4a25d7f97?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, cybersecurity, ethical-hacking, bug-bounty, skills30-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-58)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-58-f4102848b19d?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, bug-bounty, ethical-hacking, cybersecurity, skills30-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-57)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-57-1c470cccf094?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, bug-bounty, skills, hacking30-Jul-2024
Triple XSS in a Private Bug Bounty Program via a Hidden Parameterhttps://infosecwriteups.com/triple-xss-in-a-private-bug-bounty-program-via-a-hidden-parameter-b42d0263f56d?source=rss------bug_bounty-5Andreahacking, bug-bounty, xss-attack30-Jul-2024
Interesting Business Logic Error leads to Pre-Account Takeover via Verification bypass on GoogleVRPhttps://medium.com/@jerryhackgather/interesting-business-logic-error-leads-to-pre-account-takeover-via-verification-bypass-on-googlevrp-d362f9469e3d?source=rss------bug_bounty-5Jerry1319cybersecurity, bug-bounty-tips, bug-bounty, bugbounty-writeup30-Jul-2024
Cross-Site Scripting (XSS) Vulnerabilities:https://medium.com/@yassentaalab51/cross-site-scripting-xss-vulnerabilities-1397653cef7d?source=rss------bug_bounty-5Yassen Taalabowasp, web-vulnerabilities, bug-bounty, web-security, xss-attack30-Jul-2024
6 tips for finding security vulnerabilities with GitHub Code Search — Bug Bounty Tuesdayhttps://medium.com/@kerstan/6-tips-for-finding-security-vulnerabilities-with-github-code-search-bug-bounty-tuesday-d4035bc7e302?source=rss------bug_bounty-5kerstanhacking, bug-bounty, cybersecurity30-Jul-2024
Stealing First Party Access Token of Facebook Users: Meta Bug Bountyhttps://iamsaugat.medium.com/stealing-first-party-access-token-of-facebook-users-meta-bug-bounty-44b3b2e87d07?source=rss------bug_bounty-5Saugat Pokharelmeta, cybersecurity, facebook-bug-bounty, bug-bounty, hacking30-Jul-2024
第一次课程笔记整理https://medium.com/@starkxun5215/%E7%AC%AC%E4%B8%80%E6%AC%A1%E8%AF%BE%E7%A8%8B%E7%AC%94%E8%AE%B0%E6%95%B4%E7%90%86-52d34c91f3fc?source=rss------bug_bounty-5xun starkbug-bounty30-Jul-2024
Race Conditions Uncovered: A Practical Guidehttps://yaseenzubair.medium.com/race-conditions-uncovered-a-practical-guide-3cb69d73c946?source=rss------bug_bounty-5Yaseen Zubairweb-security, penetration-testing, bug-bounty, bug-bounty-tips, race-condition30-Jul-2024
Navigating the Dangers of Insecure Deserializationhttps://cyberw1ng.medium.com/navigating-the-dangers-of-insecure-deserialization-73254b5ed415?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, bug-bounty, hacking, careers30-Jul-2024
How I got my first valid bug on nasahttps://medium.com/@mrkimia097/how-i-got-my-first-valid-bug-on-nasa-bf5e95531f00?source=rss------bug_bounty-5Mrkimiabug-bounty30-Jul-2024
Top Google Dorks Explainedhttps://infosecwriteups.com/top-google-dorks-explained-ee6cac1673da?source=rss------bug_bounty-5Mike Takahashi (TakSec)information-security, seo, hacking, cybersecurity, bug-bounty30-Jul-2024
Exposing OTP Bypass Vulnerabilities: Step-by-Step Bug Bounty Case Studyhttps://b0mk35h.medium.com/exposing-otp-bypass-vulnerabilities-step-by-step-bug-bounty-case-study-0dc39dc543bd?source=rss------bug_bounty-5Pronay Biswaspenetration-testing, hacking, bug-bounty, vulnerability, cybersecurity29-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-56)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-56-5d2efa89b759?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, bug-bounty, ethical-hacking, cybersecurity, skills29-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-55)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-55-1032e6222b41?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, skills, bug-bounty, hacking29-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-54)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-54-8e83629a6942?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, hacking, ethical-hacking, skills, bug-bounty29-Jul-2024
Exploiting Open Redirection $1000https://medium.com/@mdnafeed3/how-about-exploiting-open-redirection-how-base64-encoding-can-uncover-hidden-vulnerabilities-cb5beb11b763?source=rss------bug_bounty-5H4cker-Nafeedcybersecurity, web3, infosec, hacking, bug-bounty29-Jul-2024
Insecure Deserialization Vulnerabilities: A Deep Dive into Risks and Mitigationshttps://cyberw1ng.medium.com/insecure-deserialization-vulnerabilities-a-deep-dive-into-risks-and-mitigations-5c37f297c763?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, bug-bounty, penetration-testing, hacking29-Jul-2024
Discovering and Exploiting an XSS Vulnerability in a Large Finance Websitehttps://medium.com/@anonymousshetty2003/discovering-and-exploiting-an-xss-vulnerability-in-a-large-finance-website-f125dbd6d984?source=rss------bug_bounty-5Anonymousshettyxss-vulnerability, cybersecurity, ethical-hacking, hacking, bug-bounty29-Jul-2024
Advanced scan with Bashhttps://mosec0.medium.com/advanced-scan-with-bash-52005537a63c?source=rss------bug_bounty-5Mohamed Alipentester, bug-bounty, new-security-tool29-Jul-2024
Uncovering Sensitive File Information: A Case Study in Web Securityhttps://medium.com/@anonymousshetty2003/uncovering-sensitive-file-information-a-case-study-in-web-security-f5d03f2c5cd4?source=rss------bug_bounty-5Anonymousshettysensitive-data, cybersecurity, ethical-hacking, bug-bounty, dorking29-Jul-2024
Kioptrix Level 2 Walkthroughhttps://erdemstar.medium.com/kioptrix-level-2-walkthrough-439c56f87c?source=rss------bug_bounty-5Erdemstarvulnerability, oscp-preparation, bug-bounty-tips, bug-bounty, oscp29-Jul-2024
JS Link Finder Burp Suite Extension Guidehttps://infosecwriteups.com/js-link-finder-burp-suite-extension-guide-e4809a6da268?source=rss------bug_bounty-5Mike Takahashi (TakSec)information-security, cybersecurity, hacking, bug-bounty, appsec29-Jul-2024
New Planshttps://medium.com/@nnface/new-plans-0b11cfa5495d?source=rss------bug_bounty-5NnFacebugs, bug-bounty, bug-bounty-writeup, hacker, hacking29-Jul-2024
Chain Reaction On Big Playerhttps://medium.com/@nnface/chain-reaction-on-big-player-4e331faf57b9?source=rss------bug_bounty-5NnFacebug-bounty, bug-bounty-tips, bugs, bugs-bunny, hacking29-Jul-2024
JavaScript: Hunting And Analyzing for Bug Bounty..https://hacktivistattacker.medium.com/javascript-hunting-and-analyzing-for-bug-bounty-a15416de32cd?source=rss------bug_bounty-5Hacktivist-Attackerbug-bounty, ethical-hacking, code-analysis, education, javascript28-Jul-2024
Hunting for Vulnerabilities that are ignored by most of the Bug Bounty Hunters — Part 2https://medium.com/@kshunya/hunting-for-vulnerabilities-that-are-ignored-by-most-of-the-bug-bounty-hunters-part-2-d2a51edaa8e8?source=rss------bug_bounty-5Vishal Barotpentesting, infosec, bug-bounty, penetration-testing, vapt28-Jul-2024
Hacking OWASP Juice Shop: Part 2 — Exposing Critical Vulnerabilities in the Payment Flowhttps://callgh0st.medium.com/hacking-owasp-juice-shop-part-2-exposing-critical-vulnerabilities-in-the-payment-flow-45630ed1633e?source=rss------bug_bounty-5callgh0stvulnerability, hacking, bug-bounty, payments, logic28-Jul-2024
Unveiling Hidden Git Repositories: A Deep Dive into the Git Source Code Disclosure Scannerhttps://maordayanofficial.medium.com/unveiling-hidden-git-repositories-a-deep-dive-into-the-git-source-code-disclosure-scanner-f704470de59a?source=rss------bug_bounty-5Maor Dayanthreat-hunting, vulnerability, white-hat-hacker, bug-bounty28-Jul-2024
How I bypass Safegurads of meta AI (Llama)https://medium.com/@jeetpal2007/how-i-bypass-safegurads-of-meta-ai-llama-d735b521da2b?source=rss------bug_bounty-5JEETPALllamas, bug-bounty, llm, bugbounty-tips, bugbounty-writeup28-Jul-2024
How to Fight Procrastination as a Bug Hunterhttps://medium.com/@Progsky/how-to-fight-procrastination-as-a-bug-hunter-48d0d280e572?source=rss------bug_bounty-5Progskybug-bounty, hacking, pentesting, penetration-testing, procrastination28-Jul-2024
Exploiting Insecure Deserialization Vulnerabilitieshttps://cyberw1ng.medium.com/exploiting-insecure-deserialization-vulnerabilities-cb9c586cd146?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, penetration-testing, hacking28-Jul-2024
Subdomain Takeoverhttps://medium.com/@mukkagopi50/subdomain-takeover-1de38466fdcc?source=rss------bug_bounty-5Gopi Mukkabug-bounty28-Jul-2024
Bypass Plan Restriction & Get 350$ Bountyhttps://infosecwriteups.com/bypass-plan-restriction-get-350-bounty-2df24f406462?source=rss------bug_bounty-5Abhi Sharmaprivilege-escalation, bug-bounty, programming, cybersecurity, access-control28-Jul-2024
Here are some common parameters to test for XSS (Cross-Site Scripting) vulnerabilities:https://medium.com/@BugHunterMan/here-are-some-common-parameters-to-test-for-xss-cross-site-scripting-vulnerabilities-fbe25f1968cc?source=rss------bug_bounty-5BugHUnterManbug-bounty, vulnerability28-Jul-2024
Hacking OWASP Juice Shop: Part 2 — Exposing Critical Vulnerabilities in the Payment Flowhttps://infosecwriteups.com/hacking-owasp-juice-shop-part-2-exposing-critical-vulnerabilities-in-the-payment-flow-45630ed1633e?source=rss------bug_bounty-5callgh0stvulnerability, hacking, bug-bounty, payments, logic28-Jul-2024
0-Click ATO Due to Weak Reset Password Tokens and Lack of Rate Limitinghttps://h0tak88r.medium.com/0-click-ato-due-to-weak-reset-password-tokens-and-lack-of-rate-limiting-b7fe20487a45?source=rss------bug_bounty-5sallamcybersecurity, ato, bug-bounty, account-takeover, bug-bounty-tips28-Jul-2024
how did i find leakage of information just by fuzzing?https://medium.com/@onader104/how-did-i-find-leakage-of-information-just-by-fuzzing-888d6ce6d8f7?source=rss------bug_bounty-5Omar Naderinfosec, bug-bounty, cybersecurity, bug-bounty-tips, info-sec-writeups28-Jul-2024
The Looming Threat: How an IDOR Vulnerability Could Have Exposed Millions of Merchants Details.https://medium.com/@cy3erbeast/the-looming-threat-how-an-idor-vulnerability-could-have-exposed-millions-of-merchants-details-f488725489a0?source=rss------bug_bounty-5Rahulbug-bounty-writeup, bug-bounty, idor-vulnerability, bug-bounty-tips, data-breach28-Jul-2024
Discovered Sensitive Data Exposure on Wati.com: A Case Study Using Sublist3r and DirBusterhttps://medium.com/@anonymousshetty2003/discovered-sensitive-data-exposure-on-wati-com-a-case-study-using-sublist3r-and-dirbuster-409a03f8f75d?source=rss------bug_bounty-5Anonymousshettybug-bounty, hacking, cybersecurity, ethical-hacking27-Jul-2024
Open Redirect Vulnerability in Microsoft Create Portalhttps://zeynalxan.medium.com/open-redirect-vulnerability-in-microsoft-create-portal-6654eb3e6b7a?source=rss------bug_bounty-5Zeynalxan Quliyevbug-bounty, microsoft-hack, open-redirect, bug-bounty-writeup, microsoft-open-redirect27-Jul-2024
How I found a Privilege Escalation bug in bug bounty.https://medium.com/@gitlime71/how-i-found-a-privilege-escalation-bug-in-bug-bounty-eff018f19020?source=rss------bug_bounty-5Raccoonhacking, bug-bounty, penetration-testing, pentesting, bug-bounty-tips27-Jul-2024
Jailbreak of Meta AI (Llama -3.1) revealing configuration detailshttps://medium.com/@kiranmaraju/jailbreak-of-meta-ai-llama-3-1-revealing-configuration-details-9f0759f5006a?source=rss------bug_bounty-5Kiran Marajullm, nlp, cybersecurity, bug-bounty, chatbots27-Jul-2024
Subdomain Takeoverhttps://medium.com/@ibnibrahim/subdomain-takeover-34bd662b5a7a?source=rss------bug_bounty-5TestUsercybersecurity, hacking, ethical-hacking, bug-bounty, information-security27-Jul-2024
Exploiting insecure deserialization vulnerabilitieshttps://cyberw1ng.medium.com/exploiting-insecure-deserialization-vulnerabilities-3595e4c24e2d?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, penetration-testing, cybersecurity, careers27-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-48)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-48-241d35293a81?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, cybersecurity, hacking, skills, bug-bounty26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-47)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-47-8d21d898cc97?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, skills, cybersecurity, ethical-hacking, hacking26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-46)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-46-e851213880f4?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, bug-bounty, ethical-hacking, hacking, cybersecurity26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-45)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-45-7a90d1667a7a?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, skills, ethical-hacking, bug-bounty, hacking26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-44)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-44-e4649fab9a0c?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking26-Jul-2024
30-day Time Limit: Swagshop Credit-Giving Activityhttps://medium.com/@security.tecno/30-day-time-limit-swagshop-credit-giving-activity-61454ef3757b?source=rss------bug_bounty-5TECNO Securitybug-bounty, security, bonus, hacker26-Jul-2024
SIMPLE IDEA IN 2FA BYPASS LEADS TO $$$$ & CRITICAL IMPACT !https://medium.com/@alderson.philip/simple-idea-in-2fa-bypass-leads-to-critical-impact-a98e7c6a4190?source=rss------bug_bounty-5Philip Aldersonhacker, bugs, bug-bounty, 2fa-bypass26-Jul-2024
Inside the Bug Bounty World: Challenges, Rewards, and Tips for Successhttps://medium.com/codex/inside-the-bug-bounty-world-challenges-rewards-and-tips-for-success-74ea37cbfd9c?source=rss------bug_bounty-5Security Lit Limitedbug-bounty, vulnerability, bug-bounty-tips, cybersecurity, penetration-testing26-Jul-2024
Quick Guide: API Penetration Testinghttps://medium.com/@miladkeivanfar/quick-guide-api-penetration-testing-496c2e356a2e?source=rss------bug_bounty-5Milad keivanfarpentesting, api-penetration-testing, bug-bounty, bug-bounty-tips, api-security26-Jul-2024
Solving an extremely difficult cryptography CTF pack: Level 1https://medium.com/@f3tch/day-1-of-solving-an-extremely-difficulty-level-cryptography-ctf-pack-level-1-b8b3d89a531c?source=rss------bug_bounty-5f3tchhacking, ctf-writeup, ctf, bug-bounty, cryptography26-Jul-2024
ElasticSearch Smash & Grabhttps://hogarth45.medium.com/elasticsearch-smash-grab-99cf36cdefbb?source=rss------bug_bounty-5Jesselasticsearch, hacking, bug-bounty26-Jul-2024
Pentesting vs. Bug Bounty: Understanding the Differences and Choosing the Right Approachhttps://ip-specialist.medium.com/pentesting-vs-bug-bounty-understanding-the-differences-and-choosing-the-right-approach-0af4e0569193?source=rss------bug_bounty-5IPSpecialistdifference, pentester, pentesting, bug-bounty, security26-Jul-2024
18.7 Lab: Clobbering DOM attributes to bypass HTML filtershttps://cyberw1ng.medium.com/18-7-lab-clobbering-dom-attributes-to-bypass-html-filters-d1af9a33ae41?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, penetration-testing, careers, hacking26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-49)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-49-2ef3a8eb3b4b?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, bug-bounty, cybersecurity, ethical-hacking, skills26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-53)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-53-bea2f5cf6a14?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, cybersecurity, hacking, ethical-hacking, bug-bounty26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-52)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-52-26b5cc12f0c2?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, bug-bounty26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-51)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-51-379ea39fb723?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, skills, cybersecurity, ethical-hacking, hacking26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-50)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-50-4a59a3c4f97b?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, skills, ethical-hacking, hacking26-Jul-2024
IDOR : Payment Fraud on GYM Membership websitehttps://uzet.medium.com/idor-payment-fraud-on-gym-membership-website-d4e67f07db57?source=rss------bug_bounty-5Timotius Benhurbug-bounty, pentesting, bug-bounty-writeup, bug-bounty-tips, cybersecurity25-Jul-2024
SQL Injection in 5 mins //Just because of CURIOSITY //https://larebsec.medium.com/sql-injection-in-5-mins-just-because-of-curiosity-56e186f6296d?source=rss------bug_bounty-5Larebsql-injection, hacking, cybersecurity, security, bug-bounty25-Jul-2024
Useful JavaScript functions & API’s to exploit XSS (Cross-Site Scripting)https://medium.com/@godsxfinger/useful-javascript-functions-apis-to-exploit-xss-cross-site-scripting-5d99a93d9899?source=rss------bug_bounty-5Aadi (godsxfinger)cross-site-scripting, xs, bug-bounty, cybersecurity25-Jul-2024
Bypassing OTP Verification in a Signup Pagehttps://medium.com/@rat010/bypassing-otp-verification-in-a-signup-page-13976f724017?source=rss------bug_bounty-5Kanhaiya Kumar Singhbug-bounty, web-application-security, web-app-testing, bug-hunting, bug-bounty-tips25-Jul-2024
18.6 Lab: Exploiting DOM clobbering to enable XSShttps://cyberw1ng.medium.com/18-6-lab-exploiting-dom-clobbering-to-enable-xss-640dd7c5fcf8?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing25-Jul-2024
The Importance of Cybersecurity in Today’s Digital Agehttps://medium.com/@erkankavas/the-importance-of-cybersecurity-in-todays-digital-age-8d5a61d47416?source=rss------bug_bounty-5Erkan Kavascybersecurity, bug-bounty, threat-intelligence25-Jul-2024
Automatiser la découverte des XSShttps://medium.com/@hazeprojecte/automatiser-la-d%C3%A9couverte-des-xss-9810f89172a4?source=rss------bug_bounty-5Itachix0fxss-attack, automatisation, bug-bounty-tips, bug-bounty25-Jul-2024
Automatiser la découverte des XSShttps://medium.com/@Itachi0xf/automatiser-la-d%C3%A9couverte-des-xss-9810f89172a4?source=rss------bug_bounty-5Itachix0fxss-attack, automatisation, bug-bounty-tips, bug-bounty25-Jul-2024
The Basic SQLmap Tutorial and SQLInjection | PortswiggerLab with SQLMaphttps://medium.com/@barsavak/the-basic-sqlmap-tutorial-and-sqlinjection-portswiggerlab-with-sqlmap-1bb0cdf086fb?source=rss------bug_bounty-5bariss30bug-bounty, test, sql-injection, web-vulnerabilities, tools24-Jul-2024
Bug Bounty basic for beginners & Types of bug bounty programshttps://systemweakness.com/bug-bounty-basic-for-beginners-types-of-bug-bounty-programs-e4a8dab68fcd?source=rss------bug_bounty-5Harsh Hatejbug-bounty, bug-bounty-program, kali-linux, bug-bounty-tips, bounty-program24-Jul-2024
14.30 Lab: Reflected XSS protected by CSP, with CSP bypasshttps://cyberw1ng.medium.com/14-30-lab-reflected-xss-protected-by-csp-with-csp-bypass-779c76173f7a?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, cybersecurity, careers, hacking24-Jul-2024
Android PenTesting Toolshttps://medium.com/@evilprince007/android-pentesting-tools-efd0685ffeb7?source=rss------bug_bounty-5Prathamesh Khatavkarandroid, bug-bounty, hacking, cybersecurity, mobile24-Jul-2024
Hacking Moodle Apps Via External Functionshttps://medium.com/@dub-flow/hacking-moodle-apps-via-external-functions-1fc88a6d697c?source=rss------bug_bounty-5Florian Walterpenetration-testing, moodle, ethical-hacking, cybersecurity, bug-bounty24-Jul-2024
Accelerating Cybersecurity Learning with Speed Reading and Memory Traininghttps://medium.com/@enigma_/accelerating-cybersecurity-learning-with-speed-reading-and-memory-training-97305b666660?source=rss------bug_bounty-5enigmabug-bounty, memory-improvement, ethical-hacking, speed-reading, cybersecurity24-Jul-2024
How Almost Sacrificing a University Group Project led to a Microsoft Bug Bountyhttps://medium.com/@pyrus369/how-almost-sacrificing-a-university-group-project-led-to-a-microsoft-bug-bounty-9801e0f8f006?source=rss------bug_bounty-5Pyrusmicrosoft, cybersecurity, web-security, bug-bounty, infosec23-Jul-2024
How Almost Sacrificing a University Group Project led to a Microsoft Bug Bountyhttps://medium.com/@ericdesquivel3/how-almost-sacrificing-a-university-group-project-led-to-a-microsoft-bug-bounty-7e1b4eaabe22?source=rss------bug_bounty-5Eric Esquivelbug-bounty, web-app-security23-Jul-2024
Unmasking Keystroke Secrets: How Hackers Exploit Your Keyboard — A Deep Dive into…https://systemweakness.com/unmasking-keystroke-secrets-how-hackers-exploit-your-keyboard-a-deep-dive-into-5bdb1bbabb25?source=rss------bug_bounty-5Khaleel Khaninfosec, bug-bounty, python, hacking, cybersecurity23-Jul-2024
Preparing Your VPS for Bug Bounty Operations: A Complete Guidehttps://medium.com/@adityasingh4180/preparing-your-vps-for-bug-bounty-operations-a-complete-guide-f55c30331df0?source=rss------bug_bounty-5Security Empirecybersecurity, vps, bugcrowd, automation-testing, bug-bounty23-Jul-2024
5 Tips For Writing Bug Bounty Reports — Bug Bounty Tuesdayhttps://medium.com/@kerstan/5-tips-for-writing-bug-bounty-reports-bug-bounty-tuesday-0c5ed937a657?source=rss------bug_bounty-5kerstanhacking, bug-bounty, cybersecurity23-Jul-2024
Complex Attack Types: Sample Scenarios 48https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-48-410ddcb3010e?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, bug-bounty, cyberattack, cybersecurity, penetration-testing23-Jul-2024
Top 10 XSS Payloadshttps://rodoassis.medium.com/top-10-xss-payloads-e4774a43e285?source=rss------bug_bounty-5Rodolfo Assis (Brute)xss-vulnerability, xss-attack, web-security, bug-bounty, web-hacking23-Jul-2024
How i created my first XSS tool:-XSS-Pro #BugBountyhttps://medium.com/@mithun_/how-i-created-my-first-xss-tool-xss-pro-bugbounty-982a16079baf?source=rss------bug_bounty-5Mithunxss-vulnerability, xss-attack, pentesting, bug-bounty, automation23-Jul-2024
I made a big mistake…https://medium.com/@deadoverflow/i-made-a-big-mistake-a3e2dac4138c?source=rss------bug_bounty-5Imad Husanovicbug-bounty, cybsersecurity, bug-bounty-tips, hacking, programming23-Jul-2024
How to start Bug Huntinghttps://medium.com/@hackerhyaato/how-to-start-bug-hunting-73ce283db5ac?source=rss------bug_bounty-5Hackerhyaatohow-to-start-bug-hunting, bug-bounty, bug-hunting, bugbounty-tips, how-to-start-bug-bounty23-Jul-2024
What is CSP (content security policy)?https://cyberw1ng.medium.com/what-is-csp-content-security-policy-cb3580832442?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, penetration-testing, bug-bounty, hacking23-Jul-2024
How to Install websocat on linux (Debian / Ubuntu)https://medium.com/@brianokinyi/how-to-install-websocat-on-linux-debian-ubuntu-85893655355e?source=rss------bug_bounty-5Brian Okinyiwebsocket, bug-bounty, linux, pentesting22-Jul-2024
Case Studies: High-Profile Vulnerabilities Discovered Through Bug Bounty Programshttps://medium.com/@paritoshblogs/case-studies-high-profile-vulnerabilities-discovered-through-bug-bounty-programs-2a063561f733?source=rss------bug_bounty-5Paritoshinformation-technology, hacking, bug-bounty, cybersecurity, information-security22-Jul-2024
OverTheWire — Bandit27https://medium.com/@evilprince007/overthewire-bandit27-465df4274d80?source=rss------bug_bounty-5Prathamesh Khatavkarhacking, cybersecurity, bug-bounty22-Jul-2024
TapSwap Clone Script Your Gateway to a Lucrative Tap-to-Earn Game !!!https://medium.com/@peterkester96/tapswap-clone-script-your-gateway-to-a-lucrative-tap-to-earn-game-68a589821305?source=rss------bug_bounty-5Peterkesterplayers, bug-bounty, telegram, profit, reflections22-Jul-2024
Burp Suite Made Easy: A Step-By-Step Tutorial (Part 1 of 2)https://medium.com/@trixiahorner/burp-suite-made-easy-a-step-by-step-tutorial-part-1-of-2-451695ce84b1?source=rss------bug_bounty-5Trixia Hornertryhackme, ethical-hacking, cybersecurity, penetration-testing, bug-bounty22-Jul-2024
14.28 Lab: Reflected XSS in a JavaScript URL with some characters blockedhttps://cyberw1ng.medium.com/14-28-lab-reflected-xss-in-a-javascript-url-with-some-characters-blocked-db67819d5aa6?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, cybersecurity, penetration-testing22-Jul-2024
What is IDOR (along with IDOR Attack Method)https://medium.com/@errorfiathck/what-is-idor-along-with-idor-attack-method-e183b28e8546?source=rss------bug_bounty-5Errorfiathckvulnerability, hacking, bug-bounty, idor, idor-vulnerability22-Jul-2024
The First Bug bounty forum !https://elb4rt0.medium.com/the-first-bug-bounty-forum-ba0399fb70c0?source=rss------bug_bounty-5Elb4rt0bug-bounty-hunter, bug-bounty-tips, bugs, bug-bounty, bug-bounty-writeup22-Jul-2024
First €200 bug that started my Bug Bounty Careerhttps://medium.com/@sugamdangal52/first-200-bug-that-started-my-bug-bounty-career-c11a871e116f?source=rss------bug_bounty-5Sugam Dangalbug-bounty-hunter, bug-bounty, bug-bounty-tips, bugs, bug-bounty-writeup22-Jul-2024
My Encounter with an Admin Panel in a Gas Agency Websitehttps://medium.com/@parthh_rana/my-encounter-with-an-admin-panel-in-a-gas-agency-website-72ded4fa4345?source=rss------bug_bounty-5Parth Ranalaravel, admin-panel, cybersecurity, bug-bounty, directory-listing22-Jul-2024
HACKERONE IS A SCAMhttps://medium.com/@proseizala/hackerone-is-a-scam-1623a5030284?source=rss------bug_bounty-5Proseizalacybersecurity, hackerone, hacker, bug-bounty22-Jul-2024
Complex Attack Types: Sample Scenarios 47https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-47-c0314c0e0b02?source=rss------bug_bounty-5Baris Dincerpenetration-testing, freedomofinternet, bug-bounty, cyberattack, cybersecurity22-Jul-2024
Discovering Account Takeover Vulnerability Through Source Map Analysishttps://medium.com/@eduardinholuiz691/discovering-account-takeover-vulnerability-through-source-map-analysis-0cd4038cbc04?source=rss------bug_bounty-5Daniel Silvavulnerability, bug-bounty, bug-bounty-writeup, reconnaissance22-Jul-2024
Discovering Account Takeover Vulnerability Through Source Map Analysishttps://medium.com/@danielsilva691/discovering-account-takeover-vulnerability-through-source-map-analysis-0cd4038cbc04?source=rss------bug_bounty-5Daniel Silvavulnerability, bug-bounty, bug-bounty-writeup, reconnaissance22-Jul-2024
CVE-2024–40725 and CVE-2024–40898: Critical Vulnerabilities in Apache HTTP Serverhttps://infosecwriteups.com/cve-2024-40725-and-cve-2024-40898-critical-vulnerabilities-in-apache-http-server-d292084255dc?source=rss------bug_bounty-5ElNiakapache, cybersecurity, https, bug-bounty, vulnerability21-Jul-2024
TryHackMe — NahamStore — Walkthroughhttps://medium.com/@nayanjyoti16/tryhackme-nahamstore-walkthrough-d4ecfe586c96?source=rss------bug_bounty-5Nayanjyoti Kumartryhackme, hacking, web, nahamstore, bug-bounty21-Jul-2024
How I bypassed payment in one of the popular mobile apk and got free subsciptionhttps://medium.com/@deepk007/how-i-bypassed-payment-in-one-of-the-popular-mobile-apk-and-got-free-subsciption-46e94f61c089?source=rss------bug_bounty-5DEepbug-bounty, bug-bounty-tips, ethical-hacking, red-team, cybersecurity21-Jul-2024
Community Building in Bug Bounties: The Power of Networking and Collaborationhttps://sarthakbhingare15.medium.com/community-building-in-bug-bounties-the-power-of-networking-and-collaboration-6adcdea4435b?source=rss------bug_bounty-5Sarthak Bhingarecommunity, improve, bug-bounty-tips, bug-bounty, tips21-Jul-2024
14.27 Lab: Reflected XSS with event handlers and href attributes blockedhttps://cyberw1ng.medium.com/14-27-lab-reflected-xss-with-event-handlers-and-href-attributes-blocked-d2f9871fc8a8?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, penetration-testing, careers, bug-bounty21-Jul-2024
How To Setup Private Interactsh Serverhttps://medium.com/@learntheshell/how-to-setup-private-interactsh-server-016c344a10b3?source=rss------bug_bounty-5LearnTheShellbug-bounty, bug-bounty-tips, cybersecurity, linux21-Jul-2024
Advanced XXE Injectionhttps://medium.com/illumination/advanced-xxe-injection-fb269f281a40?source=rss------bug_bounty-5Quintius Walkerpoetry, poetry-writing, poetry-on-medium, illumination, bug-bounty21-Jul-2024
BSOD error due to crowdstrike.https://gaya3-r.medium.com/bsod-error-due-to-crowdstrike-d675c348d09e?source=rss------bug_bounty-5gayatri rbug-bounty, crowdstrike, crowdstrike-outage, bsod-error, information-security21-Jul-2024
Email verification bypass due to race condition.https://medium.com/@mohamed.yasser442200/email-verification-bypass-due-to-race-condition-8e4492313208?source=rss------bug_bounty-5Spider4race-condition, red-team, bug-bounty, security, pentesting21-Jul-2024
Community Building in Bug Bounties: The Power of Networking and Collaborationhttps://sarthakbhingare15.medium.com/community-building-in-bug-bounties-the-power-of-networking-and-collaboration-6adcdea4435b?source=rss------bug_bounty-5Sarthak Raju Bhingarecommunity, improve, bug-bounty-tips, bug-bounty, tips21-Jul-2024
Uncovering a Critical Vulnerability: Unauthorized Access to Sensitive Datahttps://medium.com/@anonymousshetty2003/uncovering-a-critical-vulnerability-unauthorized-access-to-sensitive-data-024182daa127?source=rss------bug_bounty-5Anonymousshettypenetration-testing, bug-bounty, dorking, cybersecurity, ethical-hacking20-Jul-2024
Discovering a High-Severity Bug in a Major Mobile Distribution Companyhttps://medium.com/@anonymousshetty2003/discovering-a-high-severity-bug-in-a-major-mobile-distribution-company-3fdb2a0f1987?source=rss------bug_bounty-5Anonymousshettycybersecurity, ethical-hacking, bug-bounty20-Jul-2024
How I was able to escalate my privileges and Bypass 403 Forbiddenhttps://medium.com/@momen_besher/how-i-was-able-to-escalate-my-privileges-and-bypass-403-forbidden-17b8aea4cba6?source=rss------bug_bounty-5steve55555cybersecurity, bug-bounty, bug-bounty-tips20-Jul-2024
Kali Linux: Starting Out with Bug Bounty Huntinghttps://medium.com/@nimrashahidktk3/kali-linux-starting-out-with-bug-bounty-hunting-d7a0150645bd?source=rss------bug_bounty-5Nimra Shahidpenetration-testing, cybersecurity, kali-linux, bug-bounty20-Jul-2024
14.26 Lab: Reflected XSS with AngularJS sandbox escape and CSPhttps://cyberw1ng.medium.com/14-26-lab-reflected-xss-with-angularjs-sandbox-escape-and-csp-b98791b2a5a6?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, penetration-testing, bug-bounty, hacking20-Jul-2024
Complex Attack Types: Sample Scenarios 46https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-46-a6707ef9e910?source=rss------bug_bounty-5Baris Dincerpenetration-testing, cyberattack, bug-bounty, freedomofinternet, cybersecurity20-Jul-2024
The Type of Bug That We Can’t Seehttps://medium.com/illumination/the-type-of-bug-that-we-cant-see-82ff07cdcd71?source=rss------bug_bounty-5Quintius Walkercreative-writing, poetry-on-medium, poetry, bug-bounty, illumination20-Jul-2024
This is how i escalated self XSS with CSRFhttps://medium.com/@pvnk24/this-is-how-i-escalated-self-xss-with-csrf-80113ab3080e?source=rss------bug_bounty-5Pavan Kcybersecurity, bug-bounty, penetration-testing, security, pentesting20-Jul-2024
Basic Pentesting 1 Walkthroughhttps://erdemstar.medium.com/basic-pentesting-1-walkthrough-4e447a2ac35d?source=rss------bug_bounty-5Erdemstaroscp-preparation, oscp, bug-bounty, application-security, penetration-testing20-Jul-2024
Discovering an XML File Upload Vulnerability Lead to SSRF: My Bug Hunting Journeyhttps://javroot.medium.com/discovering-an-xml-file-upload-vulnerability-lead-to-ssrf-my-bug-hunting-journey-8e1bac89f60f?source=rss------bug_bounty-5Javrootxml, bug-bounty, vulnerability, cybersecurity, bug-bounty-tips20-Jul-2024
The Type of Bug That We Can’t Seehttps://medium.com/@The_StarHack3r/the-type-of-bug-that-we-cant-see-82ff07cdcd71?source=rss------bug_bounty-5Quintius Walkercreative-writing, poetry-on-medium, poetry, bug-bounty, illumination20-Jul-2024
14.25 Lab: Reflected XSS with AngularJS sandbox escape without stringshttps://cyberw1ng.medium.com/14-25-lab-reflected-xss-with-angularjs-sandbox-escape-without-strings-6ffac9f6bdf4?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, cybersecurity, careers19-Jul-2024
Subdomain Takeover on hatenablog.com (はてなブログ)https://medium.com/@daichiharada/subdomain-takeover-hatenablog-2cb3576bf881?source=rss------bug_bounty-5Daichi Haradasubdomain-takeover, security, bug-bounty19-Jul-2024
1000$ IDOR : Unauthorized Project Inclusion in Expensehttps://medium.com/@a13h1/1000-idor-unauthorized-project-inclusion-in-expense-b9ce08b28c71?source=rss------bug_bounty-5Abhi Sharmacybersecurity, idor, bug-bounty, broken-access-control, information-security19-Jul-2024
Information Disclosure that made me $2000 in under 5 minuteshttps://medium.com/@sugamdangal52/information-disclosure-that-made-me-2000-in-under-5-minutes-63e1ce00ca07?source=rss------bug_bounty-5Sugam Dangalinformation-disclosure, bug-bounty-writeup, bug-bounty, bug-bounty-tips19-Jul-2024
Common Technique To Exploit File Upload Vulnerabilityhttps://medium.com/@p00dl3/common-technique-to-exploit-file-upload-vulnerability-bf84beed7207?source=rss------bug_bounty-5p00dl3cybersecurity, bug-bounty, file-upload19-Jul-2024
Complete Cybersecurity Roadmap 2024 (Part-1)https://osintteam.blog/complete-cybersecurity-roadmap-2024-part-1-c69986288f16?source=rss------bug_bounty-5LogicTechcybersecurity, osint, bug-bounty, hacking, roadmaps19-Jul-2024
Hello …..https://medium.com/@rutujasoundale693/hello-4a42a834d006?source=rss------bug_bounty-5Rutujasoundalecybersecurity, bug-bounty19-Jul-2024
Complex Attack Types: Sample Scenarios 45https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-45-17057d9de6dd?source=rss------bug_bounty-5Baris Dincercybersecurity, bug-bounty, penetration-testing, freedomofinternet, cyberattack19-Jul-2024
Não Experimente a Tela Azul da Microsoft(BUG?)https://medium.com/@liviaxavier200317/n%C3%A3o-experimente-a-tela-azul-da-microsoft-bug-9f631ea24c8d?source=rss------bug_bounty-5Livia Xaviercrowdstrike, cibernéticos, bug-bounty, microsoft, bugs19-Jul-2024
Specialized Bug Sweeps for Unique Environmentshttps://medium.com/@siddiquiasad2299/specialized-bug-sweeps-for-unique-environments-43a1ea56930c?source=rss------bug_bounty-5Asad Siddiquibug-detection, tscm, bug-bounty, bug-sweep19-Jul-2024
Kursus Cyber Security Di Linuxhackingidhttps://medium.com/@linuxhackingid_official/kursus-cyber-security-di-linuxhackingid-dc4e52760661?source=rss------bug_bounty-5Linuxhackingidhacker, bug-bounty, cybersecurity, linuxhackingid, hacking18-Jul-2024
Top 50+ XSS Bug Bounty Writeups | Cross-Site Scripting(XSS) Attacks Reportshttps://medium.com/@proseizala/top-50-xss-bug-bounty-writeups-cross-site-scripting-xss-attacks-reports-700332ed6c87?source=rss------bug_bounty-5Proseizalahacker, hacking, bug-bounty, cybersecurity18-Jul-2024
Sub Domains Finder Toolshttps://medium.com/@proseizala/sub-domains-finder-tools-fefa2b44bb34?source=rss------bug_bounty-5Proseizalabug-bounty, cybersecurity, hacker18-Jul-2024
13.5 Lab: Exploiting server-side parameter pollution in a REST URLhttps://cyberw1ng.medium.com/13-5-lab-exploiting-server-side-parameter-pollution-in-a-rest-url-a1876056a5f6?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, bug-bounty, hacking, cybersecurity18-Jul-2024
Critical Logic Flaw Allows Overwrite of Any User Accounthttps://medium.com/@elcapitano7x/critical-logic-flaw-allows-overwrite-of-any-user-account-015b102e1da7?source=rss------bug_bounty-5Elcapitanobug-bounty, bug-bounty-tips, hackerone, bugbounty-writeup, hacking18-Jul-2024
How I Found and Bypassed a Spring Boot Actuator Information Disclosure Bughttps://cametom006.medium.com/how-i-found-and-bypassed-a-spring-boot-actuator-information-disclosure-bug-c4930b740a50?source=rss------bug_bounty-5Fahad Faisalbug-bounty18-Jul-2024
Summary Of The Basics of Web Hacking, PRT 2https://medium.com/@zghzwbcn/summary-of-the-basics-of-web-hacking-prt-2-e3d7bdbf902d?source=rss------bug_bounty-5Henrietta Awosoberekonbug-bounty, technology, cybersecurity, web-development, web-vulnerabilities18-Jul-2024
IDOR at the Get Payment Data Endpoint Leads to Personal Identifiable Information (PII) Disclosurehttps://medium.com/@blackarazi/idor-at-the-get-payment-data-endpoint-leads-to-personal-identifiable-information-pii-disclosure-7956c57058af?source=rss------bug_bounty-5Azhari Harahapapi-security, broken-access-control, application-security, bug-bounty-writeup, bug-bounty17-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-43)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-43-0699b919a514?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, hacking, cybersecurity, skills, bug-bounty17-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-42)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-42-4cb955de4cc7?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, bug-bounty, skills, hacking, cybersecurity17-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-41)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-41-7b2b5aed416c?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, cybersecurity, skills, bug-bounty, ethical-hacking17-Jul-2024
Why does you all guys think that you really need Python for hackinghttps://systemweakness.com/why-does-you-all-guys-think-that-you-really-need-python-for-hacking-b50b65238401?source=rss------bug_bounty-5Imran Niazprogramming-languages, penetration-testing, cybersecurity, data-science, bug-bounty17-Jul-2024
Temenos Transact Vulnerable to Reflected XSS (CVE-2022–38322)https://qotoz.medium.com/temenos-transact-vulnerable-to-reflected-xss-cve-2022-38322-7b1e2f681db1?source=rss------bug_bounty-5ِAshraf Harbcve, bug-bounty, penetration-testing, temenos17-Jul-2024
Bypassing Account Suspension Using Anonymous Posting | Facebook Bug Bountyhttps://ph-hitachi.medium.com/bypassing-account-suspension-using-anonymous-posting-facebook-bug-bounty-b204433c98d1?source=rss------bug_bounty-5Ph.Hitachibug-bounty, facebook-bug-bounty, bypass-restriction17-Jul-2024
Practical Bug Bounty — TCM Academy | Module 6https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-6-9cab8d004034?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamiethical-hacking, bug-bounty, cybersecurity, appsec, fuzzing17-Jul-2024
Default Credentials Leads to $1200 Bounty Reward (Quest NetVault CVE-2017–17417)https://medium.com/@tester333/default-credentials-leads-to-1200-bounty-reward-quest-netvault-cve-2017-17417-b34c6e0e7a86?source=rss------bug_bounty-5Testercybersecurity, bug-bounty-tips, bug-bounty, penetration-testing, ethical-hacking17-Jul-2024
The WordPress bug very few know about.https://osintteam.blog/the-wordpress-bug-very-few-know-about-1bf16ee4a2a6?source=rss------bug_bounty-5an0nbilwordpress, programming, vulnerability, web-development, bug-bounty17-Jul-2024
Exploiting Server-Side Parameter Pollution in a REST URLhttps://cyberw1ng.medium.com/exploiting-server-side-parameter-pollution-in-a-rest-url-0d52d4261c86?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, hacking, cybersecurity, bug-bounty17-Jul-2024
How Easily I Found My First P2 on Bugcrowdhttps://medium.com/@hashimamin/how-easily-i-found-my-first-p2-on-bugcrowd-ed827a79a50c?source=rss------bug_bounty-5Hashim Amincsrf, recon, csrf-bypass, bug-bounty-tips, bug-bounty17-Jul-2024
OS CTFhttps://medium.com/@Shaybaa/os-ctf-27cc9a8ab0cc?source=rss------bug_bounty-5Shaybaabug-bounty, web-security, idor-vulnerability17-Jul-2024
Hacker Himselfhttps://medium.com/@nnface/hacker-himself-01d4978e189c?source=rss------bug_bounty-5NnFacebugbounty-writeup, bug-bounty, hacking, cybersecurity, bug-bounty-tips17-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-40)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-40-f1b43fb596ae?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, cybersecurity, skills, ethical-hacking, bug-bounty16-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-39)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-39-740c7ada54ea?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, bug-bounty, cybersecurity, ethical-hacking, skills16-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-38)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-38-fa2ceb6f8bbd?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking, cybersecurity, hacking, skills16-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-37)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-37-20111980eaa5?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, ethical-hacking, hacking, bug-bounty, cybersecurity16-Jul-2024
Exploiting CVE-2024–22274: A Deep Dive into VMware vCenter Server Vulnerabilities and Defense…https://systemweakness.com/exploiting-cve-2024-22274-a-deep-dive-into-vmware-vcenter-server-vulnerabilities-and-defense-5d79b44ed215?source=rss------bug_bounty-5Khaleel Khaninfosec, cybersecurity, ethical-hacking, hacking, bug-bounty16-Jul-2024
Complex Attack Types: Sample Scenarios 44https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-44-83d2bc9b2d7d?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, information-technology, cybersecurity, bug-bounty, cyberattack16-Jul-2024
How Use 6 Step To Find Ssrf — Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-use-6-step-to-find-ssrf-bug-bounty-tuesday-acc44d806c08?source=rss------bug_bounty-5kerstancybersecurity, hacking, bug-bounty16-Jul-2024
API Recon and Testing for Bug Bountyhttps://cyberw1ng.medium.com/api-recon-and-testing-for-bug-bounty-3969d1f90f5c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, penetration-testing, cybersecurity16-Jul-2024
Intro to Debugging Java Web Servers Without Source Code For Security Researchershttps://infosecwriteups.com/intro-to-debugging-java-web-servers-without-source-code-for-security-researchers-80ff00de4753?source=rss------bug_bounty-5Jayateertha Guruprasadbug-bounty, pentesting, cybersecurity, java, infosec16-Jul-2024
Reflected XSS via Base64-encoded on My college website.https://uzet.medium.com/reflected-xss-via-base64-encoded-on-my-college-website-2df9755b1856?source=rss------bug_bounty-5Timotius Benhurpenetration-testing, pentesting, bug-bounty, bug-hunting, bug-bounty-tips15-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-36)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-36-a8fd178e9b07?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, cybersecurity, hacking, bug-bounty, skills15-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-35)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-35-adbfa228814a?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, ethical-hacking, skills, hacking15-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-34)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-34-73069fab6ff6?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, bug-bounty, hacking, skills15-Jul-2024
My First Bounty: A story of a Blind SQL Injectionhttps://medium.com/@adebayosec/my-first-bounty-a-story-of-a-blind-sql-injection-69d9ad6716b6?source=rss------bug_bounty-5Victorioussql-injection, penetration-testing, cybersecurity, bug-bounty, burpsuite15-Jul-2024
CVE-2024–23692: A Critical Vulnerability in Rejetto HTTP File Serverhttps://infosecwriteups.com/cve-2024-23692-a-critical-vulnerability-in-rejetto-http-file-server-1df322a2e688?source=rss------bug_bounty-5ElNiakbug-bounty, python, cybersecurity, system, ssti15-Jul-2024
My First Bounty: A story of a Blind SQL Injectionhttps://medium.com/@adebayosec/my-first-bounty-a-story-of-a-blind-sql-injection-69d9ad6716b6?source=rss------bug_bounty-5Torioussql-injection, penetration-testing, cybersecurity, bug-bounty, burpsuite15-Jul-2024
Echidnahttps://medium.com/@Progsky/echidna-b9e454de096b?source=rss------bug_bounty-5Progskyhacking-tools, pentesting, penetration-testing, bug-bounty, blockchain15-Jul-2024
Complex Attack Types: Sample Scenarios 43https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-43-39deed779c6c?source=rss------bug_bounty-5Baris Dincerpenetration-testing, cyberattack, freedomofinternet, bug-bounty, cybersecurity15-Jul-2024
Understanding White Hat Hacking: The Guardians of Cybersecurityhttps://medium.com/@cosmiczoomies/understanding-white-hat-hacking-the-guardians-of-cybersecurity-87200caf5820?source=rss------bug_bounty-5GalaxyGoosecybersecurity, hacking, white-hat-hacker, bug-bounty, penetration-testing15-Jul-2024
11.9 Lab: Exploiting XXE to retrieve data by repurposing a local DTDhttps://cyberw1ng.medium.com/11-9-lab-exploiting-xxe-to-retrieve-data-by-repurposing-a-local-dtd-30f4098a7789?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, hacking, cybersecurity, bug-bounty15-Jul-2024
XSS Türleri için Test Case Yazmahttps://medium.com/@tugbaglsn/xss-t%C3%BCrleri-i%C3%A7in-test-case-yazma-1832eb0a27f9?source=rss------bug_bounty-5Tuğba Gülşencybersecurity, xss-attack, xss-vulnerability, bug-bounty15-Jul-2024
How to Easily Earn a $200 Bountyhttps://medium.com/@xiaodongsec/how-to-easily-earn-a-200-bounty-6e27eaaec13f?source=rss------bug_bounty-5Mu1berrybugcrowd, hacker, bug-bounty, money, vulnerability14-Jul-2024
Review: AppSec Pentesting eXpert (CAPenX) from The SecOps Grouphttps://medium.com/@p0lyxena/review-appsec-pentesting-expert-capenx-from-the-secops-group-eb5674e4bf8d?source=rss------bug_bounty-5Fuleki Ioanbug-bounty, penetration-testing, certification, cybersecurity, capenx14-Jul-2024
Detection Engineering: A Comprehensive Overviewhttps://medium.com/@paritoshblogs/detection-engineering-a-comprehensive-overview-92fc01973ce7?source=rss------bug_bounty-5Paritoshdetection-engineering, information-technology, cybersecurity, hacking, bug-bounty14-Jul-2024
Hunting for Firebase Enums in Android Applicationhttps://medium.com/@tanish.saxena26/hunting-for-firebase-enums-in-android-application-42b79e9b76f8?source=rss------bug_bounty-5Tanish Saxenacloud, bug-bounty, firebase, android, gcp14-Jul-2024
My First Critical Vulnerabilityhttps://medium.com/@0xchoudhary/my-first-critical-vulnerability-fd83a81f70b3?source=rss------bug_bounty-5Sushil Choudharybugbounty-writeup, bug-hunting, bug-bounty-tips, hackerone, bug-bounty14-Jul-2024
How I Can Get P1 Nasa easily — Dorkinghttps://0xc4thack.medium.com/how-i-can-get-p1-nasa-easily-dorking-c9c4a4cee251?source=rss------bug_bounty-50xc4tpentesting, nasa-vdp, pentest-web, bug-bounty, dorking14-Jul-2024
New York Flankees Room TryHackMe Walkthroughhttps://matsecurity.medium.com/new-york-flankees-room-tryhackme-walkthrough-ef6862c781f1?source=rss------bug_bounty-5MatSecctf-writeup, tryhackme-writeup, bug-bounty, tryhackme, tryhackme-walkthrough14-Jul-2024
The easiest admin panel bypasshttps://medium.com/@paraskhorwal9/the-easiest-admin-panel-bypass-4b6fb4d7d1ea?source=rss------bug_bounty-5Paraskhorwalbug-bounty, penetration-testing, admin-panel14-Jul-2024
Complex Attack Types: Sample Scenarios 42https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-42-d0a11c84cc73?source=rss------bug_bounty-5Baris Dincercyberattack, freedomofinternet, bug-bounty, penetration-testing, cybersecurity14-Jul-2024
New York Flankees TryHackMe Room Walkthrough: Step-by-Step Youtube Guidehttps://matsecurity.medium.com/new-york-flankees-room-tryhackme-walkthrough-ef6862c781f1?source=rss------bug_bounty-5MatSecctf-writeup, tryhackme-writeup, bug-bounty, tryhackme, tryhackme-walkthrough14-Jul-2024
Automate Subdomain Monitoringhttps://medium.com/@Aftab700/automate-subdomain-monitoring-171338c66dd5?source=rss------bug_bounty-5Aftab Samabug-bounty, monitoring, infosec, automation, hacking14-Jul-2024
What is XML external entity (XXE) injectionhttps://cyberw1ng.medium.com/what-is-xml-external-entity-xxe-injection-8914620c2d24?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, penetration-testing, careers14-Jul-2024
Escaping the Citrix Sandbox — Understanding Citrix Breakouthttps://medium.com/@suprajabaskaran8/escaping-the-citrix-sandbox-understanding-citrix-breakout-80320a3d44af?source=rss------bug_bounty-5Suprajabaskaranbug-bounty-tips, hacking, bug-bounty, pentesting, penetration-testing14-Jul-2024
Vulnerable WordPress June 2024 (Turkish delight)https://medium.com/@onhexgroup/vulnerable-wordpress-june-2024-turkish-delight-96cae8ef8161?source=rss------bug_bounty-5Onhexgroupbug-bounty, infosec, web-security, information-security, wordpress14-Jul-2024
Escaping the Citrix Sandbox — Understanding Citrix Breakouthttps://infosecwriteups.com/escaping-the-citrix-sandbox-understanding-citrix-breakout-80320a3d44af?source=rss------bug_bounty-5Suprajabaskaranbug-bounty-tips, hacking, bug-bounty, pentesting, penetration-testing14-Jul-2024
Airplane TryHackMe Room Walkthrough | MatSec Youtubehttps://matsecurity.medium.com/airplane-tryhackme-room-walkthrough-matsec-youtube-7fca40406a20?source=rss------bug_bounty-5MatSectryhackme-walkthrough, bug-bounty, tryhackme-writeup, tryhackme, ctf-writeup13-Jul-2024
10.7 Lab: SSRF with whitelist-based input filterhttps://cyberw1ng.medium.com/10-7-lab-ssrf-with-whitelist-based-input-filter-36db84b1a13d?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, hacking, cybersecurity, bug-bounty13-Jul-2024
Securing Crypto Company: Addressing Web 2.0 Vulnerabilitieshttps://metanetwebhostingsecurity.medium.com/securing-crypto-company-addressing-web-2-0-vulnerabilities-209bd7fc3d85?source=rss------bug_bounty-5metanetwebhosting securitycryptocurrency, cybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty13-Jul-2024
Linux Exploitation: Stack Smashinghttps://medium.com/@boogsta/linux-exploitation-stack-smashing-70c1bf6c13d2?source=rss------bug_bounty-5Boogstahacking, cybersecurity, bug-bounty, cyber, hacker13-Jul-2024
My First Bug: Gitingore exposure combined with 403 bypasshttps://medium.com/@nnface/my-first-bug-gitingore-exposure-combined-with-403-bypass-5db750e211ff?source=rss------bug_bounty-5NnFacebug-bounty, bug-bounty-tips, cybersecurity, hacking, low-hanging-fruit13-Jul-2024
Here is the story of how i found Stored XSS on a targethttps://medium.com/@pvnk24/here-is-the-story-of-how-i-found-stored-xss-on-a-target-7baaeed76765?source=rss------bug_bounty-5Pavan Kpenetration-testing, bug-bounty, pentesting, hacking, ethical-hacking13-Jul-2024
Complex Attack Types: Sample Scenarios 41https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-41-48e4f10a07ef?source=rss------bug_bounty-5Baris Dincerpenetration-testing, freedomofinternet, information-security, bug-bounty, cybersecurity13-Jul-2024
Email Update Restricted Bypasshttps://medium.com/@mahfujwhh/email-update-restricted-bypass-f6af935da67e?source=rss------bug_bounty-5mahfujwhhcybersecurity, bug-bounty13-Jul-2024
Credential stuffing in bug bountieshttps://bunny0417.medium.com/credential-stuffing-in-bug-bounties-d51b8e321135?source=rss------bug_bounty-5Aayush kumarcredential-stuffing, leaked-passwords, bug-bounty, darkweb, bugbounty-writeup12-Jul-2024
Can bug bounty be a full time career?https://medium.com/@shwetapapnai783/can-bug-bounty-be-a-full-time-career-5606f1ddd440?source=rss------bug_bounty-5Shweta Papnaisecurity, cybersecurity, technology, money, bug-bounty12-Jul-2024
The Hidden Pitfalls of Bug Bounties on Indian Government Sites: My First Experiencehttps://medium.com/@rolextital/the-hidden-pitfalls-of-bug-bounties-on-indian-government-sites-my-first-experience-9204312a8325?source=rss------bug_bounty-5Rolextitalhacking, bug-bounty, govt, idor12-Jul-2024
Firmware Analysis: Hands-on Guidehttps://hackerassociate.medium.com/firmware-analysis-hands-on-guide-19913a5166ca?source=rss------bug_bounty-5Harshad Shahbug-bounty, infosec, cybersecurity, hacking, iot12-Jul-2024
DΞX Points Festhttps://d3xxyz.medium.com/d%CE%BEx-points-fest-e39019566b3f?source=rss------bug_bounty-5DΞXairdrop, bounty-program, bug-bounty12-Jul-2024
Windows privilege escalation: Abusing npm’s design patterns to escalate your permissionshttps://medium.com/@demonia/windows-privilege-escalation-abusing-npms-design-patterns-to-escalate-your-permissions-da0ac6c96d72?source=rss------bug_bounty-5Mohammed Diefcybersecurity, npm, bug-bounty, windows, privilege-escalation12-Jul-2024
VULNERABILITY RESEARCHhttps://medium.com/@workwithsane/vulnerability-research-896c0ba07a57?source=rss------bug_bounty-5Sanebug-bounty, cybersecurity, bug-bounty-tips12-Jul-2024
My First Bug!!!Stored Cross Site Scripting(XSS)https://medium.com/@shahariarwalid/my-first-bug-stored-cross-site-scripting-xss-d84051ee4e86?source=rss------bug_bounty-5Shahariar Aminbug-bounty, xss-vulnerability, stored-xss12-Jul-2024
File Upload se kuch hatke : File Inclusion aur Path Traversal Vulnerabiliteshttps://medium.com/@yashprajapati791/file-upload-se-kuch-hatke-file-inclusion-aur-path-traversal-vulnerabilites-d10e16be0d7a?source=rss------bug_bounty-5Yash Virendra Prajapatipenetration-testing, bug-bounty, file-inclusion, vulnerability, file-upload12-Jul-2024
How i got Bug -XSShttps://medium.com/@basxth/how-i-got-bug-xss-8eec781ab58b?source=rss------bug_bounty-5Mohammed Basith K Bbug-bounty, xss-attack, google-dorking, xss-bypass, cybersecurity12-Jul-2024
Master Bug Bounty Hunting with Top Recon Toolshttps://medium.com/@labcodetech/master-bug-bounty-hunting-with-top-recon-tools-83516a4bcc54?source=rss------bug_bounty-5Codetech Labvulnerability, recon, bug-bounty, penetration-testing12-Jul-2024
NewLine Character Cause DoS: Folder & File Deletion Flawhttps://medium.com/@a13h1/newline-character-cause-dos-folder-file-deletion-flaw-8bec3079ed85?source=rss------bug_bounty-5Abhi Sharmacybersecurity, bug-bounty, programming, denial-of-service, infosec12-Jul-2024
10.6 Lab: Blind SSRF with Shellshock Exploitationhttps://cyberw1ng.medium.com/10-6-lab-blind-ssrf-with-shellshock-exploitation-a13e25b27dbc?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, cybersecurity, bug-bounty, penetration-testing12-Jul-2024
Setting up a private Burp Collaborator Serverhttps://medium.com/@AstroKrypTech/setting-up-a-private-burp-collaborator-server-71c55ff85815?source=rss------bug_bounty-5AstroKrypTechweb-application-security, bug-bounty-tips, bug-bounty12-Jul-2024
Git Gone Wrong: Application Compromise via Exposed .git Directoryhttps://medium.com/@cybersekler/git-gone-wrong-application-compromise-via-exposed-git-directory-392806b23435?source=rss------bug_bounty-5Cyber Seklerpenetration-testing, hacking, application-security, bug-bounty12-Jul-2024
RECON IS IMPORTANT !!! In Depth Recon Methodology Bug Bounty Part 01https://omarora1603.medium.com/recon-is-important-in-depth-recon-methodology-bug-bounty-part-01-2b69c3b168fe?source=rss------bug_bounty-5Om Aroramethodology, infosec, hacking, bug-bounty, bug-bounty-tips12-Jul-2024
NewLine Character Cause DoS: Folder & File Deletion Flawhttps://infosecwriteups.com/newline-character-cause-dos-folder-file-deletion-flaw-8bec3079ed85?source=rss------bug_bounty-5Abhi Sharmacybersecurity, bug-bounty, programming, denial-of-service, infosec12-Jul-2024
RECON IS IMPORTANT !!! In Depth Recon Methodology Bug Bounty Part 01https://infosecwriteups.com/recon-is-important-in-depth-recon-methodology-bug-bounty-part-01-2b69c3b168fe?source=rss------bug_bounty-5Om Aroramethodology, infosec, hacking, bug-bounty, bug-bounty-tips12-Jul-2024
How I Make Two SQL Injections Exploitable under the Magic Restricts in WordPresshttps://medium.com/@zpbrent/how-i-make-two-sql-injections-exploitable-under-the-magic-restricts-in-wordpress-817cd60dc80a?source=rss------bug_bounty-5Peng Zhouwordpress-plugins, wordpress, infosec, bug-bounty, web-security12-Jul-2024
آسیب پذیری های Jira را برطرف کنیدhttps://medium.com/@pardis.cloud/%D8%A2%D8%B3%DB%8C%D8%A8-%D9%BE%D8%B0%DB%8C%D8%B1%DB%8C-%D9%87%D8%A7%DB%8C-jira-%D8%B1%D8%A7-%D8%A8%D8%B1%D8%B7%D8%B1%D9%81-%DA%A9%D9%86%DB%8C%D8%AF-b28879e65c2e?source=rss------bug_bounty-5PardisCo Professional Tech Teamآسیبپذیری, bug-bounty, سرور, jira11-Jul-2024
How I Can Still See Your Image on Facebook After You Deleted It | Meta | BugBounty | 2024https://prathapilango.medium.com/how-i-can-still-see-your-image-on-facebook-after-you-deleted-it-meta-bugbounty-2024-3fa63022c4fc?source=rss------bug_bounty-5Prathapilangocybersecurity, meta, bug-bounty, bugbounty-writeup11-Jul-2024
Host Header Injectionhttps://medium.com/@nareshkumar76191/host-header-injection-bd6ffdafe1c0?source=rss------bug_bounty-5Nareshkumarred-team, hacker, bounty-program, bug-bounty, bug-bounty-tips11-Jul-2024
Admin panel Bypassed Just by reading “support team quotes”https://medium.com/@Ajakcybersecurity/admin-panel-bypassed-just-by-reading-support-team-quotes-5462538ea3a4?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, hacking, penetration-testing, ethical-hacking, cybersecurity11-Jul-2024
Cross-Account Profile Picture Deletion via CSRF Token Bypass paid me 500$.https://mustafa2.medium.com/cross-account-profile-picture-deletion-via-csrf-token-bypass-paid-me-500-60d5f4529a7b?source=rss------bug_bounty-5Hajusbug-bounty-tips, csrf-bypass, bug-bounty11-Jul-2024
A Revolutionary Bug Bounty Platform: Zero-Knowledge Proofs in Web3https://medium.com/@JohnnyTime/a-revolutionary-bug-bounty-platform-zero-knowledge-proofs-in-web3-5e9aaa536084?source=rss------bug_bounty-5Johnny Timebug-bounty, web3, bug-hunting, rewards, smart-contracts11-Jul-2024
Building an Ethical Hacking Playground at Homehttps://l00pinfinity.medium.com/building-an-ethical-hacking-playground-at-home-98439af54a78?source=rss------bug_bounty-5Collins K. Boitnetwork, hacking, security-analysts, ethical-hacking, bug-bounty11-Jul-2024
9.6 Lab: Partial construction race conditionshttps://cyberw1ng.medium.com/9-6-lab-partial-construction-race-conditions-303bfc70b5f8?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, penetration-testing, bug-bounty, careers11-Jul-2024
Practical Bug Bounty — TCM Academy | Module 5https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-5-508b7fad93f1?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamiinformation-security, appsec, cybersecurity, bug-bounty, penetration-testing11-Jul-2024
Disclose the email address and phone number of chinese business resellerhttps://gtm0x01.medium.com/disclose-the-email-address-and-phone-number-of-chinese-business-reseller-f882978b8733?source=rss------bug_bounty-5Gtm Mänôzbug-bounty-writeup, facebook, hacking, bug-bounty, facebook-bug-bounty11-Jul-2024
XSS Zafiyetleri Test Casehttps://medium.com/@beyzatekinli/xss-t%C3%BCrleri-test-case-18f91987fb63?source=rss------bug_bounty-5Beyzanur Tekinligallipoli, xss-vulnerability, bug-bounty, xss-attack, xss-challenge11-Jul-2024
Abusing CORS for an XSS on Flickrhttps://medium.com/@proseizala/abusing-cors-for-an-xss-on-flickr-a820e3f28083?source=rss------bug_bounty-5Proseizalabug-bounty, hacker, cybersecurity, bug-bounty-tips11-Jul-2024
No Way Out: Enforced and Inescapable Organizational Membershiphttps://0xmatrix.medium.com/no-way-out-enforced-and-inescapable-organizational-membership-a2247caa1790?source=rss------bug_bounty-5Mo2men Elmadyhacking, bug-bounty, cybersecurity, penetration-testing11-Jul-2024
Complex Attack Types: Sample Scenarios 40https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-40-117efeaeaf61?source=rss------bug_bounty-5Baris Dincercybersecurity, penetration-testing, bug-bounty, information-technology, freedomofinternet11-Jul-2024
No Way Out: Enforced and Inescapable Organizational Membershiphttps://0xmatrix.medium.com/no-way-out-enforced-and-inescapable-organizational-membership-125ae7f52d61?source=rss------bug_bounty-5Mo2men Elmadybug-bounty, hacking, penetration-testing, cybersecurity11-Jul-2024
Reconnaissance Basichttps://medium.com/@ronyhassan091101/reconnaissance-basic-bf292dc3b705?source=rss------bug_bounty-5M. Mahmudul Hassanbug-bounty11-Jul-2024
Cracking the Code: A Walkthrough of the W1seGuy Room on TryHackMehttps://matsecurity.medium.com/cracking-the-code-a-walkthrough-of-the-w1seguy-room-on-tryhackme-678673298429?source=rss------bug_bounty-5MatSeccybersecurity, bug-bounty, tryhackme-walkthrough, ethical-hacking, cryptography11-Jul-2024
Bypass CSRF Protectionhttps://medium.com/@dr4040x00/bypass-csrf-protection-707b81c04149?source=rss------bug_bounty-5Ahmed Mohamedcsrf-attack, xss-vulnerability, bug-bounty, csrf, xss-attack11-Jul-2024
Tryhackme W1seGuy Room Walkthrough | MatSec Youtubehttps://matsecurity.medium.com/cracking-the-code-a-walkthrough-of-the-w1seguy-room-on-tryhackme-678673298429?source=rss------bug_bounty-5MatSeccybersecurity, bug-bounty, tryhackme-walkthrough, ethical-hacking, cryptography11-Jul-2024
Bug Bounty Hunting 101: A Comprehensive Guide for Beginnershttps://cyberw1ng.medium.com/bug-bounty-hunting-101-a-comprehensive-guide-for-beginners-41fa78ff0bbd?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, cybersecurity, careers10-Jul-2024
Magix Bug Bounty: magix.com (RCE, SQLi) and xara.com (LFI, XSS)https://medium.com/@proseizala/magix-bug-bounty-magix-com-rce-sqli-and-xara-com-lfi-xss-c4e8492bbf3e?source=rss------bug_bounty-5Proseizalabug-bounty-tips, hackerone, cybersecurity, bug-bounty, hacking10-Jul-2024
Rate Limit Bypass $150https://medium.com/@mr_ayyan/rate-limit-bypass-150-d4fecc05d31b?source=rss------bug_bounty-5Mrayyanirfanrewards, rate-limit, bug-bounty, bugs, hunting10-Jul-2024
The most important HTTP security headershttps://medium.com/@ronyhassan091101/the-most-important-http-security-headers-be4238f181d7?source=rss------bug_bounty-5M. Mahmudul Hassanbug-bounty10-Jul-2024
Complex Attack Types: Sample Scenarios 39https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-39-5ed408a9075d?source=rss------bug_bounty-5Baris Dincerbug-bounty, information-security, penetration-testing, cybersecurity, freedomofinternet10-Jul-2024
Bug Bounty Program for Gluon on Ergohttps://news.stability.nexus/bug-bounty-program-for-gluon-on-ergo-0ca233ce2d9a?source=rss------bug_bounty-5Zahnentfernercrypto, cryptocurrency, stable-coin, blockchain, bug-bounty10-Jul-2024
Host Header Poisoning Vulnerability: A Critical Web Security Flawhttps://zierax.medium.com/host-header-poisoning-vulnerability-a-critical-web-security-flaw-1c2991177e8c?source=rss------bug_bounty-5Zieraxpenetration-testing, cybersecurity, bug-bounty, hacking, vulnerability10-Jul-2024
The Ultimate Guide to Finding and Escalating XSS Bugshttps://medium.com/@proseizala/the-ultimate-guide-to-finding-and-escalating-xss-bugs-22894ef03fc4?source=rss------bug_bounty-5Proseizalabug-bounty-tips, hacker, cybersecurity, bug-bounty, hacking10-Jul-2024
My First Bug Bountyhttps://vikasrai11.medium.com/my-first-bug-bounty-975c47b3f5b5?source=rss------bug_bounty-5Vikas Raiethical-hacking, security, vulnerability, hacking, bug-bounty10-Jul-2024
Exploiting IDOR Vulnerability in PostgRESThttps://aminudin.medium.com/exploiting-idor-vulnerability-in-postgrest-ba0e980032b7?source=rss------bug_bounty-5Aminudinbugs, bug-bounty-tips, writeup, bug-bounty10-Jul-2024
HackerOne 2FA Bypass Vulnerability Exposed!https://medium.com/@lucas.verdan/hackerone-2fa-bypass-vulnerability-exposed-f41f61d6e7be?source=rss------bug_bounty-5Lucas Verdancybersecurity, cyber-attack-prevention, hackerone, bug-bounty-tips, bug-bounty09-Jul-2024
Detecting and exploiting limit overrun race conditions with Burp Repeaterhttps://cyberw1ng.medium.com/detecting-and-exploiting-limit-overrun-race-conditions-with-burp-repeater-43c26128642d?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, bug-bounty, cybersecurity, hacking09-Jul-2024
Airbnb — When Bypassing JSON Encoding, XSS Filter, WAF, CSP, and Auditor turns into Eight…https://medium.com/@proseizala/airbnb-when-bypassing-json-encoding-xss-filter-waf-csp-and-auditor-turns-into-eight-92a004f1cbe8?source=rss------bug_bounty-5Proseizalahacker, bug-bounty-tips, cybersecurity, bug-bounty09-Jul-2024
XSS TÜRLERİ TEST CASEhttps://medium.com/@aarda418/xss-t%C3%BCrleri%CC%87-test-case-a4ab5849100f?source=rss------bug_bounty-5Arda Aslanxss-attack, bug-bounty, xss-vulnerability09-Jul-2024
Become a Digital Detective: Earn Dollars by Testing Apps and Websiteshttps://medium.com/@wnaim11/become-a-digital-detective-earn-dollars-by-testing-apps-and-websites-00a45433d3e8?source=rss------bug_bounty-5The EmpowHERtech Collectivetesting, software-testing, bugs, crowdtesting, bug-bounty09-Jul-2024
Complex Attack Types: Sample Scenarios 38https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-38-10e2ee4d4316?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, threat-intelligence, cybersecurity, penetration-testing, bug-bounty09-Jul-2024
Nmap Cheat Sheet For Penetration Testing.https://medium.com/@umarhere4u/nmap-cheat-sheet-for-penetration-testing-70b555b91285?source=rss------bug_bounty-5Mohammad Umar Kachiethical-hacking, penetration-testing, nmap, hacking, bug-bounty09-Jul-2024
Account Takeover via Weak Reset Token Entropyhttps://medium.com/@majix_de/account-takeover-via-weak-reset-token-entropy-c475268daae6?source=rss------bug_bounty-5Majixprogramming, penetration-testing, bugbounty-writeup, bug-bounty, python09-Jul-2024
Subdomain Enumerationhttps://medium.com/@ronyhassan091101/subdomain-enumeration-4370bac688e1?source=rss------bug_bounty-5M. Mahmudul Hassanbug-bounty09-Jul-2024
10 tips and questions to help you find secondary context bugs — Bug Bounty Tuesdayhttps://medium.com/@kerstan/10-tips-and-questions-to-help-you-find-secondary-context-bugs-bug-bounty-tuesday-b8b3f9173522?source=rss------bug_bounty-5kerstanhacking, bug-bounty, cybersecurity09-Jul-2024
What Is The Attacks On Session Layer!https://medium.com/@reemmoslem34/what-is-the-attacks-on-session-layer-d3ac90d9c4cb?source=rss------bug_bounty-5Rem Khalidcybersecurity, malware, bug-bounty, programming, security09-Jul-2024
What Is The Attacks On Presentation Layer !https://medium.com/@reemmoslem34/what-is-the-attacks-on-presentation-layer-d98cbde4005b?source=rss------bug_bounty-5Rem Khalidprogramming, security, cybersecurity, malware, bug-bounty09-Jul-2024
What Is The Attacks On Application Layer!https://medium.com/@reemmoslem34/%D8%B7%D9%8A%D8%A8-%D8%AA%D8%B9%D8%A7%D9%84%D9%88%D8%A7-%D8%A3%D8%AE%D8%AA%D8%B5%D8%B1-%D8%A7%D9%84%D8%AD%D9%88%D8%A7%D8%B1-6e6617528bba?source=rss------bug_bounty-5Rem Khalidsecurity, bug-bounty, cybersecurity, malware, programming09-Jul-2024
Unearthing Hidden Assets: The Power of Active DNS Brute Forcing in Subdomain Discoveryhttps://bunny0417.medium.com/unearthing-hidden-assets-the-power-of-active-dns-brute-forcing-in-subdomain-discovery-44ec7f1250d4?source=rss------bug_bounty-5Aayush kumarsubdomains-enumeration, infosec, dns-brute-forcing, bug-bounty-tips, bug-bounty09-Jul-2024
Bypassing Admin Authentication Website Kampushttps://uzet.medium.com/bypassing-admin-authentication-website-kampus-b59bc43b6c98?source=rss------bug_bounty-5Timotius Benhurbug-bounty-tips, penetration-testing, bug-hunting, programming, bug-bounty08-Jul-2024
Revolutionizing Content Issue Detection with CiBI: A Game-Changer in Automationhttps://argotriwidodo.medium.com/revolutionizing-content-issue-detection-with-cibi-a-game-changer-in-automation-1e0f0b6e8ce9?source=rss------bug_bounty-5Argo triwidodoqa, bug-bounty, ai, automation08-Jul-2024
Web3 Development: Key Security Considerationshttps://securrtech.medium.com/web3-development-key-security-considerations-5358015e767a?source=rss------bug_bounty-5Securrblockchain, security, securr, web3, bug-bounty08-Jul-2024
Discovering a Sigma SQLi Vulnerability in Explore CMS 1.0https://soltanali0.medium.com/discovering-a-sigma-sqli-vulnerability-in-explore-cms-1-0-f68599f0e5dd?source=rss------bug_bounty-5soltanali0sqli, programming, bug-bounty-tips, bug-bounty, hackerone08-Jul-2024
PII Disclosure on NASAhttps://medium.com/@psychomong/pii-disclosure-on-nasa-667a96d3c31c?source=rss------bug_bounty-5psychomongbugs, sensitive, hacker, bug-bounty, pii08-Jul-2024
Last week in tech 4th editionhttps://medium.com/@azefox/last-week-in-tech-4th-edition-ec091e853fd3?source=rss------bug_bounty-5Azefoxtech, cybersecurity, infosec, cloud, bug-bounty08-Jul-2024
Ctrl + U to Bounty: How I Found Sensitive Info in the Source Codehttps://rofes1337.medium.com/ctrl-u-to-bounty-how-i-found-sensitive-info-in-the-source-code-e583528ee2fe?source=rss------bug_bounty-5Yousef Muhammedelkhirbug-bounty-writeup, hackerone, bug-bounty, information-disclosure, bugbounty-poc08-Jul-2024
Complex Attack Types: Sample Scenarios 37https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-37-2cd4d68b23f6?source=rss------bug_bounty-5Baris Dincerbug-bounty, freedomofinternet, penetration-testing, information-security, cybersecurity08-Jul-2024
Burpsuite SQL Injection Lab 4(Uhttps://medium.com/@paradoxicalThief/burpsuite-sql-injection-lab-4-u-065f1592531f?source=rss------bug_bounty-5The Cyber Guybug-bounty, ctf, web-security, infosec, ethical-hacking08-Jul-2024
Partial construction race conditionshttps://cyberw1ng.medium.com/partial-construction-race-conditions-007c478c53af?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, bug-bounty, hacking, careers08-Jul-2024
Disguising Malicious Files to Look Like Normal EXE or PDFshttps://osintteam.blog/disguising-malicious-files-to-look-like-normal-exe-or-pdfs-d785e116e989?source=rss------bug_bounty-5Meerabellhacking, osint-tool, bug-bounty, cybersecurity, microsoft08-Jul-2024
IDOR in Multinational Retail Company Leading to Unauthorized Access and Modificationshttps://medium.com/@kamalinux/idor-in-multinational-retail-company-leading-to-unauthorized-access-and-modifications-e36f8ea9e859?source=rss------bug_bounty-5Kamalbug-bounty, application-security, cybersecurity, penetration-testing, web-security08-Jul-2024
Zero to OSWE: Navigating the Journey with HTBhttps://adipsharif.medium.com/zero-to-oswe-navigating-the-journey-with-htb-b1972b99a646?source=rss------bug_bounty-5ADIPbug-bounty, penetration-testing, bug-bounty-tips, infosec-write-ups, infosec08-Jul-2024
The world’s most expensive insect… weighs 5 grams and costs 75 lakhs, know why people are crazy…https://medium.com/@blogy.bub/the-worlds-most-expensive-insect-weighs-5-grams-and-costs-75-lakhs-know-why-people-are-crazy-ce77bc2d8204?source=rss------bug_bounty-5Blogy Hubbug-bounty, health, news, news-articles, bugs08-Jul-2024
Find XSS on the Fly ( Full guide )https://medium.com/@zack0x01_/find-xss-on-the-fly-full-guide-300f07fb86ae?source=rss------bug_bounty-5zack0x01hacking, bug-bounty-writeup, bug-bounty-tips, bug-bounty, bugbounty-poc08-Jul-2024
Escalating XSS in PhantomJS Image Rendering to SSRF/Local-File Readhttps://medium.com/@proseizala/escalating-xss-in-phantomjs-image-rendering-to-ssrf-local-file-read-9e11e94c480a?source=rss------bug_bounty-5Proseizalabug-bounty, bug-bounty-tips, hacking, cybersecurity08-Jul-2024
CVE-2024–34750 Apache Tomcat DoS vulnerability in HTTP/2 connectorhttps://medium.com/@proseizala/cve-2024-34750-apache-tomcat-dos-vulnerability-in-http-2-connector-54033187cd4b?source=rss------bug_bounty-5Proseizalacybersecurity, bugs, hacking, bug-bounty08-Jul-2024
I found an email verification bypasshttps://medium.com/@pvnk24/i-found-an-email-verification-bypass-982b00864366?source=rss------bug_bounty-5Pavan Kethical-hacking, security, web-security, penetration-testing, bug-bounty07-Jul-2024
Demystifying HTTP Parameters for beginnershttps://medium.com/@mrunoriginal/demystifying-http-parameters-for-beginners-219d5c65499e?source=rss------bug_bounty-5mrunoriginalinformation-security, web-application-security, web-application-hacking, bug-bounty, cybersecurity07-Jul-2024
Everything About CISM: Your Comprehensive Guide to the Certified Information Security Manager…https://medium.com/@mazharshadab292/everything-about-cism-your-comprehensive-guide-to-the-certified-information-security-manager-3d57969a066d?source=rss------bug_bounty-5Shadab Mazharcertification, cybersecurity, hacking, bug-bounty07-Jul-2024
Practical Bug Bounty — TCM Academy | Module 1https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-1-17dadeda56a0?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamiinformation-security, tcm-security, bug-bounty, cybersecurity, ethical-hacking07-Jul-2024
Exposing Sensitive Data: A Journey into CDN Path Traversal Vulnerabilitieshttps://medium.com/@sulmanfarooq531/exposing-sensitive-data-a-journey-into-cdn-path-traversal-vulnerabilities-fec1c7917a86?source=rss------bug_bounty-5Sulman Farooq Sbug-bounty, cybersecurity, hacking, path-traversal, cdn07-Jul-2024
Hunting the Hunters: Exposing the Fake SBI YONO APKhttps://medium.com/@tirqwork1/hunting-the-hunters-exposing-the-fake-sbi-yono-apk-0dd979aad23f?source=rss------bug_bounty-5ARoyinformation-security, cybersecurity, bug-bounty, scammer-exposed, info-sec-writeups07-Jul-2024
Using ChatGPT for Bug Bounty and finding vulnerabilitieshttps://medium.com/@siratsami71/using-chatgpt-for-bug-bounty-and-finding-vulnerabilities-4a04de771a68?source=rss------bug_bounty-5Sirat Sami (analyz3r)hacker, chatgpt, bug-bounty, cybersecurity07-Jul-2024
Cracking the Runner: A Step-by-Step Guide to Hacking a Medium-Level Machine on Hack The Boxhttps://medium.com/@niranjanshinde2325/cracking-the-runner-a-step-by-step-guide-to-hacking-a-medium-level-machine-on-hack-the-box-ae6f55ca01bd?source=rss------bug_bounty-5Niranjanethical-hacking, hack-the-box-writeup, bug-bounty, penetration-testing, cybersecurity07-Jul-2024
8.6 Lab: Web shell upload via race conditionhttps://cyberw1ng.medium.com/8-6-lab-web-shell-upload-via-race-condition-1870707752d3?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, penetration-testing, cybersecurity07-Jul-2024
Avoid ‘OR 1=1’ while doing SQL Injection, Why?https://medium.com/@aaftaba.k47/avoid-or-1-1-while-doing-sql-injection-why-5e7cc0716ef3?source=rss------bug_bounty-5Aaftab A. Kadavaikarcybersecurity-awareness, bug-bounty, sql-injection, web-penetration-testing07-Jul-2024
How i got Cross-site Scripting (XSS)Reflected Using an unknown techniquehttps://medium.com/@0xmekky/how-i-got-cross-site-scripting-xss-reflected-using-an-unknown-technique-ca4984827465?source=rss------bug_bounty-5abdelrahem mekkyxss-vulnerability, xss-attack, bug-bounty07-Jul-2024
Race Conditions Attacks To limit bypasshttps://sharmajijvs.medium.com/race-conditions-attacks-to-limit-bypass-c9dee647145b?source=rss------bug_bounty-5Jay Sharmabug-report, bug-bounty-hunter, bug-bounty-tips, bug-bounty, bug-bounty-writeup07-Jul-2024
Complex Attack Types: Sample Scenarios 36https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-36-c648fd8d55bd?source=rss------bug_bounty-5Baris Dincerthreat-intelligence, penetration-testing, freedomofinternet, cybersecurity, bug-bounty07-Jul-2024
404 Not Found to Google cloud service account credentials disclosure!https://kumarmohank889.medium.com/404-not-found-to-google-cloud-service-account-credentials-disclosure-3b5f64e80fd5?source=rss------bug_bounty-5Mohan Kumar Nbug-bounty-tips, bug-bounty, infosec-write-ups, hacking, security-research07-Jul-2024
Bug Hunter? If only…https://medium.com/@ded3y3/bug-hunter-if-only-5fabca6cffb7?source=rss------bug_bounty-5cr00k3d3y3cybersecurity, bug-bounty, life07-Jul-2024
Stored XSS in PDF Viewerhttps://medium.com/@osamaavvan/stored-xss-in-pdf-viewer-9cc5b955de2b?source=rss------bug_bounty-5Osama Avvanbug-bounty, cybersecurity, pdf, xss-attack06-Jul-2024
Understanding and Preventing Server-Side Request Forgery (SSRF)https://medium.com/@ashhadali2019/understanding-and-preventing-server-side-request-forgery-ssrf-15d939dc9529?source=rss------bug_bounty-5Ashhadalissrf, bug-bounty, web, cybersecurity06-Jul-2024
MerlinChain Partners with BugRap, Launches $200,000 Bug Bounty to Enhance BTC Ecosystem Securityhttps://medium.com/@BugRap_Team/merlinchain-partners-with-bugrap-launches-200-000-bug-bounty-to-enhance-btc-ecosystem-security-17ef71444914?source=rss------bug_bounty-5BugRap Teamcrypto, security, web3, btc, bug-bounty06-Jul-2024
A Simple 2FA Bypasshttps://infosecwriteups.com/a-simple-2fa-bypass-43c8af9006ec?source=rss------bug_bounty-5hackerdevilbug-bounty, hacking, bug-bounty-tips, bug-bounty-writeup, penetration-testing06-Jul-2024
Complex Attack Types: Sample Scenarios 35https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-35-bc24cffb5f95?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, cybersecurity, information-technology, bug-bounty, penetration-testing06-Jul-2024
From Long-Term Hacking to Instant Rewards: Finding SQLi in 3 Minutes Worth $3125https://medium.com/@gguzelkokar.mdbf15/from-long-term-hacking-to-instant-rewards-finding-sqli-in-3-minutes-worth-3125-ac36c6e950bf?source=rss------bug_bounty-5Gökhan Güzelkokarsql, hacking, bug-bounty, hackerone, sql-injection06-Jul-2024
$500 for Cracking Invitation Code For Unauthorized Access & Account Takeoverhttps://medium.com/@a13h1/500-for-cracking-invitation-code-for-unauthorized-access-account-takeover-558c663fb947?source=rss------bug_bounty-5Abhi Sharmarate-limiting, bug-bounty, account-takeover, base64, cybersecurity06-Jul-2024
Rate Limit Bypass Due to Cryptographic Weaknesshttps://javroot.medium.com/rate-limit-bypass-due-to-cryptographic-weakness-2cdb3a112bba?source=rss------bug_bounty-5Javrootsecurity-token, bug-bounty, web, cryptography, research06-Jul-2024
Exploiting flawed validation of file uploadshttps://cyberw1ng.medium.com/exploiting-flawed-validation-of-file-uploads-8a089992e3a1?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, cybersecurity, penetration-testing06-Jul-2024
Identifying, ChronosCodeFail, a Critical Bug in the Dayforce Clock Systemhttps://medium.com/@quantumsquint/identifying-chronoscodefail-a-critical-bug-in-the-dayforce-clock-system-58cb98c00d32?source=rss------bug_bounty-5Quantum Squint Research Dept.developer-tools, penetration-testing, bug-bounty, regression-analysis, cybersecurity06-Jul-2024
Penjelasan Wifi Deauth Attack dan Demonstrasinyahttps://hack4funacademy.medium.com/penjelasan-wifi-deauth-attack-dan-demonstrasinya-1cecaca53915?source=rss------bug_bounty-5Hack4Fun Academyethical-hacking, wifi, cybersecurity, hacking, bug-bounty05-Jul-2024
BountyDork: Your Ultimate Automatic Dorking Testing Companion For Bug Bountyhttps://infosecwriteups.com/bountydork-your-ultimate-automatic-dorking-testing-companion-for-bug-bounty-b2bd41cb7344?source=rss------bug_bounty-5ElNiakgoogle-dork, python, bug-bounty, cybersecurity, technology05-Jul-2024
How to Install Bwapp in Virtualboxhttps://medium.com/@bhardwajshekhar/how-to-install-bwapp-in-virtualbox-6bf7f1ba9a0f?source=rss------bug_bounty-5Shekhar Bhardwajowasp-top-10, bwapp, pentesting, bug-bounty05-Jul-2024
How I Found Critical Bugs :: SQL Injection → Compromised 10+ Govt. website’s Whole Databases !!https://medium.com/@p.ra.dee.p_0xx01/how-i-found-critical-bugs-sql-injection-compromised-10-govt-websites-whole-databases-ad55899ff5db?source=rss------bug_bounty-5Professor0xx01cybersecurity, bug-bounty, offensive-security, penetration-testing, vdp05-Jul-2024
How to Find Subdomains Using Various Tools and Methodshttps://medium.com/@j0k3r01/how-to-find-subdomains-using-various-tools-and-methods-583a7311c897?source=rss------bug_bounty-5J0k3Rsubdomains-enumeration, recon, penetration-testing, bug-bounty, osint05-Jul-2024
Complex Attack Types: Sample Scenarios 34https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-34-48d60e2bb0fb?source=rss------bug_bounty-5Baris Dincerthreat-intelligence, penetration-testing, bug-bounty, cybersecurity, freedomofinternet05-Jul-2024
Everything About OSCP: A Comprehensive Guidehttps://medium.com/@mazharshadab292/everything-about-oscp-a-comprehensive-guide-36794d325e67?source=rss------bug_bounty-5Shadab Mazharhacking, bug-bounty, certification, programming05-Jul-2024
Penggunaan Tools Steghide, ExifTool dan Uji Coba Automation Scanner Bug Bounty (Dalfox)https://medium.com/@anggitaniaaurien/penggunaan-tools-steghide-exiftool-dan-uji-coba-automation-scanner-bug-bounty-dalfox-4fbe93e83eb3?source=rss------bug_bounty-5Anggitania Aurienbug-bounty, exiftool, xs, steghide, kxss05-Jul-2024
The PDF Trojan Horse: Leveraging HTML Injection for SSRF and Internal Resource Accesshttps://uchihamrx.medium.com/the-pdf-trojan-horse-leveraging-html-injection-for-ssrf-and-internal-resource-access-fbf69efcb33d?source=rss------bug_bounty-5Abdelrhman Amincybersecurity, web-penetration-testing, penetration-testing, bug-bounty, bug-bounty-tips05-Jul-2024
Unlocking the Power of Nmap: Your Ultimate Guide to Network Scanninghttps://medium.com/@josuofficial327/unlocking-the-power-of-nmap-your-ultimate-guide-to-network-scanning-3cb66fe66d75?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuhacking, cybersecurity, bug-bounty, penetration-testing, linux05-Jul-2024
2.14 Lab: 2FA bypass using a brute-force attackhttps://cyberw1ng.medium.com/2-14-lab-2fa-bypass-using-a-brute-force-attack-ad74afd23fcd?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, penetration-testing, hacking05-Jul-2024
A Big Gmail Flaw: Sending Hidden Viruses in Gmail.https://medium.com/@azanulrana/a-big-gmail-flaw-sending-hidden-viruses-in-gmail-09b52dd891e9?source=rss------bug_bounty-50xazanulinfosec-write-ups, infosec, hackerone, bug-bounty05-Jul-2024
How I Found Critical Bugs :: SQL Injection → Compromised 10+ Govt. website’s Whole Databases !!https://medium.com/@p.ra.dee.p_0xx01/how-i-found-critical-bugs-sql-injection-compromised-10-govt-websites-whole-databases-ad55899ff5db?source=rss------bug_bounty-5Professor.0xx01cybersecurity, bug-bounty, offensive-security, penetration-testing, vdp05-Jul-2024
How to Use Google Dorks to Access Online Camerashttps://medium.com/@mirabelle.dib/how-to-use-google-dorks-to-access-online-cameras-251e83106f6b?source=rss------bug_bounty-5Meerabellinformation-security, cybersecurity, bug-bounty, hacking, google-dork05-Jul-2024
Nuclei Kullanımıhttps://medium.com/@sabriacun552/nuclei-kullan%C4%B1m%C4%B1-7038742dc53e?source=rss------bug_bounty-5Sabriacunvulnerability-scanning, cybersecurity, bug-bounty, penetration-testing05-Jul-2024
SSRF Vulnerability in HiTranslate: A Technical Breakdownhttps://medium.com/@security.tecno/ssrf-vulnerability-in-hitranslate-a-technical-breakdown-a5f517467a5b?source=rss------bug_bounty-5TECNO Securityhacking, security, bug-bounty, apps04-Jul-2024
Mastering Bug Bounty with Professor: Strategies for Successhttps://bughuntar.medium.com/mastering-bug-bounty-with-professor-strategies-for-success-436fac3c7e28?source=rss------bug_bounty-5Professor the Huntercybersecurity, professorthehunter, bug-bounty, bug-bounty-tips, bughuntar04-Jul-2024
Google launches $250,000 bug bounty, this time targeting KVM, a virtual machine elementhttps://medium.com/@tothe21century/google-launches-250-000-bug-bounty-this-time-targeting-kvm-a-virtual-machine-element-d73cfbd63243?source=rss------bug_bounty-5RICH CHOIbug-bounty04-Jul-2024
How I Found an IDOR Vulnerability in a Public Program on HackerOnehttps://medium.com/@muhammadfurqanoffical/how-i-found-an-idor-vulnerability-in-a-public-program-on-hackerone-44c6724b0292?source=rss------bug_bounty-5Muhammad Furqanbug-bounty-writeup, infosec-write-ups, bug-bounty, idor, hackerone04-Jul-2024
Apa itu XSS dan Bagaimana cara saya menemukan puluhan XSS Vulnerabilityhttps://hack4funacademy.medium.com/apa-itu-xss-dan-bagaimana-cara-saya-menemukan-puluhan-xss-vulnerability-46fba9491bba?source=rss------bug_bounty-5Hack4Fun Academyvulnerability, xss-attack, hacking, cybersecurity, bug-bounty04-Jul-2024
Understanding Request Smuggling: A Hidden Web Vulnerability (K-Edition)https://medium.com/@friendly_/understanding-request-smuggling-a-hidden-web-vulnerability-k-edition-6ffab38d5aa1?source=rss------bug_bounty-5Friendlyhacking, bug-bounty, bugbounty-writeup, bug-bounty-tips04-Jul-2024
How I Used Keylogger XSS to Capture Credentials Leading to ATOhttps://medium.com/@yyaminn/how-i-used-keylogger-xss-to-capture-credentials-leading-to-ato-06593e7a0798?source=rss------bug_bounty-5yyaminncybersecurity, bug-bounty, xss-attack, bugbounty-writeup, infosec04-Jul-2024
HACKBAR: A BROWSER EXTENSION FOR WEB SECURITY TESTINGhttps://medium.com/@Progsky/hackbar-a-browser-extension-for-web-security-testing-461b97d1a9e9?source=rss------bug_bounty-5Progskyhacking, bug-bounty, pentesting, penetration-testing, web-security04-Jul-2024
How I earned $500 bounty for privilege escalation vulnerability !!https://kumarmohank889.medium.com/how-i-earned-500-bounty-for-privilege-escalation-vulnerability-c42977abcc52?source=rss------bug_bounty-5Mohan Kumar Nhacking, bug-bounty, security, bug-bounty-tips, security-research04-Jul-2024
2.13 Lab: Broken brute-force protection, multiple credentials per requesthttps://cyberw1ng.medium.com/2-13-lab-broken-brute-force-protection-multiple-credentials-per-request-1beb6a85b12c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, hacking, bug-bounty, penetration-testing04-Jul-2024
Tools For Beginner Bug Hunter, Penetration Tester or Web Security Engineerhttps://medium.com/@a5adujjaman/tools-for-beginner-bug-hunter-penetration-tester-or-web-security-engineer-a5510748fc5a?source=rss------bug_bounty-5Asadujjaman Asifweb-security, penetration-testing, security, bug-bounty, hacking04-Jul-2024
0 star rating got me 40 EUR. MY first bug I got paid for.https://medium.com/@siyamhassan.main/0-star-rating-got-me-40-eur-my-first-bug-i-got-paid-for-18417f76a707?source=rss------bug_bounty-52004siyam_hassanbug-bounty, bunty04-Jul-2024
IDOR to change other’s Account Namehttps://codingninjablogs.tech/idor-to-change-others-account-name-43ddf7cfe429?source=rss------bug_bounty-5#$ubh@nk@ridor, hacking, bug-bounty, infosec, web-security04-Jul-2024
The Problem With Bug Bountieshttps://kf106.medium.com/the-problem-with-bug-bounties-0c5d956411d8?source=rss------bug_bounty-5Keir Finlow-Batesbug-bounty, bug-bounty-program, hacking, computer-security, cryptocurrency04-Jul-2024
Mass Hunting XSS vulnerabilitieshttps://systemweakness.com/mass-hunting-xss-vulnerabilities-8d4785968727?source=rss------bug_bounty-5Imran Niazcross-site-scripting, bug-bounty-hunter, bug-bounty, bug-bounty-tips, xss-vulnerability04-Jul-2024
0 star rating got me 40 EUR. MY first bug I got paid for.https://medium.com/@siyamhassan.main/0-star-rating-got-me-40-eur-my-first-bug-i-got-paid-for-18417f76a707?source=rss------bug_bounty-5Clasherbug-bounty, bunty04-Jul-2024
IDOR vulnerability allow attacker to make a checkout order on behalf of other usershttps://medium.com/@omarataallah98/idor-vulnerability-allow-attacker-to-make-an-order-checkout-on-behalf-other-users-accounts-2bdc4c7b8eca?source=rss------bug_bounty-5Omarataallahsecurity-testing, hacking, bug-bounty, hacks, idor-vulnerability03-Jul-2024
How to find wildcard bug bounty assets owned by a company.https://medium.com/@tom.sh/how-to-find-wildcard-bug-bounty-assets-owned-by-a-company-991db585a554?source=rss------bug_bounty-5Tombug-bounty, recon, reconnaissance, cybersecurity, hacking03-Jul-2024
26.1 Lab: Exploiting LLM APIs with excessive agencyhttps://cyberw1ng.medium.com/26-1-lab-exploiting-llm-apis-with-excessive-agency-bb94aa506893?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, hacking, cybersecurity, penetration-testing03-Jul-2024
Complex Attack Types: Sample Scenarios 32https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-32-7c47b8e5d139?source=rss------bug_bounty-5Baris Dincercybersecurity, bug-bounty, threat-intelligence, penetration-testing, freedomofinternet03-Jul-2024
Mobile App Testing with Android Studio & Fridahttps://medium.com/@jaylinscorner/mobile-app-testing-with-android-studio-frida-b65484121ba6?source=rss------bug_bounty-5Jaylin Nelsonbug-bounty, penetration-testing, cybersecurity, mobile-app-testing, frida03-Jul-2024
Blind OS Command Injection with time delays from Theory to Practical POChttps://medium.com/@dhruvsingh0203/hola-hackers-im-dhruv-singh-a-cybersecurity-enthusiast-passionate-about-exploring-the-depths-834a9d140115?source=rss------bug_bounty-5Dhruv Singhethical-hacking, command-injection, bug-bounty, hacking03-Jul-2024
IDOR vulnerability allow attacker to make a checkout order on behalf of other usershttps://medium.com/@Bug_Bounty/idor-vulnerability-allow-attacker-to-make-a-checkout-order-on-behalf-of-other-users-397b16ece8fc?source=rss------bug_bounty-5Bug Bountybug-bounty, bountytips, togetherwehitharder, idor03-Jul-2024
Meta MFA bypass security bug was turned down, calling it a feature! What do you think?https://medium.com/@kannnannmk/meta-mfa-bypass-security-bug-was-turned-down-calling-it-a-feature-what-do-you-think-9663e7c5a65e?source=rss------bug_bounty-5Neelamegha Kannan Sbug-bounty-tips, bug-bounty, cybersecurity, penetration-testing, meta03-Jul-2024
Aylık Özet Haziran 2024: Incognitee Hata Ödülü Lansmanı, Polkadot Hazine Teklifi ve Daha Fazlasıhttps://medium.com/@integriteetr/ayl%C4%B1k-%C3%B6zet-haziran-2024-incognitee-hata-%C3%B6d%C3%BCl%C3%BC-lansman%C4%B1-polkadot-hazine-teklifi-ve-daha-fazlas%C4%B1-22beabdf77aa?source=rss------bug_bounty-5Integriteetrintegritee, bug-bounty, blockchain, polkadot, wrap-up03-Jul-2024
PortSwigger LABs- SQL Injectionhttps://medium.com/@1dnz/lab-sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-ec0d03f83574?source=rss------bug_bounty-5H-ACK-inghacks, portswigger-lab, bug-bounty, hacking03-Jul-2024
A story of a nice SSRF vulnerability.https://medium.com/@oXnoOneXo/a-story-of-a-nice-ssrf-vulnerability-51e16ff6a33f?source=rss------bug_bounty-5oXnoOneXohackerone, bug-bounty, ssrf03-Jul-2024
#IBRAHIMXSS TOOL RELEASEhttps://ibrahimxss.medium.com/ibrahimxss-tool-release-97ba90fc3419?source=rss------bug_bounty-5#IbrahimXSSxss-challenge, xss-bypass, xss-attack, xss-vulnerability, bug-bounty03-Jul-2024
How I Discovered Authentication Bypass That Blocks Users from Accessing the Website ?https://sayedv2.medium.com/how-i-discovered-authentication-bypass-that-blocks-users-from-accessing-the-website-93140fa180ac?source=rss------bug_bounty-5Mohamed Sayedbug-bounty-writeup, bug-bounty-tips, hackerone, authentication, bug-bounty03-Jul-2024
Bypassing Input Validation $0 - $1000https://medium.com/@mdnafeed3/bypassing-input-validation-0-1000-799682d547ba?source=rss------bug_bounty-5H4cker-Nafeedtechnology, infosec, cybersecurity, bug-bounty02-Jul-2024
Understanding Admin Login Bypass: A Critical Security Discussionhttps://farrosfr.medium.com/understanding-admin-login-bypass-a-critical-security-discussion-2641e54e60fd?source=rss------bug_bounty-5Mochammad Farros Fatchur Rojiphp, programming, bug-bounty, web, cybersecurity02-Jul-2024
Do Hackers Really Need Coding Skills? Let’s Understand . . .https://d3athcod3.medium.com/do-hackers-really-need-coding-skills-lets-understand-51e60e16c978?source=rss------bug_bounty-5D3athCod3technology, hacking, cybersecurity, bug-bounty, computer-science02-Jul-2024
18.4 Lab: Arbitrary object injection in PHPhttps://cyberw1ng.medium.com/18-4-lab-arbitrary-object-injection-in-php-30a164de4595?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, hacking, cybersecurity02-Jul-2024
Secret phishing bug google dont want you to knowhttps://medium.com/@eyaalgabay/secret-phishing-bug-google-dont-want-you-to-know-4d6d7616fa3f?source=rss------bug_bounty-5Eyaalgabayweb-hacking, bug-bounty, hacking, cybersecurity, unicode02-Jul-2024
LendingOwl introduces Bug Bounty Program.https://medium.com/@valeriecameron70/lendingowl-introduces-bug-bounty-program-739910791826?source=rss------bug_bounty-5Valerie Cameronlending, fintech, p2p, bug-bounty, news-articles02-Jul-2024
How I found IDOR in NASAhttps://infosecwriteups.com/how-i-found-idor-in-nasa-4186a03455b4?source=rss------bug_bounty-5Eslam Omarhacking, bug-bounty, bug-bounty-tips, nasa02-Jul-2024
AT&T Bug Bounty Program Scopehttps://medium.com/@imusabkhan/at-t-bug-bounty-program-scope-ae256fbf1bf9?source=rss------bug_bounty-5Mohammad Musab Khanbug-bounty, ethical-hacking, att, writeup, hackerone02-Jul-2024
Monthly Wrap-Up June 2024: Incognitee Bug Bounty Launch, Polkadot Treasury Proposal & Morehttps://medium.com/integritee/monthly-wrap-up-june-2024-incognitee-bug-bounty-launch-polkadot-treasury-proposal-more-c3623df413d4?source=rss------bug_bounty-5Integritee Networkbug-bounty, integritee, polkadot, wrap-up, blockchain02-Jul-2024
How to Find Your First CVE: A Guide for Aspiring Security Researchershttps://medium.com/@khammassilouay21/how-to-find-your-first-cve-a-guide-for-aspiring-security-researchers-c1e5eb9e819a?source=rss------bug_bounty-5Khammassilouaycve, web-security, bug-bounty, cybersecurity02-Jul-2024
Self XSS + Login CSRF + OAuth = Account Takeoverhttps://medium.com/@l_s_/self-xss-login-csrf-oauth-account-takeover-6357f3395b49?source=rss------bug_bounty-5LSbug-bounty, xss-attack, oauth, csrf, hacking02-Jul-2024
INFORMATION DISCLOSURE THROUGH AN ORGANIZATION’S NETWORKhttps://hackhive.medium.com/information-disclosure-through-an-organizations-network-1f4e0bac1c55?source=rss------bug_bounty-5HackHivebug-bounty, pentesting, vulnerability-assessment, information-security, information-disclosure02-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-33)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-33-31e20416b7aa?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, cybersecurity, hacking, ethical-hacking, bug-bounty02-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-32)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-32-044ea32fd931?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, hacking, skills, cybersecurity, bug-bounty02-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-31)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-31-401155afb539?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, skills, hacking, bug-bounty, ethical-hacking02-Jul-2024
File upload to RCE — Bug Bounty Tuesdayhttps://medium.com/@kerstan/file-upload-to-rce-bug-bounty-tuesday-f8dda0ed4077?source=rss------bug_bounty-5kerstanhacking, cybersecurity, bug-bounty02-Jul-2024
The Dark Side of Contact Forms: How I Identified 7 CVEs in WordPress Pluginshttps://dropn0w.medium.com/the-dark-side-of-contact-forms-how-i-identified-7-cves-in-wordpress-plugins-30f6111dfebf?source=rss------bug_bounty-5dropbug-bounty, hacking, information-security, wordpress, cybersecurity02-Jul-2024
How to Find Your First CVE: A Guide for Aspiring Security Researchershttps://systemweakness.com/how-to-find-your-first-cve-a-guide-for-aspiring-security-researchers-c1e5eb9e819a?source=rss------bug_bounty-5Khammassilouaycve, web-security, bug-bounty, cybersecurity02-Jul-2024
How to Use Google Dorks to Find Vulnerabilitieshttps://medium.com/@meerabell/how-to-use-google-dorks-to-find-vulnerabilities-da782f05826e?source=rss------bug_bounty-5Meerabellhacking, information-security, bug-bounty, google-dork, cybersecurity02-Jul-2024
Exploiting Response Manipulation for Account Takeoverhttps://medium.com/@sdarmwal17/exploiting-response-manipulation-for-account-takeover-b19ce1494109?source=rss------bug_bounty-5Shubham Darmwalotp-bypass, cybersecurity, account-takeover, bug-bounty, response-manipulation02-Jul-2024
Complex Attack Types: Sample Scenarios 31https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-31-b4f0ee2f90ac?source=rss------bug_bounty-5Baris Dincerbug-bounty, cybersecurity, active-directory, penetration-testing, freedomofinternet02-Jul-2024
How to Use Google Dorks to Find Vulnerabilitieshttps://medium.com/@mirabelle.dib/how-to-use-google-dorks-to-find-vulnerabilities-da782f05826e?source=rss------bug_bounty-5Meerabellhacking, information-security, bug-bounty, google-dork, cybersecurity02-Jul-2024
Effective XSS methodology : The true way to hunt XSShttps://xdead4f.medium.com/effective-xss-methodology-the-true-way-to-hunt-xss-4f4d740035cc?source=rss------bug_bounty-50xdead4fxss-attack, bug-hunting, bug-bounty, cybersecurity01-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-29)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-29-d5e656812d96?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, cybersecurity, bug-bounty, hacking, skills01-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-28)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-28-ae3cb3e93960?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, bug-bounty, cyber-security-awareness, ethical-hacking, hacking01-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-27)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-27-f5c03938d8fb?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cyber-security-awareness, ethical-hacking, hacking, bug-bounty-tips01-Jul-2024
Understanding and Mitigating Smart Contract Vulnerabilitieshttps://securrtech.medium.com/understanding-and-mitigating-smart-contract-vulnerabilities-291b7fe168f2?source=rss------bug_bounty-5Securrvulnerability, bug-bounty, cybersecurity, securr, smart-contracts01-Jul-2024
18.3 Using application functionality to exploit insecure deserializationhttps://cyberw1ng.medium.com/18-3-using-application-functionality-to-exploit-insecure-deserialization-d6f18fe4811c?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, penetration-testing, bug-bounty, careers01-Jul-2024
Phishing or What?? How I Got Access to the Internal Email of a Companyhttps://infosecwriteups.com/phishing-or-what-how-i-got-access-to-the-internal-email-of-a-company-a098fb08728?source=rss------bug_bounty-5whit3ros3infosec, ethical-hacking, hacking, bug-bounty, bug-bounty-tips01-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-30)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-30-e3519045da6d?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, skills, cybersecurity, bug-bounty, hacking01-Jul-2024
Unmasking the Danger: Open Redirection via Referer Headerhttps://medium.com/@sulmanfarooq531/unmasking-the-danger-open-redirection-via-referer-header-a527ab4e7be1?source=rss------bug_bounty-5Sulman Farooq Scybersecurity, bug-bounty, hacking, open-redirect01-Jul-2024
How I Found CVE-2019-9826 on one of famous crypto company. $$$$https://medium.com/@a7madhacck/how-i-found-cve-2019-9826-on-one-of-famous-crypto-company-f23d9ba69861?source=rss------bug_bounty-5Ahmad Yussefbug-bounty-writeup, cybersecurity, bug-bounty-tips, hacking, bug-bounty01-Jul-2024
3 Easy cash via cachehttps://medium.com/@mohamed0xmuslim/3-easy-cash-via-cache-99d600565ac5?source=rss------bug_bounty-5Muhammad_Mostafabug-bounty01-Jul-2024
Story of a 1000$ Open Redirecthttps://infosecwriteups.com/story-of-a-1000-open-redirect-1405fb8a0e7a?source=rss------bug_bounty-5Debangshu Kunducybersecurity, medium, bug-bounty, hacking, technology01-Jul-2024
‍Hacking Hidden Gems: Content Discovery with Webseekhttps://medium.com/@hackertam1/hacking-hidden-gems-content-discovery-with-webseek-cf5a00c97d72?source=rss------bug_bounty-5Tahir Mujawarcybersecurity, bug-bounty, recon, ethical-hacking, penetration-testing01-Jul-2024
How I found Bug on NASAhttps://medium.com/@psychomong/how-i-found-bug-on-nasa-b2408e14aa17?source=rss------bug_bounty-5psychomongbug-bounty, real-world-bug-hunting, nasa, hacking, hacker01-Jul-2024
My 60 Days Journey To Find My First Bughttps://medium.com/@binarysleuth247/my-60-days-journey-to-find-my-first-bug-59a2e676fda8?source=rss------bug_bounty-5binarysleuth247bug-bounty01-Jul-2024
VPS -Virtual Private Server-https://medium.com/@haticezkmnl/vps-virtual-private-server-f37ffab2f3f1?source=rss------bug_bounty-5Hatice Zehra Kamanlıservers, website, bug-bounty, public, vps01-Jul-2024
THM — Blog walkthroughhttps://medium.com/@riickyrick/thm-blog-walkthrough-21f2844eafda?source=rss------bug_bounty-5Riickythm, bug-bounty, metasploit, wordpress, writeup01-Jul-2024
Mengumpulkan javascript file pada suatu websites untuk menemukan information disclosurehttps://hack4funacademy.medium.com/mengumpulkan-javascript-file-pada-suatu-websites-untuk-menemukan-information-disclosure-8126fcccd77d?source=rss------bug_bounty-5Hack4Fun Academypentesting, cybersecurity, bug-bounty, bug-bounty-tips, hacking30-Jun-2024
XSS Deep Learning and Test Case Preparationhttps://medium.com/@barsavak/xss-deep-learning-and-test-case-preparation-3f796a7ad5ed?source=rss------bug_bounty-5bariss30bug-bounty-tips, bug-bounty, xss-vulnerability30-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-26)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-26-49760a380496?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty-program, bug-bounty30-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-25)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-25-25328dcc629f?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-hunter, bug-bounty-writeup, bug-bounty-program, bug-bounty, bug-bounty-tips30-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-24)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-24-17e137c514ed?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-hunter, bug-bounty-program, bug-bounty-tips, bug-bounty, bug-bounty-writeup30-Jun-2024
The Only Methodology you need to Know to earn $$$$ in Bug Bounty in your First Dayhttps://xdead4f.medium.com/the-only-methodology-you-need-to-know-to-earn-in-bug-bounty-in-your-first-day-e8a361c89eb5?source=rss------bug_bounty-50xdead4fbug-bounty, side-hustle, bug-bounty-methodology30-Jun-2024
Guide to Using ffufhttps://medium.com/@learntheshell/guide-to-using-ffuf-74824770076b?source=rss------bug_bounty-5LearnTheShellbug-bounty, cybersecurity, fuzzing, hacking, linux30-Jun-2024
Bug Report from Product Testing https://hng.tech/https://medium.com/@teslimahsalahudeen/bug-report-from-product-testing-https-hng-tech-98e290fe3c0e?source=rss------bug_bounty-5CyberGoodness^product-testing, bug-bounty, security30-Jun-2024
XSS TEST CASE TASKhttps://medium.com/@avar.talha08/xss-test-case-task-7a4bfd5b223a?source=rss------bug_bounty-5Talha Acarbug-bounty-writeup, bug-bounty, php30-Jun-2024
Cisco Finesse Remote File Inclusion (CVE-2024–20405)https://0x3zzat.medium.com/cisco-finesse-remote-file-inclusion-cve-2024-20405-7947c3327e0c?source=rss------bug_bounty-5Abd El Rahman Ezzatcve, penetration-testing, bug-bounty, cve-2024-20405, cisco30-Jun-2024
Cisco Finesse Server Side Request Forgery (CVE-2024–20404)https://0x3zzat.medium.com/cisco-finesse-server-side-request-forgery-cve-2024-20404-5d74b449a4a2?source=rss------bug_bounty-5Abd El Rahman Ezzatcve-2024-20404, penetration-testing, cve, cisco, bug-bounty30-Jun-2024
18.2 Modifying Serialized Data Typeshttps://cyberw1ng.medium.com/18-2-modifying-serialized-data-types-726426fb3350?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, cybersecurity, bug-bounty, penetration-testing30-Jun-2024
XSS 101: XSS Nedir ?https://medium.com/@kormorphus/xss-101-xss-nedir-15b04f7e4269?source=rss------bug_bounty-5Kormorphusbug-bounty, cybersecurity, xss-attack30-Jun-2024
How to use Cheat Engine on Opera Gxhttps://medium.com/@MrRipperoni/how-to-use-cheat-engine-on-opera-gx-ea6b121f0301?source=rss------bug_bounty-5Mr.Ripperoniprogramming, bug-bounty, hacking, gamehacking, hacking-tools30-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-23)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-23-9f3497d279f1?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter, bug-bounty-program, bug-bounty29-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-22)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-22-8edd54306b83?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty-program, bug-bounty-hunter, bug-bounty-writeup, bug-bounty29-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-21)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-21-e008298773da?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-writeup, bug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-program29-Jun-2024
XSS TEST CASEhttps://medium.com/@aarda418/xss-test-case-6158aad30604?source=rss------bug_bounty-5Arda Aslanbug-bounty-tips, xss-vulnerability, bug-bounty29-Jun-2024
14.9 Lab: CSRF where token is tied to non-session cookiehttps://cyberw1ng.medium.com/14-9-lab-csrf-where-token-is-tied-to-non-session-cookie-926338db4ba7?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, hacking, cybersecurity, bug-bounty29-Jun-2024
Using AI to hunt for XSS.https://medium.com/@deadoverflow/using-ai-to-hunt-for-xss-e04ba8d32ba8?source=rss------bug_bounty-5Imad Husanoviccybersecurity, ethical-hacking, bug-bounty-tips, bug-bounty, hacking29-Jun-2024
XSS TEST CASEhttps://medium.com/@mehmetfarisacar/xss-test-case-199e0bec59a6?source=rss------bug_bounty-5Mehmet Faris Acarbug-bounty, xss-vulnerability, bug-bounty-tips29-Jun-2024
LEARNING PROCESS module from HTB بالعربيhttps://medium.com/@am3002297/learning-process-module-from-htb-%D8%A8%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A-37675b8144b0?source=rss------bug_bounty-530obdcybersecurity, bug-bounty29-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-19)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-19-7dfd1bd2d1ba?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-program28-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-18)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-18-5179747f60c3?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty, bug-bounty-writeup, bug-bounty-hunter, bug-bounty-program28-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-20)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-20-a60e30106e0c?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-program, bug-bounty-writeup, bug-bounty-hunter, bug-bounty, bug-bounty-tips28-Jun-2024
Race Condition Vulnerability to bypass email confirmationhttps://medium.com/@siratsami71/race-condition-vulnerability-to-bypass-email-confirmation-2af8d916fe61?source=rss------bug_bounty-5Sirat Sami (analyz3r)hacking, bug-bounty, cybersecurity28-Jun-2024
XSS Zafiyeti Hakkında:https://medium.com/@hhuseyinuyar17/xss-zafiyeti-hakk%C4%B1nda-98b5849d4700?source=rss------bug_bounty-5Hhuseyinuyarreflected-xss, xss-attack, dom-xss, stored-xss, bug-bounty28-Jun-2024
An Easy RACE CONDITION Bug That Made Me Famehttps://medium.com/@hashimamin/an-easy-race-condition-bug-that-made-me-fame-97d6921ae7f4?source=rss------bug_bounty-5Hashim Aminvulnerability, race-condition, infosec, bugbounty-writeup, bug-bounty28-Jun-2024
Why is programming so important in bug bounty?https://medium.com/@deadoverflow/why-is-programming-so-important-in-bug-bounty-b7d7889ae026?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, cybersecurity, programming, bug-bounty, hacking28-Jun-2024
HTML Injection — HTB labhttps://zhunter12.medium.com/html-injection-htb-lab-cd7bdcd8fd93?source=rss------bug_bounty-5Oscar Romerohtb-academy, htb, html-injection, cybersecurity, bug-bounty28-Jun-2024
14.8 Lab: CSRF where token is duplicated in cookiehttps://cyberw1ng.medium.com/14-8-lab-csrf-where-token-is-duplicated-in-cookie-d688fd0ac2ac?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, cybersecurity, bug-bounty, careers28-Jun-2024
0-click Account Takeover (ATO) via Google Authenticationhttps://medium.com/@elcapitano7x/0-click-account-takeover-ato-via-google-authentication-b63a01a80a03?source=rss------bug_bounty-5Elcapitanobug-bounty-tips, hackerone, bug-bounty-writeup, account-takeover, bug-bounty28-Jun-2024
[Bounty Weekend] Phone Verification Bypass With Business Logic Vulnerabilityhttps://medium.com/@rifqihz/bounty-weekend-phone-verification-bypass-with-business-logic-vulnerability-1b2844b93d5a?source=rss------bug_bounty-5Rifqi Hilmy Zhafranthackerone, writeup, bug-bounty28-Jun-2024
Writeup: Discovering and Exploiting XSS Vulnerabilities — My First Bug Hunting Rewardhttps://medium.com/@heyrm/writeup-discovering-and-exploiting-xss-vulnerabilities-my-first-bug-hunting-reward-0dfb0ebfd6aa?source=rss------bug_bounty-5heyrmbug-bounty-writeup, cybersecurity, bug-bounty, xss-attack, bug-hunting27-Jun-2024
Writeup: Menemukan dan Mengeksploitasi Kerentanan XSS — Reward Bug Hunting Pertamakuhttps://medium.com/@heyrm/writeup-menemukan-dan-mengeksploitasi-kerentanan-xss-reward-bug-hunting-pertamaku-cbf76c9eaf65?source=rss------bug_bounty-5heyrmxss-vulnerability, bug-bounty, cybersecurity, xss-attack, bug-hunting27-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-17)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-17-8d38292448cf?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-hunter, bug-bounty-program, bug-bounty-writeup, bug-bounty-tips, bug-bounty27-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-16)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-16-aacc2aab0f71?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty, bug-bounty-program, bug-bounty-hunter, bug-bounty-writeup27-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-15)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-15-2cd3a0188386?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, bug-bounty-writeup, bug-bounty-program, bug-bounty-tips, bug-bounty-hunter27-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-14)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-14-985969cf2f17?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-bounty-program, bug-bounty-tips27-Jun-2024
Hunting Bugs for RE Hunter 350https://vijetareigns.medium.com/hunting-bugs-for-re-hunter-350-81338c4ebf20?source=rss------bug_bounty-5the_unlucky_guybug-bounty, bug-bounty-tips, bug-bounty-writeup, bugbounty-writeup, cybersecurity27-Jun-2024
Malicious Document Analysis: Emotet Case Ihttps://medium.com/@brsdncr/malicious-document-analysis-emotet-case-i-4a5f1ca8c565?source=rss------bug_bounty-5Baris Dincercybersecurity, threat-intelligence, penetration-testing, bug-bounty, freedomofinternet27-Jun-2024
IDORs Never Disappoint Me— Hacking Into Online Bookings ($$$$)https://aravind07.medium.com/idors-never-disappoint-me-hacking-into-online-bookings-5b2f34e1af25?source=rss------bug_bounty-5Gnana Aravind Kcybersecurity, penetration-testing, infosec, hacking, bug-bounty27-Jun-2024
How I was able to steal cookies via stored XSShttps://medium.com/@xnum.1/how-i-was-able-to-steal-cookies-via-stored-xss-c7f172fe114c?source=rss------bug_bounty-5Ahmed Tarekstored-xss, xss-attack, bug-bounty, cookies, javascript27-Jun-2024
14.7 Lab: CSRF where token is not tied to user sessionhttps://cyberw1ng.medium.com/14-7-lab-csrf-where-token-is-not-tied-to-user-session-841faddd036a?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, bug-bounty, careers, hacking27-Jun-2024
XSS Test Cases Preperationhttps://medium.com/@NadirSensoy/xss-test-cases-preperation-566e34ff94fb?source=rss------bug_bounty-5Nadir Sensoybug-bounty-tips, bug-bounty, xss-vulnerability27-Jun-2024
Front End y Back End: Lab HTB Exposición de Datos Sensibleshttps://zhunter12.medium.com/front-end-y-back-end-lab-htb-exposici%C3%B3n-de-datos-sensibles-a21431c08d9d?source=rss------bug_bounty-5Oscar Romerocybersecurity, frontend, sensitive-data-exposure, htb-academy, bug-bounty27-Jun-2024
How I was able to steal cookies via stored XSShttps://medium.com/@0x_xnum/how-i-was-able-to-steal-cookies-via-stored-xss-c7f172fe114c?source=rss------bug_bounty-5Ahmed Tarekstored-xss, xss-attack, bug-bounty, cookies, javascript27-Jun-2024
How long did it take me to find my first bug?https://medium.com/@deadoverflow/how-long-did-it-take-me-to-find-my-first-bug-969699fa9080?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, hacking, cybersecurity, bug-bounty, programming27-Jun-2024
ICMTC CTF 2024 (Web Exploitation)https://0x0anas.medium.com/icmtc-ctf-2024-web-exploitation-57998a15107b?source=rss------bug_bounty-5Anas Ibrahimctf, icmtc-ctf, pentesting, bug-bounty27-Jun-2024
IDORs Never Disappoint Me — Hacking Into Online Bookings ($$$$)https://aravind07.medium.com/idors-never-disappoint-me-hacking-into-online-bookings-5b2f34e1af25?source=rss------bug_bounty-5Gnana Aravind Kcybersecurity, penetration-testing, infosec, hacking, bug-bounty27-Jun-2024
Checklist for Forgot Password functionalityhttps://infosecwriteups.com/checklist-for-forgot-password-functionality-3f61c34a15eb?source=rss------bug_bounty-5Suprajabaskaranpenetration-testing, passwords, bug-bounty, bug-bounty-tips, pentesting26-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-13)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-13-b7bc7fa2123b?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-hunter, bug-bounty-program, bug-bounty, bug-bounty-tips, bug-bounty-writeup26-Jun-2024
Basic Cyber Security Course First Dayhttps://mrunknown124154.medium.com/basic-cyber-security-course-first-day-c6ad0cb7d907?source=rss------bug_bounty-5Mr Abdullahcyber-security-awareness, ethical-hacking, bug-bounty, cybersecurity26-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-12)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-12-4b892dc13d9f?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-hunter, bug-bounty-program, bug-bounty-tips, bug-bounty-writeup, bug-bounty26-Jun-2024
XSS: Demonstrating Impact Without Credentialshttps://infosecwriteups.com/xss-demonstrating-impact-without-credentials-db7fff38792a?source=rss------bug_bounty-5Shlok Kxss-attack, vulnerability, infosec, bug-bounty, cross-site-scripting26-Jun-2024
Penetration Testing with Termux: A Newbie’s Success Storyhttps://medium.com/@yp400215/penetration-testing-with-termux-a-newbies-success-story-649e3393a311?source=rss------bug_bounty-5Yash Pawarbug-bounty, penetration-testing, idor-vulnerability26-Jun-2024
Come backhttps://medium.com/@anonymous19999/come-back-802e211927f6?source=rss------bug_bounty-5Anonymouslife, love, bug-bounty, comeback26-Jun-2024
Learn Android Penetration Testing Skill with This Vulnerable APKhttps://medium.com/@phyowathone/learn-android-penetration-testing-skill-with-this-vulnerable-apk-94d9300a11c4?source=rss------bug_bounty-5Phyo WaThone Winandroid-pentesting, android-security, application-security, android-bug-bounty, bug-bounty26-Jun-2024
How I found XSS and open redirect in Kamiapp.com accidentallyhttps://medium.com/@alimuhammadsecured/how-i-found-xss-and-open-redirect-in-kamiapp-com-accidentally-364ef7db939d?source=rss------bug_bounty-5Alimuhammadsecuredxss-attack, cybersecurity, hacking, bug-bounty26-Jun-2024
Complex Attack Types: Sample Scenarios 26https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-26-9b05b2b26815?source=rss------bug_bounty-5Baris Dincerbug-bounty, penetration-testing, freedomofinternet, cybersecurity, information-security26-Jun-2024
Unveiling the Secrets of Server-Side Template Injection (SSTI) in Flask and Jinja2https://medium.com/@baraiprince0111/unveiling-the-secrets-of-server-side-template-injection-ssti-in-flask-and-jinja2-25c57ab3199f?source=rss------bug_bounty-5Baraiprincectf, hacking, cybersecurity, trends, bug-bounty26-Jun-2024
Unveiling OAuth Vulnerabilities: Exploring Account Access Without Email Verificationhttps://medium.com/@sulmanfarooq531/unveiling-oauth-vulnerabilities-exploring-account-access-without-email-verification-d36762361df7?source=rss------bug_bounty-5Sulman Farooq Sbug-bounty, cybersecurity, oauth, hacking, oauth226-Jun-2024
How i’ve found : ( IDOR + XSS ) = all USERS account takeover 🙂 ?https://medium.com/@zack0x01_/how-ive-found-idor-xss-all-users-account-takeover-a49d59cf5108?source=rss------bug_bounty-5zack0x01bugbounty-tips, bug-bounty, bugbounty-poc, hacking, bugbounty-writeup26-Jun-2024
VRP [IDOR] Menghapus dan Melihat Data Korbanhttps://medium.com/@anvilleofficial/vrp-idor-menghapus-dan-melihat-data-korban-a9e1f8978798?source=rss------bug_bounty-5barridor, bug-bounty26-Jun-2024
How I compromised 1500 accounts/month with no technical skillhttps://theclemvp.medium.com/how-i-compromised-1500-accounts-month-with-no-technical-skill-6a83ecd5c8eb?source=rss------bug_bounty-5Clémentcybersecurity, pentesting, penetration-testing, hacking, bug-bounty26-Jun-2024
14.6 Lab: CSRF Vulnerability where token validation depends on request methodhttps://cyberw1ng.medium.com/14-6-lab-csrf-vulnerability-where-token-validation-depends-on-request-method-78f2a2c33173?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, careers, cybersecurity26-Jun-2024
OTP Bypass through Response Manipulationhttps://medium.com/@xnum.1/otp-bypass-through-response-manipulation-905bc70e5ff4?source=rss------bug_bounty-5Ahmed Tarekauthentication-bypass, authentication, bug-bounty, otp-verification, otp-bypass26-Jun-2024
Explotando Vulnerabilidades de Validación de Entrada en un Workflow de Compras — Web Sec Academyhttps://zhunter12.medium.com/explotando-vulnerabilidades-de-validaci%C3%B3n-de-entrada-en-un-workflow-de-compras-web-sec-academy-a1e3265c46b8?source=rss------bug_bounty-5Oscar Romerociberseguridad, portswigger-lab, bug-bounty, business-logic-flaw, burpsuite26-Jun-2024
Understanding Web Security Concepts: A Comprehensive Guidehttps://medium.com/@cybe3king/understanding-web-security-concepts-a-comprehensive-guide-61ced70c3337?source=rss------bug_bounty-5Cybe3kingbug-bounty, cybersecurity, penetration-testing, web-security, ethical-hacking26-Jun-2024
Securing Your Home Network: Final Stepshttps://medium.com/@jessemridley/securing-your-home-network-final-steps-676b1d7c3787?source=rss------bug_bounty-5Jesse Ridleybug-bounty, network-security, hackathons, freelancing, cybersecurity25-Jun-2024
13.31 Lab: Exploiting XSS to perform CSRFhttps://cyberw1ng.medium.com/13-31-lab-exploiting-xss-to-perform-csrf-0fffd6243312?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, bug-bounty, hacking, cybersecurity25-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-10)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-10-466f0806866b?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, bug-bounty-writeup, bug-bounty-program, bug-bounty-tips, bug-bounty-hunter25-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-9)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-9-f76dc4218c1c?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-hunter, bug-bounty, bug-bounty-program, bug-bounty-writeup, bug-bounty-tips25-Jun-2024
#3. Bug Bounty Series: OTP Verification Bypasshttps://cyb3rmind.medium.com/3-bug-bounty-series-otp-verification-bypass-468526b76720?source=rss------bug_bounty-5Cyb3r M!ndsbug-bounty, otp-bypass, hacking, bug-bounty-tips, pentesting25-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-11)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-11-f5009818fb39?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-program, bug-bounty, bug-bounty-start-up, bug-bounty-tips, bug-bounty-hunting25-Jun-2024
The Role of Ethical Hackers in Web3 Securityhttps://securrtech.medium.com/the-role-of-ethical-hackers-in-web3-security-e858b516b43d?source=rss------bug_bounty-5Securrblockchain, bug-bounty, web3bugbounty, web3-security, web325-Jun-2024
“Onerror” Ne Demek ?https://medium.com/@beratkolay37/onerror-ne-demek-bb751f8e6a1b?source=rss------bug_bounty-5Berat K.kali-linux, html, bug-bounty, onerror, javascript25-Jun-2024
#3. Bug Bounty Series: OTP Verification bypass leads to unauthorized booking appointmenthttps://cyb3rmind.medium.com/3-bug-bounty-series-otp-verification-bypass-468526b76720?source=rss------bug_bounty-5Cyb3r M!ndsbug-bounty, otp-bypass, hacking, bug-bounty-tips, pentesting25-Jun-2024
ZDay Olarak Bulduğum PostMessage XSS Zafiyetinin Analizihttps://grolar.medium.com/zday-olarak-buldu%C4%9Fum-postmessage-xss-zafiyetinin-analizi-4c81471e32e5?source=rss------bug_bounty-5Grolarbug-bounty-writeup, dom-xss, bug-bounty, xss-vulnerability, web-security25-Jun-2024
Testing SolarWinds Serv-U Path Directory Transversal Vulnerability (CVE-2024–28995)https://noorhomaid.medium.com/testing-solarwinds-serv-u-path-directory-transversal-vulnerability-cve-2024-28995-d80e60d31a8d?source=rss------bug_bounty-5NoorHomaidcybersecurity, cve, penetration-testing, bug-bounty, solarwinds-hack25-Jun-2024
The one where I owned a customer service platformhttps://medium.com/@un1tycyb3r/the-one-where-i-owned-a-customer-service-platform-2fd4cff11b28?source=rss------bug_bounty-5Un1tycyb3rbug-bounty25-Jun-2024
Find Sensitive Data’s using via network analysis make me 250$https://medium.com/@test123cybertest/find-sensitive-datas-using-via-network-analysis-make-me-250-a0b23b0cb03b?source=rss------bug_bounty-5praveenarsh0xx0pentesting, bug-bounty, cybersecurity, bug-bounty-tips25-Jun-2024
How I Found a Vulnerability in Paytm and Received a Bountyhttps://mufazmi.medium.com/how-i-found-a-vulnerability-in-paytm-and-received-a-bounty-d580ea14e9a8?source=rss------bug_bounty-5Umair Farooqui ✪paytm-bug-bounty, mufazmi, bug-bounty, umair-farooqui, paytm-bug25-Jun-2024
Hackathon CTF VulnHub | Writeup | Walkthroughhttps://shamsulmehmood.medium.com/hackathon-ctf-vulnhub-writeup-walkthrough-aa36adedc49e?source=rss------bug_bounty-5SHAMS UL MEHMOODvulnerability, cybersecurity, ai, hacker, bug-bounty25-Jun-2024
My First Bug Hunting Experience: A Journey from Disappointment to Successhttps://b0mk35h.medium.com/my-first-bug-hunting-experience-a-journey-from-disappointment-to-success-ae92c222a0d0?source=rss------bug_bounty-5Pronay Biswasbug-bounty, ethical-hacking, cybersecurity, web-security, cyberattack24-Jun-2024
Unseen Dangers: How Cloud Misconfigurations Could Be Your Company’s Biggest Threathttps://medium.com/@paritoshblogs/unseen-dangers-how-cloud-misconfigurations-could-be-your-companys-biggest-threat-c1ed86b10093?source=rss------bug_bounty-5Paritoshcloud-computing, cybersecurity, hacking, bug-bounty, cloud24-Jun-2024
Roadmap to Becoming a Professional Penetration Tester with Estimated Learning Timehttps://medium.com/@cuncis/roadmap-to-becoming-a-professional-penetration-tester-with-estimated-learning-time-d352bdd43fbe?source=rss------bug_bounty-5Cunciscybersecurity, penetration-test, bug-bounty, penetration-testing, hacker24-Jun-2024
Understanding Cybersecurity: Exploits, CVEs, and Morehttps://systemweakness.com/understanding-cybersecurity-exploits-cves-and-more-59b41bf679dc?source=rss------bug_bounty-5Khaleel Khancybersecurity, bug-bounty, hacking, infosec, ethical-hacking24-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-6)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-6-2ad674553fa0?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-writeup, bug-bounty-tips, bug-bounty, bug-bounty-program, bug-bounty-hunter24-Jun-2024
CVE Seeker — Unveiling Cyber Threats: From Assets to Vulnerability Insightshttps://anmolksachan.medium.com/cve-seeker-unveiling-cyber-threats-from-assets-to-vulnerability-insights-b4b485a7aefb?source=rss------bug_bounty-5Anmol K Sachanrecon, shodan, asm, bug-bounty, attack-surface-management24-Jun-2024
13.30 Lab: Exploiting cross-site scripting to capture passwordshttps://cyberw1ng.medium.com/13-30-lab-exploiting-cross-site-scripting-to-capture-passwords-bd3714035b4a?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, penetration-testing, careers, cybersecurity24-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-8)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-8-3d5a833a4842?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty, bug-bounty-program, bug-bounty-hunter, bug-bounty-writeup24-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-7)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-7-6a8786ecb6f4?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-program, bug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup24-Jun-2024
OTP Bypass through Session Manipulationhttps://medium.com/@n4if/otp-bypass-through-session-manipulation-d73deceaa42f?source=rss------bug_bounty-50xNAiFpenetration-testing, bug-bounty, computer-science, cybersecurity24-Jun-2024
Insecure Direct Object Reference (IDOR) Walkthrough — VulnLab by Yavuzlarhttps://medium.com/@muhammadriva/insecure-direct-object-reference-idor-walkthrough-vulnlab-by-yavuzlar-3d16ce3f5345?source=rss------bug_bounty-5Muhammad Riva Fanzury Scybersecurity, bug-bounty, ethical-hacking, penetration-testing, idor-vulnerability24-Jun-2024
Cross Site Scripting (XSS) Walkthrough — VulnLab XSS by Yavuzlarhttps://medium.com/@muhammadriva/cross-site-scripting-xss-walkthrough-vulnlab-xss-by-yavuzlar-149d14ab2d6b?source=rss------bug_bounty-5Muhammad Riva Fanzury Scross-site-scripting, bug-bounty, cybersecurity, penetration-testing, ethical-hacking24-Jun-2024
OAuth CSRF: Exploiting the Authorization Code Flow for Account Takeoverhttps://medium.com/@cyberpro151/oauth-csrf-exploiting-the-authorization-code-flow-for-account-takeover-f67cee914d39?source=rss------bug_bounty-5cyberpro151web-security, account-takeover, bug-bounty, appsec, hacking24-Jun-2024
Bypassing Reset Password ATO (Account takeover) through JavaScript Breakpointshttps://medium.com/@asaad0x/bypassing-reset-password-ato-account-takeover-through-javascript-breakpoints-e71187ad7171?source=rss------bug_bounty-5Ahmad Asaadaccount-takeover, bug-bounty, penetration-testing, cybersecurity, infosec24-Jun-2024
Poodle Haney Bug Bountyhttps://medium.com/@haneypoodle/poodle-haney-bug-bounty-1b0a10a03689?source=rss------bug_bounty-5Poodle Haneymemecoins, haney, bug-bounty, poodle-haney24-Jun-2024
Tutorial Install Burpsuite Beginnerhttps://medium.com/@muhammadriva/tutorial-install-burpsuite-beginner-927375c22f94?source=rss------bug_bounty-5Muhammad Riva Fanzury Sbug-bounty, penetration-testing, cybersecurity, junior-pentester, burpsuite24-Jun-2024
Unrestricted File Upload Walkthrough — VulnLab by Yavuzlarhttps://medium.com/@muhammadriva/unrestricted-file-upload-walkthrough-vulnlab-by-yavuzlar-76854ebafe84?source=rss------bug_bounty-5Muhammad Riva Fanzury Spenetration-testing, bug-bounty, remote-code-execution, cybersecurity, backdoor24-Jun-2024
Bypassing Reset Password ATO (Account takeover) through JavaScript Breakpointshttps://read.martiandefense.llc/bypassing-reset-password-ato-account-takeover-through-javascript-breakpoints-e71187ad7171?source=rss------bug_bounty-5Ahmad Asaadaccount-takeover, bug-bounty, penetration-testing, cybersecurity, infosec24-Jun-2024
Next.js and cache poisoning: a quest for the black holehttps://medium.com/@zhero_/next-js-and-cache-poisoning-a-quest-for-the-black-hole-1ae634170a1e?source=rss------bug_bounty-5Rachid.Ahacking, bug-bounty, nextjs, web-security, javascript24-Jun-2024
Bug Bounty Programs: How Outsourcing Can Help Your Project — Sinhala Translationhttps://medium.com/@integriteesrilanka/bug-bounty-programs-how-outsourcing-can-help-your-project-sinhala-translation-0a40a97e58c7?source=rss------bug_bounty-5Integritee Sri Lankabug-bounty, immunefi, blockchain24-Jun-2024
OTP Bypass through Session Manipulationhttps://medium.com/@n4if/otp-bypass-through-session-manipulation-d73deceaa42f?source=rss------bug_bounty-50xn4ifpenetration-testing, bug-bounty, computer-science, cybersecurity24-Jun-2024
How i got easy multiple RXSShttps://medium.com/@0xmekky/how-i-got-easy-multiple-rxss-dd3a6bc521dd?source=rss------bug_bounty-5abdelrahem mekkyxss-attack, penetration-testing, reflected-xss, web-app-security, bug-bounty23-Jun-2024
Complex Attack Types: Sample Scenarios 23https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-23-c0079166f4d9?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, threat-intelligence, cybersecurity, penetration-testing, bug-bounty23-Jun-2024
13.29 Exploiting cross-site scripting to steal cookieshttps://cyberw1ng.medium.com/13-29-exploiting-cross-site-scripting-to-steal-cookies-21c7d5851ea3?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, penetration-testing, cybersecurity, bug-bounty23-Jun-2024
Duplicate P1 in public programhttps://medium.com/@mohamed.yasser442200/duplicate-p1-in-public-program-aa9ade8f61c3?source=rss------bug_bounty-5Spider4pentesting, bug-bounty-tips, authentication, hacking, bug-bounty23-Jun-2024
New 100$ Bug in My Methodology!https://medium.com/@rewmcode/new-100-bug-in-my-methodology-60d99f0dafe2?source=rss------bug_bounty-5Ali Rembug-bounty-tips, hacking, hacker, bug-bounty23-Jun-2024
Chaining bugs for Account Takeoverhttps://medium.com/@hbenja47/chaining-bugs-for-account-takeover-0b90a2d952af?source=rss------bug_bounty-5Benja (bronxi)hacking, bug-bounty23-Jun-2024
Guide to Using httpxhttps://medium.com/@learntheshell/guide-to-using-httpx-a542cbdc4ed4?source=rss------bug_bounty-5LearnTheShellcybersecurity, httpx, bug-bounty, linux, hacking22-Jun-2024
The Ultimate Shodan Search Guide for Cybersecurity Analystshttps://systemweakness.com/the-ultimate-shodan-search-guide-for-cybersecurity-analysts-283f17f56182?source=rss------bug_bounty-5Khaleel Khanhacking, cybersecurity, infosec, bug-bounty, cheatsheet22-Jun-2024
How I Found a Simple IDOR Bug That Exposed Sensitive Datahttps://medium.com/@dra0x0/how-i-found-a-simple-idor-bug-that-exposed-sensitive-data-36e6e9b508db?source=rss------bug_bounty-5dra0x0application-security, ethical-hacking, cybersecurity, software-testing, bug-bounty22-Jun-2024
How I found a .env file and can access the whole server of mysqlhttps://medium.com/@jeetpal2007/how-i-found-a-env-file-and-can-access-the-whole-server-of-mysql-a21af69cbd12?source=rss------bug_bounty-5JEETPALbug-bounty-tips, bug-bounty, cybersecurity, bugbounty-writeup, env-file22-Jun-2024
Practical Threat Hunting Using Known IOC IPshttps://medium.com/@paritoshblogs/practical-threat-hunting-using-known-ioc-ips-26a4eab0b616?source=rss------bug_bounty-5Paritoshcybersecurity, incident-response, bug-bounty, ransomware, threat-hunting22-Jun-2024
CVE-2024–28999 SolarWinds Race Conditionhttps://medium.com/@0xSphinx/cve-2024-28999-solarwinds-race-condition-62e175339b46?source=rss------bug_bounty-50xSphinxcybersecurity, bug-bounty, hacking, cyber-security-awareness, security22-Jun-2024
13.28 Lab: Reflected XSS into a template literal with angle brackets, single, double quotes…https://cyberw1ng.medium.com/13-28-lab-reflected-xss-into-a-template-literal-with-angle-brackets-single-double-quotes-45602869f45f?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, penetration-testing, cybersecurity22-Jun-2024
Found Bugs, Got paid, Stayed poor: Making a Living with Bug Bountieshttps://slava-moskvin.medium.com/found-bugs-got-paid-stayed-poor-making-a-living-with-bug-bounties-04ba1fbbab73?source=rss------bug_bounty-5Path Cybersec [Slava Moskvin]pentesting, reverse-engineering, cybersecurity, bug-bounty, offensive-security22-Jun-2024
Update on DNS problem with Lubuntu 24.04https://ariedwikusuma9.medium.com/update-on-dns-problem-with-lubuntu-24-04-5c48a903026f?source=rss------bug_bounty-5Ariekusumalinux, lubuntu, ubuntu, wireguard, bug-bounty21-Jun-2024
Bypassing iCloud Web Access Restrictionhttps://ltsirkov.medium.com/bypassing-icloud-web-access-restriction-30cdf12b979c?source=rss------bug_bounty-5Lyubomir Tsirkovbug-bounty, bug-bounty-tips, bugbounty-writeup, cybersecurity21-Jun-2024
How I Found 3 Bugs in a Single Dayhttps://medium.com/@dsmodi484/how-i-found-3-bugs-in-a-single-day-a690e2abd4fb?source=rss------bug_bounty-5Dishant Modioffensive-security, vapt, idor, bugs, bug-bounty21-Jun-2024
Dork Like a Pro: Exploiting Google for Bug Bounty Winshttps://medium.com/@RaunakGupta1922/dork-like-a-pro-exploiting-google-for-bug-bounty-wins-fd2612d7fde3?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitgoogle-dork, bug-bounty, vulnerability, hacking, cyber-security-awareness21-Jun-2024
Complex Attack Types: Sample Scenarios 22https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-22-f720da3d9dc3?source=rss------bug_bounty-5Baris Dincerinformation-technology, penetration-testing, bug-bounty, cybersecurity, freedomofinternet21-Jun-2024
Broken Access Control on an E-commerce website allows attackers to lengthen trial planhttps://medium.com/@p00dl3/broken-access-control-on-an-e-commerce-website-allows-attackers-to-lengthen-trial-plan-e59f5976bca3?source=rss------bug_bounty-5p00dl3cybersecurity, bug-bounty21-Jun-2024
Say Goodbye to Pesky Bugs: Top Bug Zappers for Perfect Family Gatheringshttps://medium.com/@seng4k2/say-goodbye-to-pesky-bugs-top-bug-zappers-for-perfect-family-gatherings-b23f405ac0c5?source=rss------bug_bounty-5Kear Sengmosquito, insects, bugs, bug-bounty, pest-control21-Jun-2024
13.27 Lab: Reflected XSS into a JavaScript string with a single quote and backslash-escapedhttps://cyberw1ng.medium.com/13-27-lab-reflected-xss-into-a-javascript-string-with-a-single-quote-and-backslash-escaped-2fbc757feb1a?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, bug-bounty, careers, cybersecurity21-Jun-2024
Exploring Web Infrastructure: Tools and Techniques for Effective Reconhttps://medium.com/@Kaizen2977/exploring-web-infrastructure-tools-and-techniques-for-effective-recon-11907b7ec938?source=rss------bug_bounty-5kapil Chotaliabug-bounty, penetration-testing, dns, email, cybersecurity21-Jun-2024
Quick & Easy $100 Bug That You Can Find In 5 minuteshttps://levelup.gitconnected.com/quick-easy-100-bug-that-you-can-find-in-5-minutes-aeb4b16745d9?source=rss------bug_bounty-5Hamza Avvanethical-hacking, bug-bounty, cybersecurity, earn-money-online, api21-Jun-2024
Best Practices for Securing Your Decentralized Applicationhttps://securrtech.medium.com/best-practices-for-securing-your-decentralized-application-d049a9ec547d?source=rss------bug_bounty-5Securrblockchain, web3, security, securr, bug-bounty21-Jun-2024
Everything About EC-Council CEHhttps://medium.com/@mazharshadab292/everything-about-ec-council-ceh-fb47b0392104?source=rss------bug_bounty-5Shadab Mazharhacking, social-media, computer-science, cybersecurity, bug-bounty21-Jun-2024
If youre looking for thorough and professional penetration testing services, youve come to the…https://medium.com/@kafim3137/if-youre-looking-for-thorough-and-professional-penetration-testing-services-youve-come-to-the-ea3d1129b61f?source=rss------bug_bounty-5Farhadbug-bounty, penetration-test, vulnerability, vulnerability-assessment, penetration-testing21-Jun-2024
Part 1- Everything You Need to Know About Browser Security Policies — SOP, CORS.https://medium.com/@vikramroot/part-1-everything-you-need-to-know-about-browser-security-policies-sop-cors-3eb025fd3ab8?source=rss------bug_bounty-5vikram naidubugbounty-writeup, penetration-testing, application-security, cybersecurity, bug-bounty21-Jun-2024
Part 2- Everything You Need to Know About Browser Security Policies — CSP, Cookie Attributes, etc.https://medium.com/@vikramroot/part-2-everything-you-need-to-know-about-browser-security-policies-csp-cookie-attributes-etc-3ea98f737b3a?source=rss------bug_bounty-5vikram naidupenetration-testing, bug-bounty, product-security, cybersecurity, application-security21-Jun-2024
Microsoft Subdomain XSS Report — Publishedhttps://ibrahimxss.medium.com/microsoft-subdomain-xss-report-published-3e4f54eea93c?source=rss------bug_bounty-5#IbrahimXSSxss-attack, xss-bypass, bug-bounty, microsoft, xss-vulnerability21-Jun-2024
Discovering an XSS Vulnerability on Vue.js 2.6.10 WebApphttps://ibrahimxss.medium.com/discovering-an-xss-vulnerability-on-vue-js-2-6-10-webapp-e6c0cc88e840?source=rss------bug_bounty-5#IbrahimXSSxss-attack, bug-bounty, xss-bypass, hacking, xss-vulnerability21-Jun-2024
Being Better at Burphttps://medium.com/@fat_zombi/being-better-at-burp-b9585186aa08?source=rss------bug_bounty-5Fatzombiappsec, bug-bounty, proxy, burpsuite20-Jun-2024
OWASP Top 10 SQL Injection Vulnerabilityhttps://medium.com/@Joshua_sk/owasp-top-10-sql-injection-vulnerability-97168af8978e?source=rss------bug_bounty-5Joshua_skvulnerability, web-hacking, bug-bounty, sql-injection, owasp-top-1020-Jun-2024
Kraken Crypto Exchange Hit by $3 Million Theft Exploiting Zero-Day Flawhttps://medium.com/@malikijlal/kraken-crypto-exchange-hit-by-3-million-theft-exploiting-zero-day-flaw-6f218c3aef57?source=rss------bug_bounty-5Malik Ijlalbug-bounty, cryptocurrency, cybersecurity, hacking, kraken20-Jun-2024
Getting Into Cybersecurity: A Roadmaphttps://medium.com/@majix_de/getting-into-cybersecurity-a71cde8a57b3?source=rss------bug_bounty-5Majixcybersecurity-tips, bug-bounty, infoseccareer, ethical-hacking, hack-to-learn20-Jun-2024
Untold story of Zomato XSShttps://medium.com/@info_4040/untold-story-of-zomato-xss-148c91d2faec?source=rss------bug_bounty-5Bug Detector'sxss-vulnerability, bug-bounty, bug-bounty-tips, penetration-testing, xss-attack20-Jun-2024
TryHackMe SQLMap Roomhttps://medium.com/@Joshua_sk/tryhackme-sqlmap-room-06fd30f8a0b1?source=rss------bug_bounty-5Joshua_sktryhackme, cybersecurity, sqlmap, bug-bounty, sql-injection20-Jun-2024
Kraken Faces Extortion Attempt After $3M Bug Exploithttps://medium.com/@whalecrypto/kraken-faces-extortion-attempt-after-3m-bug-exploit-f086f479a4f1?source=rss------bug_bounty-5Crypto Whale Mediumkraken, crypto-hack, blockchain-security, cryptoextortion, bug-bounty20-Jun-2024
Complex Attack Types: Sample Scenarios 21https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-21-e65a13b96002?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, threat-intelligence, bug-bounty, penetration-testing, cybersecurity20-Jun-2024
OAuth Misconfiguration: Preemptive Account Registration Exploitationhttps://mmnahian.medium.com/oauth-misconfiguration-preemptive-account-registration-exploitation-407be50d6037?source=rss------bug_bounty-5mmnahianbug-bounty, information-security, bug-bounty-tips, sso, oauth20-Jun-2024
What is prototype pollution?https://cyberw1ng.medium.com/what-is-prototype-pollution-76694f0db76a?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing20-Jun-2024
Very damn vulnerable government site 2.0https://medium.com/@bl4cksku11/very-damn-vulnerable-government-site-2-0-cf9535cbdb4e?source=rss------bug_bounty-5Bl4cksku11vulnerability, bug-bounty, research, hacking, red-team20-Jun-2024
IF YOU DON.T HAVE money, SELL YOUR CROSS SITE SCRIPTINGhttps://medium.com/@1daytosee/if-you-don-t-have-money-sell-your-cross-site-scripting-dc4b6bdd046f?source=rss------bug_bounty-51day2seexss-attack, bug-bounty, pentesting, selling, hacking20-Jun-2024
Inside the Kraken $3M Hack: What Happened?https://medium.com/@cryptopiannews/inside-the-kraken-3m-hack-what-happened-4a0af98c498e?source=rss------bug_bounty-5Cryptopiannewsbug-bounty, kraken, kraken-3m-hack, cryptopiannews, crypto-hack20-Jun-2024
How Static Analysis Uncovers Hidden Malware Threats !https://medium.com/@paritoshblogs/how-static-analysis-uncovers-hidden-malware-threats-7c62d132f7f8?source=rss------bug_bounty-5Paritoshcybersecurity, malware, bug-bounty, static-malware-analysis, hacking19-Jun-2024
Analyzing a Major Web3 Vulnerability and Its Resolutionhttps://securrtech.medium.com/analyzing-a-major-web3-vulnerability-and-its-resolution-69955d55a0f6?source=rss------bug_bounty-5Securrblockchain, bug-bounty, web3, security, securr19-Jun-2024
29.9 Lab: Remote code execution via server-side prototype pollutionhttps://cyberw1ng.medium.com/29-9-lab-remote-code-execution-via-server-side-prototype-pollution-d5c98bfe3e73?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, cybersecurity, penetration-testing19-Jun-2024
Code Execution Vulnerability in Behave: A Deep Divehttps://medium.com/@piyushbhor22/code-execution-vulnerability-in-behave-a-deep-dive-b8c7431a71f9?source=rss------bug_bounty-5Pisecurity-research, bug-bounty, code-review, cybersecurity, vulnerability-research19-Jun-2024
Mastering Bug Bounty: Tips and Strategies for Successhttps://medium.com/@whitehatcyber404/mastering-bug-bounty-tips-and-strategies-for-success-df27b24f2009?source=rss------bug_bounty-5Cyber_catzbug-bounty-writeup, bugbounty-writeup, bug-bounty-tips, bug-bounty, bugbounty-tips19-Jun-2024
Complex Attack Types: Sample Scenarios 19https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-19-2a39b7806616?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, cybersecurity, bug-bounty, information-technology, penetration-testing19-Jun-2024
The Best Resources for Cybersecurity Pros and Bug Bounty Huntershttps://medium.com/@turvsec/the-best-resources-for-cybersecurity-pros-and-bug-bounty-hunters-f674c2abebb2?source=rss------bug_bounty-5TurvSecpentesting, infosec, bug-bounty, cybersecurity19-Jun-2024
Unlocking the Future of Web Security with the #IBRAHIMXSS Toolhttps://ibrahimxss.medium.com/unlocking-the-future-of-web-security-with-the-ibrahimxss-tool-a33843cdc259?source=rss------bug_bounty-5#IbrahimXSSxss-vulnerability, bug-bounty, xss-attack, hacking, xss-bypass19-Jun-2024
A Place for Cybersecurity and Bug Bounty Content Creators to Shinehttps://medium.com/@turvsec/a-place-for-cybersecurity-and-bug-bounty-content-creators-to-shine-fa0096ce2559?source=rss------bug_bounty-5TurvSecbug-bounty, cybersecurity, infosec19-Jun-2024
Complex Attack Types: Sample Scenarios 20https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-20-f2f9e8f6725e?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, cybersecurity, penetration-testing, bug-bounty, information-technology19-Jun-2024
Mastering Bug Bounty: Tips and Strategies for Successhttps://medium.com/@cyber_catz/mastering-bug-bounty-tips-and-strategies-for-success-df27b24f2009?source=rss------bug_bounty-5cyber_catzbug-bounty-writeup, bugbounty-writeup, bug-bounty-tips, bug-bounty, bugbounty-tips19-Jun-2024
Web App Sec RECON — Black Box Foundations and TTPshttps://medium.com/@meshcode/web-app-sec-recon-black-box-foundations-and-ttps-4bf095b7c004?source=rss------bug_bounty-5Mateusz (meshcode)recon, stealth, web-app-security, infosec, bug-bounty19-Jun-2024
IDOR on HackerOne Embedded Submission Formhttps://medium.com/pinoywhitehat/idor-on-hackerone-embedded-submission-form-9e59c6f044b3?source=rss------bug_bounty-5Japz Divinohacking, pinoywhitehat, infosec, bug-bounty19-Jun-2024
Kraken’s $3 Million Bug Bounty Breach: Ethical Dilemmas and Security Challengeshttps://medium.com/@MiamiCryptoCom/krakens-3-million-bug-bounty-breach-ethical-dilemmas-and-security-challenges-cc459b015fd8?source=rss------bug_bounty-5Miami Cryptocryptocurrency-security, kraken, ethical-hacking, bug-bounty19-Jun-2024
Web App Sec RECON — Black Box Foundations and TTPshttps://medium.com/cyberpower-telenoia/web-app-sec-recon-black-box-foundations-and-ttps-4bf095b7c004?source=rss------bug_bounty-5Mateusz (meshcode)recon, stealth, web-app-security, infosec, bug-bounty19-Jun-2024
Web App Sec RECON — Black Box Foundations and TTPshttps://medium.com/cyberpower-telenoia/web-app-sec-recon-black-box-foundations-and-ttps-4bf095b7c004?source=rss------bug_bounty-5Matty K.recon, stealth, web-app-security, infosec, bug-bounty19-Jun-2024
Unmasking the Invisible Threat: The Ultimate Guide to Malware Analysishttps://medium.com/@paritoshblogs/unmasking-the-invisible-threat-the-ultimate-guide-to-malware-analysis-d287c4d74e7d?source=rss------bug_bounty-5Paritoshmalware-analysis, cybersecurity, information-technology, malware, bug-bounty18-Jun-2024
A Comprehensive Guide to Android App Pentesting for Bug Bounty Hunterhttps://medium.com/@pankajkryadav1/a-comprehensive-guide-to-android-app-pentesting-for-bug-bounty-hunter-ada51e521814?source=rss------bug_bounty-5Pankaj kr Yadavmethodology, bug-bounty, android-pentesting, bug-bounty-tips18-Jun-2024
Exploring the DAO Hack: Lessons Learned for Web3 Securityhttps://securrtech.medium.com/exploring-the-dao-hack-lessons-learned-for-web3-security-08d23984af79?source=rss------bug_bounty-5Securrdao, securr, web3, bug-bounty, web3-security18-Jun-2024
Subdomains Enumeration: Tools, Techniques, and Tipshttps://medium.com/@Kaizen2977/subdomains-enumeration-tools-techniques-and-tips-4d43ea31dc0f?source=rss------bug_bounty-5kapil Chotaliainfosec, penetration-testing, bug-bounty, subdomain, enumeration18-Jun-2024
Intentions HackTheBox Walkthroughhttps://d3athcod3.medium.com/intentions-hackthebox-walkthrough-ad2eb053e224?source=rss------bug_bounty-5D3athCod3cybersecurity, ethical-hacking, development, bug-bounty, hackthebox18-Jun-2024
How I got started in Cyber Security | Getting my first job and How you can too..https://captain-pool.medium.com/how-i-got-started-in-cyber-security-getting-my-first-job-and-how-you-can-too-dc52da614d6d?source=rss------bug_bounty-5Captain Poolweb-app-security, hackthebox, cybersecurity, bug-bounty, hacking18-Jun-2024
Server Access: Admin Panel and RFU Bypasshttps://zvitox.medium.com/server-access-admin-panel-and-rfu-bypass-45af32057a2d?source=rss------bug_bounty-5Mohammad Sadra Naderireport, tips, security, bug-bounty, hacking18-Jun-2024
How ChatGPT Turned Me into a Hackerhttps://medium.com/@jonathanmondaut/how-chatgpt-turned-me-into-a-hacker-7469d5b43026?source=rss------bug_bounty-5Jonathan Mondautbug-bounty, openai, large-language-models, hacking, learning18-Jun-2024
Day 22 of our #CyberQuest1095 Day Challengehttps://d3athcod3.medium.com/day-22-of-our-cyberquest1095-day-challenge-c993ded22604?source=rss------bug_bounty-5D3athCod3bug-bounty, development, cybersecurity, hacking, challenge18-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-5)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-5-efb95db2210b?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-program, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-bounty-hunter18-Jun-2024
Bug Bounty Hunting — Complete Guide (Part -4)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-4-00e815fa8026?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-program, bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty18-Jun-2024
29.8 Lab: Bypassing flawed input filters for server-side prototype pollutionhttps://cyberw1ng.medium.com/29-8-lab-bypassing-flawed-input-filters-for-server-side-prototype-pollution-fa379f811a06?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, careers, bug-bounty, penetration-testing18-Jun-2024
Server Access: Admin Panel and RFU Bypasshttps://zvitox.medium.com/server-access-admin-panel-and-rfu-bypass-45af32057a2d?source=rss------bug_bounty-5Mohammad Sadra Naderi (ZVitoX)report, tips, security, bug-bounty, hacking18-Jun-2024
A Learning Journey: Attempting to Turn a WordPress Theme CVE into a PoChttps://medium.com/@motoko_ayanami/a-learning-journey-attempting-to-turn-a-wordpress-theme-cve-into-a-poc-225cde954493?source=rss------bug_bounty-5Motoko Ayanamiwordpress, wpscan, hacking, bug-bounty18-Jun-2024
Demystifying Bug Bounty Hunting: A Deep Dive into Cybersecurity's Hidden Gemhttps://medium.com/@biswalsandeep594/demystifying-bug-bounty-hunting-a-deep-dive-into-cybersecuritys-hidden-gem-d8ad2d2d7fcb?source=rss------bug_bounty-5Sandeep priyadarshi Biswalbug-bounty, hacking, cryptocurrency, software-engineering, cybersecurity18-Jun-2024
Guide to Using Nucleihttps://medium.com/@learntheshell/guide-to-using-nuclei-9c37869be30e?source=rss------bug_bounty-5LearnTheShellbug-bounty, linux, vulnerability-scanning, cybersecurity18-Jun-2024
Brand-new prototype pollution gadget in MongoDB leading to RCEhttps://medium.com/@vuusale/brand-new-prototype-pollution-gadget-in-mongodb-leading-to-rce-8c5e0087c15e?source=rss------bug_bounty-5Vuusalecybersecurity, vulnerability, bug-bounty, npm17-Jun-2024
Breaking into the VIP Club: A Tale of Parameter Tampering Exploitshttps://systemweakness.com/breaking-into-the-vip-club-a-tale-of-parameter-tampering-exploits-83df7b6b9691?source=rss------bug_bounty-5Jody ritongaweb, bug-bounty, hacking, bugs, bug-bounty-tips17-Jun-2024
Understanding Web3 Bug Bounties: How They Enhance Blockchain Securityhttps://securrtech.medium.com/understanding-web3-bug-bounties-how-they-enhance-blockchain-security-ac9e8361d7cf?source=rss------bug_bounty-5Securrweb3, bug-bounty, hacker, web3bugbounty, security17-Jun-2024
Hunting for Origin IP: A Beginner’s Guidehttps://medium.com/@pruthu.raut/hunting-for-origin-ip-a-beginners-guide-70235f3dd415?source=rss------bug_bounty-5PRUTHU RAUTcyber-security-awareness, bug-bounty, cybersecurity, bug-bounty-tips, bug-hunting17-Jun-2024
29.7 Lab: Detecting server-side prototype pollution without polluted property reflectionhttps://cyberw1ng.medium.com/29-7-lab-detecting-server-side-prototype-pollution-without-polluted-property-reflection-50e36dbe2629?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, bug-bounty, penetration-testing, careers17-Jun-2024
OSINT FOR BUG HUNTERhttps://medium.com/@Progsky/osint-for-bug-hunter-4ae5c700a13a?source=rss------bug_bounty-5Progskyosint, hacking, bug-bounty17-Jun-2024
Cross-Site Scripting via Web Cache Poisoning and WAF bypasshttps://ltsirkov.medium.com/cross-site-scripting-via-web-cache-poisoning-and-waf-bypass-6cb3412d9e11?source=rss------bug_bounty-5Lyubomir Tsirkovbug-bounty, bug-bounty-tips17-Jun-2024
Naabuhttps://medium.com/@roymemory2018/naabu-21c5438e05ae?source=rss------bug_bounty-5Audity Memory Roynaabu, port-scanner, kali-tools, bug-bounty, penetration-testing17-Jun-2024
0xhashimRESETriddle: Vulnerable Web Applicationhttps://medium.com/@hashimamin/0xhashimresetriddle-4f3270411800?source=rss------bug_bounty-5Hashim Aminvulnerability-management, bug-bounty, vulnerability, portswigger, cybersecurity17-Jun-2024
Brand-new prototype pollution gadget in MongoDB leading to RCEhttps://systemweakness.com/brand-new-prototype-pollution-gadget-in-mongodb-leading-to-rce-8c5e0087c15e?source=rss------bug_bounty-5Vuusalecybersecurity, vulnerability, bug-bounty, npm17-Jun-2024
29.6 Lab: Privilege escalation via server-side prototype pollutionhttps://cyberw1ng.medium.com/29-6-lab-privilege-escalation-via-server-side-prototype-pollution-4895762ce7d6?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, penetration-testing, careers, hacking16-Jun-2024
Broken Link Hijackinghttps://medium.com/@saeidmicro/broken-link-hijacking-8ff4808a6cd2?source=rss------bug_bounty-5Saeid Khaterbroken-link-hijacking, bug-bounty, cybersecurity16-Jun-2024
Bug Zero — This month in CyberSecurity (June 1–15)https://blog.bugzero.io/bug-zero-this-month-in-cybersecurity-june-1-15-51c4d918b5ae?source=rss------bug_bounty-5Akila Maithripalacybersecurity, bug-zero, newsletter, bug-bounty16-Jun-2024
Mastering Unauthenticated XSS Detection: Best Burp Suite Configurations for XSS Huntinghttps://medium.com/@mayank_prajapati/mastering-unauthenticated-xss-detection-best-burp-suite-configurations-for-xss-hunting-523d78ecfda8?source=rss------bug_bounty-5Mayank Kumar Prajapatibug-bounty, xss-attack, hunting, hacking, penetration-testing16-Jun-2024
Introducing r3conwhal3: Your Go-To Recon Automation Frameworkhttps://ibrahimtahaistikbal.medium.com/introducing-r3conwhal3-your-go-to-recon-automation-framework-c8840f3a4e0b?source=rss------bug_bounty-5İbrahim Taha İstikbalbug-bounty, security-tool, bug-bounty-tool, penetration-testing, reconnaissance16-Jun-2024
Direct access to admin dashboard via leaked credentialshttps://medium.com/@saeidmicro/direct-access-to-admin-dashboard-via-leaked-credentials-d1ed9bd18edb?source=rss------bug_bounty-5Saeid Khaterbug-bounty, cybersecurity16-Jun-2024
Complex Attack Types: Sample Scenarios 17https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-17-b73b1854ddbd?source=rss------bug_bounty-5Baris Dincercybersecurity, bug-bounty, threat-intelligence, freedomofinternet, penetration-testing16-Jun-2024
Hacking (not only) for Moneyhttps://medium.com/@guce/hacking-not-only-for-money-e71d72ab8c55?source=rss------bug_bounty-5gu cecybersecurity, bug-bounty, bug-bounty-program, vulnerability-assessment16-Jun-2024
Day 20 of Our #CyberQuest1095 Day Challengehttps://d3athcod3.medium.com/day-20-of-our-cyberquest1095-day-challenge-680fbd060cb5?source=rss------bug_bounty-5D3athCod3cybersecurity, challenge, penetration-testing, hacker, bug-bounty16-Jun-2024
Enumeração de subdomínios de diferentes fonteshttps://medium.com/@souzaw/enumera%C3%A7%C3%A3o-de-subdom%C3%ADnios-de-diferentes-fontes-9c67f5bc59e3?source=rss------bug_bounty-5Wagner Souzashell, bug-bounty, pentest, osint16-Jun-2024
Complex Attack Types: Sample Scenarios 18https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-18-efaf527942ba?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, bug-bounty, penetration-testing, information-technology, cybersecurity16-Jun-2024
Secrets in the Wild: Uncovering Hidden Threatshttps://medium.com/@dzianisskliar29/secrets-in-the-wild-uncovering-hidden-threats-9b26bf180d0c?source=rss------bug_bounty-5Dzianis Skliarbug-bounty, cybersecurity, threat-intelligence, penetration-testing16-Jun-2024
Top 10 Search Engines Every Cybersecurity Professional Should Knowhttps://ikhaleelkhan.medium.com/top-10-search-engines-every-cybersecurity-professional-should-know-ad92a80ce5e6?source=rss------bug_bounty-5Khaleel Khanbug-bounty, ethical-hacking, hacking, cybersecurity, infosec15-Jun-2024
[Bounty Weekend] View Any User Design With Simple Path Traversal IDORhttps://medium.com/@rifqihz/bounty-weekend-view-any-user-design-with-simple-path-traversal-idor-5fe0f59f56a6?source=rss------bug_bounty-5Rifqi Hilmy Zhafranthackerone, bug-bounty, broken-access-control15-Jun-2024
[Bounty Weekend] Possible Code Execution With Integration Script Tamperinghttps://medium.com/@rifqihz/bounty-weekend-possible-code-execution-with-integration-script-tampering-f38691e99d4b?source=rss------bug_bounty-5Rifqi Hilmy Zhafranthackerone, bug-bounty, cloud15-Jun-2024
Unveiling the Secret World of Google Dorks: How Hackers Use These Search Tricks to Access Your…https://systemweakness.com/unveiling-the-secret-world-of-google-dorks-how-hackers-use-these-search-tricks-to-access-your-117c53c05705?source=rss------bug_bounty-5Khaleel Khancybersecurity, bug-bounty, infosec, hacking, google15-Jun-2024
Top 10 Search Engines Every Cybersecurity Professional Should Knowhttps://medium.com/the-shaco/top-10-search-engines-every-cybersecurity-professional-should-know-ad92a80ce5e6?source=rss------bug_bounty-5Khaleel Khanbug-bounty, ethical-hacking, hacking, cybersecurity, infosec15-Jun-2024
29.5 Lab: Client-side prototype pollution in third-party librarieshttps://cyberw1ng.medium.com/29-5-lab-client-side-prototype-pollution-in-third-party-libraries-e767b8352862?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, careers, cybersecurity, bug-bounty15-Jun-2024
Intelligence HackTheBox Walkthrough | Active Directoryhttps://d3athcod3.medium.com/intelligence-hackthebox-walkthrough-active-directory-d9cb695201ce?source=rss------bug_bounty-5D3athCod3computer-science, bug-bounty, cybersecurity, hackthebox, hacking15-Jun-2024
Desvendando uma Vulnerabilidade no Single Sign-On do Facebook: Minha Jornada e Recompensa de $3.000https://medium.com/@patrick-mns/desvendando-uma-vulnerabilidade-no-single-sign-on-do-facebook-minha-jornada-e-recompensa-de-3-000-9c1bcd2a9f4d?source=rss------bug_bounty-5Patrick Manoelhackerone, meta, facebook, hacker, bug-bounty15-Jun-2024
Complex Attack Types: Sample Scenarios 16https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-16-2424fcc0af62?source=rss------bug_bounty-5Baris Dincerbug-bounty, information-technology, freedomofinternet, cybersecurity, penetration-testing15-Jun-2024
How I hacked a marriage database: tale of IDORhttps://medium.com/@alimuhammadsecured/how-i-hacked-a-marriage-database-tale-of-idor-b4f951d23aa6?source=rss------bug_bounty-5Alimuhammadsecuredweb-app-security, bug-bounty, penetration-testing, cybersecurity14-Jun-2024
Postmortem a HTTP Requesthttps://medium.com/@RaunakGupta1922/postmortem-a-http-request-9599bb9d994b?source=rss------bug_bounty-5Raunak Gupta Aka Biscuithacking, burpsuite, http-request, web, bug-bounty14-Jun-2024
Bug Bounty Hunting — Complete Guide (Part — 3)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-3-141b7bfa6ed6?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-bounty-hunter, bug-bounty-program14-Jun-2024
Complex Attack Types: Sample Scenarios 15https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-15-44899075e8fd?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, penetration-testing, information-technology, bug-bounty, cybersecurity14-Jun-2024
How I Discovered a Critical Vulnerability in a Message Tracking Systemhttps://adarshkrduaby.medium.com/how-i-discovered-a-critical-vulnerability-in-a-message-tracking-system-590b3518dcb8?source=rss------bug_bounty-5Adarsh Kumarhacking, bug-report, programming, bug-hunting, bug-bounty14-Jun-2024
29.4 Lab: DOM XSS via an alternative prototype pollution vectorhttps://cyberw1ng.medium.com/29-4-lab-dom-xss-via-an-alternative-prototype-pollution-vector-6ad80e62c8c8?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, hacking, cybersecurity, penetration-testing14-Jun-2024
Discovering Critical Security Vulnerabilities: My Journey into Microsoft’s Release Plans Subdomainhttps://ibrahimxss.medium.com/discovering-critical-security-vulnerabilities-my-journey-into-microsofts-release-plans-subdomain-c47621b2da2d?source=rss------bug_bounty-5#IbrahimXSShtml-injection, microsoft, xss-attack, bug-bounty, stored-xss14-Jun-2024
How i discovered my first CVEhttps://1-day.medium.com/how-i-discovered-my-first-cve-3692fab374ab?source=rss------bug_bounty-51daybug-bounty, bug-bounty-tips, cve, bug-hunting, ethical-hacking14-Jun-2024
Bug bounty: managing disappointment, avoiding burnout and consistent growthhttps://medium.com/@un1tycyb3r/bug-bounty-managing-disappointment-avoiding-burnout-and-consistent-growth-df1e6195ca4e?source=rss------bug_bounty-5Un1tycyb3rbug-bounty14-Jun-2024
Discovering a Reflected XSS Vulnerability: My Journey into Microsoft’s Xbox.comhttps://ibrahimxss.medium.com/discovering-a-reflected-xss-vulnerability-my-journey-into-microsofts-xbox-com-d607751be100?source=rss------bug_bounty-5#IbrahimXSSbug-bounty, xss-attack, microsoft, xss-vulnerability, xbox14-Jun-2024
Discovering 10 XSS Vulnerabilities: My Journey into Microsoft’s Support Platformshttps://ibrahimxss.medium.com/discovering-10-xss-vulnerabilities-my-journey-into-microsofts-support-platforms-b19c4e520c90?source=rss------bug_bounty-5#IbrahimXSSxss-attack, xss-filter-bypass, microsoft, bug-bounty, xss-vulnerability14-Jun-2024
Discovering Critical Security Vulnerabilities: My Journey into Microsoft’s Tech Community Portalhttps://ibrahimxss.medium.com/discovering-critical-security-vulnerabilities-my-journey-into-microsofts-tech-community-portal-068505cd4316?source=rss------bug_bounty-5#IbrahimXSSxss-attack, microsoft, bug-bounty, xss-bypass, xss-vulnerability14-Jun-2024
Discovering Critical Security Vulnerabilities: My Journey into Microsoft’s Power Apps Portalhttps://ibrahimxss.medium.com/discovering-critical-security-vulnerabilities-my-journey-into-microsofts-power-apps-portal-86e28311448e?source=rss------bug_bounty-5#IbrahimXSSxss-attack, xss-vulnerability, bug-bounty, microsoft, xss-filter-bypass14-Jun-2024
Discovering a Reflected XSS Filter Bypass: My Journey into Microsoft’s Support UAT Subdomainhttps://ibrahimxss.medium.com/discovering-a-reflected-xss-filter-bypass-my-journey-into-microsofts-support-uat-subdomain-f9be22d8d795?source=rss------bug_bounty-5#IbrahimXSSmicrosoft, xss-vulnerability, filter-bypass, xss-bypass, bug-bounty14-Jun-2024
Discovering a CRLF Injection Vulnerability: My Journey into the MSRC Blog Websitehttps://ibrahimxss.medium.com/discovering-a-crlf-injection-vulnerability-my-journey-into-the-msrc-blog-website-5285169adddb?source=rss------bug_bounty-5#IbrahimXSSbug-bounty, microsoft, xss-attack, crlf-injection14-Jun-2024
Discovering a Critical Security Vulnerability: My Journey into Microsoft’s Lists Subdomainhttps://ibrahimxss.medium.com/discovering-a-critical-security-vulnerability-my-journey-into-microsofts-lists-subdomain-f3e95ce68929?source=rss------bug_bounty-5#IbrahimXSSbug-bounty, xss-bypass, microsoft, xss-attack, xss-vulnerability14-Jun-2024
List of Easy P4 $$$$https://medium.com/@anonymoustriager/list-of-easy-p4-85ffb9d493ed?source=rss------bug_bounty-5Anonymous Triagerhacking, bugbounty-tips, easy-money, bugbounty-writeup, bug-bounty13-Jun-2024
ICMTC CTF 2023 — International Competition of the Military Technical Collegehttps://0xm4r5h4l.medium.com/icmtc-ctf-2023-international-competition-of-the-military-technical-college-65788f3c01a0?source=rss------bug_bounty-50xM4r5h4lctf-writeup, bug-bounty, ctf, ctf-walkthrough, cybersecurity13-Jun-2024
The Best Games for Practicing Game Hackinghttps://medium.com/@MrRipperoni/the-best-games-for-practicing-game-hacking-baba13493db8?source=rss------bug_bounty-5Mr.Ripperonibug-bounty, reverse-engineering, hacking, gamehacking, coding13-Jun-2024
Path Traversal and RCE in Online Compilershttps://medium.com/@amal_n47h/path-traversal-and-rce-in-online-compilers-454a446effca?source=rss------bug_bounty-5Amal Nathrce, online-compiler, bug-bounty, path-traversal, vulnerability13-Jun-2024
Hacking Using Shodanhttps://medium.com/@umarhere4u/hacking-using-shodan-3c4d46df81df?source=rss------bug_bounty-5Mohammad Umar Kachishodan, cybersecurity, bug-bounty, tips, search-engine-optimizati13-Jun-2024
Understanding and Mitigating Cross-Site Request Forgery (CSRF)https://medium.com/technology-hits/understanding-and-mitigating-cross-site-request-forgery-csrf-399d26627e60?source=rss------bug_bounty-5Yeu Lind Yeoweb-security, csrf, cybersecurity-awareness, bug-bounty, hacker13-Jun-2024
Stealing credentials using XSS (xss on login page) Your password my password .https://medium.com/@brutal_panda/stealing-credentials-using-xss-xss-on-login-page-your-password-my-password-059354240801?source=rss------bug_bounty-5Eliezer Binyambug-bounty13-Jun-2024
Interview with Georgi Krastenov: Diving Deep into Web3 Securityhttps://web3-bug-bounty-platform.medium.com/interview-with-georgi-krastenov-diving-deep-into-web3-security-f6fae1f290f1?source=rss------bug_bounty-5Bug Bounty Platformsecurity-audit, web3, bug-bounty, cybersecurity13-Jun-2024
Finding the newest and top-rated cybersecurity tools and content.https://medium.com/@turvsec/finding-the-newest-and-top-rated-cybersecurity-tools-and-content-a06c9cb54e41?source=rss------bug_bounty-5TurvSecpentesting, bug-bounty, cybersecurity, infosec13-Jun-2024
Direct SSRF Leads to Exposing GitHub Codespaces Sensitive Metadata Instance on Azure Cloudhttps://ph-hitachi.medium.com/direct-ssrf-leads-to-exposing-github-codespaces-sensitive-metadata-instance-on-azure-cloud-eb8ac4f076b1?source=rss------bug_bounty-5Ph.Hitachissrf, bug-bounty, tips-and-tricks, metadata13-Jun-2024
Hata Ödül Programları: Dış Kaynak Kullanımı Projenize Nasıl Yardımcı Olabilir?https://medium.com/@integriteetr/hata-%C3%B6d%C3%BCl-programlar%C4%B1-d%C4%B1%C5%9F-kaynak-kullan%C4%B1m%C4%B1-projenize-nas%C4%B1l-yard%C4%B1mc%C4%B1-olabilir-9e55995ec74a?source=rss------bug_bounty-5Integriteetrbug-bounty, immunefi, blockchain13-Jun-2024
29.3 Lab: Client-side prototype pollution via flawed sanitizationhttps://cyberw1ng.medium.com/29-3-lab-client-side-prototype-pollution-via-flawed-sanitization-ce78a48758fa?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, careers, bug-bounty, hacking13-Jun-2024
Breaking Business Logic — Part: 42–4= 2https://thehemdeep.medium.com/breaking-business-logic-part-42-4-2-d8509ef70436?source=rss------bug_bounty-5Hemdeep Gamitweb-penetration-testing, web-security-testing, web-security, bug-bounty13-Jun-2024
You Won’t Believe What We Found Using Shodan!https://medium.com/@paritoshblogs/you-wont-believe-what-we-found-using-shodan-e796e13417a3?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, information-security, hacking, shodan12-Jun-2024
Using Shodan to Find and Exploit FTP Servers with Anonymous Access: A Step-by-Step Guidehttps://systemweakness.com/using-shodan-to-find-and-exploit-ftp-servers-with-anonymous-access-a-step-by-step-guide-86a5b6e72f75?source=rss------bug_bounty-5Khaleel Khanethical-hacking, pentesting, hacking, bug-bounty, ctf-writeup12-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-2)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-2-ef65d69de157?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-program, bug-bounty, bug-bounty-writeup, bug-bounty-hunter, bug-bounty-tips12-Jun-2024
Hacking the Imaginary: A Journey to Discovering a Blind SSRFhttps://medium.com/@kandar.souvik6/hacking-the-imaginary-a-journey-to-discovering-a-blind-ssrf-657aac60d8d0?source=rss------bug_bounty-5hacker_mightpenetration-testing, server-side-request, ssrf, bug-bounty, imaginaries12-Jun-2024
Securing 10,000+ Restaurants’ Customer PII Datahttps://infosecwriteups.com/securing-10-000-restaurants-customer-pii-data-60013c9b44dc?source=rss------bug_bounty-5Renganathanit-solutions, information-technology, bug-bounty, cybersecurity, bug-bounty-tips12-Jun-2024
29.2 Lab: DOM XSS via client-side prototype pollutionhttps://cyberw1ng.medium.com/29-2-lab-dom-xss-via-client-side-prototype-pollution-ebee89f58933?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, hacking, bug-bounty, penetration-testing12-Jun-2024
ExtPenPy: Accelerate Your Reconnaissance Phase with Easehttps://medium.com/@maliktawfiq12/extpenpy-accelerate-your-reconnaissance-phase-with-ease-e79a164d4f68?source=rss------bug_bounty-5Maliktawfiqcybersecurity, penetration-testing, bug-bounty-tips, bug-bounty, external-pentest12-Jun-2024
Securing 10,000+ Restaurants’ Customer PII Datahttps://renganathanofficial.medium.com/securing-10-000-restaurants-customer-pii-data-60013c9b44dc?source=rss------bug_bounty-5Renganathanit-solutions, information-technology, bug-bounty, cybersecurity, bug-bounty-tips12-Jun-2024
How I get an easy Blind SSRF by just reading writeupshttps://medium.com/@mohamed0xmuslim/how-i-get-an-easy-blind-ssrf-by-just-reading-writeups-a5459bbdf96d?source=rss------bug_bounty-5Muhammad_Mostafabug-bounty, bugbounty-writeup, bug-bounty-tips12-Jun-2024
HackerOne’s Double Standards: A Security Researcher’s Nightmarehttps://medium.com/@redworld/hackerones-double-standards-a-security-researcher-s-nightmare-642be91ca64b?source=rss------bug_bounty-5Redcybersecurity, bug-bounty, hackerone, scam-alert, scam11-Jun-2024
Account Takeover (ATO) Checklisthttps://medium.com/@anonymoustriager/account-takeover-ato-checklist-f67d2543b01f?source=rss------bug_bounty-5Anonymous Triagerbug-bounty-program, bug-bounty-writeup, bugbounty-tips, bugbounty-poc, bug-bounty11-Jun-2024
BBB #2 — Introducing Daneelhttps://medium.com/@JakobTheDev/bbb-2-introducing-daneel-69a391294654?source=rss------bug_bounty-5Jakob Penningtonsoftware-development, bug-bounty11-Jun-2024
How I found OpenHAB Automation Panels Accessible Without Authenticationhttps://medium.com/@jeetpal2007/how-i-found-openhab-automation-panels-accessible-without-authentication-d9edbb3280fd?source=rss------bug_bounty-5JEETPALbug-bounty-writeup, bug-bounty, authentication-bypass, bugbounty-tips, openhab-panel11-Jun-2024
How to exploit CVE-2024–24919 path traversalhttps://medium.com/@jeetpal2007/how-to-exploit-cve-2024-24919-path-traversal-5493c50d2581?source=rss------bug_bounty-5JEETPALbug-bounty, bug-bounty-writeup, bug-bounty-tips, path-traversal, cve-2024-2491911-Jun-2024
Forensic Investigation Operations — Basic Linux File System Analysishttps://medium.com/@brsdncr/forensic-investigation-operations-basic-linux-file-system-analysis-52025d7b2ec2?source=rss------bug_bounty-5Baris Dincerforensics, penetration-testing, bug-bounty, freedomofinternet, cybersecurity11-Jun-2024
1250 $ For 3 Stored XSS AND PII Disclosure , Let’s See How FIS Scammed Me AND Bugcrowd Covered It…https://medium.com/@0xAwali/1250-for-3-stored-xss-and-pii-disclosure-lets-see-how-fis-scammed-me-and-bugcrowd-covered-it-8561d9ce57b5?source=rss------bug_bounty-5Mahmoud M. Awalibug-bounty11-Jun-2024
Explaining the OWASP ZAP Proxy & Burp Suite tool in one video in just one hourhttps://gentilsecurity.medium.com/explaining-the-owasp-zap-proxy-burp-suite-tool-in-one-video-in-just-one-hour-537bd7801134?source=rss------bug_bounty-5GenTiLowaspzap, automation-testing, burpsuite, penetration-testing, bug-bounty11-Jun-2024
شرح اداة OWASP ZAP Proxy & Burp Suite في فيديو واحد في ساعة واحدة فقطhttps://gentilsecurity.medium.com/%D8%B4%D8%B1%D8%AD-%D8%A7%D8%AF%D8%A7%D8%A9-owasp-zap-proxy-burp-suite-%D9%81%D9%8A-%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%88%D8%A7%D8%AD%D8%AF-%D9%81%D9%8A-%D8%B3%D8%A7%D8%B9%D8%A9-%D9%88%D8%A7%D8%AD%D8%AF%D8%A9-%D9%81%D9%82%D8%B7-4e4c5e1142bf?source=rss------bug_bounty-5GenTiLowaspzap, automation-testing, bug-bounty, penetration-testing, burpsuite11-Jun-2024
29.1 Lab: Client-side prototype pollution via browser APIshttps://cyberw1ng.medium.com/29-1-lab-client-side-prototype-pollution-via-browser-apis-642e91b8159d?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, penetration-testing, cybersecurity11-Jun-2024
Uncovering Hidden Web Content with ffufhttps://medium.com/@umang.gulati19/uncovering-hidden-web-content-with-ffuf-55d29b21e627?source=rss------bug_bounty-5Math and Codecybersecurity, bug-bounty, webfuzzing, web-security, infosec11-Jun-2024
OWASP Mobile Top 10 for Android Penetration Testing and Checklisthttps://medium.com/@phyowathone/owasp-mobile-top-10-52987725a12c?source=rss------bug_bounty-5Phyo WaThone Winbug-bounty, bug-bounty-tips, androidhacking, android-security, android-pentesting-series11-Jun-2024
Understand the world of Bug Bountyhttps://medium.com/@hydd3n.sec/understand-the-world-of-bug-bounty-595c99b6782d?source=rss------bug_bounty-5Hydd3nmindset, bug-bounty, infosec, goals10-Jun-2024
Automation Tool for Easy P4https://medium.com/@anonymoustriager/automation-tool-for-easy-p4-c159bcae0cf2?source=rss------bug_bounty-5Anonymous Triagerbugbounty-tips, bug-bounty-program, hacking, bug-bounty, bugbounty-writeup10-Jun-2024
28.5 Lab: Server-side template injection with information disclosure via user-supplied objectshttps://cyberw1ng.medium.com/28-5-lab-server-side-template-injection-with-information-disclosure-via-user-supplied-objects-bbb18def43e1?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, hacking, careers, penetration-testing10-Jun-2024
Communication and Network Securityhttps://medium.com/@paritoshblogs/communication-and-network-security-bb6c5558aa51?source=rss------bug_bounty-5Paritoshcybersecurity, communication, bug-bounty, network-security, hacking10-Jun-2024
Top 10 Cybersecurity Vulnerabilities and it’s Mitigation Methodshttps://securrtech.medium.com/top-10-cybersecurity-vulnerabilities-and-its-mitigation-methods-0a5d75aceb34?source=rss------bug_bounty-5Securrbug-bounty, cybersecurity, xss-attack, hacking, vulnerability10-Jun-2024
Become a White Hat: Your Guide to Learning Ethical Hackinghttps://medium.com/@itsamanyadav/become-a-white-hat-your-guide-to-learning-ethical-hacking-022842c49eec?source=rss------bug_bounty-5Its Aman Yadavhacker, cybersecurity, hacking, learn-ethical-hacking, bug-bounty10-Jun-2024
Why Bad Reviews Can Kill Your Softwarehttps://medium.com/@joseph_52850/why-bad-reviews-can-kill-your-software-928f4af30a53?source=rss------bug_bounty-5Joseph Lacsamanasoftware-testing, software-development, bug-bounty, software-company, software-engineering10-Jun-2024
I reported Zero-Day (CVE-2024–24919) … and got informative.https://systemweakness.com/i-reported-zero-day-cve-2024-24919-and-got-informative-25409fac9765?source=rss------bug_bounty-5Sumedh Dawadicve-2024-24919, recon, hacking, zero-day-vulnerability, bug-bounty10-Jun-2024
POC — CVE-2024–4956 -Unauthenticated Path Traversalhttps://medium.com/@verylazytech/poc-cve-2024-4956-unauthenticated-path-traversal-f24b1a595e0e?source=rss------bug_bounty-5Very Lazy Techhacking, bug-bounty, cve-2023-4966, vulnerability, cybersecurity10-Jun-2024
Bug Bounty Programs: How Outsourcing Can Help Your Projecthttps://medium.com/integritee/bug-bounty-programs-how-outsourcing-can-help-your-project-644539de575a?source=rss------bug_bounty-5Integritee Networkblockchain, bug-bounty, immunefi10-Jun-2024
How I Found My First Bug Through Simple Fuzzinghttps://medium.com/@hashimamin/how-i-found-my-first-bug-through-simple-fuzzing-c7d694a59a6b?source=rss------bug_bounty-5Hashim Aminbugbounty-writeup, bug-bounty-tips, bugcrowd, bug-bounty, infosec10-Jun-2024
Bug Bounty Hunting — Complete Guide (Part -1)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-1-21a87e35fdfa?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter, bug-bounty, hacking09-Jun-2024
How to Identify Vulnerable Hikvision Devices (IoT) to CVE-2017–7921https://blog.bugzero.io/how-to-identify-vulnerable-hikvision-devices-iot-to-cve-2017-7921-88b294645687?source=rss------bug_bounty-5Kawya De Silvahikvison-cameras, security-alert, cybersecurity, bug-zero, bug-bounty09-Jun-2024
How to Become a Hacker in 2024: A Comprehensive Guidehttps://medium.com/@itsamanyadav/how-to-become-a-hacker-in-2024-a-comprehensive-guide-9bae6cfa6b15?source=rss------bug_bounty-5Its Aman Yadavbug-bounty, become-a-hacker, hacker-in-2024, how-to-be-a-hacker, hacking-courses09-Jun-2024
Discovering a vulnerability in HackerOnehttps://medium.com/@loaymorad11/discovering-a-vulnerability-in-hackerone-00bbfc438d90?source=rss------bug_bounty-5Loaymoradpenetration-testing, hackerone, bug-bounty, cybersecurity09-Jun-2024
Advanced Exploitation Techniques for Bug Bounty: Beyond the Basicshttps://medium.com/@verylazytech/advanced-exploitation-techniques-for-bug-bounty-beyond-the-basics-2ee9cbc12773?source=rss------bug_bounty-5Very Lazy Techcyber, hacking, cybersecurity, bug-bounty, exploit09-Jun-2024
28.4 Lab: Server-side template injection in an unknown language with a documented exploithttps://cyberw1ng.medium.com/28-4-lab-server-side-template-injection-in-an-unknown-language-with-a-documented-exploit-df988ccf6277?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, penetration-testing, cybersecurity, bug-bounty09-Jun-2024
Complex Attack Types: Sample Scenarios 13https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-13-8a5008c396db?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, bug-bounty, cybersecurity, threat-intelligence, penetration-testing09-Jun-2024
STRIPE API-Key Disclosure to Bountyhttps://starlox.medium.com/stripe-api-key-disclosure-to-bounty-239d069f2455?source=rss------bug_bounty-5#$ubh@nk@rbug-bounty, hacking, infosec, bug-hunting, information-disclosure09-Jun-2024
HOW I HACKED NASA?https://infosecwriteups.com/how-i-hacked-nasa-0715b6b5d7b8?source=rss------bug_bounty-5Krishnadev P Melevilabug-bounty, hallof-fame, vdp, cybersecurity, nasa09-Jun-2024
Day 13 of Our #CyberQuest1095 Challenge — Rust, Hack The Box, and Active Directory Adventures!https://d3athcod3.medium.com/day-13-of-our-cyberquest1095-challenge-rust-hack-the-box-and-active-directory-adventures-442cd2c48f41?source=rss------bug_bounty-5D3athCod3bug-bounty, challenge, hacking, cybersecurity, cyberquest109509-Jun-2024
Walk-Through of Bepractical.tech lab #4https://medium.com/@ross.jubert/walk-through-of-bepractical-tech-lab-4-bd4a96dc56bd?source=rss------bug_bounty-5Ross Jubertbug-bounty, red-team, account-takeover, ethical-hacking, account-takeover-attacks09-Jun-2024
The Ultimate Guide to Chaining Bugs: How I Found a Reverse Shell in a Bug Bounty Programhttps://b0mk35h.medium.com/the-ultimate-guide-to-chaining-bugs-how-i-found-a-reverse-shell-in-a-bug-bounty-program-9dca54c20674?source=rss------bug_bounty-5Pronay Biswasethical-hacking, hunting, bug-bounty, cyberse, xss-attack09-Jun-2024
How to preform recon in Bug Bounty?https://systemweakness.com/how-to-preform-recon-in-bug-bounty-8d37a1fd262f?source=rss------bug_bounty-5Imad Husanovicprogramming, cybersecurity, hacking, bug-bounty-tips, bug-bounty09-Jun-2024
ʟᴀɴᴢᴀᴍɪᴇɴᴛᴏ ɪɴᴄᴇɴᴛɪᴠᴀᴅᴏ ᴅᴇ ᴛᴇsᴛɴᴇᴛhttps://medium.com/@Tallomania/%CA%9F%E1%B4%80%C9%B4%E1%B4%A2%E1%B4%80%E1%B4%8D%C9%AA%E1%B4%87%C9%B4%E1%B4%9B%E1%B4%8F-%C9%AA%C9%B4%E1%B4%84%E1%B4%87%C9%B4%E1%B4%9B%C9%AA%E1%B4%A0%E1%B4%80%E1%B4%85%E1%B4%8F-%E1%B4%85%E1%B4%87-%E1%B4%9B%E1%B4%87s%E1%B4%9B%C9%B4%E1%B4%87%E1%B4%9B-df0c7d1e77cd?source=rss------bug_bounty-5Ay Zedrewards, testnet, bug-bounty, ai09-Jun-2024
[Bounty Weekend] Disable Any Customer Ability To Create Service Account With Business Logic…https://medium.com/@rifqihz/bounty-weekend-disable-any-customer-ability-to-create-service-account-with-business-logic-b83baa893b4d?source=rss------bug_bounty-5Rifqi Hilmy Zhafrantbug-bounty-tips, penetration-testing, hackerone, bug-bounty08-Jun-2024
[Bounty Weekend] CTF Level XSS in a Real-World Applicationhttps://medium.com/@rifqihz/bounty-weekend-ctf-level-xss-in-a-real-world-application-7a9278bc7018?source=rss------bug_bounty-5Rifqi Hilmy Zhafranthackerone, penetration-testing, bug-bounty-tips, bug-bounty08-Jun-2024
How to Find Bugs and Get Bucks: 2024 Editionhttps://medium.com/@itsamanyadav/how-to-find-bugs-and-get-bucks-2024-edition-776c5b098b3e?source=rss------bug_bounty-5Its Aman Yadavbug-bounty, how-to-find-bug, 2024, how-to-be-a-hacker, hacking08-Jun-2024
Capturing Android App Traffic via Wireshark - Android Pentestinghttps://medium.com/@phyowathone/capturing-android-app-traffic-via-wireshark-android-pentesting-d0ee1539089f?source=rss------bug_bounty-5Phyo WaThone Wincybersecurity, android-pentesting, bug-bounty-hunting, pentesting, bug-bounty08-Jun-2024
28.3 Lab: Server-side template injection using documentationhttps://cyberw1ng.medium.com/28-3-lab-server-side-template-injection-using-documentation-3e8f761b0ca8?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, cybersecurity, penetration-testing08-Jun-2024
Day 12 of Our #CyberQuest1095 Day Challengehttps://d3athcod3.medium.com/day-12-of-our-cyberquest1095-day-challenge-977225c7ce97?source=rss------bug_bounty-5D3athCod3cyberquest1095, security, cybersecurity, hacking, bug-bounty08-Jun-2024
Abusing auto mail responders to access internal workplaceshttps://rikeshbaniya.medium.com/abusing-auto-mail-responders-to-access-internal-workplaces-04fcc8ba2c99?source=rss------bug_bounty-5Rikesh Baniyabounties, pentest, hackerone, bounty-reward, bug-bounty08-Jun-2024
POV HTB Writeuphttps://medium.com/@damaidec/pov-htb-writeup-becf386c6dc0?source=rss------bug_bounty-5Damaidechacking, ethical-hacking, bug-bounty, hackthebox, ctf-writeup08-Jun-2024
Super Blind SQL Injection- $20000 bounty | Thousands of targets still vulnerablehttps://medium.com/@pranshux0x/super-blind-sql-injection-20000-bounty-thousands-of-targets-still-vulnerable-f9b013765448?source=rss------bug_bounty-5priyanshu shakyabug-bounty08-Jun-2024
Create Your Own Public-Private Key Pair in Just 5 Minutes! (Cybersecurity)https://medium.com/@paritoshblogs/create-your-own-public-private-key-pair-in-just-5-minutes-cybersecurity-535038665ad9?source=rss------bug_bounty-5Paritoshhacking, keys, cryptography, cybersecurity, bug-bounty08-Jun-2024
Vulnerable WordPress May 2024 (Leylan)https://medium.com/@onhexgroup/vulnerable-wordpress-may-2024-leylan-bd429d56d300?source=rss------bug_bounty-5Onhexgroupwordpress-security, infosec, wordpress, bug-bounty, web-security08-Jun-2024
Cracking the Code: How Cryptography Safeguards Your Digital Worldhttps://medium.com/@paritoshblogs/cracking-the-code-how-cryptography-safeguards-your-digital-world-c1c1887c84ae?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, cryptography, hacking, cybersecurity07-Jun-2024
I got my First Bounty $$$ after three years of hard workhttps://medium.com/@mr_ayyan/i-got-my-first-bounty-after-three-years-of-hard-work-856c43bbb6c1?source=rss------bug_bounty-5Mrayyanirfanbounty-program, rewards-programs, vulnerability, bug-bounty, first-bounty07-Jun-2024
JS for Bug Bounties 2.0 Extreme Edition 2024https://kongsec.medium.com/js-for-bug-bounties-2-0-extreme-edition-2024-f167fa48276a?source=rss------bug_bounty-5Kongsecrecon, bugcrowd, hackerone, javascript, bug-bounty07-Jun-2024
28.2 Lab: Basic server-side template injection (code context)https://cyberw1ng.medium.com/28-2-lab-basic-server-side-template-injection-code-context-2a927ed117e6?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, bug-bounty, penetration-testing, hacking07-Jun-2024
Simulating a Ransomware Attack with Caldera.https://medium.com/@josh.beck2006/simulating-a-ransomware-attack-with-caldera-3d77d0cb95d2?source=rss------bug_bounty-5Josh Beckcybersecurity, penetration-testing, ctf, bug-bounty07-Jun-2024
Hacking Porn and Dating sites — a Theme Based Bugbounty Huntinghttps://medium.com/@nithissh/hacking-porn-and-dating-sites-a-theme-based-bugbounty-hunting-d024b8137bc7?source=rss------bug_bounty-5Nithisshbugbounty-writeup, research, bug-bounty07-Jun-2024
Complex Attack Types: Sample Scenarios 12https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-12-0d93a70ee8f4?source=rss------bug_bounty-5Baris Dincercybersecurity, freedomofinternet, bug-bounty, penetration-testing, threat-intelligence07-Jun-2024
Another Easy P4 you miss!!!https://medium.com/@anonymoustriager/another-easy-p4-you-miss-dcadf65adbcb?source=rss------bug_bounty-5Anonymous Triagerbugbounty-poc, bugs, bug-bounty, bug-bounty-tips, bug-bounty-hunter06-Jun-2024
Unlock Any PC Remotely with Just an Image: The Ultimate VNC Hack!https://medium.com/@paritoshblogs/unlock-any-pc-remotely-with-just-an-image-the-ultimate-vnc-hack-a92b22637094?source=rss------bug_bounty-5Paritoshcybersecurity, remote-working, hacking, vnc, bug-bounty06-Jun-2024
The only recon methodology you need.https://an0nbil.medium.com/the-only-recon-methodology-you-need-cf6c3aff1af1?source=rss------bug_bounty-5an0nbilethical-hacking, bug-bounty, bug-bounty-tips, reconnaissance, programming06-Jun-2024
Decimal x Securrhttps://decimalchain.medium.com/decimal-x-securr-96114c277d70?source=rss------bug_bounty-5DecimalChainbug-bounty, decimal, securr06-Jun-2024
Scope Sentry is a tool with functions such as asset mapping…https://medium.com/@Autumn52/scope-sentry-is-a-tool-with-functions-such-as-asset-mapping-fe0af70ace0a?source=rss------bug_bounty-5Autumnhacker, hackathons, bug-bounty, tools, bug-bounty-tips06-Jun-2024
Securing the Future: Understanding Vulnerabilities in Large Language Modelshttps://medium.com/@tusharsaini484/securing-the-future-understanding-vulnerabilities-in-large-language-models-13bbfeac95cf?source=rss------bug_bounty-5Tushar Sainiblog, artificial-intelligence, bug-bounty, large-language-models, cybersecurity06-Jun-2024
Bug bounty — Cybersecurity subcontractor exposes business data to other customershttps://theclemvp.medium.com/bug-bounty-cybersecurity-subcontractor-exposes-business-data-to-other-customers-d8e1a011ff4b?source=rss------bug_bounty-5Clémentcybersecurity, bug-bounty06-Jun-2024
28.1 Lab: Basic Server-side template injectionhttps://cyberw1ng.medium.com/28-1-lab-basic-server-side-template-injection-0744f96c74b8?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, hacking, careers, penetration-testing06-Jun-2024
Understanding Cybersecurity : Keeping Our Digital World Safehttps://adnancodestech.medium.com/understanding-cybersecurity-keeping-our-digital-world-safe-1abdd2876a7c?source=rss------bug_bounty-5Cryptifycybersecurity, penetration-testing, bug-bounty-tips, bug-bounty, pentesting06-Jun-2024
Getting started with Bug Bountyhttps://securrtech.medium.com/getting-started-with-bug-bounty-8fd72650184f?source=rss------bug_bounty-5Securrweb3, cybersecurity, ai, bug-bounty, learn06-Jun-2024
Discovering a Critical Vulnerability in application : The Journey of an Accidental Adminhttps://adarshkrduaby.medium.com/discovering-a-critical-vulnerability-in-application-the-journey-of-an-accidental-admin-1aebe9d31e09?source=rss------bug_bounty-5Adarsh Kumarbug-zero, cyber-security-research, critical-vulnerabilities, securityflaw, bug-bounty06-Jun-2024
Stored XSS to Account Takeover (AWS Cognito)https://medium.com/@majix_de/stored-xss-to-account-takeover-aws-cognito-c5f76f04befe?source=rss------bug_bounty-5Majixcybersecurity, account-takeover, pentest, bug-bounty, cognito06-Jun-2024
Easy Latest Critical Severity?https://medium.com/@anonymoustriager/easy-latest-critical-severity-fc9413d57d80?source=rss------bug_bounty-5Anonymous Triagerhacking, bug-bounty, bug-bounty-tips, bugbounty-writeup, bug-bounty-program05-Jun-2024
Active Directory Red Teaming: A Comprehensive Guidehttps://medium.com/@paritoshblogs/active-directory-red-teaming-a-comprehensive-guide-06b1f008d0d4?source=rss------bug_bounty-5Paritoshbug-bounty, cybersecurity, hacking, information-technology, active-directory05-Jun-2024
EMPIRE CTF: LUPINONE VulnHub Walkthrough | Writeuphttps://shamsulmehmood.medium.com/empire-ctf-lupinone-vulnhub-walkthrough-writeup-bea8558ea03b?source=rss------bug_bounty-5SHAMS UL MEHMOODbug-bounty, pentesting, cybersecurity, machine-learning, hacking05-Jun-2024
Master Bug Bounty Hunting: Your Comprehensive Bug Bounty Course in Hindihttps://medium.com/@marketing_94387/master-bug-bounty-hunting-your-comprehensive-bug-bounty-course-in-hindi-ab990527f9b0?source=rss------bug_bounty-5Skilcamponline-learning-platform, bug-bounty-tips, skilcamp, bug-bounty05-Jun-2024
27.5 Lab: DOM-based cookie manipulationhttps://cyberw1ng.medium.com/27-5-lab-dom-based-cookie-manipulation-b939af57ef06?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, careers, hacking05-Jun-2024
SmartAuditor.AI and new ChatGPT bot for auditshttps://medium.com/@bugbountydegen/smartauditor-ai-and-new-chatgpt-bot-for-audits-a8361ec7f52d?source=rss------bug_bounty-5Bug Bounty Degenopenai, smart-contracts, bug-bounty, cybersecurity, chatgpt05-Jun-2024
CVE-2024–4358 Critical Flaw Found in Progress Telerik Report Serverhttps://medium.com/@arafatx90n/cve-2024-4358-critical-flaw-found-in-progress-telerik-report-server-0f379f844819?source=rss------bug_bounty-5ARAFATethical-hacking, bug-bounty, cybersecurity05-Jun-2024
Insecure Firebase Unauthorized Write Access on Crypto Exchange Bug Bountyhttps://scr1pty.medium.com/insecure-firebase-unauthorized-write-access-on-crypto-exchange-bug-bounty-9e9187b627b1?source=rss------bug_bounty-5Scr1ptypenetration-testing, bug-bounty-tips, crypto, bug-bounty, security05-Jun-2024
Another Easy P4?https://medium.com/@anonymoustriager/another-easy-p4-ceaa67ef7e52?source=rss------bug_bounty-5Anonymous Triagerbugbounty-writeup, bug-bounty-tips, bug-bounty-program, cybersecurity, bug-bounty05-Jun-2024
CVE-2024–4956: UNAUTHENTICATED PATH TRAVERSAL IN NEXUS REPOSITORY MANAGER 3https://codewithvamp.medium.com/cve-2024-4956-unauthenticated-path-traversal-in-nexus-repository-manager-3-b4e811ad7e37?source=rss------bug_bounty-5Vaibhav Kumar Srivastavabug-bounty, cve, coding, hacking, cybersecurity05-Jun-2024
Easiest P4?https://medium.com/@anonymoustriager/easiest-p4-feb9e9302562?source=rss------bug_bounty-5Anonymous Triagerbug-bounty-tips, hacking, swag, bounty-program, bug-bounty04-Jun-2024
My report on using lubuntu 24.04https://ariedwikusuma9.medium.com/my-report-on-using-lubuntu-24-04-3040bbdb9bab?source=rss------bug_bounty-5Ariekusumabug-bounty, ubuntu, wireguard, lubuntu, linux04-Jun-2024
The Chronicle Protocol Bug Bounty is Livehttps://medium.com/@ChronicleProtocol/the-chronicle-protocol-bug-bounty-is-live-05b5332e6c76?source=rss------bug_bounty-5Chronicle Protocoloracle, bug-bounty, blockchain, cantina, chronicle-protocol04-Jun-2024
Hacking Android Apps: A Comprehensive Guidehttps://medium.com/@roguepayload/hacking-android-apps-a-comprehensive-guide-9905c075021f?source=rss------bug_bounty-5Rogue Payloadhacking, bug-bounty-tips, pentesting, android, bug-bounty04-Jun-2024
27.4 Lab: DOM-based open redirectionhttps://cyberw1ng.medium.com/27-4-lab-dom-based-open-redirection-e00e760c9046?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, hacking, penetration-testing, bug-bounty04-Jun-2024
How We Got $$$$$ For a Blind Stored XSS To ATOhttps://medium.com/@shari7a0x/how-we-got-for-a-blind-stored-xss-to-ato-2e9b939055ec?source=rss------bug_bounty-5Shari7a0xbugs, hackerone, bug-bounty-tips, bug-bounty, xss-attack04-Jun-2024
Exposing Login Page Vulnerabilities with Time-Based SQL Injectionhttps://medium.com/@sachinkewat809/exposing-login-page-vulnerabilities-with-time-based-sql-injection-694a04911e93?source=rss------bug_bounty-5Sachin kewatbug-bounty-tips, cybersecurity, penetration-testing, bug-bounty, security03-Jun-2024
How I Got My First €€€€ Bountyhttps://machiavellli.medium.com/how-i-got-my-first-bounty-65ad8a1763de?source=rss------bug_bounty-5Machiavellicybersecurity, bug-bounty, information-security03-Jun-2024
Earning Your First $1000 as a Cybersecurity Researcher, Hacker, or Hunterhttps://securrtech.medium.com/earning-your-first-1000-as-a-cybersecurity-researcher-hacker-or-hunter-8532bcaa48b6?source=rss------bug_bounty-5Securrdollar, cyber-security-awareness, earn, bug-bounty, web-development03-Jun-2024
My First Finding Bug on a Bugcrowd BBPhttps://medium.com/@bhuiyanaman71/my-first-bug-on-a-bbp-fdd512307284?source=rss------bug_bounty-5Aman Bhuiyanxss-vulnerability, bug-bounty, hacking, injection03-Jun-2024
27.2 Lab: DOM XSS using web messages and JSON.parsehttps://cyberw1ng.medium.com/27-2-lab-dom-xss-using-web-messages-and-json-parse-79dbe4290efb?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, hacking, bug-bounty, careers03-Jun-2024
Hack and Pay Later: Bypassing Online Payment Methodhttps://medium.com/@tirqwork1/hack-and-pay-later-bypassing-online-payment-method-8b366e0dc7ee?source=rss------bug_bounty-5ARoybug-bounty, cybersecurity, bugbounty-writeup, payment-gateway, infosec03-Jun-2024
27.3 Lab: DOM XSS using web messages and JSON.parsehttps://cyberw1ng.medium.com/27-2-lab-dom-xss-using-web-messages-and-json-parse-79dbe4290efb?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, hacking, bug-bounty, careers03-Jun-2024
UPI Recon | Scammed on Instagram /Telegram?https://medium.com/@anonymoustriager/upi-recon-scammed-on-instagram-telegram-3713f9dd77cd?source=rss------bug_bounty-5Anonymous Triagerhacker, telegram, recon, cybersecurity, bug-bounty02-Jun-2024
Bug Zero — 2 Weeks in Cybersecurity (May 15–31)https://blog.bugzero.io/bug-zero-2-weeks-in-cybersecurity-may-15-31-dbc07d60dfe5?source=rss------bug_bounty-5Akila Maithripalabug-zero, sri-lanka, cybersecurity, bug-bounty02-Jun-2024
BBB #1 — Back Hackinghttps://medium.com/@JakobTheDev/bbb-1-back-hacking-acafd03d7d4e?source=rss------bug_bounty-5Jakob Penningtonbug-bounty, application-security, hacking02-Jun-2024
27.2 Lab: DOM XSS using web messages and a JavaScript URLhttps://cyberw1ng.medium.com/27-2-lab-dom-xss-using-web-messages-and-a-javascript-url-3d29822c295d?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing02-Jun-2024
A simple IDOR worth $400.https://el-cezeri.medium.com/a-simple-idor-worth-400-65663937a5f4?source=rss------bug_bounty-5Samet Yiğitbugbounty-tips, bug-bounty, ödülavcılığı02-Jun-2024
Mastering Sway-Analyzerhttps://medium.com/@angelos404/mastering-sway-analyzer-27379d7903db?source=rss------bug_bounty-5angelos404smart-contracts, web3, blockchain, bug-bounty, sway02-Jun-2024
Easy $$$$ Bounty for leaked token in java script urlhttps://medium.com/@eslammonex/easy-bounty-for-leaked-token-in-java-script-url-5491cf567328?source=rss------bug_bounty-5EslamMonexbug-bounty02-Jun-2024
How To Escalate P5 Email HTML Injection to P4.https://medium.com/@Ajakcybersecurity/how-to-escalate-p5-email-html-injection-to-p4-19a61a85a76b?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, hacking, penetration-testing, cybersecurity, technology02-Jun-2024
شرح اللاب بطريقة سهلة ومبسطة لفهم نوع ال Reflected XSS into HTML context with nothing encodedhttps://gentilsecurity.medium.com/%D8%B4%D8%B1%D8%AD-%D8%A7%D9%84%D9%84%D8%A7%D8%A8-%D8%A8%D8%B7%D8%B1%D9%8A%D9%82%D8%A9-%D8%B3%D9%87%D9%84%D8%A9-%D9%88%D9%85%D8%A8%D8%B3%D8%B7%D8%A9-%D9%84%D9%81%D9%87%D9%85-%D9%86%D9%88%D8%B9-%D8%A7%D9%84-reflected-xss-into-html-context-with-nothing-encoded-9dde8cf2baa3?source=rss------bug_bounty-5GenTiLowasp, web-development, penetration-testing, cybersecurity, bug-bounty01-Jun-2024
ماذا تعرف عن ثغرة XSS? (Cross-Site Script)https://gentilsecurity.medium.com/%D9%85%D8%A7%D8%B0%D8%A7-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%86-%D8%AB%D8%BA%D8%B1%D8%A9-xss-cross-site-script-d45ecf75b0a6?source=rss------bug_bounty-5GenTiLxss-attack, bug-bounty, vulnerability, technology, hacking01-Jun-2024
كيفية استخدام أداة ParamSpider — لبرنامج الجوائز الأمنية (Bug Bounty)https://gentilsecurity.medium.com/%D9%83%D9%8A%D9%81%D9%8A%D8%A9-%D8%A7%D8%B3%D8%AA%D8%AE%D8%AF%D8%A7%D9%85-%D8%A3%D8%AF%D8%A7%D8%A9-paramspider-%D9%84%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC-%D8%A7%D9%84%D8%AC%D9%88%D8%A7%D8%A6%D8%B2-%D8%A7%D9%84%D8%A3%D9%85%D9%86%D9%8A%D8%A9-bug-bounty-c1361d476c4a?source=rss------bug_bounty-5GenTiLparamspider, penetration-testing, bug-bounty, web-development, penetration-testing-tools01-Jun-2024
هل مازلت محتار في الاختلاف بين Reflected XSS و DOM XSS؟ اليوم ستحسم المسألة بكل ثقةhttps://gentilsecurity.medium.com/%D9%87%D9%84-%D9%85%D8%A7%D8%B2%D9%84%D8%AA-%D9%85%D8%AD%D8%AA%D8%A7%D8%B1-%D9%81%D9%8A-%D8%A7%D9%84%D8%A7%D8%AE%D8%AA%D9%84%D8%A7%D9%81-%D8%A8%D9%8A%D9%86-reflected-xss-%D9%88-dom-xss-%D8%A7%D9%84%D9%8A%D9%88%D9%85-%D8%B3%D8%AA%D8%AD%D8%B3%D9%85-%D8%A7%D9%84%D9%85%D8%B3%D8%A3%D9%84%D8%A9-%D8%A8%D9%83%D9%84-%D8%AB%D9%82%D8%A9-c4224d126056?source=rss------bug_bounty-5GenTiLreflected-xss, hacking, dom-xss, web-penetration-testing, bug-bounty01-Jun-2024
MY FIRST BUG !https://medium.com/@amjadkhan_72632/my-first-bug-8d52edf256c7?source=rss------bug_bounty-5Amjad Khancybersecurity, bug-bounty01-Jun-2024
SQLi, SSRF And Code Secrets — All In Onehttps://medium.com/@red.whisperer/sqli-ssrf-and-code-secrets-all-in-one-a387c734c84f?source=rss------bug_bounty-5Chuxsecurity, hacking, cybersecurity, infosec, bug-bounty01-Jun-2024
Are you still confused about the difference between Reflected XSS and DOM XSS?https://gentilsecurity.medium.com/are-you-still-confused-about-the-difference-between-reflected-xss-and-dom-xss-45715d0fe37b?source=rss------bug_bounty-5GenTiLdom-xss, hacking, bug-bounty, web-penetration-testing, reflected-xss01-Jun-2024
Chaining NOSQLi and XSS to Take Over a Server — HackTheBox Stocker Walkthroughhttps://medium.com/@The_Hiker/chaining-nosqli-and-xss-to-take-over-a-server-hackthebox-stocker-walkthrough-e549bf3f8bbf?source=rss------bug_bounty-5TheHikerhackthebox, hackthebox-writeup, web-exploitation, hacking, bug-bounty01-Jun-2024
Unveiling the Sneaky CSV Injection: VDP vs. Objective-Based Offensive Tacticshttps://abawazeeer.medium.com/unveiling-the-sneaky-csv-injection-vdp-vs-objective-based-offensive-tactics-208b22b8bba1?source=rss------bug_bounty-5AliBawazeEervulnerability-disclosure, bug-bounty, vulnerability-assessment, owasp-top-10, application-security01-Jun-2024
cy27.1 Lab: DOM XSS using web messageshttps://cyberw1ng.medium.com/cy27-1-lab-dom-xss-using-web-messages-5c2346edc08b?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, hacking, careers, cybersecurity01-Jun-2024
Use FFUF to bypass Burp Suite’s Intruder attacks delay!!!https://hackermater.medium.com/use-ffuf-to-bypass-burp-suite-intruder-attacks-delay-c5087c912741?source=rss------bug_bounty-5hackermaterbug-bounty-writeup, burpsuite, hacking, bug-bounty-tips, bug-bounty01-Jun-2024
90 Days Cybersecurity Learning Challengehttps://medium.com/@unknow.com/90-days-cybersecurity-learning-challenge-81e1777b31f5?source=rss------bug_bounty-5Cyber_hunterbug-bounty, careers, cybersecurity01-Jun-2024
Attacking Web Applications with Ffuf | Skills Assessment — Walkthroughhttps://medium.com/@Mx0o14/attacking-web-applications-with-ffuf-skills-assessment-walkthrough-5af4160fe75b?source=rss------bug_bounty-5Mohamed Ashrafhackthebox, bug-bounty, cybersecurity, hacking31-May-2024
The Planets CTF | Earth CTF | Vulnhub | WriteUp | Walkthroughhttps://shamsulmehmood.medium.com/the-planets-ctf-earth-ctf-vulnhub-writeup-walkthrough-38d13c16643c?source=rss------bug_bounty-5SHAMS UL MEHMOODhacking, cybersecurity, bug-bounty, bugs, cybercrime31-May-2024
Pattern Scanning Intro (For Game Hacking)https://medium.com/@MrRipperoni/pattern-scanning-intro-for-game-hacking-b13401b562fb?source=rss------bug_bounty-5Mr.Ripperonicoding, reverse-engineering, games, bug-bounty, hacking31-May-2024
How i get XSS & HTMLi with FUFFhttps://kiraadx.medium.com/how-i-get-xss-htmli-with-fuff-0c8a4b094636?source=rss------bug_bounty-5KiRaaDxbug-bounty, cybersecurity, bug-bounty-tips31-May-2024
OSCP Reviewhttps://medium.com/@nosignalrightnow/oscp-review-3a9568bf9c5d?source=rss------bug_bounty-5cowabungabug-bounty, offensive-security, penetration-testing, oscp, cybersecurity31-May-2024
26.3 Lab: Indirect prompt injectionhttps://cyberw1ng.medium.com/26-3-lab-indirect-prompt-injection-27d35f2e0e90?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, careers, cybersecurity, bug-bounty31-May-2024
CVE-2024–24919: Zero-Day Vulnerability leads to unauthorized Information Disclosure in Checkpointhttps://codewithvamp.medium.com/cve-2024-24919-zero-day-vulnerability-leads-to-unauthorized-information-disclosure-in-checkpoint-97873b47d160?source=rss------bug_bounty-5Vaibhav Kumar Srivastavacomputer-science, hacking, bug-bounty, cybersecurity, cve31-May-2024
How I Found a Vulnerability in Apple: A Journey of Discovery and Impacthttps://medium.com/@husnainsuleman/how-i-found-a-vulnerability-in-apple-a-journey-of-discovery-and-impact-0e55f14eef75?source=rss------bug_bounty-5Husnain Sulemanbug-bounty, storytelling, security, cybersecurity, apple31-May-2024
IDOR Exploit: A Tale of Account Takeoverhttps://danial1337.medium.com/idor-exploit-a-tale-of-account-takeover-51ab2c47c246?source=rss------bug_bounty-5Muhammad Danialpenetration-testing, hacking, cybersecurity, web-security, bug-bounty31-May-2024
Advanced Web Cache Poisoninghttps://medium.com/@majix_de/advanced-web-cache-poisoning-e6e17d5290ce?source=rss------bug_bounty-5Majixweb-cache-poisoning, penetration-testing, hacking, bug-bounty, pentesting31-May-2024
Creative Steps | Reflected XSS into HTML context with nothing encodedhttps://gentilsecurity.medium.com/creative-steps-reflected-xss-into-html-context-with-nothing-encoded-0a30d4f2dc24?source=rss------bug_bounty-5GenTiLcybersecurity, bug-bounty, owasp, penetration-testing, web-development30-May-2024
Exported Activity In Android Application Allowing Access to Payments Informationhttps://medium.com/@mohanad.hussam23/exported-activity-in-android-application-allowing-access-to-payments-information-166dfee5008e?source=rss------bug_bounty-5Muhanad Israiwihacking, bugs, penetration-testing, bug-bounty, androidhacking30-May-2024
Static Testing of iOS Applicationshttps://sandeepvi.medium.com/static-testing-of-ios-applications-cb09bd8f2927?source=rss------bug_bounty-5Sandeep Vishwakarmahacking, bug-bounty, ios, static-code-analysis30-May-2024
Secrets of Data Security : Trendy Tools and Tips You Can’t Ignore!https://medium.com/@paritoshblogs/secrets-of-data-security-trendy-tools-and-tips-you-cant-ignore-a5d72eb7eedf?source=rss------bug_bounty-5Paritoshdata-security, hacking, cybersecurity, bug-bounty, security30-May-2024
Exciting Announcement: We’re Collaborating with Aptron to Boost Web3 Security!https://securrtech.medium.com/exciting-announcement-were-collaborating-with-aptron-to-boost-web3-security-4f58726c3ae0?source=rss------bug_bounty-5Securrweb3, ai, web3-security, bug-bounty, blockchain30-May-2024
Enhancing Cybersecurity: Lessons from a Critical XSS Vulnerability in DMRC’s Websitehttps://hackerhalt.medium.com/enhancing-cybersecurity-lessons-from-a-critical-xss-vulnerability-in-dmrcs-website-a0e39aeb0318?source=rss------bug_bounty-5Hacker Halt Livehacker, hacking, bug-bounty, security, cybersecurity30-May-2024
Application Level DoS - The Lagging Nightmarehttps://shahjerry33.medium.com/application-level-dos-the-lagging-nightmare-d3332f2ade86?source=rss------bug_bounty-5Jerry Shah (Jerry)pentesting, cybersecurity, bug-bounty, infosec, vulnerability30-May-2024
26.2 Lab: Exploiting vulnerabilities in LLM APIshttps://cyberw1ng.medium.com/26-2-lab-exploiting-vulnerabilities-in-llm-apis-83150b4cdf98?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, careers, hacking, bug-bounty30-May-2024
WAF as a weapon and DOS as a bullethttps://medium.com/@zhero_/waf-as-a-weapon-and-dos-as-a-bullet-46acad12a9b6?source=rss------bug_bounty-5Rachid.Ainfosec, bug-bounty, firewall, hacking, cybersecurity30-May-2024
Low hanging fruit in real website: Cookie invalidation.https://medium.com/@siyamhassan.main/low-hanging-fruit-in-real-website-cookie-invalidation-bd24556dc673?source=rss------bug_bounty-52004siyam_hassanauthentication, session-invalidation, bug-bounty30-May-2024
Buy Multiple Translink Travel Ticket for the Price of One.https://medium.com/@aswinmanikandan/buy-multiple-translink-travel-ticket-for-the-price-of-one-82014216c510?source=rss------bug_bounty-5Aswin Manikandanbug-bounty, bug-bounty-tips30-May-2024
(1)بالمصري Bug Bounty Bootcamp ملخصhttps://medium.com/@am3002297/1-%D8%A8%D8%A7%D9%84%D9%85%D8%B5%D8%B1%D9%8A-bug-bounty-bootcamp-%D9%85%D9%84%D8%AE%D8%B5-8cdf2bf4e108?source=rss------bug_bounty-530obdbug-bounty-hunter, tech-bootcamp, bug-bounty, infosec, information-security30-May-2024
Microsoft IIS Server Shortnames & Tilde Magichttps://retkoussa.medium.com/microsoft-iis-server-shortnames-tilde-magic-64df65d26450?source=rss------bug_bounty-5Firas Al-Koussahacking, bug-bounty, penetration-testing, cybersecurity, penetration-testing-tools30-May-2024
How I Found My First Bug in My Bug Bounty Journeyhttps://medium.com/@HuseyinAdgzl/how-i-found-my-first-bug-in-bug-bounty-journey-49a318874ed8?source=rss------bug_bounty-5Hüseyin Adiguzelbug-bounty-tips, bug-bounty, api, security, bugs30-May-2024
A Beautiful Bug: Interesting URL scheme bypass + Race Condition.https://medium.com/@Nightbloodz/a-beautiful-bug-interesting-url-scheme-bypass-race-condition-61109771a250?source=rss------bug_bounty-5Alvaro Baladacybersecurity, xss-attack, bug-bounty-tips, bug-bounty-writeup, bug-bounty30-May-2024
Understanding Fileless Malware: How It Works and Real-World Exampleshttps://medium.com/@paritoshblogs/understanding-fileless-malware-how-it-works-and-real-world-examples-76085c99543d?source=rss------bug_bounty-5Paritoshhacking, bug-bounty, fileless-malware, malware, cybersecurity29-May-2024
An interesting Bug that I found in Android Mobile Applicationhttps://medium.com/@jooelsaka/an-interesting-bug-that-i-found-in-android-mobile-application-becf25c8c4d8?source=rss------bug_bounty-5dnelsakasecurity, pentesting, mobile-security, android, bug-bounty29-May-2024
Subdomain takeover via AWS s3 buckethttps://infosecwriteups.com/subdomain-takeover-via-aws-s3-bucket-9c54b1b71c46?source=rss------bug_bounty-5Bikram kharalvulnerability, subdomain-takeover, bug-bounty, penetration-testing, hacking29-May-2024
Unauthenticated Cache Purge, Really a Bug?https://medium.com/@anonymoustriager/unauthenticated-cache-purge-really-a-bug-1da44d6fbfd9?source=rss------bug_bounty-5Anonymous Triagerhacker, bug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup29-May-2024
Bypassing Discord marked links filterhttps://nickguitar.medium.com/bypassing-discord-marked-links-filter-88bcd7946f2a?source=rss------bug_bounty-5Nickguitarhacking, bug-bounty, bypass, discord, pentest29-May-2024
Bug Bounty Automationshttps://medium.com/@michellepantelouris/bug-bounty-automations-65f4a4dd6121?source=rss------bug_bounty-5Michelle Pantelourisbug-bounty, cybersecurity, penetration-testing29-May-2024
Building tech profile of a companyhttps://netlas.medium.com/building-tech-profile-of-a-company-f2145dedad31?source=rss------bug_bounty-5Netlas.ioreconnaissance, cybersecurity, osint, penetration-testing, bug-bounty29-May-2024
Content Discovery: Directories, Files And Links Enumeration:https://hacktivistattacker.medium.com/content-discovery-directories-files-and-links-enumeration-38e407b8ff0a?source=rss------bug_bounty-5Hacktivist-Attackercontent-discovery, bug-bounty, web-penetration-testing, reconnaissance-bug-bounty, educação29-May-2024
Bug Bounty Tips and Tricks: Improve Your Success Ratehttps://medium.com/@verylazytech/bug-bounty-tips-and-tricks-improve-your-success-rate-37fa7941d05f?source=rss------bug_bounty-5Very Lazy Techbug-bounty, hacking, bug-bounty-program, cyber, cybersecurity29-May-2024
S3 bucket enumeration simplified.https://secureitmania.medium.com/s3-bucket-enumeration-simplified-80bdcdf581d7?source=rss------bug_bounty-5secureITmaniahacking, cloud-services, devops, bug-bounty, it-security29-May-2024
Agent Sudo Walkthroughhttps://medium.com/@anubhavbali2004/agent-sudo-walkthrough-0a2954d2bb7e?source=rss------bug_bounty-5Anubhav Balictf-walkthrough, ctf-writeup, bug-bounty, ctf, cybersecurity29-May-2024
Mastering Burp Suite for Web Application Security Testinghttps://medium.com/@zerodayfreak/mastering-burp-suite-for-web-application-security-testing-9ac8919f89a8?source=rss------bug_bounty-5ZeroDay Freakbug-bounty, infosec, burpsuite, web-hacking, penetration-testing29-May-2024
The Easiest Vulnerability to Find and How to bypass the WAFhttps://medium.com/@probza261/the-easiest-vulnerability-to-find-and-how-to-bypass-the-waf-3dbcc422aa7e?source=rss------bug_bounty-5OctaYusbug-bounty, infosec, web-security29-May-2024
[Low]Unintended Feature: Exploiting an “Invisible” Delete Function for Temporary Premium Accesshttps://r4v3n0r.medium.com/low-unintended-feature-exploiting-an-invisible-delete-function-for-temporary-premium-access-909812add8eb?source=rss------bug_bounty-5Fabian Cruzweb-application-security, cybersecurity, idor, bug-bounty, information-security29-May-2024
What do you know about XSS? (Cross-Site Script)https://gentilsecurity.medium.com/what-do-you-know-about-xss-cross-site-script-fa050d37be1c?source=rss------bug_bounty-5GenTiLbug-bounty, vulnerability, hacking, technology, xss-attack28-May-2024
Hacking NASA: Critical SSRF + Subdomain Takeover + XSShttps://nickguitar.medium.com/hacking-nasa-critical-ssrf-subdomain-takeover-xss-699be0ce3c06?source=rss------bug_bounty-5Nickguitarpentesting, bug-bounty, hacking, web-application-security, writeup28-May-2024
Bug Bounty In 2024https://medium.com/@Code_With_Ssn/bug-bounty-in-2024-54b1f0c3fe75?source=rss------bug_bounty-5Salik Seraj Naikcybersecurity, bug-bounty, software-development, blockchain, data-science28-May-2024
8 Different Ways to Bypass SSL Pinning in iOS Applicationshttps://medium.com/@vaishalinagori112/8-different-ways-to-bypass-ssl-pinning-in-ios-applications-427dfcbe8bf7?source=rss------bug_bounty-5Vaishali Nagoribug-bounty, vapt-services, hacking, ciso, ssl-pinning-bypass28-May-2024
Talkpal — vulnerability disclosurehttps://karol-mazurek.medium.com/talkpal-vulnerability-disclosure-70b18d14772f?source=rss------bug_bounty-5Karol Mazurekcybersecurity, bug-bounty, information-technology, penetration-testing, information-security28-May-2024
Cross-Site Script _XSS_ Extract Herehttps://gentilsecurity.medium.com/cross-site-script-xss-extract-here-d76053546fe3?source=rss------bug_bounty-5GenTiLtechnology, bug-bounty, ethical-hacking, cybersecurity, web-development28-May-2024
RCE Exploitation via Report Upload + Leveraging MachineKeys to Forge ASPXAUTH Cookies to privesc…https://medium.com/@ph4nt0mbyt3/rce-exploitation-via-report-upload-leveraging-machinekeys-to-forge-aspxauth-cookies-to-privesc-50d38991da2e?source=rss------bug_bounty-5ph4nt0mbyt3pentesting, hacking, bug-bounty, cookies, aspnetcore28-May-2024
PENTESTING DAY — 01https://medium.com/@workwithsane/pentesting-day-01-7eba23231870?source=rss------bug_bounty-5Saneoffensive-security, pentesting, bug-bounty, defensive-security, ethical-hacking28-May-2024
A Whistledown Exclusive: Netflix’s Journey to One Million in Bug Bounty and Beyondhttps://netflixtechblog.medium.com/a-whistledown-exclusive-netflixs-journey-to-one-million-in-bug-bounty-and-beyond-9087ffebc3e1?source=rss------bug_bounty-5Netflix Technology Blogvulnerability-management, application-security, cybersecurity, bug-bounty28-May-2024
25.8 Lab: Web cache poisoning via a fat GET requesthttps://cyberw1ng.medium.com/25-8-lab-web-cache-poisoning-via-a-fat-get-request-ee8a42d01868?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, penetration-testing, cybersecurity28-May-2024
Self-XSS via filename + CSRF on contact us ‘multipart/data’ formhttps://mchklt.medium.com/self-xss-via-filename-csrf-on-contact-us-multipart-data-form-f852dd539547?source=rss------bug_bounty-5ABDELKARIM MOUCHQUELITAcyberattack, tips, bug-bounty, cybersecurity, hacking28-May-2024
PENTESTING INTRODUCTIONhttps://medium.com/@workwithsane/pentesting-day-01-7eba23231870?source=rss------bug_bounty-5Saneoffensive-security, pentesting, bug-bounty, defensive-security, ethical-hacking28-May-2024
Best Packet Sniffers For Reverse Engineering Game Servershttps://medium.com/@MrRipperoni/best-packet-sniffers-for-reverse-engineering-game-servers-c09987c46b33?source=rss------bug_bounty-5Mr.Ripperonigames, bug-bounty, hacking, penetration-testing, reverse-engineering28-May-2024
25.9 Lab: URL normalization in Web Cache Poisioninghttps://cyberw1ng.medium.com/25-9-lab-url-normalization-in-web-cache-poisioning-9a4b72e10a5e?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, hacking, bug-bounty28-May-2024
شمارع خاله اردبیل شماره خاله رامسرشماره خاله یزدشماره خاله نورآباد09333709804https://medium.com/@xgxtccbj/%D8%B4%D9%85%D8%A7%D8%B1%D8%B9-%D8%AE%D8%A7%D9%84%D9%87-%D8%A7%D8%B1%D8%AF%D8%A8%DB%8C%D9%84-%D8%B4%D9%85%D8%A7%D8%B1%D9%87-%D8%AE%D8%A7%D9%84%D9%87-%D8%B1%D8%A7%D9%85%D8%B3%D8%B1%D8%B4%D9%85%D8%A7%D8%B1%D9%87-%D8%AE%D8%A7%D9%84%D9%87-%DB%8C%D8%B2%D8%AF%D8%B4%D9%85%D8%A7%D8%B1%D9%87-%D8%AE%D8%A7%D9%84%D9%87-%D9%86%D9%88%D8%B1%D8%A2%D8%A8%D8%A7%D8%AF09333709804-045d16786c2a?source=rss------bug_bounty-5فاطمهbug-bounty, vjosa, cj, cjng, bybit-event28-May-2024
25.7 Lab: Parameter cloaking in Web Cache Poisoninghttps://cyberw1ng.medium.com/25-7-lab-parameter-cloaking-in-web-cache-poisoning-ee64feeb01c1?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, bug-bounty, careers, penetration-testing27-May-2024
Earning with Exploits: The Bug Bounty Journeyhttps://deepseng.medium.com/earning-with-exploits-the-bug-bounty-journey-9d864743c011?source=rss------bug_bounty-5Deep SenGuptacybersecurity, appsec, information-security, careers, bug-bounty27-May-2024
How To Stay Ahead of 99% Of Bug Bounty Huntershttps://infosecwriteups.com/how-to-stay-ahead-of-99-of-bug-bounty-hunters-a51fb3fc2ecb?source=rss------bug_bounty-5Om Aroramethodology, infosec, hacking, bug-bounty-tips, bug-bounty27-May-2024
The bugs: List of weird vulnerabilitieshttps://noobsixt9.medium.com/the-bugs-list-of-weird-vulnerabilities-6bc98fc5c1cc?source=rss------bug_bounty-5Rajan Kshedalwriteup, bug-bounty, bug-bounty-writeup, bug-bounty-tips, information-security27-May-2024
How I got my first US Dollar bountyhttps://medium.com/@deepk007/how-i-got-my-first-us-dollar-bounty-4df50ee82fc6?source=rss------bug_bounty-5DEepcybersecurity, bug-bounty, red-team, ethical-hacking, vulnerability27-May-2024
25.6 Lab: Web cache poisoning via an unkeyed query parameterhttps://cyberw1ng.medium.com/25-6-lab-web-cache-poisoning-via-an-unkeyed-query-parameter-ca2544560b5e?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, careers, bug-bounty, hacking26-May-2024
Embarking on the Bug Bounty Journeyhttps://medium.com/@verylazytech/embarking-on-the-bug-bounty-journey-e199897617a5?source=rss------bug_bounty-5Very Lazy Techbug-bounty, technology, programming, cybersecurity, cyber26-May-2024
Kokurate journey in Cyber Securityhttps://kokurate.medium.com/kokurate-journey-in-cyber-security-633e546eb175?source=rss------bug_bounty-5Kokuratebug-bounty, blue-team, journey, cybersecurity, red-team26-May-2024
Network Penetration Testing: A Comprehensive Guidehttps://medium.com/@paritoshblogs/network-penetration-testing-a-comprehensive-guide-1ba8fcb7c570?source=rss------bug_bounty-5Paritoshpentesting, networking, ai, cybersecurity, bug-bounty26-May-2024
Open Redirect via login pagehttps://medium.com/@saeidmicro/open-redirect-via-login-page-fe144f279da8?source=rss------bug_bounty-5Saeid Khaterbug-bounty, open-redirect, cybersecurity26-May-2024
My Journey in Cyber Securityhttps://kokurate.medium.com/kokurate-journey-in-cyber-security-633e546eb175?source=rss------bug_bounty-5Kokuratebug-bounty, blue-team, journey, cybersecurity, red-team26-May-2024
### Uncovering a Critical Security Bug: Email Duplication in Password Reset Mechanismhttps://medium.com/@siyamhassan.main/uncovering-a-critical-security-bug-email-duplication-in-password-reset-mechanism-44eed804203f?source=rss------bug_bounty-52004siyam_hassanbug-bounty, password-reset, authentication26-May-2024
### Discovering an OTP Reuse Vulnerability: My First Bug Reporthttps://medium.com/@siyamhassan.main/discovering-an-otp-reuse-vulnerability-my-first-bug-report-1a4c555113ab?source=rss------bug_bounty-52004siyam_hassanauthentication, otp-verification, bug-bounty26-May-2024
HTTP Headershttps://medium.com/@Zephyr_Night/http-headers-958a5d73ffd6?source=rss------bug_bounty-5Anshu(Zephyr_Night)bug-bounty, http-protocol, http-headers, http-authentication26-May-2024
WordPress application vulnerable to DoS attack via wp-cron.phphttps://medium.com/@saeidmicro/wordpress-application-vulnerable-to-dos-attack-via-wp-cron-php-da521e854fe5?source=rss------bug_bounty-5Saeid Khaterbug-bounty, dos-attack, cybersecurity26-May-2024
❇️ Web Hack Tool ❇️https://medium.com/@logicTech/%EF%B8%8F-web-hack-tool-%EF%B8%8F-0123843704ed?source=rss------bug_bounty-5LogicTechbug-bounty-tips, github, tools, hacking, bug-bounty26-May-2024
Insecure Account Removalhttps://medium.com/@saeidmicro/insecure-account-removal-867357ad9a08?source=rss------bug_bounty-5Saeid Khaterbug-bounty, cybersecurity26-May-2024
How I Got IDOR lead to PII In Login Pagehttps://medium.com/@shari7a0x/how-i-got-idor-lead-to-pii-in-login-page-12135f661c77?source=rss------bug_bounty-5Shari7a0xbugs, hacker, idor-vulnerability, bugcrowd, bug-bounty26-May-2024
How I Found 2 IDORS on My Phone and Made $1,500https://medium.com/@zack0x01_/how-i-found-2-idors-on-my-phone-and-made-1-500-8b088f5b28db?source=rss------bug_bounty-5zack0x01bug-bounty, cyber, idor, bug-bounty-tips, hacking26-May-2024
Session invalidation after updating e-mail.https://medium.com/@siyamhassan.main/session-invalidation-after-updating-e-mail-f03c8bb1fb0c?source=rss------bug_bounty-52004siyam_hassanbug-bounty, session-invalidation, help26-May-2024
All About API Security Pentestinghttps://infosecwriteups.com/all-about-api-security-pentesting-60dba50e2766?source=rss------bug_bounty-5Xcheaterapi-security, owasp-api-security-top-10, bug-bounty, pentesting, api-security-testing26-May-2024
JNDI Injection — Attack Flowhttps://medium.com/@prajeet67/jndi-injection-attack-flow-2061e792fef3?source=rss------bug_bounty-5Pradeep Kumarweb-penetration-testing, pentest, bug-bounty, java, jndi25-May-2024
CSRF Vulnerabilities: How to Exploit and Defend Against Attackshttps://xamiron.medium.com/csrf-vulnerabilities-how-to-exploit-and-defend-against-attacks-ca06e0fc0bf0?source=rss------bug_bounty-5Sabuj Kumar Modakpenetration-testing, burpsuite, csrf-attack, bug-bounty, web-app-pentesting25-May-2024
Outlook Hijacked: A Step-by-Step Recovery and Investigationhttps://raoshaab.medium.com/outlook-hijacked-a-step-by-step-recovery-and-investigation-02ea09136301?source=rss------bug_bounty-5Devender Raobug-bounty, phishing, hacking, cybersecurity, microsoft25-May-2024
Unauthenticated IDOR in Employee Login Exposes PII to more than 100K Usershttps://amrkadry7.medium.com/unauthenticated-idor-in-employee-login-exposes-pii-to-more-than-100k-users-830fa8121b33?source=rss------bug_bounty-5Amrcybersecurity, bug-bounty25-May-2024
How I Hacked India Today Subscription for 2 yearshttps://anudeep-vysyaraju.medium.com/how-i-hacked-india-today-subscription-for-2-years-4e49701fa7c8?source=rss------bug_bounty-5Anudeep Vysyarajucybersecurity, penetration-testing, ethical-hacking, hacking, bug-bounty25-May-2024
HOW HACKERS USE REVERSE ENGINEERINGhttps://medium.com/@Progsky/how-hackers-use-reverse-engineering-7f8940e2108a?source=rss------bug_bounty-5Progskybug-bounty, hacking, reverse-engineering25-May-2024
HTB PDFy Challengehttps://medium.com/@Pdaysec/htb-pdfy-challenge-490e678bd521?source=rss------bug_bounty-5Erfancybersecurity, htb, bug-bounty, challenge, htb-writeup25-May-2024
Uncovering the Hidden Vulnerability: How I Found an Authentication Bypass on Shopify’s Exchange…https://medium.com/@niraj1mahajan/uncovering-the-hidden-vulnerability-how-i-found-an-authentication-bypass-on-shopifys-exchange-cc2729ea31a9?source=rss------bug_bounty-5Niraj Mahajanbug-bounty, account-takeover, ato, authentication-bypass, bug-bounty-tips25-May-2024
Prototype Pollution: The Hidden Danger in JavaScripthttps://medium.com/@mayank_prajapati/prototype-pollution-the-hidden-danger-in-javascript-c8b17002e8da?source=rss------bug_bounty-5Mayank Kumar Prajapatihacking, bug-bounty, security, web, pentesting25-May-2024
Bypassing WAFs: The Art of Payload Obfuscationhttps://systemweakness.com/bypassing-wafs-the-art-of-payload-obfuscation-d4093c110713?source=rss------bug_bounty-5David Eduardo Karpinskiweb3, bug-bounty, firewall, cybersecurity, hacking25-May-2024
JavaScript Prototype Pollution Attack: A Simplified Guidehttps://medium.com/@dodir.sec/javascript-prototype-pollution-attack-a-simplified-guide-c3b4ba8a6441?source=rss------bug_bounty-5dodirbug-bounty, penetration-testing, web, javascript, cybersecurity25-May-2024
How i got xss in unusual wayhttps://medium.com/@cvjvqmmsm/how-i-got-xss-in-unusual-way-7c4f2d8dfaf6?source=rss------bug_bounty-5Barbarossaxss-attack, bug-bounty25-May-2024
HTB-PDFyhttps://medium.com/@Pdaysec/htb-pdfy-challenge-490e678bd521?source=rss------bug_bounty-5Erfancybersecurity, htb, bug-bounty, challenge, htb-writeup25-May-2024
Logic Bug | Forget password link not expiring after email changehttps://medium.com/@saeidmicro/logic-bug-forget-password-link-not-expiring-after-email-change-4edc6f2dce22?source=rss------bug_bounty-5Saeid Khatercybersecurity, bug-bounty24-May-2024
How to Use ParamSpider Tool — For Bug Bountyhttps://gentilsecurity.medium.com/how-to-use-paramspider-tool-for-bug-bounty-2cfb3e4c402c?source=rss------bug_bounty-5GenTiLpenetration-testing, automation-tools, parameter, paramspider, bug-bounty24-May-2024
Analyzing JavaScript Files To Find Bugshttps://medium.com/@hrofficial62/analyzing-javascript-files-to-find-bugs-7b277d1df435?source=rss------bug_bounty-5Mr Horbiohacking, bug-bounty-tips, cybersecurity, programming, bug-bounty24-May-2024
Bypassing 403 Protection To Get Admin Accesshttps://medium.com/@hrofficial62/bypassing-403-protection-to-get-admin-access-fe5b8888a935?source=rss------bug_bounty-5Mr Horbiobug-bounty, 403-forbidden, bug-bounty-tips, hacking24-May-2024
Bug Bounty Tutorial : Login Bypass Techniquehttps://medium.com/@hrofficial62/bug-bounty-tutorial-login-bypass-technique-ec4801b505c2?source=rss------bug_bounty-5Mr Horbiobugs, penetration-testing, hacking, bug-bounty, cybersecurity24-May-2024
How to Earn Bug Bounty as a Professional Bug hunterhttps://medium.com/@hrofficial62/how-to-earn-bug-bounty-as-a-professional-bug-hunter-cf11c1d16add?source=rss------bug_bounty-5Mr Horbioearn-money-online, cybersecurity, ethical-hacking, bugs, bug-bounty24-May-2024
How to Find First Bug (For Beginners)https://medium.com/@hrofficial62/how-to-find-first-bug-for-beginners-677ef726df2e?source=rss------bug_bounty-5Mr Horbiopython, cybersecurity, bug-bounty, hacking, programming24-May-2024
How to learn Hacking From 0 to Herohttps://medium.com/@hrofficial62/how-to-learn-hacking-from-0-to-hero-b7a13a72d035?source=rss------bug_bounty-5Mr Horbiohacking, horbio, programming, bug-bounty, cybersecurity24-May-2024
How to extract Google Chrome Saved Passwordhttps://medium.com/@hrofficial62/how-to-extract-google-chrome-saved-password-b6d6db825f36?source=rss------bug_bounty-5Mr Horbioethical-hacking, hacking, bug-bounty, passwords, cyber24-May-2024
Referrer-based access control Bug Bounty Tipshttps://medium.com/@hrofficial62/referrer-based-access-control-bug-bounty-tips-16112ae530cc?source=rss------bug_bounty-5Mr Horbiohacking, programming, hacker, cybersecurity, bug-bounty24-May-2024
Python Libraries for Hackershttps://medium.com/@hrofficial62/python-libraries-for-hackers-52a64f54131c?source=rss------bug_bounty-5Mr Horbiohacking, python-programming, python, bug-bounty, cybersecurity24-May-2024
Easy Bug | PHP info page disclosurehttps://medium.com/@saeidmicro/easy-bug-php-info-page-disclosure-d062dbc66a0e?source=rss------bug_bounty-5Saeid Khatercybersecurity, bug-bounty24-May-2024
Logic Bug: Easy Privilege Escalationhttps://medium.com/@saeidmicro/logic-bug-easy-privilege-escalation-7d3878816395?source=rss------bug_bounty-5Saeid Khatercybersecurity, bug-bounty, privilege-escalation24-May-2024
Logic Bug: Easy Privilege Escalationhttps://medium.com/@saeidmicro/logic-bug-easy-privilege-escalation-d12be8946e36?source=rss------bug_bounty-5Saeid Khaterbug-bounty, privilege-escalation, cybersecurity24-May-2024
Easy Bug | Email HTML Injectionhttps://medium.com/@saeidmicro/easy-bug-email-html-injection-8d15e1db69e0?source=rss------bug_bounty-5Saeid Khatercybersecurity, html-injection, bug-bounty24-May-2024
How to get your first $500 from an XSS vulnerabilityhttps://gentilsecurity.medium.com/how-to-get-your-first-500-from-an-xss-vulnerability-2c3800490e7a?source=rss------bug_bounty-5GenTiLmake-money-online, technology, xss-vulnerability, bug-bounty, xss-attack24-May-2024
[Bug Report] Medium Bug 3 dhttps://minerofideas.medium.com/bug-report-medium-bug-3-d-851c28f844cb?source=rss------bug_bounty-5Miner Of Ideaspython, medium, bug-bounty, medium-brasil, bugs24-May-2024
Using BBRF for tracking Javascript fileshttps://medium.com/@michal.lubicz/using-bbrf-for-tracking-javascript-files-76901a03939f?source=rss------bug_bounty-5Michał Lubiczbug-bounty-tips, bug-bounty, cybersecurity, pentesting24-May-2024
Busting CSRF: The Hidden Dangers of JSON Exploitedhttps://medium.com/@hack3dby0mar/busting-csrf-the-hidden-dangers-of-json-exploited-fd4aeb4cf47e?source=rss------bug_bounty-5Omar Essam (hack3dby0mar)web-security, bug-bounty, cybersecurity24-May-2024
25.4 Lab: Targeted web cache poisoning using an unknown headerhttps://cyberw1ng.medium.com/25-4-lab-targeted-web-cache-poisoning-using-an-unknown-header-18d261dcbf7a?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, hacking, bug-bounty, cybersecurity24-May-2024
Exciting Announcement: We’re Collaborating with DAOPeople to Boost Web3 Securityhttps://securrtech.medium.com/exciting-announcement-were-collaborating-with-daopeople-to-boost-web3-security-0e4b70699385?source=rss------bug_bounty-5Securrbug-bounty, web3, web3-security, dao, blockchain24-May-2024
Flipping a ‘False’ to ‘True’: The Google Bug That Paid Offhttps://medium.com/@hellother18/flipping-a-false-to-true-the-google-bug-that-paid-off-c9c3b11944fb?source=rss------bug_bounty-5Manthan_ mahalepenetration-testing, bugbounty-tips, bug-bounty, cybersecurity, hacker24-May-2024
Session fixation | Cookie injection leading to ATO Write-Uphttps://infosecwriteups.com/session-fixation-cookie-injection-leading-to-ato-write-up-98e29d2851b9?source=rss------bug_bounty-5rAmpancisthacking, account-takeover, cybersecurity, bugbounty-writeup, bug-bounty24-May-2024
Top Tools Every Bug Bounty Hunter Should Usehttps://medium.com/@verylazytech/top-tools-every-bug-bounty-hunter-should-use-7ebec61a0f76?source=rss------bug_bounty-5Very Lazy Techbug-bounty, bug-bounty-tips, cyber, cybersecurity24-May-2024
Tips & Tricks To Get Hall of Fame In NASAhttps://medium.com/@Ajakcybersecurity/tips-tricks-to-get-hall-of-fame-in-nasa-53819d8221d3?source=rss------bug_bounty-5AjakCybersecurityhacking, ethical-hacking, bug-bounty, cybersecurity, penetration-testing24-May-2024
25.5 Lab: Web cache poisoning via an unkeyed query stringhttps://cyberw1ng.medium.com/25-5-lab-web-cache-poisoning-via-an-unkeyed-query-string-c264fccb80d0?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, cybersecurity, careers24-May-2024
Always Test Default Credentials on Bug Bounty even if it’s 2024https://scr1pty.medium.com/always-test-default-credentials-on-bug-bounty-even-if-its-2024-75e511e4ad7c?source=rss------bug_bounty-5Scr1ptyethical-hacking, hacking, bug-bounty, security, bug-bounty-tips23-May-2024
HTML Injectionhttps://medium.com/@0xchoudhary/html-injection-cc6f8e3a09f8?source=rss------bug_bounty-5Sushil Choudharybug-bounty-tips, hackerone, cybersecurity, bug-hunting, bug-bounty23-May-2024
25.3 Lab: Web cache poisoning with multiple headershttps://cyberw1ng.medium.com/25-3-lab-web-cache-poisoning-with-multiple-headers-65e4e83ace3a?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing23-May-2024
Unlocked Secrets: How Leaked Credentials Fuel Bug Bountieshttps://medium.com/@cyberpro151/unlocked-secrets-how-leaked-credentials-fuel-bug-bounties-fe5032caf5f4?source=rss------bug_bounty-5cyberpro151admin-panel, infosec, breach, bug-bounty, hacking23-May-2024
Aleo Bug Bounty Programhttps://daonft.medium.com/aleo-bug-bounty-program-97a7fda9ceed?source=rss------bug_bounty-5Bogdanbug-bounty, web3, aleo23-May-2024
CSRF leading to Account Takeoverhttps://medium.com/@katmaca2014/csrf-leading-to-account-takeover-abb32bae0ba5?source=rss------bug_bounty-5Kaan Atmacabug-bounty, penetration-testing, pentesting, cybersecurity, hacking23-May-2024
Exploiting XML Injection to Establish Unauthorized SSH Connectionhttps://medium.com/@katmaca2014/exploiting-xml-injection-to-establish-unauthorized-ssh-connection-7c9bbc50a4d4?source=rss------bug_bounty-5Kaan Atmacahacking, coding, bug-bounty, penetration-testing, pentesting23-May-2024
How I Found Multiple XSS Vulnerabilities.https://medium.com/@helalmm71/how-i-found-multiple-xss-vulnerabilities-34bf8655f4e7?source=rss------bug_bounty-5MD Helalvulnerability, penetration-testing, cybersecurity, bug-bounty, ctf23-May-2024
How I use to find vulnerabilities like XSS,sqli using mixture of 3 simple toolshttps://medium.com/@sreejihkn43073/how-i-use-to-find-vulnerabilities-like-xss-sqli-using-mixture-of-3-simple-tools-5108068646d2?source=rss------bug_bounty-5Sreejihknxss-vulnerability, cybersecurity-training, bug-bounty, github, tools23-May-2024
Ink Finance Arbitrum Testnet Bug Bounty Hunthttps://inkfinance.medium.com/ink-finance-arbitrum-testnet-bug-bounty-hunt-85ca215118fa?source=rss------bug_bounty-5Ink Financedao, defi, testnet, arbitrum, bug-bounty23-May-2024
Chrome 125 Update Resolves High-Severities Bugs Reported by External Researchershttps://medium.com/@elnjasi/chrome-125-update-resolves-high-severities-bugs-reported-by-external-researchers-74be654feb3a?source=rss------bug_bounty-5eL Njas!™bug-bounty, vulnerbaility, google23-May-2024
Easy Bug: No Rate Limiting on Form which Triggers Emailshttps://medium.com/@saeidmicro/easy-bug-no-rate-limiting-on-form-which-triggers-emails-4cecb5dd80a8?source=rss------bug_bounty-5Saeid Khatercybersecurity, bug-bounty23-May-2024
First Swag from HackerRankhttps://codingninjablogs.tech/first-swag-from-hackerrank-df55cb2605b5?source=rss------bug_bounty-5#$ubh@nk@rhacking, swag, ethical-hacking, security, bug-bounty23-May-2024
Ink Finance Arbitrum Testnet User Experience & Bug Bounty Hunthttps://inkfinance.medium.com/ink-finance-arbitrum-testnet-bug-bounty-hunt-85ca215118fa?source=rss------bug_bounty-5Ink Financedao, defi, testnet, arbitrum, bug-bounty23-May-2024
Second Factor Authentication (2FA) Bypass in Private BBPhttps://medium.com/@saeidmicro/second-factor-authentication-2fa-bypass-in-private-bbp-325017cd187e?source=rss------bug_bounty-5Saeid Khaterbug-bounty, cybersecurity23-May-2024
Logic Bug | Old Session Does Not Expires After Password Changehttps://medium.com/@saeidmicro/logic-bug-old-session-does-not-expires-after-password-change-cd1fca05c33e?source=rss------bug_bounty-5Saeid Khaterbug-bounty, cybersecurity23-May-2024
Second bug on VDP programhttps://medium.com/@devMRT/second-bug-on-vdp-program-f1c4e67a3e42?source=rss------bug_bounty-5devMRTbugbounty-writeup, bug-bounty-tips, bug-bounty23-May-2024
Advanced Web Application Scanning Step-by-Step Guidehttps://0xm4r5h4l.medium.com/advanced-web-application-scanning-step-by-step-guide-4d59dff9c491?source=rss------bug_bounty-50xM4r5h4lhacking, web-penetration-testing, cybersecurity, bug-bounty, web-scanner22-May-2024
How I Found XSS in Swagger-UI Leading to Account Takeover on Bug Bountyhttps://scr1pty.medium.com/how-i-found-xss-in-swagger-ui-leading-to-account-takeover-on-bug-bounty-8d419c6b95d5?source=rss------bug_bounty-5Scr1ptybug-bounty, ethical-hacking, penetration-testing, bug-bounty-tips, it22-May-2024
Time-Based Google OAuth Account Takeover: Adventures in Bug Bountieshttps://medium.com/@iamrizwanvp/time-based-google-oauth-account-takeover-my-bug-bounty-journey-a0f534227bc6?source=rss------bug_bounty-5RIZWANbug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup, bugs22-May-2024
Silk Central : Bug Tracking Tutorialhttps://medium.com/@niranjanky14/silk-central-bug-tracking-tutorial-781e4a6550c6?source=rss------bug_bounty-5Nine Pages Of My Lifetesting, software-development, bug-bounty, silk, app-development22-May-2024
Open-Redirect Through HTTP Parameter Pollutionhttps://medium.com/@davidkarpinski1/open-redirect-through-http-parameter-pollution-ce5a3be7c78e?source=rss------bug_bounty-5David Eduardo Karpinskiweb3, bug-bounty, hacking, cybersecurity, pollution22-May-2024
Exciting Announcement: Our New Collaboration with jumboBlockchain to Enhance Web3 Security!https://securrtech.medium.com/exciting-announcement-our-new-collaboration-with-jumboblockchain-to-enhance-web3-security-fe0489ca2524?source=rss------bug_bounty-5Securrbug-bounty, layer-1, blockchain, web3-security, web322-May-2024
Swagger-UI XSS Leading to Account Takeover on Crypto Exchangehttps://scr1pty.medium.com/how-i-found-xss-in-swagger-ui-leading-to-account-takeover-on-bug-bounty-8d419c6b95d5?source=rss------bug_bounty-5Scr1ptybug-bounty, ethical-hacking, penetration-testing, bug-bounty-tips, it22-May-2024
25.2 Lab: Web cache poisoning with an unkeyed cookiehttps://cyberw1ng.medium.com/25-2-lab-web-cache-poisoning-with-an-unkeyed-cookie-3f4884ee1105?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, penetration-testing, careers, cybersecurity22-May-2024
SubActive: Cracking the Digital Codehttps://medium.com/@tamhacker1/subactive-cracking-the-digital-code-447769fdb6e2?source=rss------bug_bounty-5Tahir Mujawarbugbounty-writeup, hacker, hacking, cybersecurity, bug-bounty22-May-2024
Best tool to find subdomainshttps://medium.com/@sreejihkn43073/best-tool-to-find-subdomains-170ad5d6e034?source=rss------bug_bounty-5Sreejihknbug-bounty, subdomain, cybersecurity, cyber-security-awareness, pentesting22-May-2024
Top Network Hacking Techniques Familiar with Every Bug-Bounty Hunterhttps://medium.com/@logicTech/top-network-hacking-techniques-familiar-with-every-bug-bounty-hunter-a01d7319cadc?source=rss------bug_bounty-5LogicTechhacking, network-security, bug-bounty, bug-bounty-tips, bugs22-May-2024
Pentesting: AI: WEB 1 | Privilege Escalation Attack | Python Reverse Shell | Vulnerabilities | SQL…https://shamsulmehmood.medium.com/pentesting-ai-web-1-privilege-escalation-attack-python-reverse-shell-vulnerabilities-sql-7f9994a42ec1?source=rss------bug_bounty-5SHAMS UL MEHMOODai, cybersecurity, bugs, bug-bounty, ctf-writeup21-May-2024
Hackers Online Tools in 2024https://medium.com/@logicTech/hackers-online-tools-in-2024-da8f5aa232e5?source=rss------bug_bounty-5LogicTechosint, hackathons, bug-bounty, tools, hacking21-May-2024
Authentication Bypass due to Sensitive Data Exposure in Local Storagehttps://medium.com/@kritikasingh06/authentication-bypass-due-to-sensitive-data-exposure-in-local-storage-8a706c798800?source=rss------bug_bounty-5Kritika Singhvulnerability-assessment, webapplicationpentest, bug-bounty, penetration-testing, hacking21-May-2024
25.1 Lab: Web cache poisoning with an unkeyed headerhttps://cyberw1ng.medium.com/25-1-lab-web-cache-poisoning-with-an-unkeyed-header-177f24f0538e?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, penetration-testing, hacking, cybersecurity21-May-2024
Complex Attack Types: Sample Scenarios 7https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-7-9e7ad4454fe9?source=rss------bug_bounty-5Baris Dincerbug-bounty, cybersecurity, freedomofinternet, threat-intelligence, penetration-testing21-May-2024
Curiosity part #2 with $5000 bounty.https://medium.com/@nanwinata/curiosity-part-2-with-5000-bounty-025536feced7?source=rss------bug_bounty-5nanwncybersecurity, telnet, hackerone, bug-bounty, vulnerability21-May-2024
Next Generation Nuclei: Detecting SQLi with Logichttps://medium.com/@serhatcck/next-generation-nuclei-detecting-sqli-with-logic-05549c34885b?source=rss------bug_bounty-5Serhat ÇİÇEKhacking-tools, hacking, penetration-testing, application-security, bug-bounty21-May-2024
CSRF Leads to Delete Accounthttps://medium.com/@happyjester80/csrf-leads-to-delete-account-241f2cf8950b?source=rss------bug_bounty-5Happy Jesterandroid-pentesting, bug-bounty, android, hacking21-May-2024
How to find View Angles for Aimbots | Explainedhttps://medium.com/@yannik603/how-to-find-view-angles-for-aimbots-explained-f70c303a353c?source=rss------bug_bounty-5Yannik Castrogames, hacking-tools, bug-bounty, hacking, reverse-engineering21-May-2024
Working with a client, I came across a CSRF vulnerability in their existing web application.https://medium.com/@darkly_splendid/working-with-a-client-i-came-across-a-csrf-vulnerability-in-their-existing-web-application-6c256b74684d?source=rss------bug_bounty-5FF E4cybersecurity, csrf, bug-bounty20-May-2024
Bug Zero — This month in Cybersecurity [01–15 May]https://blog.bugzero.io/bug-zero-this-month-in-cybersecurity-01-15-may-354fd002d5e4?source=rss------bug_bounty-5Akila Maithripalabug-bounty, cybersecurity, sri-lanka, bug-zero20-May-2024
Open-Redirects Uncovered: Real-World Bypass Techniques Revealedhttps://systemweakness.com/open-redirects-uncovered-real-world-bypass-techniques-revealed-7b7422f02049?source=rss------bug_bounty-5David Eduardo Karpinskicybersecurity, hacking, web3, programming, bug-bounty20-May-2024
How I Hacked NASA Using Google Dork in Just 10 Minuteshttps://medium.com/@gaurish.main/how-i-hacked-nasa-using-google-dork-in-just-10-minutes-6ce3b3401512?source=rss------bug_bounty-5Gaurish Bahurupicybersecurity, penetration-testing, bug-bounty-tips, bug-bounty, bug-bounty-writeup20-May-2024
Bypassed the OTP verification process using “Turbo Intruder” Extension.https://xamiron.medium.com/bypassed-the-otp-verification-process-using-turbo-intruder-extension-2f56ac3d400d?source=rss------bug_bounty-5Sabuj Kumar Modakweb-app-pentesting, cybersecurity, bug-bounty, burpsuite-extension, penetration-testing20-May-2024
IDOR Explained: Discover It Through a Simple Story!https://medium.com/@1hehaq/idor-explained-discover-it-through-a-simple-story-ca4a018f6d4c?source=rss------bug_bounty-5haqidor, bug-bounty-tips, bug-bounty, idor-vulnerability20-May-2024
Your Account is Now Mine!https://medium.com/@karimelsayed0x1/your-account-is-now-mine-fd80ad56f868?source=rss------bug_bounty-5z3r0xkpentesting, bug-bounty, account-takeover, vulnerability20-May-2024
Reflected XSS Leading to Account Takeoverhttps://0onoproblem.medium.com/reflected-xss-leading-to-account-takeover-bea862cba885?source=rss------bug_bounty-50_oNoProblembug-bounty, xss-attack, cybersecurity, bug-bounty-writeup, vulnerability20-May-2024
Discovering a $5000 RCE via Dependency Confusion Vulnerabilityhttps://nvk0x.medium.com/discovering-a-5000-rce-via-dependency-confusion-vulnerability-6b0c08ecd5de?source=rss------bug_bounty-5Naveen kumawatbug-bounty, hacking, bug-bounty-tips, bug-bounty-writeup, supply-chain20-May-2024
Let’s Understand Price Oracle Manipulationhttps://securrtech.medium.com/lets-understand-price-oracle-manipulation-927ab725f131?source=rss------bug_bounty-5Securrbug-bounty, smart-contract-auditing, web3, blockchain, web3-security20-May-2024
How I Hacked NASA LDAP Serverhttps://medium.com/@maxcyber882/how-i-hacked-nasa-ldap-server-b7cbb8cd0eee?source=rss------bug_bounty-5Maxcyberbug-hunting, cybersecurity, penetration-testing, bug-bounty20-May-2024
How I found XSS from a medium articlehttps://medium.com/@jsamia/how-i-from-xss-from-a-medium-article-94d1b4e7e742?source=rss------bug_bounty-5Jaeden Samiainfosec, bug-bounty, ethical-hacking20-May-2024
How I got Hall of Fame in NASAhttps://medium.com/@Ajakcybersecurity/how-i-got-hall-of-fame-in-nasa-4d098c413f9e?source=rss------bug_bounty-5AjakCybersecurityhacking, penetration-testing, ethical-hacking, bug-bounty, cybersecurity20-May-2024
Walk-Through of Bepractical.tech lab #3https://medium.com/@ross.jubert/walk-through-of-bepractical-tech-lab-3-07079a7ad5c2?source=rss------bug_bounty-5Ross Jubertaccount-takeover, ethical-hacking, bug-bounty, bugbounty-writeup, account-takeover-attacks19-May-2024
Hacker101: Micro-CMS v1https://medium.com/@0xfxiii/hacker101-micro-cms-v1-982c61d24e3e?source=rss------bug_bounty-50xfhackerone, bug-bounty-tips, bug-bounty, hacking19-May-2024
Dependency Confusionhttps://deephunt3r.medium.com/dependency-confusion-4d675eb36e0f?source=rss------bug_bounty-5Rakeshbugbounty-writeup, bug-bounty19-May-2024
How I Found Multiple Vulnerabilities on Dutch Governmenthttps://medium.com/@neupanesindhu3/how-i-found-multiple-vulnerabilities-on-dutch-government-438059bcf88d?source=rss------bug_bounty-5sindhuneupanebug-bounty, swag, writeup, bug-hunting, infosec19-May-2024
How I Find Another Arbitrary File Upload Vulnerability and Bypass the Patch Twicehttps://medium.com/@zpbrent/how-i-find-another-arbitrary-file-upload-vulnerability-and-bypass-the-patch-twice-193eaaf0b8dc?source=rss------bug_bounty-5Peng Zhouwordpress-plugins, infosec, bug-bounty, wordpress, web-security19-May-2024
How I got an High IDOR + PII in few minutes. Bounty: €500https://medium.com/@ivoaabreu/how-i-got-an-high-idor-pii-in-few-minutes-bounty-500-88833b6e1807?source=rss------bug_bounty-5Ivoabreuidor, bug-bounty19-May-2024
JavaScript tools for BugBounty 2024https://medium.com/@logicTech/javascript-tools-for-bugbounty-2024-fc281111c7c0?source=rss------bug_bounty-5LogicTechtools-and-resources, osint, hacking, hacker, bug-bounty19-May-2024
VulnCon 2024 CTF — Internal Leakshttps://medium.com/@pphreak313/vulncon-2024-ctf-internal-leaks-0a7bf21bf96d?source=rss------bug_bounty-5Shlok Kctf-writeup, ctf, ctf-walkthrough, vulncon, bug-bounty19-May-2024
A basic Android Pentest Lab Setuphttps://medium.com/@majix_de/a-basic-android-pentest-lab-setup-e601c22c71ae?source=rss------bug_bounty-5Majixsetup-guide, android, pentest, bug-bounty, pentesting19-May-2024
22.5 Lab: JWT authentication bypass via jku header injectionhttps://cyberw1ng.medium.com/22-5-lab-jwt-authentication-bypass-via-jku-header-injection-1ec5032245b3?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, hacking, bug-bounty, careers19-May-2024
22.6 Lab: JWT authentication bypass via kid header path traversalhttps://cyberw1ng.medium.com/22-6-lab-jwt-authentication-bypass-via-kid-header-path-traversal-3f4392547f7d?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, hacking, careers19-May-2024
First bug on VDP programhttps://medium.com/@devMRT/first-bug-on-vdp-program-0f9e0baf43c7?source=rss------bug_bounty-5devMRTbug-bounty, bugbounty-writeup, bug-bounty-tips19-May-2024
HOW I HACKED INTO HARVARD UNIVERSITY’S DIGITAL INFRASTRUCTURE -Cycus Pectushttps://medium.com/@pectuscycus/how-i-hacked-into-harvard-universitys-digital-infrastructure-cycus-pectus-5d5e65e74a61?source=rss------bug_bounty-5Cycus Pectushacking, cybersecurity, bug-bounty-tips, ethical-hacking, bug-bounty18-May-2024
Mastering Network Scanning: Exploring Essential Nmap Commands (Part -2) :-https://medium.com/@shaikhwasim8120/mastering-network-scanning-exploring-essential-nmap-commands-part-2-9d24e2291fb6?source=rss------bug_bounty-5Wasim Shaikhcybersecurity, ethical-hacking, nmap-command, bug-bounty, penetration-testing18-May-2024
Mastering Network Scanning: Exploring Essential Nmap Commands :-https://medium.com/@shaikhwasim8120/mastering-network-scanning-exploring-essential-nmap-commands-3843f01e419e?source=rss------bug_bounty-5Wasim Shaikhcybersecurity, bug-bounty, nmap-command, penetration-testing, ethical-hacking18-May-2024
22.4 Lab: JWT authentication bypass via jwk header injectionhttps://cyberw1ng.medium.com/22-4-lab-jwt-authentication-bypass-via-jwk-header-injection-0bddcdbb2f31?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, hacking, cybersecurity, careers18-May-2024
Analyzing JavaScript Files To Find Bugshttps://rajput623929.medium.com/analyzing-javascript-files-to-find-bugs-2b7d67a52c4e?source=rss------bug_bounty-5Mr.Horbiobug-bounty, hacking, bug-bounty-tips, cybersecurity, ethical-hacking18-May-2024
Interesting .DS_Store finding worth $$$https://medium.com/@akrachliy/interesting-ds-store-finding-worth-6ee7cc46458d?source=rss------bug_bounty-5Yassine Akrachlibug-bounty, hacking, ethical-hacking, python, enumeration18-May-2024
Pay 0$, Get ∞ books!https://medium.com/@karimelsayed0x1/pay-0-get-books-0e093a5eb0de?source=rss------bug_bounty-5z3r0xkpenetration-testing, cybersecurity, bug-bounty, bussines-logic, vulnerability18-May-2024
Found Bug: Cross-Site Scripting (XSS) in Laravel Debug Mode !!https://medium.com/@p.ra.dee.p_0xx01/found-bug-cross-site-scripting-xss-in-laravel-debug-mode-a91939284541?source=rss------bug_bounty-5Professor0xx01bug-bounty, information-security, laravel-framework, xss-attack, web-security18-May-2024
My 6 Month bug hunting journey, what to expect.https://medium.com/@tom.sh/my-6-month-bug-hunting-journey-what-to-expect-be7532e187d4?source=rss------bug_bounty-5Tomopinion, bug-bounty, bpp, hacking18-May-2024
Top 50 Ports & Vulnerabilityhttps://medium.com/@logicTech/top-50-ports-vulnerability-572de4274305?source=rss------bug_bounty-5LogicTechbug-bounty, osint, networking, vulnerability, hacking18-May-2024
Broken Object Level Authorization — BOLA (ex crAPI)https://medium.com/@amaraltohami30/broken-object-level-authorization-bola-ex-crapi-e5a0d30eed2b?source=rss------bug_bounty-5Ammar Ahmedpentesting, api, cybersecurity, hacking, bug-bounty18-May-2024
How a Single Parameter Led to Two ATO Caseshttps://cametom006.medium.com/how-a-single-parameter-led-to-two-ato-cases-c3cf2f4d00c2?source=rss------bug_bounty-5Fahad Faisalbug-bounty, hackerone, bug-bounty-tips, twitter18-May-2024
CVE-2023–52424: The WiFi SSID Confusion Attack Explainedhttps://infosecwriteups.com/cve-2023-52424-the-wifi-ssid-confusion-attack-explained-26e43f5cff40?source=rss------bug_bounty-5ElNiakwifi, bug-bounty, technology, cybersecurity, penetration-testing17-May-2024
The Hacker’s Mind -Recon Mind maphttps://medium.com/@tamhacker1/the-hackers-mind-recon-mind-map-39d14e3750fb?source=rss------bug_bounty-5Tahir Mujawarbug-bounty-writeup, mindmap, ethical-hacking, bug-bounty, cybersecurity17-May-2024
Simple Tips for Bug Bounty Beginners: Finding PII Vulnerabilitieshttps://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-pii-vulnerabilities-3db5a7151dd4?source=rss------bug_bounty-5Anish Narayanbug-bounty-writeup, bug-bounty, bug-bounty-hunting, cybersecurity, bug-bounty-tips17-May-2024
How I found my first mistake Or why you shouldn’t overlook the obvious.https://medium.com/@nagavicyn2/how-i-found-my-first-mistake-or-why-you-shouldnt-overlook-the-obvious-1f1d443afa6b?source=rss------bug_bounty-5Jioninbug-bounty, wordpress, first-bug, pentesting, cve17-May-2024
22.3 Lab: JWT authentication bypass via weak signing keyhttps://cyberw1ng.medium.com/22-3-lab-jwt-authentication-bypass-via-weak-signing-key-f49138b16441?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, careers, cybersecurity17-May-2024
How to Know If Your Android Device Has Been Hacked and What to Do About Ithttps://rajput623929.medium.com/how-to-know-if-your-android-device-has-been-hacked-and-what-to-do-about-it-740ea5a18b9c?source=rss------bug_bounty-5Mr.Horbiohacking, phone-hacking, bug-bounty, cybersecurity, ethical-hacking17-May-2024
A Story of Zero-click complete Account Takeoverhttps://medium.com/@shravanisheshasai/a-story-of-zero-click-complete-account-takeover-650784c2d229?source=rss------bug_bounty-5Shravani_kbvulnerability, web-vulnerabilities, hacking, bug-bounty, ethical-hacking17-May-2024
Breaking Barriers: A Personal Journey Through the World of Bug Bounty Huntinghttps://medium.com/@un1tycyb3r/breaking-barriers-a-personal-journey-through-the-world-of-bug-bounty-hunting-a30331db12fa?source=rss------bug_bounty-5Un1tycyb3rbug-bounty16-May-2024
How to Create a Cloud Lab for Anonymous Bug Bounty Huntinghttps://medium.com/@paritoshblogs/how-to-create-a-cloud-lab-for-anonymous-bug-bounty-hunting-e80ed3a68d8c?source=rss------bug_bounty-5Paritoshcloud, hacking, ai, cybersecurity, bug-bounty16-May-2024
Discovery Worth $$$ in KYC Verification Feature : Bug Bountyhttps://medium.com/@srishavinkumar/unveiling-a-surprising-bug-in-kyc-verification-the-discovery-worth-a82f3282b033?source=rss------bug_bounty-5Sri Shavin Kumarbug-bounty-writeup, bug-bounty, infosec-write-ups, ethical-hacking, cybersecurity16-May-2024
Account takeover with a sad endinghttps://imwaiting18.medium.com/account-takeover-with-a-sad-ending-31ab82f09a5b?source=rss------bug_bounty-5imwaiting18bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips16-May-2024
Vulnerable WordPress April 2024 (Arasbaran)https://medium.com/@onhexgroup/vulnerable-wordpress-april-2024-arasbaran-e9ae2acb8898?source=rss------bug_bounty-5Onhexgroupwordpress, infosec, web-security, bug-bounty, nuclei-template16-May-2024
21.5 Lab: Stealing OAuth access tokens via an open redirect | 2024https://cyberw1ng.medium.com/21-5-lab-stealing-oauth-access-tokens-via-an-open-redirect-2024-88c3679cf0a3?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, penetration-testing, cybersecurity16-May-2024
Reflected XSS via Cache Poisoninghttps://medium.com/@majix_de/reflected-xss-via-cache-poisoning-5f57317b7c71?source=rss------bug_bounty-5Majixpenetration-testing, cache-poisoning, xs, bug-bounty, hacking16-May-2024
Reflected XSS to Account Takeoverhttps://medium.com/@majix_de/reflected-xss-to-account-takeover-0fc429be34e8?source=rss------bug_bounty-5Majixxs, account-takeover, bug-bounty, hacking, penetration-testing16-May-2024
How I got Critical IDOR in one of India’s Best Known Food Delivery Websitehttps://medium.com/@bajajkrrish11/how-i-got-critical-idor-in-one-of-indias-best-known-food-delivery-website-5349c521e44b?source=rss------bug_bounty-5Krrish Bajajbug-bounty-tips, bug-bounty-writeup, bug-bounty-program, bug-bounty, medium16-May-2024
How I Hacked One of These Big Companies (JS files analysis)https://l0da.medium.com/how-i-hacked-one-of-these-big-companies-js-files-analysis-7cf47372b642?source=rss------bug_bounty-5L0dabug-bounty, cybersecurity, hacking, penetration-testing, bug-bounty-tips16-May-2024
The Art of OSINT: Discovering Locations with Image Analysis and Aritifical Intelligence Toolshttps://medium.com/@enigma_/the-art-of-osint-discovering-locations-with-image-analysis-and-aritifical-intelligence-tools-820a4b74d426?source=rss------bug_bounty-5enigmahacking, osint, cybersecurity, bug-bounty, ai16-May-2024
How to execute a Proof of Concept (PoC) for any CVEshttps://medium.com/@CTRL2030/how-to-execute-a-proof-of-concept-poc-for-any-cves-e343cb528f2e?source=rss------bug_bounty-5CTRLsoc, penetration-testing, bug-bounty, cve, cybersecurity16-May-2024
Account takeover using Blind XSS?https://imwaiting18.medium.com/account-takeover-with-a-sad-ending-31ab82f09a5b?source=rss------bug_bounty-5imwaiting18bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips16-May-2024
Broken Access Control (IDOR) & Credential Leak at Legacy API Video Transcodehttps://medium.com/@blackarazi/broken-access-control-idor-credential-leak-at-legacy-api-video-transcode-9b5d729fb2d6?source=rss------bug_bounty-5Azhari Harahapbroken-access-control, api-security, application-security, bug-bounty, bug-bounty-writeup15-May-2024
CVE-2024–4761: Exploiting Chrome’s JavaScript Engine Highly Exploited (PoC presented)https://infosecwriteups.com/cve-2024-4761-exploiting-chromes-javascript-engine-highly-exploited-poc-presented-dcf9cab95c00?source=rss------bug_bounty-5ElNiakbug-bounty, google, penetration-testing, cybersecurity, javascript15-May-2024
How I Got My First Bounty: The Exciting Story of My Bug Bounty Breakthroughhttps://infosecwriteups.com/how-i-got-my-first-bounty-the-exciting-story-of-my-bug-bounty-breakthrough-d8391973ed41?source=rss------bug_bounty-5whit3ros3bug-bounty, graphql, bounty-program, hacking, bug-bounty-tips15-May-2024
Subdomain Takeover: What is It? How to Exploit? How to Find Them?https://medium.com/@dub-flow/subdomain-takeover-what-is-it-how-to-exploit-how-to-find-them-d2b6b82b155b?source=rss------bug_bounty-5Florian Walterbug-bounty, application-security, cybersecurity, penetration-testing, web-application-security15-May-2024
How I Was Able to Perform a Subdomain Takeover Attackhttps://medium.com/@karnrishabh25/subdomain-takeover-00d2c5599715?source=rss------bug_bounty-5Rishabh Karnbug-bounty, hacking, subdomain-takeover, bugs, attack15-May-2024
21.4 Lab: OAuth account hijacking via redirect_uri | 2024https://cyberw1ng.medium.com/21-4-lab-oauth-account-hijacking-via-redirect-uri-2024-4a8bfbb95d12?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, penetration-testing, bug-bounty, hacking15-May-2024
Multiple Business Logic Errors in APPLE music/TV allowing bypass of parental controlshttps://medium.com/@sam0-0/multiple-business-logic-errors-in-apple-music-tv-allowing-bypass-of-parental-controls-0d870d4870c5?source=rss------bug_bounty-5Samapple, infosec, bug-bounty15-May-2024
Gaining Control: How Response Manipulation Leads to Higher Privileges (PoC)https://medium.com/@mrmaulik191/gaining-control-how-response-manipulation-leads-to-higher-privileges-394bdf5f552b?source=rss------bug_bounty-5Mr.MGcybersecurity-research, cybersecurity, privilege-escalation, bug-hunting, bug-bounty15-May-2024
A Arte de Explorar SQL Injection: Uma abordagem profundahttps://medium.com/@davidkarpinski1/sql-injection-masterclass-d68f65cd71ae?source=rss------bug_bounty-5David Eduardo Karpinskibug-bounty, hacking, sql, mysql, sql-injection15-May-2024
5 bugs in one program $$$https://el-cezeri.medium.com/5-bugs-in-one-program-80b550c06a67?source=rss------bug_bounty-5Samet Yiğitödülavcılığı, bug-bounty-tips, bug-bounty15-May-2024
XSS via HTML Injection in Chatbothttps://medium.com/@nidishms1999/xss-via-html-injection-in-chatbot-a24c4f25dc92?source=rss------bug_bounty-5Nidish Nkvapt, cybersecurity, bug-bounty15-May-2024
Why I want to become a bug bounty hunterhttps://medium.com/@riccilovesdogs/why-i-want-to-become-a-bug-bounty-hunter-135e4f584af6?source=rss------bug_bounty-5Riccibug-bounty, coding, make-money-online15-May-2024
XSS via HTML Injection in Chatbothttps://medium.com/@nidishms1999/xss-via-html-injection-in-chatbot-a24c4f25dc92?source=rss------bug_bounty-5Nidish Nkvapt, cybersecurity, hacking, bug-bounty15-May-2024
Walk Through of Bepractical.tech lab #2https://medium.com/@ross.jubert/walk-through-of-bepractical-tech-lab-2-bef06b00ccfc?source=rss------bug_bounty-5Ross Jubertethical-hacking, cybersecurity, bug-bounty, red-team, ethical-hacking-training14-May-2024
XSS on TikTokhttps://19whoami19.medium.com/xss-on-tiktok-d2aa209c746d?source=rss------bug_bounty-5WHO AM I ?bug-bounty-tips, cross-site-scripting, cybersecurity, bug-bounty, xss-attack14-May-2024
An Email Authentication Bypass, But Marked as N/A in NASA domainhttps://medium.com/@Ajakcybersecurity/an-email-authentication-bypass-but-marked-as-n-a-in-nasa-domain-a47977aed8bd?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, penetration-testing, cybersecurity, hacking, bug-bounty14-May-2024
An easy way to find bugs: Enter wrong datahttps://systemweakness.com/an-easy-way-to-find-bugs-enter-wrong-data-0765ed4e9afd?source=rss------bug_bounty-5Nasrinaudit, web-app-security, pentesting, bug-bounty14-May-2024
21.3 Lab: SSRF via OpenID dynamic client registration | 2024https://cyberw1ng.medium.com/21-3-lab-ssrf-via-openid-dynamic-client-registration-2024-c9ffd445e438?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, careers, cybersecurity14-May-2024
JNDI Injection — The Complete Storyhttps://infosecwriteups.com/jndi-injection-the-complete-story-4c5bfbb3f6e1?source=rss------bug_bounty-5Pradeep Kumarjava, pentesting, bug-bounty, jndi, web-penetration-testing14-May-2024
Root user account takeover via SQL Injectionhttps://medium.com/@stopvvar/root-user-account-takeover-via-sql-injection-5c21a6091d4c?source=rss------bug_bounty-5SWsql-injection, hacking, bug-bounty, infose, sql-server13-May-2024
RCE Through Account Takeoverhttps://medium.com/@iamrajchavan/rce-through-account-takeover-10a938a241d9?source=rss------bug_bounty-5Rajdip Chavansecurity, vapt, bug-bounty, web-application-security13-May-2024
Root user account takeover via SQL Injectionhttps://infosecwriteups.com/root-user-account-takeover-via-sql-injection-5c21a6091d4c?source=rss------bug_bounty-5SWsql-injection, hacking, bug-bounty, infose, sql-server13-May-2024
Story of Hall of Fame in Red Hat Linuxhttps://medium.com/@hritombhattacharya029/story-of-hall-of-fame-in-red-hat-linux-e267b9f22d06?source=rss------bug_bounty-5Hritom Bhattacharyaredhat-linux, xss-vulnerability, bug-bounty, hall-of-fame, hacking13-May-2024
Unintended File Downloads in Remote Desktop Environments: A Security Vulnerabilityhttps://medium.com/@Wolverineisstillalive/unintended-file-downloads-in-remote-desktop-environments-a-security-vulnerability-04114297665a?source=rss------bug_bounty-5Sharkbug-bounty, cybersecurity, microsoft, red-team, pentesting13-May-2024
Week 1https://medium.com/@fulltimebughunter/week-1-bad3f3f9e214?source=rss------bug_bounty-5.bugs, bug-bounty-tips, infosec, bug-bounty, infosec-write-ups13-May-2024
21.2 Lab: Forced OAuth profile linking | 2024https://cyberw1ng.medium.com/21-2-lab-forced-oauth-profile-linking-2024-e625dcfc319b?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, penetration-testing, hacking, cybersecurity13-May-2024
$350 bounty: How I Got It | Broken linked Hijackedhttps://deepseng.medium.com/350-bounty-how-i-got-it-broken-linked-hijacked-3e72511e2571?source=rss------bug_bounty-5Deep SenGuptacybersecurity, bug-bounty, broken-link-hijacking13-May-2024
How To Find And Test S3 Buckets For Bug Bountyhttps://medium.com/@dante.falls/how-to-find-and-test-s3-buckets-for-bug-bounty-b91166f9b4e0?source=rss------bug_bounty-5Dante Fallsaws, amazon-web-services, bug-bounty, cybersecurity, cloud-services13-May-2024
Broken Access Control leads to Take Admin Rolehttps://0xebn-taimia.medium.com/broken-access-control-leads-to-take-admin-role-920e46d496b9?source=rss------bug_bounty-50xEbn-Taimiapenetration-testing, bug-bounty-tips, cybersecurity, bug-bounty, hunting13-May-2024
403 Jump: HTTP 403 Bypass toolhttps://medium.com/@anzeemashib/403-jump-http-403-bypass-tool-8b17204110d9?source=rss------bug_bounty-5Itsmeanzeemtools, bug-bounty, 403-forbidden, penetration-testing, cybersecurity13-May-2024
How I Found My First RCE !https://mchklt.medium.com/how-i-found-my-first-rce-f80073626fff?source=rss------bug_bounty-5ABDELKARIM MOUCHQUELITAapache, cyberattack, cybersecurity, bug-bounty, hacking13-May-2024
Hundreds of companies’ internal data exposed — Part 2: The FreshService misconfigurationhttps://infosecwriteups.com/hundreds-of-companies-internal-data-exposed-part-2-the-freshservice-misconfiguration-a9432c0b5dc8?source=rss------bug_bounty-5Mohammed Moiz Pashabug-bounty, security, hacking, vulnerability, ethical-hacking13-May-2024
$350 bounty: How I Got It | Broken linked Hijackedhttps://deepseng.medium.com/350-bounty-how-i-got-it-broken-linked-hijacked-31bfbc15ac0e?source=rss------bug_bounty-5Deep SenGuptabroken-link-hijacking, cybersecurity, bug-bounty, burpsuite13-May-2024
How I found a IDOR at Monitor Mozilla ?https://medium.com/@abnid312/how-i-found-a-idor-at-monitor-mozilla-313fc6c52f25?source=rss------bug_bounty-5ryujinxbug-bounty, bug-hunter, information-technology, info-sec-writeups, hackerone13-May-2024
ZoneTransfer — ./Hopehttps://ezecias.medium.com/zonetransfer-hope-6261d5c7ac0a?source=rss------bug_bounty-5Ezeciasbug-bounty-tips, tools, bug-bounty13-May-2024
How I Found My First RCE !https://mchklt.medium.com/how-i-found-my-first-rce-f80073626fff?source=rss------bug_bounty-5ABDELKARIM MOUCHQUELITAapache, cyberattack, cybersecurity, bug-bounty, hacking13-May-2024
A simple file upload bypass causing XSS attackhttps://medium.com/@xiaodongsec/a-simple-file-upload-bypass-causing-xss-attack-6cbbb4c42070?source=rss------bug_bounty-5Xiaodongxss-attack, bypass, vulnerability, bug-bounty, hacker12-May-2024
Read Code Like a Hacker With SASThttps://medium.com/@matejsmycka/read-code-like-a-hacker-with-sast-28dab6506e45?source=rss------bug_bounty-5Matejsmyckabug-bounty, static-code-analysis, testing, ethical-hacking, hacking12-May-2024
How I Found PII Disclosure of Users & PHPInfo() Page :: #NCIIPC #RVDPhttps://medium.com/@p.ra.dee.p_0xx01/how-i-found-pii-disclosure-of-users-phpinfo-page-nciipc-rvdp-58bec4ba27da?source=rss------bug_bounty-5Professor0xx01security, ethical-hacking, infosec, cybersecurity, bug-bounty12-May-2024
24.15 Lab: HTTP request smuggling, obfuscating the TE header | 2024https://cyberw1ng.medium.com/24-15-lab-http-request-smuggling-obfuscating-the-te-header-2024-efdbc0698848?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, cybersecurity, hacking, careers12-May-2024
Hacking more than 130 000 car worldwide in 5 minuteshttps://ahmadmansourr.medium.com/hacking-more-than-130-000-car-worldwide-in-5-minutes-766e76003c67?source=rss------bug_bounty-5Ahmad Mansourbug-bounty, bug-bounty-tips, cybersecurity, pentesting12-May-2024
16 Times Forced Browsing Leads to Authentication bypass [ 300$ Bounty ]https://medium.com/@jav333d/16-times-forced-browsing-leads-to-authentication-bypass-300-bounty-efc8bd52d310?source=rss------bug_bounty-5Javeed.skauthentication-bypass, bugs, ethical-hacking, bug-bounty-tips, bug-bounty12-May-2024
Breaking Down DOM-based XSS: A Practical Explorationhttps://medium.com/@osamaavvan/breaking-down-dom-based-xss-a-practical-exploration-929d44f10906?source=rss------bug_bounty-5Osama Avvanxss-attack, dom-xss, bug-bounty, cybersecurity, javascript11-May-2024
My LLM Bug Bounty Journey on Hugging Face Hub via Protect AIhttps://infosecwriteups.com/my-llm-bug-bounty-journey-on-hugging-face-hub-via-protect-ai-9f3a1bc72c2e?source=rss------bug_bounty-5Peng Zhouprotect-ai, hugging-face, bug-bounty, llm-security, ai-security11-May-2024
NMAP Command Optionshttps://medium.com/@sherlock297/nmap-command-options-114b7582b993?source=rss------bug_bounty-5Ravindra Dagalenmap, commands, information-security, bug-bounty, vulnerability11-May-2024
#2. Bug Bounty POC: Time-Based SQL Injection to Dump Databasehttps://cyb3rmind.medium.com/2-bug-bounty-poc-time-based-sql-injection-to-dump-database-f8cfa089f393?source=rss------bug_bounty-5Cyb3r M!ndssqli, hacking, pentesting, bug-bounty, sql-injection11-May-2024
24.14 Lab: HTTP request smuggling, basic TE.CL vulnerability | 2024https://cyberw1ng.medium.com/24-14-lab-http-request-smuggling-basic-te-cl-vulnerability-2024-f0159b2569d0?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, cybersecurity, bug-bounty11-May-2024
Exploiting Acunetix Vulnweb SQL Injectionhttps://medium.com/@davidkarpinski1/exploiting-acunetix-vulnweb-sql-injection-5fa5c24b2466?source=rss------bug_bounty-5David Eduardo Karpinskisql, hacking, mysql, bug-bounty, sql-injection11-May-2024
Unveiling an Account Takeover Vulnerability in a Leading Automobile Brandhttps://medium.com/@anekantsinghai/unveiling-an-account-takeover-vulnerability-in-a-leading-automobile-brand-aa41a4e94bfb?source=rss------bug_bounty-5Anekant Singhai Jaininfosec, hacking, bug-bounty, cybersecurity, bug-bounty-tips11-May-2024
دي روود ماب علشان تبدا web pentesthttps://medium.com/@akaramany3/%D8%AF%D9%8A-%D8%B1%D9%88%D9%88%D8%AF-%D9%85%D8%A7%D8%A8-%D8%B9%D9%84%D8%B4%D8%A7%D9%86-%D8%AA%D8%A8%D8%AF%D8%A7-web-pentest-91ea9560dbf6?source=rss------bug_bounty-509x99python, cybersecurity, bug-bounty, web-development, javascript11-May-2024
Mastering Subdomain Takeovershttps://tanishqshahsays.medium.com/mastering-subdomain-takeovers-c9a531fe5d3b?source=rss------bug_bounty-5Tanishq Sachin Shahbug-bounty, bugs, vulnerability, subdomain, cybersecurity11-May-2024
Linux Privilege Escalation — Capstone Challenge | TryHackMehttps://medium.com/@NoOne./linux-privilege-escalation-capstone-challenge-tryhackme-e69c798204bc?source=rss------bug_bounty-5Asim Anwarhacking, privilege-escalation, linux, bug-bounty, tryhackme11-May-2024
4 XSSs With A Simple & Optimized Payloadhttps://levelup.gitconnected.com/4-xsss-with-a-simple-optimized-payload-900753538e90?source=rss------bug_bounty-5Hamza Avvanethical-hacking, xss-uppercase-bypass, bug-bounty, xss-attack, cybersecurity11-May-2024
My Hunt: Discovering Microsoft Bugshttps://infosecwriteups.com/my-hunt-discovering-microsoft-bugs-f6a9c790bec0?source=rss------bug_bounty-5c0d3x27microsoft, hacking, bug-bounty, software-development, cybersecurity11-May-2024
Today I am going to walk through bepractical.techhttps://medium.com/@ross.jubert/today-i-am-going-to-walk-through-bepractical-tech-c15e1df8aa06?source=rss------bug_bounty-5Ross Jubertcybersecurity, bug-bounty, ethical-hacking, account-takeover, account-takeover-attacks11-May-2024
Exploiting Acunetix Vulnweb SQL Injectionhttps://systemweakness.com/exploiting-acunetix-vulnweb-sql-injection-5fa5c24b2466?source=rss------bug_bounty-5David Eduardo Karpinskisql, hacking, mysql, bug-bounty, sql-injection11-May-2024
IDOR and Missing Authorization leads to free contenthttps://medium.com/@enigma_/idor-and-missing-authorization-leads-to-free-content-b12037a887a0?source=rss------bug_bounty-5enigmacybersecurity, hacking, idor, oscp, bug-bounty10-May-2024
How I Discovered a CVE by Scanning Open Source Repositorieshttps://infosecwriteups.com/how-i-discovered-a-cve-by-scanning-open-source-repositories-a5922d21b797?source=rss------bug_bounty-5Scott Lindhbug-bounty, xss-attack, open-source, application-security, hacking10-May-2024
CSRF Bypass Combined with IDOR To Complete Account Takeover!https://medium.com/@ozomarzu/csrf-bypass-combined-with-idor-to-complete-account-takeover-f4995c5946d3?source=rss------bug_bounty-5CyberOzcybersecurity, idor, bug-bounty-writeup, bug-bounty-tips, bug-bounty10-May-2024
24.13 Lab: HTTP request smuggling, basic CL.TE vulnerability | 2024https://cyberw1ng.medium.com/24-13-lab-http-request-smuggling-basic-cl-te-vulnerability-2024-862e743cb078?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, bug-bounty, cybersecurity10-May-2024
A Strange Tale of Email Verification Bypasshttps://medium.com/@Arioex/a-strange-tale-of-email-verification-bypass-5eda231d14d8?source=rss------bug_bounty-5Huntsmanbug-bounty-writeup, cybersecurity, vulnerability, bug-bounty, hacking10-May-2024
Linux Privilege Escalation | TryHackMe — Part 2https://medium.com/@NoOne./linux-privilege-escalation-tryhackme-part-2-9a4cddba01ab?source=rss------bug_bounty-5Asim Anwarbug-bounty, tryhackme, linux, privilege-escalation, hacking10-May-2024
From Novice to Ninja: Unraveling Bug Bounty Beginnings through Cache Poisoninghttps://cametom006.medium.com/from-novice-to-ninja-unraveling-bug-bounty-beginnings-through-cache-poisoning-40de3f8fd211?source=rss------bug_bounty-5Fahad Faisalhackerone, bug-bounty, security, bug-bounty-tips10-May-2024
Database Info Disclose by Client-Side DOShttps://starlox.medium.com/database-info-disclose-by-client-side-dos-7fb25a26fae8?source=rss------bug_bounty-5#$ubh@nk@rdos-attack, infosec, hacking, bug-bounty10-May-2024
Inside the Life of a Full-Time Bug Hunter: Weekly Insights and Goalshttps://medium.com/@fulltimebughunter/inside-the-life-of-a-full-time-bug-hunter-weekly-insights-and-goals-6da07694fb0d?source=rss------bug_bounty-5.cybersecurity, bug-bounty, bug-bounty-tips, infosec, hacking09-May-2024
XSS | Here’s how I got my first bountyhttps://medium.com/@sM0ky4/xss-heres-how-i-got-my-first-bounty-4f64785fe6f8?source=rss------bug_bounty-5sM0ky4bug-bounty-writeup, bug-bounty, xss-vulnerability, xss-attack, first-post09-May-2024
idor affects all usershttps://medium.com/@mohamadfadelababede/how-are-you-my-friends-d60c44c29da0?source=rss------bug_bounty-5Mohamad Fade Lababedebug-bounty09-May-2024
24.12 Lab: CL.0 request smuggling | 2024https://cyberw1ng.medium.com/24-12-lab-cl-0-request-smuggling-2024-5b480979e285?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, cybersecurity, hacking09-May-2024
idor affects all usershttps://medium.com/@mohamadfadelababede/idor-affects-all-users-d3f3f12a11c2?source=rss------bug_bounty-5Mohamad Fade Lababedebug-bounty09-May-2024
HOW I FOUND MY FIRST BUGhttps://medium.com/@irenevenunye55/how-i-found-my-first-bug-7d66915a3fbb?source=rss------bug_bounty-5Irene Venunyebug-bounty, bug-bounty-hunting, bug-bounty-tips, bug-bounty-hunter, bug-bounty-program09-May-2024
Fingerprinting♨♨: Identifying Technologies Of Our Target.https://hacktivistattacker.medium.com/fingerprinting-identifying-technologies-of-our-target-d3b0c021da0f?source=rss------bug_bounty-5Hacktivist-Attackerfingerprinting, fingerprint-system, bug-bounty, penetration-test, reconnaissance09-May-2024
Linux Privilege Escalation | TryHackMe — Part 1https://medium.com/@NoOne./linux-privilege-escalation-tryhackme-part-1-f0ae442e6864?source=rss------bug_bounty-5Asim Anwarbug-bounty, hacking, tryhackme, privilege-escalation, linux09-May-2024
How I Found XSS In Another Govt. Site :: NCIIPC VDP !!https://medium.com/@p.ra.dee.p_0xx01/how-i-found-xss-in-another-govt-site-nciipc-vdp-84d78c0319c2?source=rss------bug_bounty-5Professor0xx01infosec, security, information-security, bug-bounty, security-research09-May-2024
An easy bounty using fuzzinghttps://medium.com/@xnum.1/an-easy-bounty-using-fuzzing-d602ad06f562?source=rss------bug_bounty-5Ahmed Tarekbug-bounty, hacking, penteration-testing, fuzzing, pentesting09-May-2024
Exploiting JWT Token Leads To IDORhttps://medium.com/@Ajakcybersecurity/exploiting-jwt-token-leads-to-idor-ec48cb8888bb?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, hacking, cybersecurity, ethical-hacking, bug-bounty09-May-2024
Simple bug on Indian government website | Govt. bug huntinghttps://medium.com/@sidharthpanda1/simple-bug-on-indian-government-website-govt-bug-hunting-0522af40a6ff?source=rss------bug_bounty-5SIDHARTH PANDAbug-bounty, government, indian, hacking, bug-bounty-tips08-May-2024
ETHICAL AND LEGAL ASPECTS OF BUG HUNTING: RESPONSIBLE DISCLOSURE, SCOPE, NDA AND OTHERShttps://medium.com/@Progsky/ethical-and-legal-aspects-of-bug-hunting-responsible-disclosure-scope-nda-and-others-4832b13a1622?source=rss------bug_bounty-5Progskydocumentation, bug-bounty, contracts, ethical-hacking08-May-2024
NCIIPC VDP Bug : Open Redirection Vulnerability In Govt. Site !!https://medium.com/@p.ra.dee.p_0xx01/nciipc-vdp-bug-open-redirection-vulnerability-in-govt-site-b048860f5d2d?source=rss------bug_bounty-5Professor0xx01bug-bounty, security, vulnerability, information-security, infosec08-May-2024
Revealing a Critical Vulnerability: The Price Manipulation Flawhttps://medium.com/@pawarpushpak36/revealing-a-critical-vulnerability-the-price-manipulation-flaw-cfd640cacf46?source=rss------bug_bounty-5Pawarpushpakpenetration-testing, info-sec-writeups, pentesting, bug-zero, bug-bounty08-May-2024
Unlocking Bug Bounties: Your Comprehensive Guide to Getting Startedhttps://medium.com/@sachin.hack/unlocking-bug-bounties-your-comprehensive-guide-to-getting-started-427a51d7e875?source=rss------bug_bounty-5Sachin Kumarfor-beginners, bug-bounty-tips, bug-bounty, cybersecurity, begineers08-May-2024
24.11 Lab: HTTP/2 request splitting via CRLF injection |2024https://cyberw1ng.medium.com/24-11-lab-http-2-request-splitting-via-crlf-injection-2024-ddb2adaf0cce?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, hacking, careers, penetration-testing08-May-2024
Hack Any Browser With One Linkhttps://medium.com/@vishalchaudharydevsec/hack-any-browser-with-one-link-8d890b804627?source=rss------bug_bounty-5Vishal Chaudharysecurity, hacking, cybersecurity, beef, bug-bounty08-May-2024
Exposed Key In Page Source Led To Bypass Captchahttps://medium.com/@mohanad.hussam23/exposed-key-in-page-source-led-to-bypass-captcha-add64f8d133b?source=rss------bug_bounty-5Muhanad Israiwihacking, captcha, bug-bounty, bugs, penetration-testing08-May-2024
Writing your First Nuclei Templatehttps://medium.com/@technolifts/writing-your-first-nuclei-template-f88575635ea8?source=rss------bug_bounty-5TechnoLiftsnucleus, nuclei-template, cybersecurity, offensive-security, bug-bounty08-May-2024
XSS vulnerability caused by modifying the Content-Typehttps://medium.com/@xiaodongsec/xss-vulnerability-caused-by-modifying-the-content-type-5118e2d02286?source=rss------bug_bounty-5Xiaodongvulnerability, xss-attack, money, bug-bounty, hacker08-May-2024
Modify the request path to bypass upload restrictions, leading to an XSS vulnerability.https://medium.com/@xiaodongsec/modify-the-request-path-to-bypass-upload-restrictions-leading-to-an-xss-vulnerability-0610a893ff1a?source=rss------bug_bounty-5Xiaodongmoney, hacker, vulnerability, bug-bounty, xss-attack08-May-2024
An easily accomplished account takeoverhttps://medium.com/@xiaodongsec/an-easily-accomplished-account-takeover-cc2fd1c287ec?source=rss------bug_bounty-5Xiaodongbug-bounty, hacker, china, money, vulnerability07-May-2024
Title: Understanding Vertical Privilege Escalation in Cybersecurityhttps://alvinbijo.medium.com/title-understanding-vertical-privilege-escalation-in-cybersecurity-2a12c42f8d83?source=rss------bug_bounty-5Alvin bijobug-bounty07-May-2024
24.10 Lab: HTTP/2 request smuggling via CRLF injection | 2024https://cyberw1ng.medium.com/24-10-lab-http-2-request-smuggling-via-crlf-injection-2024-8970aa222b46?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, bug-bounty, penetration-testing, careers07-May-2024
Securitydegen.com Feature Update!https://medium.com/@bugbountydegen/securitydegen-com-feature-update-d0bda8b236c0?source=rss------bug_bounty-5Bug Bounty Degenvulnerability, web3, blockchain-security-audit, bug-bounty, smart-contracts07-May-2024
A Thrilling Dive into Cloud Penetration Testinghttps://adipsharif.medium.com/a-thrilling-dive-into-cloud-penetration-testing-fc88855f7f15?source=rss------bug_bounty-5ADIPbug-bounty, information-security, cloud, info-sec-writeups, penetration-testing07-May-2024
Threat Modeling for OAuth 2.0 Authorization Frameworkhttps://medium.com/@jayeshkunwal/threat-modeling-for-oauth-2-0-authorization-framework-fcab66226fd7?source=rss------bug_bounty-5Jayesh kunwalthreat-modeling, bug-bounty, oauth, cybersecurity, vapt07-May-2024
How I got $250 for IDOR via Business Logic Errorhttps://medium.com/@aryamanav.028/how-i-got-250-for-idor-via-business-logic-error-f3ba502baa5e?source=rss------bug_bounty-5Manav Aryacybersecurity, information-security, vulnerability, bug-bounty, bugcrowd07-May-2024
Athena TryHackMe Walkthroughhttps://medium.com/@boogsta/athena-tryhackme-walkthrough-58eb432f0daa?source=rss------bug_bounty-5Boogstacybersecurity, bug-bounty, hacking, tryhackme, cyber07-May-2024
A Comprehensive Review of the Guided Hacking Forumhttps://medium.com/@yannik603/a-comprehensive-review-of-the-guided-hacking-forum-918231ab4f68?source=rss------bug_bounty-5Yannik Castroreverse-engineering, bug-bounty, games, ctf, hacking07-May-2024
IDN Bootcamp Bug Bounty : Langkah awal Menjadi Bug Hunterhttps://medium.com/@cornelius.yuli.r/idn-bootcamp-bug-bounty-langkah-awal-menjadi-bug-hunter-a1fce0850681?source=rss------bug_bounty-5Corneliusidn-bootcamp, bug-bounty06-May-2024
Crypto bounty program got me $500 — Rate Limit Bypasshttps://mo9khu93r.medium.com/crypto-bounty-program-got-me-500-rate-limit-bypass-d573f7b7d390?source=rss------bug_bounty-5mo9khu93rcryptocurrency, security, hacking, web3, bug-bounty06-May-2024
IDN Bootcamp Bug Bounty : Langkah awal Menjadi Bug Hunterhttps://cornelius-y.medium.com/idn-bootcamp-bug-bounty-langkah-awal-menjadi-bug-hunter-a1fce0850681?source=rss------bug_bounty-5Cornelius Yuliidn-bootcamp, bug-bounty06-May-2024
Bounty Beginnings: My First Bug Discoveryhttps://cyberojas.medium.com/bounty-beginnings-my-first-bug-discovery-c4fea0b0c5c3?source=rss------bug_bounty-5cyberOjasbug-bounty, vulnerability, bugcrowd06-May-2024
Web3 Bug Bounty V/S Smart Contract Auditinghttps://securrtech.medium.com/web3-bug-bounty-v-s-smart-contract-auditing-94207960469d?source=rss------bug_bounty-5Securrblockchain, smart-contract-auditing, bug-bounty, web3, web3-security06-May-2024
alasan ingin belajar bug bounty IDN bootcamphttps://medium.com/@ilhamsabana100/alasan-ingin-belajar-bug-bounty-idn-bootcamp-abf359e6a628?source=rss------bug_bounty-5Ilhamsabanabug-bounty06-May-2024
Blog mengenai saya sebagai syarat Bug Bounty IDN Bootcamphttps://medium.com/@081335097475a/blog-mengenai-saya-sebagai-syarat-bug-bounty-idn-bootcamp-ba3a6d8cdf36?source=rss------bug_bounty-5Mohamad Fachry Alicybersecurity, bug-bounty06-May-2024
Pengalaman saya dibidang CyberSecurityhttps://medium.com/@ahmadfauzyhafidz/pengalaman-saya-dibidang-cybersecurity-6919e17302d8?source=rss------bug_bounty-5Ahmad Fauzy Hafidzcoding, cybersecurity, bug-bounty, capture-the-flag06-May-2024
My Journey to Become a Bug Hunters | Bug Bounty IDN Bootcamphttps://wahyukiddies.medium.com/my-journey-to-become-a-bug-hunters-bug-bounty-idn-bootcamp-9cc04860c874?source=rss------bug_bounty-5Wahyu Priambodotechnology, bug-bounty, experience, cybersecurity, bootcamp06-May-2024
Bug bounty IDN Bootcamp: Perjalanan menjadi pentester dan bug hunterhttps://medium.com/@rizkiarifsaifudin/bug-bounty-idn-bootcamp-perjalanan-menjadi-pentester-dan-bug-hunter-bf4eee8b64f5?source=rss------bug_bounty-5Rizki Arif Saifudinprogramming, bug-bounty, linux, cybersecurity06-May-2024
Pengalaman Menemukan Celah Keamanan (Bug) Pada Sebuah Website (Prelude Bug Bounty IDN Bootcamp)https://medium.com/@nugrohoandyreza/pengalaman-menemukan-celah-keamanan-bug-pada-sebuah-website-prelude-bug-bounty-idn-bootcamp-7c4d6ad2af1f?source=rss------bug_bounty-5Andy R. Nugrohobug-bounty06-May-2024
Guide To Subdomain Takeovers: DNS Resolutions:-Vertical Recon.https://hacktivistattacker.medium.com/dns-resolutions-guide-to-subdomain-takeovers-vertical-recon-9da92433e973?source=rss------bug_bounty-5Hacktivist-Attackerreconnaissance, subdomain-takeover, penetration-testing, subdomain, bug-bounty06-May-2024
Network Infrastructure Reconhttps://medium.com/@davidkarpinski1/network-infrastructure-recon-3d5741eec73b?source=rss------bug_bounty-5David Eduardo Karpinskidns, hacking, networking, cybersecurity, bug-bounty06-May-2024
BugBountyTraining Lab: FastFoodHackings Part 1https://hoppp3r.medium.com/bugbountytraining-lab-fastfoodhackings-part-1-39a7b06fdef9?source=rss------bug_bounty-5Hoppp3rbug-bounty-writeup, bugbountytraining, fastfoodhackings, bug-bounty, bug-bounty-labs05-May-2024
Bug Bounty IDN Bootcamphttps://medium.com/@nurdin8/bug-bounty-idn-bootcamp-dffeeba84854?source=rss------bug_bounty-5Senudin Nurdinbug-bounty05-May-2024
‍ Hack Like a Pro: Precon’s Simple Subdomain Secretshttps://medium.com/@tamhacker1/hack-like-a-pro-precons-simple-subdomain-secrets-a87e5b741b0b?source=rss------bug_bounty-5Tamhackerethical-hacking, bug-bounty, hacker, hacking, cybersecurity05-May-2024
Exposing Information Of All Users “Email,Mobile Number ..etc”https://medium.com/@dr4040x00/exposing-information-of-all-users-email-mobile-number-etc-697c328e0584?source=rss------bug_bounty-5Dr404information-disclosure, web-pen-testing, bug-bounty, bug-bounty-tips05-May-2024
24.9 Lab: H2.CL request smuggling | 2024https://cyberw1ng.medium.com/24-9-lab-h2-cl-request-smuggling-2024-792b86db2c2a?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, penetration-testing, cybersecurity, hacking05-May-2024
An Impactful ‘No Rate Limiting’ Bughttps://medium.com/@duncanochieng682/an-impactful-no-rate-limiting-bug-29eb5158fd14?source=rss------bug_bounty-5JateloCybersecethical-hacking, web-app-security, bug-bounty, pentesting, bugs05-May-2024
Information gathering with OSINThttps://medium.com/@davidkarpinski1/information-gathering-with-osint-3b8af60a194d?source=rss------bug_bounty-5David Eduardo Karpinskihacking, osint, bug-bounty, cybersecurity, pentesting05-May-2024
JS-Snooper: Get More Bounty With Easy Bugshttps://aravind07.medium.com/js-snooper-get-more-bounty-with-easy-bugs-9d7b410f070e?source=rss------bug_bounty-5Gnana Aravind Kcybersecurity, infosec, bug-bounty, bug-bounty-tips, hacking05-May-2024
Proxying Web Traffic Via SSHhttps://medium.com/@mu.gl/proxying-web-traffic-via-ssh-f3cf09c35d46?source=rss------bug_bounty-5Mark El-Khourybug-bounty, ssh, pentesting, cybersecurity, infosec04-May-2024
LEARNING THE BUG BOUNTY PROGRAMhttps://medium.com/@basithrazaky/learning-the-bug-bounty-program-ffdfc54b3dee?source=rss------bug_bounty-5Ramadhani Basith Razakycapture-the-flag, bug-bounty, cybersecurity, linux, networking04-May-2024
24.8 Lab: Response queue poisoning via H2.TE request smuggling | 2024https://cyberw1ng.medium.com/24-8-lab-response-queue-poisoning-via-h2-te-request-smuggling-2024-33bdb4b56b0b?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, hacking, bug-bounty04-May-2024
# Certifcateshttps://medium.com/@scumdestroy/certifcates-f51eace48a7e?source=rss------bug_bounty-5penetration-testing, bug-bounty, recon, hacking, reconnaissance04-May-2024
Get Your First Award by Joining IDN Bootcamp Bug Bountyhttps://medium.com/@oktaa_/get-your-first-award-by-joining-idn-bootcamp-bug-bounty-7dd927ebe6b3?source=rss------bug_bounty-5oktabug-bounty, linux, network, penetration-testing, hacker04-May-2024
Alasan Kenapa Ingin Mengikuti “Bootcamp Bug Bounty IDN”https://medium.com/@naurayaffakamila/alasan-kenapa-ingin-mengikuti-bootcamp-bug-bounty-idn-2d4a5889518c?source=rss------bug_bounty-5Naursyy_bug-bounty, technology, cybersecurity04-May-2024
LEARNING BUG BOUNTY IDN BOOTCAMPhttps://medium.com/@basithrazaky/learning-the-bug-bounty-program-ffdfc54b3dee?source=rss------bug_bounty-5Ramadhani Basith Razakycapture-the-flag, bug-bounty, cybersecurity, linux, networking04-May-2024
24.7 Lab: Exploiting HTTP request smuggling to deliver reflected XSS | 2024https://cyberw1ng.medium.com/24-7-lab-exploiting-http-request-smuggling-to-deliver-reflected-xss-2024-334de5c0d400?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, cybersecurity, careers, hacking03-May-2024
Empire Breakout Vulnhub: WriteUp | Walkthrough | VulnHub CTF | Privilege Escalation Attack | Python…https://shamsulmehmood.medium.com/empire-breakout-vulnhub-writeup-walkthrough-vulnhub-ctf-privilege-escalation-attack-python-235087d3db54?source=rss------bug_bounty-5SHAMS UL MEHMOODcybersecurity, information-security, cyberattack, infosec, bug-bounty03-May-2024
Unleashing the Ethical Hacker Within: Cybersecurity Insights, Bug Bounty Tips, and the Art of…https://kd-200.medium.com/unleashing-the-ethical-hacker-within-cybersecurity-insights-bug-bounty-tips-and-the-art-of-2ebdb65a9ff3?source=rss------bug_bounty-5Nitin yadavtech, infosec, technology, bug-bounty, cybersecurity03-May-2024
3 easiest bugs that you can find right now [guarantied]https://medium.com/@deadoverflow/3-easiest-bugs-that-you-can-find-right-now-guarantied-71ef89efd1a7?source=rss------bug_bounty-5Imad Husanoviccybersecurity, hacking, bug-bounty-tips, programming, bug-bounty03-May-2024
Why and how to hide usernames on your WordPresss.https://medium.com/@izmir.suat/why-and-how-to-hide-usernames-on-your-wordpresss-b01320642838?source=rss------bug_bounty-5Izmir Suatwordpress, bug-bounty, information-security, pentest03-May-2024
XSS leads to HALL OF FAME on a French websitehttps://medium.com/@KaranMoudgil/xss-leads-to-hall-of-fame-on-a-french-website-95bd3a96ad24?source=rss------bug_bounty-5Karan Moudgilbug-bounty03-May-2024
Alasan saya ingin megikuti Bug Bounty IDN Bootcamphttps://wildan14ar.medium.com/alasan-saya-ingin-megikuti-bug-bounty-idn-bootcamp-339aa385b45b?source=rss------bug_bounty-5WILDAN ABDURRASYIDbootcamp, bug-bounty, idn, cybersecurity, sytem03-May-2024
How I bypassed OTP in unexpected wayhttps://medium.com/@ckachhadiya007/how-i-bypassed-otp-in-unexpected-way-2d4b478db512?source=rss------bug_bounty-5DEephacking, bug-bounty, red-team, cybersecurity, vulnerability03-May-2024
Real World GitLab Account Take Overhttps://medium.com/@red.whisperer/real-world-gitlab-account-take-over-b2e9896a1835?source=rss------bug_bounty-5Chuxhacking, cybersecurity, infosec, red-team, bug-bounty03-May-2024
IDOR lead to PII Disclosurehttps://medium.com/@karimelsayed0x1/idor-lead-to-pii-disclosure-121502394277?source=rss------bug_bounty-5z3r0xkidor, bug-bounty, web-security03-May-2024
How I Bypassed Rate limiting To Account Takeoverhttps://medium.com/@Ajakcybersecurity/how-i-bypassed-rate-limiting-to-account-takeover-1df722a527d5?source=rss------bug_bounty-5AjakCybersecurityhacking, cybersecurity, penetration-testing, bug-bounty, ethical-hacking03-May-2024
DNS Resolutions: Identifying Live Targets : Vertical RECON.https://hacktivistattacker.medium.com/dns-resolutions-identifying-live-targets-vertical-recon-2a2aed49bd6b?source=rss------bug_bounty-5Hacktivist-Attackerpenetration-testing, reconnaissance, bug-bounty, education, résolutions03-May-2024
what is RCE-[Remote code Execution]❓https://medium.com/@mmdesvand1386/what-is-rce-remote-code-execution-fee04264fe30?source=rss------bug_bounty-5mamadbug-bounty, website, security, cyber-security-website, social-security-website03-May-2024
Sql İnjection Nedir &Karşılaştığım Vakahttps://medium.com/@akostak/sql-i%CC%87njection-nedir-kar%C5%9F%C4%B1la%C5%9Ft%C4%B1%C4%9F%C4%B1m-vaka-708b17f5da9d?source=rss------bug_bounty-5Alibug-bounty-tips, bug-bounty, sql-injection, vulnerability, bugs03-May-2024
Bug Bounty IDhttps://medium.com/@nurdin8/bug-bounty-id-33c529b2cd1a?source=rss------bug_bounty-5Senudin Nurdinfree-course, linux, network, cyberse, bug-bounty02-May-2024
24.6 Lab: Exploiting HTTP request smuggling to capture other users requests | 2024https://cyberw1ng.medium.com/24-6-lab-exploiting-http-request-smuggling-to-capture-other-users-requests-2024-fd10d3b638bc?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, penetration-testing, careers02-May-2024
Langkah Awal Menuju Bug Bounty IDN BootCamphttps://medium.com/@caomaysss/langkah-awal-menuju-bug-bounty-idn-bootcamp-42bcc61ba7ef?source=rss------bug_bounty-5Caomaybug-bounty, xiaocaomay, idn, idn-network02-May-2024
Become a Bug Bounty hunter: Unveiling the Secrets to Success!https://adipsharif.medium.com/become-a-bug-bounty-hunter-unveiling-the-secrets-to-success-90dfab4c2832?source=rss------bug_bounty-5ADIPinfosec, bug-bounty-tips, info-sec-writeups, penetration-testing, bug-bounty02-May-2024
Google VRP Targets by Tierhttps://uprootsecurity.medium.com/google-vrp-targets-by-tier-c0679c27e545?source=rss------bug_bounty-5UprootSecurityinfosec, pentest, bug-bounty, cybersecurity, vapt02-May-2024
Alasan ingin belajar pada Bug Bounty IDN Bootcamphttps://medium.com/@putrantosurya38/alasan-ingin-belajar-bug-bounty-9f33d7d75161?source=rss------bug_bounty-5Putranto Suryacybersecurity, bug-bounty, bug-bounty-idn-bootcamp02-May-2024
How I Gained Account Access: Exploring the Risks of Password Reset Links in Cybersecurityhttps://kd-200.medium.com/how-i-gained-account-access-exploring-the-risks-of-password-reset-links-in-cybersecurity-5811e914c289?source=rss------bug_bounty-5Nitin yadavcybersecurity, bug-bounty, hacking, hackerone, technology02-May-2024
Mengapa bug bounty?https://medium.com/@rayyaramburambani11/mengapa-bug-bounty-0f77b824cc6c?source=rss------bug_bounty-5rayyanewbie, roboti̇k, bug-bounty-idn-bootcamp, bug-bounty02-May-2024
How i got admin panel without opening the targethttps://thesafdari.medium.com/how-i-got-admin-panel-without-opening-the-target-8ca4a2c219be?source=rss------bug_bounty-5Milad Safdari (TheSafdari)github, hacking, github-secret, bug-bounty, cybersecurity02-May-2024
Diving into the Depths: Unveiling Bug Bounty Adventures and Insights into Linux, Programming, and…https://medium.com/@mansorihack/diving-into-the-depths-unveiling-bug-bounty-adventures-and-insights-into-linux-programming-and-952cc8957dc0?source=rss------bug_bounty-5Mansorihacklinux, bug-bounty, pentesting02-May-2024
Bug Bounty IDN Bootcamp | By Ekyhttps://medium.com/@muhr6128/bug-bounty-idn-bootcamp-by-eky-7a65bc3f6844?source=rss------bug_bounty-5personcybersecurity, ethical-hacking, ctf, bug-bounty02-May-2024
Complex Attack Types: Sample Scenarios 3https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-3-bcd472d684cf?source=rss------bug_bounty-5Baris Dincercybersecurity, threat-intelligence, bug-bounty, penetration-testing, freedomofinternet02-May-2024
Real-World Example of Race Condition Exploits “adding Money”https://medium.com/@dr4040x00/real-world-example-of-race-condition-exploits-adding-money-c8fe62964067?source=rss------bug_bounty-5Dr404race-condition, web-penetration-testing, vulnerability, bug-bounty02-May-2024
#01: Path traversalhttps://medium.com/@karimelsayed0x1/01-path-traversal-0c52daffd26e?source=rss------bug_bounty-5z3r0xksource-code-review, path-traversal, web-security, nodejs, bug-bounty02-May-2024
My Journey to the Nokia Security Hall of Famehttps://mufazmi.medium.com/my-journey-to-the-nokia-security-hall-of-fame-4e9cf4d8b5e9?source=rss------bug_bounty-5Umair Farooquihof, bug-bounty, mufazmi, nokia-hall-of-fame, umair-farooqui01-May-2024
Harnessing the Power of Crowd-Sourced Securityhttps://medium.com/@paritoshblogs/harnessing-the-power-of-crowd-sourced-security-1326641d81b7?source=rss------bug_bounty-5Paritoshcybersecurity, information-technology, information-security, cloud-computing, bug-bounty01-May-2024
My First Verified Bug Bounty: Unmasking Flaws in University Web Appshttps://medium.com/@rafisyafrinaldi17/my-first-verified-bug-bounty-unmasking-flaws-in-university-web-apps-6c6b5fb1e8da?source=rss------bug_bounty-5Impeony | Rafivulnerability-assessment, cybersecurity, bug-bounty-writeup, bug-bounty01-May-2024
How I Bypass CSP that allow a iframe injection in a chat bot + HTML injection on emailshttps://medium.com/@jeetpal2007/how-i-bypass-csp-that-allow-a-iframe-injection-in-a-chat-bot-html-injection-on-emails-9d588aeef4c3?source=rss------bug_bounty-5JEETPALbug-bounty, htmli, bug-bounty-writeup, chatbotbugs, bug-bounty-tips01-May-2024
€150 Bounty: Chaining Vulns to fully Exploit CORS Misconfigurationhttps://r4v3n0r.medium.com/150-bounty-chaining-vulns-to-fully-exploit-cors-misconfiguration-521a0cd97316?source=rss------bug_bounty-5Fabian Cruzinformation-security, bug-bounty, infrastructure-security, cybersecurity, penetration-testing01-May-2024
How can I bypass the limit on the number of team membershttps://medium.com/@xiaodongsec/how-can-i-bypass-the-limit-on-the-number-of-team-members-c3dd56d265a0?source=rss------bug_bounty-5Xiaodongchina, vulnerability, money, bug-bounty, hacker01-May-2024
€400 Bounty: Unveiling a More Impactful CORS Misconfiguration Exploithttps://r4v3n0r.medium.com/400-bounty-unveiling-a-more-impactful-cors-misconfiguration-exploit-6db0a1b39bdc?source=rss------bug_bounty-5Fabian Cruzweb-security, bug-bounty, information-security, penetration-testing, cybersecurity01-May-2024
FortiClient Android Apphttps://medium.com/@3ed0x92/forticlient-android-app-958f942cb5b7?source=rss------bug_bounty-5Mohamed Eid Wahbybug-bounty, mobile-pentest, mobile-pentesting, penetration-testing, bug-bounty-tips01-May-2024
Partnering with fewerClicks- To Provide Robust Web3 Securityhttps://securrtech.medium.com/partnering-with-fewerclicks-to-provide-robust-web3-security-007328375783?source=rss------bug_bounty-5Securrsmart-contract-auditing, bug-bounty, pentesting, web301-May-2024
1500$ bounty: how unprotected directory leaked sensitive infohttps://medium.com/@aa.pietruczuk/1500-bounty-how-unprotected-directory-leaked-sensitive-info-929b55515232?source=rss------bug_bounty-5Agnieszka Pietruczukpentesting, bug-bounty01-May-2024
Exposed Secrets: The Peril of Broken Access Controlhttps://kd-200.medium.com/exposed-secrets-the-peril-of-broken-access-control-928223c62547?source=rss------bug_bounty-5Nitin yadavcybersecurity, bug-bounty, technology, hacking, penetration-testing01-May-2024
BBRADAR: A WEB TOOL TO FIND THE LATEST BUG BOUNTY PROGRAMShttps://medium.com/@Progsky/bbradar-a-web-tool-to-find-the-latest-bug-bounty-programs-833ba632f7a6?source=rss------bug_bounty-5Progskyweb-hacking, web-security, bug-bounty01-May-2024
I sent 1,000,000 Requests to a serverhttps://imwaiting18.medium.com/i-sent-1-000-000-requests-to-a-server-dcb6b41d5d7f?source=rss------bug_bounty-5imwaiting18 (Virang Rajyaguru)hacking, cybersecurity, bug-bounty, ethical-hacking01-May-2024
AWS S3 Bucket Misconfiguration Exposes PII and Documents of Job Seekershttps://infosecwriteups.com/aws-s3-bucket-misconfiguration-exposes-pii-and-documents-of-job-seekers-7b1332b0ecf1?source=rss------bug_bounty-5brutexploitercybersecurity, cloud, india, information-security, bug-bounty01-May-2024
Learning Offensive Cybersecurity — Day 2https://medium.com/@n4rkwh4l/learning-offensive-cybersecurity-day-2-73a682ba1e4d?source=rss------bug_bounty-5N4RKWH4Loffensive-security, cybersecurity, bug-bounty, learning, tech01-May-2024
Billions Bug Bounty Programhttps://billionsquest.medium.com/billions-bug-bounty-program-c86689b4fb29?source=rss------bug_bounty-5Billions Questbug-bounty-tips, bug-bounty, bug-bounty-hunter, bugs01-May-2024
Binary Exploitation: PicoCTF clutter-overflow challenge walk throughhttps://medium.com/@boogsta/binary-exploitation-picoctf-clutter-overflow-challenge-walk-through-80e2f775102c?source=rss------bug_bounty-5Boogstabug-bounty, hacking, hackathons, cyber, cybersecurity01-May-2024
1,000,000 requests 2FA bypasshttps://imwaiting18.medium.com/i-sent-1-000-000-requests-to-a-server-dcb6b41d5d7f?source=rss------bug_bounty-5imwaiting18 (Virang Rajyaguru)hacking, cybersecurity, bug-bounty, ethical-hacking01-May-2024
Javascript code inside HTMLhttps://medium.com/@thewhiteside2000/javascript-code-inside-html-389a71060bf0?source=rss------bug_bounty-5Thewhitesidebugs, bug-bounty-tips, bug-bounty01-May-2024
How OSINT Helped Me To Find User Credentials And Discover An OTP Bypasshttps://medium.com/@mohammed0x04/how-osint-helped-me-to-find-user-credentials-and-discover-an-otp-bypass-afb6b9e23b45?source=rss------bug_bounty-5Mohammed Waleedrecon, osint, bug-bounty-tips, cybersecurity, bug-bounty30-Apr-2024
Bypassing SSL Pinning with Frida and Objection in Mobile Applicationshttps://medium.com/@ria.banerjee005/bypassing-ssl-pinning-with-frida-and-objection-in-mobile-applications-0b42a778b0f2?source=rss------bug_bounty-5Ria Banerjeebug-bounty, cybersecurity, ssl-pinning, mobile-security, mobile-app-testing30-Apr-2024
Another ATO, will I get paid this time?https://imwaiting18.medium.com/another-ato-will-i-get-paid-this-time-ba86ed272f3e?source=rss------bug_bounty-5imwaiting18 (Virang Rajyaguru)hacking, ethical-hacking, security, bug-bounty, cyber-security-awareness30-Apr-2024
Useful GoogleDocks Tips — Bug Bounty Tuesdayhttps://medium.com/@kerstan/useful-googledocks-tips-bug-bounty-tuesday-45eddc06bf93?source=rss------bug_bounty-5kerstancybersecurity, bug-bounty, hacking30-Apr-2024
How I found three Critical Vulnerability in one site.https://medium.com/@ckachhadiya007/how-i-found-three-critical-vulnerability-in-one-site-70fc513669d8?source=rss------bug_bounty-5DEepvulnerability, hacking, cybersecurity, red-team, bug-bounty30-Apr-2024
O melhor curso de hacking etico do Brasilhttps://medium.com/@rafael.code77/o-melhor-curso-de-hacking-etico-do-brasil-cec8eec850bb?source=rss------bug_bounty-5Rafael Henriquetryhackme-writeup, hacking, bug-bounty, hacker, hackerone30-Apr-2024
24.4 Lab: Exploiting HTTP request smuggling to bypass front-end security controls, CL.TEhttps://cyberw1ng.medium.com/24-4-lab-exploiting-http-request-smuggling-to-bypass-front-end-security-controls-cl-te-458923cda52d?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, penetration-testing, bug-bounty, hacking30-Apr-2024
Learning OffensiveCybersecurity — Day 1https://medium.com/@n4rkwh4l/learning-offensivecybersecurity-day-1-b5c26c55522c?source=rss------bug_bounty-5N4RKWH4Lbug-bounty, cybersecurity, offensive-security, learning, tech30-Apr-2024
Adding Certificates to Postman & Burp Suite for API Testinghttps://medium.com/r3d-buck3t/adding-certificates-to-postman-burp-suite-for-api-testing-06339a6d072a?source=rss------bug_bounty-5Nairuz Abulhulsecurity, bug-bounty, penetration-testing, hacking, infosec30-Apr-2024
Bug Bounty Challenge (final): [CONCLUSION]https://wallotry.medium.com/bug-bounty-challenge-final-day-10-30-04-2024-75a6f93d2687?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-writeup30-Apr-2024
Finding a viper in the curved lawnhttps://medium.com/@kupiasec/finding-a-viper-in-the-curved-lawn-e43401997cce?source=rss------bug_bounty-5KupiaSeccurve-finance, bug-bounty, audit, blockchain, security30-Apr-2024
ineligible for bounty !!!https://medium.com/@thewhiteside2000/ineligible-for-bounty-d4b720bfb596?source=rss------bug_bounty-5Thewhitesidebug-bounty30-Apr-2024
postMessage() securityhttps://noobstain.medium.com/postmessage-security-e6c55ef1f1bd?source=rss------bug_bounty-5Sumeet darekarbug-bounty, xss-vulnerability, replit, postmessage, javascript30-Apr-2024
Learning Offensive Cybersecurity — Day 1https://medium.com/@n4rkwh4l/learning-offensivecybersecurity-day-1-b5c26c55522c?source=rss------bug_bounty-5N4RKWH4Lbug-bounty, cybersecurity, offensive-security, learning, tech30-Apr-2024
Bug Bounty Challenge (final): CONCLUSIONhttps://wallotry.medium.com/bug-bounty-challenge-final-day-10-30-04-2024-75a6f93d2687?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-writeup30-Apr-2024
do FUZZ well!https://medium.com/@ugs20b126_cic.rajesh/do-fuzz-well-07cb19bb0675?source=rss------bug_bounty-5Rajesh Sagarbug-bounty, fuzzing, bug-bounty-tips30-Apr-2024
E-Commerce Application Penetration Testing- My Favourite Business Logical Flawhttps://medium.com/@vaishalinagori112/e-commerce-application-penetration-testing-my-favourite-business-logical-flaw-bac0367ad60c?source=rss------bug_bounty-5Vaishali Nagoriapplication-security, ciso, bug-bounty, penetration-testing, vapt29-Apr-2024
The Silent Threat: Uncovering IDOR Vulnerabilities Before They’re Exploited (PoC)https://medium.com/@mrmaulik191/the-silent-threat-uncovering-idor-vulnerabilities-before-theyre-exploited-poc-f98d2b8aec8d?source=rss------bug_bounty-5Mr.MGidor, penetration-testing, blog, cybersecurity, bug-bounty29-Apr-2024
The Story of a Mass Account Takeover Though Stored XSS (Cross-Site Scripting).https://medium.com/@iamrajchavan/the-story-of-a-mass-account-takeover-though-stored-xss-cross-site-scripting-bd2e484a0bd1?source=rss------bug_bounty-5Rajdip Chavanvapt, cybersecurity, bug-hunting, web-app-pentesting, bug-bounty29-Apr-2024
The Fuzzy Wuzzy: Unveiling Hidden Parametershttps://medium.com/@mendurim.r/the-fuzzy-wuzzy-unveiling-hidden-parameters-24169dfc9371?source=rss------bug_bounty-5m3nd00bug-bounty, fuzzing, ffuf29-Apr-2024
Explorando Acunetix Vulneweb SQL Injectionhttps://medium.com/@davidkarpinski1/explorando-acunetix-vulneweb-sql-injection-23360cf2d5f3?source=rss------bug_bounty-5David Eduardo Karpinskisql-injection, sql, bug-bounty, mysql, vulnerability29-Apr-2024
24.3 Lab: Exploiting HTTP request smuggling to bypass front-end security controls, CL.TEhttps://cyberw1ng.medium.com/24-3-lab-exploiting-http-request-smuggling-to-bypass-front-end-security-controls-cl-te-3a5f92a939d2?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, penetration-testing, hacking, cybersecurity29-Apr-2024
Temu glitch - Temu system hacked and let me buy free items!https://medium.com/@verylazytech/temu-glitch-temu-system-hacked-and-let-me-buy-free-items-356fad19ae4a?source=rss------bug_bounty-5Very Lazy Techtemu, hacking, shopping, free, bug-bounty29-Apr-2024
The Fuzzy Wuzzy: Unveiling Hidden Parametershttps://medium.com/@mendurim.r/the-fuzzy-wuzzy-unveiling-hidden-parameters-24169dfc9371?source=rss------bug_bounty-5ScriptTeasebug-bounty, fuzzing, ffuf29-Apr-2024
Broken Link Hijacking: A Hidden Threat $350 Bountyhttps://medium.com/@chouhanhimanshu532/broken-link-hijacking-a-hidden-threat-350-bounty-bb5978177b1d?source=rss------bug_bounty-5Himanshu Chouhanbug-bounty, bugcrowd, bugs, broken-link-hijacking, bug-bounty-tips29-Apr-2024
Embracing Downtime: Why “Wasting Time” Can Be Beneficial for Bug Huntershttps://securitylit.medium.com/embracing-downtime-why-wasting-time-can-be-beneficial-for-bug-hunters-62d83da87a14?source=rss------bug_bounty-5Security Lit Limitedbug-bounty, cybersecurity, penetration-testing, bug-bounty-tips29-Apr-2024
Crypto Attacks Cheat-Sheethttps://medium.com/@davidkarpinski1/brute-forcing-cheat-sheet-30a9f58e024e?source=rss------bug_bounty-5David Eduardo Karpinskihacking, bug-bounty, dictionary, cheating, crack29-Apr-2024
Bug Bounty Challenge (final): Day 9–29/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-9-29-04-2024-9643d90e3ccf?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty29-Apr-2024
The Last Dance (HackTheBox Writeup)https://medium.com/@krishgera1/the-last-dance-hackthebox-writeup-ab0ffda6264f?source=rss------bug_bounty-5Krish Geractf, cybersecurity, hackthebox, hackerone, bug-bounty29-Apr-2024
Find PII Info Disclosure Bugs With this Simple GUI Tool-Easy P1https://medium.com/@Ajakcybersecurity/find-pii-info-disclosure-bugs-with-this-simple-gui-tool-easy-p1-7507a34ae172?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, cybersecurity, bug-bounty, hacking, penetration-testing29-Apr-2024
Bug Zero at a Glance [01–15 April]https://blog.bugzero.io/bug-zero-at-a-glance-01-15-april-1a761018d605?source=rss------bug_bounty-5Januka Dharmapriyacybersecurity, sri-lanka, bug-zero, newsletter, bug-bounty28-Apr-2024
2FA bypass that made me $______https://imwaiting18.medium.com/2fa-bypass-that-made-me-6d32d3b762b4?source=rss------bug_bounty-5imwaiting18 (Virang Rajyaguru)csrf, bug-bounty, cybersecurity, 2fa-bypass, hacking28-Apr-2024
How to choose less competitive Bug Bounty Programs ( No VDPs)https://medium.com/@h3mantsaini/how-to-choose-less-competitive-bug-bounty-programs-no-vdps-0acc3ddfe9b8?source=rss------bug_bounty-5H3mantbug-bounty-tips, bugbounty-writeup, bug-bounty, bug-bounty-writeup28-Apr-2024
Starting in Bug Bounty — First Master This Before Hunting.https://medium.com/@shuklaneel525/starting-in-bug-bounty-first-master-this-before-hunting-74d266a874a0?source=rss------bug_bounty-5NEEL SHUKLAbug-bounty, ethical-hacking, penetration-testing, bounty-program, bug-bounty-tips28-Apr-2024
Unveiling the Secrets of Internal Pentest Monitoring: A Game-Changer for Security Leadershttps://medium.com/@anirumble6776/unveiling-the-secrets-of-internal-pentest-monitoring-a-game-changer-for-security-leaders-09e57b46f9ef?source=rss------bug_bounty-5Aniniikethr12bug-bounty, pentesting, cybersecurity28-Apr-2024
Never use the GET method for Sensitive Actions in Web App: Ft. CSRFhttps://secureitmania.medium.com/never-use-the-get-method-for-sensitive-actions-in-web-app-ft-csrf-f106df3c228b?source=rss------bug_bounty-5secureITmaniabug-bounty, penetration-testing, information-security, hacking, web-development28-Apr-2024
Ability to Deny Subaccounts feature from all usershttps://medium.com/@mostafaaboelnour19/ability-to-deny-subaccounts-feature-from-all-users-e8fca424ffb9?source=rss------bug_bounty-50xAb031n0uRbugbounty-writeup, bug-bounty, cybersecurity28-Apr-2024
IDOR leads to Account Takeover of all users (ATO).https://medium.com/@xnum.1/idor-leads-to-account-takeover-of-all-users-ato-27af312c8481?source=rss------bug_bounty-5Ahmed Tarekpenteration-testing, account-takeover, bug-bounty, pentesting, hacking28-Apr-2024
Mi camino en el Bug Bounty comienza, pero antes..https://medium.com/@cyb3rbyt3/mi-camino-en-el-bug-bounty-comienza-pero-antes-e649661dddc0?source=rss------bug_bounty-5Cib3r Byt3bug-bounty28-Apr-2024
24.2 Lab: HTTP request smuggling, confirming a TE.CLhttps://cyberw1ng.medium.com/24-2-lab-http-request-smuggling-confirming-a-te-cl-1917e523470e?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, bug-bounty, hacking28-Apr-2024
How I Hacked an Indian Government Website and Accessed Their Database Serverhttps://medium.com/@kamilrahman32/how-i-hacked-an-indian-government-website-and-accessed-their-database-server-02a81842cce8?source=rss------bug_bounty-5Kamil Rahumanbug-hunting, cybersecurity, bug-bounty, hacking28-Apr-2024
Bug Bounty Challenge (final): Day 8–28/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-8-28-04-2024-67bac40e6a35?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter, bug-bounty28-Apr-2024
How We Hacked Voice Communication Solutions Company And Found BAC + Info Disclosure + IDOR 😀https://medium.com/@eslam.zayedw/how-we-hacked-voice-communication-solutions-company-and-found-bac-info-disclosure-idor-d-6884037064f0?source=rss------bug_bounty-5D0loresH4zebug-bounty, bug-bounty-tips, cybersecurity, hacking, penetration-testing28-Apr-2024
Flamingo Finance Bug Bounty Programhttps://medium.com/@kdmytro336/flamingo-finance-bug-bounty-program-e5736de7bfa0?source=rss------bug_bounty-5Dmytro Kovalenkoweb-security, bug-bounty, security, web3, flamingo-finance28-Apr-2024
VAPT: The Secret Weapon for Security Superheroeshttps://securitylit.medium.com/vapt-the-secret-weapon-for-security-superheroes-27fcdd79b16e?source=rss------bug_bounty-5Security Lit Limitedvapt, bug-bounty, cybersecurity, cyberattack28-Apr-2024
Security Testing Trends 2024https://innovateqa.medium.com/security-testing-trends-2024-38d9129fde4d?source=rss------bug_bounty-5InnovateQAsecurity-testing, devsecops, genai, bug-bounty, pentesting27-Apr-2024
Hidden parametershttps://medium.com/@thewhiteside2000/hidden-parameters-e818d572ea3e?source=rss------bug_bounty-5Thewhitesidebug-bounty, bug-bounty-tips27-Apr-2024
Top Ten Books for Bug Bountyhttps://medium.com/@verylazytech/top-ten-books-for-bug-bounty-95e8a42fb519?source=rss------bug_bounty-5Very Lazy Techpentesting, money, cybersecurity, bug-bounty, oscp27-Apr-2024
How to setup in 30 min your Web3 lab in Windowshttps://coinsbench.com/how-to-setup-in-30-min-your-web3-lab-in-windows-e0026185b64?source=rss------bug_bounty-5Bug Bounty Degenweb3, hacking-tools, ethereum, bug-bounty, blockchain27-Apr-2024
2:00 AM IDOR leads to some Adrenaline rushhttps://imwaiting18.medium.com/2-00-am-idor-leads-to-some-adrenaline-rush-996f710bd55a?source=rss------bug_bounty-5imwaiting18 (Virang Rajyaguru)bug-bounty27-Apr-2024
Logic Loopholes: The Fun Flawshttps://medium.com/@khode4li/logic-loopholes-the-fun-flaws-5a8e14b09dc7?source=rss------bug_bounty-5Khod4libusiness-logic, web-penetration, bug-bounty, pentest, xss-attack27-Apr-2024
How I Exploited an Auth0 Misconfiguration to Bypass Login Restrictionshttps://amjadali110.medium.com/how-i-exploited-an-auth0-misconfiguration-to-bypass-login-restrictions-c5d8c20d5505?source=rss------bug_bounty-5Amjad Alipenetration-testing, infosec, bug-bounty-tips, bug-bounty, cybersecurity27-Apr-2024
How A Blackbox Target Turned To Whitebox With Reconhttps://medium.com/@red.whisperer/how-a-blackbox-target-turned-to-whitebox-with-recon-e46536672702?source=rss------bug_bounty-5Chuxinfosec, cybersecurity, red-team, hacking, bug-bounty27-Apr-2024
Spotting Sensitive Data in iOS Applications A Penetration Tester’s Guidehttps://adipsharif.medium.com/spotting-sensitive-data-in-ios-applications-a-penetration-testers-guide-06f84af9cb0a?source=rss------bug_bounty-5ADIPpentesting, penetration-testing, infosec, information-security, bug-bounty27-Apr-2024
24.1 Lab: HTTP request smuggling, confirming a CL.TEhttps://cyberw1ng.medium.com/24-1-lab-http-request-smuggling-confirming-a-cl-te-c53051cf5875?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, penetration-testing, cybersecurity27-Apr-2024
privilege escalation allow the app admin to add the user as organization admin (on Microsoft own…https://medium.com/@amitkhandebharad5/privilege-escalation-allow-the-app-admin-to-add-the-user-as-organization-admin-on-microsoft-own-e24352219a24?source=rss------bug_bounty-5Amitkhandebharadsecurity, bug-bounty, bugcrowd, privilege-escalation, bug-hunter27-Apr-2024
Exploring the Filliquid Testnet Launch Bug Bounty Program!https://medium.com/@dekachi17/exploring-the-filliquid-testnet-launch-bug-bounty-program-e67c76557cc5?source=rss------bug_bounty-5I. Tobias Darlingtonfilecoin, bug-bounty, testnet, defi, filliquid27-Apr-2024
How I Hacked NASA Website and find a Criticial Source Code leak BUG on their websitehttps://medium.com/@phantom9863/how-i-hacked-nasa-website-and-find-a-criticial-source-code-leak-bug-on-their-website-9be0c38299fd?source=rss------bug_bounty-5Phantombugs, bug-bounty-tips, bug-fixes, bug-bounty, bug-zero27-Apr-2024
Unveiling Strategies to Identify Potentially Sensitive Data Stored by iOS Applicationshttps://adipsharif.medium.com/spotting-sensitive-data-in-ios-applications-a-penetration-testers-guide-06f84af9cb0a?source=rss------bug_bounty-5ADIPpentesting, penetration-testing, infosec, information-security, bug-bounty27-Apr-2024
What is HTTP request smuggling?https://cyberw1ng.medium.com/what-is-http-request-smuggling-7ab91748c6db?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, careers, cybersecurity, bug-bounty26-Apr-2024
I found a simple but rare misconfiguration and got $200 on a hackerone programhttps://harish45.medium.com/i-found-a-simple-but-rare-misconfiguration-and-got-200-on-a-hackerone-program-5863b6c51538?source=rss------bug_bounty-5Harishhackerone, bug-bounty-writeup, bug-bounty, bug-bounty-tips26-Apr-2024
Private Interact.sh server setup with a web dashboardhttps://infosecwriteups.com/private-interact-sh-server-setup-with-a-web-dashboard-6b0320645536?source=rss------bug_bounty-5Serj Novoselovtutorial, hacking, tools, cybersecurity, bug-bounty26-Apr-2024
Found Multiple Bugs :: XSS, MITM, Sec-MisConf :: In an Educational Sitehttps://medium.com/@p.ra.dee.p_0xx01/found-multiple-bugs-xss-mitm-sec-misconf-in-an-educational-site-5a3804085da0?source=rss------bug_bounty-5Professor0xx01security, bugs, bug-bounty, information-security, xss-attack26-Apr-2024
The Ultimate Guide to CISSP’s Eight Security Territorieshttps://systemweakness.com/the-ultimate-guide-to-cissps-eight-security-territories-836ec7bec836?source=rss------bug_bounty-5Gagan Yalamuristartup, information-security, information-technology, cybersecurity, bug-bounty26-Apr-2024
Unraveling the Nuances of 403 Bypass: Strengthening Web Application Securityhttps://medium.com/@dasmanish6176/unraveling-the-nuances-of-403-bypass-strengthening-web-application-security-ac2e8e885c3f?source=rss------bug_bounty-5Dasmanish403-forbidden, ethical-hacking, bug-bounty26-Apr-2024
How to baypass scaping filter(\)https://medium.com/@thewhiteside2000/how-to-baypass-scaping-filter-14393a23af4f?source=rss------bug_bounty-5Thewhitesidebug-bounty-tips, bug-bounty26-Apr-2024
How We Prevented a Mass Breach On One OF The Biggest CryptoCurrency Gateways On A Web3 Platform.https://medium.com/@eslam.zayedw/how-we-prevented-a-mass-breach-on-one-of-the-biggest-cryptocurrency-gateways-on-a-web3-platform-2d8393070b10?source=rss------bug_bounty-5D0loresH4zecybersecurity, bugbounty-writeup, bug-bounty, bug-bounty-tips, penetration-testing26-Apr-2024
Found Multiple Bugs :: XSS, MITM, Sec-MisConf :: In a GOVT Educational Sitehttps://medium.com/@p.ra.dee.p_0xx01/found-multiple-bugs-xss-mitm-sec-misconf-in-an-educational-site-5a3804085da0?source=rss------bug_bounty-5Professor0xx01security, bugs, bug-bounty, information-security, xss-attack26-Apr-2024
Bug Bounty Toolshttps://medium.com/@malishakali2002/bug-bounty-tools-bedcf7b94f8d?source=rss------bug_bounty-5Malisha_kalictf, bug-bounty-writeup, reconnaissance, bug-bounty, bug-bounty-tool25-Apr-2024
this is how I Bypassed the 2FA page in a big site…https://medium.com/@hannorayousef/this-is-how-i-bypassed-the-2fa-page-in-a-big-site-77c6a3b7596d?source=rss------bug_bounty-5Bar_0_0_nbug-bounty, 2fa, pentesting, bug-bounty-tips, cybersecurity25-Apr-2024
Android Pentesting Lab Setup step to step . Part -1https://medium.com/@adityasingh4180/android-pentesting-lab-setup-step-to-step-part-1-c50d210d118d?source=rss------bug_bounty-5Security Empirebug-bounty-tips, cybersecurity, android-pentesting, bug-bounty, cyber-sec25-Apr-2024
Bug Bounty Champions: Real Stories of Cybersecurity Triumphshttps://medium.com/@paritoshblogs/bug-bounty-champions-real-stories-of-cybersecurity-triumphs-35c0c976469a?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, ai, hacking, information-security25-Apr-2024
Understanding 403 Bypass: A Critical Vulnerability in Web Application Securityhttps://infosecwriteups.com/understanding-403-bypass-a-critical-vulnerability-in-web-application-security-2b9f0318f3a4?source=rss------bug_bounty-5Abhishek Bhujangbug-bounty, 403-bypass, cybersecurity, vulnerability, web-app-security25-Apr-2024
Hacking one of the largest Legal tech in MENAhttps://ahmadmansourr.medium.com/hacking-one-of-the-largest-legal-tech-in-mena-92365c276654?source=rss------bug_bounty-5Ahmad Mansourpentest, hacking, securing, bug-bounty25-Apr-2024
Cyber Detectives Unite: Advanced Tools for Web Securityhttps://medium.com/@gaganak.yalamuri/cyber-detectives-unite-advanced-tools-for-web-security-bb675f46b46e?source=rss------bug_bounty-5Gagan Yalamuriethical-hacking, information-security, cybersecurity, bug-bounty, computer-science25-Apr-2024
How a ‘.git’ file Leads to Zendesk Panel Takeoverhttps://sl4x0.medium.com/how-a-git-file-leads-to-zendesk-panel-takeover-11e8d2812076?source=rss------bug_bounty-5Abdelrhman Allam (sl4x0)bug-bounty-tips, admin-panel, pentesting, bug-bounty, hacking25-Apr-2024
Privilege Escalation to Admin through an Import Featurehttps://cristivlad.medium.com/privilege-escalation-to-admin-through-an-import-feature-ac8ac6b6abad?source=rss------bug_bounty-5Cristi Vladbug-bounty, cybersecurity, penetration-testing, pentesting, infosec25-Apr-2024
Unexpected gain, arbitrary forgery of user tokens.https://medium.com/@xiaodongsec/unexpected-gain-arbitrary-forgery-of-user-tokens-cb0dc1c4bd9f?source=rss------bug_bounty-5Xiaodongchina, hacker, vulnerability, bug-bounty, money25-Apr-2024
How to monitor your internal pentesters?https://medium.com/@levente.b.molnar/how-to-monitor-your-internal-pentesters-6fe0e18f9fd0?source=rss------bug_bounty-5Hackratebug-bounty, cybersecurity, it-security, penetration-testing-tools, penetration-testing25-Apr-2024
Find This Easy CSRF in Every Website- A Sweet P4https://medium.com/@Ajakcybersecurity/find-this-easy-csrf-in-every-website-a-sweet-p4-372a3198bf47?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, technology, bug-bounty, hacking, cybersecurity25-Apr-2024
Bug Bounty Challenge (final): Day 5–25/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-5-25-04-2024-a8d33630fe73?source=rss------bug_bounty-5Wallotrybug-bounty-writeup, bug-bounty-hunter, bug-bounty, bug-bounty-tips25-Apr-2024
Cyber Detectives Unite: Advanced Tools for Web Securityhttps://systemweakness.com/cyber-detectives-unite-advanced-tools-for-web-security-bb675f46b46e?source=rss------bug_bounty-5Gagan Yalamuriethical-hacking, information-security, cybersecurity, bug-bounty, computer-science25-Apr-2024
20.6 Lab: Host validation bypass via connection state attack | 2024https://cyberw1ng.medium.com/20-6-lab-host-validation-bypass-via-connection-state-attack-2024-ba5ddd95edc4?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, hacking, cybersecurity, penetration-testing25-Apr-2024
Privilege escalation mediante Race Condition.https://medium.com/@duality084/privilege-escalation-mediante-race-condition-0254df6ffbd8?source=rss------bug_bounty-5Matias Ramirezbug-bounty, bug-bounty-tips, bugbounty-writeup, hacking25-Apr-2024
A very useful asset collection tool: Asset Reconnaissance Lighthouse.https://medium.com/@xiaodongsec/a-very-useful-asset-collection-tool-asset-reconnaissance-lighthouse-94204f093c92?source=rss------bug_bounty-5Xiaodonghacks, hunting, tools, bug-bounty, china24-Apr-2024
Hack Stories: Hacking Hackers EP:3https://infosecwriteups.com/hack-stories-hacking-hackers-ep-3-11b1f0e002e8?source=rss------bug_bounty-5c0d3x27software, programming, cybersecurity, hacking, bug-bounty24-Apr-2024
#1. Bug Bounty POC: IDOR leads to Account Takeoverhttps://cyb3rmind.medium.com/1-bug-bounty-poc-idor-leads-to-account-takeover-e500701a8004?source=rss------bug_bounty-5Cyb3r M!ndsidor, account-takeover, web-penetration-testing, bug-bounty, pentesting24-Apr-2024
BALMER PEAK AND BUG HUNTINGhttps://medium.com/@Progsky/balmer-peak-and-bug-hunting-8ea030eaa4a4?source=rss------bug_bounty-5Progskyhumor, bug-bounty24-Apr-2024
20.5 Lab: SSRF via flawed request parsing | 2024https://cyberw1ng.medium.com/20-5-lab-ssrf-via-flawed-request-parsing-2024-77a91ca47898?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, careers, cybersecurity, hacking24-Apr-2024
Unveiling the Hidden: A Guide to Passive Subdomain Enumerationhttps://medium.com/@gaganak.yalamuri/unveiling-the-hidden-a-guide-to-passive-subdomain-enumeration-6f1db9a8bb50?source=rss------bug_bounty-5Gagan Yalamuriweb-security, technology, security, bug-bounty, hacking24-Apr-2024
Bug Bounty Challenge (final): Day 4–24/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-4-24-04-2024-ad138e4d1357?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter24-Apr-2024
Embarking on My Bug Bounty Hunting Journeyhttps://medium.com/@nikhil-/embarking-on-my-bug-bounty-hunting-journey-d4064cd28905?source=rss------bug_bounty-5Nikhilmy-journey-in-tech, cybersecurity, bug-bounty24-Apr-2024
Unveiling the Hidden: A Guide to Passive Subdomain Enumerationhttps://systemweakness.com/unveiling-the-hidden-a-guide-to-passive-subdomain-enumeration-6f1db9a8bb50?source=rss------bug_bounty-5Gagan Yalamuriweb-security, technology, security, bug-bounty, hacking24-Apr-2024
How easy I made $$$$https://anasbetis023.medium.com/how-easy-i-made-24edb0fd1364?source=rss------bug_bounty-5Anas H Hmaidypenetration-testing, bug-bounty-tips, cybersecurity, bug-bounty23-Apr-2024
Bug :: CORS Misconfiguration ~ could lead to disclosure of sensitive info..!!!https://medium.com/@p.ra.dee.p_0xx01/bug-cors-misconfiguration-could-lead-to-disclosure-of-sensitive-info-ad95e35162fd?source=rss------bug_bounty-5Professor0xx01cors, bug-bounty, threat-hunting, information-security, vulnerability23-Apr-2024
What are Some Ethical Considerations for Bug Bounty Hunters When Negotiating Rewards or Disclosing…https://medium.com/mynextdeveloper/what-are-some-ethical-considerations-for-bug-bounty-hunters-when-negotiating-rewards-or-disclosing-3008e87a6173?source=rss------bug_bounty-5MyNextDeveloperbug-bounty, ethics, data-breach, ethical-hacking, cybersecurity23-Apr-2024
IOS Penetration Testing: Guide to Static Analysishttps://medium.com/@adityasawant00/ios-penetration-testing-guide-to-static-analysis-4a9dea5d672d?source=rss------bug_bounty-5Aditya Sawantcybersecurity, static-analysis, bug-bounty, i̇os, penetration-testing23-Apr-2024
How I found my First Valid bughttps://medium.com/@tanyago/how-i-found-my-first-valid-bug-2a9c87ce7a91?source=rss------bug_bounty-5Tanya Goyalbug-bounty, bug-hunting, bug-bounty-writeup, bug-bounty-tips23-Apr-2024
Bypassing CloudFlare Error 1015: You Are Being Rate Limitedhttps://medium.com/@mdnafeed3/bypassing-cloudflare-error-1015-you-are-being-rate-limited-f25f4e8f7bb2?source=rss------bug_bounty-5H4cker-Nafeedbug-bounty, vulnerability, cybersecurity, hacking23-Apr-2024
QUICK ROADMAP TO BUG BOUNTY(things you need to know)https://medium.com/@joybhavanadam/quick-roadmap-to-bug-bounty-things-you-need-to-know-0aa1b64b9cdf?source=rss------bug_bounty-5Adam Paulo Antonytips, bug-bounty-tips, roadmaps, bug-bounty23-Apr-2024
VERTICAL RECON : SUBDOMAINS ENUMERATION. THE ART OF RECONISM:https://hacktivistattacker.medium.com/vertical-recon-subdomains-enumeration-the-art-of-reconism-66d3be42d5d0?source=rss------bug_bounty-5Hacktivist-Attackersubdomain-enumeration, information-gathering, subdomains-enumeration, bug-bounty, reconnaissance23-Apr-2024
20.4 Lab: Routing-based SSRF Vulnerability | 2024https://cyberw1ng.medium.com/20-4-lab-routing-based-ssrf-vulnerability-2024-c34402e8b6dd?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, cybersecurity, bug-bounty, careers23-Apr-2024
Browser Extension Security Testing: Part 1https://codewithvamp.medium.com/browser-extension-security-testing-part-1-0178766d2252?source=rss------bug_bounty-5Vaibhav Kumar Srivastavabug-bounty, hacking, browser-extension, bug-bounty-tips, testing23-Apr-2024
Email Verification Bypass via Remember Mehttps://infosecwriteups.com/email-verification-bypass-via-remember-me-c6d34e6060e9?source=rss------bug_bounty-5mo9khu93rbug-bounty, cybersecurity, pentesting, red-team, hacking22-Apr-2024
(Insecure Dangerous Component) Developer Backdoor `DebugActivity` included in the Production Game…https://medium.com/@hazeemyasseer/insecure-dangerous-component-developer-backdoor-debugactivity-included-in-the-production-game-390dddea9363?source=rss------bug_bounty-5Hazeem' Yasseerandroid-pentesting, android-pentest, bug-bounty-tips, bug-bounty, cybersecurity22-Apr-2024
20.3 Lab: Web cache poisoning via ambiguous requests | 2024https://cyberw1ng.medium.com/20-3-lab-web-cache-poisoning-via-ambiguous-requests-2024-8ab074dec0e4?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, careers, penetration-testing, bug-bounty22-Apr-2024
How many months took you to find your first bug ?! Let s seehttps://medium.com/@aiz3nsk/how-many-months-took-you-to-find-your-first-bug-let-s-see-c48e4cce0c29?source=rss------bug_bounty-5Aiz3n Skbug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-bounty-program, bug-bounty-writeup22-Apr-2024
Don’t overlook any parameter, because the vulnerability lies within!https://medium.com/@xiaodongsec/dont-overlook-any-parameter-because-the-vulnerability-lies-within-d0107d0c4f3e?source=rss------bug_bounty-5Xiaodonghacker, vulnerability, china, money, bug-bounty22-Apr-2024
Exploiting PostMessage for cool XSS vulnerabilitieshttps://manasharsh.medium.com/exploiting-postmessage-for-cool-xss-vulnerabilities-cbea132398e1?source=rss------bug_bounty-5Manas Harshhacking, xss-vulnerability, bug-bounty, application-security22-Apr-2024
Google Map API Key Exposure: A Bug Bounty Journeyhttps://medium.com/@iamrizwanvp/google-map-api-key-exposure-a-bug-bounty-journey-6e0bb1560961?source=rss------bug_bounty-5RIZWANpentesting, bug-bounty, cybersecurity, bugbounty-writeup22-Apr-2024
Auto Bug Bounty Script — Unleash Your Hunting Potentialhttps://medium.com/@psychomong/auto-bug-bounty-script-unleash-your-hunting-potential-7ecd6ad417ea?source=rss------bug_bounty-5psychomongbug-bounty, vapt, hacker, bug-bounty-tips, automation22-Apr-2024
How i Find Database Credentials via Mass Recon & Recon Scoping on Gcashhttps://ph-hitachi.medium.com/how-i-find-database-credentials-via-mass-recon-recon-scoping-on-gcash-f43a0dae3ec1?source=rss------bug_bounty-5Ph.Hitachipentest, reconnaissance, recon, bug-bounty, gcash22-Apr-2024
What is SSRF and how to Detect them on Web Applicationhttps://alvinbijo.medium.com/what-is-ssrf-and-how-to-detect-them-on-web-application-687820c4d097?source=rss------bug_bounty-5Alvin bijobug-bounty-tips, bug-bounty, xs, ssrf22-Apr-2024
Bug Bounty Challenge (final): Day 3–22/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-3-22-04-2024-51adde52bf60?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-bounty-tips22-Apr-2024
Cross-Site Scripting Detectionhttps://medium.com/@b.c114303/cross-site-scripting-detection-b35e4bd744b3?source=rss------bug_bounty-5Anni0pbug-bounty, cybersecurity, xss-attack22-Apr-2024
Beware of Method Swapping: Unveiling a Potential Security Vulnerabilityhttps://infosecwriteups.com/beware-of-method-swapping-unveiling-a-potential-security-vulnerability-cc66c867e3b2?source=rss------bug_bounty-5HooSbug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips22-Apr-2024
How to avoid burnouts in bugbounty?https://medium.com/@mr_prey3r/how-to-avoid-burnouts-in-bugbounty-4d97e14f1ff1?source=rss------bug_bounty-5Rubayet Hasan aka MR_Prey3rbug-bounty-tips, bug-bounty, bug-bounty-writeup22-Apr-2024
Beware of Method Swapping: Unveiling a Potential Security Vulnerabilityhttps://medium.com/@hoosgamer/beware-of-method-swapping-unveiling-a-potential-security-vulnerability-cc66c867e3b2?source=rss------bug_bounty-5HooSbug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips22-Apr-2024
Beware of Method Swapping: Unveiling a Potential Security Vulnerabilityhttps://medium.com/@hohky_/beware-of-method-swapping-unveiling-a-potential-security-vulnerability-cc66c867e3b2?source=rss------bug_bounty-5Hohkybug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips22-Apr-2024
Project discovery`s Chaos: Subdomains Discovery for all Bug Bounty Programshttps://medium.com/@miladkeivanfar/project-discovery-s-chaos-subdomains-discovery-for-all-bug-bounty-programs-b9e39fe3589d?source=rss------bug_bounty-5Milad keivanfarsecurity, subdomains-enumeration, bug-bounty, penetration-testing21-Apr-2024
SQL Injection Vulnerability in WHERE Clause Allowing Retrieval of Hidden Datahttps://medium.com/@marduk.i.am/sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-96beb7f99d0c?source=rss------bug_bounty-5Marduk I Amportswigger-lab, sql-injection, information-security, bug-bounty, cybersecurity21-Apr-2024
Unraveling the Secrets of CWE and CVE in easily wayhttps://medium.com/@abdallahhendy15/unraveling-the-secrets-of-cwe-and-cve-in-easily-way-fc332b0294d6?source=rss------bug_bounty-5Abdallahhendypenetration-testing, cwe, cybersecurity, cve, bug-bounty21-Apr-2024
Such a simple zero-payment vulnerability.https://medium.com/@xiaodongsec/such-a-simple-zero-payment-vulnerability-8e29421cbf58?source=rss------bug_bounty-5Xiaodongmoney, vulnerability, bug-bounty, china, hacker21-Apr-2024
Linux Mastery, Practical Exercises for Effective Command Line Skillshttps://medium.com/@muhammadriva/linux-mastery-practical-exercises-for-effective-command-line-skills-e769d1010f73?source=rss------bug_bounty-5Muhammad Rivacyber-security-awareness, penetration-testing, cybersecurity, bug-bounty, kali-linux21-Apr-2024
What is server-side template injection?https://cyberw1ng.medium.com/what-is-server-side-template-injection-77b7e4d0cad2?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, penetration-testing, careers21-Apr-2024
How I could have hacked one LG website with a simple recon…https://medium.com/@rubixrub/how-i-could-have-hacked-one-lg-website-with-a-simple-recon-8306e6e4be54?source=rss------bug_bounty-5RubXhacking, bug-bounty, cybersecurity, bug-bounty-tips21-Apr-2024
HACKTHEBOX CBBH REVIEWhttps://medium.com/@admiralhr99/hackthebox-cbbh-review-76944984a573?source=rss------bug_bounty-5Admiralhrweb-application-security, bug-bounty, cybersecurity, cbbh, hackthebox21-Apr-2024
How do I get Started in Cyber Security? — My Perspective & Learning Path!https://medium.com/@aadhaarkoul2002/how-do-i-get-started-in-cyber-security-my-perspective-learning-path-cd45846dbe63?source=rss------bug_bounty-5Aadhaarkoulbug-bounty, infosec, technology, hacking, learning21-Apr-2024
Bug Bounty Challenge (final): Day 1–21/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-1-21-04-2024-f832f23f0464?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-writeup, bug-bounty-tips21-Apr-2024
Bug Bounty Challenge (final): Day 2–21/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-1-21-04-2024-f832f23f0464?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-writeup, bug-bounty-tips21-Apr-2024
Unsecured Content Provider leads to Account Takeoverhttps://medium.com/@ahmedelmorsy312/unsecure-content-provider-led-to-account-takeover-1e45d716bd7c?source=rss------bug_bounty-5Ahmed Elmorsihacker, bugbounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty20-Apr-2024
Best Bug Bounty Tipshttps://bevijaygupta.medium.com/best-bug-bounty-tips-af66fd076eb4?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bug-fixes, bugs, bug-bounty, bug-zero20-Apr-2024
Unraveling the Millennium Bug: A Digital Apocalypsehttps://medium.com/@ak123aryan/unraveling-the-millennium-bug-a-digital-apocalypse-39af9dbadc0b?source=rss------bug_bounty-5Akshay Aryanjava, bugs, software-development, bug-bounty20-Apr-2024
My methodology for hunting for open Redirect vulnerabilitieshttps://medium.com/@hozayfan782/my-methodology-for-hunting-for-open-redirect-vulnerabilities-fb79f2d24c22?source=rss------bug_bounty-5Hozayfa Nassertips, open-redirect, bug-bounty, tips-and-tricks20-Apr-2024
19.5 Lab: Finding a hidden GraphQL endpoint | 2024https://cyberw1ng.medium.com/19-5-lab-finding-a-hidden-graphql-endpoint-2024-aeb8cec440d1?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing20-Apr-2024
Paramspider Upgraded Versionhttps://medium.com/@pushkrajdhuri07/paramspider-upgraded-version-b14c1e8f9810?source=rss------bug_bounty-5PushkaraJhacking, bug-bounty, cybersecurity, redteam-tool, infosec20-Apr-2024
Bug Bounty Challenge (final): Day 1–20/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-1-20-04-2024-2db4a6c86cc2?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup, bug-bounty20-Apr-2024
April 2024 Reading Listhttps://daytontp.medium.com/april-2024-reading-list-e570dd5143c9?source=rss------bug_bounty-5Dayton Pruetbug-bounty, network-security, cloud-computing, google-cloud-platform, linux19-Apr-2024
Race Condition on Change Email Leads to Arbitrary Email Forgeryhttps://medium.com/@blackarazi/race-condition-on-change-email-leads-to-arbitrary-email-forgery-741b720ac840?source=rss------bug_bounty-5Azhari Harahapbug-bounty, application-security, api-security, race-condition, bug-bounty-writeup19-Apr-2024
Blockchain Bug Bountyhttps://bevijaygupta.medium.com/blockchain-bug-bounty-a84c5f5ac684?source=rss------bug_bounty-5Vijay Guptabug-bounty, bug-bounty-tips, blockchain, blockchain-technology, bugs19-Apr-2024
OTP Bypass Security Issues and Remediationshttps://pratham-08.medium.com/otp-bypass-security-issues-and-remediations-f207eecebbea?source=rss------bug_bounty-5Pratham Mittalsecure-coding, software-development, otp-bypass, bug-bounty, security19-Apr-2024
Reconnaissance in Bug Bounty Programshttps://bevijaygupta.medium.com/reconnaissance-in-bug-bounty-programs-d46fadeb4508?source=rss------bug_bounty-5Vijay Guptabugs, bug-bounty-tips, footprinting, reconnaissance, bug-bounty19-Apr-2024
First valid critical vulnerability of minehttps://medium.com/@shalabhdevliyal/first-valid-critical-vulnerability-of-mine-1143ceaffefc?source=rss------bug_bounty-5Shalabhdevliyalvulnerability, hackerone, bug-bounty, cybersecurity19-Apr-2024
OOGWAY — Vulnerability Search Toolhttps://symbolexe.medium.com/oogway-vulnerability-search-tool-494587f0c00d?source=rss------bug_bounty-5Yasinbug-bounty, cybersecurity, vulnerability, cve19-Apr-2024
An Interesting Case of XSS Caused by File Uploadhttps://medium.com/@xiaodongsec/an-interesting-case-of-xss-caused-by-file-upload-86bdfb09408f?source=rss------bug_bounty-5Xiaodongchina, security, bug-bounty, money, hacks19-Apr-2024
How I Disclosed Employees PII | The mistake I made..|https://medium.com/@the.bugcrowd.testerpawan/how-i-disclosed-employees-pii-the-mistake-i-made-ca299a155440?source=rss------bug_bounty-5the_air_sharmabug-bounty-hunter, bug-bounty-program, bug-bounty-tips, bug-bounty-writeup, bug-bounty19-Apr-2024
19.4 Lab: Performing CSRF exploits over GraphQL | 2024https://cyberw1ng.medium.com/19-4-lab-performing-csrf-exploits-over-graphql-2024-8362148aee53?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, careers, penetration-testing, hacking19-Apr-2024
let’s Unlock Advanced Permissionshttps://rofes1337.medium.com/lets-unlock-advanced-permissions-d8529e9048e4?source=rss------bug_bounty-5Yousef Muhammedelkhirbug-bounty-tips, penteration-testing, bug-bounty, web-app-pentesting, privilege-escalation19-Apr-2024
Defence Methodologiehttps://medium.com/@haticezkmnl/defence-methodologie-bd3aa669d90e?source=rss------bug_bounty-5Hatice Zehra Kamanlıpentesting, bug-bounty, soc, prevention, cybersecurity19-Apr-2024
A CRASH COURSE ON NETWORK PROTOCOLS FOR BUG HUNTERShttps://medium.com/@binarymaster/a-crash-course-on-network-protocols-for-bug-hunters-d2648b79ab0e?source=rss------bug_bounty-5Binarymasterhacking, bug-bounty, network19-Apr-2024
Rest API Pentesting Resourceshttps://medium.com/@m14r41/rest-api-pentesting-resources-3155985b8c4d?source=rss------bug_bounty-5Madhurendra Kumarpentesting, checklist, bug-bounty, api, hacking19-Apr-2024
A CRASH COURSE ON NETWORK PROTOCOLS FOR BUG HUNTERShttps://medium.com/@Progsky/a-crash-course-on-network-protocols-for-bug-hunters-d2648b79ab0e?source=rss------bug_bounty-5Progskyhacking, bug-bounty, network19-Apr-2024
Stored XSS chain on NASA VDPhttps://medium.com/@ph4nt0mbyt3/stored-xss-chain-on-nasa-vdp-93814e2df863?source=rss------bug_bounty-5ph4nt0mbyt3bug-bounty, vulnerability, nasa18-Apr-2024
Introducing SHIFU: Your Comprehensive CVE Finder Toolkithttps://symbolexe.medium.com/introducing-shifu-your-comprehensive-cve-finder-toolkit-4b036cce55c6?source=rss------bug_bounty-5Yasincybersecurity, cve, bug-bounty18-Apr-2024
How Shodan Helps me to Find SMTP misconfigurationhttps://thesafdari.medium.com/how-shodan-helps-me-to-find-smtp-misconfiguration-56f63f1116a5?source=rss------bug_bounty-5Milad Safdaribug-bounty, finding-smtp-misconfig, finding-vulnerabilities18-Apr-2024
Jamtangan Bug Bountyhttps://bevijaygupta.medium.com/jamtangan-bug-bounty-7c49fc09881f?source=rss------bug_bounty-5Vijay Guptabugs, bug-zero, bug-bounty-tips, bug-bounty, jam-tangan18-Apr-2024
IDOR Bug Bountyhttps://bevijaygupta.medium.com/idor-bug-bounty-282d62d91691?source=rss------bug_bounty-5Vijay Guptaidor, bugs, bug-zero, bug-bounty, bug-bounty-tips18-Apr-2024
Yahoo Bug Bountyhttps://bevijaygupta.medium.com/yahoo-bug-bounty-a8a711e9ec3a?source=rss------bug_bounty-5Vijay Guptabug-bounty, yahoo-bug-bounty, bugs, yahoo, bug-bounty-tips18-Apr-2024
A Beginner’s Guide To Insecure Deserializationhttps://medium.com/@four0four/a-beginners-guide-to-insecure-deserialization-d359adffb207?source=rss------bug_bounty-5four0fourprogramming, cybersecurity, bug-bounty18-Apr-2024
How I found HTMLi on main domain of programhttps://medium.com/@jeetpal2007/how-i-found-htmli-on-main-domain-of-program-5c88a8e1af9a?source=rss------bug_bounty-5JEETPALbug-bounty-tips, html-injection, bug-bounty18-Apr-2024
IDOR Lead to Data Leakhttps://melguerdawi.medium.com/idor-lead-to-data-leak-c5107094f9ca?source=rss------bug_bounty-5Mostafa Elguerdawibug-bounty, cybersecurity, bug-bounty-tips18-Apr-2024
VulnersX Toolhttps://symbolexe.medium.com/vulnersx-tool-7a10b3090bbf?source=rss------bug_bounty-5Yasincybersecurity, cve, vulnerability, bug-bounty18-Apr-2024
How Shodan Helps me to Find SMTP misconfigurationhttps://thesafdari.medium.com/how-shodan-helps-me-to-find-smtp-misconfiguration-56f63f1116a5?source=rss------bug_bounty-5Milad Safdari (TheSafdari)bug-bounty, finding-smtp-misconfig, finding-vulnerabilities18-Apr-2024
How i Hacked Globe/Gcash services and manage to get access on multiple databases including ssh…https://ph-hitachi.medium.com/how-i-hacked-globe-gcash-services-and-manage-to-get-access-on-multiple-databases-including-ssh-9ca781348e8f?source=rss------bug_bounty-5Ph.Hitachibug-bounty, public-disclosure, pentesting, gcash18-Apr-2024
SSL Pinning Bypass Simplifiedhttps://medium.com/@evilprince007/ssl-pinning-bypass-simplified-48c0d5294a6c?source=rss------bug_bounty-5Prathamesh Khatavkarbug-bounty, cybersecurity, android18-Apr-2024
Unveiling Access Control Flaws: Taking over an entire organizationhttps://medium.com/@im0thmann/unveiling-access-control-flaws-taking-over-an-entire-organization-23505eb75d89?source=rss------bug_bounty-5mohamed othmancybersecurity, bug-bounty18-Apr-2024
19.3 Lab: Bypassing GraphQL brute force protections | 2024https://cyberw1ng.medium.com/19-3-lab-bypassing-graphql-brute-force-protections-2024-ae9df787c7c7?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, careers, bug-bounty, hacking18-Apr-2024
How I Used the ‘Everything’ Service to Uncover Two High-Risk Threats and Earn Over $700 in Rewardshttps://medium.com/@xiaodongsec/how-i-used-the-everything-service-to-uncover-two-high-risk-threats-and-earn-over-700-in-rewards-c42d002707ad?source=rss------bug_bounty-5Xiaodongchina, bug-bounty, money, hacker, vulnerability17-Apr-2024
Uber Bug Bounty Programhttps://bevijaygupta.medium.com/uber-bug-bounty-program-04cfe5050cd1?source=rss------bug_bounty-5Vijay Guptauber, bug-bounty, bug-bounty-tips, bug-zero, bugs17-Apr-2024
“Mastering Bug Bounty Hunting: Unveiling Secrets to Finding Hidden Vulnerabilities”https://medium.com/@faizalin5555/mastering-bug-bounty-hunting-unveiling-secrets-to-finding-hidden-vulnerabilities-0b5088e213d4?source=rss------bug_bounty-5Faizal Nbug-bounty-tips, bug-bounty, cybersecurity, penetration-testing, vulnerability17-Apr-2024
Bug Bounty POChttps://bevijaygupta.medium.com/bug-bounty-poc-e7fefda2fad0?source=rss------bug_bounty-5Vijay Guptabug-bounty, poc, bug-bounty-tips, bug-zero, bugs17-Apr-2024
Vulnerability Bounty Tool Recommendation: WIHhttps://medium.com/@xiaodongsec/vulnerability-bounty-tool-recommendation-wih-1e7b559b5fbc?source=rss------bug_bounty-5Xiaodongchina, tools, hacker, bug-bounty, money17-Apr-2024
Leveraging XSS to Execute CSRF Attackshttps://medium.com/@dodir.sec/leveraging-xss-to-execute-csrf-attacks-421edb662b40?source=rss------bug_bounty-5dodirbug-bounty, cybersecurity, penetration-testing, csrf, xss-attack17-Apr-2024
API Mis configuration: How Employee can change Manager’s review for him. (Part 2)https://interc3pt3r.medium.com/api-mis-configuration-how-employee-can-change-managers-review-for-him-part-2-28b242216b40?source=rss------bug_bounty-5Aneesha Dweb-development, bug-bounty, tips, cybersecurity, hacking17-Apr-2024
19.2 Lab: Accidental exposure of private GraphQL fields | 2024https://cyberw1ng.medium.com/19-2-lab-accidental-exposure-of-private-graphql-fields-2024-0d0836dc82ba?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, hacking, bug-bounty, careers17-Apr-2024
How I approach Account takeover due to no rate limit on OTPhttps://medium.com/@jeetpal2007/how-i-approach-account-takeover-due-to-no-rate-limit-on-otp-10a7fe056184?source=rss------bug_bounty-5JEETPALbug-bounty, bountytips, no-rate-limit, account-takeover17-Apr-2024
How I found a P1 bug in just 40 minuteshttps://medium.com/@jeetpal2007/how-i-found-a-p1-bug-in-just-40-minutes-4f3614abe974?source=rss------bug_bounty-5JEETPALapi-key, p1bugs, bug-bounty-tips, bug-bounty17-Apr-2024
OTP Bruteforce Chained with Response Manipulation Leads to Zero Click Account Takeoverhttps://medium.com/@cyberpro151/otp-bruteforce-chained-with-response-manipulation-leads-to-zero-click-account-takeover-7d1bee79a19f?source=rss------bug_bounty-5cyberpro151cybersecurity, account-takeover, bug-bounty, web-hacking, hacking17-Apr-2024
(Part 2) API Mis configuration: How Employee can change Manager’s review for him.https://interc3pt3r.medium.com/api-mis-configuration-how-employee-can-change-managers-review-for-him-part-2-28b242216b40?source=rss------bug_bounty-5Aneesha Dweb-development, bug-bounty, tips, cybersecurity, hacking17-Apr-2024
TCM Security — Practical Ethical Hacking Course — Find & Exploit Common Web Vulnerabilities — XSS…https://shibushivansh.medium.com/tcm-security-practical-ethical-hacking-course-find-exploit-common-web-vulnerabilities-xss-00dbb33d45e2?source=rss------bug_bounty-5Shivansh Sethcross-site-scripting, blog, command-injection, bug-bounty, cybersecurity16-Apr-2024
PayPal Bug Bountyhttps://bevijaygupta.medium.com/paypal-bug-bounty-7838f8bc5e4b?source=rss------bug_bounty-5Vijay Guptabugs, paypal, paypal-account, bug-bounty, bug-bounty-tips16-Apr-2024
Discord Bug Bountyhttps://bevijaygupta.medium.com/discord-bug-bounty-e2d0d3829c99?source=rss------bug_bounty-5Vijay Guptabugs, discord, bug-bounty-tips, bug-bounty, discord-bot16-Apr-2024
Top 5 books to learn bug hunting beginner to advancehttps://medium.com/@buglearners.com/top-5-books-to-learn-bug-hunting-beginner-to-advance-9006c34ea126?source=rss------bug_bounty-5Buglearners.combug-bounty, cybersecurity, bug-hunting, advance, books16-Apr-2024
18.4 Lab: Exploiting Ruby deserialization using a documented gadget chain | 2024https://cyberw1ng.medium.com/18-4-lab-exploiting-ruby-deserialization-using-a-documented-gadget-chain-2024-2e02be94c6f8?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, careers, bug-bounty, penetration-testing16-Apr-2024
Email Template Draft Feature Triggers SSRF, Earns ¥3000!https://medium.com/@xiaodongsec/email-template-draft-feature-triggers-ssrf-earns-3000-d59af1ffbae6?source=rss------bug_bounty-5Xiaodonghacker, vulnerability, china, money, bug-bounty16-Apr-2024
WhatWeb!?https://thehackersmeetup.medium.com/whatweb-c132eb13927c?source=rss------bug_bounty-5The Hackers Meetuptools, bug-bounty, whatweb, kali, web16-Apr-2024
XSS (Міжсайтовий скриптинг): детальний розбірhttps://medium.com/@max.pavlenko.dev/xss-%D0%BC%D1%96%D0%B6%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2%D0%B8%D0%B9-%D1%81%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%B8%D0%BD%D0%B3-%D0%B4%D0%B5%D1%82%D0%B0%D0%BB%D1%8C%D0%BD%D0%B8%D0%B9-%D1%80%D0%BE%D0%B7%D0%B1%D1%96%D1%80-23c36e5a7483?source=rss------bug_bounty-5Max Pavlenko (Certified Vue.js Developer)bug-bounty, security, front-end-development, xss-vulnerability16-Apr-2024
Reverse Engineering Sitecore Vulnerabilities-3https://medium.com/@nilayp799/reverse-engineering-sitecore-vulnerabilities-3-ba8a99563ca4?source=rss------bug_bounty-5Nilay Patelbug-bounty, vulnerability, automation, hacking, sitecore16-Apr-2024
Reverse Shell Scripting Concept.https://rahman0x01.medium.com/reverse-shell-scripting-concept-1bf1f60686a7?source=rss------bug_bounty-5rahman0x01netcat, bash-scripting, bug-bounty, reverse-shell, bash-script16-Apr-2024
I Found An IDOR Flaw where users' attached pictures and documents were leaked.https://medium.com/@Ajakcybersecurity/i-found-an-idor-flaw-where-users-attached-pictures-and-documents-were-leaked-961d564ce72f?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, cybersecurity, money, bug-bounty, penetration-testing16-Apr-2024
Bug Bounty Automationhttps://bevijaygupta.medium.com/bug-bounty-automation-f1fa68e3d903?source=rss------bug_bounty-5Vijay Guptaautomation-tools, automation-testing, bug-bounty-tips, automation, bug-bounty15-Apr-2024
Dell Bug Bountyhttps://bevijaygupta.medium.com/dell-bug-bounty-a578dc53d7bb?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, dell, dell-laptop, bugs, bug-bounty15-Apr-2024
CVE-2024–3400: A Critical Vulnerability in PAN-OS Firewallshttps://infosecwriteups.com/cve-2024-3400-a-critical-vulnerability-in-pan-os-firewalls-a7f8c66a10d2?source=rss------bug_bounty-5ElNiakbug-bounty, penetration-testing, command-injection, firewall, cybersecurity15-Apr-2024
Story of a strange IDOR without IDhttps://m7arm4n.medium.com/story-of-a-strange-idor-without-id-6735fd3dcd27?source=rss------bug_bounty-5M7arm4nhacking, bug-bounty, bug-bounty-tips, security, hacker15-Apr-2024
CSRF (1/3)https://medium.com/@karimelsayed0x1/csrf-1-3-22050bf9c92c?source=rss------bug_bounty-5z3r0xkbug-bounty, bug-bounty-tips, bug-bounty-writeup, csrf, web-attack15-Apr-2024
Advance XSS payload Listhttps://medium.com/@psychomong/advance-xss-payload-list-7b5d1a4df61c?source=rss------bug_bounty-5psychomonghacking, bug-bounty-tips, bugs, bug-bounty, xss-attack15-Apr-2024
18.3 Lab: Exploiting PHP deserialization with a pre-built gadget chain | 2024https://cyberw1ng.medium.com/18-3-lab-exploiting-php-deserialization-with-a-pre-built-gadget-chain-2024-64dcb875e23c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, hacking, penetration-testing, bug-bounty15-Apr-2024
How I got JS Execution (DOM XSS) Via CSTIhttps://medium.com/@amrkadry7/how-i-got-js-execution-dom-xss-via-csti-58a4171c2963?source=rss------bug_bounty-5Amrcybersecurity, bug-bounty15-Apr-2024
Acer Bug Bountyhttps://bevijaygupta.medium.com/acer-bug-bounty-9ce4d49c1051?source=rss------bug_bounty-5Vijay Guptaacer, bug-zero, bug-bounty, bug-bounty-tips, bugs14-Apr-2024
My Bug Bounty Journeyhttps://bevijaygupta.medium.com/my-bug-bounty-journey-b07f663c8ff8?source=rss------bug_bounty-5Vijay Guptabug-zero, bug-bounty-tips, my-journey, bugs, bug-bounty14-Apr-2024
Ten Tips You Have to Know for WordPress Bug Bountyhttps://medium.com/@zpbrent/ten-tips-you-have-to-know-for-wordpress-bug-bounty-b2b070f07add?source=rss------bug_bounty-5Peng Zhoubug-bounty, wordpress, infosec, hacker, bug-bounty-tips14-Apr-2024
How I Exploited the Account Cancellation Feature to Farm Rewardshttps://medium.com/@xiaodongsec/how-i-exploited-the-account-cancellation-feature-to-farm-rewards-19f6d6c0e181?source=rss------bug_bounty-5Xiaodonghacks, bug-bounty, skills, vulnerability, china14-Apr-2024
How I Hack Web Applications (Part 1)https://infosecwriteups.com/how-i-hack-web-applications-part-1-0833c002cc9a?source=rss------bug_bounty-5Rafin Rahman Chyethical-hacking, penetration-testing, bug-bounty, infosec, application-security14-Apr-2024
A unique SSRF hunt ( Invite user functionality vulnerable to blind SSRF attack )https://medium.com/@abhishek8602314652/a-unique-ssrf-hunt-invite-user-functionality-vulnerable-to-blind-ssrf-attack-c6804b2b398b?source=rss------bug_bounty-5Abhishek singh ( a6h1)bug-bounty, ssrf, bug-bounty-tips, bug-hunting, bug-bounty-writeup14-Apr-2024
A click can cause 1600$ | Auth0 misconfig .https://naumankh4n.medium.com/a-click-can-cause-1600-auth0-misconfig-9234aedad55c?source=rss------bug_bounty-5Nauman Khanpenetration-testing, bug-bounty, hacking, cybersecurity, money14-Apr-2024
18.2 Lab: Exploiting Java deserialization with Apache Commons | 2024https://cyberw1ng.medium.com/18-2-lab-exploiting-java-deserialization-with-apache-commons-2024-7ba379e97b52?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, careers, penetration-testing14-Apr-2024
Access to transparent security testing — Why we made HackGATE™ available to everyonehttps://medium.com/@levente.b.molnar/access-to-transparent-security-testing-why-we-made-hackgate-available-to-everyone-11c3e0efe44c?source=rss------bug_bounty-5Hackratebug-bounty, penetration-testing, pentesting, security, cybersecurity14-Apr-2024
THE ART OF RECONISM: HORIZONTAL RECON FOR PENETRATION TESTING:https://hacktivistattacker.medium.com/the-art-of-reconism-horizontal-recon-for-penetration-testing-fea5399af186?source=rss------bug_bounty-5Hacktivist-Attackerreconnaissance, horizonatl-reconaissance, scope-finding, bug-bounty, information-gathering13-Apr-2024
Power of CSRFhttps://medium.com/@hillrane24/power-of-csrf-43b736c74280?source=rss------bug_bounty-5NIKHIL RANEotp-bypass, bug-bounty, csrf, authentication-bypass13-Apr-2024
Unauthorized Admin Account Access via Google Authenticationhttps://nullr3x.medium.com/unauthorized-admin-account-access-via-google-authentication-a38d42577ac9?source=rss------bug_bounty-5Sahil Mehracybersecurity, web, bug-bounty, vulnerability, penetration-testing13-Apr-2024
Bancor Bug Bountyhttps://bevijaygupta.medium.com/bancor-bug-bounty-9c40e9389ab5?source=rss------bug_bounty-5Vijay Guptabug-zero, bug-bounty, bug-bounty-tips, bugs, bancor13-Apr-2024
Facebook Bug Bountyhttps://bevijaygupta.medium.com/facebook-bug-bounty-e9e73ce56f11?source=rss------bug_bounty-5Vijay Guptafacebook, bug-bounty-tips, bug-bounty, bugs, facebook-bug-bounty13-Apr-2024
Menggali Potensi Bug Bounty: Menghasilkan Uang atau Menemukan Keamanan?https://medium.com/@kaizen100801/menggali-potensi-bug-bounty-menghasilkan-uang-atau-menemukan-keamanan-170c44d2904e?source=rss------bug_bounty-5Zenbug-bounty, bug-bounty-tips, cybersecurity, hacking, cyber-security-awareness13-Apr-2024
Api Bug Bountyhttps://bevijaygupta.medium.com/api-bug-bounty-5f2aafced9a4?source=rss------bug_bounty-5Vijay Guptabugs, api, bug-bounty, api-development, bug-bounty-tips13-Apr-2024
How I saved over 200,000 job seekers’ data on staterecruit.in from a potential data breach.https://brutexploiter.medium.com/how-i-saved-over-200-000-job-seekers-data-on-staterecruit-in-from-a-potential-data-breach-7db5bad1c9e0?source=rss------bug_bounty-5brutexploitercybersecurity, web-development, web-security, sql-injection, bug-bounty13-Apr-2024
How do insecure deserialization vulnerabilities arise?https://cyberw1ng.medium.com/how-do-insecure-deserialization-vulnerabilities-arise-233c336b305b?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, careers, hacking, bug-bounty13-Apr-2024
How Did I Easily Find Stored XSS at Apple and earn $5000 ?https://medium.com/@xrypt0/how-did-i-easily-find-stored-xss-at-apple-and-earn-5000-3aadbae054b2?source=rss------bug_bounty-5Cryptosecurity, xss-attack, apple, bug-bounty, web-security13-Apr-2024
TryHackMe Creative Write-Uphttps://blog.devgenius.io/tryhackme-creative-write-up-f29e2cdbf7ae?source=rss------bug_bounty-5Joseph Alantryhackme-walkthrough, tryhackme, cybersecurity, tryhackme-writeup, bug-bounty13-Apr-2024
Broken Access Control (IDOR) on Forgot Password Could Lead to Attacker Change Password for Every…https://medium.com/@blackarazi/broken-access-control-idor-on-forgot-password-could-lead-to-attacker-change-password-for-every-e1b18e075b5a?source=rss------bug_bounty-5Azhari Harahapbug-bounty-writeup, bug-bounty, account-takeover, application-security, broken-access-control12-Apr-2024
How I managed to bypass 2FA on image linehttps://medium.com/@bishwajeetb1/how-i-managed-to-bypass-2fa-on-image-line-11f123fc32ea?source=rss------bug_bounty-5Bishwajeetcybersecurity, bug-bounty, application-security, web-application-testing, web-application-security12-Apr-2024
Using E-Notation to bypass Access Control restrictions to access arbitrary user PII-discussionshttps://medium.com/@keizobugbounty/using-e-notation-to-bypass-access-control-restrictions-to-access-arbitrary-user-pii-discussions-1fa014b544d4?source=rss------bug_bounty-5Keizobugbounty-writeup, cybersecurity, bug-bounty-writeup, bug-bounty, bug-bounty-tips12-Apr-2024
The Critical Role Of Bug Bounties in Ensuring Web3 Securityhttps://securrtech.medium.com/the-critical-role-of-bug-bounties-in-ensuring-web3-security-084cf518234b?source=rss------bug_bounty-5Securrweb3-security, bug-bounty, web312-Apr-2024
How I Find My First Internet Bug Bounty for Apache Airflowhttps://medium.com/@zpbrent/how-i-find-my-first-internet-bug-bounty-for-apache-airflow-9d3c1ec29b24?source=rss------bug_bounty-5Peng Zhoubug-bounty, open-source, airflow, python, infosec12-Apr-2024
Bug Zero at a Glance [16–31 March]https://blog.bugzero.io/bug-zero-at-a-glance-16-31-march-4f4cd6823a75?source=rss------bug_bounty-5Januka Dharmapriyacybersecurity, sri-lanka, bug-zero, bug-bounty, newsletter12-Apr-2024
How i Almost got 2K$ through a Race conditionhttps://medium.com/@0x3adly/how-i-almost-got-2k-through-a-race-condition-3b09232b3a25?source=rss------bug_bounty-5Anas Eladly ( 0x3adly )bug-bounty, bug-bounty-tips, race-condition, infosec, web-penetration-testing12-Apr-2024
A Comprehensive Guide to Static Analysis in Android Pentestinghttps://medium.com/@samireddisaimanikanta939/a-comprehensive-guide-to-static-analysis-in-android-pentesting-66023053ed18?source=rss------bug_bounty-5Intrud3rXpenetration-testing, ethical-hacking, android-static-analysis, android-pentesting, bug-bounty12-Apr-2024
Learn Bug Bountyhttps://bevijaygupta.medium.com/learn-bug-bounty-d67654f0c01f?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bugs, bug-bounty, learn, bug-zero12-Apr-2024
Microsoft Bug Bountyhttps://bevijaygupta.medium.com/microsoft-bug-bounty-1295263b135e?source=rss------bug_bounty-5Vijay Guptamicrosoft, microservices, bug-bounty-tips, bug-bounty-writeup, bug-bounty12-Apr-2024
How I Bypassed Offer Limits to Gain Multiple Membership Benefitshttps://medium.com/@xiaodongsec/how-i-bypassed-offer-limits-to-gain-multiple-membership-benefits-affea84c0844?source=rss------bug_bounty-5Xiaodongbug-bounty, hacker, china, vulnerability12-Apr-2024
Latest Bug Bounty And Web Hacking Tools Bug Bunty And Web Hacking Toolshttps://medium.com/@haidertallal786/latest-bug-bounty-and-web-hacking-tools-bug-bunty-and-web-hacking-tools-feff2224b200?source=rss------bug_bounty-5Muhammad haider Tallalbug-bounty, web-penetration-testing, hacking12-Apr-2024
Zoho Account Takeover: How a Single Click Can Lead to Full Control on your Zoho accounthttps://medium.com/@0xUsername/zoho-account-takeover-how-a-single-click-can-lead-to-full-control-on-your-zoho-account-04a5ea069382?source=rss------bug_bounty-5HackerWithOutHatsecurity, cybersecuirty, bug-bounty, infosec, information-security12-Apr-2024
Random account takeover via misconfigured OAuthhttps://medium.com/@Berserker1337/random-account-takeover-via-misconfigured-oauth-5dc2cbbbe905?source=rss------bug_bounty-5Berserkerbug-bounty, cybersecurity, information-security, infosec, vulnerability12-Apr-2024
16.5 Lab: Multistep clickjacking in Bug Bounty | 2024https://cyberw1ng.medium.com/16-5-lab-multistep-clickjacking-in-bug-bounty-2024-a5eb20de6900?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, cybersecurity, hacking12-Apr-2024
5 Methods I Use To Discover APIshttps://medium.com/@red.whisperer/5-methods-i-use-to-discover-apis-6d646baa3ffb?source=rss------bug_bounty-5Chuxapi, red-team, pentesting, hacking, bug-bounty12-Apr-2024
Token-Based Authentication vulnerabilityhttps://medium.com/@paulovitorcl/token-based-authentication-vulnerability-37d97efcca62?source=rss------bug_bounty-5Paulo Vitor Costa Limabug-bounty, cybersecurity12-Apr-2024
Hunting on Microsoft SharePoint: The art of manipulation.https://machiavellli.medium.com/hunting-on-microsoft-sharepoint-the-art-of-manipulation-25c96ee1de3a?source=rss------bug_bounty-5Machiavelliinfosec, bug-bounty12-Apr-2024
How I Discovered Vulnerabilities by Modifying App Memoryhttps://medium.com/@xiaodongsec/how-i-discovered-vulnerabilities-by-modifying-app-memory-5a87b685ed3d?source=rss------bug_bounty-5Xiaodonghacker, china, bug-bounty, vulnerability, money12-Apr-2024
How I Exposed a High-Risk SSRF Vulnerability in an AI Modelhttps://medium.com/@xiaodongsec/how-i-exposed-a-high-risk-ssrf-vulnerability-in-an-ai-model-e40d6f96a5e1?source=rss------bug_bounty-5Xiaodongsechacker, bug-bounty, ai11-Apr-2024
Building My Own Packet Sniffer for Game Security Testinghttps://medium.com/@yannik603/building-my-own-packet-sniffer-for-game-security-testing-8baf58a94d0c?source=rss------bug_bounty-5Yannik Castrogamehacking, bug-bounty, reverse-engineering, hacking, hacking-tools11-Apr-2024
Meta Bug Bountyhttps://bevijaygupta.medium.com/meta-bug-bounty-cc842ca0f614?source=rss------bug_bounty-5Vijay Guptabugs, bug-zero, bug-bounty, metaverse, bug-bounty-tips11-Apr-2024
How to Fuzz Prototype Pollution by Reusing Public CVEs for Fun and Researchhttps://medium.com/@zpbrent/how-to-fuzz-prototype-pollution-by-reusing-public-cves-for-fun-and-research-40891013bf0b?source=rss------bug_bounty-5Peng Zhouweb-security, nodejs, fuzzing, infosec, bug-bounty11-Apr-2024
How I Exposed a High-Risk SSRF Vulnerability in an AI Modelhttps://medium.com/@xiaodongsec/how-i-exposed-a-high-risk-ssrf-vulnerability-in-an-ai-model-e40d6f96a5e1?source=rss------bug_bounty-5Xiaodonghacker, bug-bounty, ai11-Apr-2024
How I Uncovered a Payment Vulnerabilityhttps://medium.com/@xiaodongsec/how-i-uncovered-a-payment-vulnerability-6355e15d1702?source=rss------bug_bounty-5Xiaodongvulnerability, china, bug-bounty, hacker11-Apr-2024
Indian software firms cheated me by failing to provide the promised bounty after I reported…https://medium.com/@mangbho28/indian-software-firms-cheated-me-by-failing-to-provide-the-promised-bounty-after-i-reported-ffc7fcc83993?source=rss------bug_bounty-5MB007bug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-program11-Apr-2024
Bypassed the Amazon CloudFront Logic and got XSS at the National Weather Agency of the U.S.https://royzsec.medium.com/bypassed-the-amazon-cloudfront-logic-and-got-xss-at-the-national-weather-agency-of-the-u-s-100af330430a?source=rss------bug_bounty-5Prince Roy(RoyzSec)web-development, hacking, bug-bounty, cybersecurity, penetration-testing11-Apr-2024
7 Essential Skills Every Bug Bounty Hunter Needs to Succeedhttps://medium.com/mynextdeveloper/7-essential-skills-every-bug-bounty-hunter-needs-to-succeed-0e6ac8afa483?source=rss------bug_bounty-5MyNextDeveloperpenetration-testing, cybersecurity, kali-linux, darkweb, bug-bounty11-Apr-2024
GitHub Bug Bountyhttps://bevijaygupta.medium.com/github-bug-bounty-afa61eb789f3?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bug-zero, bugs, github, bug-bounty11-Apr-2024
16.4 Lab: Exploiting clickjacking vulnerability to trigger DOM-based XSS | 2024https://cyberw1ng.medium.com/16-4-lab-exploiting-clickjacking-vulnerability-to-trigger-dom-based-xss-2024-71c5b567fb4b?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, cybersecurity, bug-bounty, careers11-Apr-2024
Secret BurpSuite Extension For BugBounty~ Part-2https://medium.com/@Ajakcybersecurity/secret-burpsuite-extension-for-bugbounty-part-2-58b644b9222c?source=rss------bug_bounty-5AjakCybersecurityblog, bug-bounty, penetration-testing, ethical-hacking, hacking11-Apr-2024
How to Fuzz Prototype Pollution by Reusing Public CVEs for Fun and Researchhttps://medium.com/@zpbrent/how-to-fuzz-prototype-pollution-by-reusing-public-cves-for-fun-and-research-40891013bf0b?source=rss------bug_bounty-5Peng Zhoujavascript, web-security, nodejs, infosec, bug-bounty11-Apr-2024
Bug Bounty Challenge: Day 16–11/04/2024https://wallotry.medium.com/bug-bounty-challenge-day-16-11-04-2024-effc5c820319?source=rss------bug_bounty-5Wallotrybug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty11-Apr-2024
CVE-2024–24576: A Critical Rust Vulnerability on Windowshttps://infosecwriteups.com/cve-2024-24576-a-critical-rust-vulnerability-on-windows-4f0bb1a332e9?source=rss------bug_bounty-5ElNiakcybersecurity, windows, rust, penetration-testing, bug-bounty10-Apr-2024
How I Find an Arbitrary File Upload Vulnerability with a Unique Bypasshttps://medium.com/@zpbrent/how-i-find-an-arbitrary-file-upload-vulnerability-with-a-unique-bypass-8d679f45a497?source=rss------bug_bounty-5Peng Zhouinfosec, wordpress-plugins, web-security, bug-bounty, wordpress10-Apr-2024
Bug Bounty Certificationhttps://bevijaygupta.medium.com/bug-bounty-certification-27c95b8a1b80?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bugs, bug-bounty, bug-zero, bug-bounty-certification10-Apr-2024
Android Bug Bountyhttps://bevijaygupta.medium.com/android-bug-bounty-9a2daf0d2270?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, android-bug-bounty, android, bugs, bug-bounty10-Apr-2024
Apple Bug Bountyhttps://bevijaygupta.medium.com/apple-bug-bounty-88002b2c159d?source=rss------bug_bounty-5Vijay Guptaapple-bug-bounty, bug-zero, bug-bounty, bug-bounty-tips, bugs10-Apr-2024
SQL Injection: A Simple Beginner’s Guide.https://ishengoma.medium.com/sql-injection-a-simple-beginners-guide-58d237ff18da?source=rss------bug_bounty-5Ishengomavulnerability-assessment, sql-injection, hacking, vulnerability-management, bug-bounty10-Apr-2024
Privilege Escalation by manipulating endpointhttps://medium.com/@vijayrockstar.verma5/privilege-escalation-by-manipulating-endpoint-10feb974bab5?source=rss------bug_bounty-5Vijay Vermainfosec, hacking, bug-bounty, cybersecurity, pentesting10-Apr-2024
Vulnerable WordPress March 2024 (Kandovan)https://medium.com/@onhexgroup/vulnerable-wordpress-march-2024-kandovan-24103451060b?source=rss------bug_bounty-5Onhexgroupwordpress, bug-bounty, wordpress-security, infosec, exploitation10-Apr-2024
Clickjacking: A Comprehensive Guide to Finding Clickjacking Vulnerabilitieshttps://cyberw1ng.medium.com/clickjacking-a-comprehensive-guide-to-finding-clickjacking-vulnerabilities-3f51d8e63a41?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, security, bug-bounty, careers10-Apr-2024
Bug: No rate limiting on Email verification leads to huge Mass Mailing :: P4https://medium.com/@deypradip87jk/bug-no-rate-limiting-on-email-verification-leads-to-huge-mass-mailing-p4-b72c666d6e56?source=rss------bug_bounty-5Professor0xx01information-security, bug-bounty-tips, cybersecurity, bug-bounty, infosec-write-ups09-Apr-2024
How I Found Bug :: Reflected XSS (Cross-Site-Scripting) On a BBP.https://medium.com/@deypradip87jk/how-i-found-bug-reflected-xss-cross-site-scripting-on-a-bbp-9f57611eda91?source=rss------bug_bounty-5Professor0xx01bug-bounty, cyber-security-solutions, infosec-write-ups, offensive-security, bug-bounty-tips09-Apr-2024
Bug: No rate limiting on Email verification leads to huge Mass Mailing :: P4https://medium.com/@p.ra.dee.p_0xx01/bug-no-rate-limiting-on-email-verification-leads-to-huge-mass-mailing-p4-b72c666d6e56?source=rss------bug_bounty-5Professor0xx01information-security, bug-bounty-tips, cybersecurity, bug-bounty, infosec-write-ups09-Apr-2024
How I Found Bug :: Reflected XSS (Cross-Site-Scripting) On a BBP.https://medium.com/@p.ra.dee.p_0xx01/how-i-found-bug-reflected-xss-cross-site-scripting-on-a-bbp-9f57611eda91?source=rss------bug_bounty-5Professor0xx01bug-bounty, cyber-security-solutions, infosec-write-ups, offensive-security, bug-bounty-tips09-Apr-2024
Bug Bounty Reportshttps://bevijaygupta.medium.com/bug-bounty-reports-8a6480d06a80?source=rss------bug_bounty-5Vijay Guptabug-bounty, bug-bounty-tips, bugs, bug-bounty-reports, bug-zero09-Apr-2024
Bug Hunting Methodology for Beginnershttps://bevijaygupta.medium.com/bug-hunting-methodology-for-beginners-ce7ee1b11c25?source=rss------bug_bounty-5Vijay Guptabug-bounty-hunter, bug-hunting, bug-bounty, bug-bounty-tips, bug-bounty-writeup09-Apr-2024
Information Disclosure: Story of 500€ + 400$ Bountyhttps://v3d.medium.com/information-disclosure-story-of-500-400-bounty-97d3b343f9ad?source=rss------bug_bounty-5V3Dbug-bounty, penetration-testing, information-technology, cybersecurity, hacking09-Apr-2024
Card Payment Functionality Checklist — Bug Bounty Tuesdayhttps://medium.com/@kerstan/card-payment-functionality-checklist-bug-bounty-tuesday-6eab127d0126?source=rss------bug_bounty-5kerstantechnology, hacking, cybersecurity, bug-bounty, security09-Apr-2024
Mass automation for finding XSS vulnerabilities in large scope targetshttps://medium.com/@oumzarkar/mass-automation-for-finding-xss-vulnerabilities-in-large-scope-targets-019996b0515c?source=rss------bug_bounty-5dextrobug-bounty-tips, cybersecurity, walkthrough, automation, bug-bounty09-Apr-2024
How I Found My First Stored XSS || WAF & Characters Limitation Bypasshttps://kariiem.medium.com/how-i-found-my-first-stored-xss-waf-characters-limitation-bypass-cc414c4fadde?source=rss------bug_bounty-5Kariiem Gamalbug-bounty-tips, bug-hunting, bug-bounty, waf-bypass, bugbounty-writeup09-Apr-2024
My WordPress Bug Bounty Journey on Patchstackhttps://medium.com/@zpbrent/from-first-rejection-to-monthly-top-c0dedd4bbc7f?source=rss------bug_bounty-5Peng Zhoubug-bounty-program, bug-bounty-hunter, wordpress-security, ethical-hacking, bug-bounty09-Apr-2024
Simple Tips for Bug Bounty Beginners: Finding Blind XSS Vulnerabilitieshttps://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-blind-xss-vulnerabilities-ab67977ff756?source=rss------bug_bounty-5Anish Narayanbug-bounty-tips, bug-bounty, xss-attack, cross-site-scripting, cybersecurity09-Apr-2024
15.3 Lab: CORS vulnerability with trusted insecure protocols | 2024https://cyberw1ng.medium.com/15-3-lab-cors-vulnerability-with-trusted-insecure-protocols-2024-2ba1967daecc?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, penetration-testing, bug-bounty, cybersecurity, hacking09-Apr-2024
Hunting Bugs and Striking Gold: Forward Calls for Elite Hunters in the Bug Bounty Campaignhttps://forwardprotocol.medium.com/hunting-bugs-and-striking-gold-forward-calls-for-elite-hunters-in-the-bug-bounty-campaign-057e686c8577?source=rss------bug_bounty-5Forward Protocolblockchain-technology, bug-bounty, bug-bounty-hunter, web3, blockchain-developer09-Apr-2024
Is Your Business a Sitting Duck for Credit Card Hackers? Here’s How PCI DSS Can Save You!https://medium.com/@josuofficial327/is-your-business-a-sitting-duck-for-credit-card-hackers-heres-how-pci-dss-can-save-you-97d7b6562131?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binucybersecurity, payment-gateway, bug-bounty, hacking, bug-bounty-tips08-Apr-2024
Google Bug Huntershttps://bevijaygupta.medium.com/google-bug-hunters-673e2f5c2600?source=rss------bug_bounty-5Vijay Guptabug-hunter, bug-bounty-writeup, google, bug-bounty, bug-bounty-tips08-Apr-2024
Unleashing the Power of Bug Bounty Dorks: A Comprehensive Guidehttps://bevijaygupta.medium.com/unleashing-the-power-of-bug-bounty-dorks-a-comprehensive-guide-b121fce9e5e4?source=rss------bug_bounty-5Vijay Guptagoogle, bug-bounty, bug-bounty-tips, google-dork, bug-zero08-Apr-2024
How I Got Multiple Privilege Escalations — The Easy Trick?https://medium.com/@Mdabdulrahman/how-i-got-multiple-privilege-escalations-the-easy-trick-e915110bc08a?source=rss------bug_bounty-5Md Abdul Rahmanwin-privilege-escalation, bug-bounty, penetration-testing, privilege-escalation08-Apr-2024
Hacking Swisscom’s End-to-End Encrypted Cloud Storage for $4,000https://medium.com/@thomashouhou/hacking-swisscoms-end-to-end-encrypted-cloud-storage-for-4-000-3660722196ec?source=rss------bug_bounty-5Thomas Houhouweb-security, hacking, bug-bounty-tips, bug-bounty, cybersecurity08-Apr-2024
XSS on out of scope domain? CORS is your secret weapon!https://c4rrilat0r.medium.com/xss-on-out-of-scope-domain-cors-is-your-secret-weapon-93e433278080?source=rss------bug_bounty-5c4rrilat0rbug-bounty, bug-bounty-tips, hackerone, xss-attack, cors08-Apr-2024
Breaking Free: 26 Advanced Techniques to Escape Docker Containershttps://infosecwriteups.com/breaking-free-26-advanced-techniques-to-escape-docker-containers-530049816b55?source=rss------bug_bounty-5ElNiakbug-bounty, cybersecurity, penetration-testing, kubernetes, docker08-Apr-2024
15.2 Lab: CORS vulnerability with trusted null origin | 2024https://cyberw1ng.medium.com/15-2-lab-cors-vulnerability-with-trusted-null-origin-2024-a84020e4e254?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, cybersecurity, careers, bug-bounty08-Apr-2024
Why You Should Attend Cybersecurity Conferences: Unlock Opportunitieshttps://medium.com/@a13h1/why-you-should-attend-cybersecurity-conferences-unlock-opportunities-2a16dfe4658e?source=rss------bug_bounty-5Abhi Sharmanetworking, information-security, cybersecurity, conference, bug-bounty07-Apr-2024
How to Start Your Journey into Cybersecurity in 2024 (or how I did)https://medium.com/@j0hnc0nn0r/how-to-start-your-journey-into-cybersecurity-in-2024-or-how-i-did-ebe4910acdc7?source=rss------bug_bounty-5John Connorcybersecurity, penetration-testing, bug-bounty, tryhackme, hackthebox07-Apr-2024
How to Start Your Journey into Cybersecurity in 2024 (or how I did)https://medium.com/@j0hnc0nn0r/how-to-start-your-journey-into-cybersecurity-in-2024-or-how-i-did-ebe4910acdc7?source=rss------bug_bounty-5J0hn C0nn0rcybersecurity, penetration-testing, bug-bounty, tryhackme, hackthebox07-Apr-2024
How Employee can change Manager’s review for him.https://interc3pt3r.medium.com/how-employee-can-change-managers-review-for-him-a903bd329111?source=rss------bug_bounty-5Aneesha Dbug-bounty, cybersecurity, hacking, security, bugs07-Apr-2024
Unofficial Guide to OWASP Top 10:2021https://medium.com/@rafinrahmanchy/unofficial-guide-to-owasp-top-10-2021-87eebd03b614?source=rss------bug_bounty-5Rafin Rahman Chypentesting, web-security, bug-bounty, hacking, infosec07-Apr-2024
TryHackMe CTF: Vulnversity — Walkthroughhttps://medium.com/@suyogpatil1810/tryhackme-ctf-vulnversity-walkthrough-2f375c5521a6?source=rss------bug_bounty-5Suyog Patilsoftware-development, computer-science, hacking, ethical-hacking, bug-bounty07-Apr-2024
Mastering CORS: A Comprehensive Guide to Finding Cross-origin resource sharing Vulnerabilities |…https://cyberw1ng.medium.com/mastering-cors-a-comprehensive-guide-to-finding-cross-origin-resource-sharing-vulnerabilities-c22a5659f95f?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, security, penetration-testing07-Apr-2024
How We Found a 25K$ Bug in a Blockchain Project by Mistake | Bounty Hunting Journeyhttps://0d.dwalletlabs.com/how-we-found-a-25k-bug-in-a-blockchain-project-by-mistake-bounty-hunting-journey-21c0c20440f6?source=rss------bug_bounty-5Elad Ernstblockchain, exploitation, web3, bug-bounty, icon-foundation07-Apr-2024
IDOR Leads To Account Takeoverhttps://medium.com/@adityasawant00/idor-leads-to-account-takeover-28fe6e300a49?source=rss------bug_bounty-5Aditya Sawantidor, account-takeover, bug-bounty, penetration-testing, web-application-security07-Apr-2024
How Did I Find Reflected XSS In Domino’s ?https://medium.com/@xrypt0/how-did-i-find-reflected-xss-in-dominos-d1d41b120598?source=rss------bug_bounty-5Cryptocloudflare, bug-bounty, penetration-testing, xss-attack, web-security07-Apr-2024
File Upload Vulnerability Checklisthttps://medium.com/@dasmanish6176/file-upload-vulnerability-checklist-254c4680aa74?source=rss------bug_bounty-5Dasmanishweb-application-security, bug-bounty, web-penetration-testing, vapt, file-upload-vulnerability07-Apr-2024
Bug Bounties in Web3: Investing in Security for Sustainable Growthhttps://medium.com/@charliekaru/bug-bounties-in-web3-investing-in-security-for-sustainable-growth-5b4092474d3d?source=rss------bug_bounty-5Charlie Karunaratneweb3, defi-security, bug-bounty, web3-security07-Apr-2024
Teaching Spotify a Cryptography Lessonhttps://medium.com/@Fanicia/teaching-spotify-a-cryptography-lesson-51f5ee0b0f5c?source=rss------bug_bounty-5Security Guyopenid-connect, blue-team, bug-bounty, cybersecurity, bug-bounty-tips07-Apr-2024
Finding CSRF on Graphql Applicationhttps://medium.com/@alpernae/finding-csrf-on-graphql-application-3ffa1105a30d?source=rss------bug_bounty-5Alperenbug-bounty-tips, graphql, cybersecurity, bug-bounty, csrf7-Apr-2024
The Fast and the Curious: Finding a Race Condition in Worldcoinhttps://medium.com/@gonzo-hacks/the-fast-and-the-curious-finding-a-race-condition-in-worldcoin-621c89bfbd61?source=rss------bug_bounty-5Dane Sherretsbug-bounty, bug-fixes, bug-bounty-tips, blockchain, hacking7-Apr-2024
“Fortify Your Cyber Space: Embark on the Dominant Cyber Boot Camp Journey”https://medium.com/@rizvi4600779/fortify-your-cyber-space-embark-on-the-dominant-cyber-boot-camp-journey-3071bd0b1ec7?source=rss------bug_bounty-5Syed Muhammad Minhal Rizvihacking, writeup, cyber, bug-bounty, cybersecurity7-Apr-2024
Host Header Manipulation Leading to Unauthorized Access to Apple’s Internal Slack bot (Bug Bounty)https://amineaboud.medium.com/unauthorized-access-to-an-internal-app-used-by-apple-to-protect-confidential-information-shared-on-c8835a80079b?source=rss------bug_bounty-5Amine Aboudbug-bounty-writeup, bug-bounty, bug-bounty-tips07-Apr-2024
This Cryptocurrency exchange paid me $200 for reporting vulnerability in their websitehttps://medium.com/@abhishek8602314652/this-cryptocurrency-exchange-paid-me-200-for-reporting-vulnerability-in-their-website-6755b38702a8?source=rss------bug_bounty-5Abhishek singh ( a6h1)cybersecurity, cryptocurrency, vulnerability, bug-hunting, bug-bounty07-Apr-2024
Wordfence otorga su mayor bounty hasta la fechahttps://casi-cincuenta-monos.medium.com/wordfence-otorga-su-mayor-bounty-hasta-la-fecha-f2d9aa561f05?source=rss------bug_bounty-5Casi Cincuenta Monoswordpress, cybersecurity, bug-bounty06-Apr-2024
Recon automation with Telegram Notificationhttps://medium.com/@tamhacker1/recon-automation-with-telegram-notification-d4c6b564ed58?source=rss------bug_bounty-5Tamhackercybersecurity, hacker, bug-bounty, reconnaissance, hacking06-Apr-2024
How To Fix bWAPP Unknown Database Error Windows/Linuxhttps://hamzaavvan.medium.com/how-to-fix-bwapp-unknown-database-error-windows-linux-acefd1a4568b?source=rss------bug_bounty-5Hamza Avvanbwapp, php, ethical-hacking, bug-fixes, bug-bounty06-Apr-2024
Easiest way to find Broken links in a websitehttps://medium.com/@jeetpal2007/easiest-way-to-find-broken-links-in-a-website-cccbc1f0b6d2?source=rss------bug_bounty-5JEETPALbroken-link, easy-bug-to-find, bug-bounty, bug-bounty-tips, broken-link-hijacking06-Apr-2024
Advanced XSS Discovery: Streamlining Your Attack Strategy with Cutting-Edge Automation Toolshttps://medium.com/@0xelkot/advanced-xss-discovery-streamlining-your-attack-strategy-with-cutting-edge-automation-tools-88cfd0f68c8e?source=rss------bug_bounty-50xElkothackerone, xss-attack, methodology, bug-bounty, hacking06-Apr-2024
14.6 Lab: SameSite Strict bypass via sibling domain | 2024https://infosecwriteups.com/14-6-lab-samesite-strict-bypass-via-sibling-domain-2024-f2ad5f0167d1?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, bug-bounty, penetration-testing, hacking06-Apr-2024
Bug Bounty: Secure Camino Network, Earn Rewardshttps://medium.com/@obobo/bug-bounty-secure-camino-network-earn-rewards-329a686da0b9?source=rss------bug_bounty-5O Boboweb3, hexen, travel, camino-network, bug-bounty06-Apr-2024
Step by Step Complete Beginners guide of iOS penetration testing with corelliumhttps://infosecwriteups.com/step-by-step-complete-beginners-guide-of-ios-penetration-testing-with-corellium-2b9e9c6382c2?source=rss------bug_bounty-5Sandeep Vishwakarmamobile-pentesting, bug-bounty, corellium, ios-penetration-testing, pentesting05-Apr-2024
Unmasking an Open Redirect on the India’s Government Websitehttps://medium.com/@nilkhant30/unmasking-an-open-redirect-on-the-indias-government-website-3f808b10bff9?source=rss------bug_bounty-5I AM Rajaopen-redirect, bug-bounty, hacking, bug-bounty-tips, security-research05-Apr-2024
IDOR To view other private users profile pictures in un.orghttps://medium.com/@Ajakcybersecurity/idor-to-view-other-private-users-profile-pictures-in-un-org-358e464335e8?source=rss------bug_bounty-5AjakCybersecurityhacking, bug-bounty, cybersecurity, ethical-hacking, penetration-testing05-Apr-2024
Apple’s Bug: From SQLi Suspicions to UI Bug Discoveryhttps://medium.com/@MohaseenK/apples-bug-from-sqli-suspicions-to-ui-bug-discovery-0e71e228b336?source=rss------bug_bounty-5Mohaseenapple, hof, bug-bounty, hackerone, bugcrowd05-Apr-2024
Race Condition Authentication Bypass Leads to Full Account Takeoverhttps://medium.com/@keizobugbounty/race-condition-authentication-bypass-leads-to-full-account-takeover-6b5c9bc0a54d?source=rss------bug_bounty-5Keizocybersecurity, bugbounty-writeup, bug-bounty, bug-bounty-writeup, bug-bounty-tips05-Apr-2024
Don’t Trust the Cache: Exposing Web Cache Poisoning and Deception vulnerabilitieshttps://anasbetis023.medium.com/dont-trust-the-cache-exposing-web-cache-poisoning-and-deception-vulnerabilities-3a829f221f52?source=rss------bug_bounty-5Anas H Hmaidybug-bounty-tips, penetration-testing, cybersecurity, web-security, bug-bounty05-Apr-2024
FB OAuth Misconfigurations to Account Takeoverhttps://medium.com/@hbenja47/fb-oauth-misconfigurations-to-account-takeover-e264a06ae4a0?source=rss------bug_bounty-5Benja (bronxi)hacking, bug-bounty, oauth, infosec05-Apr-2024
UUIDs Unmasked: Exploiting IDOR for User Data Accesshttps://medium.com/@cybersolution2172/uuids-unmasked-exploiting-idor-for-user-data-access-b199e3b08563?source=rss------bug_bounty-5Satyam Singhbug-bounty-tips, owasp, bug-bounty, idor-vulnerability, bug-bounty-writeup05-Apr-2024
14.5 Lab: CSRF with broken Referer validation | 2024https://cyberw1ng.medium.com/14-5-lab-csrf-with-broken-referer-validation-2024-9948aa660023?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, cybersecurity, careers, bug-bounty05-Apr-2024
Beetlebug Android Walkthrough & Basics Android application securityhttps://medium.com/@yousefneuer13/beetlebug-android-walkthrough-basics-android-application-security-c5e0fb9b284b?source=rss------bug_bounty-5Yousef Elsheikhcybersecurity, bug-bounty, android-security, ctf-writeup, ctf-walkthrough05-Apr-2024
One IP led to 4 bugs made the company delete the domainhttps://kalawy.medium.com/one-ip-led-to-4-bugs-made-the-company-delete-the-domain-f28a9e898a8a?source=rss------bug_bounty-5Kalawybug-bounty-tips, bug-bounty, hackerone04-Apr-2024
How to discovery vulnerabilities in your network?https://medium.com/@info_81845/how-to-discovery-vulnerabilities-in-your-network-a6fd140ad4d6?source=rss------bug_bounty-5BugFixingpenetration-testing, penetration-test-company, bug-bounty, hacking, vulnerability-assessment04-Apr-2024
Art of onscrollend | Demonstrating XSS through scroll events write-uphttps://medium.com/@rAmpancist/art-of-onscrollend-demonstrating-xss-through-scroll-events-write-up-d3b33afaaf64?source=rss------bug_bounty-5rAmpancistbug-bounty, bug-bounty-tips, xss-attack, cybersecurity, hacking04-Apr-2024
HTB Academy | CROSS_SITE SCRIPTING (XSS) -https://medium.com/@mazalwebdesign/htb-academy-cross-site-scripting-xss-7dc78e69b100?source=rss------bug_bounty-5Sara Mazal M. | maz4lethical-hacking, htb, htb-academy-writeup, htb-walkthrough, bug-bounty04-Apr-2024
FB OAuth Misconfiguration Leads to Takeover any Accounthttps://sl4x0.medium.com/fb-oauth-misconfiguration-leads-to-takeover-any-account-061316a5b31b?source=rss------bug_bounty-5Abdelrhman Allam (sl4x0)oauth2, account-takeover, bug-bounty, hacking, bug-bounty-tips04-Apr-2024
S3 Bucket Misconfigurationhttps://medium.com/@scorpiankapil/s3-bucket-misconfiguration-64d459abdb71?source=rss------bug_bounty-5Kapil Patelbug-bounty04-Apr-2024
14.4 Lab: CSRF where Referer validation depends on header being present | 2024https://cyberw1ng.medium.com/14-4-lab-csrf-where-referer-validation-depends-on-header-being-present-2024-2db1c7496091?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, cybersecurity, bug-bounty, penetration-testing04-Apr-2024
NFShttps://medium.com/@mirackucuk595/nfs-873d049131b8?source=rss------bug_bounty-5Miraç Küçükfootprinting, bug-bounty, information-gathering, hack-the-box-writeup, nfs-server04-Apr-2024
Escalation of Admin and Supervisor Privileges Enables Organization Takeover and Access to Any…https://medium.com/@elcapitano7x/escalation-of-admin-and-supervisor-privileges-enables-organization-takeover-and-access-to-any-6d1eb82bbe08?source=rss------bug_bounty-5Elcapitanobug-bounty, hacking, idor-vulnerability, bug-bounty-tips, account-takeover04-Apr-2024
Bug Bounty Challenge: Day 10–04/04/2024https://wallotry.medium.com/bug-bounty-challenge-day-10-04-04-2024-d7d40e226af2?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-writeup04-Apr-2024
My methodology to bypass CSRFhttps://medium.com/@0x7irix/my-methodology-to-bypass-csrf-957b4e552ae7?source=rss------bug_bounty-50x7irixcsrf-attack, csrf-token, csrf-bypass, csrf, bug-bounty04-Apr-2024
How I hacked medium and they didn’t pay mehttps://medium.com/@super_burgundy_weasel_439/how-i-hacked-medium-and-they-didnt-pay-me-f6c89cca3af7?source=rss------bug_bounty-5YouGotItCominghacking, bug-bounty, medium, neglect, bugs04-Apr-2024
ShentuChain’s OpenBounty Hackers and Projects Referral Programhttps://shentuchain.medium.com/shentuchains-openbounty-hackers-and-projects-referral-program-29b4b73c20c0?source=rss------bug_bounty-5Shentu Chainbug-bounty, ethical-hacker, cybersecurity, referral-program, web303-Apr-2024
SQLI with extract Huge Data just Got N/Ahttps://medium.com/@nomad8061/sqli-with-extract-huge-data-just-got-n-a-5956c3b5297b?source=rss------bug_bounty-5Ahmed Badrybug-bounty, sqlite, infosec, information-technology, ctf03-Apr-2024
Cracking the Code: XSS Exploits and Their Power in Phishing Warfarehttps://hackerhalt.medium.com/cracking-the-code-xss-exploits-and-their-power-in-phishing-warfare-252d04e9792e?source=rss------bug_bounty-5Hacker Halt Livebugbounty-writeup, phishing, xs, bug-bounty, phishing-attacks03-Apr-2024
Hack ChatGPT, Make Moneyhttps://medium.com/@david.azad.merian/hack-chatgpt-make-money-644bb4a7a529?source=rss------bug_bounty-5David Merianbug-bounty, hacking, cybersecurity, fuzzing, ai03-Apr-2024
How I Secured 50+ Brand & Startups in Shopify Stores | XSS | Responsible Disclosurehttps://prathapilango.medium.com/how-i-secured-50-brand-startups-in-shopify-stores-xss-responsible-disclosure-e38a72cf4a47?source=rss------bug_bounty-5Prathapilangoinfosec, info-sec-writeups, cybersecurity, cross-site-scripting, bug-bounty03-Apr-2024
Bug Bounty Challenge: Day 9–03/04/2024https://wallotry.medium.com/bug-bounty-challenge-day-9-03-04-2024-f7a6303bb674?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-writeup, bug-bounty-hunter, bug-bounty-tips03-Apr-2024
I asked ChatGPT to improve Jason Haddix V4 methodology. Here’s the answer:https://medium.com/@uniicorniumx/i-asked-chatgpt-to-improve-jason-haddix-v4-methodology-heres-the-answer-09de258da623?source=rss------bug_bounty-5• CrazyUnicornhacking, bug-bounty, pentesting, cybersecurity, bug-bounty-tips03-Apr-2024
Smart Fuzzing — Finding bugs like no one else. By Gilson Oliveirahttps://medium.com/@gilsgil/smart-fuzzing-finding-bugs-like-no-one-else-by-gilson-oliveira-d6aa0dbc285b?source=rss------bug_bounty-5Gilson Oliveirabug-bounty-tips, bug-bounty, bug-bounty-writeup03-Apr-2024
Struggling RCE on Jenkins Instancehttps://medium.com/@imusabkhan/struggling-rce-on-jenkins-instance-8851af98b7e6?source=rss------bug_bounty-5Mohammad Musab Khanhacker, bugs, bug-bounty, bug-bounty-tips, remote-code-execution03-Apr-2024
DNShttps://medium.com/@mirackucuk595/dns-4e18aa90b7cf?source=rss------bug_bounty-5Miraç Küçükfootprinting, hack-the-box-writeup, dns, bug-bounty03-Apr-2024
Bir sorgu dizesinde sunucu tarafı parametre kirliliğinden yararlanmahttps://medium.com/@hhuseyinuyar17/bir-sorgu-dizesinde-sunucu-taraf%C4%B1-parametre-kirlili%C4%9Finden-yararlanma-567489eefd65?source=rss------bug_bounty-5Hhuseyinuyarapi, hacking, burpsuite, bug-bounty, parameter03-Apr-2024
14.3 Lab: SameSite Lax bypass via cookie refresh | 2024https://cyberw1ng.medium.com/14-3-lab-samesite-lax-bypass-via-cookie-refresh-2024-4f10021e6ce8?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, cybersecurity, hacking, careers03-Apr-2024
Issues related to privacy (Cybersecurity)https://medium.com/@paritoshblogs/issues-related-to-privacy-cybersecurity-99368bf0bc10?source=rss------bug_bounty-5Paritoshinformation-security, bug-bounty, cybersecurity, information-technology, hacking02-Apr-2024
Welcome pentesters to cooperate with our company!https://medium.com/@alfabit_group/welcome-pentesters-to-cooperate-with-our-company-9cdf42f233bb?source=rss------bug_bounty-5AlfaBit Ecosystemblockchain, alfabit, bug-bounty, ecosystem02-Apr-2024
Unpacking CVE-2024–3094: A Critical Vulnerability in XZ Utilshttps://infosecwriteups.com/unpacking-cve-2024-3094-a-critical-vulnerability-in-xz-utils-c6a8207d7b54?source=rss------bug_bounty-5ElNiakcve, linux, backdoor, cybersecurity, bug-bounty02-Apr-2024
4 Mistakes To Avoid When Doing Bug Bounty — Bug Bounty Tuesdayhttps://medium.com/@kerstan/4-mistakes-to-avoid-when-doing-bug-bounty-bug-bounty-tuesday-fd0df75ca05d?source=rss------bug_bounty-5kerstanhacking, cybersecurity, technology, bug-bounty, security02-Apr-2024
14.2 Lab: SameSite Strict bypass via client-side redirect | 2024https://cyberw1ng.medium.com/14-2-lab-samesite-strict-bypass-via-client-side-redirect-2024-2a5e9b68fc1e?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, penetration-testing, careers, cybersecurity02-Apr-2024
One-click Account Take Overhttps://dynnyd20.medium.com/one-click-account-take-over-e500929656ea?source=rss------bug_bounty-5dynnyd20pentesting, bug-bounty, cybersecurity, information-security, security02-Apr-2024
Bug Bounty Challenge: Day 8–02/04/2024https://wallotry.medium.com/bug-bounty-challenge-day-8-02-04-2024-604382e079ac?source=rss------bug_bounty-5Wallotrybug-bounty-writeup, bug-bounty-hunter, bug-bounty, bug-bounty-tips02-Apr-2024
The Difference Between TCP and HTTP Reverse Connection:https://medium.com/@Hackerinja/the-difference-between-tcp-and-http-reverse-connection-bf13ccd16941?source=rss------bug_bounty-5Hackerinjabug-bounty, penetration-testing, cybersecurity, ethical-hacking02-Apr-2024
How I was able to send emails from anyone to anyonehttps://medium.com/@zeesek/how-i-was-able-to-send-emails-from-anyone-to-anyone-a44c57fd015b?source=rss------bug_bounty-5Muhammad Zeeshanpenetration-testing, bugs, bug-bounty-tips, bug-bounty, pentesting02-Apr-2024
How I Found My First Bug | XSShttps://medium.com/@fariio/how-i-found-my-first-bug-xss-031df71aedbe?source=rss------bug_bounty-5Fariiocybersecurity, bug-bounty-tips, penetration-testing, xss-vulnerability, bug-bounty01-Apr-2024
Bug to fix: Mastering the Life Cycle of Software Defectshttps://medium.com/@hannahanulur/bug-to-fix-mastering-the-life-cycle-of-software-defects-b227292bdb16?source=rss------bug_bounty-5Gulhanim Anulurbug-fixes, defect-management, defect-detection, bug-bounty, bugs01-Apr-2024
How to start Bug Bounty Hunting $$$$ in 2024?? | A short RoadMaphttps://infosecwriteups.com/how-to-start-bug-bounty-hunting-in-2024-a-short-roadmap-9f9eeddd24ca?source=rss------bug_bounty-57h3h4ckv157money, hacking, bug-bounty, ethical-hacking, infosec01-Apr-2024
IOS Pentesting Lab Setuphttps://hackerassociate.medium.com/ios-pentesting-lab-setup-516ec567b424?source=rss------bug_bounty-5Harshad Shahcybersecurity, penetration-testing, infosec, hacking, bug-bounty01-Apr-2024
Certified Bug Bounty Hunter: Should you go for Broke, or take a Junior Level Certification Firsthttps://medium.com/@codewidthme/certified-bug-bounty-hunter-should-you-go-for-broke-or-take-a-junior-level-certification-first-a905c105f9a2?source=rss------bug_bounty-5codewidthmehacking, bug-bounty, penetration-testing, certification, hackthebox01-Apr-2024
I will alter and update your websitehttps://medium.com/@fiverrtopfreelancer/i-will-alter-and-update-your-website-438eeb9bcde8?source=rss------bug_bounty-5Fiverr Top Freelancerhtml, website-design, bug-fixes, bug-bounty, css01-Apr-2024
Broken Application Logic Bug Doesn’t Validate Email, leading to DOShttps://medium.com/@saitle74/broken-application-logic-bug-doesnt-validate-email-leading-to-dos-d5ff73e752b4?source=rss------bug_bounty-5Saitleopbug-bounty, infosec-write-ups, cybersecurity, python, infosec01-Apr-2024
“Configuring Apache Web Server on CentOS 7”https://medium.com/@shaikhalshifa210/configuring-apache-web-server-on-centos-7-ed10245f2a4d?source=rss------bug_bounty-5Alshifa Shaikhserver-configuration, bug-bounty, machine-learning, penetration-testing, cybersecurity01-Apr-2024
How to set up Caido for Bug Bounty or Web Application Penetration?https://medium.com/@bytescheck0/how-to-set-up-caido-for-bug-bounty-or-web-application-penetration-a74729d31dca?source=rss------bug_bounty-5Bytescheckcybersecurity, penetration-testing, bug-bounty, technology01-Apr-2024
XSS Vulnerability in a Technical Assessment Application: Lessons Learned and Security Measureshttps://interc3pt3r.medium.com/xss-vulnerability-in-a-technical-assessment-application-lessons-learned-and-security-measures-9321ee4c7639?source=rss------bug_bounty-5Aneesha Dbug-bounty, cybersecurity, hacker, hacking, penetration-testing01-Apr-2024
How I Was Able To Find My First VALID XSShttps://medium.com/@harshsolanki2810/how-i-was-able-to-find-my-first-valid-xss-b1b8bd727b6a?source=rss------bug_bounty-5Dart0xxbug-bounty, cybersecurity, bug-bounty-writeup, bug-hunting01-Apr-2024
Mastering CSRF: A Comprehensive Guide to Finding Cross-site Request Forgery Vulnerabilities | 2024https://cyberw1ng.medium.com/mastering-csrf-a-comprehensive-guide-to-finding-cross-site-request-forgery-vulnerabilities-2024-8d1d13d83547?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, penetration-testing, hacking, careers01-Apr-2024
Subdomain Takeovers (Subdomain Devralma)https://medium.com/@mirackucuk595/subdomain-takeovers-subdomain-devralma-2ffa999c123b?source=rss------bug_bounty-5Miraç Küçükbug-bounty, domain-names, subdomain, hackerone01-Apr-2024
Bug Bounty Challenge: Updatehttps://wallotry.medium.com/bug-bounty-challenge-update-ebd1fa31426c?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup01-Apr-2024
How I Was Able To Find My First VALID XSShttps://medium.com/@0xdartx/how-i-was-able-to-find-my-first-valid-xss-b1b8bd727b6a?source=rss------bug_bounty-5Dart0xxbug-bounty, cybersecurity, bug-bounty-writeup, bug-hunting01-Apr-2024
Can I learn bug bounty for free?https://bevijaygupta.medium.com/can-i-learn-bug-bounty-for-free-59d71024ee15?source=rss------bug_bounty-5Vijay Guptabugs, bug-zero, bug-bounty-tips, bug-bounty, bug-fixes31-Mar-2024
Fake Tinder Account Verified By Bypassing Face Authenticationhttps://medium.com/@Ajakcybersecurity/fake-tinder-account-verified-by-bypassing-face-authentication-4b7c14e35c29?source=rss------bug_bounty-5AjakCybersecurityhacking, ethical-hacking, bug-bounty, blog, tinder31-Mar-2024
Swaggerdə qarşılaşdığım hücum vektorları ($$$)https://memmedrehimzade.medium.com/swaggerd%C9%99-qar%C5%9F%C4%B1la%C5%9Fd%C4%B1%C4%9F%C4%B1m-h%C3%BCcum-vektorlar%C4%B1-f3659eeccac5?source=rss------bug_bounty-5memmed rehimzadeswagger, cybersecurity, kibertəhlükəsizlik, bug-bounty31-Mar-2024
Understanding and Mitigating CVE-2024–3094https://medium.com/@mrblackstar26/understanding-and-mitigating-cve-2024-3094-2b8572d9e921?source=rss------bug_bounty-5Uday Patelinfosec, hacking, bug-bounty, penetration-testing, cybersecurity31-Mar-2024
Installation DVWA In Windows 10 Using XAMPPhttps://bevijaygupta.medium.com/installation-dvwa-in-windows-10-using-xampp-d6246279a10e?source=rss------bug_bounty-5Vijay Guptaxampp, dvwa, hacking, install-dvwa, bug-bounty31-Mar-2024
What is the future of bug bounty?https://bevijaygupta.medium.com/what-is-the-future-of-bug-bounty-696f0a894130?source=rss------bug_bounty-5Vijay Guptabug-bounty, bug-zero, bugs, future-technology, future31-Mar-2024
13.26 Lab: Stored XSS into onclick event with angle brackets and double quotes HTML-encoded and…https://cyberw1ng.medium.com/13-26-lab-stored-xss-into-onclick-event-with-angle-brackets-and-double-quotes-html-encoded-and-4bde1cc39671?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-test, hacking, cybersecurity, careers31-Mar-2024
Shield your System — XZ Utils Backdoor (Linux Distribution)https://infosecwriteups.com/shield-your-system-xz-utils-backdoor-linux-distribution-54583b071ccc?source=rss------bug_bounty-5Ethical Kapslinux, cybersecurity, vulnerability, hacking, bug-bounty31-Mar-2024
“Unveiling a Stored XSS Vulnerability: Example.com Under the Spotlight”https://medium.com/@mdnafeed3/unveiling-a-stored-xss-vulnerability-example-com-under-the-spotlight-37d0895cebca?source=rss------bug_bounty-5H4cker-Nafeedbug-bounty, cybersecurity31-Mar-2024
#ERROR!https://medium.com/@mdnafeed3/unveiling-a-stored-xss-vulnerability-example-com-under-the-spotlight-37d0895cebca?source=rss------bug_bounty-5H4cker-Nafeedbug-bounty, cybersecurity31-Mar-2024
Best bug hunting methodology for EZ moneyhttps://medium.com/@tom.sh/best-bug-hunting-methodology-for-ez-money-58b7fe928e6f?source=rss------bug_bounty-5Tomhacking, money, bpp, methodology, bug-bounty30-Mar-2024
Advertisers able to identify individual consumers who visited their ads (Microsoft bug bounty)https://medium.com/@avig2009/advertisers-able-to-identify-individual-consumers-who-visited-their-ads-microsoft-bug-bounty-a8bcb2d727f2?source=rss------bug_bounty-5hatich_hackermicrosoft, privacy, bug-bounty30-Mar-2024
13.25 Lab: Reflected XSS in canonical link tag | 2024https://cyberw1ng.medium.com/13-25-lab-reflected-xss-in-canonical-link-tag-2024-c4478a82b466?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, hacking, careers30-Mar-2024
A Journey into Unusual Header Injectionhttps://medium.com/@imusabkhan/a-journey-into-unusual-header-injection-693cc0ddecc6?source=rss------bug_bounty-5Mohammad Musab Khanhackerone, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-hunting30-Mar-2024
Chain of Rate Limit Bypass and Weak Token Expiry Leads To Account Take Overhttps://medium.com/@ozomarzu/chain-of-rate-limit-bypass-and-weak-token-expiry-leads-to-account-take-over-d9cddf598c9c?source=rss------bug_bounty-5CyberOzbug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity, hackerone30-Mar-2024
Email verification Bypass from P4 TO P2https://medium.com/@akrachliy/email-verification-bypass-from-p4-to-p2-50fa3dde8e5f?source=rss------bug_bounty-5Yassine Akrachlihacking, cybersecurity, bug-bounty, ethical-hacking, bugcrowd30-Mar-2024
Web Requesthttps://medium.com/@mirackucuk595/web-request-ea237118e259?source=rss------bug_bounty-5Miraç Küçükhttp-request, curl, https, bug-bounty, webrequest30-Mar-2024
Kioptrix Level 1 Walkthroughhttps://erdemstar.medium.com/kioptrix-level-1-walkthrough-6e985fbd0dc7?source=rss------bug_bounty-5Erdemstaroscp, application-security, bug-bounty-tips, bug-bounty, penetration-testing30-Mar-2024
1200 $ Email verification Bypass from P4 TO P2https://medium.com/@akrachliy/email-verification-bypass-from-p4-to-p2-50fa3dde8e5f?source=rss------bug_bounty-5Yassine Akrachlihacking, cybersecurity, bug-bounty, ethical-hacking, bugcrowd30-Mar-2024
How i found Multiple IDORhttps://medium.com/@hillrane24/how-i-found-multiple-idor-ab52815b375a?source=rss------bug_bounty-5NIKHIL RANEidor-vulnerability, bug-bounty30-Mar-2024
YouTube Growth Hackinghttps://sanparatama.medium.com/youtube-growth-hacking-a94457f04789?source=rss------bug_bounty-5Sanjaya paratamaweb-development, bug-bounty, hacking, hacking-tools, cybersecurity29-Mar-2024
The Future of Internet Security and Artificial Intelligence and Cyber Security Jobshttps://python.plainenglish.io/the-future-of-internet-security-and-artificial-intelligence-and-cyber-security-jobs-528b4c340cf9?source=rss------bug_bounty-5Imran Niazxss-attack, hacking, programming, ai, bug-bounty29-Mar-2024
[Walkthrough] Mobile Hacking Lab — Secure Notehttps://medium.com/@karimul.sh/walkthrough-mobile-hacking-lab-secure-note-eeb4af20e01b?source=rss------bug_bounty-5Md.Karimul Islam Shezanwalkthrough, android-app-security, bug-bounty, reverse-engineering, ctf29-Mar-2024
AutoLayer Bug Bounty Program: Full Information Releasehttps://autolayer.medium.com/autolayer-bug-bounty-program-full-information-release-d5de0bab972e?source=rss------bug_bounty-5AutoLayerdefi, bug-bounty29-Mar-2024
Web Security Short Series — CSRF.https://medium.com/@frankyyano/web-security-short-series-csrf-4cdf6f936773?source=rss------bug_bounty-5Yano.csrf, appsec, owasp, bug-bounty, oscp29-Mar-2024
How to learn Game Hacking? Recourse Compilation!https://medium.com/@yannik603/how-to-learn-game-hacking-recourse-compilation-1c5d2807a7cb?source=rss------bug_bounty-5Yannikreverse-engineering, bug-bounty, malware-analysis, gamehacking, coding29-Mar-2024
Unhiding the hidden 401 Bypasshttps://medium.com/@Xt3sY/unhiding-the-hidden-401-bypass-10f48c67b50d?source=rss------bug_bounty-5Pushkar Bhagatbug-bounty, hacking, bug-bounty-tips29-Mar-2024
13.24 Lab: Reflected XSS with some SVG markup allowed | 2024https://cyberw1ng.medium.com/13-24-lab-reflected-xss-with-some-svg-markup-allowed-2024-78279b906ec2?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, penetration-testing, careers29-Mar-2024
How to learn Game Hacking? Recourse Compilation!https://medium.com/@yannik603/how-to-learn-game-hacking-recourse-compilation-1c5d2807a7cb?source=rss------bug_bounty-5Yannik Castroreverse-engineering, bug-bounty, malware-analysis, gamehacking, coding29-Mar-2024
Yara Rules ✌︎ For Something ☠︎https://medium.com/@haticezkmnl/yara-rules-%EF%B8%8E-for-something-%EF%B8%8E-0164b38e3ddd?source=rss------bug_bounty-5Hatice Zehra Kamanlıcybersecurity, python, security, rules, bug-bounty29-Mar-2024
How to install drozer with dockerhttps://medium.com/@nomad8061/hello-geeks-e8d0f62b22a1?source=rss------bug_bounty-5Ahmed Badrybug-bounty29-Mar-2024
✌︎ Yara Rules ✌︎ For Something ☠︎https://medium.com/@haticezkmnl/yara-rules-%EF%B8%8E-for-something-%EF%B8%8E-0164b38e3ddd?source=rss------bug_bounty-5Hatice Zehra Kamanlıcybersecurity, python, security, rules, bug-bounty29-Mar-2024
13.23 Lab: Reflected XSS into HTML context with most tags and attributes blocked | 2024https://cyberw1ng.medium.com/13-23-lab-reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-2024-63d649c6cc2c?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, hacking, penetration-testing, cybersecurity28-Mar-2024
Bug Bounty Recon At Its Easiest with Netlas.iohttps://medium.com/@omarora1603/bug-bounty-recon-at-its-easiest-with-netlas-io-d313ae0f1c09?source=rss------bug_bounty-5Om Arorainfosec, cybersecurity, bug-bounty, bug-bounty-tips, hacking28-Mar-2024
Bypassing 403 Protection To Get Admin Accesshttps://rajput623929.medium.com/bypassing-403-protection-to-get-admin-access-d7c9d0560e5c?source=rss------bug_bounty-5Mr.Horbio403-forbidden, bug-bounty-tips, cybersecurity, ethical-hacking, bug-bounty28-Mar-2024
How to become a bug bounty hunterhttps://bevijaygupta.medium.com/how-to-become-a-bug-bounty-hunter-c607bb7de595?source=rss------bug_bounty-5Vijay Guptabug-zero, bug-bounty, bugs, bug-bounty-tips, bug-fixes28-Mar-2024
OAuth Hijacking leads to account takeoverhttps://medium.com/@iknowhatodo/oauth-hijacking-leads-to-account-takeover-a051bdb5e9f0?source=rss------bug_bounty-5Hossam Ahmedbug-bounty, oauth28-Mar-2024
How I Hacked Your Private Repository in GitHub (And Got JackShit)https://medium.com/@reuveinas/how-i-hacked-your-private-repository-in-github-and-got-jackshit-cb7c342570b2?source=rss------bug_bounty-5Reuvein Vinokurov (CTO:UNIXi) - https://unixi.io/microsoft, bug-bounty, github, security, cybersecurity28-Mar-2024
How to write a Walkthroughhttps://bevijaygupta.medium.com/how-to-write-a-walkthrough-23eee7f6777c?source=rss------bug_bounty-5Vijay Guptabug-bounty-writeup, bug-bounty-tips, bug-bounty, walkthroughwednesday, walkthrough28-Mar-2024
Unveiling all techniques to find IDOR’S in web applicationshttps://adipsharif.medium.com/unveiling-all-techniques-to-find-idors-in-web-applications-578d2b8aa28a?source=rss------bug_bounty-5ADIPbug-bounty-tips, bug-bounty, pentesting, penetration-testing, bug-bounty-writeup28-Mar-2024
IDOR’a Girişhttps://medium.com/@mirackucuk595/idora-giri%C5%9F-23c22a5ae24f?source=rss------bug_bounty-5Miraç Küçükhack-the-box-writeup, burpsuite, idor-vulnerability, bug-bounty28-Mar-2024
Risks of Software Dependencies AKA Toxic Dependencieshttps://bytebusterx.medium.com/risks-of-software-dependencies-aka-toxic-dependencies-0a38150cf5ce?source=rss------bug_bounty-5ByteBusterXbug-bounty, hacking, infosec, vulnerability, cybersecurity28-Mar-2024
Penetration Testing Toolshttps://bevijaygupta.medium.com/penetration-testing-tools-b4c8ad807114?source=rss------bug_bounty-5Vijay Guptapenetration-testing-tools, pentesting, hacking, bug-bounty, penetration-testing28-Mar-2024
Stargazing Risks: Exploring the Data Breach that Exposed NASA Employees’ PIIhttps://interc3pt3r.medium.com/stargazing-risks-exploring-the-data-breach-that-exposed-nasa-employees-pii-68692cf7a5e9?source=rss------bug_bounty-5Aneesha Dbug-bounty-writeup, cybersecurity, hacking, security, bug-bounty28-Mar-2024
Finding Bug DMRC Reflected Xss and HTML Injectionhttps://medium.com/@abhishekaswal777/finding-bug-dmrc-reflected-xss-and-html-injection-fe4361a1db60?source=rss------bug_bounty-5Abhishekaswalbugs, poc, bug-bounty, bug-bounty-tips, hackerone28-Mar-2024
Annonforce — Tryhackme Walkthrough Easy Self-madehttps://medium.com/@shaswata.ssaha/annonforce-tryhackme-walkthrough-easy-self-made-f45c3a6f3e96?source=rss------bug_bounty-5Shaswata Sahatryhackme, security, anonforce, bug-bounty, ctf28-Mar-2024
Polyglot Files: The Cybersecurity Chameleon Threathttps://infosecwriteups.com/polyglot-files-the-cybersecurity-chameleon-threat-29890e382b59?source=rss------bug_bounty-5ElNiakpolyglot, cybersecurity, obfuscation, bug-bounty, penetration-testing27-Mar-2024
Hackerone提现人民币https://medium.com/@dem0ns/hackerone%E6%8F%90%E7%8E%B0%E4%BA%BA%E6%B0%91%E5%B8%81-a3e907fefce1?source=rss------bug_bounty-5猫猫虫hackerone, bug-bounty, 外汇27-Mar-2024
Mistakes To Avoid in Your Bug Bounty Career- Part 2https://medium.com/@Ajakcybersecurity/mistakes-to-avoid-in-your-bug-bounty-career-part-2-9da1c77788ea?source=rss------bug_bounty-5AjakCybersecurityhacking, bug-bounty, penetration-testing, blog, cybersecurity27-Mar-2024
13.22 Lab: Stored DOM XSS | 2024https://cyberw1ng.medium.com/13-22-lab-stored-dom-xss-2024-344ec753599a?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, penetration-testing, hacking, careers27-Mar-2024
HACKING WORDPRESShttps://medium.com/@mirackucuk595/hacking-wordpress-ac9ee6447045?source=rss------bug_bounty-5Miraç Küçükwpscan, wordpress-hacked, hack-the-box-writeup, hacking, bug-bounty27-Mar-2024
SSLStrippinghttps://bytebusterx.medium.com/sslstripping-e81dc95d6fab?source=rss------bug_bounty-5ByteBusterXinfosec, cybersecurity, vulnerability, hacking, bug-bounty27-Mar-2024
HTTP Verb Tampering 101 in Web Applications (Identify Exploit Prevention)https://adipsharif.medium.com/http-verb-tampering-101-in-web-applications-identify-exploit-prevention-3389258b6b93?source=rss------bug_bounty-5ADIPinfosec, penetration-testing, bug-bounty, pentesting, information-security27-Mar-2024
Hacking the Giant: Got XSS on Google’s Producthttps://adipsharif.medium.com/got-xss-on-googles-product-a4c79be8adbb?source=rss------bug_bounty-5ADIPinfosec, information-security, pentesting, bug-bounty, penetration-testing27-Mar-2024
Bug Bounty Isn’t A Scam Here’s Whyhttps://medium.com/@benbencsik/bug-bounty-isnt-a-scam-here-s-why-751547bd8531?source=rss------bug_bounty-5Ben Bencsikbug-bounty, computers, infosec, cybersecurity, technology27-Mar-2024
Hacking the Giant: XSS on Googlehttps://adipsharif.medium.com/got-xss-on-googles-product-a4c79be8adbb?source=rss------bug_bounty-5ADIPinfosec, information-security, pentesting, bug-bounty, penetration-testing27-Mar-2024
Fristileaks 1.3 Walkthroughhttps://erdemstar.medium.com/fristileaks-1-3-walkthrough-a6b962385752?source=rss------bug_bounty-5Erdemstaroscp, vulnhub-walkthrough, penetration-testing, bug-bounty, oscp-preparation27-Mar-2024
Web Application Hacking Required Readinghttps://hogarth45.medium.com/web-application-hacking-required-reading-0d2f046db191?source=rss------bug_bounty-5Jessbug-bounty, web-development, security27-Mar-2024
Why am I starting to hate Bug Bounty?https://systemweakness.com/why-am-i-starting-to-hate-bug-bounty-1f075fc96978?source=rss------bug_bounty-5Imad Husanovichacking, cybersecurity, programming, bug-bounty, bug-bounty-tips27-Mar-2024
Bug Bounty Isn’t A Scam Here’s Whyhttps://medium.com/@detroiton421094/bug-bounty-isnt-a-scam-here-s-why-751547bd8531?source=rss------bug_bounty-5Ben Bencsikbug-bounty, computers, infosec, cybersecurity, technology27-Mar-2024
RXSS Vulnerability in Less Than 10 Minutes on India’s Premier Travel Sitehttps://medium.com/@nilkhant30/rxss-vulnerability-in-less-than-10-minutes-on-indias-premier-travel-site-5b15ebb91d17?source=rss------bug_bounty-5I AM Rajabug-bounty, cybersecurity, cyber-security-awareness, hacking, xss-vulnerability26-Mar-2024
This skill is called ‘Early…’ in Software Testinghttps://medium.com/software-testing-and-automation/this-skill-is-called-early-in-software-testing-75cd641bfa93?source=rss------bug_bounty-5Temitopesoftware-testing, quality-assurance, communication, bug-bounty, software-development26-Mar-2024
HackGATE: Bug Bounty Program on steroidshttps://medium.com/@levente.b.molnar/hackgate-bug-bounty-program-on-steroids-cef50ae2f759?source=rss------bug_bounty-5Hackratehacking, ethical-hacking, cybersecurity, bug-bounty, penetration-testing26-Mar-2024
Exploring Cybersecurity with ZoomEye: A Review of the Premium Lifetime Membershiphttps://medium.com/@kenilalexandra07/exploring-cybersecurity-with-zoomeye-a-review-of-the-premium-lifetime-membership-f301a474bf88?source=rss------bug_bounty-5Kenilalexandrabug-bounty, shodan, bugbounting, zoomeye, security26-Mar-2024
How To Use AI And Nuclei To Make Money While You Sleep — Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-to-use-ai-and-nuclei-to-make-money-while-you-sleep-bug-bounty-tuesday-4d9e584e6553?source=rss------bug_bounty-5kerstanhacking, security, cybersecurity, bug-bounty, technology26-Mar-2024
13.21 Lab: Reflected DOM XSS | 2024https://cyberw1ng.medium.com/13-21-lab-reflected-dom-xss-2024-78cacc8fa1e7?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, bug-bounty, penetration-testing, careers26-Mar-2024
Bug Bounty Programs for Beginnershttps://bevijaygupta.medium.com/bug-bounty-programs-for-beginners-fccc755957d9?source=rss------bug_bounty-5Vijay Guptacybersecurity, bug-bounty-hunter, bug-bounty, bugbounty-writeup, bug-bounty-tips26-Mar-2024
Account takeover through password reset functionalityhttps://rewscel.medium.com/account-takeover-through-password-reset-functionality-af07636db302?source=rss------bug_bounty-5rewscelbug-bounty26-Mar-2024
FFUF İLE WEB UYGULAMALARINA SALDIRMAKhttps://medium.com/@mirackucuk595/ffuf-i%CC%87le-web-uygulamalarina-saldirmak-89805e47e145?source=rss------bug_bounty-5Miraç Küçüksubdomain, bug-bounty, ffuf, brute-force, hack-the-box-writeup26-Mar-2024
What is Cross-Site Scripting (XSS)?https://medium.com/@bbhuntersa/cross-site-scripting-xss-b5d374fa6e43?source=rss------bug_bounty-5BBHUNTERxss-vulnerability, cross-site-scripting, bug-bounty, xss-attack26-Mar-2024
Exploiting Post Reflected XSS via CSRF : Real world bughttps://medium.com/@Rahulkrishnan_R_Panicker/exploiting-post-reflected-xss-via-csrf-real-world-bug-f374afeb081e?source=rss------bug_bounty-5Rahulkrishnan R Panickerxss-attack, hacking, bug-bounty, csrf, web-development25-Mar-2024
Zero Interaction Mass Account Password Reset Vulnerabilityhttps://medium.com/@manan_sanghvi/zero-interaction-mass-account-password-reset-vulnerability-86b87098e3ae?source=rss------bug_bounty-5Manan Sanghvipenetration-testing, ethical-hacking, bug-bounty, vulnerability, cybersecurity25-Mar-2024
XSS module HTB academy CBBH pathhttps://medium.com/@mohammed01550038865/xss-module-htb-academy-cbbh-path-dc3ac4810087?source=rss------bug_bounty-5Muhammed Mubarakbug-bounty, htb-academy-writeup, xss-vulnerability25-Mar-2024
Reverse Engineering Sitecore Vulnerabilities-2https://medium.com/@nilayp799/reverse-engineering-sitecore-vulnerabilities-2-dcf45a501894?source=rss------bug_bounty-5Nilay Patelsitecore, vulnerability, bug-bounty, automation, hacking25-Mar-2024
13.20 Lab: DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encoded |…https://cyberw1ng.medium.com/13-20-lab-dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-7966911c58f4?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, hacking, bug-bounty, penetration-testing25-Mar-2024
Burp Suite — ¿Confiar o no en Project Files?https://medium.com/@ArtsSEC/burp-suite-confiar-o-no-en-project-files-de5fa145f4a5?source=rss------bug_bounty-5ArtsSEChacking, burpsuite, infosec, pentesting, bug-bounty25-Mar-2024
COMMAND INJECTIONShttps://medium.com/@mirackucuk595/command-injections-9ef2aef0fa97?source=rss------bug_bounty-5Miraç Küçükcommand-injection, bug-bounty, hackthebox, burpsuite, injection25-Mar-2024
Unveiling Homoglyph: Silent Culprit of User-Level DOS Attackshttps://medium.com/@imusabkhan/unveiling-homoglyph-silent-culprit-of-user-level-dos-attacks-86a0576bca3a?source=rss------bug_bounty-5Mohammad Musab Khanbug-hunting, hackerone, bug-bounty, bugcrowd, bug-bounty-tips25-Mar-2024
[Account Take Over] through reset password token leaked in response, 2500 € Rewardhttps://infosecwriteups.com/account-take-over-through-reset-password-token-leaked-in-response-2500-reward-b643f97a7c67?source=rss------bug_bounty-5jedus0rbug-bounty-hunter, security-research, bug-bounty-tips, bug-bounty, bug-bounty-writeup25-Mar-2024
How I found Account Takeover by changing email addresshttps://medium.com/@mohddanish9536/how-i-found-account-takeover-by-changing-email-address-b0dc213e2df3?source=rss------bug_bounty-5Mohd Danishbug-bounty, cybersecurity, bugs24-Mar-2024
13.19 Lab: DOM XSS in document.writehttps://cyberw1ng.medium.com/13-19-lab-dom-xss-in-document-write-dddced06def8?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, careers, hacking24-Mar-2024
HTTP Verb Tamperinghttps://medium.com/@mirackucuk595/http-verb-tampering-4505d6491c95?source=rss------bug_bounty-5Miraç Küçükweb-attack, http-request, command-injection, bug-bounty, burpsuite24-Mar-2024
How to get started in Bug Bounty in 2024!https://medium.com/@FoxxCB/how-to-get-started-in-bug-bounty-in-2024-708754094de9?source=rss------bug_bounty-5Foxx C-Bhacking, infosec, bug-bounty, cybersecurity, ethical-hacking24-Mar-2024
Cloudflare WAF Huntinghttps://medium.com/@Device1306/cloudflare-waf-hunting-e878588488c8?source=rss------bug_bounty-5Device1306research, bug-bounty-tips, hacking, burpsuite, bug-bounty24-Mar-2024
Cookie Theft Deep Divehttps://cyberbull.medium.com/cookie-theft-deep-dive-3fe6d6be2d60?source=rss------bug_bounty-5Aditya Pandeybug-bounty, information-technology, ethical-hacking, security, cybersecurity23-Mar-2024
A list of Bug Bounty/Crowdsourced Security Platforms:https://medium.com/@mashunter/a-list-of-bug-bounty-crowdsourced-security-platforms-15ecd2ab6d4a?source=rss------bug_bounty-5MAS Hunterbug-bounty-program, bug-bounty, hacker, pentest23-Mar-2024
Hacking the Giant: How I Discovered Google’s Vulnerability and Hall of Fame Recognitionhttps://medium.com/@hncaga/hacking-the-giant-how-i-discovered-googles-vulnerability-and-hall-of-fame-recognition-694a9c18684a?source=rss------bug_bounty-5Henry N. Caga (hncaga)bug-bounty, vulnerability, google, xs, hacking23-Mar-2024
hellohttps://medium.com/@r.paulopereira123/hello-80ea07cbc757?source=rss------bug_bounty-5bretsadleahacking, ethical-hacking, bug-hunter, bug-bounty23-Mar-2024
Edge-Side Includes (ESI) Injection In Web Applicationshttps://adipsharif.medium.com/edge-side-includes-esi-injection-in-web-applications-2630139b6c19?source=rss------bug_bounty-5ADIPpentesting, bug-bounty-tips, infosec, information-security, bug-bounty23-Mar-2024
SSI Injection In web applications with a (exploitation example)https://adipsharif.medium.com/techniques-of-finding-ssi-injection-in-web-applications-with-a-exploitation-example-cad960f3d791?source=rss------bug_bounty-5ADIPbug-bounty-tips, penetration-testing, information-security, bug-bounty, infosec23-Mar-2024
Beyond RAM and ROM: IDOR Leads to Unauthenticated File Upload Vulnerability in Indian Government…https://systemweakness.com/beyond-ram-and-rom-idor-leads-to-unauthenticated-file-upload-vulnerability-in-indian-government-51efb80bcf50?source=rss------bug_bounty-5Vedavyasan S (@ved4vyasan)bug-bounty, bug-bounty-tips, hacking, cybersecurity, bugs23-Mar-2024
1500$: CR/LF Injectionhttps://medium.com/@a13h1/1500-cr-lf-injection-0d2a75f02ef3?source=rss------bug_bounty-5Abhi Sharmaprogramming, hacking, cybersecurity, bug-bounty, crlf-injection23-Mar-2024
Web Security Short Series — XXEhttps://medium.com/@frankyyano/web-security-short-series-xxe-64492ed1d893?source=rss------bug_bounty-5Yano.xxe, bug-bounty, xml, oscp, appsec23-Mar-2024
TEXAS BUG SWEEPS 65,000 BUGS DETECTEDhttps://medium.com/@siddiquiasad2299/texas-bug-sweeps-65-000-bugs-detected-a00ae73014b6?source=rss------bug_bounty-5Asad Siddiquitexas-bug-sweeps, bug-sweep, bug-bounty, bug-detection23-Mar-2024
How i get my bounty $$$ in YesWehack within 5mins?https://medium.com/@hacdoc/how-i-get-my-bounty-in-yeswehack-within-5mins-16706bb827e0?source=rss------bug_bounty-5ஜெய்hacking, cybersecurity, s3, bug-bounty, amazon23-Mar-2024
How we can check the Security Provider in Android applications during Pentesting (The Offensive…https://adipsharif.medium.com/how-we-can-check-the-security-provider-in-android-applications-during-pentesting-the-offensive-87c411c5d7ac?source=rss------bug_bounty-5ADIPpentesting, android-app-development, androiddev, android, bug-bounty23-Mar-2024
13.18 Lab: DOM XSS in jQuery selector sink using a hashchange event | 2024https://cyberw1ng.medium.com/13-18-lab-dom-xss-in-jquery-selector-sink-using-a-hashchange-event-2024-e990fc2ae28f?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, cybersecurity, penetration-testing, bug-bounty23-Mar-2024
How To Test Data Encryption on the Network During Android Pentestinghttps://adipsharif.medium.com/how-to-test-data-encryption-on-the-network-during-android-pentesting-0b9d3407068f?source=rss------bug_bounty-5ADIPinfosec-write-ups, info-sec-writeups, pentesting, information-security, bug-bounty23-Mar-2024
Attacking XSLT in Web Applicationshttps://adipsharif.medium.com/attacking-xslt-in-web-applications-ea538a8fb9d0?source=rss------bug_bounty-5ADIPpentesting, information-security, bug-bounty-writeup, bug-bounty, infosec23-Mar-2024
SSTI Exploitation Part III In Web Applications (with exploitation example)https://adipsharif.medium.com/ssti-exploitation-part-iii-in-web-applications-with-exploitation-example-6856b89b0efb?source=rss------bug_bounty-5ADIPpenetration-testing, infosec, bug-bounty-tips, information-security, bug-bounty23-Mar-2024
FILE UPLOAD ATTACKShttps://medium.com/@mirackucuk595/file-upload-attacks-e5175a653d32?source=rss------bug_bounty-5Miraç Küçükweb-attack, file-upload, bug-bounty, https, burpsuite23-Mar-2024
SSTI Exploitation Part II In Web Applications (with exploitation example)https://adipsharif.medium.com/ssti-exploitation-part-ii-in-web-applications-with-exploitation-example-490192e7e966?source=rss------bug_bounty-5ADIPinformation-security, pentesting, penetration-testing, bug-bounty, infosec23-Mar-2024
Bruteforce Website Login Form Using Hydra And Crunchhttps://medium.com/@OthmaneAitBouftass/bruteforce-attack-using-hydra-and-crunch-8b48ea9e36ce?source=rss------bug_bounty-5Othmane Ait Bouftasscybersecurity, bug-bounty, penetration-testing, hacking, ethical-hacking23-Mar-2024
Making money only using AI [Free Course]https://medium.com/@deadoverflow/making-money-only-using-ai-free-course-e7c51d33fee1?source=rss------bug_bounty-5Imad Husanovicweb-development, hacking, ai, bug-bounty, programming22-Mar-2024
Unveiling Admin Panels: A Bug Bounty Hunter’s Guidehttps://medium.com/@dasmanish6176/unveiling-admin-panels-a-bug-bounty-hunters-guide-6e713ae18b2c?source=rss------bug_bounty-5Dasmanishbug-bounty, infosec, ethical-hacking, cybersecurity22-Mar-2024
13.17 Lab: Stored XSS into anchor href attribute with double quotes HTML-encoded | 2024https://cyberw1ng.medium.com/13-17-lab-stored-xss-into-anchor-href-attribute-with-double-quotes-html-encoded-2024-ebbe53b33015?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, hacking, penetration-testing, cybersecurity22-Mar-2024
AutoLayer is Starting a Bug Bounty Programhttps://autolayer.medium.com/autolayer-is-starting-a-bug-bounty-program-dfb59584a0ee?source=rss------bug_bounty-5AutoLayercrypto, defi, bug-bounty22-Mar-2024
Unveiling The Techniques Of Finding Blind & Time based SSRF In Web Applications (with a…https://adipsharif.medium.com/unveiling-the-techniques-of-finding-blind-ssrf-in-web-applications-with-a-exploitation-example-9e36a78ccca6?source=rss------bug_bounty-5ADIPbug-bounty-tips, bug-bounty, information-security, pentesting, penetration-testing22-Mar-2024
5 Advanced Ways I Test For File Upload Vulnerabilitieshttps://medium.com/@red.whisperer/5-advanced-ways-i-test-for-file-upload-vulnerabilities-5b01358f87d1?source=rss------bug_bounty-5RedPandabug-bounty, infosec, red-team, hacking22-Mar-2024
Understanding Subdomain Squattinghttps://bytebusterx.medium.com/understanding-subdomain-squatting-9d61f8c432fc?source=rss------bug_bounty-5ByteBusterXhacking, infosec, cybersecurity, bug-bounty, cyberattack22-Mar-2024
How i found my first 318.39$ bugs!https://cyberbh.medium.com/how-i-found-my-first-318-39-bugs-10ccd2379320?source=rss------bug_bounty-5Msecurity BHbug-bounty, information-exposure, penetration-testing, security-misconfiguration, api22-Mar-2024
Unveiling The Techniques Of Testing Endpoint Identify Verification In Android Applicationshttps://adipsharif.medium.com/unveiling-the-techniques-of-testing-endpoint-identify-verification-in-android-applications-2a8186091296?source=rss------bug_bounty-5ADIPinformation-security, bug-bounty, android-app-development, penetration-testing, pentesting22-Mar-2024
ABUSING HTTP MISCONFIGURATIONS (HTTP YANLIŞ YAPILANDIRMALARININ KÖTÜYE KULLANILMASI)https://medium.com/@mirackucuk595/abusing-http-misconfigurations-http-yanli%C5%9F-yapilandirmalarinin-k%C3%B6t%C3%BCye-kullanilmasi-2ebbf38b2622?source=rss------bug_bounty-5Miraç Küçükhttps, burpsuite, bug-bounty, web-attack, http-request22-Mar-2024
Javascript deobfuscation the easy wayhttps://medium.com/@jad2121/javascript-deobfuscation-the-easy-way-637d7e9b2952?source=rss------bug_bounty-5JDbug-bounty, bug-bounty-tips, javascript-obfuscate22-Mar-2024
Unveiling the One-Click Account Takeover: It Started with an Innocent Open Redirecthttps://medium.com/@hmuhamm3d/unveiling-the-one-click-account-takeover-it-started-with-an-innocent-open-redirect-9f4942ddf03f?source=rss------bug_bounty-5Hassaan Mohamedbug-bounty, bug-bounty-hunter, account-takeover, bugbounty-writeup, bug-bounty-tips22-Mar-2024
Critical Vulnerability in PostgreSQL JDBC Driver — Understanding CVE-2024–1597https://shubhamrooter.medium.com/critical-vulnerability-in-postgresql-jdbc-driver-understanding-cve-2024-1597-81ac202c295e?source=rss------bug_bounty-5Shubham Tiwaribug-bounty, cybersecurity, jdbc-driver, postgresql, cve-2024-159721-Mar-2024
Digital Goldmine: Innovative Ways to Make Money Online in 2024https://medium.com/@thewriterdude/digital-goldmine-innovative-ways-to-make-money-online-in-2024-c7d33d655535?source=rss------bug_bounty-5Thewriterdudebusiness, bug-bounty, artificial-intelligence, 100-followers, blockchain21-Mar-2024
User information disclosure via message reactionshttps://melguerdawi.medium.com/user-information-disclosure-via-message-reactions-1576a6b0f236?source=rss------bug_bounty-5Mostafa Elguerdawibug-bounty, bug-bounty-tips21-Mar-2024
Major Update for Attack Surface Discovery toolhttps://netlas.medium.com/major-update-for-attack-surface-discovery-tool-4ed4f1bc80fb?source=rss------bug_bounty-5Netlas.iobug-bounty, penetration-testing, cybersecurity, reconnaissance, osint21-Mar-2024
Vulnerability Disclosure vs Bug Bounty: What’s the difference and why it mattershttps://medium.com/@levente.b.molnar/vulnerability-disclosure-vs-bug-bounty-whats-the-difference-and-why-it-matters-ce99be906b1c?source=rss------bug_bounty-5Hackratebug-bounty, security, vulnerability-disclosure, cybersecurity, penetration-testing21-Mar-2024
Best Practices for Web3 Bug Bounty Programshttps://medium.com/@auditone.io/best-practices-for-web3-bug-bounty-programs-e333992aee9f?source=rss------bug_bounty-5AuditOneauditing-services, web3, bug-bounty-tips, bug-bounty, audit21-Mar-2024
Unveiling The Techniques Of Finding Server-Side Request Forgery (SSRF) In Web Applications (with a…https://adipsharif.medium.com/unveiling-the-techniques-of-finding-server-side-request-forgery-ssrf-in-web-applications-with-a-2ac1dd20ef87?source=rss------bug_bounty-5ADIPpentesting, bug-bounty, information-security, bug-bounty-tips, cybersecurity21-Mar-2024
urit13.16 Lab: DOM XSS in jQuery anchor href attribute sink using location.search source | 2024https://cyberw1ng.medium.com/urit13-16-lab-dom-xss-in-jquery-anchor-href-attribute-sink-using-location-search-source-2024-8f8df8703aef?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, cybersecurity, hacking, penetration-testing21-Mar-2024
Buy Any Movie Tickets for Just Rs 10 (IDOR Vulnerability)https://medium.com/@sahilkushwaha275/buy-any-movie-tickets-for-just-rs-10-idor-vulnerability-670d03a45def?source=rss------bug_bounty-5S33NUbugs, idor-vulnerability, bug-bounty, technology, cybersecurity21-Mar-2024
How I found my first DOM based XSShttps://medium.com/@jsamia/how-i-found-my-first-dom-based-xss-a79f342d50d6?source=rss------bug_bounty-5Jaeden Samiabug-bounty, ethical-hacking, security, vulnerability21-Mar-2024
Automate XSS With These 3 Simple Toolshttps://medium.com/@Ajakcybersecurity/automate-xss-with-these-3-simple-tools-e0dcc89c06d0?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, cybersecurity, hacking, bug-bounty, xss-attack21-Mar-2024
Frida Use Cases and Exampleshttps://medium.com/@prinsharma1999/frida-use-cases-and-examples-984f9a2ddc69?source=rss------bug_bounty-5Prinsharmabug-bounty, bug-bounty-tips, hacking, pentest, infosec21-Mar-2024
403 Forbidden Bypass Exposing API Keyhttps://medium.com/@georgeppmc/403-forbidden-bypass-exposing-api-key-b5c9df9daeb3?source=rss------bug_bounty-5George Torrescybersecurity, bug-bounty21-Mar-2024
A Tester's Journey Through Test Automation and Practical Scenarios.https://medium.com/@tomiwaodufote/a-testers-journey-through-test-automation-and-practical-scenarios-dfb9f7074062?source=rss------bug_bounty-5Tomiwaremote-work, test-automation, bug-bounty, testing, software-engineering20-Mar-2024
Reflected XSS To Account Takeover Without Stealing Session Cookiehttps://medium.com/@rifqihz/reflected-xss-to-account-takeover-without-stealing-session-cookie-89c6ed62a3e4?source=rss------bug_bounty-5Rifqi Hilmy Zhafrantxs, hackerone, bug-bounty20-Mar-2024
ABUSING HTTP MISCONFIGURATIONS (HTTP YANLIŞ YAPILANDIRMALARININ KÖTÜYE KULLANILMASI)https://medium.com/@mirackucuk595/abusing-http-misconfigurations-http-yanli%C5%9F-yapilandirmalarinin-k%C3%B6t%C3%BCye-kullanilmasi-428333a3ddc6?source=rss------bug_bounty-5Miraç Küçükburpsuite, web-attack, https, bug-bounty, web-cache20-Mar-2024
The Art of Debugging: Tips and Tricks for Finding the Root Cause of Bugshttps://medium.com/@securelearn/the-art-of-debugging-tips-and-tricks-for-finding-the-root-cause-of-bugs-c1d9e4b9e04a?source=rss------bug_bounty-5Rohan Giridebugging, bug-finding, bug-bounty-tips, bug-bounty20-Mar-2024
H@ppy H@cking Psychomonghttps://medium.com/@psychomong/h-ppy-h-cking-psychomong-335f9049aca9?source=rss------bug_bounty-5psychomongcyber, cybersecurity, bug-bounty-tips, bug-bounty, bugs20-Mar-2024
Recon With AIhttps://medium.com/@patidarbhuwan44/recon-with-ai-c211623604e8?source=rss------bug_bounty-5Bhuwan Patidarbug-bounty, recon, reconnaissance, bug-bounty-tips20-Mar-2024
Reflected XSS with some SVG markup allowedhttps://medium.com/@ebrahimelsayed4457/reflected-xss-with-some-svg-markup-allowed-74851ff591d5?source=rss------bug_bounty-5Ebrahim El-Sayedcybersecurity, bug-bounty, portswigger, xss-attack, penetration-testing20-Mar-2024
$200 Business Logic Blunder In Sole Source Projecthttps://medium.com/@_0jatin0_/200-business-logic-blunder-in-sole-source-project-99a7bbe0d2f0?source=rss------bug_bounty-5Jatin_Chudasamabug-bounty-writeup, logic-flaw, bug-bounty20-Mar-2024
The Art Of Probing Memory for Sensitive Data In Android Applications (The Offensive Security Way)https://medium.com/@adipsharif/the-art-of-probing-memory-for-sensitive-data-in-android-applications-the-offensive-security-way-6aca19ce522f?source=rss------bug_bounty-5ADIPbug-bounty, penetration-testing, information-security, cybersecurity, infosec20-Mar-2024
Why Bug Bounty is Trending?https://medium.com/@shivyanshi.shukla/why-bug-bounty-is-trending-c981e7c28423?source=rss------bug_bounty-5Shivyanshi shuklabug-bounty, cybersecurity20-Mar-2024
IDOR to make comment in user’s private postshttps://medium.com/@youssifm.raghib/idor-to-make-comment-in-users-private-posts-47d13b843c32?source=rss------bug_bounty-5Youssif M Raghibbug-bounty-tips, bug-bounty, bug-hunter, bug-hunting20-Mar-2024
No rate limit in comments with IDORhttps://medium.com/@youssifm.raghib/no-rate-limit-in-comments-with-idor-d8904f3db588?source=rss------bug_bounty-5Youssif M Raghibbug-bounty, bugs, bug-hunting20-Mar-2024
Electrum-Dime Beta Launch: A New Era for Dimecoinhttps://dimecoinnetwork.medium.com/electrum-dime-beta-launch-a-new-era-for-dimecoin-72b5740598d4?source=rss------bug_bounty-5Dimecoin Networkdevelopment, dimecoin, blockchain, bug-bounty, cryptocurrency20-Mar-2024
Behind the Bug Report: From Overlooked to Overhauledhttps://interc3pt3r.medium.com/behind-the-bug-report-from-overlooked-to-overhauled-94a9e5595a8a?source=rss------bug_bounty-5Aneesha Dcybersecurity, security, web-applications, bug-bounty, hacking20-Mar-2024
Mantente al tanto de las actualizaciones. ¿Qué representan el punto azul y rojo en Burp Suite?https://medium.com/@ArtsSEC/mantente-al-tanto-de-las-actualizaciones-qu%C3%A9-representan-el-punto-azul-y-rojo-en-burp-suite-1da1a5c74f16?source=rss------bug_bounty-5ArtsSECburpsuite, bug-bounty, vulnerability, pentesting, hacking20-Mar-2024
13.15 Lab: Reflected XSS into HTML context with all tags blocked except custom ones | 2024https://cyberw1ng.medium.com/13-15-lab-reflected-xss-into-html-context-with-all-tags-blocked-except-custom-ones-2024-ca34eec89d88?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, hacking, penetration-testing, cybersecurity20-Mar-2024
The Art Of Testing Symmetric Cryptography During Pentesting Android Applicationshttps://medium.com/@adipsharif/the-art-of-testing-symmetric-cryptography-during-pentesting-android-applications-154dbab795d7?source=rss------bug_bounty-5ADIPbug-bounty, cybersecurity, android, bug-bounty-tips, penetration-testing20-Mar-2024
Checking Backups For Sensitive Data in Android Applications (The Offensive Security Way)https://medium.com/@adipsharif/checking-backups-for-sensitive-data-in-android-applications-the-offensive-security-way-95bd8820b84e?source=rss------bug_bounty-5ADIPpenetration-testing, bug-bounty, android, cybersecurity, android-app-development20-Mar-2024
Why Regular Security Sweeps Are Crucial for Business Successhttps://medium.com/@siddiquiasad2299/why-regular-security-sweeps-are-crucial-for-business-success-7de57c663ca7?source=rss------bug_bounty-5Asad Siddiquitscm-services-bug-sweeps, bug-bounty, bug-detection20-Mar-2024
Passlord: Your Ultimate Weapon for Creating Tailored Wordlistshttps://navnee1h.medium.com/passlord-your-ultimate-weapon-for-creating-tailored-wordlists-924a491e9a0f?source=rss------bug_bounty-5Navaneeth M Shacking, bug-bounty, passwords, cybersecurity, wordlist20-Mar-2024
Bypassing an IDOR A couple of times — $$$$https://medium.com/@bxrowski0x/bypassing-an-idor-a-couple-of-times-4d67555a1545?source=rss------bug_bounty-5Omar ElSayedbug-bounty-tips, idor, cybersecurity, bug-bounty-writeup, bug-bounty20-Mar-2024
Biometric Authentication Bypass In Android Applications (The Offensive Security Way)https://medium.com/@adipsharif/biometric-authentication-bypass-in-android-applications-the-offensive-security-way-c37d89b06db2?source=rss------bug_bounty-5ADIPandroid-app-development, bug-bounty, penetration-testing, android, androiddev20-Mar-2024
How We Can Check Configuration of Cryptographic Standard Algorithms & Random Number Generation…https://medium.com/@adipsharif/how-we-can-check-configuration-of-cryptographic-standard-algorithms-random-number-generation-000cf9bfdb64?source=rss------bug_bounty-5ADIPhacking, cybersecurity, bug-bounty, pentesting, bug-bounty-tips20-Mar-2024
Detecting Cyber Threats with Resemble.js: Safeguarding Digital Assets through Image Analysishttps://medium.com/@corymack34/detecting-cyber-threats-with-resemble-js-safeguarding-digital-assets-through-image-analysis-9e2f3427f8ed?source=rss------bug_bounty-5Cory Macksteganalysis, threat-detection, bug-bounty, cybersecurity, image-analysis20-Mar-2024
Biometric Authentication Bypass In Android Applications (The Offensive Security Way)https://adipsharif.medium.com/biometric-authentication-bypass-in-android-applications-the-offensive-security-way-c37d89b06db2?source=rss------bug_bounty-5ADIPandroid-app-development, bug-bounty, penetration-testing, android, androiddev20-Mar-2024
Evaluate, apply, and sustain security governance principles !https://infosecwriteups.com/evaluate-apply-and-sustain-security-governance-principles-1e038a02423a?source=rss------bug_bounty-5Paritoshsecurity-governance, information-technology, cissp, bug-bounty, cybersecurity19-Mar-2024
The Ultimate Guide to Red Teaming: Inside “A-poc/RedTeam-Tools”https://infosecwriteups.com/the-ultimate-guide-to-red-teaming-inside-a-poc-redteam-tools-69645572cf0f?source=rss------bug_bounty-5ElNiakred-team, bug-bounty, github, penetration-testing, cybersecurity19-Mar-2024
3 Step Find Critical Bug In Bug Bounty — Bug Bounty Tuesdayhttps://medium.com/@kerstan/3-step-find-critical-bug-in-bug-bounty-bug-bounty-tuesday-99011ec2cf27?source=rss------bug_bounty-5kerstansecurity, technology, cybersecurity, hacking, bug-bounty19-Mar-2024
Hunting JavaScript File for Bug Huntershttps://vivek-ghinaiya.medium.com/hunting-javascript-file-for-bug-hunters-e8b278a1306a?source=rss------bug_bounty-5Vivek Ghinaiyabug-hunting, bug-bounty, bug-bounty-writeup, javascript, bug-bounty-tips19-Mar-2024
Finding the hidden function led to a $300 IDORhttps://infosecwriteups.com/finding-the-hidden-function-led-to-a-300-idor-d37219c66d03?source=rss------bug_bounty-5M7arm4nbug-bounty-tips, bug-bounty, hacking, hacker, security19-Mar-2024
CVE-2024–28436 Cross-Site Scripting Vulnerability in D-Link DAP Productshttps://djallalakira.medium.com/cve-2024-28436-cross-site-scripting-vulnerability-in-d-link-dap-products-3596976cc99f?source=rss------bug_bounty-5Djallalakirabug-bounty, cybersecurity, bug-bounty-writeup19-Mar-2024
IDOR to read all user’s private route commentshttps://medium.com/@youssifm.raghib/idor-to-read-all-users-private-route-comments-e97120d43262?source=rss------bug_bounty-5Youssif M Raghibcybersecurity, bug-bounty, bug-bounty-tips19-Mar-2024
Get allmost all subdomainshttps://medium.com/@petrukhin.s.a/get-allmost-all-subdomains-5694dcc3cb60?source=rss------bug_bounty-5Sergei Petrukhinsubdomain, bug-bounty, subdomains-enumeration, bug-bounty-tips19-Mar-2024
13.14 Lab: Reflected XSS into HTML context with most tags and attributes blocked | 2024https://cyberw1ng.medium.com/13-14-lab-reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-2024-7e2106ef89b2?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, penetration-testing, cybersecurity, hacking19-Mar-2024
The Art Of Unveiling Logs for Sensitive Data In Android Applications (The Offensive Security Way)https://medium.com/@adipsharif/the-art-of-unveiling-logs-for-sensitive-data-in-android-applications-the-offensive-security-way-9c823532d004?source=rss------bug_bounty-5ADIPcybersecurity, bug-bounty, application-security, penetration-testing, bug-bounty-tips19-Mar-2024
HackTheBox — Information Gathering: Active Enumerationhttps://medium.com/@harry.hphu/hackthebox-information-gathering-active-enumeration-e43481ef85f9?source=rss------bug_bounty-5Huy Phusubdomains-enumeration, hackthebox, enumeration, bug-bounty, information-gathering19-Mar-2024
Unleashing Chaos: The Tale of the 0-Click Account Takeoverhttps://medium.com/@hmuhamm3d/unleashing-chaos-the-tale-of-the-0-click-account-takeover-21c2cedabc4b?source=rss------bug_bounty-5Hassaan Mohamedpenetration-testing, bug-bounty, account-takeover, bugswagger, infosec-write-ups19-Mar-2024
The Art Of Determining Whether Sensitive Data Is Shared with Third Parties via Embedded Services …https://medium.com/@adipsharif/the-art-of-determining-whether-sensitive-data-is-shared-with-third-parties-via-embedded-services-beba2856ef96?source=rss------bug_bounty-5ADIPbug-bounty-tips, cybersecurity, penetration-testing, bug-bounty, hacking19-Mar-2024
Medium Member Friend Links bughttps://karol-mazurek.medium.com/medium-member-friend-links-bug-b1d0020fbe39?source=rss------bug_bounty-5Karol Mazurekmedium, information-technology, penetration-testing, cybersecurity, bug-bounty18-Mar-2024
[Bug Bounty]xlsx 上传导致 XXE 漏洞https://medium.com/@_thorns/bug-bounty-xlsx-%E4%B8%8A%E4%BC%A0%E5%AF%BC%E8%87%B4-xxe-%E6%BC%8F%E6%B4%9E-e0615bee6af6?source=rss------bug_bounty-5_thornsbug-bounty18-Mar-2024
Burpsuite Beginners Guidehttps://medium.com/@OthmaneAitBouftass/burpsuite-beginners-guide-6bc7a08ca8f7?source=rss------bug_bounty-5Othmane Ait Bouftassweb-security, penetration-testing, bug-bounty, cybersecurity, ethical-hacking18-Mar-2024
LAMPSecurity CTF5 Walkthroughhttps://erdemstar.medium.com/lampsecurity-ctf5-walkthrough-d24f67a5fd63?source=rss------bug_bounty-5Erdemstaroscp-preparation, penetration-testing, bug-bounty, vulnhub-walkthrough, vulnhub18-Mar-2024
Subdomain Fuzzing worth 35k bounty!https://medium.com/@HX007/subdomain-fuzzing-worth-35k-bounty-daebcb56d9bc?source=rss------bug_bounty-5HX007cybersecurity, bug-bounty18-Mar-2024
Happy H@cking Psychomonghttps://medium.com/@psychomong/trhappy-h-cking-psychomong-bfa566350a01?source=rss------bug_bounty-5Psychomonghacking-tools, hacking, research, bug-bounty, bounty-program18-Mar-2024
13.13 Lab: Stored DOM XSS Cross Site Scripting | 2024https://cyberw1ng.medium.com/13-13-lab-stored-dom-xss-cross-site-scripting-2024-f4c9a21ea262?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, penetration-testing, hacking, cybersecurity18-Mar-2024
Security.txt Nedir ?https://medium.com/@ozanbozkurt1974/security-txt-nedir-d7d38a069cd8?source=rss------bug_bounty-5ozan bozkurtsecurity, bug-bounty, cybersecurity, red-team18-Mar-2024
Orderly Network: Unleashing Creativity in the DeFi Ecosystem through the Scaling Web3 Hackathonhttps://medium.com/@orderlynetwork/orderly-network-unleashing-creativity-in-the-defi-ecosystem-through-the-scaling-web3-hackathon-5cd75096ecba?source=rss------bug_bounty-5Orderly Network (,)encode-club, orderly-network, bug-bounty, defi, blockchain-development18-Mar-2024
Web Security Short Series — SQLi.https://medium.com/@frankyyano/web-security-short-series-sqli-f222f04431a6?source=rss------bug_bounty-5Yano.oscp, appsec, bug-bounty, sqli, sql18-Mar-2024
XML External Entity (XXE) attackhttps://bytebusterx.medium.com/xml-external-entity-xxe-attack-69f7b268be01?source=rss------bug_bounty-5ByteBusterXvulnerability, bug-bounty, infosec, web-security18-Mar-2024
Happy H@cking Psychomonghttps://medium.com/@psychomong123/trhappy-h-cking-psychomong-bfa566350a01?source=rss------bug_bounty-5Psychomong123hacking-tools, hacking, research, bug-bounty, bounty-program18-Mar-2024
Understanding Injection Attacks: A Deep Dive into OWASP’s Top Vulnerabilityhttps://osintteam.blog/understanding-injection-attacks-a-deep-dive-into-owasps-top-vulnerability-7d59e3535187?source=rss------bug_bounty-5Paritoshbug-bounty, cybersecurity, hacking, owasp, injection-attacks17-Mar-2024
Bug Zero at a Glance [01–15 March]https://blog.bugzero.io/bug-zero-at-a-glance-01-15-march-ba1ba88870ee?source=rss------bug_bounty-5Januka Dharmapriyasri-lanka, newsletter, cybersecurity, bug-zero, bug-bounty17-Mar-2024
Bug Bounty Platforms are a Scam [Mostly]https://medium.com/@hacktheplanet/bug-bounty-platforms-are-a-scam-mostly-ea53fe54c53d?source=rss------bug_bounty-5HackthePlanet - A Hacker's Blog.cybersecurity, scams-to-avoid, bug-bounty, hacking, bug-hunting17-Mar-2024
My Journey into Bug Bounty: Revealing My First Successful Discoveryhttps://medium.com/@kajol_singh/my-journey-into-bug-bounty-revealing-my-first-successful-discovery-81b5d2efcbde?source=rss------bug_bounty-5Kajol Kumaribug-bounty-tips, bounty-program, bug-bounty, developer, cybersecurity17-Mar-2024
Skipping the email verification is Good (or) Bad?https://medium.com/@Alex_crypto/skipping-the-email-verification-is-good-or-bad-ef045dc8d3ed?source=rss------bug_bounty-5Alex_Cryptobug-bounty, security-analytics, hacking17-Mar-2024
Mastering XSS: A Comprehensive Guide to Finding Cross-Site Scripting Vulnerabilitieshttps://cyberw1ng.medium.com/mastering-xss-a-comprehensive-guide-to-finding-cross-site-scripting-vulnerabilities-3891ab930274?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing17-Mar-2024
How I found my first ever bug.https://osintteam.blog/how-i-found-my-first-ever-bug-89fedb5a9b3c?source=rss------bug_bounty-5an0nbilcybersecurity, technology, programming, javascript, bug-bounty17-Mar-2024
Application Level DoS - Smoking with ‘null’ Againhttps://shahjerry33.medium.com/application-level-dos-smoking-with-null-again-364ce16dad74?source=rss------bug_bounty-5Jerry Shah (Jerry)pentesting, cybersecurity, bug-bounty, vulnerability, infosec17-Mar-2024
Redirecting a webpage from HTTP to HTTPS is safe and how to identify whether the webpage is safe or…https://medium.com/@Alex_crypto/if-the-forgot-password-link-is-copied-and-pasted-into-the-new-tab-it-opens-in-http-and-directs-to-8e8f80c4a9f6?source=rss------bug_bounty-5Alex_Cryptobug-bounty, security17-Mar-2024
Bug Bounty Learning Pathhttps://bevijaygupta.medium.com/bug-bounty-learning-path-0c0015d6a71d?source=rss------bug_bounty-5Vijay Guptabugs, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-zero17-Mar-2024
Bug Bounty Platformshttps://bevijaygupta.medium.com/bug-bounty-platforms-499275d1d9b4?source=rss------bug_bounty-5Vijay Guptabug-bounty-platforms, bugs, bug-bounty, bug-bounty-tips17-Mar-2024
Bug Bounty Tutorial : Login Bypass Techniquehttps://rajput623929.medium.com/bug-bounty-tutorial-login-bypass-technique-d7508856b2a1?source=rss------bug_bounty-5Mr.Horbiopoc, bug-bounty, cybersecurity, ethical-hacking, pentesting17-Mar-2024
I earned $1000 with IDOR’s vulnerability to PII leaks outside the platform.https://aryasec.medium.com/i-earned-1000-with-idors-vulnerability-to-pii-leaks-outside-the-platform-65b1cbcfa26e?source=rss------bug_bounty-5Tengku Arya Saputraidor, bugbounty-writeup, bug-bounty, idor-vulnerability17-Mar-2024
How to make a living as a Hacker!https://medium.com/@rafael.code77/how-to-make-a-living-as-a-hacker-ff8fafa98b0b?source=rss------bug_bounty-5Rafael Henriquescience, money, programming, bug-bounty, hacking16-Mar-2024
https://medium.com/@morganbinbash/-25027f11f71e?source=rss------bug_bounty-5Morgan Bin Bashpentesting, cybersecurity, bug-bounty, cyber-threat-intelligence16-Mar-2024
Types of Cyber Attacks on Each OSI Layerhttps://medium.com/@kumarsachin1642001/types-of-cyber-attacks-on-each-osi-layer-56e746dfa3b8?source=rss------bug_bounty-5sachin kumarcybersecurity, hackerone, hacker, cyberattack, bug-bounty16-Mar-2024
Tips to get your first bug/bountyhttps://medium.com/@mr_prey3r/tips-to-get-your-first-bug-bounty-c5a862ad8567?source=rss------bug_bounty-5Rubayet Hasan aka MR_Prey3rfirst-bug, bug-bounty, bug-bounty-tips, first-bounty, find-your-first-bug16-Mar-2024
Bug Bounty Challenge: Day 7–16/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-7-16-03-2024-5c48ff96f9d0?source=rss------bug_bounty-5Wallotrybug-bounty-writeup, bug-bounty, bug-bounty-tips, bug-bounty-hunter16-Mar-2024
IDOR + Content Injection Penetration Testing Lesson 5https://medium.com/@or0to/idor-content-injection-penetration-testing-lesson-5-fe3bdce12f8f?source=rss------bug_bounty-5Ali Essamsecurity, penetration-testing, bug-bounty, cybersecurity, ali16-Mar-2024
13.12 Lab: Reflected DOM XSS — Cross Site Scripting | 2024https://infosecwriteups.com/13-12-lab-reflected-dom-xss-cross-site-scripting-2024-0dc98e91ae42?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, bug-bounty, careers, penetration-testing16-Mar-2024
How Secure is Java’s SecureProcessing?https://medium.com/@dub-flow/how-secure-is-javas-secureprocessing-ec49544a59ad?source=rss------bug_bounty-5Florian Waltercybersecurity, application-security, java, code-review, bug-bounty16-Mar-2024
How I was able to disclose the Users’ chats with AI chat Bot?https://medium.com/@who1am1i999/how-i-was-able-to-disclose-the-users-chats-with-ai-chat-bot-c7d8b13ca713?source=rss------bug_bounty-5WHO AM I ?information-security, fuzzing, bug-bounty, cybersecurity, information-disclosure15-Mar-2024
Understanding Path Traversal Vulnerabilities: Risks and Mitigationhttps://medium.com/@paritoshblogs/understanding-path-traversal-vulnerabilities-risks-and-mitigation-6149a506a65b?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, hacking, cybersecurity, path-traversal15-Mar-2024
Account takeover via Password resethttps://medium.com/@Rahulkrishnan_R_Panicker/account-takeover-via-password-reset-c2658e1f58eb?source=rss------bug_bounty-5Rahulkrishnan R Panickerbug-bounty, cybersecurity, bugbounty-writeup, programming, bug-bounty-writeup15-Mar-2024
I discovered a new way to bypass CSRF protection to achieve Account Takeoverhttps://medium.com/@vflexo/i-discovered-a-new-way-to-bypass-csrf-protection-to-achieve-account-takeover-73d1dff3c67a?source=rss------bug_bounty-5vFlexoinformation-technology, bug-bounty, penetration-testing, vapt, ethical-hacking15-Mar-2024
BugRap Ecosystem Panorama: Empowering Web3 Security Developmenthttps://medium.com/@BugRap_Team/bugrap-ecosystem-panorama-empowering-web3-security-development-6cbe2f7adb24?source=rss------bug_bounty-5BugRap Teamweb-development, bug-bounty, security, btc15-Mar-2024
Exploring Bug Bounty Hunting as a Promising Career Choice for Cybersecurity Professionalshttps://medium.com/mynextdeveloper/exploring-bug-bounty-hunting-as-a-promising-career-choice-for-cybersecurity-professionals-2015563daac8?source=rss------bug_bounty-5MyNextDeveloperhacking, bug-bounty, cybersecurity, client-security, cyber15-Mar-2024
13.11 Lab: DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encoded |…https://cyberw1ng.medium.com/13-11-lab-dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-d7188a250ad8?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, hacking, careers, penetration-testing15-Mar-2024
Reconnaissance: How GitDorks can power up your recon!https://medium.com/@kieran.w/reconnaissance-how-gitdorks-can-power-up-your-recon-da3c5e412925?source=rss------bug_bounty-5Kieran Wgitdorking, reconnaissance, penetration-testing, bug-bounty, security-testing15-Mar-2024
Bug Bounty Challenge: Day 6–15/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-6-15-03-2024-a5c6c1a67647?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty, bug-bounty-writeup15-Mar-2024
BChecks en Burp Suite Professionalhttps://medium.com/@ArtsSEC/bchecks-en-burp-suite-professional-5d8c4754349e?source=rss------bug_bounty-5ArtsSECburpsuite, development, penetration-testing, web-development, bug-bounty15-Mar-2024
13.10 Lab: DOM XSS in document.writehttps://cyberw1ng.medium.com/13-10-lab-dom-xss-in-document-write-c702cd0bd743?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, careers, penetration-testing, hacking14-Mar-2024
MRS #2: Bypassing premium features by checking “premium validation” parameters (€€€)https://infosecwriteups.com/mrs-2-bypassing-premium-features-by-checking-premium-validation-parameters-f2e211fad160?source=rss------bug_bounty-5can1337infosec, business-logic, bug-bounty-tips, bug-bounty, cybersecurity14-Mar-2024
Unleash the Power of the Crypto Drainer: Your Ultimate Weapon in Crypto Wallet Draining!https://medium.com/@colbe.judge/unleash-the-power-of-the-crypto-drainer-your-ultimate-weapon-in-crypto-wallet-draining-bd4ece99cc24?source=rss------bug_bounty-5CryptoDrainXbug-bounty, hacking, bug-bounty-tips, hacking-tools, money14-Mar-2024
Unleash the Ultimate Multichain Wallet Drainer — Crypto Drainer: Drain ’Em all with Just One Click!https://medium.com/@colbe.judge/unleash-the-ultimate-multichain-wallet-drainer-crypto-drainer-drain-em-all-with-just-one-click-0afa35f9b736?source=rss------bug_bounty-5CryptoDrainXbug-bounty, cryptocurrency, bug-bounty-tips, nft, bitcoin14-Mar-2024
Insane Crypto-Drainer Exposed: The Ultimate Wallet Drainer You Can’t Ignore!https://medium.com/@colbe.judge/insane-crypto-drainer-exposed-the-ultimate-wallet-drainer-you-cant-ignore-7545f4c9c86d?source=rss------bug_bounty-5CryptoDrainXbug-bounty, crypto, nft, defi, money14-Mar-2024
How To Get $100k in 2024 With Crypto [Unrevealed]https://medium.com/@colbe.judge/how-to-get-100k-in-2024-with-crypto-unrevealed-b40081b8fb41?source=rss------bug_bounty-5CryptoDrainXblockchain, cryptocurrency, hacking-tools, hacking, bug-bounty14-Mar-2024
5 Websites to Learn Bug Hunting: A Beginner’s Guidehttps://medium.com/@aayushdhakal005/5-websites-to-learn-bug-hunting-a-beginners-guide-4399c2f94917?source=rss------bug_bounty-5Creepyshitwebsite, bug-bounty, cybersecurity, resources14-Mar-2024
Bug Bounty Challenge: Day 5–14/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-5-14-03-2024-b8fe8dae8cb5?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter14-Mar-2024
GRWM for WebApp PenTest | Command Injectionhttps://redsock1337.medium.com/grwm-for-webapp-pentest-command-injection-e205906573e2?source=rss------bug_bounty-5Jbros, command-line, bug-bounty-tips, cybersecurity, bug-bounty14-Mar-2024
Uncovering Host Header Injection Vulnerabilities in 5 Apex Domain Hosts Part Two how to chainhttps://javroot.medium.com/uncovering-host-header-injection-vulnerabilities-in-5-apex-domain-hosts-part-two-how-to-chain-0abe308a4807?source=rss------bug_bounty-5Javrootweb, hacking, penetration-testing, bug-bounty-tips, bug-bounty14-Mar-2024
API Security: Essential Tools for Endpoint Analysishttps://iaraoz.medium.com/api-security-essential-tools-for-endpoint-analysis-efb1c72675c0?source=rss------bug_bounty-5Israel Aráoz Severichebug-bounty, owasp, appsec, cybersecurity, api-security14-Mar-2024
Exploiting Cross-Site Scripting XSS vulnerabilities for Bug Bounty — Portswigger | 2024https://cyberw1ng.medium.com/exploiting-cross-site-scripting-xss-vulnerabilities-for-bug-bounty-portswigger-2024-88d6e1df4658?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, penetration-testing, cybersecurity, bug-bounty13-Mar-2024
How To Do Malware Analysishttps://medium.com/@paritoshblogs/how-to-do-malware-analysis-62bd1f8052bb?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, information-technology, security, malware-analysis13-Mar-2024
Easiest way to find hidden api from js fileshttps://medium.com/@jeetpal2007/easiest-way-to-find-hidden-api-from-js-files-ce115a4ad1af?source=rss------bug_bounty-5JEETPALcybersecurity, bounties, api-key, easiest-way, bug-bounty13-Mar-2024
Enhancing Your Bug Hunting Skills: 5 Must-Read Bookshttps://medium.com/@aayushdhakal005/enhancing-your-bug-hunting-skills-5-must-read-books-edb6029c19a6?source=rss------bug_bounty-5Creepyshitbug-bounty, cybersecurity, books, web13-Mar-2024
Lets Talk Pentest Strategyhttps://medium.com/@hackstack/lets-talk-pentest-strategy-adea4d3b085e?source=rss------bug_bounty-5HackStackpentest, pentesting, how-to, bug-bounty13-Mar-2024
Email based IDOR makes me update Other User Profilehttps://rohmadhidayah.medium.com/email-based-idor-makes-me-update-other-user-profile-8e6e289f4391?source=rss------bug_bounty-5Rohmad Hidayahidor, info-sec-writeups, infosec-write-ups, bug-bounty, bug-bounty-tips13-Mar-2024
Bug-Bounty/How I Found My FIRST Vulnerability and How could I Access the Admin Panel using it +…https://medium.com/@rogxoorsafe/bug-bounty-how-i-found-my-first-vulnerability-and-how-could-i-access-the-admin-panel-using-it-899d75da2f37?source=rss------bug_bounty-5Alireza Rogxoorcyberattack, bug-bounty, cybersecurity, hacking, security13-Mar-2024
Fuzzing to Kubernetes to IDOR to PII leakhttps://nityanandjha18.medium.com/fuzzing-to-kubernetes-to-idor-to-pii-leak-dae0dda70090?source=rss------bug_bounty-5NITYA NAND JHAvapt, ethical-hacking, bug-bounty13-Mar-2024
Researcher Q&A: Friends Who Work Together, Hack Better Togetherhttps://blog.developer.adobe.com/researcher-q-a-friends-who-work-together-hack-better-together-c698ff0be732?source=rss------bug_bounty-5Renae Kangsecurity, bug-bounty-program, security-researchers, bug-bounty, ethical-hacker13-Mar-2024
PROXY FUZZINGhttps://karol-mazurek.medium.com/proxy-fuzzing-4dc77968cfd8?source=rss------bug_bounty-5Karol Mazurekprogramming, information-technology, bug-bounty, python, cybersecurity13-Mar-2024
Reconnaissance?https://mrrobotstxt.medium.com/reconnaissance-ca2fa7bf821d?source=rss------bug_bounty-5Mr. Robots.txthackathons, bug-bounty, hacking, penetration-testing, cybersecurity13-Mar-2024
How much money did I make from doing Bug Bounty?https://systemweakness.com/how-much-money-did-i-make-from-doing-bug-bounty-707438b71f47?source=rss------bug_bounty-5Imad Husanovicbug-bounty, programming, hacking, cybersecurity, bug-bounty-tips13-Mar-2024
Cross-site scripting contexts for Bug Bounty — Portswigger | 2024https://cyberw1ng.medium.com/cross-site-scripting-contexts-for-bug-bounty-portswigger-2024-b927cfa70de3?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, penetration-testing, bug-bounty, cybersecurity12-Mar-2024
Business Logic Errors allow me to buy Products at Low Prices on Farmaku.comhttps://rohmadhidayah.medium.com/business-logic-errors-allow-me-to-buy-products-at-low-prices-on-farmaku-com-b8c9c0bcf5cc?source=rss------bug_bounty-5Rohmad Hidayahinfo-sec-writeups, bug-bounty-tips, business-logic, bug-bounty, infosec-write-ups12-Mar-2024
ShentuChain Unveils a Constellation of High-profile Investorshttps://shentuchain.medium.com/shentuchain-unveils-a-constellation-of-high-profile-investors-54b612b8dc30?source=rss------bug_bounty-5Shentu Chainbinance, cybersecurity, investors, bug-bounty, announcements12-Mar-2024
How I Discovered My First Critical Vulnerability in My Bug Bounty Careerhttps://snip3rgg.medium.com/how-i-discovered-my-first-critical-vulnerability-in-my-bug-bounty-career-cf0e048d14cb?source=rss------bug_bounty-5Sahil Bugade (snip3rgg)infosec, bug-bounty, vulnerability, bug-bounty-tips, cybersecurity12-Mar-2024
Account Takeover Through Rate-Limit Bypass — Bug Bounty Tuesdayhttps://medium.com/@kerstan/account-takeover-through-rate-limit-bypass-bug-bounty-tuesday-01229168dd89?source=rss------bug_bounty-5kerstanbug-bounty, security, programming, cybersecurity, technology12-Mar-2024
How I found my first ever valid bug on Hackeronehttps://medium.com/@rubaethasanariyan/how-i-found-my-first-ever-valid-bug-on-hackerone-da30015aa08d?source=rss------bug_bounty-5Rubayet Hasan aka MR_Prey3rbug-bounty-tips, bugbounty-poc, first-bug, hackerone, bug-bounty12-Mar-2024
Guvenkaya Security Insights Series — Sweat Economyhttps://medium.com/@guvenkaya-sec/guvenkaya-security-insights-series-sweat-economy-dbe681a79e7a?source=rss------bug_bounty-5Guvenkayanear-protocol, bug-bounty, smart-contracts, rust, web312-Mar-2024
BYPASSING PARENTAL CONTROL ON WHOLE APPLE ECO-SYSTEMhttps://medium.com/@sam0-0/bypassing-parental-control-on-whole-apple-eco-system-1c6975c24105?source=rss------bug_bounty-5Sambug-bounty, apple, infosec, bugbounty-writeup12-Mar-2024
Bug Bounty Challenge: Day 4/15–12/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-4-15-12-03-2024-412bf44f8b83?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-hunting12-Mar-2024
Minha Experiência ao Obter a Certificação CBBHhttps://tiredandsick.medium.com/cbbh-experience-prbt-bc2b376c4124?source=rss------bug_bounty-5SickAndTiredbug-bounty, hacking, pentesting, cbbh, hackthebox-academy12-Mar-2024
Utilizing Log Poisoning: Elevating from LFI to RCEhttps://medium.com/@YNS21/utilizing-log-poisoning-elevating-from-lfi-to-rce-5dca90d0a2ac?source=rss------bug_bounty-5Youness Abbidabug-bounty, hackthebox, local-file-inclusion, hackthebox-writeup, cybersecurity12-Mar-2024
Bug Bounty — Improper Authentication using Google Authhttps://medium.com/@nourrisson.julien3/bug-bounty-improper-authentication-using-google-auth-b45fbddab9be?source=rss------bug_bounty-5Nourrisson Julienbug-bounty, cybersecurity11-Mar-2024
HTML INJECTION (Payload List)https://medium.com/@psychomong/html-injection-payload-list-735e69f522ca?source=rss------bug_bounty-5psychomongbug-bounty, bugs, html, injection, htmlinput11-Mar-2024
Race Conditions + IDOR Leads to Bypass Email Verification & Phone Verificationhttps://medium.com/@ozomarzu/race-conditions-idor-leads-to-bypass-email-verification-phone-verification-f62c7d7b97e5?source=rss------bug_bounty-5CyberOzbugs, writeup, bug-bounty, hacking, bug-bounty-tips11-Mar-2024
Exploring AI Penetration Testinghttps://medium.com/@adityasawant00/exploring-ai-penetration-testing-38891e861acd?source=rss------bug_bounty-5Aditya Sawanthacking, bug-bounty, penetration-testing, ai, large-language-models11-Mar-2024
Bug Bounty Challenge: Day 3/15–11/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-3-15-11-03-2024-38993610e657?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-writeup11-Mar-2024
HTML Injection on NASA.govhttps://medium.com/@boogsta/html-injection-on-nasa-gov-91b1d3602ea0?source=rss------bug_bounty-5Boogstahacking, cybersecurity, hacker, cyber, bug-bounty11-Mar-2024
3 Information Disclosure in Bug Bounty Programhttps://medium.com/@jm7.zx/3-information-disclosure-in-bug-bounty-program-e0c12f6e25d5?source=rss------bug_bounty-5Jm7.szbug-bounty, cybersecurity, programming, data-science11-Mar-2024
GRWM for WebApp PenTest | XPATH Injectionhttps://whyjbr.medium.com/grwm-for-webapp-pentest-xpath-injection-0906154bbe91?source=rss------bug_bounty-5Jbrxpath, bug-bounty, cybersecurity, hacking, ethical-hacking11-Mar-2024
Exfiltrating Sensitive Information via Reflected XSS Bypassing Cloudflarehttps://medium.com/@mayankchoubey507/exfiltrating-sensitive-information-via-reflected-xss-bypassing-cloudfare-d82d9ccc24d6?source=rss------bug_bounty-5Mayankchoubeycybersecurity, xss-bypass, cloudflare, bug-bounty, xss-attack11-Mar-2024
24.4 Lab: Exploiting server-side parameter pollution in a query string | 2024https://infosecwriteups.com/24-4-lab-exploiting-server-side-parameter-pollution-in-a-query-string-2024-ac0e23db9c02?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, cybersecurity, bug-bounty, careers11-Mar-2024
Top 7 BurpSuite Extensions for BugBounty- Part-1https://medium.com/@Ajakcybersecurity/top-7-burpsuite-extensions-for-bugbounty-part-1-4e9639649601?source=rss------bug_bounty-5AjakCybersecurityhacking, ethical-hacking, penetration-testing, burpsuite, bug-bounty11-Mar-2024
HackTheBox — Information Gatheringhttps://medium.com/@harry.hphu/hackthebox-information-gathering-a2d78c901dd0?source=rss------bug_bounty-5Huy Phuhackthebox, enumeration, bug-bounty, information-gathering11-Mar-2024
HackTheBox — Information Gathering: Passive Enumerationhttps://medium.com/@harry.hphu/hackthebox-information-gathering-passive-enumeration-85e45503683d?source=rss------bug_bounty-5Huy Phupassive-reconnaissance, hackthebox, information-gathering, bug-bounty11-Mar-2024
Vulnerability Vault: Breaking Down SSRF — Server Side Request Forgery (Part 2)https://psychovik.medium.com/vulnerability-vault-breaking-down-ssrf-server-side-request-forgery-part-2-a08d4a2b3d96?source=rss------bug_bounty-5Vikas Sharmahacking, cybersecurity, ssrf, bug-bounty, vulnerability10-Mar-2024
The Reset Password Attack Vectorhttps://balook.medium.com/the-reset-password-attack-vector-833e1291bb15?source=rss------bug_bounty-5baluzbug-bounty10-Mar-2024
How I get My First $$$$ Bounty?https://medium.com/@hacdoc/how-i-get-my-first-bounty-ec4d83eb5fbf?source=rss------bug_bounty-5Jaikumarbug-bounty-tips, hacking, bug-bounty10-Mar-2024
GRWM for WebApp PenTest | Insecure Deserializationhttps://whyjbr.medium.com/grwm-for-webapp-pentest-insecure-deserialization-adfa4f8cf53f?source=rss------bug_bounty-5Jbrphp, bug-bounty, inspiration, cybersecurity, hacking10-Mar-2024
How I get My First $$$$ Bounty?https://medium.com/@hacdoc/how-i-get-my-first-bounty-ec4d83eb5fbf?source=rss------bug_bounty-5ஜெய்bug-bounty-tips, hacking, bug-bounty10-Mar-2024
24.3 Lab: Exploiting a mass assignment vulnerability | 2024https://infosecwriteups.com/24-3-lab-exploiting-a-mass-assignment-vulnerability-2024-cc97a296d5fc?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, bug-bounty, hacking10-Mar-2024
Information Gathering #1https://medium.com/@mxfx1989/information-gathering-1-192f58c49f2e?source=rss------bug_bounty-5z4z4_h1red-team, cybersecurity, bug-bounty, hacking, infosec10-Mar-2024
Easiest bugs to starthttps://medium.com/@petrukhin.s.a/easiest-bugs-to-start-9f92d87f6e36?source=rss------bug_bounty-5Sergei Petrukhinopen-redirect, bug-bounty10-Mar-2024
Subdomains Enumerationhttps://d4t4s3c.medium.com/subdomains-enumeration-a23f44ba4687?source=rss------bug_bounty-5d4t4s3cbug-bounty, vhost, red-team, pentesting, subdomains-enumeration10-Mar-2024
Bug Bounty Challenge: Day 2/15–10/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-1-15-10-03-2024-b946472d71c8?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup, bug-bounty10-Mar-2024
Cross-origin resource sharing (CORS) | Web application Vulnerabilityhttps://abineshm.medium.com/cross-origin-resource-sharing-cors-web-application-vulnerability-afc0d3d35063?source=rss------bug_bounty-5Abinesh Mvulnerability, web-application-security, security, bug-bounty, bugs09-Mar-2024
Untangling Dependency Confusion: Exploring Threats and Protectionshttps://jareddouville.medium.com/untangling-dependency-confusion-exploring-threats-and-protections-7dd7f58de127?source=rss------bug_bounty-5Jared Douvillenpm, bug-bounty, hacking, hackerone09-Mar-2024
24.2 Lab: Finding and exploiting an unused API endpoint | 2024https://cyberw1ng.medium.com/24-2-lab-finding-and-exploiting-an-unused-api-endpoint-2024-81f3451df1a1?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, careers, bug-bounty, penetration-testing09-Mar-2024
Bug Bounty Challenge: Day 1/15–09/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-1-15-09-03-2024-f7b1824f2262?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty, bug-bounty-writeup09-Mar-2024
24.1 Lab: Exploiting an API endpoint using documentation | 2024https://cyberw1ng.medium.com/24-1-lab-exploiting-an-api-endpoint-using-documentation-2024-5e7de5aaf53e?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, security, careers, hacking, bug-bounty08-Mar-2024
Vulnerability Vault: Breaking Down SSRF — Server Side Request Forgery (Part 1)https://psychovik.medium.com/vulnerability-vault-breaking-down-ssrf-server-side-request-forgery-part-1-b7e658589dd9?source=rss------bug_bounty-5Vikas Sharmacybersecurity, hacking, vulnerability, bug-bounty, ssrf08-Mar-2024
1K Followers Giveaway-https://medium.com/@Ajakcybersecurity/1k-followers-giveaway-892488a38a48?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, giveaway, free, bug-bounty, ethical-hacking08-Mar-2024
Sensitive Data Exposed when placing an Orderhttps://rohmadhidayah.medium.com/sensitive-data-exposed-when-placing-an-order-5549baed9186?source=rss------bug_bounty-5Rohmad Hidayahinfosec-write-ups, bug-bounty-tips, info-sec-writeups, bug-bounty08-Mar-2024
BSides Transylvania Is Not A Simple Conference, Is a Training Ground For Your Security Teamhttps://corneacristian.medium.com/bsides-transylvania-is-not-a-simple-conference-is-a-training-ground-for-your-security-team-c41cdf30778f?source=rss------bug_bounty-5Cristian Cornearomania, ethical-hacking, tech, cybersecurity, bug-bounty08-Mar-2024
Server-Side Template Injection (SSTI) ☠️ Deep Divehttps://cyberbull.medium.com/server-side-template-injection-ssti-%EF%B8%8F-deep-dive-512904b8a8ae?source=rss------bug_bounty-5Aditya Pandeyweb-security, security, cybersecurity, bug-bounty, ethical-hacking08-Mar-2024
Bug Bounty Challenge: Day 0/15https://wallotry.medium.com/bug-bounty-challenge-day-0-15-8e88c5b4cc6b?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty08-Mar-2024
0 Click Account Takeover Via reset password weird behaviorhttps://medium.com/@0xSnowmn/0-click-account-takeover-via-reset-password-weird-behavior-026846e5f850?source=rss------bug_bounty-5Snow Marsbug-bounty, bug-bounty-tips, cybersecurity08-Mar-2024
WinRAR 7.0 DLL Hijacking -> Local RCE [0-day]https://medium.com/@boogsta/winrar-7-0-dll-hijacking-local-rce-0-day-6d90765c6601?source=rss------bug_bounty-5Boogstacybersecurity, bug-bounty, hacks, hacking, cyber08-Mar-2024
Usb data recovery — Digital forensics introhttps://medium.com/@Rahulkrishnan_R_Panicker/usb-data-recovery-digital-forensics-intro-0c57337425b5?source=rss------bug_bounty-5Rahulkrishnan R Panickerdigital-forensics, tech, bug-bounty, pentesting, hacking07-Mar-2024
Increasing IMPACT of No Rate Limit on Email Endpoints.https://shubham-srt.medium.com/increasing-impact-of-no-rate-limit-on-email-endpoints-d66cf08dafaf?source=rss------bug_bounty-5Shubham SRTweb-app-security, hacking, cybersecurity, bug-bounty, vapt07-Mar-2024
API Testing for Bug Bounty — Portswigger | 2024https://cyberw1ng.medium.com/api-testing-for-bug-bounty-portswigger-2024-bd8343cc2c10?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, careers, hacking, security07-Mar-2024
Verileri Çıkarmak için NoSQL Enjeksiyonundan Yararlanmahttps://medium.com/@hhuseyinuyar17/verileri-%C3%A7%C4%B1karmak-i%C3%A7in-nosql-enjeksiyonundan-yararlanma-ace89e11bc69?source=rss------bug_bounty-5Hhuseyinuyarbug-bounty, nosql, injection, burpsuite, mongodb07-Mar-2024
Exploring Bug Bounty Programs: An overview and Varietieshttps://medium.com/@lovepatel3223/exploring-bug-bounty-programs-an-overview-and-varieties-6f8539279704?source=rss------bug_bounty-5Prem Patelbug-bounty, bug-bounty-types07-Mar-2024
API Testing for Bug Bounty — Portswigger | 2024https://infosecwriteups.com/api-testing-for-bug-bounty-portswigger-2024-bd8343cc2c10?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, careers, hacking, security07-Mar-2024
How I found Reflected XSS which leads to Account Takeover on an E-commerce websitehttps://medium.com/@npthin1804/how-i-found-reflected-xss-which-leads-to-account-takeover-on-an-e-commerce-website-47200dd631b6?source=rss------bug_bounty-5Npthinbug-bounty, infosec-write-ups, reflected-xss07-Mar-2024
Click, Intercept, Hack: Checkmate on Access Control Vulnerabilityhttps://anasbetis023.medium.com/click-intercept-hack-checkmate-on-access-control-vulnerability-20152a7149e2?source=rss------bug_bounty-5Anas H Hmaidycybersecurity, web-security, ethical-hacking, penetration-testing, bug-bounty07-Mar-2024
XSLeak de-anonymize Facebook user visiting websitehttps://mustafa0x2021.medium.com/xsleak-de-anonymize-facebook-user-visiting-website-8f6c725235e8?source=rss------bug_bounty-5Mustafabug-bounty, meta07-Mar-2024
echo “Hello, World”https://projectpolarbear.com/echo-hello-world-4233c914b944?source=rss------bug_bounty-5Mr. Robots.txtsoc, blue-team, cybersecurity, red-team, bug-bounty07-Mar-2024
Fixing Facebook: A Privacy Issue Ignored?https://medium.com/@mynkpdr/fixing-facebook-a-privacy-issue-ignored-6c048dacc824?source=rss------bug_bounty-5mynkpdrmessenger, bug-bounty-writeup, facebook, bug-bounty, facebook-bug-bounty07-Mar-2024
How to find server security misconfiguration leak data usershttps://medium.com/@sam_0x0/how-to-find-server-security-misconfiguration-leak-data-users-f7a43c008e33?source=rss------bug_bounty-5Eslam Omarbug-bounty, bug-bounty-tips, bugcrowd, bugs, web-pen-testing07-Mar-2024
How to find server security misconfiguration leak data usershttps://systemweakness.com/how-to-find-server-security-misconfiguration-leak-data-users-f7a43c008e33?source=rss------bug_bounty-5Eslam Omarbug-bounty, bug-bounty-tips, bugcrowd, bugs, web-pen-testing07-Mar-2024
How I found Reflected XSS which leads to Account Takeover on an E-commerce websitehttps://medium.com/@npthin1804/how-i-found-reflected-xss-which-leads-to-account-takeover-on-an-e-commerce-website-47200dd631b6?source=rss------bug_bounty-5p00dl3bug-bounty, infosec-write-ups, reflected-xss07-Mar-2024
Bug Bounty - Insecure Deserialization to Reverse Shellhttps://medium.com/@jobaa23/insecure-deserialization-to-reverse-shell-9f007b440d6f?source=rss------bug_bounty-50x4141bug-bounty, remote-code-execution, hacking, bug-hunting, insecure-deserialization07-Mar-2024
Host Header Poison lead to account takeoverhttps://medium.com/@masterhackor22/host-header-poison-lead-to-account-takeover-8c432fb54b29?source=rss------bug_bounty-5master hackorbounty-program, bugs, penetration-testing, cybersecurity, bug-bounty06-Mar-2024
[letsdefend.io] SOC164 — Suspicious Mshta Behaviorhttps://medium.com/@yasminramadini/letsdefend-io-soc164-suspicious-mshta-behavior-36dfa3d74843?source=rss------bug_bounty-5Yasmin Ramadinitryhackme, bug-bounty, indonesia, letsdefendio, ctf-writeup06-Mar-2024
[letsdefend.io] SOC169 — Possible IDOR Attack Detectedhttps://medium.com/@yasminramadini/letsdefend-io-soc169-possible-idor-attack-detected-dda468ceab28?source=rss------bug_bounty-5Yasmin Ramadinictf-writeup, bug-bounty, tryhackme, letsdefendio, indonesia06-Mar-2024
[letsdefend.io] SOC168 — Whoami Command Detected in Request Bodyhttps://medium.com/@yasminramadini/letsdefend-io-soc168-whoami-command-detected-in-request-body-c4813fab47e4?source=rss------bug_bounty-5Yasmin Ramadinibug-bounty, tryhackme, indonesia, letsdefendio, ctf-writeup06-Mar-2024
[Letsdefend.io] SOC170 — Passwd Found in Requested URL — Possible LFI Attackhttps://medium.com/@yasminramadini/letsdefend-io-soc170-passwd-found-in-requested-url-possible-lfi-attack-1828c436e703?source=rss------bug_bounty-5Yasmin Ramadiniletsdefendio, bug-bounty, tryhackme, ctf-writeup, indonesia06-Mar-2024
Apa Itu Kriptografi? Enkripsi, Encoding, Dan Hashinghttps://medium.com/@yasminramadini/apa-itu-kriptografi-enkripsi-encoding-dan-hashing-ddb39d69eb93?source=rss------bug_bounty-5Yasmin Ramadinipentesting, tryhackme, indonesia, cybersecurity, bug-bounty06-Mar-2024
How i bypassed input limitations to get Admin ATOhttps://medium.com/@0x3adly/how-i-bypassed-input-limit-to-get-admin-ato-f2d56f40f505?source=rss------bug_bounty-5Anas Eladly ( 0x3adly )cybersecurity, web-penetration-testing, xss-attack, bug-bounty, bug-bounty-tips06-Mar-2024
Microsoft Exchange Server Remote Code Execution Vulnerabilityhttps://medium.com/@ryuzakiryuga31/microsoft-exchange-server-remote-code-execution-vulnerability-89354c6e6586?source=rss------bug_bounty-5R09shbug-bounty, blackhat, rce-vulnerability, cybersecurity, cyberattack06-Mar-2024
At age of 18, How I got first “Future” Job Offer from Korean MNC through bug bountieshttps://medium.com/@manan_sanghvi/at-age-of-18-how-i-got-first-future-job-offer-from-korean-mnc-through-bug-bounties-2cfb7d4a9e8c?source=rss------bug_bounty-5Manan Sanghviethical-hacking, cybersecurity, bug-bounty, penetration-testing, job-offer06-Mar-2024
Vulnerable WordPress February 2024 (Jushin Castle)https://medium.com/@onhexgroup/vulnerable-wordpress-february-2024-jushin-castle-340990bdb9fb?source=rss------bug_bounty-5Onhexgroupbug-bounty, cybersecurity, security, infosec, wordpress06-Mar-2024
Data Lake introduces the second bug bounty campaign of its patients recruitment Applicationhttps://datalaketoken.medium.com/data-lake-introduces-the-second-bug-bounty-campaign-of-its-patients-recruitment-application-88be6e0399a4?source=rss------bug_bounty-5Data Lakebug-bounty, medical-data, research, data-lake, desci06-Mar-2024
How I Passed eWPTX v2 Exam Without Coursewarehttps://medium.com/@adityasawant00/how-i-passed-ewptx-v2-exam-without-courseware-1711edd7fb32?source=rss------bug_bounty-5Aditya Sawanthacking, penetration-testing, certification, bug-bounty, security06-Mar-2024
12.4 Lab: Exploiting NoSQL operator injection to extract unknown fields | 2024https://infosecwriteups.com/12-4-lab-exploiting-nosql-operator-injection-to-extract-unknown-fields-2024-866996b9fff2?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, hacking, careers, penetration-testing06-Mar-2024
Upload Backdoor in profile picture and OTP Bypasshttps://medium.com/@sahilkushwaha275/upload-backdoor-in-profile-picture-and-otp-bypass-3c2e2e18fbbb?source=rss------bug_bounty-5S33NUbug-bounty, technology, bug-hunting, bounty-program, programming06-Mar-2024
Story of Lock up users’ account by DOS attack cost $1,100https://m7arm4n.medium.com/story-of-lock-up-users-account-by-dos-attack-cost-1-100-87b47d06a7c1?source=rss------bug_bounty-5M7arm4nhacker, hacking, bug-bounty, security, bug-bounty-tips06-Mar-2024
Uncovering Host Header Injection Vulnerabilities in 5 Apex Domain Hostshttps://javroot.medium.com/uncovering-host-header-injection-vulnerabilities-in-5-apex-domain-hosts-c45f79e82862?source=rss------bug_bounty-5Javroothosting, bug-hunting, hacking, white-hat-hacker, bug-bounty05-Mar-2024
Bug-Bounty Beginning (Day-1)https://medium.com/@bv1459/bug-bounty-beginning-day-1-bc5fa649ff45?source=rss------bug_bounty-5Bala Prasanna Gopal Volisettybug-bounty, kali-linux, hacking-tools, hacking05-Mar-2024
XXEs are lurking in unexpected places and you'll find these vulnerabilities almost everywherehttps://medium.com/@securelearn/xxes-are-lurking-in-unexpected-places-and-youll-find-these-vulnerabilities-almost-everywhere-aefeef9d7cbb?source=rss------bug_bounty-5Rohan Giribug-bounty-tips, web-vulnerabilities, bug-bounty05-Mar-2024
How I Found Multiple XSS Vulnerabilities Using Unknown Techniqueshttps://infosecwriteups.com/how-i-found-multiple-xss-vulnerabilities-using-unknown-techniques-74f8e705ea0d?source=rss------bug_bounty-5Khaledyassenxss-attack, hacking, bug-bounty, bug-bounty-tips, cybersecurity05-Mar-2024
Tips Melakukan Analisa Email Phishinghttps://medium.com/@yasminramadini/tips-melakukan-analisa-email-phishing-e4d8f5b4bed6?source=rss------bug_bounty-5Yasmin Ramadinicybersecurity, indonesia, soc-analyst, tryhackme, bug-bounty05-Mar-2024
12.3 Lab: Exploiting NoSQL injection to extract data | 2024https://infosecwriteups.com/12-3-lab-exploiting-nosql-injection-to-extract-data-2024-ca9896a3c964?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, cybersecurity, security05-Mar-2024
Apa Itu OSI Model? Protokol Dan Enkapsulasi Tiap Layernyahttps://medium.com/@yasminramadini/apa-itu-osi-model-protokol-dan-enkapsulasi-tiap-layernya-6faa7a0e8bbb?source=rss------bug_bounty-5Yasmin Ramadinisoc-analyst, tryhackme, cybersecurity, indonesia, bug-bounty05-Mar-2024
Apa Itu TCP, UDP, Dan Three-way Handshhttps://medium.com/@yasminramadini/apa-itu-tcp-udp-dan-three-way-handsh-03edaf55c42d?source=rss------bug_bounty-5Yasmin Ramadinisoc-analyst, bug-bounty, cybersecurity, indonesia, tryhackme05-Mar-2024
Road Map to Bug Bounty: A Beginner’s Guidehttps://bjamali.medium.com/road-map-to-bug-bounty-a-beginners-guide-bd14b44e174b?source=rss------bug_bounty-5Babar Ali Jamaliinformation-security, cyber, hacking, cybersecurity, bug-bounty05-Mar-2024
5 Tips GoogleDocks you should know — Bug Bounty Tuesdayhttps://medium.com/@kerstan/5-tips-googledocks-you-should-know-bug-bounty-tuesday-49007026903f?source=rss------bug_bounty-5kerstantechnology, cybersecurity, bug-bounty, programming, security5-Mar-2024
#9.TryHackMe Series writeups-LazyAdminhttps://cyb3rmind.medium.com/9-tryhackme-series-writeups-lazyadmin-7712917a2333?source=rss------bug_bounty-5Cyb3r M!ndwalkthrough, lazy-admin, tryhackme-writeup, tryhackme, bug-bounty05-Mar-2024
Unauthorized access to Facebook creator’s professional dashboardhttps://gtm0x01.medium.com/unauthorized-access-to-facebook-creators-professional-dashboard-e35d98644258?source=rss------bug_bounty-5Gtm Mänôzfacebook, medium, graphql, bug-bounty, writeup05-Mar-2024
My Recon Methodology (ep 1)https://realm3ter.medium.com/my-recon-methodology-ep-1-bc9e6fd660ad?source=rss------bug_bounty-5Muhammad Materbug-bounty, recon, osint05-Mar-2024
Knock, Knock. Who’s there? SSRF! SSRF who? Redirect SSRF!https://atemporalzen.medium.com/knock-knock-whos-there-ssrf-ssrf-who-redirect-ssrf-449f5d18c5a7?source=rss------bug_bounty-5atemporalzenbug-bounty, cybersecurity, hacking, ssrf05-Mar-2024
Payload will after youhttps://medium.com/@isuk4/payload-will-after-you-3e16eaa17517?source=rss------bug_bounty-5Isuka sanujsql-injection, second-order-attack, pentesting, web-app-exploits, bug-bounty05-Mar-2024
HTTP Request Smuggling: WWWWWH?https://medium.com/@rcxsecurity/http-request-smuggling-wwwwwh-85be9c46a38e?source=rss------bug_bounty-5RCXSecuritycybersecurity, pentesting, bug-bounty-tips, bug-bounty, application-security05-Mar-2024
The Danger of PHP Eval():https://medium.com/@pkhuyar/the-danger-of-php-eval-a23410187ca2?source=rss------bug_bounty-5Prashant Roybug-bounty, php, cybersecurity, penetration-testing, ctf05-Mar-2024
Hacking the UK government ( FULL database access )https://ahmadmansourr.medium.com/hacking-the-uk-government-full-database-access-496a94e6cc9c?source=rss------bug_bounty-5Ahmad Mansourcomputer-science, bug-bounty, hacking, pentesting, cybersecurity05-Mar-2024
BAC Leads To Full Takeover Of Any Organisationhttps://medium.com/@ismailsaid1603/bac-leads-to-full-takeover-of-any-organisation-0fc21cf4cb5e?source=rss------bug_bounty-5Esmail Saiedbug-bounty, broken-access-control, idor, bugcrowd, cybersecurity05-Mar-2024
Information Disclosure — Instructor’s Email Address leaked in Responsehttps://rohmadhidayah.medium.com/information-disclosure-instructors-email-address-leaked-in-response-1737551d5a8b?source=rss------bug_bounty-5Rohmad Hidayahinfo-sec-writeups, bug-bounty-tips, bug-bounty, information-disclosure, infosec-write-ups04-Mar-2024
OTP Bypass Via Response Manipulationhttps://medium.com/@maratherao93/otp-bypass-via-response-manipulation-e55352c5c419?source=rss------bug_bounty-5Marathe Raobug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup04-Mar-2024
the Intricacies of WiFi Hackinghttps://medium.com/@paritoshblogs/the-intricacies-of-wifi-hacking-76c404240111?source=rss------bug_bounty-5Paritoshbug-bounty, cybersecurity, hacking, wifi, programming04-Mar-2024
Apa Itu Cyber Kill Chain Dalam Cyber Securityhttps://medium.com/@yasminramadini/apa-itu-cyber-kill-chain-dalam-cyber-security-5e993233615c?source=rss------bug_bounty-5Yasmin Ramadinitryhackme, soc-analyst, indonesia, bug-bounty, cybersecurity04-Mar-2024
Apa Itu Pyramid Of Pain Dalam Cyber Securityhttps://medium.com/@yasminramadini/apa-itu-pyramid-of-pain-dalam-cyber-security-7e08932e8ed9?source=rss------bug_bounty-5Yasmin Ramadinitryhackme, indonesia, bug-bounty, cybersecurity, soc-analyst04-Mar-2024
It assignment helper https://www.fiverr.com/s/QAR93yhttps://medium.com/@drugdirectory96/it-assignment-helper-https-www-fiverr-com-s-qar93y-30e688ba78e9?source=rss------bug_bounty-5Masud Ranajavascript, money, bug-bounty, software-development, bug-bounty-tips04-Mar-2024
My Report Summaries #1: Project manager can see & download all users’ login history at redacted app…https://infosecwriteups.com/my-report-summaries-1-project-manager-can-see-download-all-users-login-history-at-redacted-app-6a41597b5d11?source=rss------bug_bounty-5can1337infosec, bug-bounty, idor, cybersecurity04-Mar-2024
Come diventare un hacker nel 2024https://medium.com/@d0lf1_/come-diventare-un-hacker-nel-2024-493c8c0ced9a?source=rss------bug_bounty-5d0lf1italiano, penetration-testing, google, bug-bounty, hacking04-Mar-2024
11.8 Lab: Exploiting XXE via image file upload | 2024https://cyberw1ng.medium.com/11-8-lab-exploiting-xxe-via-image-file-upload-2024-e2840c3b85f3?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing04-Mar-2024
Simple vulnerability in a Cyber Security conferencehttps://medium.com/@jsamia/simple-vulnerability-in-a-cyber-security-conference-c06a53c6e4b7?source=rss------bug_bounty-5Jaeden Samiasecurity, ethical-hacking, bugs, bug-bounty04-Mar-2024
The Ethics of Bug Bounties: Balancing Incentives and Securityhttps://medium.com/@securelearn/the-ethics-of-bug-bounties-balancing-incentives-and-security-7501a4aaa246?source=rss------bug_bounty-5Rohan Giribug-fixes, bug-bounty-tips, ethical-hacking, cybersecurity, bug-bounty03-Mar-2024
Recently Discovered Several Bugs in a Private Programhttps://zapstiko.medium.com/recently-discovered-several-bugs-in-a-private-program-8dc900bf6fe9?source=rss------bug_bounty-5Raihan Biswasbug-bounty, bugs, idor-vulnerability, information-disclosure, bug-bounty-tips03-Mar-2024
Google Dorking aka “Google Hacking”https://medium.com/@dasmanish6176/google-dorking-aka-google-hacking-49fb5a511345?source=rss------bug_bounty-5Dasmanishgoogle-dork, google-hacking, penetration-testing, bug-bounty03-Mar-2024
PHP Session Poisoning using LFI.https://medium.com/@YNS21/php-session-poisoning-using-lfi-36d7df012777?source=rss------bug_bounty-5Youness Abbidahackerone, bug-bounty, bugcrowd, php, vulnerability03-Mar-2024
Discovered potential SQL injection through parameter testinghttps://medium.com/@pankajnandkar/discovered-potential-sql-injection-through-parameter-testing-0be4364d9b7a?source=rss------bug_bounty-5Pankaj Nandkarbug-bounty-tips, ethical-hacking, sql-injection, bug-bounty, cybersecurity03-Mar-2024
11.7 Lab: Exploiting XInclude to retrieve files | 2024https://cyberw1ng.medium.com/11-7-lab-exploiting-xinclude-to-retrieve-files-2024-2f7751d777fa?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, hacking, cybersecurity03-Mar-2024
Sneak Peek: Mastering Blind SQL Injection with SQLMap and Manual Techniques (CVE-2023–6063)https://medium.com/@josh.beck2006/sneak-peek-mastering-blind-sql-injection-with-sqlmap-and-manual-techniques-cve-2023-6063-af904f61f822?source=rss------bug_bounty-5Josh Beckpenetration-testing, cybersecurity, bug-bounty, oscp03-Mar-2024
Magic Links as Gateways Account Takeovershttps://sl4x0.medium.com/magic-links-as-gateways-account-takeovers-e9c911ceb6f9?source=rss------bug_bounty-5Abdelrhman Allam (sl4x0)magic-link, account-takeover, bug-bounty, web-security, pentesting03-Mar-2024
HBO BUB in production. Can’t UNsubscribehttps://medium.com/@shanlogauthier/hbo-bub-in-production-cant-unsubscribe-b0b3982d2292?source=rss------bug_bounty-5Shanlogauthierbug-bounty, max, hbo-max, hbo, bugs03-Mar-2024
Exploiting Grafana To achieve Remote Command Executionhttps://medium.com/@konqi/exploiting-grafana-to-achieve-remote-command-execution-5eb0f99cb107?source=rss------bug_bounty-5Vahagn Israelianhacking, bug-bounty, vulnerability, penetration-testing, grafana02-Mar-2024
the Power of Twitter OSINThttps://medium.com/@paritoshblogs/the-power-of-twitter-osint-059cfaa3b0e2?source=rss------bug_bounty-5Paritoshtwitter, cybersecurity, bug-bounty, threat-intelligence, hacking02-Mar-2024
https://medium.com/@morganbinbash/-46d5d16114c8?source=rss------bug_bounty-5Morgan Bin Bashfrontend, cybersecurity, bug-bounty, pentesting02-Mar-2024
the Power of Twitter OSINThttps://infosecwriteups.com/the-power-of-twitter-osint-059cfaa3b0e2?source=rss------bug_bounty-5Paritoshtwitter, cybersecurity, bug-bounty, threat-intelligence, hacking02-Mar-2024
My first IDOR hunting storyhttps://medium.com/@loverslandgandhi/my-first-idor-hunting-story-42c71fbe06dc?source=rss------bug_bounty-5Loverslandgandhiethical-hacking, bug-bounty-hunter, bug-bounty-tips, cybersecurity, bug-bounty02-Mar-2024
How I Got Highly Sensetive Api Keys On A Private Hackerone Programhttps://medium.com/@mrraghavop12/how-i-got-highly-sensetive-api-keys-on-a-private-hackerone-program-b40c6de80708?source=rss------bug_bounty-5Ethical Raghavcybersecurity, data-science, bug-bounty, technology, web-development02-Mar-2024
Unveiling the Secrets: SSRF Adventures in Microsoft’s AI Playgroundhttps://medium.com/@soufianehabti/unveiling-the-secrets-ssrf-adventures-in-microsofts-ai-playground-26c7872b32fc?source=rss------bug_bounty-5Soufiane Habtibug-bounty, microsoft, security, ai, artificial-intelligence02-Mar-2024
Bypassing the Bluecoat Unified Agenthttps://medium.com/@0xSphinx/bypassing-the-bluecoat-unified-agent-36ada54fe789?source=rss------bug_bounty-50xSphinxhacking, penetration-testing, security, bug-bounty, cybersecurity02-Mar-2024
What is RedTeaming ?https://aboutjbr.medium.com/what-is-redteaming-8699650f4265?source=rss------bug_bounty-5Jbrethical-hacking, bug-bounty, red-team, cybersecurity, hacking02-Mar-2024
bersecurity11.6 Lab: Exploiting blind XXE to retrieve data via error messages | 2024https://cyberw1ng.medium.com/bersecurity11-6-lab-exploiting-blind-xxe-to-retrieve-data-via-error-messages-2024-4b7f1340195a?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, cybersecurity, careers02-Mar-2024
How to hack a LTE Router? Just text it!https://medium.com/@mateusz-msl-lach/how-to-hack-a-lte-router-just-text-it-847f526c0a7f?source=rss------bug_bounty-5Mateusz Lachxss-attack, cybersecurity, cve, bug-bounty, zte02-Mar-2024
My first IDOR hunting storyhttps://hackergandhi.medium.com/my-first-idor-hunting-story-42c71fbe06dc?source=rss------bug_bounty-5hackergandhiethical-hacking, bug-bounty-hunter, bug-bounty-tips, cybersecurity, bug-bounty02-Mar-2024
XML Injection: Deep Divehttps://cyberbull.medium.com/xml-injection-deep-dive-2e6e7132732d?source=rss------bug_bounty-5Aditya Pandeyxml, bug-fixes, injection, bug-bounty, cybersecurity01-Mar-2024
$600 Simple MFA Bypass — Graphqlhttps://securitycipher.medium.com/600-simple-mfa-bypass-graphql-b46c6a4c5b82?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)security, cybersecurity, bug-bounty, technology, hacking01-Mar-2024
XSS : A Fight With The WAFhttps://medium.com/@itsmeliodas/xss-a-fight-with-the-waf-a08a4fc6012c?source=rss------bug_bounty-5Meliodascybersecurity, xss-attack, bug-bounty01-Mar-2024
Understanding Cybersecurity: Safeguarding the Digital Realmhttps://medium.com/@thirdeye1910/understanding-cybersecurity-safeguarding-the-digital-realm-8b36c55bec61?source=rss------bug_bounty-5Rajib Hassenbug-bounty, ethereum, cyberattack, cybersecurity01-Mar-2024
11.5 Lab: Exploiting blind XXE to exfiltrate data using a malicious external DTD | 2024https://infosecwriteups.com/11-5-lab-exploiting-blind-xxe-to-exfiltrate-data-using-a-malicious-external-dtd-2024-a0cc2615cd5e?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, cybersecurity, hacking, security01-Mar-2024
Retrieving SUI Wallet Passphrase and Private Key without Passwordhttps://medium.com/@mgthuramoemyint/retrieving-sui-wallet-passphrase-and-private-key-without-password-8c7ae9d30033?source=rss------bug_bounty-5Thura Moe Myintbug-bounty, security01-Mar-2024
Medium Bug Bounty on Hacker One — Broken Linkhttps://medium.com/bugs-that-bite/medium-bug-bounty-on-hacker-one-broken-link-b121c8896843?source=rss------bug_bounty-5Teri Radichelsecurity, bug-bounty, bugs, medium, hackerone29-Feb-2024
Critical vulnerability in Flask AppBuilder — CVE-2024–25128https://systemweakness.com/critical-vulnerability-in-flask-appbuilder-cve-2024-25128-a8693fb31d86?source=rss------bug_bounty-5ElNiakvulnerability, cybersecurity, flask, bug-bounty, python29-Feb-2024
Version disclosure in headers and response : Security threathttps://medium.com/@zakeeandroid/version-disclosure-in-headers-and-response-security-threat-0b4e86272018?source=rss------bug_bounty-5Mohamed Zakeeapplication-security, bug-bounty, cybersecurity29-Feb-2024
Stored XSS on Bug Bounty Programhttps://medium.com/@bry4nzheng/stored-xss-on-bug-bounty-program-092d6c262c1b?source=rss------bug_bounty-5Bryan Zhengpenetration-testing, cybersecurity, bug-bounty29-Feb-2024
Simple Tips for Bug Bounty Beginners: Finding API Key Leakage Vulnerabilitieshttps://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-api-key-leakage-vulnerabilities-eddc416216ce?source=rss------bug_bounty-5Anish Narayanbug-bounty-writeup, secure-api-key, bug-bounty-tips, bug-bounty-hunting, bug-bounty29-Feb-2024
How to Excel at CTF Games with Linux Command Line Toolshttps://dpericich.medium.com/how-to-excel-at-ctf-games-with-linux-command-line-tools-a68fba09cbfa?source=rss------bug_bounty-5Daniel Pericichcybersecurity, linux, terminal, bug-bounty, software-engineering29-Feb-2024
How do I found Blind SSRF on a Hackerone Programhttps://codingninjablogs.tech/how-do-i-found-blind-ssrf-on-a-hackerone-program-3f7c315c20c9?source=rss------bug_bounty-5#!/Subhankarcve, hacking, bug-bounty, ssrf, hackerone29-Feb-2024
Horizontal Privilege Escalation Leads to Bountyhttps://medium.com/@hellother18/horizontal-privilege-escalation-leads-to-bounty-f87aebbed8ab?source=rss------bug_bounty-5Manthan_ mahalebugbounty-tips, hackerone, bounty-program, privilege-escalation, bug-bounty29-Feb-2024
11.4 Lab: Blind XXE with out-of-band interaction via XML parameter entities | 2024https://infosecwriteups.com/11-4-lab-blind-xxe-with-out-of-band-interaction-via-xml-parameter-entities-2024-14fbb40ba2f0?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, penetration-testing, cybersecurity, hacking29-Feb-2024
SQL Injection: Beyond ‘OR 1=1’. An iCSI CTFhttps://medium.com/@josh.beck2006/sql-injection-beyond-or-1-1-an-icsi-ctf-b468b1dfa851?source=rss------bug_bounty-5Josh Beckcybersecurity, oscp, bug-bounty, ctf-writeup29-Feb-2024
Authentication Bypass Using Response Manipulationhttps://medium.com/@kundanp70559361/authentication-bypass-using-response-manipulation-c95969e787a8?source=rss------bug_bounty-5kundan prasadscience, cyber-security-awareness, hacking, bug-bounty, cybersecurity29-Feb-2024
Maximizing Bug Bounty Earnings with Burp Suite: Essential Tools and Plugins.https://medium.com/@montymahapatra79/maximizing-bug-bounty-earnings-with-burp-suite-essential-tools-and-plugins-84468c5d969d?source=rss------bug_bounty-5Montymahapatraburpsuite-profissional, burpsuite, bug-bounty, burpsuite-extension, bug-bounty-tips29-Feb-2024
First Bug Bountyhttps://medium.com/@tom.sh/first-bug-bounty-ba6088fc2615?source=rss------bug_bounty-5Tomcybersecurity, bugcrowd, hackerone, bug-bounty, hacking29-Feb-2024
How to find your first XSS vulnerability!!!https://medium.com/@basti_Sec/how-to-find-your-first-xss-vulnerability-a35cb69b2f56?source=rss------bug_bounty-5Basti_Secbug-bounty-hunter, xss-vulnerability, hacking, bug-bounty, xss-attack29-Feb-2024
The Reality of Cloud Hackinghttps://medium.com/@paritoshblogs/the-reality-of-cloud-hacking-8a061059dfcc?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, cloud-computing, cloud-hacking, hacking28-Feb-2024
Email verification bypass leads to create unlimited user accounts with what ever email idhttps://medium.com/@Rahulkrishnan_R_Panicker/email-verification-bypass-leads-to-create-unlimited-user-accounts-with-what-ever-email-id-68a2069185e4?source=rss------bug_bounty-5Rahulkrishnan R Panickertechnology, cybersecurity, hacking, bug-bounty, programming28-Feb-2024
symfony profiler kritik təhlükəsizlik açığı $$$https://memmedrehimzade.medium.com/symfony-profiler-kritik-t%C9%99hl%C3%BCk%C9%99sizlik-a%C3%A7%C4%B1%C4%9F%C4%B1-622ae6495fef?source=rss------bug_bounty-5memmed rehimzadekibertəhlükəsizlik, bug-bounty, cybertime28-Feb-2024
Microsoft Azure Cloud Service’s uAMQP Library Flaw and Its Potential for RCE — CVE-2024–27099…https://medium.com/@elniak/microsoft-azure-cloud-services-uamqp-library-flaw-and-its-potential-for-rce-cve-2024-27099-3d717cdb45f3?source=rss------bug_bounty-5ElNiakvulnerability, bug-bounty, cloud, azure, cybersecurity28-Feb-2024
https://medium.com/@morganbinbash/-af057d8d6788?source=rss------bug_bounty-5Morgan Bin Bashcybersecurity, pentesting, bug-bounty28-Feb-2024
Revolutionize Your Bug Hunting: Jam.dev Turbocharges Bug Reportinghttps://medium.com/@merisstupar11/revolutionize-your-bug-hunting-jam-dev-turbocharges-bug-reporting-2df14351766f?source=rss------bug_bounty-5Meris Stuparbug-bounty, programming, testing, software-engineering, github28-Feb-2024
How do I automate my recon — Part Twohttps://medium.com/@aliraah/how-do-i-automate-my-recon-part-two-b39a66b4c23d?source=rss------bug_bounty-5Aliraahpython, bug-bounty, automation, infosec, reconnaissance28-Feb-2024
Pre-Account Takeover Leading To Broken Access Controlhttps://medium.com/@bcarikci-dev/pre-account-takeover-leading-to-broken-access-control-13916ca02483?source=rss------bug_bounty-5Berkay Çarıkçıoğlubroken-access-control, bug-bounty, cybersecurity, hacking, penetration-testing28-Feb-2024
cybers11.3 Lab: Blind XXE with out-of-band interaction | 2024https://infosecwriteups.com/cybers11-3-lab-blind-xxe-with-out-of-band-interaction-2024-9f2f5caf98ad?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, cybersecurity, penetration-testing, hacking28-Feb-2024
[TOOL GUIDE] Bypass-http a python tool to find 403 & 401 bypasshttps://medium.com/@reinhardt.pwn/tool-guide-bypass-http-a-python-tool-to-find-403-401-bypass-b46ff0bd6978?source=rss------bug_bounty-5|Reinhardt|cybersecurity-tools, cybersecurity, pentest, bug-bounty28-Feb-2024
Yerel bir DTD’yi yeniden kullanarak kör XXE’den yararlanmahttps://medium.com/@hhuseyinuyar17/yerel-bir-dtdyi-yeniden-kullanarak-k%C3%B6r-xxe-den-yararlanma-f999fbbfdd0a?source=rss------bug_bounty-5Hhuseyinuyarxml, burpsuite, injection, bug-bounty, xxe28-Feb-2024
how i make 6,000$ with jwt manipulation on web3 crypto application ?https://medium.com/@zack0x01_/how-i-make-6-000-with-jwt-manipulation-on-web3-crypto-application-1e659c927647?source=rss------bug_bounty-5zack0x01bug-bounty-program, bug-bounty, bug-bounty-tips, bug-bounty-writeup28-Feb-2024
Hack Stories: Hacking Hackers EP:2https://infosecwriteups.com/hack-stories-hacking-hackers-ep-2-b4d2e628781e?source=rss------bug_bounty-5c0d3x27cybersecurity, threat-intelligence, hacking, software-development, bug-bounty28-Feb-2024
First bug and bountyhttps://medium.com/@Rahulkrishnan_R_Panicker/first-bug-and-bounty-5612ba5d455e?source=rss------bug_bounty-5Rahulkrishnan R Panickerinfo-sec-writeups, bug-bounty, programming, technology, infosec27-Feb-2024
Jenkins Arbitrary File Reading Vulnerability (CVE-2024–23897) — Bug Bounty Tuesdayhttps://medium.com/@kerstan/jenkins-arbitrary-file-reading-vulnerability-cve-2024-23897-bug-bounty-tuesday-8e3a69443d9b?source=rss------bug_bounty-5kerstantechnology, bug-bounty, security, cybersecurity, programming27-Feb-2024
Bug Bounty should be a goto solution for your web3 security needshttps://securrtech.medium.com/bug-bounty-should-be-a-goto-solution-for-your-web3-security-needs-46b0f07b1a96?source=rss------bug_bounty-5Securrweb3-security, bug-bounty, web327-Feb-2024
Leak JWT Private Key leads to Bypass Authenticationhttps://sonnguy3n.medium.com/leak-jwt-private-key-leads-to-bypass-authentication-e0bd984f55ad?source=rss------bug_bounty-5Son Nguyensecurity, bypass, bug-bounty, jwt-token27-Feb-2024
Finding and exploiting blind XXE vulnerabilitieshttps://cyberw1ng.medium.com/finding-and-exploiting-blind-xxe-vulnerabilities-446f1f41eab9?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, penetration-testing, careers, bug-bounty27-Feb-2024
Reconnaissance: A Google-Dorking Affairhttps://medium.com/@kieran.x.willey/reconnaissance-a-google-dorking-affair-21edfb4e3b0f?source=rss------bug_bounty-5Kieran Wpenetration-testing, bug-bounty, reconnaissance, hacking, google-dorking27-Feb-2024
How do you know if someone has opened your email or not?https://medium.com/@deadoverflow/how-do-you-know-if-someone-has-opened-your-email-or-not-c5bcefda3a89?source=rss------bug_bounty-5Imad Husanovicbug-bounty, chrome-extension, hacking, programming, cybersecurity27-Feb-2024
Read This If You Still Watch Porn in Google Incognito Mode ⚫https://medium.com/@Ajakcybersecurity/read-this-if-you-still-watch-porn-in-google-incognito-mode-ab4a5faa1dcc?source=rss------bug_bounty-5AjakCybersecuritygoogle, history, ethical-hacking, bug-bounty, cybersecurity27-Feb-2024
CVE-2023–40000: How Safe Is Your Internet Box? ️https://medium.com/coded-tech-talk/cve-2023-40000-how-safe-is-your-internet-box-%EF%B8%8F-06ff1f872f7b?source=rss------bug_bounty-5Coded Conversationscyber-security-awareness, cve, vulnerability, cybersecurity, bug-bounty27-Feb-2024
The Exploitation of Massive Slack Workspaces Registration Vulnerabilityhttps://medium.com/@siratsami71/the-exploitation-of-massive-slack-workspaces-registration-vulnerability-0c0e76e5cd3e?source=rss------bug_bounty-5Sirat Sami (analyz3r)bug-bounty, cybersecurity, hackerone27-Feb-2024
Major Security Flaw in ConnectWise ScreenConnect — CVE-2024–1709https://medium.com/@elniak/major-security-flaw-in-connectwise-screenconnect-cve-2024-1709-633015ba2b9f?source=rss------bug_bounty-5ElNiakcve, cybersecurity, ransomware, bug-bounty, penetration-testing26-Feb-2024
Pwn College — Talking to Web Walkthrough by Karthikeyan Nagarajhttps://infosecwriteups.com/pwn-college-talking-to-web-walkthrough-by-karthikeyan-nagaraj-48d13b3a1216?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, hacking, security, careers26-Feb-2024
This is How I Received My Acknowledgement from Microsofthttps://medium.com/@kamilrahman32/this-is-how-i-received-my-acknowledgement-from-microsoft-2366b58cbd98?source=rss------bug_bounty-5Kamil Rahumanmicrosoft, cybersecurity, hall-of-fame, bug-bounty, bug-bounty-tips26-Feb-2024
Hunting for Hidden Parameters in Burp Suitehttps://medium.com/mii-cybersec/hunting-for-hidden-parameters-in-burp-suite-98b54616f863?source=rss------bug_bounty-5Bryan Matthewhidden-parameters, bug-bounty, burpsuite, red-team, owasp26-Feb-2024
Lakshya CTF 2k24 by pict cyber cellhttps://medium.com/@suyogpatil1810/lakshya-ctf-2k24-by-pict-cyber-cell-6ec37ec0b954?source=rss------bug_bounty-5Suyog Patilctf-writeup, bug-bounty, ctf, engineering, hacking26-Feb-2024
How I Found Xss In A Inactive Hackerone Program With My Mobilehttps://medium.com/@mrraghavop12/how-i-found-xss-in-a-inactive-hackerone-program-34464552256e?source=rss------bug_bounty-5Ethical Raghavbug-bounty-tips, technology, blockchain, bug-bounty, cybersecurity26-Feb-2024
Glider: Revolutionizing Web3 Auditing and Security Analysishttps://medium.com/coinmonks/glider-revolutionizing-web3-auditing-and-security-analysis-3a3ad6add87d?source=rss------bug_bounty-5Officer's Notesbug-bounty, solidity, smart-contracts, dapps, blockchain26-Feb-2024
Hacking Android Apps With Fridahttps://blog.prodefense.io/hacking-android-apps-with-frida-f4b9121228b6?source=rss------bug_bounty-5Matthew Keeleysecurity, pentesting, bug-bounty, android, hacking26-Feb-2024
Html-Injection [ Bug Bounty ]https://medium.com/@rhashibur75/html-injection-bug-bounty-a41f87217118?source=rss------bug_bounty-5Kazi Hashibur Rahmanbug-bounty25-Feb-2024
Create Your Own File Extensionhttps://medium.com/@paritoshblogs/create-your-own-file-extension-fa484c677590?source=rss------bug_bounty-5Paritoshcoding, file-extension, bug-bounty, programming, information-technology25-Feb-2024
Business Logic Error in the Comment Section of a Porn sitehttps://medium.com/@vflexo/business-logic-error-in-the-comment-section-of-a-porn-site-42643f66dfee?source=rss------bug_bounty-5vFlexovapt, cybersecurity, ethical-hacking, bug-bounty, penetration-testing25-Feb-2024
CRLF injectionhttps://medium.com/@R00tendo/crlf-injection-ae26521c5e4c?source=rss------bug_bounty-5R00tendoweb-application-security, bug-bounty, web-security, crlf-injection25-Feb-2024
The Story of How I Hacked a Website with a Simple Stored XSS Payload (And How Bugcrowd Turned Me…https://medium.com/@iamrizwanvp/the-story-of-how-i-hacked-a-website-with-a-simple-stored-xss-payload-and-how-bugcrowd-turned-me-63773d5906ff?source=rss------bug_bounty-5RIZWANbug-bounty-tips, cybersecurity, bug-bounty, penetration-testing, vulnerability25-Feb-2024
I took over 10 Million Accounts, Easy API Hackinghttps://infosecwriteups.com/i-took-over-10-million-accounts-easy-api-hacking-89a7092abe40?source=rss------bug_bounty-5Ravaanbug-bounty, bug-bounty-writeup, api, hacking, cybersecurity25-Feb-2024
Beyond the Wall: Bypassing OTP, WAF, and 403 for exploiting a SQL Injectionhttps://medium.com/@remmy9/beyond-the-wall-bypassing-otp-waf-and-403-for-exploiting-a-sql-injection-97f06a3527c0?source=rss------bug_bounty-5Remmyhacking, 403-bypass, bug-bounty, waf-bypass, sql-injection25-Feb-2024
10.5 Lab: Blind SSRF with out-of-band detection | 2024https://cyberw1ng.medium.com/10-5-lab-blind-ssrf-with-out-of-band-detection-2024-2497bcf7859c?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, bug-bounty, security, careers25-Feb-2024
The Aspida Bug Bounty Programhttps://medium.com/@aspidabd/the-aspida-bug-bounty-program-84e4495955c1?source=rss------bug_bounty-5Aspidalsd, lsdfi, blockchain, staking, bug-bounty24-Feb-2024
Best Approach to active Directory: 2https://medium.com/@anekantsinghai/best-approach-to-active-directory-2-b32a8bb2be7e?source=rss------bug_bounty-5Anekant Singhai Jainpenetration-testing, windows, bug-bounty, cybersecurity, active-directory24-Feb-2024
Explaining and exploiting open redirect vulnerabilitieshttps://medium.com/@R00tendo/explaining-and-exploiting-open-redirect-vulnerabilities-67dd825e2c49?source=rss------bug_bounty-5R00tendoopen-redirect, web-security, bug-bounty, web-application-security, web-hacking24-Feb-2024
How I Got $5,000 for Out-of-Scope XSShttps://7odamoo.medium.com/how-i-got-5-000-for-out-of-scope-xss-f96938a8c561?source=rss------bug_bounty-5Mahmoud Hamed (7odamoo)bug-bounty-tips, bug-bounty, pentesting24-Feb-2024
Ethernaut Challenge Level 16: Solution (Preservation)https://shubhamnagar1.medium.com/ethernaut-challenge-level-16-solution-preservation-4403230b469c?source=rss------bug_bounty-5Shubham Nagarsolidity, blockchain, cybersecurity, bug-bounty, ethernaut24-Feb-2024
Bypass Rate Limits on authentication endpoints like a pro………!https://medium.com/@a13h1/bypass-rate-limits-on-authentication-endpoints-like-a-pro-2054460a43c0?source=rss------bug_bounty-5Abhi Sharmaprogramming, rate-limiting, api, cybersecurity, bug-bounty24-Feb-2024
10.4 Lab: SSRF with filter bypass via open redirection vulnerability | 2024https://cyberw1ng.medium.com/10-4-lab-ssrf-with-filter-bypass-via-open-redirection-vulnerability-2024-fa36d8f10968?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, security, bug-bounty, hacking24-Feb-2024
How i was able to hack over 10 million websites using BAC : broken access controle .https://medium.com/@zack0x01_/how-i-was-able-to-hack-over-10-million-websites-using-bac-broken-access-controle-ce6b704e3dcb?source=rss------bug_bounty-5zack0x01hacking-training, bug-bounty-tips, bug-bounty, bug-bounty-writeup, hacking23-Feb-2024
How Automation Detected Default Admin Credential Worth $500https://vijetareigns.medium.com/how-automation-detected-default-admin-credential-worth-500-d6c09719d307?source=rss------bug_bounty-5the_unlucky_guybug-bounty-tips, bug-bounty-writeup, bug-bounty, bugbounty-writeup, cybersecurity23-Feb-2024
Shodan - “Unauthorized access to setup panel”https://medium.com/@bug.hun3r/shodan-power-unauthorized-access-to-setup-panel-c64bd63f9b3e?source=rss------bug_bounty-5mo9kHu93rhacking, web-application-security, bug-hunting, cybersecurity, bug-bounty23-Feb-2024
10.3 Lab: SSRF with blacklist-based input filter | 2024https://cyberw1ng.medium.com/10-3-lab-ssrf-with-blacklist-based-input-filter-2024-9a7972ab7e8f?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, security, careers, hacking, bug-bounty23-Feb-2024
From CRLF Injection to XSS: Elevating the Stakes in Apple iTunes Securityhttps://xelkomy.medium.com/from-crlf-injection-to-xss-elevating-the-stakes-in-apple-itunes-security-597dc435fd82?source=rss------bug_bounty-5Khaled Mohamedcrlf, infosec, bug-bounty, penetration-testing, xs23-Feb-2024
Unveiling Bug Bounties: Balancing the Scale of Application Securityhttps://sushantkatare.medium.com/unveiling-bug-bounties-balancing-the-scale-of-application-security-be5645395101?source=rss------bug_bounty-5Sushant Katare, CISSPbug-bounty, vulnerability, bugs23-Feb-2024
Hacking Web Meeting/Webinar Apphttps://ronak-9889.medium.com/hacking-web-meeting-webinar-app-1cb31c648752?source=rss------bug_bounty-5Ronak Patelinformation-security, ethical-hacking, cybersecurity, bug-bounty23-Feb-2024
A Pen worth 80K (BBP#2)https://infosecwriteups.com/a-pen-worth-80k-bbp-2-dceb0db18366?source=rss------bug_bounty-5Devender Raopenetration-testing, cybersecurity, bug-bounty, application-security, linux23-Feb-2024
How I Got 1-Click ATO through self-XSShttps://medium.com/@0x3adly/how-i-was-able-to-get-1-click-ato-through-self-xss-6a6f59b3a6da?source=rss------bug_bounty-5Anas Eladly ( 0x3adly )bug-bounty, csrf, penetration-testing, cross-site-scripting, bug-bounty-tips22-Feb-2024
Disclose assigned apps of any facebook userhttps://gtm0x01.medium.com/disclose-assigned-apps-of-any-facebook-user-e78bcff1de71?source=rss------bug_bounty-5Gtm Mänôzbug-bounty, graphql, facebook-bug-bounty, bug-bounty-writeup, infosec22-Feb-2024
IDOR: The Simple Switchhttps://medium.com/@ganga_/idor-the-simple-switch-19d881358552?source=rss------bug_bounty-5Gangaethical-hacking, bug-bounty-writeup, bug-bounty, web-application-security, penetration-testing22-Feb-2024
How To Report a Vulnerability which is not a part of the VDP Program?https://medium.com/@Ajakcybersecurity/how-to-report-a-vulnerability-which-is-not-a-part-of-the-vdp-program-b7b951795c45?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, penetration-testing, bug-bounty, hacking, blog22-Feb-2024
HTTP-Only Sessions: No Problem? ATO Still Lurks via XSS!https://kokomagedd.medium.com/http-only-sessions-no-problem-ato-still-lurks-via-xss-d415dec701d0?source=rss------bug_bounty-5Kyrillos Magedbug-bounty, bug-bounty-tips, xss-attack, cybersecurity, infosec22-Feb-2024
Mastering BetterCap: A Beginner’s Guide to Network Attacks and Monitoringhttps://infosecwriteups.com/mastering-bettercap-a-beginners-guide-to-network-attacks-and-monitoring-b313c1f85489?source=rss------bug_bounty-5ElNiakbug-bounty, cybersecurity, reconnaissance, network-security, bettercap22-Feb-2024
Exploiting XSS to Perform CSRFhttps://medium.com/@marduk.i.am/exploiting-xss-to-perform-csrf-275288910459?source=rss------bug_bounty-5Marduk I Amstored-xss, cybersecurity, bug-bounty, portswigger-lab, cross-site-scripting22-Feb-2024
How I logged into user accounts with no informationhttps://medium.com/@jsamia/how-i-logged-into-user-accounts-with-no-information-629f50e8885d?source=rss------bug_bounty-5Jaeden Samiasecurity, ethical-hacking, bug-bounty22-Feb-2024
Using Wayback And DNS rebinding For SSRFhttps://medium.com/@amnotacat/using-wayback-and-dns-rebinding-for-ssrf-a5a16f611acc?source=rss------bug_bounty-5amnotacatbug-bounty22-Feb-2024
Exploit Development: Classic Buffer Overflowshttps://medium.com/@boogsta/exploit-development-classic-buffer-overflows-0416a7ed1d9a?source=rss------bug_bounty-5Boogstacyber, hacking, bug-bounty, tryhackme, cybersecurity22-Feb-2024
Hack The Box Certified Bug Bounty Hunter (CBBH) Reviewhttps://medium.com/@josselin_poupeney/hack-the-box-certified-bug-bounty-hunter-cbbh-review-f25796cb22ee?source=rss------bug_bounty-5Josselin Poupeneybug-bounty, pentesting, hackin, cbbh, hackthebox22-Feb-2024
How Bug Bounties Are Incentivising Ethical Hackinghttps://medium.com/@cybertec/how-bug-bounties-are-incentivising-ethical-hacking-1fa49410e0aa?source=rss------bug_bounty-5Jonathan Paulsonbug-bounty, hacking, cybercrime, cybersecurity, quantum-computing22-Feb-2024
Absolute Beginners Guide For Finding P4 Bugs (With Real Example!)-Part 2https://medium.com/@avbhijitdutta99/absolute-beginners-guide-for-finding-p4-bugs-with-real-example-part-2-c4a9d9c7af43?source=rss------bug_bounty-5Cyberbeatbugs, cybersecurity, cyberattack, bug-bounty, bug-bounty-tips21-Feb-2024
10 Kesalahan Coding Yang Membuat Aplikasi Kurang Amanhttps://medium.com/@yasminramadini/10-kesalahan-coding-yang-membuat-aplikasi-kurang-aman-77da9d768594?source=rss------bug_bounty-5Yasmin Ramadiniprogramming, cybersecurity, cyber-security-awareness, coding, bug-bounty21-Feb-2024
Understanding Wazuhhttps://medium.com/@paritoshblogs/understanding-wazuh-b4748d21c6ba?source=rss------bug_bounty-5Paritoshthreat-detection, siem, cybersecurity, bug-bounty, wazuh21-Feb-2024
Bug bounty writeup : 2F/OTP Bypass on Registeration via Response manipulationhttps://noorhomaid.medium.com/bug-bounty-writeup-2f-otp-bypass-on-registeration-via-response-manipulation-2e53573ffa4c?source=rss------bug_bounty-5NoorHomaidbug-bounty, ethical-hacking, bugbounty-writeup, cybersecurity21-Feb-2024
9.5 Lab: Exploiting time-sensitive vulnerabilities | 2024https://infosecwriteups.com/9-5-lab-exploiting-time-sensitive-vulnerabilities-2024-d5bf94cdcf59?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, security, hacking, cybersecurity21-Feb-2024
Critical Vulnerabilities in VMware EAP Uncovered — Unraveling CVE-2024–22245https://medium.com/@elniak/critical-vulnerabilities-in-vmware-eap-uncovered-unraveling-cve-2024-22245-08746ff09907?source=rss------bug_bounty-5ElNiakvulnerability, programming, bug-bounty, vmware, cybersecurity21-Feb-2024
This is the easiest bug you can find right now.https://medium.com/@an0nbil/this-is-the-easiest-bug-you-can-find-right-now-eb324861c238?source=rss------bug_bounty-5an0nbilethical-hacking, bug-bounty, programming, bug-bounty-tips, cybersecurity21-Feb-2024
Critical Vulnerabilities in VMware EAP Uncovered — Unraveling CVE-2024–22245https://systemweakness.com/critical-vulnerabilities-in-vmware-eap-uncovered-unraveling-cve-2024-22245-08746ff09907?source=rss------bug_bounty-5ElNiakvulnerability, programming, bug-bounty, vmware, cybersecurity21-Feb-2024
9.4 Lab: Single-endpoint race conditions | 2024https://cyberw1ng.medium.com/9-4-lab-single-endpoint-race-conditions-2024-40b12d1ae4be?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, security, careers, cybersecurity, hacking20-Feb-2024
Apa Itu Cross Site Scripting? Jenis, Dampak, Dan Pencegahannyahttps://medium.com/@yasminramadini/apa-itu-cross-site-scripting-jenis-dampak-dan-pencegahannya-e507eedb43f8?source=rss------bug_bounty-5Yasmin Ramadinicybersecurity, xss-attack, pentesting, cyber-security-awareness, bug-bounty20-Feb-2024
My Unbelievable Hack into HR Admin — A Bug Bounty Tale!!!https://medium.com/@ratnadip1998/my-unbelievable-hack-into-hr-admin-a-bug-bounty-tale-853338770d8c?source=rss------bug_bounty-5Ratnadip Gajbhiyebugcrowd, ethical-hacking, bug-bounty, bug-bounty-tips, hackerone20-Feb-2024
Hou I Discovering the Origin IP In Bug Bounty — Bug Bounty Tuesdayhttps://medium.com/@kerstan/hou-i-discovering-the-origin-ip-in-bug-bounty-bug-bounty-tuesday-47fa16c4ef34?source=rss------bug_bounty-5kerstansecurity, technology, bug-bounty, cybersecurity, programming20-Feb-2024
How I Discovering the Origin IP In Bug Bounty — Bug Bounty Tuesdayhttps://medium.com/@kerstan/hou-i-discovering-the-origin-ip-in-bug-bounty-bug-bounty-tuesday-47fa16c4ef34?source=rss------bug_bounty-5kerstansecurity, technology, bug-bounty, cybersecurity, programming20-Feb-2024
Breach the Build: Exploiting Jenkins (CVE-2024–23897)https://medium.com/@josh.beck2006/breach-the-build-exploiting-jenkins-cve-2024-23897-f2ecc415f9bf?source=rss------bug_bounty-5Josh Beckoscp, cybersecurity, ctf-writeup, bug-bounty20-Feb-2024
How easy it is to find Private Info on Googlehttps://medium.com/@lochana8723/mastering-osint-gold-mines-a-guide-to-google-dorking-for-bug-bounty-success-e1f2acbbf4f2?source=rss------bug_bounty-5Lochana Dissanayakecybersecurity, ethical-hacking, bug-bounty, osint20-Feb-2024
Response Manipulation leads to Bypassing the OTP email verificationhttps://kiraadx.medium.com/response-manipulation-leads-to-bypassing-the-otp-email-verification-3107d558e8a5?source=rss------bug_bounty-5KiRaaDxbug-bounty-tips, bug-bounty20-Feb-2024
Day 14 Bug Bounty Challenge — Found $1000 Stored XSShttps://medium.com/@avbhijitdutta99/day-14-bug-bounty-challenge-found-1000-stored-xss-c0c9813bbe5a?source=rss------bug_bounty-5Abhijit Duttabug-bounty, bugbountychallenge, bug-bounty-tips, bug-bounty-writeup19-Feb-2024
9.3 Lab: Multi-endpoint race conditions | 2024https://cyberw1ng.medium.com/9-3-lab-multi-endpoint-race-conditions-2024-5617e806a0fc?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, security, bug-bounty, careers, hacking19-Feb-2024
HackTheBox — Monitoredhttps://medium.com/@mxzartxbyte/hackthebox-monitored-6cd7bc16f080?source=rss------bug_bounty-5mxz4rtbug-bounty, penetration-testing, network-penetration, hackthebox-writeup, hack-the-box-writeup19-Feb-2024
The Ultimate Guide to Top Bug Bounty Platforms in 2024https://medium.com/@crawsecurity/the-ultimate-guide-to-top-bug-bounty-platforms-in-2024-6934a3db42d2?source=rss------bug_bounty-5crawsecuritybugs, bug-fixes, bug-bounty-tips, bug-zero, bug-bounty19-Feb-2024
Unlocking Creativity: TCS HackQuest S8 Unveiled — Round 2https://medium.com/@Dark_D3v1l/unlocking-creativity-tcs-hackquest-s8-unveiled-round-2-a311e68becd4?source=rss------bug_bounty-5Ravitejaweb-security, ctf-writeup, bug-bounty, reverse-engineering, tcs-hackquest19-Feb-2024
How to Find First Bug (For Beginners)https://hackerhq.medium.com/how-to-find-first-bug-for-beginners-22a9177e94a0?source=rss------bug_bounty-5HackerHQcyber-security-awareness, bug-bounty-tips, cybersecurity, hackerone, bug-bounty19-Feb-2024
Android Architecture Components: Android Pentestinghttps://bot2root.medium.com/android-architecture-components-android-pentesting-1279e35c2d32?source=rss------bug_bounty-5Raghuveer Singh Chouhanpentesting, bug-bounty, hacking, cybersecurity, android19-Feb-2024
Searching industrial infrastructure with Netlas.iohttps://netlas.medium.com/searching-industrial-infrastructure-with-netlas-io-49c08ca519a2?source=rss------bug_bounty-5Netlas.iobug-bounty, critical-infrastructure, penetration-testing, cybersecurity, information-security19-Feb-2024
Absolute Beginners Guide For Finding P4 Bugs -Part 1https://medium.com/@avbhijitdutta99/absolute-beginners-guide-for-finding-p4-bugs-part-1-5585cc94ac8b?source=rss------bug_bounty-5Cyberbeatbug-bounty-hunter, bug-bounty-tips, bug-bounty-program, bug-bounty19-Feb-2024
Dorking-Pentesting: Create Your Own Automated Pentesting Toolshttps://medium.com/@elniak/dorking-pentesting-create-your-own-automated-pentesting-tools-11134114c2b7?source=rss------bug_bounty-5ElNiaktools, bug-bounty, python, penetration-testing, google19-Feb-2024
Web Cache Poisoing leads to ATO (Account takeover)https://medium.com/@hoosgamer/web-cache-poisoing-leads-to-ato-account-takeover-2522b4583a97?source=rss------bug_bounty-5HooShacking, bug-bounty-tips, bug-bounty, bug-bounty-writeup, web-security19-Feb-2024
Apa Itu Security Operation Center (SOC)https://medium.com/@yasminramadini/apa-itu-security-operation-center-soc-345f56cd85f3?source=rss------bug_bounty-5Yasmin Ramadinipentesting, bug-bounty, cybersecurity, soc-analyst, ethical-hacking18-Feb-2024
HackTheBox — SQLMap Essentialshttps://medium.com/@harry.hphu/hackthebox-sqlmap-essentials-72eaa7a13596?source=rss------bug_bounty-5Huy Phuweb-application-security, bug-bounty, sql, hackthebox18-Feb-2024
Introduction to API Testing — API Discovery and Interactionhttps://medium.com/@harry.hphu/introduction-to-api-testing-api-discovery-and-interaction-705248fc089e?source=rss------bug_bounty-5Huy Phuapi, bug-bounty, web-application-security, api-testing18-Feb-2024
Introduction to API Testing — Reconnaissancehttps://medium.com/@harry.hphu/introduction-to-api-testing-reconnaissance-7b471f4f4e73?source=rss------bug_bounty-5Huy Phuweb-application-security, api-testing, api, bug-bounty18-Feb-2024
Easy automation of bug bounty using Ethredhttps://medium.com/@eyaalgabay/automate-bug-bounty-using-ethred-de042fb19926?source=rss------bug_bounty-5Eyaalgabaypenetration-testing, bug-bounty, web-security, bugbounty-tips, hacking18-Feb-2024
My New Tool For Information Findinghttps://medium.com/@mrraghavop12/my-new-tool-for-information-finding-92a205a6e305?source=rss------bug_bounty-5Ethical Raghavdata-science, bug-bounty-tips, programming, bug-bounty, technology18-Feb-2024
Introduction to API Testing — Server-Side Parameter Pollutionhttps://medium.com/@harry.hphu/introduction-to-api-testing-server-side-parameter-pollution-52dc5c170d19?source=rss------bug_bounty-5Huy Phuweb-application-security, api, api-testing, bug-bounty18-Feb-2024
Introduction to API Testing — Mass Assignment vulnerabilitieshttps://medium.com/@harry.hphu/introduction-to-api-testing-mass-assignment-vulnerabilities-1643f75d1d20?source=rss------bug_bounty-5Huy Phuweb-application-security, api-testing, api, bug-bounty18-Feb-2024
Exploiting Cross-Site Scripting to Capture Passwordshttps://medium.com/@marduk.i.am/exploiting-cross-site-scripting-to-capture-passwords-b2cda84698b0?source=rss------bug_bounty-5Marduk I Amcybersecurity, cross-site-scripting, portswigger-lab, bug-bounty, stored-xss18-Feb-2024
9.2 Lab: Bypassing rate limits via race conditions | 2024https://cyberw1ng.medium.com/9-2-lab-bypassing-rate-limits-via-race-conditions-2024-533185d6d94e?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, secuity, hacking18-Feb-2024
PortSwigger — LAB-6 Remote code execution via polyglot web shell upload (Bug Bounty Prep)[by…https://infosecwriteups.com/portswigger-lab-6-remote-code-execution-via-polyglot-web-shell-upload-bug-bounty-prep-by-b426b0d50d39?source=rss------bug_bounty-5dollarboysushilcybersecurity, ethical-hacking, portswigger, web-app-security, bug-bounty18-Feb-2024
Open a link, and your Wi-Fi password is changed.https://medium.com/@deadoverflow/open-a-link-and-your-wi-fi-password-is-changed-7c47ccb4d095?source=rss------bug_bounty-5Imad Husanovichacking, cybersecurity, programming, bug-bounty, bug-bounty-tips18-Feb-2024
Detecting and exploiting limit overrun race conditions with Turbo Intruderhttps://cyberw1ng.medium.com/detecting-and-exploiting-limit-overrun-race-conditions-with-turbo-intruder-424bed12f2cf?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, hacking, security, bug-bounty17-Feb-2024
0Day SQLi Discovered during internal PenTestinghttps://medium.com/@SentinelXTeam/0day-sqli-discovered-during-internal-pentesting-0d00db3147c5?source=rss------bug_bounty-5SentinelX Researchbug-bounty, exploitation, cybersecurity, bug-bounty-tips, 0day17-Feb-2024
Mengintip database Website Bimbel di Indonesiahttps://uzet.medium.com/mengintip-database-website-bimbel-di-indonesia-1d3620ce438d?source=rss------bug_bounty-5Timotius Benhurpentesting, web-security, bug-bounty-tips, bug-bounty17-Feb-2024
How much longer must we dwell, with W-S-D-L?https://medium.com/illumination/how-much-longer-must-we-dwell-with-w-s-d-l-789eb659b77a?source=rss------bug_bounty-5Quintius Walkerbug-bounty, poetry, web-development, creative-writing, hacking17-Feb-2024
PortSwigger — LAB -4 Web shell upload via extension blacklist bypass (Bug Bounty Prep)[by…https://infosecwriteups.com/portswigger-lab-4-web-shell-upload-via-extension-blacklist-bypass-bug-bounty-prep-by-7c6233320f81?source=rss------bug_bounty-5dollarboysushilweb-app-security, portswigger, cybersecurity, bug-bounty, file-upload-vulnerability17-Feb-2024
weird bug using fake id via photoshop worth $***https://hamzadzworm.medium.com/weird-bug-using-fake-id-via-photoshop-worth-1fe5dbd04497?source=rss------bug_bounty-5Hamzadzwormbugbounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips, infosec17-Feb-2024
PortSwigger — LAB-5 Web shell upload via obfuscated file extension (Bug Bounty Prep)[by…https://dollarboysushil.medium.com/portswigger-lab-5-web-shell-upload-via-obfuscated-file-extension-bug-bounty-prep-by-5232dd3fb8fa?source=rss------bug_bounty-5dollarboysushilportswigger, cybersecurity, bug-bounty, ethical-hacking, web-app-security17-Feb-2024
Harnessing Microsoft Copilot as a Cybersecurity Advisorhttps://infosecwriteups.com/harnessing-microsoft-copilot-as-a-cybersecurity-advisor-518c46f697b3?source=rss------bug_bounty-5Paritoshmicrosoft, cybersecurity, bug-bounty, information-security, microsoft-copilot17-Feb-2024
Demystifying HTTP Request Smuggling: Detection to Exploitationhttps://roadtooscp.medium.com/demystifying-http-request-smuggling-detection-to-exploitation-d6bc7beed73e?source=rss------bug_bounty-5RoadToOSCPbug-bounty, owasp, bug-bounty-tips, pentesting, ethical-hacking17-Feb-2024
GitHub Recon- For Finding Sensitive Informationhttps://medium.com/@pawan_rawat/github-recon-for-finding-sensitive-information-aecdeb9c9dce?source=rss------bug_bounty-5Pawanrawatgithub-recon, bug-bounty-writeup, sensitive-data-exposure, bug-bounty-tips, bug-bounty17-Feb-2024
How do I automate my recon — Part Onehttps://medium.com/@aliraah/how-do-i-automate-my-recon-part-one-fd17dc8717c8?source=rss------bug_bounty-5Alipython, reconnaissance, automation, bash, bug-bounty17-Feb-2024
The Unseen 0-Click Threat Lurking in Your Inbox: CVE-2024–21413 Explainedhttps://systemweakness.com/the-unseen-0-click-threat-lurking-in-your-inbox-cve-2024-21413-explained-a8bd9ec0c46d?source=rss------bug_bounty-5ElNiakvulnerability, cybersecurity, microsoft-outlook, bug-bounty, rce17-Feb-2024
Hacking the Dutch Governmenthttps://medium.com/@jackson_80133/hacking-the-dutch-government-153678a191c0?source=rss------bug_bounty-5Jacksoncybersecurity, hacking, bug-bounty17-Feb-2024
MonikerLink Meltdown: Demystifying CVE-2024–21413 and Dodging Outlook’s Booby Traphttps://medium.com/@chinamayjoshi/monikerlink-meltdown-demystifying-cve-2024-21413-and-dodging-outlooks-booby-trap-43ba52c4b458?source=rss------bug_bounty-5The Cyber Tornadoinformation-security, microsoft, vapt, cybersecurity, bug-bounty17-Feb-2024
The Importance of Sharing Cybersecurity Knowledge on Reading Platformshttps://medium.com/@paritoshblogs/the-importance-of-sharing-cybersecurity-knowledge-on-reading-platforms-34a474a51522?source=rss------bug_bounty-5Paritoshinformation-security, infosec, hacking, cybersecurity, bug-bounty16-Feb-2024
Researcher’s Experience — Bug Bounty Programhttps://medium.com/@_crac/researchers-experience-bug-bounty-program-7d588c363fa6?source=rss------bug_bounty-5CRAC Learningbug-bounty, security, research, cybersecurity16-Feb-2024
GitHub Enterprise Server vulnshttps://irsl.medium.com/github-enterprise-server-vulns-26889987919c?source=rss------bug_bounty-5Imre Radsecurity, github, bug-bounty16-Feb-2024
Windows Defender SmartScreen Vulnerability: CVE-2024–21412 Exposes Financial Traders to…https://systemweakness.com/windows-defender-smartscreen-vulnerability-cve-2024-21412-exposes-financial-traders-to-a03ff476a293?source=rss------bug_bounty-5ElNiakwindows, bug-bounty, cybersecurity, vulnerability, malware16-Feb-2024
Mastering Cross-Site Scripting (XSS): Risks, Detection, and Preventionhttps://medium.com/@elniak/mastering-cross-site-scripting-xss-risks-detection-and-prevention-3cee199d2fff?source=rss------bug_bounty-5ElNiakcybersecurity, xss-attack, bug-bounty, programming, xss-vulnerability16-Feb-2024
Mastering SQLMap: A Comprehensive Guide for Cybersecurity Enthusiastshttps://medium.com/@elniak/mastering-sqlmap-a-comprehensive-guide-for-cybersecurity-enthusiasts-4e224b42396a?source=rss------bug_bounty-5ElNiaksqlmap, programming, cybersecurity, sql-injection, bug-bounty16-Feb-2024
Guide: ProjectDiscovery’s cvemap to nuclei template mapping.https://medium.com/@matejsmycka/guide-projectdiscoverys-cvemap-to-nuclei-template-mapping-5535c2934811?source=rss------bug_bounty-5Matejsmyckacybersecurity, bug-bounty, bash, penetration-testing16-Feb-2024
My First Account Takeover Via Password Reset Poisoninghttps://medium.com/@cyberpro151/my-first-account-takeover-via-password-reset-poisoning-7c35baadfbe3?source=rss------bug_bounty-5cyberpro151web-hacking, bug-bounty, pentesting, account-takeover, offensive-security16-Feb-2024
Mastering Manual SQL Injection: A Comprehensive Guide for Cybersecurity Enthusiastshttps://systemweakness.com/mastering-manual-sql-injection-a-comprehensive-guide-for-cybersecurity-enthusiasts-4541d46b42a7?source=rss------bug_bounty-5ElNiaksql-injection, cybersecurity, sql, programming, bug-bounty16-Feb-2024
The Posemesh Avalanche C-Chain Bug Bounty Programhttps://medium.com/posemesh/the-posemesh-avalanche-c-chain-bug-bounty-program-b34c01da1277?source=rss------bug_bounty-5Auki Labsbug-bounty, auki-labs, avalanche, posemesh, blockchain16-Feb-2024
Mastering CSRF: A Comprehensive Guide to Cross-Site Request Forgeryhttps://medium.com/@elniak/mastering-csrf-a-comprehensive-guide-to-cross-site-request-forgery-a380aca0eab0?source=rss------bug_bounty-5ElNiakweb-development, programming, csrf, cybersecurity, bug-bounty16-Feb-2024
8.6 Lab: Remote code execution via polyglot web shell upload | 2024https://cyberw1ng.medium.com/8-6-lab-remote-code-execution-via-polyglot-web-shell-upload-2024-5646ef951c0b?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, security, careers, bug-bounty16-Feb-2024
how i made easy information disclosure bugs in graphqlhttps://medium.com/@eyaalgabay/how-i-made-easy-information-disclosure-bugs-in-graphql-82284b05d7b4?source=rss------bug_bounty-5Eyaalgabaypenetration-testing, bug-bounty, bug-bounty-tips, web-security, hacking16-Feb-2024
Bypassing Captchahttps://medium.com/@eyaalgabay/bypassing-captcha-29a77c768469?source=rss------bug_bounty-5Eyaalgabaybug-bounty, web-security, penetration-testing, hacking, bug-bounty-tips15-Feb-2024
The Rise of Large Language Models and the Evolution of Programming: A Thesis on Prompt…https://analystlevy.medium.com/the-rise-of-large-language-models-and-the-evolution-of-programming-a-thesis-on-prompt-3ab81578408a?source=rss------bug_bounty-5Asuquo Levy Eyo Jrcybercrime, cryptography, bug-bounty, cyber-security-awareness, black-hat-202115-Feb-2024
The Game-Changing Magic of RCE [Cybersecurity]https://medium.com/@paritoshblogs/the-game-changing-magic-of-rce-cybersecurity-6e1468425e06?source=rss------bug_bounty-5Paritoshbug-bounty, hacking, cybersecurity, information-security, rce15-Feb-2024
Account Takeover [It Looked Secure at First]https://cristivlad.medium.com/account-takeover-it-looked-secure-at-first-f14a31cb7f5c?source=rss------bug_bounty-5Cristi Vladcybersecurity, bug-bounty, penetration-testing, infosec, pentesting15-Feb-2024
Github Dorking: A Beginner’s Guide to Finding Secrets in Repositorieshttps://medium.com/@elniak/github-dorking-a-beginners-guide-to-finding-secrets-in-repositories-2d4d36287913?source=rss------bug_bounty-5ElNiakthreat-intelligence, github, cybersecurity, github-dorking, bug-bounty15-Feb-2024
8.5 Lab: Web shell upload via obfuscated file extension | 2024https://cyberw1ng.medium.com/8-5-lab-web-shell-upload-via-obfuscated-file-extension-2024-0cb8b3e1e537?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, security, bug-bounty, cybersecurity15-Feb-2024
Portswigger — Command Injection All Labs Walkthrough(Bug Bounty Prep)[by dollarboysushil]https://infosecwriteups.com/portswigger-command-injection-all-labs-walkthrough-bug-bounty-prep-by-dollarboysushil-e836421212cf?source=rss------bug_bounty-5dollarboysushilcybersecurity, command-injection, bug-bounty, ethical-hacking, portswigger15-Feb-2024
HTML Injection in Mail BOXhttps://codingninjablogs.tech/html-injection-in-mail-box-c963a8c66d69?source=rss------bug_bounty-5#!/Subhankarhtml-injection, hackerone, hacking, bug-bounty15-Feb-2024
Edu-Hack: How a Simple Request Compromised Entire Classrooms Usershttps://uchihamrx.medium.com/edu-hack-how-a-simple-request-compromised-entire-classrooms-users-7cefc1225654?source=rss------bug_bounty-5Abdelrhman Aminbug-bounty-tips, cybersecurity, web-security, bug-bounty, penetration-testing15-Feb-2024
Behind the Screen: The Forgotten Password Feature That Almost Failed Ushttps://medium.com/@elcapitano7x/behind-the-screen-the-forgotten-password-feature-that-almost-failed-us-a3e67e103cc5?source=rss------bug_bounty-5Elcapitanobugswagger, bugsbounty, penetration-testing, information-security, bug-bounty15-Feb-2024
The effectiveness of employing BChecks to uncover significant secretshttps://xelkomy.medium.com/the-effectiveness-of-employing-bchecks-to-uncover-significant-secrets-788e15a8a952?source=rss------bug_bounty-5Khaled Mohamedsecrets, bug-bounty, bugswagger, cybersecurity, penetration-testing15-Feb-2024
Magic No More: Exposing Flaws in Magic Link Authenticationhttps://medium.com/@elcapitano7x/magic-no-more-exposing-flaws-in-magic-link-authentication-7cede724382f?source=rss------bug_bounty-5Elcapitanobug-bounty, penetration-testing, cybersecurity, bugswagger, information-security15-Feb-2024
Stored XSS with HTTP only Session Cookieshttps://medium.com/techiepedia/stored-xss-with-http-only-session-cookies-32e5eb121384?source=rss------bug_bounty-5Jessprogramming, website, security, web-development, bug-bounty15-Feb-2024
CVE-2024–24142 Exploitation & PoChttps://medium.com/@SentinelXTeam/cve-2024-24142-exploitation-poc-045021596804?source=rss------bug_bounty-5SentinelX Researchpenetration-testing, cybersecurity, hacking, bug-bounty, bug-bounty-tips15-Feb-2024
open redirect using homographshttps://medium.com/@eyaalgabay/open-redirect-using-homographs-ab2c21513b45?source=rss------bug_bounty-5Eyaalgabaybug-bounty-tips, penetration-testing, bug-bounty, open-redirect, web-hacking14-Feb-2024
Exploiting Cross-Site Scripting to Steal Cookieshttps://medium.com/@marduk.i.am/exploiting-cross-site-scripting-to-steal-cookies-3d14c8b42fae?source=rss------bug_bounty-5Marduk I Amcross-site-scripting, cybersecurity, portswigger-lab, xss-attack, bug-bounty14-Feb-2024
THIS IS HOW I FOUND FOUR VULNERABLILITY IN 45 MINUTEShttps://medium.com/@mrraghavop12/this-is-how-i-found-four-vulnerablility-in-45-minutes-050144a58161?source=rss------bug_bounty-5Ethical Raghavbug-bounty, blockchain, technology, bug-bounty-tips, cybersecurity14-Feb-2024
Portswigger — Path Traversal All Labs Walkthrough(Bug Bounty Prep)[by dollarboysushil]https://infosecwriteups.com/portswigger-path-traversal-all-labs-walkthrough-bug-bounty-prep-by-dollarboysushil-85ab64d6106a?source=rss------bug_bounty-5dollarboysushilbug-bounty, web-security, path-traversal, ethical-hacking, portswigger14-Feb-2024
How I was able to hack my college’s website with number of IDORs and CORS Misconfigurationshttps://medium.com/@cyberpro151/how-i-was-able-to-hack-my-colleges-website-with-number-of-idors-and-cors-misconfigurations-0f880d308b79?source=rss------bug_bounty-5cyberpro151hacking, web-hacking, bug-bounty, idor14-Feb-2024
GMX V1 Bug Disclosure.https://morphex.medium.com/gmx-v1-bug-disclosure-71e4ad9a918e?source=rss------bug_bounty-5Morphexdefi, bug-bounty, cryptocurrency14-Feb-2024
8.4 Lab: Web shell upload via extension blacklist bypass | 2024https://cyberw1ng.medium.com/8-4-lab-web-shell-upload-via-extension-blacklist-bypass-2024-2010bcaa283c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, security, hacking, bug-bounty, cybersecurity14-Feb-2024
A Journey through Reconnaissance to MySQL Server Access in the Gaming Realmhttps://medium.com/@daniel1895/a-journey-through-reconnaissance-to-mysql-server-access-in-the-gaming-realm-ce6a6f4eb21c?source=rss------bug_bounty-5Daniel1895fuzzing, bug-bounty, reconnaissance, bug-bounty-tips, hacking14-Feb-2024
The Hidden Dangers Lurking in NTLM Authentication (Cybersecurity)https://medium.com/@paritoshblogs/the-hidden-dangers-lurking-in-ntlm-authentication-cybersecurity-17fc4a02dbf9?source=rss------bug_bounty-5Paritoshntlm, hacking, cybersecurity, authentication, bug-bounty13-Feb-2024
Introducing M:N Hybrid Threading in Go: Unveiling the Power of Goroutineshttps://medium.com/@rezauditore/introducing-m-n-hybrid-threading-in-go-unveiling-the-power-of-goroutines-8f2bd31abc84?source=rss------bug_bounty-5rezauditoreprogramming, tutorial, multithreading, bug-bounty, golang13-Feb-2024
Best tools you must have to look at for penetration testing.https://medium.com/@coderjack0/best-tools-you-must-have-to-look-at-for-penetration-testing-5780ad9e7ddf?source=rss------bug_bounty-5Bugz_Bunnepentesting, hacking, cybersecurity, cybe, bug-bounty13-Feb-2024
Memory vulnerabilities: Buffer and integer overflows, memory leak, and pointer dereferencinghttps://medium.com/@forensics.000/memory-vulnerabilities-buffer-and-integer-overflows-memory-leak-and-pointer-dereferencing-b0e7cbbc0cd3?source=rss------bug_bounty-5forensicsbuffer-overflow, bug-bounty, null-pointer-dereference, memory-improvement13-Feb-2024
Cross-site and server-side request forgeries (CSRF and SSRF)https://medium.com/@forensics.000/cross-site-and-server-side-request-forgeries-csrf-and-ssrf-b91911e42e44?source=rss------bug_bounty-5forensicspenetration-testing, ssrf, csrf, bug-bounty, hackerone13-Feb-2024
Cross-site scriptinghttps://medium.com/@forensics.000/cross-site-scripting-706293b1ad8d?source=rss------bug_bounty-5forensicsweb-penetration-testing, ctf-writeup, hackerone, xss-attack, bug-bounty13-Feb-2024
Program Misuse and Privilege Escalation — PWN COLLEGEhttps://medium.com/illumination/program-misuse-and-privilege-escalation-pwn-college-9d5dbfd9cb3c?source=rss------bug_bounty-5B A T M A Npwn, pentesting, challenge, hacking, bug-bounty13-Feb-2024
Unauthenticated Jira CVEs Check List — Bug Tuesdayhttps://medium.com/@kerstan/unauthenticated-jira-cves-check-list-bug-tuesday-465b16266349?source=rss------bug_bounty-5kerstansecurity, cybersecurity, technology, information-security, bug-bounty13-Feb-2024
Email Triggering Leads to Rs1000 Amazon voucherhttps://medium.com/@bug.hun3r/email-triggering-leads-to-rs1000-amazon-voucher-7b9447a0b820?source=rss------bug_bounty-5mo9kHu93rbug-hunting, web-application-security, cybersecurity, bug-bounty, hacking13-Feb-2024
curity8.3 Lab: Web shell upload via path traversal | 2024https://cyberw1ng.medium.com/curity8-3-lab-web-shell-upload-via-path-traversal-2024-0c38695963a7?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, hacking, cybersecurity, careers, bug-bounty13-Feb-2024
Program Misuse and Privilege Escalation — PWN COLLEGEhttps://batm4n.medium.com/program-misuse-and-privilege-escalation-pwn-college-9d5dbfd9cb3c?source=rss------bug_bounty-5B A T M A Npwn, pentesting, challenge, hacking, bug-bounty13-Feb-2024
Comprehensive Guide to Pentesting Methodology: From Zero to Herohttps://medium.com/@elniak/comprehensive-guide-to-pentesting-methodology-from-zero-to-hero-78c94711d130?source=rss------bug_bounty-5ElNiakbug-bounty, technology, cybersecurity, penetration-testing, pentesting13-Feb-2024
Mastering Nmap: A Comprehensive Guide for Network Discovery and Security Auditinghttps://medium.com/@elniak/mastering-nmap-a-comprehensive-guide-for-network-discovery-and-security-auditing-29fa0c669ef7?source=rss------bug_bounty-5ElNiakcybersecurity, penetration-testing, bug-bounty, networking, nmap13-Feb-2024
Program Misuse and Privilege Escalation — PWN COLLEGEhttps://medium.com/illuminations-mirror/program-misuse-and-privilege-escalation-pwn-college-9d5dbfd9cb3c?source=rss------bug_bounty-5B A T M A Npwn, pentesting, challenge, hacking, bug-bounty13-Feb-2024
How I Found a Reflected XSS at NASAhttps://medium.com/@Jh0n_0x/how-i-found-a-reflected-xss-at-nasa-cc8b7584dee7?source=rss------bug_bounty-5Jh0n_0xpenetration-testing, securit, bugbounty-tips, bug-bounty, security-services12-Feb-2024
Most easiest bug in login page : Session Fixationhttps://medium.com/@mrraghavop12/most-easiest-bug-in-login-page-session-fixation-3b07eb396aab?source=rss------bug_bounty-5Ethical Raghavcybersecurity, blockchain, ethical-hacking, bug-bounty, technology12-Feb-2024
IDOR (Insecure direct object reference) pada Website Jual Beli Indonesiahttps://uzet.medium.com/idor-insecure-direct-object-reference-pada-website-jual-beli-indonesia-350e2f58755c?source=rss------bug_bounty-5Timotius Benhurwriteup, bug-bounty, idor12-Feb-2024
Webpages Have these Bugs, and can be EXPLOITED!!https://batm4n.medium.com/webpages-have-these-bugs-and-can-be-exploited-59e10dd94931?source=rss------bug_bounty-5B A T M A Nxss-vulnerability, hacking, penetration-testing, xss-attack, bug-bounty12-Feb-2024
Unraveling Three Critical Vulnerabilities in Atlassian Confluence: CVE-2023–22515, CVE-2023–22518…https://systemweakness.com/unraveling-three-critical-vulnerabilities-in-atlassian-confluence-cve-2023-22515-cve-2023-22518-071f58539142?source=rss------bug_bounty-5ElNiakvulnerability, exploitation, cybersecurity, atlassian, bug-bounty12-Feb-2024
Super Bowl and Cybersecurityhttps://medium.com/@paritoshblogs/super-bowl-and-cybersecurity-5a8c0097f1f7?source=rss------bug_bounty-5Paritoshbug-bounty, super-bowl, hacking, information-security, cybersecurity12-Feb-2024
Tow Senario To Pre Account TakeOverhttps://medium.com/@Hackoura001/tow-senario-to-pre-account-takeover-e437b772b0e2?source=rss------bug_bounty-5Ahmed Elhenybug-bounty-hunter, bug-bounty, hacking, bug-bounty-writeup, bugbounty-tips12-Feb-2024
7 Tingkatan IOC Dalam Investigasi Serangan Siberhttps://medium.com/@yasminramadini/7-tingkatan-ioc-dalam-investigasi-serangan-siber-107826a59a37?source=rss------bug_bounty-5Yasmin Ramadinibug-bounty, pyramid-of-pain, cybersecurity, cyber-security-awareness12-Feb-2024
Hack Stories: Hacking Hackers EP:1https://infosecwriteups.com/hack-stories-hacking-hackers-ep-1-ff4c3cfc09cc?source=rss------bug_bounty-5c0d3x27bug-bounty, hacking, cybersecurity, penetration-testing, software-development12-Feb-2024
Practical Guide to End-to-End Bug Reporting in Software Developmenthttps://medium.com/@niarsdet/practical-guide-to-end-to-end-bug-reporting-in-software-development-9d3e3e4ae8f2?source=rss------bug_bounty-5Niarbugs, issues, qa, bug-fixes, bug-bounty12-Feb-2024
How I Hacked the Dutch Government: Exploiting an Innocent Image for Remote Code Executionhttps://medium.com/@mukundbhuva/how-i-hacked-the-dutch-government-exploiting-an-innocent-image-for-remote-code-execution-df1fa936e46a?source=rss------bug_bounty-5Mukund Bhuvahacking, security, bug-bounty, information-security, cybersecurity12-Feb-2024
Understanding web applicationshttps://medium.com/@pentajbr/understanding-web-applications-ec5952eb1903?source=rss------bug_bounty-5Jbr AL-Otaibihacking, cybersecurity, bug-bounty, website, web-development12-Feb-2024
How I found a bug in Microsofthttps://nityanandjha18.medium.com/how-i-found-a-bug-in-microsoft-3b8524877a3c?source=rss------bug_bounty-5NITYA NAND JHAbug-bounty, cybersecurity, vulnerability12-Feb-2024
: Unveiling the Art of Breaching SSH Servers in Bug Bounties: A Dive into Cybersecurity Exploitshttps://medium.com/@bugspiderlee/unveiling-the-art-of-breaching-ssh-servers-in-bug-bounties-a-dive-into-cybersecurity-exploits-1b60c95c9075?source=rss------bug_bounty-5Pardon Mukoyibugbounty-tips, bug-bounty, bugbounty-writeup, cybersecurity12-Feb-2024
Extract & Scan SSL Certs for HeartBleed via CertGuard toolhttps://medium.com/@SentinelXTeam/extract-scan-ssl-certs-for-heartbleed-via-certguard-tool-06dfd891788a?source=rss------bug_bounty-5SentinelX Researchweb-development, bug-bounty-tips, ssl-certificate, cybersecurity, bug-bounty12-Feb-2024
Mastering Samba Exploitation: A Comprehensive Pentesting Guidehttps://medium.com/@elniak/mastering-samba-exploitation-a-comprehensive-pentesting-guide-016ae61c1031?source=rss------bug_bounty-5ElNiakcybersecurity, threat-intelligence, penetration-testing, samba, bug-bounty12-Feb-2024
Unveiling the World of Ethical Hacking: How Ethical Hackers Earn Moneyhttps://medium.com/@crawsecurity/unveiling-the-world-of-ethical-hacking-how-ethical-hackers-earn-money-939b7816debb?source=rss------bug_bounty-5crawsecurityethical-hacking, ways-to-earn-money-online, freelancing, bug-bounty, ethical-hacker11-Feb-2024
Online Password Cracking with THC-Hydra and Burp Suitehttps://medium.com/@0xalpraz/online-password-cracking-with-thc-hydra-and-burp-suite-31ec3019cead?source=rss------bug_bounty-50xClonazhacks, hacking, bug-bounty, cybersecurity11-Feb-2024
Getting Facebook Credentails Without Hackinghttps://medium.com/@0xalpraz/getting-facebook-credentails-without-hacking-e9c778e9e4ca?source=rss------bug_bounty-50xClonazbug-bounty, hacks, cybersecurity, hacking11-Feb-2024
Open Source Intelligence(OSINT), Part 4: Google Hacking to Find Unsecured Web Camshttps://medium.com/@0xalpraz/open-source-intelligence-osint-part-4-google-hacking-to-find-unsecured-web-cams-4493b08dd08f?source=rss------bug_bounty-50xClonazcybersecurity, hacks, hacker, hacking, bug-bounty11-Feb-2024
Open Source Intelligence (OSINT), Part 1: Mining Intelligence from Twitter (@mattgaetz)https://medium.com/@0xalpraz/open-source-intelligence-osint-part-1-mining-intelligence-from-twitter-mattgaetz-6bb71c3dae9b?source=rss------bug_bounty-50xClonazbug-bounty, cybersecurity, hacking, hacker, hacks11-Feb-2024
OSINT: Finding Email Passwords in Dumps with h8mailhttps://medium.com/@0xalpraz/osint-finding-email-passwords-in-dumps-with-h8mail-4fb8b80298d8?source=rss------bug_bounty-50xClonazbug-bounty, hacker, hacking, hacks, cybersecurity11-Feb-2024
Password Cracking: Creating Custom Password List with cupphttps://medium.com/master-hackers/password-cracking-creating-custom-password-list-with-cupp-167b7448b6c9?source=rss------bug_bounty-50xClonazcybersecurity, hacking, bug-bounty, hacker, hacks11-Feb-2024
Android Hacking: The libwebp Vulnerability (zero-day/zero-click)https://medium.com/master-hackers/android-hacking-the-libwebp-vulnerability-zero-day-zero-click-843279e0bb85?source=rss------bug_bounty-50xClonazhacks, hacking, hacker, cybersecurity, bug-bounty11-Feb-2024
Bug Bounty Hunting, Part 1: Getting Startedhttps://medium.com/master-hackers/bug-bounty-hunting-part-1-getting-started-f8c60e759738?source=rss------bug_bounty-50xClonazhacker, bug-bounty, hacking, cybersecurity11-Feb-2024
Preventing file execution in user-accessible directories by Portswigger | 2024https://cyberw1ng.medium.com/preventing-file-execution-in-user-accessible-directories-by-portswigger-2024-c30f1ef726b9?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, cybersecurity, bug-bounty, security11-Feb-2024
IDOR(Insecure Direct Object Referece) Price Manipulation Through Encoded Url Parameterhttps://medium.com/@bry4nzheng/idor-insecure-direct-object-referece-price-manipulation-through-encoded-url-parameter-4232fa4758b0?source=rss------bug_bounty-5Bryan Zhengbug-bounty-writeup, bug-bounty, cybersecurity, penetration-testing11-Feb-2024
Signing up with Government and Military emailshttps://medium.com/@boogsta/signing-up-with-government-and-military-emails-4ebed8da5135?source=rss------bug_bounty-5Boogstabug-bounty-tips, cyber, cybersecurity, bug-bounty, hacking11-Feb-2024
IDOR(Insecure Direct Object Reference) Price Manipulation on Private Bug Bounty Programhttps://medium.com/@bry4nzheng/idor-insecure-direct-object-reference-price-manipulation-on-private-bug-bounty-program-2527431ffcfd?source=rss------bug_bounty-5Bryan Zhengbug-bounty-writeup, penetration-testing, bug-bounty, cybersecurity11-Feb-2024
Bug Bounty Programs: Unleashing the Force of Ethical Hackers to Strengthen Your Security Defenseshttps://medium.com/@pascal.o.anene/bug-bounty-programs-unleashing-the-force-of-ethical-hackers-to-strengthen-your-security-defenses-08506824e975?source=rss------bug_bounty-5Pascal Onyekachukwu Anenecybersecurity, security-engineering, bug-bounty11-Feb-2024
Almost 50% of web pages have this bug. Learn How it is exploited in the wildhttps://medium.com/@sreedeep200/almost-50-of-web-pages-have-this-bug-learn-how-it-is-exploited-in-the-wild-bfc591abdf8f?source=rss------bug_bounty-5Sreedeep cvjs, bug-bounty, xss-attack, hacking, dom11-Feb-2024
XSS in CMS / Blog sites bypassing HTML encoding and escaping.https://medium.com/@kannnannmk/xss-in-cms-blog-sites-bypassing-html-encoding-and-escaping-f61a720e6a02?source=rss------bug_bounty-5Neelamegha Kannan Spenetration-testing, cybersecurity, information-security, cyberattack, bug-bounty11-Feb-2024
From a customer to a ‘system owner’https://medium.com/@mmaulanaabdullah/from-a-customer-to-a-system-owner-ce4da3f6d56c?source=rss------bug_bounty-5M Maulana Abdullahapi-development, writeup, privilege-escalation, api, bug-bounty10-Feb-2024
Unlocking Creativity: TCS HackQuest S8 Unveiled - Round 1https://medium.com/@Dark_D3v1l/unlocking-creativity-tcs-hackquest-s8-unveiled-round-1-ffc02c753aaf?source=rss------bug_bounty-5Ravitejareverse-engineering, ctf, bug-bounty, hacking-tools, web-security10-Feb-2024
7.8 Lab: Referer-based access control | 2024https://cyberw1ng.medium.com/7-8-lab-referer-based-access-control-2024-ef0fa2eefbe0?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, security, bug-bounty, cybersecurity10-Feb-2024
Google Dorking: A Beginner’s Guide to Finding Vulnerabilitieshttps://medium.com/@elniak/google-dorking-a-beginners-guide-to-finding-vulnerabilities-815afedcaaec?source=rss------bug_bounty-5ElNiakthreat-intelligence, bug-bounty, google-dorking, cybersecurity, google10-Feb-2024
Web Security 101 : Cross-Site Scripting (XSS) Attackshttps://iaraoz.medium.com/web-security-101-cross-site-scripting-xss-attacks-5b6c6e8020c7?source=rss------bug_bounty-5Israel Aráoz Severichexss-attack, bug-bounty, cybersecurity, appsec09-Feb-2024
Securing Biggest Electronic Brand Worth Me My 2nd 4 fig. $2259 Bounty!https://medium.com/@manan_sanghvi/securing-biggest-electronic-brand-worth-me-my-2nd-4-fig-2259-bounty-a053d2053655?source=rss------bug_bounty-5Manan Sanghvibug-bounty, penetration-testing, web-application-security, ethical-hacking, idor-vulnerability09-Feb-2024
JSON CSRF in Microsoft Bing Maps Collectionshttps://infosecwriteups.com/json-csrf-in-microsoft-bing-maps-collections-74afc2b197d5?source=rss------bug_bounty-5Jayateertha Guruprasadbug-bounty-tips, microsoft, bug-bounty, infosec, cybersecurity09-Feb-2024
CVE-2024–24830: A Critical OpenObserve Vulnerability Exposedhttps://systemweakness.com/cve-2024-24830-a-critical-openobserve-vulnerability-exposed-7110ff223e49?source=rss------bug_bounty-5ElNiakbug-bounty, logs, vulnerability, cybersecurity, technology09-Feb-2024
Cyber Espionage Unveiled: The Dutch Defense Under Siege by Chinese Hackershttps://medium.com/@elniak/cyber-espionage-unveiled-the-dutch-defense-under-siege-by-chinese-hackers-2a7a5ffe99b6?source=rss------bug_bounty-5ElNiakmalware, chinese, bug-bounty, cyberattack, cybersecurity09-Feb-2024
CVE-2024–1207: A Deep Dive into WordPress Plugin Vulnerabilityhttps://systemweakness.com/cve-2024-1207-a-deep-dive-into-wordpress-plugin-vulnerability-3b12891813e6?source=rss------bug_bounty-5ElNiakbug-bounty, vulnerability, cybersecurity, wordpress, sql-injection09-Feb-2024
Cyber Espionage Unveiled: The Dutch Defense Under Siege by Chinese Hackershttps://systemweakness.com/cyber-espionage-unveiled-the-dutch-defense-under-siege-by-chinese-hackers-2a7a5ffe99b6?source=rss------bug_bounty-5ElNiakmalware, chinese, bug-bounty, cyberattack, cybersecurity09-Feb-2024
Creating a recon database with Flask, MongoDB, REST Api and ChatGPT — Part Threehttps://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-three-cee1633de873?source=rss------bug_bounty-5Alipython, flask, bug-bounty, mongodb, reconnaissance09-Feb-2024
E: Package ‘libgtkglext1’ has no installation candidate | anydesk : Depends: libgtkglext1 but it is…https://medium.com/@sherlock297/e-package-libgtkglext1-has-no-installation-candidate-anydesk-depends-libgtkglext1-but-it-is-7eef2877f78d?source=rss------bug_bounty-5Ravindra Dagaleinformation-technology, bug-bounty, kali-linux, information-security, programming09-Feb-2024
7.7 Lab: Multi-step process with no access control on one step | 2024https://cyberw1ng.medium.com/7-7-lab-multi-step-process-with-no-access-control-on-one-step-2024-2b338dfd36ea?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, cybersecurity, bug-bounty, security09-Feb-2024
Beyond the Firewall: Finding a Stored XSS in Hacker101 CTFhttps://medium.com/@crashwire1/beyond-the-firewall-finding-a-stored-xss-in-hacker101-ctf-9b90df12e42e?source=rss------bug_bounty-5Crashwirexss-attack, cybersecurity, capture-the-flag, bug-bounty, hacking09-Feb-2024
Unlocking Your Potential: Elevating Your Bug Bounty Game**https://medium.com/@mrraghavop12/unlocking-your-potential-elevating-your-bug-bounty-game-5cbf22c4de00?source=rss------bug_bounty-5Ethical Raghavblockchain, bug-bounty, bug-bounty-tips, javascript, cybersecurity08-Feb-2024
Lenfi V2 to Begin Community-Driven Bug Bounty Program Nowhttps://medium.com/@lenfi/lenfi-v2-to-begin-community-driven-bug-bounty-program-now-c2d312203df2?source=rss------bug_bounty-5Lenfilending, cardano, defi, audit, bug-bounty08-Feb-2024
Chaining Subprober + Subfinder To Your Bug Bounty Recon.https://medium.com/@Ajakcybersecurity/chaining-subprober-subfinder-to-your-bug-bounty-recon-017151d1ffce?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, ethical-hacking, penetration-testing, hacking, cybersecurity08-Feb-2024
7.6 Lab: Method-based access control can be circumvented | 2024https://cyberw1ng.medium.com/7-6-lab-method-based-access-control-can-be-circumvented-2024-edb5df550a66?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, portswigger, cybersecurity, careers08-Feb-2024
Easy way to get privilege escalationhttps://medium.com/@Rzizah/easy-way-to-get-privilege-escalation-2c0a96862301?source=rss------bug_bounty-5Rzizahbug-bounty-tips, bug-bounty, bug-bounty-writeup, privilege-escalation08-Feb-2024
How I Find Open Redirect Bug — Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-i-find-open-redirect-bug-bug-bounty-tuesday-40cc560c9cec?source=rss------bug_bounty-5kerstancybersecurity, bug-bounty, technology, security, information-security07-Feb-2024
Web3 Security: In-Depthhttps://medium.com/coinmonks/web3-security-in-depth-e102fb262a3a?source=rss------bug_bounty-5Officer's Notesbug-bounty, blockchain, smart-contracts, solidity, web307-Feb-2024
My first bug | Html injection|https://medium.com/@pandeyrishu621/my-first-bug-html-injection-82bbad239934?source=rss------bug_bounty-5Pandeyrishucybersecurity, bug-bounty, penetration-testing, technology, bug-bounty-tips07-Feb-2024
Revealing a Security Snag: Uncovering Sensitive Data Exposure in an Apple Applicationhttps://medium.com/@jazdprince/revealing-a-security-snag-uncovering-sensitive-data-exposure-in-an-apple-application-c93da97cae0d?source=rss------bug_bounty-5JzeeRxbug-bounty, bug-hunting, cybersecurity, apple-security, apple07-Feb-2024
7.5 Lab: URL-based access control can be circumvented | 2024https://cyberw1ng.medium.com/7-5-lab-url-based-access-control-can-be-circumvented-2024-f101542e9402?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, hacking, cybersecurity, careers, bug-bounty07-Feb-2024
I have hacked around 300 website in 1 Monthhttps://systemweakness.com/i-have-hacked-around-300-website-in-1-month-30417030560b?source=rss------bug_bounty-5Imran Niazbug-bounty, hacking, web-development, python-programming, cybersecurity07-Feb-2024
Rate Limiting: What It Is And Why It Matters in Bug Bountyhttps://infosecwriteups.com/rate-limiting-what-it-is-and-why-it-matters-in-bug-bounty-b0d2ce574049?source=rss------bug_bounty-5Alpbug-bounty-tips, bug-bounty, hackerone07-Feb-2024
How To Get Started With LLM Hacking? — A Beginner’s Guidehttps://medium.com/@hetisdemerckx/how-to-get-started-with-llm-hacking-a-beginners-guide-273af158b4b0?source=rss------bug_bounty-5Yannick Merckxbug-bounty, ai, hacking, llm-hacking, llm07-Feb-2024
My first bug | Html injection|https://systemweakness.com/my-first-bug-html-injection-82bbad239934?source=rss------bug_bounty-5Pandeyrishucybersecurity, bug-bounty, penetration-testing, technology, bug-bounty-tips07-Feb-2024
Enhancing Network Security: Best Practices and Strategieshttps://medium.com/@paritoshblogs/enhancing-network-security-best-practices-and-strategies-6fec2ef3f397?source=rss------bug_bounty-5Paritoshhacking, programming, bug-bounty, information-security, cybersecurity06-Feb-2024
Tumblr Subdomain Takeoverhttps://infosecwriteups.com/tumblr-subdomain-takeover-55f9cb494d65?source=rss------bug_bounty-5Scott Lindhwhite-hat-hacker, bug-bounty, hacker, subdomain-takeover, subdomains-enumeration06-Feb-2024
Harnessing Concurrency in Go: Exploring Asynchronous Executionhttps://medium.com/@rezauditore/harnessing-concurrency-in-go-exploring-asynchronous-execution-4134897d66a6?source=rss------bug_bounty-5rezauditoregolang, programming, bug-bounty, tutorial, hunting06-Feb-2024
A Deep Dive into FastAPI’s Security Vulnerability: CVE-2024–24762https://systemweakness.com/a-deep-dive-into-fastapis-security-vulnerability-cve-2024-24762-4ab6bb64644c?source=rss------bug_bounty-5ElNiakcybersecurity, programming, bug-bounty, fastapi, vulnerability06-Feb-2024
ALWAYS test 404 Not Found in Bug Bounties!https://medium.com/@mares.viktor/always-test-404-not-found-in-bug-bounties-2be47801b4c0?source=rss------bug_bounty-5Viktor Marescybersecurity, web-development, bug-bounty, penetration-testing, hacking06-Feb-2024
CVE-2024-23222: Apple WebKit’s Zero-Day Vulnerabilityhttps://medium.com/@elniak/cve-2024-23222-apple-webkits-zero-day-vulnerability-83109de9ddee?source=rss------bug_bounty-5ElNiakcybersecurity, vulnerability, apple, technology, bug-bounty06-Feb-2024
Symlink Sabotage: ZIPping Through Web Security. (LFI Lab)https://medium.com/@josh.beck2006/symlink-sabotage-zipping-through-web-security-lfi-lab-ca20e2d30c8d?source=rss------bug_bounty-5Josh Beckpenetration-testing, cybersecurity, ctf-writeup, bug-bounty06-Feb-2024
Unveiling CVE-2024–0953: Firefox iOS Open Redirect Vulnerabilityhttps://lohigowda.medium.com/unveiling-cve-2024-0953-firefox-ios-open-redirect-vulnerability-57533efb4cf4?source=rss------bug_bounty-5Lohith Gowda Mapplication-security, bug-bounty, firefox, ios, infosec06-Feb-2024
Understanding Ransomwarehttps://medium.com/@paritoshblogs/understanding-ransomware-aa45e2c43bbb?source=rss------bug_bounty-5Paritoshransomware, bug-bounty, cybersecurity, hacking, information-security05-Feb-2024
Urgent Security Alert: Microsoft Edge Vulnerabilities Exposed — Protect Your Data Now!https://medium.com/@elniak/urgent-security-alert-microsoft-edge-vulnerabilities-exposed-protect-your-data-now-bd7cd8b616dd?source=rss------bug_bounty-5ElNiakprivilege-escalation, cybersecurity, microsoft, bug-bounty, vulnerability05-Feb-2024
SSRF on a Headless Browser Becomes Critical!https://medium.com/@Nightbloodz/ssrf-on-a-headless-browser-becomes-critical-c08daaa1017e?source=rss------bug_bounty-5Alvaro Baladacybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty, cyber-security-awareness05-Feb-2024
IoT Devices Vulnerabilities Disclosed: BugStrike’s IoT Security Suitehttps://blog.bugstrike.io/iot-devices-vulnerabilities-disclosed-bugstrikes-iot-security-suite-4f3b7d907829?source=rss------bug_bounty-5BugStrike Teambugstrike, iot-security, bug-bounty, cybersecurity, iot05-Feb-2024
Unveiling the XSS Threats: Understanding and Defending Against Cross-Site Scriptinghttps://blog.bugstrike.io/unveiling-the-xss-threats-understanding-and-defending-against-cross-site-scripting-508e914367f4?source=rss------bug_bounty-5BugStrike Teambugsbounty, cybersecurity, bugstrike, xss-attack, bug-bounty05-Feb-2024
Broken access control resulting from platform misconfiguration | 2024https://cyberw1ng.medium.com/broken-access-control-resulting-from-platform-misconfiguration-2024-bc330363278c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, bug-bounty, hacking, security05-Feb-2024
Euler Is So Back: Prizewinners and Educate Series Summaryhttps://www.blog.encode.club/euler-is-so-back-bounty-winners-and-educate-series-summary-6ea3de46b569?source=rss------bug_bounty-5Vanessa Losiceuler, euler-finance, bug-bounty, euler-educate, encode-club05-Feb-2024
How I got RCE in one of Bugcrowd's Public Programshttps://medium.com/@yousefmoh15/how-i-got-rce-in-one-of-bugcrowds-public-programs-5725c8dc46ce?source=rss------bug_bounty-5Yousef Mohamed Elsaidcybersecurity, bugcrowd, bug-bounty, rce, remote-code-execution05-Feb-2024
Every Cybersecurity Beginner’s Nightmare — You need to Read thishttps://medium.com/@majameeljameey/every-cybersecurity-beginners-nightmare-you-need-to-read-this-fc1b69e5dded?source=rss------bug_bounty-5MOHD ABDUL JAMEELpenetration-testing, bug-bounty, roadmaps, ethical-hacking, cybersecurity05-Feb-2024
Reflected XSS into a Template Literal with Angle Brackets, Single, Double Quotes, Backslash, and…https://medium.com/@marduk.i.am/reflected-xss-into-a-template-literal-with-angle-brackets-single-double-quotes-backslash-and-d5cf41f25b02?source=rss------bug_bounty-5Marduk I Ambug-bounty, portswigger-lab, reflected-xss, cross-site-scripting, cybersecurity05-Feb-2024
Skyfall — HackTheBox Seasonal Machine Simple Writeup by Karthikeyan Nagaraj | 2024https://infosecwriteups.com/skyfall-hackthebox-seasonal-machine-simple-writeup-by-karthikeyan-nagaraj-2024-d76fdaaba116?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, hackthebox-writeup, hackthebox, bug-bounty05-Feb-2024
This will change the way you hunt for bugs forever.https://medium.com/@deadoverflow/this-will-change-the-way-you-hunt-for-bugs-forever-6111f59b4e8b?source=rss------bug_bounty-5Imad Husanovichacking, cybersecurity, bug-bounty, programming, bug-bounty-tips04-Feb-2024
the Dark Art of NTLM Relay Attackshttps://medium.com/@paritoshblogs/the-dark-art-of-ntlm-relay-attacks-5a55cfb95b37?source=rss------bug_bounty-5Paritoshcybersecurity, hacking, ntlm-relay, active-directory, bug-bounty04-Feb-2024
The UI Slip I Hit 750$: UI Manipulation Leading to Unauthorized Permission Changeshttps://medium.com/@a13h1/the-ui-slip-i-hit-750-ui-manipulation-leading-to-unauthorized-permission-changes-d65621d8dd96?source=rss------bug_bounty-5Abhi Sharmauser-interface, hacking, programming, bug-bounty, cybersecurity04-Feb-2024
How I Hacked My College’s Sitehttps://infosecwriteups.com/how-i-hacked-my-colleges-site-26ae1ab872e4?source=rss------bug_bounty-5Rajneesh Kumar Aryabug-bounty, web-application-security, ethical-hacking, hacked, cybersecurity04-Feb-2024
Running a MITM on a Google Play App | Fintech Bug Bounty — Part 3https://0x4kd.medium.com/running-a-mitm-on-a-google-play-app-fintech-bug-bounty-part-3-82ebdd852d07?source=rss------bug_bounty-50x4KDbug-bounty, infosec, bounty-hunter, bug-bounty-tips, security04-Feb-2024
Certifications for bug bounty huntershttps://medium.com/@notahades/certifications-for-bug-bounty-hunters-4200c6a58c3c?source=rss------bug_bounty-5Deshahacking, certification, penetration-testing, bug-bounty04-Feb-2024
Hacking tools to use in 2024https://medium.com/@notahades/hacking-tools-to-use-in-2024-9dd47c126ef4?source=rss------bug_bounty-5Deshait-security, bug-bounty, hacking, penetration-testing, security04-Feb-2024
Tutorial: Shellcode Injection when the buffer is smallhttps://medium.com/@elniak/tutorial-shellcode-injection-when-the-buffer-is-small-ee3a29dcb955?source=rss------bug_bounty-5ElNiakbug-bounty, tutorial, hacking, shellcode, cybersecurity04-Feb-2024
TryHackMe | Bounty Hacker Walkthroughhttps://medium.com/@utsavadhikari99/tryhackme-bounty-hacker-walkthrough-eb7d9de074e3?source=rss------bug_bounty-5Utsavadhikaribug-bounty, bugs, linux, cybersecurity, computer-science04-Feb-2024
Stored XSS into ‘onclick’ Event with Angle Brackets and Double Quotes HTML-Encoded and Single…https://medium.com/@marduk.i.am/stored-xss-into-onclick-event-with-angle-brackets-and-double-quotes-html-encoded-and-single-002848f8deb1?source=rss------bug_bounty-5Marduk I Amportswigger-lab, cybersecurity, stored-xss, bug-bounty, cross-site-scripting04-Feb-2024
Creating a recon database with Flask, MongoDB, REST Api and ChatGPT — Part Twohttps://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-two-468405eb3520?source=rss------bug_bounty-5Alidatabse, reconnaissance, bug-bounty, python, chatgpt04-Feb-2024
6.5 Lab: Information disclosure in version control history | 2024https://cyberw1ng.medium.com/6-5-lab-information-disclosure-in-version-control-history-2024-f886c7337cb7?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, careers, cybersecurity, bug-bounty, hacking04-Feb-2024
How to send WhatsApp Message automatically using python for impress someonehttps://rajput623929.medium.com/how-to-send-whatsapp-message-automatically-using-python-for-impress-someone-9c577664faaa?source=rss------bug_bounty-5Mr.Horbiohacking, automation, bug-bounty, cybersecurity, python03-Feb-2024
IDOR Pada Website Jual Beli Indonesiahttps://uzet.medium.com/idor-pada-website-jual-beli-indonesia-e4842bad515a?source=rss------bug_bounty-5Timotius Benhurbug-bounty, writeup, cyber-security-awareness, bugs03-Feb-2024
Zero-Day: Navigating the Storm of CVE-2024–21893 in Ivanti Productshttps://systemweakness.com/zero-day-navigating-the-storm-of-cve-2024-21893-in-ivanti-products-3b27078377e2?source=rss------bug_bounty-5ElNiakbug-bounty, penetration-testing, ivanti, cybersecurity, ssrf03-Feb-2024
Vulnerable WordPress January 2024 (Imadaddin Nasimi)https://medium.com/@onhexgroup/vulnerable-wordpress-january-2024-imadaddin-nasimi-09f163d473db?source=rss------bug_bounty-5Onhexgroupinfosec, bug-bounty, exploit, cybersecurity, wordpress03-Feb-2024
Title: Unveiling the Trio: Idor,Account,Takeover And Account Enumerationhttps://medium.com/@mrraghavop12/title-unveiling-the-trio-idor-account-takeover-and-account-enumeration-cad7f7ca671f?source=rss------bug_bounty-5Ethical Raghavbug-bounty, blockchain, technology, cybersecurity, data-science03-Feb-2024
Building a Robust Security Architecturehttps://medium.com/@paritoshblogs/building-a-robust-security-architecture-10d01b22380d?source=rss------bug_bounty-5Paritosharchitecture, bug-bounty, information-security, cybersecurity, security-architecture03-Feb-2024
A Story of an IDOR bug I found on a SaaS applicationhttps://medium.com/@duncanochieng682/a-story-of-an-idor-bug-i-found-on-a-saas-application-28fa65907bfd?source=rss------bug_bounty-5JateloCybersecaccess-control, web-application-security, bug-bounty-tips, idor-vulnerability, bug-bounty03-Feb-2024
Version Control History and Information Disclosure Vulnerabilities | 2024https://cyberw1ng.medium.com/version-control-history-and-information-disclosure-vulnerabilities-2024-3649060333bb?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, cybersecurity, careers, bug-bounty, hacking03-Feb-2024
Offensive Mobile Penetration Testinghttps://hackerassociate.medium.com/offensive-mobile-penetration-testing-ce87cc06fb46?source=rss------bug_bounty-5Harshad Shahbug-bounty, infosec, penetration-testing, cybersecurity, hacking02-Feb-2024
5.11 Lab: Authentication bypass via flawed state machine | 2024https://cyberw1ng.medium.com/5-11-lab-authentication-bypass-via-flawed-state-machine-2024-2226d33fba6d?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, cybersecurity, bug-bounty, security2-Feb-2024
CVE-2021–4434: A Critical WordPress Vulnerability Exposedhttps://medium.com/@elniak/cve-2021-4434-a-critical-wordpress-vulnerability-exposed-202b7d75dda5?source=rss------bug_bounty-5ElNiakvulnerability, bug-bounty, threat-intelligence, wordpress, cybersecurity2-Feb-2024
Join the Pay Protocol Bug Bounty Program and Earn Rewardshttps://cryptoanalyz.medium.com/join-the-pay-protocol-bug-bounty-program-and-earn-rewards-159d24608282?source=rss------bug_bounty-5Crypto Analystpayments, defi, bug-bounty-program, cryptocurrency, bug-bounty2-Feb-2024
Unveiling the Elite: Cyber Matrix Tech’s USD 7 Million Bug Bounty Coursehttps://medium.com/@African-Technology-Research/unveiling-the-elite-cyber-matrix-techs-usd-7-million-bug-bounty-course-4e648fb003d1?source=rss------bug_bounty-5African Technology Researchpenetration-testing, cybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup2-Feb-2024
Mastering Fuzzing: A Comprehensive Tutorialhttps://medium.com/@elniak/mastering-fuzzing-a-comprehensive-tutorial-ba9431c8ff0f?source=rss------bug_bounty-5ElNiakfuzzing, bug-bounty, tutorial, cybersecurity, bugs02-Feb-2024
Unlocking Privacy: A Dive into Octopii, the Open-Source PII Scannerhttps://medium.com/@elniak/unlocking-privacy-a-dive-into-octopii-the-open-source-pii-scanner-8a8bdcc0b8be?source=rss------bug_bounty-5ElNiakprivacy, osint, cybersecurity, bug-bounty, pii02-Feb-2024
How to start in Bug Bounty Hunting: my personal experiencehttps://seeu-inspace.medium.com/how-to-start-in-bug-bounty-hunting-my-personal-experience-61fb2bc6bcee?source=rss------bug_bounty-5Riccardo Malatestabug-bounty-tips, bug-bounty02-Feb-2024
How to Pass eWPTv1 examhttps://medium.com/@pentajbr/how-to-pass-ewptv1-exam-3aab3d7d9fa5?source=rss------bug_bounty-5Jbr AL-Otaibipreparation, bug-bounty, bug-bounty-tips, cybersecurity, hacking02-Feb-2024
CVE-2021–4434: A Critical WordPress Vulnerability Exposedhttps://systemweakness.com/cve-2021-4434-a-critical-wordpress-vulnerability-exposed-202b7d75dda5?source=rss------bug_bounty-5ElNiakvulnerability, bug-bounty, threat-intelligence, wordpress, cybersecurity02-Feb-2024
How I was able to find PII of more than 15,000 People using the Directory Enumeration Tool…https://medium.com/@neelmunot2003/how-i-was-able-to-find-pii-of-more-than-15-000-people-using-the-directory-enumeration-tool-7ac3e9a37983?source=rss------bug_bounty-5Neel Munotinformation-disclosure, dirsearch, bug-bounty, cybersecurity, ethical-hacking02-Feb-2024
How I secured the United Nations Hall of Famehttps://medium.com/@kamilrahman32/how-i-secured-the-united-nations-hall-of-fame-67b036ff2620?source=rss------bug_bounty-5Kamil Rahumanbug-bounty, bug-bounty-tips, vulnerability, hall-of-fame, united-nations02-Feb-2024
Full Account Takeover via Password Reset Link Manipulationhttps://ikhaleelkhan.medium.com/full-account-takeover-via-password-reset-link-manipulation-840fb9402967?source=rss------bug_bounty-5Khaleel Khaninfosec, bug-bounty, cybersecurity, hacking, ethical-hacking01-Feb-2024
Docker and runC Vulnerabilities: A Deep Dive into CVE-2024–21626 and Its Counterpartshttps://medium.com/@elniak/docker-and-runc-vulnerabilities-a-deep-dive-into-cve-2024-21626-and-its-counterparts-4ca24e7d7aa1?source=rss------bug_bounty-5ElNiakcybersecurity, vulnerability, docker, penetration-testing, bug-bounty01-Feb-2024
5.10 Lab: Authentication bypass via encryption Oracle | 2024https://cyberw1ng.medium.com/5-10-lab-authentication-bypass-via-encryption-oracle-2024-b15f1879a30b?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, bug-bounty, careers, hacking, cybersecurity01-Feb-2024
1.4M PII data leakage (IDOR)https://medium.com/@tusharaj98355/1-4m-pii-data-leakage-idor-aee596aef4d9?source=rss------bug_bounty-5tushar_reconbug-bounty, bug-bounty-tips01-Feb-2024
How i was able to hack a Company via watching a YouTube videohttps://ahmadmansourr.medium.com/how-i-was-able-to-hack-a-company-via-watching-a-youtube-video-without-any-technical-pentesting-4941753a150a?source=rss------bug_bounty-5Ahmad Mansourcyber-security-awareness, bug-bounty, penetration-testing01-Feb-2024
Reflected XSS into a JavaScript String with Angle Brackets and Double Quotes HTML-Encoded and…https://medium.com/@marduk.i.am/reflected-xss-into-a-javascript-string-with-angle-brackets-and-double-quotes-html-encoded-and-3e43059d901b?source=rss------bug_bounty-5Marduk I Amcybersecurity, portswigger-lab, reflected-xss, cross-site-scripting, bug-bounty01-Feb-2024
Bypass Arbitary File Upload With .pharhttps://medium.com/@mzrismuarf/bypass-arbitary-file-upload-with-phar-6a07627f5e2e?source=rss------bug_bounty-5Mizar Ismu Ariefexploitation, bug-bounty, pentesting, bypass01-Feb-2024
From No to Go — Uninvited Access To Invited Projectshttps://medium.com/@_0jatin0_/from-no-to-go-uninvited-access-to-invited-projects-c8a94feb7cf3?source=rss------bug_bounty-5Jatin_Chudasamabroken-access-control, writeup, bug-bounty, graphql, unauthorized-access01-Feb-2024
This is arguably the dumbest bug I’ve ever found.https://medium.com/@deadoverflow/this-is-arguably-the-dumbest-bug-ive-ever-found-3e451951d727?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, bug-bounty, hacking, programming, cybersecurity01-Feb-2024
Misconfiguration lead to company identity theft via bypass email verification.https://hamzadzworm.medium.com/misconfiguration-lead-to-company-identity-theft-via-bypass-email-verification-0dd60b61d943?source=rss------bug_bounty-5Hamzadzwormbugbounty-writeup, bug-bounty-writeup, bugbounty-tips, bug-bounty, infosec01-Feb-2024
Best Recon methodology (Shubham Rooter)https://shubhamrooter.medium.com/best-recon-methodology-shubham-rooter-dcdca8d4caa4?source=rss------bug_bounty-5Shubham Tiwarihackerone, recon, bug-bounty, bug-bounty-tips, bug-hunting01-Feb-2024
How to send WhatsApp Message automatically using python for impress someonehttps://rajput623929.medium.com/how-to-send-whatsapp-message-automatically-using-python-for-impress-someone-0a9f488a4b54?source=rss------bug_bounty-5Mr.Horbiohacking, cybersecurity, technology, python, bug-bounty01-Feb-2024
Understanding and Mitigating Active Directory Attackshttps://medium.com/@paritoshblogs/understanding-and-mitigating-active-directory-attacks-51b7b5737ecc?source=rss------bug_bounty-5Paritoshbug-bounty, azure, hacking, active-directory, cybersecurity31-Jan-2024
Uncovering a Parameter Tampering Vulnerability in Event Expo Ticketing Systemhttps://medium.com/@sulmanfarooq531/uncovering-a-parameter-tampering-vulnerability-in-event-expo-ticketing-system-89fc52e26414?source=rss------bug_bounty-5Sulman Farooq Sburpsuite, tampering, http-parameter-pollution, parameter-tampering, bug-bounty31-Jan-2024
Hunt, Hack, Reward — Hacking For Good with Bountieshttps://thethreatcops.medium.com/hunt-hack-reward-hacking-for-good-with-bounties-6a57d12c82a0?source=rss------bug_bounty-5the threat copsthethreatcops, cybersecurity, bug-bounty, hacking, infosec31-Jan-2024
Navigating the Storm: Understanding CVE-2023–34048’s Impact on VMware vCenter Serverhttps://medium.com/@elniak/navigating-the-storm-understanding-cve-2023-34048s-impact-on-vmware-vcenter-server-6004e6531e5b?source=rss------bug_bounty-5ElNiakthreat-intelligence, cybersecurity, bug-bounty, penetration-testing, vmware31-Jan-2024
Json Tokens (JWT) Token Checkshttps://akash-venky091.medium.com/json-tokens-jwt-token-checks-f23d5107e370?source=rss------bug_bounty-5Akash Venkycybersecurity, ethical-hacking, bug-bounty, security, jwt31-Jan-2024
What to expect from BSides Transylvania 2024https://corneacristian.medium.com/what-to-expect-from-bsides-transylvania-2024-38f62ffb1ebd?source=rss------bug_bounty-5Cristian Corneacybersecurity, technology, bug-bounty, software-development, tech31-Jan-2024
Tackling IDOR on UUID based objectshttps://medium.com/pentesternepal/tackling-idor-on-uuid-based-objects-71e8cb2dc265?source=rss------bug_bounty-5Veshraj Ghimireidor-vulnerability, bug-bounty31-Jan-2024
5.9 Lab: Infinite money logic flaw | 2024https://cyberw1ng.medium.com/5-9-lab-infinite-money-logic-flaw-2024-9aec41bc9ca0?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, cybersecurity, security, bug-bounty31-Jan-2024
Creating a recon database with Flask, MongoDB, REST Api and ChatGPT — Part Onehttps://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-one-77ec3fd3b914?source=rss------bug_bounty-5Alibug-bounty, database, reconnaissance, python31-Jan-2024
How to use Virtual Boxhttps://medium.com/@joshdesharnais1/how-to-use-virtual-box-f3b66be0d9d7?source=rss------bug_bounty-5Joshua Desharnaisbug-bounty, virtual, operating-systems, oracle31-Jan-2024
Bug Bounty Hunting, Part 1: Stealthy Parameter Detection with ParamSpiderhttps://medium.com/master-hackers/bug-bounty-hunting-part-1-stealthy-parameter-detection-with-paramspider-28e8ae3af5d4?source=rss------bug_bounty-50xClonazbug-bounty, hacker, bug-bounty-tips, cybersecurity, hacking31-Jan-2024
Ransomware: Build Your Own Ransomwarehttps://medium.com/master-hackers/ransomware-build-your-own-ransomware-b8002b355300?source=rss------bug_bounty-50xClonazhacking, cybersecurity, hacker, programming, bug-bounty31-Jan-2024
Recon Methodologyhttps://medium.com/@alanvv03/recon-methodology-6626fea2e6ed?source=rss------bug_bounty-5Alanvvcybersecurity, bug-bounty, reconnaissance31-Jan-2024
Une erreur fatalehttps://mr0me.medium.com/salut-a2c0cf7cfb4c?source=rss------bug_bounty-5Jephte Mangendamistakes, wordpress-development, wordpress, bug-bounty, bugs31-Jan-2024
Web Cache Poisoninghttps://k4gur4.medium.com/web-cache-poisoning-04fea694708e?source=rss------bug_bounty-5Kaguracybersecurity, web-security, bug-bounty31-Jan-2024
Decoding the OWASP Top 10https://medium.com/@paritoshblogs/decoding-the-owasp-top-10-e193b715cb37?source=rss------bug_bounty-5Paritoshbug-bounty, owasp, cybersecurity, pentesting, hacking30-Jan-2024
Critical Jenkins RCE Vulnerability (CVE-2024–23897)https://medium.com/@elniak/critical-jenkins-rce-vulnerability-cve-2024-23897-402061a2b187?source=rss------bug_bounty-5ElNiakjenkins, bug-bounty, penetration-testing, vulnerability, cybersecurity30-Jan-2024
Simplifying Issue Traceability with Links Explorer in the monday Platformhttps://medium.com/optimizory-apps/simplifying-issue-traceability-with-links-explorer-in-the-monday-platform-c8cfbee37668?source=rss------bug_bounty-5Divyansh Vatsproject-management, marketplaces, issues, bug-bounty, traceability30-Jan-2024
Title: Exploiting Path Traversal Vulnerability in User Profile URLshttps://medium.com/@kataeriidubstep/title-exploiting-path-traversal-vulnerability-in-user-profile-urls-82c0e8ba1a3e?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, cybersecurity, appsec30-Jan-2024
Reflected XSS into a JavaScript String with Single Quote and Backslash Escapedhttps://medium.com/@marduk.i.am/reflected-xss-into-a-javascript-string-with-single-quote-and-backslash-escaped-ba435167b43f?source=rss------bug_bounty-5Marduk I Amreflected-xss, cross-site-scripting, portswigger-lab, bug-bounty, cybersecurity30-Jan-2024
My SSRF Tricks — Bug Bounty Tuesdayhttps://medium.com/@kerstan/my-ssrf-tricks-bug-bounty-tuesday-f0d7e53c8d88?source=rss------bug_bounty-5kerstanbug-bounty, security, hacking, cybersecurity, technology30-Jan-2024
Rekomendasi Platform Bug Bounty Nasional Maupun Internasionalhttps://medium.com/@artiacode/rekomendasi-platform-bug-bounty-nasional-maupun-internasional-7406d388de08?source=rss------bug_bounty-5ArtiaCodecybersecurity, cyber-security-awareness, bug-bounty, bug-bounty-hunter, bug-bounty-program30-Jan-2024
Navigating the World of Bug Bounties in 2024: Opportunities and Platforms for Ethical Hackershttps://hacksheets.medium.com/navigating-the-world-of-bug-bounties-in-2024-opportunities-and-platforms-for-ethical-hackers-99ff20231e3e?source=rss------bug_bounty-5Hacksheets | Learn Cybersecuritybug-bounty, artificial-intelligence, chatgpt, cybersecurity, penetration-testing30-Jan-2024
Pov — HackTheBox Seasonal Machine Simple Writeup by Karthikeyan Nagaraj | 2024https://infosecwriteups.com/pov-hackthebox-seasonal-machine-simple-writeup-by-karthikeyan-nagaraj-2024-7516c938c688?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hackthebox, hackthebox-writeup, careers, cybersecurity30-Jan-2024
Attacking Session Management | Part 06 | What To Do After Choosing a Targethttps://medium.com/@omarora1603/attacking-session-management-part-06-what-to-do-after-choosing-a-target-b551ab0455c5?source=rss------bug_bounty-5Om Arorainfosec, information-security, hacking, bug-bounty, cybersecurity30-Jan-2024
Best Approach to RCEhttps://medium.com/@anekantsinghai/best-approach-to-rce-630187d4ad03?source=rss------bug_bounty-5Anekant Singhai Jainred-team, ethical-hacking, rce, penetration-testing, bug-bounty30-Jan-2024
An introductory guide to HTTP request smugglinghttps://medium.com/@mayank_prajapati/an-introductory-guide-to-http-request-smuggling-0defb95e87ce?source=rss------bug_bounty-5Mayank Kumar Prajapatiwebsite, web, bug-bounty, hacking, vulnerability30-Jan-2024
How to replicate Jenkins CVE-2024–23897: Arbitrary File Read Vulnerabilityhttps://medium.com/@red_darkin/how-to-replicate-jenkins-cve-2024-23897-arbitrary-file-read-vulnerability-260c8174dd94?source=rss------bug_bounty-5Red Darkinbug-bounty, cybersecurity, cve-2024-23897, jenkins, offsec30-Jan-2024
Behind the Scenes of DLLs : How Attackers Exploit Legitimate Programs for Mischief!https://osintteam.blog/behind-the-scenes-of-dlls-how-attackers-exploit-legitimate-programs-for-mischief-395a7540af1f?source=rss------bug_bounty-5Paritoshdll-hijacking, information-security, cybersecurity, hacking, bug-bounty29-Jan-2024
Fundamentals of .NET Decompilation With dnSpyhttps://infosecwriteups.com/fundamentals-of-net-decompilation-with-dnspy-e7456707b1d2?source=rss------bug_bounty-5Jowardpentesting, hacking, bug-bounty, dotnet29-Jan-2024
How to Earn Bug Bounty as a Professional Bug hunterhttps://rajput623929.medium.com/how-to-earn-bug-bounty-as-a-professional-bug-hunter-ef7de858f94b?source=rss------bug_bounty-5Mr.Horbiobug-bounty, bugs, earn-money-online, ethical-hacking, cybersecurity29-Jan-2024
Port Scanning: Pengertian, Teknik, Dan Pencegahannyahttps://medium.com/@talaskosec/port-scanning-pengertian-teknik-dan-pencegahannya-38dece0adf2e?source=rss------bug_bounty-5TalaskoSecbug-bounty-indonesia, coding, cyber-security-indonesia, cybersecurity, bug-bounty29-Jan-2024
XML External Entity injection with error-based data exfiltrationhttps://infosecwriteups.com/xml-external-entity-injection-with-error-based-data-exfiltration-985b063ec820?source=rss------bug_bounty-5Serj Novoselovpenetration-testing, hacking, bug-bounty, xml, writeup29-Jan-2024
OWASP Top 10 API Security Risks — 2023https://medium.com/@aayushdhakal005/owasp-top-10-api-security-risks-2023-0e1cd92214cf?source=rss------bug_bounty-5Creepydoomerbug-bounty, cybersecurity, owasp, api29-Jan-2024
Kenalan Sama Bug Bountyhttps://medium.com/@artiacode/kenalan-sama-bug-bounty-a9d72927a349?source=rss------bug_bounty-5ArtiaCodebug-bounty, cybersecurity, bug-bounty-tips, cyber-security-awareness, ethical-hacking29-Jan-2024
CheckList for Bug Bounty Huntinghttps://medium.com/@kalidaskamaraj/checklist-for-bug-bounty-hunting-ffcaf4841242?source=rss------bug_bounty-5Kalidaskamarajbug-bounty, cybersecurity, ethical-hacking, penetration-testing, web-application-testing29-Jan-2024
Meteor Subdomain Takeoverhttps://medium.com/@youngvanda/meteor-subdomain-takeover-b33034a44aa7?source=rss------bug_bounty-5YoungVandacybersecurity, technology, bug-bounty, javascript, programming29-Jan-2024
CVE-2024–0519: Chrome’s Gateway to Memory Accesshttps://medium.com/@elniak/cve-2024-0519-chromes-gateway-to-memory-access-8cfd6cbbd168?source=rss------bug_bounty-5ElNiakgoogle, cybersecurity, penetration-testing, bug-bounty, threat-intelligence29-Jan-2024
OWASP Top 10 API Security Risks — 2023https://medium.com/@aayushdhakal005/owasp-top-10-api-security-risks-2023-0e1cd92214cf?source=rss------bug_bounty-5Creepyshitbug-bounty, cybersecurity, owasp, api29-Jan-2024
Discord’s preview bot redirection vulnerabilityhttps://medium.com/@lenoctambule/discords-preview-bot-redirection-vulnerability-c8b08fe3721b?source=rss------bug_bounty-5Le Noctambulebug-bounty, bugs, software-development, cybersecurity29-Jan-2024
Simple Tips for Bug Bounty Beginners: Finding OTP Bypass Bughttps://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-otp-bypass-bug-22323a8ff49b?source=rss------bug_bounty-5Anish Narayanbug-bounty, cybersecurity, bug-bounty-tips, technology, programming29-Jan-2024
Huge Bug Bounty Resourcehttps://medium.com/@joshdesharnais1/huge-bug-bounty-resource-d25ee48d81cc?source=rss------bug_bounty-5Joshua Desharnaishacking, bug-bounty, bugs, bug-bounty-tips29-Jan-2024
Techniques in Exploiting Business Logic Vulnerabilities for Bug Bounty | 2024https://cyberw1ng.medium.com/techniques-in-exploiting-business-logic-vulnerabilities-for-bug-bounty-2024-93293353e99f?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, cybersecurity, security29-Jan-2024
Automation Hacks: Unearthing a Critical RCE the Easy Wayhttps://asbawy.medium.com/automation-hacks-unearthing-a-critical-rce-the-easy-way-ad64f01a06a3?source=rss------bug_bounty-5Asbawybug-bounty-tips, hacking, bug-bounty, cybersecurity, automation-testing29-Jan-2024
Reflected XSS in canonical link taghttps://medium.com/@marduk.i.am/reflected-xss-in-canonical-link-tag-64c9719fc6ad?source=rss------bug_bounty-5Marduk I Amreflected-xss, cybersecurity, portswigger-lab, bug-bounty, cross-site-scripting29-Jan-2024
Bug Zero at a Glance [01–15 January]https://blog.bugzero.io/bug-zero-at-a-glance-01-15-january-70f2e0b58c59?source=rss------bug_bounty-5Januka Dharmapriyasri-lanka, newsletter, bug-zero, bug-bounty, cybersecurity28-Jan-2024
How I Learned To Exploit Buffer Overflows: An Introduction to Stack-Based Buffer Overflowshttps://medium.com/@shcyber/how-i-learned-to-exploit-buffer-overflows-an-introduction-to-stack-based-buffer-overflows-5b27e339a1a6?source=rss------bug_bounty-5SHCybercybersecurity, buffer-overflow-attack, bug-bounty, binary-exploitation, buffer-overflow28-Jan-2024
Explorasi Platform Bug Bounty untuk Cyber Security Enthusiastshttps://medium.com/@faisalhanafi112/explorasi-platform-bug-bounty-untuk-cyber-security-enthusiasts-5d3bde391f69?source=rss------bug_bounty-5Faisal Hanafired-team, linuxhacking, pentesting, bug-bounty, cybersecurity28-Jan-2024
Useful HTTP method every bug hunter must knowhttps://medium.com/@aayushdhakal005/useful-http-method-every-bug-hunter-must-know-02f57f59812a?source=rss------bug_bounty-5Creepydoomercybersecurity, web, https, bug-bounty28-Jan-2024
Thorough Review Bug Bounty Hunter Certification [CBBH]https://medium.com/@ozomarzu/thorough-review-bug-bounty-hunter-certification-cbbh-f39765da27bc?source=rss------bug_bounty-5CyberOzpentesting, hackthebox, bug-bounty-hunter, bug-bounty, web-vulnerabilities28-Jan-2024
I will be giving away my book for free!https://medium.com/@deadoverflow/i-will-be-giving-away-my-book-for-free-924191fdea84?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, hacking, cybersecurity, bug-hunting, bug-bounty28-Jan-2024
Get IDOR In No Permission To Access Page — Bug Bounty Tuesdayhttps://medium.com/@kerstan/get-idor-in-no-permission-to-access-page-bug-bounty-tuesday-a04fbb7e7821?source=rss------bug_bounty-5kerstancybersecurity, technology, hacking, security, bug-bounty28-Jan-2024
Reflected XSS with some SVG markup allowedhttps://medium.com/@marduk.i.am/reflected-xss-with-some-svg-markup-allowed-10d198692208?source=rss------bug_bounty-5Marduk I Amreflected-xss, cross-site-scripting, portswigger-lab, cybersecurity, bug-bounty28-Jan-2024
Roadmap Belajar SOC Analyst Dan Toolsnyahttps://medium.com/@yasminramadini/roadmap-belajar-soc-analyst-dan-toolsnya-5ce314f0b0ff?source=rss------bug_bounty-5Yeaszecbug-bounty, ethical-hacking, programmer, blue-team, cybersecurity28-Jan-2024
CVE-2023–45866: 0-Click Bluetooth vulnerabilityhttps://medium.com/@elniak/understanding-and-mitigating-cve-2023-45866-0-click-vulnerability-2576ec17c38f?source=rss------bug_bounty-5ElNiakbluetooth, cybersecurity, bug-bounty, penetration-testing, threat-intelligence28-Jan-2024
MIME Sniffing Explained: How Browsers Can Misinterpret Content Typeshttps://medium.com/@ab3lsec/mime-sniffing-explained-how-browsers-can-misinterpret-content-types-68c22d300345?source=rss------bug_bounty-5Abel Vsniffing, web-browser, cybersecurity, web-application-security, bug-bounty28-Jan-2024
Hunting for Vulnerabilities that are ignored by most of the Bug Bounty Hunters — Part 1https://medium.com/@vflexo/hunting-for-vulnerabilities-that-are-ignored-by-most-of-the-bug-bounty-hunters-part-1-187b35508e56?source=rss------bug_bounty-5vFlexoethical-hacking, bug-bounty, penetration-testing, vapt, information-security28-Jan-2024
How do you actually find bugs? (Part 2)https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-part-2-5d6930edeee7?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, bug-hunting, bug-bounty, hacking, cybersecurity28-Jan-2024
Clicker — HackTheBox Machine Simple Writeup by Karthikeyan Nagaraj | 2024https://infosecwriteups.com/clicker-hackthebox-machine-simple-writeup-by-karthikeyan-nagaraj-2024-313b383236bd?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, bug-bounty, hackthebox-writeup, hackthebox28-Jan-2024
How do you actually find bugs? (My 2 years experience) | Part 2https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-part-2-5d6930edeee7?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, bug-hunting, bug-bounty, hacking, cybersecurity28-Jan-2024
This is the easiest bug you can find.https://medium.com/@deadoverflow/this-is-the-easiest-bug-you-can-find-90573d0053e1?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, cybersecurity, programming, bug-bounty, hacking28-Jan-2024
How to Get CVEs Online (Fast)https://fh4ntke.medium.com/how-to-get-cves-online-fast-c0d6d897c04d?source=rss------bug_bounty-5FHantkebug-bounty, information-technology, web-development, cybersecurity, hacking28-Jan-2024
XSS is hard to find… or is it? (How to you find bugs)https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-part-2-5d6930edeee7?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, bug-hunting, bug-bounty, hacking, cybersecurity28-Jan-2024
ARPA Monthly Report | December Progress Reviewhttps://arpa.medium.com/arpa-monthly-report-december-progress-review-d49a5a44b79c?source=rss------bug_bounty-5ARPA Officialstaking, cryptography, arpa, bug-bounty, rng27-Jan-2024
5.8 Lab: Insufficient workflow validation | 2024https://cyberw1ng.medium.com/5-8-lab-insufficient-workflow-validation-2024-ce57b036d908?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, cybersecurity, bug-bounty, hacking, careers27-Jan-2024
Essential Encoding Schemes for Bug Bounty Huntershttps://medium.com/@aayushdhakal005/essential-encoding-schemes-for-bug-bounty-hunters-2cccd3dcb124?source=rss------bug_bounty-5Creepydoomerbug-bounty, cybersecurity, ethical-hacking, security, encoding27-Jan-2024
Your Life in the Crosshairs of Cybersecurity Threats!https://medium.com/@paritoshblogs/your-life-in-the-crosshairs-of-cybersecurity-threats-526f4a122e14?source=rss------bug_bounty-5Paritoshsecurity, cybersecurity, programming, bug-bounty, information-security27-Jan-2024
500$: MFA bypass By Race Conditionhttps://medium.com/@a13h1/500-mfa-bypass-by-race-condition-176421462902?source=rss------bug_bounty-5Abhi Sharmarace-condition, bug-bounty, programming, 2fa, cybersecurity27-Jan-2024
Як працює програма винагороди за виправлення помилок від Aleo?https://medium.com/@prekrasnazasmin/%D1%8F%D0%BA-%D0%BF%D1%80%D0%B0%D1%86%D1%8E%D1%94-%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%B0-%D0%B2%D0%B8%D0%BD%D0%B0%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B8-%D0%B7%D0%B0-%D0%B2%D0%B8%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%BD%D1%8F-%D0%BF%D0%BE%D0%BC%D0%B8%D0%BB%D0%BE%D0%BA-%D0%B2%D1%96%D0%B4-aleo-edafe6e7dce0?source=rss------bug_bounty-5Marlin_2_2_0aleo, bug-bounty27-Jan-2024
Schneier’s Law In Bug Bountyhttps://wallotry.medium.com/schneiers-law-in-bug-bounty-df04bebfdf2f?source=rss------bug_bounty-5Wallotrybug-bounty-hunting, bug-bounty-tips, bug-bounty27-Jan-2024
SIEM Home Lab: Detecting Web Attackhttps://medium.com/@yasminramadini/siem-home-lab-detecting-web-attack-b08c0d575498?source=rss------bug_bounty-5Yeaszecsoc-analyst, pentester, cybersecurity, bug-bounty, ethical-hacking26-Jan-2024
Detecting Server-Side Technologies for Bug Hunting:https://medium.com/@aayushdhakal005/detecting-server-side-technologies-for-bug-hunting-9f894bd87da2?source=rss------bug_bounty-5Creepydoomerphp, python, servers, bug-bounty, microsoft26-Jan-2024
Evolution of Critical Log Sources in SIEM: A 5-Year Retrospectivehttps://infosecwriteups.com/evolution-of-critical-log-sources-in-siem-a-5-year-retrospective-841bae2b6a6c?source=rss------bug_bounty-5Paritoshsecurity, cybersecurity, siem, hacking, bug-bounty26-Jan-2024
Zero Click Account Takeoverhttps://medium.com/@bhavin87859/zero-click-account-takeover-404bb73121c9?source=rss------bug_bounty-5Sunny Sharmabug-bounty-writeup, bug-bounty26-Jan-2024
Bug Bounty For Beginners 2024 Part (3).https://medium.com/@lukwagoasuman236/bug-bounty-for-beginners-2024-part-3-3f8a70f8652e?source=rss------bug_bounty-5Asuman Lukwagobug-bounty-tips, vulnerability-assessment, bug-bounty, cybersecurity, beginners-guide26-Jan-2024
Unveiling the Odyssey: A Riveting Tale of PII Disclosure Vulnerability Discoveryhttps://medium.com/@mrraghavop12/unveiling-the-odyssey-a-riveting-tale-of-pii-disclosure-vulnerability-discovery-615f04432654?source=rss------bug_bounty-5Ethical Raghavblockchain, data-science, cybersecurity, technology, bug-bounty26-Jan-2024
Reflected XSS into HTML context with all tags blocked except custom oneshttps://medium.com/@marduk.i.am/reflected-xss-into-html-context-with-all-tags-blocked-except-custom-ones-7eec0b6b146f?source=rss------bug_bounty-5Marduk I Ambug-bounty, cross-site-scripting, cybersecurity, portswigger-lab, dom-xss26-Jan-2024
Strategies for Success in Audit Contests and Bug Bounty Huntinghttps://medium.com/@JohnnyTime/strategies-for-success-in-audit-contests-and-bug-bounty-hunting-082cef9b4021?source=rss------bug_bounty-5Johnny Timesmart-contract-auditing, audit-contest, bug-bounty, code4rena, bug-bounty-tips26-Jan-2024
Ensuro Partners with Immunefi to Launch Bug Bounty Programhttps://medium.com/@zorely/ensuro-partners-with-immunefi-to-launch-bug-bounty-program-e63368cdc0b0?source=rss------bug_bounty-5Ensuro ZEbug-bounty26-Jan-2024
How I Discovered a Sneaky Account Takeover Vulnerabilityhttps://sumedhgharpande.medium.com/how-i-discovered-a-sneaky-account-takeover-vulnerability-530c3a080a20?source=rss------bug_bounty-5Sumedh Gharpandebug-bounty, ethical-hacking, cyber-security-awareness, hacking, broken-access-control26-Jan-2024
General Questions Asked in Telephonic Interview (Q&A)for Cybersecurity Role-My Personal Experience…https://medium.com/@Ajakcybersecurity/general-questions-asked-in-telephonic-interview-q-a-for-cybersecurity-role-my-personal-experience-ae6298e5b8f0?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, ethical-hacking, interview, cybersecurity, jobs26-Jan-2024
5.7 Lab: Weak isolation on dual-use endpoint | 2024https://cyberw1ng.medium.com/5-7-lab-weak-isolation-on-dual-use-endpoint-2024-cd80519184b4?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, security, bug-bounty, careers26-Jan-2024
Bug Bounty 101: Unveiling the Crucial Role in Cybersecurity for Beginnershttps://systemweakness.com/bug-bounty-101-unveiling-the-crucial-role-in-cybersecurity-for-beginners-0d8611e6f315?source=rss------bug_bounty-5Fahri Yeşilcyber-threat-intelligence, bug-bounty, ethical-hacking, cybersecurity, vulnerability-research26-Jan-2024
Web Cache Poisoning: WWWWWH?https://medium.com/@rcxsecurity/web-cache-poisoning-wwwwwh-ee2b47d6bacc?source=rss------bug_bounty-5RCXSecuritycybersecurity, pentesting, bug-bounty-tips, penetration-testing, bug-bounty26-Jan-2024
How to get your email from different bug bounty platform to start hacking :https://medium.com/@aayushdhakal005/how-to-get-your-email-from-different-bug-bounty-platform-to-start-hacking-ce01dd45f7ca?source=rss------bug_bounty-5Creepydoomercybersecurity, bug-bounty, ethical-hacking, hackerone, hacker25-Jan-2024
Tool: SCRIPTKIDDI3: A Comprehensive Guide to Efficient Bug Bounty Reconnaissancehttps://nixiebytes.medium.com/tool-scriptkiddi3-a-comprehensive-guide-to-efficient-bug-bounty-reconnaissance-dc91c3517a5e?source=rss------bug_bounty-5Nixie_Bytes Security Teambug-bounty, hacking-tools, tools, cybersecurity, hacking25-Jan-2024
A Comprehensive Guide to Bug Bounty Hunting Masteryhttps://medium.com/@mrraghavop12/a-comprehensive-guide-to-bug-bounty-hunting-mastery-706934490626?source=rss------bug_bounty-5Ethical Raghavbug-bounty, cybersecurity, artificial-intelligence, blockchain, data-science25-Jan-2024
eJPT all you need to knowhttps://medium.com/@boogsta/ejpt-all-you-need-to-know-7c62fef04cf3?source=rss------bug_bounty-5Boogstacyber, bug-bounty, bug-bounty-tips, hacking, cybersecurity25-Jan-2024
5.6 Lab: Inconsistent handling of exceptional input | 2024https://cyberw1ng.medium.com/5-6-lab-inconsistent-handling-of-exceptional-input-2024-d02e2bb522f4?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, security, bug-bounty, cybersecurity25-Jan-2024
OWASP TOP 10 2021:https://medium.com/@aayushdhakal005/owasp-top-10-2021-cfb610db7dd4?source=rss------bug_bounty-5Creepydoomercybersecurity, ethical-hacking, bug-bounty, sql-injection, owasp24-Jan-2024
Git Directory Exposed Leads to Credentials Disclosurehttps://medium.com/@blackarazi/git-directory-exposed-leads-to-credentials-disclosure-1d1737638279?source=rss------bug_bounty-5Azhari Harahapbug-bounty-writeup, supply-chain-security, bug-bounty, application-security, git-exposed24-Jan-2024
Avedia Player r9300 Vulnerabilitieshttps://medium.com/@x41x41x41/avedia-player-r9300-vulnerabilities-1c71b4d8efa0?source=rss------bug_bounty-5John Mweb-development, cve, bug-bounty, hacking, exploit24-Jan-2024
5.5 Low-level logic flaw in Business logic vulnerabilities | 2024https://cyberw1ng.medium.com/5-5-low-level-logic-flaw-in-business-logic-vulnerabilities-2024-cf9a90e2e762?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, security24-Jan-2024
The Immunefi bug bounty campaign is livehttps://dexenetwork.medium.com/the-immunefi-bug-bounty-campaign-is-live-5782b93f823e?source=rss------bug_bounty-5DeXe Protocoldao, dexe, defi, bug-bounty24-Jan-2024
The art of learning bug bounty.https://medium.com/@siratsami71/the-art-of-learning-bug-bounty-9c2a48aee53b?source=rss------bug_bounty-5Sirat Sami (analyz3r)bugbounty-writeup, bug-bounty24-Jan-2024
IDOR Allowing to Place Other Students in Exam Sessionshttps://medium.com/@mr_payload_injector/idor-allowing-to-place-other-students-in-exam-sessions-1bbefd14ac8d?source=rss------bug_bounty-5Mr_Payload_Injectorbug-bounty, cybersecurity, idor, bug-bounty-writeup, ethical-hacking24-Jan-2024
Response Manipulation Lead To Premium Feature By Normal User Reward of $500https://medium.com/@zikola1/response-manipulation-lead-to-premium-feature-by-normal-user-reward-of-500-43381f769ab1?source=rss------bug_bounty-5Abdulrahman badawiweb-application-security, bug-bounty-tips, penetration-testing, bug-bounty, bug-bounty-writeup24-Jan-2024
OWASP TOP 10 2017:https://medium.com/@aayushdhakal005/owasp-top-10-2017-9daabe8c44bf?source=rss------bug_bounty-5Aayushdhakalbug-bounty, ethical-hacking, sql, owasp, cybersecurity23-Jan-2024
Get IDOR In No Permission To Access Page— Bug Bounty Tuesdayhttps://medium.com/@kerstan/get-idor-in-no-permission-to-access-page-bug-bounty-tuesday-68aa82402171?source=rss------bug_bounty-5kerstanhacking, cybersecurity, technology, bug-bounty, security23-Jan-2024
Dosya yükleme ile XSShttps://enesozlekk.medium.com/dosya-y%C3%BCkleme-ile-xss-8f2dd8d093c4?source=rss------bug_bounty-5Enes Özlekbug-bounty23-Jan-2024
How to Exploit Business Logic Vulnerabilities for Bug Bounty | 2024https://cyberw1ng.medium.com/how-to-exploit-business-logic-vulnerabilities-for-bug-bounty-2024-5c9f14420d50?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, security, cybersecurity, bug-bounty23-Jan-2024
SQL Injection on PostgreSQLhttps://medium.com/@yagizkocer/sql-injection-on-postgresql-8c8f823e44aa?source=rss------bug_bounty-5Yağız Koçersql-injection, penetration-testing, bug-bounty, hacking, cybersecurity23-Jan-2024
Leaked SQL error leading to XSS, and another BSQLi...https://medium.com/@zatikyan.sevada/leaked-sql-error-leading-to-xss-and-another-bsqli-cdadde032687?source=rss------bug_bounty-5Zatikyan Sevadabug-bounty, sql-injection, sql, xss-attack, cybersecurity22-Jan-2024
Hacking behind the WAFhttps://noorhomaid.medium.com/hacking-behind-the-waf-60c6c1a48411?source=rss------bug_bounty-5NoorHomaidinfosec, bug-bounty-tips, penetration-testing, bug-bounty, cybersecurity22-Jan-2024
Better understanding of User-Directed Spidering vs Automated Spideringhttps://medium.com/@aayushdhakal005/better-understanding-of-user-directed-spidering-vs-automated-spidering-a18342c42a25?source=rss------bug_bounty-5Aayushdhakalhacking, penetration-testing, spidering, web, bug-bounty22-Jan-2024
How to find unprotected databases with Netlas.io: Chapter 2https://netlas.medium.com/how-to-find-unprotected-databases-with-netlas-io-chapter-2-ba71b07c9630?source=rss------bug_bounty-5Netlas.iocybersecurity, information-security, bug-bounty, penetration-testing, osint22-Jan-2024
This Tool Helps Me To Find The Origin IP Addresshttps://medium.com/@Ajakcybersecurity/this-tool-helps-me-to-find-the-origin-ip-address-75b1444da57e?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, bug-bounty, hacking, cybersecurity, ethical-hacking22-Jan-2024
Is It Worth Quitting 9–5 Job For a Full-Time Bug Bounty In 2024?https://medium.com/@Ajakcybersecurity/is-it-worth-quitting-9-5-job-for-a-full-time-bug-bounty-in-2024-a408389d914e?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, medium, bug-bounty, jobs, penetration-testing22-Jan-2024
4.5 Lab: Blind OS command injection with out-of-band data exfiltration | 2024https://cyberw1ng.medium.com/4-5-lab-blind-os-command-injection-with-out-of-band-data-exfiltration-2024-7bb26c2473e7?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, security, hacking, cybersecurity22-Jan-2024
Bug Bounty For Beginners 2024.https://medium.com/@lukwagoasuman236/bug-bounty-for-beginners-2024-df4a38ed3ad2?source=rss------bug_bounty-5Asuman Lukwagoplanning, finance, cybersecurity, bug-bounty, info22-Jan-2024
Reflected XSS into HTML context with most tags and attributes blockedhttps://medium.com/@marduk.i.am/reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-4266c6c473ad?source=rss------bug_bounty-5Marduk I Ambug-bounty, portswigger-lab, cybersecurity, cross-site-scripting, dom-xss22-Jan-2024
How do you actually find bugs? (My 2 year experience)https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-my-2-year-experience-2d77d78994a0?source=rss------bug_bounty-5Imad Husanovicbug-bounty, hacking, programming, cybersecurity, bug-bounty-tips22-Jan-2024
HackTheBox Saturn: Explaining SSRFhttps://medium.com/@leomsec/hackthebox-saturn-explaining-ssrf-072234ab5ce3?source=rss------bug_bounty-5Leonardobug-bounty, hacker, pentesting, ctf, hackthebox22-Jan-2024
How I Discovered a Critical Vulnerability in a Leading UK Retail Giant’s Systemhttps://medium.com/@cathreat/how-i-discovered-a-critical-vulnerability-in-a-leading-uk-retail-giants-system-bc4211c159a7?source=rss------bug_bounty-5cathreatunited-kingdom, pentesting, bug-bounty, hacking, ssrf22-Jan-2024
Unveiling the Digital Tapestry: A Penetration Tester's Odyssey into the Heart of Cyber…https://medium.com/@mrraghavop12/title-unveiling-the-digital-tapestry-a-penetration-testers-odyssey-into-the-heart-of-cyber-2ac009e54e2f?source=rss------bug_bounty-5Ethical Raghavbug-bounty, cybersecurity, web-development, technology, artificial-intelligence21-Jan-2024
Gelios Testnet Bug Bounty Program: Earn Up to $5,000https://geliosofficial.medium.com/gelios-testnet-bug-bounty-program-earn-up-to-5-000-10e2d78124f8?source=rss------bug_bounty-5Geliosbitcoin-l2, gelios, blockchain, crypto, bug-bounty21-Jan-2024
Bug bounty platforms for 2024https://medium.com/@notahades/bug-bounty-platforms-for-2024-ab289e5c74a9?source=rss------bug_bounty-5Not_A_Hadesbug-bounty, cybersecurity, hacking, security21-Jan-2024
4.4 Lab: Blind OS command injection with out-of-band interaction | 2024https://cyberw1ng.medium.com/4-4-lab-blind-os-command-injection-with-out-of-band-interaction-2024-f9d0e7a1c7ac?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, hacking, cybersecurity, careers, bug-bounty21-Jan-2024
Making My First 10K by Hacking Open Source Targetshttps://infosecwriteups.com/making-my-first-10k-by-hacking-open-source-targets-14ee1e9eeb70?source=rss------bug_bounty-5SynapticSpacebug-bounty, foss, cybersecurity, hacking21-Jan-2024
Path traversalhttps://medium.com/@codersqs/path-traversal-78cce0994e2d?source=rss------bug_bounty-5Codersqsethical-hacking, server-side-rendering, bug-bounty, ssrf-bug, directory-traversal21-Jan-2024
Exploiting SSRF in PDF HTML Injection: Basic and Blindhttps://medium.com/@jbince/exploiting-ssrf-in-pdf-html-injection-basic-and-blind-047fec5317ae?source=rss------bug_bounty-5Jowardbug-bounty, ssrf, hacking, web-app-security, pentesting21-Jan-2024
Exploiting SSRF in PDF HTML Injection: Basic and Blindhttps://infosecwriteups.com/exploiting-ssrf-in-pdf-html-injection-basic-and-blind-047fec5317ae?source=rss------bug_bounty-5Jowardbug-bounty, ssrf, hacking, web-app-security, pentesting21-Jan-2024
China Implements Stringent Cybersecurity Regulations: Makers Urged to Swiftly Report…https://jareddouville.medium.com/china-implements-stringent-cybersecurity-regulations-makers-urged-to-swiftly-report-673f99696750?source=rss------bug_bounty-5Jared Douvillechina-hackers, cyber-security-awareness, bug-bounty, zero-day, china20-Jan-2024
How I Bypassed CSRF Token — 2 Wayshttps://medium.com/mii-cybersec/how-i-bypassed-csrf-token-2-ways-b87ac04969a8?source=rss------bug_bounty-5Bryan Matthewcsrf-bypass, red-team, bug-bounty, penetration-testing, csrf20-Jan-2024
Stored DOM XSShttps://medium.com/@marduk.i.am/stored-dom-xss-c7c9c972d086?source=rss------bug_bounty-5Marduk I Amportswigger-lab, dom-xss, bug-bounty, cybersecurity, cross-site-scripting20-Jan-2024
The art of account takeoverhttps://medium.com/@iknowhatodo/the-art-of-account-takeover-ec5f9a29c436?source=rss------bug_bounty-5Hossam Ahmedaccount-takeover, information-security, bug-bounty20-Jan-2024
Securing AWS: Understanding EC2 IMDS Vulnerabilities and Learning from the Capital One Breachhttps://kishoreramk.medium.com/securing-aws-understanding-ec2-imds-vulnerabilities-and-learning-from-the-capital-one-breach-6f753e06cd66?source=rss------bug_bounty-5KISHORERAMaws-ec2, aws-s3, cybersecurity, aws, bug-bounty20-Jan-2024
Login DoS — That requires simply sending a lot of specially crafted requestshttps://infosecwriteups.com/login-dos-that-requires-simply-sending-a-lot-of-specially-crafted-requests-2ca927c628dd?source=rss------bug_bounty-5Shriyans Sudhibug-bounty, hackerone, penetration-testing, cybersecurity, web-hacking20-Jan-2024
921$ Privilege Escalation: Unauthorized User Addition to Shared APP Connectionshttps://infosecwriteups.com/921-privilege-escalation-unauthorized-user-addition-to-shared-app-connections-0780134d6cf1?source=rss------bug_bounty-5Abhi Sharmaprivilege-escalation, hacking, cybersecurity, programming, bug-bounty20-Jan-2024
4.3 Lab: Blind OS command injection with output redirection | 2024https://cyberw1ng.medium.com/4-3-lab-blind-os-command-injection-with-output-redirection-2024-d92f52f139b4?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, bug-bounty, cybersecurity, security20-Jan-2024
Boosting Your Income: My Journey with Side Hustles in Cybersecurityhttps://medium.com/@himanshu_mahajan/boosting-your-income-my-journey-with-side-hustles-in-cybersecurity-8cc088c92469?source=rss------bug_bounty-5Himanshu Mahajanside-hustle, security, technology, bug-bounty, cybersecurity20-Jan-2024
How To Hide Any Payload: Day 3/100 Of Gaining Hacking Knowledgehttps://medium.com/@ssg30devil/how-to-hide-any-payload-day-3-100-of-gaining-hacking-knowledge-002c4adb328b?source=rss------bug_bounty-5rootzsbug-bounty-tool, bug-bounty, bug-bounty-tips, hacking19-Jan-2024
Dangling CNAME/Orphaned CNAME leads P2 on Google VRPhttps://medium.com/@jerryhackgather/dangling-cname-orphaned-cname-leads-p2-on-google-vrp-fca8964d983c?source=rss------bug_bounty-5Jerry1319bug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity19-Jan-2024
Penetration Testing Techniqueshttps://anticitizenone.medium.com/penetration-testing-techniques-5eaf254fc5e6?source=rss------bug_bounty-5Rodolfo Santos Flaboreablue-team, purple-team, red-team, pentesting, bug-bounty19-Jan-2024
Best Recon Website For BugBounty in 2024, I came across! Completely Free 🙂https://medium.com/@Ajakcybersecurity/best-recon-website-for-bugbounty-in-2024-i-came-across-completely-free-303d67187400?source=rss------bug_bounty-5AjakCybersecurityblogging, cybersecurity, penetration-testing, ethical-hacking, bug-bounty19-Jan-2024
Authentication Bypass | Part 05 | What To Do After Choosing a Targethttps://medium.com/@omarora1603/authentication-bypass-part-05-what-to-do-after-choosing-a-target-31eddc38029c?source=rss------bug_bounty-5Om Arorahacking, cybersecurity, bug-bounty, technology, infosec19-Jan-2024
4.2 Lab: Lab: Blind OS command injection with time delays | 2024https://cyberw1ng.medium.com/4-2-lab-lab-blind-os-command-injection-with-time-delays-2024-042ad98c27e6?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, careers, bug-bounty, security19-Jan-2024
IDOR To Massive Government Data Leakhttps://bishal0x01.medium.com/idor-to-massive-government-data-leak-e8ad510d7e5?source=rss------bug_bounty-5Bishal Shresthabug-bounty, information-security, writeup, data-leak19-Jan-2024
Authentication Bypass | Part 05 | What To Do After Choosing a Targethttps://infosecwriteups.com/authentication-bypass-part-05-what-to-do-after-choosing-a-target-31eddc38029c?source=rss------bug_bounty-5Om Arorahacking, cybersecurity, bug-bounty, technology, infosec19-Jan-2024
IDOR Vulnerability Allowing Unauthorized Access to Colleagues’ Bachelor Theseshttps://medium.com/@mr_payload_injector/idor-vulnerability-allowing-unauthorized-access-to-colleagues-bachelor-theses-8c76c4ec4480?source=rss------bug_bounty-5Mr_Payload_Injectorcybersecurity, ethical-hacking, bug-bounty-writeup, bug-bounty, bug-bounty-tips19-Jan-2024
#ERROR!https://medium.com/@Xt3sY/500-internal-server-bypass-everything-will-be-200-okay-bcd149397736?source=rss------bug_bounty-5Pushkar Bhagathackerone, hacking, bugcrowd, exploitation, bug-bounty19-Jan-2024
How I Bypassed CSRF Token — 2Wayshttps://medium.com/@bmatth21/how-i-bypassed-csrf-token-2ways-5662b4191188?source=rss------bug_bounty-5Bryan Matthewpenetration-testing, csrf-protection, csrf, bug-bounty, csrf-token19-Jan-2024
Roadmap to Cybersecurity Mastery: A Guide for Aspiring IT Professionalshttps://ikhaleelkhan.medium.com/roadmap-to-cybersecurity-mastery-a-guide-for-aspiring-it-professionals-b2f2e6cc9641?source=rss------bug_bounty-5Khaleel Khanhacking, infosec, cybersecurity, ethical-hacking, bug-bounty18-Jan-2024
AWS/S3 Subdomain Takeoverhttps://medium.com/@scottlindh/aws-s3-subdomain-takeover-79d705cc3553?source=rss------bug_bounty-5Scott Lindhpentesting, hacking, hacking-tools, bug-bounty, bug-bounty-tips18-Jan-2024
Exploiting vulnerabilities in LLM APIs [OS injection]https://medium.com/@s_novoselov/exploiting-vulnerabilities-in-llm-apis-os-injection-b7d31c803d1d?source=rss------bug_bounty-5Serj Novoselovllm, penetration-testing, bug-bounty, ai, hacking18-Jan-2024
Brutal Bug Bounty methodologyhttps://medium.com/@pentajbr/brutal-bug-bounty-methodology-f872d0c1b8da?source=rss------bug_bounty-5Major Jbrbug-bounty-tips, bug-bounty18-Jan-2024
Secret Input Header leads to Password Reset Poisoninghttps://medium.com/@mares.viktor/secret-input-header-leads-to-password-reset-poisoning-ad3081fd8488?source=rss------bug_bounty-5Viktor Maresbug-bounty, penetration-testing, hacking, web-development, cybersecurity18-Jan-2024
Business Logic: Bypass 2FA to ATOhttps://giongfnef.medium.com/business-logic-bypass-2fa-to-ato-e0dc7131b10e?source=rss------bug_bounty-5Giongnefsecurity, bug-bounty, cybersecurity, information-security, pentesting18-Jan-2024
Finding Secret Key Inside React Native Appshttps://aminudin.medium.com/finding-secret-key-inside-react-native-apps-9eb6beac02f8?source=rss------bug_bounty-5Aminudinbug-bounty, bugs, bug-bounty-tips18-Jan-2024
Blind OS command injection vulnerabilities in Portswigger | 2024https://cyberw1ng.medium.com/blind-os-command-injection-vulnerabilities-in-portswigger-2024-cdc10f62d0be?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, security, careers, hacking, bug-bounty18-Jan-2024
Master Bug Bounty Hunting Coursehttps://medium.com/@teamhydrashop/master-bug-bounty-hunting-course-ea3615f1160b?source=rss------bug_bounty-5Team Hydra Shoptool-hack-xổ-số, bug-fixes, bug-bounty, penetration-testing, hacking-tools18-Jan-2024
What is Cyberkill Chain (My first Interview Question of my carrier)https://akash-venky091.medium.com/what-is-cyberkill-chain-my-first-interview-question-of-my-carrier-e1cc6351a24b?source=rss------bug_bounty-5Akash Venkysecurity, bug-bounty, cybersecurity, information-technology, pentesting18-Jan-2024
How I Automatically Generate XSS Payload & Automate Reflected XSShttps://medium.com/@Ajakcybersecurity/how-i-automatically-generate-xss-payload-automate-reflected-xss-91f4a232cd78?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, ethical-hacking, xss-attack, bug-bounty, penetration-testing18-Jan-2024
Is PNPT Certification Worth It for a Cybersecurity Job? Exploring PNPT!https://medium.com/@Ajakcybersecurity/is-pnpt-certification-worth-it-for-a-cybersecurity-job-exploring-pnpt-8fa13a194fe4?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, ethical-hacking, hacking, certification, cybersecurity18-Jan-2024
A Best $5 Spent in My Entire Cybersecurity Journeyhttps://medium.com/@Ajakcybersecurity/a-best-5-spent-in-my-entire-cybersecurity-journey-baf09ae710d0?source=rss------bug_bounty-5AjakCybersecurityhacking, tryhackme, bug-bounty, cybersecurity, ethical-hacking18-Jan-2024
CSRF vulnerabilityhttps://medium.com/@os1764934/csrf-vulnerability-ebfbbe6dd81c?source=rss------bug_bounty-5Omar Samybug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips18-Jan-2024
Hydra Tryhackme: Walkthrough/Writeuphttps://proviesec.medium.com/hydra-tryhackme-walkthrough-writeup-784db55ab9a9?source=rss------bug_bounty-5Proviesechydra, tryhackme-walkthrough, cybersecurity, bug-bounty, tryhackme18-Jan-2024
Things should do after sublister(sublist3r)https://medium.com/@canonminibeast/things-should-do-after-sublister-sublist3r-90176a020409?source=rss------bug_bounty-5Canonminibeastbug-bounty, cybersecurity, sublist3r, web-development, web-pen-testing18-Jan-2024
Exploiting LLM APIs with excessive agencyhttps://jareddouville.medium.com/exploiting-llm-apis-with-excessive-agency-979d87a9937e?source=rss------bug_bounty-5Jared Douvilleportswigger-lab, bug-bounty, cyber-security-awareness, hackerone, llm18-Jan-2024
easy bug = big bounty | easy and small bug can give you a big bounty and Reputationhttps://medium.com/@no_oneee/easy-bug-big-bounty-easy-and-small-bug-can-give-you-a-big-bounty-and-reputation-08534a90d2e6?source=rss------bug_bounty-5no|onebug-bounty, hacking, bug-bounty-tips, information-security, bugs18-Jan-2024
Accessing deleted comment for $$: A Bug Bounty Writeuphttps://vijetareigns.medium.com/accessing-deleted-comment-for-a-bug-bounty-writeup-95d56662d209?source=rss------bug_bounty-5the_unlucky_guybug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips, writeup17-Jan-2024
Understanding and Mitigating Authentication Bypass Techniques in Web Applicationshttps://ikhaleelkhan.medium.com/understanding-and-mitigating-authentication-bypass-techniques-in-web-applications-d72795f469be?source=rss------bug_bounty-5Khaleel Khanhacking, bug-bounty, infosec, infosecurity, ethical-hacking17-Jan-2024
Best Hacking OSINT Site list in 2024https://medium.com/@logicTech/best-hacking-osint-site-list-in-2024-768db84c55e3?source=rss------bug_bounty-5LogicTechhacking-tools, bug-bounty, hacking, osint-investigation, journalism17-Jan-2024
Why Web2 Vulnerabilities Need Addressing Before Embracing Web3 — Part 1https://medium.com/@resonance.security/why-web2-vulnerabilities-need-addressing-before-embracing-web3-part-1-e881424e216c?source=rss------bug_bounty-5Resonancebug-bounty, web3, blockchain17-Jan-2024
Phishing using Google Sheets for Red Team Engagementshttps://infosecwriteups.com/phishing-using-google-sheets-for-red-team-engagements-ac79298ddb90?source=rss------bug_bounty-5Supun Halangoda (Suppa)cybersecurity, phishing-attacks, phishing, information-security, bug-bounty17-Jan-2024
Privilege escalation via response manipulationhttps://seek-er.medium.com/privilege-escalation-via-response-manipulation-e2ed5076b023?source=rss------bug_bounty-5Vikybug-bounty-writeup, hacking, web-application-security, bug-bounty, security17-Jan-2024
1 Program, 4 Business Logic Bugs and Cashing in 2300$.https://infosecwriteups.com/1-program-4-business-logic-bugs-and-cashing-in-2300-299b42236993?source=rss------bug_bounty-5Manav Bankatwalabounty-hunter, information-security, bug-bounty, appreciation, cybersecurity17-Jan-2024
3.6 Lab: File path traversal, validation of file extension with null byte bypass | 2024https://cyberw1ng.medium.com/3-6-lab-file-path-traversal-validation-of-file-extension-with-null-byte-bypass-2024-ccf8005b5379?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, careers, bug-bounty, hacking, cybersecurity17-Jan-2024
Shall I Start Bug Bounty Without Cybersecurity Basics in 2024?https://medium.com/@Ajakcybersecurity/shall-i-start-bug-bounty-without-cybersecurity-basics-in-2024-f62fa3ab1991?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, ethical-hacking, cybersecurity, hacking, bug-bounty17-Jan-2024
API_Security RoadMaphttps://akash-venky091.medium.com/api-security-roadmap-edb59a420b04?source=rss------bug_bounty-5Akash Venkycybersecurity, bug-bounty, vulnerability, information-technology, ethical-hacking16-Jan-2024
Extracting iOS IPA files Without Jailbreaking…!https://medium.com/@dhanush1895/extracting-ios-ipa-files-without-jailbreaking-6e7ee8e57ad7?source=rss------bug_bounty-5Daniel1895methodology, ios, bug-bounty-tips, bug-bounty, pentesting16-Jan-2024
Unleashing the Power of AutoRepeater: Automating Blind SQL Injection Detectionhttps://medium.com/@atikqur007/unleashing-the-power-of-autorepeater-automating-blind-sql-injection-detection-1b159ee81158?source=rss------bug_bounty-5Atik Rahmansql-injection, bug-bounty, blind-sql-injection, burpsuite-extension, cybersecurity16-Jan-2024
3.5 Lab: File path traversal, validation of start of path | 2024https://cyberw1ng.medium.com/3-5-lab-file-path-traversal-validation-of-start-of-path-2024-9b2b9b4f15d7?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, bug-bounty, cybersecurity, hacking, careers16-Jan-2024
How to Discovered IDOR from a Blank Page — Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-to-discovered-idor-from-a-blank-page-bug-bounty-tuesday-5af784533d1a?source=rss------bug_bounty-5kerstantechnology, programming, bug-bounty, cybersecurity16-Jan-2024
GUI Bug Bounty Tool To Find Easy P1s in 2024https://medium.com/@Ajakcybersecurity/gui-bug-bounty-tool-to-find-easy-p1s-in-2024-24d05dceba72?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, ethical-hacking, github, penetration-testing, bug-bounty16-Jan-2024
Secret Bug bounty Extension all Hackers Forget To Add. Part-2 (Not Common!)‍https://medium.com/@Ajakcybersecurity/secret-bug-bounty-extension-all-hackers-forget-to-add-part-2-not-common-e29d857f90e0?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, extension, cybersecurity, hacking, bug-bounty16-Jan-2024
Extensions I Use For My Bug Bounty Hunting in 2024, Part-1. ‍https://medium.com/@Ajakcybersecurity/extensions-i-use-for-my-bug-bounty-hunting-in-2024-part-1-5b8ba7501408?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, blog, hacking, bug-bounty, ethical-hacking16-Jan-2024
A Digital Date with a Hacker: A Café WiFi Adventure!https://medium.com/@Ajakcybersecurity/a-digital-date-with-a-hacker-a-caf%C3%A9-wifi-adventure-db7ae98bbd90?source=rss------bug_bounty-5AjakCybersecuritydigital-forensics, cybersecurity, bug-bounty, hacking, blog16-Jan-2024
What can a Hacker do with your IP Address? Track Your Location?https://medium.com/@Ajakcybersecurity/what-can-a-hacker-do-with-your-ip-address-track-your-location-f7854cd5c32f?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, cybersecurity, blog, digital-forensics, bug-bounty16-Jan-2024
Top 5 Sites to Improve Your Hacking Skill IN 2024https://medium.com/@Ajakcybersecurity/top-5-sites-to-improve-your-hacking-skill-in-2024-b9e786eb7adb?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, blog, cybersecurity, bug-bounty, hacking16-Jan-2024
Day 2/100 Of Gaining Hacking Knowledge — Easily change IP, Mac, DNS, Log killer, and more…….https://medium.com/@ssg30devil/day-2-100-of-gaining-hacking-knowledge-easily-change-ip-mac-dns-log-killer-and-more-7d286c7b7647?source=rss------bug_bounty-5rootzsbug-bounty, ethical-hacking, 100daychallenge, cybersecurity, git-tool16-Jan-2024
Web Security Academy — Business Logic Vulnerabilities Walkthroughhttps://iaraoz.medium.com/web-security-academy-business-logic-vulnerabilities-walkthrough-536f756cda9b?source=rss------bug_bounty-5Israel Aráoz Severichecybersecurity, owasp, vulnerability, appsec, bug-bounty16-Jan-2024
Demystifying Reflected XSS: Understanding and Mitigating This Common Web Security Vulnerabilityhttps://medium.com/@j0hnw1ck/demystifying-reflected-xss-understanding-and-mitigating-this-common-web-security-vulnerability-beaa3bb058c5?source=rss------bug_bounty-5J0hn W1ckbug-bounty, cybersecurity, web-development, pentesting, hacking16-Jan-2024
Bug Zero at a Glance [16–31 December]https://blog.bugzero.io/bug-zero-at-a-glance-16-31-december-d722a2b76ed4?source=rss------bug_bounty-5Januka Dharmapriyanewsletter, bug-bounty, bug-zero, sri-lanka, cybersecurity15-Jan-2024
How Apple Scammed Me Out Of $50,000 in their Bug Bounty Program (Silent Patching & Ignoring Me)https://medium.com/@just4g3nt/how-apple-scammed-me-out-of-50-000-in-their-bug-bounty-program-silent-patching-ignoring-me-18455a47a1f6?source=rss------bug_bounty-5Random Userbug-bounty, infosec, apple, scam, cybersecurity15-Jan-2024
Unrestricted File Upload Lead to Stored XSS at Microsoft main domainhttps://medium.com/@cavdarbashas/unrestricted-file-upload-lead-to-stored-xss-at-microsoft-main-domain-baa9cadac6bd?source=rss------bug_bounty-5Sokol Çavdarbashabug-bounty, penetration-testing, technology, web-security, ethical-hacking15-Jan-2024
HackenProof bug bounty campaign is now livehttps://dexenetwork.medium.com/hackenproof-bug-bounty-campaign-is-now-live-bf9bc5ddd6d1?source=rss------bug_bounty-5DeXe Protocolsecurity, dao, bug-bounty, defi15-Jan-2024
100-day Challenge Day 1/100 Ethical Hacking Knowledgehttps://medium.com/@ssg30devil/100-day-challenge-day-1-100-ethical-hacking-knowledge-9b0625a8e835?source=rss------bug_bounty-5rootzs100daychallenge, ethical-hacking, useful-websites, bug-bounty, most-useful-websites15-Jan-2024
Reflected DOM XSShttps://medium.com/@marduk.i.am/reflected-dom-xss-fdf60de841cb?source=rss------bug_bounty-5Marduk I Amportswigger-lab, bug-bounty, cybersecurity, cross-site-scripting, dom-xss15-Jan-2024
SMTP Server (JAMES SMTP Server 2.3.2)https://medium.com/@akshadjoshi/smtp-server-james-smtp-server-2-3-2-ad934435f021?source=rss------bug_bounty-5Akshad Joshismtp, bug-bounty, pentesting, hackthebox15-Jan-2024
Streamlining Vulnerability Hunting for Bug Bounty and pentestershttps://medium.com/@k-binsaeed/streamlining-vulnerability-hunting-for-bug-bounty-and-pentesters-81e77b3ab7d9?source=rss------bug_bounty-5NumLocK15bug-bounty, vulnerability, cybersecurity, pentesting15-Jan-2024
How I Used A Simple Python Script to Exploit a Vulnerable Google API Key.https://medium.com/@gradillagustavo87/how-i-used-a-simple-python-script-to-exploit-a-vulnerable-google-api-key-475b4fcaf895?source=rss------bug_bounty-5Gustavo Gradillahacking-tools, bug-bounty-writeup, bug-bounty, google15-Jan-2024
How I Automate Finding Amazon S3 Buckets Using A Simple Python Scripthttps://medium.com/@gradillagustavo87/how-i-automate-finding-amazon-s3-buckets-using-a-simple-python-script-c1a7c11a8b52?source=rss------bug_bounty-5Gustavo Gradillacybersecurity, hacking-tools, ethical-hacking, bug-bounty, hacking15-Jan-2024
S3 Bucket takeover with simple technique lead to $$$https://medium.com/@adhaamsayed3/s3-bucket-takeover-with-simple-technique-lead-to-0fc0b89eeecb?source=rss------bug_bounty-5Adham sayed (doosec101)web-app-pentesting, bug-bounty, hacker, hackerone, mobile-app-testing15-Jan-2024
3.3 Lab: File path traversal, traversal sequences stripped non-recursively | 2024https://cyberw1ng.medium.com/3-3-lab-file-path-traversal-traversal-sequences-stripped-non-recursively-2024-5dd6b7d227e6?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, security, hacking, careers14-Jan-2024
Logical Error leads to DOS for victimhttps://medium.com/@tanyago/logical-error-leads-to-dos-for-victim-8e4f6d18ae90?source=rss------bug_bounty-5Tanya Goyalbug-bounty-tips, bug-bounty-writeup, bug-hunting, bug-bounty14-Jan-2024
How to Nail a Perfect Bug Reporthttps://medium.com/@nambiarjishnu1210/how-to-nail-a-perfect-bug-report-b619690779a7?source=rss------bug_bounty-5Jishnu Nambiarsoftware-testing, automation, bug-bounty, testing, quality-assurance14-Jan-2024
Bug Bounty: The Ultimate Guide For Beginnershttps://medium.com/@securelearn/bug-bounty-the-ultimate-guide-for-beginners-92bd470b5c02?source=rss------bug_bounty-5RGsecure-learn, bug-bounty-tips, cybersecurity, hacking, bug-bounty14-Jan-2024
Elevate your Expertise: Key Cybersec Certifications 2k24https://thethreatcops.medium.com/elevate-your-expertise-key-cybersec-certifications-2k24-7a025f5566f4?source=rss------bug_bounty-5the threat copsinformation-security, hacking, career-development, bug-bounty, cybersecurity14-Jan-2024
Exploring the Web’s Hidden Corners with DorkDive: A Google Dorking Tool for Tech Enthusiastshttps://infosecwriteups.com/exploring-the-webs-hidden-corners-with-dorkdive-a-google-dorking-tool-for-tech-enthusiasts-c66816493c76?source=rss------bug_bounty-5Incoggeekpython, cybersecurity, bug-bounty, tools, hacking14-Jan-2024
Mastering Cybersecurity: A Deep Dive into Optimal Attack Surface Management for Public Bug Bounty…https://cyberarafat.medium.com/mastering-cybersecurity-a-deep-dive-into-optimal-attack-surface-management-for-public-bug-bounty-0eb182577c4c?source=rss------bug_bounty-5Arafat Ashrafi Talhaethical-hacking, bug-bounty-tips, bug-bounty, penetration-testing, cybersecurity14-Jan-2024
Layer 5: Bug Bountieshttps://medium.com/@triweisec/layer-5-bug-bounties-f67b2cbdf413?source=rss------bug_bounty-5TriWei.iobug-bounty, web3, blockchain-security, ethical-hacking, vulnerability-assessment14-Jan-2024
ExamSys — Multiple SQL Injectionshttps://fh4ntke.medium.com/examsys-multiple-sql-injections-ef94d84e440c?source=rss------bug_bounty-5FHantkeweb-development, technology, hacking, open-source, bug-bounty14-Jan-2024
How to set up a new Kali Linux virtual machine for Studying | Practicing | Bug Bounty ?https://medium.com/@recepbalibey/how-to-set-up-a-new-kali-linux-virtual-machine-for-studying-practicing-bug-bounty-6ec16222c294?source=rss------bug_bounty-5Recep Balıbeyvirtual-machine, kali-linux, ctf, bug-bounty, cybersecurity14-Jan-2024
Vulnerable Web Applications For Training and Testing Your New Toolshttps://medium.com/@eclectic-security/vulnerable-web-applications-for-training-and-testing-your-new-tools-e2411942edb2?source=rss------bug_bounty-5Eclectic Securitybug-bounty, software-development, cybersecurity, training, penetration-testing14-Jan-2024
Mass Hunting Blind XSS — Practical Techniqueshttps://infosecwriteups.com/mass-hunting-blind-xss-practical-techniques-182c422d773e?source=rss------bug_bounty-5Ott3rlybug-bounty-writeup, xss-vulnerability, cross-site-scripting, bug-bounty, cybersecurity14-Jan-2024
What is Bug Bounty Huntinghttps://medium.com/@chaudharyrohit644/what-is-bug-bounty-hunting-d2571271d612?source=rss------bug_bounty-5Rohit Chaudharybug-bounty14-Jan-2024
PII Data Leakage via Directory Listinghttps://medium.com/@fixthis1000time/pii-data-leakage-via-directory-listing-2a5ff7554cdc?source=rss------bug_bounty-5fixthi$infosec, cybersecurity, ethical-hacking, bug-bounty, hacking14-Jan-2024
User Enumeration in the login processhttps://medium.com/@majix_de/user-enumeration-in-the-login-process-a43a248ac70d?source=rss------bug_bounty-5Majixctf, bug-bounty, pentesting, hacking, penetration-testing14-Jan-2024
HackTheBox — Server-side Request Forgery (SSRF) Overviewhttps://medium.com/@harry.hphu/hackthebox-server-side-request-forgery-ssrf-overview-e55ef94ac435?source=rss------bug_bounty-5Huy Phubug-bounty, web-security, hackthebox, owasp-top-10, ssrf13-Jan-2024
What is SQL Injection and how SQL queries work in databasehttps://mrunknown124154.medium.com/what-is-sql-injection-and-how-sql-queries-work-in-database-6971f1729aed?source=rss------bug_bounty-5Mr Abdullahhacking, cyber-security-awareness, bug-bounty, sql-injection, web-hacking13-Jan-2024
Easy way to find RCE via SSTI(server side template injection)https://medium.com/@jeetpal2007/easy-way-to-find-rce-via-ssti-server-side-template-injection-b5f664ddf427?source=rss------bug_bounty-5JEETPALrce, bug-bounty, easy, bugs, ssti13-Jan-2024
DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encodedhttps://medium.com/@marduk.i.am/dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-62bc9a167c8e?source=rss------bug_bounty-5Marduk I Amcross-site-scripting, angularjs, dom-xss, bug-bounty, portswigger-lab13-Jan-2024
mistakes bug bounty hunters fall on it | the key of bug bounty |best advice for 2024https://medium.com/@no_oneee/hello-48e0488f6fa4?source=rss------bug_bounty-5no|oneinformation-security, bugs, bug-bounty-tips, cybersecurity, bug-bounty13-Jan-2024
3.2 Lab: File path traversal, traversal sequences blocked with absolute path bypass | 2024https://cyberw1ng.medium.com/3-2-lab-file-path-traversal-traversal-sequences-blocked-with-absolute-path-bypass-2024-b1eb44cf3151?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, security, hacking, cybersecurity13-Jan-2024
Regeneration of API key by low level user: 500$ Access Control bughttps://medium.com/@a13h1/regeneration-of-api-key-by-low-level-user-500-access-control-bug-87c76b9b5842?source=rss------bug_bounty-5Abhi Sharmabug-bounty, cybersecurity, hacking, api, programming13-Jan-2024
3.2 Lab: File path traversal, traversal sequences blocked with absolute path bypass | 2024https://systemweakness.com/3-2-lab-file-path-traversal-traversal-sequences-blocked-with-absolute-path-bypass-2024-b1eb44cf3151?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, security, hacking, cybersecurity13-Jan-2024
Burp Suite — Download, Set up and Get Going!https://medium.com/@eclectic-security/burp-suite-download-set-up-and-get-going-a58ba7daf678?source=rss------bug_bounty-5Eclectic Securitybug-bounty, tools, cyber-security-training, penetration-testing, burpsuite13-Jan-2024
DOM-Based XSS: Understanding and Mitigating a Stealthy Attack Vectorhttps://medium.com/@ravensec93/dom-based-xss-understanding-and-mitigating-a-stealthy-attack-vector-71ebc56806aa?source=rss------bug_bounty-5Raven Securitybug-bounty, web-security, cybersecurity, xss-attack, hacking13-Jan-2024
Weird bug to steal users credentialshttps://medium.com/@fuadahmad062/weird-bug-to-steal-users-credentials-5e80c5d4565f?source=rss------bug_bounty-5von001bug-bounty-tips, bug-bounty, content-spoofing12-Jan-2024
Forget Blockers, Own Your Freedom: SquareXhttps://tanishqshahsays.medium.com/forget-blockers-own-your-freedom-squarex-4e4d6a845fe8?source=rss------bug_bounty-5Tanishq Sachin Shahbug-bounty, squarex, security, cybersecurity, privacy12-Jan-2024
Mass Hunting Blind XSS — Initial Setuphttps://ott3rly.medium.com/mass-hunting-blind-xss-initial-setup-7fc5c1898999?source=rss------bug_bounty-5Ott3rlyxs, info-sec-writeups, blind-xss, bug-bounty, cross-site-scripting12-Jan-2024
The DeXe Protocol’s Bug Bounty Campaignhttps://dexenetwork.medium.com/the-dexe-protocols-bug-bounty-campaign-a68e960c36cd?source=rss------bug_bounty-5DeXe Protocoldefi, bug-bounty, smart-contracts, dao, security12-Jan-2024
tRPC Security Research: Hunting for Vulnerabilities in Modern APIshttps://medium.com/@LogicalHunter/trpc-security-research-hunting-for-vulnerabilities-in-modern-apis-b0d38e06fa71?source=rss------bug_bounty-5Borna Nematzadehbug-bounty-writeup, bug-bounty, web-security, security-research, api-security12-Jan-2024
Mass Hunting Blind XSS — Initial Setuphttps://infosecwriteups.com/mass-hunting-blind-xss-initial-setup-7fc5c1898999?source=rss------bug_bounty-5Ott3rlyxs, info-sec-writeups, blind-xss, bug-bounty, cross-site-scripting12-Jan-2024
The DeXe Protocol’s Bug Bounty Campaign announcementhttps://dexenetwork.medium.com/the-dexe-protocols-bug-bounty-campaign-a68e960c36cd?source=rss------bug_bounty-5DeXe Protocoldefi, bug-bounty, smart-contracts, dao, security12-Jan-2024
Unraveling the Mysteries of Zoo Services: Feign magic uncoveredhttps://medium.com/@boltaevt/unraveling-the-mysteries-of-zoo-services-feign-magic-uncovered-3d45d211fdec?source=rss------bug_bounty-5@boltaevtbug-bounty, spring-boot, java, microservices, feign12-Jan-2024
Unveiling Vulnerabilities: Loose Permissions in Salesforce Lightning Pose Data Security Threatshttps://samshadow.medium.com/unveiling-vulnerabilities-loose-permissions-in-salesforce-lightning-pose-data-security-threats-41eaba372937?source=rss------bug_bounty-5Sam Shadowbug-bounty-writeup, infosec, salesforce-lightning, bug-bounty, bug-bounty-tips12-Jan-2024
Common obstacles to exploiting path traversal vulnerabilities | 2024https://cyberw1ng.medium.com/common-obstacles-to-exploiting-path-traversal-vulnerabilities-2024-204fd57566f5?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, security, hacking, cybersecurity, careers12-Jan-2024
Holy Ffuf Unleashing Rapid Wealth with a 15-Minute $$$ Twisthttps://medium.com/@Xt3sY/holy-ffuf-unleashing-rapid-wealth-with-a-15-minute-twist-8fada0cc72ba?source=rss------bug_bounty-5Pushkar Bhagathacker101, bug-bounty, hackerone, hacker12-Jan-2024
SQL INJECTION FUNDAMENTALS_HACK THE BOXhttps://medium.com/@romimkhan5588/sql-injection-fundamentals-hack-the-box-d22cde7a7198?source=rss------bug_bounty-5root 28hacking, bug-bounty, cybersecurity, hackthebox, sql-injection12-Jan-2024
Account Takeover via password reset without user interactions (CVE-2023–7028)https://0xweb01.medium.com/account-takeover-via-password-reset-without-user-interactions-cve-2023-7028-cbd2e675992e?source=rss------bug_bounty-50xweb01cve, zero-day, bug-bounty, security12-Jan-2024
Holy Ffuf easy Bounty in 15 minshttps://medium.com/@Xt3sY/holy-ffuf-unleashing-rapid-wealth-with-a-15-minute-twist-8fada0cc72ba?source=rss------bug_bounty-5Pushkar Bhagathacker101, bug-bounty, hackerone, hacker12-Jan-2024
Bug Bountyhttps://medium.com/@pdinukanth/bug-bounty-b1843c8676b3?source=rss------bug_bounty-5Pdinukanthbug-bounty11-Jan-2024
IDN Homograph Attack - Reborn of the Rare Casehttps://shahjerry33.medium.com/idn-homograph-attack-reborn-of-the-rare-case-99fa1e342352?source=rss------bug_bounty-5Jerry Shah (Jerry)pentesting, bug-bounty, infosec, cybersecurity, vulnerability11-Jan-2024
Art of External Network Penetration Testing – Phase First: Preparationhttps://medium.com/@pentesterman/introduction-with-the-rapidly-developing-technologies-in-the-digital-world-the-security-measures-c21d0f62c48f?source=rss------bug_bounty-5Sevban Dönmezcybersecurity, external-pentest, bug-bounty, web-application-security, pentest-preparation11-Jan-2024
2.12 Lab: Password brute-force via password change | 2024https://cyberw1ng.medium.com/2-12-lab-password-brute-force-via-password-change-2024-94a39239f98e?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, bug-bounty, cybersecurity, hacking, careers11-Jan-2024
How I discovered a Critical Vulnerability during a Pentest : IDOR to Privilege Escalationhttps://medium.com/@ravindu.lakmina1/how-i-discovered-a-critical-vulnerability-during-a-pentest-idor-to-privilege-escalation-937230b06e62?source=rss------bug_bounty-5Ravindu Lakminaethical-hacking, hacking, bug-bounty, penetration-testing, cybersecurity11-Jan-2024
Windows Exploitation Learning Path in TryHackMehttps://mrshan.medium.com/windows-exploitation-learning-path-in-tryhackme-8fa680daa775?source=rss------bug_bounty-5MR SHANtryhackme-writeup, cybersecurity, tryhackme-walkthrough, bug-bounty, tryhackme11-Jan-2024
How I got my first bug bountyhttps://medium.com/@b1ayn/how-i-got-my-first-bug-bounty-8772d41bccba?source=rss------bug_bounty-5B1aynbugcrowd, pentesting, hackerone, bug-bounty11-Jan-2024
How I Earned My First Bug Bounty Reward of $600https://medium.com/@zikola1/how-i-earned-my-first-bug-bounty-reward-of-600-14c268f94bbd?source=rss------bug_bounty-5Abdulrahman badawipenetration-testing, bug-bounty-writeup, bug-bounty, bug-bounty-tips, web-application-security11-Jan-2024
Skills Needed For Bug Bounty Part 2https://medium.com/@joshdesharnais1/skills-needed-for-bug-bounty-part-2-2f6897aa3390?source=rss------bug_bounty-5Joshua Desharnaisexploitation, bug-bounty-tips, bug-bounty11-Jan-2024
Hacking my college intranet (Bug Bounty)https://medium.com/@boogsta/hacking-my-college-intranet-8f77f5d8fe60?source=rss------bug_bounty-5Boogstacybersecurity, bug-bounty, hacking, cyber, bug-bounty-tips10-Jan-2024
How I Helped Indonesian Startup Company to Prevent Millions of PII Data Leakshttps://medium.com/@blackarazi/how-i-helped-indonesian-startup-company-to-prevent-millions-of-pii-data-leaks-55ef3edbd35d?source=rss------bug_bounty-5Azhari Harahapbug-bounty-writeup, pii, application-security, api-security, bug-bounty10-Jan-2024
Everything About Launching and Managing Your Bug Bounty Program (From a Former Triager)https://utkusen.medium.com/everything-about-launching-and-managing-your-bug-bounty-program-from-a-former-triager-e244105a31c6?source=rss------bug_bounty-5Utku Şencybersecurity, bug-bounty-tips, hackerone, bug-bounty10-Jan-2024
Businesses That Still Are Accepting Brute Force Vulnerabilities as Low Impact Need to Reconsiderhttps://malwarexhunt.medium.com/businesses-that-still-are-accepting-brute-force-vulnerabilities-as-low-impact-need-to-reconsider-c877f8b17ad3?source=rss------bug_bounty-5MalwareHuntertechnology, cybersecurity, bug-bounty, programming, penetration-testing10-Jan-2024
Bugs & JS :A Closer Look at JavaScript for Successful Bug Huntinghttps://anasbetis023.medium.com/bugs-js-a-closer-look-at-javascript-for-successful-bug-hunting-fddb0d796498?source=rss------bug_bounty-5Anas H Hmaidycybersecurity, bug-bounty, javascript, penetration-testing10-Jan-2024
A Beginner’s Guide to Bug Hunting: Your Passport to the World of Cybersecurityhttps://medium.com/@matsecurity/a-beginners-guide-to-bug-hunting-your-passport-to-the-world-of-cybersecurity-798cc4a1e76d?source=rss------bug_bounty-5MatSecbug-bounty, bug-bounty-tips, hackerone, cybersecurity, ethical-hacking10-Jan-2024
Daily Bug Bounty Writeupshttps://securitycipher.medium.com/daily-bug-bounty-writeups-2d754b87a546?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)hacking, technology, ai, security, bug-bounty09-Jan-2024
BYPASSING PAYMENTS IN APPLE FOR FREE TRAILS FOR LIFETIMEhttps://medium.com/@sam0-0/bypassing-payments-in-apple-for-free-trails-for-lifetime-8e3019dfe57b?source=rss------bug_bounty-5Sambug-bounty-writeup, bug-bounty, apple, apple-security09-Jan-2024
Bug Bounty prompt that can help you to find IDOR vulnerabilitieshttps://blog.gopenai.com/bug-bounty-prompt-that-can-help-you-to-find-idor-vulnerabilities-5a47fa5de44f?source=rss------bug_bounty-5aimasteridor, bug-bounty, bugbountyprompts, cybersecurity, chatgpt09-Jan-2024
Understanding Sherlock’s Smart Contract Coveragehttps://medium.com/@JohnnyTime/understanding-sherlocks-smart-contract-coverage-3eca7d9033bc?source=rss------bug_bounty-5Johnny Timesherlock, web3-security, audit-contest, bug-bounty, smart-contracts09-Jan-2024
How To Get A XSSI Bug In Bug Bounty— Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-to-get-a-xssi-bug-in-bug-bounty-bug-bounty-tuesday-7440b0caf32c?source=rss------bug_bounty-5kerstanbug-bounty, security, technology, programming, cybersecurity09-Jan-2024
Developed a Bug Bounty Calculatorhttps://medium.com/@chander.romesh/developed-a-bug-bounty-calculator-b8370e04b15a?source=rss------bug_bounty-5Romesh chanderinformation-security, infosec, pentesting, hacking, bug-bounty09-Jan-2024
Recon Nedir ve Kullanılan Araçlarhttps://medium.com/@eren.klai2/recon-nedir-ve-kullan%C4%B1lan-ara%C3%A7lar-bac6b28479e4?source=rss------bug_bounty-5ErenCataksubdomain, pentesting, subdomains-enumeration, bug-bounty, recon09-Jan-2024
Subdomain Bruteforce Toolhttps://0xshaheen.medium.com/subdomain-bruteforce-tool-9dd3cd673df6?source=rss------bug_bounty-5Shaheen Sikdersubdomains-enumeration, subdomain, bug-bounty, subdomain-bruteforce09-Jan-2024
Get All your Clickjacking Vulnerability Triaged with this Exploitation!https://medium.com/@Ajakcybersecurity/get-all-your-clickjacking-vulnerability-triaged-with-this-exploitation-95de8291e285?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, bug-bounty, cybersecurity, blog, clickjacking09-Jan-2024
A Straight 5-hour Escalation! Exploiting Boolean-Based SQL Injection.https://medium.com/@Ajakcybersecurity/a-straight-5-hour-escalation-exploiting-boolean-based-sql-injection-5d828fd3dacf?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, bug-bounty, cybersecurity, red-team, sql09-Jan-2024
How to Write A Bug Bounty Report Like a Pro!https://medium.com/@Ajakcybersecurity/how-to-write-a-bug-bounty-report-like-a-pro-a703034d095f?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, ethical-hacking, ethcial-hacking, hacking, cybersecurity09-Jan-2024
How To Report Bug In Indian Government Site?https://medium.com/@Ajakcybersecurity/how-to-report-bug-in-indian-government-site-3f104eb5c40b?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, bug-bounty, blog, india, cybersecurity09-Jan-2024
How To Check Whether Your Photo is Leaked In Online or Not?https://medium.com/@Ajakcybersecurity/how-to-check-whether-your-photo-is-leaked-in-online-or-not-286a9feeadbd?source=rss------bug_bounty-5AjakCybersecurityinvestigation, digital-forensics, blog, cybersecurity, bug-bounty09-Jan-2024
2.11 Lab: Password reset poisoning via middleware | 2024https://cyberw1ng.medium.com/2-11-lab-password-reset-poisoning-via-middleware-2024-862897c7fc77?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, careers, security, bug-bounty09-Jan-2024
Tricks I Do To Get Easy HOF and Bounty!https://medium.com/@Ajakcybersecurity/tricks-i-do-to-get-easy-hof-and-bounty-99d6158eb53e?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, penetration-testing, blog, cybersecurity, bug-bounty09-Jan-2024
How Much Was My First Bounty?https://medium.com/@Ajakcybersecurity/how-much-was-my-first-bounty-9c02df4b1958?source=rss------bug_bounty-5AjakCybersecurityhacking, ethical-hacking, cybersecurity, penetration-testing, bug-bounty09-Jan-2024
The Art and Science Behind Password Managershttps://medium.com/@paritoshblogs/the-art-and-science-behind-password-managers-fbf5fb9c7f99?source=rss------bug_bounty-5Paritoshinformation-security, cybersecurity, password-manager, hacking, bug-bounty08-Jan-2024
Top 13 Vulnerable Web Applications and Websites for Ethical Hacking Practicehttps://bytebusterx.medium.com/top-13-vulnerable-web-applications-and-websites-for-ethical-hacking-practice-1850c6163e89?source=rss------bug_bounty-5ByteBusterXbug-bounty, hacking, cybersecurity08-Jan-2024
Rapid Scan (Web Vulnerability Scanner)https://medium.com/@psychomong/rapid-scan-web-vulnerability-scanner-d164cefc3c9a?source=rss------bug_bounty-5psychomonghacking, bug-bounty, scanner, hackerone, python08-Jan-2024
2.10 Lab: Offline password cracking | 2024https://cyberw1ng.medium.com/2-10-lab-offline-password-cracking-2024-e730fb915f73?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, security, cybersecurity, hacking08-Jan-2024
Blind boolean-based SQLi, by manipulating urlhttps://medium.com/@zatikyan.sevada/blind-boolean-based-sqli-by-manipulating-url-96e1e086378c?source=rss------bug_bounty-5Zatikyan Sevadacybersecurity, sqlmap, bug-bounty, owasp, sql-injection08-Jan-2024
HTTP PARAMTER POLLUTION [TR]https://medium.com/@eren.klai2/http-paramter-pollution-tr-700e254be60e?source=rss------bug_bounty-5ErenCatakpentesting, bug-bounty, turkey, http-parameter-pollution, parameter-tampering08-Jan-2024
2.9 Lab: Brute-forcing a stay-logged-in cookie | 2024https://cyberw1ng.medium.com/2-9-lab-brute-forcing-a-stay-logged-in-cookie-2024-065110f81d48?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, security, cybersecurity, hacking, careers07-Jan-2024
Digital Forensics Investigation Report PDF- A Court Manner.https://medium.com/@Ajakcybersecurity/digital-forensics-investigation-report-pdf-a-court-manner-daaa24c60458?source=rss------bug_bounty-5AjakCybersecuritywireshark, bug-bounty, networking, digital-forensics, blog07-Jan-2024
Top Programming Languages You Need to Know In 2024https://medium.com/@Ajakcybersecurity/top-programming-languages-you-need-to-know-in-2024-372db341015f?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, cybersecurity, python, medium, programming07-Jan-2024
XSS (Cross-Site Scripting) Reports on codechef.comhttps://medium.com/@mr_sopyan/xss-cross-site-scripting-reports-on-codechef-com-1a674f9ba9d8?source=rss------bug_bounty-5Mr_Sopyancybersecurity, xss-attack, bug-bounty, it-security07-Jan-2024
How to match IOCs against SIEM logs ?https://medium.com/@paritoshblogs/how-to-match-iocs-against-siem-logs-9d61079d16c6?source=rss------bug_bounty-5Paritoshsiem, hacking, bug-bounty, cybersecurity, ioc07-Jan-2024
Paid Subscriptions Resources which will be useful for Ethical Hacking/Bug Bounty (No Promotion)…https://medium.com/@Ajakcybersecurity/paid-subscriptions-resources-which-will-be-useful-for-ethical-hacking-bug-bounty-no-promotion-94b2aad97b18?source=rss------bug_bounty-5AjakCybersecuritymedium, udemy, ethical-hacking, bug-bounty, cybersecurity07-Jan-2024
Learn Cybersecurity By Doing Simple Projects at Homehttps://medium.com/@Ajakcybersecurity/learn-cybersecurity-by-doing-simple-projects-at-home-81fe4a512a65?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, bug-bounty, projects, ethical-hacking, hacking07-Jan-2024
Top 5 Best Laptops for Bug Bounty and Ethical Hackinghttps://medium.com/@Ajakcybersecurity/top-5-best-laptops-for-bug-bounty-and-ethical-hacking-c0ce6fe4917c?source=rss------bug_bounty-5AjakCybersecurityhacking, blog, laptop, programming, bug-bounty07-Jan-2024
Os Command Injectionhttps://medium.com/@eren.klai2/os-command-injection-536087488e87?source=rss------bug_bounty-5ErenCatakbug-bounty, pentesting, os-command-injection, operating-systems, bash-script07-Jan-2024
Top 5 Best Books for Bug Bounty Hunting- My Personal Favouriteshttps://medium.com/@Ajakcybersecurity/top-5-best-books-for-bug-bounty-hunting-my-personal-favourites-ec416ab4ea25?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, hacking, money, bug-bounty, blog06-Jan-2024
HackerOne or BugCrowd or VDP? How To Choose your Bug Bounty Program?https://medium.com/@Ajakcybersecurity/hackerone-or-bugcrowd-or-vdp-how-to-choose-your-bug-bounty-program-c4a4d202397c?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, hackerone, blog, penetration-testing, ethical-hacking06-Jan-2024
How I Cracked CEH Within 6 Months Only With Free Resources.https://medium.com/@Ajakcybersecurity/how-i-cracked-ceh-within-6-months-only-with-free-resources-c362d122ee01?source=rss------bug_bounty-5AjakCybersecurityhacking, bug-bounty, blog, ethical-hacking, certification06-Jan-2024
Bug Bounty Mistakes I Made in 2023, So that You Can Avoid in 2024https://medium.com/@Ajakcybersecurity/bug-bounty-mistakes-i-made-in-2023-so-that-you-can-avoid-in-2024-3737663807fc?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, hacking, ethical-hacking, cybersecurity, bug-bounty06-Jan-2024
Unveiling the Dangers of CWE-319: Clear Text Transmission of Sensitive Informationhttps://medium.com/@georgeppmc/unveiling-the-dangers-of-cwe-319-clear-text-transmission-of-sensitive-information-1ada2d1f4ca5?source=rss------bug_bounty-5George Torresbug-bounty06-Jan-2024
Gi7w0rm’s personal year review — 2023https://gi7w0rm.medium.com/gi7w0rms-personal-year-review-2023-f4726b46b604?source=rss------bug_bounty-5Gi7w0rmioc, bug-bounty, cybersecurity, infosec, 202306-Jan-2024
500$ Access Control Bug: Performed Restricted Actions in Developer Settings by low level user.https://medium.com/@a13h1/500-access-control-bug-performed-restricted-actions-in-developer-settings-by-low-level-user-b4ecaa6d1aa1?source=rss------bug_bounty-5Abhi Sharmaprogramming, bug-bounty, pentesting, access-control, cybersecurity06-Jan-2024
Best AI Tools For Cybersecurity in 2024https://medium.com/@paritoshblogs/best-ai-tools-for-cybersecurity-in-2024-9f9972919f1d?source=rss------bug_bounty-5Paritoshbug-bounty, hacking, networking, information-security, cybersecurity06-Jan-2024
The Art of Shodanhttps://astro0x00.medium.com/the-art-of-shodan-ee83bfa96105?source=rss------bug_bounty-5Mo2men Elmadybug-bounty, shodan, penetration-testing, cve, hacking06-Jan-2024
2.8 Lab: 2FA broken logic | 2024https://cyberw1ng.medium.com/2-8-lab-2fa-broken-logic-2024-30a843da98ca?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, careers, bug-bounty, security06-Jan-2024
The History Behind My First Bughttps://dropn0w.medium.com/the-history-behind-my-first-bug-539b913b9667?source=rss------bug_bounty-5dropbug-bounty-tips, hacking, bug-bounty, cybersecurity06-Jan-2024
The Story Behind My First Bughttps://dropn0w.medium.com/the-history-behind-my-first-bug-539b913b9667?source=rss------bug_bounty-5dropbug-bounty-tips, hacking, bug-bounty, cybersecurity06-Jan-2024
Ethical Hacking RoadMap 2024. A Complete Guide.https://medium.com/@testproxy027/ethical-hacking-roadmap-2024-a-complete-guide-74a7a09668af?source=rss------bug_bounty-5Ankit Hackercybersecurity, bug-bounty, hacking, ethical-hacking, medium05-Jan-2024
I received a Bank offer in my mailbox and discovered an IDOR vulnerability - $5,000 bounty - @bxmbnhttps://bxmbn.medium.com/i-received-a-bank-offer-in-my-mailbox-and-discovered-an-idor-vulnerability-5-000-bounty-bxmbn-5209cab1fba8?source=rss------bug_bounty-5bomboncybersecurity, idor, bug-bounty05-Jan-2024
How I Prevented a Mass Data Breach - $15,000 bounty - @bxmbnhttps://bxmbn.medium.com/how-i-prevented-a-mass-data-breach-15-000-bounty-bxmbn-1096e6400e3d?source=rss------bug_bounty-5bombonbug-bounty, data-breach, idor, cybersecurity05-Jan-2024
Cybersecurity Roadmap: 2024https://hackerassociate.medium.com/cybersecurity-roadmap-2024-ea3586fea603?source=rss------bug_bounty-5Harshad Shahinfosec, cybersecurity, penetration-testing, bug-bounty, hacking05-Jan-2024
How to Earn Money as a Digital Forensics Investigatorhttps://medium.com/@moneyiseasybro/how-to-earn-money-as-a-digital-forensics-investigator-dae9723ebb10?source=rss------bug_bounty-5How to Earnethical-hacking, cybersecurity, finance, money, bug-bounty05-Jan-2024
How Celebrities Social media accounts get hacked in real time?https://medium.com/@Ajakcybersecurity/how-celebrities-social-media-accounts-get-hacked-in-real-time-4ccb37ac0763?source=rss------bug_bounty-5AjakCybersecurityphishing, ethical-hacking, cybersecurity, digital-forensics, bug-bounty05-Jan-2024
How to Become a Successful Bug Bounty Hunter in 2024?https://medium.com/@Ajakcybersecurity/how-to-become-a-successful-bug-bounty-hunter-in-2024-3171b782b585?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, ethical-hacking, blog, cybersecurity, hacking05-Jan-2024
Listed in Top 15 Researchers in NCIIPC Indiahttps://devanshchauhan4565.medium.com/listed-in-top-15-researchers-in-nciipc-india-4143da2d75e9?source=rss------bug_bounty-5Devansh chauhantop-10, bug-bounty, internet, vulnerability, india05-Jan-2024
Privilege Escalation Using SCIM Provisioninghttps://ronak-9889.medium.com/privilege-escalation-using-scim-provisioning-ca61ed9606bd?source=rss------bug_bounty-5Ronak Patelbug-bounty, information-security, privilege-escalation, access-control, cybersecurity05-Jan-2024
Website Hacking, Penetration Testing & Bug Bounty Hunting Resources full coursehttps://thehackertools9.medium.com/website-hacking-penetration-testing-bug-bounty-hunting-resources-full-course-0010c0603bd9?source=rss------bug_bounty-5TheHackerLifebug-bounty-tips, bug-bounty, website-hacking, hacking-tools, ethical-hacking-tools05-Jan-2024
2.7 Lab: Username enumeration via account lock | 2024https://cyberw1ng.medium.com/2-7-lab-username-enumeration-via-account-lock-2024-9ae1d7eef4a6?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, hacking, bug-bounty, cybersecurity, careers05-Jan-2024
My first bugs in 2024https://medium.com/@el-cezeri/my-first-bugs-in-2024-82ea4e9de718?source=rss------bug_bounty-5Samet Yiğitödülavcılığı, bug-bounty, bug-bounty-tips05-Jan-2024
Vulnerable WordPress December 2023 (Shahriar)https://medium.com/@onhexgroup/vulnerable-wordpress-december-2023-shahriar-16277c1cd3b8?source=rss------bug_bounty-5Onhexgroupwordpress-security, wordpress-plugins, infosec, bug-bounty, wordpress05-Jan-2024
Exploring “Jok3r”: A Powerful Network/Host Reconnaissance and Enumeration Tool.https://sh1vv1.medium.com/exploring-jok3r-a-powerful-network-host-reconnaissance-and-enumeration-tool-43b524c580f0?source=rss------bug_bounty-5Hesham Ahmedtips-and-tricks, tools, penetration-testing, bug-bounty, bug-hunting05-Jan-2024
Web Security Academy — API Security Testing Walkthroughhttps://iaraoz.medium.com/web-security-academy-api-security-testing-walkthrough-11019ed93eae?source=rss------bug_bounty-5Israel Aráoz Severicheapi, bug-bounty, web, hacking, portswigger-lab05-Jan-2024
9 Subtle Tricks To Make Your Cybersecurity Skills Much Betterhttps://medium.com/@paritoshblogs/9-subtle-tricks-to-make-your-cybersecurity-skills-much-better-4f7e48b3fd57?source=rss------bug_bounty-5Paritoshbug-bounty, ai, cybersecurity, programming, hacking04-Jan-2024
Exploring Application Security with SAST, DAST, SCA, and IASThttps://securitycipher.medium.com/exploring-application-security-with-sast-dast-sca-and-iast-95b27043d9fd?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)security, bug-bounty, hacking, technology, cybersecurity04-Jan-2024
How do i bypass waf for xss in input tag?https://medium.com/@lyltvip/how-do-i-bypass-waf-for-xss-in-input-tag-2adcdc1b7e25?source=rss------bug_bounty-5lanyibug-bounty-tips, hacking, xss-vulnerability, xss-attack, bug-bounty04-Jan-2024
CORS Crossfire: An iCSI CTFhttps://medium.com/@josh.beck2006/cors-crossfire-an-icsi-ctf-35a73f700207?source=rss------bug_bounty-5Josh Beckcybersecurity, penetration-testing, ctf-writeup, bug-bounty04-Jan-2024
2.6 Lab: Broken brute-force protection, IP block | 2024https://cyberw1ng.medium.com/2-6-lab-broken-brute-force-protection-ip-block-2024-8057a53b999a?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, bug-bounty, careers, cybersecurity, hacking04-Jan-2024
Account Takeover? $4 and a click, please.https://swehtpantz.medium.com/account-takeover-4-and-a-click-please-454c035aa3b6?source=rss------bug_bounty-5Swehtpantzhacking, pentesting, ethical-hacking, bug-bounty, bug-bounty-tips04-Jan-2024
Bug Bountyhttps://medium.com/@montymahapatra79/bug-bounty-02310f6d39f9?source=rss------bug_bounty-5Montymahapatrabug-bounty-tips, bug-bounty-hunter, bug-bounty04-Jan-2024
Ethical Hacking RoadMap 2024. A Complete Guide.https://ajaksecurities.medium.com/ethical-hacking-roadmap-2024-a-complete-guide-23b23262b1b8?source=rss------bug_bounty-5Ajak Cyber Securityethical-hacking, hacking, bug-bounty, medium, cybersecurity04-Jan-2024
How to Become a Successful Bug Bounty Hunter in 2024?https://ajaksecurities.medium.com/how-to-become-a-successful-bug-bounty-hunter-in-2024-106f576b03e2?source=rss------bug_bounty-5Ajak Cyber Securityethical-hacking, hacking, bug-bounty, cybersecurity, medium04-Jan-2024
Essential Gadgets for Bug Bounty Hunters: Enhancing Your Cybersecurity Arsenalhttps://securitylit.medium.com/essential-gadgets-for-bug-bounty-hunters-enhancing-your-cybersecurity-arsenal-40173ec2945f?source=rss------bug_bounty-5Security Lit Limitedgadgets, cybersecurity, bug-bounty, vulnerability04-Jan-2024
OpenBounty, phương pháp tiếp cận mới của Shentu trong Hệ sinh thái bảo mậthttps://shentuchain.medium.com/openbounty-ph%C6%B0%C6%A1ng-ph%C3%A1p-ti%E1%BA%BFp-c%E1%BA%ADn-m%E1%BB%9Bi-c%E1%BB%A7a-shentu-trong-h%E1%BB%87-sinh-th%C3%A1i-b%E1%BA%A3o-m%E1%BA%ADt-bc52f8fd13ff?source=rss------bug_bounty-5Shentu Chainbug-bounty, bounty-program, web3, bounty-hunter, cybersecurity03-Jan-2024
GooFuzz: A Fuzzing Tool with an OSINT Approachhttps://medium.com/@cuncis/goofuzz-a-fuzzing-tool-with-an-osint-approach-306fe481824f?source=rss------bug_bounty-5Cuncisbug-bounty, penetration-test, google-dork, penetration-testing, osint03-Jan-2024
How to Correctly setup Android Penetration Testing on a MacBookhttps://infosecwriteups.com/how-to-correctly-setup-android-penetration-testing-on-a-macbook-659f244f84c8?source=rss------bug_bounty-5Supun Halangoda (Suppa)bug-bounty, penetration-testing, mobile-penetration-test, macbook-pro, android-pentesting03-Jan-2024
LoveTok | HackTheBox web challenge Writeuphttps://gxbnt.medium.com/lovetok-hackthebox-web-challenge-writeup-e3b99967c3b7?source=rss------bug_bounty-5Bishal - #GxbNthackthebox-writeup, oscp, web, offensive-security, bug-bounty03-Jan-2024
A Guide on Crafting Robust Invariants with Echidnahttps://medium.com/coinmonks/a-guide-on-crafting-robust-invariants-with-echidna-fc980d8e2c0c?source=rss------bug_bounty-5Chirag Agrawalbug-bounty, smart-contracts, cybersecurity, cryptocurrency, security03-Jan-2024
Found reflected xss on a real targethttps://medium.com/@jeetpal2007/found-reflected-xss-on-a-real-target-30b80b2f53e4?source=rss------bug_bounty-5JEETPALrxss, xs, bugs, bug-bounty03-Jan-2024
My Bug Bounty Write Ups (Part-1)https://karthikeyamade.medium.com/my-bug-bounty-write-ups-part-1-63ed3e788873?source=rss------bug_bounty-5Karthikeya Saibug-bounty-tips, bug-bounty03-Jan-2024
My First Bug Bounty: Lessons Learned and Money Earnedhttps://medium.com/@georgeppmc/my-first-bug-bounty-lessons-learned-and-money-earned-d6fc31744621?source=rss------bug_bounty-5George Torresbug-bounty-tips, bug-hunting, bug-bounty-writeup, bug-bounty, hackerone03-Jan-2024
Comparing CVE & CWE : Understanding Security Vulnerabilitieshttps://medium.com/@zouhairelgarouni/comparing-cve-cwe-understanding-security-vulnerabilities-84442ab1e0e7?source=rss------bug_bounty-5ZOUHAIR EL GAROUNIvulnerability, vulnerability-management, cyber-security-awareness, cybersecurity, bug-bounty03-Jan-2024
you need to learn linux RIGHT NOW!!https://medium.com/@paritoshblogs/you-need-to-learn-linux-right-now-7239f4dcc1c6?source=rss------bug_bounty-5Paritoshhacking, cybersecurity, linux, programming, bug-bounty02-Jan-2024
Bug Bounty Hunting | Reconnaissance | Subdomain Enumerationhttps://me-ankeet.medium.com/bug-bounty-hunting-reconnaissance-subdomain-enumeration-854d880c3406?source=rss------bug_bounty-5Ankeetbug-bounty, hacking, information-security, cybersecurity, bug-bounty-tips02-Jan-2024
How .git folder can be exploited to access sensitive datahttps://satyasai1460.medium.com/how-git-folder-can-be-exploited-to-access-sensitive-data-eb805c38fd6c?source=rss------bug_bounty-5Bala Naga Satya sai Devarapalliinformation-technology, cybersecurity, bug-bounty, bugs, bug-bounty-tips02-Jan-2024
From P5 to Payday $$$: Escalating Reflected XSS to Account Takeoverhttps://hasanka-amarasinghe.medium.com/from-p5-to-payday-escalating-reflected-xss-to-account-takeover-bc25a171a3d5?source=rss------bug_bounty-5Hasanka Amarasinghexss-attack, bug-bounty, cross-site-scripting, account-takeover, cybersecurity02-Jan-2024
Account Takeover on International Exchange — Bug Bounty Tuesdayhttps://medium.com/@kerstan/account-takeover-on-international-exchange-bug-bounty-tuesday-cf41a54bc4b7?source=rss------bug_bounty-5kerstancybersecurity, bug-bounty, technology, programming02-Jan-2024
The Lexer Markets security review storyhttps://medium.com/@mweiss.eth/the-lexer-markets-security-review-story-a812539d62db?source=rss------bug_bounty-50xWeisssecurity, audit, bug-bounty, smart-contracts02-Jan-2024
DOM XSS in document.write sink using source location.search inside a select elementhttps://medium.com/@marduk.i.am/dom-xss-in-document-write-sink-using-source-location-search-inside-a-select-element-0c47fc033bcf?source=rss------bug_bounty-5Marduk I Amportswigger-lab, dom-xss, cross-site-scripting, cybersecurity, bug-bounty02-Jan-2024
2.4 Lab: Username enumeration via subtly different responses | 2024https://cyberw1ng.medium.com/2-4-lab-username-enumeration-via-subtly-different-responses-2024-eb37130d41a8?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, hacking, cybersecurity, security02-Jan-2024
Stealing private messages using XSS on subdomainhttps://medium.com/@shcyber/stealing-private-messages-using-xss-on-subdomain-97f0304b132f?source=rss------bug_bounty-5SHCyberwebsocket, csrf, bug-bounty, xss-attack, hacking02-Jan-2024
From Disclosure to High Severity: Leveraging Dyte API Key for Maximum Impacthttps://padsalatushal.medium.com/from-disclosure-to-high-severity-leveraging-dyte-api-key-for-maximum-impact-468c444963c6?source=rss------bug_bounty-5Padsala Tushalapi-security, cybersecurity, bug-bounty-tips, infosec, bug-bounty02-Jan-2024
SQL Injection (SQLi): WWWWWH?https://medium.com/@rcxsecurity/sql-injection-sqli-wwwwwh-d847972b3e45?source=rss------bug_bounty-5RCXSecuritysql-injection, bug-bounty, information-security, penetration-testing, cybersecurity01-Jan-2024
How Do I Get Root Access on a Linux Serverhttps://systemweakness.com/how-do-i-get-root-access-on-a-linux-server-874d29015305?source=rss------bug_bounty-5RyuuKhagetsubug-bounty, infosec, web-application-security, pentesting, bug-bounty-writeup01-Jan-2024
Understanding the MITRE ATT&CK Framework: A Comprehensive Overviewhttps://medium.com/@paritoshblogs/understanding-the-mitre-att-ck-framework-a-comprehensive-overview-c1499d195da0?source=rss------bug_bounty-5Paritoshmitre-attack, ai, hacking, bug-bounty, cybersecurity01-Jan-2024
Reflected XSS into a JavaScript string with angle brackets HTML encodedhttps://medium.com/@marduk.i.am/reflected-xss-into-a-javascript-string-with-angle-brackets-html-encoded-c9e2ed86f489?source=rss------bug_bounty-5Marduk I Ambug-bounty, reflected-xss, portswigger-lab, cross-site-scripting, cybersecurity01-Jan-2024
Automating GitHub Recon for Sensitive Information Discoveryhttps://medium.com/@paxnull/automating-github-recon-for-sensitive-information-discovery-c96b677857cf?source=rss------bug_bounty-5paxnullbug-bounty, bug-bounty-writeup, automation-tools, reconnaissance, bug-bounty-tips01-Jan-2024
The power of Client-Side Path Traversal: How I found and escalated 2 bugs through “../”https://medium.com/@Nightbloodz/the-power-of-client-side-path-traversal-how-i-found-and-escalated-2-bugs-through-670338afc90f?source=rss------bug_bounty-5Alvaro Baladabug-bounty-tips, info-sec-writeups, bug-bounty-writeup, cybersecurity, bug-bounty01-Jan-2024
1.18 Lab: SQL injection attack, listing the database contents on Oracle | 2024https://cyberw1ng.medium.com/1-18-lab-sql-injection-attack-listing-the-database-contents-on-oracle-2024-cec2a796740f?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, security, bug-bounty, careers, hacking01-Jan-2024
Another 4 Digit Bounty Story on Hackeronehttps://medium.com/@jai.lani9001/another-4-digit-bounty-story-on-hackerone-58dba8c19818?source=rss------bug_bounty-5Jai Lanibug-bounty01-Jan-2024
CVE-2023–34635: UNIBOX 3.0/3.1 SQL Injection login bypasshttps://medium.com/@davidkarpinski1/cve-2023-34635-unibox-3-0-3-1-sql-injection-login-bypass-fc33004e70c0?source=rss------bug_bounty-5David Eduardo Karpinskibug-bounty, sql-login, unibox, sqli, login-bypass01-Jan-2024
Exploring the Depths: DNS Wildcard and Subdomain Takhttps://alvinbijo.medium.com/exploring-the-depths-dns-wildcard-and-subdomain-tak-6deed7aebcb1?source=rss------bug_bounty-5Alvin bijobug-bounty, bugbounty-writeup01-Jan-2024
Bug Zero at a Glance [01–15 December]https://blog.bugzero.io/bug-zero-at-a-glance-01-15-december-cdb358653f8e?source=rss------bug_bounty-5Januka Dharmapriyacybersecurity, sri-lanka, bug-bounty, bug-zero, newsletter31-Dec-2023
Uncovering LFI Attack ‍https://medium.com/@cyberkarthi/uncovering-ssrf-attack-12064069205f?source=rss------bug_bounty-5Karthikeyan Cethical-hacking, pentesting, bug-bounty, bugbounty-writeup31-Dec-2023
I hate Hackerone / X Website Vulnerability — Bug Bounty Hunterhttps://medium.com/@batuhanaydinn/i-hate-hackerone-x-website-vulnerability-bug-bounty-hunter-3e43a7e0bc80?source=rss------bug_bounty-5Batuhan Aydınhacking, hackerone, bug-bounty, penetration-testing, hacker31-Dec-2023
1.17 Lab: SQL injection attack, listing the database contents on non-Oracle databases | 2023https://systemweakness.com/1-17-lab-sql-injection-attack-listing-the-database-contents-on-non-oracle-databases-2023-2026162bf6ef?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, hacking, security, careers31-Dec-2023
DNS-Related Attacks and Exampleshttps://medium.com/@paritoshblogs/dns-related-attacks-and-examples-fee4da0cc2d6?source=rss------bug_bounty-5Paritoshdns, cybersecurity, bug-bounty, hacking, programming31-Dec-2023
How I hacked India’s top company database.https://medium.com/@sritharcyber/how-i-hacked-indias-top-company-database-d66b9fc49cb0?source=rss------bug_bounty-5Srithar Cybersqli, pentest, recent, hacked, bug-bounty31-Dec-2023
Simple Subdomain Takeoverhttps://infosecwriteups.com/simple-subdomain-takeover-15129e19bbb4?source=rss------bug_bounty-5hackerdevilvulnerability-assessment, bug-bounty, bug-bounty-writeup, bug-bounty-tips, web-app-security31-Dec-2023
Master Subdomain HUNTING | Art of finding Hidden Assetshttps://yashh2.medium.com/master-subdomain-hunting-art-of-finding-hidden-assets-3351b3c8467a?source=rss------bug_bounty-5ʏᴀꜱʜʜcybersecurity, infosec, bug-bounty, bug-bounty-tips, hacking30-Dec-2023
Woowow Bug Bounty Campaignhttps://medium.com/@woowow/woowow-bug-bounty-campaign-569e7b7868f3?source=rss------bug_bounty-5Woowowqitmeerecosystem, bounty-campaign, marketplaces, woowow, bug-bounty30-Dec-2023
How i Hacked My First Target using GooGle Dorkinghttps://mrunknown124154.medium.com/how-i-hacked-my-first-target-using-google-dorking-43cb999ad8db?source=rss------bug_bounty-5Mr Abdullahsql-injection, google-dorking, bug-bounty, hacking, sql-injection-attack30-Dec-2023
417$ Simple IDOR: Unauthorized Contact Details Modificationhttps://medium.com/@a13h1/417-simple-idor-unauthorized-contact-details-modification-92e8211439e4?source=rss------bug_bounty-5Abhi Sharmaprogramming, cybersecurity, hacking, bug-bounty, idor30-Dec-2023
Sudomain Takeover via Shopify(Easy Bounty $$$$)https://medium.com/@paxnull/sudomain-takeover-via-shopify-easy-bounty-300f839aa15d?source=rss------bug_bounty-5paxnullbug-bounty, tips, bug-bounty-tips, subdomain-takeover, bug-bounty-writeup30-Dec-2023
XSS deep dive P1 (theory)(publish early,please waiting for 2 days to read)https://medium.com/@nguhuynh.148/xss-deep-dive-p1-theory-637af86f335d?source=rss------bug_bounty-5Nguhuynhxss-vulnerability, xss-attack, xss-bypass, bug-bounty30-Dec-2023
Stored XSS into anchor href attribute with double quotes HTML-encodedhttps://medium.com/@marduk.i.am/stored-xss-into-anchor-href-attribute-with-double-quotes-html-encoded-1f88ba0b990f?source=rss------bug_bounty-5Marduk I Amstored-xss, bug-bounty, cybersecurity, cross-site-scripting, portswigger-lab30-Dec-2023
1.16 Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft |…https://cyberw1ng.medium.com/1-16-lab-sql-injection-attack-querying-the-database-type-and-version-on-mysql-and-microsoft-5f2785ebb06f?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, cybersecurity, bug-bounty, hacking, careers30-Dec-2023
HTTPX Troubleshooting Issuehttps://infosecwriteups.com/httpx-troubleshooting-issue-38b61549126b?source=rss------bug_bounty-5Jarred Longoriabug-bounty, linux, troubleshooting, help, httpx30-Dec-2023
From Google Dorking to Unauthorized AWS Account Access and Account Takeoverhttps://medium.com/@ar_hawk/from-google-dorking-to-unauthorized-aws-account-access-and-account-takeover-89eb2b9d284f?source=rss------bug_bounty-5Aayush Vishnoissrf, bug-bounty-tips, bug-bounty30-Dec-2023
Reflected XSS into attribute with angle brackets HTML-encodedhttps://medium.com/@marduk.i.am/reflected-xss-into-attribute-with-angle-brackets-html-encoded-986d943b3fd2?source=rss------bug_bounty-5Marduk I Amportswigger-lab, cybersecurity, bug-bounty, cross-site-scripting, xss-vulnerability29-Dec-2023
Beyond Search Queries: Bug Bounty Hunting with Dorkzhttps://medium.com/@paxnull/beyond-search-queries-bug-bounty-hunting-with-dorkz-850cfa8c3ddc?source=rss------bug_bounty-5paxnulltips, dorking, recon, bug-bounty-tips, bug-bounty29-Dec-2023
Behind the Firewall: My First Valid Bug — Exposing Security Flaw in a multi-dollar Financial and…https://medium.com/@MohaseenK/behind-the-firewall-my-first-valid-bug-exposing-security-flaw-in-a-multi-dollar-financial-and-ff56e7bc4589?source=rss------bug_bounty-5Mohaseenpentesting, bug-bounty, rate-limiting, hackerone, bugcrowd29-Dec-2023
How to find unprotected databases with Netlas.io?https://netlas.medium.com/how-to-find-unprotected-databases-with-netlas-io-2bf186e9fc2d?source=rss------bug_bounty-5Netlas.ioosint, penetration-testing, bug-bounty, osint-investigation, cybersecurity29-Dec-2023
1.15 Lab: SQL injection attack, querying the database type and version on Oracle | 2023https://cyberw1ng.medium.com/1-15-lab-sql-injection-attack-querying-the-database-type-and-version-on-oracle-2023-cd4118eb604d?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, bug-bounty, careers, hacking, cybersecurity29-Dec-2023
KisMAC is a free, open source wireless stumbling and security tool for Mac OS Xhttps://medium.com/@dineshpathro593/kismac-is-a-free-open-source-wireless-stumbling-and-security-tool-for-mac-os-x-03746fdea831?source=rss------bug_bounty-5Dineshpathrobugs, bug-bounty, bug-bounty-tips, hacking, hackin29-Dec-2023
OTP-Bot Tool CLICK HEREhttps://medium.com/@dineshpathro593/otp-bot-tool-click-here-7f3ee559ca21?source=rss------bug_bounty-5Dineshpathrobug-bounty-tips, hacking-tools, bug-bounty, hacking, bugs29-Dec-2023
Recon Tools For Web Applicationhttps://medium.com/@dineshpathro593/recon-tools-for-web-application-714af64e7d07?source=rss------bug_bounty-5Dineshpathrohacking, hacker, bug-bounty, bug-bounty-tips, hackathons29-Dec-2023
200 Materials of CyberSecurity in PDFshttps://medium.com/@dineshpathro593/200-materials-of-cybersecurity-in-pdfs-e7a942123be5?source=rss------bug_bounty-5Dineshpathrocybersecurity, hackathons, bug-bounty, hacking, bug-bounty-tips29-Dec-2023
Bug Bounty: The road to my first $1000 through hacking public websiteshttps://swehtpantz.medium.com/bug-bounty-the-road-to-my-first-1000-through-hacking-public-websites-a0e2aa1b7271?source=rss------bug_bounty-5Swehtpantzethical-hacking, bug-bounty, bug-bounty-tips, hacking, bugbounty-writeup28-Dec-2023
HackTheBox(HTB) Writeup — Nodehttps://medium.com/@harman.preet.singh3738/hackthebox-htb-writeup-node-5600a442e393?source=rss------bug_bounty-5Harmanpreet Singhpenetration-testing, bug-bounty, tryhackme, ethical-hacking, hackthebox28-Dec-2023
️ Protect Yourself: The Power of OPSEChttps://medium.com/@teckgamer07/%EF%B8%8F-protect-yourself-the-power-of-opsec-17a7ec256427?source=rss------bug_bounty-5Macmelterbugsbounty, hacking, bug-bounty, cybersecurity28-Dec-2023
Multiple RXSShttps://medium.com/@0xchoudhary/multiple-rxss-f3f796287f34?source=rss------bug_bounty-5Sushil Choudharybounty-hunter, xss-attack, bug-bounty-tips, bug-bounty, hackerone28-Dec-2023
Stored XSS via File upload(using svg file)https://medium.com/@paxnull/stored-xss-via-file-upload-using-svg-file-c1e2a33ed8a8?source=rss------bug_bounty-5paxnullbug-bounty, tips, bugbounty-tips, xss-vulnerability, hacking28-Dec-2023
Authorization problemhttps://medium.com/@nguhuynh.148/authorization-problem-2bb053c215cd?source=rss------bug_bounty-5Nguhuynhbroken-access-control, hacking, bug-bounty, hacks, bug-bounty-tips28-Dec-2023
CVE-2023–51356: ARMember <= 4.0.10 — Authenticated Privilege Escalationhttps://revan-ar.medium.com/cve-2023-51356-armember-4-0-10-authenticated-privilege-escalation-7e0c7fbe5a79?source=rss------bug_bounty-5Revan Abug-bounty, privilege-escalation, wordpress-plugins, penetration-testing28-Dec-2023
1.14 Lab: SQL injection with filter bypass via XML encoding | 2023https://cyberw1ng.medium.com/1-14-lab-sql-injection-with-filter-bypass-via-xml-encoding-2023-9794dc7bf9f4?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, bug-bounty, penetration-testing, hacking28-Dec-2023
How I made 7K on Epic Games Bug Bountyhttps://medium.com/@synapticspace/how-i-made-7k-on-epic-games-bug-bounty-8529728b9fcf?source=rss------bug_bounty-5SynapticSpacebug-bounty-writeup, hacking, bug-bounty, bug-bounty-tips28-Dec-2023
How I made 7K on Epic Games Bug Bountyhttps://infosecwriteups.com/how-i-made-7k-on-epic-games-bug-bounty-8529728b9fcf?source=rss------bug_bounty-5SynapticSpacebug-bounty-writeup, hacking, bug-bounty, bug-bounty-tips28-Dec-2023
DOM XSS in jQuery selector sink using a hashchange eventhttps://medium.com/@marduk.i.am/dom-xss-in-jquery-selector-sink-using-a-hashchange-event-bb3c355b3633?source=rss------bug_bounty-5Marduk I Amportswigger-lab, bug-bounty, dom-xss, cybersecurity, cross-site-scripting27-Dec-2023
Amass: New Config File Updatehttps://hackerassociate.medium.com/amass-new-config-file-update-e95d09b6eb70?source=rss------bug_bounty-5Harshad Shahpenetration-testing, cybersecurity, infosec, hacking, bug-bounty27-Dec-2023
DOM XSS on Hackerone Programs — Bug Bounty Tuesdayhttps://medium.com/@kerstan/dom-xss-on-hackerone-programs-bug-bounty-tuesday-8973ecf6af95?source=rss------bug_bounty-5kerstanxss-attack, security, cybersecurity, technology, bug-bounty27-Dec-2023
1.13 Lab: Blind SQL injection with out-of-band data exfiltration | 2023https://cyberw1ng.medium.com/1-13-lab-blind-sql-injection-with-out-of-band-data-exfiltration-2023-f83a1448b685?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, cybersecurity, hacking, careers27-Dec-2023
“Crucial Bug Bounty Hacks: Habits with Enduring Benefits”https://medium.com/@paxnull/secrets-of-the-hunter-pro-tips-for-effective-bug-bounty-hunting-1a261df4444d?source=rss------bug_bounty-5paxnulltips, learning, programming, bugbounty-tips, bug-bounty27-Dec-2023
Inside the Digital Vault: How I Unearthed PII Goldmine — Exposing 15K GST Users’ Information in a…https://medium.com/@MohaseenK/inside-the-digital-vault-how-i-unearthed-pii-goldmine-exposing-15k-gst-users-information-in-a-38c3105889ea?source=rss------bug_bounty-5Mohaseenbug-bounty, hackerone, bugcrowd, information-disclosure, indian-government27-Dec-2023
How Does DNS Work and What is DNS Poisoning?https://medium.com/@bcanote/how-does-dns-work-and-what-is-dns-poisoning-4c187fb3f2b0?source=rss------bug_bounty-5bcanotecybersecurity, hacking, dns, dns-poisoning, bug-bounty27-Dec-2023
URL Redirection To DOM XSS on Hackerone Programs -Bug Bounty Tuesdayhttps://medium.com/@kerstan/dom-xss-on-hackerone-programs-bug-bounty-tuesday-8973ecf6af95?source=rss------bug_bounty-5kerstanxss-attack, security, cybersecurity, technology, bug-bounty27-Dec-2023
Mastering Bug Bounty: Your Ultimate Guide to Cybersecurity Successhttps://medium.com/@umidcyber.s/mastering-bug-bounty-your-ultimate-guide-to-cybersecurity-success-82dc9b30fc02?source=rss------bug_bounty-5Umid Mammadovbug-bounty-tips, tools, bug-bounty, information-technology, bugs26-Dec-2023
Deep Dive Into XSShttps://medium.com/@kavish2002ev3/deep-dive-into-xss-8420ddccc73b?source=rss------bug_bounty-5kavish shahxss-vulnerability, web-application-security, bug-bounty26-Dec-2023
The Tale Of Insecure Deserialization: A Journey From Serialization To Exploitationhttps://medium.com/@kavish2002ev3/the-tale-of-insecure-deserialization-a-journey-from-serialization-to-exploitation-47400a4c9093?source=rss------bug_bounty-5kavish shahctf-writeup, web-application-security, insecure-deserialization, bug-bounty26-Dec-2023
Portswigger Labs — CSRFhttps://medium.com/@rynnnn617/portswigger-labs-csrf-10b496d6580c?source=rss------bug_bounty-5Ry4nnnnbug-bounty, portswigger-lab, csrf, burpsuite26-Dec-2023
1.12 Lab: Blind SQL injection with out-of-band interaction | 2023https://infosecwriteups.com/1-12-lab-blind-sql-injection-with-out-of-band-interaction-2023-db12e3b10118?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, cybersecurity, hacking26-Dec-2023
Navigating Tree-Sitter Queries with jsluice for JavaScript File Analysishttps://lopseg.medium.com/navigating-tree-sitter-queries-with-jsluice-for-javascript-file-analysis-061b7cb4ea9d?source=rss------bug_bounty-5Lopsegbug-bounty-tips, bug-bounty, cybersecurity, bug-bounty-writeup, javascript26-Dec-2023
Portswigger Labs — CSRFhttps://medium.com/@ry4nnnn/portswigger-labs-csrf-10b496d6580c?source=rss------bug_bounty-5Ry4nnnnbug-bounty, portswigger-lab, csrf, burpsuite26-Dec-2023
Account takeover vulnerability that resulted in $2500 bounty!https://medium.com/@deadoverflow/account-takeover-vulnerability-that-resulted-in-2500-bounty-e1618363878d?source=rss------bug_bounty-5Imad Husanovicbug-bounty, hacking, bug-bounty-tips, cybersecurity, bug-hunting25-Dec-2023
Content Spoofing & Parameter Injectionhttps://codingninjablogs.tech/content-spoofing-parameter-injection-0861bfd146d4?source=rss------bug_bounty-5#!/Subhankarinjection-attacks, web-pen-testing, bug-bounty, spoofing25-Dec-2023
Top 3 Password Cracking Toolshttps://medium.com/@UsmanAtif/top-3-password-cracking-tools-18801fbdcdae?source=rss------bug_bounty-5Muhammad Usman Atifhacking, cybersecurity, passwords, bug-bounty, penetration-testing25-Dec-2023
Hackers Target Bug Bounty Hunters with Blackmail Emailshttps://rishikadesai.medium.com/hackers-target-bug-bounty-hunters-with-blackmail-emails-421cf57fe4a7?source=rss------bug_bounty-5Rishika Desaithreat-intelligence, threat-research, bug-bounty, cyber-security-awareness, cybersecurity25-Dec-2023
What is LFI (Local File Inclusion) Vulnerability ?https://medium.com/@errorfiathck/what-is-lfi-local-file-inclusion-vulnerability-c9372e25e389?source=rss------bug_bounty-5Errorfiathckpentesting, lfi, vulnerability, bug-bounty, pentest25-Dec-2023
Legacy of EternalBluehttps://medium.com/@akshadjoshi/legacy-of-eternalblue-de4d643e8f36?source=rss------bug_bounty-5Akshad Joshieternalblue, hackthebox, pentesting, bug-bounty, hacking24-Dec-2023
Hackeando GraphQL: Introducciónhttps://medium.com/@soyelmago/hackeando-graphql-introducci%C3%B3n-1537af763d0c?source=rss------bug_bounty-5Alan Brian @soyelmagographql, bug-bounty, information-security, pentesting, hacking24-Dec-2023
Ceklis Web Pentesting Untuk Pemula — Registration Feature Testinghttps://riodrwn.medium.com/ceklis-web-pentesting-untuk-pemula-registration-feature-testing-aceb545b587c?source=rss------bug_bounty-5Rio Darmawanbug-bounty-writeup, bug-bounty, pentesting, bugbounty-writeup, web-penetration-testing23-Dec-2023
The Crucial Role of Threat Intelligence Sharing in Cybersecurityhttps://medium.com/@paritoshblogs/the-crucial-role-of-threat-intelligence-sharing-in-cybersecurity-cd4be0b53a86?source=rss------bug_bounty-5Paritoshprogramming, hacking, threat-intelligence, cybersecurity, bug-bounty23-Dec-2023
The Evolving Role of a SOC Analysthttps://medium.com/@paritoshblogs/the-evolving-role-of-a-soc-analyst-c82e3e515558?source=rss------bug_bounty-5Paritoshinformation-security, cybersecurity, hacking, bug-bounty, soc-analyst23-Dec-2023
Out-of-Scope, Not Out-of-Impact: Unveiling Significant Sensitive Information Disclosurehttps://padsalatushal.medium.com/out-of-scope-not-out-of-impact-unveiling-significant-sensitive-information-disclosure-c8e76c1806e8?source=rss------bug_bounty-5Padsala Tushalcybersecurity, bug-bounty, bug-bounty-tips, infosec, information-disclosure23-Dec-2023
Hack Story: Unveiling Security Flaws in a Government Portalhttps://medium.com/@sahadmk/hack-story-unveiling-security-flaws-in-a-government-portal-995217f877c3?source=rss------bug_bounty-5Sahad Mkbug-bounty, javascript, pentesting, vulnerability, hacking23-Dec-2023
The ART of Chaining Vulnerabilitieshttps://ahmdhalabi.medium.com/the-art-of-chaining-vulnerabilities-e65382b7c627?source=rss------bug_bounty-5Ahmad Halabiethical-hacking, hacking, intelligence, hacker, bug-bounty23-Dec-2023
Hacking Communityhttps://medium.com/@mrunknown124154/hacking-community-ab774827006d?source=rss------bug_bounty-5Mrunknownbug-bounty, ethical-hacking, hacking23-Dec-2023
DoS’ing Zsecurityhttps://medium.com/@24bkdoor/dosing-zsecurity-a4cb99396935?source=rss------bug_bounty-524BkDoorbug-bounty, ethical-hacking, hacking, web-development, cybersecurity22-Dec-2023
Securing the Future: Enhancing the Safety of Compound Protocolhttps://medium.com/@topcrypto00/securing-the-future-enhancing-the-safety-of-compound-protocol-940498c78d68?source=rss------bug_bounty-5Top Cryptobug-bounty, bug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, compound-protocol22-Dec-2023
He stored your password in Cookiehttps://medium.com/@fixthis1000time/he-stored-your-password-in-cookie-5a6d0478e570?source=rss------bug_bounty-5fixthi$hacking, bug-bounty, ethical-hacking22-Dec-2023
How I was able to buy 2500 Rs product for 18rs in E-Commerce Website?https://medium.com/@shubhamsonani/how-i-was-able-to-buy-2500-rs-product-for-18rs-in-e-commerce-website-ada4e91b5b91?source=rss------bug_bounty-5Shubham Sonanibug-bounty, hacking, bug-bounty-tips, vulnerability, cybersecurity22-Dec-2023
PJWT Certificationhttps://medium.com/@OmarAlkhowaiter/pjwt-certification-f4f7995d35f6?source=rss------bug_bounty-5Omar Alkhowaitercertification, bug-bounty, penetration-testing, cybersecurity, web-exploitation22-Dec-2023
Consentify hits Beta Test phase boosted by a Bug Bounty program!https://datalaketoken.medium.com/consentify-hits-beta-test-phase-boosted-by-a-bug-bounty-program-6b621eadd02b?source=rss------bug_bounty-5Data Lakehealthcare, desci, bug-bounty, data-lake, research22-Dec-2023
Ideas for Testing Checkouthttps://lopseg.medium.com/ideas-for-testing-checkout-eebe6148729d?source=rss------bug_bounty-5Lopsegbug-bounty-tips, infosec, hacking, bug-bounty22-Dec-2023
Beyond Simple Alerts: Techniques for Evading WAF and Achieving XSS Successhttps://lopseg.medium.com/beyond-simple-alerts-techniques-for-evading-waf-and-achieving-xss-success-4409a5bd2ee0?source=rss------bug_bounty-5Lopsegbug-bounty-tips, hacking, xss-attack, bug-bounty22-Dec-2023
He stored your password in Cookiehttps://medium.com/@fixthis1000time/he-stored-your-password-in-cookie-5a6d0478e570?source=rss------bug_bounty-5fixthi$hacking, bug-bounty, cybersecurity, infosec, ethical-hacking22-Dec-2023
5 Tips Web Fuzz You Should Knowhttps://medium.com/@kerstan/5-tips-web-fuzz-you-should-know-00ef6c59407d?source=rss------bug_bounty-5kerstanbug-bounty, hacking, bug-bounty-tips, security, cybersecurity21-Dec-2023
TryHackMe AoC 2023 Side Quest final thoughtshttps://medium.com/@boogsta/tryhackme-aoc-2023-side-quest-final-thoughts-afcb5880be33?source=rss------bug_bounty-5Boogstahacking, cyber, tryhackme, cybersecurity, bug-bounty21-Dec-2023
88MPH Vulnerability Exploit and Get Free Crypt0S $$$$$$https://medium.com/@vinaysati/88mph-vulnerability-exploit-and-get-free-crypt0s-a4d4a8328dc7?source=rss------bug_bounty-5Vinaysatibug-bounty, hacking, web3bug, bug-bounty-tips, web321-Dec-2023
The art of subdomain monitoringhttps://medium.com/@muhannadahmed042/the-art-of-subdomain-monitoring-da610a0f8031?source=rss------bug_bounty-5muhannad hazaacybersecurity, penetration-testing, bug-bounty, recon21-Dec-2023
A Business logic error in Google Dialogflow enables a developer to delete the agent directly from…https://medium.com/@krityamkarma858041/a-business-logic-error-in-google-dialogflow-enables-a-developer-to-delete-the-agent-directly-from-3a5bf2a07706?source=rss------bug_bounty-5Krityamkarmagoogle-vrp, bug-bounty, ethical-hacking, google, hacking21-Dec-2023
Privacy at Risk: EXIF Metadata Exposure in User-Uploaded Imageshttps://samshadow.medium.com/privacy-at-risk-exif-metadata-exposure-in-user-uploaded-images-c2481f876d03?source=rss------bug_bounty-5Sam Shadowbug-bounty, bug-bounty-tips, bug-bounty-writeup, infosec, vulnerability21-Dec-2023
Aspiring Bug Bounty Hunters’ New Year Goals Toolkithttps://sl4x0.medium.com/aspiring-bug-bounty-hunters-new-year-goals-toolkit-a156c96e9de7?source=rss------bug_bounty-5Abdelrhman Allam (sl4x0)bug-bounty, new-year, goals, mindset, success21-Dec-2023
How Can Artificial Intelligence Revolutionize Bug Bounty?https://medium.com/@zouhairelgarouni/how-can-artificial-intelligence-revolutionize-bug-bounty-664e7f5ed3dd?source=rss------bug_bounty-5ZOUHAIR EL GAROUNItechnology, cybersecurity, bug-bounty, artificial-intelligence, cyberattack21-Dec-2023
I made online store to pay for my orders and get me free refunds.https://medium.com/@shubhamsonani/i-made-online-store-to-pay-for-my-orders-and-get-me-free-refunds-6f4db5893c13?source=rss------bug_bounty-5Shubham Sonanibug-bounty-tips, cybersecurity, vulnerability, hacking, bug-bounty21-Dec-2023
5 Tips Web Fuzz You Should Knowhttps://medium.com/@kerstan/5-tips-web-fuzz-you-should-know-00ef6c59407d?source=rss------bug_bounty-5kerstantechnology, bug-bounty, hacking, security, cybersecurity21-Dec-2023
A list of 50 tools every hacker should knowhttps://thexssrat.medium.com/a-list-of-50-tools-every-hacker-should-know-df8d87cf4b58?source=rss------bug_bounty-5Thexssrathacking-tools, hacking, bug-bounty, ethical-hacking21-Dec-2023
Open Redirect Validation Bypass Leads To Account Take Over (ATO)https://medium.com/@ozomarzu/open-redirect-validation-bypass-leads-to-account-take-over-ato-5166b3416e3f?source=rss------bug_bounty-5CyberOzbug-hunting, bug-bounty, bug-bounty-tips, hacker, web-security21-Dec-2023
Code4rena Blue vs. Traditional Bug Bountieshttps://medium.com/code4rena/code4rena-blue-vs-traditional-bug-bounties-478f469057c9?source=rss------bug_bounty-5aramasbug-bounty, smart-contract-security, code4rena, code4rena-blue21-Dec-2023
A Very Basic Beginner Bug Bounty Methodologyhttps://thexssrat.medium.com/a-very-basic-beginner-bug-bounty-methodology-15eca16ca787?source=rss------bug_bounty-5Thexssrathacking, bug-bounty, ethical-hacking21-Dec-2023
Bug Bounty: Tips for Finding Your First Bug as a Beginnerhttps://graph33.medium.com/bug-bounty-tips-for-finding-your-first-bug-as-a-beginner-120f71c709cd?source=rss------bug_bounty-5GHS08bug-bounty, hacking, cracking, coding21-Dec-2023
How My 9-Month-Old Daughter Earned Over $1,000 in a Bug Bounty Programhttps://maxilect-company.medium.com/how-my-9-month-old-daughter-earned-over-1-000-in-a-bug-bounty-program-be9ba1d77cad?source=rss------bug_bounty-5Maxilectsamsun, bug-bounty-program, bug-bounty20-Dec-2023
This is how much I made in my first year as a Bug Bounty Hunter in 2023 — Graduation Bonus!https://medium.com/@avbhijitdutta99/this-is-how-much-i-made-in-my-first-year-as-a-bug-bounty-hunter-in-2023-graduation-bonus-b45875225c88?source=rss------bug_bounty-5Abhijit Duttabug-bounty-tips, bug-bounty-program, bug-bounty, bugbountychallenge, bug-bounty-writeup20-Dec-2023
DOM XSS in jQuery anchor href attribute sink using location.search sourcehttps://medium.com/@marduk.i.am/dom-xss-in-jquery-anchor-href-attribute-sink-using-location-search-source-b1000b4b16b3?source=rss------bug_bounty-5Marduk I Amcross-site-scripting, portswigger-lab, cybersecurity, bug-bounty, dom-xss20-Dec-2023
How I doubled the store wallet amount for free?https://medium.com/@shubhamsonani/how-i-doubled-the-store-wallet-amount-for-free-d7396c05a304?source=rss------bug_bounty-5Shubham Sonanibug-bounty-tips, hacking, bug-bounty, cybersecurity, web-application-testing20-Dec-2023
Top Burp Suite Extensions Used by Penetration Testershttps://medium.com/@bharatvarshney567/top-burp-suite-extensions-used-by-penetration-testers-fa90fe26816c?source=rss------bug_bounty-5Bharat Varshneyowasp, bug-bounty, security-testing, security-services, penetration-testing20-Dec-2023
How to earn with earn bug boutny part-2?https://medium.com/@ashutoshgiri133/how-to-earn-with-earn-bug-boutny-part-2-1dcfe1922a33?source=rss------bug_bounty-5Tech Blaze ごじょcoding, money, bug-bounty, business20-Dec-2023
“CVE-2023–43837: Two-Factor Authentication (x2FA) Bypass Vulnerability in Roundcube Webmail Plugin”https://medium.com/@ChandSingh/cve-2023-43837-two-factor-authentication-x2fa-bypass-vulnerability-in-roundcube-webmail-plugin-f2fef177187e?source=rss------bug_bounty-5Chand Singhcve, vulnerability, cybersecurity, bug-bounty, security20-Dec-2023
Web Security Diaryhttps://medium.com/@muratkabakk1/web-security-diary-4b2148326abe?source=rss------bug_bounty-5Murat Kbug-bounty, web-security20-Dec-2023
Introducing Code4rena Blue: More than just bug bountieshttps://medium.com/code4rena/introducing-code4rena-blue-more-than-just-bug-bounties-f2a9949c6b9c?source=rss------bug_bounty-5aramassmart-contract-security, code4rena, bug-bounty20-Dec-2023
Learn Command Injection Vulnerabilitieshttps://bicodev.medium.com/learn-command-injection-vulnerabilities-2a8ed26eb47a?source=rss------bug_bounty-5BICODEVlinux, python-programming, cybersecurity, bug-bounty, penetration-testing19-Dec-2023
Hack the Web like a Pirate: Identifying Vulnerabilities with Stylehttps://bicodev.medium.com/hack-the-web-like-a-pirate-identifying-vulnerabilities-with-style-171246a302a5?source=rss------bug_bounty-5BICODEVpython, bug-bounty, cybersecurity, hacker, penetration-testing19-Dec-2023
3 Steps Discovered XXE You should Knowhttps://medium.com/@kerstan/3-steps-discovered-xxe-you-should-know-d779ab5eb056?source=rss------bug_bounty-5kerstansecurity, pentesting, hacking, cybersecurity, bug-bounty19-Dec-2023
DOM XSS in innerHTML sink using source location.searchhttps://medium.com/@marduk.i.am/dom-xss-in-innerhtml-sink-using-source-location-search-a3ac4546ca5c?source=rss------bug_bounty-5Marduk I Ambug-bounty, cybersecurity, dom-xss, cross-site-scripting, portswigger-lab19-Dec-2023
Zero Trust Architecturehttps://medium.com/@khan.ghufran.0000/zero-trust-architecture-f47e9da3eaec?source=rss------bug_bounty-5Khan Ghufranarchitecture, bug-bounty, cybersecurity, cyber-security-solutions, infosec19-Dec-2023
Rekomendasi Buku Bug Bounty Untuk Pemulahttps://medium.com/@arenaldyp/rekomendasi-buku-bug-bounty-untuk-pemula-5aadd03f434f?source=rss------bug_bounty-5K1ngP1ngbug-bounty, indonesia, web-security, recommendations, hacking19-Dec-2023
Is It Worth Quitting 9–5 Job For a Full-Time Bug Bounty?https://ajaksecurity.medium.com/is-it-worth-quitting-9-5-job-for-a-full-time-bug-bounty-8274f6808aab?source=rss------bug_bounty-5Ajak Cyber securityethical-hacking, cybersecurity, blog, jobs, bug-bounty19-Dec-2023
Directory Listing Vulnerabilityhttps://medium.com/@digant_15/directory-listing-vulnerability-b2e1583d8a7e?source=rss------bug_bounty-5Digant Prajapaticybersecurity, directory-listing, bug-bounty19-Dec-2023
How One Bug Scored Me Double Rewards!https://anasbetis023.medium.com/how-one-bug-scored-me-double-rewards-355b8d02cdbf?source=rss------bug_bounty-5Anas H Hmaidycybersecurity, bug-bounty, penetration-testing, ethical-hacking, web-security19-Dec-2023
Join Any Facebook Group As Deactivated Additional Profilehttps://zerocode-ph.medium.com/join-any-facebook-group-as-deactivated-additional-profile-f63a31db7797?source=rss------bug_bounty-5Syd Ricafortfacebook, bug-bounty, facebook-bug-bounty19-Dec-2023
How I Found SQL Injection worth of $4,000 bountyhttps://roberto99.medium.com/how-i-found-sql-injection-worth-of-4-000-bounty-16ca09cbf8ec?source=rss------bug_bounty-5Roberto Nunesbug-bounty, sql-injection, bug-bounty-writeup, bug-bounty-tips, reconnaissance19-Dec-2023
#6.TryHackMe Series writeups: Brooklyn Nine Ninehttps://cyb3rmind.medium.com/6-tryhackme-series-writeups-brooklyn-nine-nine-a0f7f074cbab?source=rss------bug_bounty-5Cyb3r M!ndthm-writeup, tryhackme, ctf-writeup, brooklyn-nine-nine, bug-bounty19-Dec-2023
The Ultimate Guide to Uncovering XSS Vulnerabilities at Scalehttps://medium.com/@cyndybruce1967/the-ultimate-guide-to-uncovering-xss-vulnerabilities-at-scale-1f35ecb765b7?source=rss------bug_bounty-5Cyndybrucecybersecurity, penetration-testing, automation, bug-bounty, xs19-Dec-2023
The Ultimate Guide to Hunting for XSS Vulnerabilities at Scalehttps://medium.com/@elitumbleson1978/the-ultimate-guide-to-hunting-for-xss-vulnerabilities-at-scale-bfde4a9beae6?source=rss------bug_bounty-5Elitumblesoncybersecurity, penetration-testing, bug-bounty, xs, automation19-Dec-2023
Understanding Cross-Site Scripting (XSS) Attacks: Risks, Prevention, and Impacthttps://securitylit.medium.com/understanding-cross-site-scripting-xss-attacks-risks-prevention-and-impact-ce002e5fbb1a?source=rss------bug_bounty-5Security Lit Limitedxss-attack, technology, bug-bounty, cybersecurity, vulnerability18-Dec-2023
why you need to filter the input and the output —  stored xsshttps://medium.com/@Mr3Moe/why-you-need-to-filter-the-input-and-the-output-stored-xss-66f67c663703?source=rss------bug_bounty-5Mr3Moeweb-penetration-testing, appsec, bug-bounty18-Dec-2023
Lets Dive into the Intense World of Malware Analysis!https://medium.com/@paritoshblogs/lets-dive-into-the-intense-world-of-malware-analysis-3c9e242d8c16?source=rss------bug_bounty-5Paritoshinformation-security, malware-analysis, cybersecurity, programming, bug-bounty18-Dec-2023
Burp Suite Bambdahttps://medium.com/offensive-black-hat-hacking-security/burp-suite-bambda-b9b8f57d6b46?source=rss------bug_bounty-5Harshad Shahbug-bounty, hacking, cybersecurity, infosec, penetration-testing18-Dec-2023
Top Burp Suite Extensions Used by Penetration Testershttps://securitycipher.medium.com/top-burp-suite-extensions-used-by-penetration-testers-ee971a73256a?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)bug-bounty-tips, security, cybersecurity, bug-bounty, technology18-Dec-2023
How to write a perfect pentest reporthttps://arex-godofwar.medium.com/how-to-write-a-perfect-pentest-report-edb63cc68b36?source=rss------bug_bounty-5Ahmadreza Parsizadehpentesting, bug-bounty, reporting, offensive-security18-Dec-2023
Mastering Web Application Security: Defending Against Injections and Broken Access Controlhttps://medium.com/@moldovanzsombor/mastering-web-application-security-defending-against-injections-and-broken-access-control-34161cbefc8f?source=rss------bug_bounty-5Moldovan Zsomborhacking, cybersecurity, web-applications, bug-bounty18-Dec-2023
CyberSecurity Day 01 to 100: DAY 08 |A Comprehensive Guide for Novices and Expertshttps://medium.com/@acs_society/cybersecurity-day-01-to-100-day-08-a-comprehensive-guide-for-novices-and-experts-55d3ef86abbf?source=rss------bug_bounty-5Association For Cyber Securityacsociety, ethical-hacking, cybersecurity, bug-bounty, security-engineer18-Dec-2023
This Tool Helps Me To Find The Origin IP Addresshttps://ajaksecurity.medium.com/this-tool-helps-me-to-find-the-origin-ip-address-d9c2abceafb2?source=rss------bug_bounty-5Ajak Cyber securityhacking, ethical-hacking, blog, bug-bounty, penetration-testing18-Dec-2023
ParagonsDAO’s Bug Bounty Programhttps://medium.com/paragonsdao/paragonsdaos-bug-bounty-program-8cfb82f786c0?source=rss------bug_bounty-5ParagonsDAOweb3, immunefi, bug-bounty, paragonsdao18-Dec-2023
Go Witness Install Guide…https://medium.com/@psychomong/go-witness-install-guide-a62d96be30b0?source=rss------bug_bounty-5psychomonghacking-tools, bug-bounty, golang, hacking, osint18-Dec-2023
CyberSecurity Day 01 to 100: DAY 08 | A Comprehensive Guide for Novices and Expertshttps://medium.com/@acs_society/cybersecurity-day-01-to-100-day-08-a-comprehensive-guide-for-novices-and-experts-55d3ef86abbf?source=rss------bug_bounty-5Association For Cyber Securityacsociety, ethical-hacking, cybersecurity, bug-bounty, security-engineer18-Dec-2023
How I Could Leak Phone Numbers and Emails of Indian Voters and Applicantshttps://medium.com/@Mr.Equinox/how-i-could-leak-phone-numbers-and-emails-of-indian-voters-and-applicants-dd1fc699d81e?source=rss------bug_bounty-5Sahil Mhatrebug-bounty, mybugs, bug-hunting, api-security, vapt18-Dec-2023
Horizon Protocol V2 — Hacken Bug Bounty Program Now Live On Testnethttps://horizonprotocol.medium.com/horizon-protocol-v2-hacken-bug-bounty-program-now-live-on-testnet-4617205c7184?source=rss------bug_bounty-5Horizon Protocolbug-bounty, defi, hacken, derivatives, synthetic-asset18-Dec-2023
Getting Started with Recon Automation using ReNgine on Windows (WSL): Installation Guidehttps://mxmd.medium.com/getting-started-with-recon-automation-using-rengine-on-windows-wsl-installation-guide-50ad95b8a7a9?source=rss------bug_bounty-5Max Klosereconnaissance, bug-bounty-hunting, automation, bug-bounty, guides-and-tutorials18-Dec-2023
Bug Zero at a Glance [19–30 November]https://blog.bugzero.io/bug-zero-at-a-glance-19-30-november-8470a11d3015?source=rss------bug_bounty-5Januka Dharmapriyabug-zero, newsletter, cybersecurity, sri-lanka, bug-bounty17-Dec-2023
Mitel MiCollab AWV Directory Traversal Vulnerability (CVE-2020–11798)https://samshadow.medium.com/mitel-micollab-awv-directory-traversal-vulnerability-cve-2020-11798-ec1408cd35b9?source=rss------bug_bounty-5Sam Shadowbug-bounty, bug-bounty-writeup, bug-bounty-tips, vulnerability, directory-traversal17-Dec-2023
Unveiling a Security Flaw: The Divergence of OTP and Link Password Authentication in redacted.comhttps://medium.com/@MohaseenK/unveiling-a-security-flaw-the-divergence-of-otp-and-link-password-authentication-in-redacted-com-27e0cc2dc73c?source=rss------bug_bounty-5Mohaseenbug-hunting, password-reset, bug-bounty, hackerone17-Dec-2023
XSSRF : The Unholy Matrimony of XSS and SSRFhttps://naumankh4n.medium.com/xssrf-the-unholy-matrimony-of-xss-and-ssrf-89f7abfca5b3?source=rss------bug_bounty-5Nauman Khancybersecurity, hacking, bug-bounty, penetration-testing, money17-Dec-2023
Bug Bounty programmes give people the fear (they shouldn’t)https://medium.com/@ethanrom/bug-bounty-programmes-give-people-the-fear-they-shouldnt-755466351140?source=rss------bug_bounty-5Leo Chacking, cybersecurity, ciso, culture, bug-bounty17-Dec-2023
V3 Testnet Bug Bountyhttps://tribeone.medium.com/v3-testnet-bug-bounty-8281b8775843?source=rss------bug_bounty-5TribeOnenft, smart-contract-security, bug-bounty17-Dec-2023
DOM XSS in document.write sink using source location.searchhttps://medium.com/@marduk.i.am/dom-xss-in-document-write-sink-using-source-location-search-ae458bc5c85f?source=rss------bug_bounty-5Marduk I Amdom-xss, cross-site-scripting, cybersecurity, bug-bounty, portswigger-lab17-Dec-2023
Reflected XSS in BGMIhttps://medium.com/@patil97/reflected-xss-in-bgmi-38ed48773981?source=rss------bug_bounty-5Patil97bug-bounty, xs, bugs, security17-Dec-2023
Main Methodology 1 | Part 04 | What To Do After Choosing a Targethttps://infosecwriteups.com/main-methodology-1-part-04-what-to-do-after-choosing-a-target-f9cea586d6af?source=rss------bug_bounty-5Om Arorabug-bounty, bug-bounty-tips, hacking, infosec, methodology17-Dec-2023
When not to rely on Automated Toolshttps://medium.com/@rodriguezjorgex/when-not-to-rely-on-automated-tools-429b331e0613?source=rss------bug_bounty-5Rodriguezjorgexcybersecurity, bug-bounty, xss-attack, prototype-pollution, bug-bounty-tips16-Dec-2023
Escalating DOM XSS to Stored XSShttps://medium.com/@rodriguezjorgex/escalating-dom-xss-to-stored-xss-eb6f3a669af3?source=rss------bug_bounty-5Rodriguezjorgexcross-site-scripting, bug-bounty, hacking, cybersecurity, xss-attack16-Dec-2023
Mitigating Risks: Securing Symfony Profiler from Unwanted Exposurehttps://samshadow.medium.com/mitigating-risks-securing-symfony-profiler-from-unwanted-exposure-14e90a53dd65?source=rss------bug_bounty-5Sam Shadowbug-bounty-writeup, bug-bounty, bug-bounty-tips, vulnerability16-Dec-2023
Unveiling Vulnerabilities: PHP Debug Bar Exposes Sensitive Informationhttps://samshadow.medium.com/unveiling-vulnerabilities-php-debug-bar-exposes-sensitive-information-ca341267fe33?source=rss------bug_bounty-5Sam Shadowvulnerability, bug-bounty, bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter16-Dec-2023
Self-XSS to Stored XSShttps://medium.com/@rodriguezjorgex/self-xss-to-stored-xss-b4b999610c5b?source=rss------bug_bounty-5Rodriguezjorgexhacking, cybersecurity, bug-bounty, xss-attack, bug-bounty-tips16-Dec-2023
Unveiling CVE-2019-11248: A Vulnerability in Kuberneteshttps://samshadow.medium.com/unveiling-cve-2019-11248-a-vulnerability-in-kubernetes-83a831afaccd?source=rss------bug_bounty-5Sam Shadowbug-bounty, bug-bounty-hunter, bug-bounty-tips, vulnerability, bug-bounty-writeup16-Dec-2023
DOM-based vulnerabilitieshttps://ayonthakur101.medium.com/dom-based-vulnerabilities-db02d7437b26?source=rss------bug_bounty-5Ayon Thakurpenetration-testing, bug-bounty, hacker, portswigger, burp-suit16-Dec-2023
SSTI gave me T-Shirt + € 50https://medium.com/@bug.hun3r/ssti-got-me-t-shirt-50-a8672ca766c9?source=rss------bug_bounty-5mo9kHu93rinformation-security, bug-bounty, bug-hunting, info-sec-writeups, cybersecurity16-Dec-2023
Kakar Securityhttps://medium.com/@walikhankakar313/kakar-security-cf15f39baede?source=rss------bug_bounty-5Wali Khan Kakarwebsite-scanning, penetration, security, hacking-world, bug-bounty16-Dec-2023
Headline: Indian Government Issues High-Risk Warning for Samsung Galaxy S23 and Other Modelshttps://riglabscollective.medium.com/headline-indian-government-issues-high-risk-warning-for-samsung-galaxy-s23-and-other-models-2c153d5bcc62?source=rss------bug_bounty-5Riglabs Collectivesamsung-galaxy, india, s23ultra, mobile, bug-bounty15-Dec-2023
6 Quick Discover Bug Search Syntax In Code-basehttps://medium.com/@kerstan/6-quick-discover-bug-search-syntax-in-code-base-eb3d6fb6e929?source=rss------bug_bounty-5kerstanhacker, cybersecurity, bug-bounty, security, bug-bounty-tips15-Dec-2023
Easy Money from the Most Trivially Easy Broken Access Controlhttps://abd11atarek.medium.com/easy-money-from-the-most-trivially-easy-broken-access-control-4d810af327f7?source=rss------bug_bounty-5abda11atarekbugcrowd, bug-bounty-tips, bug-hunter, bug-bounty, broken-access-control15-Dec-2023
HTTP/2 Request Smugglinghttps://medium.com/@kerstan/http-2-request-smuggling-b6ef5ae351fb?source=rss------bug_bounty-5kerstanhacking, https, bug-bounty-tips, bug-bounty, cybersecurity15-Dec-2023
3 Cases of DOM XSS in Bug Bountyhttps://medium.com/@kerstan/3-cases-of-dom-xss-in-bug-bounty-0744003f0b2b?source=rss------bug_bounty-5kerstanbug-bounty, xss-attack, hacking, cybersecurity, bug-bounty-tips15-Dec-2023
How I Automatically Discovered SSRF in Hackerone Programhttps://medium.com/@kerstan/how-i-automatically-discovered-ssrf-in-hackerone-program-2ae0b7a6ef1b?source=rss------bug_bounty-5kerstanbug-bounty-tips, cybersecurity, hacking, ssrf, bug-bounty15-Dec-2023
How I Discovered SSRF on Hackerone Programhttps://medium.com/@kerstan/how-i-discovered-ssrf-on-hackerone-program-7bbe72334f74?source=rss------bug_bounty-5kerstanbug-bounty-tips, bug-bounty, ssrf, hacker, graphql15-Dec-2023
From CloudSec to Application Security, Bug Bounties to Cybersecurity tooling, and Morehttps://infosecwriteups.com/from-cloudsec-to-application-security-bug-bounties-to-cybersecurity-tooling-and-more-9f4a1819620c?source=rss------bug_bounty-5InfoSec Write-upshacking, conference, bug-bounty, security, information-security15-Dec-2023
One port can be a costly mistake | Attack The Rsync Service in a Private Programhttps://medium.com/@sword0x00/one-port-can-be-a-costly-mistake-attack-the-rsync-service-in-a-private-program-cdbf9ecc650d?source=rss------bug_bounty-5Mohanad Heshamrsync, bug-bounty, fingerprinting, port-scan, hacking15-Dec-2023
How To Explore and Exploit GraphQL [Indonesia]https://revan-ar.medium.com/how-to-explore-and-exploit-graphql-indonesia-562c560f46c6?source=rss------bug_bounty-5Revan Abug-bounty, web-security, api, penetration-testing, graphql15-Dec-2023
Subdomain Takeover in Azure Trafficmanager for Fun & Profithttps://padsalatushal.medium.com/subdomain-takeover-in-azure-trafficmanager-for-fun-profit-09c858ca3d0e?source=rss------bug_bounty-5Padsala Tushalbug-bounty, cybersecurity, infosec, subdomain-takeover, bug-bounty-tips15-Dec-2023
Cookie Quest: XSS Admin Assaulthttps://medium.com/@josh.beck2006/cookie-quest-xss-admin-assault-694769f84796?source=rss------bug_bounty-5Josh Beckcybersecurity, programming, penetration-testing, bug-bounty, ctf-writeup14-Dec-2023
How did I find open redirect on LinkedInhttps://medium.com/@neverl0gbughunt/how-did-i-find-open-redirect-on-linkedin-e35918b3b129?source=rss------bug_bounty-5neverl0gbug-bounty-tips, bug-bounty-writeup, bug-bounty14-Dec-2023
All about Ethical Hackinghttps://securitycipher.medium.com/all-about-ethical-hacking-277b9c3e4b36?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)technology, security, cybersecurity, bug-bounty, hacking14-Dec-2023
Uncovering an Account Takeover Vulnerability: Auth Bypass via Response Manipulation.https://medium.com/@kataeriidubstep/uncovering-an-account-takeover-vulnerability-auth-bypass-via-response-manipulation-ba8257f917d2?source=rss------bug_bounty-5Pavan kumar.Gcybersecurity, appsec, bug-bounty14-Dec-2023
Remote Code execution at ws1.aholdusa.com — Compromising logins of Ahold Delhaize USA employeeshttps://medium.com/@jonathanbouman/remote-code-execution-at-ws1-aholdusa-com-compromising-logins-of-ahold-delhaize-usa-employees-c7c9aca7e05d?source=rss------bug_bounty-5Jonathan Boumancybersecurity, bug-bounty, rce, hacking, security14-Dec-2023
How I Quickly Discover Bug In Codebasehttps://medium.com/@kerstan/how-i-quickly-discover-bug-in-code-6a3bfa7e6e82?source=rss------bug_bounty-5kerstanbug-bounty, programming, technology, code-review, cybersecurity14-Dec-2023
How i found a Permanent Denial of Service via Account Lockout:https://medium.com/@kataeriidubstep/how-i-found-a-permanent-denial-of-service-via-account-lockout-ac1bc33c3c0a?source=rss------bug_bounty-5Pavan kumar.Gappsec, cybersecurity, bug-bounty14-Dec-2023
How i found a Misconfigured CORS Vulnerability — Unauthorized Cross-Origin Resource Sharing :https://medium.com/@kataeriidubstep/how-i-found-a-misconfigured-cors-vulnerability-unauthorized-cross-origin-resource-sharing-16effea37e78?source=rss------bug_bounty-5Pavan kumar.Gappsec, cybersecurity, bug-bounty14-Dec-2023
How i found a Password Reset Token Leak via Referer Header:https://medium.com/@kataeriidubstep/how-i-found-a-password-reset-token-leak-via-referer-header-7d71d35b0ea8?source=rss------bug_bounty-5Pavan kumar.Gappsec, cybersecurity, bug-bounty14-Dec-2023
Adobe Recap: 2023 Ambassador World Cup Final Fourhttps://blog.developer.adobe.com/adobe-recap-2023-ambassador-world-cup-final-four-df701e1a1b12?source=rss------bug_bounty-5Chris Parkersonhacking, security, bug-bounty, hackathons, security-research14-Dec-2023
Starlink Router Gen 2 is vulnerable to XSS.https://medium.com/@hackintoanetwork/starlink-router-gen-2-is-vulnerable-to-xss-48cfcadd0b13?source=rss------bug_bounty-5hackintoanetworkbug-bounty, starlink, exploit, dishy, router14-Dec-2023
VulnLab — SQL Injection series — Bypass Login part 2(Database Collect)https://medium.com/@kurobe09/vulnlab-sql-injection-series-bypass-login-part-2-database-collect-1e6aa36a1308?source=rss------bug_bounty-5kurobe09cybersecurity, cyberattack, pentest-learnings, sql-injection, bug-bounty13-Dec-2023
Cross-Site Scripting (XSS)https://medium.com/@savanghori1203/cross-site-scripting-xss-c288793349a9?source=rss------bug_bounty-5SavanGhoribug-bounty, xss-attack, xss-vulnerability, bug-bounty-tips, vulnerability13-Dec-2023
phpinfo() — My First Resolved Bug in HackerOnehttps://medium.com/@ft.eagle.eye.1/phpinfo-my-first-resolved-bug-in-hackerone-a22fea1adb9b?source=rss------bug_bounty-5Muhammad Farhad Ansarybug-bounty, bug-bounty-tips13-Dec-2023
AppSec Tales XXIV | Deserializationhttps://karol-mazurek95.medium.com/appsec-tales-xxiv-deserialization-841d6bfaa710?source=rss------bug_bounty-5Karol Mazurekpenetration-testing, bug-bounty, information-technology, information-security, cybersecurity13-Dec-2023
Only 3 Days Left For IWCON 2023https://infosecwriteups.com/only-3-days-left-for-iwcon-2023-bab915df5ae8?source=rss------bug_bounty-5InfoSec Write-upshacking, bug-bounty, conference, information-security, programming13-Dec-2023
A misconfiguration in the password reset process can lead to an account takeover.https://medium.com/@Mr3Moe/a-misconfiguration-in-the-password-reset-process-can-lead-to-an-account-takeover-30c43e17d744?source=rss------bug_bounty-5Mr3Moeweb-application-security, web-app-pentesting, bug-bounty, web-app-security13-Dec-2023
I found out what my neighbour was looking at on the internet, This is how ?https://navnee1h.medium.com/i-found-out-what-my-neighbour-was-looking-at-on-the-internet-this-is-how-050c4dfef8b4?source=rss------bug_bounty-5Navaneeth M Sbug-bounty, monitoring, dns, hacking, wifi13-Dec-2023
Day 13 Bug Bounty — 60 days 60 bugs challenge (Found P1!!! Hope it gets accepted)https://medium.com/@avbhijitdutta99/day-13-bug-bounty-60-days-60-bugs-challenge-found-p1-hope-it-gets-accepted-670f0dcc25f3?source=rss------bug_bounty-5Abhijit Duttabug-bounty-writeup, bug-bounty, bug-bounty-program, bug-bounty-tips, bugbountychallenge13-Dec-2023
OpenBounty, Shentu’s New Approach in Security Ecosystemhttps://shentuchain.medium.com/openbounty-shentus-new-approach-in-security-ecosystem-fbae6506d956?source=rss------bug_bounty-5Shentu Chainbounty-program, bounty-hunter, bug-bounty, web3, cybersecurity12-Dec-2023
Mobile Application Security Testing: Navigating the Digital Landscape Safelyhttps://medium.com/geekculture/mobile-application-security-testing-navigating-the-digital-landscape-safely-3aead90a5455?source=rss------bug_bounty-5Security Lit Limitedmobile-security, cybersecurity, programming, vapt, bug-bounty12-Dec-2023
I will do Vulnerability Assessment and penetration testing on your websitehttps://securitycipher.medium.com/i-will-do-vulnerability-assessment-and-penetration-testing-on-your-website-5cd4fb147a33?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)services, bug-bounty, security, cybersecurity, technology12-Dec-2023
Skills Needed For Bug Bountyhttps://medium.com/@joshdesharnais1/skills-needed-for-bug-bounty-23e289ef0853?source=rss------bug_bounty-5Joshua Desharnaisxss-attack, idor, bug-bounty, account-takeover12-Dec-2023
Duplicate CSRF… Leads to $$$$https://shellbreaker.medium.com/duplicate-csrf-leads-to-26c1ddc71dc5?source=rss------bug_bounty-5Bhavesh aka Shellbreakerhacking, info-sec-writeups, bug-bounty, cybersecurity, bug-bounty-tips12-Dec-2023
Server-Side Request Forgery (SSRF)https://medium.com/@savanghori1203/server-side-request-forgery-ssrf-ca04465ac41a?source=rss------bug_bounty-5SavanGhoribug-bounty, vulnerability, bug-bounty-tips, ssrf, bugs12-Dec-2023
Remote Code Execution (RCE)https://medium.com/@savanghori1203/remote-code-execution-rce-e8628b1432de?source=rss------bug_bounty-5SavanGhoribug-bounty-tips, bugs, vulnerability, rce, bug-bounty12-Dec-2023
Join ARPA’s Bug Bounty Program with Immunefi — Up to $50,000 in Rewards!https://arpa.medium.com/join-arpas-bug-bounty-program-with-immunefi-up-to-50-000-in-rewards-18d9fbd7b193?source=rss------bug_bounty-5ARPA Officialblockchain, developer, bug-bounty, debugging12-Dec-2023
Easy Admin Access — RVDP (2)https://infosecwriteups.com/easy-admin-access-rvdp-2-bf2ec8349ebf?source=rss------bug_bounty-5hackerdevilpenetration-testing, hacking, bug-bounty-tips, bug-bounty, bug-bounty-writeup12-Dec-2023
One Scheme to Rule Them All: OAuth Account Takeoverhttps://medium.com/@ostorlab/one-scheme-to-rule-them-all-oauth-account-takeover-26ac4cb5e898?source=rss------bug_bounty-5Ostorlabmobile-security, bug-bounty, oauth, bug-bounty-tips, account-takeover12-Dec-2023
The launch of incentivized testnet for TribeOne V3https://tribeone.medium.com/the-launch-of-incentivized-testnet-for-tribeone-v3-6e12a1eb6d0f?source=rss------bug_bounty-5TribeOnebug-bounty, perpetual-contracts, testnet, nft, trading-competition12-Dec-2023
Hacking NASA and Got Hall of Famehttps://medium.com/@bug.hun3r/hacking-nasa-and-got-hall-of-fame-71f9a344d1d0?source=rss------bug_bounty-5mo9kHu93rpenetration-testing, cybersecurity, nasa, ethical-hacking, bug-bounty12-Dec-2023
Build3rs Bug Bounty Programhttps://medium.com/@Lay3rsXR/build3rs-bug-bounty-program-8b874bdfee0e?source=rss------bug_bounty-5Lay3rsbuild3rs, bug-bounty, blockchain, refis12-Dec-2023
Bug Bounty and Hacking Books You Should Read (Must Read)https://rajkaran359.medium.com/bug-bounty-and-hacking-books-you-should-read-must-read-57ca722ad51d?source=rss------bug_bounty-5Rajkaranbug-bounty, hacking-books, hacking, cybersecurity, bug-bounty-tips12-Dec-2023
How I got $300 for Default Credential Login at Bugcrowdhttps://medium.com/@avbhijitdutta99/how-i-got-300-for-default-credential-login-at-bugcrowd-30368eb698f7?source=rss------bug_bounty-5Abhijit Duttabug-bounty-tips, bug-bounty-program, bug-bounty, bug-bounty-writeup12-Dec-2023
missing session scopes lead to authentication bypasshttps://medium.com/@Mr3Moe/missing-session-scopes-lead-to-authentication-bypass-2e1cdaebda7b?source=rss------bug_bounty-5Mr3Moeweb, bug-bounty, appsec, web-penetration-testing12-Dec-2023
Exploiting Django Debug Mode for Unrestricted Access to the Internal Dashboard?https://rokkamvamsi18.medium.com/exploiting-django-debug-mode-for-unrestricted-access-to-the-internal-dashboard-b725783714ae?source=rss------bug_bounty-5Rokkam_Vamshi1_8bug-bounty-tips, django, bug-bounty, hackerone, infosec12-Dec-2023
Portswigger Labs — Api-testinghttps://medium.com/@rynnnn617/portswigger-labs-api-testing-86a8827ddfdc?source=rss------bug_bounty-5Ry4nnnnportswigger, appsec, bug-bounty, burp11-Dec-2023
How to learn Hacking From 0 to Herohttps://rajput623929.medium.com/how-to-learn-hacking-from-0-to-hero-4a5f288c003d?source=rss------bug_bounty-5Mr.Horbiobug-bounty, cryptography, ethical-hacking, cybersecurity, hacking11-Dec-2023
How i found a Host Header Injection in Password Reset Function:https://medium.com/@kataeriidubstep/how-i-found-a-host-header-injection-in-password-reset-function-5c2ba8d209e6?source=rss------bug_bounty-5Pavan kumar.Gcybersecurity, appsec, bug-bounty11-Dec-2023
How I Automatically Discovered SSRF in Hackerone Programshttps://medium.com/@kerstan/how-i-automatically-discovered-ssrf-in-hackerone-programs-39e27a1554b5?source=rss------bug_bounty-5kerstansecurity, ssrf, bug-bounty-tips, bug-bounty, hacker11-Dec-2023
Next js and Antd Desing css demora milesimos de segundos para carregar na página.https://medium.com/@yurioliveiragochi/next-js-and-antd-desing-css-demora-milesimos-de-segundos-para-carregar-na-p%C3%A1gina-77f3b203dac8?source=rss------bug_bounty-5Yuri Oliveira Gochibug-bounty, antd, next, react11-Dec-2023
Unveiling the World of Bug Bounty Programs: Enhancing Cybersecurity Through Collaborationhttps://medium.com/@bahadur4630105/unveiling-the-world-of-bug-bounty-programs-enhancing-cybersecurity-through-collaboration-bde9831b6882?source=rss------bug_bounty-5Syed Dawoodcyber-security-awareness, bug-bounty, bugbounty-writeup, bug-bounty-tips, bug-bounty-hunter11-Dec-2023
Dollars and Detectives: An Unique way to XSS Mysteries ( Not a Simp one ) for a $150 Rewardhttps://naumankh4n.medium.com/dollars-and-detectives-an-unique-way-to-xss-mysteries-not-a-simp-one-for-a-150-reward-f5d2d80d5022?source=rss------bug_bounty-5Nauman Khanmoney, ai, cybersecurity, hacking, bug-bounty11-Dec-2023
Say Goodbye to Password Hassles with These Cutting-Edge Security Trends!https://medium.com/@paritoshblogs/say-goodbye-to-password-hassles-with-these-cutting-edge-security-trends-8b8f6ad8f6d4?source=rss------bug_bounty-5Paritoshbug-bounty, information-security, cybersecurity, passwordless, passwords11-Dec-2023
HackTheBox — Session Security: Obtain Session Identifier via XSShttps://medium.com/@harry.hphu/hackthebox-session-security-obtain-session-identifier-via-xss-c151160c03b0?source=rss------bug_bounty-5Huy Phuhackthebox, web-security, session-security, bug-bounty, xss-attack11-Dec-2023
So you found Auth0 secrets, now what?https://blog.prodefense.io/so-you-found-auth0-secrets-now-what-0945642ac09b?source=rss------bug_bounty-5Nightbanepentesting, security, red-team, bug-bounty, auth011-Dec-2023
Kubernetes CR injection techniquehttps://medium.com/@esonhugh/kubernetes-cr-injection-technique-b4506500b8e9?source=rss------bug_bounty-5Esonhughhacking, custom-resource, bug-bounty, kubernetes-security10-Dec-2023
Bug bounty training from scratch(part2->lesson10):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson10-57551e079751?source=rss------bug_bounty-5Pavan kumar.Gcomputer-science, appsec, bug-bounty, networking10-Dec-2023
Bug bounty training from scratch(part2->lesson9):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson9-4802a25a2570?source=rss------bug_bounty-5Pavan kumar.Gcomputer-science, bug-bounty, appsec, networking10-Dec-2023
Bug bounty training from scratch(part2->lesson8):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson8-e8a2b87c3ac2?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, networking, appsec, computer-science10-Dec-2023
Bug bounty training from scratch(part2->lesson7):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson7-152c167dbc0f?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, appsec, computer-science, networking10-Dec-2023
Bug bounty training from scratch(part2->lesson6):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson6-43abf1f342ec?source=rss------bug_bounty-5Pavan kumar.Gnetworking, computer-science, appsec, bug-bounty10-Dec-2023
Bug bounty training from scratch(part2->lesson5):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson5-f0042df50fca?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, networking, computer-science, appsec10-Dec-2023
Bug bounty training from scratch(part2->lesson4):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson4-29d491577d8c?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, networking, computer-science, appsec10-Dec-2023
Bug bounty training from scratch(part2->lesson3):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson3-80794013cf99?source=rss------bug_bounty-5Pavan kumar.Gnetworking, bug-bounty, computer-science, appsec10-Dec-2023
Bug bounty training from scratch(part2->lesson2):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson2-177e4a21e8d3?source=rss------bug_bounty-5Pavan kumar.Gcomputer-science, appsec, networking, bug-bounty10-Dec-2023
Bug bounty training from scratch(part2->lesson1) :https://medium.com/@kataeriidubstep/understanding-ip-addressing-a-comprehensive-overview-95bf12e05cae?source=rss------bug_bounty-5Pavan kumar.Gnetwork-engineering, computer-science, appsec, bug-bounty10-Dec-2023
Bug bounty training from scratch(part2->lessonhttps://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson-7a58ad73a31d?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, appsec, networking, computer-science10-Dec-2023
How to not implement payment features - Insights from Bugbountyhttps://medium.com/@sivakrishnasamireddi/how-to-not-implement-payment-features-insights-from-bugbounty-e3d375566ad0?source=rss------bug_bounty-5Siva Krishna Samireddihacking, payments, bug-bounty, security, bugbounty-writeup10-Dec-2023
5 Tips for the Beginners Who Want to Start Bug Bountyhttps://medium.com/@bhuiyanaman71/5-tips-for-the-beginners-who-want-to-start-bug-bounty-c1a1a952e605?source=rss------bug_bounty-5Aman Bhuiyanweb-hacking, bug-bounty, bug-bounty-tips, hacking, ethical-hacking10-Dec-2023
In under age (<18), How I Hacked Multi- Billion-Dollar-Corp and got first 4 fig. $2600 Bounty!https://medium.com/@manan_sanghvi/in-under-age-18-how-i-hacked-multi-billion-dollar-corp-and-got-first-4-fig-2600-bounty-d9ce97b3652e?source=rss------bug_bounty-5Manan Sanghviidor, bug-bounty, first-bounty, web-application-security, hacking10-Dec-2023
Bug Bounty Testing: Test Ideashttps://medium.com/@lopseg/bug-bounty-testing-test-ideas-cf6e8ec5aed1?source=rss------bug_bounty-5Lopsegbug-bounty-writeup, bug-bounty, hacking-training, bug-bounty-tips, info-sec-writeups10-Dec-2023
CORS Misconfiguration -> PII Leakhttps://medium.com/@boogsta/cors-misconfiguration-pii-leak-2765ff5b7115?source=rss------bug_bounty-5Boogstacybersecurity, cyber, hacking, bug-bounty-tips, bug-bounty10-Dec-2023
Awesome Bug Bounty Tools Exploring Subdomain Enumeration and Reconnaissance Toolshttps://cyberconqueror.medium.com/awesome-bug-bounty-tools-exploring-subdomain-enumeration-and-reconnaissance-tools-7bffb25210e6?source=rss------bug_bounty-5NEWenumeration, mentoring, bug-bounty, cybersecurity, medium09-Dec-2023
Is it safe to expose your Firebase API key?https://infosecwriteups.com/is-it-safe-to-expose-your-firebase-api-key-bf2a318c0f29?source=rss------bug_bounty-5Suprajabaskarancybersecurity, keys, firebase, bug-bounty, ethical-hacking09-Dec-2023
2FA & MFA Bypass, Bug Bounty Easy Wins ! ! Ultimate Guidehttps://medium.com/@Kalki2121/2fa-mfa-bypass-bug-bounty-easy-wins-ultimate-guide-3722de0ad26c?source=rss------bug_bounty-5ʏᴀꜱʜʜinformation-security, bug-bounty-tips, bug-bounty, infosec, cybersecurity09-Dec-2023
3 Symfony (RCE): A Peek Behind the Curtainhttps://medium.com/@bxrowski0x/3-symfony-rce-a-peek-behind-the-curtain-83da5433e149?source=rss------bug_bounty-5Omar ElSayedbug-bounty-tips, cybersecurity, bug-bounty, symfony, remote-code-execution09-Dec-2023
How I passed my CRTP Examhttps://medium.com/@damaidec/how-i-passed-my-crtp-exam-c1dadd4d9ec1?source=rss------bug_bounty-5Damaidecexam, active-directory, cybersecurity, hacking, bug-bounty09-Dec-2023
Introduction to Burpsuite Bambda Featurehttps://medium.com/@gguzelkokar.mdbf15/introduction-to-burpsuite-bambda-feature-4c6b5fbc168d?source=rss------bug_bounty-5Gökhan Güzelkokarhacking, burpsuite, bug-bounty09-Dec-2023
TryHackMe | Advent of Cyber 2023 | Day 5https://axoloth.medium.com/tryhackme-advent-of-cyber-2023-day-5-60a464ac8d07?source=rss------bug_bounty-5Axolothbug-bounty, tryhackme, hacking, cybersecurity, penetration-testing09-Dec-2023
TryHackMe | Advent of Cyber 2023 | Day 4https://axoloth.medium.com/tryhackme-advent-of-cyber-2023-day-4-efa5f90ccfc1?source=rss------bug_bounty-5Axolothtryhackme, hacking, cybersecurity, bug-bounty, penetration-testing09-Dec-2023
My first Bugs: Persistence and mentality (Not a Writeup).https://medium.com/@Nightbloodz/my-first-bugs-persistence-and-mentality-not-a-writeup-1017714abc8c?source=rss------bug_bounty-5Alvaro Baladabug-bounty-hunter, bug-bounty, bug-bounty-tips, cybersecurity09-Dec-2023
Introduction to Burpsuite Bambdas Featurehttps://medium.com/@gguzelkokar.mdbf15/introduction-to-burpsuite-bambda-feature-4c6b5fbc168d?source=rss------bug_bounty-5Gökhan Güzelkokarhacking, burpsuite, bug-bounty09-Dec-2023
My first dork on GHBDhttps://noorhomaid.medium.com/my-first-dork-on-ghbd-988c21b45869?source=rss------bug_bounty-5NoorHomaidcybersecurity, bug-bounty, google-dork, ethical-hacking, penetration-testing09-Dec-2023
HTTP Noir: The Dark Art of Smuggling Byteshttps://chayandatta.medium.com/http-noir-the-dark-art-of-smuggling-bytes-a471a0f990f5?source=rss------bug_bounty-5CHAYAN DATTAsecurity, http-request-smuggling, hacking, bug-bounty, network09-Dec-2023
Broken Link Hijackinghttps://0xtomcat.medium.com/broken-link-hijacking-e0afc5986ea6?source=rss------bug_bounty-5Tomcatbug-bounty, bug-bounty-writeup, bug-bounty-tips, bugbounty-writeup08-Dec-2023
Testing vulnerabilities beyond traditional cases — around login/signup featureshttps://infosecwriteups.com/testing-vulnerabilities-beyond-traditional-cases-around-login-signup-features-9d496bd283d4?source=rss------bug_bounty-5Suprajabaskaranethical-hacking, bug-bounty-tips, penetration-testing, pentesting, bug-bounty08-Dec-2023
#4 Install Burp’s CA Certificate in Firefox — Guide for Burp Suitehttps://securitycipher.medium.com/4-install-burps-ca-certificate-in-firefox-guide-for-burp-suite-75a555ed7225?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)technology, security, bug-bounty-tips, bug-bounty, cybersecurity08-Dec-2023
Enum is the key — Automatizado + Manual = Full shell.https://aleeeeex264.medium.com/enum-is-the-key-automatizado-manual-full-shell-4eead6c37dc4?source=rss------bug_bounty-5Alejandro Olivares 0x4lexkali-linux, bug-bounty, bug-bounty-tips, hacking, pentesting08-Dec-2023
PEARfection: From LFI to RCI: An iCSI CTF Challenge.https://medium.com/@josh.beck2006/pearfection-from-lfi-to-rci-an-icsi-ctf-challenge-4ecfb77a60c4?source=rss------bug_bounty-5Josh Beckbug-bounty, penetration-testing, ctf-writeup, cybersecurity08-Dec-2023
Unraveling The Story of Multiple Admin Panel Compromiseshttps://vedanttekale20.medium.com/unraveling-the-story-of-multiple-admin-panel-compromises-baac4444285f?source=rss------bug_bounty-5Vedant Tekaleinformation-security, recon, bug-bounty, hacking, cybersecurity08-Dec-2023
Blind XSS on Registration Systemhttps://medium.com/@aurelioyudistira/blind-xss-on-registration-system-410eb0b98109?source=rss------bug_bounty-5MxShinzupentesting, bug-bounty, cybersecurity08-Dec-2023
Bug bounty training from scratch:https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-f62cc13fbe64?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Bug bounty training from scratch for beginners:https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-for-beginners-1f17e609fbf0?source=rss------bug_bounty-5Pavan kumar.Gcybersecurity, appsec, computer-science, bug-bounty, linux07-Dec-2023
Bug bounty training from scratch(part1->lesson12):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson12-206baedf6747?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, appsec, computer-science07-Dec-2023
Bug bounty training from scratch(part1->lesson11):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson11-6f2c71aa8135?source=rss------bug_bounty-5Pavan kumar.Gcomputer-science, appsec, bug-bounty07-Dec-2023
Bug bounty training from scratch(part1->lesson10):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson10-b2af2898a6b1?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Bug bounty training from scratch(part1->lesson9):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson9-44b004fe5550?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Bug bounty training from scratch(part1-> lesson8):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson8-98680d93e4bf?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, appsec, computer-science07-Dec-2023
Bug bounty training from scratch(part1->lesson7):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson7-d04def4b4ef3?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Bug bounty training from scratch (part1->lesson6):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson6-1b4b8742a1ec?source=rss------bug_bounty-5Pavan kumar.Gcomputer-science, bug-bounty, appsec07-Dec-2023
Bug bounty training from scratch(part1->lesson5):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson5-15d8c1f2cc5e?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Bug bounty training from scratch (part1->lesson4):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson4-653699a21284?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Using reNgine with Netlas.io modulehttps://netlas.medium.com/using-rengine-with-netlas-io-module-436e764a5495?source=rss------bug_bounty-5Netlas.iopenetration-testing, reconnaissance, information-security, cybersecurity, bug-bounty07-Dec-2023
Automation for Target Surface Information Gathering — XCOODE + AI Prompting for Bug Bounty Giantshttps://medium.com/@xcoode/automation-for-target-surface-information-gathering-xcoode-ai-prompting-for-bug-bounty-giants-a545dadc87dc?source=rss------bug_bounty-5XCOODEai, hacking, hackerone, bug-bounty, openai07-Dec-2023
Markdown XSS tipshttps://medium.com/@lopseg/markdown-xss-tips-e166905b1f5e?source=rss------bug_bounty-5Rafael Silvabug-bounty-tips, info-sec-writeups, xss-attack, bug-bounty, bug-bounty-writeup07-Dec-2023
Hacking Indian Government, Finding XSS & SQL Injectionhttps://medium.com/@Kalki2121/hacking-indian-government-finding-xss-sql-injection-9f83e5e60c6f?source=rss------bug_bounty-5Yashhbugs, bug-bounty-tips, bug-bounty, hacking, sql-injection07-Dec-2023
Unveiling Critical Vulnerability: Account Hijacking — Art of play on tokenshttps://medium.com/@xcoode/unveiling-critical-vulnerability-account-hijacking-art-of-play-on-tokens-dd270140cd25?source=rss------bug_bounty-5XCOODEfintech, bug-bounty, security, hacking, cloud07-Dec-2023
Advent of Cyber 2023 -Day 6 Walkthrough.. By Manoj Mudabagil.https://medium.com/@manojmudabagil/advent-of-cyber-2023-day-6-walkthrough-by-manoj-mudabagil-cd7062261d33?source=rss------bug_bounty-5Manoj Mudabagiltryhackme, hacking, advent-of-cyber-2023, cybersecurity, bug-bounty07-Dec-2023
Exploring New Vulnerability Vectors: A Systematic Approach to Manual Google Dorkinghttps://medium.com/@mxmd/exploring-new-vulnerability-vectors-a-systematic-approach-to-manual-google-dorking-fdfc79e9825d?source=rss------bug_bounty-5Max Klosecybersecurity, bug-bounty-tips, bug-bounty, google-dorking, osint07-Dec-2023
Markdown XSS tipshttps://medium.com/@lopseg/markdown-xss-tips-e166905b1f5e?source=rss------bug_bounty-5Lopsegbug-bounty-tips, info-sec-writeups, xss-attack, bug-bounty, bug-bounty-writeup07-Dec-2023
Hunt for GitHub leaks with LOPSEG DORK HELPERhttps://medium.com/@lopseg/hunt-for-github-leaks-with-lopseg-dork-helper-c3ce96cb4177?source=rss------bug_bounty-5Lopsegbug-bounty-writeup, hacking-tools, bug-bounty, bug-bounty-tips, bug-bounty-hunter07-Dec-2023
Enhancing Bug Bounty Hunting with Lopseg OSINThttps://medium.com/@lopseg/enhancing-bug-bounty-hunting-with-lopseg-osint-4f2fd075621a?source=rss------bug_bounty-5Lopsegbug-bounty, ctf, bug-bounty-writeup, cybersecurity, bug-bounty-tips07-Dec-2023
Enhancing Bug Bounty Hunting with Lopseg OSINThttps://medium.com/@lopseg/enhancing-bug-bounty-hunting-with-lopseg-osint-4f2fd075621a?source=rss------bug_bounty-5Lopsegbug-bounty, ctf, bug-bounty-writeup, bug-bounty-tips, hacking-tools07-Dec-2023
Markdown XSS polyglothttps://medium.com/@lopseg/markdown-xss-tips-e166905b1f5e?source=rss------bug_bounty-5Lopsegbug-bounty-tips, info-sec-writeups, xss-attack, bug-bounty, bug-bounty-writeup07-Dec-2023
20 Days Of Hacking: Bug Bounty Challenge —Conclusionhttps://wallotry.medium.com/20-days-of-hacking-bug-bounty-challenge-conclusion-0ac57a737883?source=rss------bug_bounty-5Wallotrybug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-hunting06-Dec-2023
The Secret World of Malicious Strings and Hidden Threats – Are You at Risk?https://medium.com/@paritoshblogs/the-secret-world-of-malicious-strings-and-hidden-threats-are-you-at-risk-cb25535d4718?source=rss------bug_bounty-5Paritoshinformation-security, hacking, http-headers, bug-bounty, cybersecurity06-Dec-2023
Python Program to find GCD (Greatest Common Divisor) for Cryptographyhttps://rajput623929.medium.com/python-program-to-find-gcd-greatest-common-divisor-for-cryptography-816075bba2fa?source=rss------bug_bounty-5Mr.Horbiocybersecurity, hacking, crytocurrency, cryptography, bug-bounty06-Dec-2023
API Security — Web Security Academyhttps://mrshan.medium.com/api-security-web-security-academy-3578589fc3fa?source=rss------bug_bounty-5MR SHANweb-security-academy, bug-bounty06-Dec-2023
Spool Unveils Comprehensive Bug Bounty Programme to Fortify DeFi Securityhttps://medium.com/spoolfi/spool-unveils-comprehensive-bug-bounty-programme-to-fortify-defi-security-673559c463dd?source=rss------bug_bounty-5Spoolbug-bounty, security, blockchain, defi, smart-contracts06-Dec-2023
Cheat code for file upload vulnerability by kidnapshadowhttps://medium.com/@kidnapshadow/cheat-code-for-file-upload-vulnerability-by-kidnapshadow-ebb0794581f2?source=rss------bug_bounty-5Kidnapshadowkidnapshadow, owasp, vulnerability, file-upload-vulnerability, bug-bounty06-Dec-2023
API Documentation Tipshttps://medium.com/@lopseg/api-documentation-tips-e36e63f47589?source=rss------bug_bounty-5Rafael Silvabug-bounty-tips, bug-hunting, bug-bounty06-Dec-2023
From Bug Bounty Prodigy to Leadership Luminary: Aditya Shende Ascends at XCOODEhttps://medium.com/@xcoode/from-bug-bounty-prodigy-to-leadership-luminary-aditya-shende-ascends-at-xcoode-18a6aaab1471?source=rss------bug_bounty-5XCOODEcybersecurity, bug-bounty, leadership, cyber05-Dec-2023
Empowering the Next Generation: XCOODE Unveils Hacckers Bug Bounty Platform for Cyber Enthusiastshttps://medium.com/@xcoode/empowering-the-next-generation-xcoode-unveils-hacckers-bug-bounty-platform-for-cyber-enthusiasts-bc6dc31c27b9?source=rss------bug_bounty-5XCOODEcybersecurity, hacker, cyber, bug-bounty05-Dec-2023
PDF Upload Leading to Stored XSShttps://medium.com/@katmaca2014/pdf-upload-leading-to-stored-xss-f712326705ee?source=rss------bug_bounty-5Kaan Atmacacybersecurity, penetration-testing, bug-bounty, hacking, pentesting05-Dec-2023
LFI via SMTP log poisoninghttps://medium.com/@akshadjoshi/lfi-via-smtp-log-poisoning-65e02dd21068?source=rss------bug_bounty-5Akshad Joshilog-poisoning, local-file-inclusion, smtp, bug-bounty, rce05-Dec-2023
Bypassing 2FA Authentication in TeamPass Systemhttps://medium.com/@developer_1991/bypassing-2fa-authentication-in-teampass-system-f3184fe8589d?source=rss------bug_bounty-5HamidReza Faghanibug-bounty, account-takeover, security, 0day, exploitation05-Dec-2023
Admin Panel Accesshttps://medium.com/@omdubey170/admin-panel-access-5dd2fd4938a0?source=rss------bug_bounty-5Omdubeybug-bounty, bugs, bug-bounty-tips, ethical-hacking, pentesting05-Dec-2023
LFI on Microsofthttps://medium.com/@sushilgill08/lfi-on-microsoft-2d30c9283534?source=rss------bug_bounty-5Sushil Choudharyhackerone, bug-hunting, microsoft, bug-bounty, bugbounty-writeup04-Dec-2023
How I Found A Website Vulnerability In Under 10 Minuteshttps://medium.com/@abidmafahim7/how-i-found-a-website-vulnerability-in-under-10-minutes-2b2ff934545d?source=rss------bug_bounty-5Abidmafahimgit-exposed, web-vulnerabilities, bug-bounty04-Dec-2023
Elevating Security: Whatfix Transition to a Custom Vulnerability Disclosure Program (VDP)https://medium.com/whatfix-techblog/elevating-security-whatfix-transition-to-a-custom-vulnerability-disclosure-program-vdp-e6d5a7e11c9d?source=rss------bug_bounty-5Kamlesh Tukaralvulnerability-disclosure, whatfix, vdp, bug-bounty, infosec04-Dec-2023
The Hidden Dangers Lurking in Your Active Directory Certificate Services – What You Need to Know…https://medium.com/@paritoshblogs/the-hidden-dangers-lurking-in-your-active-directory-certificate-services-what-you-need-to-know-7c735c09e0fd?source=rss------bug_bounty-5Paritoshcybersecurity, active-directory, bug-bounty, information-security, adc04-Dec-2023
Bug Hunter journal day #3 and #4https://medium.com/@joaomaia171820/bug-hunter-journal-day-3-and-4-37b4c653abd9?source=rss------bug_bounty-5Jhonny_The_Kidbug-bounty-writeup, bug-bounty-program, bug-bounty, cybersecurity04-Dec-2023
Javascript Analysis to SQL injectionhttps://melguerdawi.medium.com/javascript-analysis-to-sql-injection-ca763f9c4c4e?source=rss------bug_bounty-5Mostafa Elguerdawibug-bounty, bug-bounty-tips, hackerone, sql-injection04-Dec-2023
Web Enumeration With Gobusterhttps://medium.com/@ronak.d.sharma111/web-enumeration-with-gobuster-ca4ac46da90b?source=rss------bug_bounty-5Ronak Sharmacybersecurity, hacking, bug-bounty04-Dec-2023
20 Days Of Hacking: Bug Bounty Challenge — Day 2https://wallotry.medium.com/20-days-of-hacking-bug-bounty-challenge-day-2-51b02ca865ea?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-writeup, bug-bounty-tips03-Dec-2023
How I Found My First Website Vulnerability as a Web Pentesterhttps://medium.com/@abidmafahim7/how-i-found-my-first-website-vulnerability-as-a-web-pentester-2dee809e0eea?source=rss------bug_bounty-5Abidmafahimsql-injection-attack, bug-bounty, web-vulnerabilities, xss-vulnerability03-Dec-2023
My first and simple ATO in a private programhttps://medium.com/@pabs2141/my-first-and-simple-ato-in-a-private-program-212c6b17b245?source=rss------bug_bounty-5PanSabug-bounty, bug-bounty-writeup, hacking, account-takeover03-Dec-2023
My Confusion Over Local File Inclusionhttps://medium.com/illuminations-mirror/my-confusion-over-local-file-inclusion-11f3d7c43b23?source=rss------bug_bounty-5Quintius Walkerpoetry, bug-bounty, writeup, cybersecurity, poetry-on-medium03-Dec-2023
The Shocking Secrets Behind Foolproof Vulnerability Response!https://medium.com/@paritoshblogs/the-shocking-secrets-behind-foolproof-vulnerability-response-fc6fe8b91d47?source=rss------bug_bounty-5Paritoshvulnerability, cybersecurity, bug-bounty, hacking, information-security03-Dec-2023
The ONE Vulnerability Every Website Owner Fears — Learn How YOU Can Expose It!https://medium.com/@paritoshblogs/the-one-vulnerability-every-website-owner-fears-learn-how-you-can-expose-it-71fef31b0ece?source=rss------bug_bounty-5Paritoshprogramming, bug-bounty, hacking, information-security, cybersecurity03-Dec-2023
My First Valid Bug!!!https://medium.com/@sushilgill08/my-first-valid-bug-444f26e1f8be?source=rss------bug_bounty-5Sushil Choudharycybersecurity, bug-bounty-writeup, bugbounty-tips, bug-hunting, bug-bounty03-Dec-2023
Everything I know on Reconhttps://medium.com/@joshdesharnais1/everything-i-know-on-recon-689f6a535757?source=rss------bug_bounty-5Joshua Desharnaisrecon, tools-and-resources, tools, bug-bounty, bug-bounty-tips03-Dec-2023
Streamable Finance Bug Bounty Campaign is live!https://streamablefinance.medium.com/streamable-finance-bug-bounty-campaign-is-live-2ced6e4c68d5?source=rss------bug_bounty-5Streamable Financebug-bounty, product-launch03-Dec-2023
Business Logic Vulnerability: Payment bypasshttps://vrushabhd.medium.com/business-logic-vulnerability-payment-bypass-9335bdbdbdf6?source=rss------bug_bounty-5Mr. Vrushabhpentesting, bug-bounty, vulnerability, bug-bounty-tips, hackerone03-Dec-2023
How I Created an Advanced Web Code Analyzer Using ChatGPThttps://infosecwriteups.com/how-i-created-an-advanced-web-code-analyzer-using-chatgpt-6b32a7d42f88?source=rss------bug_bounty-5Jarred Longoriacybersecurity, chatgpt, infosec, bug-bounty03-Dec-2023
Azure Log Analysis: Real-Life Incidents and Practical Tips to Safeguardhttps://medium.com/@paritoshblogs/azure-log-analysis-real-life-incidents-and-practical-tips-to-safeguard-077faf28919b?source=rss------bug_bounty-5Paritoshcybersecurity, incident-response, azure, bug-bounty, information-security03-Dec-2023
How to debug android native libraries using JEB decompiler?https://medium.com/@shubhamsonani/how-to-debug-android-native-libraries-using-jeb-decompiler-eec681a22cf3?source=rss------bug_bounty-5Shubham Sonanibug-bounty, hacking, android, cybersecurity, penetration-testing03-Dec-2023
How to bypass debugger detection in Android/iOS native libraries using IDA Pro?https://medium.com/@shubhamsonani/how-to-bypass-debugger-detection-in-android-ios-native-libraries-using-ida-pro-3e289c2127d6?source=rss------bug_bounty-5Shubham Sonanibug-bounty, cybersecurity, android, hacking, penetration-testing03-Dec-2023
How to debug Android/iOS native library using GDB debugger?https://medium.com/@shubhamsonani/how-to-debug-android-ios-native-library-using-gdb-debugger-d02c0e0341eb?source=rss------bug_bounty-5Shubham Sonanihacking, penetration-testing, cybersecurity, technology, bug-bounty03-Dec-2023
20 Days Of Hacking: Bug Bounty Challenge — Day 1https://wallotry.medium.com/20-days-of-hacking-bug-bounty-challenge-day-1-38a1735644ab?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty02-Dec-2023
Vulnerability Discovery in SRC — Concurrencyhttps://medium.com/@rynnnn617/vulnerability-discovery-in-src-concurrency-baa9ffdfa9d9?source=rss------bug_bounty-5Ry4nnnnconcurrency, bug-bounty-tips, bug-bounty02-Dec-2023
Lateral Movement Techniques Through File Share Exploitationhttps://medium.com/@paritoshblogs/lateral-movement-techniques-through-file-share-exploitation-a50d1ffdb8e7?source=rss------bug_bounty-5Paritoshlateral-movement, hacking, information-security, cybersecurity, bug-bounty02-Dec-2023
The Rising Threat of Cookie Theft and RMM Takeoverhttps://medium.com/@paritoshblogs/the-rising-threat-of-cookie-theft-and-rmm-takeover-bafe0013ffc0?source=rss------bug_bounty-5Paritoshrealtime-monitoring, cookies, cybersecurity, hacking, bug-bounty02-Dec-2023
Bug Hunter journal day(week) #1https://medium.com/@joaomaia171820/bug-hunter-journal-day-week-1-699926bf1a70?source=rss------bug_bounty-5Jhonny_The_Kidbug-bounty-writeup, bug-bounty-program, bug-bounty, pentest02-Dec-2023
Mastering Bug Bounty: A Comprehensive Guide to Earning Money Ethically and Safely in Cybersecurity.https://medium.com/@thecyberxcompany/mastering-bug-bounty-a-comprehensive-guide-to-earning-money-ethically-and-safely-in-cybersecurity-46c1b44f52fd?source=rss------bug_bounty-5The CyberX Companyethical-hacking, hacking, cybersecurity, bug-bounty, earn-money-online02-Dec-2023
Mastering Bug Bounty Hunting: A Comprehensive Guide to Launch Your Cybersecurity Career.https://medium.com/@thecyberxcompany/mastering-bug-bounty-hunting-a-comprehensive-guide-to-launch-your-cybersecurity-career-5553ddcced30?source=rss------bug_bounty-5The CyberX Companybug-bounty-tips, bugs, ethical-hacking, cybersecurity, bug-bounty02-Dec-2023
How MAC Spoofing works and How attackers do that!!https://medium.com/@hackerdom_devil/how-mac-spoofing-works-and-how-attackers-do-that-57797179430f?source=rss------bug_bounty-5Gokuleswaran Bethical-hacking, mac-spoofing, penetration-testing, bug-bounty, bug-bounty-tips02-Dec-2023
Top 25 Advanced Google Dorks for OSINT and Bug Bounty Huntinghttps://osintteam.blog/top-25-advanced-google-dorks-for-osint-and-bug-bounty-hunting-f2d9dceed068?source=rss------bug_bounty-5as-squirrelbug-bounty, osint, cybersecurity, google-dorks-list, hacking02-Dec-2023
Day 12 Bug Bounty — 60 days 60 bugs challenge (Didn’t found anything, but could be something…https://medium.com/@avbhijitdutta99/day-12-bug-bounty-60-days-60-bugs-challenge-didnt-found-anything-but-could-be-something-ba0324d96ce7?source=rss------bug_bounty-5Abhijit Duttabug-bounty, bug-bounty-hunter, bugbountychallenge, bug-bounty-writeup01-Dec-2023
Writing High-Quality Bug Reports: Best Practices for Effective Bug Bounty Huntinghttps://medium.com/@prathameshbagul/writing-high-quality-bug-reports-best-practices-for-effective-bug-bounty-hunting-74542dff9793?source=rss------bug_bounty-5Prathcybersecurity, pentesting, report, bug-bounty-tips, bug-bounty01-Dec-2023
What is this httpx thing? Using it in your adventure with Bugbounty?https://systemweakness.com/what-is-this-httpx-thing-using-it-in-your-adventure-with-bugbounty-f91f1ef31d49?source=rss------bug_bounty-5Vicky Aryanrecon, bug-bounty, cybersecurity, hacking, httpx01-Dec-2023
Verification Bypass via “Mass Assignment”https://larebsec.medium.com/verification-bypass-via-mass-assignment-25707e210a42?source=rss------bug_bounty-5Larebbug-bounty, cybersecurity, bugbounty-writeup, hacking, vulnerability01-Dec-2023
How attackers use ARP Spoofing / Poisoning to takeover a complete Network!!https://medium.com/@hackerdom_devil/how-attackers-use-arp-spoofing-poisoning-to-takeover-a-complete-network-8477cea362c4?source=rss------bug_bounty-5Gokuleswaran Bpenetration-testing, bug-bounty, ethical-hacking, network-security, arp-spoofing01-Dec-2023
Building Kubernetes Detections: Strengthening Security with Real-world Exampleshttps://medium.com/@paritoshblogs/building-kubernetes-detections-strengthening-security-with-real-world-examples-8268cddd852f?source=rss------bug_bounty-5Paritoshbug-bounty, cybersecurity, programming, information-security, hacking01-Dec-2023
Part 03 | What To Do After Choosing a Target? | Post Recon |Bug Bountyhttps://infosecwriteups.com/part-03-what-to-do-after-choosing-a-target-post-recon-bug-bounty-1a7f431b4d79?source=rss------bug_bounty-5Om Arorabug-bounty, hacking, bug-bounty-tips, methodology, infosec01-Dec-2023
Navigating the Bug Bounty Arena: Earn $605,000 Reward, Learn Morehttps://medium.com/coded-tech-talk/navigating-the-bug-bounty-arena-earn-605-000-reward-learn-more-e754e077a81c?source=rss------bug_bounty-5Coded Conversationsbug-bounty-tips, cybersecurity, security, hacking, bug-bounty01-Dec-2023
Project 2510: Bug Bounty Challenge — The End?https://wallotry.medium.com/project-2510-bug-bounty-challenge-the-end-afb67ea2abd1?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunting, bug-bounty30-Nov-2023
Exploring the Logic of XSS Attacks and Bypassing Techniques through Browser Decodinghttps://medium.com/@test_90648/considering-xss-attacks-and-bypass-logic-from-the-perspective-of-browser-decoding-logic-can-provide-b4579d3c458b?source=rss------bug_bounty-5JessicaSecurityxs, bug-bounty, web, security, browsers30-Nov-2023
What is SQL injectionhttps://medium.com/@savanghori1203/what-is-sql-injection-a3907c6967a5?source=rss------bug_bounty-5Savanghorivulnerability, bug-bounty-tips, bug-bounty, sql-injection, sql30-Nov-2023
Cross-Site Scripting (XSS)https://medium.com/@savanghori1203/cross-site-scripting-xss-b6139b38fa2b?source=rss------bug_bounty-5Savanghoribug-bounty, xss-vulnerability, bug-bounty-tips, bugs, xss-attack30-Nov-2023
The Shocking Truth Behind Indicators of Compromise (IOCs) — You Won’t Believe What We Found!https://medium.com/@paritoshblogs/the-shocking-truth-behind-indicators-of-compromise-iocs-you-wont-believe-what-we-found-5255d54b98d9?source=rss------bug_bounty-5Paritoshbug-bounty, malware-analysis, cybersecurity, ioc, information-security30-Nov-2023
Subdomain Enumeration Techniqueshttps://medium.com/@savanghori1203/subdomain-enumeration-00f487d6b829?source=rss------bug_bounty-5Savanghoribug-bounty-tips, bug-bounty, recon, subdomains-enumeration, subdomain30-Nov-2023
Day 11 Bug Bounty — 60 days 60 bugs challengehttps://medium.com/@avbhijitdutta99/day-11-bug-bounty-60-days-60-bugs-challenge-530119a74c90?source=rss------bug_bounty-5Abhijit Duttabugbountychallenge, bug-bounty-tips, bug-bounty, bug-bounty-writeup30-Nov-2023
Network Managed Detection and Response (NMDR): Strengthening Cybersecurity Defenseshttps://medium.com/@paritoshblogs/network-managed-detection-and-response-nmdr-strengthening-cybersecurity-defenses-a8a5e989b310?source=rss------bug_bounty-5Paritoshinformation-security, managed-detection, bug-bounty, nmdr, cybersecurity30-Nov-2023
Server-Side Request Forgery (SSRF)https://medium.com/@savanghori1203/server-side-request-forgery-ssrf-1e9755b38c59?source=rss------bug_bounty-5SavanGhorissrf, vulnerability, bug-bounty, ssrf-bug, bug-bounty-tips30-Nov-2023
Ödeme sayfasında Business Logichttps://medium.com/@el-cezeri/%C3%B6deme-sayfas%C4%B1nda-business-logic-cba493d9f6b8?source=rss------bug_bounty-5Samet Yiğitbugbounty-writeup, ödülavcılığı, bug-bounty30-Nov-2023
Remote Code Execution (RCE)https://medium.com/@savanghori1203/remote-code-execution-rce-9f078b98316a?source=rss------bug_bounty-5SavanGhoribugs, bug-bounty-tips, bug-bounty, rce, vulnerability30-Nov-2023
Insecure Direct Object Reference(IDOR)https://medium.com/@savanghori1203/idor-insecure-direct-object-reference-88576225e265?source=rss------bug_bounty-5SavanGhorivulnerability, idor, bugs, bug-bounty, bug-bounty-tips30-Nov-2023
Simple Recon Di Android Menggunakan Tools TheTimeMachine dan Dirsearchhttps://alpinnnnnn13.medium.com/simple-recon-di-android-menggunakan-tools-thetimemachine-dan-dirsearch-3384aad17c15?source=rss------bug_bounty-5Mohammad Alfin Hidayatullahbug-bounty, bug-bounty-tips, recon, scanning30-Nov-2023
Race Condition - A cURL Chaoshttps://shahjerry33.medium.com/race-condition-a-curl-chaos-820cb289cbf1?source=rss------bug_bounty-5Jerry Shah (Jerry)cybersecurity, infosec, bug-bounty, vulnerability, pentesting30-Nov-2023
Easy Bug Hunting: HTML Injection Explained Step by Step”https://medium.com/@faizankhaliq26/easy-bug-hunting-html-injection-explained-step-by-step-011901f183d9?source=rss------bug_bounty-5MUHAMMAD FAIZAN KHANbwapp, bug-bounty, web-application-security, penetration-testing, html-injection30-Nov-2023
Top Free Resources for Ethical Hacking and Bug Bounty Beginners & Expertshttps://infosecwriteups.com/top-free-resources-for-ethical-hacking-and-bug-bounty-beginners-experts-9556ef045db4?source=rss------bug_bounty-5Jarred Longoriacybersecurity, ethical-hacking, bug-bounty, free-resources30-Nov-2023
1.11 Lab: Blind SQL injection with time delays and information retrieval | 2023https://cyberw1ng.medium.com/1-11-lab-blind-sql-injection-with-time-delays-and-information-retrieval-2023-e8123405e87d?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, penetration-testing, hacking, bug-bounty30-Nov-2023
Easy Bug Hunting: HTML Injection Explained Step by Stephttps://medium.com/@faizankhaliq26/easy-bug-hunting-html-injection-explained-step-by-step-011901f183d9?source=rss------bug_bounty-5MUHAMMAD FAIZAN KHANbwapp, bug-bounty, web-application-security, penetration-testing, html-injection30-Nov-2023
Rise of Broken Access Controlhttps://medium.com/@rafinrahmanchy/rise-of-broken-access-control-51356916235f?source=rss------bug_bounty-5Rafin Rahman Chybug-bounty, appsec, application-security, infosec, web-security30-Nov-2023
Easy Bug Hunting: HTML Injection Explained Step by Stephttps://medium.com/@faizankhaliq26/easy-bug-hunting-html-injection-explained-step-by-step-011901f183d9?source=rss------bug_bounty-5bwapp, bug-bounty, web-application-security, penetration-testing, html-injection30-Nov-2023
Day 10 Bug Bounty — 60 days 60bugs challenge — New Start!https://medium.com/@avbhijitdutta99/day-10-bug-bounty-60-days-60bugs-challenge-new-start-832988aeb569?source=rss------bug_bounty-5Abhijit Duttabug-bounty, bug-bounty-tips, bugbountychallenge, bug-bounty-writeup29-Nov-2023
Windows Login Bypasshttps://infosecwriteups.com/windows-login-bypass-eab148bc9dd5?source=rss------bug_bounty-5c0d3x27software-development, bug-bounty, cybersecurity, windows, hacking29-Nov-2023
Cybersecurity Risk of Opening Up to the Internethttps://medium.com/@paritoshblogs/cybersecurity-risk-of-opening-up-to-the-internet-c624c9a018ba?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, programming, hacking, internet-of-things29-Nov-2023
OSINT: How to find information on anyonehttps://medium.com/@sakthi172000/osint-how-to-find-information-on-anyone-14514216cec1?source=rss------bug_bounty-5SAKTHIVEL Pbug-bounty, infosec, cybersecurity, osint, osint-tool29-Nov-2023
Mastering API Penetration Testing: A Comprehensive Guide for Security Pentestershttps://infosecwriteups.com/mastering-api-penetration-testing-a-comprehensive-guide-for-security-pentesters-bf62f65b5b21?source=rss------bug_bounty-5Suprajabaskaranethical-hacking, bug-bounty, pentesting, cybersecurity, api29-Nov-2023
Useful tools for bug hunterhttps://medium.com/@cyberhansu/useful-tools-for-bug-hunter-f493866fa1bc?source=rss------bug_bounty-5cyberhansuhunter-s-thompson, bug-hunting, bug-bounty, hacker, bug-hunter29-Nov-2023
How to make money legally as a Hackerhttps://medium.com/@cyberhansu/how-to-make-money-legally-as-a-hacker-c27037b143a9?source=rss------bug_bounty-5cyberhansubug-bounty, make-money, web-application-security, mobileapplicationsecurity29-Nov-2023
PII Disclosure Worth $750https://vijetareigns.medium.com/pii-disclosure-worth-750-758b72e7e8ca?source=rss------bug_bounty-5the_unlucky_guybug-bounty-tips, bugbounty-writeup, bug-bounty, bug-bounty-writeup, cybersecurity29-Nov-2023
R.xyz: Web3 Bug Bounty Platformhttps://medium.com/coinmonks/r-xyz-web3-bug-bounty-platform-95d48c911989?source=rss------bug_bounty-5Officer's Notessmart-contract-security, bug-bounty-tips, bug-bounty, hacking, web329-Nov-2023
CRLF to XSShttps://medium.com/@a7med.ctf/crlf-to-xss-8059ceefd349?source=rss------bug_bounty-5Ahmed Mahmouedsnapchat, bug-bounty-tips, hacker, bug-bounty29-Nov-2023
Aztec Multiple-Spend Error Bugfix Reviewhttps://medium.com/immunefi/aztec-multiple-spend-error-bugfix-review-20074581d224?source=rss------bug_bounty-5Immunefi Editorcryptocurrency, security, bug-bounty, web3, multiple-spend-error29-Nov-2023
1.10 Lab: Blind SQL injection with time delays | 2023https://cyberw1ng.medium.com/1-10-lab-blind-sql-injection-with-time-delays-2023-a95a3b8557ec?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, hacking, cybersecurity, careers29-Nov-2023
IWCON 2023 CTF Registrations Now Openhttps://infosecwriteups.com/iwcon-2023-ctf-registrations-now-open-46c2611714f0?source=rss------bug_bounty-5InfoSec Write-upsctf, conference, infosec, hacking, bug-bounty29-Nov-2023
Top 25 Advanced Google Dorks for Uncovering Sensitive Documentshttps://osintteam.blog/top-25-advanced-google-dorks-for-uncovering-sensitive-documents-a9705e05353d?source=rss------bug_bounty-5as-squirrelosint, cybersecurity, hacking, google-dork, bug-bounty29-Nov-2023
Fat GET Authorization Bypasshttps://medium.com/techiepedia/fat-get-authorization-bypass-521a1ca37b6e?source=rss------bug_bounty-5Jessprogramming, hackerone, security, bug-bounty, bug-bounty-tips29-Nov-2023
HackTheBox — Web Attacks: Error Based XXE to exfiltrate datahttps://medium.com/@harry.hphu/hackthebox-web-attacks-error-based-xxe-to-exfiltrate-data-3f577eef18c7?source=rss------bug_bounty-5Huy Phuowasp-top-10, web-security, hackthebox, xxe-attack, bug-bounty28-Nov-2023
HackTheBox — Web Attacks: XXE with Blind Exfiltration Datahttps://medium.com/@harry.hphu/hackthebox-web-attacks-xxe-with-blind-exfiltration-data-123d4be1245e?source=rss------bug_bounty-5Huy Phubug-bounty, owasp-top-10, web-security, xxe-attack, hackthebox28-Nov-2023
Catching C2s with Regex Signatures, TLS Certificates, and OSINThttps://medium.com/@paritoshblogs/catching-c2s-with-regex-signatures-tls-certificates-and-osint-8871d9a46602?source=rss------bug_bounty-5Paritoshbug-bounty, information-security, cybersecurity, command-and-control, hacking28-Nov-2023
Apple security research.https://medium.com/@abhay2432455/apple-security-research-8780372757be?source=rss------bug_bounty-5Abhay Kailasiagoogle, apple, cybersecurity, bug-bounty, bug-bounty-writeup28-Nov-2023
XSS - Weaponization ATOhttps://p4n7h3rx.medium.com/xss-weaponization-ato-1de0ee30526b?source=rss------bug_bounty-5p4n7h3rxpenetration-testing, cybersecurity, infosec, bug-bounty-tips, bug-bounty28-Nov-2023
1.9 Lab: Visible error-based SQL injection | 2023https://cyberw1ng.medium.com/1-9-lab-visible-error-based-sql-injection-2023-771157e90ad8?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, bug-bounty, careers, penetration-testing28-Nov-2023
VulnLab — SQLi Injection series — Bypass Loginhttps://medium.com/@deandradarra05/vulnlab-sqli-injection-series-bypass-login-0d6af43a395d?source=rss------bug_bounty-5Deandradarrapenetration-testing, cybersecurity, bug-bounty, sqli28-Nov-2023
The Bug Hunter’s Methodology Live Course Reviewhttps://medium.com/@cybersekler/the-bug-hunters-methodology-live-course-review-4261a7a9121e?source=rss------bug_bounty-5Cyber Seklerhacking, red-team, reconnaissance, bug-bounty, application-security28-Nov-2023
Hall of Fame at NASAhttps://medium.com/@bijoy.redteamacademy/hall-of-fame-at-nasa-91539af7826c?source=rss------bug_bounty-5BIJOY Bgoogle-ads, hacker-news, google, nasa, bug-bounty28-Nov-2023
Understanding and Mitigating Insecure Direct Object References (IDOR) Vulnerabilitieshttps://medium.com/@harry.hphu/understanding-and-mitigating-insecure-direct-object-references-idor-vulnerabilities-b27047015e15?source=rss------bug_bounty-5Huy Phuidor-vulnerability, bug-bounty, web-security, owasp-top-10, hackthebox27-Nov-2023
Burpsuite Custom Scan Profileshttps://mrrootsec.medium.com/burpsuite-custom-scan-profiles-12a9df9e36bd?source=rss------bug_bounty-5mrrootsecowasp-top-10, bug-bounty, application-security-test27-Nov-2023
Understanding XML External Entity (XXE) Vulnerabilitieshttps://medium.com/@harry.hphu/understanding-xml-external-entity-xxe-vulnerabilities-e8b64c2c2b3c?source=rss------bug_bounty-5Huy Phubug-bounty, owasp-top-10, xml-injection, hackthebox, web-security27-Nov-2023
Confounding Adversaries Through the Art of Illusionhttps://medium.com/@paritoshblogs/confounding-adversaries-through-the-art-of-illusion-5cc56090d93a?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, information-security, cybersecurity, hacking27-Nov-2023
Unveiling Critical Bug Using Directory Search — Bug Bounty Tip!https://medium.com/@learningstuff110/unveiling-critical-bug-using-directory-search-bug-bounty-tip-330d4d9900ee?source=rss------bug_bounty-5Fahad Hasanweb-app-development, vulnerability, bug-bounty, cybersecurity, penetration-testing27-Nov-2023
Confounding Adversaries Through the Art of Illusionhttps://osintteam.blog/confounding-adversaries-through-the-art-of-illusion-5cc56090d93a?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, information-security, cybersecurity, hacking27-Nov-2023
Ruby One — Bug Bounty Program & Claim Your $RUBYhttps://rubyprotocol.medium.com/ruby-one-bug-bounty-program-claim-your-ruby-848c81c4b164?source=rss------bug_bounty-5Ruby Protocolblockchain, cryptocurrency, bug-bounty, crypto, ethereum27-Nov-2023
HTTP/2 Request Smugglinghttps://medium.com/@kerstanhgnhzhw/http-2-request-smuggling-eb56cfd84a37?source=rss------bug_bounty-5kerstanweb-security, bug-bounty, security, request-smuggling, pentesting27-Nov-2023
Kaynak kodu ile XSS’i nasıl buldum ?https://medium.com/@el-cezeri/kaynak-kodu-ile-xssi-nas%C4%B1l-buldum-9cf2632f4717?source=rss------bug_bounty-5Samet Yiğitxss-attack, bug-bounty-tips, ödülavcılığı, bug-bounty27-Nov-2023
Website Scanner…https://medium.com/@psychomong/website-scanner-4856d77bc600?source=rss------bug_bounty-5psychomonghacking, gui, scanner, bug-bounty, web27-Nov-2023
@pdiscoveryio’s Katana for Bug Bounty.https://medium.com/@BrownBearSec/pdiscoveryios-katana-for-bug-bounty-1aee11cfae14?source=rss------bug_bounty-5BrownBearSecbug-bounty, cybersecurity, bug-bounty-tips, red-team, infosec27-Nov-2023
1.8 Lab: Blind SQL injection with conditional errors | 2023https://cyberw1ng.medium.com/1-8-lab-blind-sql-injection-with-conditional-errors-2023-da84a7836bcd?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, cybersecurity, bug-bounty27-Nov-2023
My bug bounty journey: #1 Linuxhttps://medium.com/@VDMoscar/my-bug-bounty-journey-1-linux-176d3b4f4065?source=rss------bug_bounty-5Oscar Vandermeulenbug-bounty, hacking27-Nov-2023
Code4rena Audithttps://medium.com/@panoptic_xyz/code4rena-audit-96902468eece?source=rss------bug_bounty-5Panopticpanoptic, audit, bug-bounty, perpetual-options27-Nov-2023
“Navigating Risks: Vulnerability Stemming from a Third-Party Integration”https://shubhdeepp.medium.com/navigating-risks-vulnerability-stemming-from-a-third-party-integration-c877d15977d8?source=rss------bug_bounty-5shubhdeepvulnerability-assessment, vulnerability, cybersecurity, bug-bounty, supply-chain-management27-Nov-2023
HackTheBox — Web Attacks: From XXE Injection to Advanced Local File Disclosurehttps://medium.com/@harry.hphu/hackthebox-web-attacks-from-xxe-injection-to-advanced-local-file-disclosure-64d1bf5acdca?source=rss------bug_bounty-5Huy Phuweb-security, owasp-top-10, bug-bounty, xxe-attack, hackthebox27-Nov-2023
HackTheBox — Web Attacks: Mass IDOR enumerationhttps://medium.com/@harry.hphu/hackthebox-web-attacks-mass-idor-enumeration-dc12da1f6333?source=rss------bug_bounty-5Huy Phuhackthebox, owasp-top-10, bug-bounty, web-attack, mass-idor-enumeration26-Nov-2023
Bug Zero at a Glance [01–18 November]https://blog.bugzero.io/bug-zero-at-a-glance-01-18-november-1cfce20b881c?source=rss------bug_bounty-5Januka Dharmapriyabug-zero, cybersecurity, bug-bounty, sri-lanka, newsletter26-Nov-2023
HackTheBox — Web Attacks — IDOR: Bypassing Encoded Referenceshttps://medium.com/@harry.hphu/hackthebox-web-attacks-idor-bypassing-encoded-references-4e28008120fc?source=rss------bug_bounty-5Huy Phuidor-vulnerability, web-security, bug-bounty, hackthebox-writeup, owasp-top-1026-Nov-2023
Waybackurls leads to pwned Admin Panelhttps://medium.com/@cybersolution2172/waybackurls-leads-to-pwned-admin-panel-ac3f728b87ac?source=rss------bug_bounty-5Satyam Singhinfosec, bug-bounty, bug-bounty-tips, hacking, vulnerability26-Nov-2023
A Thrilling Expedition into AWS Securityhttps://medium.com/@paritoshblogs/a-thrilling-expedition-into-aws-security-bbce85cd1eed?source=rss------bug_bounty-5Paritoshaws-security, aws, bug-bounty, information-security, cybersecurity26-Nov-2023
Story of Http password reset link for $$$https://devanshchauhan4565.medium.com/story-of-http-password-reset-link-for-15b583519e03?source=rss------bug_bounty-5Devansh chauhanwriting-tips, bug-bounty, bug-bounty-tips26-Nov-2023
HackTheBox — Web Attacks: IDOR in Insecure APIs Write uphttps://medium.com/@harry.hphu/hackthebox-web-attacks-idor-in-insecure-apis-write-up-7adcf4e68968?source=rss------bug_bounty-5Huy Phuhackthebox, owasp-top-10, idor-vulnerability, bug-bounty, api-security26-Nov-2023
CSRF Bug Hunting Methodology: Intermediatehttps://medium.com/@drthkol478/csrf-bug-hunting-methodology-intermediate-4d0df3b63b59?source=rss------bug_bounty-5Mikołaj Prus ( nullorx )network, web-app-security, bug-bounty, csrf, application-security26-Nov-2023
Explorando redes com ESP32 WIFI.https://higordiego.medium.com/explorando-redes-com-esp32-wifi-5b15d48d0880?source=rss------bug_bounty-5Higor Diegobug-bounty, pentesting, wifi, tutorial, iot26-Nov-2023
1.7 Lab: Blind SQL injection with conditional responses | 2023https://cyberw1ng.medium.com/1-7-lab-blind-sql-injection-with-conditional-responses-2023-db2102f1ce44?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, bug-bounty, hacking, cybersecurity26-Nov-2023
Exploring Networks with ESP32 WIFI.https://higordiego.medium.com/exploring-networks-with-esp32-wifi-778a8d42b7f1?source=rss------bug_bounty-5Higor Diegonetwork-security, pentesting, iot-security, osint, bug-bounty26-Nov-2023
Mastering the Art of Bug Bounty Reconnaissancehttps://medium.com/@faizankhaliq26/mastering-the-art-of-bug-bounty-reconnaissance-5e1ec42fc405?source=rss------bug_bounty-5MUHAMMAD FAIZAN KHANweb-application-testing, recon, information-gathering, web-application-security, bug-bounty26-Nov-2023
Writeup Bugcrowd — Private program — QR codeshttps://medium.com/@embossdotar/writeup-bugcrowd-private-program-qr-codes-fa338161175a?source=rss------bug_bounty-5embossdotarbugcrowd, writeup, bug-bounty, it-security, cybersecurity26-Nov-2023
How I Made $$$ Using Open-Redirecthttps://medium.com/@rahulnakum/how-i-made-using-open-redirect-799f9ab14bda?source=rss------bug_bounty-5Rahul Nakumbug-bounty25-Nov-2023
What Happens When Hackers Gain Local Account Access !!https://medium.com/@paritoshblogs/what-happens-when-hackers-gain-local-account-access-64fc39ed25f5?source=rss------bug_bounty-5Paritoshpentesting, bug-bounty, programming, cybersecurity, hacking25-Nov-2023
First massive bug: Noise’s AWS Bucket Misconfigurationhttps://anshjain-napster.medium.com/first-massive-bug-noises-aws-bucket-misconfiguration-802821ed98b6?source=rss------bug_bounty-5Napster_Anshvulnerability, bug-bounty, aws-s3, cybersecurity, security25-Nov-2023
how to install waybackurls on parrot OS in 3 simple stepshttps://medium.com/@diy_tech_genuis/how-to-install-waybackurls-on-parrot-os-in-3-simple-steps-fb4746302647?source=rss------bug_bounty-5diy_tech_genuishacking, diytechgenius, waybackurls, bug-bounty, parrotos25-Nov-2023
1.6 Lab: SQL injection UNION attack, retrieving multiple values in a single column | 2023https://cyberw1ng.medium.com/1-6-lab-sql-injection-union-attack-retrieving-multiple-values-in-a-single-column-2023-6fb957198939?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, bug-bounty, hacking25-Nov-2023
Detecting and Confirming Exfiltration Activity Through Endpoint Detection and Response (EDR)https://medium.com/@paritoshblogs/detecting-and-confirming-exfiltration-activity-through-endpoint-detection-and-response-edr-6ff4c89e9847?source=rss------bug_bounty-5Paritoshhacking, cybersecurity, bug-bounty, information-security, edr25-Nov-2023
5 thing most new bug bounty hunters do wronghttps://medium.com/@diy_tech_genuis/5-thing-most-new-bug-bounty-hunters-do-wrong-321cb152363c?source=rss------bug_bounty-5diy_tech_genuisdiytechgenius, hacking, help, tips, bug-bounty25-Nov-2023
$20,000 Paid For A Bug That No One Has Ever Expectedhttps://siddardajagabathina.medium.com/20-000-paid-for-a-bug-that-no-one-has-ever-expected-5a4778620999?source=rss------bug_bounty-5SIDDARDA GOWTHAM JAGABATHINAhackerone, bug-bounty, bugs, cybersecurity, cybersecurity-awareness25-Nov-2023
Critical misconfiguration in Firebase-Bug bountyhttps://medium.com/@facu.tha/critical-misconfiguration-in-firebase-e682ec4239d6?source=rss------bug_bounty-5Facundo Fernandezhacking, bug-bounty, penetration-testing, cybersecurity, bug-bounty-tips25-Nov-2023
Introduction to Cybersecurity for Beginners: Understanding the Digital Security Worldhttps://medium.com/@fiqrifirdaus/introduction-to-cybersecurity-for-beginners-understanding-the-digital-security-world-f136896cda85?source=rss------bug_bounty-5Aditya Fiqri Firdausbug-bounty, cyber, cybersecurity, malware25-Nov-2023
How i get my first Logic Bug and how to find themhttps://medium.com/@zomasec/how-i-get-my-first-logic-bug-and-how-to-find-them-dd5fdf6478ee?source=rss------bug_bounty-5Hazem El-Sayedcybersecurity, web-security, bug-bounty-tips, bug-bounty, bugs25-Nov-2023
How to Find First Bug (For Beginners)https://medium.com/@rajput623929/how-to-find-first-bug-for-beginners-f594230f9e36?source=rss------bug_bounty-5Mr.Horbiocybersecurity, penetration-testing, bug-bounty, hacking, tricks24-Nov-2023
Bash Scripting Logic Section Part 01https://medium.com/@Rat_Attack72/bash-scripting-logic-section-part-01-a7424f4dd6c2?source=rss------bug_bounty-5Rat_Attack72cybersecurity, bash, shell-script, bug-bounty, automation24-Nov-2023
1.5 Lab: SQL injection UNION attack, retrieving data from other tables | 2023https://cyberw1ng.medium.com/1-5-lab-sql-injection-union-attack-retrieving-data-from-other-tables-2023-3e13076915fa?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, careers, cybersecurity24-Nov-2023
Breaking the HTTPS Barrier: A Hacker’s Guide to Sneaky Link Exploits!https://medium.com/@mohammedthoufeeq_25137/breaking-the-https-barrier-a-hackers-guide-to-sneaky-link-exploits-622b07710a1c?source=rss------bug_bounty-5Mohamed Thoufeeqcybersecurity, hackthebox, bug-bounty, hacking, programming24-Nov-2023
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 5https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-5-c1343b0f0ef9?source=rss------bug_bounty-5Hacker's Dumphacking, bug-bounty, android, pentesting, penetration-testing24-Nov-2023
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 4https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-4-9bba2880b8cb?source=rss------bug_bounty-5Hacker's Dumpbug-bounty, android, hacking, penetration-testing, hacker24-Nov-2023
Bug Hunter GPT: A Game-Changer in Cybersecurityhttps://medium.com/@multiplatform.ai/bug-hunter-gpt-a-game-changer-in-cybersecurity-b25ccbab2f93?source=rss------bug_bounty-5Multiplatform.AIbug-bounty, ai, bughuntergpt, ai-assistant, artificial-intelligence24-Nov-2023
Cybersecurity Challenges with TryHackMe: A Hands-On Approachhttps://medium.com/@paritoshblogs/cybersecurity-challenges-with-tryhackme-a-hands-on-approach-e62f76a50446?source=rss------bug_bounty-5Paritoshtryhackme, programming, hacking, bug-bounty, cybersecurity23-Nov-2023
Project 2510: Bug Bounty Challenge — Day 17/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-17-25-f1337a6f4e66?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-hunting23-Nov-2023
Yet Another Rate Limit.https://allenlopes23.medium.com/yet-another-rate-limit-71257e7b33a2?source=rss------bug_bounty-5Allen Lopesvulnerability, rate-limiting, bug-bounty23-Nov-2023
1.4 Lab: SQL injection UNION attack, finding a column containing text | 2023https://cyberw1ng.medium.com/1-4-lab-sql-injection-union-attack-finding-a-column-containing-text-2023-94f3ee243db8?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, hacking, cybersecurity, careers23-Nov-2023
bWAPP iFrame Injectionhttps://medium.com/@yusufbaris/bwapp-iframe-injection-22bee548c30a?source=rss------bug_bounty-5Yusuf Barışcybersecurity, penetration-testing, bug-bounty, web-security, hacking23-Nov-2023
Project 2510: Bug Bounty Challenge — Day 18/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-18-25-924740430094?source=rss------bug_bounty-5Wallotrybug-bounty-hunting, bug-bounty-hunter, bug-bounty-tips, bug-bounty23-Nov-2023
Powershell/JS Payloads: A Closer Look at Malicious Code Deliveryhttps://medium.com/@paritoshblogs/powershell-js-payloads-a-closer-look-at-malicious-code-delivery-818b0ee743a3?source=rss------bug_bounty-5Paritoshprogramming, hacking, bug-bounty, information-security, cybersecurity22-Nov-2023
7 Sneaky Hacks Cybercriminals Use to Outsmart Your Antivirus!https://medium.com/@paritoshblogs/7-sneaky-hacks-cybercriminals-use-to-outsmart-your-antivirus-66953a606a53?source=rss------bug_bounty-5Paritoshantivirus, cybersecurity, hacking, bug-bounty, darkweb22-Nov-2023
Apple webserver vulnerable for HTTP request Sumggling attackhttps://medium.com/@abdulriyaz1200/apple-webserver-vulnerable-for-http-request-sumggling-attack-cabe1d53dab1?source=rss------bug_bounty-5Abdulriyazbug-bounty-tips, bug-bounty, bug-bounty-writeup, apple, hall-of-fame22-Nov-2023
200$ bounty for CRLF injection Attackhttps://medium.com/@abdulriyaz1200/200-bounty-for-crlf-injection-attack-39c482bad796?source=rss------bug_bounty-5Abdulriyazbug-bounty, bug-bounty-tips, hall-of-fame, bugbounty-writeup22-Nov-2023
Mass Hunting XSS vulnerabilitieshttps://ott3rly.medium.com/mass-hunting-xss-vulnerabilities-5b53363dd3db?source=rss------bug_bounty-5Ott3rlybug-bounty-tips, bug-bounty, cross-site-scripting, bug-bounty-hunter, xss-vulnerability22-Nov-2023
Google dorking is one of the best method | Hall of fame from XXX.govhttps://medium.com/@abdulriyaz1200/google-dorking-is-one-of-the-best-method-hall-of-fame-from-xxx-gov-8db6aa3c69f3?source=rss------bug_bounty-5Abdulriyazbug-bounty, government, bug-bounty-tips22-Nov-2023
1.3 Lab: SQL injection UNION attack, determining the number of columns returned by the query | 2023https://cyberw1ng.medium.com/1-3-lab-sql-injection-union-attack-determining-the-number-of-columns-returned-by-the-query-2023-441930bf38b7?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, careers, cybersecurity22-Nov-2023
Exploiting Exposed .git File to Access Webmail Credentialshttps://medium.com/@tanyago/exploiting-exposed-git-file-to-access-webmail-credentials-4b47a3afff38?source=rss------bug_bounty-5Tanya Goyalbug-bounty, bug-bounty-writeup, bug-bounty-tips, bug-hunting22-Nov-2023
Mass Hunting XSS vulnerabilitieshttps://infosecwriteups.com/mass-hunting-xss-vulnerabilities-5b53363dd3db?source=rss------bug_bounty-5Ott3rlybug-bounty-tips, bug-bounty, cross-site-scripting, bug-bounty-hunter, xss-vulnerability22-Nov-2023
Hoping for a Bug Bounty This Year at AWS re:Invent :^)https://medium.com/cloud-security/hoping-for-a-bug-bounty-this-year-at-aws-re-invent-5c8a76d09514?source=rss------bug_bounty-5Teri Radichelawswishlist, cloud, aws, bug-bounty, security22-Nov-2023
Bug Hunter jornal Day #0https://medium.com/@joaomaia171820/bug-hunter-jornal-day-0-7a451f0292aa?source=rss------bug_bounty-5Jhonny_The_Kidcybersecurity, bug-bounty-writeup, bug-bounty-program, bug-bounty, hacking22-Nov-2023
SAML authentication bypass leads to account takeoverhttps://medium.com/@Xt3sY/saml-authentication-bypass-leads-to-account-takeover-f9aaa37a34fe?source=rss------bug_bounty-5Pushkar Bhagatbugs, bug-bounty, hacking, hackerone22-Nov-2023
How to earn $DCT on DecentraCredit Testnet V1 on Arbitrumhttps://decentracredit.medium.com/how-to-earn-dct-on-decentracredit-testnet-v1-on-arbitrum-915d9995c2e4?source=rss------bug_bounty-5Decentra Creditarbitrum, testnet-airdrop, bug-bounty, ethereum, airdrop22-Nov-2023
Semi-Automating IDORs: A Practical Approach to Working Smarter, Not Harderhttps://mux0xx.medium.com/semi-automating-idors-a-practical-approach-to-working-smarter-not-harder-5b7f1f47b55a?source=rss------bug_bounty-5Muhammed K. Sayedbug-bounty, cybersecurity, hacker, idor, hacking22-Nov-2023
Embracing the Future: Bug Bounty Hunting as a Lucrative Full-Time Careerhttps://infosecwriteups.com/embracing-the-future-bug-bounty-hunting-as-a-lucrative-full-time-career-3e4b147923f7?source=rss------bug_bounty-5Security Lit Limitedpenetration-testing, vulnerability, bug-bounty-tips, bug-bounty, cybersecurity22-Nov-2023
How i hacked a router (embedded system)https://medium.com/@Threat_Intelligence/how-i-hacked-a-router-embedded-system-9a5b8139e83e?source=rss------bug_bounty-5127.0.0.1 is safe.⚠️cybersecurity, tecnologia, hacking, bug-bounty, red-team22-Nov-2023
My First IDOR - Hiding in the Header Requesthttps://medium.com/@hbenja47/my-first-idor-hiding-in-the-header-request-8a03dddc23b5?source=rss------bug_bounty-5Benja (bronxi)hacker, bug-bounty, idor, hacking21-Nov-2023
Chaining CORS by Reflected XSS to Steal Sensitive Datahttps://infosecwriteups.com/chaining-cors-by-reflected-xss-to-steal-sensitive-data-c456e133c10d?source=rss------bug_bounty-5Mohammad reza Omranicybersecurity, infosec, steal-sensitive-data, cors-misconfiguration, bug-bounty21-Nov-2023
What is Next-Generation Antivirus (NGAV) ?https://medium.com/@paritoshblogs/what-is-next-generation-antivirus-ngav-f05267dd2613?source=rss------bug_bounty-5Paritoshbug-bounty, information-security, cybersecurity, hacking, antivirus21-Nov-2023
Top Recon Tools for Bug Bounty Huntershttps://securitycipher.medium.com/top-recon-tools-for-bug-bounty-hunters-fa655b8caf2e?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)bug-bounty, bug-bounty-tips, programming, cybersecurity, technology21-Nov-2023
Epic Bug Hunting Failures-2https://infosecwriteups.com/epic-bug-hunting-failures-2-fafb2af9b844?source=rss------bug_bounty-5Varshini Rameshdevelopment, hackerone, bug-bounty, cybersecurity, info-sec-writeups21-Nov-2023
The Crossroads of Code Crafting: A Personal Journey Between Rewriting and Quick Fixeshttps://blursdaywtf.medium.com/the-crossroads-of-code-crafting-a-personal-journey-between-rewriting-and-quick-fixes-8ab18e5a9a60?source=rss------bug_bounty-5Blursdaycoding, tech, bug-bounty, founders, apps21-Nov-2023
How I Gain $2,000-$3,000 a Month From Bug Bounties With No Code Experiencehttps://medium.com/@13032765d/how-i-gain-2-000-3-000-a-month-from-bug-bounties-with-no-code-experience-df2e89348fbb?source=rss------bug_bounty-5DataPsyLifemoney, hacking, side-hustle, bug-bounty, freelancing21-Nov-2023
Cybersecurity Toolshttps://bineshmadharapu.medium.com/cybersecurity-tools-02e85cb3c4ed?source=rss------bug_bounty-5Binesh Madharapucybersecurity, bug-bounty, network-security, nmap, ethical-hacking21-Nov-2023
CVE-2023–47837: ARMember ≤= 4.0.10 — Bypass Membership Planhttps://revan-ar.medium.com/cve-2023-47837-armember-4-0-10-bypass-membership-plan-4bc1e63f044c?source=rss------bug_bounty-5Revan Abug-bounty, wordpress, cve, bypass, privilege-escalation21-Nov-2023
SQL Injection UNION Attacks in Web App Pentesting | 2023https://cyberw1ng.medium.com/sql-injection-union-attacks-in-web-app-pentesting-2023-fbd072299b77?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, bug-bounty, cybersecurity21-Nov-2023
How to find sensitive information in an organization | (Como encontrar información sensible en una…https://medium.com/@l0calh0st/how-to-find-sensitive-information-in-an-organization-como-encontrar-informaci%C3%B3n-sensible-en-una-cb08c5128ab5?source=rss------bug_bounty-5127.0.0.1 is safe.⚠️tech, hacking, red-team, bug-bounty, cybersecurity21-Nov-2023
How I hacked Google’s bug tracking system itself for $15,600 in bountieshttps://jamilahmad-dev.medium.com/how-i-hacked-googles-bug-tracking-system-itself-for-15-600-in-bounties-0e9e36b772b9?source=rss------bug_bounty-5Jamil Ur Rehmanstartup, bug-bounty, security, google, technology21-Nov-2023
CRITICAL BUG Alert: How I HACKED into a company’s DATABASEhttps://jamilahmad-dev.medium.com/critical-bug-alert-how-i-hacked-into-a-companys-database-fc61179f5d5d?source=rss------bug_bounty-5Jamil Ur Rehmanhacking, bug-bounty-writeup, bug-bounty-tips, bug-bounty, ethical-hacking21-Nov-2023
Project 2510: Bug Bounty Challenge — Day 16/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-16-25-f881c177b749?source=rss------bug_bounty-5Wallotrybug-bounty-hunting, bug-bounty-tips, bug-bounty, bug-bounty-hunter21-Nov-2023
Detecting and Understanding Cookies in Web Developmenthttps://medium.com/@nirvana.elahi/detecting-and-understanding-cookies-in-web-development-a520b279988b?source=rss------bug_bounty-5Nirvana Elowasp-top-10, cybersecurity, bug-bounty, penetration-testing21-Nov-2023
How to find sensitive information in an organization .https://medium.com/@Threat_Intelligence/how-to-find-sensitive-information-in-an-organization-como-encontrar-informaci%C3%B3n-sensible-en-una-cb08c5128ab5?source=rss------bug_bounty-5127.0.0.1 is safe.⚠️tech, hacking, red-team, bug-bounty, cybersecurity21-Nov-2023
Step-by-Step guide to writing a Metasploit Scripthttps://higordiego.medium.com/step-by-step-guide-to-writing-a-metasploit-script-6bacb96363e5?source=rss------bug_bounty-5Higor Diegovulnerability, exploit, bug-bounty, security, osint21-Nov-2023
Legal and Ethical Dimensions in Malware Analysis (Cybersecurity)https://medium.com/@paritoshblogs/legal-and-ethical-dimensions-in-malware-analysis-cybersecurity-86accca12049?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, legal, programming, hacking20-Nov-2023
Improper Input Sanitization Error in Web3https://medium.com/@vinaysati/improper-input-sanitization-error-in-web3-f4bd0f6d88cc?source=rss------bug_bounty-5Vinaysatihacking, cryptocurrency, bug-bounty, web3, web3bug20-Nov-2023
#3 Set-up FoxyProxy in Firefox — Guide for Burp Suitehttps://securitycipher.medium.com/3-set-up-foxyproxy-in-firefox-guide-for-burp-suite-ee9627b6f513?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)security, bug-bounty-tips, bug-bounty, penetration-testing, technology20-Nov-2023
Event Driven Bug Bounty on AWShttps://medium.com/@husein.ayoub/event-driven-bug-bounty-on-aws-d39f75d962a3?source=rss------bug_bounty-5Hussein Ayoubaws, bug-bounty, security20-Nov-2023
The Story of How I Hacked one of the online payment system website twicehttps://christmex.medium.com/the-story-of-how-i-hacked-one-of-the-online-payment-system-website-twice-b0ba48ed13db?source=rss------bug_bounty-5Jonathan Christianbug-bounty-writeup, programming, technology, cybersecurity, bug-bounty20-Nov-2023
ESSENTIAL HTML FOR HACKERShttps://medium.com/@agapehearts/essential-html-for-hackers-12d329927c9b?source=rss------bug_bounty-5Agape HearTsxss-attack, bug-bounty, html, hacker, pentesting20-Nov-2023
Writeups of All Apprentice Labs in Portswigger — All Lab’s Solution| Karthikeyan Nagarajhttps://cyberw1ng.medium.com/writeups-of-all-apprentice-labs-in-portswigger-all-labs-solution-karthikeyan-nagaraj-a5f23fd0c87b?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, penetration-testing, hacking20-Nov-2023
Go Beyond with Gretirehttps://systemweakness.com/go-beyond-with-gretire-313b7fbe3f47?source=rss------bug_bounty-5Whalebonecybersecurity, bug-bounty, open-source, information-security, hacking20-Nov-2023
Email address: The Online IDhttps://medium.com/@duncanochieng682/email-address-the-online-id-dd0061bf7828?source=rss------bug_bounty-5JateloCybersecinfosec, hacking, bug-bounty, ethical-hacking, blackhat20-Nov-2023
Understanding CVE-2023–46604: A Threat to Apache ActiveMQhttps://infosecwriteups.com/understanding-cve-2023-46604-a-threat-to-apache-activemq-d771eb408eba?source=rss------bug_bounty-5Security Lit Limitedbug-bounty, vulnerability, cybersecurity, programming, penetration-testing20-Nov-2023
Project 2510: Bug Bounty Challenge — Day 15/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-15-25-27d085f4bf95?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-hunting, bug-bounty-hunter, bug-bounty20-Nov-2023
Understanding CVE-2023–46604: A Threat to Apache ActiveMQhttps://securitylit.medium.com/understanding-cve-2023-46604-a-threat-to-apache-activemq-d771eb408eba?source=rss------bug_bounty-5Security Lit Limitedbug-bounty, vulnerability, cybersecurity, programming, penetration-testing20-Nov-2023
The Story of How I Hacked one of the online payment system websitehttps://christmex.medium.com/the-story-of-how-i-hacked-one-of-the-online-payment-system-website-twice-b0ba48ed13db?source=rss------bug_bounty-5Jonathan Christianbug-bounty-writeup, programming, technology, cybersecurity, bug-bounty20-Nov-2023
GraphQL Misconfiguration Leads to Unlimited Money Transfer (Intigriti CTF — Bug Bank)https://medium.com/@thewolfsec/graphql-misconfiguration-leads-to-unlimited-money-transfer-intigriti-ctf-bug-bank-48cdeb9c9aec?source=rss------bug_bounty-5TheWolf Secgraphql, intigriti, bug-bounty, ctf19-Nov-2023
#2 Different Burp Suite Tools — Guide for Burp Suitehttps://securitycipher.medium.com/2-different-burp-suite-tools-guide-for-burp-suite-7c5aa2ad05ed?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)penetration-testing, bug-bounty, security, cybersecurity, news19-Nov-2023
Find Vulnerabilities before other Hackers Exploitinghttps://medium.com/@salmanul060/find-vulnerabilities-before-other-hackers-exploiting-a86fe4c3d5eb?source=rss------bug_bounty-5Salmanul Farisweb-applications, cybersecurity, bug-bounty, penetrationtestingcompany, penetration-testing19-Nov-2023
SSTI bypass using CRLF (1337 UP CTF — Smarty Pants)https://medium.com/@thewolfsec/ssti-bypass-using-crlf-1337-up-ctf-smarty-pants-4ee8e1a72f98?source=rss------bug_bounty-5TheWolf Secintigriti, ssti, bug-bounty, ctf, php-developers19-Nov-2023
Privilege Escalation: Unauthorized Low-Privilege Users Creating Feature Bundleshttps://medium.com/@a13h1/privilege-escalation-unauthorized-low-privilege-users-creating-feature-bundles-75f6125eec78?source=rss------bug_bounty-5Abhi Sharmabug-bounty, programming, cybersecurity, hacking, api19-Nov-2023
#2 Different Burp Suite Tools — Guide for Burp Suitehttps://infosecwriteups.com/2-different-burp-suite-tools-guide-for-burp-suite-7c5aa2ad05ed?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)penetration-testing, bug-bounty, security, cybersecurity, news19-Nov-2023
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 3https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-3-99e86d021190?source=rss------bug_bounty-5Hacker's Dumpandroid, android-pentesting, penetration-testing, hacking, bug-bounty19-Nov-2023
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 4https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-4-c942fbd9cae5?source=rss------bug_bounty-5Hacker's Dumpbug-bounty, hacking, android, penetration-test, penetration-testing19-Nov-2023
23.6 Lab: Insecure direct object references | 2023https://cyberw1ng.medium.com/23-6-lab-insecure-direct-object-references-2023-dfd4a9f3eeb3?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, penetration-testing, hacking19-Nov-2023
A Guide to Indicators of Compromise (IoC) Analysishttps://medium.com/@paritoshblogs/a-guide-to-indicators-of-compromise-ioc-analysis-925708cbf8aa?source=rss------bug_bounty-5Paritoshprogramming, bug-bounty, ioc, hacking, cybersecurity19-Nov-2023
ByteGuard: Mastering the Art of Data Securityhttps://medium.com/@paritoshblogs/byteguard-mastering-the-art-of-data-security-5719be0d1c7c?source=rss------bug_bounty-5Paritoshinformation-security, data-security, cybersecurity, data, bug-bounty18-Nov-2023
Securing the Backbone: Supply Chain Securityhttps://medium.com/@paritoshblogs/securing-the-backbone-supply-chain-security-34282b6b505f?source=rss------bug_bounty-5Paritoshsupply-chain, information-security, cybersecurity, supply-chain-attack, bug-bounty18-Nov-2023
eWPTX Prepare Resourceshttps://medium.com/@0UN390/ewptx-prepare-resources-a741220cf145?source=rss------bug_bounty-50UN390bug-bounty, cybersecurity, web-security, penetration-testing18-Nov-2023
AppSec Tales XXIII | XPathIhttps://karol-mazurek95.medium.com/appsec-tales-xxiii-xpathi-ca6171826d2a?source=rss------bug_bounty-5Karol Mazurekinformation-technology, cybersecurity, application-security, bug-bounty, penetration-testing18-Nov-2023
#Day6 Bug Bounty Recon Part 2: ( Subdomains and S3 buckets )https://medium.com/codingninjablogs/day6-bug-bounty-recon-part-2-subdomains-and-s3-buckets-1a01780e6908?source=rss------bug_bounty-5OBSIDIANprogramming, technology, bug-bounty, ethical-hacking, cybersecurity18-Nov-2023
23.5 Lab: User ID controlled by request parameter with password disclosure | 2023https://cyberw1ng.medium.com/23-5-lab-user-id-controlled-by-request-parameter-with-password-disclosure-2023-ad748d1daa9e?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing18-Nov-2023
Hacking Microsoft IIS : Enumerating IIS for Vhttps://medium.com/@mudasserhussain1111/hacking-microsoft-iis-enumerating-iis-for-v-39de5a27f101?source=rss------bug_bounty-5Mudasser Hussaininfosec-write-ups, cybersecurity, hacking, microsoft, bug-bounty18-Nov-2023
OAuth Misconfiguration Leads To Pre-Account Takeover(snapchat)https://medium.com/@a7med.ctf/oauth-misconfiguration-leads-to-pre-account-takeover-snapchat-129b118661f6?source=rss------bug_bounty-5Ahmed Mahmouedhacking, bug-bounty-tips, bug-bounty18-Nov-2023
CVE-2023–36025: An In-Depth Analysis of Circumventing Windows SmartScreen Securityhttps://infosecwriteups.com/cve-2023-36025-an-in-depth-analysis-of-circumventing-windows-smartscreen-security-6ff05c8b69d0?source=rss------bug_bounty-5Security Lit Limitedpenetration-testing, threat-intelligence, cybersecurity, microsoft, bug-bounty18-Nov-2023
Default Credentials, P1 with $$$$ Reward in a Bug Bounty Programhttps://medium.com/@jedus0r/default-credentials-p1-with-reward-in-a-bug-bounty-program-1aad9c008619?source=rss------bug_bounty-5jedus0rsecurity-research, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter18-Nov-2023
CVE-2023–35078 Unveiled: Ethical Vulnerability Discovery and Reporting By Me and My Hunting Buddy…https://medium.com/@jaini.rutvik/cve-2023-35078-unveiled-ethical-vulnerability-discovery-and-reporting-by-me-and-my-hunting-buddy-507582baf5c3?source=rss------bug_bounty-5Rj07responsible-disclosure, information-technology, zero-day, bug-bounty, information-security18-Nov-2023
Project 2510: Bug Bounty Challenge — Day 13/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-13-25-f6e21379749b?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-hunter, bug-bounty-hunting, bug-bounty-tips18-Nov-2023
Default Credentials, P1 with $$$$ Reward in a Bug Bounty Programhttps://systemweakness.com/default-credentials-p1-with-reward-in-a-bug-bounty-program-1aad9c008619?source=rss------bug_bounty-5jedus0rsecurity-research, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter18-Nov-2023
The Future of Cybersecurity: The Power of AI-Powered SIEMhttps://medium.com/@paritoshblogs/the-future-of-cybersecurity-the-power-of-ai-powered-siem-ae43921e9bce?source=rss------bug_bounty-5Paritoshbug-bounty, information-security, siem, hacking, cybersecurity17-Nov-2023
3 Command Line Games Which You Must Tryhttps://medium.com/@rushi.padhiyar098/3-command-line-games-which-you-must-try-fa77c2ff7127?source=rss------bug_bounty-5Cyph3r Ryxgames, cybersecurity, hacking, command-line, bug-bounty17-Nov-2023
Dastardly — Web Application Security Scanner — CI/CDhttps://securitycipher.medium.com/dastardly-web-application-security-scanner-ci-cd-3a4eea08719a?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)technology, security, bug-bounty, cybersecurity, penetration-testing17-Nov-2023
How I Automatically Generate XSS Payload & Automate Reflected XSShttps://ajaksecurity.medium.com/how-i-automatically-generate-xss-payload-automate-reflected-xss-be7c993f90d4?source=rss------bug_bounty-5Ajak Cyber securityhacking, cybersecurity, bug-bounty, ethical-hacking, penetration-testing17-Nov-2023
23.4 Lab: User ID controlled by request parameter with data leakage in redirect | 2023https://cyberw1ng.medium.com/23-4-lab-user-id-controlled-by-request-parameter-with-data-leakage-in-redirect-2023-5fa1b18bced1?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, bug-bounty, cybersecurity, security17-Nov-2023
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 2https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-2-9c33c319a696?source=rss------bug_bounty-5Hacker's Dumpandroid-pentesting, android, penetration-testing, hacking, bug-bounty17-Nov-2023
How to find vulnerabilities in a web page in 10 minuteshttps://medium.com/@l0calh0st/how-to-find-vulnerabilities-in-a-web-page-in-10-minutes-66cd052b4fbc?source=rss------bug_bounty-5127.0.0.1 is safe.⚠️red-team, bug-bounty, error-message, cybersecurity, hacking17-Nov-2023
Access control vulnerabilitieshttps://medium.com/@abdullahwarsama28/access-control-vulnerabilities-02fe3ea2e17f?source=rss------bug_bounty-5Abdullah Warsamabug-bounty, web-security17-Nov-2023
JWT Intrigue: Hidden Keys within Web Applicationshttps://medium.com/@josh.beck2006/jwt-intrigue-hidden-keys-within-web-applications-4b042c80f427?source=rss------bug_bounty-5Josh Beckpenetration-testing, bug-bounty, cybersecurity, ctf-writeup, ctf16-Nov-2023
AuditOne Roundtable with Alexey from Aurora and Guido Vrankenhttps://medium.com/@auditone.io/auditone-roundtable-with-alexey-from-aurora-and-guido-vranken-3d7c709289c0?source=rss------bug_bounty-5AuditOnebug-bounty, defi, web3, aurora, fuzzing16-Nov-2023
#1 Introduction to Burp Suite — Guide for Burp Suitehttps://securitycipher.medium.com/1-introduction-to-burp-suite-guide-for-burp-suite-4054b64f10a0?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)penetration-testing, bug-bounty, cybersecurity, technology, security16-Nov-2023
Easy Admin Access — RVDPhttps://infosecwriteups.com/easy-admin-access-rvdp-d1eb2c97cb3e?source=rss------bug_bounty-5hackerdevilbug-bounty-tips, web-app-security, bug-bounty, bug-bounty-writeup, vulnerability-assessment16-Nov-2023
Bug Bounty Programs: Unleashing the Power of Ethical Hackinghttps://medium.com/@crawsecurity/bug-bounty-programs-unleashing-the-power-of-ethical-hacking-5da98f820ebb?source=rss------bug_bounty-5crawsecuritybug-bounty-program, bug-bounty, bug-bounty-tips, bugs, bug-bounty-writeup16-Nov-2023
Exploiting Blind XXE: Going Out of Bandhttps://medium.com/@mohamedtaha_42562/exploiting-blind-xxe-going-out-of-band-f04e3c1ea7ef?source=rss------bug_bounty-5Mohamed Tahasecurity, penetration-testing, bug-bounty16-Nov-2023
Introducing Bug Bounty Boosts: Supercharging Security With Timebound Eventshttps://medium.com/immunefi/introducing-bug-bounty-boosts-supercharging-security-with-timebound-events-51e3a1f208c3?source=rss------bug_bounty-5Immunefi Editorbug-bounty, web3, immunefi, cybersecurity, degate16-Nov-2023
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 1https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-1-392cf9abf93f?source=rss------bug_bounty-5Hacker's Dumpandroid-pentesting, hacking, android, penetration-testing, bug-bounty16-Nov-2023
Malware Analysis: Understanding and Combatting Cyber Threatshttps://medium.com/@paritoshblogs/malware-analysis-understanding-and-combatting-cyber-threats-d0db1d56760c?source=rss------bug_bounty-5Paritoshmalware-analysis, hacking, bug-bounty, cybersecurity, information-security16-Nov-2023
How I got a $500 reward for finding an unacclaimed bucket on GitHubhttps://medium.com/@andre.pontes7/how-i-got-a-500-reward-for-finding-an-unacclaimed-bucket-on-github-57623c386515?source=rss------bug_bounty-5André Pontesaws-s3, hackerone, bug-bounty, aws16-Nov-2023
23.3 Lab: User ID controlled by request parameter, with unpredictable user IDs | 2023https://cyberw1ng.medium.com/23-3-lab-user-id-controlled-by-request-parameter-with-unpredictable-user-ids-2023-5827f93eca1d?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, cybersecurity, hacking16-Nov-2023
$1000 Bounty: How I scaled a Self-Redirect to an XSS in a web 3.0 system at Hackenproofhttps://erickfernandox.medium.com/1000-bounty-how-i-scaled-a-self-redirect-to-an-xss-in-a-web-3-0-system-at-hackenproof-37380f701892?source=rss------bug_bounty-5Erick Fernandobug-bounty, hackenproof, open-redirect, xss-bypass16-Nov-2023
DNS C2 — When Malware Goes Incognito!https://medium.com/@paritoshblogs/dns-c2-when-malware-goes-incognito-03fdc2e82057?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, information-security, dns, hacking15-Nov-2023
HackerOne Surpasses $300 Million in Rewards for Ethical Hackershttps://medium.com/@zerosecurity/hackerone-surpasses-300-million-in-rewards-for-ethical-hackers-eba7be4f106c?source=rss------bug_bounty-5ZeroSecuritybug-bounty15-Nov-2023
LandRocker Bug Bounty Programhttps://landrocker.medium.com/landrocker-bug-bounty-program-aa2f55f47297?source=rss------bug_bounty-5LandRockerbug-bounty, bitcoin, cryptocurrency-investment, token-sale, web315-Nov-2023
23.2 Lab: User ID controlled by request parameter | 2023https://cyberw1ng.medium.com/23-2-lab-user-id-controlled-by-request-parameter-2023-74764905c72c?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, hacking, cybersecurity15-Nov-2023
Understanding Post-Exploitation: Cybersecurityhttps://medium.com/@paritoshblogs/understanding-post-exploitation-cybersecurity-5c8d11b75812?source=rss------bug_bounty-5Paritoshcybersecurity, programming, information-security, bug-bounty, post-exploitation15-Nov-2023
Idor That allowed me to get access to sensitive users files and share them -.-https://hamzadzworm.medium.com/idor-that-allowed-me-to-get-access-to-sensitive-users-files-and-share-them-f7da741e9f63?source=rss------bug_bounty-5Hamzadzwormbugbounty-writeup, bug-bounty-tips, hackerone, bug-bounty, cybersecurity15-Nov-2023
Unveiling Sensitive Information Exposure: IIS Tilde Enumeration Vulnerabilityhttps://medium.com/@mohammed0anas/unveiling-sensitive-information-exposure-iis-tilde-enumeration-vulnerability-ffe034073288?source=rss------bug_bounty-5Nasbug-bounty, hacking, cybersecurity, bug-bounty-writeup15-Nov-2023
How I hacked Google’s bug tracking system itself for $15,600 in bountieshttps://homosapienimo.medium.com/how-i-hacked-googles-bug-tracking-system-itself-for-15-600-in-bounties-65c5aacaacdf?source=rss------bug_bounty-5Homo Sapiensbug-bounty, startup, google, technology, security15-Nov-2023
Project 2510: Bug Bounty Challenge — Day 10/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-10-25-7b9651fb1b26?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-hunting, bug-bounty, bug-bounty-tips15-Nov-2023
Exploiting Parallels Plesk Panels With Shodanhttps://blog.meese.enterprises/exploiting-parallels-plesk-panels-with-shodan-282248855af2?source=rss------bug_bounty-5Aaron Meesecybersecurity, shodan, osint-investigation, osint, bug-bounty15-Nov-2023
Detection Engineering: Strengthening Cybersecurity Defensehttps://medium.com/@paritoshblogs/detection-engineering-strengthening-cybersecurity-defense-8d31ab7a2d46?source=rss------bug_bounty-5Paritoshbug-bounty, information-security, detection-engineering, hacking, cybersecurity14-Nov-2023
Hackathon : KPU.GO.IDhttps://medium.com/@angryovalegg/hackathon-kpu-go-id-8fb6f3ce0d61?source=rss------bug_bounty-5Angry Oval Egghackathons, indo-hacker, bug-bounty, kpu, pemilu14-Nov-2023
How to find probably vulnerable objects in your own surface with Netlas.io?https://systemweakness.com/how-to-find-probably-vulnerable-objects-in-your-own-surface-with-netlas-io-7f3448363892?source=rss------bug_bounty-5Netlas.ioscript, automation, bug-bounty, attack-surface, reconnaissance14-Nov-2023
#4 Session Fixation — Secure Code Explainhttps://securitycipher.medium.com/4-session-fixation-secure-code-explain-7d9567f25f38?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)cybersecurity, technology, bug-bounty, vulnerability, coding14-Nov-2023
Escalating Blind SSRF to a Remote Code Executionhttps://mukibas37.medium.com/escalating-blind-ssrf-to-a-remote-code-execution-be65ed9a7d0f?source=rss------bug_bounty-5Mukilan Baskaraninfosec, ssrf, cybersecurity, bug-bounty, hacking14-Nov-2023
23.1 Lab: CORS vulnerability with trusted null origin | 2023https://cyberw1ng.medium.com/23-1-lab-cors-vulnerability-with-trusted-null-origin-2023-53d2de3b8e28?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, cybersecurity, penetration-testing14-Nov-2023
Har Har Hijack: The Okta Plunderhttps://medium.com/@josh.beck2006/har-har-hijack-the-okta-plunder-8fb36f5c9d45?source=rss------bug_bounty-5Josh Beckpenetration-testing, cybersecurity, bug-bounty14-Nov-2023
bWAPP PHP Code Injectionhttps://medium.com/@yusufbaris/bwapp-php-code-injection-2b326b831924?source=rss------bug_bounty-5Yusuf Barışcybersecurity, web-security, hacking, bug-bounty, penetration-testing14-Nov-2023
Project 2510: Bug Bounty Challenge — Day 9/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-9-25-14cbedbecee2?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-hunting14-Nov-2023
Introduction to AI in Cybersecurityhttps://imran-niaz.medium.com/introduction-to-ai-in-cybersecurity-6d80460d9e37?source=rss------bug_bounty-5Imran Niazprogramming, cybersecurity, learning, penetration-testing, bug-bounty13-Nov-2023
Let's together dive deep into information disclosurehttps://medium.com/@parthnarulatech/lets-together-dive-deep-into-information-disclosure-8bdb0b5db728?source=rss------bug_bounty-5scriptjackerbug-bounty-tips, penetration-testing, bug-bounty, cybersecurity, owasp13-Nov-2023
SSL Search — A tool to identify infrastructure and discover attack surfaces.https://medium.com/@harsh8v/ssl-search-a-tool-to-identify-infrastructure-and-discover-attack-surfaces-449c83269574?source=rss------bug_bounty-5Harsh Varagiyabug-bounty, gcp, ssl-certificate, aws, internet13-Nov-2023
Google VRP -[IDOR] Deleted Victim Data & Leakedhttps://medium.com/@ggilang1135/google-vrp-idor-deleted-victim-data-leaked-0b3cba8e3f7a?source=rss------bug_bounty-5Gilang Romadonbug-bounty, idor-vulnerability, bug-bounty-tips, ggilangromadon, google-vrp13-Nov-2023
Announcing IWCON 2023 Speakers Second Batchhttps://infosecwriteups.com/announcing-iwcon-2023-speakers-second-batch-26762dc93491?source=rss------bug_bounty-5InfoSec Write-upsinfosec, security, bug-bounty, conference, hacking13-Nov-2023
Cracking the Code, Cobalt Strike — More Than Just a Fancy Pen Test Tool (And Why Cyber Baddies…https://medium.com/@paritoshblogs/cracking-the-code-cobalt-strike-more-than-just-a-fancy-pen-test-tool-and-why-cyber-baddies-8b5c56ece92c?source=rss------bug_bounty-5Paritoshbug-bounty, pentesting, cybersecurity, hacking, cobalt-strike13-Nov-2023
22.2 Lab: JWT authentication bypass via flawed signature verification | 2023https://cyberw1ng.medium.com/22-2-lab-jwt-authentication-bypass-via-flawed-signature-verification-2023-2a1d63d18ab2?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, bug-bounty, cybersecurity, penetration-testing13-Nov-2023
Weirdest API that has been ever foundhttps://medium.com/@mmaulanaabdullah/weirdest-api-that-has-been-ever-found-9270720d6f02?source=rss------bug_bounty-5M Maulana Abdullahwriteup, api, bug-bounty, api-development13-Nov-2023
Authentication Vulnerabilities- Lab #9 Brute-forcing a stay-logged-in cookiehttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-9-brute-forcing-a-stay-logged-in-cookie-dda91125f5f2?source=rss------bug_bounty-5dollarboysushilcookie-hacking, web-security, cybersecurity, portswigger, bug-bounty13-Nov-2023
Project 2510: Bug Bounty Challenge — Day 8/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-8-25-ea9bc1addd63?source=rss------bug_bounty-5Wallotrybug-bounty-hunting, bug-bounty, bug-bounty-hunter, bug-bounty-tips13-Nov-2023
I created posts on the newsletter page dedicated to the program administratorhttps://medium.com/@hossam_hamada/i-created-posts-on-the-newsletter-page-dedicated-to-the-program-administrator-aa271980aa53?source=rss------bug_bounty-5Hossam Hamadabug-bounty, penetration-testing, idor, idor-vulnerability, bug-hunting12-Nov-2023
1200$ IDOR Flaw: Allow Attacker To Approve Project Time Trackinghttps://medium.com/@a13h1/1200-idor-flaw-allow-attacker-to-approve-project-time-tracking-a9f64c06732a?source=rss------bug_bounty-5Abhi Sharmabug-bounty, programming, hacking, information-security, cybersecurity12-Nov-2023
Crafting XSS (Cross-Site Scripting) payloadshttps://infosecwriteups.com/crafting-xss-cross-site-scripting-payloads-919f62171bd0?source=rss------bug_bounty-5Security Lit Limitedxss-vulnerability, bug-bounty, xss-attack, technology, cybersecurity12-Nov-2023
Authentication Vulnerabilities- Lab #8 2FA (Two Factor Authentication) broken logichttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-8-2fa-two-factor-authentication-broken-logic-b3c6cd8923b9?source=rss------bug_bounty-5dollarboysushilportswigger, cybersecurity, 2fa-hacking, web-security, bug-bounty12-Nov-2023
22.1 Lab: JWT authentication bypass via unverified signature | 2023https://cyberw1ng.medium.com/22-1-lab-jwt-authentication-bypass-via-unverified-signature-2023-4401628467d9?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, bug-bounty, penetration-testing, careers12-Nov-2023
Finding Sneaky Hackers, The Ultimate Way of Stalking Cyber Intruders (Without a Trench Coat)https://medium.com/@paritoshblogs/finding-sneaky-hackers-the-ultimate-way-of-stalking-cyber-intruders-without-a-trench-coat-8db574697fe7?source=rss------bug_bounty-5Paritoshprogramming, cybersecurity, lateral-movement, bug-bounty, hacking12-Nov-2023
Project 2510: Bug Bounty Challenge — Day 7/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-7-25-a9367edc5864?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-hunting12-Nov-2023
Introduction to API Hacking: A Free Course to Level Up Your Skillshttps://medium.com/@maisamnoyan/introduction-to-api-hacking-a-free-course-to-level-up-your-skills-537bfc70180d?source=rss------bug_bounty-5 Maisam Noyanhacking, bug-bounty, free-course, api, course11-Nov-2023
Authentication Vulnerabilities- Lab #4 Username enumeration via subtly different responseshttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-4-username-enumeration-via-subtly-different-responses-5eb512d899fa?source=rss------bug_bounty-5dollarboysushilweb-security, portswigger, bug-bounty, cybersecurity11-Nov-2023
Attention Cyber Enthusiasts! Exciting News Ahead! ️https://cyberconqueror.medium.com/attention-cyber-enthusiasts-exciting-news-ahead-%EF%B8%8F-26399c20b71a?source=rss------bug_bounty-5Cyber Conquerorfree-course, information-security, cybersecurity, bug-bounty, free11-Nov-2023
Authentication Vulnerabilities- Lab #5 Username enumeration via response timinghttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-5-username-enumeration-via-response-timing-16b07552275a?source=rss------bug_bounty-5dollarboysushilportswigger, bug-bounty, cybersecurity, hacking-passwords11-Nov-2023
AppSec Tales XXII | LDAPIhttps://karol-mazurek95.medium.com/appsec-tales-xxii-ldapi-fcef1f40e9b2?source=rss------bug_bounty-5Karol Mazurekinformation-technology, bug-bounty, cybersecurity, information-security, penetration-testing11-Nov-2023
JWT attack vulnerabilities in Web App Penetration Testing | 2023https://cyberw1ng.medium.com/jwt-attack-vulnerabilities-in-web-app-penetration-testing-2023-4eb8916133dc?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, penetration-testing, bug-bounty, cybersecurity11-Nov-2023
Downloading files using POST request (unorthodox method)https://medium.com/@paritoshblogs/downloading-files-using-post-request-unorthodox-method-d042bb06c1ce?source=rss------bug_bounty-5Paritoshcybersecurity, programming, bug-bounty, hacking, html11-Nov-2023
Authentication Vulnerabilities- Lab #6 Broken brute-force protection, IP blockhttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-6-broken-brute-force-protection-ip-block-b3afca0a2ea7?source=rss------bug_bounty-5dollarboysushilbrute-force, web-security, cybersecurity, bug-bounty, portswigger11-Nov-2023
Reconnaissance Is The Key — Bug Bounty Tip!https://medium.com/@learningstuff110/reconnaissance-is-the-key-bug-bounty-tip-527f24e56cc5?source=rss------bug_bounty-5Fahad Hasandirectory-enumeration, penetration-testing, bug-bounty, waybackurls, reconnaissance11-Nov-2023
Pentesting: I wanna be a hackerrr…https://areen-agrawal.medium.com/pentesting-i-wanna-be-a-hackerrr-4dcf9379a6fc?source=rss------bug_bounty-5Me, Just a Techie.bug-bounty, computer-security, red-teaming, technology, pentesting11-Nov-2023
Project 2510: Bug Bounty Challenge — Day 6/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-6-25-fe340a54386c?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-hunter, bug-bounty-tips, bug-bounty-hunting11-Nov-2023
Project 2510: Bug Bounty Challenge — Day 5/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-5-25-205300a2a65c?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-hunting, bug-bounty-hunter, bug-bounty-tips10-Nov-2023
Unlocking Cash: Easy P1 Bug in Grafana Dashboard with Default Credentials = €€€€https://infosecwriteups.com/unlocking-cash-easy-p1-bug-in-grafana-dashboard-with-default-credentials-fa36ddf271da?source=rss------bug_bounty-5Pratik Dabhihackerone, bug-bounty, bugcrowd10-Nov-2023
Authentication Vulnerabilities- Lab #3 Password reset broken logichttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-3-password-reset-broken-logic-95bc62a7b92a?source=rss------bug_bounty-5dollarboysushilbug-bounty, cybersecurity, portswigger, web-security, password-reset10-Nov-2023
21.1 Lab: Authentication bypass via OAuth implicit flow | 2023https://cyberw1ng.medium.com/21-1-lab-authentication-bypass-via-oauth-implicit-flow-2023-15f819305f73?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, cybersecurity, hacking10-Nov-2023
Authentication Vulnerabilities- Lab #2 2FA simple bypasshttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-2-2fa-simple-bypass-6bd390cf92bc?source=rss------bug_bounty-5dollarboysushilweb-security, cybersecurity, bug-bounty, portswigger, two-factor-authentication10-Nov-2023
Revealing True Industry Potential Through the Ultimate Web3 Security Ecosystem: R.xyzhttps://medium.com/coinmonks/revealing-true-industry-potential-through-the-ultimate-web3-security-ecosystem-r-xyz-007acfd25b62?source=rss------bug_bounty-5Officer's Notesblockchain-security, bug-bounty, web3, smart-contract-security, hacking10-Nov-2023
How I stopped a Wallet Hack and Got Almost Nothing.https://medium.com/@mahitman1/how-i-stopped-a-wallet-hack-and-got-almost-nothing-68babd824854?source=rss------bug_bounty-5Muhammad Abdullahweb3, blockchain, bug-bounty, security10-Nov-2023