Security Cipher

Additional Resources

Compilation of Resources Featuring Daily Bug Bounty Writeups

xss
sql injection
xxe
bug-bounty
recon
wordpress
ai
red-team
ctf
graphql
Lab
TitleLinkAuthorTagsPublication date
25.6 Lab: Web cache poisoning via an unkeyed query parameterhttps://cyberw1ng.medium.com/25-6-lab-web-cache-poisoning-via-an-unkeyed-query-parameter-ca2544560b5e?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, careers, bug-bounty, hacking26-May-2024
Embarking on the Bug Bounty Journeyhttps://medium.com/@verylazytech/embarking-on-the-bug-bounty-journey-e199897617a5?source=rss------bug_bounty-5Very Lazy Techbug-bounty, technology, programming, cybersecurity, cyber26-May-2024
Kokurate journey in Cyber Securityhttps://kokurate.medium.com/kokurate-journey-in-cyber-security-633e546eb175?source=rss------bug_bounty-5Kokuratebug-bounty, blue-team, journey, cybersecurity, red-team26-May-2024
Network Penetration Testing: A Comprehensive Guidehttps://medium.com/@paritoshblogs/network-penetration-testing-a-comprehensive-guide-1ba8fcb7c570?source=rss------bug_bounty-5Paritoshpentesting, networking, ai, cybersecurity, bug-bounty26-May-2024
Open Redirect via login pagehttps://medium.com/@saeidmicro/open-redirect-via-login-page-fe144f279da8?source=rss------bug_bounty-5Saeid Khaterbug-bounty, open-redirect, cybersecurity26-May-2024
My Journey in Cyber Securityhttps://kokurate.medium.com/kokurate-journey-in-cyber-security-633e546eb175?source=rss------bug_bounty-5Kokuratebug-bounty, blue-team, journey, cybersecurity, red-team26-May-2024
### Uncovering a Critical Security Bug: Email Duplication in Password Reset Mechanismhttps://medium.com/@siyamhassan.main/uncovering-a-critical-security-bug-email-duplication-in-password-reset-mechanism-44eed804203f?source=rss------bug_bounty-52004siyam_hassanbug-bounty, password-reset, authentication26-May-2024
### Discovering an OTP Reuse Vulnerability: My First Bug Reporthttps://medium.com/@siyamhassan.main/discovering-an-otp-reuse-vulnerability-my-first-bug-report-1a4c555113ab?source=rss------bug_bounty-52004siyam_hassanauthentication, otp-verification, bug-bounty26-May-2024
HTTP Headershttps://medium.com/@Zephyr_Night/http-headers-958a5d73ffd6?source=rss------bug_bounty-5Anshu(Zephyr_Night)bug-bounty, http-protocol, http-headers, http-authentication26-May-2024
WordPress application vulnerable to DoS attack via wp-cron.phphttps://medium.com/@saeidmicro/wordpress-application-vulnerable-to-dos-attack-via-wp-cron-php-da521e854fe5?source=rss------bug_bounty-5Saeid Khaterbug-bounty, dos-attack, cybersecurity26-May-2024
❇️ Web Hack Tool ❇️https://medium.com/@logicTech/%EF%B8%8F-web-hack-tool-%EF%B8%8F-0123843704ed?source=rss------bug_bounty-5LogicTechbug-bounty-tips, github, tools, hacking, bug-bounty26-May-2024
Insecure Account Removalhttps://medium.com/@saeidmicro/insecure-account-removal-867357ad9a08?source=rss------bug_bounty-5Saeid Khaterbug-bounty, cybersecurity26-May-2024
How I Got IDOR lead to PII In Login Pagehttps://medium.com/@shari7a0x/how-i-got-idor-lead-to-pii-in-login-page-12135f661c77?source=rss------bug_bounty-5Shari7a0xbugs, hacker, idor-vulnerability, bugcrowd, bug-bounty26-May-2024
How I Found 2 IDORS on My Phone and Made $1,500https://medium.com/@zack0x01_/how-i-found-2-idors-on-my-phone-and-made-1-500-8b088f5b28db?source=rss------bug_bounty-5zack0x01bug-bounty, cyber, idor, bug-bounty-tips, hacking26-May-2024
Session invalidation after updating e-mail.https://medium.com/@siyamhassan.main/session-invalidation-after-updating-e-mail-f03c8bb1fb0c?source=rss------bug_bounty-52004siyam_hassanbug-bounty, session-invalidation, help26-May-2024
All About API Security Pentestinghttps://infosecwriteups.com/all-about-api-security-pentesting-60dba50e2766?source=rss------bug_bounty-5Xcheaterapi-security, owasp-api-security-top-10, bug-bounty, pentesting, api-security-testing26-May-2024
JNDI Injection — Attack Flowhttps://medium.com/@prajeet67/jndi-injection-attack-flow-2061e792fef3?source=rss------bug_bounty-5Pradeep Kumarweb-penetration-testing, pentest, bug-bounty, java, jndi25-May-2024
CSRF Vulnerabilities: How to Exploit and Defend Against Attackshttps://xamiron.medium.com/csrf-vulnerabilities-how-to-exploit-and-defend-against-attacks-ca06e0fc0bf0?source=rss------bug_bounty-5Sabuj Kumar Modakpenetration-testing, burpsuite, csrf-attack, bug-bounty, web-app-pentesting25-May-2024
Outlook Hijacked: A Step-by-Step Recovery and Investigationhttps://raoshaab.medium.com/outlook-hijacked-a-step-by-step-recovery-and-investigation-02ea09136301?source=rss------bug_bounty-5Devender Raobug-bounty, phishing, hacking, cybersecurity, microsoft25-May-2024
Unauthenticated IDOR in Employee Login Exposes PII to more than 100K Usershttps://amrkadry7.medium.com/unauthenticated-idor-in-employee-login-exposes-pii-to-more-than-100k-users-830fa8121b33?source=rss------bug_bounty-5Amrcybersecurity, bug-bounty25-May-2024
How I Hacked India Today Subscription for 2 yearshttps://anudeep-vysyaraju.medium.com/how-i-hacked-india-today-subscription-for-2-years-4e49701fa7c8?source=rss------bug_bounty-5Anudeep Vysyarajucybersecurity, penetration-testing, ethical-hacking, hacking, bug-bounty25-May-2024
HOW HACKERS USE REVERSE ENGINEERINGhttps://medium.com/@Progsky/how-hackers-use-reverse-engineering-7f8940e2108a?source=rss------bug_bounty-5Progskybug-bounty, hacking, reverse-engineering25-May-2024
HTB PDFy Challengehttps://medium.com/@Pdaysec/htb-pdfy-challenge-490e678bd521?source=rss------bug_bounty-5Erfancybersecurity, htb, bug-bounty, challenge, htb-writeup25-May-2024
Uncovering the Hidden Vulnerability: How I Found an Authentication Bypass on Shopify’s Exchange…https://medium.com/@niraj1mahajan/uncovering-the-hidden-vulnerability-how-i-found-an-authentication-bypass-on-shopifys-exchange-cc2729ea31a9?source=rss------bug_bounty-5Niraj Mahajanbug-bounty, account-takeover, ato, authentication-bypass, bug-bounty-tips25-May-2024
Prototype Pollution: The Hidden Danger in JavaScripthttps://medium.com/@mayank_prajapati/prototype-pollution-the-hidden-danger-in-javascript-c8b17002e8da?source=rss------bug_bounty-5Mayank Kumar Prajapatihacking, bug-bounty, security, web, pentesting25-May-2024
Bypassing WAFs: The Art of Payload Obfuscationhttps://systemweakness.com/bypassing-wafs-the-art-of-payload-obfuscation-d4093c110713?source=rss------bug_bounty-5David Eduardo Karpinskiweb3, bug-bounty, firewall, cybersecurity, hacking25-May-2024
JavaScript Prototype Pollution Attack: A Simplified Guidehttps://medium.com/@dodir.sec/javascript-prototype-pollution-attack-a-simplified-guide-c3b4ba8a6441?source=rss------bug_bounty-5dodirbug-bounty, penetration-testing, web, javascript, cybersecurity25-May-2024
How i got xss in unusual wayhttps://medium.com/@cvjvqmmsm/how-i-got-xss-in-unusual-way-7c4f2d8dfaf6?source=rss------bug_bounty-5Barbarossaxss-attack, bug-bounty25-May-2024
HTB-PDFyhttps://medium.com/@Pdaysec/htb-pdfy-challenge-490e678bd521?source=rss------bug_bounty-5Erfancybersecurity, htb, bug-bounty, challenge, htb-writeup25-May-2024
Logic Bug | Forget password link not expiring after email changehttps://medium.com/@saeidmicro/logic-bug-forget-password-link-not-expiring-after-email-change-4edc6f2dce22?source=rss------bug_bounty-5Saeid Khatercybersecurity, bug-bounty24-May-2024
How to Use ParamSpider Tool — For Bug Bountyhttps://gentilsecurity.medium.com/how-to-use-paramspider-tool-for-bug-bounty-2cfb3e4c402c?source=rss------bug_bounty-5GenTiLpenetration-testing, automation-tools, parameter, paramspider, bug-bounty24-May-2024
Analyzing JavaScript Files To Find Bugshttps://medium.com/@hrofficial62/analyzing-javascript-files-to-find-bugs-7b277d1df435?source=rss------bug_bounty-5Mr Horbiohacking, bug-bounty-tips, cybersecurity, programming, bug-bounty24-May-2024
Bypassing 403 Protection To Get Admin Accesshttps://medium.com/@hrofficial62/bypassing-403-protection-to-get-admin-access-fe5b8888a935?source=rss------bug_bounty-5Mr Horbiobug-bounty, 403-forbidden, bug-bounty-tips, hacking24-May-2024
Bug Bounty Tutorial : Login Bypass Techniquehttps://medium.com/@hrofficial62/bug-bounty-tutorial-login-bypass-technique-ec4801b505c2?source=rss------bug_bounty-5Mr Horbiobugs, penetration-testing, hacking, bug-bounty, cybersecurity24-May-2024
How to Earn Bug Bounty as a Professional Bug hunterhttps://medium.com/@hrofficial62/how-to-earn-bug-bounty-as-a-professional-bug-hunter-cf11c1d16add?source=rss------bug_bounty-5Mr Horbioearn-money-online, cybersecurity, ethical-hacking, bugs, bug-bounty24-May-2024
How to Find First Bug (For Beginners)https://medium.com/@hrofficial62/how-to-find-first-bug-for-beginners-677ef726df2e?source=rss------bug_bounty-5Mr Horbiopython, cybersecurity, bug-bounty, hacking, programming24-May-2024
How to learn Hacking From 0 to Herohttps://medium.com/@hrofficial62/how-to-learn-hacking-from-0-to-hero-b7a13a72d035?source=rss------bug_bounty-5Mr Horbiohacking, horbio, programming, bug-bounty, cybersecurity24-May-2024
How to extract Google Chrome Saved Passwordhttps://medium.com/@hrofficial62/how-to-extract-google-chrome-saved-password-b6d6db825f36?source=rss------bug_bounty-5Mr Horbioethical-hacking, hacking, bug-bounty, passwords, cyber24-May-2024
Referrer-based access control Bug Bounty Tipshttps://medium.com/@hrofficial62/referrer-based-access-control-bug-bounty-tips-16112ae530cc?source=rss------bug_bounty-5Mr Horbiohacking, programming, hacker, cybersecurity, bug-bounty24-May-2024
Python Libraries for Hackershttps://medium.com/@hrofficial62/python-libraries-for-hackers-52a64f54131c?source=rss------bug_bounty-5Mr Horbiohacking, python-programming, python, bug-bounty, cybersecurity24-May-2024
Easy Bug | PHP info page disclosurehttps://medium.com/@saeidmicro/easy-bug-php-info-page-disclosure-d062dbc66a0e?source=rss------bug_bounty-5Saeid Khatercybersecurity, bug-bounty24-May-2024
Logic Bug: Easy Privilege Escalationhttps://medium.com/@saeidmicro/logic-bug-easy-privilege-escalation-7d3878816395?source=rss------bug_bounty-5Saeid Khatercybersecurity, bug-bounty, privilege-escalation24-May-2024
Logic Bug: Easy Privilege Escalationhttps://medium.com/@saeidmicro/logic-bug-easy-privilege-escalation-d12be8946e36?source=rss------bug_bounty-5Saeid Khaterbug-bounty, privilege-escalation, cybersecurity24-May-2024
Easy Bug | Email HTML Injectionhttps://medium.com/@saeidmicro/easy-bug-email-html-injection-8d15e1db69e0?source=rss------bug_bounty-5Saeid Khatercybersecurity, html-injection, bug-bounty24-May-2024
How to get your first $500 from an XSS vulnerabilityhttps://gentilsecurity.medium.com/how-to-get-your-first-500-from-an-xss-vulnerability-2c3800490e7a?source=rss------bug_bounty-5GenTiLmake-money-online, technology, xss-vulnerability, bug-bounty, xss-attack24-May-2024
[Bug Report] Medium Bug 3 dhttps://minerofideas.medium.com/bug-report-medium-bug-3-d-851c28f844cb?source=rss------bug_bounty-5Miner Of Ideaspython, medium, bug-bounty, medium-brasil, bugs24-May-2024
Using BBRF for tracking Javascript fileshttps://medium.com/@michal.lubicz/using-bbrf-for-tracking-javascript-files-76901a03939f?source=rss------bug_bounty-5Michał Lubiczbug-bounty-tips, bug-bounty, cybersecurity, pentesting24-May-2024
Busting CSRF: The Hidden Dangers of JSON Exploitedhttps://medium.com/@hack3dby0mar/busting-csrf-the-hidden-dangers-of-json-exploited-fd4aeb4cf47e?source=rss------bug_bounty-5Omar Essam (hack3dby0mar)web-security, bug-bounty, cybersecurity24-May-2024
25.4 Lab: Targeted web cache poisoning using an unknown headerhttps://cyberw1ng.medium.com/25-4-lab-targeted-web-cache-poisoning-using-an-unknown-header-18d261dcbf7a?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, hacking, bug-bounty, cybersecurity24-May-2024
Exciting Announcement: We’re Collaborating with DAOPeople to Boost Web3 Securityhttps://securrtech.medium.com/exciting-announcement-were-collaborating-with-daopeople-to-boost-web3-security-0e4b70699385?source=rss------bug_bounty-5Securrbug-bounty, web3, web3-security, dao, blockchain24-May-2024
Flipping a ‘False’ to ‘True’: The Google Bug That Paid Offhttps://medium.com/@hellother18/flipping-a-false-to-true-the-google-bug-that-paid-off-c9c3b11944fb?source=rss------bug_bounty-5Manthan_ mahalepenetration-testing, bugbounty-tips, bug-bounty, cybersecurity, hacker24-May-2024
Session fixation | Cookie injection leading to ATO Write-Uphttps://infosecwriteups.com/session-fixation-cookie-injection-leading-to-ato-write-up-98e29d2851b9?source=rss------bug_bounty-5rAmpancisthacking, account-takeover, cybersecurity, bugbounty-writeup, bug-bounty24-May-2024
Top Tools Every Bug Bounty Hunter Should Usehttps://medium.com/@verylazytech/top-tools-every-bug-bounty-hunter-should-use-7ebec61a0f76?source=rss------bug_bounty-5Very Lazy Techbug-bounty, bug-bounty-tips, cyber, cybersecurity24-May-2024
Tips & Tricks To Get Hall of Fame In NASAhttps://medium.com/@Ajakcybersecurity/tips-tricks-to-get-hall-of-fame-in-nasa-53819d8221d3?source=rss------bug_bounty-5AjakCybersecurityhacking, ethical-hacking, bug-bounty, cybersecurity, penetration-testing24-May-2024
25.5 Lab: Web cache poisoning via an unkeyed query stringhttps://cyberw1ng.medium.com/25-5-lab-web-cache-poisoning-via-an-unkeyed-query-string-c264fccb80d0?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, cybersecurity, careers24-May-2024
Always Test Default Credentials on Bug Bounty even if it’s 2024https://scr1pty.medium.com/always-test-default-credentials-on-bug-bounty-even-if-its-2024-75e511e4ad7c?source=rss------bug_bounty-5Scr1ptyethical-hacking, hacking, bug-bounty, security, bug-bounty-tips23-May-2024
HTML Injectionhttps://medium.com/@0xchoudhary/html-injection-cc6f8e3a09f8?source=rss------bug_bounty-5Sushil Choudharybug-bounty-tips, hackerone, cybersecurity, bug-hunting, bug-bounty23-May-2024
25.3 Lab: Web cache poisoning with multiple headershttps://cyberw1ng.medium.com/25-3-lab-web-cache-poisoning-with-multiple-headers-65e4e83ace3a?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing23-May-2024
Unlocked Secrets: How Leaked Credentials Fuel Bug Bountieshttps://medium.com/@cyberpro151/unlocked-secrets-how-leaked-credentials-fuel-bug-bounties-fe5032caf5f4?source=rss------bug_bounty-5cyberpro151admin-panel, infosec, breach, bug-bounty, hacking23-May-2024
Aleo Bug Bounty Programhttps://daonft.medium.com/aleo-bug-bounty-program-97a7fda9ceed?source=rss------bug_bounty-5Bogdanbug-bounty, web3, aleo23-May-2024
CSRF leading to Account Takeoverhttps://medium.com/@katmaca2014/csrf-leading-to-account-takeover-abb32bae0ba5?source=rss------bug_bounty-5Kaan Atmacabug-bounty, penetration-testing, pentesting, cybersecurity, hacking23-May-2024
Exploiting XML Injection to Establish Unauthorized SSH Connectionhttps://medium.com/@katmaca2014/exploiting-xml-injection-to-establish-unauthorized-ssh-connection-7c9bbc50a4d4?source=rss------bug_bounty-5Kaan Atmacahacking, coding, bug-bounty, penetration-testing, pentesting23-May-2024
How I Found Multiple XSS Vulnerabilities.https://medium.com/@helalmm71/how-i-found-multiple-xss-vulnerabilities-34bf8655f4e7?source=rss------bug_bounty-5MD Helalvulnerability, penetration-testing, cybersecurity, bug-bounty, ctf23-May-2024
How I use to find vulnerabilities like XSS,sqli using mixture of 3 simple toolshttps://medium.com/@sreejihkn43073/how-i-use-to-find-vulnerabilities-like-xss-sqli-using-mixture-of-3-simple-tools-5108068646d2?source=rss------bug_bounty-5Sreejihknxss-vulnerability, cybersecurity-training, bug-bounty, github, tools23-May-2024
Ink Finance Arbitrum Testnet Bug Bounty Hunthttps://inkfinance.medium.com/ink-finance-arbitrum-testnet-bug-bounty-hunt-85ca215118fa?source=rss------bug_bounty-5Ink Financedao, defi, testnet, arbitrum, bug-bounty23-May-2024
Chrome 125 Update Resolves High-Severities Bugs Reported by External Researchershttps://medium.com/@elnjasi/chrome-125-update-resolves-high-severities-bugs-reported-by-external-researchers-74be654feb3a?source=rss------bug_bounty-5eL Njas!™bug-bounty, vulnerbaility, google23-May-2024
Easy Bug: No Rate Limiting on Form which Triggers Emailshttps://medium.com/@saeidmicro/easy-bug-no-rate-limiting-on-form-which-triggers-emails-4cecb5dd80a8?source=rss------bug_bounty-5Saeid Khatercybersecurity, bug-bounty23-May-2024
First Swag from HackerRankhttps://codingninjablogs.tech/first-swag-from-hackerrank-df55cb2605b5?source=rss------bug_bounty-5#$ubh@nk@rhacking, swag, ethical-hacking, security, bug-bounty23-May-2024
Ink Finance Arbitrum Testnet User Experience & Bug Bounty Hunthttps://inkfinance.medium.com/ink-finance-arbitrum-testnet-bug-bounty-hunt-85ca215118fa?source=rss------bug_bounty-5Ink Financedao, defi, testnet, arbitrum, bug-bounty23-May-2024
Second Factor Authentication (2FA) Bypass in Private BBPhttps://medium.com/@saeidmicro/second-factor-authentication-2fa-bypass-in-private-bbp-325017cd187e?source=rss------bug_bounty-5Saeid Khaterbug-bounty, cybersecurity23-May-2024
Logic Bug | Old Session Does Not Expires After Password Changehttps://medium.com/@saeidmicro/logic-bug-old-session-does-not-expires-after-password-change-cd1fca05c33e?source=rss------bug_bounty-5Saeid Khaterbug-bounty, cybersecurity23-May-2024
Second bug on VDP programhttps://medium.com/@devMRT/second-bug-on-vdp-program-f1c4e67a3e42?source=rss------bug_bounty-5devMRTbugbounty-writeup, bug-bounty-tips, bug-bounty23-May-2024
Advanced Web Application Scanning Step-by-Step Guidehttps://0xm4r5h4l.medium.com/advanced-web-application-scanning-step-by-step-guide-4d59dff9c491?source=rss------bug_bounty-50xM4r5h4lhacking, web-penetration-testing, cybersecurity, bug-bounty, web-scanner22-May-2024
How I Found XSS in Swagger-UI Leading to Account Takeover on Bug Bountyhttps://scr1pty.medium.com/how-i-found-xss-in-swagger-ui-leading-to-account-takeover-on-bug-bounty-8d419c6b95d5?source=rss------bug_bounty-5Scr1ptybug-bounty, ethical-hacking, penetration-testing, bug-bounty-tips, it22-May-2024
Time-Based Google OAuth Account Takeover: Adventures in Bug Bountieshttps://medium.com/@iamrizwanvp/time-based-google-oauth-account-takeover-my-bug-bounty-journey-a0f534227bc6?source=rss------bug_bounty-5RIZWANbug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup, bugs22-May-2024
Silk Central : Bug Tracking Tutorialhttps://medium.com/@niranjanky14/silk-central-bug-tracking-tutorial-781e4a6550c6?source=rss------bug_bounty-5Nine Pages Of My Lifetesting, software-development, bug-bounty, silk, app-development22-May-2024
Open-Redirect Through HTTP Parameter Pollutionhttps://medium.com/@davidkarpinski1/open-redirect-through-http-parameter-pollution-ce5a3be7c78e?source=rss------bug_bounty-5David Eduardo Karpinskiweb3, bug-bounty, hacking, cybersecurity, pollution22-May-2024
Exciting Announcement: Our New Collaboration with jumboBlockchain to Enhance Web3 Security!https://securrtech.medium.com/exciting-announcement-our-new-collaboration-with-jumboblockchain-to-enhance-web3-security-fe0489ca2524?source=rss------bug_bounty-5Securrbug-bounty, layer-1, blockchain, web3-security, web322-May-2024
Swagger-UI XSS Leading to Account Takeover on Crypto Exchangehttps://scr1pty.medium.com/how-i-found-xss-in-swagger-ui-leading-to-account-takeover-on-bug-bounty-8d419c6b95d5?source=rss------bug_bounty-5Scr1ptybug-bounty, ethical-hacking, penetration-testing, bug-bounty-tips, it22-May-2024
25.2 Lab: Web cache poisoning with an unkeyed cookiehttps://cyberw1ng.medium.com/25-2-lab-web-cache-poisoning-with-an-unkeyed-cookie-3f4884ee1105?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, penetration-testing, careers, cybersecurity22-May-2024
SubActive: Cracking the Digital Codehttps://medium.com/@tamhacker1/subactive-cracking-the-digital-code-447769fdb6e2?source=rss------bug_bounty-5Tahir Mujawarbugbounty-writeup, hacker, hacking, cybersecurity, bug-bounty22-May-2024
Best tool to find subdomainshttps://medium.com/@sreejihkn43073/best-tool-to-find-subdomains-170ad5d6e034?source=rss------bug_bounty-5Sreejihknbug-bounty, subdomain, cybersecurity, cyber-security-awareness, pentesting22-May-2024
Top Network Hacking Techniques Familiar with Every Bug-Bounty Hunterhttps://medium.com/@logicTech/top-network-hacking-techniques-familiar-with-every-bug-bounty-hunter-a01d7319cadc?source=rss------bug_bounty-5LogicTechhacking, network-security, bug-bounty, bug-bounty-tips, bugs22-May-2024
Pentesting: AI: WEB 1 | Privilege Escalation Attack | Python Reverse Shell | Vulnerabilities | SQL…https://shamsulmehmood.medium.com/pentesting-ai-web-1-privilege-escalation-attack-python-reverse-shell-vulnerabilities-sql-7f9994a42ec1?source=rss------bug_bounty-5SHAMS UL MEHMOODai, cybersecurity, bugs, bug-bounty, ctf-writeup21-May-2024
Hackers Online Tools in 2024https://medium.com/@logicTech/hackers-online-tools-in-2024-da8f5aa232e5?source=rss------bug_bounty-5LogicTechosint, hackathons, bug-bounty, tools, hacking21-May-2024
Authentication Bypass due to Sensitive Data Exposure in Local Storagehttps://medium.com/@kritikasingh06/authentication-bypass-due-to-sensitive-data-exposure-in-local-storage-8a706c798800?source=rss------bug_bounty-5Kritika Singhvulnerability-assessment, webapplicationpentest, bug-bounty, penetration-testing, hacking21-May-2024
25.1 Lab: Web cache poisoning with an unkeyed headerhttps://cyberw1ng.medium.com/25-1-lab-web-cache-poisoning-with-an-unkeyed-header-177f24f0538e?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, penetration-testing, hacking, cybersecurity21-May-2024
Complex Attack Types: Sample Scenarios 7https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-7-9e7ad4454fe9?source=rss------bug_bounty-5Baris Dincerbug-bounty, cybersecurity, freedomofinternet, threat-intelligence, penetration-testing21-May-2024
Curiosity part #2 with $5000 bounty.https://medium.com/@nanwinata/curiosity-part-2-with-5000-bounty-025536feced7?source=rss------bug_bounty-5nanwncybersecurity, telnet, hackerone, bug-bounty, vulnerability21-May-2024
Next Generation Nuclei: Detecting SQLi with Logichttps://medium.com/@serhatcck/next-generation-nuclei-detecting-sqli-with-logic-05549c34885b?source=rss------bug_bounty-5Serhat ÇİÇEKhacking-tools, hacking, penetration-testing, application-security, bug-bounty21-May-2024
CSRF Leads to Delete Accounthttps://medium.com/@happyjester80/csrf-leads-to-delete-account-241f2cf8950b?source=rss------bug_bounty-5Happy Jesterandroid-pentesting, bug-bounty, android, hacking21-May-2024
How to find View Angles for Aimbots | Explainedhttps://medium.com/@yannik603/how-to-find-view-angles-for-aimbots-explained-f70c303a353c?source=rss------bug_bounty-5Yannik Castrogames, hacking-tools, bug-bounty, hacking, reverse-engineering21-May-2024
Working with a client, I came across a CSRF vulnerability in their existing web application.https://medium.com/@darkly_splendid/working-with-a-client-i-came-across-a-csrf-vulnerability-in-their-existing-web-application-6c256b74684d?source=rss------bug_bounty-5FF E4cybersecurity, csrf, bug-bounty20-May-2024
Bug Zero — This month in Cybersecurity [01–15 May]https://blog.bugzero.io/bug-zero-this-month-in-cybersecurity-01-15-may-354fd002d5e4?source=rss------bug_bounty-5Akila Maithripalabug-bounty, cybersecurity, sri-lanka, bug-zero20-May-2024
Open-Redirects Uncovered: Real-World Bypass Techniques Revealedhttps://systemweakness.com/open-redirects-uncovered-real-world-bypass-techniques-revealed-7b7422f02049?source=rss------bug_bounty-5David Eduardo Karpinskicybersecurity, hacking, web3, programming, bug-bounty20-May-2024
How I Hacked NASA Using Google Dork in Just 10 Minuteshttps://medium.com/@gaurish.main/how-i-hacked-nasa-using-google-dork-in-just-10-minutes-6ce3b3401512?source=rss------bug_bounty-5Gaurish Bahurupicybersecurity, penetration-testing, bug-bounty-tips, bug-bounty, bug-bounty-writeup20-May-2024
Bypassed the OTP verification process using “Turbo Intruder” Extension.https://xamiron.medium.com/bypassed-the-otp-verification-process-using-turbo-intruder-extension-2f56ac3d400d?source=rss------bug_bounty-5Sabuj Kumar Modakweb-app-pentesting, cybersecurity, bug-bounty, burpsuite-extension, penetration-testing20-May-2024
IDOR Explained: Discover It Through a Simple Story!https://medium.com/@1hehaq/idor-explained-discover-it-through-a-simple-story-ca4a018f6d4c?source=rss------bug_bounty-5haqidor, bug-bounty-tips, bug-bounty, idor-vulnerability20-May-2024
Your Account is Now Mine!https://medium.com/@karimelsayed0x1/your-account-is-now-mine-fd80ad56f868?source=rss------bug_bounty-5z3r0xkpentesting, bug-bounty, account-takeover, vulnerability20-May-2024
Reflected XSS Leading to Account Takeoverhttps://0onoproblem.medium.com/reflected-xss-leading-to-account-takeover-bea862cba885?source=rss------bug_bounty-50_oNoProblembug-bounty, xss-attack, cybersecurity, bug-bounty-writeup, vulnerability20-May-2024
Discovering a $5000 RCE via Dependency Confusion Vulnerabilityhttps://nvk0x.medium.com/discovering-a-5000-rce-via-dependency-confusion-vulnerability-6b0c08ecd5de?source=rss------bug_bounty-5Naveen kumawatbug-bounty, hacking, bug-bounty-tips, bug-bounty-writeup, supply-chain20-May-2024
Let’s Understand Price Oracle Manipulationhttps://securrtech.medium.com/lets-understand-price-oracle-manipulation-927ab725f131?source=rss------bug_bounty-5Securrbug-bounty, smart-contract-auditing, web3, blockchain, web3-security20-May-2024
How I Hacked NASA LDAP Serverhttps://medium.com/@maxcyber882/how-i-hacked-nasa-ldap-server-b7cbb8cd0eee?source=rss------bug_bounty-5Maxcyberbug-hunting, cybersecurity, penetration-testing, bug-bounty20-May-2024
How I found XSS from a medium articlehttps://medium.com/@jsamia/how-i-from-xss-from-a-medium-article-94d1b4e7e742?source=rss------bug_bounty-5Jaeden Samiainfosec, bug-bounty, ethical-hacking20-May-2024
How I got Hall of Fame in NASAhttps://medium.com/@Ajakcybersecurity/how-i-got-hall-of-fame-in-nasa-4d098c413f9e?source=rss------bug_bounty-5AjakCybersecurityhacking, penetration-testing, ethical-hacking, bug-bounty, cybersecurity20-May-2024
Walk-Through of Bepractical.tech lab #3https://medium.com/@ross.jubert/walk-through-of-bepractical-tech-lab-3-07079a7ad5c2?source=rss------bug_bounty-5Ross Jubertaccount-takeover, ethical-hacking, bug-bounty, bugbounty-writeup, account-takeover-attacks19-May-2024
Hacker101: Micro-CMS v1https://medium.com/@0xfxiii/hacker101-micro-cms-v1-982c61d24e3e?source=rss------bug_bounty-50xfhackerone, bug-bounty-tips, bug-bounty, hacking19-May-2024
Dependency Confusionhttps://deephunt3r.medium.com/dependency-confusion-4d675eb36e0f?source=rss------bug_bounty-5Rakeshbugbounty-writeup, bug-bounty19-May-2024
How I Found Multiple Vulnerabilities on Dutch Governmenthttps://medium.com/@neupanesindhu3/how-i-found-multiple-vulnerabilities-on-dutch-government-438059bcf88d?source=rss------bug_bounty-5sindhuneupanebug-bounty, swag, writeup, bug-hunting, infosec19-May-2024
How I Find Another Arbitrary File Upload Vulnerability and Bypass the Patch Twicehttps://medium.com/@zpbrent/how-i-find-another-arbitrary-file-upload-vulnerability-and-bypass-the-patch-twice-193eaaf0b8dc?source=rss------bug_bounty-5Peng Zhouwordpress-plugins, infosec, bug-bounty, wordpress, web-security19-May-2024
How I got an High IDOR + PII in few minutes. Bounty: €500https://medium.com/@ivoaabreu/how-i-got-an-high-idor-pii-in-few-minutes-bounty-500-88833b6e1807?source=rss------bug_bounty-5Ivoabreuidor, bug-bounty19-May-2024
JavaScript tools for BugBounty 2024https://medium.com/@logicTech/javascript-tools-for-bugbounty-2024-fc281111c7c0?source=rss------bug_bounty-5LogicTechtools-and-resources, osint, hacking, hacker, bug-bounty19-May-2024
VulnCon 2024 CTF — Internal Leakshttps://medium.com/@pphreak313/vulncon-2024-ctf-internal-leaks-0a7bf21bf96d?source=rss------bug_bounty-5Shlok Kctf-writeup, ctf, ctf-walkthrough, vulncon, bug-bounty19-May-2024
A basic Android Pentest Lab Setuphttps://medium.com/@majix_de/a-basic-android-pentest-lab-setup-e601c22c71ae?source=rss------bug_bounty-5Majixsetup-guide, android, pentest, bug-bounty, pentesting19-May-2024
22.5 Lab: JWT authentication bypass via jku header injectionhttps://cyberw1ng.medium.com/22-5-lab-jwt-authentication-bypass-via-jku-header-injection-1ec5032245b3?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, hacking, bug-bounty, careers19-May-2024
22.6 Lab: JWT authentication bypass via kid header path traversalhttps://cyberw1ng.medium.com/22-6-lab-jwt-authentication-bypass-via-kid-header-path-traversal-3f4392547f7d?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, hacking, careers19-May-2024
First bug on VDP programhttps://medium.com/@devMRT/first-bug-on-vdp-program-0f9e0baf43c7?source=rss------bug_bounty-5devMRTbug-bounty, bugbounty-writeup, bug-bounty-tips19-May-2024
HOW I HACKED INTO HARVARD UNIVERSITY’S DIGITAL INFRASTRUCTURE -Cycus Pectushttps://medium.com/@pectuscycus/how-i-hacked-into-harvard-universitys-digital-infrastructure-cycus-pectus-5d5e65e74a61?source=rss------bug_bounty-5Cycus Pectushacking, cybersecurity, bug-bounty-tips, ethical-hacking, bug-bounty18-May-2024
Mastering Network Scanning: Exploring Essential Nmap Commands (Part -2) :-https://medium.com/@shaikhwasim8120/mastering-network-scanning-exploring-essential-nmap-commands-part-2-9d24e2291fb6?source=rss------bug_bounty-5Wasim Shaikhcybersecurity, ethical-hacking, nmap-command, bug-bounty, penetration-testing18-May-2024
Mastering Network Scanning: Exploring Essential Nmap Commands :-https://medium.com/@shaikhwasim8120/mastering-network-scanning-exploring-essential-nmap-commands-3843f01e419e?source=rss------bug_bounty-5Wasim Shaikhcybersecurity, bug-bounty, nmap-command, penetration-testing, ethical-hacking18-May-2024
22.4 Lab: JWT authentication bypass via jwk header injectionhttps://cyberw1ng.medium.com/22-4-lab-jwt-authentication-bypass-via-jwk-header-injection-0bddcdbb2f31?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, hacking, cybersecurity, careers18-May-2024
Analyzing JavaScript Files To Find Bugshttps://rajput623929.medium.com/analyzing-javascript-files-to-find-bugs-2b7d67a52c4e?source=rss------bug_bounty-5Mr.Horbiobug-bounty, hacking, bug-bounty-tips, cybersecurity, ethical-hacking18-May-2024
Interesting .DS_Store finding worth $$$https://medium.com/@akrachliy/interesting-ds-store-finding-worth-6ee7cc46458d?source=rss------bug_bounty-5Yassine Akrachlibug-bounty, hacking, ethical-hacking, python, enumeration18-May-2024
Pay 0$, Get ∞ books!https://medium.com/@karimelsayed0x1/pay-0-get-books-0e093a5eb0de?source=rss------bug_bounty-5z3r0xkpenetration-testing, cybersecurity, bug-bounty, bussines-logic, vulnerability18-May-2024
Found Bug: Cross-Site Scripting (XSS) in Laravel Debug Mode !!https://medium.com/@p.ra.dee.p_0xx01/found-bug-cross-site-scripting-xss-in-laravel-debug-mode-a91939284541?source=rss------bug_bounty-5Professor0xx01bug-bounty, information-security, laravel-framework, xss-attack, web-security18-May-2024
My 6 Month bug hunting journey, what to expect.https://medium.com/@tom.sh/my-6-month-bug-hunting-journey-what-to-expect-be7532e187d4?source=rss------bug_bounty-5Tomopinion, bug-bounty, bpp, hacking18-May-2024
Top 50 Ports & Vulnerabilityhttps://medium.com/@logicTech/top-50-ports-vulnerability-572de4274305?source=rss------bug_bounty-5LogicTechbug-bounty, osint, networking, vulnerability, hacking18-May-2024
Broken Object Level Authorization — BOLA (ex crAPI)https://medium.com/@amaraltohami30/broken-object-level-authorization-bola-ex-crapi-e5a0d30eed2b?source=rss------bug_bounty-5Ammar Ahmedpentesting, api, cybersecurity, hacking, bug-bounty18-May-2024
How a Single Parameter Led to Two ATO Caseshttps://cametom006.medium.com/how-a-single-parameter-led-to-two-ato-cases-c3cf2f4d00c2?source=rss------bug_bounty-5Fahad Faisalbug-bounty, hackerone, bug-bounty-tips, twitter18-May-2024
CVE-2023–52424: The WiFi SSID Confusion Attack Explainedhttps://infosecwriteups.com/cve-2023-52424-the-wifi-ssid-confusion-attack-explained-26e43f5cff40?source=rss------bug_bounty-5ElNiakwifi, bug-bounty, technology, cybersecurity, penetration-testing17-May-2024
The Hacker’s Mind -Recon Mind maphttps://medium.com/@tamhacker1/the-hackers-mind-recon-mind-map-39d14e3750fb?source=rss------bug_bounty-5Tahir Mujawarbug-bounty-writeup, mindmap, ethical-hacking, bug-bounty, cybersecurity17-May-2024
Simple Tips for Bug Bounty Beginners: Finding PII Vulnerabilitieshttps://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-pii-vulnerabilities-3db5a7151dd4?source=rss------bug_bounty-5Anish Narayanbug-bounty-writeup, bug-bounty, bug-bounty-hunting, cybersecurity, bug-bounty-tips17-May-2024
How I found my first mistake Or why you shouldn’t overlook the obvious.https://medium.com/@nagavicyn2/how-i-found-my-first-mistake-or-why-you-shouldnt-overlook-the-obvious-1f1d443afa6b?source=rss------bug_bounty-5Jioninbug-bounty, wordpress, first-bug, pentesting, cve17-May-2024
22.3 Lab: JWT authentication bypass via weak signing keyhttps://cyberw1ng.medium.com/22-3-lab-jwt-authentication-bypass-via-weak-signing-key-f49138b16441?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, careers, cybersecurity17-May-2024
How to Know If Your Android Device Has Been Hacked and What to Do About Ithttps://rajput623929.medium.com/how-to-know-if-your-android-device-has-been-hacked-and-what-to-do-about-it-740ea5a18b9c?source=rss------bug_bounty-5Mr.Horbiohacking, phone-hacking, bug-bounty, cybersecurity, ethical-hacking17-May-2024
A Story of Zero-click complete Account Takeoverhttps://medium.com/@shravanisheshasai/a-story-of-zero-click-complete-account-takeover-650784c2d229?source=rss------bug_bounty-5Shravani_kbvulnerability, web-vulnerabilities, hacking, bug-bounty, ethical-hacking17-May-2024
Breaking Barriers: A Personal Journey Through the World of Bug Bounty Huntinghttps://medium.com/@un1tycyb3r/breaking-barriers-a-personal-journey-through-the-world-of-bug-bounty-hunting-a30331db12fa?source=rss------bug_bounty-5Un1tycyb3rbug-bounty16-May-2024
How to Create a Cloud Lab for Anonymous Bug Bounty Huntinghttps://medium.com/@paritoshblogs/how-to-create-a-cloud-lab-for-anonymous-bug-bounty-hunting-e80ed3a68d8c?source=rss------bug_bounty-5Paritoshcloud, hacking, ai, cybersecurity, bug-bounty16-May-2024
Discovery Worth $$$ in KYC Verification Feature : Bug Bountyhttps://medium.com/@srishavinkumar/unveiling-a-surprising-bug-in-kyc-verification-the-discovery-worth-a82f3282b033?source=rss------bug_bounty-5Sri Shavin Kumarbug-bounty-writeup, bug-bounty, infosec-write-ups, ethical-hacking, cybersecurity16-May-2024
Account takeover with a sad endinghttps://imwaiting18.medium.com/account-takeover-with-a-sad-ending-31ab82f09a5b?source=rss------bug_bounty-5imwaiting18bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips16-May-2024
Vulnerable WordPress April 2024 (Arasbaran)https://medium.com/@onhexgroup/vulnerable-wordpress-april-2024-arasbaran-e9ae2acb8898?source=rss------bug_bounty-5Onhexgroupwordpress, infosec, web-security, bug-bounty, nuclei-template16-May-2024
21.5 Lab: Stealing OAuth access tokens via an open redirect | 2024https://cyberw1ng.medium.com/21-5-lab-stealing-oauth-access-tokens-via-an-open-redirect-2024-88c3679cf0a3?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, penetration-testing, cybersecurity16-May-2024
Reflected XSS via Cache Poisoninghttps://medium.com/@majix_de/reflected-xss-via-cache-poisoning-5f57317b7c71?source=rss------bug_bounty-5Majixpenetration-testing, cache-poisoning, xs, bug-bounty, hacking16-May-2024
Reflected XSS to Account Takeoverhttps://medium.com/@majix_de/reflected-xss-to-account-takeover-0fc429be34e8?source=rss------bug_bounty-5Majixxs, account-takeover, bug-bounty, hacking, penetration-testing16-May-2024
How I got Critical IDOR in one of India’s Best Known Food Delivery Websitehttps://medium.com/@bajajkrrish11/how-i-got-critical-idor-in-one-of-indias-best-known-food-delivery-website-5349c521e44b?source=rss------bug_bounty-5Krrish Bajajbug-bounty-tips, bug-bounty-writeup, bug-bounty-program, bug-bounty, medium16-May-2024
How I Hacked One of These Big Companies (JS files analysis)https://l0da.medium.com/how-i-hacked-one-of-these-big-companies-js-files-analysis-7cf47372b642?source=rss------bug_bounty-5L0dabug-bounty, cybersecurity, hacking, penetration-testing, bug-bounty-tips16-May-2024
The Art of OSINT: Discovering Locations with Image Analysis and Aritifical Intelligence Toolshttps://medium.com/@enigma_/the-art-of-osint-discovering-locations-with-image-analysis-and-aritifical-intelligence-tools-820a4b74d426?source=rss------bug_bounty-5enigmahacking, osint, cybersecurity, bug-bounty, ai16-May-2024
How to execute a Proof of Concept (PoC) for any CVEshttps://medium.com/@CTRL2030/how-to-execute-a-proof-of-concept-poc-for-any-cves-e343cb528f2e?source=rss------bug_bounty-5CTRLsoc, penetration-testing, bug-bounty, cve, cybersecurity16-May-2024
Account takeover using Blind XSS?https://imwaiting18.medium.com/account-takeover-with-a-sad-ending-31ab82f09a5b?source=rss------bug_bounty-5imwaiting18bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips16-May-2024
Broken Access Control (IDOR) & Credential Leak at Legacy API Video Transcodehttps://medium.com/@blackarazi/broken-access-control-idor-credential-leak-at-legacy-api-video-transcode-9b5d729fb2d6?source=rss------bug_bounty-5Azhari Harahapbroken-access-control, api-security, application-security, bug-bounty, bug-bounty-writeup15-May-2024
CVE-2024–4761: Exploiting Chrome’s JavaScript Engine Highly Exploited (PoC presented)https://infosecwriteups.com/cve-2024-4761-exploiting-chromes-javascript-engine-highly-exploited-poc-presented-dcf9cab95c00?source=rss------bug_bounty-5ElNiakbug-bounty, google, penetration-testing, cybersecurity, javascript15-May-2024
How I Got My First Bounty: The Exciting Story of My Bug Bounty Breakthroughhttps://infosecwriteups.com/how-i-got-my-first-bounty-the-exciting-story-of-my-bug-bounty-breakthrough-d8391973ed41?source=rss------bug_bounty-5whit3ros3bug-bounty, graphql, bounty-program, hacking, bug-bounty-tips15-May-2024
Subdomain Takeover: What is It? How to Exploit? How to Find Them?https://medium.com/@dub-flow/subdomain-takeover-what-is-it-how-to-exploit-how-to-find-them-d2b6b82b155b?source=rss------bug_bounty-5Florian Walterbug-bounty, application-security, cybersecurity, penetration-testing, web-application-security15-May-2024
How I Was Able to Perform a Subdomain Takeover Attackhttps://medium.com/@karnrishabh25/subdomain-takeover-00d2c5599715?source=rss------bug_bounty-5Rishabh Karnbug-bounty, hacking, subdomain-takeover, bugs, attack15-May-2024
21.4 Lab: OAuth account hijacking via redirect_uri | 2024https://cyberw1ng.medium.com/21-4-lab-oauth-account-hijacking-via-redirect-uri-2024-4a8bfbb95d12?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, penetration-testing, bug-bounty, hacking15-May-2024
Multiple Business Logic Errors in APPLE music/TV allowing bypass of parental controlshttps://medium.com/@sam0-0/multiple-business-logic-errors-in-apple-music-tv-allowing-bypass-of-parental-controls-0d870d4870c5?source=rss------bug_bounty-5Samapple, infosec, bug-bounty15-May-2024
Gaining Control: How Response Manipulation Leads to Higher Privileges (PoC)https://medium.com/@mrmaulik191/gaining-control-how-response-manipulation-leads-to-higher-privileges-394bdf5f552b?source=rss------bug_bounty-5Mr.MGcybersecurity-research, cybersecurity, privilege-escalation, bug-hunting, bug-bounty15-May-2024
A Arte de Explorar SQL Injection: Uma abordagem profundahttps://medium.com/@davidkarpinski1/sql-injection-masterclass-d68f65cd71ae?source=rss------bug_bounty-5David Eduardo Karpinskibug-bounty, hacking, sql, mysql, sql-injection15-May-2024
5 bugs in one program $$$https://el-cezeri.medium.com/5-bugs-in-one-program-80b550c06a67?source=rss------bug_bounty-5Samet Yiğitödülavcılığı, bug-bounty-tips, bug-bounty15-May-2024
XSS via HTML Injection in Chatbothttps://medium.com/@nidishms1999/xss-via-html-injection-in-chatbot-a24c4f25dc92?source=rss------bug_bounty-5Nidish Nkvapt, cybersecurity, bug-bounty15-May-2024
Why I want to become a bug bounty hunterhttps://medium.com/@riccilovesdogs/why-i-want-to-become-a-bug-bounty-hunter-135e4f584af6?source=rss------bug_bounty-5Riccibug-bounty, coding, make-money-online15-May-2024
XSS via HTML Injection in Chatbothttps://medium.com/@nidishms1999/xss-via-html-injection-in-chatbot-a24c4f25dc92?source=rss------bug_bounty-5Nidish Nkvapt, cybersecurity, hacking, bug-bounty15-May-2024
Walk Through of Bepractical.tech lab #2https://medium.com/@ross.jubert/walk-through-of-bepractical-tech-lab-2-bef06b00ccfc?source=rss------bug_bounty-5Ross Jubertethical-hacking, cybersecurity, bug-bounty, red-team, ethical-hacking-training14-May-2024
XSS on TikTokhttps://19whoami19.medium.com/xss-on-tiktok-d2aa209c746d?source=rss------bug_bounty-5WHO AM I ?bug-bounty-tips, cross-site-scripting, cybersecurity, bug-bounty, xss-attack14-May-2024
An Email Authentication Bypass, But Marked as N/A in NASA domainhttps://medium.com/@Ajakcybersecurity/an-email-authentication-bypass-but-marked-as-n-a-in-nasa-domain-a47977aed8bd?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, penetration-testing, cybersecurity, hacking, bug-bounty14-May-2024
An easy way to find bugs: Enter wrong datahttps://systemweakness.com/an-easy-way-to-find-bugs-enter-wrong-data-0765ed4e9afd?source=rss------bug_bounty-5Nasrinaudit, web-app-security, pentesting, bug-bounty14-May-2024
21.3 Lab: SSRF via OpenID dynamic client registration | 2024https://cyberw1ng.medium.com/21-3-lab-ssrf-via-openid-dynamic-client-registration-2024-c9ffd445e438?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, careers, cybersecurity14-May-2024
JNDI Injection — The Complete Storyhttps://infosecwriteups.com/jndi-injection-the-complete-story-4c5bfbb3f6e1?source=rss------bug_bounty-5Pradeep Kumarjava, pentesting, bug-bounty, jndi, web-penetration-testing14-May-2024
Root user account takeover via SQL Injectionhttps://medium.com/@stopvvar/root-user-account-takeover-via-sql-injection-5c21a6091d4c?source=rss------bug_bounty-5SWsql-injection, hacking, bug-bounty, infose, sql-server13-May-2024
RCE Through Account Takeoverhttps://medium.com/@iamrajchavan/rce-through-account-takeover-10a938a241d9?source=rss------bug_bounty-5Rajdip Chavansecurity, vapt, bug-bounty, web-application-security13-May-2024
Root user account takeover via SQL Injectionhttps://infosecwriteups.com/root-user-account-takeover-via-sql-injection-5c21a6091d4c?source=rss------bug_bounty-5SWsql-injection, hacking, bug-bounty, infose, sql-server13-May-2024
Story of Hall of Fame in Red Hat Linuxhttps://medium.com/@hritombhattacharya029/story-of-hall-of-fame-in-red-hat-linux-e267b9f22d06?source=rss------bug_bounty-5Hritom Bhattacharyaredhat-linux, xss-vulnerability, bug-bounty, hall-of-fame, hacking13-May-2024
Unintended File Downloads in Remote Desktop Environments: A Security Vulnerabilityhttps://medium.com/@Wolverineisstillalive/unintended-file-downloads-in-remote-desktop-environments-a-security-vulnerability-04114297665a?source=rss------bug_bounty-5Sharkbug-bounty, cybersecurity, microsoft, red-team, pentesting13-May-2024
Week 1https://medium.com/@fulltimebughunter/week-1-bad3f3f9e214?source=rss------bug_bounty-5.bugs, bug-bounty-tips, infosec, bug-bounty, infosec-write-ups13-May-2024
21.2 Lab: Forced OAuth profile linking | 2024https://cyberw1ng.medium.com/21-2-lab-forced-oauth-profile-linking-2024-e625dcfc319b?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, penetration-testing, hacking, cybersecurity13-May-2024
$350 bounty: How I Got It | Broken linked Hijackedhttps://deepseng.medium.com/350-bounty-how-i-got-it-broken-linked-hijacked-3e72511e2571?source=rss------bug_bounty-5Deep SenGuptacybersecurity, bug-bounty, broken-link-hijacking13-May-2024
How To Find And Test S3 Buckets For Bug Bountyhttps://medium.com/@dante.falls/how-to-find-and-test-s3-buckets-for-bug-bounty-b91166f9b4e0?source=rss------bug_bounty-5Dante Fallsaws, amazon-web-services, bug-bounty, cybersecurity, cloud-services13-May-2024
Broken Access Control leads to Take Admin Rolehttps://0xebn-taimia.medium.com/broken-access-control-leads-to-take-admin-role-920e46d496b9?source=rss------bug_bounty-50xEbn-Taimiapenetration-testing, bug-bounty-tips, cybersecurity, bug-bounty, hunting13-May-2024
403 Jump: HTTP 403 Bypass toolhttps://medium.com/@anzeemashib/403-jump-http-403-bypass-tool-8b17204110d9?source=rss------bug_bounty-5Itsmeanzeemtools, bug-bounty, 403-forbidden, penetration-testing, cybersecurity13-May-2024
How I Found My First RCE !https://mchklt.medium.com/how-i-found-my-first-rce-f80073626fff?source=rss------bug_bounty-5ABDELKARIM MOUCHQUELITAapache, cyberattack, cybersecurity, bug-bounty, hacking13-May-2024
Hundreds of companies’ internal data exposed — Part 2: The FreshService misconfigurationhttps://infosecwriteups.com/hundreds-of-companies-internal-data-exposed-part-2-the-freshservice-misconfiguration-a9432c0b5dc8?source=rss------bug_bounty-5Mohammed Moiz Pashabug-bounty, security, hacking, vulnerability, ethical-hacking13-May-2024
$350 bounty: How I Got It | Broken linked Hijackedhttps://deepseng.medium.com/350-bounty-how-i-got-it-broken-linked-hijacked-31bfbc15ac0e?source=rss------bug_bounty-5Deep SenGuptabroken-link-hijacking, cybersecurity, bug-bounty, burpsuite13-May-2024
How I found a IDOR at Monitor Mozilla ?https://medium.com/@abnid312/how-i-found-a-idor-at-monitor-mozilla-313fc6c52f25?source=rss------bug_bounty-5ryujinxbug-bounty, bug-hunter, information-technology, info-sec-writeups, hackerone13-May-2024
ZoneTransfer — ./Hopehttps://ezecias.medium.com/zonetransfer-hope-6261d5c7ac0a?source=rss------bug_bounty-5Ezeciasbug-bounty-tips, tools, bug-bounty13-May-2024
How I Found My First RCE !https://mchklt.medium.com/how-i-found-my-first-rce-f80073626fff?source=rss------bug_bounty-5ABDELKARIM MOUCHQUELITAapache, cyberattack, cybersecurity, bug-bounty, hacking13-May-2024
A simple file upload bypass causing XSS attackhttps://medium.com/@xiaodongsec/a-simple-file-upload-bypass-causing-xss-attack-6cbbb4c42070?source=rss------bug_bounty-5Xiaodongxss-attack, bypass, vulnerability, bug-bounty, hacker12-May-2024
Read Code Like a Hacker With SASThttps://medium.com/@matejsmycka/read-code-like-a-hacker-with-sast-28dab6506e45?source=rss------bug_bounty-5Matejsmyckabug-bounty, static-code-analysis, testing, ethical-hacking, hacking12-May-2024
How I Found PII Disclosure of Users & PHPInfo() Page :: #NCIIPC #RVDPhttps://medium.com/@p.ra.dee.p_0xx01/how-i-found-pii-disclosure-of-users-phpinfo-page-nciipc-rvdp-58bec4ba27da?source=rss------bug_bounty-5Professor0xx01security, ethical-hacking, infosec, cybersecurity, bug-bounty12-May-2024
24.15 Lab: HTTP request smuggling, obfuscating the TE header | 2024https://cyberw1ng.medium.com/24-15-lab-http-request-smuggling-obfuscating-the-te-header-2024-efdbc0698848?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, cybersecurity, hacking, careers12-May-2024
Hacking more than 130 000 car worldwide in 5 minuteshttps://ahmadmansourr.medium.com/hacking-more-than-130-000-car-worldwide-in-5-minutes-766e76003c67?source=rss------bug_bounty-5Ahmad Mansourbug-bounty, bug-bounty-tips, cybersecurity, pentesting12-May-2024
16 Times Forced Browsing Leads to Authentication bypass [ 300$ Bounty ]https://medium.com/@jav333d/16-times-forced-browsing-leads-to-authentication-bypass-300-bounty-efc8bd52d310?source=rss------bug_bounty-5Javeed.skauthentication-bypass, bugs, ethical-hacking, bug-bounty-tips, bug-bounty12-May-2024
Breaking Down DOM-based XSS: A Practical Explorationhttps://medium.com/@osamaavvan/breaking-down-dom-based-xss-a-practical-exploration-929d44f10906?source=rss------bug_bounty-5Osama Avvanxss-attack, dom-xss, bug-bounty, cybersecurity, javascript11-May-2024
My LLM Bug Bounty Journey on Hugging Face Hub via Protect AIhttps://infosecwriteups.com/my-llm-bug-bounty-journey-on-hugging-face-hub-via-protect-ai-9f3a1bc72c2e?source=rss------bug_bounty-5Peng Zhouprotect-ai, hugging-face, bug-bounty, llm-security, ai-security11-May-2024
NMAP Command Optionshttps://medium.com/@sherlock297/nmap-command-options-114b7582b993?source=rss------bug_bounty-5Ravindra Dagalenmap, commands, information-security, bug-bounty, vulnerability11-May-2024
#2. Bug Bounty POC: Time-Based SQL Injection to Dump Databasehttps://cyb3rmind.medium.com/2-bug-bounty-poc-time-based-sql-injection-to-dump-database-f8cfa089f393?source=rss------bug_bounty-5Cyb3r M!ndssqli, hacking, pentesting, bug-bounty, sql-injection11-May-2024
24.14 Lab: HTTP request smuggling, basic TE.CL vulnerability | 2024https://cyberw1ng.medium.com/24-14-lab-http-request-smuggling-basic-te-cl-vulnerability-2024-f0159b2569d0?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, cybersecurity, bug-bounty11-May-2024
Exploiting Acunetix Vulnweb SQL Injectionhttps://medium.com/@davidkarpinski1/exploiting-acunetix-vulnweb-sql-injection-5fa5c24b2466?source=rss------bug_bounty-5David Eduardo Karpinskisql, hacking, mysql, bug-bounty, sql-injection11-May-2024
Unveiling an Account Takeover Vulnerability in a Leading Automobile Brandhttps://medium.com/@anekantsinghai/unveiling-an-account-takeover-vulnerability-in-a-leading-automobile-brand-aa41a4e94bfb?source=rss------bug_bounty-5Anekant Singhai Jaininfosec, hacking, bug-bounty, cybersecurity, bug-bounty-tips11-May-2024
دي روود ماب علشان تبدا web pentesthttps://medium.com/@akaramany3/%D8%AF%D9%8A-%D8%B1%D9%88%D9%88%D8%AF-%D9%85%D8%A7%D8%A8-%D8%B9%D9%84%D8%B4%D8%A7%D9%86-%D8%AA%D8%A8%D8%AF%D8%A7-web-pentest-91ea9560dbf6?source=rss------bug_bounty-509x99python, cybersecurity, bug-bounty, web-development, javascript11-May-2024
Mastering Subdomain Takeovershttps://tanishqshahsays.medium.com/mastering-subdomain-takeovers-c9a531fe5d3b?source=rss------bug_bounty-5Tanishq Sachin Shahbug-bounty, bugs, vulnerability, subdomain, cybersecurity11-May-2024
Linux Privilege Escalation — Capstone Challenge | TryHackMehttps://medium.com/@NoOne./linux-privilege-escalation-capstone-challenge-tryhackme-e69c798204bc?source=rss------bug_bounty-5Asim Anwarhacking, privilege-escalation, linux, bug-bounty, tryhackme11-May-2024
4 XSSs With A Simple & Optimized Payloadhttps://levelup.gitconnected.com/4-xsss-with-a-simple-optimized-payload-900753538e90?source=rss------bug_bounty-5Hamza Avvanethical-hacking, xss-uppercase-bypass, bug-bounty, xss-attack, cybersecurity11-May-2024
My Hunt: Discovering Microsoft Bugshttps://infosecwriteups.com/my-hunt-discovering-microsoft-bugs-f6a9c790bec0?source=rss------bug_bounty-5c0d3x27microsoft, hacking, bug-bounty, software-development, cybersecurity11-May-2024
Today I am going to walk through bepractical.techhttps://medium.com/@ross.jubert/today-i-am-going-to-walk-through-bepractical-tech-c15e1df8aa06?source=rss------bug_bounty-5Ross Jubertcybersecurity, bug-bounty, ethical-hacking, account-takeover, account-takeover-attacks11-May-2024
Exploiting Acunetix Vulnweb SQL Injectionhttps://systemweakness.com/exploiting-acunetix-vulnweb-sql-injection-5fa5c24b2466?source=rss------bug_bounty-5David Eduardo Karpinskisql, hacking, mysql, bug-bounty, sql-injection11-May-2024
IDOR and Missing Authorization leads to free contenthttps://medium.com/@enigma_/idor-and-missing-authorization-leads-to-free-content-b12037a887a0?source=rss------bug_bounty-5enigmacybersecurity, hacking, idor, oscp, bug-bounty10-May-2024
How I Discovered a CVE by Scanning Open Source Repositorieshttps://infosecwriteups.com/how-i-discovered-a-cve-by-scanning-open-source-repositories-a5922d21b797?source=rss------bug_bounty-5Scott Lindhbug-bounty, xss-attack, open-source, application-security, hacking10-May-2024
CSRF Bypass Combined with IDOR To Complete Account Takeover!https://medium.com/@ozomarzu/csrf-bypass-combined-with-idor-to-complete-account-takeover-f4995c5946d3?source=rss------bug_bounty-5CyberOzcybersecurity, idor, bug-bounty-writeup, bug-bounty-tips, bug-bounty10-May-2024
24.13 Lab: HTTP request smuggling, basic CL.TE vulnerability | 2024https://cyberw1ng.medium.com/24-13-lab-http-request-smuggling-basic-cl-te-vulnerability-2024-862e743cb078?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, bug-bounty, cybersecurity10-May-2024
A Strange Tale of Email Verification Bypasshttps://medium.com/@Arioex/a-strange-tale-of-email-verification-bypass-5eda231d14d8?source=rss------bug_bounty-5Huntsmanbug-bounty-writeup, cybersecurity, vulnerability, bug-bounty, hacking10-May-2024
Linux Privilege Escalation | TryHackMe — Part 2https://medium.com/@NoOne./linux-privilege-escalation-tryhackme-part-2-9a4cddba01ab?source=rss------bug_bounty-5Asim Anwarbug-bounty, tryhackme, linux, privilege-escalation, hacking10-May-2024
From Novice to Ninja: Unraveling Bug Bounty Beginnings through Cache Poisoninghttps://cametom006.medium.com/from-novice-to-ninja-unraveling-bug-bounty-beginnings-through-cache-poisoning-40de3f8fd211?source=rss------bug_bounty-5Fahad Faisalhackerone, bug-bounty, security, bug-bounty-tips10-May-2024
Database Info Disclose by Client-Side DOShttps://starlox.medium.com/database-info-disclose-by-client-side-dos-7fb25a26fae8?source=rss------bug_bounty-5#$ubh@nk@rdos-attack, infosec, hacking, bug-bounty10-May-2024
Inside the Life of a Full-Time Bug Hunter: Weekly Insights and Goalshttps://medium.com/@fulltimebughunter/inside-the-life-of-a-full-time-bug-hunter-weekly-insights-and-goals-6da07694fb0d?source=rss------bug_bounty-5.cybersecurity, bug-bounty, bug-bounty-tips, infosec, hacking09-May-2024
XSS | Here’s how I got my first bountyhttps://medium.com/@sM0ky4/xss-heres-how-i-got-my-first-bounty-4f64785fe6f8?source=rss------bug_bounty-5sM0ky4bug-bounty-writeup, bug-bounty, xss-vulnerability, xss-attack, first-post09-May-2024
idor affects all usershttps://medium.com/@mohamadfadelababede/how-are-you-my-friends-d60c44c29da0?source=rss------bug_bounty-5Mohamad Fade Lababedebug-bounty09-May-2024
24.12 Lab: CL.0 request smuggling | 2024https://cyberw1ng.medium.com/24-12-lab-cl-0-request-smuggling-2024-5b480979e285?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, cybersecurity, hacking09-May-2024
idor affects all usershttps://medium.com/@mohamadfadelababede/idor-affects-all-users-d3f3f12a11c2?source=rss------bug_bounty-5Mohamad Fade Lababedebug-bounty09-May-2024
HOW I FOUND MY FIRST BUGhttps://medium.com/@irenevenunye55/how-i-found-my-first-bug-7d66915a3fbb?source=rss------bug_bounty-5Irene Venunyebug-bounty, bug-bounty-hunting, bug-bounty-tips, bug-bounty-hunter, bug-bounty-program09-May-2024
Fingerprinting♨♨: Identifying Technologies Of Our Target.https://hacktivistattacker.medium.com/fingerprinting-identifying-technologies-of-our-target-d3b0c021da0f?source=rss------bug_bounty-5Hacktivist-Attackerfingerprinting, fingerprint-system, bug-bounty, penetration-test, reconnaissance09-May-2024
Linux Privilege Escalation | TryHackMe — Part 1https://medium.com/@NoOne./linux-privilege-escalation-tryhackme-part-1-f0ae442e6864?source=rss------bug_bounty-5Asim Anwarbug-bounty, hacking, tryhackme, privilege-escalation, linux09-May-2024
How I Found XSS In Another Govt. Site :: NCIIPC VDP !!https://medium.com/@p.ra.dee.p_0xx01/how-i-found-xss-in-another-govt-site-nciipc-vdp-84d78c0319c2?source=rss------bug_bounty-5Professor0xx01infosec, security, information-security, bug-bounty, security-research09-May-2024
An easy bounty using fuzzinghttps://medium.com/@xnum.1/an-easy-bounty-using-fuzzing-d602ad06f562?source=rss------bug_bounty-5Ahmed Tarekbug-bounty, hacking, penteration-testing, fuzzing, pentesting09-May-2024
Exploiting JWT Token Leads To IDORhttps://medium.com/@Ajakcybersecurity/exploiting-jwt-token-leads-to-idor-ec48cb8888bb?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, hacking, cybersecurity, ethical-hacking, bug-bounty09-May-2024
Simple bug on Indian government website | Govt. bug huntinghttps://medium.com/@sidharthpanda1/simple-bug-on-indian-government-website-govt-bug-hunting-0522af40a6ff?source=rss------bug_bounty-5SIDHARTH PANDAbug-bounty, government, indian, hacking, bug-bounty-tips08-May-2024
ETHICAL AND LEGAL ASPECTS OF BUG HUNTING: RESPONSIBLE DISCLOSURE, SCOPE, NDA AND OTHERShttps://medium.com/@Progsky/ethical-and-legal-aspects-of-bug-hunting-responsible-disclosure-scope-nda-and-others-4832b13a1622?source=rss------bug_bounty-5Progskydocumentation, bug-bounty, contracts, ethical-hacking08-May-2024
NCIIPC VDP Bug : Open Redirection Vulnerability In Govt. Site !!https://medium.com/@p.ra.dee.p_0xx01/nciipc-vdp-bug-open-redirection-vulnerability-in-govt-site-b048860f5d2d?source=rss------bug_bounty-5Professor0xx01bug-bounty, security, vulnerability, information-security, infosec08-May-2024
Revealing a Critical Vulnerability: The Price Manipulation Flawhttps://medium.com/@pawarpushpak36/revealing-a-critical-vulnerability-the-price-manipulation-flaw-cfd640cacf46?source=rss------bug_bounty-5Pawarpushpakpenetration-testing, info-sec-writeups, pentesting, bug-zero, bug-bounty08-May-2024
Unlocking Bug Bounties: Your Comprehensive Guide to Getting Startedhttps://medium.com/@sachin.hack/unlocking-bug-bounties-your-comprehensive-guide-to-getting-started-427a51d7e875?source=rss------bug_bounty-5Sachin Kumarfor-beginners, bug-bounty-tips, bug-bounty, cybersecurity, begineers08-May-2024
24.11 Lab: HTTP/2 request splitting via CRLF injection |2024https://cyberw1ng.medium.com/24-11-lab-http-2-request-splitting-via-crlf-injection-2024-ddb2adaf0cce?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, hacking, careers, penetration-testing08-May-2024
Hack Any Browser With One Linkhttps://medium.com/@vishalchaudharydevsec/hack-any-browser-with-one-link-8d890b804627?source=rss------bug_bounty-5Vishal Chaudharysecurity, hacking, cybersecurity, beef, bug-bounty08-May-2024
Exposed Key In Page Source Led To Bypass Captchahttps://medium.com/@mohanad.hussam23/exposed-key-in-page-source-led-to-bypass-captcha-add64f8d133b?source=rss------bug_bounty-5Muhanad Israiwihacking, captcha, bug-bounty, bugs, penetration-testing08-May-2024
Writing your First Nuclei Templatehttps://medium.com/@technolifts/writing-your-first-nuclei-template-f88575635ea8?source=rss------bug_bounty-5TechnoLiftsnucleus, nuclei-template, cybersecurity, offensive-security, bug-bounty08-May-2024
XSS vulnerability caused by modifying the Content-Typehttps://medium.com/@xiaodongsec/xss-vulnerability-caused-by-modifying-the-content-type-5118e2d02286?source=rss------bug_bounty-5Xiaodongvulnerability, xss-attack, money, bug-bounty, hacker08-May-2024
Modify the request path to bypass upload restrictions, leading to an XSS vulnerability.https://medium.com/@xiaodongsec/modify-the-request-path-to-bypass-upload-restrictions-leading-to-an-xss-vulnerability-0610a893ff1a?source=rss------bug_bounty-5Xiaodongmoney, hacker, vulnerability, bug-bounty, xss-attack08-May-2024
An easily accomplished account takeoverhttps://medium.com/@xiaodongsec/an-easily-accomplished-account-takeover-cc2fd1c287ec?source=rss------bug_bounty-5Xiaodongbug-bounty, hacker, china, money, vulnerability07-May-2024
Title: Understanding Vertical Privilege Escalation in Cybersecurityhttps://alvinbijo.medium.com/title-understanding-vertical-privilege-escalation-in-cybersecurity-2a12c42f8d83?source=rss------bug_bounty-5Alvin bijobug-bounty07-May-2024
24.10 Lab: HTTP/2 request smuggling via CRLF injection | 2024https://cyberw1ng.medium.com/24-10-lab-http-2-request-smuggling-via-crlf-injection-2024-8970aa222b46?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, bug-bounty, penetration-testing, careers07-May-2024
Securitydegen.com Feature Update!https://medium.com/@bugbountydegen/securitydegen-com-feature-update-d0bda8b236c0?source=rss------bug_bounty-5Bug Bounty Degenvulnerability, web3, blockchain-security-audit, bug-bounty, smart-contracts07-May-2024
A Thrilling Dive into Cloud Penetration Testinghttps://adipsharif.medium.com/a-thrilling-dive-into-cloud-penetration-testing-fc88855f7f15?source=rss------bug_bounty-5ADIPbug-bounty, information-security, cloud, info-sec-writeups, penetration-testing07-May-2024
Threat Modeling for OAuth 2.0 Authorization Frameworkhttps://medium.com/@jayeshkunwal/threat-modeling-for-oauth-2-0-authorization-framework-fcab66226fd7?source=rss------bug_bounty-5Jayesh kunwalthreat-modeling, bug-bounty, oauth, cybersecurity, vapt07-May-2024
How I got $250 for IDOR via Business Logic Errorhttps://medium.com/@aryamanav.028/how-i-got-250-for-idor-via-business-logic-error-f3ba502baa5e?source=rss------bug_bounty-5Manav Aryacybersecurity, information-security, vulnerability, bug-bounty, bugcrowd07-May-2024
Athena TryHackMe Walkthroughhttps://medium.com/@boogsta/athena-tryhackme-walkthrough-58eb432f0daa?source=rss------bug_bounty-5Boogstacybersecurity, bug-bounty, hacking, tryhackme, cyber07-May-2024
A Comprehensive Review of the Guided Hacking Forumhttps://medium.com/@yannik603/a-comprehensive-review-of-the-guided-hacking-forum-918231ab4f68?source=rss------bug_bounty-5Yannik Castroreverse-engineering, bug-bounty, games, ctf, hacking07-May-2024
IDN Bootcamp Bug Bounty : Langkah awal Menjadi Bug Hunterhttps://medium.com/@cornelius.yuli.r/idn-bootcamp-bug-bounty-langkah-awal-menjadi-bug-hunter-a1fce0850681?source=rss------bug_bounty-5Corneliusidn-bootcamp, bug-bounty06-May-2024
Crypto bounty program got me $500 — Rate Limit Bypasshttps://mo9khu93r.medium.com/crypto-bounty-program-got-me-500-rate-limit-bypass-d573f7b7d390?source=rss------bug_bounty-5mo9khu93rcryptocurrency, security, hacking, web3, bug-bounty06-May-2024
IDN Bootcamp Bug Bounty : Langkah awal Menjadi Bug Hunterhttps://cornelius-y.medium.com/idn-bootcamp-bug-bounty-langkah-awal-menjadi-bug-hunter-a1fce0850681?source=rss------bug_bounty-5Cornelius Yuliidn-bootcamp, bug-bounty06-May-2024
Bounty Beginnings: My First Bug Discoveryhttps://cyberojas.medium.com/bounty-beginnings-my-first-bug-discovery-c4fea0b0c5c3?source=rss------bug_bounty-5cyberOjasbug-bounty, vulnerability, bugcrowd06-May-2024
Web3 Bug Bounty V/S Smart Contract Auditinghttps://securrtech.medium.com/web3-bug-bounty-v-s-smart-contract-auditing-94207960469d?source=rss------bug_bounty-5Securrblockchain, smart-contract-auditing, bug-bounty, web3, web3-security06-May-2024
alasan ingin belajar bug bounty IDN bootcamphttps://medium.com/@ilhamsabana100/alasan-ingin-belajar-bug-bounty-idn-bootcamp-abf359e6a628?source=rss------bug_bounty-5Ilhamsabanabug-bounty06-May-2024
Blog mengenai saya sebagai syarat Bug Bounty IDN Bootcamphttps://medium.com/@081335097475a/blog-mengenai-saya-sebagai-syarat-bug-bounty-idn-bootcamp-ba3a6d8cdf36?source=rss------bug_bounty-5Mohamad Fachry Alicybersecurity, bug-bounty06-May-2024
Pengalaman saya dibidang CyberSecurityhttps://medium.com/@ahmadfauzyhafidz/pengalaman-saya-dibidang-cybersecurity-6919e17302d8?source=rss------bug_bounty-5Ahmad Fauzy Hafidzcoding, cybersecurity, bug-bounty, capture-the-flag06-May-2024
My Journey to Become a Bug Hunters | Bug Bounty IDN Bootcamphttps://wahyukiddies.medium.com/my-journey-to-become-a-bug-hunters-bug-bounty-idn-bootcamp-9cc04860c874?source=rss------bug_bounty-5Wahyu Priambodotechnology, bug-bounty, experience, cybersecurity, bootcamp06-May-2024
Bug bounty IDN Bootcamp: Perjalanan menjadi pentester dan bug hunterhttps://medium.com/@rizkiarifsaifudin/bug-bounty-idn-bootcamp-perjalanan-menjadi-pentester-dan-bug-hunter-bf4eee8b64f5?source=rss------bug_bounty-5Rizki Arif Saifudinprogramming, bug-bounty, linux, cybersecurity06-May-2024
Pengalaman Menemukan Celah Keamanan (Bug) Pada Sebuah Website (Prelude Bug Bounty IDN Bootcamp)https://medium.com/@nugrohoandyreza/pengalaman-menemukan-celah-keamanan-bug-pada-sebuah-website-prelude-bug-bounty-idn-bootcamp-7c4d6ad2af1f?source=rss------bug_bounty-5Andy R. Nugrohobug-bounty06-May-2024
Guide To Subdomain Takeovers: DNS Resolutions:-Vertical Recon.https://hacktivistattacker.medium.com/dns-resolutions-guide-to-subdomain-takeovers-vertical-recon-9da92433e973?source=rss------bug_bounty-5Hacktivist-Attackerreconnaissance, subdomain-takeover, penetration-testing, subdomain, bug-bounty06-May-2024
Network Infrastructure Reconhttps://medium.com/@davidkarpinski1/network-infrastructure-recon-3d5741eec73b?source=rss------bug_bounty-5David Eduardo Karpinskidns, hacking, networking, cybersecurity, bug-bounty06-May-2024
BugBountyTraining Lab: FastFoodHackings Part 1https://hoppp3r.medium.com/bugbountytraining-lab-fastfoodhackings-part-1-39a7b06fdef9?source=rss------bug_bounty-5Hoppp3rbug-bounty-writeup, bugbountytraining, fastfoodhackings, bug-bounty, bug-bounty-labs05-May-2024
Bug Bounty IDN Bootcamphttps://medium.com/@nurdin8/bug-bounty-idn-bootcamp-dffeeba84854?source=rss------bug_bounty-5Senudin Nurdinbug-bounty05-May-2024
‍ Hack Like a Pro: Precon’s Simple Subdomain Secretshttps://medium.com/@tamhacker1/hack-like-a-pro-precons-simple-subdomain-secrets-a87e5b741b0b?source=rss------bug_bounty-5Tamhackerethical-hacking, bug-bounty, hacker, hacking, cybersecurity05-May-2024
Exposing Information Of All Users “Email,Mobile Number ..etc”https://medium.com/@dr4040x00/exposing-information-of-all-users-email-mobile-number-etc-697c328e0584?source=rss------bug_bounty-5Dr404information-disclosure, web-pen-testing, bug-bounty, bug-bounty-tips05-May-2024
24.9 Lab: H2.CL request smuggling | 2024https://cyberw1ng.medium.com/24-9-lab-h2-cl-request-smuggling-2024-792b86db2c2a?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, penetration-testing, cybersecurity, hacking05-May-2024
An Impactful ‘No Rate Limiting’ Bughttps://medium.com/@duncanochieng682/an-impactful-no-rate-limiting-bug-29eb5158fd14?source=rss------bug_bounty-5JateloCybersecethical-hacking, web-app-security, bug-bounty, pentesting, bugs05-May-2024
Information gathering with OSINThttps://medium.com/@davidkarpinski1/information-gathering-with-osint-3b8af60a194d?source=rss------bug_bounty-5David Eduardo Karpinskihacking, osint, bug-bounty, cybersecurity, pentesting05-May-2024
JS-Snooper: Get More Bounty With Easy Bugshttps://aravind07.medium.com/js-snooper-get-more-bounty-with-easy-bugs-9d7b410f070e?source=rss------bug_bounty-5Gnana Aravind Kcybersecurity, infosec, bug-bounty, bug-bounty-tips, hacking05-May-2024
Proxying Web Traffic Via SSHhttps://medium.com/@mu.gl/proxying-web-traffic-via-ssh-f3cf09c35d46?source=rss------bug_bounty-5Mark El-Khourybug-bounty, ssh, pentesting, cybersecurity, infosec04-May-2024
LEARNING THE BUG BOUNTY PROGRAMhttps://medium.com/@basithrazaky/learning-the-bug-bounty-program-ffdfc54b3dee?source=rss------bug_bounty-5Ramadhani Basith Razakycapture-the-flag, bug-bounty, cybersecurity, linux, networking04-May-2024
24.8 Lab: Response queue poisoning via H2.TE request smuggling | 2024https://cyberw1ng.medium.com/24-8-lab-response-queue-poisoning-via-h2-te-request-smuggling-2024-33bdb4b56b0b?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, hacking, bug-bounty04-May-2024
# Certifcateshttps://medium.com/@scumdestroy/certifcates-f51eace48a7e?source=rss------bug_bounty-5penetration-testing, bug-bounty, recon, hacking, reconnaissance04-May-2024
Get Your First Award by Joining IDN Bootcamp Bug Bountyhttps://medium.com/@oktaa_/get-your-first-award-by-joining-idn-bootcamp-bug-bounty-7dd927ebe6b3?source=rss------bug_bounty-5oktabug-bounty, linux, network, penetration-testing, hacker04-May-2024
Alasan Kenapa Ingin Mengikuti “Bootcamp Bug Bounty IDN”https://medium.com/@naurayaffakamila/alasan-kenapa-ingin-mengikuti-bootcamp-bug-bounty-idn-2d4a5889518c?source=rss------bug_bounty-5Naursyy_bug-bounty, technology, cybersecurity04-May-2024
LEARNING BUG BOUNTY IDN BOOTCAMPhttps://medium.com/@basithrazaky/learning-the-bug-bounty-program-ffdfc54b3dee?source=rss------bug_bounty-5Ramadhani Basith Razakycapture-the-flag, bug-bounty, cybersecurity, linux, networking04-May-2024
24.7 Lab: Exploiting HTTP request smuggling to deliver reflected XSS | 2024https://cyberw1ng.medium.com/24-7-lab-exploiting-http-request-smuggling-to-deliver-reflected-xss-2024-334de5c0d400?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, cybersecurity, careers, hacking03-May-2024
Empire Breakout Vulnhub: WriteUp | Walkthrough | VulnHub CTF | Privilege Escalation Attack | Python…https://shamsulmehmood.medium.com/empire-breakout-vulnhub-writeup-walkthrough-vulnhub-ctf-privilege-escalation-attack-python-235087d3db54?source=rss------bug_bounty-5SHAMS UL MEHMOODcybersecurity, information-security, cyberattack, infosec, bug-bounty03-May-2024
Unleashing the Ethical Hacker Within: Cybersecurity Insights, Bug Bounty Tips, and the Art of…https://kd-200.medium.com/unleashing-the-ethical-hacker-within-cybersecurity-insights-bug-bounty-tips-and-the-art-of-2ebdb65a9ff3?source=rss------bug_bounty-5Nitin yadavtech, infosec, technology, bug-bounty, cybersecurity03-May-2024
3 easiest bugs that you can find right now [guarantied]https://medium.com/@deadoverflow/3-easiest-bugs-that-you-can-find-right-now-guarantied-71ef89efd1a7?source=rss------bug_bounty-5Imad Husanoviccybersecurity, hacking, bug-bounty-tips, programming, bug-bounty03-May-2024
Why and how to hide usernames on your WordPresss.https://medium.com/@izmir.suat/why-and-how-to-hide-usernames-on-your-wordpresss-b01320642838?source=rss------bug_bounty-5Izmir Suatwordpress, bug-bounty, information-security, pentest03-May-2024
XSS leads to HALL OF FAME on a French websitehttps://medium.com/@KaranMoudgil/xss-leads-to-hall-of-fame-on-a-french-website-95bd3a96ad24?source=rss------bug_bounty-5Karan Moudgilbug-bounty03-May-2024
Alasan saya ingin megikuti Bug Bounty IDN Bootcamphttps://wildan14ar.medium.com/alasan-saya-ingin-megikuti-bug-bounty-idn-bootcamp-339aa385b45b?source=rss------bug_bounty-5WILDAN ABDURRASYIDbootcamp, bug-bounty, idn, cybersecurity, sytem03-May-2024
How I bypassed OTP in unexpected wayhttps://medium.com/@ckachhadiya007/how-i-bypassed-otp-in-unexpected-way-2d4b478db512?source=rss------bug_bounty-5DEephacking, bug-bounty, red-team, cybersecurity, vulnerability03-May-2024
Real World GitLab Account Take Overhttps://medium.com/@red.whisperer/real-world-gitlab-account-take-over-b2e9896a1835?source=rss------bug_bounty-5Chuxhacking, cybersecurity, infosec, red-team, bug-bounty03-May-2024
IDOR lead to PII Disclosurehttps://medium.com/@karimelsayed0x1/idor-lead-to-pii-disclosure-121502394277?source=rss------bug_bounty-5z3r0xkidor, bug-bounty, web-security03-May-2024
How I Bypassed Rate limiting To Account Takeoverhttps://medium.com/@Ajakcybersecurity/how-i-bypassed-rate-limiting-to-account-takeover-1df722a527d5?source=rss------bug_bounty-5AjakCybersecurityhacking, cybersecurity, penetration-testing, bug-bounty, ethical-hacking03-May-2024
DNS Resolutions: Identifying Live Targets : Vertical RECON.https://hacktivistattacker.medium.com/dns-resolutions-identifying-live-targets-vertical-recon-2a2aed49bd6b?source=rss------bug_bounty-5Hacktivist-Attackerpenetration-testing, reconnaissance, bug-bounty, education, résolutions03-May-2024
what is RCE-[Remote code Execution]❓https://medium.com/@mmdesvand1386/what-is-rce-remote-code-execution-fee04264fe30?source=rss------bug_bounty-5mamadbug-bounty, website, security, cyber-security-website, social-security-website03-May-2024
Sql İnjection Nedir &Karşılaştığım Vakahttps://medium.com/@akostak/sql-i%CC%87njection-nedir-kar%C5%9F%C4%B1la%C5%9Ft%C4%B1%C4%9F%C4%B1m-vaka-708b17f5da9d?source=rss------bug_bounty-5Alibug-bounty-tips, bug-bounty, sql-injection, vulnerability, bugs03-May-2024
Bug Bounty IDhttps://medium.com/@nurdin8/bug-bounty-id-33c529b2cd1a?source=rss------bug_bounty-5Senudin Nurdinfree-course, linux, network, cyberse, bug-bounty02-May-2024
24.6 Lab: Exploiting HTTP request smuggling to capture other users requests | 2024https://cyberw1ng.medium.com/24-6-lab-exploiting-http-request-smuggling-to-capture-other-users-requests-2024-fd10d3b638bc?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, penetration-testing, careers02-May-2024
Langkah Awal Menuju Bug Bounty IDN BootCamphttps://medium.com/@caomaysss/langkah-awal-menuju-bug-bounty-idn-bootcamp-42bcc61ba7ef?source=rss------bug_bounty-5Caomaybug-bounty, xiaocaomay, idn, idn-network02-May-2024
Become a Bug Bounty hunter: Unveiling the Secrets to Success!https://adipsharif.medium.com/become-a-bug-bounty-hunter-unveiling-the-secrets-to-success-90dfab4c2832?source=rss------bug_bounty-5ADIPinfosec, bug-bounty-tips, info-sec-writeups, penetration-testing, bug-bounty02-May-2024
Google VRP Targets by Tierhttps://uprootsecurity.medium.com/google-vrp-targets-by-tier-c0679c27e545?source=rss------bug_bounty-5UprootSecurityinfosec, pentest, bug-bounty, cybersecurity, vapt02-May-2024
Alasan ingin belajar pada Bug Bounty IDN Bootcamphttps://medium.com/@putrantosurya38/alasan-ingin-belajar-bug-bounty-9f33d7d75161?source=rss------bug_bounty-5Putranto Suryacybersecurity, bug-bounty, bug-bounty-idn-bootcamp02-May-2024
How I Gained Account Access: Exploring the Risks of Password Reset Links in Cybersecurityhttps://kd-200.medium.com/how-i-gained-account-access-exploring-the-risks-of-password-reset-links-in-cybersecurity-5811e914c289?source=rss------bug_bounty-5Nitin yadavcybersecurity, bug-bounty, hacking, hackerone, technology02-May-2024
Mengapa bug bounty?https://medium.com/@rayyaramburambani11/mengapa-bug-bounty-0f77b824cc6c?source=rss------bug_bounty-5rayyanewbie, roboti̇k, bug-bounty-idn-bootcamp, bug-bounty02-May-2024
How i got admin panel without opening the targethttps://thesafdari.medium.com/how-i-got-admin-panel-without-opening-the-target-8ca4a2c219be?source=rss------bug_bounty-5Milad Safdari (TheSafdari)github, hacking, github-secret, bug-bounty, cybersecurity02-May-2024
Diving into the Depths: Unveiling Bug Bounty Adventures and Insights into Linux, Programming, and…https://medium.com/@mansorihack/diving-into-the-depths-unveiling-bug-bounty-adventures-and-insights-into-linux-programming-and-952cc8957dc0?source=rss------bug_bounty-5Mansorihacklinux, bug-bounty, pentesting02-May-2024
Bug Bounty IDN Bootcamp | By Ekyhttps://medium.com/@muhr6128/bug-bounty-idn-bootcamp-by-eky-7a65bc3f6844?source=rss------bug_bounty-5personcybersecurity, ethical-hacking, ctf, bug-bounty02-May-2024
Complex Attack Types: Sample Scenarios 3https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-3-bcd472d684cf?source=rss------bug_bounty-5Baris Dincercybersecurity, threat-intelligence, bug-bounty, penetration-testing, freedomofinternet02-May-2024
Real-World Example of Race Condition Exploits “adding Money”https://medium.com/@dr4040x00/real-world-example-of-race-condition-exploits-adding-money-c8fe62964067?source=rss------bug_bounty-5Dr404race-condition, web-penetration-testing, vulnerability, bug-bounty02-May-2024
#01: Path traversalhttps://medium.com/@karimelsayed0x1/01-path-traversal-0c52daffd26e?source=rss------bug_bounty-5z3r0xksource-code-review, path-traversal, web-security, nodejs, bug-bounty02-May-2024
My Journey to the Nokia Security Hall of Famehttps://mufazmi.medium.com/my-journey-to-the-nokia-security-hall-of-fame-4e9cf4d8b5e9?source=rss------bug_bounty-5Umair Farooquihof, bug-bounty, mufazmi, nokia-hall-of-fame, umair-farooqui01-May-2024
Harnessing the Power of Crowd-Sourced Securityhttps://medium.com/@paritoshblogs/harnessing-the-power-of-crowd-sourced-security-1326641d81b7?source=rss------bug_bounty-5Paritoshcybersecurity, information-technology, information-security, cloud-computing, bug-bounty01-May-2024
My First Verified Bug Bounty: Unmasking Flaws in University Web Appshttps://medium.com/@rafisyafrinaldi17/my-first-verified-bug-bounty-unmasking-flaws-in-university-web-apps-6c6b5fb1e8da?source=rss------bug_bounty-5Impeony | Rafivulnerability-assessment, cybersecurity, bug-bounty-writeup, bug-bounty01-May-2024
How I Bypass CSP that allow a iframe injection in a chat bot + HTML injection on emailshttps://medium.com/@jeetpal2007/how-i-bypass-csp-that-allow-a-iframe-injection-in-a-chat-bot-html-injection-on-emails-9d588aeef4c3?source=rss------bug_bounty-5JEETPALbug-bounty, htmli, bug-bounty-writeup, chatbotbugs, bug-bounty-tips01-May-2024
€150 Bounty: Chaining Vulns to fully Exploit CORS Misconfigurationhttps://r4v3n0r.medium.com/150-bounty-chaining-vulns-to-fully-exploit-cors-misconfiguration-521a0cd97316?source=rss------bug_bounty-5Fabian Cruzinformation-security, bug-bounty, infrastructure-security, cybersecurity, penetration-testing01-May-2024
How can I bypass the limit on the number of team membershttps://medium.com/@xiaodongsec/how-can-i-bypass-the-limit-on-the-number-of-team-members-c3dd56d265a0?source=rss------bug_bounty-5Xiaodongchina, vulnerability, money, bug-bounty, hacker01-May-2024
€400 Bounty: Unveiling a More Impactful CORS Misconfiguration Exploithttps://r4v3n0r.medium.com/400-bounty-unveiling-a-more-impactful-cors-misconfiguration-exploit-6db0a1b39bdc?source=rss------bug_bounty-5Fabian Cruzweb-security, bug-bounty, information-security, penetration-testing, cybersecurity01-May-2024
FortiClient Android Apphttps://medium.com/@3ed0x92/forticlient-android-app-958f942cb5b7?source=rss------bug_bounty-5Mohamed Eid Wahbybug-bounty, mobile-pentest, mobile-pentesting, penetration-testing, bug-bounty-tips01-May-2024
Partnering with fewerClicks- To Provide Robust Web3 Securityhttps://securrtech.medium.com/partnering-with-fewerclicks-to-provide-robust-web3-security-007328375783?source=rss------bug_bounty-5Securrsmart-contract-auditing, bug-bounty, pentesting, web301-May-2024
1500$ bounty: how unprotected directory leaked sensitive infohttps://medium.com/@aa.pietruczuk/1500-bounty-how-unprotected-directory-leaked-sensitive-info-929b55515232?source=rss------bug_bounty-5Agnieszka Pietruczukpentesting, bug-bounty01-May-2024
Exposed Secrets: The Peril of Broken Access Controlhttps://kd-200.medium.com/exposed-secrets-the-peril-of-broken-access-control-928223c62547?source=rss------bug_bounty-5Nitin yadavcybersecurity, bug-bounty, technology, hacking, penetration-testing01-May-2024
BBRADAR: A WEB TOOL TO FIND THE LATEST BUG BOUNTY PROGRAMShttps://medium.com/@Progsky/bbradar-a-web-tool-to-find-the-latest-bug-bounty-programs-833ba632f7a6?source=rss------bug_bounty-5Progskyweb-hacking, web-security, bug-bounty01-May-2024
I sent 1,000,000 Requests to a serverhttps://imwaiting18.medium.com/i-sent-1-000-000-requests-to-a-server-dcb6b41d5d7f?source=rss------bug_bounty-5imwaiting18 (Virang Rajyaguru)hacking, cybersecurity, bug-bounty, ethical-hacking01-May-2024
AWS S3 Bucket Misconfiguration Exposes PII and Documents of Job Seekershttps://infosecwriteups.com/aws-s3-bucket-misconfiguration-exposes-pii-and-documents-of-job-seekers-7b1332b0ecf1?source=rss------bug_bounty-5brutexploitercybersecurity, cloud, india, information-security, bug-bounty01-May-2024
Learning Offensive Cybersecurity — Day 2https://medium.com/@n4rkwh4l/learning-offensive-cybersecurity-day-2-73a682ba1e4d?source=rss------bug_bounty-5N4RKWH4Loffensive-security, cybersecurity, bug-bounty, learning, tech01-May-2024
Billions Bug Bounty Programhttps://billionsquest.medium.com/billions-bug-bounty-program-c86689b4fb29?source=rss------bug_bounty-5Billions Questbug-bounty-tips, bug-bounty, bug-bounty-hunter, bugs01-May-2024
Binary Exploitation: PicoCTF clutter-overflow challenge walk throughhttps://medium.com/@boogsta/binary-exploitation-picoctf-clutter-overflow-challenge-walk-through-80e2f775102c?source=rss------bug_bounty-5Boogstabug-bounty, hacking, hackathons, cyber, cybersecurity01-May-2024
1,000,000 requests 2FA bypasshttps://imwaiting18.medium.com/i-sent-1-000-000-requests-to-a-server-dcb6b41d5d7f?source=rss------bug_bounty-5imwaiting18 (Virang Rajyaguru)hacking, cybersecurity, bug-bounty, ethical-hacking01-May-2024
Javascript code inside HTMLhttps://medium.com/@thewhiteside2000/javascript-code-inside-html-389a71060bf0?source=rss------bug_bounty-5Thewhitesidebugs, bug-bounty-tips, bug-bounty01-May-2024
How OSINT Helped Me To Find User Credentials And Discover An OTP Bypasshttps://medium.com/@mohammed0x04/how-osint-helped-me-to-find-user-credentials-and-discover-an-otp-bypass-afb6b9e23b45?source=rss------bug_bounty-5Mohammed Waleedrecon, osint, bug-bounty-tips, cybersecurity, bug-bounty30-Apr-2024
Bypassing SSL Pinning with Frida and Objection in Mobile Applicationshttps://medium.com/@ria.banerjee005/bypassing-ssl-pinning-with-frida-and-objection-in-mobile-applications-0b42a778b0f2?source=rss------bug_bounty-5Ria Banerjeebug-bounty, cybersecurity, ssl-pinning, mobile-security, mobile-app-testing30-Apr-2024
Another ATO, will I get paid this time?https://imwaiting18.medium.com/another-ato-will-i-get-paid-this-time-ba86ed272f3e?source=rss------bug_bounty-5imwaiting18 (Virang Rajyaguru)hacking, ethical-hacking, security, bug-bounty, cyber-security-awareness30-Apr-2024
Useful GoogleDocks Tips — Bug Bounty Tuesdayhttps://medium.com/@kerstan/useful-googledocks-tips-bug-bounty-tuesday-45eddc06bf93?source=rss------bug_bounty-5kerstancybersecurity, bug-bounty, hacking30-Apr-2024
How I found three Critical Vulnerability in one site.https://medium.com/@ckachhadiya007/how-i-found-three-critical-vulnerability-in-one-site-70fc513669d8?source=rss------bug_bounty-5DEepvulnerability, hacking, cybersecurity, red-team, bug-bounty30-Apr-2024
O melhor curso de hacking etico do Brasilhttps://medium.com/@rafael.code77/o-melhor-curso-de-hacking-etico-do-brasil-cec8eec850bb?source=rss------bug_bounty-5Rafael Henriquetryhackme-writeup, hacking, bug-bounty, hacker, hackerone30-Apr-2024
24.4 Lab: Exploiting HTTP request smuggling to bypass front-end security controls, CL.TEhttps://cyberw1ng.medium.com/24-4-lab-exploiting-http-request-smuggling-to-bypass-front-end-security-controls-cl-te-458923cda52d?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, penetration-testing, bug-bounty, hacking30-Apr-2024
Learning OffensiveCybersecurity — Day 1https://medium.com/@n4rkwh4l/learning-offensivecybersecurity-day-1-b5c26c55522c?source=rss------bug_bounty-5N4RKWH4Lbug-bounty, cybersecurity, offensive-security, learning, tech30-Apr-2024
Adding Certificates to Postman & Burp Suite for API Testinghttps://medium.com/r3d-buck3t/adding-certificates-to-postman-burp-suite-for-api-testing-06339a6d072a?source=rss------bug_bounty-5Nairuz Abulhulsecurity, bug-bounty, penetration-testing, hacking, infosec30-Apr-2024
Bug Bounty Challenge (final): [CONCLUSION]https://wallotry.medium.com/bug-bounty-challenge-final-day-10-30-04-2024-75a6f93d2687?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-writeup30-Apr-2024
Finding a viper in the curved lawnhttps://medium.com/@kupiasec/finding-a-viper-in-the-curved-lawn-e43401997cce?source=rss------bug_bounty-5KupiaSeccurve-finance, bug-bounty, audit, blockchain, security30-Apr-2024
ineligible for bounty !!!https://medium.com/@thewhiteside2000/ineligible-for-bounty-d4b720bfb596?source=rss------bug_bounty-5Thewhitesidebug-bounty30-Apr-2024
postMessage() securityhttps://noobstain.medium.com/postmessage-security-e6c55ef1f1bd?source=rss------bug_bounty-5Sumeet darekarbug-bounty, xss-vulnerability, replit, postmessage, javascript30-Apr-2024
Learning Offensive Cybersecurity — Day 1https://medium.com/@n4rkwh4l/learning-offensivecybersecurity-day-1-b5c26c55522c?source=rss------bug_bounty-5N4RKWH4Lbug-bounty, cybersecurity, offensive-security, learning, tech30-Apr-2024
Bug Bounty Challenge (final): CONCLUSIONhttps://wallotry.medium.com/bug-bounty-challenge-final-day-10-30-04-2024-75a6f93d2687?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-writeup30-Apr-2024
do FUZZ well!https://medium.com/@ugs20b126_cic.rajesh/do-fuzz-well-07cb19bb0675?source=rss------bug_bounty-5Rajesh Sagarbug-bounty, fuzzing, bug-bounty-tips30-Apr-2024
E-Commerce Application Penetration Testing- My Favourite Business Logical Flawhttps://medium.com/@vaishalinagori112/e-commerce-application-penetration-testing-my-favourite-business-logical-flaw-bac0367ad60c?source=rss------bug_bounty-5Vaishali Nagoriapplication-security, ciso, bug-bounty, penetration-testing, vapt29-Apr-2024
The Silent Threat: Uncovering IDOR Vulnerabilities Before They’re Exploited (PoC)https://medium.com/@mrmaulik191/the-silent-threat-uncovering-idor-vulnerabilities-before-theyre-exploited-poc-f98d2b8aec8d?source=rss------bug_bounty-5Mr.MGidor, penetration-testing, blog, cybersecurity, bug-bounty29-Apr-2024
The Story of a Mass Account Takeover Though Stored XSS (Cross-Site Scripting).https://medium.com/@iamrajchavan/the-story-of-a-mass-account-takeover-though-stored-xss-cross-site-scripting-bd2e484a0bd1?source=rss------bug_bounty-5Rajdip Chavanvapt, cybersecurity, bug-hunting, web-app-pentesting, bug-bounty29-Apr-2024
The Fuzzy Wuzzy: Unveiling Hidden Parametershttps://medium.com/@mendurim.r/the-fuzzy-wuzzy-unveiling-hidden-parameters-24169dfc9371?source=rss------bug_bounty-5m3nd00bug-bounty, fuzzing, ffuf29-Apr-2024
Explorando Acunetix Vulneweb SQL Injectionhttps://medium.com/@davidkarpinski1/explorando-acunetix-vulneweb-sql-injection-23360cf2d5f3?source=rss------bug_bounty-5David Eduardo Karpinskisql-injection, sql, bug-bounty, mysql, vulnerability29-Apr-2024
24.3 Lab: Exploiting HTTP request smuggling to bypass front-end security controls, CL.TEhttps://cyberw1ng.medium.com/24-3-lab-exploiting-http-request-smuggling-to-bypass-front-end-security-controls-cl-te-3a5f92a939d2?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, penetration-testing, hacking, cybersecurity29-Apr-2024
Temu glitch - Temu system hacked and let me buy free items!https://medium.com/@verylazytech/temu-glitch-temu-system-hacked-and-let-me-buy-free-items-356fad19ae4a?source=rss------bug_bounty-5Very Lazy Techtemu, hacking, shopping, free, bug-bounty29-Apr-2024
The Fuzzy Wuzzy: Unveiling Hidden Parametershttps://medium.com/@mendurim.r/the-fuzzy-wuzzy-unveiling-hidden-parameters-24169dfc9371?source=rss------bug_bounty-5ScriptTeasebug-bounty, fuzzing, ffuf29-Apr-2024
Broken Link Hijacking: A Hidden Threat $350 Bountyhttps://medium.com/@chouhanhimanshu532/broken-link-hijacking-a-hidden-threat-350-bounty-bb5978177b1d?source=rss------bug_bounty-5Himanshu Chouhanbug-bounty, bugcrowd, bugs, broken-link-hijacking, bug-bounty-tips29-Apr-2024
Embracing Downtime: Why “Wasting Time” Can Be Beneficial for Bug Huntershttps://securitylit.medium.com/embracing-downtime-why-wasting-time-can-be-beneficial-for-bug-hunters-62d83da87a14?source=rss------bug_bounty-5Security Lit Limitedbug-bounty, cybersecurity, penetration-testing, bug-bounty-tips29-Apr-2024
Crypto Attacks Cheat-Sheethttps://medium.com/@davidkarpinski1/brute-forcing-cheat-sheet-30a9f58e024e?source=rss------bug_bounty-5David Eduardo Karpinskihacking, bug-bounty, dictionary, cheating, crack29-Apr-2024
Bug Bounty Challenge (final): Day 9–29/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-9-29-04-2024-9643d90e3ccf?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty29-Apr-2024
The Last Dance (HackTheBox Writeup)https://medium.com/@krishgera1/the-last-dance-hackthebox-writeup-ab0ffda6264f?source=rss------bug_bounty-5Krish Geractf, cybersecurity, hackthebox, hackerone, bug-bounty29-Apr-2024
Find PII Info Disclosure Bugs With this Simple GUI Tool-Easy P1https://medium.com/@Ajakcybersecurity/find-pii-info-disclosure-bugs-with-this-simple-gui-tool-easy-p1-7507a34ae172?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, cybersecurity, bug-bounty, hacking, penetration-testing29-Apr-2024
Bug Zero at a Glance [01–15 April]https://blog.bugzero.io/bug-zero-at-a-glance-01-15-april-1a761018d605?source=rss------bug_bounty-5Januka Dharmapriyacybersecurity, sri-lanka, bug-zero, newsletter, bug-bounty28-Apr-2024
2FA bypass that made me $______https://imwaiting18.medium.com/2fa-bypass-that-made-me-6d32d3b762b4?source=rss------bug_bounty-5imwaiting18 (Virang Rajyaguru)csrf, bug-bounty, cybersecurity, 2fa-bypass, hacking28-Apr-2024
How to choose less competitive Bug Bounty Programs ( No VDPs)https://medium.com/@h3mantsaini/how-to-choose-less-competitive-bug-bounty-programs-no-vdps-0acc3ddfe9b8?source=rss------bug_bounty-5H3mantbug-bounty-tips, bugbounty-writeup, bug-bounty, bug-bounty-writeup28-Apr-2024
Starting in Bug Bounty — First Master This Before Hunting.https://medium.com/@shuklaneel525/starting-in-bug-bounty-first-master-this-before-hunting-74d266a874a0?source=rss------bug_bounty-5NEEL SHUKLAbug-bounty, ethical-hacking, penetration-testing, bounty-program, bug-bounty-tips28-Apr-2024
Unveiling the Secrets of Internal Pentest Monitoring: A Game-Changer for Security Leadershttps://medium.com/@anirumble6776/unveiling-the-secrets-of-internal-pentest-monitoring-a-game-changer-for-security-leaders-09e57b46f9ef?source=rss------bug_bounty-5Aniniikethr12bug-bounty, pentesting, cybersecurity28-Apr-2024
Never use the GET method for Sensitive Actions in Web App: Ft. CSRFhttps://secureitmania.medium.com/never-use-the-get-method-for-sensitive-actions-in-web-app-ft-csrf-f106df3c228b?source=rss------bug_bounty-5secureITmaniabug-bounty, penetration-testing, information-security, hacking, web-development28-Apr-2024
Ability to Deny Subaccounts feature from all usershttps://medium.com/@mostafaaboelnour19/ability-to-deny-subaccounts-feature-from-all-users-e8fca424ffb9?source=rss------bug_bounty-50xAb031n0uRbugbounty-writeup, bug-bounty, cybersecurity28-Apr-2024
IDOR leads to Account Takeover of all users (ATO).https://medium.com/@xnum.1/idor-leads-to-account-takeover-of-all-users-ato-27af312c8481?source=rss------bug_bounty-5Ahmed Tarekpenteration-testing, account-takeover, bug-bounty, pentesting, hacking28-Apr-2024
Mi camino en el Bug Bounty comienza, pero antes..https://medium.com/@cyb3rbyt3/mi-camino-en-el-bug-bounty-comienza-pero-antes-e649661dddc0?source=rss------bug_bounty-5Cib3r Byt3bug-bounty28-Apr-2024
24.2 Lab: HTTP request smuggling, confirming a TE.CLhttps://cyberw1ng.medium.com/24-2-lab-http-request-smuggling-confirming-a-te-cl-1917e523470e?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, bug-bounty, hacking28-Apr-2024
How I Hacked an Indian Government Website and Accessed Their Database Serverhttps://medium.com/@kamilrahman32/how-i-hacked-an-indian-government-website-and-accessed-their-database-server-02a81842cce8?source=rss------bug_bounty-5Kamil Rahumanbug-hunting, cybersecurity, bug-bounty, hacking28-Apr-2024
Bug Bounty Challenge (final): Day 8–28/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-8-28-04-2024-67bac40e6a35?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter, bug-bounty28-Apr-2024
How We Hacked Voice Communication Solutions Company And Found BAC + Info Disclosure + IDOR 😀https://medium.com/@eslam.zayedw/how-we-hacked-voice-communication-solutions-company-and-found-bac-info-disclosure-idor-d-6884037064f0?source=rss------bug_bounty-5D0loresH4zebug-bounty, bug-bounty-tips, cybersecurity, hacking, penetration-testing28-Apr-2024
Flamingo Finance Bug Bounty Programhttps://medium.com/@kdmytro336/flamingo-finance-bug-bounty-program-e5736de7bfa0?source=rss------bug_bounty-5Dmytro Kovalenkoweb-security, bug-bounty, security, web3, flamingo-finance28-Apr-2024
VAPT: The Secret Weapon for Security Superheroeshttps://securitylit.medium.com/vapt-the-secret-weapon-for-security-superheroes-27fcdd79b16e?source=rss------bug_bounty-5Security Lit Limitedvapt, bug-bounty, cybersecurity, cyberattack28-Apr-2024
Security Testing Trends 2024https://innovateqa.medium.com/security-testing-trends-2024-38d9129fde4d?source=rss------bug_bounty-5InnovateQAsecurity-testing, devsecops, genai, bug-bounty, pentesting27-Apr-2024
Hidden parametershttps://medium.com/@thewhiteside2000/hidden-parameters-e818d572ea3e?source=rss------bug_bounty-5Thewhitesidebug-bounty, bug-bounty-tips27-Apr-2024
Top Ten Books for Bug Bountyhttps://medium.com/@verylazytech/top-ten-books-for-bug-bounty-95e8a42fb519?source=rss------bug_bounty-5Very Lazy Techpentesting, money, cybersecurity, bug-bounty, oscp27-Apr-2024
How to setup in 30 min your Web3 lab in Windowshttps://coinsbench.com/how-to-setup-in-30-min-your-web3-lab-in-windows-e0026185b64?source=rss------bug_bounty-5Bug Bounty Degenweb3, hacking-tools, ethereum, bug-bounty, blockchain27-Apr-2024
2:00 AM IDOR leads to some Adrenaline rushhttps://imwaiting18.medium.com/2-00-am-idor-leads-to-some-adrenaline-rush-996f710bd55a?source=rss------bug_bounty-5imwaiting18 (Virang Rajyaguru)bug-bounty27-Apr-2024
Logic Loopholes: The Fun Flawshttps://medium.com/@khode4li/logic-loopholes-the-fun-flaws-5a8e14b09dc7?source=rss------bug_bounty-5Khod4libusiness-logic, web-penetration, bug-bounty, pentest, xss-attack27-Apr-2024
How I Exploited an Auth0 Misconfiguration to Bypass Login Restrictionshttps://amjadali110.medium.com/how-i-exploited-an-auth0-misconfiguration-to-bypass-login-restrictions-c5d8c20d5505?source=rss------bug_bounty-5Amjad Alipenetration-testing, infosec, bug-bounty-tips, bug-bounty, cybersecurity27-Apr-2024
How A Blackbox Target Turned To Whitebox With Reconhttps://medium.com/@red.whisperer/how-a-blackbox-target-turned-to-whitebox-with-recon-e46536672702?source=rss------bug_bounty-5Chuxinfosec, cybersecurity, red-team, hacking, bug-bounty27-Apr-2024
Spotting Sensitive Data in iOS Applications A Penetration Tester’s Guidehttps://adipsharif.medium.com/spotting-sensitive-data-in-ios-applications-a-penetration-testers-guide-06f84af9cb0a?source=rss------bug_bounty-5ADIPpentesting, penetration-testing, infosec, information-security, bug-bounty27-Apr-2024
24.1 Lab: HTTP request smuggling, confirming a CL.TEhttps://cyberw1ng.medium.com/24-1-lab-http-request-smuggling-confirming-a-cl-te-c53051cf5875?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, penetration-testing, cybersecurity27-Apr-2024
privilege escalation allow the app admin to add the user as organization admin (on Microsoft own…https://medium.com/@amitkhandebharad5/privilege-escalation-allow-the-app-admin-to-add-the-user-as-organization-admin-on-microsoft-own-e24352219a24?source=rss------bug_bounty-5Amitkhandebharadsecurity, bug-bounty, bugcrowd, privilege-escalation, bug-hunter27-Apr-2024
Exploring the Filliquid Testnet Launch Bug Bounty Program!https://medium.com/@dekachi17/exploring-the-filliquid-testnet-launch-bug-bounty-program-e67c76557cc5?source=rss------bug_bounty-5I. Tobias Darlingtonfilecoin, bug-bounty, testnet, defi, filliquid27-Apr-2024
How I Hacked NASA Website and find a Criticial Source Code leak BUG on their websitehttps://medium.com/@phantom9863/how-i-hacked-nasa-website-and-find-a-criticial-source-code-leak-bug-on-their-website-9be0c38299fd?source=rss------bug_bounty-5Phantombugs, bug-bounty-tips, bug-fixes, bug-bounty, bug-zero27-Apr-2024
Unveiling Strategies to Identify Potentially Sensitive Data Stored by iOS Applicationshttps://adipsharif.medium.com/spotting-sensitive-data-in-ios-applications-a-penetration-testers-guide-06f84af9cb0a?source=rss------bug_bounty-5ADIPpentesting, penetration-testing, infosec, information-security, bug-bounty27-Apr-2024
What is HTTP request smuggling?https://cyberw1ng.medium.com/what-is-http-request-smuggling-7ab91748c6db?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, careers, cybersecurity, bug-bounty26-Apr-2024
I found a simple but rare misconfiguration and got $200 on a hackerone programhttps://harish45.medium.com/i-found-a-simple-but-rare-misconfiguration-and-got-200-on-a-hackerone-program-5863b6c51538?source=rss------bug_bounty-5Harishhackerone, bug-bounty-writeup, bug-bounty, bug-bounty-tips26-Apr-2024
Private Interact.sh server setup with a web dashboardhttps://infosecwriteups.com/private-interact-sh-server-setup-with-a-web-dashboard-6b0320645536?source=rss------bug_bounty-5Serj Novoselovtutorial, hacking, tools, cybersecurity, bug-bounty26-Apr-2024
Found Multiple Bugs :: XSS, MITM, Sec-MisConf :: In an Educational Sitehttps://medium.com/@p.ra.dee.p_0xx01/found-multiple-bugs-xss-mitm-sec-misconf-in-an-educational-site-5a3804085da0?source=rss------bug_bounty-5Professor0xx01security, bugs, bug-bounty, information-security, xss-attack26-Apr-2024
The Ultimate Guide to CISSP’s Eight Security Territorieshttps://systemweakness.com/the-ultimate-guide-to-cissps-eight-security-territories-836ec7bec836?source=rss------bug_bounty-5Gagan Yalamuristartup, information-security, information-technology, cybersecurity, bug-bounty26-Apr-2024
Unraveling the Nuances of 403 Bypass: Strengthening Web Application Securityhttps://medium.com/@dasmanish6176/unraveling-the-nuances-of-403-bypass-strengthening-web-application-security-ac2e8e885c3f?source=rss------bug_bounty-5Dasmanish403-forbidden, ethical-hacking, bug-bounty26-Apr-2024
How to baypass scaping filter(\)https://medium.com/@thewhiteside2000/how-to-baypass-scaping-filter-14393a23af4f?source=rss------bug_bounty-5Thewhitesidebug-bounty-tips, bug-bounty26-Apr-2024
How We Prevented a Mass Breach On One OF The Biggest CryptoCurrency Gateways On A Web3 Platform.https://medium.com/@eslam.zayedw/how-we-prevented-a-mass-breach-on-one-of-the-biggest-cryptocurrency-gateways-on-a-web3-platform-2d8393070b10?source=rss------bug_bounty-5D0loresH4zecybersecurity, bugbounty-writeup, bug-bounty, bug-bounty-tips, penetration-testing26-Apr-2024
Found Multiple Bugs :: XSS, MITM, Sec-MisConf :: In a GOVT Educational Sitehttps://medium.com/@p.ra.dee.p_0xx01/found-multiple-bugs-xss-mitm-sec-misconf-in-an-educational-site-5a3804085da0?source=rss------bug_bounty-5Professor0xx01security, bugs, bug-bounty, information-security, xss-attack26-Apr-2024
Bug Bounty Toolshttps://medium.com/@malishakali2002/bug-bounty-tools-bedcf7b94f8d?source=rss------bug_bounty-5Malisha_kalictf, bug-bounty-writeup, reconnaissance, bug-bounty, bug-bounty-tool25-Apr-2024
this is how I Bypassed the 2FA page in a big site…https://medium.com/@hannorayousef/this-is-how-i-bypassed-the-2fa-page-in-a-big-site-77c6a3b7596d?source=rss------bug_bounty-5Bar_0_0_nbug-bounty, 2fa, pentesting, bug-bounty-tips, cybersecurity25-Apr-2024
Android Pentesting Lab Setup step to step . Part -1https://medium.com/@adityasingh4180/android-pentesting-lab-setup-step-to-step-part-1-c50d210d118d?source=rss------bug_bounty-5Security Empirebug-bounty-tips, cybersecurity, android-pentesting, bug-bounty, cyber-sec25-Apr-2024
Bug Bounty Champions: Real Stories of Cybersecurity Triumphshttps://medium.com/@paritoshblogs/bug-bounty-champions-real-stories-of-cybersecurity-triumphs-35c0c976469a?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, ai, hacking, information-security25-Apr-2024
Understanding 403 Bypass: A Critical Vulnerability in Web Application Securityhttps://infosecwriteups.com/understanding-403-bypass-a-critical-vulnerability-in-web-application-security-2b9f0318f3a4?source=rss------bug_bounty-5Abhishek Bhujangbug-bounty, 403-bypass, cybersecurity, vulnerability, web-app-security25-Apr-2024
Hacking one of the largest Legal tech in MENAhttps://ahmadmansourr.medium.com/hacking-one-of-the-largest-legal-tech-in-mena-92365c276654?source=rss------bug_bounty-5Ahmad Mansourpentest, hacking, securing, bug-bounty25-Apr-2024
Cyber Detectives Unite: Advanced Tools for Web Securityhttps://medium.com/@gaganak.yalamuri/cyber-detectives-unite-advanced-tools-for-web-security-bb675f46b46e?source=rss------bug_bounty-5Gagan Yalamuriethical-hacking, information-security, cybersecurity, bug-bounty, computer-science25-Apr-2024
How a ‘.git’ file Leads to Zendesk Panel Takeoverhttps://sl4x0.medium.com/how-a-git-file-leads-to-zendesk-panel-takeover-11e8d2812076?source=rss------bug_bounty-5Abdelrhman Allam (sl4x0)bug-bounty-tips, admin-panel, pentesting, bug-bounty, hacking25-Apr-2024
Privilege Escalation to Admin through an Import Featurehttps://cristivlad.medium.com/privilege-escalation-to-admin-through-an-import-feature-ac8ac6b6abad?source=rss------bug_bounty-5Cristi Vladbug-bounty, cybersecurity, penetration-testing, pentesting, infosec25-Apr-2024
Unexpected gain, arbitrary forgery of user tokens.https://medium.com/@xiaodongsec/unexpected-gain-arbitrary-forgery-of-user-tokens-cb0dc1c4bd9f?source=rss------bug_bounty-5Xiaodongchina, hacker, vulnerability, bug-bounty, money25-Apr-2024
How to monitor your internal pentesters?https://medium.com/@levente.b.molnar/how-to-monitor-your-internal-pentesters-6fe0e18f9fd0?source=rss------bug_bounty-5Hackratebug-bounty, cybersecurity, it-security, penetration-testing-tools, penetration-testing25-Apr-2024
Find This Easy CSRF in Every Website- A Sweet P4https://medium.com/@Ajakcybersecurity/find-this-easy-csrf-in-every-website-a-sweet-p4-372a3198bf47?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, technology, bug-bounty, hacking, cybersecurity25-Apr-2024
Bug Bounty Challenge (final): Day 5–25/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-5-25-04-2024-a8d33630fe73?source=rss------bug_bounty-5Wallotrybug-bounty-writeup, bug-bounty-hunter, bug-bounty, bug-bounty-tips25-Apr-2024
Cyber Detectives Unite: Advanced Tools for Web Securityhttps://systemweakness.com/cyber-detectives-unite-advanced-tools-for-web-security-bb675f46b46e?source=rss------bug_bounty-5Gagan Yalamuriethical-hacking, information-security, cybersecurity, bug-bounty, computer-science25-Apr-2024
20.6 Lab: Host validation bypass via connection state attack | 2024https://cyberw1ng.medium.com/20-6-lab-host-validation-bypass-via-connection-state-attack-2024-ba5ddd95edc4?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, hacking, cybersecurity, penetration-testing25-Apr-2024
Privilege escalation mediante Race Condition.https://medium.com/@duality084/privilege-escalation-mediante-race-condition-0254df6ffbd8?source=rss------bug_bounty-5Matias Ramirezbug-bounty, bug-bounty-tips, bugbounty-writeup, hacking25-Apr-2024
A very useful asset collection tool: Asset Reconnaissance Lighthouse.https://medium.com/@xiaodongsec/a-very-useful-asset-collection-tool-asset-reconnaissance-lighthouse-94204f093c92?source=rss------bug_bounty-5Xiaodonghacks, hunting, tools, bug-bounty, china24-Apr-2024
Hack Stories: Hacking Hackers EP:3https://infosecwriteups.com/hack-stories-hacking-hackers-ep-3-11b1f0e002e8?source=rss------bug_bounty-5c0d3x27software, programming, cybersecurity, hacking, bug-bounty24-Apr-2024
#1. Bug Bounty POC: IDOR leads to Account Takeoverhttps://cyb3rmind.medium.com/1-bug-bounty-poc-idor-leads-to-account-takeover-e500701a8004?source=rss------bug_bounty-5Cyb3r M!ndsidor, account-takeover, web-penetration-testing, bug-bounty, pentesting24-Apr-2024
BALMER PEAK AND BUG HUNTINGhttps://medium.com/@Progsky/balmer-peak-and-bug-hunting-8ea030eaa4a4?source=rss------bug_bounty-5Progskyhumor, bug-bounty24-Apr-2024
20.5 Lab: SSRF via flawed request parsing | 2024https://cyberw1ng.medium.com/20-5-lab-ssrf-via-flawed-request-parsing-2024-77a91ca47898?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, careers, cybersecurity, hacking24-Apr-2024
Unveiling the Hidden: A Guide to Passive Subdomain Enumerationhttps://medium.com/@gaganak.yalamuri/unveiling-the-hidden-a-guide-to-passive-subdomain-enumeration-6f1db9a8bb50?source=rss------bug_bounty-5Gagan Yalamuriweb-security, technology, security, bug-bounty, hacking24-Apr-2024
Bug Bounty Challenge (final): Day 4–24/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-4-24-04-2024-ad138e4d1357?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter24-Apr-2024
Embarking on My Bug Bounty Hunting Journeyhttps://medium.com/@nikhil-/embarking-on-my-bug-bounty-hunting-journey-d4064cd28905?source=rss------bug_bounty-5Nikhilmy-journey-in-tech, cybersecurity, bug-bounty24-Apr-2024
Unveiling the Hidden: A Guide to Passive Subdomain Enumerationhttps://systemweakness.com/unveiling-the-hidden-a-guide-to-passive-subdomain-enumeration-6f1db9a8bb50?source=rss------bug_bounty-5Gagan Yalamuriweb-security, technology, security, bug-bounty, hacking24-Apr-2024
How easy I made $$$$https://anasbetis023.medium.com/how-easy-i-made-24edb0fd1364?source=rss------bug_bounty-5Anas H Hmaidypenetration-testing, bug-bounty-tips, cybersecurity, bug-bounty23-Apr-2024
Bug :: CORS Misconfiguration ~ could lead to disclosure of sensitive info..!!!https://medium.com/@p.ra.dee.p_0xx01/bug-cors-misconfiguration-could-lead-to-disclosure-of-sensitive-info-ad95e35162fd?source=rss------bug_bounty-5Professor0xx01cors, bug-bounty, threat-hunting, information-security, vulnerability23-Apr-2024
What are Some Ethical Considerations for Bug Bounty Hunters When Negotiating Rewards or Disclosing…https://medium.com/mynextdeveloper/what-are-some-ethical-considerations-for-bug-bounty-hunters-when-negotiating-rewards-or-disclosing-3008e87a6173?source=rss------bug_bounty-5MyNextDeveloperbug-bounty, ethics, data-breach, ethical-hacking, cybersecurity23-Apr-2024
IOS Penetration Testing: Guide to Static Analysishttps://medium.com/@adityasawant00/ios-penetration-testing-guide-to-static-analysis-4a9dea5d672d?source=rss------bug_bounty-5Aditya Sawantcybersecurity, static-analysis, bug-bounty, i̇os, penetration-testing23-Apr-2024
How I found my First Valid bughttps://medium.com/@tanyago/how-i-found-my-first-valid-bug-2a9c87ce7a91?source=rss------bug_bounty-5Tanya Goyalbug-bounty, bug-hunting, bug-bounty-writeup, bug-bounty-tips23-Apr-2024
Bypassing CloudFlare Error 1015: You Are Being Rate Limitedhttps://medium.com/@mdnafeed3/bypassing-cloudflare-error-1015-you-are-being-rate-limited-f25f4e8f7bb2?source=rss------bug_bounty-5H4cker-Nafeedbug-bounty, vulnerability, cybersecurity, hacking23-Apr-2024
QUICK ROADMAP TO BUG BOUNTY(things you need to know)https://medium.com/@joybhavanadam/quick-roadmap-to-bug-bounty-things-you-need-to-know-0aa1b64b9cdf?source=rss------bug_bounty-5Adam Paulo Antonytips, bug-bounty-tips, roadmaps, bug-bounty23-Apr-2024
VERTICAL RECON : SUBDOMAINS ENUMERATION. THE ART OF RECONISM:https://hacktivistattacker.medium.com/vertical-recon-subdomains-enumeration-the-art-of-reconism-66d3be42d5d0?source=rss------bug_bounty-5Hacktivist-Attackersubdomain-enumeration, information-gathering, subdomains-enumeration, bug-bounty, reconnaissance23-Apr-2024
20.4 Lab: Routing-based SSRF Vulnerability | 2024https://cyberw1ng.medium.com/20-4-lab-routing-based-ssrf-vulnerability-2024-c34402e8b6dd?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, cybersecurity, bug-bounty, careers23-Apr-2024
Browser Extension Security Testing: Part 1https://codewithvamp.medium.com/browser-extension-security-testing-part-1-0178766d2252?source=rss------bug_bounty-5Vaibhav Kumar Srivastavabug-bounty, hacking, browser-extension, bug-bounty-tips, testing23-Apr-2024
Email Verification Bypass via Remember Mehttps://infosecwriteups.com/email-verification-bypass-via-remember-me-c6d34e6060e9?source=rss------bug_bounty-5mo9khu93rbug-bounty, cybersecurity, pentesting, red-team, hacking22-Apr-2024
(Insecure Dangerous Component) Developer Backdoor `DebugActivity` included in the Production Game…https://medium.com/@hazeemyasseer/insecure-dangerous-component-developer-backdoor-debugactivity-included-in-the-production-game-390dddea9363?source=rss------bug_bounty-5Hazeem' Yasseerandroid-pentesting, android-pentest, bug-bounty-tips, bug-bounty, cybersecurity22-Apr-2024
20.3 Lab: Web cache poisoning via ambiguous requests | 2024https://cyberw1ng.medium.com/20-3-lab-web-cache-poisoning-via-ambiguous-requests-2024-8ab074dec0e4?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, careers, penetration-testing, bug-bounty22-Apr-2024
How many months took you to find your first bug ?! Let s seehttps://medium.com/@aiz3nsk/how-many-months-took-you-to-find-your-first-bug-let-s-see-c48e4cce0c29?source=rss------bug_bounty-5Aiz3n Skbug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-bounty-program, bug-bounty-writeup22-Apr-2024
Don’t overlook any parameter, because the vulnerability lies within!https://medium.com/@xiaodongsec/dont-overlook-any-parameter-because-the-vulnerability-lies-within-d0107d0c4f3e?source=rss------bug_bounty-5Xiaodonghacker, vulnerability, china, money, bug-bounty22-Apr-2024
Exploiting PostMessage for cool XSS vulnerabilitieshttps://manasharsh.medium.com/exploiting-postmessage-for-cool-xss-vulnerabilities-cbea132398e1?source=rss------bug_bounty-5Manas Harshhacking, xss-vulnerability, bug-bounty, application-security22-Apr-2024
Google Map API Key Exposure: A Bug Bounty Journeyhttps://medium.com/@iamrizwanvp/google-map-api-key-exposure-a-bug-bounty-journey-6e0bb1560961?source=rss------bug_bounty-5RIZWANpentesting, bug-bounty, cybersecurity, bugbounty-writeup22-Apr-2024
Auto Bug Bounty Script — Unleash Your Hunting Potentialhttps://medium.com/@psychomong/auto-bug-bounty-script-unleash-your-hunting-potential-7ecd6ad417ea?source=rss------bug_bounty-5psychomongbug-bounty, vapt, hacker, bug-bounty-tips, automation22-Apr-2024
How i Find Database Credentials via Mass Recon & Recon Scoping on Gcashhttps://ph-hitachi.medium.com/how-i-find-database-credentials-via-mass-recon-recon-scoping-on-gcash-f43a0dae3ec1?source=rss------bug_bounty-5Ph.Hitachipentest, reconnaissance, recon, bug-bounty, gcash22-Apr-2024
What is SSRF and how to Detect them on Web Applicationhttps://alvinbijo.medium.com/what-is-ssrf-and-how-to-detect-them-on-web-application-687820c4d097?source=rss------bug_bounty-5Alvin bijobug-bounty-tips, bug-bounty, xs, ssrf22-Apr-2024
Bug Bounty Challenge (final): Day 3–22/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-3-22-04-2024-51adde52bf60?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-bounty-tips22-Apr-2024
Cross-Site Scripting Detectionhttps://medium.com/@b.c114303/cross-site-scripting-detection-b35e4bd744b3?source=rss------bug_bounty-5Anni0pbug-bounty, cybersecurity, xss-attack22-Apr-2024
Beware of Method Swapping: Unveiling a Potential Security Vulnerabilityhttps://infosecwriteups.com/beware-of-method-swapping-unveiling-a-potential-security-vulnerability-cc66c867e3b2?source=rss------bug_bounty-5HooSbug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips22-Apr-2024
How to avoid burnouts in bugbounty?https://medium.com/@mr_prey3r/how-to-avoid-burnouts-in-bugbounty-4d97e14f1ff1?source=rss------bug_bounty-5Rubayet Hasan aka MR_Prey3rbug-bounty-tips, bug-bounty, bug-bounty-writeup22-Apr-2024
Beware of Method Swapping: Unveiling a Potential Security Vulnerabilityhttps://medium.com/@hoosgamer/beware-of-method-swapping-unveiling-a-potential-security-vulnerability-cc66c867e3b2?source=rss------bug_bounty-5HooSbug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips22-Apr-2024
Beware of Method Swapping: Unveiling a Potential Security Vulnerabilityhttps://medium.com/@hohky_/beware-of-method-swapping-unveiling-a-potential-security-vulnerability-cc66c867e3b2?source=rss------bug_bounty-5Hohkybug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips22-Apr-2024
Project discovery`s Chaos: Subdomains Discovery for all Bug Bounty Programshttps://medium.com/@miladkeivanfar/project-discovery-s-chaos-subdomains-discovery-for-all-bug-bounty-programs-b9e39fe3589d?source=rss------bug_bounty-5Milad keivanfarsecurity, subdomains-enumeration, bug-bounty, penetration-testing21-Apr-2024
SQL Injection Vulnerability in WHERE Clause Allowing Retrieval of Hidden Datahttps://medium.com/@marduk.i.am/sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-96beb7f99d0c?source=rss------bug_bounty-5Marduk I Amportswigger-lab, sql-injection, information-security, bug-bounty, cybersecurity21-Apr-2024
Unraveling the Secrets of CWE and CVE in easily wayhttps://medium.com/@abdallahhendy15/unraveling-the-secrets-of-cwe-and-cve-in-easily-way-fc332b0294d6?source=rss------bug_bounty-5Abdallahhendypenetration-testing, cwe, cybersecurity, cve, bug-bounty21-Apr-2024
Such a simple zero-payment vulnerability.https://medium.com/@xiaodongsec/such-a-simple-zero-payment-vulnerability-8e29421cbf58?source=rss------bug_bounty-5Xiaodongmoney, vulnerability, bug-bounty, china, hacker21-Apr-2024
Linux Mastery, Practical Exercises for Effective Command Line Skillshttps://medium.com/@muhammadriva/linux-mastery-practical-exercises-for-effective-command-line-skills-e769d1010f73?source=rss------bug_bounty-5Muhammad Rivacyber-security-awareness, penetration-testing, cybersecurity, bug-bounty, kali-linux21-Apr-2024
What is server-side template injection?https://cyberw1ng.medium.com/what-is-server-side-template-injection-77b7e4d0cad2?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, penetration-testing, careers21-Apr-2024
How I could have hacked one LG website with a simple recon…https://medium.com/@rubixrub/how-i-could-have-hacked-one-lg-website-with-a-simple-recon-8306e6e4be54?source=rss------bug_bounty-5RubXhacking, bug-bounty, cybersecurity, bug-bounty-tips21-Apr-2024
HACKTHEBOX CBBH REVIEWhttps://medium.com/@admiralhr99/hackthebox-cbbh-review-76944984a573?source=rss------bug_bounty-5Admiralhrweb-application-security, bug-bounty, cybersecurity, cbbh, hackthebox21-Apr-2024
How do I get Started in Cyber Security? — My Perspective & Learning Path!https://medium.com/@aadhaarkoul2002/how-do-i-get-started-in-cyber-security-my-perspective-learning-path-cd45846dbe63?source=rss------bug_bounty-5Aadhaarkoulbug-bounty, infosec, technology, hacking, learning21-Apr-2024
Bug Bounty Challenge (final): Day 1–21/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-1-21-04-2024-f832f23f0464?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-writeup, bug-bounty-tips21-Apr-2024
Bug Bounty Challenge (final): Day 2–21/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-1-21-04-2024-f832f23f0464?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-writeup, bug-bounty-tips21-Apr-2024
Unsecured Content Provider leads to Account Takeoverhttps://medium.com/@ahmedelmorsy312/unsecure-content-provider-led-to-account-takeover-1e45d716bd7c?source=rss------bug_bounty-5Ahmed Elmorsihacker, bugbounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty20-Apr-2024
Best Bug Bounty Tipshttps://bevijaygupta.medium.com/best-bug-bounty-tips-af66fd076eb4?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bug-fixes, bugs, bug-bounty, bug-zero20-Apr-2024
Unraveling the Millennium Bug: A Digital Apocalypsehttps://medium.com/@ak123aryan/unraveling-the-millennium-bug-a-digital-apocalypse-39af9dbadc0b?source=rss------bug_bounty-5Akshay Aryanjava, bugs, software-development, bug-bounty20-Apr-2024
My methodology for hunting for open Redirect vulnerabilitieshttps://medium.com/@hozayfan782/my-methodology-for-hunting-for-open-redirect-vulnerabilities-fb79f2d24c22?source=rss------bug_bounty-5Hozayfa Nassertips, open-redirect, bug-bounty, tips-and-tricks20-Apr-2024
19.5 Lab: Finding a hidden GraphQL endpoint | 2024https://cyberw1ng.medium.com/19-5-lab-finding-a-hidden-graphql-endpoint-2024-aeb8cec440d1?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing20-Apr-2024
Paramspider Upgraded Versionhttps://medium.com/@pushkrajdhuri07/paramspider-upgraded-version-b14c1e8f9810?source=rss------bug_bounty-5PushkaraJhacking, bug-bounty, cybersecurity, redteam-tool, infosec20-Apr-2024
Bug Bounty Challenge (final): Day 1–20/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-1-20-04-2024-2db4a6c86cc2?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup, bug-bounty20-Apr-2024
April 2024 Reading Listhttps://daytontp.medium.com/april-2024-reading-list-e570dd5143c9?source=rss------bug_bounty-5Dayton Pruetbug-bounty, network-security, cloud-computing, google-cloud-platform, linux19-Apr-2024
Race Condition on Change Email Leads to Arbitrary Email Forgeryhttps://medium.com/@blackarazi/race-condition-on-change-email-leads-to-arbitrary-email-forgery-741b720ac840?source=rss------bug_bounty-5Azhari Harahapbug-bounty, application-security, api-security, race-condition, bug-bounty-writeup19-Apr-2024
Blockchain Bug Bountyhttps://bevijaygupta.medium.com/blockchain-bug-bounty-a84c5f5ac684?source=rss------bug_bounty-5Vijay Guptabug-bounty, bug-bounty-tips, blockchain, blockchain-technology, bugs19-Apr-2024
OTP Bypass Security Issues and Remediationshttps://pratham-08.medium.com/otp-bypass-security-issues-and-remediations-f207eecebbea?source=rss------bug_bounty-5Pratham Mittalsecure-coding, software-development, otp-bypass, bug-bounty, security19-Apr-2024
Reconnaissance in Bug Bounty Programshttps://bevijaygupta.medium.com/reconnaissance-in-bug-bounty-programs-d46fadeb4508?source=rss------bug_bounty-5Vijay Guptabugs, bug-bounty-tips, footprinting, reconnaissance, bug-bounty19-Apr-2024
First valid critical vulnerability of minehttps://medium.com/@shalabhdevliyal/first-valid-critical-vulnerability-of-mine-1143ceaffefc?source=rss------bug_bounty-5Shalabhdevliyalvulnerability, hackerone, bug-bounty, cybersecurity19-Apr-2024
OOGWAY — Vulnerability Search Toolhttps://symbolexe.medium.com/oogway-vulnerability-search-tool-494587f0c00d?source=rss------bug_bounty-5Yasinbug-bounty, cybersecurity, vulnerability, cve19-Apr-2024
An Interesting Case of XSS Caused by File Uploadhttps://medium.com/@xiaodongsec/an-interesting-case-of-xss-caused-by-file-upload-86bdfb09408f?source=rss------bug_bounty-5Xiaodongchina, security, bug-bounty, money, hacks19-Apr-2024
How I Disclosed Employees PII | The mistake I made..|https://medium.com/@the.bugcrowd.testerpawan/how-i-disclosed-employees-pii-the-mistake-i-made-ca299a155440?source=rss------bug_bounty-5the_air_sharmabug-bounty-hunter, bug-bounty-program, bug-bounty-tips, bug-bounty-writeup, bug-bounty19-Apr-2024
19.4 Lab: Performing CSRF exploits over GraphQL | 2024https://cyberw1ng.medium.com/19-4-lab-performing-csrf-exploits-over-graphql-2024-8362148aee53?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, careers, penetration-testing, hacking19-Apr-2024
let’s Unlock Advanced Permissionshttps://rofes1337.medium.com/lets-unlock-advanced-permissions-d8529e9048e4?source=rss------bug_bounty-5Yousef Muhammedelkhirbug-bounty-tips, penteration-testing, bug-bounty, web-app-pentesting, privilege-escalation19-Apr-2024
Defence Methodologiehttps://medium.com/@haticezkmnl/defence-methodologie-bd3aa669d90e?source=rss------bug_bounty-5Hatice Zehra Kamanlıpentesting, bug-bounty, soc, prevention, cybersecurity19-Apr-2024
A CRASH COURSE ON NETWORK PROTOCOLS FOR BUG HUNTERShttps://medium.com/@binarymaster/a-crash-course-on-network-protocols-for-bug-hunters-d2648b79ab0e?source=rss------bug_bounty-5Binarymasterhacking, bug-bounty, network19-Apr-2024
Rest API Pentesting Resourceshttps://medium.com/@m14r41/rest-api-pentesting-resources-3155985b8c4d?source=rss------bug_bounty-5Madhurendra Kumarpentesting, checklist, bug-bounty, api, hacking19-Apr-2024
A CRASH COURSE ON NETWORK PROTOCOLS FOR BUG HUNTERShttps://medium.com/@Progsky/a-crash-course-on-network-protocols-for-bug-hunters-d2648b79ab0e?source=rss------bug_bounty-5Progskyhacking, bug-bounty, network19-Apr-2024
Stored XSS chain on NASA VDPhttps://medium.com/@ph4nt0mbyt3/stored-xss-chain-on-nasa-vdp-93814e2df863?source=rss------bug_bounty-5ph4nt0mbyt3bug-bounty, vulnerability, nasa18-Apr-2024
Introducing SHIFU: Your Comprehensive CVE Finder Toolkithttps://symbolexe.medium.com/introducing-shifu-your-comprehensive-cve-finder-toolkit-4b036cce55c6?source=rss------bug_bounty-5Yasincybersecurity, cve, bug-bounty18-Apr-2024
How Shodan Helps me to Find SMTP misconfigurationhttps://thesafdari.medium.com/how-shodan-helps-me-to-find-smtp-misconfiguration-56f63f1116a5?source=rss------bug_bounty-5Milad Safdaribug-bounty, finding-smtp-misconfig, finding-vulnerabilities18-Apr-2024
Jamtangan Bug Bountyhttps://bevijaygupta.medium.com/jamtangan-bug-bounty-7c49fc09881f?source=rss------bug_bounty-5Vijay Guptabugs, bug-zero, bug-bounty-tips, bug-bounty, jam-tangan18-Apr-2024
IDOR Bug Bountyhttps://bevijaygupta.medium.com/idor-bug-bounty-282d62d91691?source=rss------bug_bounty-5Vijay Guptaidor, bugs, bug-zero, bug-bounty, bug-bounty-tips18-Apr-2024
Yahoo Bug Bountyhttps://bevijaygupta.medium.com/yahoo-bug-bounty-a8a711e9ec3a?source=rss------bug_bounty-5Vijay Guptabug-bounty, yahoo-bug-bounty, bugs, yahoo, bug-bounty-tips18-Apr-2024
A Beginner’s Guide To Insecure Deserializationhttps://medium.com/@four0four/a-beginners-guide-to-insecure-deserialization-d359adffb207?source=rss------bug_bounty-5four0fourprogramming, cybersecurity, bug-bounty18-Apr-2024
How I found HTMLi on main domain of programhttps://medium.com/@jeetpal2007/how-i-found-htmli-on-main-domain-of-program-5c88a8e1af9a?source=rss------bug_bounty-5JEETPALbug-bounty-tips, html-injection, bug-bounty18-Apr-2024
IDOR Lead to Data Leakhttps://melguerdawi.medium.com/idor-lead-to-data-leak-c5107094f9ca?source=rss------bug_bounty-5Mostafa Elguerdawibug-bounty, cybersecurity, bug-bounty-tips18-Apr-2024
VulnersX Toolhttps://symbolexe.medium.com/vulnersx-tool-7a10b3090bbf?source=rss------bug_bounty-5Yasincybersecurity, cve, vulnerability, bug-bounty18-Apr-2024
How Shodan Helps me to Find SMTP misconfigurationhttps://thesafdari.medium.com/how-shodan-helps-me-to-find-smtp-misconfiguration-56f63f1116a5?source=rss------bug_bounty-5Milad Safdari (TheSafdari)bug-bounty, finding-smtp-misconfig, finding-vulnerabilities18-Apr-2024
How i Hacked Globe/Gcash services and manage to get access on multiple databases including ssh…https://ph-hitachi.medium.com/how-i-hacked-globe-gcash-services-and-manage-to-get-access-on-multiple-databases-including-ssh-9ca781348e8f?source=rss------bug_bounty-5Ph.Hitachibug-bounty, public-disclosure, pentesting, gcash18-Apr-2024
SSL Pinning Bypass Simplifiedhttps://medium.com/@evilprince007/ssl-pinning-bypass-simplified-48c0d5294a6c?source=rss------bug_bounty-5Prathamesh Khatavkarbug-bounty, cybersecurity, android18-Apr-2024
Unveiling Access Control Flaws: Taking over an entire organizationhttps://medium.com/@im0thmann/unveiling-access-control-flaws-taking-over-an-entire-organization-23505eb75d89?source=rss------bug_bounty-5mohamed othmancybersecurity, bug-bounty18-Apr-2024
19.3 Lab: Bypassing GraphQL brute force protections | 2024https://cyberw1ng.medium.com/19-3-lab-bypassing-graphql-brute-force-protections-2024-ae9df787c7c7?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, careers, bug-bounty, hacking18-Apr-2024
How I Used the ‘Everything’ Service to Uncover Two High-Risk Threats and Earn Over $700 in Rewardshttps://medium.com/@xiaodongsec/how-i-used-the-everything-service-to-uncover-two-high-risk-threats-and-earn-over-700-in-rewards-c42d002707ad?source=rss------bug_bounty-5Xiaodongchina, bug-bounty, money, hacker, vulnerability17-Apr-2024
Uber Bug Bounty Programhttps://bevijaygupta.medium.com/uber-bug-bounty-program-04cfe5050cd1?source=rss------bug_bounty-5Vijay Guptauber, bug-bounty, bug-bounty-tips, bug-zero, bugs17-Apr-2024
“Mastering Bug Bounty Hunting: Unveiling Secrets to Finding Hidden Vulnerabilities”https://medium.com/@faizalin5555/mastering-bug-bounty-hunting-unveiling-secrets-to-finding-hidden-vulnerabilities-0b5088e213d4?source=rss------bug_bounty-5Faizal Nbug-bounty-tips, bug-bounty, cybersecurity, penetration-testing, vulnerability17-Apr-2024
Bug Bounty POChttps://bevijaygupta.medium.com/bug-bounty-poc-e7fefda2fad0?source=rss------bug_bounty-5Vijay Guptabug-bounty, poc, bug-bounty-tips, bug-zero, bugs17-Apr-2024
Vulnerability Bounty Tool Recommendation: WIHhttps://medium.com/@xiaodongsec/vulnerability-bounty-tool-recommendation-wih-1e7b559b5fbc?source=rss------bug_bounty-5Xiaodongchina, tools, hacker, bug-bounty, money17-Apr-2024
Leveraging XSS to Execute CSRF Attackshttps://medium.com/@dodir.sec/leveraging-xss-to-execute-csrf-attacks-421edb662b40?source=rss------bug_bounty-5dodirbug-bounty, cybersecurity, penetration-testing, csrf, xss-attack17-Apr-2024
API Mis configuration: How Employee can change Manager’s review for him. (Part 2)https://interc3pt3r.medium.com/api-mis-configuration-how-employee-can-change-managers-review-for-him-part-2-28b242216b40?source=rss------bug_bounty-5Aneesha Dweb-development, bug-bounty, tips, cybersecurity, hacking17-Apr-2024
19.2 Lab: Accidental exposure of private GraphQL fields | 2024https://cyberw1ng.medium.com/19-2-lab-accidental-exposure-of-private-graphql-fields-2024-0d0836dc82ba?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, hacking, bug-bounty, careers17-Apr-2024
How I approach Account takeover due to no rate limit on OTPhttps://medium.com/@jeetpal2007/how-i-approach-account-takeover-due-to-no-rate-limit-on-otp-10a7fe056184?source=rss------bug_bounty-5JEETPALbug-bounty, bountytips, no-rate-limit, account-takeover17-Apr-2024
How I found a P1 bug in just 40 minuteshttps://medium.com/@jeetpal2007/how-i-found-a-p1-bug-in-just-40-minutes-4f3614abe974?source=rss------bug_bounty-5JEETPALapi-key, p1bugs, bug-bounty-tips, bug-bounty17-Apr-2024
OTP Bruteforce Chained with Response Manipulation Leads to Zero Click Account Takeoverhttps://medium.com/@cyberpro151/otp-bruteforce-chained-with-response-manipulation-leads-to-zero-click-account-takeover-7d1bee79a19f?source=rss------bug_bounty-5cyberpro151cybersecurity, account-takeover, bug-bounty, web-hacking, hacking17-Apr-2024
(Part 2) API Mis configuration: How Employee can change Manager’s review for him.https://interc3pt3r.medium.com/api-mis-configuration-how-employee-can-change-managers-review-for-him-part-2-28b242216b40?source=rss------bug_bounty-5Aneesha Dweb-development, bug-bounty, tips, cybersecurity, hacking17-Apr-2024
TCM Security — Practical Ethical Hacking Course — Find & Exploit Common Web Vulnerabilities — XSS…https://shibushivansh.medium.com/tcm-security-practical-ethical-hacking-course-find-exploit-common-web-vulnerabilities-xss-00dbb33d45e2?source=rss------bug_bounty-5Shivansh Sethcross-site-scripting, blog, command-injection, bug-bounty, cybersecurity16-Apr-2024
PayPal Bug Bountyhttps://bevijaygupta.medium.com/paypal-bug-bounty-7838f8bc5e4b?source=rss------bug_bounty-5Vijay Guptabugs, paypal, paypal-account, bug-bounty, bug-bounty-tips16-Apr-2024
Discord Bug Bountyhttps://bevijaygupta.medium.com/discord-bug-bounty-e2d0d3829c99?source=rss------bug_bounty-5Vijay Guptabugs, discord, bug-bounty-tips, bug-bounty, discord-bot16-Apr-2024
Top 5 books to learn bug hunting beginner to advancehttps://medium.com/@buglearners.com/top-5-books-to-learn-bug-hunting-beginner-to-advance-9006c34ea126?source=rss------bug_bounty-5Buglearners.combug-bounty, cybersecurity, bug-hunting, advance, books16-Apr-2024
18.4 Lab: Exploiting Ruby deserialization using a documented gadget chain | 2024https://cyberw1ng.medium.com/18-4-lab-exploiting-ruby-deserialization-using-a-documented-gadget-chain-2024-2e02be94c6f8?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, careers, bug-bounty, penetration-testing16-Apr-2024
Email Template Draft Feature Triggers SSRF, Earns ¥3000!https://medium.com/@xiaodongsec/email-template-draft-feature-triggers-ssrf-earns-3000-d59af1ffbae6?source=rss------bug_bounty-5Xiaodonghacker, vulnerability, china, money, bug-bounty16-Apr-2024
WhatWeb!?https://thehackersmeetup.medium.com/whatweb-c132eb13927c?source=rss------bug_bounty-5The Hackers Meetuptools, bug-bounty, whatweb, kali, web16-Apr-2024
XSS (Міжсайтовий скриптинг): детальний розбірhttps://medium.com/@max.pavlenko.dev/xss-%D0%BC%D1%96%D0%B6%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2%D0%B8%D0%B9-%D1%81%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%B8%D0%BD%D0%B3-%D0%B4%D0%B5%D1%82%D0%B0%D0%BB%D1%8C%D0%BD%D0%B8%D0%B9-%D1%80%D0%BE%D0%B7%D0%B1%D1%96%D1%80-23c36e5a7483?source=rss------bug_bounty-5Max Pavlenko (Certified Vue.js Developer)bug-bounty, security, front-end-development, xss-vulnerability16-Apr-2024
Reverse Engineering Sitecore Vulnerabilities-3https://medium.com/@nilayp799/reverse-engineering-sitecore-vulnerabilities-3-ba8a99563ca4?source=rss------bug_bounty-5Nilay Patelbug-bounty, vulnerability, automation, hacking, sitecore16-Apr-2024
Reverse Shell Scripting Concept.https://rahman0x01.medium.com/reverse-shell-scripting-concept-1bf1f60686a7?source=rss------bug_bounty-5rahman0x01netcat, bash-scripting, bug-bounty, reverse-shell, bash-script16-Apr-2024
I Found An IDOR Flaw where users' attached pictures and documents were leaked.https://medium.com/@Ajakcybersecurity/i-found-an-idor-flaw-where-users-attached-pictures-and-documents-were-leaked-961d564ce72f?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, cybersecurity, money, bug-bounty, penetration-testing16-Apr-2024
Bug Bounty Automationhttps://bevijaygupta.medium.com/bug-bounty-automation-f1fa68e3d903?source=rss------bug_bounty-5Vijay Guptaautomation-tools, automation-testing, bug-bounty-tips, automation, bug-bounty15-Apr-2024
Dell Bug Bountyhttps://bevijaygupta.medium.com/dell-bug-bounty-a578dc53d7bb?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, dell, dell-laptop, bugs, bug-bounty15-Apr-2024
CVE-2024–3400: A Critical Vulnerability in PAN-OS Firewallshttps://infosecwriteups.com/cve-2024-3400-a-critical-vulnerability-in-pan-os-firewalls-a7f8c66a10d2?source=rss------bug_bounty-5ElNiakbug-bounty, penetration-testing, command-injection, firewall, cybersecurity15-Apr-2024
Story of a strange IDOR without IDhttps://m7arm4n.medium.com/story-of-a-strange-idor-without-id-6735fd3dcd27?source=rss------bug_bounty-5M7arm4nhacking, bug-bounty, bug-bounty-tips, security, hacker15-Apr-2024
CSRF (1/3)https://medium.com/@karimelsayed0x1/csrf-1-3-22050bf9c92c?source=rss------bug_bounty-5z3r0xkbug-bounty, bug-bounty-tips, bug-bounty-writeup, csrf, web-attack15-Apr-2024
Advance XSS payload Listhttps://medium.com/@psychomong/advance-xss-payload-list-7b5d1a4df61c?source=rss------bug_bounty-5psychomonghacking, bug-bounty-tips, bugs, bug-bounty, xss-attack15-Apr-2024
18.3 Lab: Exploiting PHP deserialization with a pre-built gadget chain | 2024https://cyberw1ng.medium.com/18-3-lab-exploiting-php-deserialization-with-a-pre-built-gadget-chain-2024-64dcb875e23c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, hacking, penetration-testing, bug-bounty15-Apr-2024
How I got JS Execution (DOM XSS) Via CSTIhttps://medium.com/@amrkadry7/how-i-got-js-execution-dom-xss-via-csti-58a4171c2963?source=rss------bug_bounty-5Amrcybersecurity, bug-bounty15-Apr-2024
Acer Bug Bountyhttps://bevijaygupta.medium.com/acer-bug-bounty-9ce4d49c1051?source=rss------bug_bounty-5Vijay Guptaacer, bug-zero, bug-bounty, bug-bounty-tips, bugs14-Apr-2024
My Bug Bounty Journeyhttps://bevijaygupta.medium.com/my-bug-bounty-journey-b07f663c8ff8?source=rss------bug_bounty-5Vijay Guptabug-zero, bug-bounty-tips, my-journey, bugs, bug-bounty14-Apr-2024
Ten Tips You Have to Know for WordPress Bug Bountyhttps://medium.com/@zpbrent/ten-tips-you-have-to-know-for-wordpress-bug-bounty-b2b070f07add?source=rss------bug_bounty-5Peng Zhoubug-bounty, wordpress, infosec, hacker, bug-bounty-tips14-Apr-2024
How I Exploited the Account Cancellation Feature to Farm Rewardshttps://medium.com/@xiaodongsec/how-i-exploited-the-account-cancellation-feature-to-farm-rewards-19f6d6c0e181?source=rss------bug_bounty-5Xiaodonghacks, bug-bounty, skills, vulnerability, china14-Apr-2024
How I Hack Web Applications (Part 1)https://infosecwriteups.com/how-i-hack-web-applications-part-1-0833c002cc9a?source=rss------bug_bounty-5Rafin Rahman Chyethical-hacking, penetration-testing, bug-bounty, infosec, application-security14-Apr-2024
A unique SSRF hunt ( Invite user functionality vulnerable to blind SSRF attack )https://medium.com/@abhishek8602314652/a-unique-ssrf-hunt-invite-user-functionality-vulnerable-to-blind-ssrf-attack-c6804b2b398b?source=rss------bug_bounty-5Abhishek singh ( a6h1)bug-bounty, ssrf, bug-bounty-tips, bug-hunting, bug-bounty-writeup14-Apr-2024
A click can cause 1600$ | Auth0 misconfig .https://naumankh4n.medium.com/a-click-can-cause-1600-auth0-misconfig-9234aedad55c?source=rss------bug_bounty-5Nauman Khanpenetration-testing, bug-bounty, hacking, cybersecurity, money14-Apr-2024
18.2 Lab: Exploiting Java deserialization with Apache Commons | 2024https://cyberw1ng.medium.com/18-2-lab-exploiting-java-deserialization-with-apache-commons-2024-7ba379e97b52?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, careers, penetration-testing14-Apr-2024
Access to transparent security testing — Why we made HackGATE™ available to everyonehttps://medium.com/@levente.b.molnar/access-to-transparent-security-testing-why-we-made-hackgate-available-to-everyone-11c3e0efe44c?source=rss------bug_bounty-5Hackratebug-bounty, penetration-testing, pentesting, security, cybersecurity14-Apr-2024
THE ART OF RECONISM: HORIZONTAL RECON FOR PENETRATION TESTING:https://hacktivistattacker.medium.com/the-art-of-reconism-horizontal-recon-for-penetration-testing-fea5399af186?source=rss------bug_bounty-5Hacktivist-Attackerreconnaissance, horizonatl-reconaissance, scope-finding, bug-bounty, information-gathering13-Apr-2024
Power of CSRFhttps://medium.com/@hillrane24/power-of-csrf-43b736c74280?source=rss------bug_bounty-5NIKHIL RANEotp-bypass, bug-bounty, csrf, authentication-bypass13-Apr-2024
Unauthorized Admin Account Access via Google Authenticationhttps://nullr3x.medium.com/unauthorized-admin-account-access-via-google-authentication-a38d42577ac9?source=rss------bug_bounty-5Sahil Mehracybersecurity, web, bug-bounty, vulnerability, penetration-testing13-Apr-2024
Bancor Bug Bountyhttps://bevijaygupta.medium.com/bancor-bug-bounty-9c40e9389ab5?source=rss------bug_bounty-5Vijay Guptabug-zero, bug-bounty, bug-bounty-tips, bugs, bancor13-Apr-2024
Facebook Bug Bountyhttps://bevijaygupta.medium.com/facebook-bug-bounty-e9e73ce56f11?source=rss------bug_bounty-5Vijay Guptafacebook, bug-bounty-tips, bug-bounty, bugs, facebook-bug-bounty13-Apr-2024
Menggali Potensi Bug Bounty: Menghasilkan Uang atau Menemukan Keamanan?https://medium.com/@kaizen100801/menggali-potensi-bug-bounty-menghasilkan-uang-atau-menemukan-keamanan-170c44d2904e?source=rss------bug_bounty-5Zenbug-bounty, bug-bounty-tips, cybersecurity, hacking, cyber-security-awareness13-Apr-2024
Api Bug Bountyhttps://bevijaygupta.medium.com/api-bug-bounty-5f2aafced9a4?source=rss------bug_bounty-5Vijay Guptabugs, api, bug-bounty, api-development, bug-bounty-tips13-Apr-2024
How I saved over 200,000 job seekers’ data on staterecruit.in from a potential data breach.https://brutexploiter.medium.com/how-i-saved-over-200-000-job-seekers-data-on-staterecruit-in-from-a-potential-data-breach-7db5bad1c9e0?source=rss------bug_bounty-5brutexploitercybersecurity, web-development, web-security, sql-injection, bug-bounty13-Apr-2024
How do insecure deserialization vulnerabilities arise?https://cyberw1ng.medium.com/how-do-insecure-deserialization-vulnerabilities-arise-233c336b305b?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, careers, hacking, bug-bounty13-Apr-2024
How Did I Easily Find Stored XSS at Apple and earn $5000 ?https://medium.com/@xrypt0/how-did-i-easily-find-stored-xss-at-apple-and-earn-5000-3aadbae054b2?source=rss------bug_bounty-5Cryptosecurity, xss-attack, apple, bug-bounty, web-security13-Apr-2024
TryHackMe Creative Write-Uphttps://blog.devgenius.io/tryhackme-creative-write-up-f29e2cdbf7ae?source=rss------bug_bounty-5Joseph Alantryhackme-walkthrough, tryhackme, cybersecurity, tryhackme-writeup, bug-bounty13-Apr-2024
Broken Access Control (IDOR) on Forgot Password Could Lead to Attacker Change Password for Every…https://medium.com/@blackarazi/broken-access-control-idor-on-forgot-password-could-lead-to-attacker-change-password-for-every-e1b18e075b5a?source=rss------bug_bounty-5Azhari Harahapbug-bounty-writeup, bug-bounty, account-takeover, application-security, broken-access-control12-Apr-2024
How I managed to bypass 2FA on image linehttps://medium.com/@bishwajeetb1/how-i-managed-to-bypass-2fa-on-image-line-11f123fc32ea?source=rss------bug_bounty-5Bishwajeetcybersecurity, bug-bounty, application-security, web-application-testing, web-application-security12-Apr-2024
Using E-Notation to bypass Access Control restrictions to access arbitrary user PII-discussionshttps://medium.com/@keizobugbounty/using-e-notation-to-bypass-access-control-restrictions-to-access-arbitrary-user-pii-discussions-1fa014b544d4?source=rss------bug_bounty-5Keizobugbounty-writeup, cybersecurity, bug-bounty-writeup, bug-bounty, bug-bounty-tips12-Apr-2024
The Critical Role Of Bug Bounties in Ensuring Web3 Securityhttps://securrtech.medium.com/the-critical-role-of-bug-bounties-in-ensuring-web3-security-084cf518234b?source=rss------bug_bounty-5Securrweb3-security, bug-bounty, web312-Apr-2024
How I Find My First Internet Bug Bounty for Apache Airflowhttps://medium.com/@zpbrent/how-i-find-my-first-internet-bug-bounty-for-apache-airflow-9d3c1ec29b24?source=rss------bug_bounty-5Peng Zhoubug-bounty, open-source, airflow, python, infosec12-Apr-2024
Bug Zero at a Glance [16–31 March]https://blog.bugzero.io/bug-zero-at-a-glance-16-31-march-4f4cd6823a75?source=rss------bug_bounty-5Januka Dharmapriyacybersecurity, sri-lanka, bug-zero, bug-bounty, newsletter12-Apr-2024
How i Almost got 2K$ through a Race conditionhttps://medium.com/@0x3adly/how-i-almost-got-2k-through-a-race-condition-3b09232b3a25?source=rss------bug_bounty-5Anas Eladly ( 0x3adly )bug-bounty, bug-bounty-tips, race-condition, infosec, web-penetration-testing12-Apr-2024
A Comprehensive Guide to Static Analysis in Android Pentestinghttps://medium.com/@samireddisaimanikanta939/a-comprehensive-guide-to-static-analysis-in-android-pentesting-66023053ed18?source=rss------bug_bounty-5Intrud3rXpenetration-testing, ethical-hacking, android-static-analysis, android-pentesting, bug-bounty12-Apr-2024
Learn Bug Bountyhttps://bevijaygupta.medium.com/learn-bug-bounty-d67654f0c01f?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bugs, bug-bounty, learn, bug-zero12-Apr-2024
Microsoft Bug Bountyhttps://bevijaygupta.medium.com/microsoft-bug-bounty-1295263b135e?source=rss------bug_bounty-5Vijay Guptamicrosoft, microservices, bug-bounty-tips, bug-bounty-writeup, bug-bounty12-Apr-2024
How I Bypassed Offer Limits to Gain Multiple Membership Benefitshttps://medium.com/@xiaodongsec/how-i-bypassed-offer-limits-to-gain-multiple-membership-benefits-affea84c0844?source=rss------bug_bounty-5Xiaodongbug-bounty, hacker, china, vulnerability12-Apr-2024
Latest Bug Bounty And Web Hacking Tools Bug Bunty And Web Hacking Toolshttps://medium.com/@haidertallal786/latest-bug-bounty-and-web-hacking-tools-bug-bunty-and-web-hacking-tools-feff2224b200?source=rss------bug_bounty-5Muhammad haider Tallalbug-bounty, web-penetration-testing, hacking12-Apr-2024
Zoho Account Takeover: How a Single Click Can Lead to Full Control on your Zoho accounthttps://medium.com/@0xUsername/zoho-account-takeover-how-a-single-click-can-lead-to-full-control-on-your-zoho-account-04a5ea069382?source=rss------bug_bounty-5HackerWithOutHatsecurity, cybersecuirty, bug-bounty, infosec, information-security12-Apr-2024
Random account takeover via misconfigured OAuthhttps://medium.com/@Berserker1337/random-account-takeover-via-misconfigured-oauth-5dc2cbbbe905?source=rss------bug_bounty-5Berserkerbug-bounty, cybersecurity, information-security, infosec, vulnerability12-Apr-2024
16.5 Lab: Multistep clickjacking in Bug Bounty | 2024https://cyberw1ng.medium.com/16-5-lab-multistep-clickjacking-in-bug-bounty-2024-a5eb20de6900?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, cybersecurity, hacking12-Apr-2024
5 Methods I Use To Discover APIshttps://medium.com/@red.whisperer/5-methods-i-use-to-discover-apis-6d646baa3ffb?source=rss------bug_bounty-5Chuxapi, red-team, pentesting, hacking, bug-bounty12-Apr-2024
Token-Based Authentication vulnerabilityhttps://medium.com/@paulovitorcl/token-based-authentication-vulnerability-37d97efcca62?source=rss------bug_bounty-5Paulo Vitor Costa Limabug-bounty, cybersecurity12-Apr-2024
Hunting on Microsoft SharePoint: The art of manipulation.https://machiavellli.medium.com/hunting-on-microsoft-sharepoint-the-art-of-manipulation-25c96ee1de3a?source=rss------bug_bounty-5Machiavelliinfosec, bug-bounty12-Apr-2024
How I Discovered Vulnerabilities by Modifying App Memoryhttps://medium.com/@xiaodongsec/how-i-discovered-vulnerabilities-by-modifying-app-memory-5a87b685ed3d?source=rss------bug_bounty-5Xiaodonghacker, china, bug-bounty, vulnerability, money12-Apr-2024
How I Exposed a High-Risk SSRF Vulnerability in an AI Modelhttps://medium.com/@xiaodongsec/how-i-exposed-a-high-risk-ssrf-vulnerability-in-an-ai-model-e40d6f96a5e1?source=rss------bug_bounty-5Xiaodongsechacker, bug-bounty, ai11-Apr-2024
Building My Own Packet Sniffer for Game Security Testinghttps://medium.com/@yannik603/building-my-own-packet-sniffer-for-game-security-testing-8baf58a94d0c?source=rss------bug_bounty-5Yannik Castrogamehacking, bug-bounty, reverse-engineering, hacking, hacking-tools11-Apr-2024
Meta Bug Bountyhttps://bevijaygupta.medium.com/meta-bug-bounty-cc842ca0f614?source=rss------bug_bounty-5Vijay Guptabugs, bug-zero, bug-bounty, metaverse, bug-bounty-tips11-Apr-2024
How to Fuzz Prototype Pollution by Reusing Public CVEs for Fun and Researchhttps://medium.com/@zpbrent/how-to-fuzz-prototype-pollution-by-reusing-public-cves-for-fun-and-research-40891013bf0b?source=rss------bug_bounty-5Peng Zhouweb-security, nodejs, fuzzing, infosec, bug-bounty11-Apr-2024
How I Exposed a High-Risk SSRF Vulnerability in an AI Modelhttps://medium.com/@xiaodongsec/how-i-exposed-a-high-risk-ssrf-vulnerability-in-an-ai-model-e40d6f96a5e1?source=rss------bug_bounty-5Xiaodonghacker, bug-bounty, ai11-Apr-2024
How I Uncovered a Payment Vulnerabilityhttps://medium.com/@xiaodongsec/how-i-uncovered-a-payment-vulnerability-6355e15d1702?source=rss------bug_bounty-5Xiaodongvulnerability, china, bug-bounty, hacker11-Apr-2024
Indian software firms cheated me by failing to provide the promised bounty after I reported…https://medium.com/@mangbho28/indian-software-firms-cheated-me-by-failing-to-provide-the-promised-bounty-after-i-reported-ffc7fcc83993?source=rss------bug_bounty-5MB007bug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-program11-Apr-2024
Bypassed the Amazon CloudFront Logic and got XSS at the National Weather Agency of the U.S.https://royzsec.medium.com/bypassed-the-amazon-cloudfront-logic-and-got-xss-at-the-national-weather-agency-of-the-u-s-100af330430a?source=rss------bug_bounty-5Prince Roy(RoyzSec)web-development, hacking, bug-bounty, cybersecurity, penetration-testing11-Apr-2024
7 Essential Skills Every Bug Bounty Hunter Needs to Succeedhttps://medium.com/mynextdeveloper/7-essential-skills-every-bug-bounty-hunter-needs-to-succeed-0e6ac8afa483?source=rss------bug_bounty-5MyNextDeveloperpenetration-testing, cybersecurity, kali-linux, darkweb, bug-bounty11-Apr-2024
GitHub Bug Bountyhttps://bevijaygupta.medium.com/github-bug-bounty-afa61eb789f3?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bug-zero, bugs, github, bug-bounty11-Apr-2024
16.4 Lab: Exploiting clickjacking vulnerability to trigger DOM-based XSS | 2024https://cyberw1ng.medium.com/16-4-lab-exploiting-clickjacking-vulnerability-to-trigger-dom-based-xss-2024-71c5b567fb4b?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, cybersecurity, bug-bounty, careers11-Apr-2024
Secret BurpSuite Extension For BugBounty~ Part-2https://medium.com/@Ajakcybersecurity/secret-burpsuite-extension-for-bugbounty-part-2-58b644b9222c?source=rss------bug_bounty-5AjakCybersecurityblog, bug-bounty, penetration-testing, ethical-hacking, hacking11-Apr-2024
How to Fuzz Prototype Pollution by Reusing Public CVEs for Fun and Researchhttps://medium.com/@zpbrent/how-to-fuzz-prototype-pollution-by-reusing-public-cves-for-fun-and-research-40891013bf0b?source=rss------bug_bounty-5Peng Zhoujavascript, web-security, nodejs, infosec, bug-bounty11-Apr-2024
Bug Bounty Challenge: Day 16–11/04/2024https://wallotry.medium.com/bug-bounty-challenge-day-16-11-04-2024-effc5c820319?source=rss------bug_bounty-5Wallotrybug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty11-Apr-2024
CVE-2024–24576: A Critical Rust Vulnerability on Windowshttps://infosecwriteups.com/cve-2024-24576-a-critical-rust-vulnerability-on-windows-4f0bb1a332e9?source=rss------bug_bounty-5ElNiakcybersecurity, windows, rust, penetration-testing, bug-bounty10-Apr-2024
How I Find an Arbitrary File Upload Vulnerability with a Unique Bypasshttps://medium.com/@zpbrent/how-i-find-an-arbitrary-file-upload-vulnerability-with-a-unique-bypass-8d679f45a497?source=rss------bug_bounty-5Peng Zhouinfosec, wordpress-plugins, web-security, bug-bounty, wordpress10-Apr-2024
Bug Bounty Certificationhttps://bevijaygupta.medium.com/bug-bounty-certification-27c95b8a1b80?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bugs, bug-bounty, bug-zero, bug-bounty-certification10-Apr-2024
Android Bug Bountyhttps://bevijaygupta.medium.com/android-bug-bounty-9a2daf0d2270?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, android-bug-bounty, android, bugs, bug-bounty10-Apr-2024
Apple Bug Bountyhttps://bevijaygupta.medium.com/apple-bug-bounty-88002b2c159d?source=rss------bug_bounty-5Vijay Guptaapple-bug-bounty, bug-zero, bug-bounty, bug-bounty-tips, bugs10-Apr-2024
SQL Injection: A Simple Beginner’s Guide.https://ishengoma.medium.com/sql-injection-a-simple-beginners-guide-58d237ff18da?source=rss------bug_bounty-5Ishengomavulnerability-assessment, sql-injection, hacking, vulnerability-management, bug-bounty10-Apr-2024
Privilege Escalation by manipulating endpointhttps://medium.com/@vijayrockstar.verma5/privilege-escalation-by-manipulating-endpoint-10feb974bab5?source=rss------bug_bounty-5Vijay Vermainfosec, hacking, bug-bounty, cybersecurity, pentesting10-Apr-2024
Vulnerable WordPress March 2024 (Kandovan)https://medium.com/@onhexgroup/vulnerable-wordpress-march-2024-kandovan-24103451060b?source=rss------bug_bounty-5Onhexgroupwordpress, bug-bounty, wordpress-security, infosec, exploitation10-Apr-2024
Clickjacking: A Comprehensive Guide to Finding Clickjacking Vulnerabilitieshttps://cyberw1ng.medium.com/clickjacking-a-comprehensive-guide-to-finding-clickjacking-vulnerabilities-3f51d8e63a41?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, security, bug-bounty, careers10-Apr-2024
Bug: No rate limiting on Email verification leads to huge Mass Mailing :: P4https://medium.com/@deypradip87jk/bug-no-rate-limiting-on-email-verification-leads-to-huge-mass-mailing-p4-b72c666d6e56?source=rss------bug_bounty-5Professor0xx01information-security, bug-bounty-tips, cybersecurity, bug-bounty, infosec-write-ups09-Apr-2024
How I Found Bug :: Reflected XSS (Cross-Site-Scripting) On a BBP.https://medium.com/@deypradip87jk/how-i-found-bug-reflected-xss-cross-site-scripting-on-a-bbp-9f57611eda91?source=rss------bug_bounty-5Professor0xx01bug-bounty, cyber-security-solutions, infosec-write-ups, offensive-security, bug-bounty-tips09-Apr-2024
Bug: No rate limiting on Email verification leads to huge Mass Mailing :: P4https://medium.com/@p.ra.dee.p_0xx01/bug-no-rate-limiting-on-email-verification-leads-to-huge-mass-mailing-p4-b72c666d6e56?source=rss------bug_bounty-5Professor0xx01information-security, bug-bounty-tips, cybersecurity, bug-bounty, infosec-write-ups09-Apr-2024
How I Found Bug :: Reflected XSS (Cross-Site-Scripting) On a BBP.https://medium.com/@p.ra.dee.p_0xx01/how-i-found-bug-reflected-xss-cross-site-scripting-on-a-bbp-9f57611eda91?source=rss------bug_bounty-5Professor0xx01bug-bounty, cyber-security-solutions, infosec-write-ups, offensive-security, bug-bounty-tips09-Apr-2024
Bug Bounty Reportshttps://bevijaygupta.medium.com/bug-bounty-reports-8a6480d06a80?source=rss------bug_bounty-5Vijay Guptabug-bounty, bug-bounty-tips, bugs, bug-bounty-reports, bug-zero09-Apr-2024
Bug Hunting Methodology for Beginnershttps://bevijaygupta.medium.com/bug-hunting-methodology-for-beginners-ce7ee1b11c25?source=rss------bug_bounty-5Vijay Guptabug-bounty-hunter, bug-hunting, bug-bounty, bug-bounty-tips, bug-bounty-writeup09-Apr-2024
Information Disclosure: Story of 500€ + 400$ Bountyhttps://v3d.medium.com/information-disclosure-story-of-500-400-bounty-97d3b343f9ad?source=rss------bug_bounty-5V3Dbug-bounty, penetration-testing, information-technology, cybersecurity, hacking09-Apr-2024
Card Payment Functionality Checklist — Bug Bounty Tuesdayhttps://medium.com/@kerstan/card-payment-functionality-checklist-bug-bounty-tuesday-6eab127d0126?source=rss------bug_bounty-5kerstantechnology, hacking, cybersecurity, bug-bounty, security09-Apr-2024
Mass automation for finding XSS vulnerabilities in large scope targetshttps://medium.com/@oumzarkar/mass-automation-for-finding-xss-vulnerabilities-in-large-scope-targets-019996b0515c?source=rss------bug_bounty-5dextrobug-bounty-tips, cybersecurity, walkthrough, automation, bug-bounty09-Apr-2024
How I Found My First Stored XSS || WAF & Characters Limitation Bypasshttps://kariiem.medium.com/how-i-found-my-first-stored-xss-waf-characters-limitation-bypass-cc414c4fadde?source=rss------bug_bounty-5Kariiem Gamalbug-bounty-tips, bug-hunting, bug-bounty, waf-bypass, bugbounty-writeup09-Apr-2024
My WordPress Bug Bounty Journey on Patchstackhttps://medium.com/@zpbrent/from-first-rejection-to-monthly-top-c0dedd4bbc7f?source=rss------bug_bounty-5Peng Zhoubug-bounty-program, bug-bounty-hunter, wordpress-security, ethical-hacking, bug-bounty09-Apr-2024
Simple Tips for Bug Bounty Beginners: Finding Blind XSS Vulnerabilitieshttps://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-blind-xss-vulnerabilities-ab67977ff756?source=rss------bug_bounty-5Anish Narayanbug-bounty-tips, bug-bounty, xss-attack, cross-site-scripting, cybersecurity09-Apr-2024
15.3 Lab: CORS vulnerability with trusted insecure protocols | 2024https://cyberw1ng.medium.com/15-3-lab-cors-vulnerability-with-trusted-insecure-protocols-2024-2ba1967daecc?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, penetration-testing, bug-bounty, cybersecurity, hacking09-Apr-2024
Hunting Bugs and Striking Gold: Forward Calls for Elite Hunters in the Bug Bounty Campaignhttps://forwardprotocol.medium.com/hunting-bugs-and-striking-gold-forward-calls-for-elite-hunters-in-the-bug-bounty-campaign-057e686c8577?source=rss------bug_bounty-5Forward Protocolblockchain-technology, bug-bounty, bug-bounty-hunter, web3, blockchain-developer09-Apr-2024
Is Your Business a Sitting Duck for Credit Card Hackers? Here’s How PCI DSS Can Save You!https://medium.com/@josuofficial327/is-your-business-a-sitting-duck-for-credit-card-hackers-heres-how-pci-dss-can-save-you-97d7b6562131?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binucybersecurity, payment-gateway, bug-bounty, hacking, bug-bounty-tips08-Apr-2024
Google Bug Huntershttps://bevijaygupta.medium.com/google-bug-hunters-673e2f5c2600?source=rss------bug_bounty-5Vijay Guptabug-hunter, bug-bounty-writeup, google, bug-bounty, bug-bounty-tips08-Apr-2024
Unleashing the Power of Bug Bounty Dorks: A Comprehensive Guidehttps://bevijaygupta.medium.com/unleashing-the-power-of-bug-bounty-dorks-a-comprehensive-guide-b121fce9e5e4?source=rss------bug_bounty-5Vijay Guptagoogle, bug-bounty, bug-bounty-tips, google-dork, bug-zero08-Apr-2024
How I Got Multiple Privilege Escalations — The Easy Trick?https://medium.com/@Mdabdulrahman/how-i-got-multiple-privilege-escalations-the-easy-trick-e915110bc08a?source=rss------bug_bounty-5Md Abdul Rahmanwin-privilege-escalation, bug-bounty, penetration-testing, privilege-escalation08-Apr-2024
Hacking Swisscom’s End-to-End Encrypted Cloud Storage for $4,000https://medium.com/@thomashouhou/hacking-swisscoms-end-to-end-encrypted-cloud-storage-for-4-000-3660722196ec?source=rss------bug_bounty-5Thomas Houhouweb-security, hacking, bug-bounty-tips, bug-bounty, cybersecurity08-Apr-2024
XSS on out of scope domain? CORS is your secret weapon!https://c4rrilat0r.medium.com/xss-on-out-of-scope-domain-cors-is-your-secret-weapon-93e433278080?source=rss------bug_bounty-5c4rrilat0rbug-bounty, bug-bounty-tips, hackerone, xss-attack, cors08-Apr-2024
Breaking Free: 26 Advanced Techniques to Escape Docker Containershttps://infosecwriteups.com/breaking-free-26-advanced-techniques-to-escape-docker-containers-530049816b55?source=rss------bug_bounty-5ElNiakbug-bounty, cybersecurity, penetration-testing, kubernetes, docker08-Apr-2024
15.2 Lab: CORS vulnerability with trusted null origin | 2024https://cyberw1ng.medium.com/15-2-lab-cors-vulnerability-with-trusted-null-origin-2024-a84020e4e254?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, cybersecurity, careers, bug-bounty08-Apr-2024
Why You Should Attend Cybersecurity Conferences: Unlock Opportunitieshttps://medium.com/@a13h1/why-you-should-attend-cybersecurity-conferences-unlock-opportunities-2a16dfe4658e?source=rss------bug_bounty-5Abhi Sharmanetworking, information-security, cybersecurity, conference, bug-bounty07-Apr-2024
How to Start Your Journey into Cybersecurity in 2024 (or how I did)https://medium.com/@j0hnc0nn0r/how-to-start-your-journey-into-cybersecurity-in-2024-or-how-i-did-ebe4910acdc7?source=rss------bug_bounty-5John Connorcybersecurity, penetration-testing, bug-bounty, tryhackme, hackthebox07-Apr-2024
How to Start Your Journey into Cybersecurity in 2024 (or how I did)https://medium.com/@j0hnc0nn0r/how-to-start-your-journey-into-cybersecurity-in-2024-or-how-i-did-ebe4910acdc7?source=rss------bug_bounty-5J0hn C0nn0rcybersecurity, penetration-testing, bug-bounty, tryhackme, hackthebox07-Apr-2024
How Employee can change Manager’s review for him.https://interc3pt3r.medium.com/how-employee-can-change-managers-review-for-him-a903bd329111?source=rss------bug_bounty-5Aneesha Dbug-bounty, cybersecurity, hacking, security, bugs07-Apr-2024
Unofficial Guide to OWASP Top 10:2021https://medium.com/@rafinrahmanchy/unofficial-guide-to-owasp-top-10-2021-87eebd03b614?source=rss------bug_bounty-5Rafin Rahman Chypentesting, web-security, bug-bounty, hacking, infosec07-Apr-2024
TryHackMe CTF: Vulnversity — Walkthroughhttps://medium.com/@suyogpatil1810/tryhackme-ctf-vulnversity-walkthrough-2f375c5521a6?source=rss------bug_bounty-5Suyog Patilsoftware-development, computer-science, hacking, ethical-hacking, bug-bounty07-Apr-2024
Mastering CORS: A Comprehensive Guide to Finding Cross-origin resource sharing Vulnerabilities |…https://cyberw1ng.medium.com/mastering-cors-a-comprehensive-guide-to-finding-cross-origin-resource-sharing-vulnerabilities-c22a5659f95f?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, security, penetration-testing07-Apr-2024
How We Found a 25K$ Bug in a Blockchain Project by Mistake | Bounty Hunting Journeyhttps://0d.dwalletlabs.com/how-we-found-a-25k-bug-in-a-blockchain-project-by-mistake-bounty-hunting-journey-21c0c20440f6?source=rss------bug_bounty-5Elad Ernstblockchain, exploitation, web3, bug-bounty, icon-foundation07-Apr-2024
IDOR Leads To Account Takeoverhttps://medium.com/@adityasawant00/idor-leads-to-account-takeover-28fe6e300a49?source=rss------bug_bounty-5Aditya Sawantidor, account-takeover, bug-bounty, penetration-testing, web-application-security07-Apr-2024
How Did I Find Reflected XSS In Domino’s ?https://medium.com/@xrypt0/how-did-i-find-reflected-xss-in-dominos-d1d41b120598?source=rss------bug_bounty-5Cryptocloudflare, bug-bounty, penetration-testing, xss-attack, web-security07-Apr-2024
File Upload Vulnerability Checklisthttps://medium.com/@dasmanish6176/file-upload-vulnerability-checklist-254c4680aa74?source=rss------bug_bounty-5Dasmanishweb-application-security, bug-bounty, web-penetration-testing, vapt, file-upload-vulnerability07-Apr-2024
Bug Bounties in Web3: Investing in Security for Sustainable Growthhttps://medium.com/@charliekaru/bug-bounties-in-web3-investing-in-security-for-sustainable-growth-5b4092474d3d?source=rss------bug_bounty-5Charlie Karunaratneweb3, defi-security, bug-bounty, web3-security07-Apr-2024
Teaching Spotify a Cryptography Lessonhttps://medium.com/@Fanicia/teaching-spotify-a-cryptography-lesson-51f5ee0b0f5c?source=rss------bug_bounty-5Security Guyopenid-connect, blue-team, bug-bounty, cybersecurity, bug-bounty-tips07-Apr-2024
Finding CSRF on Graphql Applicationhttps://medium.com/@alpernae/finding-csrf-on-graphql-application-3ffa1105a30d?source=rss------bug_bounty-5Alperenbug-bounty-tips, graphql, cybersecurity, bug-bounty, csrf7-Apr-2024
The Fast and the Curious: Finding a Race Condition in Worldcoinhttps://medium.com/@gonzo-hacks/the-fast-and-the-curious-finding-a-race-condition-in-worldcoin-621c89bfbd61?source=rss------bug_bounty-5Dane Sherretsbug-bounty, bug-fixes, bug-bounty-tips, blockchain, hacking7-Apr-2024
“Fortify Your Cyber Space: Embark on the Dominant Cyber Boot Camp Journey”https://medium.com/@rizvi4600779/fortify-your-cyber-space-embark-on-the-dominant-cyber-boot-camp-journey-3071bd0b1ec7?source=rss------bug_bounty-5Syed Muhammad Minhal Rizvihacking, writeup, cyber, bug-bounty, cybersecurity7-Apr-2024
Host Header Manipulation Leading to Unauthorized Access to Apple’s Internal Slack bot (Bug Bounty)https://amineaboud.medium.com/unauthorized-access-to-an-internal-app-used-by-apple-to-protect-confidential-information-shared-on-c8835a80079b?source=rss------bug_bounty-5Amine Aboudbug-bounty-writeup, bug-bounty, bug-bounty-tips07-Apr-2024
This Cryptocurrency exchange paid me $200 for reporting vulnerability in their websitehttps://medium.com/@abhishek8602314652/this-cryptocurrency-exchange-paid-me-200-for-reporting-vulnerability-in-their-website-6755b38702a8?source=rss------bug_bounty-5Abhishek singh ( a6h1)cybersecurity, cryptocurrency, vulnerability, bug-hunting, bug-bounty07-Apr-2024
Wordfence otorga su mayor bounty hasta la fechahttps://casi-cincuenta-monos.medium.com/wordfence-otorga-su-mayor-bounty-hasta-la-fecha-f2d9aa561f05?source=rss------bug_bounty-5Casi Cincuenta Monoswordpress, cybersecurity, bug-bounty06-Apr-2024
Recon automation with Telegram Notificationhttps://medium.com/@tamhacker1/recon-automation-with-telegram-notification-d4c6b564ed58?source=rss------bug_bounty-5Tamhackercybersecurity, hacker, bug-bounty, reconnaissance, hacking06-Apr-2024
How To Fix bWAPP Unknown Database Error Windows/Linuxhttps://hamzaavvan.medium.com/how-to-fix-bwapp-unknown-database-error-windows-linux-acefd1a4568b?source=rss------bug_bounty-5Hamza Avvanbwapp, php, ethical-hacking, bug-fixes, bug-bounty06-Apr-2024
Easiest way to find Broken links in a websitehttps://medium.com/@jeetpal2007/easiest-way-to-find-broken-links-in-a-website-cccbc1f0b6d2?source=rss------bug_bounty-5JEETPALbroken-link, easy-bug-to-find, bug-bounty, bug-bounty-tips, broken-link-hijacking06-Apr-2024
Advanced XSS Discovery: Streamlining Your Attack Strategy with Cutting-Edge Automation Toolshttps://medium.com/@0xelkot/advanced-xss-discovery-streamlining-your-attack-strategy-with-cutting-edge-automation-tools-88cfd0f68c8e?source=rss------bug_bounty-50xElkothackerone, xss-attack, methodology, bug-bounty, hacking06-Apr-2024
14.6 Lab: SameSite Strict bypass via sibling domain | 2024https://infosecwriteups.com/14-6-lab-samesite-strict-bypass-via-sibling-domain-2024-f2ad5f0167d1?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, bug-bounty, penetration-testing, hacking06-Apr-2024
Bug Bounty: Secure Camino Network, Earn Rewardshttps://medium.com/@obobo/bug-bounty-secure-camino-network-earn-rewards-329a686da0b9?source=rss------bug_bounty-5O Boboweb3, hexen, travel, camino-network, bug-bounty06-Apr-2024
Step by Step Complete Beginners guide of iOS penetration testing with corelliumhttps://infosecwriteups.com/step-by-step-complete-beginners-guide-of-ios-penetration-testing-with-corellium-2b9e9c6382c2?source=rss------bug_bounty-5Sandeep Vishwakarmamobile-pentesting, bug-bounty, corellium, ios-penetration-testing, pentesting05-Apr-2024
Unmasking an Open Redirect on the India’s Government Websitehttps://medium.com/@nilkhant30/unmasking-an-open-redirect-on-the-indias-government-website-3f808b10bff9?source=rss------bug_bounty-5I AM Rajaopen-redirect, bug-bounty, hacking, bug-bounty-tips, security-research05-Apr-2024
IDOR To view other private users profile pictures in un.orghttps://medium.com/@Ajakcybersecurity/idor-to-view-other-private-users-profile-pictures-in-un-org-358e464335e8?source=rss------bug_bounty-5AjakCybersecurityhacking, bug-bounty, cybersecurity, ethical-hacking, penetration-testing05-Apr-2024
Apple’s Bug: From SQLi Suspicions to UI Bug Discoveryhttps://medium.com/@MohaseenK/apples-bug-from-sqli-suspicions-to-ui-bug-discovery-0e71e228b336?source=rss------bug_bounty-5Mohaseenapple, hof, bug-bounty, hackerone, bugcrowd05-Apr-2024
Race Condition Authentication Bypass Leads to Full Account Takeoverhttps://medium.com/@keizobugbounty/race-condition-authentication-bypass-leads-to-full-account-takeover-6b5c9bc0a54d?source=rss------bug_bounty-5Keizocybersecurity, bugbounty-writeup, bug-bounty, bug-bounty-writeup, bug-bounty-tips05-Apr-2024
Don’t Trust the Cache: Exposing Web Cache Poisoning and Deception vulnerabilitieshttps://anasbetis023.medium.com/dont-trust-the-cache-exposing-web-cache-poisoning-and-deception-vulnerabilities-3a829f221f52?source=rss------bug_bounty-5Anas H Hmaidybug-bounty-tips, penetration-testing, cybersecurity, web-security, bug-bounty05-Apr-2024
FB OAuth Misconfigurations to Account Takeoverhttps://medium.com/@hbenja47/fb-oauth-misconfigurations-to-account-takeover-e264a06ae4a0?source=rss------bug_bounty-5Benja (bronxi)hacking, bug-bounty, oauth, infosec05-Apr-2024
UUIDs Unmasked: Exploiting IDOR for User Data Accesshttps://medium.com/@cybersolution2172/uuids-unmasked-exploiting-idor-for-user-data-access-b199e3b08563?source=rss------bug_bounty-5Satyam Singhbug-bounty-tips, owasp, bug-bounty, idor-vulnerability, bug-bounty-writeup05-Apr-2024
14.5 Lab: CSRF with broken Referer validation | 2024https://cyberw1ng.medium.com/14-5-lab-csrf-with-broken-referer-validation-2024-9948aa660023?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, cybersecurity, careers, bug-bounty05-Apr-2024
Beetlebug Android Walkthrough & Basics Android application securityhttps://medium.com/@yousefneuer13/beetlebug-android-walkthrough-basics-android-application-security-c5e0fb9b284b?source=rss------bug_bounty-5Yousef Elsheikhcybersecurity, bug-bounty, android-security, ctf-writeup, ctf-walkthrough05-Apr-2024
One IP led to 4 bugs made the company delete the domainhttps://kalawy.medium.com/one-ip-led-to-4-bugs-made-the-company-delete-the-domain-f28a9e898a8a?source=rss------bug_bounty-5Kalawybug-bounty-tips, bug-bounty, hackerone04-Apr-2024
How to discovery vulnerabilities in your network?https://medium.com/@info_81845/how-to-discovery-vulnerabilities-in-your-network-a6fd140ad4d6?source=rss------bug_bounty-5BugFixingpenetration-testing, penetration-test-company, bug-bounty, hacking, vulnerability-assessment04-Apr-2024
Art of onscrollend | Demonstrating XSS through scroll events write-uphttps://medium.com/@rAmpancist/art-of-onscrollend-demonstrating-xss-through-scroll-events-write-up-d3b33afaaf64?source=rss------bug_bounty-5rAmpancistbug-bounty, bug-bounty-tips, xss-attack, cybersecurity, hacking04-Apr-2024
HTB Academy | CROSS_SITE SCRIPTING (XSS) -https://medium.com/@mazalwebdesign/htb-academy-cross-site-scripting-xss-7dc78e69b100?source=rss------bug_bounty-5Sara Mazal M. | maz4lethical-hacking, htb, htb-academy-writeup, htb-walkthrough, bug-bounty04-Apr-2024
FB OAuth Misconfiguration Leads to Takeover any Accounthttps://sl4x0.medium.com/fb-oauth-misconfiguration-leads-to-takeover-any-account-061316a5b31b?source=rss------bug_bounty-5Abdelrhman Allam (sl4x0)oauth2, account-takeover, bug-bounty, hacking, bug-bounty-tips04-Apr-2024
S3 Bucket Misconfigurationhttps://medium.com/@scorpiankapil/s3-bucket-misconfiguration-64d459abdb71?source=rss------bug_bounty-5Kapil Patelbug-bounty04-Apr-2024
14.4 Lab: CSRF where Referer validation depends on header being present | 2024https://cyberw1ng.medium.com/14-4-lab-csrf-where-referer-validation-depends-on-header-being-present-2024-2db1c7496091?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, cybersecurity, bug-bounty, penetration-testing04-Apr-2024
NFShttps://medium.com/@mirackucuk595/nfs-873d049131b8?source=rss------bug_bounty-5Miraç Küçükfootprinting, bug-bounty, information-gathering, hack-the-box-writeup, nfs-server04-Apr-2024
Escalation of Admin and Supervisor Privileges Enables Organization Takeover and Access to Any…https://medium.com/@elcapitano7x/escalation-of-admin-and-supervisor-privileges-enables-organization-takeover-and-access-to-any-6d1eb82bbe08?source=rss------bug_bounty-5Elcapitanobug-bounty, hacking, idor-vulnerability, bug-bounty-tips, account-takeover04-Apr-2024
Bug Bounty Challenge: Day 10–04/04/2024https://wallotry.medium.com/bug-bounty-challenge-day-10-04-04-2024-d7d40e226af2?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-writeup04-Apr-2024
My methodology to bypass CSRFhttps://medium.com/@0x7irix/my-methodology-to-bypass-csrf-957b4e552ae7?source=rss------bug_bounty-50x7irixcsrf-attack, csrf-token, csrf-bypass, csrf, bug-bounty04-Apr-2024
How I hacked medium and they didn’t pay mehttps://medium.com/@super_burgundy_weasel_439/how-i-hacked-medium-and-they-didnt-pay-me-f6c89cca3af7?source=rss------bug_bounty-5YouGotItCominghacking, bug-bounty, medium, neglect, bugs04-Apr-2024
ShentuChain’s OpenBounty Hackers and Projects Referral Programhttps://shentuchain.medium.com/shentuchains-openbounty-hackers-and-projects-referral-program-29b4b73c20c0?source=rss------bug_bounty-5Shentu Chainbug-bounty, ethical-hacker, cybersecurity, referral-program, web303-Apr-2024
SQLI with extract Huge Data just Got N/Ahttps://medium.com/@nomad8061/sqli-with-extract-huge-data-just-got-n-a-5956c3b5297b?source=rss------bug_bounty-5Ahmed Badrybug-bounty, sqlite, infosec, information-technology, ctf03-Apr-2024
Cracking the Code: XSS Exploits and Their Power in Phishing Warfarehttps://hackerhalt.medium.com/cracking-the-code-xss-exploits-and-their-power-in-phishing-warfare-252d04e9792e?source=rss------bug_bounty-5Hacker Halt Livebugbounty-writeup, phishing, xs, bug-bounty, phishing-attacks03-Apr-2024
Hack ChatGPT, Make Moneyhttps://medium.com/@david.azad.merian/hack-chatgpt-make-money-644bb4a7a529?source=rss------bug_bounty-5David Merianbug-bounty, hacking, cybersecurity, fuzzing, ai03-Apr-2024
How I Secured 50+ Brand & Startups in Shopify Stores | XSS | Responsible Disclosurehttps://prathapilango.medium.com/how-i-secured-50-brand-startups-in-shopify-stores-xss-responsible-disclosure-e38a72cf4a47?source=rss------bug_bounty-5Prathapilangoinfosec, info-sec-writeups, cybersecurity, cross-site-scripting, bug-bounty03-Apr-2024
Bug Bounty Challenge: Day 9–03/04/2024https://wallotry.medium.com/bug-bounty-challenge-day-9-03-04-2024-f7a6303bb674?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-writeup, bug-bounty-hunter, bug-bounty-tips03-Apr-2024
I asked ChatGPT to improve Jason Haddix V4 methodology. Here’s the answer:https://medium.com/@uniicorniumx/i-asked-chatgpt-to-improve-jason-haddix-v4-methodology-heres-the-answer-09de258da623?source=rss------bug_bounty-5• CrazyUnicornhacking, bug-bounty, pentesting, cybersecurity, bug-bounty-tips03-Apr-2024
Smart Fuzzing — Finding bugs like no one else. By Gilson Oliveirahttps://medium.com/@gilsgil/smart-fuzzing-finding-bugs-like-no-one-else-by-gilson-oliveira-d6aa0dbc285b?source=rss------bug_bounty-5Gilson Oliveirabug-bounty-tips, bug-bounty, bug-bounty-writeup03-Apr-2024
Struggling RCE on Jenkins Instancehttps://medium.com/@imusabkhan/struggling-rce-on-jenkins-instance-8851af98b7e6?source=rss------bug_bounty-5Mohammad Musab Khanhacker, bugs, bug-bounty, bug-bounty-tips, remote-code-execution03-Apr-2024
DNShttps://medium.com/@mirackucuk595/dns-4e18aa90b7cf?source=rss------bug_bounty-5Miraç Küçükfootprinting, hack-the-box-writeup, dns, bug-bounty03-Apr-2024
Bir sorgu dizesinde sunucu tarafı parametre kirliliğinden yararlanmahttps://medium.com/@hhuseyinuyar17/bir-sorgu-dizesinde-sunucu-taraf%C4%B1-parametre-kirlili%C4%9Finden-yararlanma-567489eefd65?source=rss------bug_bounty-5Hhuseyinuyarapi, hacking, burpsuite, bug-bounty, parameter03-Apr-2024
14.3 Lab: SameSite Lax bypass via cookie refresh | 2024https://cyberw1ng.medium.com/14-3-lab-samesite-lax-bypass-via-cookie-refresh-2024-4f10021e6ce8?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, cybersecurity, hacking, careers03-Apr-2024
Issues related to privacy (Cybersecurity)https://medium.com/@paritoshblogs/issues-related-to-privacy-cybersecurity-99368bf0bc10?source=rss------bug_bounty-5Paritoshinformation-security, bug-bounty, cybersecurity, information-technology, hacking02-Apr-2024
Welcome pentesters to cooperate with our company!https://medium.com/@alfabit_group/welcome-pentesters-to-cooperate-with-our-company-9cdf42f233bb?source=rss------bug_bounty-5AlfaBit Ecosystemblockchain, alfabit, bug-bounty, ecosystem02-Apr-2024
Unpacking CVE-2024–3094: A Critical Vulnerability in XZ Utilshttps://infosecwriteups.com/unpacking-cve-2024-3094-a-critical-vulnerability-in-xz-utils-c6a8207d7b54?source=rss------bug_bounty-5ElNiakcve, linux, backdoor, cybersecurity, bug-bounty02-Apr-2024
4 Mistakes To Avoid When Doing Bug Bounty — Bug Bounty Tuesdayhttps://medium.com/@kerstan/4-mistakes-to-avoid-when-doing-bug-bounty-bug-bounty-tuesday-fd0df75ca05d?source=rss------bug_bounty-5kerstanhacking, cybersecurity, technology, bug-bounty, security02-Apr-2024
14.2 Lab: SameSite Strict bypass via client-side redirect | 2024https://cyberw1ng.medium.com/14-2-lab-samesite-strict-bypass-via-client-side-redirect-2024-2a5e9b68fc1e?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, penetration-testing, careers, cybersecurity02-Apr-2024
One-click Account Take Overhttps://dynnyd20.medium.com/one-click-account-take-over-e500929656ea?source=rss------bug_bounty-5dynnyd20pentesting, bug-bounty, cybersecurity, information-security, security02-Apr-2024
Bug Bounty Challenge: Day 8–02/04/2024https://wallotry.medium.com/bug-bounty-challenge-day-8-02-04-2024-604382e079ac?source=rss------bug_bounty-5Wallotrybug-bounty-writeup, bug-bounty-hunter, bug-bounty, bug-bounty-tips02-Apr-2024
The Difference Between TCP and HTTP Reverse Connection:https://medium.com/@Hackerinja/the-difference-between-tcp-and-http-reverse-connection-bf13ccd16941?source=rss------bug_bounty-5Hackerinjabug-bounty, penetration-testing, cybersecurity, ethical-hacking02-Apr-2024
How I was able to send emails from anyone to anyonehttps://medium.com/@zeesek/how-i-was-able-to-send-emails-from-anyone-to-anyone-a44c57fd015b?source=rss------bug_bounty-5Muhammad Zeeshanpenetration-testing, bugs, bug-bounty-tips, bug-bounty, pentesting02-Apr-2024
How I Found My First Bug | XSShttps://medium.com/@fariio/how-i-found-my-first-bug-xss-031df71aedbe?source=rss------bug_bounty-5Fariiocybersecurity, bug-bounty-tips, penetration-testing, xss-vulnerability, bug-bounty01-Apr-2024
Bug to fix: Mastering the Life Cycle of Software Defectshttps://medium.com/@hannahanulur/bug-to-fix-mastering-the-life-cycle-of-software-defects-b227292bdb16?source=rss------bug_bounty-5Gulhanim Anulurbug-fixes, defect-management, defect-detection, bug-bounty, bugs01-Apr-2024
How to start Bug Bounty Hunting $$$$ in 2024?? | A short RoadMaphttps://infosecwriteups.com/how-to-start-bug-bounty-hunting-in-2024-a-short-roadmap-9f9eeddd24ca?source=rss------bug_bounty-57h3h4ckv157money, hacking, bug-bounty, ethical-hacking, infosec01-Apr-2024
IOS Pentesting Lab Setuphttps://hackerassociate.medium.com/ios-pentesting-lab-setup-516ec567b424?source=rss------bug_bounty-5Harshad Shahcybersecurity, penetration-testing, infosec, hacking, bug-bounty01-Apr-2024
Certified Bug Bounty Hunter: Should you go for Broke, or take a Junior Level Certification Firsthttps://medium.com/@codewidthme/certified-bug-bounty-hunter-should-you-go-for-broke-or-take-a-junior-level-certification-first-a905c105f9a2?source=rss------bug_bounty-5codewidthmehacking, bug-bounty, penetration-testing, certification, hackthebox01-Apr-2024
I will alter and update your websitehttps://medium.com/@fiverrtopfreelancer/i-will-alter-and-update-your-website-438eeb9bcde8?source=rss------bug_bounty-5Fiverr Top Freelancerhtml, website-design, bug-fixes, bug-bounty, css01-Apr-2024
Broken Application Logic Bug Doesn’t Validate Email, leading to DOShttps://medium.com/@saitle74/broken-application-logic-bug-doesnt-validate-email-leading-to-dos-d5ff73e752b4?source=rss------bug_bounty-5Saitleopbug-bounty, infosec-write-ups, cybersecurity, python, infosec01-Apr-2024
“Configuring Apache Web Server on CentOS 7”https://medium.com/@shaikhalshifa210/configuring-apache-web-server-on-centos-7-ed10245f2a4d?source=rss------bug_bounty-5Alshifa Shaikhserver-configuration, bug-bounty, machine-learning, penetration-testing, cybersecurity01-Apr-2024
How to set up Caido for Bug Bounty or Web Application Penetration?https://medium.com/@bytescheck0/how-to-set-up-caido-for-bug-bounty-or-web-application-penetration-a74729d31dca?source=rss------bug_bounty-5Bytescheckcybersecurity, penetration-testing, bug-bounty, technology01-Apr-2024
XSS Vulnerability in a Technical Assessment Application: Lessons Learned and Security Measureshttps://interc3pt3r.medium.com/xss-vulnerability-in-a-technical-assessment-application-lessons-learned-and-security-measures-9321ee4c7639?source=rss------bug_bounty-5Aneesha Dbug-bounty, cybersecurity, hacker, hacking, penetration-testing01-Apr-2024
How I Was Able To Find My First VALID XSShttps://medium.com/@harshsolanki2810/how-i-was-able-to-find-my-first-valid-xss-b1b8bd727b6a?source=rss------bug_bounty-5Dart0xxbug-bounty, cybersecurity, bug-bounty-writeup, bug-hunting01-Apr-2024
Mastering CSRF: A Comprehensive Guide to Finding Cross-site Request Forgery Vulnerabilities | 2024https://cyberw1ng.medium.com/mastering-csrf-a-comprehensive-guide-to-finding-cross-site-request-forgery-vulnerabilities-2024-8d1d13d83547?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, penetration-testing, hacking, careers01-Apr-2024
Subdomain Takeovers (Subdomain Devralma)https://medium.com/@mirackucuk595/subdomain-takeovers-subdomain-devralma-2ffa999c123b?source=rss------bug_bounty-5Miraç Küçükbug-bounty, domain-names, subdomain, hackerone01-Apr-2024
Bug Bounty Challenge: Updatehttps://wallotry.medium.com/bug-bounty-challenge-update-ebd1fa31426c?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup01-Apr-2024
How I Was Able To Find My First VALID XSShttps://medium.com/@0xdartx/how-i-was-able-to-find-my-first-valid-xss-b1b8bd727b6a?source=rss------bug_bounty-5Dart0xxbug-bounty, cybersecurity, bug-bounty-writeup, bug-hunting01-Apr-2024
Can I learn bug bounty for free?https://bevijaygupta.medium.com/can-i-learn-bug-bounty-for-free-59d71024ee15?source=rss------bug_bounty-5Vijay Guptabugs, bug-zero, bug-bounty-tips, bug-bounty, bug-fixes31-Mar-2024
Fake Tinder Account Verified By Bypassing Face Authenticationhttps://medium.com/@Ajakcybersecurity/fake-tinder-account-verified-by-bypassing-face-authentication-4b7c14e35c29?source=rss------bug_bounty-5AjakCybersecurityhacking, ethical-hacking, bug-bounty, blog, tinder31-Mar-2024
Swaggerdə qarşılaşdığım hücum vektorları ($$$)https://memmedrehimzade.medium.com/swaggerd%C9%99-qar%C5%9F%C4%B1la%C5%9Fd%C4%B1%C4%9F%C4%B1m-h%C3%BCcum-vektorlar%C4%B1-f3659eeccac5?source=rss------bug_bounty-5memmed rehimzadeswagger, cybersecurity, kibertəhlükəsizlik, bug-bounty31-Mar-2024
Understanding and Mitigating CVE-2024–3094https://medium.com/@mrblackstar26/understanding-and-mitigating-cve-2024-3094-2b8572d9e921?source=rss------bug_bounty-5Uday Patelinfosec, hacking, bug-bounty, penetration-testing, cybersecurity31-Mar-2024
Installation DVWA In Windows 10 Using XAMPPhttps://bevijaygupta.medium.com/installation-dvwa-in-windows-10-using-xampp-d6246279a10e?source=rss------bug_bounty-5Vijay Guptaxampp, dvwa, hacking, install-dvwa, bug-bounty31-Mar-2024
What is the future of bug bounty?https://bevijaygupta.medium.com/what-is-the-future-of-bug-bounty-696f0a894130?source=rss------bug_bounty-5Vijay Guptabug-bounty, bug-zero, bugs, future-technology, future31-Mar-2024
13.26 Lab: Stored XSS into onclick event with angle brackets and double quotes HTML-encoded and…https://cyberw1ng.medium.com/13-26-lab-stored-xss-into-onclick-event-with-angle-brackets-and-double-quotes-html-encoded-and-4bde1cc39671?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-test, hacking, cybersecurity, careers31-Mar-2024
Shield your System — XZ Utils Backdoor (Linux Distribution)https://infosecwriteups.com/shield-your-system-xz-utils-backdoor-linux-distribution-54583b071ccc?source=rss------bug_bounty-5Ethical Kapslinux, cybersecurity, vulnerability, hacking, bug-bounty31-Mar-2024
“Unveiling a Stored XSS Vulnerability: Example.com Under the Spotlight”https://medium.com/@mdnafeed3/unveiling-a-stored-xss-vulnerability-example-com-under-the-spotlight-37d0895cebca?source=rss------bug_bounty-5H4cker-Nafeedbug-bounty, cybersecurity31-Mar-2024
#ERROR!https://medium.com/@mdnafeed3/unveiling-a-stored-xss-vulnerability-example-com-under-the-spotlight-37d0895cebca?source=rss------bug_bounty-5H4cker-Nafeedbug-bounty, cybersecurity31-Mar-2024
Best bug hunting methodology for EZ moneyhttps://medium.com/@tom.sh/best-bug-hunting-methodology-for-ez-money-58b7fe928e6f?source=rss------bug_bounty-5Tomhacking, money, bpp, methodology, bug-bounty30-Mar-2024
Advertisers able to identify individual consumers who visited their ads (Microsoft bug bounty)https://medium.com/@avig2009/advertisers-able-to-identify-individual-consumers-who-visited-their-ads-microsoft-bug-bounty-a8bcb2d727f2?source=rss------bug_bounty-5hatich_hackermicrosoft, privacy, bug-bounty30-Mar-2024
13.25 Lab: Reflected XSS in canonical link tag | 2024https://cyberw1ng.medium.com/13-25-lab-reflected-xss-in-canonical-link-tag-2024-c4478a82b466?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, hacking, careers30-Mar-2024
A Journey into Unusual Header Injectionhttps://medium.com/@imusabkhan/a-journey-into-unusual-header-injection-693cc0ddecc6?source=rss------bug_bounty-5Mohammad Musab Khanhackerone, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-hunting30-Mar-2024
Chain of Rate Limit Bypass and Weak Token Expiry Leads To Account Take Overhttps://medium.com/@ozomarzu/chain-of-rate-limit-bypass-and-weak-token-expiry-leads-to-account-take-over-d9cddf598c9c?source=rss------bug_bounty-5CyberOzbug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity, hackerone30-Mar-2024
Email verification Bypass from P4 TO P2https://medium.com/@akrachliy/email-verification-bypass-from-p4-to-p2-50fa3dde8e5f?source=rss------bug_bounty-5Yassine Akrachlihacking, cybersecurity, bug-bounty, ethical-hacking, bugcrowd30-Mar-2024
Web Requesthttps://medium.com/@mirackucuk595/web-request-ea237118e259?source=rss------bug_bounty-5Miraç Küçükhttp-request, curl, https, bug-bounty, webrequest30-Mar-2024
Kioptrix Level 1 Walkthroughhttps://erdemstar.medium.com/kioptrix-level-1-walkthrough-6e985fbd0dc7?source=rss------bug_bounty-5Erdemstaroscp, application-security, bug-bounty-tips, bug-bounty, penetration-testing30-Mar-2024
1200 $ Email verification Bypass from P4 TO P2https://medium.com/@akrachliy/email-verification-bypass-from-p4-to-p2-50fa3dde8e5f?source=rss------bug_bounty-5Yassine Akrachlihacking, cybersecurity, bug-bounty, ethical-hacking, bugcrowd30-Mar-2024
How i found Multiple IDORhttps://medium.com/@hillrane24/how-i-found-multiple-idor-ab52815b375a?source=rss------bug_bounty-5NIKHIL RANEidor-vulnerability, bug-bounty30-Mar-2024
YouTube Growth Hackinghttps://sanparatama.medium.com/youtube-growth-hacking-a94457f04789?source=rss------bug_bounty-5Sanjaya paratamaweb-development, bug-bounty, hacking, hacking-tools, cybersecurity29-Mar-2024
The Future of Internet Security and Artificial Intelligence and Cyber Security Jobshttps://python.plainenglish.io/the-future-of-internet-security-and-artificial-intelligence-and-cyber-security-jobs-528b4c340cf9?source=rss------bug_bounty-5Imran Niazxss-attack, hacking, programming, ai, bug-bounty29-Mar-2024
[Walkthrough] Mobile Hacking Lab — Secure Notehttps://medium.com/@karimul.sh/walkthrough-mobile-hacking-lab-secure-note-eeb4af20e01b?source=rss------bug_bounty-5Md.Karimul Islam Shezanwalkthrough, android-app-security, bug-bounty, reverse-engineering, ctf29-Mar-2024
AutoLayer Bug Bounty Program: Full Information Releasehttps://autolayer.medium.com/autolayer-bug-bounty-program-full-information-release-d5de0bab972e?source=rss------bug_bounty-5AutoLayerdefi, bug-bounty29-Mar-2024
Web Security Short Series — CSRF.https://medium.com/@frankyyano/web-security-short-series-csrf-4cdf6f936773?source=rss------bug_bounty-5Yano.csrf, appsec, owasp, bug-bounty, oscp29-Mar-2024
How to learn Game Hacking? Recourse Compilation!https://medium.com/@yannik603/how-to-learn-game-hacking-recourse-compilation-1c5d2807a7cb?source=rss------bug_bounty-5Yannikreverse-engineering, bug-bounty, malware-analysis, gamehacking, coding29-Mar-2024
Unhiding the hidden 401 Bypasshttps://medium.com/@Xt3sY/unhiding-the-hidden-401-bypass-10f48c67b50d?source=rss------bug_bounty-5Pushkar Bhagatbug-bounty, hacking, bug-bounty-tips29-Mar-2024
13.24 Lab: Reflected XSS with some SVG markup allowed | 2024https://cyberw1ng.medium.com/13-24-lab-reflected-xss-with-some-svg-markup-allowed-2024-78279b906ec2?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, penetration-testing, careers29-Mar-2024
How to learn Game Hacking? Recourse Compilation!https://medium.com/@yannik603/how-to-learn-game-hacking-recourse-compilation-1c5d2807a7cb?source=rss------bug_bounty-5Yannik Castroreverse-engineering, bug-bounty, malware-analysis, gamehacking, coding29-Mar-2024
Yara Rules ✌︎ For Something ☠︎https://medium.com/@haticezkmnl/yara-rules-%EF%B8%8E-for-something-%EF%B8%8E-0164b38e3ddd?source=rss------bug_bounty-5Hatice Zehra Kamanlıcybersecurity, python, security, rules, bug-bounty29-Mar-2024
How to install drozer with dockerhttps://medium.com/@nomad8061/hello-geeks-e8d0f62b22a1?source=rss------bug_bounty-5Ahmed Badrybug-bounty29-Mar-2024
✌︎ Yara Rules ✌︎ For Something ☠︎https://medium.com/@haticezkmnl/yara-rules-%EF%B8%8E-for-something-%EF%B8%8E-0164b38e3ddd?source=rss------bug_bounty-5Hatice Zehra Kamanlıcybersecurity, python, security, rules, bug-bounty29-Mar-2024
13.23 Lab: Reflected XSS into HTML context with most tags and attributes blocked | 2024https://cyberw1ng.medium.com/13-23-lab-reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-2024-63d649c6cc2c?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, hacking, penetration-testing, cybersecurity28-Mar-2024
Bug Bounty Recon At Its Easiest with Netlas.iohttps://medium.com/@omarora1603/bug-bounty-recon-at-its-easiest-with-netlas-io-d313ae0f1c09?source=rss------bug_bounty-5Om Arorainfosec, cybersecurity, bug-bounty, bug-bounty-tips, hacking28-Mar-2024
Bypassing 403 Protection To Get Admin Accesshttps://rajput623929.medium.com/bypassing-403-protection-to-get-admin-access-d7c9d0560e5c?source=rss------bug_bounty-5Mr.Horbio403-forbidden, bug-bounty-tips, cybersecurity, ethical-hacking, bug-bounty28-Mar-2024
How to become a bug bounty hunterhttps://bevijaygupta.medium.com/how-to-become-a-bug-bounty-hunter-c607bb7de595?source=rss------bug_bounty-5Vijay Guptabug-zero, bug-bounty, bugs, bug-bounty-tips, bug-fixes28-Mar-2024
OAuth Hijacking leads to account takeoverhttps://medium.com/@iknowhatodo/oauth-hijacking-leads-to-account-takeover-a051bdb5e9f0?source=rss------bug_bounty-5Hossam Ahmedbug-bounty, oauth28-Mar-2024
How I Hacked Your Private Repository in GitHub (And Got JackShit)https://medium.com/@reuveinas/how-i-hacked-your-private-repository-in-github-and-got-jackshit-cb7c342570b2?source=rss------bug_bounty-5Reuvein Vinokurov (CTO:UNIXi) - https://unixi.io/microsoft, bug-bounty, github, security, cybersecurity28-Mar-2024
How to write a Walkthroughhttps://bevijaygupta.medium.com/how-to-write-a-walkthrough-23eee7f6777c?source=rss------bug_bounty-5Vijay Guptabug-bounty-writeup, bug-bounty-tips, bug-bounty, walkthroughwednesday, walkthrough28-Mar-2024
Unveiling all techniques to find IDOR’S in web applicationshttps://adipsharif.medium.com/unveiling-all-techniques-to-find-idors-in-web-applications-578d2b8aa28a?source=rss------bug_bounty-5ADIPbug-bounty-tips, bug-bounty, pentesting, penetration-testing, bug-bounty-writeup28-Mar-2024
IDOR’a Girişhttps://medium.com/@mirackucuk595/idora-giri%C5%9F-23c22a5ae24f?source=rss------bug_bounty-5Miraç Küçükhack-the-box-writeup, burpsuite, idor-vulnerability, bug-bounty28-Mar-2024
Risks of Software Dependencies AKA Toxic Dependencieshttps://bytebusterx.medium.com/risks-of-software-dependencies-aka-toxic-dependencies-0a38150cf5ce?source=rss------bug_bounty-5ByteBusterXbug-bounty, hacking, infosec, vulnerability, cybersecurity28-Mar-2024
Penetration Testing Toolshttps://bevijaygupta.medium.com/penetration-testing-tools-b4c8ad807114?source=rss------bug_bounty-5Vijay Guptapenetration-testing-tools, pentesting, hacking, bug-bounty, penetration-testing28-Mar-2024
Stargazing Risks: Exploring the Data Breach that Exposed NASA Employees’ PIIhttps://interc3pt3r.medium.com/stargazing-risks-exploring-the-data-breach-that-exposed-nasa-employees-pii-68692cf7a5e9?source=rss------bug_bounty-5Aneesha Dbug-bounty-writeup, cybersecurity, hacking, security, bug-bounty28-Mar-2024
Finding Bug DMRC Reflected Xss and HTML Injectionhttps://medium.com/@abhishekaswal777/finding-bug-dmrc-reflected-xss-and-html-injection-fe4361a1db60?source=rss------bug_bounty-5Abhishekaswalbugs, poc, bug-bounty, bug-bounty-tips, hackerone28-Mar-2024
Annonforce — Tryhackme Walkthrough Easy Self-madehttps://medium.com/@shaswata.ssaha/annonforce-tryhackme-walkthrough-easy-self-made-f45c3a6f3e96?source=rss------bug_bounty-5Shaswata Sahatryhackme, security, anonforce, bug-bounty, ctf28-Mar-2024
Polyglot Files: The Cybersecurity Chameleon Threathttps://infosecwriteups.com/polyglot-files-the-cybersecurity-chameleon-threat-29890e382b59?source=rss------bug_bounty-5ElNiakpolyglot, cybersecurity, obfuscation, bug-bounty, penetration-testing27-Mar-2024
Hackerone提现人民币https://medium.com/@dem0ns/hackerone%E6%8F%90%E7%8E%B0%E4%BA%BA%E6%B0%91%E5%B8%81-a3e907fefce1?source=rss------bug_bounty-5猫猫虫hackerone, bug-bounty, 外汇27-Mar-2024
Mistakes To Avoid in Your Bug Bounty Career- Part 2https://medium.com/@Ajakcybersecurity/mistakes-to-avoid-in-your-bug-bounty-career-part-2-9da1c77788ea?source=rss------bug_bounty-5AjakCybersecurityhacking, bug-bounty, penetration-testing, blog, cybersecurity27-Mar-2024
13.22 Lab: Stored DOM XSS | 2024https://cyberw1ng.medium.com/13-22-lab-stored-dom-xss-2024-344ec753599a?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, penetration-testing, hacking, careers27-Mar-2024
HACKING WORDPRESShttps://medium.com/@mirackucuk595/hacking-wordpress-ac9ee6447045?source=rss------bug_bounty-5Miraç Küçükwpscan, wordpress-hacked, hack-the-box-writeup, hacking, bug-bounty27-Mar-2024
SSLStrippinghttps://bytebusterx.medium.com/sslstripping-e81dc95d6fab?source=rss------bug_bounty-5ByteBusterXinfosec, cybersecurity, vulnerability, hacking, bug-bounty27-Mar-2024
HTTP Verb Tampering 101 in Web Applications (Identify Exploit Prevention)https://adipsharif.medium.com/http-verb-tampering-101-in-web-applications-identify-exploit-prevention-3389258b6b93?source=rss------bug_bounty-5ADIPinfosec, penetration-testing, bug-bounty, pentesting, information-security27-Mar-2024
Hacking the Giant: Got XSS on Google’s Producthttps://adipsharif.medium.com/got-xss-on-googles-product-a4c79be8adbb?source=rss------bug_bounty-5ADIPinfosec, information-security, pentesting, bug-bounty, penetration-testing27-Mar-2024
Bug Bounty Isn’t A Scam Here’s Whyhttps://medium.com/@benbencsik/bug-bounty-isnt-a-scam-here-s-why-751547bd8531?source=rss------bug_bounty-5Ben Bencsikbug-bounty, computers, infosec, cybersecurity, technology27-Mar-2024
Hacking the Giant: XSS on Googlehttps://adipsharif.medium.com/got-xss-on-googles-product-a4c79be8adbb?source=rss------bug_bounty-5ADIPinfosec, information-security, pentesting, bug-bounty, penetration-testing27-Mar-2024
Fristileaks 1.3 Walkthroughhttps://erdemstar.medium.com/fristileaks-1-3-walkthrough-a6b962385752?source=rss------bug_bounty-5Erdemstaroscp, vulnhub-walkthrough, penetration-testing, bug-bounty, oscp-preparation27-Mar-2024
Web Application Hacking Required Readinghttps://hogarth45.medium.com/web-application-hacking-required-reading-0d2f046db191?source=rss------bug_bounty-5Jessbug-bounty, web-development, security27-Mar-2024
Why am I starting to hate Bug Bounty?https://systemweakness.com/why-am-i-starting-to-hate-bug-bounty-1f075fc96978?source=rss------bug_bounty-5Imad Husanovichacking, cybersecurity, programming, bug-bounty, bug-bounty-tips27-Mar-2024
Bug Bounty Isn’t A Scam Here’s Whyhttps://medium.com/@detroiton421094/bug-bounty-isnt-a-scam-here-s-why-751547bd8531?source=rss------bug_bounty-5Ben Bencsikbug-bounty, computers, infosec, cybersecurity, technology27-Mar-2024
RXSS Vulnerability in Less Than 10 Minutes on India’s Premier Travel Sitehttps://medium.com/@nilkhant30/rxss-vulnerability-in-less-than-10-minutes-on-indias-premier-travel-site-5b15ebb91d17?source=rss------bug_bounty-5I AM Rajabug-bounty, cybersecurity, cyber-security-awareness, hacking, xss-vulnerability26-Mar-2024
This skill is called ‘Early…’ in Software Testinghttps://medium.com/software-testing-and-automation/this-skill-is-called-early-in-software-testing-75cd641bfa93?source=rss------bug_bounty-5Temitopesoftware-testing, quality-assurance, communication, bug-bounty, software-development26-Mar-2024
HackGATE: Bug Bounty Program on steroidshttps://medium.com/@levente.b.molnar/hackgate-bug-bounty-program-on-steroids-cef50ae2f759?source=rss------bug_bounty-5Hackratehacking, ethical-hacking, cybersecurity, bug-bounty, penetration-testing26-Mar-2024
Exploring Cybersecurity with ZoomEye: A Review of the Premium Lifetime Membershiphttps://medium.com/@kenilalexandra07/exploring-cybersecurity-with-zoomeye-a-review-of-the-premium-lifetime-membership-f301a474bf88?source=rss------bug_bounty-5Kenilalexandrabug-bounty, shodan, bugbounting, zoomeye, security26-Mar-2024
How To Use AI And Nuclei To Make Money While You Sleep — Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-to-use-ai-and-nuclei-to-make-money-while-you-sleep-bug-bounty-tuesday-4d9e584e6553?source=rss------bug_bounty-5kerstanhacking, security, cybersecurity, bug-bounty, technology26-Mar-2024
13.21 Lab: Reflected DOM XSS | 2024https://cyberw1ng.medium.com/13-21-lab-reflected-dom-xss-2024-78cacc8fa1e7?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, bug-bounty, penetration-testing, careers26-Mar-2024
Bug Bounty Programs for Beginnershttps://bevijaygupta.medium.com/bug-bounty-programs-for-beginners-fccc755957d9?source=rss------bug_bounty-5Vijay Guptacybersecurity, bug-bounty-hunter, bug-bounty, bugbounty-writeup, bug-bounty-tips26-Mar-2024
Account takeover through password reset functionalityhttps://rewscel.medium.com/account-takeover-through-password-reset-functionality-af07636db302?source=rss------bug_bounty-5rewscelbug-bounty26-Mar-2024
FFUF İLE WEB UYGULAMALARINA SALDIRMAKhttps://medium.com/@mirackucuk595/ffuf-i%CC%87le-web-uygulamalarina-saldirmak-89805e47e145?source=rss------bug_bounty-5Miraç Küçüksubdomain, bug-bounty, ffuf, brute-force, hack-the-box-writeup26-Mar-2024
What is Cross-Site Scripting (XSS)?https://medium.com/@bbhuntersa/cross-site-scripting-xss-b5d374fa6e43?source=rss------bug_bounty-5BBHUNTERxss-vulnerability, cross-site-scripting, bug-bounty, xss-attack26-Mar-2024
Exploiting Post Reflected XSS via CSRF : Real world bughttps://medium.com/@Rahulkrishnan_R_Panicker/exploiting-post-reflected-xss-via-csrf-real-world-bug-f374afeb081e?source=rss------bug_bounty-5Rahulkrishnan R Panickerxss-attack, hacking, bug-bounty, csrf, web-development25-Mar-2024
Zero Interaction Mass Account Password Reset Vulnerabilityhttps://medium.com/@manan_sanghvi/zero-interaction-mass-account-password-reset-vulnerability-86b87098e3ae?source=rss------bug_bounty-5Manan Sanghvipenetration-testing, ethical-hacking, bug-bounty, vulnerability, cybersecurity25-Mar-2024
XSS module HTB academy CBBH pathhttps://medium.com/@mohammed01550038865/xss-module-htb-academy-cbbh-path-dc3ac4810087?source=rss------bug_bounty-5Muhammed Mubarakbug-bounty, htb-academy-writeup, xss-vulnerability25-Mar-2024
Reverse Engineering Sitecore Vulnerabilities-2https://medium.com/@nilayp799/reverse-engineering-sitecore-vulnerabilities-2-dcf45a501894?source=rss------bug_bounty-5Nilay Patelsitecore, vulnerability, bug-bounty, automation, hacking25-Mar-2024
13.20 Lab: DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encoded |…https://cyberw1ng.medium.com/13-20-lab-dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-7966911c58f4?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, hacking, bug-bounty, penetration-testing25-Mar-2024
Burp Suite — ¿Confiar o no en Project Files?https://medium.com/@ArtsSEC/burp-suite-confiar-o-no-en-project-files-de5fa145f4a5?source=rss------bug_bounty-5ArtsSEChacking, burpsuite, infosec, pentesting, bug-bounty25-Mar-2024
COMMAND INJECTIONShttps://medium.com/@mirackucuk595/command-injections-9ef2aef0fa97?source=rss------bug_bounty-5Miraç Küçükcommand-injection, bug-bounty, hackthebox, burpsuite, injection25-Mar-2024
Unveiling Homoglyph: Silent Culprit of User-Level DOS Attackshttps://medium.com/@imusabkhan/unveiling-homoglyph-silent-culprit-of-user-level-dos-attacks-86a0576bca3a?source=rss------bug_bounty-5Mohammad Musab Khanbug-hunting, hackerone, bug-bounty, bugcrowd, bug-bounty-tips25-Mar-2024
[Account Take Over] through reset password token leaked in response, 2500 € Rewardhttps://infosecwriteups.com/account-take-over-through-reset-password-token-leaked-in-response-2500-reward-b643f97a7c67?source=rss------bug_bounty-5jedus0rbug-bounty-hunter, security-research, bug-bounty-tips, bug-bounty, bug-bounty-writeup25-Mar-2024
How I found Account Takeover by changing email addresshttps://medium.com/@mohddanish9536/how-i-found-account-takeover-by-changing-email-address-b0dc213e2df3?source=rss------bug_bounty-5Mohd Danishbug-bounty, cybersecurity, bugs24-Mar-2024
13.19 Lab: DOM XSS in document.writehttps://cyberw1ng.medium.com/13-19-lab-dom-xss-in-document-write-dddced06def8?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, careers, hacking24-Mar-2024
HTTP Verb Tamperinghttps://medium.com/@mirackucuk595/http-verb-tampering-4505d6491c95?source=rss------bug_bounty-5Miraç Küçükweb-attack, http-request, command-injection, bug-bounty, burpsuite24-Mar-2024
How to get started in Bug Bounty in 2024!https://medium.com/@FoxxCB/how-to-get-started-in-bug-bounty-in-2024-708754094de9?source=rss------bug_bounty-5Foxx C-Bhacking, infosec, bug-bounty, cybersecurity, ethical-hacking24-Mar-2024
Cloudflare WAF Huntinghttps://medium.com/@Device1306/cloudflare-waf-hunting-e878588488c8?source=rss------bug_bounty-5Device1306research, bug-bounty-tips, hacking, burpsuite, bug-bounty24-Mar-2024
Cookie Theft Deep Divehttps://cyberbull.medium.com/cookie-theft-deep-dive-3fe6d6be2d60?source=rss------bug_bounty-5Aditya Pandeybug-bounty, information-technology, ethical-hacking, security, cybersecurity23-Mar-2024
A list of Bug Bounty/Crowdsourced Security Platforms:https://medium.com/@mashunter/a-list-of-bug-bounty-crowdsourced-security-platforms-15ecd2ab6d4a?source=rss------bug_bounty-5MAS Hunterbug-bounty-program, bug-bounty, hacker, pentest23-Mar-2024
Hacking the Giant: How I Discovered Google’s Vulnerability and Hall of Fame Recognitionhttps://medium.com/@hncaga/hacking-the-giant-how-i-discovered-googles-vulnerability-and-hall-of-fame-recognition-694a9c18684a?source=rss------bug_bounty-5Henry N. Caga (hncaga)bug-bounty, vulnerability, google, xs, hacking23-Mar-2024
hellohttps://medium.com/@r.paulopereira123/hello-80ea07cbc757?source=rss------bug_bounty-5bretsadleahacking, ethical-hacking, bug-hunter, bug-bounty23-Mar-2024
Edge-Side Includes (ESI) Injection In Web Applicationshttps://adipsharif.medium.com/edge-side-includes-esi-injection-in-web-applications-2630139b6c19?source=rss------bug_bounty-5ADIPpentesting, bug-bounty-tips, infosec, information-security, bug-bounty23-Mar-2024
SSI Injection In web applications with a (exploitation example)https://adipsharif.medium.com/techniques-of-finding-ssi-injection-in-web-applications-with-a-exploitation-example-cad960f3d791?source=rss------bug_bounty-5ADIPbug-bounty-tips, penetration-testing, information-security, bug-bounty, infosec23-Mar-2024
Beyond RAM and ROM: IDOR Leads to Unauthenticated File Upload Vulnerability in Indian Government…https://systemweakness.com/beyond-ram-and-rom-idor-leads-to-unauthenticated-file-upload-vulnerability-in-indian-government-51efb80bcf50?source=rss------bug_bounty-5Vedavyasan S (@ved4vyasan)bug-bounty, bug-bounty-tips, hacking, cybersecurity, bugs23-Mar-2024
1500$: CR/LF Injectionhttps://medium.com/@a13h1/1500-cr-lf-injection-0d2a75f02ef3?source=rss------bug_bounty-5Abhi Sharmaprogramming, hacking, cybersecurity, bug-bounty, crlf-injection23-Mar-2024
Web Security Short Series — XXEhttps://medium.com/@frankyyano/web-security-short-series-xxe-64492ed1d893?source=rss------bug_bounty-5Yano.xxe, bug-bounty, xml, oscp, appsec23-Mar-2024
TEXAS BUG SWEEPS 65,000 BUGS DETECTEDhttps://medium.com/@siddiquiasad2299/texas-bug-sweeps-65-000-bugs-detected-a00ae73014b6?source=rss------bug_bounty-5Asad Siddiquitexas-bug-sweeps, bug-sweep, bug-bounty, bug-detection23-Mar-2024
How i get my bounty $$$ in YesWehack within 5mins?https://medium.com/@hacdoc/how-i-get-my-bounty-in-yeswehack-within-5mins-16706bb827e0?source=rss------bug_bounty-5ஜெய்hacking, cybersecurity, s3, bug-bounty, amazon23-Mar-2024
How we can check the Security Provider in Android applications during Pentesting (The Offensive…https://adipsharif.medium.com/how-we-can-check-the-security-provider-in-android-applications-during-pentesting-the-offensive-87c411c5d7ac?source=rss------bug_bounty-5ADIPpentesting, android-app-development, androiddev, android, bug-bounty23-Mar-2024
13.18 Lab: DOM XSS in jQuery selector sink using a hashchange event | 2024https://cyberw1ng.medium.com/13-18-lab-dom-xss-in-jquery-selector-sink-using-a-hashchange-event-2024-e990fc2ae28f?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, cybersecurity, penetration-testing, bug-bounty23-Mar-2024
How To Test Data Encryption on the Network During Android Pentestinghttps://adipsharif.medium.com/how-to-test-data-encryption-on-the-network-during-android-pentesting-0b9d3407068f?source=rss------bug_bounty-5ADIPinfosec-write-ups, info-sec-writeups, pentesting, information-security, bug-bounty23-Mar-2024
Attacking XSLT in Web Applicationshttps://adipsharif.medium.com/attacking-xslt-in-web-applications-ea538a8fb9d0?source=rss------bug_bounty-5ADIPpentesting, information-security, bug-bounty-writeup, bug-bounty, infosec23-Mar-2024
SSTI Exploitation Part III In Web Applications (with exploitation example)https://adipsharif.medium.com/ssti-exploitation-part-iii-in-web-applications-with-exploitation-example-6856b89b0efb?source=rss------bug_bounty-5ADIPpenetration-testing, infosec, bug-bounty-tips, information-security, bug-bounty23-Mar-2024
FILE UPLOAD ATTACKShttps://medium.com/@mirackucuk595/file-upload-attacks-e5175a653d32?source=rss------bug_bounty-5Miraç Küçükweb-attack, file-upload, bug-bounty, https, burpsuite23-Mar-2024
SSTI Exploitation Part II In Web Applications (with exploitation example)https://adipsharif.medium.com/ssti-exploitation-part-ii-in-web-applications-with-exploitation-example-490192e7e966?source=rss------bug_bounty-5ADIPinformation-security, pentesting, penetration-testing, bug-bounty, infosec23-Mar-2024
Bruteforce Website Login Form Using Hydra And Crunchhttps://medium.com/@OthmaneAitBouftass/bruteforce-attack-using-hydra-and-crunch-8b48ea9e36ce?source=rss------bug_bounty-5Othmane Ait Bouftasscybersecurity, bug-bounty, penetration-testing, hacking, ethical-hacking23-Mar-2024
Making money only using AI [Free Course]https://medium.com/@deadoverflow/making-money-only-using-ai-free-course-e7c51d33fee1?source=rss------bug_bounty-5Imad Husanovicweb-development, hacking, ai, bug-bounty, programming22-Mar-2024
Unveiling Admin Panels: A Bug Bounty Hunter’s Guidehttps://medium.com/@dasmanish6176/unveiling-admin-panels-a-bug-bounty-hunters-guide-6e713ae18b2c?source=rss------bug_bounty-5Dasmanishbug-bounty, infosec, ethical-hacking, cybersecurity22-Mar-2024
13.17 Lab: Stored XSS into anchor href attribute with double quotes HTML-encoded | 2024https://cyberw1ng.medium.com/13-17-lab-stored-xss-into-anchor-href-attribute-with-double-quotes-html-encoded-2024-ebbe53b33015?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, hacking, penetration-testing, cybersecurity22-Mar-2024
AutoLayer is Starting a Bug Bounty Programhttps://autolayer.medium.com/autolayer-is-starting-a-bug-bounty-program-dfb59584a0ee?source=rss------bug_bounty-5AutoLayercrypto, defi, bug-bounty22-Mar-2024
Unveiling The Techniques Of Finding Blind & Time based SSRF In Web Applications (with a…https://adipsharif.medium.com/unveiling-the-techniques-of-finding-blind-ssrf-in-web-applications-with-a-exploitation-example-9e36a78ccca6?source=rss------bug_bounty-5ADIPbug-bounty-tips, bug-bounty, information-security, pentesting, penetration-testing22-Mar-2024
5 Advanced Ways I Test For File Upload Vulnerabilitieshttps://medium.com/@red.whisperer/5-advanced-ways-i-test-for-file-upload-vulnerabilities-5b01358f87d1?source=rss------bug_bounty-5RedPandabug-bounty, infosec, red-team, hacking22-Mar-2024
Understanding Subdomain Squattinghttps://bytebusterx.medium.com/understanding-subdomain-squatting-9d61f8c432fc?source=rss------bug_bounty-5ByteBusterXhacking, infosec, cybersecurity, bug-bounty, cyberattack22-Mar-2024
How i found my first 318.39$ bugs!https://cyberbh.medium.com/how-i-found-my-first-318-39-bugs-10ccd2379320?source=rss------bug_bounty-5Msecurity BHbug-bounty, information-exposure, penetration-testing, security-misconfiguration, api22-Mar-2024
Unveiling The Techniques Of Testing Endpoint Identify Verification In Android Applicationshttps://adipsharif.medium.com/unveiling-the-techniques-of-testing-endpoint-identify-verification-in-android-applications-2a8186091296?source=rss------bug_bounty-5ADIPinformation-security, bug-bounty, android-app-development, penetration-testing, pentesting22-Mar-2024
ABUSING HTTP MISCONFIGURATIONS (HTTP YANLIŞ YAPILANDIRMALARININ KÖTÜYE KULLANILMASI)https://medium.com/@mirackucuk595/abusing-http-misconfigurations-http-yanli%C5%9F-yapilandirmalarinin-k%C3%B6t%C3%BCye-kullanilmasi-2ebbf38b2622?source=rss------bug_bounty-5Miraç Küçükhttps, burpsuite, bug-bounty, web-attack, http-request22-Mar-2024
Javascript deobfuscation the easy wayhttps://medium.com/@jad2121/javascript-deobfuscation-the-easy-way-637d7e9b2952?source=rss------bug_bounty-5JDbug-bounty, bug-bounty-tips, javascript-obfuscate22-Mar-2024
Unveiling the One-Click Account Takeover: It Started with an Innocent Open Redirecthttps://medium.com/@hmuhamm3d/unveiling-the-one-click-account-takeover-it-started-with-an-innocent-open-redirect-9f4942ddf03f?source=rss------bug_bounty-5Hassaan Mohamedbug-bounty, bug-bounty-hunter, account-takeover, bugbounty-writeup, bug-bounty-tips22-Mar-2024
Critical Vulnerability in PostgreSQL JDBC Driver — Understanding CVE-2024–1597https://shubhamrooter.medium.com/critical-vulnerability-in-postgresql-jdbc-driver-understanding-cve-2024-1597-81ac202c295e?source=rss------bug_bounty-5Shubham Tiwaribug-bounty, cybersecurity, jdbc-driver, postgresql, cve-2024-159721-Mar-2024
Digital Goldmine: Innovative Ways to Make Money Online in 2024https://medium.com/@thewriterdude/digital-goldmine-innovative-ways-to-make-money-online-in-2024-c7d33d655535?source=rss------bug_bounty-5Thewriterdudebusiness, bug-bounty, artificial-intelligence, 100-followers, blockchain21-Mar-2024
User information disclosure via message reactionshttps://melguerdawi.medium.com/user-information-disclosure-via-message-reactions-1576a6b0f236?source=rss------bug_bounty-5Mostafa Elguerdawibug-bounty, bug-bounty-tips21-Mar-2024
Major Update for Attack Surface Discovery toolhttps://netlas.medium.com/major-update-for-attack-surface-discovery-tool-4ed4f1bc80fb?source=rss------bug_bounty-5Netlas.iobug-bounty, penetration-testing, cybersecurity, reconnaissance, osint21-Mar-2024
Vulnerability Disclosure vs Bug Bounty: What’s the difference and why it mattershttps://medium.com/@levente.b.molnar/vulnerability-disclosure-vs-bug-bounty-whats-the-difference-and-why-it-matters-ce99be906b1c?source=rss------bug_bounty-5Hackratebug-bounty, security, vulnerability-disclosure, cybersecurity, penetration-testing21-Mar-2024
Best Practices for Web3 Bug Bounty Programshttps://medium.com/@auditone.io/best-practices-for-web3-bug-bounty-programs-e333992aee9f?source=rss------bug_bounty-5AuditOneauditing-services, web3, bug-bounty-tips, bug-bounty, audit21-Mar-2024
Unveiling The Techniques Of Finding Server-Side Request Forgery (SSRF) In Web Applications (with a…https://adipsharif.medium.com/unveiling-the-techniques-of-finding-server-side-request-forgery-ssrf-in-web-applications-with-a-2ac1dd20ef87?source=rss------bug_bounty-5ADIPpentesting, bug-bounty, information-security, bug-bounty-tips, cybersecurity21-Mar-2024
urit13.16 Lab: DOM XSS in jQuery anchor href attribute sink using location.search source | 2024https://cyberw1ng.medium.com/urit13-16-lab-dom-xss-in-jquery-anchor-href-attribute-sink-using-location-search-source-2024-8f8df8703aef?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, cybersecurity, hacking, penetration-testing21-Mar-2024
Buy Any Movie Tickets for Just Rs 10 (IDOR Vulnerability)https://medium.com/@sahilkushwaha275/buy-any-movie-tickets-for-just-rs-10-idor-vulnerability-670d03a45def?source=rss------bug_bounty-5S33NUbugs, idor-vulnerability, bug-bounty, technology, cybersecurity21-Mar-2024
How I found my first DOM based XSShttps://medium.com/@jsamia/how-i-found-my-first-dom-based-xss-a79f342d50d6?source=rss------bug_bounty-5Jaeden Samiabug-bounty, ethical-hacking, security, vulnerability21-Mar-2024
Automate XSS With These 3 Simple Toolshttps://medium.com/@Ajakcybersecurity/automate-xss-with-these-3-simple-tools-e0dcc89c06d0?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, cybersecurity, hacking, bug-bounty, xss-attack21-Mar-2024
Frida Use Cases and Exampleshttps://medium.com/@prinsharma1999/frida-use-cases-and-examples-984f9a2ddc69?source=rss------bug_bounty-5Prinsharmabug-bounty, bug-bounty-tips, hacking, pentest, infosec21-Mar-2024
403 Forbidden Bypass Exposing API Keyhttps://medium.com/@georgeppmc/403-forbidden-bypass-exposing-api-key-b5c9df9daeb3?source=rss------bug_bounty-5George Torrescybersecurity, bug-bounty21-Mar-2024
A Tester's Journey Through Test Automation and Practical Scenarios.https://medium.com/@tomiwaodufote/a-testers-journey-through-test-automation-and-practical-scenarios-dfb9f7074062?source=rss------bug_bounty-5Tomiwaremote-work, test-automation, bug-bounty, testing, software-engineering20-Mar-2024
Reflected XSS To Account Takeover Without Stealing Session Cookiehttps://medium.com/@rifqihz/reflected-xss-to-account-takeover-without-stealing-session-cookie-89c6ed62a3e4?source=rss------bug_bounty-5Rifqi Hilmy Zhafrantxs, hackerone, bug-bounty20-Mar-2024
ABUSING HTTP MISCONFIGURATIONS (HTTP YANLIŞ YAPILANDIRMALARININ KÖTÜYE KULLANILMASI)https://medium.com/@mirackucuk595/abusing-http-misconfigurations-http-yanli%C5%9F-yapilandirmalarinin-k%C3%B6t%C3%BCye-kullanilmasi-428333a3ddc6?source=rss------bug_bounty-5Miraç Küçükburpsuite, web-attack, https, bug-bounty, web-cache20-Mar-2024
The Art of Debugging: Tips and Tricks for Finding the Root Cause of Bugshttps://medium.com/@securelearn/the-art-of-debugging-tips-and-tricks-for-finding-the-root-cause-of-bugs-c1d9e4b9e04a?source=rss------bug_bounty-5Rohan Giridebugging, bug-finding, bug-bounty-tips, bug-bounty20-Mar-2024
H@ppy H@cking Psychomonghttps://medium.com/@psychomong/h-ppy-h-cking-psychomong-335f9049aca9?source=rss------bug_bounty-5psychomongcyber, cybersecurity, bug-bounty-tips, bug-bounty, bugs20-Mar-2024
Recon With AIhttps://medium.com/@patidarbhuwan44/recon-with-ai-c211623604e8?source=rss------bug_bounty-5Bhuwan Patidarbug-bounty, recon, reconnaissance, bug-bounty-tips20-Mar-2024
Reflected XSS with some SVG markup allowedhttps://medium.com/@ebrahimelsayed4457/reflected-xss-with-some-svg-markup-allowed-74851ff591d5?source=rss------bug_bounty-5Ebrahim El-Sayedcybersecurity, bug-bounty, portswigger, xss-attack, penetration-testing20-Mar-2024
$200 Business Logic Blunder In Sole Source Projecthttps://medium.com/@_0jatin0_/200-business-logic-blunder-in-sole-source-project-99a7bbe0d2f0?source=rss------bug_bounty-5Jatin_Chudasamabug-bounty-writeup, logic-flaw, bug-bounty20-Mar-2024
The Art Of Probing Memory for Sensitive Data In Android Applications (The Offensive Security Way)https://medium.com/@adipsharif/the-art-of-probing-memory-for-sensitive-data-in-android-applications-the-offensive-security-way-6aca19ce522f?source=rss------bug_bounty-5ADIPbug-bounty, penetration-testing, information-security, cybersecurity, infosec20-Mar-2024
Why Bug Bounty is Trending?https://medium.com/@shivyanshi.shukla/why-bug-bounty-is-trending-c981e7c28423?source=rss------bug_bounty-5Shivyanshi shuklabug-bounty, cybersecurity20-Mar-2024
IDOR to make comment in user’s private postshttps://medium.com/@youssifm.raghib/idor-to-make-comment-in-users-private-posts-47d13b843c32?source=rss------bug_bounty-5Youssif M Raghibbug-bounty-tips, bug-bounty, bug-hunter, bug-hunting20-Mar-2024
No rate limit in comments with IDORhttps://medium.com/@youssifm.raghib/no-rate-limit-in-comments-with-idor-d8904f3db588?source=rss------bug_bounty-5Youssif M Raghibbug-bounty, bugs, bug-hunting20-Mar-2024
Electrum-Dime Beta Launch: A New Era for Dimecoinhttps://dimecoinnetwork.medium.com/electrum-dime-beta-launch-a-new-era-for-dimecoin-72b5740598d4?source=rss------bug_bounty-5Dimecoin Networkdevelopment, dimecoin, blockchain, bug-bounty, cryptocurrency20-Mar-2024
Behind the Bug Report: From Overlooked to Overhauledhttps://interc3pt3r.medium.com/behind-the-bug-report-from-overlooked-to-overhauled-94a9e5595a8a?source=rss------bug_bounty-5Aneesha Dcybersecurity, security, web-applications, bug-bounty, hacking20-Mar-2024
Mantente al tanto de las actualizaciones. ¿Qué representan el punto azul y rojo en Burp Suite?https://medium.com/@ArtsSEC/mantente-al-tanto-de-las-actualizaciones-qu%C3%A9-representan-el-punto-azul-y-rojo-en-burp-suite-1da1a5c74f16?source=rss------bug_bounty-5ArtsSECburpsuite, bug-bounty, vulnerability, pentesting, hacking20-Mar-2024
13.15 Lab: Reflected XSS into HTML context with all tags blocked except custom ones | 2024https://cyberw1ng.medium.com/13-15-lab-reflected-xss-into-html-context-with-all-tags-blocked-except-custom-ones-2024-ca34eec89d88?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, hacking, penetration-testing, cybersecurity20-Mar-2024
The Art Of Testing Symmetric Cryptography During Pentesting Android Applicationshttps://medium.com/@adipsharif/the-art-of-testing-symmetric-cryptography-during-pentesting-android-applications-154dbab795d7?source=rss------bug_bounty-5ADIPbug-bounty, cybersecurity, android, bug-bounty-tips, penetration-testing20-Mar-2024
Checking Backups For Sensitive Data in Android Applications (The Offensive Security Way)https://medium.com/@adipsharif/checking-backups-for-sensitive-data-in-android-applications-the-offensive-security-way-95bd8820b84e?source=rss------bug_bounty-5ADIPpenetration-testing, bug-bounty, android, cybersecurity, android-app-development20-Mar-2024
Why Regular Security Sweeps Are Crucial for Business Successhttps://medium.com/@siddiquiasad2299/why-regular-security-sweeps-are-crucial-for-business-success-7de57c663ca7?source=rss------bug_bounty-5Asad Siddiquitscm-services-bug-sweeps, bug-bounty, bug-detection20-Mar-2024
Passlord: Your Ultimate Weapon for Creating Tailored Wordlistshttps://navnee1h.medium.com/passlord-your-ultimate-weapon-for-creating-tailored-wordlists-924a491e9a0f?source=rss------bug_bounty-5Navaneeth M Shacking, bug-bounty, passwords, cybersecurity, wordlist20-Mar-2024
Bypassing an IDOR A couple of times — $$$$https://medium.com/@bxrowski0x/bypassing-an-idor-a-couple-of-times-4d67555a1545?source=rss------bug_bounty-5Omar ElSayedbug-bounty-tips, idor, cybersecurity, bug-bounty-writeup, bug-bounty20-Mar-2024
Biometric Authentication Bypass In Android Applications (The Offensive Security Way)https://medium.com/@adipsharif/biometric-authentication-bypass-in-android-applications-the-offensive-security-way-c37d89b06db2?source=rss------bug_bounty-5ADIPandroid-app-development, bug-bounty, penetration-testing, android, androiddev20-Mar-2024
How We Can Check Configuration of Cryptographic Standard Algorithms & Random Number Generation…https://medium.com/@adipsharif/how-we-can-check-configuration-of-cryptographic-standard-algorithms-random-number-generation-000cf9bfdb64?source=rss------bug_bounty-5ADIPhacking, cybersecurity, bug-bounty, pentesting, bug-bounty-tips20-Mar-2024
Detecting Cyber Threats with Resemble.js: Safeguarding Digital Assets through Image Analysishttps://medium.com/@corymack34/detecting-cyber-threats-with-resemble-js-safeguarding-digital-assets-through-image-analysis-9e2f3427f8ed?source=rss------bug_bounty-5Cory Macksteganalysis, threat-detection, bug-bounty, cybersecurity, image-analysis20-Mar-2024
Biometric Authentication Bypass In Android Applications (The Offensive Security Way)https://adipsharif.medium.com/biometric-authentication-bypass-in-android-applications-the-offensive-security-way-c37d89b06db2?source=rss------bug_bounty-5ADIPandroid-app-development, bug-bounty, penetration-testing, android, androiddev20-Mar-2024
Evaluate, apply, and sustain security governance principles !https://infosecwriteups.com/evaluate-apply-and-sustain-security-governance-principles-1e038a02423a?source=rss------bug_bounty-5Paritoshsecurity-governance, information-technology, cissp, bug-bounty, cybersecurity19-Mar-2024
The Ultimate Guide to Red Teaming: Inside “A-poc/RedTeam-Tools”https://infosecwriteups.com/the-ultimate-guide-to-red-teaming-inside-a-poc-redteam-tools-69645572cf0f?source=rss------bug_bounty-5ElNiakred-team, bug-bounty, github, penetration-testing, cybersecurity19-Mar-2024
3 Step Find Critical Bug In Bug Bounty — Bug Bounty Tuesdayhttps://medium.com/@kerstan/3-step-find-critical-bug-in-bug-bounty-bug-bounty-tuesday-99011ec2cf27?source=rss------bug_bounty-5kerstansecurity, technology, cybersecurity, hacking, bug-bounty19-Mar-2024
Hunting JavaScript File for Bug Huntershttps://vivek-ghinaiya.medium.com/hunting-javascript-file-for-bug-hunters-e8b278a1306a?source=rss------bug_bounty-5Vivek Ghinaiyabug-hunting, bug-bounty, bug-bounty-writeup, javascript, bug-bounty-tips19-Mar-2024
Finding the hidden function led to a $300 IDORhttps://infosecwriteups.com/finding-the-hidden-function-led-to-a-300-idor-d37219c66d03?source=rss------bug_bounty-5M7arm4nbug-bounty-tips, bug-bounty, hacking, hacker, security19-Mar-2024
CVE-2024–28436 Cross-Site Scripting Vulnerability in D-Link DAP Productshttps://djallalakira.medium.com/cve-2024-28436-cross-site-scripting-vulnerability-in-d-link-dap-products-3596976cc99f?source=rss------bug_bounty-5Djallalakirabug-bounty, cybersecurity, bug-bounty-writeup19-Mar-2024
IDOR to read all user’s private route commentshttps://medium.com/@youssifm.raghib/idor-to-read-all-users-private-route-comments-e97120d43262?source=rss------bug_bounty-5Youssif M Raghibcybersecurity, bug-bounty, bug-bounty-tips19-Mar-2024
Get allmost all subdomainshttps://medium.com/@petrukhin.s.a/get-allmost-all-subdomains-5694dcc3cb60?source=rss------bug_bounty-5Sergei Petrukhinsubdomain, bug-bounty, subdomains-enumeration, bug-bounty-tips19-Mar-2024
13.14 Lab: Reflected XSS into HTML context with most tags and attributes blocked | 2024https://cyberw1ng.medium.com/13-14-lab-reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-2024-7e2106ef89b2?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, penetration-testing, cybersecurity, hacking19-Mar-2024
The Art Of Unveiling Logs for Sensitive Data In Android Applications (The Offensive Security Way)https://medium.com/@adipsharif/the-art-of-unveiling-logs-for-sensitive-data-in-android-applications-the-offensive-security-way-9c823532d004?source=rss------bug_bounty-5ADIPcybersecurity, bug-bounty, application-security, penetration-testing, bug-bounty-tips19-Mar-2024
HackTheBox — Information Gathering: Active Enumerationhttps://medium.com/@harry.hphu/hackthebox-information-gathering-active-enumeration-e43481ef85f9?source=rss------bug_bounty-5Huy Phusubdomains-enumeration, hackthebox, enumeration, bug-bounty, information-gathering19-Mar-2024
Unleashing Chaos: The Tale of the 0-Click Account Takeoverhttps://medium.com/@hmuhamm3d/unleashing-chaos-the-tale-of-the-0-click-account-takeover-21c2cedabc4b?source=rss------bug_bounty-5Hassaan Mohamedpenetration-testing, bug-bounty, account-takeover, bugswagger, infosec-write-ups19-Mar-2024
The Art Of Determining Whether Sensitive Data Is Shared with Third Parties via Embedded Services …https://medium.com/@adipsharif/the-art-of-determining-whether-sensitive-data-is-shared-with-third-parties-via-embedded-services-beba2856ef96?source=rss------bug_bounty-5ADIPbug-bounty-tips, cybersecurity, penetration-testing, bug-bounty, hacking19-Mar-2024
Medium Member Friend Links bughttps://karol-mazurek.medium.com/medium-member-friend-links-bug-b1d0020fbe39?source=rss------bug_bounty-5Karol Mazurekmedium, information-technology, penetration-testing, cybersecurity, bug-bounty18-Mar-2024
[Bug Bounty]xlsx 上传导致 XXE 漏洞https://medium.com/@_thorns/bug-bounty-xlsx-%E4%B8%8A%E4%BC%A0%E5%AF%BC%E8%87%B4-xxe-%E6%BC%8F%E6%B4%9E-e0615bee6af6?source=rss------bug_bounty-5_thornsbug-bounty18-Mar-2024
Burpsuite Beginners Guidehttps://medium.com/@OthmaneAitBouftass/burpsuite-beginners-guide-6bc7a08ca8f7?source=rss------bug_bounty-5Othmane Ait Bouftassweb-security, penetration-testing, bug-bounty, cybersecurity, ethical-hacking18-Mar-2024
LAMPSecurity CTF5 Walkthroughhttps://erdemstar.medium.com/lampsecurity-ctf5-walkthrough-d24f67a5fd63?source=rss------bug_bounty-5Erdemstaroscp-preparation, penetration-testing, bug-bounty, vulnhub-walkthrough, vulnhub18-Mar-2024
Subdomain Fuzzing worth 35k bounty!https://medium.com/@HX007/subdomain-fuzzing-worth-35k-bounty-daebcb56d9bc?source=rss------bug_bounty-5HX007cybersecurity, bug-bounty18-Mar-2024
Happy H@cking Psychomonghttps://medium.com/@psychomong/trhappy-h-cking-psychomong-bfa566350a01?source=rss------bug_bounty-5Psychomonghacking-tools, hacking, research, bug-bounty, bounty-program18-Mar-2024
13.13 Lab: Stored DOM XSS Cross Site Scripting | 2024https://cyberw1ng.medium.com/13-13-lab-stored-dom-xss-cross-site-scripting-2024-f4c9a21ea262?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, penetration-testing, hacking, cybersecurity18-Mar-2024
Security.txt Nedir ?https://medium.com/@ozanbozkurt1974/security-txt-nedir-d7d38a069cd8?source=rss------bug_bounty-5ozan bozkurtsecurity, bug-bounty, cybersecurity, red-team18-Mar-2024
Orderly Network: Unleashing Creativity in the DeFi Ecosystem through the Scaling Web3 Hackathonhttps://medium.com/@orderlynetwork/orderly-network-unleashing-creativity-in-the-defi-ecosystem-through-the-scaling-web3-hackathon-5cd75096ecba?source=rss------bug_bounty-5Orderly Network (,)encode-club, orderly-network, bug-bounty, defi, blockchain-development18-Mar-2024
Web Security Short Series — SQLi.https://medium.com/@frankyyano/web-security-short-series-sqli-f222f04431a6?source=rss------bug_bounty-5Yano.oscp, appsec, bug-bounty, sqli, sql18-Mar-2024
XML External Entity (XXE) attackhttps://bytebusterx.medium.com/xml-external-entity-xxe-attack-69f7b268be01?source=rss------bug_bounty-5ByteBusterXvulnerability, bug-bounty, infosec, web-security18-Mar-2024
Happy H@cking Psychomonghttps://medium.com/@psychomong123/trhappy-h-cking-psychomong-bfa566350a01?source=rss------bug_bounty-5Psychomong123hacking-tools, hacking, research, bug-bounty, bounty-program18-Mar-2024
Understanding Injection Attacks: A Deep Dive into OWASP’s Top Vulnerabilityhttps://osintteam.blog/understanding-injection-attacks-a-deep-dive-into-owasps-top-vulnerability-7d59e3535187?source=rss------bug_bounty-5Paritoshbug-bounty, cybersecurity, hacking, owasp, injection-attacks17-Mar-2024
Bug Zero at a Glance [01–15 March]https://blog.bugzero.io/bug-zero-at-a-glance-01-15-march-ba1ba88870ee?source=rss------bug_bounty-5Januka Dharmapriyasri-lanka, newsletter, cybersecurity, bug-zero, bug-bounty17-Mar-2024
Bug Bounty Platforms are a Scam [Mostly]https://medium.com/@hacktheplanet/bug-bounty-platforms-are-a-scam-mostly-ea53fe54c53d?source=rss------bug_bounty-5HackthePlanet - A Hacker's Blog.cybersecurity, scams-to-avoid, bug-bounty, hacking, bug-hunting17-Mar-2024
My Journey into Bug Bounty: Revealing My First Successful Discoveryhttps://medium.com/@kajol_singh/my-journey-into-bug-bounty-revealing-my-first-successful-discovery-81b5d2efcbde?source=rss------bug_bounty-5Kajol Kumaribug-bounty-tips, bounty-program, bug-bounty, developer, cybersecurity17-Mar-2024
Skipping the email verification is Good (or) Bad?https://medium.com/@Alex_crypto/skipping-the-email-verification-is-good-or-bad-ef045dc8d3ed?source=rss------bug_bounty-5Alex_Cryptobug-bounty, security-analytics, hacking17-Mar-2024
Mastering XSS: A Comprehensive Guide to Finding Cross-Site Scripting Vulnerabilitieshttps://cyberw1ng.medium.com/mastering-xss-a-comprehensive-guide-to-finding-cross-site-scripting-vulnerabilities-3891ab930274?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing17-Mar-2024
How I found my first ever bug.https://osintteam.blog/how-i-found-my-first-ever-bug-89fedb5a9b3c?source=rss------bug_bounty-5an0nbilcybersecurity, technology, programming, javascript, bug-bounty17-Mar-2024
Application Level DoS - Smoking with ‘null’ Againhttps://shahjerry33.medium.com/application-level-dos-smoking-with-null-again-364ce16dad74?source=rss------bug_bounty-5Jerry Shah (Jerry)pentesting, cybersecurity, bug-bounty, vulnerability, infosec17-Mar-2024
Redirecting a webpage from HTTP to HTTPS is safe and how to identify whether the webpage is safe or…https://medium.com/@Alex_crypto/if-the-forgot-password-link-is-copied-and-pasted-into-the-new-tab-it-opens-in-http-and-directs-to-8e8f80c4a9f6?source=rss------bug_bounty-5Alex_Cryptobug-bounty, security17-Mar-2024
Bug Bounty Learning Pathhttps://bevijaygupta.medium.com/bug-bounty-learning-path-0c0015d6a71d?source=rss------bug_bounty-5Vijay Guptabugs, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-zero17-Mar-2024
Bug Bounty Platformshttps://bevijaygupta.medium.com/bug-bounty-platforms-499275d1d9b4?source=rss------bug_bounty-5Vijay Guptabug-bounty-platforms, bugs, bug-bounty, bug-bounty-tips17-Mar-2024
Bug Bounty Tutorial : Login Bypass Techniquehttps://rajput623929.medium.com/bug-bounty-tutorial-login-bypass-technique-d7508856b2a1?source=rss------bug_bounty-5Mr.Horbiopoc, bug-bounty, cybersecurity, ethical-hacking, pentesting17-Mar-2024
I earned $1000 with IDOR’s vulnerability to PII leaks outside the platform.https://aryasec.medium.com/i-earned-1000-with-idors-vulnerability-to-pii-leaks-outside-the-platform-65b1cbcfa26e?source=rss------bug_bounty-5Tengku Arya Saputraidor, bugbounty-writeup, bug-bounty, idor-vulnerability17-Mar-2024
How to make a living as a Hacker!https://medium.com/@rafael.code77/how-to-make-a-living-as-a-hacker-ff8fafa98b0b?source=rss------bug_bounty-5Rafael Henriquescience, money, programming, bug-bounty, hacking16-Mar-2024
https://medium.com/@morganbinbash/-25027f11f71e?source=rss------bug_bounty-5Morgan Bin Bashpentesting, cybersecurity, bug-bounty, cyber-threat-intelligence16-Mar-2024
Types of Cyber Attacks on Each OSI Layerhttps://medium.com/@kumarsachin1642001/types-of-cyber-attacks-on-each-osi-layer-56e746dfa3b8?source=rss------bug_bounty-5sachin kumarcybersecurity, hackerone, hacker, cyberattack, bug-bounty16-Mar-2024
Tips to get your first bug/bountyhttps://medium.com/@mr_prey3r/tips-to-get-your-first-bug-bounty-c5a862ad8567?source=rss------bug_bounty-5Rubayet Hasan aka MR_Prey3rfirst-bug, bug-bounty, bug-bounty-tips, first-bounty, find-your-first-bug16-Mar-2024
Bug Bounty Challenge: Day 7–16/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-7-16-03-2024-5c48ff96f9d0?source=rss------bug_bounty-5Wallotrybug-bounty-writeup, bug-bounty, bug-bounty-tips, bug-bounty-hunter16-Mar-2024
IDOR + Content Injection Penetration Testing Lesson 5https://medium.com/@or0to/idor-content-injection-penetration-testing-lesson-5-fe3bdce12f8f?source=rss------bug_bounty-5Ali Essamsecurity, penetration-testing, bug-bounty, cybersecurity, ali16-Mar-2024
13.12 Lab: Reflected DOM XSS — Cross Site Scripting | 2024https://infosecwriteups.com/13-12-lab-reflected-dom-xss-cross-site-scripting-2024-0dc98e91ae42?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, bug-bounty, careers, penetration-testing16-Mar-2024
How Secure is Java’s SecureProcessing?https://medium.com/@dub-flow/how-secure-is-javas-secureprocessing-ec49544a59ad?source=rss------bug_bounty-5Florian Waltercybersecurity, application-security, java, code-review, bug-bounty16-Mar-2024
How I was able to disclose the Users’ chats with AI chat Bot?https://medium.com/@who1am1i999/how-i-was-able-to-disclose-the-users-chats-with-ai-chat-bot-c7d8b13ca713?source=rss------bug_bounty-5WHO AM I ?information-security, fuzzing, bug-bounty, cybersecurity, information-disclosure15-Mar-2024
Understanding Path Traversal Vulnerabilities: Risks and Mitigationhttps://medium.com/@paritoshblogs/understanding-path-traversal-vulnerabilities-risks-and-mitigation-6149a506a65b?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, hacking, cybersecurity, path-traversal15-Mar-2024
Account takeover via Password resethttps://medium.com/@Rahulkrishnan_R_Panicker/account-takeover-via-password-reset-c2658e1f58eb?source=rss------bug_bounty-5Rahulkrishnan R Panickerbug-bounty, cybersecurity, bugbounty-writeup, programming, bug-bounty-writeup15-Mar-2024
I discovered a new way to bypass CSRF protection to achieve Account Takeoverhttps://medium.com/@vflexo/i-discovered-a-new-way-to-bypass-csrf-protection-to-achieve-account-takeover-73d1dff3c67a?source=rss------bug_bounty-5vFlexoinformation-technology, bug-bounty, penetration-testing, vapt, ethical-hacking15-Mar-2024
BugRap Ecosystem Panorama: Empowering Web3 Security Developmenthttps://medium.com/@BugRap_Team/bugrap-ecosystem-panorama-empowering-web3-security-development-6cbe2f7adb24?source=rss------bug_bounty-5BugRap Teamweb-development, bug-bounty, security, btc15-Mar-2024
Exploring Bug Bounty Hunting as a Promising Career Choice for Cybersecurity Professionalshttps://medium.com/mynextdeveloper/exploring-bug-bounty-hunting-as-a-promising-career-choice-for-cybersecurity-professionals-2015563daac8?source=rss------bug_bounty-5MyNextDeveloperhacking, bug-bounty, cybersecurity, client-security, cyber15-Mar-2024
13.11 Lab: DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encoded |…https://cyberw1ng.medium.com/13-11-lab-dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-d7188a250ad8?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, hacking, careers, penetration-testing15-Mar-2024
Reconnaissance: How GitDorks can power up your recon!https://medium.com/@kieran.w/reconnaissance-how-gitdorks-can-power-up-your-recon-da3c5e412925?source=rss------bug_bounty-5Kieran Wgitdorking, reconnaissance, penetration-testing, bug-bounty, security-testing15-Mar-2024
Bug Bounty Challenge: Day 6–15/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-6-15-03-2024-a5c6c1a67647?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty, bug-bounty-writeup15-Mar-2024
BChecks en Burp Suite Professionalhttps://medium.com/@ArtsSEC/bchecks-en-burp-suite-professional-5d8c4754349e?source=rss------bug_bounty-5ArtsSECburpsuite, development, penetration-testing, web-development, bug-bounty15-Mar-2024
13.10 Lab: DOM XSS in document.writehttps://cyberw1ng.medium.com/13-10-lab-dom-xss-in-document-write-c702cd0bd743?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, careers, penetration-testing, hacking14-Mar-2024
MRS #2: Bypassing premium features by checking “premium validation” parameters (€€€)https://infosecwriteups.com/mrs-2-bypassing-premium-features-by-checking-premium-validation-parameters-f2e211fad160?source=rss------bug_bounty-5can1337infosec, business-logic, bug-bounty-tips, bug-bounty, cybersecurity14-Mar-2024
Unleash the Power of the Crypto Drainer: Your Ultimate Weapon in Crypto Wallet Draining!https://medium.com/@colbe.judge/unleash-the-power-of-the-crypto-drainer-your-ultimate-weapon-in-crypto-wallet-draining-bd4ece99cc24?source=rss------bug_bounty-5CryptoDrainXbug-bounty, hacking, bug-bounty-tips, hacking-tools, money14-Mar-2024
Unleash the Ultimate Multichain Wallet Drainer — Crypto Drainer: Drain ’Em all with Just One Click!https://medium.com/@colbe.judge/unleash-the-ultimate-multichain-wallet-drainer-crypto-drainer-drain-em-all-with-just-one-click-0afa35f9b736?source=rss------bug_bounty-5CryptoDrainXbug-bounty, cryptocurrency, bug-bounty-tips, nft, bitcoin14-Mar-2024
Insane Crypto-Drainer Exposed: The Ultimate Wallet Drainer You Can’t Ignore!https://medium.com/@colbe.judge/insane-crypto-drainer-exposed-the-ultimate-wallet-drainer-you-cant-ignore-7545f4c9c86d?source=rss------bug_bounty-5CryptoDrainXbug-bounty, crypto, nft, defi, money14-Mar-2024
How To Get $100k in 2024 With Crypto [Unrevealed]https://medium.com/@colbe.judge/how-to-get-100k-in-2024-with-crypto-unrevealed-b40081b8fb41?source=rss------bug_bounty-5CryptoDrainXblockchain, cryptocurrency, hacking-tools, hacking, bug-bounty14-Mar-2024
5 Websites to Learn Bug Hunting: A Beginner’s Guidehttps://medium.com/@aayushdhakal005/5-websites-to-learn-bug-hunting-a-beginners-guide-4399c2f94917?source=rss------bug_bounty-5Creepyshitwebsite, bug-bounty, cybersecurity, resources14-Mar-2024
Bug Bounty Challenge: Day 5–14/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-5-14-03-2024-b8fe8dae8cb5?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter14-Mar-2024
GRWM for WebApp PenTest | Command Injectionhttps://redsock1337.medium.com/grwm-for-webapp-pentest-command-injection-e205906573e2?source=rss------bug_bounty-5Jbros, command-line, bug-bounty-tips, cybersecurity, bug-bounty14-Mar-2024
Uncovering Host Header Injection Vulnerabilities in 5 Apex Domain Hosts Part Two how to chainhttps://javroot.medium.com/uncovering-host-header-injection-vulnerabilities-in-5-apex-domain-hosts-part-two-how-to-chain-0abe308a4807?source=rss------bug_bounty-5Javrootweb, hacking, penetration-testing, bug-bounty-tips, bug-bounty14-Mar-2024
API Security: Essential Tools for Endpoint Analysishttps://iaraoz.medium.com/api-security-essential-tools-for-endpoint-analysis-efb1c72675c0?source=rss------bug_bounty-5Israel Aráoz Severichebug-bounty, owasp, appsec, cybersecurity, api-security14-Mar-2024
Exploiting Cross-Site Scripting XSS vulnerabilities for Bug Bounty — Portswigger | 2024https://cyberw1ng.medium.com/exploiting-cross-site-scripting-xss-vulnerabilities-for-bug-bounty-portswigger-2024-88d6e1df4658?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, penetration-testing, cybersecurity, bug-bounty13-Mar-2024
How To Do Malware Analysishttps://medium.com/@paritoshblogs/how-to-do-malware-analysis-62bd1f8052bb?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, information-technology, security, malware-analysis13-Mar-2024
Easiest way to find hidden api from js fileshttps://medium.com/@jeetpal2007/easiest-way-to-find-hidden-api-from-js-files-ce115a4ad1af?source=rss------bug_bounty-5JEETPALcybersecurity, bounties, api-key, easiest-way, bug-bounty13-Mar-2024
Enhancing Your Bug Hunting Skills: 5 Must-Read Bookshttps://medium.com/@aayushdhakal005/enhancing-your-bug-hunting-skills-5-must-read-books-edb6029c19a6?source=rss------bug_bounty-5Creepyshitbug-bounty, cybersecurity, books, web13-Mar-2024
Lets Talk Pentest Strategyhttps://medium.com/@hackstack/lets-talk-pentest-strategy-adea4d3b085e?source=rss------bug_bounty-5HackStackpentest, pentesting, how-to, bug-bounty13-Mar-2024
Email based IDOR makes me update Other User Profilehttps://rohmadhidayah.medium.com/email-based-idor-makes-me-update-other-user-profile-8e6e289f4391?source=rss------bug_bounty-5Rohmad Hidayahidor, info-sec-writeups, infosec-write-ups, bug-bounty, bug-bounty-tips13-Mar-2024
Bug-Bounty/How I Found My FIRST Vulnerability and How could I Access the Admin Panel using it +…https://medium.com/@rogxoorsafe/bug-bounty-how-i-found-my-first-vulnerability-and-how-could-i-access-the-admin-panel-using-it-899d75da2f37?source=rss------bug_bounty-5Alireza Rogxoorcyberattack, bug-bounty, cybersecurity, hacking, security13-Mar-2024
Fuzzing to Kubernetes to IDOR to PII leakhttps://nityanandjha18.medium.com/fuzzing-to-kubernetes-to-idor-to-pii-leak-dae0dda70090?source=rss------bug_bounty-5NITYA NAND JHAvapt, ethical-hacking, bug-bounty13-Mar-2024
Researcher Q&A: Friends Who Work Together, Hack Better Togetherhttps://blog.developer.adobe.com/researcher-q-a-friends-who-work-together-hack-better-together-c698ff0be732?source=rss------bug_bounty-5Renae Kangsecurity, bug-bounty-program, security-researchers, bug-bounty, ethical-hacker13-Mar-2024
PROXY FUZZINGhttps://karol-mazurek.medium.com/proxy-fuzzing-4dc77968cfd8?source=rss------bug_bounty-5Karol Mazurekprogramming, information-technology, bug-bounty, python, cybersecurity13-Mar-2024
Reconnaissance?https://mrrobotstxt.medium.com/reconnaissance-ca2fa7bf821d?source=rss------bug_bounty-5Mr. Robots.txthackathons, bug-bounty, hacking, penetration-testing, cybersecurity13-Mar-2024
How much money did I make from doing Bug Bounty?https://systemweakness.com/how-much-money-did-i-make-from-doing-bug-bounty-707438b71f47?source=rss------bug_bounty-5Imad Husanovicbug-bounty, programming, hacking, cybersecurity, bug-bounty-tips13-Mar-2024
Cross-site scripting contexts for Bug Bounty — Portswigger | 2024https://cyberw1ng.medium.com/cross-site-scripting-contexts-for-bug-bounty-portswigger-2024-b927cfa70de3?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, penetration-testing, bug-bounty, cybersecurity12-Mar-2024
Business Logic Errors allow me to buy Products at Low Prices on Farmaku.comhttps://rohmadhidayah.medium.com/business-logic-errors-allow-me-to-buy-products-at-low-prices-on-farmaku-com-b8c9c0bcf5cc?source=rss------bug_bounty-5Rohmad Hidayahinfo-sec-writeups, bug-bounty-tips, business-logic, bug-bounty, infosec-write-ups12-Mar-2024
ShentuChain Unveils a Constellation of High-profile Investorshttps://shentuchain.medium.com/shentuchain-unveils-a-constellation-of-high-profile-investors-54b612b8dc30?source=rss------bug_bounty-5Shentu Chainbinance, cybersecurity, investors, bug-bounty, announcements12-Mar-2024
How I Discovered My First Critical Vulnerability in My Bug Bounty Careerhttps://snip3rgg.medium.com/how-i-discovered-my-first-critical-vulnerability-in-my-bug-bounty-career-cf0e048d14cb?source=rss------bug_bounty-5Sahil Bugade (snip3rgg)infosec, bug-bounty, vulnerability, bug-bounty-tips, cybersecurity12-Mar-2024
Account Takeover Through Rate-Limit Bypass — Bug Bounty Tuesdayhttps://medium.com/@kerstan/account-takeover-through-rate-limit-bypass-bug-bounty-tuesday-01229168dd89?source=rss------bug_bounty-5kerstanbug-bounty, security, programming, cybersecurity, technology12-Mar-2024
How I found my first ever valid bug on Hackeronehttps://medium.com/@rubaethasanariyan/how-i-found-my-first-ever-valid-bug-on-hackerone-da30015aa08d?source=rss------bug_bounty-5Rubayet Hasan aka MR_Prey3rbug-bounty-tips, bugbounty-poc, first-bug, hackerone, bug-bounty12-Mar-2024
Guvenkaya Security Insights Series — Sweat Economyhttps://medium.com/@guvenkaya-sec/guvenkaya-security-insights-series-sweat-economy-dbe681a79e7a?source=rss------bug_bounty-5Guvenkayanear-protocol, bug-bounty, smart-contracts, rust, web312-Mar-2024
BYPASSING PARENTAL CONTROL ON WHOLE APPLE ECO-SYSTEMhttps://medium.com/@sam0-0/bypassing-parental-control-on-whole-apple-eco-system-1c6975c24105?source=rss------bug_bounty-5Sambug-bounty, apple, infosec, bugbounty-writeup12-Mar-2024
Bug Bounty Challenge: Day 4/15–12/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-4-15-12-03-2024-412bf44f8b83?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-hunting12-Mar-2024
Minha Experiência ao Obter a Certificação CBBHhttps://tiredandsick.medium.com/cbbh-experience-prbt-bc2b376c4124?source=rss------bug_bounty-5SickAndTiredbug-bounty, hacking, pentesting, cbbh, hackthebox-academy12-Mar-2024
Utilizing Log Poisoning: Elevating from LFI to RCEhttps://medium.com/@YNS21/utilizing-log-poisoning-elevating-from-lfi-to-rce-5dca90d0a2ac?source=rss------bug_bounty-5Youness Abbidabug-bounty, hackthebox, local-file-inclusion, hackthebox-writeup, cybersecurity12-Mar-2024
Bug Bounty — Improper Authentication using Google Authhttps://medium.com/@nourrisson.julien3/bug-bounty-improper-authentication-using-google-auth-b45fbddab9be?source=rss------bug_bounty-5Nourrisson Julienbug-bounty, cybersecurity11-Mar-2024
HTML INJECTION (Payload List)https://medium.com/@psychomong/html-injection-payload-list-735e69f522ca?source=rss------bug_bounty-5psychomongbug-bounty, bugs, html, injection, htmlinput11-Mar-2024
Race Conditions + IDOR Leads to Bypass Email Verification & Phone Verificationhttps://medium.com/@ozomarzu/race-conditions-idor-leads-to-bypass-email-verification-phone-verification-f62c7d7b97e5?source=rss------bug_bounty-5CyberOzbugs, writeup, bug-bounty, hacking, bug-bounty-tips11-Mar-2024
Exploring AI Penetration Testinghttps://medium.com/@adityasawant00/exploring-ai-penetration-testing-38891e861acd?source=rss------bug_bounty-5Aditya Sawanthacking, bug-bounty, penetration-testing, ai, large-language-models11-Mar-2024
Bug Bounty Challenge: Day 3/15–11/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-3-15-11-03-2024-38993610e657?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-writeup11-Mar-2024
HTML Injection on NASA.govhttps://medium.com/@boogsta/html-injection-on-nasa-gov-91b1d3602ea0?source=rss------bug_bounty-5Boogstahacking, cybersecurity, hacker, cyber, bug-bounty11-Mar-2024
3 Information Disclosure in Bug Bounty Programhttps://medium.com/@jm7.zx/3-information-disclosure-in-bug-bounty-program-e0c12f6e25d5?source=rss------bug_bounty-5Jm7.szbug-bounty, cybersecurity, programming, data-science11-Mar-2024
GRWM for WebApp PenTest | XPATH Injectionhttps://whyjbr.medium.com/grwm-for-webapp-pentest-xpath-injection-0906154bbe91?source=rss------bug_bounty-5Jbrxpath, bug-bounty, cybersecurity, hacking, ethical-hacking11-Mar-2024
Exfiltrating Sensitive Information via Reflected XSS Bypassing Cloudflarehttps://medium.com/@mayankchoubey507/exfiltrating-sensitive-information-via-reflected-xss-bypassing-cloudfare-d82d9ccc24d6?source=rss------bug_bounty-5Mayankchoubeycybersecurity, xss-bypass, cloudflare, bug-bounty, xss-attack11-Mar-2024
24.4 Lab: Exploiting server-side parameter pollution in a query string | 2024https://infosecwriteups.com/24-4-lab-exploiting-server-side-parameter-pollution-in-a-query-string-2024-ac0e23db9c02?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, cybersecurity, bug-bounty, careers11-Mar-2024
Top 7 BurpSuite Extensions for BugBounty- Part-1https://medium.com/@Ajakcybersecurity/top-7-burpsuite-extensions-for-bugbounty-part-1-4e9639649601?source=rss------bug_bounty-5AjakCybersecurityhacking, ethical-hacking, penetration-testing, burpsuite, bug-bounty11-Mar-2024
HackTheBox — Information Gatheringhttps://medium.com/@harry.hphu/hackthebox-information-gathering-a2d78c901dd0?source=rss------bug_bounty-5Huy Phuhackthebox, enumeration, bug-bounty, information-gathering11-Mar-2024
HackTheBox — Information Gathering: Passive Enumerationhttps://medium.com/@harry.hphu/hackthebox-information-gathering-passive-enumeration-85e45503683d?source=rss------bug_bounty-5Huy Phupassive-reconnaissance, hackthebox, information-gathering, bug-bounty11-Mar-2024
Vulnerability Vault: Breaking Down SSRF — Server Side Request Forgery (Part 2)https://psychovik.medium.com/vulnerability-vault-breaking-down-ssrf-server-side-request-forgery-part-2-a08d4a2b3d96?source=rss------bug_bounty-5Vikas Sharmahacking, cybersecurity, ssrf, bug-bounty, vulnerability10-Mar-2024
The Reset Password Attack Vectorhttps://balook.medium.com/the-reset-password-attack-vector-833e1291bb15?source=rss------bug_bounty-5baluzbug-bounty10-Mar-2024
How I get My First $$$$ Bounty?https://medium.com/@hacdoc/how-i-get-my-first-bounty-ec4d83eb5fbf?source=rss------bug_bounty-5Jaikumarbug-bounty-tips, hacking, bug-bounty10-Mar-2024
GRWM for WebApp PenTest | Insecure Deserializationhttps://whyjbr.medium.com/grwm-for-webapp-pentest-insecure-deserialization-adfa4f8cf53f?source=rss------bug_bounty-5Jbrphp, bug-bounty, inspiration, cybersecurity, hacking10-Mar-2024
How I get My First $$$$ Bounty?https://medium.com/@hacdoc/how-i-get-my-first-bounty-ec4d83eb5fbf?source=rss------bug_bounty-5ஜெய்bug-bounty-tips, hacking, bug-bounty10-Mar-2024
24.3 Lab: Exploiting a mass assignment vulnerability | 2024https://infosecwriteups.com/24-3-lab-exploiting-a-mass-assignment-vulnerability-2024-cc97a296d5fc?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, bug-bounty, hacking10-Mar-2024
Information Gathering #1https://medium.com/@mxfx1989/information-gathering-1-192f58c49f2e?source=rss------bug_bounty-5z4z4_h1red-team, cybersecurity, bug-bounty, hacking, infosec10-Mar-2024
Easiest bugs to starthttps://medium.com/@petrukhin.s.a/easiest-bugs-to-start-9f92d87f6e36?source=rss------bug_bounty-5Sergei Petrukhinopen-redirect, bug-bounty10-Mar-2024
Subdomains Enumerationhttps://d4t4s3c.medium.com/subdomains-enumeration-a23f44ba4687?source=rss------bug_bounty-5d4t4s3cbug-bounty, vhost, red-team, pentesting, subdomains-enumeration10-Mar-2024
Bug Bounty Challenge: Day 2/15–10/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-1-15-10-03-2024-b946472d71c8?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup, bug-bounty10-Mar-2024
Cross-origin resource sharing (CORS) | Web application Vulnerabilityhttps://abineshm.medium.com/cross-origin-resource-sharing-cors-web-application-vulnerability-afc0d3d35063?source=rss------bug_bounty-5Abinesh Mvulnerability, web-application-security, security, bug-bounty, bugs09-Mar-2024
Untangling Dependency Confusion: Exploring Threats and Protectionshttps://jareddouville.medium.com/untangling-dependency-confusion-exploring-threats-and-protections-7dd7f58de127?source=rss------bug_bounty-5Jared Douvillenpm, bug-bounty, hacking, hackerone09-Mar-2024
24.2 Lab: Finding and exploiting an unused API endpoint | 2024https://cyberw1ng.medium.com/24-2-lab-finding-and-exploiting-an-unused-api-endpoint-2024-81f3451df1a1?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, careers, bug-bounty, penetration-testing09-Mar-2024
Bug Bounty Challenge: Day 1/15–09/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-1-15-09-03-2024-f7b1824f2262?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty, bug-bounty-writeup09-Mar-2024
24.1 Lab: Exploiting an API endpoint using documentation | 2024https://cyberw1ng.medium.com/24-1-lab-exploiting-an-api-endpoint-using-documentation-2024-5e7de5aaf53e?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, security, careers, hacking, bug-bounty08-Mar-2024
Vulnerability Vault: Breaking Down SSRF — Server Side Request Forgery (Part 1)https://psychovik.medium.com/vulnerability-vault-breaking-down-ssrf-server-side-request-forgery-part-1-b7e658589dd9?source=rss------bug_bounty-5Vikas Sharmacybersecurity, hacking, vulnerability, bug-bounty, ssrf08-Mar-2024
1K Followers Giveaway-https://medium.com/@Ajakcybersecurity/1k-followers-giveaway-892488a38a48?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, giveaway, free, bug-bounty, ethical-hacking08-Mar-2024
Sensitive Data Exposed when placing an Orderhttps://rohmadhidayah.medium.com/sensitive-data-exposed-when-placing-an-order-5549baed9186?source=rss------bug_bounty-5Rohmad Hidayahinfosec-write-ups, bug-bounty-tips, info-sec-writeups, bug-bounty08-Mar-2024
BSides Transylvania Is Not A Simple Conference, Is a Training Ground For Your Security Teamhttps://corneacristian.medium.com/bsides-transylvania-is-not-a-simple-conference-is-a-training-ground-for-your-security-team-c41cdf30778f?source=rss------bug_bounty-5Cristian Cornearomania, ethical-hacking, tech, cybersecurity, bug-bounty08-Mar-2024
Server-Side Template Injection (SSTI) ☠️ Deep Divehttps://cyberbull.medium.com/server-side-template-injection-ssti-%EF%B8%8F-deep-dive-512904b8a8ae?source=rss------bug_bounty-5Aditya Pandeyweb-security, security, cybersecurity, bug-bounty, ethical-hacking08-Mar-2024
Bug Bounty Challenge: Day 0/15https://wallotry.medium.com/bug-bounty-challenge-day-0-15-8e88c5b4cc6b?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty08-Mar-2024
0 Click Account Takeover Via reset password weird behaviorhttps://medium.com/@0xSnowmn/0-click-account-takeover-via-reset-password-weird-behavior-026846e5f850?source=rss------bug_bounty-5Snow Marsbug-bounty, bug-bounty-tips, cybersecurity08-Mar-2024
WinRAR 7.0 DLL Hijacking -> Local RCE [0-day]https://medium.com/@boogsta/winrar-7-0-dll-hijacking-local-rce-0-day-6d90765c6601?source=rss------bug_bounty-5Boogstacybersecurity, bug-bounty, hacks, hacking, cyber08-Mar-2024
Usb data recovery — Digital forensics introhttps://medium.com/@Rahulkrishnan_R_Panicker/usb-data-recovery-digital-forensics-intro-0c57337425b5?source=rss------bug_bounty-5Rahulkrishnan R Panickerdigital-forensics, tech, bug-bounty, pentesting, hacking07-Mar-2024
Increasing IMPACT of No Rate Limit on Email Endpoints.https://shubham-srt.medium.com/increasing-impact-of-no-rate-limit-on-email-endpoints-d66cf08dafaf?source=rss------bug_bounty-5Shubham SRTweb-app-security, hacking, cybersecurity, bug-bounty, vapt07-Mar-2024
API Testing for Bug Bounty — Portswigger | 2024https://cyberw1ng.medium.com/api-testing-for-bug-bounty-portswigger-2024-bd8343cc2c10?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, careers, hacking, security07-Mar-2024
Verileri Çıkarmak için NoSQL Enjeksiyonundan Yararlanmahttps://medium.com/@hhuseyinuyar17/verileri-%C3%A7%C4%B1karmak-i%C3%A7in-nosql-enjeksiyonundan-yararlanma-ace89e11bc69?source=rss------bug_bounty-5Hhuseyinuyarbug-bounty, nosql, injection, burpsuite, mongodb07-Mar-2024
Exploring Bug Bounty Programs: An overview and Varietieshttps://medium.com/@lovepatel3223/exploring-bug-bounty-programs-an-overview-and-varieties-6f8539279704?source=rss------bug_bounty-5Prem Patelbug-bounty, bug-bounty-types07-Mar-2024
API Testing for Bug Bounty — Portswigger | 2024https://infosecwriteups.com/api-testing-for-bug-bounty-portswigger-2024-bd8343cc2c10?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, careers, hacking, security07-Mar-2024
How I found Reflected XSS which leads to Account Takeover on an E-commerce websitehttps://medium.com/@npthin1804/how-i-found-reflected-xss-which-leads-to-account-takeover-on-an-e-commerce-website-47200dd631b6?source=rss------bug_bounty-5Npthinbug-bounty, infosec-write-ups, reflected-xss07-Mar-2024
Click, Intercept, Hack: Checkmate on Access Control Vulnerabilityhttps://anasbetis023.medium.com/click-intercept-hack-checkmate-on-access-control-vulnerability-20152a7149e2?source=rss------bug_bounty-5Anas H Hmaidycybersecurity, web-security, ethical-hacking, penetration-testing, bug-bounty07-Mar-2024
XSLeak de-anonymize Facebook user visiting websitehttps://mustafa0x2021.medium.com/xsleak-de-anonymize-facebook-user-visiting-website-8f6c725235e8?source=rss------bug_bounty-5Mustafabug-bounty, meta07-Mar-2024
echo “Hello, World”https://projectpolarbear.com/echo-hello-world-4233c914b944?source=rss------bug_bounty-5Mr. Robots.txtsoc, blue-team, cybersecurity, red-team, bug-bounty07-Mar-2024
Fixing Facebook: A Privacy Issue Ignored?https://medium.com/@mynkpdr/fixing-facebook-a-privacy-issue-ignored-6c048dacc824?source=rss------bug_bounty-5mynkpdrmessenger, bug-bounty-writeup, facebook, bug-bounty, facebook-bug-bounty07-Mar-2024
How to find server security misconfiguration leak data usershttps://medium.com/@sam_0x0/how-to-find-server-security-misconfiguration-leak-data-users-f7a43c008e33?source=rss------bug_bounty-5Eslam Omarbug-bounty, bug-bounty-tips, bugcrowd, bugs, web-pen-testing07-Mar-2024
How to find server security misconfiguration leak data usershttps://systemweakness.com/how-to-find-server-security-misconfiguration-leak-data-users-f7a43c008e33?source=rss------bug_bounty-5Eslam Omarbug-bounty, bug-bounty-tips, bugcrowd, bugs, web-pen-testing07-Mar-2024
How I found Reflected XSS which leads to Account Takeover on an E-commerce websitehttps://medium.com/@npthin1804/how-i-found-reflected-xss-which-leads-to-account-takeover-on-an-e-commerce-website-47200dd631b6?source=rss------bug_bounty-5p00dl3bug-bounty, infosec-write-ups, reflected-xss07-Mar-2024
Bug Bounty - Insecure Deserialization to Reverse Shellhttps://medium.com/@jobaa23/insecure-deserialization-to-reverse-shell-9f007b440d6f?source=rss------bug_bounty-50x4141bug-bounty, remote-code-execution, hacking, bug-hunting, insecure-deserialization07-Mar-2024
Host Header Poison lead to account takeoverhttps://medium.com/@masterhackor22/host-header-poison-lead-to-account-takeover-8c432fb54b29?source=rss------bug_bounty-5master hackorbounty-program, bugs, penetration-testing, cybersecurity, bug-bounty06-Mar-2024
[letsdefend.io] SOC164 — Suspicious Mshta Behaviorhttps://medium.com/@yasminramadini/letsdefend-io-soc164-suspicious-mshta-behavior-36dfa3d74843?source=rss------bug_bounty-5Yasmin Ramadinitryhackme, bug-bounty, indonesia, letsdefendio, ctf-writeup06-Mar-2024
[letsdefend.io] SOC169 — Possible IDOR Attack Detectedhttps://medium.com/@yasminramadini/letsdefend-io-soc169-possible-idor-attack-detected-dda468ceab28?source=rss------bug_bounty-5Yasmin Ramadinictf-writeup, bug-bounty, tryhackme, letsdefendio, indonesia06-Mar-2024
[letsdefend.io] SOC168 — Whoami Command Detected in Request Bodyhttps://medium.com/@yasminramadini/letsdefend-io-soc168-whoami-command-detected-in-request-body-c4813fab47e4?source=rss------bug_bounty-5Yasmin Ramadinibug-bounty, tryhackme, indonesia, letsdefendio, ctf-writeup06-Mar-2024
[Letsdefend.io] SOC170 — Passwd Found in Requested URL — Possible LFI Attackhttps://medium.com/@yasminramadini/letsdefend-io-soc170-passwd-found-in-requested-url-possible-lfi-attack-1828c436e703?source=rss------bug_bounty-5Yasmin Ramadiniletsdefendio, bug-bounty, tryhackme, ctf-writeup, indonesia06-Mar-2024
Apa Itu Kriptografi? Enkripsi, Encoding, Dan Hashinghttps://medium.com/@yasminramadini/apa-itu-kriptografi-enkripsi-encoding-dan-hashing-ddb39d69eb93?source=rss------bug_bounty-5Yasmin Ramadinipentesting, tryhackme, indonesia, cybersecurity, bug-bounty06-Mar-2024
How i bypassed input limitations to get Admin ATOhttps://medium.com/@0x3adly/how-i-bypassed-input-limit-to-get-admin-ato-f2d56f40f505?source=rss------bug_bounty-5Anas Eladly ( 0x3adly )cybersecurity, web-penetration-testing, xss-attack, bug-bounty, bug-bounty-tips06-Mar-2024
Microsoft Exchange Server Remote Code Execution Vulnerabilityhttps://medium.com/@ryuzakiryuga31/microsoft-exchange-server-remote-code-execution-vulnerability-89354c6e6586?source=rss------bug_bounty-5R09shbug-bounty, blackhat, rce-vulnerability, cybersecurity, cyberattack06-Mar-2024
At age of 18, How I got first “Future” Job Offer from Korean MNC through bug bountieshttps://medium.com/@manan_sanghvi/at-age-of-18-how-i-got-first-future-job-offer-from-korean-mnc-through-bug-bounties-2cfb7d4a9e8c?source=rss------bug_bounty-5Manan Sanghviethical-hacking, cybersecurity, bug-bounty, penetration-testing, job-offer06-Mar-2024
Vulnerable WordPress February 2024 (Jushin Castle)https://medium.com/@onhexgroup/vulnerable-wordpress-february-2024-jushin-castle-340990bdb9fb?source=rss------bug_bounty-5Onhexgroupbug-bounty, cybersecurity, security, infosec, wordpress06-Mar-2024
Data Lake introduces the second bug bounty campaign of its patients recruitment Applicationhttps://datalaketoken.medium.com/data-lake-introduces-the-second-bug-bounty-campaign-of-its-patients-recruitment-application-88be6e0399a4?source=rss------bug_bounty-5Data Lakebug-bounty, medical-data, research, data-lake, desci06-Mar-2024
How I Passed eWPTX v2 Exam Without Coursewarehttps://medium.com/@adityasawant00/how-i-passed-ewptx-v2-exam-without-courseware-1711edd7fb32?source=rss------bug_bounty-5Aditya Sawanthacking, penetration-testing, certification, bug-bounty, security06-Mar-2024
12.4 Lab: Exploiting NoSQL operator injection to extract unknown fields | 2024https://infosecwriteups.com/12-4-lab-exploiting-nosql-operator-injection-to-extract-unknown-fields-2024-866996b9fff2?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, hacking, careers, penetration-testing06-Mar-2024
Upload Backdoor in profile picture and OTP Bypasshttps://medium.com/@sahilkushwaha275/upload-backdoor-in-profile-picture-and-otp-bypass-3c2e2e18fbbb?source=rss------bug_bounty-5S33NUbug-bounty, technology, bug-hunting, bounty-program, programming06-Mar-2024
Story of Lock up users’ account by DOS attack cost $1,100https://m7arm4n.medium.com/story-of-lock-up-users-account-by-dos-attack-cost-1-100-87b47d06a7c1?source=rss------bug_bounty-5M7arm4nhacker, hacking, bug-bounty, security, bug-bounty-tips06-Mar-2024
Uncovering Host Header Injection Vulnerabilities in 5 Apex Domain Hostshttps://javroot.medium.com/uncovering-host-header-injection-vulnerabilities-in-5-apex-domain-hosts-c45f79e82862?source=rss------bug_bounty-5Javroothosting, bug-hunting, hacking, white-hat-hacker, bug-bounty05-Mar-2024
Bug-Bounty Beginning (Day-1)https://medium.com/@bv1459/bug-bounty-beginning-day-1-bc5fa649ff45?source=rss------bug_bounty-5Bala Prasanna Gopal Volisettybug-bounty, kali-linux, hacking-tools, hacking05-Mar-2024
XXEs are lurking in unexpected places and you'll find these vulnerabilities almost everywherehttps://medium.com/@securelearn/xxes-are-lurking-in-unexpected-places-and-youll-find-these-vulnerabilities-almost-everywhere-aefeef9d7cbb?source=rss------bug_bounty-5Rohan Giribug-bounty-tips, web-vulnerabilities, bug-bounty05-Mar-2024
How I Found Multiple XSS Vulnerabilities Using Unknown Techniqueshttps://infosecwriteups.com/how-i-found-multiple-xss-vulnerabilities-using-unknown-techniques-74f8e705ea0d?source=rss------bug_bounty-5Khaledyassenxss-attack, hacking, bug-bounty, bug-bounty-tips, cybersecurity05-Mar-2024
Tips Melakukan Analisa Email Phishinghttps://medium.com/@yasminramadini/tips-melakukan-analisa-email-phishing-e4d8f5b4bed6?source=rss------bug_bounty-5Yasmin Ramadinicybersecurity, indonesia, soc-analyst, tryhackme, bug-bounty05-Mar-2024
12.3 Lab: Exploiting NoSQL injection to extract data | 2024https://infosecwriteups.com/12-3-lab-exploiting-nosql-injection-to-extract-data-2024-ca9896a3c964?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, cybersecurity, security05-Mar-2024
Apa Itu OSI Model? Protokol Dan Enkapsulasi Tiap Layernyahttps://medium.com/@yasminramadini/apa-itu-osi-model-protokol-dan-enkapsulasi-tiap-layernya-6faa7a0e8bbb?source=rss------bug_bounty-5Yasmin Ramadinisoc-analyst, tryhackme, cybersecurity, indonesia, bug-bounty05-Mar-2024
Apa Itu TCP, UDP, Dan Three-way Handshhttps://medium.com/@yasminramadini/apa-itu-tcp-udp-dan-three-way-handsh-03edaf55c42d?source=rss------bug_bounty-5Yasmin Ramadinisoc-analyst, bug-bounty, cybersecurity, indonesia, tryhackme05-Mar-2024
Road Map to Bug Bounty: A Beginner’s Guidehttps://bjamali.medium.com/road-map-to-bug-bounty-a-beginners-guide-bd14b44e174b?source=rss------bug_bounty-5Babar Ali Jamaliinformation-security, cyber, hacking, cybersecurity, bug-bounty05-Mar-2024
5 Tips GoogleDocks you should know — Bug Bounty Tuesdayhttps://medium.com/@kerstan/5-tips-googledocks-you-should-know-bug-bounty-tuesday-49007026903f?source=rss------bug_bounty-5kerstantechnology, cybersecurity, bug-bounty, programming, security5-Mar-2024
#9.TryHackMe Series writeups-LazyAdminhttps://cyb3rmind.medium.com/9-tryhackme-series-writeups-lazyadmin-7712917a2333?source=rss------bug_bounty-5Cyb3r M!ndwalkthrough, lazy-admin, tryhackme-writeup, tryhackme, bug-bounty05-Mar-2024
Unauthorized access to Facebook creator’s professional dashboardhttps://gtm0x01.medium.com/unauthorized-access-to-facebook-creators-professional-dashboard-e35d98644258?source=rss------bug_bounty-5Gtm Mänôzfacebook, medium, graphql, bug-bounty, writeup05-Mar-2024
My Recon Methodology (ep 1)https://realm3ter.medium.com/my-recon-methodology-ep-1-bc9e6fd660ad?source=rss------bug_bounty-5Muhammad Materbug-bounty, recon, osint05-Mar-2024
Knock, Knock. Who’s there? SSRF! SSRF who? Redirect SSRF!https://atemporalzen.medium.com/knock-knock-whos-there-ssrf-ssrf-who-redirect-ssrf-449f5d18c5a7?source=rss------bug_bounty-5atemporalzenbug-bounty, cybersecurity, hacking, ssrf05-Mar-2024
Payload will after youhttps://medium.com/@isuk4/payload-will-after-you-3e16eaa17517?source=rss------bug_bounty-5Isuka sanujsql-injection, second-order-attack, pentesting, web-app-exploits, bug-bounty05-Mar-2024
HTTP Request Smuggling: WWWWWH?https://medium.com/@rcxsecurity/http-request-smuggling-wwwwwh-85be9c46a38e?source=rss------bug_bounty-5RCXSecuritycybersecurity, pentesting, bug-bounty-tips, bug-bounty, application-security05-Mar-2024
The Danger of PHP Eval():https://medium.com/@pkhuyar/the-danger-of-php-eval-a23410187ca2?source=rss------bug_bounty-5Prashant Roybug-bounty, php, cybersecurity, penetration-testing, ctf05-Mar-2024
Hacking the UK government ( FULL database access )https://ahmadmansourr.medium.com/hacking-the-uk-government-full-database-access-496a94e6cc9c?source=rss------bug_bounty-5Ahmad Mansourcomputer-science, bug-bounty, hacking, pentesting, cybersecurity05-Mar-2024
BAC Leads To Full Takeover Of Any Organisationhttps://medium.com/@ismailsaid1603/bac-leads-to-full-takeover-of-any-organisation-0fc21cf4cb5e?source=rss------bug_bounty-5Esmail Saiedbug-bounty, broken-access-control, idor, bugcrowd, cybersecurity05-Mar-2024
Information Disclosure — Instructor’s Email Address leaked in Responsehttps://rohmadhidayah.medium.com/information-disclosure-instructors-email-address-leaked-in-response-1737551d5a8b?source=rss------bug_bounty-5Rohmad Hidayahinfo-sec-writeups, bug-bounty-tips, bug-bounty, information-disclosure, infosec-write-ups04-Mar-2024
OTP Bypass Via Response Manipulationhttps://medium.com/@maratherao93/otp-bypass-via-response-manipulation-e55352c5c419?source=rss------bug_bounty-5Marathe Raobug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup04-Mar-2024
the Intricacies of WiFi Hackinghttps://medium.com/@paritoshblogs/the-intricacies-of-wifi-hacking-76c404240111?source=rss------bug_bounty-5Paritoshbug-bounty, cybersecurity, hacking, wifi, programming04-Mar-2024
Apa Itu Cyber Kill Chain Dalam Cyber Securityhttps://medium.com/@yasminramadini/apa-itu-cyber-kill-chain-dalam-cyber-security-5e993233615c?source=rss------bug_bounty-5Yasmin Ramadinitryhackme, soc-analyst, indonesia, bug-bounty, cybersecurity04-Mar-2024
Apa Itu Pyramid Of Pain Dalam Cyber Securityhttps://medium.com/@yasminramadini/apa-itu-pyramid-of-pain-dalam-cyber-security-7e08932e8ed9?source=rss------bug_bounty-5Yasmin Ramadinitryhackme, indonesia, bug-bounty, cybersecurity, soc-analyst04-Mar-2024
It assignment helper https://www.fiverr.com/s/QAR93yhttps://medium.com/@drugdirectory96/it-assignment-helper-https-www-fiverr-com-s-qar93y-30e688ba78e9?source=rss------bug_bounty-5Masud Ranajavascript, money, bug-bounty, software-development, bug-bounty-tips04-Mar-2024
My Report Summaries #1: Project manager can see & download all users’ login history at redacted app…https://infosecwriteups.com/my-report-summaries-1-project-manager-can-see-download-all-users-login-history-at-redacted-app-6a41597b5d11?source=rss------bug_bounty-5can1337infosec, bug-bounty, idor, cybersecurity04-Mar-2024
Come diventare un hacker nel 2024https://medium.com/@d0lf1_/come-diventare-un-hacker-nel-2024-493c8c0ced9a?source=rss------bug_bounty-5d0lf1italiano, penetration-testing, google, bug-bounty, hacking04-Mar-2024
11.8 Lab: Exploiting XXE via image file upload | 2024https://cyberw1ng.medium.com/11-8-lab-exploiting-xxe-via-image-file-upload-2024-e2840c3b85f3?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing04-Mar-2024
Simple vulnerability in a Cyber Security conferencehttps://medium.com/@jsamia/simple-vulnerability-in-a-cyber-security-conference-c06a53c6e4b7?source=rss------bug_bounty-5Jaeden Samiasecurity, ethical-hacking, bugs, bug-bounty04-Mar-2024
The Ethics of Bug Bounties: Balancing Incentives and Securityhttps://medium.com/@securelearn/the-ethics-of-bug-bounties-balancing-incentives-and-security-7501a4aaa246?source=rss------bug_bounty-5Rohan Giribug-fixes, bug-bounty-tips, ethical-hacking, cybersecurity, bug-bounty03-Mar-2024
Recently Discovered Several Bugs in a Private Programhttps://zapstiko.medium.com/recently-discovered-several-bugs-in-a-private-program-8dc900bf6fe9?source=rss------bug_bounty-5Raihan Biswasbug-bounty, bugs, idor-vulnerability, information-disclosure, bug-bounty-tips03-Mar-2024
Google Dorking aka “Google Hacking”https://medium.com/@dasmanish6176/google-dorking-aka-google-hacking-49fb5a511345?source=rss------bug_bounty-5Dasmanishgoogle-dork, google-hacking, penetration-testing, bug-bounty03-Mar-2024
PHP Session Poisoning using LFI.https://medium.com/@YNS21/php-session-poisoning-using-lfi-36d7df012777?source=rss------bug_bounty-5Youness Abbidahackerone, bug-bounty, bugcrowd, php, vulnerability03-Mar-2024
Discovered potential SQL injection through parameter testinghttps://medium.com/@pankajnandkar/discovered-potential-sql-injection-through-parameter-testing-0be4364d9b7a?source=rss------bug_bounty-5Pankaj Nandkarbug-bounty-tips, ethical-hacking, sql-injection, bug-bounty, cybersecurity03-Mar-2024
11.7 Lab: Exploiting XInclude to retrieve files | 2024https://cyberw1ng.medium.com/11-7-lab-exploiting-xinclude-to-retrieve-files-2024-2f7751d777fa?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, hacking, cybersecurity03-Mar-2024
Sneak Peek: Mastering Blind SQL Injection with SQLMap and Manual Techniques (CVE-2023–6063)https://medium.com/@josh.beck2006/sneak-peek-mastering-blind-sql-injection-with-sqlmap-and-manual-techniques-cve-2023-6063-af904f61f822?source=rss------bug_bounty-5Josh Beckpenetration-testing, cybersecurity, bug-bounty, oscp03-Mar-2024
Magic Links as Gateways Account Takeovershttps://sl4x0.medium.com/magic-links-as-gateways-account-takeovers-e9c911ceb6f9?source=rss------bug_bounty-5Abdelrhman Allam (sl4x0)magic-link, account-takeover, bug-bounty, web-security, pentesting03-Mar-2024
HBO BUB in production. Can’t UNsubscribehttps://medium.com/@shanlogauthier/hbo-bub-in-production-cant-unsubscribe-b0b3982d2292?source=rss------bug_bounty-5Shanlogauthierbug-bounty, max, hbo-max, hbo, bugs03-Mar-2024
Exploiting Grafana To achieve Remote Command Executionhttps://medium.com/@konqi/exploiting-grafana-to-achieve-remote-command-execution-5eb0f99cb107?source=rss------bug_bounty-5Vahagn Israelianhacking, bug-bounty, vulnerability, penetration-testing, grafana02-Mar-2024
the Power of Twitter OSINThttps://medium.com/@paritoshblogs/the-power-of-twitter-osint-059cfaa3b0e2?source=rss------bug_bounty-5Paritoshtwitter, cybersecurity, bug-bounty, threat-intelligence, hacking02-Mar-2024
https://medium.com/@morganbinbash/-46d5d16114c8?source=rss------bug_bounty-5Morgan Bin Bashfrontend, cybersecurity, bug-bounty, pentesting02-Mar-2024
the Power of Twitter OSINThttps://infosecwriteups.com/the-power-of-twitter-osint-059cfaa3b0e2?source=rss------bug_bounty-5Paritoshtwitter, cybersecurity, bug-bounty, threat-intelligence, hacking02-Mar-2024
My first IDOR hunting storyhttps://medium.com/@loverslandgandhi/my-first-idor-hunting-story-42c71fbe06dc?source=rss------bug_bounty-5Loverslandgandhiethical-hacking, bug-bounty-hunter, bug-bounty-tips, cybersecurity, bug-bounty02-Mar-2024
How I Got Highly Sensetive Api Keys On A Private Hackerone Programhttps://medium.com/@mrraghavop12/how-i-got-highly-sensetive-api-keys-on-a-private-hackerone-program-b40c6de80708?source=rss------bug_bounty-5Ethical Raghavcybersecurity, data-science, bug-bounty, technology, web-development02-Mar-2024
Unveiling the Secrets: SSRF Adventures in Microsoft’s AI Playgroundhttps://medium.com/@soufianehabti/unveiling-the-secrets-ssrf-adventures-in-microsofts-ai-playground-26c7872b32fc?source=rss------bug_bounty-5Soufiane Habtibug-bounty, microsoft, security, ai, artificial-intelligence02-Mar-2024
Bypassing the Bluecoat Unified Agenthttps://medium.com/@0xSphinx/bypassing-the-bluecoat-unified-agent-36ada54fe789?source=rss------bug_bounty-50xSphinxhacking, penetration-testing, security, bug-bounty, cybersecurity02-Mar-2024
What is RedTeaming ?https://aboutjbr.medium.com/what-is-redteaming-8699650f4265?source=rss------bug_bounty-5Jbrethical-hacking, bug-bounty, red-team, cybersecurity, hacking02-Mar-2024
bersecurity11.6 Lab: Exploiting blind XXE to retrieve data via error messages | 2024https://cyberw1ng.medium.com/bersecurity11-6-lab-exploiting-blind-xxe-to-retrieve-data-via-error-messages-2024-4b7f1340195a?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, cybersecurity, careers02-Mar-2024
How to hack a LTE Router? Just text it!https://medium.com/@mateusz-msl-lach/how-to-hack-a-lte-router-just-text-it-847f526c0a7f?source=rss------bug_bounty-5Mateusz Lachxss-attack, cybersecurity, cve, bug-bounty, zte02-Mar-2024
My first IDOR hunting storyhttps://hackergandhi.medium.com/my-first-idor-hunting-story-42c71fbe06dc?source=rss------bug_bounty-5hackergandhiethical-hacking, bug-bounty-hunter, bug-bounty-tips, cybersecurity, bug-bounty02-Mar-2024
XML Injection: Deep Divehttps://cyberbull.medium.com/xml-injection-deep-dive-2e6e7132732d?source=rss------bug_bounty-5Aditya Pandeyxml, bug-fixes, injection, bug-bounty, cybersecurity01-Mar-2024
$600 Simple MFA Bypass — Graphqlhttps://securitycipher.medium.com/600-simple-mfa-bypass-graphql-b46c6a4c5b82?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)security, cybersecurity, bug-bounty, technology, hacking01-Mar-2024
XSS : A Fight With The WAFhttps://medium.com/@itsmeliodas/xss-a-fight-with-the-waf-a08a4fc6012c?source=rss------bug_bounty-5Meliodascybersecurity, xss-attack, bug-bounty01-Mar-2024
Understanding Cybersecurity: Safeguarding the Digital Realmhttps://medium.com/@thirdeye1910/understanding-cybersecurity-safeguarding-the-digital-realm-8b36c55bec61?source=rss------bug_bounty-5Rajib Hassenbug-bounty, ethereum, cyberattack, cybersecurity01-Mar-2024
11.5 Lab: Exploiting blind XXE to exfiltrate data using a malicious external DTD | 2024https://infosecwriteups.com/11-5-lab-exploiting-blind-xxe-to-exfiltrate-data-using-a-malicious-external-dtd-2024-a0cc2615cd5e?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, cybersecurity, hacking, security01-Mar-2024
Retrieving SUI Wallet Passphrase and Private Key without Passwordhttps://medium.com/@mgthuramoemyint/retrieving-sui-wallet-passphrase-and-private-key-without-password-8c7ae9d30033?source=rss------bug_bounty-5Thura Moe Myintbug-bounty, security01-Mar-2024
Medium Bug Bounty on Hacker One — Broken Linkhttps://medium.com/bugs-that-bite/medium-bug-bounty-on-hacker-one-broken-link-b121c8896843?source=rss------bug_bounty-5Teri Radichelsecurity, bug-bounty, bugs, medium, hackerone29-Feb-2024
Critical vulnerability in Flask AppBuilder — CVE-2024–25128https://systemweakness.com/critical-vulnerability-in-flask-appbuilder-cve-2024-25128-a8693fb31d86?source=rss------bug_bounty-5ElNiakvulnerability, cybersecurity, flask, bug-bounty, python29-Feb-2024
Version disclosure in headers and response : Security threathttps://medium.com/@zakeeandroid/version-disclosure-in-headers-and-response-security-threat-0b4e86272018?source=rss------bug_bounty-5Mohamed Zakeeapplication-security, bug-bounty, cybersecurity29-Feb-2024
Stored XSS on Bug Bounty Programhttps://medium.com/@bry4nzheng/stored-xss-on-bug-bounty-program-092d6c262c1b?source=rss------bug_bounty-5Bryan Zhengpenetration-testing, cybersecurity, bug-bounty29-Feb-2024
Simple Tips for Bug Bounty Beginners: Finding API Key Leakage Vulnerabilitieshttps://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-api-key-leakage-vulnerabilities-eddc416216ce?source=rss------bug_bounty-5Anish Narayanbug-bounty-writeup, secure-api-key, bug-bounty-tips, bug-bounty-hunting, bug-bounty29-Feb-2024
How to Excel at CTF Games with Linux Command Line Toolshttps://dpericich.medium.com/how-to-excel-at-ctf-games-with-linux-command-line-tools-a68fba09cbfa?source=rss------bug_bounty-5Daniel Pericichcybersecurity, linux, terminal, bug-bounty, software-engineering29-Feb-2024
How do I found Blind SSRF on a Hackerone Programhttps://codingninjablogs.tech/how-do-i-found-blind-ssrf-on-a-hackerone-program-3f7c315c20c9?source=rss------bug_bounty-5#!/Subhankarcve, hacking, bug-bounty, ssrf, hackerone29-Feb-2024
Horizontal Privilege Escalation Leads to Bountyhttps://medium.com/@hellother18/horizontal-privilege-escalation-leads-to-bounty-f87aebbed8ab?source=rss------bug_bounty-5Manthan_ mahalebugbounty-tips, hackerone, bounty-program, privilege-escalation, bug-bounty29-Feb-2024
11.4 Lab: Blind XXE with out-of-band interaction via XML parameter entities | 2024https://infosecwriteups.com/11-4-lab-blind-xxe-with-out-of-band-interaction-via-xml-parameter-entities-2024-14fbb40ba2f0?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, penetration-testing, cybersecurity, hacking29-Feb-2024
SQL Injection: Beyond ‘OR 1=1’. An iCSI CTFhttps://medium.com/@josh.beck2006/sql-injection-beyond-or-1-1-an-icsi-ctf-b468b1dfa851?source=rss------bug_bounty-5Josh Beckcybersecurity, oscp, bug-bounty, ctf-writeup29-Feb-2024
Authentication Bypass Using Response Manipulationhttps://medium.com/@kundanp70559361/authentication-bypass-using-response-manipulation-c95969e787a8?source=rss------bug_bounty-5kundan prasadscience, cyber-security-awareness, hacking, bug-bounty, cybersecurity29-Feb-2024
Maximizing Bug Bounty Earnings with Burp Suite: Essential Tools and Plugins.https://medium.com/@montymahapatra79/maximizing-bug-bounty-earnings-with-burp-suite-essential-tools-and-plugins-84468c5d969d?source=rss------bug_bounty-5Montymahapatraburpsuite-profissional, burpsuite, bug-bounty, burpsuite-extension, bug-bounty-tips29-Feb-2024
First Bug Bountyhttps://medium.com/@tom.sh/first-bug-bounty-ba6088fc2615?source=rss------bug_bounty-5Tomcybersecurity, bugcrowd, hackerone, bug-bounty, hacking29-Feb-2024
How to find your first XSS vulnerability!!!https://medium.com/@basti_Sec/how-to-find-your-first-xss-vulnerability-a35cb69b2f56?source=rss------bug_bounty-5Basti_Secbug-bounty-hunter, xss-vulnerability, hacking, bug-bounty, xss-attack29-Feb-2024
The Reality of Cloud Hackinghttps://medium.com/@paritoshblogs/the-reality-of-cloud-hacking-8a061059dfcc?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, cloud-computing, cloud-hacking, hacking28-Feb-2024
Email verification bypass leads to create unlimited user accounts with what ever email idhttps://medium.com/@Rahulkrishnan_R_Panicker/email-verification-bypass-leads-to-create-unlimited-user-accounts-with-what-ever-email-id-68a2069185e4?source=rss------bug_bounty-5Rahulkrishnan R Panickertechnology, cybersecurity, hacking, bug-bounty, programming28-Feb-2024
symfony profiler kritik təhlükəsizlik açığı $$$https://memmedrehimzade.medium.com/symfony-profiler-kritik-t%C9%99hl%C3%BCk%C9%99sizlik-a%C3%A7%C4%B1%C4%9F%C4%B1-622ae6495fef?source=rss------bug_bounty-5memmed rehimzadekibertəhlükəsizlik, bug-bounty, cybertime28-Feb-2024
Microsoft Azure Cloud Service’s uAMQP Library Flaw and Its Potential for RCE — CVE-2024–27099…https://medium.com/@elniak/microsoft-azure-cloud-services-uamqp-library-flaw-and-its-potential-for-rce-cve-2024-27099-3d717cdb45f3?source=rss------bug_bounty-5ElNiakvulnerability, bug-bounty, cloud, azure, cybersecurity28-Feb-2024
https://medium.com/@morganbinbash/-af057d8d6788?source=rss------bug_bounty-5Morgan Bin Bashcybersecurity, pentesting, bug-bounty28-Feb-2024
Revolutionize Your Bug Hunting: Jam.dev Turbocharges Bug Reportinghttps://medium.com/@merisstupar11/revolutionize-your-bug-hunting-jam-dev-turbocharges-bug-reporting-2df14351766f?source=rss------bug_bounty-5Meris Stuparbug-bounty, programming, testing, software-engineering, github28-Feb-2024
How do I automate my recon — Part Twohttps://medium.com/@aliraah/how-do-i-automate-my-recon-part-two-b39a66b4c23d?source=rss------bug_bounty-5Aliraahpython, bug-bounty, automation, infosec, reconnaissance28-Feb-2024
Pre-Account Takeover Leading To Broken Access Controlhttps://medium.com/@bcarikci-dev/pre-account-takeover-leading-to-broken-access-control-13916ca02483?source=rss------bug_bounty-5Berkay Çarıkçıoğlubroken-access-control, bug-bounty, cybersecurity, hacking, penetration-testing28-Feb-2024
cybers11.3 Lab: Blind XXE with out-of-band interaction | 2024https://infosecwriteups.com/cybers11-3-lab-blind-xxe-with-out-of-band-interaction-2024-9f2f5caf98ad?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, cybersecurity, penetration-testing, hacking28-Feb-2024
[TOOL GUIDE] Bypass-http a python tool to find 403 & 401 bypasshttps://medium.com/@reinhardt.pwn/tool-guide-bypass-http-a-python-tool-to-find-403-401-bypass-b46ff0bd6978?source=rss------bug_bounty-5|Reinhardt|cybersecurity-tools, cybersecurity, pentest, bug-bounty28-Feb-2024
Yerel bir DTD’yi yeniden kullanarak kör XXE’den yararlanmahttps://medium.com/@hhuseyinuyar17/yerel-bir-dtdyi-yeniden-kullanarak-k%C3%B6r-xxe-den-yararlanma-f999fbbfdd0a?source=rss------bug_bounty-5Hhuseyinuyarxml, burpsuite, injection, bug-bounty, xxe28-Feb-2024
how i make 6,000$ with jwt manipulation on web3 crypto application ?https://medium.com/@zack0x01_/how-i-make-6-000-with-jwt-manipulation-on-web3-crypto-application-1e659c927647?source=rss------bug_bounty-5zack0x01bug-bounty-program, bug-bounty, bug-bounty-tips, bug-bounty-writeup28-Feb-2024
Hack Stories: Hacking Hackers EP:2https://infosecwriteups.com/hack-stories-hacking-hackers-ep-2-b4d2e628781e?source=rss------bug_bounty-5c0d3x27cybersecurity, threat-intelligence, hacking, software-development, bug-bounty28-Feb-2024
First bug and bountyhttps://medium.com/@Rahulkrishnan_R_Panicker/first-bug-and-bounty-5612ba5d455e?source=rss------bug_bounty-5Rahulkrishnan R Panickerinfo-sec-writeups, bug-bounty, programming, technology, infosec27-Feb-2024
Jenkins Arbitrary File Reading Vulnerability (CVE-2024–23897) — Bug Bounty Tuesdayhttps://medium.com/@kerstan/jenkins-arbitrary-file-reading-vulnerability-cve-2024-23897-bug-bounty-tuesday-8e3a69443d9b?source=rss------bug_bounty-5kerstantechnology, bug-bounty, security, cybersecurity, programming27-Feb-2024
Bug Bounty should be a goto solution for your web3 security needshttps://securrtech.medium.com/bug-bounty-should-be-a-goto-solution-for-your-web3-security-needs-46b0f07b1a96?source=rss------bug_bounty-5Securrweb3-security, bug-bounty, web327-Feb-2024
Leak JWT Private Key leads to Bypass Authenticationhttps://sonnguy3n.medium.com/leak-jwt-private-key-leads-to-bypass-authentication-e0bd984f55ad?source=rss------bug_bounty-5Son Nguyensecurity, bypass, bug-bounty, jwt-token27-Feb-2024
Finding and exploiting blind XXE vulnerabilitieshttps://cyberw1ng.medium.com/finding-and-exploiting-blind-xxe-vulnerabilities-446f1f41eab9?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, penetration-testing, careers, bug-bounty27-Feb-2024
Reconnaissance: A Google-Dorking Affairhttps://medium.com/@kieran.x.willey/reconnaissance-a-google-dorking-affair-21edfb4e3b0f?source=rss------bug_bounty-5Kieran Wpenetration-testing, bug-bounty, reconnaissance, hacking, google-dorking27-Feb-2024
How do you know if someone has opened your email or not?https://medium.com/@deadoverflow/how-do-you-know-if-someone-has-opened-your-email-or-not-c5bcefda3a89?source=rss------bug_bounty-5Imad Husanovicbug-bounty, chrome-extension, hacking, programming, cybersecurity27-Feb-2024
Read This If You Still Watch Porn in Google Incognito Mode ⚫https://medium.com/@Ajakcybersecurity/read-this-if-you-still-watch-porn-in-google-incognito-mode-ab4a5faa1dcc?source=rss------bug_bounty-5AjakCybersecuritygoogle, history, ethical-hacking, bug-bounty, cybersecurity27-Feb-2024
CVE-2023–40000: How Safe Is Your Internet Box? ️https://medium.com/coded-tech-talk/cve-2023-40000-how-safe-is-your-internet-box-%EF%B8%8F-06ff1f872f7b?source=rss------bug_bounty-5Coded Conversationscyber-security-awareness, cve, vulnerability, cybersecurity, bug-bounty27-Feb-2024
The Exploitation of Massive Slack Workspaces Registration Vulnerabilityhttps://medium.com/@siratsami71/the-exploitation-of-massive-slack-workspaces-registration-vulnerability-0c0e76e5cd3e?source=rss------bug_bounty-5Sirat Sami (analyz3r)bug-bounty, cybersecurity, hackerone27-Feb-2024
Major Security Flaw in ConnectWise ScreenConnect — CVE-2024–1709https://medium.com/@elniak/major-security-flaw-in-connectwise-screenconnect-cve-2024-1709-633015ba2b9f?source=rss------bug_bounty-5ElNiakcve, cybersecurity, ransomware, bug-bounty, penetration-testing26-Feb-2024
Pwn College — Talking to Web Walkthrough by Karthikeyan Nagarajhttps://infosecwriteups.com/pwn-college-talking-to-web-walkthrough-by-karthikeyan-nagaraj-48d13b3a1216?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, hacking, security, careers26-Feb-2024
This is How I Received My Acknowledgement from Microsofthttps://medium.com/@kamilrahman32/this-is-how-i-received-my-acknowledgement-from-microsoft-2366b58cbd98?source=rss------bug_bounty-5Kamil Rahumanmicrosoft, cybersecurity, hall-of-fame, bug-bounty, bug-bounty-tips26-Feb-2024
Hunting for Hidden Parameters in Burp Suitehttps://medium.com/mii-cybersec/hunting-for-hidden-parameters-in-burp-suite-98b54616f863?source=rss------bug_bounty-5Bryan Matthewhidden-parameters, bug-bounty, burpsuite, red-team, owasp26-Feb-2024
Lakshya CTF 2k24 by pict cyber cellhttps://medium.com/@suyogpatil1810/lakshya-ctf-2k24-by-pict-cyber-cell-6ec37ec0b954?source=rss------bug_bounty-5Suyog Patilctf-writeup, bug-bounty, ctf, engineering, hacking26-Feb-2024
How I Found Xss In A Inactive Hackerone Program With My Mobilehttps://medium.com/@mrraghavop12/how-i-found-xss-in-a-inactive-hackerone-program-34464552256e?source=rss------bug_bounty-5Ethical Raghavbug-bounty-tips, technology, blockchain, bug-bounty, cybersecurity26-Feb-2024
Glider: Revolutionizing Web3 Auditing and Security Analysishttps://medium.com/coinmonks/glider-revolutionizing-web3-auditing-and-security-analysis-3a3ad6add87d?source=rss------bug_bounty-5Officer's Notesbug-bounty, solidity, smart-contracts, dapps, blockchain26-Feb-2024
Hacking Android Apps With Fridahttps://blog.prodefense.io/hacking-android-apps-with-frida-f4b9121228b6?source=rss------bug_bounty-5Matthew Keeleysecurity, pentesting, bug-bounty, android, hacking26-Feb-2024
Html-Injection [ Bug Bounty ]https://medium.com/@rhashibur75/html-injection-bug-bounty-a41f87217118?source=rss------bug_bounty-5Kazi Hashibur Rahmanbug-bounty25-Feb-2024
Create Your Own File Extensionhttps://medium.com/@paritoshblogs/create-your-own-file-extension-fa484c677590?source=rss------bug_bounty-5Paritoshcoding, file-extension, bug-bounty, programming, information-technology25-Feb-2024
Business Logic Error in the Comment Section of a Porn sitehttps://medium.com/@vflexo/business-logic-error-in-the-comment-section-of-a-porn-site-42643f66dfee?source=rss------bug_bounty-5vFlexovapt, cybersecurity, ethical-hacking, bug-bounty, penetration-testing25-Feb-2024
CRLF injectionhttps://medium.com/@R00tendo/crlf-injection-ae26521c5e4c?source=rss------bug_bounty-5R00tendoweb-application-security, bug-bounty, web-security, crlf-injection25-Feb-2024
The Story of How I Hacked a Website with a Simple Stored XSS Payload (And How Bugcrowd Turned Me…https://medium.com/@iamrizwanvp/the-story-of-how-i-hacked-a-website-with-a-simple-stored-xss-payload-and-how-bugcrowd-turned-me-63773d5906ff?source=rss------bug_bounty-5RIZWANbug-bounty-tips, cybersecurity, bug-bounty, penetration-testing, vulnerability25-Feb-2024
I took over 10 Million Accounts, Easy API Hackinghttps://infosecwriteups.com/i-took-over-10-million-accounts-easy-api-hacking-89a7092abe40?source=rss------bug_bounty-5Ravaanbug-bounty, bug-bounty-writeup, api, hacking, cybersecurity25-Feb-2024
Beyond the Wall: Bypassing OTP, WAF, and 403 for exploiting a SQL Injectionhttps://medium.com/@remmy9/beyond-the-wall-bypassing-otp-waf-and-403-for-exploiting-a-sql-injection-97f06a3527c0?source=rss------bug_bounty-5Remmyhacking, 403-bypass, bug-bounty, waf-bypass, sql-injection25-Feb-2024
10.5 Lab: Blind SSRF with out-of-band detection | 2024https://cyberw1ng.medium.com/10-5-lab-blind-ssrf-with-out-of-band-detection-2024-2497bcf7859c?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, bug-bounty, security, careers25-Feb-2024
The Aspida Bug Bounty Programhttps://medium.com/@aspidabd/the-aspida-bug-bounty-program-84e4495955c1?source=rss------bug_bounty-5Aspidalsd, lsdfi, blockchain, staking, bug-bounty24-Feb-2024
Best Approach to active Directory: 2https://medium.com/@anekantsinghai/best-approach-to-active-directory-2-b32a8bb2be7e?source=rss------bug_bounty-5Anekant Singhai Jainpenetration-testing, windows, bug-bounty, cybersecurity, active-directory24-Feb-2024
Explaining and exploiting open redirect vulnerabilitieshttps://medium.com/@R00tendo/explaining-and-exploiting-open-redirect-vulnerabilities-67dd825e2c49?source=rss------bug_bounty-5R00tendoopen-redirect, web-security, bug-bounty, web-application-security, web-hacking24-Feb-2024
How I Got $5,000 for Out-of-Scope XSShttps://7odamoo.medium.com/how-i-got-5-000-for-out-of-scope-xss-f96938a8c561?source=rss------bug_bounty-5Mahmoud Hamed (7odamoo)bug-bounty-tips, bug-bounty, pentesting24-Feb-2024
Ethernaut Challenge Level 16: Solution (Preservation)https://shubhamnagar1.medium.com/ethernaut-challenge-level-16-solution-preservation-4403230b469c?source=rss------bug_bounty-5Shubham Nagarsolidity, blockchain, cybersecurity, bug-bounty, ethernaut24-Feb-2024
Bypass Rate Limits on authentication endpoints like a pro………!https://medium.com/@a13h1/bypass-rate-limits-on-authentication-endpoints-like-a-pro-2054460a43c0?source=rss------bug_bounty-5Abhi Sharmaprogramming, rate-limiting, api, cybersecurity, bug-bounty24-Feb-2024
10.4 Lab: SSRF with filter bypass via open redirection vulnerability | 2024https://cyberw1ng.medium.com/10-4-lab-ssrf-with-filter-bypass-via-open-redirection-vulnerability-2024-fa36d8f10968?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, security, bug-bounty, hacking24-Feb-2024
How i was able to hack over 10 million websites using BAC : broken access controle .https://medium.com/@zack0x01_/how-i-was-able-to-hack-over-10-million-websites-using-bac-broken-access-controle-ce6b704e3dcb?source=rss------bug_bounty-5zack0x01hacking-training, bug-bounty-tips, bug-bounty, bug-bounty-writeup, hacking23-Feb-2024
How Automation Detected Default Admin Credential Worth $500https://vijetareigns.medium.com/how-automation-detected-default-admin-credential-worth-500-d6c09719d307?source=rss------bug_bounty-5the_unlucky_guybug-bounty-tips, bug-bounty-writeup, bug-bounty, bugbounty-writeup, cybersecurity23-Feb-2024
Shodan - “Unauthorized access to setup panel”https://medium.com/@bug.hun3r/shodan-power-unauthorized-access-to-setup-panel-c64bd63f9b3e?source=rss------bug_bounty-5mo9kHu93rhacking, web-application-security, bug-hunting, cybersecurity, bug-bounty23-Feb-2024
10.3 Lab: SSRF with blacklist-based input filter | 2024https://cyberw1ng.medium.com/10-3-lab-ssrf-with-blacklist-based-input-filter-2024-9a7972ab7e8f?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, security, careers, hacking, bug-bounty23-Feb-2024
From CRLF Injection to XSS: Elevating the Stakes in Apple iTunes Securityhttps://xelkomy.medium.com/from-crlf-injection-to-xss-elevating-the-stakes-in-apple-itunes-security-597dc435fd82?source=rss------bug_bounty-5Khaled Mohamedcrlf, infosec, bug-bounty, penetration-testing, xs23-Feb-2024
Unveiling Bug Bounties: Balancing the Scale of Application Securityhttps://sushantkatare.medium.com/unveiling-bug-bounties-balancing-the-scale-of-application-security-be5645395101?source=rss------bug_bounty-5Sushant Katare, CISSPbug-bounty, vulnerability, bugs23-Feb-2024
Hacking Web Meeting/Webinar Apphttps://ronak-9889.medium.com/hacking-web-meeting-webinar-app-1cb31c648752?source=rss------bug_bounty-5Ronak Patelinformation-security, ethical-hacking, cybersecurity, bug-bounty23-Feb-2024
A Pen worth 80K (BBP#2)https://infosecwriteups.com/a-pen-worth-80k-bbp-2-dceb0db18366?source=rss------bug_bounty-5Devender Raopenetration-testing, cybersecurity, bug-bounty, application-security, linux23-Feb-2024
How I Got 1-Click ATO through self-XSShttps://medium.com/@0x3adly/how-i-was-able-to-get-1-click-ato-through-self-xss-6a6f59b3a6da?source=rss------bug_bounty-5Anas Eladly ( 0x3adly )bug-bounty, csrf, penetration-testing, cross-site-scripting, bug-bounty-tips22-Feb-2024
Disclose assigned apps of any facebook userhttps://gtm0x01.medium.com/disclose-assigned-apps-of-any-facebook-user-e78bcff1de71?source=rss------bug_bounty-5Gtm Mänôzbug-bounty, graphql, facebook-bug-bounty, bug-bounty-writeup, infosec22-Feb-2024
IDOR: The Simple Switchhttps://medium.com/@ganga_/idor-the-simple-switch-19d881358552?source=rss------bug_bounty-5Gangaethical-hacking, bug-bounty-writeup, bug-bounty, web-application-security, penetration-testing22-Feb-2024
How To Report a Vulnerability which is not a part of the VDP Program?https://medium.com/@Ajakcybersecurity/how-to-report-a-vulnerability-which-is-not-a-part-of-the-vdp-program-b7b951795c45?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, penetration-testing, bug-bounty, hacking, blog22-Feb-2024
HTTP-Only Sessions: No Problem? ATO Still Lurks via XSS!https://kokomagedd.medium.com/http-only-sessions-no-problem-ato-still-lurks-via-xss-d415dec701d0?source=rss------bug_bounty-5Kyrillos Magedbug-bounty, bug-bounty-tips, xss-attack, cybersecurity, infosec22-Feb-2024
Mastering BetterCap: A Beginner’s Guide to Network Attacks and Monitoringhttps://infosecwriteups.com/mastering-bettercap-a-beginners-guide-to-network-attacks-and-monitoring-b313c1f85489?source=rss------bug_bounty-5ElNiakbug-bounty, cybersecurity, reconnaissance, network-security, bettercap22-Feb-2024
Exploiting XSS to Perform CSRFhttps://medium.com/@marduk.i.am/exploiting-xss-to-perform-csrf-275288910459?source=rss------bug_bounty-5Marduk I Amstored-xss, cybersecurity, bug-bounty, portswigger-lab, cross-site-scripting22-Feb-2024
How I logged into user accounts with no informationhttps://medium.com/@jsamia/how-i-logged-into-user-accounts-with-no-information-629f50e8885d?source=rss------bug_bounty-5Jaeden Samiasecurity, ethical-hacking, bug-bounty22-Feb-2024
Using Wayback And DNS rebinding For SSRFhttps://medium.com/@amnotacat/using-wayback-and-dns-rebinding-for-ssrf-a5a16f611acc?source=rss------bug_bounty-5amnotacatbug-bounty22-Feb-2024
Exploit Development: Classic Buffer Overflowshttps://medium.com/@boogsta/exploit-development-classic-buffer-overflows-0416a7ed1d9a?source=rss------bug_bounty-5Boogstacyber, hacking, bug-bounty, tryhackme, cybersecurity22-Feb-2024
Hack The Box Certified Bug Bounty Hunter (CBBH) Reviewhttps://medium.com/@josselin_poupeney/hack-the-box-certified-bug-bounty-hunter-cbbh-review-f25796cb22ee?source=rss------bug_bounty-5Josselin Poupeneybug-bounty, pentesting, hackin, cbbh, hackthebox22-Feb-2024
How Bug Bounties Are Incentivising Ethical Hackinghttps://medium.com/@cybertec/how-bug-bounties-are-incentivising-ethical-hacking-1fa49410e0aa?source=rss------bug_bounty-5Jonathan Paulsonbug-bounty, hacking, cybercrime, cybersecurity, quantum-computing22-Feb-2024
Absolute Beginners Guide For Finding P4 Bugs (With Real Example!)-Part 2https://medium.com/@avbhijitdutta99/absolute-beginners-guide-for-finding-p4-bugs-with-real-example-part-2-c4a9d9c7af43?source=rss------bug_bounty-5Cyberbeatbugs, cybersecurity, cyberattack, bug-bounty, bug-bounty-tips21-Feb-2024
10 Kesalahan Coding Yang Membuat Aplikasi Kurang Amanhttps://medium.com/@yasminramadini/10-kesalahan-coding-yang-membuat-aplikasi-kurang-aman-77da9d768594?source=rss------bug_bounty-5Yasmin Ramadiniprogramming, cybersecurity, cyber-security-awareness, coding, bug-bounty21-Feb-2024
Understanding Wazuhhttps://medium.com/@paritoshblogs/understanding-wazuh-b4748d21c6ba?source=rss------bug_bounty-5Paritoshthreat-detection, siem, cybersecurity, bug-bounty, wazuh21-Feb-2024
Bug bounty writeup : 2F/OTP Bypass on Registeration via Response manipulationhttps://noorhomaid.medium.com/bug-bounty-writeup-2f-otp-bypass-on-registeration-via-response-manipulation-2e53573ffa4c?source=rss------bug_bounty-5NoorHomaidbug-bounty, ethical-hacking, bugbounty-writeup, cybersecurity21-Feb-2024
9.5 Lab: Exploiting time-sensitive vulnerabilities | 2024https://infosecwriteups.com/9-5-lab-exploiting-time-sensitive-vulnerabilities-2024-d5bf94cdcf59?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, security, hacking, cybersecurity21-Feb-2024
Critical Vulnerabilities in VMware EAP Uncovered — Unraveling CVE-2024–22245https://medium.com/@elniak/critical-vulnerabilities-in-vmware-eap-uncovered-unraveling-cve-2024-22245-08746ff09907?source=rss------bug_bounty-5ElNiakvulnerability, programming, bug-bounty, vmware, cybersecurity21-Feb-2024
This is the easiest bug you can find right now.https://medium.com/@an0nbil/this-is-the-easiest-bug-you-can-find-right-now-eb324861c238?source=rss------bug_bounty-5an0nbilethical-hacking, bug-bounty, programming, bug-bounty-tips, cybersecurity21-Feb-2024
Critical Vulnerabilities in VMware EAP Uncovered — Unraveling CVE-2024–22245https://systemweakness.com/critical-vulnerabilities-in-vmware-eap-uncovered-unraveling-cve-2024-22245-08746ff09907?source=rss------bug_bounty-5ElNiakvulnerability, programming, bug-bounty, vmware, cybersecurity21-Feb-2024
9.4 Lab: Single-endpoint race conditions | 2024https://cyberw1ng.medium.com/9-4-lab-single-endpoint-race-conditions-2024-40b12d1ae4be?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, security, careers, cybersecurity, hacking20-Feb-2024
Apa Itu Cross Site Scripting? Jenis, Dampak, Dan Pencegahannyahttps://medium.com/@yasminramadini/apa-itu-cross-site-scripting-jenis-dampak-dan-pencegahannya-e507eedb43f8?source=rss------bug_bounty-5Yasmin Ramadinicybersecurity, xss-attack, pentesting, cyber-security-awareness, bug-bounty20-Feb-2024
My Unbelievable Hack into HR Admin — A Bug Bounty Tale!!!https://medium.com/@ratnadip1998/my-unbelievable-hack-into-hr-admin-a-bug-bounty-tale-853338770d8c?source=rss------bug_bounty-5Ratnadip Gajbhiyebugcrowd, ethical-hacking, bug-bounty, bug-bounty-tips, hackerone20-Feb-2024
Hou I Discovering the Origin IP In Bug Bounty — Bug Bounty Tuesdayhttps://medium.com/@kerstan/hou-i-discovering-the-origin-ip-in-bug-bounty-bug-bounty-tuesday-47fa16c4ef34?source=rss------bug_bounty-5kerstansecurity, technology, bug-bounty, cybersecurity, programming20-Feb-2024
How I Discovering the Origin IP In Bug Bounty — Bug Bounty Tuesdayhttps://medium.com/@kerstan/hou-i-discovering-the-origin-ip-in-bug-bounty-bug-bounty-tuesday-47fa16c4ef34?source=rss------bug_bounty-5kerstansecurity, technology, bug-bounty, cybersecurity, programming20-Feb-2024
Breach the Build: Exploiting Jenkins (CVE-2024–23897)https://medium.com/@josh.beck2006/breach-the-build-exploiting-jenkins-cve-2024-23897-f2ecc415f9bf?source=rss------bug_bounty-5Josh Beckoscp, cybersecurity, ctf-writeup, bug-bounty20-Feb-2024
How easy it is to find Private Info on Googlehttps://medium.com/@lochana8723/mastering-osint-gold-mines-a-guide-to-google-dorking-for-bug-bounty-success-e1f2acbbf4f2?source=rss------bug_bounty-5Lochana Dissanayakecybersecurity, ethical-hacking, bug-bounty, osint20-Feb-2024
Response Manipulation leads to Bypassing the OTP email verificationhttps://kiraadx.medium.com/response-manipulation-leads-to-bypassing-the-otp-email-verification-3107d558e8a5?source=rss------bug_bounty-5KiRaaDxbug-bounty-tips, bug-bounty20-Feb-2024
Day 14 Bug Bounty Challenge — Found $1000 Stored XSShttps://medium.com/@avbhijitdutta99/day-14-bug-bounty-challenge-found-1000-stored-xss-c0c9813bbe5a?source=rss------bug_bounty-5Abhijit Duttabug-bounty, bugbountychallenge, bug-bounty-tips, bug-bounty-writeup19-Feb-2024
9.3 Lab: Multi-endpoint race conditions | 2024https://cyberw1ng.medium.com/9-3-lab-multi-endpoint-race-conditions-2024-5617e806a0fc?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, security, bug-bounty, careers, hacking19-Feb-2024
HackTheBox — Monitoredhttps://medium.com/@mxzartxbyte/hackthebox-monitored-6cd7bc16f080?source=rss------bug_bounty-5mxz4rtbug-bounty, penetration-testing, network-penetration, hackthebox-writeup, hack-the-box-writeup19-Feb-2024
The Ultimate Guide to Top Bug Bounty Platforms in 2024https://medium.com/@crawsecurity/the-ultimate-guide-to-top-bug-bounty-platforms-in-2024-6934a3db42d2?source=rss------bug_bounty-5crawsecuritybugs, bug-fixes, bug-bounty-tips, bug-zero, bug-bounty19-Feb-2024
Unlocking Creativity: TCS HackQuest S8 Unveiled — Round 2https://medium.com/@Dark_D3v1l/unlocking-creativity-tcs-hackquest-s8-unveiled-round-2-a311e68becd4?source=rss------bug_bounty-5Ravitejaweb-security, ctf-writeup, bug-bounty, reverse-engineering, tcs-hackquest19-Feb-2024
How to Find First Bug (For Beginners)https://hackerhq.medium.com/how-to-find-first-bug-for-beginners-22a9177e94a0?source=rss------bug_bounty-5HackerHQcyber-security-awareness, bug-bounty-tips, cybersecurity, hackerone, bug-bounty19-Feb-2024
Android Architecture Components: Android Pentestinghttps://bot2root.medium.com/android-architecture-components-android-pentesting-1279e35c2d32?source=rss------bug_bounty-5Raghuveer Singh Chouhanpentesting, bug-bounty, hacking, cybersecurity, android19-Feb-2024
Searching industrial infrastructure with Netlas.iohttps://netlas.medium.com/searching-industrial-infrastructure-with-netlas-io-49c08ca519a2?source=rss------bug_bounty-5Netlas.iobug-bounty, critical-infrastructure, penetration-testing, cybersecurity, information-security19-Feb-2024
Absolute Beginners Guide For Finding P4 Bugs -Part 1https://medium.com/@avbhijitdutta99/absolute-beginners-guide-for-finding-p4-bugs-part-1-5585cc94ac8b?source=rss------bug_bounty-5Cyberbeatbug-bounty-hunter, bug-bounty-tips, bug-bounty-program, bug-bounty19-Feb-2024
Dorking-Pentesting: Create Your Own Automated Pentesting Toolshttps://medium.com/@elniak/dorking-pentesting-create-your-own-automated-pentesting-tools-11134114c2b7?source=rss------bug_bounty-5ElNiaktools, bug-bounty, python, penetration-testing, google19-Feb-2024
Web Cache Poisoing leads to ATO (Account takeover)https://medium.com/@hoosgamer/web-cache-poisoing-leads-to-ato-account-takeover-2522b4583a97?source=rss------bug_bounty-5HooShacking, bug-bounty-tips, bug-bounty, bug-bounty-writeup, web-security19-Feb-2024
Apa Itu Security Operation Center (SOC)https://medium.com/@yasminramadini/apa-itu-security-operation-center-soc-345f56cd85f3?source=rss------bug_bounty-5Yasmin Ramadinipentesting, bug-bounty, cybersecurity, soc-analyst, ethical-hacking18-Feb-2024
HackTheBox — SQLMap Essentialshttps://medium.com/@harry.hphu/hackthebox-sqlmap-essentials-72eaa7a13596?source=rss------bug_bounty-5Huy Phuweb-application-security, bug-bounty, sql, hackthebox18-Feb-2024
Introduction to API Testing — API Discovery and Interactionhttps://medium.com/@harry.hphu/introduction-to-api-testing-api-discovery-and-interaction-705248fc089e?source=rss------bug_bounty-5Huy Phuapi, bug-bounty, web-application-security, api-testing18-Feb-2024
Introduction to API Testing — Reconnaissancehttps://medium.com/@harry.hphu/introduction-to-api-testing-reconnaissance-7b471f4f4e73?source=rss------bug_bounty-5Huy Phuweb-application-security, api-testing, api, bug-bounty18-Feb-2024
Easy automation of bug bounty using Ethredhttps://medium.com/@eyaalgabay/automate-bug-bounty-using-ethred-de042fb19926?source=rss------bug_bounty-5Eyaalgabaypenetration-testing, bug-bounty, web-security, bugbounty-tips, hacking18-Feb-2024
My New Tool For Information Findinghttps://medium.com/@mrraghavop12/my-new-tool-for-information-finding-92a205a6e305?source=rss------bug_bounty-5Ethical Raghavdata-science, bug-bounty-tips, programming, bug-bounty, technology18-Feb-2024
Introduction to API Testing — Server-Side Parameter Pollutionhttps://medium.com/@harry.hphu/introduction-to-api-testing-server-side-parameter-pollution-52dc5c170d19?source=rss------bug_bounty-5Huy Phuweb-application-security, api, api-testing, bug-bounty18-Feb-2024
Introduction to API Testing — Mass Assignment vulnerabilitieshttps://medium.com/@harry.hphu/introduction-to-api-testing-mass-assignment-vulnerabilities-1643f75d1d20?source=rss------bug_bounty-5Huy Phuweb-application-security, api-testing, api, bug-bounty18-Feb-2024
Exploiting Cross-Site Scripting to Capture Passwordshttps://medium.com/@marduk.i.am/exploiting-cross-site-scripting-to-capture-passwords-b2cda84698b0?source=rss------bug_bounty-5Marduk I Amcybersecurity, cross-site-scripting, portswigger-lab, bug-bounty, stored-xss18-Feb-2024
9.2 Lab: Bypassing rate limits via race conditions | 2024https://cyberw1ng.medium.com/9-2-lab-bypassing-rate-limits-via-race-conditions-2024-533185d6d94e?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, secuity, hacking18-Feb-2024
PortSwigger — LAB-6 Remote code execution via polyglot web shell upload (Bug Bounty Prep)[by…https://infosecwriteups.com/portswigger-lab-6-remote-code-execution-via-polyglot-web-shell-upload-bug-bounty-prep-by-b426b0d50d39?source=rss------bug_bounty-5dollarboysushilcybersecurity, ethical-hacking, portswigger, web-app-security, bug-bounty18-Feb-2024
Open a link, and your Wi-Fi password is changed.https://medium.com/@deadoverflow/open-a-link-and-your-wi-fi-password-is-changed-7c47ccb4d095?source=rss------bug_bounty-5Imad Husanovichacking, cybersecurity, programming, bug-bounty, bug-bounty-tips18-Feb-2024
Detecting and exploiting limit overrun race conditions with Turbo Intruderhttps://cyberw1ng.medium.com/detecting-and-exploiting-limit-overrun-race-conditions-with-turbo-intruder-424bed12f2cf?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, hacking, security, bug-bounty17-Feb-2024
0Day SQLi Discovered during internal PenTestinghttps://medium.com/@SentinelXTeam/0day-sqli-discovered-during-internal-pentesting-0d00db3147c5?source=rss------bug_bounty-5SentinelX Researchbug-bounty, exploitation, cybersecurity, bug-bounty-tips, 0day17-Feb-2024
Mengintip database Website Bimbel di Indonesiahttps://uzet.medium.com/mengintip-database-website-bimbel-di-indonesia-1d3620ce438d?source=rss------bug_bounty-5Timotius Benhurpentesting, web-security, bug-bounty-tips, bug-bounty17-Feb-2024
How much longer must we dwell, with W-S-D-L?https://medium.com/illumination/how-much-longer-must-we-dwell-with-w-s-d-l-789eb659b77a?source=rss------bug_bounty-5Quintius Walkerbug-bounty, poetry, web-development, creative-writing, hacking17-Feb-2024
PortSwigger — LAB -4 Web shell upload via extension blacklist bypass (Bug Bounty Prep)[by…https://infosecwriteups.com/portswigger-lab-4-web-shell-upload-via-extension-blacklist-bypass-bug-bounty-prep-by-7c6233320f81?source=rss------bug_bounty-5dollarboysushilweb-app-security, portswigger, cybersecurity, bug-bounty, file-upload-vulnerability17-Feb-2024
weird bug using fake id via photoshop worth $***https://hamzadzworm.medium.com/weird-bug-using-fake-id-via-photoshop-worth-1fe5dbd04497?source=rss------bug_bounty-5Hamzadzwormbugbounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips, infosec17-Feb-2024
PortSwigger — LAB-5 Web shell upload via obfuscated file extension (Bug Bounty Prep)[by…https://dollarboysushil.medium.com/portswigger-lab-5-web-shell-upload-via-obfuscated-file-extension-bug-bounty-prep-by-5232dd3fb8fa?source=rss------bug_bounty-5dollarboysushilportswigger, cybersecurity, bug-bounty, ethical-hacking, web-app-security17-Feb-2024
Harnessing Microsoft Copilot as a Cybersecurity Advisorhttps://infosecwriteups.com/harnessing-microsoft-copilot-as-a-cybersecurity-advisor-518c46f697b3?source=rss------bug_bounty-5Paritoshmicrosoft, cybersecurity, bug-bounty, information-security, microsoft-copilot17-Feb-2024
Demystifying HTTP Request Smuggling: Detection to Exploitationhttps://roadtooscp.medium.com/demystifying-http-request-smuggling-detection-to-exploitation-d6bc7beed73e?source=rss------bug_bounty-5RoadToOSCPbug-bounty, owasp, bug-bounty-tips, pentesting, ethical-hacking17-Feb-2024
GitHub Recon- For Finding Sensitive Informationhttps://medium.com/@pawan_rawat/github-recon-for-finding-sensitive-information-aecdeb9c9dce?source=rss------bug_bounty-5Pawanrawatgithub-recon, bug-bounty-writeup, sensitive-data-exposure, bug-bounty-tips, bug-bounty17-Feb-2024
How do I automate my recon — Part Onehttps://medium.com/@aliraah/how-do-i-automate-my-recon-part-one-fd17dc8717c8?source=rss------bug_bounty-5Alipython, reconnaissance, automation, bash, bug-bounty17-Feb-2024
The Unseen 0-Click Threat Lurking in Your Inbox: CVE-2024–21413 Explainedhttps://systemweakness.com/the-unseen-0-click-threat-lurking-in-your-inbox-cve-2024-21413-explained-a8bd9ec0c46d?source=rss------bug_bounty-5ElNiakvulnerability, cybersecurity, microsoft-outlook, bug-bounty, rce17-Feb-2024
Hacking the Dutch Governmenthttps://medium.com/@jackson_80133/hacking-the-dutch-government-153678a191c0?source=rss------bug_bounty-5Jacksoncybersecurity, hacking, bug-bounty17-Feb-2024
MonikerLink Meltdown: Demystifying CVE-2024–21413 and Dodging Outlook’s Booby Traphttps://medium.com/@chinamayjoshi/monikerlink-meltdown-demystifying-cve-2024-21413-and-dodging-outlooks-booby-trap-43ba52c4b458?source=rss------bug_bounty-5The Cyber Tornadoinformation-security, microsoft, vapt, cybersecurity, bug-bounty17-Feb-2024
The Importance of Sharing Cybersecurity Knowledge on Reading Platformshttps://medium.com/@paritoshblogs/the-importance-of-sharing-cybersecurity-knowledge-on-reading-platforms-34a474a51522?source=rss------bug_bounty-5Paritoshinformation-security, infosec, hacking, cybersecurity, bug-bounty16-Feb-2024
Researcher’s Experience — Bug Bounty Programhttps://medium.com/@_crac/researchers-experience-bug-bounty-program-7d588c363fa6?source=rss------bug_bounty-5CRAC Learningbug-bounty, security, research, cybersecurity16-Feb-2024
GitHub Enterprise Server vulnshttps://irsl.medium.com/github-enterprise-server-vulns-26889987919c?source=rss------bug_bounty-5Imre Radsecurity, github, bug-bounty16-Feb-2024
Windows Defender SmartScreen Vulnerability: CVE-2024–21412 Exposes Financial Traders to…https://systemweakness.com/windows-defender-smartscreen-vulnerability-cve-2024-21412-exposes-financial-traders-to-a03ff476a293?source=rss------bug_bounty-5ElNiakwindows, bug-bounty, cybersecurity, vulnerability, malware16-Feb-2024
Mastering Cross-Site Scripting (XSS): Risks, Detection, and Preventionhttps://medium.com/@elniak/mastering-cross-site-scripting-xss-risks-detection-and-prevention-3cee199d2fff?source=rss------bug_bounty-5ElNiakcybersecurity, xss-attack, bug-bounty, programming, xss-vulnerability16-Feb-2024
Mastering SQLMap: A Comprehensive Guide for Cybersecurity Enthusiastshttps://medium.com/@elniak/mastering-sqlmap-a-comprehensive-guide-for-cybersecurity-enthusiasts-4e224b42396a?source=rss------bug_bounty-5ElNiaksqlmap, programming, cybersecurity, sql-injection, bug-bounty16-Feb-2024
Guide: ProjectDiscovery’s cvemap to nuclei template mapping.https://medium.com/@matejsmycka/guide-projectdiscoverys-cvemap-to-nuclei-template-mapping-5535c2934811?source=rss------bug_bounty-5Matejsmyckacybersecurity, bug-bounty, bash, penetration-testing16-Feb-2024
My First Account Takeover Via Password Reset Poisoninghttps://medium.com/@cyberpro151/my-first-account-takeover-via-password-reset-poisoning-7c35baadfbe3?source=rss------bug_bounty-5cyberpro151web-hacking, bug-bounty, pentesting, account-takeover, offensive-security16-Feb-2024
Mastering Manual SQL Injection: A Comprehensive Guide for Cybersecurity Enthusiastshttps://systemweakness.com/mastering-manual-sql-injection-a-comprehensive-guide-for-cybersecurity-enthusiasts-4541d46b42a7?source=rss------bug_bounty-5ElNiaksql-injection, cybersecurity, sql, programming, bug-bounty16-Feb-2024
The Posemesh Avalanche C-Chain Bug Bounty Programhttps://medium.com/posemesh/the-posemesh-avalanche-c-chain-bug-bounty-program-b34c01da1277?source=rss------bug_bounty-5Auki Labsbug-bounty, auki-labs, avalanche, posemesh, blockchain16-Feb-2024
Mastering CSRF: A Comprehensive Guide to Cross-Site Request Forgeryhttps://medium.com/@elniak/mastering-csrf-a-comprehensive-guide-to-cross-site-request-forgery-a380aca0eab0?source=rss------bug_bounty-5ElNiakweb-development, programming, csrf, cybersecurity, bug-bounty16-Feb-2024
8.6 Lab: Remote code execution via polyglot web shell upload | 2024https://cyberw1ng.medium.com/8-6-lab-remote-code-execution-via-polyglot-web-shell-upload-2024-5646ef951c0b?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, security, careers, bug-bounty16-Feb-2024
how i made easy information disclosure bugs in graphqlhttps://medium.com/@eyaalgabay/how-i-made-easy-information-disclosure-bugs-in-graphql-82284b05d7b4?source=rss------bug_bounty-5Eyaalgabaypenetration-testing, bug-bounty, bug-bounty-tips, web-security, hacking16-Feb-2024
Bypassing Captchahttps://medium.com/@eyaalgabay/bypassing-captcha-29a77c768469?source=rss------bug_bounty-5Eyaalgabaybug-bounty, web-security, penetration-testing, hacking, bug-bounty-tips15-Feb-2024
The Rise of Large Language Models and the Evolution of Programming: A Thesis on Prompt…https://analystlevy.medium.com/the-rise-of-large-language-models-and-the-evolution-of-programming-a-thesis-on-prompt-3ab81578408a?source=rss------bug_bounty-5Asuquo Levy Eyo Jrcybercrime, cryptography, bug-bounty, cyber-security-awareness, black-hat-202115-Feb-2024
The Game-Changing Magic of RCE [Cybersecurity]https://medium.com/@paritoshblogs/the-game-changing-magic-of-rce-cybersecurity-6e1468425e06?source=rss------bug_bounty-5Paritoshbug-bounty, hacking, cybersecurity, information-security, rce15-Feb-2024
Account Takeover [It Looked Secure at First]https://cristivlad.medium.com/account-takeover-it-looked-secure-at-first-f14a31cb7f5c?source=rss------bug_bounty-5Cristi Vladcybersecurity, bug-bounty, penetration-testing, infosec, pentesting15-Feb-2024
Github Dorking: A Beginner’s Guide to Finding Secrets in Repositorieshttps://medium.com/@elniak/github-dorking-a-beginners-guide-to-finding-secrets-in-repositories-2d4d36287913?source=rss------bug_bounty-5ElNiakthreat-intelligence, github, cybersecurity, github-dorking, bug-bounty15-Feb-2024
8.5 Lab: Web shell upload via obfuscated file extension | 2024https://cyberw1ng.medium.com/8-5-lab-web-shell-upload-via-obfuscated-file-extension-2024-0cb8b3e1e537?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, security, bug-bounty, cybersecurity15-Feb-2024
Portswigger — Command Injection All Labs Walkthrough(Bug Bounty Prep)[by dollarboysushil]https://infosecwriteups.com/portswigger-command-injection-all-labs-walkthrough-bug-bounty-prep-by-dollarboysushil-e836421212cf?source=rss------bug_bounty-5dollarboysushilcybersecurity, command-injection, bug-bounty, ethical-hacking, portswigger15-Feb-2024
HTML Injection in Mail BOXhttps://codingninjablogs.tech/html-injection-in-mail-box-c963a8c66d69?source=rss------bug_bounty-5#!/Subhankarhtml-injection, hackerone, hacking, bug-bounty15-Feb-2024
Edu-Hack: How a Simple Request Compromised Entire Classrooms Usershttps://uchihamrx.medium.com/edu-hack-how-a-simple-request-compromised-entire-classrooms-users-7cefc1225654?source=rss------bug_bounty-5Abdelrhman Aminbug-bounty-tips, cybersecurity, web-security, bug-bounty, penetration-testing15-Feb-2024
Behind the Screen: The Forgotten Password Feature That Almost Failed Ushttps://medium.com/@elcapitano7x/behind-the-screen-the-forgotten-password-feature-that-almost-failed-us-a3e67e103cc5?source=rss------bug_bounty-5Elcapitanobugswagger, bugsbounty, penetration-testing, information-security, bug-bounty15-Feb-2024
The effectiveness of employing BChecks to uncover significant secretshttps://xelkomy.medium.com/the-effectiveness-of-employing-bchecks-to-uncover-significant-secrets-788e15a8a952?source=rss------bug_bounty-5Khaled Mohamedsecrets, bug-bounty, bugswagger, cybersecurity, penetration-testing15-Feb-2024
Magic No More: Exposing Flaws in Magic Link Authenticationhttps://medium.com/@elcapitano7x/magic-no-more-exposing-flaws-in-magic-link-authentication-7cede724382f?source=rss------bug_bounty-5Elcapitanobug-bounty, penetration-testing, cybersecurity, bugswagger, information-security15-Feb-2024
Stored XSS with HTTP only Session Cookieshttps://medium.com/techiepedia/stored-xss-with-http-only-session-cookies-32e5eb121384?source=rss------bug_bounty-5Jessprogramming, website, security, web-development, bug-bounty15-Feb-2024
CVE-2024–24142 Exploitation & PoChttps://medium.com/@SentinelXTeam/cve-2024-24142-exploitation-poc-045021596804?source=rss------bug_bounty-5SentinelX Researchpenetration-testing, cybersecurity, hacking, bug-bounty, bug-bounty-tips15-Feb-2024
open redirect using homographshttps://medium.com/@eyaalgabay/open-redirect-using-homographs-ab2c21513b45?source=rss------bug_bounty-5Eyaalgabaybug-bounty-tips, penetration-testing, bug-bounty, open-redirect, web-hacking14-Feb-2024
Exploiting Cross-Site Scripting to Steal Cookieshttps://medium.com/@marduk.i.am/exploiting-cross-site-scripting-to-steal-cookies-3d14c8b42fae?source=rss------bug_bounty-5Marduk I Amcross-site-scripting, cybersecurity, portswigger-lab, xss-attack, bug-bounty14-Feb-2024
THIS IS HOW I FOUND FOUR VULNERABLILITY IN 45 MINUTEShttps://medium.com/@mrraghavop12/this-is-how-i-found-four-vulnerablility-in-45-minutes-050144a58161?source=rss------bug_bounty-5Ethical Raghavbug-bounty, blockchain, technology, bug-bounty-tips, cybersecurity14-Feb-2024
Portswigger — Path Traversal All Labs Walkthrough(Bug Bounty Prep)[by dollarboysushil]https://infosecwriteups.com/portswigger-path-traversal-all-labs-walkthrough-bug-bounty-prep-by-dollarboysushil-85ab64d6106a?source=rss------bug_bounty-5dollarboysushilbug-bounty, web-security, path-traversal, ethical-hacking, portswigger14-Feb-2024
How I was able to hack my college’s website with number of IDORs and CORS Misconfigurationshttps://medium.com/@cyberpro151/how-i-was-able-to-hack-my-colleges-website-with-number-of-idors-and-cors-misconfigurations-0f880d308b79?source=rss------bug_bounty-5cyberpro151hacking, web-hacking, bug-bounty, idor14-Feb-2024
GMX V1 Bug Disclosure.https://morphex.medium.com/gmx-v1-bug-disclosure-71e4ad9a918e?source=rss------bug_bounty-5Morphexdefi, bug-bounty, cryptocurrency14-Feb-2024
8.4 Lab: Web shell upload via extension blacklist bypass | 2024https://cyberw1ng.medium.com/8-4-lab-web-shell-upload-via-extension-blacklist-bypass-2024-2010bcaa283c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, security, hacking, bug-bounty, cybersecurity14-Feb-2024
A Journey through Reconnaissance to MySQL Server Access in the Gaming Realmhttps://medium.com/@daniel1895/a-journey-through-reconnaissance-to-mysql-server-access-in-the-gaming-realm-ce6a6f4eb21c?source=rss------bug_bounty-5Daniel1895fuzzing, bug-bounty, reconnaissance, bug-bounty-tips, hacking14-Feb-2024
The Hidden Dangers Lurking in NTLM Authentication (Cybersecurity)https://medium.com/@paritoshblogs/the-hidden-dangers-lurking-in-ntlm-authentication-cybersecurity-17fc4a02dbf9?source=rss------bug_bounty-5Paritoshntlm, hacking, cybersecurity, authentication, bug-bounty13-Feb-2024
Introducing M:N Hybrid Threading in Go: Unveiling the Power of Goroutineshttps://medium.com/@rezauditore/introducing-m-n-hybrid-threading-in-go-unveiling-the-power-of-goroutines-8f2bd31abc84?source=rss------bug_bounty-5rezauditoreprogramming, tutorial, multithreading, bug-bounty, golang13-Feb-2024
Best tools you must have to look at for penetration testing.https://medium.com/@coderjack0/best-tools-you-must-have-to-look-at-for-penetration-testing-5780ad9e7ddf?source=rss------bug_bounty-5Bugz_Bunnepentesting, hacking, cybersecurity, cybe, bug-bounty13-Feb-2024
Memory vulnerabilities: Buffer and integer overflows, memory leak, and pointer dereferencinghttps://medium.com/@forensics.000/memory-vulnerabilities-buffer-and-integer-overflows-memory-leak-and-pointer-dereferencing-b0e7cbbc0cd3?source=rss------bug_bounty-5forensicsbuffer-overflow, bug-bounty, null-pointer-dereference, memory-improvement13-Feb-2024
Cross-site and server-side request forgeries (CSRF and SSRF)https://medium.com/@forensics.000/cross-site-and-server-side-request-forgeries-csrf-and-ssrf-b91911e42e44?source=rss------bug_bounty-5forensicspenetration-testing, ssrf, csrf, bug-bounty, hackerone13-Feb-2024
Cross-site scriptinghttps://medium.com/@forensics.000/cross-site-scripting-706293b1ad8d?source=rss------bug_bounty-5forensicsweb-penetration-testing, ctf-writeup, hackerone, xss-attack, bug-bounty13-Feb-2024
Program Misuse and Privilege Escalation — PWN COLLEGEhttps://medium.com/illumination/program-misuse-and-privilege-escalation-pwn-college-9d5dbfd9cb3c?source=rss------bug_bounty-5B A T M A Npwn, pentesting, challenge, hacking, bug-bounty13-Feb-2024
Unauthenticated Jira CVEs Check List — Bug Tuesdayhttps://medium.com/@kerstan/unauthenticated-jira-cves-check-list-bug-tuesday-465b16266349?source=rss------bug_bounty-5kerstansecurity, cybersecurity, technology, information-security, bug-bounty13-Feb-2024
Email Triggering Leads to Rs1000 Amazon voucherhttps://medium.com/@bug.hun3r/email-triggering-leads-to-rs1000-amazon-voucher-7b9447a0b820?source=rss------bug_bounty-5mo9kHu93rbug-hunting, web-application-security, cybersecurity, bug-bounty, hacking13-Feb-2024
curity8.3 Lab: Web shell upload via path traversal | 2024https://cyberw1ng.medium.com/curity8-3-lab-web-shell-upload-via-path-traversal-2024-0c38695963a7?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, hacking, cybersecurity, careers, bug-bounty13-Feb-2024
Program Misuse and Privilege Escalation — PWN COLLEGEhttps://batm4n.medium.com/program-misuse-and-privilege-escalation-pwn-college-9d5dbfd9cb3c?source=rss------bug_bounty-5B A T M A Npwn, pentesting, challenge, hacking, bug-bounty13-Feb-2024
Comprehensive Guide to Pentesting Methodology: From Zero to Herohttps://medium.com/@elniak/comprehensive-guide-to-pentesting-methodology-from-zero-to-hero-78c94711d130?source=rss------bug_bounty-5ElNiakbug-bounty, technology, cybersecurity, penetration-testing, pentesting13-Feb-2024
Mastering Nmap: A Comprehensive Guide for Network Discovery and Security Auditinghttps://medium.com/@elniak/mastering-nmap-a-comprehensive-guide-for-network-discovery-and-security-auditing-29fa0c669ef7?source=rss------bug_bounty-5ElNiakcybersecurity, penetration-testing, bug-bounty, networking, nmap13-Feb-2024
Program Misuse and Privilege Escalation — PWN COLLEGEhttps://medium.com/illuminations-mirror/program-misuse-and-privilege-escalation-pwn-college-9d5dbfd9cb3c?source=rss------bug_bounty-5B A T M A Npwn, pentesting, challenge, hacking, bug-bounty13-Feb-2024
How I Found a Reflected XSS at NASAhttps://medium.com/@Jh0n_0x/how-i-found-a-reflected-xss-at-nasa-cc8b7584dee7?source=rss------bug_bounty-5Jh0n_0xpenetration-testing, securit, bugbounty-tips, bug-bounty, security-services12-Feb-2024
Most easiest bug in login page : Session Fixationhttps://medium.com/@mrraghavop12/most-easiest-bug-in-login-page-session-fixation-3b07eb396aab?source=rss------bug_bounty-5Ethical Raghavcybersecurity, blockchain, ethical-hacking, bug-bounty, technology12-Feb-2024
IDOR (Insecure direct object reference) pada Website Jual Beli Indonesiahttps://uzet.medium.com/idor-insecure-direct-object-reference-pada-website-jual-beli-indonesia-350e2f58755c?source=rss------bug_bounty-5Timotius Benhurwriteup, bug-bounty, idor12-Feb-2024
Webpages Have these Bugs, and can be EXPLOITED!!https://batm4n.medium.com/webpages-have-these-bugs-and-can-be-exploited-59e10dd94931?source=rss------bug_bounty-5B A T M A Nxss-vulnerability, hacking, penetration-testing, xss-attack, bug-bounty12-Feb-2024
Unraveling Three Critical Vulnerabilities in Atlassian Confluence: CVE-2023–22515, CVE-2023–22518…https://systemweakness.com/unraveling-three-critical-vulnerabilities-in-atlassian-confluence-cve-2023-22515-cve-2023-22518-071f58539142?source=rss------bug_bounty-5ElNiakvulnerability, exploitation, cybersecurity, atlassian, bug-bounty12-Feb-2024
Super Bowl and Cybersecurityhttps://medium.com/@paritoshblogs/super-bowl-and-cybersecurity-5a8c0097f1f7?source=rss------bug_bounty-5Paritoshbug-bounty, super-bowl, hacking, information-security, cybersecurity12-Feb-2024
Tow Senario To Pre Account TakeOverhttps://medium.com/@Hackoura001/tow-senario-to-pre-account-takeover-e437b772b0e2?source=rss------bug_bounty-5Ahmed Elhenybug-bounty-hunter, bug-bounty, hacking, bug-bounty-writeup, bugbounty-tips12-Feb-2024
7 Tingkatan IOC Dalam Investigasi Serangan Siberhttps://medium.com/@yasminramadini/7-tingkatan-ioc-dalam-investigasi-serangan-siber-107826a59a37?source=rss------bug_bounty-5Yasmin Ramadinibug-bounty, pyramid-of-pain, cybersecurity, cyber-security-awareness12-Feb-2024
Hack Stories: Hacking Hackers EP:1https://infosecwriteups.com/hack-stories-hacking-hackers-ep-1-ff4c3cfc09cc?source=rss------bug_bounty-5c0d3x27bug-bounty, hacking, cybersecurity, penetration-testing, software-development12-Feb-2024
Practical Guide to End-to-End Bug Reporting in Software Developmenthttps://medium.com/@niarsdet/practical-guide-to-end-to-end-bug-reporting-in-software-development-9d3e3e4ae8f2?source=rss------bug_bounty-5Niarbugs, issues, qa, bug-fixes, bug-bounty12-Feb-2024
How I Hacked the Dutch Government: Exploiting an Innocent Image for Remote Code Executionhttps://medium.com/@mukundbhuva/how-i-hacked-the-dutch-government-exploiting-an-innocent-image-for-remote-code-execution-df1fa936e46a?source=rss------bug_bounty-5Mukund Bhuvahacking, security, bug-bounty, information-security, cybersecurity12-Feb-2024
Understanding web applicationshttps://medium.com/@pentajbr/understanding-web-applications-ec5952eb1903?source=rss------bug_bounty-5Jbr AL-Otaibihacking, cybersecurity, bug-bounty, website, web-development12-Feb-2024
How I found a bug in Microsofthttps://nityanandjha18.medium.com/how-i-found-a-bug-in-microsoft-3b8524877a3c?source=rss------bug_bounty-5NITYA NAND JHAbug-bounty, cybersecurity, vulnerability12-Feb-2024
: Unveiling the Art of Breaching SSH Servers in Bug Bounties: A Dive into Cybersecurity Exploitshttps://medium.com/@bugspiderlee/unveiling-the-art-of-breaching-ssh-servers-in-bug-bounties-a-dive-into-cybersecurity-exploits-1b60c95c9075?source=rss------bug_bounty-5Pardon Mukoyibugbounty-tips, bug-bounty, bugbounty-writeup, cybersecurity12-Feb-2024
Extract & Scan SSL Certs for HeartBleed via CertGuard toolhttps://medium.com/@SentinelXTeam/extract-scan-ssl-certs-for-heartbleed-via-certguard-tool-06dfd891788a?source=rss------bug_bounty-5SentinelX Researchweb-development, bug-bounty-tips, ssl-certificate, cybersecurity, bug-bounty12-Feb-2024
Mastering Samba Exploitation: A Comprehensive Pentesting Guidehttps://medium.com/@elniak/mastering-samba-exploitation-a-comprehensive-pentesting-guide-016ae61c1031?source=rss------bug_bounty-5ElNiakcybersecurity, threat-intelligence, penetration-testing, samba, bug-bounty12-Feb-2024
Unveiling the World of Ethical Hacking: How Ethical Hackers Earn Moneyhttps://medium.com/@crawsecurity/unveiling-the-world-of-ethical-hacking-how-ethical-hackers-earn-money-939b7816debb?source=rss------bug_bounty-5crawsecurityethical-hacking, ways-to-earn-money-online, freelancing, bug-bounty, ethical-hacker11-Feb-2024
Online Password Cracking with THC-Hydra and Burp Suitehttps://medium.com/@0xalpraz/online-password-cracking-with-thc-hydra-and-burp-suite-31ec3019cead?source=rss------bug_bounty-50xClonazhacks, hacking, bug-bounty, cybersecurity11-Feb-2024
Getting Facebook Credentails Without Hackinghttps://medium.com/@0xalpraz/getting-facebook-credentails-without-hacking-e9c778e9e4ca?source=rss------bug_bounty-50xClonazbug-bounty, hacks, cybersecurity, hacking11-Feb-2024
Open Source Intelligence(OSINT), Part 4: Google Hacking to Find Unsecured Web Camshttps://medium.com/@0xalpraz/open-source-intelligence-osint-part-4-google-hacking-to-find-unsecured-web-cams-4493b08dd08f?source=rss------bug_bounty-50xClonazcybersecurity, hacks, hacker, hacking, bug-bounty11-Feb-2024
Open Source Intelligence (OSINT), Part 1: Mining Intelligence from Twitter (@mattgaetz)https://medium.com/@0xalpraz/open-source-intelligence-osint-part-1-mining-intelligence-from-twitter-mattgaetz-6bb71c3dae9b?source=rss------bug_bounty-50xClonazbug-bounty, cybersecurity, hacking, hacker, hacks11-Feb-2024
OSINT: Finding Email Passwords in Dumps with h8mailhttps://medium.com/@0xalpraz/osint-finding-email-passwords-in-dumps-with-h8mail-4fb8b80298d8?source=rss------bug_bounty-50xClonazbug-bounty, hacker, hacking, hacks, cybersecurity11-Feb-2024
Password Cracking: Creating Custom Password List with cupphttps://medium.com/master-hackers/password-cracking-creating-custom-password-list-with-cupp-167b7448b6c9?source=rss------bug_bounty-50xClonazcybersecurity, hacking, bug-bounty, hacker, hacks11-Feb-2024
Android Hacking: The libwebp Vulnerability (zero-day/zero-click)https://medium.com/master-hackers/android-hacking-the-libwebp-vulnerability-zero-day-zero-click-843279e0bb85?source=rss------bug_bounty-50xClonazhacks, hacking, hacker, cybersecurity, bug-bounty11-Feb-2024
Bug Bounty Hunting, Part 1: Getting Startedhttps://medium.com/master-hackers/bug-bounty-hunting-part-1-getting-started-f8c60e759738?source=rss------bug_bounty-50xClonazhacker, bug-bounty, hacking, cybersecurity11-Feb-2024
Preventing file execution in user-accessible directories by Portswigger | 2024https://cyberw1ng.medium.com/preventing-file-execution-in-user-accessible-directories-by-portswigger-2024-c30f1ef726b9?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, cybersecurity, bug-bounty, security11-Feb-2024
IDOR(Insecure Direct Object Referece) Price Manipulation Through Encoded Url Parameterhttps://medium.com/@bry4nzheng/idor-insecure-direct-object-referece-price-manipulation-through-encoded-url-parameter-4232fa4758b0?source=rss------bug_bounty-5Bryan Zhengbug-bounty-writeup, bug-bounty, cybersecurity, penetration-testing11-Feb-2024
Signing up with Government and Military emailshttps://medium.com/@boogsta/signing-up-with-government-and-military-emails-4ebed8da5135?source=rss------bug_bounty-5Boogstabug-bounty-tips, cyber, cybersecurity, bug-bounty, hacking11-Feb-2024
IDOR(Insecure Direct Object Reference) Price Manipulation on Private Bug Bounty Programhttps://medium.com/@bry4nzheng/idor-insecure-direct-object-reference-price-manipulation-on-private-bug-bounty-program-2527431ffcfd?source=rss------bug_bounty-5Bryan Zhengbug-bounty-writeup, penetration-testing, bug-bounty, cybersecurity11-Feb-2024
Bug Bounty Programs: Unleashing the Force of Ethical Hackers to Strengthen Your Security Defenseshttps://medium.com/@pascal.o.anene/bug-bounty-programs-unleashing-the-force-of-ethical-hackers-to-strengthen-your-security-defenses-08506824e975?source=rss------bug_bounty-5Pascal Onyekachukwu Anenecybersecurity, security-engineering, bug-bounty11-Feb-2024
Almost 50% of web pages have this bug. Learn How it is exploited in the wildhttps://medium.com/@sreedeep200/almost-50-of-web-pages-have-this-bug-learn-how-it-is-exploited-in-the-wild-bfc591abdf8f?source=rss------bug_bounty-5Sreedeep cvjs, bug-bounty, xss-attack, hacking, dom11-Feb-2024
XSS in CMS / Blog sites bypassing HTML encoding and escaping.https://medium.com/@kannnannmk/xss-in-cms-blog-sites-bypassing-html-encoding-and-escaping-f61a720e6a02?source=rss------bug_bounty-5Neelamegha Kannan Spenetration-testing, cybersecurity, information-security, cyberattack, bug-bounty11-Feb-2024
From a customer to a ‘system owner’https://medium.com/@mmaulanaabdullah/from-a-customer-to-a-system-owner-ce4da3f6d56c?source=rss------bug_bounty-5M Maulana Abdullahapi-development, writeup, privilege-escalation, api, bug-bounty10-Feb-2024
Unlocking Creativity: TCS HackQuest S8 Unveiled - Round 1https://medium.com/@Dark_D3v1l/unlocking-creativity-tcs-hackquest-s8-unveiled-round-1-ffc02c753aaf?source=rss------bug_bounty-5Ravitejareverse-engineering, ctf, bug-bounty, hacking-tools, web-security10-Feb-2024
7.8 Lab: Referer-based access control | 2024https://cyberw1ng.medium.com/7-8-lab-referer-based-access-control-2024-ef0fa2eefbe0?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, security, bug-bounty, cybersecurity10-Feb-2024
Google Dorking: A Beginner’s Guide to Finding Vulnerabilitieshttps://medium.com/@elniak/google-dorking-a-beginners-guide-to-finding-vulnerabilities-815afedcaaec?source=rss------bug_bounty-5ElNiakthreat-intelligence, bug-bounty, google-dorking, cybersecurity, google10-Feb-2024
Web Security 101 : Cross-Site Scripting (XSS) Attackshttps://iaraoz.medium.com/web-security-101-cross-site-scripting-xss-attacks-5b6c6e8020c7?source=rss------bug_bounty-5Israel Aráoz Severichexss-attack, bug-bounty, cybersecurity, appsec09-Feb-2024
Securing Biggest Electronic Brand Worth Me My 2nd 4 fig. $2259 Bounty!https://medium.com/@manan_sanghvi/securing-biggest-electronic-brand-worth-me-my-2nd-4-fig-2259-bounty-a053d2053655?source=rss------bug_bounty-5Manan Sanghvibug-bounty, penetration-testing, web-application-security, ethical-hacking, idor-vulnerability09-Feb-2024
JSON CSRF in Microsoft Bing Maps Collectionshttps://infosecwriteups.com/json-csrf-in-microsoft-bing-maps-collections-74afc2b197d5?source=rss------bug_bounty-5Jayateertha Guruprasadbug-bounty-tips, microsoft, bug-bounty, infosec, cybersecurity09-Feb-2024
CVE-2024–24830: A Critical OpenObserve Vulnerability Exposedhttps://systemweakness.com/cve-2024-24830-a-critical-openobserve-vulnerability-exposed-7110ff223e49?source=rss------bug_bounty-5ElNiakbug-bounty, logs, vulnerability, cybersecurity, technology09-Feb-2024
Cyber Espionage Unveiled: The Dutch Defense Under Siege by Chinese Hackershttps://medium.com/@elniak/cyber-espionage-unveiled-the-dutch-defense-under-siege-by-chinese-hackers-2a7a5ffe99b6?source=rss------bug_bounty-5ElNiakmalware, chinese, bug-bounty, cyberattack, cybersecurity09-Feb-2024
CVE-2024–1207: A Deep Dive into WordPress Plugin Vulnerabilityhttps://systemweakness.com/cve-2024-1207-a-deep-dive-into-wordpress-plugin-vulnerability-3b12891813e6?source=rss------bug_bounty-5ElNiakbug-bounty, vulnerability, cybersecurity, wordpress, sql-injection09-Feb-2024
Cyber Espionage Unveiled: The Dutch Defense Under Siege by Chinese Hackershttps://systemweakness.com/cyber-espionage-unveiled-the-dutch-defense-under-siege-by-chinese-hackers-2a7a5ffe99b6?source=rss------bug_bounty-5ElNiakmalware, chinese, bug-bounty, cyberattack, cybersecurity09-Feb-2024
Creating a recon database with Flask, MongoDB, REST Api and ChatGPT — Part Threehttps://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-three-cee1633de873?source=rss------bug_bounty-5Alipython, flask, bug-bounty, mongodb, reconnaissance09-Feb-2024
E: Package ‘libgtkglext1’ has no installation candidate | anydesk : Depends: libgtkglext1 but it is…https://medium.com/@sherlock297/e-package-libgtkglext1-has-no-installation-candidate-anydesk-depends-libgtkglext1-but-it-is-7eef2877f78d?source=rss------bug_bounty-5Ravindra Dagaleinformation-technology, bug-bounty, kali-linux, information-security, programming09-Feb-2024
7.7 Lab: Multi-step process with no access control on one step | 2024https://cyberw1ng.medium.com/7-7-lab-multi-step-process-with-no-access-control-on-one-step-2024-2b338dfd36ea?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, cybersecurity, bug-bounty, security09-Feb-2024
Beyond the Firewall: Finding a Stored XSS in Hacker101 CTFhttps://medium.com/@crashwire1/beyond-the-firewall-finding-a-stored-xss-in-hacker101-ctf-9b90df12e42e?source=rss------bug_bounty-5Crashwirexss-attack, cybersecurity, capture-the-flag, bug-bounty, hacking09-Feb-2024
Unlocking Your Potential: Elevating Your Bug Bounty Game**https://medium.com/@mrraghavop12/unlocking-your-potential-elevating-your-bug-bounty-game-5cbf22c4de00?source=rss------bug_bounty-5Ethical Raghavblockchain, bug-bounty, bug-bounty-tips, javascript, cybersecurity08-Feb-2024
Lenfi V2 to Begin Community-Driven Bug Bounty Program Nowhttps://medium.com/@lenfi/lenfi-v2-to-begin-community-driven-bug-bounty-program-now-c2d312203df2?source=rss------bug_bounty-5Lenfilending, cardano, defi, audit, bug-bounty08-Feb-2024
Chaining Subprober + Subfinder To Your Bug Bounty Recon.https://medium.com/@Ajakcybersecurity/chaining-subprober-subfinder-to-your-bug-bounty-recon-017151d1ffce?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, ethical-hacking, penetration-testing, hacking, cybersecurity08-Feb-2024
7.6 Lab: Method-based access control can be circumvented | 2024https://cyberw1ng.medium.com/7-6-lab-method-based-access-control-can-be-circumvented-2024-edb5df550a66?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, portswigger, cybersecurity, careers08-Feb-2024
Easy way to get privilege escalationhttps://medium.com/@Rzizah/easy-way-to-get-privilege-escalation-2c0a96862301?source=rss------bug_bounty-5Rzizahbug-bounty-tips, bug-bounty, bug-bounty-writeup, privilege-escalation08-Feb-2024
How I Find Open Redirect Bug — Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-i-find-open-redirect-bug-bug-bounty-tuesday-40cc560c9cec?source=rss------bug_bounty-5kerstancybersecurity, bug-bounty, technology, security, information-security07-Feb-2024
Web3 Security: In-Depthhttps://medium.com/coinmonks/web3-security-in-depth-e102fb262a3a?source=rss------bug_bounty-5Officer's Notesbug-bounty, blockchain, smart-contracts, solidity, web307-Feb-2024
My first bug | Html injection|https://medium.com/@pandeyrishu621/my-first-bug-html-injection-82bbad239934?source=rss------bug_bounty-5Pandeyrishucybersecurity, bug-bounty, penetration-testing, technology, bug-bounty-tips07-Feb-2024
Revealing a Security Snag: Uncovering Sensitive Data Exposure in an Apple Applicationhttps://medium.com/@jazdprince/revealing-a-security-snag-uncovering-sensitive-data-exposure-in-an-apple-application-c93da97cae0d?source=rss------bug_bounty-5JzeeRxbug-bounty, bug-hunting, cybersecurity, apple-security, apple07-Feb-2024
7.5 Lab: URL-based access control can be circumvented | 2024https://cyberw1ng.medium.com/7-5-lab-url-based-access-control-can-be-circumvented-2024-f101542e9402?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, hacking, cybersecurity, careers, bug-bounty07-Feb-2024
I have hacked around 300 website in 1 Monthhttps://systemweakness.com/i-have-hacked-around-300-website-in-1-month-30417030560b?source=rss------bug_bounty-5Imran Niazbug-bounty, hacking, web-development, python-programming, cybersecurity07-Feb-2024
Rate Limiting: What It Is And Why It Matters in Bug Bountyhttps://infosecwriteups.com/rate-limiting-what-it-is-and-why-it-matters-in-bug-bounty-b0d2ce574049?source=rss------bug_bounty-5Alpbug-bounty-tips, bug-bounty, hackerone07-Feb-2024
How To Get Started With LLM Hacking? — A Beginner’s Guidehttps://medium.com/@hetisdemerckx/how-to-get-started-with-llm-hacking-a-beginners-guide-273af158b4b0?source=rss------bug_bounty-5Yannick Merckxbug-bounty, ai, hacking, llm-hacking, llm07-Feb-2024
My first bug | Html injection|https://systemweakness.com/my-first-bug-html-injection-82bbad239934?source=rss------bug_bounty-5Pandeyrishucybersecurity, bug-bounty, penetration-testing, technology, bug-bounty-tips07-Feb-2024
Enhancing Network Security: Best Practices and Strategieshttps://medium.com/@paritoshblogs/enhancing-network-security-best-practices-and-strategies-6fec2ef3f397?source=rss------bug_bounty-5Paritoshhacking, programming, bug-bounty, information-security, cybersecurity06-Feb-2024
Tumblr Subdomain Takeoverhttps://infosecwriteups.com/tumblr-subdomain-takeover-55f9cb494d65?source=rss------bug_bounty-5Scott Lindhwhite-hat-hacker, bug-bounty, hacker, subdomain-takeover, subdomains-enumeration06-Feb-2024
Harnessing Concurrency in Go: Exploring Asynchronous Executionhttps://medium.com/@rezauditore/harnessing-concurrency-in-go-exploring-asynchronous-execution-4134897d66a6?source=rss------bug_bounty-5rezauditoregolang, programming, bug-bounty, tutorial, hunting06-Feb-2024
A Deep Dive into FastAPI’s Security Vulnerability: CVE-2024–24762https://systemweakness.com/a-deep-dive-into-fastapis-security-vulnerability-cve-2024-24762-4ab6bb64644c?source=rss------bug_bounty-5ElNiakcybersecurity, programming, bug-bounty, fastapi, vulnerability06-Feb-2024
ALWAYS test 404 Not Found in Bug Bounties!https://medium.com/@mares.viktor/always-test-404-not-found-in-bug-bounties-2be47801b4c0?source=rss------bug_bounty-5Viktor Marescybersecurity, web-development, bug-bounty, penetration-testing, hacking06-Feb-2024
CVE-2024-23222: Apple WebKit’s Zero-Day Vulnerabilityhttps://medium.com/@elniak/cve-2024-23222-apple-webkits-zero-day-vulnerability-83109de9ddee?source=rss------bug_bounty-5ElNiakcybersecurity, vulnerability, apple, technology, bug-bounty06-Feb-2024
Symlink Sabotage: ZIPping Through Web Security. (LFI Lab)https://medium.com/@josh.beck2006/symlink-sabotage-zipping-through-web-security-lfi-lab-ca20e2d30c8d?source=rss------bug_bounty-5Josh Beckpenetration-testing, cybersecurity, ctf-writeup, bug-bounty06-Feb-2024
Unveiling CVE-2024–0953: Firefox iOS Open Redirect Vulnerabilityhttps://lohigowda.medium.com/unveiling-cve-2024-0953-firefox-ios-open-redirect-vulnerability-57533efb4cf4?source=rss------bug_bounty-5Lohith Gowda Mapplication-security, bug-bounty, firefox, ios, infosec06-Feb-2024
Understanding Ransomwarehttps://medium.com/@paritoshblogs/understanding-ransomware-aa45e2c43bbb?source=rss------bug_bounty-5Paritoshransomware, bug-bounty, cybersecurity, hacking, information-security05-Feb-2024
Urgent Security Alert: Microsoft Edge Vulnerabilities Exposed — Protect Your Data Now!https://medium.com/@elniak/urgent-security-alert-microsoft-edge-vulnerabilities-exposed-protect-your-data-now-bd7cd8b616dd?source=rss------bug_bounty-5ElNiakprivilege-escalation, cybersecurity, microsoft, bug-bounty, vulnerability05-Feb-2024
SSRF on a Headless Browser Becomes Critical!https://medium.com/@Nightbloodz/ssrf-on-a-headless-browser-becomes-critical-c08daaa1017e?source=rss------bug_bounty-5Alvaro Baladacybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty, cyber-security-awareness05-Feb-2024
IoT Devices Vulnerabilities Disclosed: BugStrike’s IoT Security Suitehttps://blog.bugstrike.io/iot-devices-vulnerabilities-disclosed-bugstrikes-iot-security-suite-4f3b7d907829?source=rss------bug_bounty-5BugStrike Teambugstrike, iot-security, bug-bounty, cybersecurity, iot05-Feb-2024
Unveiling the XSS Threats: Understanding and Defending Against Cross-Site Scriptinghttps://blog.bugstrike.io/unveiling-the-xss-threats-understanding-and-defending-against-cross-site-scripting-508e914367f4?source=rss------bug_bounty-5BugStrike Teambugsbounty, cybersecurity, bugstrike, xss-attack, bug-bounty05-Feb-2024
Broken access control resulting from platform misconfiguration | 2024https://cyberw1ng.medium.com/broken-access-control-resulting-from-platform-misconfiguration-2024-bc330363278c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, bug-bounty, hacking, security05-Feb-2024
Euler Is So Back: Prizewinners and Educate Series Summaryhttps://www.blog.encode.club/euler-is-so-back-bounty-winners-and-educate-series-summary-6ea3de46b569?source=rss------bug_bounty-5Vanessa Losiceuler, euler-finance, bug-bounty, euler-educate, encode-club05-Feb-2024
How I got RCE in one of Bugcrowd's Public Programshttps://medium.com/@yousefmoh15/how-i-got-rce-in-one-of-bugcrowds-public-programs-5725c8dc46ce?source=rss------bug_bounty-5Yousef Mohamed Elsaidcybersecurity, bugcrowd, bug-bounty, rce, remote-code-execution05-Feb-2024
Every Cybersecurity Beginner’s Nightmare — You need to Read thishttps://medium.com/@majameeljameey/every-cybersecurity-beginners-nightmare-you-need-to-read-this-fc1b69e5dded?source=rss------bug_bounty-5MOHD ABDUL JAMEELpenetration-testing, bug-bounty, roadmaps, ethical-hacking, cybersecurity05-Feb-2024
Reflected XSS into a Template Literal with Angle Brackets, Single, Double Quotes, Backslash, and…https://medium.com/@marduk.i.am/reflected-xss-into-a-template-literal-with-angle-brackets-single-double-quotes-backslash-and-d5cf41f25b02?source=rss------bug_bounty-5Marduk I Ambug-bounty, portswigger-lab, reflected-xss, cross-site-scripting, cybersecurity05-Feb-2024
Skyfall — HackTheBox Seasonal Machine Simple Writeup by Karthikeyan Nagaraj | 2024https://infosecwriteups.com/skyfall-hackthebox-seasonal-machine-simple-writeup-by-karthikeyan-nagaraj-2024-d76fdaaba116?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, hackthebox-writeup, hackthebox, bug-bounty05-Feb-2024
This will change the way you hunt for bugs forever.https://medium.com/@deadoverflow/this-will-change-the-way-you-hunt-for-bugs-forever-6111f59b4e8b?source=rss------bug_bounty-5Imad Husanovichacking, cybersecurity, bug-bounty, programming, bug-bounty-tips04-Feb-2024
the Dark Art of NTLM Relay Attackshttps://medium.com/@paritoshblogs/the-dark-art-of-ntlm-relay-attacks-5a55cfb95b37?source=rss------bug_bounty-5Paritoshcybersecurity, hacking, ntlm-relay, active-directory, bug-bounty04-Feb-2024
The UI Slip I Hit 750$: UI Manipulation Leading to Unauthorized Permission Changeshttps://medium.com/@a13h1/the-ui-slip-i-hit-750-ui-manipulation-leading-to-unauthorized-permission-changes-d65621d8dd96?source=rss------bug_bounty-5Abhi Sharmauser-interface, hacking, programming, bug-bounty, cybersecurity04-Feb-2024
How I Hacked My College’s Sitehttps://infosecwriteups.com/how-i-hacked-my-colleges-site-26ae1ab872e4?source=rss------bug_bounty-5Rajneesh Kumar Aryabug-bounty, web-application-security, ethical-hacking, hacked, cybersecurity04-Feb-2024
Running a MITM on a Google Play App | Fintech Bug Bounty — Part 3https://0x4kd.medium.com/running-a-mitm-on-a-google-play-app-fintech-bug-bounty-part-3-82ebdd852d07?source=rss------bug_bounty-50x4KDbug-bounty, infosec, bounty-hunter, bug-bounty-tips, security04-Feb-2024
Certifications for bug bounty huntershttps://medium.com/@notahades/certifications-for-bug-bounty-hunters-4200c6a58c3c?source=rss------bug_bounty-5Deshahacking, certification, penetration-testing, bug-bounty04-Feb-2024
Hacking tools to use in 2024https://medium.com/@notahades/hacking-tools-to-use-in-2024-9dd47c126ef4?source=rss------bug_bounty-5Deshait-security, bug-bounty, hacking, penetration-testing, security04-Feb-2024
Tutorial: Shellcode Injection when the buffer is smallhttps://medium.com/@elniak/tutorial-shellcode-injection-when-the-buffer-is-small-ee3a29dcb955?source=rss------bug_bounty-5ElNiakbug-bounty, tutorial, hacking, shellcode, cybersecurity04-Feb-2024
TryHackMe | Bounty Hacker Walkthroughhttps://medium.com/@utsavadhikari99/tryhackme-bounty-hacker-walkthrough-eb7d9de074e3?source=rss------bug_bounty-5Utsavadhikaribug-bounty, bugs, linux, cybersecurity, computer-science04-Feb-2024
Stored XSS into ‘onclick’ Event with Angle Brackets and Double Quotes HTML-Encoded and Single…https://medium.com/@marduk.i.am/stored-xss-into-onclick-event-with-angle-brackets-and-double-quotes-html-encoded-and-single-002848f8deb1?source=rss------bug_bounty-5Marduk I Amportswigger-lab, cybersecurity, stored-xss, bug-bounty, cross-site-scripting04-Feb-2024
Creating a recon database with Flask, MongoDB, REST Api and ChatGPT — Part Twohttps://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-two-468405eb3520?source=rss------bug_bounty-5Alidatabse, reconnaissance, bug-bounty, python, chatgpt04-Feb-2024
6.5 Lab: Information disclosure in version control history | 2024https://cyberw1ng.medium.com/6-5-lab-information-disclosure-in-version-control-history-2024-f886c7337cb7?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, careers, cybersecurity, bug-bounty, hacking04-Feb-2024
How to send WhatsApp Message automatically using python for impress someonehttps://rajput623929.medium.com/how-to-send-whatsapp-message-automatically-using-python-for-impress-someone-9c577664faaa?source=rss------bug_bounty-5Mr.Horbiohacking, automation, bug-bounty, cybersecurity, python03-Feb-2024
IDOR Pada Website Jual Beli Indonesiahttps://uzet.medium.com/idor-pada-website-jual-beli-indonesia-e4842bad515a?source=rss------bug_bounty-5Timotius Benhurbug-bounty, writeup, cyber-security-awareness, bugs03-Feb-2024
Zero-Day: Navigating the Storm of CVE-2024–21893 in Ivanti Productshttps://systemweakness.com/zero-day-navigating-the-storm-of-cve-2024-21893-in-ivanti-products-3b27078377e2?source=rss------bug_bounty-5ElNiakbug-bounty, penetration-testing, ivanti, cybersecurity, ssrf03-Feb-2024
Vulnerable WordPress January 2024 (Imadaddin Nasimi)https://medium.com/@onhexgroup/vulnerable-wordpress-january-2024-imadaddin-nasimi-09f163d473db?source=rss------bug_bounty-5Onhexgroupinfosec, bug-bounty, exploit, cybersecurity, wordpress03-Feb-2024
Title: Unveiling the Trio: Idor,Account,Takeover And Account Enumerationhttps://medium.com/@mrraghavop12/title-unveiling-the-trio-idor-account-takeover-and-account-enumeration-cad7f7ca671f?source=rss------bug_bounty-5Ethical Raghavbug-bounty, blockchain, technology, cybersecurity, data-science03-Feb-2024
Building a Robust Security Architecturehttps://medium.com/@paritoshblogs/building-a-robust-security-architecture-10d01b22380d?source=rss------bug_bounty-5Paritosharchitecture, bug-bounty, information-security, cybersecurity, security-architecture03-Feb-2024
A Story of an IDOR bug I found on a SaaS applicationhttps://medium.com/@duncanochieng682/a-story-of-an-idor-bug-i-found-on-a-saas-application-28fa65907bfd?source=rss------bug_bounty-5JateloCybersecaccess-control, web-application-security, bug-bounty-tips, idor-vulnerability, bug-bounty03-Feb-2024
Version Control History and Information Disclosure Vulnerabilities | 2024https://cyberw1ng.medium.com/version-control-history-and-information-disclosure-vulnerabilities-2024-3649060333bb?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, cybersecurity, careers, bug-bounty, hacking03-Feb-2024
Offensive Mobile Penetration Testinghttps://hackerassociate.medium.com/offensive-mobile-penetration-testing-ce87cc06fb46?source=rss------bug_bounty-5Harshad Shahbug-bounty, infosec, penetration-testing, cybersecurity, hacking02-Feb-2024
5.11 Lab: Authentication bypass via flawed state machine | 2024https://cyberw1ng.medium.com/5-11-lab-authentication-bypass-via-flawed-state-machine-2024-2226d33fba6d?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, cybersecurity, bug-bounty, security2-Feb-2024
CVE-2021–4434: A Critical WordPress Vulnerability Exposedhttps://medium.com/@elniak/cve-2021-4434-a-critical-wordpress-vulnerability-exposed-202b7d75dda5?source=rss------bug_bounty-5ElNiakvulnerability, bug-bounty, threat-intelligence, wordpress, cybersecurity2-Feb-2024
Join the Pay Protocol Bug Bounty Program and Earn Rewardshttps://cryptoanalyz.medium.com/join-the-pay-protocol-bug-bounty-program-and-earn-rewards-159d24608282?source=rss------bug_bounty-5Crypto Analystpayments, defi, bug-bounty-program, cryptocurrency, bug-bounty2-Feb-2024
Unveiling the Elite: Cyber Matrix Tech’s USD 7 Million Bug Bounty Coursehttps://medium.com/@African-Technology-Research/unveiling-the-elite-cyber-matrix-techs-usd-7-million-bug-bounty-course-4e648fb003d1?source=rss------bug_bounty-5African Technology Researchpenetration-testing, cybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup2-Feb-2024
Mastering Fuzzing: A Comprehensive Tutorialhttps://medium.com/@elniak/mastering-fuzzing-a-comprehensive-tutorial-ba9431c8ff0f?source=rss------bug_bounty-5ElNiakfuzzing, bug-bounty, tutorial, cybersecurity, bugs02-Feb-2024
Unlocking Privacy: A Dive into Octopii, the Open-Source PII Scannerhttps://medium.com/@elniak/unlocking-privacy-a-dive-into-octopii-the-open-source-pii-scanner-8a8bdcc0b8be?source=rss------bug_bounty-5ElNiakprivacy, osint, cybersecurity, bug-bounty, pii02-Feb-2024
How to start in Bug Bounty Hunting: my personal experiencehttps://seeu-inspace.medium.com/how-to-start-in-bug-bounty-hunting-my-personal-experience-61fb2bc6bcee?source=rss------bug_bounty-5Riccardo Malatestabug-bounty-tips, bug-bounty02-Feb-2024
How to Pass eWPTv1 examhttps://medium.com/@pentajbr/how-to-pass-ewptv1-exam-3aab3d7d9fa5?source=rss------bug_bounty-5Jbr AL-Otaibipreparation, bug-bounty, bug-bounty-tips, cybersecurity, hacking02-Feb-2024
CVE-2021–4434: A Critical WordPress Vulnerability Exposedhttps://systemweakness.com/cve-2021-4434-a-critical-wordpress-vulnerability-exposed-202b7d75dda5?source=rss------bug_bounty-5ElNiakvulnerability, bug-bounty, threat-intelligence, wordpress, cybersecurity02-Feb-2024
How I was able to find PII of more than 15,000 People using the Directory Enumeration Tool…https://medium.com/@neelmunot2003/how-i-was-able-to-find-pii-of-more-than-15-000-people-using-the-directory-enumeration-tool-7ac3e9a37983?source=rss------bug_bounty-5Neel Munotinformation-disclosure, dirsearch, bug-bounty, cybersecurity, ethical-hacking02-Feb-2024
How I secured the United Nations Hall of Famehttps://medium.com/@kamilrahman32/how-i-secured-the-united-nations-hall-of-fame-67b036ff2620?source=rss------bug_bounty-5Kamil Rahumanbug-bounty, bug-bounty-tips, vulnerability, hall-of-fame, united-nations02-Feb-2024
Full Account Takeover via Password Reset Link Manipulationhttps://ikhaleelkhan.medium.com/full-account-takeover-via-password-reset-link-manipulation-840fb9402967?source=rss------bug_bounty-5Khaleel Khaninfosec, bug-bounty, cybersecurity, hacking, ethical-hacking01-Feb-2024
Docker and runC Vulnerabilities: A Deep Dive into CVE-2024–21626 and Its Counterpartshttps://medium.com/@elniak/docker-and-runc-vulnerabilities-a-deep-dive-into-cve-2024-21626-and-its-counterparts-4ca24e7d7aa1?source=rss------bug_bounty-5ElNiakcybersecurity, vulnerability, docker, penetration-testing, bug-bounty01-Feb-2024
5.10 Lab: Authentication bypass via encryption Oracle | 2024https://cyberw1ng.medium.com/5-10-lab-authentication-bypass-via-encryption-oracle-2024-b15f1879a30b?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, bug-bounty, careers, hacking, cybersecurity01-Feb-2024
1.4M PII data leakage (IDOR)https://medium.com/@tusharaj98355/1-4m-pii-data-leakage-idor-aee596aef4d9?source=rss------bug_bounty-5tushar_reconbug-bounty, bug-bounty-tips01-Feb-2024
How i was able to hack a Company via watching a YouTube videohttps://ahmadmansourr.medium.com/how-i-was-able-to-hack-a-company-via-watching-a-youtube-video-without-any-technical-pentesting-4941753a150a?source=rss------bug_bounty-5Ahmad Mansourcyber-security-awareness, bug-bounty, penetration-testing01-Feb-2024
Reflected XSS into a JavaScript String with Angle Brackets and Double Quotes HTML-Encoded and…https://medium.com/@marduk.i.am/reflected-xss-into-a-javascript-string-with-angle-brackets-and-double-quotes-html-encoded-and-3e43059d901b?source=rss------bug_bounty-5Marduk I Amcybersecurity, portswigger-lab, reflected-xss, cross-site-scripting, bug-bounty01-Feb-2024
Bypass Arbitary File Upload With .pharhttps://medium.com/@mzrismuarf/bypass-arbitary-file-upload-with-phar-6a07627f5e2e?source=rss------bug_bounty-5Mizar Ismu Ariefexploitation, bug-bounty, pentesting, bypass01-Feb-2024
From No to Go — Uninvited Access To Invited Projectshttps://medium.com/@_0jatin0_/from-no-to-go-uninvited-access-to-invited-projects-c8a94feb7cf3?source=rss------bug_bounty-5Jatin_Chudasamabroken-access-control, writeup, bug-bounty, graphql, unauthorized-access01-Feb-2024
This is arguably the dumbest bug I’ve ever found.https://medium.com/@deadoverflow/this-is-arguably-the-dumbest-bug-ive-ever-found-3e451951d727?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, bug-bounty, hacking, programming, cybersecurity01-Feb-2024
Misconfiguration lead to company identity theft via bypass email verification.https://hamzadzworm.medium.com/misconfiguration-lead-to-company-identity-theft-via-bypass-email-verification-0dd60b61d943?source=rss------bug_bounty-5Hamzadzwormbugbounty-writeup, bug-bounty-writeup, bugbounty-tips, bug-bounty, infosec01-Feb-2024
Best Recon methodology (Shubham Rooter)https://shubhamrooter.medium.com/best-recon-methodology-shubham-rooter-dcdca8d4caa4?source=rss------bug_bounty-5Shubham Tiwarihackerone, recon, bug-bounty, bug-bounty-tips, bug-hunting01-Feb-2024
How to send WhatsApp Message automatically using python for impress someonehttps://rajput623929.medium.com/how-to-send-whatsapp-message-automatically-using-python-for-impress-someone-0a9f488a4b54?source=rss------bug_bounty-5Mr.Horbiohacking, cybersecurity, technology, python, bug-bounty01-Feb-2024
Understanding and Mitigating Active Directory Attackshttps://medium.com/@paritoshblogs/understanding-and-mitigating-active-directory-attacks-51b7b5737ecc?source=rss------bug_bounty-5Paritoshbug-bounty, azure, hacking, active-directory, cybersecurity31-Jan-2024
Uncovering a Parameter Tampering Vulnerability in Event Expo Ticketing Systemhttps://medium.com/@sulmanfarooq531/uncovering-a-parameter-tampering-vulnerability-in-event-expo-ticketing-system-89fc52e26414?source=rss------bug_bounty-5Sulman Farooq Sburpsuite, tampering, http-parameter-pollution, parameter-tampering, bug-bounty31-Jan-2024
Hunt, Hack, Reward — Hacking For Good with Bountieshttps://thethreatcops.medium.com/hunt-hack-reward-hacking-for-good-with-bounties-6a57d12c82a0?source=rss------bug_bounty-5the threat copsthethreatcops, cybersecurity, bug-bounty, hacking, infosec31-Jan-2024
Navigating the Storm: Understanding CVE-2023–34048’s Impact on VMware vCenter Serverhttps://medium.com/@elniak/navigating-the-storm-understanding-cve-2023-34048s-impact-on-vmware-vcenter-server-6004e6531e5b?source=rss------bug_bounty-5ElNiakthreat-intelligence, cybersecurity, bug-bounty, penetration-testing, vmware31-Jan-2024
Json Tokens (JWT) Token Checkshttps://akash-venky091.medium.com/json-tokens-jwt-token-checks-f23d5107e370?source=rss------bug_bounty-5Akash Venkycybersecurity, ethical-hacking, bug-bounty, security, jwt31-Jan-2024
What to expect from BSides Transylvania 2024https://corneacristian.medium.com/what-to-expect-from-bsides-transylvania-2024-38f62ffb1ebd?source=rss------bug_bounty-5Cristian Corneacybersecurity, technology, bug-bounty, software-development, tech31-Jan-2024
Tackling IDOR on UUID based objectshttps://medium.com/pentesternepal/tackling-idor-on-uuid-based-objects-71e8cb2dc265?source=rss------bug_bounty-5Veshraj Ghimireidor-vulnerability, bug-bounty31-Jan-2024
5.9 Lab: Infinite money logic flaw | 2024https://cyberw1ng.medium.com/5-9-lab-infinite-money-logic-flaw-2024-9aec41bc9ca0?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, cybersecurity, security, bug-bounty31-Jan-2024
Creating a recon database with Flask, MongoDB, REST Api and ChatGPT — Part Onehttps://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-one-77ec3fd3b914?source=rss------bug_bounty-5Alibug-bounty, database, reconnaissance, python31-Jan-2024
How to use Virtual Boxhttps://medium.com/@joshdesharnais1/how-to-use-virtual-box-f3b66be0d9d7?source=rss------bug_bounty-5Joshua Desharnaisbug-bounty, virtual, operating-systems, oracle31-Jan-2024
Bug Bounty Hunting, Part 1: Stealthy Parameter Detection with ParamSpiderhttps://medium.com/master-hackers/bug-bounty-hunting-part-1-stealthy-parameter-detection-with-paramspider-28e8ae3af5d4?source=rss------bug_bounty-50xClonazbug-bounty, hacker, bug-bounty-tips, cybersecurity, hacking31-Jan-2024
Ransomware: Build Your Own Ransomwarehttps://medium.com/master-hackers/ransomware-build-your-own-ransomware-b8002b355300?source=rss------bug_bounty-50xClonazhacking, cybersecurity, hacker, programming, bug-bounty31-Jan-2024
Recon Methodologyhttps://medium.com/@alanvv03/recon-methodology-6626fea2e6ed?source=rss------bug_bounty-5Alanvvcybersecurity, bug-bounty, reconnaissance31-Jan-2024
Une erreur fatalehttps://mr0me.medium.com/salut-a2c0cf7cfb4c?source=rss------bug_bounty-5Jephte Mangendamistakes, wordpress-development, wordpress, bug-bounty, bugs31-Jan-2024
Web Cache Poisoninghttps://k4gur4.medium.com/web-cache-poisoning-04fea694708e?source=rss------bug_bounty-5Kaguracybersecurity, web-security, bug-bounty31-Jan-2024
Decoding the OWASP Top 10https://medium.com/@paritoshblogs/decoding-the-owasp-top-10-e193b715cb37?source=rss------bug_bounty-5Paritoshbug-bounty, owasp, cybersecurity, pentesting, hacking30-Jan-2024
Critical Jenkins RCE Vulnerability (CVE-2024–23897)https://medium.com/@elniak/critical-jenkins-rce-vulnerability-cve-2024-23897-402061a2b187?source=rss------bug_bounty-5ElNiakjenkins, bug-bounty, penetration-testing, vulnerability, cybersecurity30-Jan-2024
Simplifying Issue Traceability with Links Explorer in the monday Platformhttps://medium.com/optimizory-apps/simplifying-issue-traceability-with-links-explorer-in-the-monday-platform-c8cfbee37668?source=rss------bug_bounty-5Divyansh Vatsproject-management, marketplaces, issues, bug-bounty, traceability30-Jan-2024
Title: Exploiting Path Traversal Vulnerability in User Profile URLshttps://medium.com/@kataeriidubstep/title-exploiting-path-traversal-vulnerability-in-user-profile-urls-82c0e8ba1a3e?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, cybersecurity, appsec30-Jan-2024
Reflected XSS into a JavaScript String with Single Quote and Backslash Escapedhttps://medium.com/@marduk.i.am/reflected-xss-into-a-javascript-string-with-single-quote-and-backslash-escaped-ba435167b43f?source=rss------bug_bounty-5Marduk I Amreflected-xss, cross-site-scripting, portswigger-lab, bug-bounty, cybersecurity30-Jan-2024
My SSRF Tricks — Bug Bounty Tuesdayhttps://medium.com/@kerstan/my-ssrf-tricks-bug-bounty-tuesday-f0d7e53c8d88?source=rss------bug_bounty-5kerstanbug-bounty, security, hacking, cybersecurity, technology30-Jan-2024
Rekomendasi Platform Bug Bounty Nasional Maupun Internasionalhttps://medium.com/@artiacode/rekomendasi-platform-bug-bounty-nasional-maupun-internasional-7406d388de08?source=rss------bug_bounty-5ArtiaCodecybersecurity, cyber-security-awareness, bug-bounty, bug-bounty-hunter, bug-bounty-program30-Jan-2024
Navigating the World of Bug Bounties in 2024: Opportunities and Platforms for Ethical Hackershttps://hacksheets.medium.com/navigating-the-world-of-bug-bounties-in-2024-opportunities-and-platforms-for-ethical-hackers-99ff20231e3e?source=rss------bug_bounty-5Hacksheets | Learn Cybersecuritybug-bounty, artificial-intelligence, chatgpt, cybersecurity, penetration-testing30-Jan-2024
Pov — HackTheBox Seasonal Machine Simple Writeup by Karthikeyan Nagaraj | 2024https://infosecwriteups.com/pov-hackthebox-seasonal-machine-simple-writeup-by-karthikeyan-nagaraj-2024-7516c938c688?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hackthebox, hackthebox-writeup, careers, cybersecurity30-Jan-2024
Attacking Session Management | Part 06 | What To Do After Choosing a Targethttps://medium.com/@omarora1603/attacking-session-management-part-06-what-to-do-after-choosing-a-target-b551ab0455c5?source=rss------bug_bounty-5Om Arorainfosec, information-security, hacking, bug-bounty, cybersecurity30-Jan-2024
Best Approach to RCEhttps://medium.com/@anekantsinghai/best-approach-to-rce-630187d4ad03?source=rss------bug_bounty-5Anekant Singhai Jainred-team, ethical-hacking, rce, penetration-testing, bug-bounty30-Jan-2024
An introductory guide to HTTP request smugglinghttps://medium.com/@mayank_prajapati/an-introductory-guide-to-http-request-smuggling-0defb95e87ce?source=rss------bug_bounty-5Mayank Kumar Prajapatiwebsite, web, bug-bounty, hacking, vulnerability30-Jan-2024
How to replicate Jenkins CVE-2024–23897: Arbitrary File Read Vulnerabilityhttps://medium.com/@red_darkin/how-to-replicate-jenkins-cve-2024-23897-arbitrary-file-read-vulnerability-260c8174dd94?source=rss------bug_bounty-5Red Darkinbug-bounty, cybersecurity, cve-2024-23897, jenkins, offsec30-Jan-2024
Behind the Scenes of DLLs : How Attackers Exploit Legitimate Programs for Mischief!https://osintteam.blog/behind-the-scenes-of-dlls-how-attackers-exploit-legitimate-programs-for-mischief-395a7540af1f?source=rss------bug_bounty-5Paritoshdll-hijacking, information-security, cybersecurity, hacking, bug-bounty29-Jan-2024
Fundamentals of .NET Decompilation With dnSpyhttps://infosecwriteups.com/fundamentals-of-net-decompilation-with-dnspy-e7456707b1d2?source=rss------bug_bounty-5Jowardpentesting, hacking, bug-bounty, dotnet29-Jan-2024
How to Earn Bug Bounty as a Professional Bug hunterhttps://rajput623929.medium.com/how-to-earn-bug-bounty-as-a-professional-bug-hunter-ef7de858f94b?source=rss------bug_bounty-5Mr.Horbiobug-bounty, bugs, earn-money-online, ethical-hacking, cybersecurity29-Jan-2024
Port Scanning: Pengertian, Teknik, Dan Pencegahannyahttps://medium.com/@talaskosec/port-scanning-pengertian-teknik-dan-pencegahannya-38dece0adf2e?source=rss------bug_bounty-5TalaskoSecbug-bounty-indonesia, coding, cyber-security-indonesia, cybersecurity, bug-bounty29-Jan-2024
XML External Entity injection with error-based data exfiltrationhttps://infosecwriteups.com/xml-external-entity-injection-with-error-based-data-exfiltration-985b063ec820?source=rss------bug_bounty-5Serj Novoselovpenetration-testing, hacking, bug-bounty, xml, writeup29-Jan-2024
OWASP Top 10 API Security Risks — 2023https://medium.com/@aayushdhakal005/owasp-top-10-api-security-risks-2023-0e1cd92214cf?source=rss------bug_bounty-5Creepydoomerbug-bounty, cybersecurity, owasp, api29-Jan-2024
Kenalan Sama Bug Bountyhttps://medium.com/@artiacode/kenalan-sama-bug-bounty-a9d72927a349?source=rss------bug_bounty-5ArtiaCodebug-bounty, cybersecurity, bug-bounty-tips, cyber-security-awareness, ethical-hacking29-Jan-2024
CheckList for Bug Bounty Huntinghttps://medium.com/@kalidaskamaraj/checklist-for-bug-bounty-hunting-ffcaf4841242?source=rss------bug_bounty-5Kalidaskamarajbug-bounty, cybersecurity, ethical-hacking, penetration-testing, web-application-testing29-Jan-2024
Meteor Subdomain Takeoverhttps://medium.com/@youngvanda/meteor-subdomain-takeover-b33034a44aa7?source=rss------bug_bounty-5YoungVandacybersecurity, technology, bug-bounty, javascript, programming29-Jan-2024
CVE-2024–0519: Chrome’s Gateway to Memory Accesshttps://medium.com/@elniak/cve-2024-0519-chromes-gateway-to-memory-access-8cfd6cbbd168?source=rss------bug_bounty-5ElNiakgoogle, cybersecurity, penetration-testing, bug-bounty, threat-intelligence29-Jan-2024
OWASP Top 10 API Security Risks — 2023https://medium.com/@aayushdhakal005/owasp-top-10-api-security-risks-2023-0e1cd92214cf?source=rss------bug_bounty-5Creepyshitbug-bounty, cybersecurity, owasp, api29-Jan-2024
Discord’s preview bot redirection vulnerabilityhttps://medium.com/@lenoctambule/discords-preview-bot-redirection-vulnerability-c8b08fe3721b?source=rss------bug_bounty-5Le Noctambulebug-bounty, bugs, software-development, cybersecurity29-Jan-2024
Simple Tips for Bug Bounty Beginners: Finding OTP Bypass Bughttps://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-otp-bypass-bug-22323a8ff49b?source=rss------bug_bounty-5Anish Narayanbug-bounty, cybersecurity, bug-bounty-tips, technology, programming29-Jan-2024
Huge Bug Bounty Resourcehttps://medium.com/@joshdesharnais1/huge-bug-bounty-resource-d25ee48d81cc?source=rss------bug_bounty-5Joshua Desharnaishacking, bug-bounty, bugs, bug-bounty-tips29-Jan-2024
Techniques in Exploiting Business Logic Vulnerabilities for Bug Bounty | 2024https://cyberw1ng.medium.com/techniques-in-exploiting-business-logic-vulnerabilities-for-bug-bounty-2024-93293353e99f?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, cybersecurity, security29-Jan-2024
Automation Hacks: Unearthing a Critical RCE the Easy Wayhttps://asbawy.medium.com/automation-hacks-unearthing-a-critical-rce-the-easy-way-ad64f01a06a3?source=rss------bug_bounty-5Asbawybug-bounty-tips, hacking, bug-bounty, cybersecurity, automation-testing29-Jan-2024
Reflected XSS in canonical link taghttps://medium.com/@marduk.i.am/reflected-xss-in-canonical-link-tag-64c9719fc6ad?source=rss------bug_bounty-5Marduk I Amreflected-xss, cybersecurity, portswigger-lab, bug-bounty, cross-site-scripting29-Jan-2024
Bug Zero at a Glance [01–15 January]https://blog.bugzero.io/bug-zero-at-a-glance-01-15-january-70f2e0b58c59?source=rss------bug_bounty-5Januka Dharmapriyasri-lanka, newsletter, bug-zero, bug-bounty, cybersecurity28-Jan-2024
How I Learned To Exploit Buffer Overflows: An Introduction to Stack-Based Buffer Overflowshttps://medium.com/@shcyber/how-i-learned-to-exploit-buffer-overflows-an-introduction-to-stack-based-buffer-overflows-5b27e339a1a6?source=rss------bug_bounty-5SHCybercybersecurity, buffer-overflow-attack, bug-bounty, binary-exploitation, buffer-overflow28-Jan-2024
Explorasi Platform Bug Bounty untuk Cyber Security Enthusiastshttps://medium.com/@faisalhanafi112/explorasi-platform-bug-bounty-untuk-cyber-security-enthusiasts-5d3bde391f69?source=rss------bug_bounty-5Faisal Hanafired-team, linuxhacking, pentesting, bug-bounty, cybersecurity28-Jan-2024
Useful HTTP method every bug hunter must knowhttps://medium.com/@aayushdhakal005/useful-http-method-every-bug-hunter-must-know-02f57f59812a?source=rss------bug_bounty-5Creepydoomercybersecurity, web, https, bug-bounty28-Jan-2024
Thorough Review Bug Bounty Hunter Certification [CBBH]https://medium.com/@ozomarzu/thorough-review-bug-bounty-hunter-certification-cbbh-f39765da27bc?source=rss------bug_bounty-5CyberOzpentesting, hackthebox, bug-bounty-hunter, bug-bounty, web-vulnerabilities28-Jan-2024
I will be giving away my book for free!https://medium.com/@deadoverflow/i-will-be-giving-away-my-book-for-free-924191fdea84?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, hacking, cybersecurity, bug-hunting, bug-bounty28-Jan-2024
Get IDOR In No Permission To Access Page — Bug Bounty Tuesdayhttps://medium.com/@kerstan/get-idor-in-no-permission-to-access-page-bug-bounty-tuesday-a04fbb7e7821?source=rss------bug_bounty-5kerstancybersecurity, technology, hacking, security, bug-bounty28-Jan-2024
Reflected XSS with some SVG markup allowedhttps://medium.com/@marduk.i.am/reflected-xss-with-some-svg-markup-allowed-10d198692208?source=rss------bug_bounty-5Marduk I Amreflected-xss, cross-site-scripting, portswigger-lab, cybersecurity, bug-bounty28-Jan-2024
Roadmap Belajar SOC Analyst Dan Toolsnyahttps://medium.com/@yasminramadini/roadmap-belajar-soc-analyst-dan-toolsnya-5ce314f0b0ff?source=rss------bug_bounty-5Yeaszecbug-bounty, ethical-hacking, programmer, blue-team, cybersecurity28-Jan-2024
CVE-2023–45866: 0-Click Bluetooth vulnerabilityhttps://medium.com/@elniak/understanding-and-mitigating-cve-2023-45866-0-click-vulnerability-2576ec17c38f?source=rss------bug_bounty-5ElNiakbluetooth, cybersecurity, bug-bounty, penetration-testing, threat-intelligence28-Jan-2024
MIME Sniffing Explained: How Browsers Can Misinterpret Content Typeshttps://medium.com/@ab3lsec/mime-sniffing-explained-how-browsers-can-misinterpret-content-types-68c22d300345?source=rss------bug_bounty-5Abel Vsniffing, web-browser, cybersecurity, web-application-security, bug-bounty28-Jan-2024
Hunting for Vulnerabilities that are ignored by most of the Bug Bounty Hunters — Part 1https://medium.com/@vflexo/hunting-for-vulnerabilities-that-are-ignored-by-most-of-the-bug-bounty-hunters-part-1-187b35508e56?source=rss------bug_bounty-5vFlexoethical-hacking, bug-bounty, penetration-testing, vapt, information-security28-Jan-2024
How do you actually find bugs? (Part 2)https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-part-2-5d6930edeee7?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, bug-hunting, bug-bounty, hacking, cybersecurity28-Jan-2024
Clicker — HackTheBox Machine Simple Writeup by Karthikeyan Nagaraj | 2024https://infosecwriteups.com/clicker-hackthebox-machine-simple-writeup-by-karthikeyan-nagaraj-2024-313b383236bd?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, bug-bounty, hackthebox-writeup, hackthebox28-Jan-2024
How do you actually find bugs? (My 2 years experience) | Part 2https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-part-2-5d6930edeee7?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, bug-hunting, bug-bounty, hacking, cybersecurity28-Jan-2024
This is the easiest bug you can find.https://medium.com/@deadoverflow/this-is-the-easiest-bug-you-can-find-90573d0053e1?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, cybersecurity, programming, bug-bounty, hacking28-Jan-2024
How to Get CVEs Online (Fast)https://fh4ntke.medium.com/how-to-get-cves-online-fast-c0d6d897c04d?source=rss------bug_bounty-5FHantkebug-bounty, information-technology, web-development, cybersecurity, hacking28-Jan-2024
XSS is hard to find… or is it? (How to you find bugs)https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-part-2-5d6930edeee7?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, bug-hunting, bug-bounty, hacking, cybersecurity28-Jan-2024
ARPA Monthly Report | December Progress Reviewhttps://arpa.medium.com/arpa-monthly-report-december-progress-review-d49a5a44b79c?source=rss------bug_bounty-5ARPA Officialstaking, cryptography, arpa, bug-bounty, rng27-Jan-2024
5.8 Lab: Insufficient workflow validation | 2024https://cyberw1ng.medium.com/5-8-lab-insufficient-workflow-validation-2024-ce57b036d908?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, cybersecurity, bug-bounty, hacking, careers27-Jan-2024
Essential Encoding Schemes for Bug Bounty Huntershttps://medium.com/@aayushdhakal005/essential-encoding-schemes-for-bug-bounty-hunters-2cccd3dcb124?source=rss------bug_bounty-5Creepydoomerbug-bounty, cybersecurity, ethical-hacking, security, encoding27-Jan-2024
Your Life in the Crosshairs of Cybersecurity Threats!https://medium.com/@paritoshblogs/your-life-in-the-crosshairs-of-cybersecurity-threats-526f4a122e14?source=rss------bug_bounty-5Paritoshsecurity, cybersecurity, programming, bug-bounty, information-security27-Jan-2024
500$: MFA bypass By Race Conditionhttps://medium.com/@a13h1/500-mfa-bypass-by-race-condition-176421462902?source=rss------bug_bounty-5Abhi Sharmarace-condition, bug-bounty, programming, 2fa, cybersecurity27-Jan-2024
Як працює програма винагороди за виправлення помилок від Aleo?https://medium.com/@prekrasnazasmin/%D1%8F%D0%BA-%D0%BF%D1%80%D0%B0%D1%86%D1%8E%D1%94-%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%B0-%D0%B2%D0%B8%D0%BD%D0%B0%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B8-%D0%B7%D0%B0-%D0%B2%D0%B8%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%BD%D1%8F-%D0%BF%D0%BE%D0%BC%D0%B8%D0%BB%D0%BE%D0%BA-%D0%B2%D1%96%D0%B4-aleo-edafe6e7dce0?source=rss------bug_bounty-5Marlin_2_2_0aleo, bug-bounty27-Jan-2024
Schneier’s Law In Bug Bountyhttps://wallotry.medium.com/schneiers-law-in-bug-bounty-df04bebfdf2f?source=rss------bug_bounty-5Wallotrybug-bounty-hunting, bug-bounty-tips, bug-bounty27-Jan-2024
SIEM Home Lab: Detecting Web Attackhttps://medium.com/@yasminramadini/siem-home-lab-detecting-web-attack-b08c0d575498?source=rss------bug_bounty-5Yeaszecsoc-analyst, pentester, cybersecurity, bug-bounty, ethical-hacking26-Jan-2024
Detecting Server-Side Technologies for Bug Hunting:https://medium.com/@aayushdhakal005/detecting-server-side-technologies-for-bug-hunting-9f894bd87da2?source=rss------bug_bounty-5Creepydoomerphp, python, servers, bug-bounty, microsoft26-Jan-2024
Evolution of Critical Log Sources in SIEM: A 5-Year Retrospectivehttps://infosecwriteups.com/evolution-of-critical-log-sources-in-siem-a-5-year-retrospective-841bae2b6a6c?source=rss------bug_bounty-5Paritoshsecurity, cybersecurity, siem, hacking, bug-bounty26-Jan-2024
Zero Click Account Takeoverhttps://medium.com/@bhavin87859/zero-click-account-takeover-404bb73121c9?source=rss------bug_bounty-5Sunny Sharmabug-bounty-writeup, bug-bounty26-Jan-2024
Bug Bounty For Beginners 2024 Part (3).https://medium.com/@lukwagoasuman236/bug-bounty-for-beginners-2024-part-3-3f8a70f8652e?source=rss------bug_bounty-5Asuman Lukwagobug-bounty-tips, vulnerability-assessment, bug-bounty, cybersecurity, beginners-guide26-Jan-2024
Unveiling the Odyssey: A Riveting Tale of PII Disclosure Vulnerability Discoveryhttps://medium.com/@mrraghavop12/unveiling-the-odyssey-a-riveting-tale-of-pii-disclosure-vulnerability-discovery-615f04432654?source=rss------bug_bounty-5Ethical Raghavblockchain, data-science, cybersecurity, technology, bug-bounty26-Jan-2024
Reflected XSS into HTML context with all tags blocked except custom oneshttps://medium.com/@marduk.i.am/reflected-xss-into-html-context-with-all-tags-blocked-except-custom-ones-7eec0b6b146f?source=rss------bug_bounty-5Marduk I Ambug-bounty, cross-site-scripting, cybersecurity, portswigger-lab, dom-xss26-Jan-2024
Strategies for Success in Audit Contests and Bug Bounty Huntinghttps://medium.com/@JohnnyTime/strategies-for-success-in-audit-contests-and-bug-bounty-hunting-082cef9b4021?source=rss------bug_bounty-5Johnny Timesmart-contract-auditing, audit-contest, bug-bounty, code4rena, bug-bounty-tips26-Jan-2024
Ensuro Partners with Immunefi to Launch Bug Bounty Programhttps://medium.com/@zorely/ensuro-partners-with-immunefi-to-launch-bug-bounty-program-e63368cdc0b0?source=rss------bug_bounty-5Ensuro ZEbug-bounty26-Jan-2024
How I Discovered a Sneaky Account Takeover Vulnerabilityhttps://sumedhgharpande.medium.com/how-i-discovered-a-sneaky-account-takeover-vulnerability-530c3a080a20?source=rss------bug_bounty-5Sumedh Gharpandebug-bounty, ethical-hacking, cyber-security-awareness, hacking, broken-access-control26-Jan-2024
General Questions Asked in Telephonic Interview (Q&A)for Cybersecurity Role-My Personal Experience…https://medium.com/@Ajakcybersecurity/general-questions-asked-in-telephonic-interview-q-a-for-cybersecurity-role-my-personal-experience-ae6298e5b8f0?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, ethical-hacking, interview, cybersecurity, jobs26-Jan-2024
5.7 Lab: Weak isolation on dual-use endpoint | 2024https://cyberw1ng.medium.com/5-7-lab-weak-isolation-on-dual-use-endpoint-2024-cd80519184b4?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, security, bug-bounty, careers26-Jan-2024
Bug Bounty 101: Unveiling the Crucial Role in Cybersecurity for Beginnershttps://systemweakness.com/bug-bounty-101-unveiling-the-crucial-role-in-cybersecurity-for-beginners-0d8611e6f315?source=rss------bug_bounty-5Fahri Yeşilcyber-threat-intelligence, bug-bounty, ethical-hacking, cybersecurity, vulnerability-research26-Jan-2024
Web Cache Poisoning: WWWWWH?https://medium.com/@rcxsecurity/web-cache-poisoning-wwwwwh-ee2b47d6bacc?source=rss------bug_bounty-5RCXSecuritycybersecurity, pentesting, bug-bounty-tips, penetration-testing, bug-bounty26-Jan-2024
How to get your email from different bug bounty platform to start hacking :https://medium.com/@aayushdhakal005/how-to-get-your-email-from-different-bug-bounty-platform-to-start-hacking-ce01dd45f7ca?source=rss------bug_bounty-5Creepydoomercybersecurity, bug-bounty, ethical-hacking, hackerone, hacker25-Jan-2024
Tool: SCRIPTKIDDI3: A Comprehensive Guide to Efficient Bug Bounty Reconnaissancehttps://nixiebytes.medium.com/tool-scriptkiddi3-a-comprehensive-guide-to-efficient-bug-bounty-reconnaissance-dc91c3517a5e?source=rss------bug_bounty-5Nixie_Bytes Security Teambug-bounty, hacking-tools, tools, cybersecurity, hacking25-Jan-2024
A Comprehensive Guide to Bug Bounty Hunting Masteryhttps://medium.com/@mrraghavop12/a-comprehensive-guide-to-bug-bounty-hunting-mastery-706934490626?source=rss------bug_bounty-5Ethical Raghavbug-bounty, cybersecurity, artificial-intelligence, blockchain, data-science25-Jan-2024
eJPT all you need to knowhttps://medium.com/@boogsta/ejpt-all-you-need-to-know-7c62fef04cf3?source=rss------bug_bounty-5Boogstacyber, bug-bounty, bug-bounty-tips, hacking, cybersecurity25-Jan-2024
5.6 Lab: Inconsistent handling of exceptional input | 2024https://cyberw1ng.medium.com/5-6-lab-inconsistent-handling-of-exceptional-input-2024-d02e2bb522f4?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, security, bug-bounty, cybersecurity25-Jan-2024
OWASP TOP 10 2021:https://medium.com/@aayushdhakal005/owasp-top-10-2021-cfb610db7dd4?source=rss------bug_bounty-5Creepydoomercybersecurity, ethical-hacking, bug-bounty, sql-injection, owasp24-Jan-2024
Git Directory Exposed Leads to Credentials Disclosurehttps://medium.com/@blackarazi/git-directory-exposed-leads-to-credentials-disclosure-1d1737638279?source=rss------bug_bounty-5Azhari Harahapbug-bounty-writeup, supply-chain-security, bug-bounty, application-security, git-exposed24-Jan-2024
Avedia Player r9300 Vulnerabilitieshttps://medium.com/@x41x41x41/avedia-player-r9300-vulnerabilities-1c71b4d8efa0?source=rss------bug_bounty-5John Mweb-development, cve, bug-bounty, hacking, exploit24-Jan-2024
5.5 Low-level logic flaw in Business logic vulnerabilities | 2024https://cyberw1ng.medium.com/5-5-low-level-logic-flaw-in-business-logic-vulnerabilities-2024-cf9a90e2e762?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, security24-Jan-2024
The Immunefi bug bounty campaign is livehttps://dexenetwork.medium.com/the-immunefi-bug-bounty-campaign-is-live-5782b93f823e?source=rss------bug_bounty-5DeXe Protocoldao, dexe, defi, bug-bounty24-Jan-2024
The art of learning bug bounty.https://medium.com/@siratsami71/the-art-of-learning-bug-bounty-9c2a48aee53b?source=rss------bug_bounty-5Sirat Sami (analyz3r)bugbounty-writeup, bug-bounty24-Jan-2024
IDOR Allowing to Place Other Students in Exam Sessionshttps://medium.com/@mr_payload_injector/idor-allowing-to-place-other-students-in-exam-sessions-1bbefd14ac8d?source=rss------bug_bounty-5Mr_Payload_Injectorbug-bounty, cybersecurity, idor, bug-bounty-writeup, ethical-hacking24-Jan-2024
Response Manipulation Lead To Premium Feature By Normal User Reward of $500https://medium.com/@zikola1/response-manipulation-lead-to-premium-feature-by-normal-user-reward-of-500-43381f769ab1?source=rss------bug_bounty-5Abdulrahman badawiweb-application-security, bug-bounty-tips, penetration-testing, bug-bounty, bug-bounty-writeup24-Jan-2024
OWASP TOP 10 2017:https://medium.com/@aayushdhakal005/owasp-top-10-2017-9daabe8c44bf?source=rss------bug_bounty-5Aayushdhakalbug-bounty, ethical-hacking, sql, owasp, cybersecurity23-Jan-2024
Get IDOR In No Permission To Access Page— Bug Bounty Tuesdayhttps://medium.com/@kerstan/get-idor-in-no-permission-to-access-page-bug-bounty-tuesday-68aa82402171?source=rss------bug_bounty-5kerstanhacking, cybersecurity, technology, bug-bounty, security23-Jan-2024
Dosya yükleme ile XSShttps://enesozlekk.medium.com/dosya-y%C3%BCkleme-ile-xss-8f2dd8d093c4?source=rss------bug_bounty-5Enes Özlekbug-bounty23-Jan-2024
How to Exploit Business Logic Vulnerabilities for Bug Bounty | 2024https://cyberw1ng.medium.com/how-to-exploit-business-logic-vulnerabilities-for-bug-bounty-2024-5c9f14420d50?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, security, cybersecurity, bug-bounty23-Jan-2024
SQL Injection on PostgreSQLhttps://medium.com/@yagizkocer/sql-injection-on-postgresql-8c8f823e44aa?source=rss------bug_bounty-5Yağız Koçersql-injection, penetration-testing, bug-bounty, hacking, cybersecurity23-Jan-2024
Leaked SQL error leading to XSS, and another BSQLi...https://medium.com/@zatikyan.sevada/leaked-sql-error-leading-to-xss-and-another-bsqli-cdadde032687?source=rss------bug_bounty-5Zatikyan Sevadabug-bounty, sql-injection, sql, xss-attack, cybersecurity22-Jan-2024
Hacking behind the WAFhttps://noorhomaid.medium.com/hacking-behind-the-waf-60c6c1a48411?source=rss------bug_bounty-5NoorHomaidinfosec, bug-bounty-tips, penetration-testing, bug-bounty, cybersecurity22-Jan-2024
Better understanding of User-Directed Spidering vs Automated Spideringhttps://medium.com/@aayushdhakal005/better-understanding-of-user-directed-spidering-vs-automated-spidering-a18342c42a25?source=rss------bug_bounty-5Aayushdhakalhacking, penetration-testing, spidering, web, bug-bounty22-Jan-2024
How to find unprotected databases with Netlas.io: Chapter 2https://netlas.medium.com/how-to-find-unprotected-databases-with-netlas-io-chapter-2-ba71b07c9630?source=rss------bug_bounty-5Netlas.iocybersecurity, information-security, bug-bounty, penetration-testing, osint22-Jan-2024
This Tool Helps Me To Find The Origin IP Addresshttps://medium.com/@Ajakcybersecurity/this-tool-helps-me-to-find-the-origin-ip-address-75b1444da57e?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, bug-bounty, hacking, cybersecurity, ethical-hacking22-Jan-2024
Is It Worth Quitting 9–5 Job For a Full-Time Bug Bounty In 2024?https://medium.com/@Ajakcybersecurity/is-it-worth-quitting-9-5-job-for-a-full-time-bug-bounty-in-2024-a408389d914e?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, medium, bug-bounty, jobs, penetration-testing22-Jan-2024
4.5 Lab: Blind OS command injection with out-of-band data exfiltration | 2024https://cyberw1ng.medium.com/4-5-lab-blind-os-command-injection-with-out-of-band-data-exfiltration-2024-7bb26c2473e7?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, security, hacking, cybersecurity22-Jan-2024
Bug Bounty For Beginners 2024.https://medium.com/@lukwagoasuman236/bug-bounty-for-beginners-2024-df4a38ed3ad2?source=rss------bug_bounty-5Asuman Lukwagoplanning, finance, cybersecurity, bug-bounty, info22-Jan-2024
Reflected XSS into HTML context with most tags and attributes blockedhttps://medium.com/@marduk.i.am/reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-4266c6c473ad?source=rss------bug_bounty-5Marduk I Ambug-bounty, portswigger-lab, cybersecurity, cross-site-scripting, dom-xss22-Jan-2024
How do you actually find bugs? (My 2 year experience)https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-my-2-year-experience-2d77d78994a0?source=rss------bug_bounty-5Imad Husanovicbug-bounty, hacking, programming, cybersecurity, bug-bounty-tips22-Jan-2024
HackTheBox Saturn: Explaining SSRFhttps://medium.com/@leomsec/hackthebox-saturn-explaining-ssrf-072234ab5ce3?source=rss------bug_bounty-5Leonardobug-bounty, hacker, pentesting, ctf, hackthebox22-Jan-2024
How I Discovered a Critical Vulnerability in a Leading UK Retail Giant’s Systemhttps://medium.com/@cathreat/how-i-discovered-a-critical-vulnerability-in-a-leading-uk-retail-giants-system-bc4211c159a7?source=rss------bug_bounty-5cathreatunited-kingdom, pentesting, bug-bounty, hacking, ssrf22-Jan-2024
Unveiling the Digital Tapestry: A Penetration Tester's Odyssey into the Heart of Cyber…https://medium.com/@mrraghavop12/title-unveiling-the-digital-tapestry-a-penetration-testers-odyssey-into-the-heart-of-cyber-2ac009e54e2f?source=rss------bug_bounty-5Ethical Raghavbug-bounty, cybersecurity, web-development, technology, artificial-intelligence21-Jan-2024
Gelios Testnet Bug Bounty Program: Earn Up to $5,000https://geliosofficial.medium.com/gelios-testnet-bug-bounty-program-earn-up-to-5-000-10e2d78124f8?source=rss------bug_bounty-5Geliosbitcoin-l2, gelios, blockchain, crypto, bug-bounty21-Jan-2024
Bug bounty platforms for 2024https://medium.com/@notahades/bug-bounty-platforms-for-2024-ab289e5c74a9?source=rss------bug_bounty-5Not_A_Hadesbug-bounty, cybersecurity, hacking, security21-Jan-2024
4.4 Lab: Blind OS command injection with out-of-band interaction | 2024https://cyberw1ng.medium.com/4-4-lab-blind-os-command-injection-with-out-of-band-interaction-2024-f9d0e7a1c7ac?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, hacking, cybersecurity, careers, bug-bounty21-Jan-2024
Making My First 10K by Hacking Open Source Targetshttps://infosecwriteups.com/making-my-first-10k-by-hacking-open-source-targets-14ee1e9eeb70?source=rss------bug_bounty-5SynapticSpacebug-bounty, foss, cybersecurity, hacking21-Jan-2024
Path traversalhttps://medium.com/@codersqs/path-traversal-78cce0994e2d?source=rss------bug_bounty-5Codersqsethical-hacking, server-side-rendering, bug-bounty, ssrf-bug, directory-traversal21-Jan-2024
Exploiting SSRF in PDF HTML Injection: Basic and Blindhttps://medium.com/@jbince/exploiting-ssrf-in-pdf-html-injection-basic-and-blind-047fec5317ae?source=rss------bug_bounty-5Jowardbug-bounty, ssrf, hacking, web-app-security, pentesting21-Jan-2024
Exploiting SSRF in PDF HTML Injection: Basic and Blindhttps://infosecwriteups.com/exploiting-ssrf-in-pdf-html-injection-basic-and-blind-047fec5317ae?source=rss------bug_bounty-5Jowardbug-bounty, ssrf, hacking, web-app-security, pentesting21-Jan-2024
China Implements Stringent Cybersecurity Regulations: Makers Urged to Swiftly Report…https://jareddouville.medium.com/china-implements-stringent-cybersecurity-regulations-makers-urged-to-swiftly-report-673f99696750?source=rss------bug_bounty-5Jared Douvillechina-hackers, cyber-security-awareness, bug-bounty, zero-day, china20-Jan-2024
How I Bypassed CSRF Token — 2 Wayshttps://medium.com/mii-cybersec/how-i-bypassed-csrf-token-2-ways-b87ac04969a8?source=rss------bug_bounty-5Bryan Matthewcsrf-bypass, red-team, bug-bounty, penetration-testing, csrf20-Jan-2024
Stored DOM XSShttps://medium.com/@marduk.i.am/stored-dom-xss-c7c9c972d086?source=rss------bug_bounty-5Marduk I Amportswigger-lab, dom-xss, bug-bounty, cybersecurity, cross-site-scripting20-Jan-2024
The art of account takeoverhttps://medium.com/@iknowhatodo/the-art-of-account-takeover-ec5f9a29c436?source=rss------bug_bounty-5Hossam Ahmedaccount-takeover, information-security, bug-bounty20-Jan-2024
Securing AWS: Understanding EC2 IMDS Vulnerabilities and Learning from the Capital One Breachhttps://kishoreramk.medium.com/securing-aws-understanding-ec2-imds-vulnerabilities-and-learning-from-the-capital-one-breach-6f753e06cd66?source=rss------bug_bounty-5KISHORERAMaws-ec2, aws-s3, cybersecurity, aws, bug-bounty20-Jan-2024
Login DoS — That requires simply sending a lot of specially crafted requestshttps://infosecwriteups.com/login-dos-that-requires-simply-sending-a-lot-of-specially-crafted-requests-2ca927c628dd?source=rss------bug_bounty-5Shriyans Sudhibug-bounty, hackerone, penetration-testing, cybersecurity, web-hacking20-Jan-2024
921$ Privilege Escalation: Unauthorized User Addition to Shared APP Connectionshttps://infosecwriteups.com/921-privilege-escalation-unauthorized-user-addition-to-shared-app-connections-0780134d6cf1?source=rss------bug_bounty-5Abhi Sharmaprivilege-escalation, hacking, cybersecurity, programming, bug-bounty20-Jan-2024
4.3 Lab: Blind OS command injection with output redirection | 2024https://cyberw1ng.medium.com/4-3-lab-blind-os-command-injection-with-output-redirection-2024-d92f52f139b4?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, bug-bounty, cybersecurity, security20-Jan-2024
Boosting Your Income: My Journey with Side Hustles in Cybersecurityhttps://medium.com/@himanshu_mahajan/boosting-your-income-my-journey-with-side-hustles-in-cybersecurity-8cc088c92469?source=rss------bug_bounty-5Himanshu Mahajanside-hustle, security, technology, bug-bounty, cybersecurity20-Jan-2024
How To Hide Any Payload: Day 3/100 Of Gaining Hacking Knowledgehttps://medium.com/@ssg30devil/how-to-hide-any-payload-day-3-100-of-gaining-hacking-knowledge-002c4adb328b?source=rss------bug_bounty-5rootzsbug-bounty-tool, bug-bounty, bug-bounty-tips, hacking19-Jan-2024
Dangling CNAME/Orphaned CNAME leads P2 on Google VRPhttps://medium.com/@jerryhackgather/dangling-cname-orphaned-cname-leads-p2-on-google-vrp-fca8964d983c?source=rss------bug_bounty-5Jerry1319bug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity19-Jan-2024
Penetration Testing Techniqueshttps://anticitizenone.medium.com/penetration-testing-techniques-5eaf254fc5e6?source=rss------bug_bounty-5Rodolfo Santos Flaboreablue-team, purple-team, red-team, pentesting, bug-bounty19-Jan-2024
Best Recon Website For BugBounty in 2024, I came across! Completely Free 🙂https://medium.com/@Ajakcybersecurity/best-recon-website-for-bugbounty-in-2024-i-came-across-completely-free-303d67187400?source=rss------bug_bounty-5AjakCybersecurityblogging, cybersecurity, penetration-testing, ethical-hacking, bug-bounty19-Jan-2024
Authentication Bypass | Part 05 | What To Do After Choosing a Targethttps://medium.com/@omarora1603/authentication-bypass-part-05-what-to-do-after-choosing-a-target-31eddc38029c?source=rss------bug_bounty-5Om Arorahacking, cybersecurity, bug-bounty, technology, infosec19-Jan-2024
4.2 Lab: Lab: Blind OS command injection with time delays | 2024https://cyberw1ng.medium.com/4-2-lab-lab-blind-os-command-injection-with-time-delays-2024-042ad98c27e6?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, careers, bug-bounty, security19-Jan-2024
IDOR To Massive Government Data Leakhttps://bishal0x01.medium.com/idor-to-massive-government-data-leak-e8ad510d7e5?source=rss------bug_bounty-5Bishal Shresthabug-bounty, information-security, writeup, data-leak19-Jan-2024
Authentication Bypass | Part 05 | What To Do After Choosing a Targethttps://infosecwriteups.com/authentication-bypass-part-05-what-to-do-after-choosing-a-target-31eddc38029c?source=rss------bug_bounty-5Om Arorahacking, cybersecurity, bug-bounty, technology, infosec19-Jan-2024
IDOR Vulnerability Allowing Unauthorized Access to Colleagues’ Bachelor Theseshttps://medium.com/@mr_payload_injector/idor-vulnerability-allowing-unauthorized-access-to-colleagues-bachelor-theses-8c76c4ec4480?source=rss------bug_bounty-5Mr_Payload_Injectorcybersecurity, ethical-hacking, bug-bounty-writeup, bug-bounty, bug-bounty-tips19-Jan-2024
#ERROR!https://medium.com/@Xt3sY/500-internal-server-bypass-everything-will-be-200-okay-bcd149397736?source=rss------bug_bounty-5Pushkar Bhagathackerone, hacking, bugcrowd, exploitation, bug-bounty19-Jan-2024
How I Bypassed CSRF Token — 2Wayshttps://medium.com/@bmatth21/how-i-bypassed-csrf-token-2ways-5662b4191188?source=rss------bug_bounty-5Bryan Matthewpenetration-testing, csrf-protection, csrf, bug-bounty, csrf-token19-Jan-2024
Roadmap to Cybersecurity Mastery: A Guide for Aspiring IT Professionalshttps://ikhaleelkhan.medium.com/roadmap-to-cybersecurity-mastery-a-guide-for-aspiring-it-professionals-b2f2e6cc9641?source=rss------bug_bounty-5Khaleel Khanhacking, infosec, cybersecurity, ethical-hacking, bug-bounty18-Jan-2024
AWS/S3 Subdomain Takeoverhttps://medium.com/@scottlindh/aws-s3-subdomain-takeover-79d705cc3553?source=rss------bug_bounty-5Scott Lindhpentesting, hacking, hacking-tools, bug-bounty, bug-bounty-tips18-Jan-2024
Exploiting vulnerabilities in LLM APIs [OS injection]https://medium.com/@s_novoselov/exploiting-vulnerabilities-in-llm-apis-os-injection-b7d31c803d1d?source=rss------bug_bounty-5Serj Novoselovllm, penetration-testing, bug-bounty, ai, hacking18-Jan-2024
Brutal Bug Bounty methodologyhttps://medium.com/@pentajbr/brutal-bug-bounty-methodology-f872d0c1b8da?source=rss------bug_bounty-5Major Jbrbug-bounty-tips, bug-bounty18-Jan-2024
Secret Input Header leads to Password Reset Poisoninghttps://medium.com/@mares.viktor/secret-input-header-leads-to-password-reset-poisoning-ad3081fd8488?source=rss------bug_bounty-5Viktor Maresbug-bounty, penetration-testing, hacking, web-development, cybersecurity18-Jan-2024
Business Logic: Bypass 2FA to ATOhttps://giongfnef.medium.com/business-logic-bypass-2fa-to-ato-e0dc7131b10e?source=rss------bug_bounty-5Giongnefsecurity, bug-bounty, cybersecurity, information-security, pentesting18-Jan-2024
Finding Secret Key Inside React Native Appshttps://aminudin.medium.com/finding-secret-key-inside-react-native-apps-9eb6beac02f8?source=rss------bug_bounty-5Aminudinbug-bounty, bugs, bug-bounty-tips18-Jan-2024
Blind OS command injection vulnerabilities in Portswigger | 2024https://cyberw1ng.medium.com/blind-os-command-injection-vulnerabilities-in-portswigger-2024-cdc10f62d0be?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, security, careers, hacking, bug-bounty18-Jan-2024
Master Bug Bounty Hunting Coursehttps://medium.com/@teamhydrashop/master-bug-bounty-hunting-course-ea3615f1160b?source=rss------bug_bounty-5Team Hydra Shoptool-hack-xổ-số, bug-fixes, bug-bounty, penetration-testing, hacking-tools18-Jan-2024
What is Cyberkill Chain (My first Interview Question of my carrier)https://akash-venky091.medium.com/what-is-cyberkill-chain-my-first-interview-question-of-my-carrier-e1cc6351a24b?source=rss------bug_bounty-5Akash Venkysecurity, bug-bounty, cybersecurity, information-technology, pentesting18-Jan-2024
How I Automatically Generate XSS Payload & Automate Reflected XSShttps://medium.com/@Ajakcybersecurity/how-i-automatically-generate-xss-payload-automate-reflected-xss-91f4a232cd78?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, ethical-hacking, xss-attack, bug-bounty, penetration-testing18-Jan-2024
Is PNPT Certification Worth It for a Cybersecurity Job? Exploring PNPT!https://medium.com/@Ajakcybersecurity/is-pnpt-certification-worth-it-for-a-cybersecurity-job-exploring-pnpt-8fa13a194fe4?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, ethical-hacking, hacking, certification, cybersecurity18-Jan-2024
A Best $5 Spent in My Entire Cybersecurity Journeyhttps://medium.com/@Ajakcybersecurity/a-best-5-spent-in-my-entire-cybersecurity-journey-baf09ae710d0?source=rss------bug_bounty-5AjakCybersecurityhacking, tryhackme, bug-bounty, cybersecurity, ethical-hacking18-Jan-2024
CSRF vulnerabilityhttps://medium.com/@os1764934/csrf-vulnerability-ebfbbe6dd81c?source=rss------bug_bounty-5Omar Samybug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips18-Jan-2024
Hydra Tryhackme: Walkthrough/Writeuphttps://proviesec.medium.com/hydra-tryhackme-walkthrough-writeup-784db55ab9a9?source=rss------bug_bounty-5Proviesechydra, tryhackme-walkthrough, cybersecurity, bug-bounty, tryhackme18-Jan-2024
Things should do after sublister(sublist3r)https://medium.com/@canonminibeast/things-should-do-after-sublister-sublist3r-90176a020409?source=rss------bug_bounty-5Canonminibeastbug-bounty, cybersecurity, sublist3r, web-development, web-pen-testing18-Jan-2024
Exploiting LLM APIs with excessive agencyhttps://jareddouville.medium.com/exploiting-llm-apis-with-excessive-agency-979d87a9937e?source=rss------bug_bounty-5Jared Douvilleportswigger-lab, bug-bounty, cyber-security-awareness, hackerone, llm18-Jan-2024
easy bug = big bounty | easy and small bug can give you a big bounty and Reputationhttps://medium.com/@no_oneee/easy-bug-big-bounty-easy-and-small-bug-can-give-you-a-big-bounty-and-reputation-08534a90d2e6?source=rss------bug_bounty-5no|onebug-bounty, hacking, bug-bounty-tips, information-security, bugs18-Jan-2024
Accessing deleted comment for $$: A Bug Bounty Writeuphttps://vijetareigns.medium.com/accessing-deleted-comment-for-a-bug-bounty-writeup-95d56662d209?source=rss------bug_bounty-5the_unlucky_guybug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips, writeup17-Jan-2024
Understanding and Mitigating Authentication Bypass Techniques in Web Applicationshttps://ikhaleelkhan.medium.com/understanding-and-mitigating-authentication-bypass-techniques-in-web-applications-d72795f469be?source=rss------bug_bounty-5Khaleel Khanhacking, bug-bounty, infosec, infosecurity, ethical-hacking17-Jan-2024
Best Hacking OSINT Site list in 2024https://medium.com/@logicTech/best-hacking-osint-site-list-in-2024-768db84c55e3?source=rss------bug_bounty-5LogicTechhacking-tools, bug-bounty, hacking, osint-investigation, journalism17-Jan-2024
Why Web2 Vulnerabilities Need Addressing Before Embracing Web3 — Part 1https://medium.com/@resonance.security/why-web2-vulnerabilities-need-addressing-before-embracing-web3-part-1-e881424e216c?source=rss------bug_bounty-5Resonancebug-bounty, web3, blockchain17-Jan-2024
Phishing using Google Sheets for Red Team Engagementshttps://infosecwriteups.com/phishing-using-google-sheets-for-red-team-engagements-ac79298ddb90?source=rss------bug_bounty-5Supun Halangoda (Suppa)cybersecurity, phishing-attacks, phishing, information-security, bug-bounty17-Jan-2024
Privilege escalation via response manipulationhttps://seek-er.medium.com/privilege-escalation-via-response-manipulation-e2ed5076b023?source=rss------bug_bounty-5Vikybug-bounty-writeup, hacking, web-application-security, bug-bounty, security17-Jan-2024
1 Program, 4 Business Logic Bugs and Cashing in 2300$.https://infosecwriteups.com/1-program-4-business-logic-bugs-and-cashing-in-2300-299b42236993?source=rss------bug_bounty-5Manav Bankatwalabounty-hunter, information-security, bug-bounty, appreciation, cybersecurity17-Jan-2024
3.6 Lab: File path traversal, validation of file extension with null byte bypass | 2024https://cyberw1ng.medium.com/3-6-lab-file-path-traversal-validation-of-file-extension-with-null-byte-bypass-2024-ccf8005b5379?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, careers, bug-bounty, hacking, cybersecurity17-Jan-2024
Shall I Start Bug Bounty Without Cybersecurity Basics in 2024?https://medium.com/@Ajakcybersecurity/shall-i-start-bug-bounty-without-cybersecurity-basics-in-2024-f62fa3ab1991?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, ethical-hacking, cybersecurity, hacking, bug-bounty17-Jan-2024
API_Security RoadMaphttps://akash-venky091.medium.com/api-security-roadmap-edb59a420b04?source=rss------bug_bounty-5Akash Venkycybersecurity, bug-bounty, vulnerability, information-technology, ethical-hacking16-Jan-2024
Extracting iOS IPA files Without Jailbreaking…!https://medium.com/@dhanush1895/extracting-ios-ipa-files-without-jailbreaking-6e7ee8e57ad7?source=rss------bug_bounty-5Daniel1895methodology, ios, bug-bounty-tips, bug-bounty, pentesting16-Jan-2024
Unleashing the Power of AutoRepeater: Automating Blind SQL Injection Detectionhttps://medium.com/@atikqur007/unleashing-the-power-of-autorepeater-automating-blind-sql-injection-detection-1b159ee81158?source=rss------bug_bounty-5Atik Rahmansql-injection, bug-bounty, blind-sql-injection, burpsuite-extension, cybersecurity16-Jan-2024
3.5 Lab: File path traversal, validation of start of path | 2024https://cyberw1ng.medium.com/3-5-lab-file-path-traversal-validation-of-start-of-path-2024-9b2b9b4f15d7?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, bug-bounty, cybersecurity, hacking, careers16-Jan-2024
How to Discovered IDOR from a Blank Page — Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-to-discovered-idor-from-a-blank-page-bug-bounty-tuesday-5af784533d1a?source=rss------bug_bounty-5kerstantechnology, programming, bug-bounty, cybersecurity16-Jan-2024
GUI Bug Bounty Tool To Find Easy P1s in 2024https://medium.com/@Ajakcybersecurity/gui-bug-bounty-tool-to-find-easy-p1s-in-2024-24d05dceba72?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, ethical-hacking, github, penetration-testing, bug-bounty16-Jan-2024
Secret Bug bounty Extension all Hackers Forget To Add. Part-2 (Not Common!)‍https://medium.com/@Ajakcybersecurity/secret-bug-bounty-extension-all-hackers-forget-to-add-part-2-not-common-e29d857f90e0?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, extension, cybersecurity, hacking, bug-bounty16-Jan-2024
Extensions I Use For My Bug Bounty Hunting in 2024, Part-1. ‍https://medium.com/@Ajakcybersecurity/extensions-i-use-for-my-bug-bounty-hunting-in-2024-part-1-5b8ba7501408?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, blog, hacking, bug-bounty, ethical-hacking16-Jan-2024
A Digital Date with a Hacker: A Café WiFi Adventure!https://medium.com/@Ajakcybersecurity/a-digital-date-with-a-hacker-a-caf%C3%A9-wifi-adventure-db7ae98bbd90?source=rss------bug_bounty-5AjakCybersecuritydigital-forensics, cybersecurity, bug-bounty, hacking, blog16-Jan-2024
What can a Hacker do with your IP Address? Track Your Location?https://medium.com/@Ajakcybersecurity/what-can-a-hacker-do-with-your-ip-address-track-your-location-f7854cd5c32f?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, cybersecurity, blog, digital-forensics, bug-bounty16-Jan-2024
Top 5 Sites to Improve Your Hacking Skill IN 2024https://medium.com/@Ajakcybersecurity/top-5-sites-to-improve-your-hacking-skill-in-2024-b9e786eb7adb?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, blog, cybersecurity, bug-bounty, hacking16-Jan-2024
Day 2/100 Of Gaining Hacking Knowledge — Easily change IP, Mac, DNS, Log killer, and more…….https://medium.com/@ssg30devil/day-2-100-of-gaining-hacking-knowledge-easily-change-ip-mac-dns-log-killer-and-more-7d286c7b7647?source=rss------bug_bounty-5rootzsbug-bounty, ethical-hacking, 100daychallenge, cybersecurity, git-tool16-Jan-2024
Web Security Academy — Business Logic Vulnerabilities Walkthroughhttps://iaraoz.medium.com/web-security-academy-business-logic-vulnerabilities-walkthrough-536f756cda9b?source=rss------bug_bounty-5Israel Aráoz Severichecybersecurity, owasp, vulnerability, appsec, bug-bounty16-Jan-2024
Demystifying Reflected XSS: Understanding and Mitigating This Common Web Security Vulnerabilityhttps://medium.com/@j0hnw1ck/demystifying-reflected-xss-understanding-and-mitigating-this-common-web-security-vulnerability-beaa3bb058c5?source=rss------bug_bounty-5J0hn W1ckbug-bounty, cybersecurity, web-development, pentesting, hacking16-Jan-2024
Bug Zero at a Glance [16–31 December]https://blog.bugzero.io/bug-zero-at-a-glance-16-31-december-d722a2b76ed4?source=rss------bug_bounty-5Januka Dharmapriyanewsletter, bug-bounty, bug-zero, sri-lanka, cybersecurity15-Jan-2024
How Apple Scammed Me Out Of $50,000 in their Bug Bounty Program (Silent Patching & Ignoring Me)https://medium.com/@just4g3nt/how-apple-scammed-me-out-of-50-000-in-their-bug-bounty-program-silent-patching-ignoring-me-18455a47a1f6?source=rss------bug_bounty-5Random Userbug-bounty, infosec, apple, scam, cybersecurity15-Jan-2024
Unrestricted File Upload Lead to Stored XSS at Microsoft main domainhttps://medium.com/@cavdarbashas/unrestricted-file-upload-lead-to-stored-xss-at-microsoft-main-domain-baa9cadac6bd?source=rss------bug_bounty-5Sokol Çavdarbashabug-bounty, penetration-testing, technology, web-security, ethical-hacking15-Jan-2024
HackenProof bug bounty campaign is now livehttps://dexenetwork.medium.com/hackenproof-bug-bounty-campaign-is-now-live-bf9bc5ddd6d1?source=rss------bug_bounty-5DeXe Protocolsecurity, dao, bug-bounty, defi15-Jan-2024
100-day Challenge Day 1/100 Ethical Hacking Knowledgehttps://medium.com/@ssg30devil/100-day-challenge-day-1-100-ethical-hacking-knowledge-9b0625a8e835?source=rss------bug_bounty-5rootzs100daychallenge, ethical-hacking, useful-websites, bug-bounty, most-useful-websites15-Jan-2024
Reflected DOM XSShttps://medium.com/@marduk.i.am/reflected-dom-xss-fdf60de841cb?source=rss------bug_bounty-5Marduk I Amportswigger-lab, bug-bounty, cybersecurity, cross-site-scripting, dom-xss15-Jan-2024
SMTP Server (JAMES SMTP Server 2.3.2)https://medium.com/@akshadjoshi/smtp-server-james-smtp-server-2-3-2-ad934435f021?source=rss------bug_bounty-5Akshad Joshismtp, bug-bounty, pentesting, hackthebox15-Jan-2024
Streamlining Vulnerability Hunting for Bug Bounty and pentestershttps://medium.com/@k-binsaeed/streamlining-vulnerability-hunting-for-bug-bounty-and-pentesters-81e77b3ab7d9?source=rss------bug_bounty-5NumLocK15bug-bounty, vulnerability, cybersecurity, pentesting15-Jan-2024
How I Used A Simple Python Script to Exploit a Vulnerable Google API Key.https://medium.com/@gradillagustavo87/how-i-used-a-simple-python-script-to-exploit-a-vulnerable-google-api-key-475b4fcaf895?source=rss------bug_bounty-5Gustavo Gradillahacking-tools, bug-bounty-writeup, bug-bounty, google15-Jan-2024
How I Automate Finding Amazon S3 Buckets Using A Simple Python Scripthttps://medium.com/@gradillagustavo87/how-i-automate-finding-amazon-s3-buckets-using-a-simple-python-script-c1a7c11a8b52?source=rss------bug_bounty-5Gustavo Gradillacybersecurity, hacking-tools, ethical-hacking, bug-bounty, hacking15-Jan-2024
S3 Bucket takeover with simple technique lead to $$$https://medium.com/@adhaamsayed3/s3-bucket-takeover-with-simple-technique-lead-to-0fc0b89eeecb?source=rss------bug_bounty-5Adham sayed (doosec101)web-app-pentesting, bug-bounty, hacker, hackerone, mobile-app-testing15-Jan-2024
3.3 Lab: File path traversal, traversal sequences stripped non-recursively | 2024https://cyberw1ng.medium.com/3-3-lab-file-path-traversal-traversal-sequences-stripped-non-recursively-2024-5dd6b7d227e6?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, security, hacking, careers14-Jan-2024
Logical Error leads to DOS for victimhttps://medium.com/@tanyago/logical-error-leads-to-dos-for-victim-8e4f6d18ae90?source=rss------bug_bounty-5Tanya Goyalbug-bounty-tips, bug-bounty-writeup, bug-hunting, bug-bounty14-Jan-2024
How to Nail a Perfect Bug Reporthttps://medium.com/@nambiarjishnu1210/how-to-nail-a-perfect-bug-report-b619690779a7?source=rss------bug_bounty-5Jishnu Nambiarsoftware-testing, automation, bug-bounty, testing, quality-assurance14-Jan-2024
Bug Bounty: The Ultimate Guide For Beginnershttps://medium.com/@securelearn/bug-bounty-the-ultimate-guide-for-beginners-92bd470b5c02?source=rss------bug_bounty-5RGsecure-learn, bug-bounty-tips, cybersecurity, hacking, bug-bounty14-Jan-2024
Elevate your Expertise: Key Cybersec Certifications 2k24https://thethreatcops.medium.com/elevate-your-expertise-key-cybersec-certifications-2k24-7a025f5566f4?source=rss------bug_bounty-5the threat copsinformation-security, hacking, career-development, bug-bounty, cybersecurity14-Jan-2024
Exploring the Web’s Hidden Corners with DorkDive: A Google Dorking Tool for Tech Enthusiastshttps://infosecwriteups.com/exploring-the-webs-hidden-corners-with-dorkdive-a-google-dorking-tool-for-tech-enthusiasts-c66816493c76?source=rss------bug_bounty-5Incoggeekpython, cybersecurity, bug-bounty, tools, hacking14-Jan-2024
Mastering Cybersecurity: A Deep Dive into Optimal Attack Surface Management for Public Bug Bounty…https://cyberarafat.medium.com/mastering-cybersecurity-a-deep-dive-into-optimal-attack-surface-management-for-public-bug-bounty-0eb182577c4c?source=rss------bug_bounty-5Arafat Ashrafi Talhaethical-hacking, bug-bounty-tips, bug-bounty, penetration-testing, cybersecurity14-Jan-2024
Layer 5: Bug Bountieshttps://medium.com/@triweisec/layer-5-bug-bounties-f67b2cbdf413?source=rss------bug_bounty-5TriWei.iobug-bounty, web3, blockchain-security, ethical-hacking, vulnerability-assessment14-Jan-2024
ExamSys — Multiple SQL Injectionshttps://fh4ntke.medium.com/examsys-multiple-sql-injections-ef94d84e440c?source=rss------bug_bounty-5FHantkeweb-development, technology, hacking, open-source, bug-bounty14-Jan-2024
How to set up a new Kali Linux virtual machine for Studying | Practicing | Bug Bounty ?https://medium.com/@recepbalibey/how-to-set-up-a-new-kali-linux-virtual-machine-for-studying-practicing-bug-bounty-6ec16222c294?source=rss------bug_bounty-5Recep Balıbeyvirtual-machine, kali-linux, ctf, bug-bounty, cybersecurity14-Jan-2024
Vulnerable Web Applications For Training and Testing Your New Toolshttps://medium.com/@eclectic-security/vulnerable-web-applications-for-training-and-testing-your-new-tools-e2411942edb2?source=rss------bug_bounty-5Eclectic Securitybug-bounty, software-development, cybersecurity, training, penetration-testing14-Jan-2024
Mass Hunting Blind XSS — Practical Techniqueshttps://infosecwriteups.com/mass-hunting-blind-xss-practical-techniques-182c422d773e?source=rss------bug_bounty-5Ott3rlybug-bounty-writeup, xss-vulnerability, cross-site-scripting, bug-bounty, cybersecurity14-Jan-2024
What is Bug Bounty Huntinghttps://medium.com/@chaudharyrohit644/what-is-bug-bounty-hunting-d2571271d612?source=rss------bug_bounty-5Rohit Chaudharybug-bounty14-Jan-2024
PII Data Leakage via Directory Listinghttps://medium.com/@fixthis1000time/pii-data-leakage-via-directory-listing-2a5ff7554cdc?source=rss------bug_bounty-5fixthi$infosec, cybersecurity, ethical-hacking, bug-bounty, hacking14-Jan-2024
User Enumeration in the login processhttps://medium.com/@majix_de/user-enumeration-in-the-login-process-a43a248ac70d?source=rss------bug_bounty-5Majixctf, bug-bounty, pentesting, hacking, penetration-testing14-Jan-2024
HackTheBox — Server-side Request Forgery (SSRF) Overviewhttps://medium.com/@harry.hphu/hackthebox-server-side-request-forgery-ssrf-overview-e55ef94ac435?source=rss------bug_bounty-5Huy Phubug-bounty, web-security, hackthebox, owasp-top-10, ssrf13-Jan-2024
What is SQL Injection and how SQL queries work in databasehttps://mrunknown124154.medium.com/what-is-sql-injection-and-how-sql-queries-work-in-database-6971f1729aed?source=rss------bug_bounty-5Mr Abdullahhacking, cyber-security-awareness, bug-bounty, sql-injection, web-hacking13-Jan-2024
Easy way to find RCE via SSTI(server side template injection)https://medium.com/@jeetpal2007/easy-way-to-find-rce-via-ssti-server-side-template-injection-b5f664ddf427?source=rss------bug_bounty-5JEETPALrce, bug-bounty, easy, bugs, ssti13-Jan-2024
DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encodedhttps://medium.com/@marduk.i.am/dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-62bc9a167c8e?source=rss------bug_bounty-5Marduk I Amcross-site-scripting, angularjs, dom-xss, bug-bounty, portswigger-lab13-Jan-2024
mistakes bug bounty hunters fall on it | the key of bug bounty |best advice for 2024https://medium.com/@no_oneee/hello-48e0488f6fa4?source=rss------bug_bounty-5no|oneinformation-security, bugs, bug-bounty-tips, cybersecurity, bug-bounty13-Jan-2024
3.2 Lab: File path traversal, traversal sequences blocked with absolute path bypass | 2024https://cyberw1ng.medium.com/3-2-lab-file-path-traversal-traversal-sequences-blocked-with-absolute-path-bypass-2024-b1eb44cf3151?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, security, hacking, cybersecurity13-Jan-2024
Regeneration of API key by low level user: 500$ Access Control bughttps://medium.com/@a13h1/regeneration-of-api-key-by-low-level-user-500-access-control-bug-87c76b9b5842?source=rss------bug_bounty-5Abhi Sharmabug-bounty, cybersecurity, hacking, api, programming13-Jan-2024
3.2 Lab: File path traversal, traversal sequences blocked with absolute path bypass | 2024https://systemweakness.com/3-2-lab-file-path-traversal-traversal-sequences-blocked-with-absolute-path-bypass-2024-b1eb44cf3151?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, security, hacking, cybersecurity13-Jan-2024
Burp Suite — Download, Set up and Get Going!https://medium.com/@eclectic-security/burp-suite-download-set-up-and-get-going-a58ba7daf678?source=rss------bug_bounty-5Eclectic Securitybug-bounty, tools, cyber-security-training, penetration-testing, burpsuite13-Jan-2024
DOM-Based XSS: Understanding and Mitigating a Stealthy Attack Vectorhttps://medium.com/@ravensec93/dom-based-xss-understanding-and-mitigating-a-stealthy-attack-vector-71ebc56806aa?source=rss------bug_bounty-5Raven Securitybug-bounty, web-security, cybersecurity, xss-attack, hacking13-Jan-2024
Weird bug to steal users credentialshttps://medium.com/@fuadahmad062/weird-bug-to-steal-users-credentials-5e80c5d4565f?source=rss------bug_bounty-5von001bug-bounty-tips, bug-bounty, content-spoofing12-Jan-2024
Forget Blockers, Own Your Freedom: SquareXhttps://tanishqshahsays.medium.com/forget-blockers-own-your-freedom-squarex-4e4d6a845fe8?source=rss------bug_bounty-5Tanishq Sachin Shahbug-bounty, squarex, security, cybersecurity, privacy12-Jan-2024
Mass Hunting Blind XSS — Initial Setuphttps://ott3rly.medium.com/mass-hunting-blind-xss-initial-setup-7fc5c1898999?source=rss------bug_bounty-5Ott3rlyxs, info-sec-writeups, blind-xss, bug-bounty, cross-site-scripting12-Jan-2024
The DeXe Protocol’s Bug Bounty Campaignhttps://dexenetwork.medium.com/the-dexe-protocols-bug-bounty-campaign-a68e960c36cd?source=rss------bug_bounty-5DeXe Protocoldefi, bug-bounty, smart-contracts, dao, security12-Jan-2024
tRPC Security Research: Hunting for Vulnerabilities in Modern APIshttps://medium.com/@LogicalHunter/trpc-security-research-hunting-for-vulnerabilities-in-modern-apis-b0d38e06fa71?source=rss------bug_bounty-5Borna Nematzadehbug-bounty-writeup, bug-bounty, web-security, security-research, api-security12-Jan-2024
Mass Hunting Blind XSS — Initial Setuphttps://infosecwriteups.com/mass-hunting-blind-xss-initial-setup-7fc5c1898999?source=rss------bug_bounty-5Ott3rlyxs, info-sec-writeups, blind-xss, bug-bounty, cross-site-scripting12-Jan-2024
The DeXe Protocol’s Bug Bounty Campaign announcementhttps://dexenetwork.medium.com/the-dexe-protocols-bug-bounty-campaign-a68e960c36cd?source=rss------bug_bounty-5DeXe Protocoldefi, bug-bounty, smart-contracts, dao, security12-Jan-2024
Unraveling the Mysteries of Zoo Services: Feign magic uncoveredhttps://medium.com/@boltaevt/unraveling-the-mysteries-of-zoo-services-feign-magic-uncovered-3d45d211fdec?source=rss------bug_bounty-5@boltaevtbug-bounty, spring-boot, java, microservices, feign12-Jan-2024
Unveiling Vulnerabilities: Loose Permissions in Salesforce Lightning Pose Data Security Threatshttps://samshadow.medium.com/unveiling-vulnerabilities-loose-permissions-in-salesforce-lightning-pose-data-security-threats-41eaba372937?source=rss------bug_bounty-5Sam Shadowbug-bounty-writeup, infosec, salesforce-lightning, bug-bounty, bug-bounty-tips12-Jan-2024
Common obstacles to exploiting path traversal vulnerabilities | 2024https://cyberw1ng.medium.com/common-obstacles-to-exploiting-path-traversal-vulnerabilities-2024-204fd57566f5?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, security, hacking, cybersecurity, careers12-Jan-2024
Holy Ffuf Unleashing Rapid Wealth with a 15-Minute $$$ Twisthttps://medium.com/@Xt3sY/holy-ffuf-unleashing-rapid-wealth-with-a-15-minute-twist-8fada0cc72ba?source=rss------bug_bounty-5Pushkar Bhagathacker101, bug-bounty, hackerone, hacker12-Jan-2024
SQL INJECTION FUNDAMENTALS_HACK THE BOXhttps://medium.com/@romimkhan5588/sql-injection-fundamentals-hack-the-box-d22cde7a7198?source=rss------bug_bounty-5root 28hacking, bug-bounty, cybersecurity, hackthebox, sql-injection12-Jan-2024
Account Takeover via password reset without user interactions (CVE-2023–7028)https://0xweb01.medium.com/account-takeover-via-password-reset-without-user-interactions-cve-2023-7028-cbd2e675992e?source=rss------bug_bounty-50xweb01cve, zero-day, bug-bounty, security12-Jan-2024
Holy Ffuf easy Bounty in 15 minshttps://medium.com/@Xt3sY/holy-ffuf-unleashing-rapid-wealth-with-a-15-minute-twist-8fada0cc72ba?source=rss------bug_bounty-5Pushkar Bhagathacker101, bug-bounty, hackerone, hacker12-Jan-2024
Bug Bountyhttps://medium.com/@pdinukanth/bug-bounty-b1843c8676b3?source=rss------bug_bounty-5Pdinukanthbug-bounty11-Jan-2024
IDN Homograph Attack - Reborn of the Rare Casehttps://shahjerry33.medium.com/idn-homograph-attack-reborn-of-the-rare-case-99fa1e342352?source=rss------bug_bounty-5Jerry Shah (Jerry)pentesting, bug-bounty, infosec, cybersecurity, vulnerability11-Jan-2024
Art of External Network Penetration Testing – Phase First: Preparationhttps://medium.com/@pentesterman/introduction-with-the-rapidly-developing-technologies-in-the-digital-world-the-security-measures-c21d0f62c48f?source=rss------bug_bounty-5Sevban Dönmezcybersecurity, external-pentest, bug-bounty, web-application-security, pentest-preparation11-Jan-2024
2.12 Lab: Password brute-force via password change | 2024https://cyberw1ng.medium.com/2-12-lab-password-brute-force-via-password-change-2024-94a39239f98e?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, bug-bounty, cybersecurity, hacking, careers11-Jan-2024
How I discovered a Critical Vulnerability during a Pentest : IDOR to Privilege Escalationhttps://medium.com/@ravindu.lakmina1/how-i-discovered-a-critical-vulnerability-during-a-pentest-idor-to-privilege-escalation-937230b06e62?source=rss------bug_bounty-5Ravindu Lakminaethical-hacking, hacking, bug-bounty, penetration-testing, cybersecurity11-Jan-2024
Windows Exploitation Learning Path in TryHackMehttps://mrshan.medium.com/windows-exploitation-learning-path-in-tryhackme-8fa680daa775?source=rss------bug_bounty-5MR SHANtryhackme-writeup, cybersecurity, tryhackme-walkthrough, bug-bounty, tryhackme11-Jan-2024
How I got my first bug bountyhttps://medium.com/@b1ayn/how-i-got-my-first-bug-bounty-8772d41bccba?source=rss------bug_bounty-5B1aynbugcrowd, pentesting, hackerone, bug-bounty11-Jan-2024
How I Earned My First Bug Bounty Reward of $600https://medium.com/@zikola1/how-i-earned-my-first-bug-bounty-reward-of-600-14c268f94bbd?source=rss------bug_bounty-5Abdulrahman badawipenetration-testing, bug-bounty-writeup, bug-bounty, bug-bounty-tips, web-application-security11-Jan-2024
Skills Needed For Bug Bounty Part 2https://medium.com/@joshdesharnais1/skills-needed-for-bug-bounty-part-2-2f6897aa3390?source=rss------bug_bounty-5Joshua Desharnaisexploitation, bug-bounty-tips, bug-bounty11-Jan-2024
Hacking my college intranet (Bug Bounty)https://medium.com/@boogsta/hacking-my-college-intranet-8f77f5d8fe60?source=rss------bug_bounty-5Boogstacybersecurity, bug-bounty, hacking, cyber, bug-bounty-tips10-Jan-2024
How I Helped Indonesian Startup Company to Prevent Millions of PII Data Leakshttps://medium.com/@blackarazi/how-i-helped-indonesian-startup-company-to-prevent-millions-of-pii-data-leaks-55ef3edbd35d?source=rss------bug_bounty-5Azhari Harahapbug-bounty-writeup, pii, application-security, api-security, bug-bounty10-Jan-2024
Everything About Launching and Managing Your Bug Bounty Program (From a Former Triager)https://utkusen.medium.com/everything-about-launching-and-managing-your-bug-bounty-program-from-a-former-triager-e244105a31c6?source=rss------bug_bounty-5Utku Şencybersecurity, bug-bounty-tips, hackerone, bug-bounty10-Jan-2024
Businesses That Still Are Accepting Brute Force Vulnerabilities as Low Impact Need to Reconsiderhttps://malwarexhunt.medium.com/businesses-that-still-are-accepting-brute-force-vulnerabilities-as-low-impact-need-to-reconsider-c877f8b17ad3?source=rss------bug_bounty-5MalwareHuntertechnology, cybersecurity, bug-bounty, programming, penetration-testing10-Jan-2024
Bugs & JS :A Closer Look at JavaScript for Successful Bug Huntinghttps://anasbetis023.medium.com/bugs-js-a-closer-look-at-javascript-for-successful-bug-hunting-fddb0d796498?source=rss------bug_bounty-5Anas H Hmaidycybersecurity, bug-bounty, javascript, penetration-testing10-Jan-2024
A Beginner’s Guide to Bug Hunting: Your Passport to the World of Cybersecurityhttps://medium.com/@matsecurity/a-beginners-guide-to-bug-hunting-your-passport-to-the-world-of-cybersecurity-798cc4a1e76d?source=rss------bug_bounty-5MatSecbug-bounty, bug-bounty-tips, hackerone, cybersecurity, ethical-hacking10-Jan-2024
Daily Bug Bounty Writeupshttps://securitycipher.medium.com/daily-bug-bounty-writeups-2d754b87a546?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)hacking, technology, ai, security, bug-bounty09-Jan-2024
BYPASSING PAYMENTS IN APPLE FOR FREE TRAILS FOR LIFETIMEhttps://medium.com/@sam0-0/bypassing-payments-in-apple-for-free-trails-for-lifetime-8e3019dfe57b?source=rss------bug_bounty-5Sambug-bounty-writeup, bug-bounty, apple, apple-security09-Jan-2024
Bug Bounty prompt that can help you to find IDOR vulnerabilitieshttps://blog.gopenai.com/bug-bounty-prompt-that-can-help-you-to-find-idor-vulnerabilities-5a47fa5de44f?source=rss------bug_bounty-5aimasteridor, bug-bounty, bugbountyprompts, cybersecurity, chatgpt09-Jan-2024
Understanding Sherlock’s Smart Contract Coveragehttps://medium.com/@JohnnyTime/understanding-sherlocks-smart-contract-coverage-3eca7d9033bc?source=rss------bug_bounty-5Johnny Timesherlock, web3-security, audit-contest, bug-bounty, smart-contracts09-Jan-2024
How To Get A XSSI Bug In Bug Bounty— Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-to-get-a-xssi-bug-in-bug-bounty-bug-bounty-tuesday-7440b0caf32c?source=rss------bug_bounty-5kerstanbug-bounty, security, technology, programming, cybersecurity09-Jan-2024
Developed a Bug Bounty Calculatorhttps://medium.com/@chander.romesh/developed-a-bug-bounty-calculator-b8370e04b15a?source=rss------bug_bounty-5Romesh chanderinformation-security, infosec, pentesting, hacking, bug-bounty09-Jan-2024
Recon Nedir ve Kullanılan Araçlarhttps://medium.com/@eren.klai2/recon-nedir-ve-kullan%C4%B1lan-ara%C3%A7lar-bac6b28479e4?source=rss------bug_bounty-5ErenCataksubdomain, pentesting, subdomains-enumeration, bug-bounty, recon09-Jan-2024
Subdomain Bruteforce Toolhttps://0xshaheen.medium.com/subdomain-bruteforce-tool-9dd3cd673df6?source=rss------bug_bounty-5Shaheen Sikdersubdomains-enumeration, subdomain, bug-bounty, subdomain-bruteforce09-Jan-2024
Get All your Clickjacking Vulnerability Triaged with this Exploitation!https://medium.com/@Ajakcybersecurity/get-all-your-clickjacking-vulnerability-triaged-with-this-exploitation-95de8291e285?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, bug-bounty, cybersecurity, blog, clickjacking09-Jan-2024
A Straight 5-hour Escalation! Exploiting Boolean-Based SQL Injection.https://medium.com/@Ajakcybersecurity/a-straight-5-hour-escalation-exploiting-boolean-based-sql-injection-5d828fd3dacf?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, bug-bounty, cybersecurity, red-team, sql09-Jan-2024
How to Write A Bug Bounty Report Like a Pro!https://medium.com/@Ajakcybersecurity/how-to-write-a-bug-bounty-report-like-a-pro-a703034d095f?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, ethical-hacking, ethcial-hacking, hacking, cybersecurity09-Jan-2024
How To Report Bug In Indian Government Site?https://medium.com/@Ajakcybersecurity/how-to-report-bug-in-indian-government-site-3f104eb5c40b?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, bug-bounty, blog, india, cybersecurity09-Jan-2024
How To Check Whether Your Photo is Leaked In Online or Not?https://medium.com/@Ajakcybersecurity/how-to-check-whether-your-photo-is-leaked-in-online-or-not-286a9feeadbd?source=rss------bug_bounty-5AjakCybersecurityinvestigation, digital-forensics, blog, cybersecurity, bug-bounty09-Jan-2024
2.11 Lab: Password reset poisoning via middleware | 2024https://cyberw1ng.medium.com/2-11-lab-password-reset-poisoning-via-middleware-2024-862897c7fc77?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, careers, security, bug-bounty09-Jan-2024
Tricks I Do To Get Easy HOF and Bounty!https://medium.com/@Ajakcybersecurity/tricks-i-do-to-get-easy-hof-and-bounty-99d6158eb53e?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, penetration-testing, blog, cybersecurity, bug-bounty09-Jan-2024
How Much Was My First Bounty?https://medium.com/@Ajakcybersecurity/how-much-was-my-first-bounty-9c02df4b1958?source=rss------bug_bounty-5AjakCybersecurityhacking, ethical-hacking, cybersecurity, penetration-testing, bug-bounty09-Jan-2024
The Art and Science Behind Password Managershttps://medium.com/@paritoshblogs/the-art-and-science-behind-password-managers-fbf5fb9c7f99?source=rss------bug_bounty-5Paritoshinformation-security, cybersecurity, password-manager, hacking, bug-bounty08-Jan-2024
Top 13 Vulnerable Web Applications and Websites for Ethical Hacking Practicehttps://bytebusterx.medium.com/top-13-vulnerable-web-applications-and-websites-for-ethical-hacking-practice-1850c6163e89?source=rss------bug_bounty-5ByteBusterXbug-bounty, hacking, cybersecurity08-Jan-2024
Rapid Scan (Web Vulnerability Scanner)https://medium.com/@psychomong/rapid-scan-web-vulnerability-scanner-d164cefc3c9a?source=rss------bug_bounty-5psychomonghacking, bug-bounty, scanner, hackerone, python08-Jan-2024
2.10 Lab: Offline password cracking | 2024https://cyberw1ng.medium.com/2-10-lab-offline-password-cracking-2024-e730fb915f73?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, security, cybersecurity, hacking08-Jan-2024
Blind boolean-based SQLi, by manipulating urlhttps://medium.com/@zatikyan.sevada/blind-boolean-based-sqli-by-manipulating-url-96e1e086378c?source=rss------bug_bounty-5Zatikyan Sevadacybersecurity, sqlmap, bug-bounty, owasp, sql-injection08-Jan-2024
HTTP PARAMTER POLLUTION [TR]https://medium.com/@eren.klai2/http-paramter-pollution-tr-700e254be60e?source=rss------bug_bounty-5ErenCatakpentesting, bug-bounty, turkey, http-parameter-pollution, parameter-tampering08-Jan-2024
2.9 Lab: Brute-forcing a stay-logged-in cookie | 2024https://cyberw1ng.medium.com/2-9-lab-brute-forcing-a-stay-logged-in-cookie-2024-065110f81d48?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, security, cybersecurity, hacking, careers07-Jan-2024
Digital Forensics Investigation Report PDF- A Court Manner.https://medium.com/@Ajakcybersecurity/digital-forensics-investigation-report-pdf-a-court-manner-daaa24c60458?source=rss------bug_bounty-5AjakCybersecuritywireshark, bug-bounty, networking, digital-forensics, blog07-Jan-2024
Top Programming Languages You Need to Know In 2024https://medium.com/@Ajakcybersecurity/top-programming-languages-you-need-to-know-in-2024-372db341015f?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, cybersecurity, python, medium, programming07-Jan-2024
XSS (Cross-Site Scripting) Reports on codechef.comhttps://medium.com/@mr_sopyan/xss-cross-site-scripting-reports-on-codechef-com-1a674f9ba9d8?source=rss------bug_bounty-5Mr_Sopyancybersecurity, xss-attack, bug-bounty, it-security07-Jan-2024
How to match IOCs against SIEM logs ?https://medium.com/@paritoshblogs/how-to-match-iocs-against-siem-logs-9d61079d16c6?source=rss------bug_bounty-5Paritoshsiem, hacking, bug-bounty, cybersecurity, ioc07-Jan-2024
Paid Subscriptions Resources which will be useful for Ethical Hacking/Bug Bounty (No Promotion)…https://medium.com/@Ajakcybersecurity/paid-subscriptions-resources-which-will-be-useful-for-ethical-hacking-bug-bounty-no-promotion-94b2aad97b18?source=rss------bug_bounty-5AjakCybersecuritymedium, udemy, ethical-hacking, bug-bounty, cybersecurity07-Jan-2024
Learn Cybersecurity By Doing Simple Projects at Homehttps://medium.com/@Ajakcybersecurity/learn-cybersecurity-by-doing-simple-projects-at-home-81fe4a512a65?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, bug-bounty, projects, ethical-hacking, hacking07-Jan-2024
Top 5 Best Laptops for Bug Bounty and Ethical Hackinghttps://medium.com/@Ajakcybersecurity/top-5-best-laptops-for-bug-bounty-and-ethical-hacking-c0ce6fe4917c?source=rss------bug_bounty-5AjakCybersecurityhacking, blog, laptop, programming, bug-bounty07-Jan-2024
Os Command Injectionhttps://medium.com/@eren.klai2/os-command-injection-536087488e87?source=rss------bug_bounty-5ErenCatakbug-bounty, pentesting, os-command-injection, operating-systems, bash-script07-Jan-2024
Top 5 Best Books for Bug Bounty Hunting- My Personal Favouriteshttps://medium.com/@Ajakcybersecurity/top-5-best-books-for-bug-bounty-hunting-my-personal-favourites-ec416ab4ea25?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, hacking, money, bug-bounty, blog06-Jan-2024
HackerOne or BugCrowd or VDP? How To Choose your Bug Bounty Program?https://medium.com/@Ajakcybersecurity/hackerone-or-bugcrowd-or-vdp-how-to-choose-your-bug-bounty-program-c4a4d202397c?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, hackerone, blog, penetration-testing, ethical-hacking06-Jan-2024
How I Cracked CEH Within 6 Months Only With Free Resources.https://medium.com/@Ajakcybersecurity/how-i-cracked-ceh-within-6-months-only-with-free-resources-c362d122ee01?source=rss------bug_bounty-5AjakCybersecurityhacking, bug-bounty, blog, ethical-hacking, certification06-Jan-2024
Bug Bounty Mistakes I Made in 2023, So that You Can Avoid in 2024https://medium.com/@Ajakcybersecurity/bug-bounty-mistakes-i-made-in-2023-so-that-you-can-avoid-in-2024-3737663807fc?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, hacking, ethical-hacking, cybersecurity, bug-bounty06-Jan-2024
Unveiling the Dangers of CWE-319: Clear Text Transmission of Sensitive Informationhttps://medium.com/@georgeppmc/unveiling-the-dangers-of-cwe-319-clear-text-transmission-of-sensitive-information-1ada2d1f4ca5?source=rss------bug_bounty-5George Torresbug-bounty06-Jan-2024
Gi7w0rm’s personal year review — 2023https://gi7w0rm.medium.com/gi7w0rms-personal-year-review-2023-f4726b46b604?source=rss------bug_bounty-5Gi7w0rmioc, bug-bounty, cybersecurity, infosec, 202306-Jan-2024
500$ Access Control Bug: Performed Restricted Actions in Developer Settings by low level user.https://medium.com/@a13h1/500-access-control-bug-performed-restricted-actions-in-developer-settings-by-low-level-user-b4ecaa6d1aa1?source=rss------bug_bounty-5Abhi Sharmaprogramming, bug-bounty, pentesting, access-control, cybersecurity06-Jan-2024
Best AI Tools For Cybersecurity in 2024https://medium.com/@paritoshblogs/best-ai-tools-for-cybersecurity-in-2024-9f9972919f1d?source=rss------bug_bounty-5Paritoshbug-bounty, hacking, networking, information-security, cybersecurity06-Jan-2024
The Art of Shodanhttps://astro0x00.medium.com/the-art-of-shodan-ee83bfa96105?source=rss------bug_bounty-5Mo2men Elmadybug-bounty, shodan, penetration-testing, cve, hacking06-Jan-2024
2.8 Lab: 2FA broken logic | 2024https://cyberw1ng.medium.com/2-8-lab-2fa-broken-logic-2024-30a843da98ca?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, careers, bug-bounty, security06-Jan-2024
The History Behind My First Bughttps://dropn0w.medium.com/the-history-behind-my-first-bug-539b913b9667?source=rss------bug_bounty-5dropbug-bounty-tips, hacking, bug-bounty, cybersecurity06-Jan-2024
The Story Behind My First Bughttps://dropn0w.medium.com/the-history-behind-my-first-bug-539b913b9667?source=rss------bug_bounty-5dropbug-bounty-tips, hacking, bug-bounty, cybersecurity06-Jan-2024
Ethical Hacking RoadMap 2024. A Complete Guide.https://medium.com/@testproxy027/ethical-hacking-roadmap-2024-a-complete-guide-74a7a09668af?source=rss------bug_bounty-5Ankit Hackercybersecurity, bug-bounty, hacking, ethical-hacking, medium05-Jan-2024
I received a Bank offer in my mailbox and discovered an IDOR vulnerability - $5,000 bounty - @bxmbnhttps://bxmbn.medium.com/i-received-a-bank-offer-in-my-mailbox-and-discovered-an-idor-vulnerability-5-000-bounty-bxmbn-5209cab1fba8?source=rss------bug_bounty-5bomboncybersecurity, idor, bug-bounty05-Jan-2024
How I Prevented a Mass Data Breach - $15,000 bounty - @bxmbnhttps://bxmbn.medium.com/how-i-prevented-a-mass-data-breach-15-000-bounty-bxmbn-1096e6400e3d?source=rss------bug_bounty-5bombonbug-bounty, data-breach, idor, cybersecurity05-Jan-2024
Cybersecurity Roadmap: 2024https://hackerassociate.medium.com/cybersecurity-roadmap-2024-ea3586fea603?source=rss------bug_bounty-5Harshad Shahinfosec, cybersecurity, penetration-testing, bug-bounty, hacking05-Jan-2024
How to Earn Money as a Digital Forensics Investigatorhttps://medium.com/@moneyiseasybro/how-to-earn-money-as-a-digital-forensics-investigator-dae9723ebb10?source=rss------bug_bounty-5How to Earnethical-hacking, cybersecurity, finance, money, bug-bounty05-Jan-2024
How Celebrities Social media accounts get hacked in real time?https://medium.com/@Ajakcybersecurity/how-celebrities-social-media-accounts-get-hacked-in-real-time-4ccb37ac0763?source=rss------bug_bounty-5AjakCybersecurityphishing, ethical-hacking, cybersecurity, digital-forensics, bug-bounty05-Jan-2024
How to Become a Successful Bug Bounty Hunter in 2024?https://medium.com/@Ajakcybersecurity/how-to-become-a-successful-bug-bounty-hunter-in-2024-3171b782b585?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, ethical-hacking, blog, cybersecurity, hacking05-Jan-2024
Listed in Top 15 Researchers in NCIIPC Indiahttps://devanshchauhan4565.medium.com/listed-in-top-15-researchers-in-nciipc-india-4143da2d75e9?source=rss------bug_bounty-5Devansh chauhantop-10, bug-bounty, internet, vulnerability, india05-Jan-2024
Privilege Escalation Using SCIM Provisioninghttps://ronak-9889.medium.com/privilege-escalation-using-scim-provisioning-ca61ed9606bd?source=rss------bug_bounty-5Ronak Patelbug-bounty, information-security, privilege-escalation, access-control, cybersecurity05-Jan-2024
Website Hacking, Penetration Testing & Bug Bounty Hunting Resources full coursehttps://thehackertools9.medium.com/website-hacking-penetration-testing-bug-bounty-hunting-resources-full-course-0010c0603bd9?source=rss------bug_bounty-5TheHackerLifebug-bounty-tips, bug-bounty, website-hacking, hacking-tools, ethical-hacking-tools05-Jan-2024
2.7 Lab: Username enumeration via account lock | 2024https://cyberw1ng.medium.com/2-7-lab-username-enumeration-via-account-lock-2024-9ae1d7eef4a6?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, hacking, bug-bounty, cybersecurity, careers05-Jan-2024
My first bugs in 2024https://medium.com/@el-cezeri/my-first-bugs-in-2024-82ea4e9de718?source=rss------bug_bounty-5Samet Yiğitödülavcılığı, bug-bounty, bug-bounty-tips05-Jan-2024
Vulnerable WordPress December 2023 (Shahriar)https://medium.com/@onhexgroup/vulnerable-wordpress-december-2023-shahriar-16277c1cd3b8?source=rss------bug_bounty-5Onhexgroupwordpress-security, wordpress-plugins, infosec, bug-bounty, wordpress05-Jan-2024
Exploring “Jok3r”: A Powerful Network/Host Reconnaissance and Enumeration Tool.https://sh1vv1.medium.com/exploring-jok3r-a-powerful-network-host-reconnaissance-and-enumeration-tool-43b524c580f0?source=rss------bug_bounty-5Hesham Ahmedtips-and-tricks, tools, penetration-testing, bug-bounty, bug-hunting05-Jan-2024
Web Security Academy — API Security Testing Walkthroughhttps://iaraoz.medium.com/web-security-academy-api-security-testing-walkthrough-11019ed93eae?source=rss------bug_bounty-5Israel Aráoz Severicheapi, bug-bounty, web, hacking, portswigger-lab05-Jan-2024
9 Subtle Tricks To Make Your Cybersecurity Skills Much Betterhttps://medium.com/@paritoshblogs/9-subtle-tricks-to-make-your-cybersecurity-skills-much-better-4f7e48b3fd57?source=rss------bug_bounty-5Paritoshbug-bounty, ai, cybersecurity, programming, hacking04-Jan-2024
Exploring Application Security with SAST, DAST, SCA, and IASThttps://securitycipher.medium.com/exploring-application-security-with-sast-dast-sca-and-iast-95b27043d9fd?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)security, bug-bounty, hacking, technology, cybersecurity04-Jan-2024
How do i bypass waf for xss in input tag?https://medium.com/@lyltvip/how-do-i-bypass-waf-for-xss-in-input-tag-2adcdc1b7e25?source=rss------bug_bounty-5lanyibug-bounty-tips, hacking, xss-vulnerability, xss-attack, bug-bounty04-Jan-2024
CORS Crossfire: An iCSI CTFhttps://medium.com/@josh.beck2006/cors-crossfire-an-icsi-ctf-35a73f700207?source=rss------bug_bounty-5Josh Beckcybersecurity, penetration-testing, ctf-writeup, bug-bounty04-Jan-2024
2.6 Lab: Broken brute-force protection, IP block | 2024https://cyberw1ng.medium.com/2-6-lab-broken-brute-force-protection-ip-block-2024-8057a53b999a?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, bug-bounty, careers, cybersecurity, hacking04-Jan-2024
Account Takeover? $4 and a click, please.https://swehtpantz.medium.com/account-takeover-4-and-a-click-please-454c035aa3b6?source=rss------bug_bounty-5Swehtpantzhacking, pentesting, ethical-hacking, bug-bounty, bug-bounty-tips04-Jan-2024
Bug Bountyhttps://medium.com/@montymahapatra79/bug-bounty-02310f6d39f9?source=rss------bug_bounty-5Montymahapatrabug-bounty-tips, bug-bounty-hunter, bug-bounty04-Jan-2024
Ethical Hacking RoadMap 2024. A Complete Guide.https://ajaksecurities.medium.com/ethical-hacking-roadmap-2024-a-complete-guide-23b23262b1b8?source=rss------bug_bounty-5Ajak Cyber Securityethical-hacking, hacking, bug-bounty, medium, cybersecurity04-Jan-2024
How to Become a Successful Bug Bounty Hunter in 2024?https://ajaksecurities.medium.com/how-to-become-a-successful-bug-bounty-hunter-in-2024-106f576b03e2?source=rss------bug_bounty-5Ajak Cyber Securityethical-hacking, hacking, bug-bounty, cybersecurity, medium04-Jan-2024
Essential Gadgets for Bug Bounty Hunters: Enhancing Your Cybersecurity Arsenalhttps://securitylit.medium.com/essential-gadgets-for-bug-bounty-hunters-enhancing-your-cybersecurity-arsenal-40173ec2945f?source=rss------bug_bounty-5Security Lit Limitedgadgets, cybersecurity, bug-bounty, vulnerability04-Jan-2024
OpenBounty, phương pháp tiếp cận mới của Shentu trong Hệ sinh thái bảo mậthttps://shentuchain.medium.com/openbounty-ph%C6%B0%C6%A1ng-ph%C3%A1p-ti%E1%BA%BFp-c%E1%BA%ADn-m%E1%BB%9Bi-c%E1%BB%A7a-shentu-trong-h%E1%BB%87-sinh-th%C3%A1i-b%E1%BA%A3o-m%E1%BA%ADt-bc52f8fd13ff?source=rss------bug_bounty-5Shentu Chainbug-bounty, bounty-program, web3, bounty-hunter, cybersecurity03-Jan-2024
GooFuzz: A Fuzzing Tool with an OSINT Approachhttps://medium.com/@cuncis/goofuzz-a-fuzzing-tool-with-an-osint-approach-306fe481824f?source=rss------bug_bounty-5Cuncisbug-bounty, penetration-test, google-dork, penetration-testing, osint03-Jan-2024
How to Correctly setup Android Penetration Testing on a MacBookhttps://infosecwriteups.com/how-to-correctly-setup-android-penetration-testing-on-a-macbook-659f244f84c8?source=rss------bug_bounty-5Supun Halangoda (Suppa)bug-bounty, penetration-testing, mobile-penetration-test, macbook-pro, android-pentesting03-Jan-2024
LoveTok | HackTheBox web challenge Writeuphttps://gxbnt.medium.com/lovetok-hackthebox-web-challenge-writeup-e3b99967c3b7?source=rss------bug_bounty-5Bishal - #GxbNthackthebox-writeup, oscp, web, offensive-security, bug-bounty03-Jan-2024
A Guide on Crafting Robust Invariants with Echidnahttps://medium.com/coinmonks/a-guide-on-crafting-robust-invariants-with-echidna-fc980d8e2c0c?source=rss------bug_bounty-5Chirag Agrawalbug-bounty, smart-contracts, cybersecurity, cryptocurrency, security03-Jan-2024
Found reflected xss on a real targethttps://medium.com/@jeetpal2007/found-reflected-xss-on-a-real-target-30b80b2f53e4?source=rss------bug_bounty-5JEETPALrxss, xs, bugs, bug-bounty03-Jan-2024
My Bug Bounty Write Ups (Part-1)https://karthikeyamade.medium.com/my-bug-bounty-write-ups-part-1-63ed3e788873?source=rss------bug_bounty-5Karthikeya Saibug-bounty-tips, bug-bounty03-Jan-2024
My First Bug Bounty: Lessons Learned and Money Earnedhttps://medium.com/@georgeppmc/my-first-bug-bounty-lessons-learned-and-money-earned-d6fc31744621?source=rss------bug_bounty-5George Torresbug-bounty-tips, bug-hunting, bug-bounty-writeup, bug-bounty, hackerone03-Jan-2024
Comparing CVE & CWE : Understanding Security Vulnerabilitieshttps://medium.com/@zouhairelgarouni/comparing-cve-cwe-understanding-security-vulnerabilities-84442ab1e0e7?source=rss------bug_bounty-5ZOUHAIR EL GAROUNIvulnerability, vulnerability-management, cyber-security-awareness, cybersecurity, bug-bounty03-Jan-2024
you need to learn linux RIGHT NOW!!https://medium.com/@paritoshblogs/you-need-to-learn-linux-right-now-7239f4dcc1c6?source=rss------bug_bounty-5Paritoshhacking, cybersecurity, linux, programming, bug-bounty02-Jan-2024
Bug Bounty Hunting | Reconnaissance | Subdomain Enumerationhttps://me-ankeet.medium.com/bug-bounty-hunting-reconnaissance-subdomain-enumeration-854d880c3406?source=rss------bug_bounty-5Ankeetbug-bounty, hacking, information-security, cybersecurity, bug-bounty-tips02-Jan-2024
How .git folder can be exploited to access sensitive datahttps://satyasai1460.medium.com/how-git-folder-can-be-exploited-to-access-sensitive-data-eb805c38fd6c?source=rss------bug_bounty-5Bala Naga Satya sai Devarapalliinformation-technology, cybersecurity, bug-bounty, bugs, bug-bounty-tips02-Jan-2024
From P5 to Payday $$$: Escalating Reflected XSS to Account Takeoverhttps://hasanka-amarasinghe.medium.com/from-p5-to-payday-escalating-reflected-xss-to-account-takeover-bc25a171a3d5?source=rss------bug_bounty-5Hasanka Amarasinghexss-attack, bug-bounty, cross-site-scripting, account-takeover, cybersecurity02-Jan-2024
Account Takeover on International Exchange — Bug Bounty Tuesdayhttps://medium.com/@kerstan/account-takeover-on-international-exchange-bug-bounty-tuesday-cf41a54bc4b7?source=rss------bug_bounty-5kerstancybersecurity, bug-bounty, technology, programming02-Jan-2024
The Lexer Markets security review storyhttps://medium.com/@mweiss.eth/the-lexer-markets-security-review-story-a812539d62db?source=rss------bug_bounty-50xWeisssecurity, audit, bug-bounty, smart-contracts02-Jan-2024
DOM XSS in document.write sink using source location.search inside a select elementhttps://medium.com/@marduk.i.am/dom-xss-in-document-write-sink-using-source-location-search-inside-a-select-element-0c47fc033bcf?source=rss------bug_bounty-5Marduk I Amportswigger-lab, dom-xss, cross-site-scripting, cybersecurity, bug-bounty02-Jan-2024
2.4 Lab: Username enumeration via subtly different responses | 2024https://cyberw1ng.medium.com/2-4-lab-username-enumeration-via-subtly-different-responses-2024-eb37130d41a8?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, hacking, cybersecurity, security02-Jan-2024
Stealing private messages using XSS on subdomainhttps://medium.com/@shcyber/stealing-private-messages-using-xss-on-subdomain-97f0304b132f?source=rss------bug_bounty-5SHCyberwebsocket, csrf, bug-bounty, xss-attack, hacking02-Jan-2024
From Disclosure to High Severity: Leveraging Dyte API Key for Maximum Impacthttps://padsalatushal.medium.com/from-disclosure-to-high-severity-leveraging-dyte-api-key-for-maximum-impact-468c444963c6?source=rss------bug_bounty-5Padsala Tushalapi-security, cybersecurity, bug-bounty-tips, infosec, bug-bounty02-Jan-2024
SQL Injection (SQLi): WWWWWH?https://medium.com/@rcxsecurity/sql-injection-sqli-wwwwwh-d847972b3e45?source=rss------bug_bounty-5RCXSecuritysql-injection, bug-bounty, information-security, penetration-testing, cybersecurity01-Jan-2024
How Do I Get Root Access on a Linux Serverhttps://systemweakness.com/how-do-i-get-root-access-on-a-linux-server-874d29015305?source=rss------bug_bounty-5RyuuKhagetsubug-bounty, infosec, web-application-security, pentesting, bug-bounty-writeup01-Jan-2024
Understanding the MITRE ATT&CK Framework: A Comprehensive Overviewhttps://medium.com/@paritoshblogs/understanding-the-mitre-att-ck-framework-a-comprehensive-overview-c1499d195da0?source=rss------bug_bounty-5Paritoshmitre-attack, ai, hacking, bug-bounty, cybersecurity01-Jan-2024
Reflected XSS into a JavaScript string with angle brackets HTML encodedhttps://medium.com/@marduk.i.am/reflected-xss-into-a-javascript-string-with-angle-brackets-html-encoded-c9e2ed86f489?source=rss------bug_bounty-5Marduk I Ambug-bounty, reflected-xss, portswigger-lab, cross-site-scripting, cybersecurity01-Jan-2024
Automating GitHub Recon for Sensitive Information Discoveryhttps://medium.com/@paxnull/automating-github-recon-for-sensitive-information-discovery-c96b677857cf?source=rss------bug_bounty-5paxnullbug-bounty, bug-bounty-writeup, automation-tools, reconnaissance, bug-bounty-tips01-Jan-2024
The power of Client-Side Path Traversal: How I found and escalated 2 bugs through “../”https://medium.com/@Nightbloodz/the-power-of-client-side-path-traversal-how-i-found-and-escalated-2-bugs-through-670338afc90f?source=rss------bug_bounty-5Alvaro Baladabug-bounty-tips, info-sec-writeups, bug-bounty-writeup, cybersecurity, bug-bounty01-Jan-2024
1.18 Lab: SQL injection attack, listing the database contents on Oracle | 2024https://cyberw1ng.medium.com/1-18-lab-sql-injection-attack-listing-the-database-contents-on-oracle-2024-cec2a796740f?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, security, bug-bounty, careers, hacking01-Jan-2024
Another 4 Digit Bounty Story on Hackeronehttps://medium.com/@jai.lani9001/another-4-digit-bounty-story-on-hackerone-58dba8c19818?source=rss------bug_bounty-5Jai Lanibug-bounty01-Jan-2024
CVE-2023–34635: UNIBOX 3.0/3.1 SQL Injection login bypasshttps://medium.com/@davidkarpinski1/cve-2023-34635-unibox-3-0-3-1-sql-injection-login-bypass-fc33004e70c0?source=rss------bug_bounty-5David Eduardo Karpinskibug-bounty, sql-login, unibox, sqli, login-bypass01-Jan-2024
Exploring the Depths: DNS Wildcard and Subdomain Takhttps://alvinbijo.medium.com/exploring-the-depths-dns-wildcard-and-subdomain-tak-6deed7aebcb1?source=rss------bug_bounty-5Alvin bijobug-bounty, bugbounty-writeup01-Jan-2024
Bug Zero at a Glance [01–15 December]https://blog.bugzero.io/bug-zero-at-a-glance-01-15-december-cdb358653f8e?source=rss------bug_bounty-5Januka Dharmapriyacybersecurity, sri-lanka, bug-bounty, bug-zero, newsletter31-Dec-2023
Uncovering LFI Attack ‍https://medium.com/@cyberkarthi/uncovering-ssrf-attack-12064069205f?source=rss------bug_bounty-5Karthikeyan Cethical-hacking, pentesting, bug-bounty, bugbounty-writeup31-Dec-2023
I hate Hackerone / X Website Vulnerability — Bug Bounty Hunterhttps://medium.com/@batuhanaydinn/i-hate-hackerone-x-website-vulnerability-bug-bounty-hunter-3e43a7e0bc80?source=rss------bug_bounty-5Batuhan Aydınhacking, hackerone, bug-bounty, penetration-testing, hacker31-Dec-2023
1.17 Lab: SQL injection attack, listing the database contents on non-Oracle databases | 2023https://systemweakness.com/1-17-lab-sql-injection-attack-listing-the-database-contents-on-non-oracle-databases-2023-2026162bf6ef?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, hacking, security, careers31-Dec-2023
DNS-Related Attacks and Exampleshttps://medium.com/@paritoshblogs/dns-related-attacks-and-examples-fee4da0cc2d6?source=rss------bug_bounty-5Paritoshdns, cybersecurity, bug-bounty, hacking, programming31-Dec-2023
How I hacked India’s top company database.https://medium.com/@sritharcyber/how-i-hacked-indias-top-company-database-d66b9fc49cb0?source=rss------bug_bounty-5Srithar Cybersqli, pentest, recent, hacked, bug-bounty31-Dec-2023
Simple Subdomain Takeoverhttps://infosecwriteups.com/simple-subdomain-takeover-15129e19bbb4?source=rss------bug_bounty-5hackerdevilvulnerability-assessment, bug-bounty, bug-bounty-writeup, bug-bounty-tips, web-app-security31-Dec-2023
Master Subdomain HUNTING | Art of finding Hidden Assetshttps://yashh2.medium.com/master-subdomain-hunting-art-of-finding-hidden-assets-3351b3c8467a?source=rss------bug_bounty-5ʏᴀꜱʜʜcybersecurity, infosec, bug-bounty, bug-bounty-tips, hacking30-Dec-2023
Woowow Bug Bounty Campaignhttps://medium.com/@woowow/woowow-bug-bounty-campaign-569e7b7868f3?source=rss------bug_bounty-5Woowowqitmeerecosystem, bounty-campaign, marketplaces, woowow, bug-bounty30-Dec-2023
How i Hacked My First Target using GooGle Dorkinghttps://mrunknown124154.medium.com/how-i-hacked-my-first-target-using-google-dorking-43cb999ad8db?source=rss------bug_bounty-5Mr Abdullahsql-injection, google-dorking, bug-bounty, hacking, sql-injection-attack30-Dec-2023
417$ Simple IDOR: Unauthorized Contact Details Modificationhttps://medium.com/@a13h1/417-simple-idor-unauthorized-contact-details-modification-92e8211439e4?source=rss------bug_bounty-5Abhi Sharmaprogramming, cybersecurity, hacking, bug-bounty, idor30-Dec-2023
Sudomain Takeover via Shopify(Easy Bounty $$$$)https://medium.com/@paxnull/sudomain-takeover-via-shopify-easy-bounty-300f839aa15d?source=rss------bug_bounty-5paxnullbug-bounty, tips, bug-bounty-tips, subdomain-takeover, bug-bounty-writeup30-Dec-2023
XSS deep dive P1 (theory)(publish early,please waiting for 2 days to read)https://medium.com/@nguhuynh.148/xss-deep-dive-p1-theory-637af86f335d?source=rss------bug_bounty-5Nguhuynhxss-vulnerability, xss-attack, xss-bypass, bug-bounty30-Dec-2023
Stored XSS into anchor href attribute with double quotes HTML-encodedhttps://medium.com/@marduk.i.am/stored-xss-into-anchor-href-attribute-with-double-quotes-html-encoded-1f88ba0b990f?source=rss------bug_bounty-5Marduk I Amstored-xss, bug-bounty, cybersecurity, cross-site-scripting, portswigger-lab30-Dec-2023
1.16 Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft |…https://cyberw1ng.medium.com/1-16-lab-sql-injection-attack-querying-the-database-type-and-version-on-mysql-and-microsoft-5f2785ebb06f?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, cybersecurity, bug-bounty, hacking, careers30-Dec-2023
HTTPX Troubleshooting Issuehttps://infosecwriteups.com/httpx-troubleshooting-issue-38b61549126b?source=rss------bug_bounty-5Jarred Longoriabug-bounty, linux, troubleshooting, help, httpx30-Dec-2023
From Google Dorking to Unauthorized AWS Account Access and Account Takeoverhttps://medium.com/@ar_hawk/from-google-dorking-to-unauthorized-aws-account-access-and-account-takeover-89eb2b9d284f?source=rss------bug_bounty-5Aayush Vishnoissrf, bug-bounty-tips, bug-bounty30-Dec-2023
Reflected XSS into attribute with angle brackets HTML-encodedhttps://medium.com/@marduk.i.am/reflected-xss-into-attribute-with-angle-brackets-html-encoded-986d943b3fd2?source=rss------bug_bounty-5Marduk I Amportswigger-lab, cybersecurity, bug-bounty, cross-site-scripting, xss-vulnerability29-Dec-2023
Beyond Search Queries: Bug Bounty Hunting with Dorkzhttps://medium.com/@paxnull/beyond-search-queries-bug-bounty-hunting-with-dorkz-850cfa8c3ddc?source=rss------bug_bounty-5paxnulltips, dorking, recon, bug-bounty-tips, bug-bounty29-Dec-2023
Behind the Firewall: My First Valid Bug — Exposing Security Flaw in a multi-dollar Financial and…https://medium.com/@MohaseenK/behind-the-firewall-my-first-valid-bug-exposing-security-flaw-in-a-multi-dollar-financial-and-ff56e7bc4589?source=rss------bug_bounty-5Mohaseenpentesting, bug-bounty, rate-limiting, hackerone, bugcrowd29-Dec-2023
How to find unprotected databases with Netlas.io?https://netlas.medium.com/how-to-find-unprotected-databases-with-netlas-io-2bf186e9fc2d?source=rss------bug_bounty-5Netlas.ioosint, penetration-testing, bug-bounty, osint-investigation, cybersecurity29-Dec-2023
1.15 Lab: SQL injection attack, querying the database type and version on Oracle | 2023https://cyberw1ng.medium.com/1-15-lab-sql-injection-attack-querying-the-database-type-and-version-on-oracle-2023-cd4118eb604d?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, bug-bounty, careers, hacking, cybersecurity29-Dec-2023
KisMAC is a free, open source wireless stumbling and security tool for Mac OS Xhttps://medium.com/@dineshpathro593/kismac-is-a-free-open-source-wireless-stumbling-and-security-tool-for-mac-os-x-03746fdea831?source=rss------bug_bounty-5Dineshpathrobugs, bug-bounty, bug-bounty-tips, hacking, hackin29-Dec-2023
OTP-Bot Tool CLICK HEREhttps://medium.com/@dineshpathro593/otp-bot-tool-click-here-7f3ee559ca21?source=rss------bug_bounty-5Dineshpathrobug-bounty-tips, hacking-tools, bug-bounty, hacking, bugs29-Dec-2023
Recon Tools For Web Applicationhttps://medium.com/@dineshpathro593/recon-tools-for-web-application-714af64e7d07?source=rss------bug_bounty-5Dineshpathrohacking, hacker, bug-bounty, bug-bounty-tips, hackathons29-Dec-2023
200 Materials of CyberSecurity in PDFshttps://medium.com/@dineshpathro593/200-materials-of-cybersecurity-in-pdfs-e7a942123be5?source=rss------bug_bounty-5Dineshpathrocybersecurity, hackathons, bug-bounty, hacking, bug-bounty-tips29-Dec-2023
Bug Bounty: The road to my first $1000 through hacking public websiteshttps://swehtpantz.medium.com/bug-bounty-the-road-to-my-first-1000-through-hacking-public-websites-a0e2aa1b7271?source=rss------bug_bounty-5Swehtpantzethical-hacking, bug-bounty, bug-bounty-tips, hacking, bugbounty-writeup28-Dec-2023
HackTheBox(HTB) Writeup — Nodehttps://medium.com/@harman.preet.singh3738/hackthebox-htb-writeup-node-5600a442e393?source=rss------bug_bounty-5Harmanpreet Singhpenetration-testing, bug-bounty, tryhackme, ethical-hacking, hackthebox28-Dec-2023
️ Protect Yourself: The Power of OPSEChttps://medium.com/@teckgamer07/%EF%B8%8F-protect-yourself-the-power-of-opsec-17a7ec256427?source=rss------bug_bounty-5Macmelterbugsbounty, hacking, bug-bounty, cybersecurity28-Dec-2023
Multiple RXSShttps://medium.com/@0xchoudhary/multiple-rxss-f3f796287f34?source=rss------bug_bounty-5Sushil Choudharybounty-hunter, xss-attack, bug-bounty-tips, bug-bounty, hackerone28-Dec-2023
Stored XSS via File upload(using svg file)https://medium.com/@paxnull/stored-xss-via-file-upload-using-svg-file-c1e2a33ed8a8?source=rss------bug_bounty-5paxnullbug-bounty, tips, bugbounty-tips, xss-vulnerability, hacking28-Dec-2023
Authorization problemhttps://medium.com/@nguhuynh.148/authorization-problem-2bb053c215cd?source=rss------bug_bounty-5Nguhuynhbroken-access-control, hacking, bug-bounty, hacks, bug-bounty-tips28-Dec-2023
CVE-2023–51356: ARMember <= 4.0.10 — Authenticated Privilege Escalationhttps://revan-ar.medium.com/cve-2023-51356-armember-4-0-10-authenticated-privilege-escalation-7e0c7fbe5a79?source=rss------bug_bounty-5Revan Abug-bounty, privilege-escalation, wordpress-plugins, penetration-testing28-Dec-2023
1.14 Lab: SQL injection with filter bypass via XML encoding | 2023https://cyberw1ng.medium.com/1-14-lab-sql-injection-with-filter-bypass-via-xml-encoding-2023-9794dc7bf9f4?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, bug-bounty, penetration-testing, hacking28-Dec-2023
How I made 7K on Epic Games Bug Bountyhttps://medium.com/@synapticspace/how-i-made-7k-on-epic-games-bug-bounty-8529728b9fcf?source=rss------bug_bounty-5SynapticSpacebug-bounty-writeup, hacking, bug-bounty, bug-bounty-tips28-Dec-2023
How I made 7K on Epic Games Bug Bountyhttps://infosecwriteups.com/how-i-made-7k-on-epic-games-bug-bounty-8529728b9fcf?source=rss------bug_bounty-5SynapticSpacebug-bounty-writeup, hacking, bug-bounty, bug-bounty-tips28-Dec-2023
DOM XSS in jQuery selector sink using a hashchange eventhttps://medium.com/@marduk.i.am/dom-xss-in-jquery-selector-sink-using-a-hashchange-event-bb3c355b3633?source=rss------bug_bounty-5Marduk I Amportswigger-lab, bug-bounty, dom-xss, cybersecurity, cross-site-scripting27-Dec-2023
Amass: New Config File Updatehttps://hackerassociate.medium.com/amass-new-config-file-update-e95d09b6eb70?source=rss------bug_bounty-5Harshad Shahpenetration-testing, cybersecurity, infosec, hacking, bug-bounty27-Dec-2023
DOM XSS on Hackerone Programs — Bug Bounty Tuesdayhttps://medium.com/@kerstan/dom-xss-on-hackerone-programs-bug-bounty-tuesday-8973ecf6af95?source=rss------bug_bounty-5kerstanxss-attack, security, cybersecurity, technology, bug-bounty27-Dec-2023
1.13 Lab: Blind SQL injection with out-of-band data exfiltration | 2023https://cyberw1ng.medium.com/1-13-lab-blind-sql-injection-with-out-of-band-data-exfiltration-2023-f83a1448b685?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, cybersecurity, hacking, careers27-Dec-2023
“Crucial Bug Bounty Hacks: Habits with Enduring Benefits”https://medium.com/@paxnull/secrets-of-the-hunter-pro-tips-for-effective-bug-bounty-hunting-1a261df4444d?source=rss------bug_bounty-5paxnulltips, learning, programming, bugbounty-tips, bug-bounty27-Dec-2023
Inside the Digital Vault: How I Unearthed PII Goldmine — Exposing 15K GST Users’ Information in a…https://medium.com/@MohaseenK/inside-the-digital-vault-how-i-unearthed-pii-goldmine-exposing-15k-gst-users-information-in-a-38c3105889ea?source=rss------bug_bounty-5Mohaseenbug-bounty, hackerone, bugcrowd, information-disclosure, indian-government27-Dec-2023
How Does DNS Work and What is DNS Poisoning?https://medium.com/@bcanote/how-does-dns-work-and-what-is-dns-poisoning-4c187fb3f2b0?source=rss------bug_bounty-5bcanotecybersecurity, hacking, dns, dns-poisoning, bug-bounty27-Dec-2023
URL Redirection To DOM XSS on Hackerone Programs -Bug Bounty Tuesdayhttps://medium.com/@kerstan/dom-xss-on-hackerone-programs-bug-bounty-tuesday-8973ecf6af95?source=rss------bug_bounty-5kerstanxss-attack, security, cybersecurity, technology, bug-bounty27-Dec-2023
Mastering Bug Bounty: Your Ultimate Guide to Cybersecurity Successhttps://medium.com/@umidcyber.s/mastering-bug-bounty-your-ultimate-guide-to-cybersecurity-success-82dc9b30fc02?source=rss------bug_bounty-5Umid Mammadovbug-bounty-tips, tools, bug-bounty, information-technology, bugs26-Dec-2023
Deep Dive Into XSShttps://medium.com/@kavish2002ev3/deep-dive-into-xss-8420ddccc73b?source=rss------bug_bounty-5kavish shahxss-vulnerability, web-application-security, bug-bounty26-Dec-2023
The Tale Of Insecure Deserialization: A Journey From Serialization To Exploitationhttps://medium.com/@kavish2002ev3/the-tale-of-insecure-deserialization-a-journey-from-serialization-to-exploitation-47400a4c9093?source=rss------bug_bounty-5kavish shahctf-writeup, web-application-security, insecure-deserialization, bug-bounty26-Dec-2023
Portswigger Labs — CSRFhttps://medium.com/@rynnnn617/portswigger-labs-csrf-10b496d6580c?source=rss------bug_bounty-5Ry4nnnnbug-bounty, portswigger-lab, csrf, burpsuite26-Dec-2023
1.12 Lab: Blind SQL injection with out-of-band interaction | 2023https://infosecwriteups.com/1-12-lab-blind-sql-injection-with-out-of-band-interaction-2023-db12e3b10118?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, cybersecurity, hacking26-Dec-2023
Navigating Tree-Sitter Queries with jsluice for JavaScript File Analysishttps://lopseg.medium.com/navigating-tree-sitter-queries-with-jsluice-for-javascript-file-analysis-061b7cb4ea9d?source=rss------bug_bounty-5Lopsegbug-bounty-tips, bug-bounty, cybersecurity, bug-bounty-writeup, javascript26-Dec-2023
Portswigger Labs — CSRFhttps://medium.com/@ry4nnnn/portswigger-labs-csrf-10b496d6580c?source=rss------bug_bounty-5Ry4nnnnbug-bounty, portswigger-lab, csrf, burpsuite26-Dec-2023
Account takeover vulnerability that resulted in $2500 bounty!https://medium.com/@deadoverflow/account-takeover-vulnerability-that-resulted-in-2500-bounty-e1618363878d?source=rss------bug_bounty-5Imad Husanovicbug-bounty, hacking, bug-bounty-tips, cybersecurity, bug-hunting25-Dec-2023
Content Spoofing & Parameter Injectionhttps://codingninjablogs.tech/content-spoofing-parameter-injection-0861bfd146d4?source=rss------bug_bounty-5#!/Subhankarinjection-attacks, web-pen-testing, bug-bounty, spoofing25-Dec-2023
Top 3 Password Cracking Toolshttps://medium.com/@UsmanAtif/top-3-password-cracking-tools-18801fbdcdae?source=rss------bug_bounty-5Muhammad Usman Atifhacking, cybersecurity, passwords, bug-bounty, penetration-testing25-Dec-2023
Hackers Target Bug Bounty Hunters with Blackmail Emailshttps://rishikadesai.medium.com/hackers-target-bug-bounty-hunters-with-blackmail-emails-421cf57fe4a7?source=rss------bug_bounty-5Rishika Desaithreat-intelligence, threat-research, bug-bounty, cyber-security-awareness, cybersecurity25-Dec-2023
What is LFI (Local File Inclusion) Vulnerability ?https://medium.com/@errorfiathck/what-is-lfi-local-file-inclusion-vulnerability-c9372e25e389?source=rss------bug_bounty-5Errorfiathckpentesting, lfi, vulnerability, bug-bounty, pentest25-Dec-2023
Legacy of EternalBluehttps://medium.com/@akshadjoshi/legacy-of-eternalblue-de4d643e8f36?source=rss------bug_bounty-5Akshad Joshieternalblue, hackthebox, pentesting, bug-bounty, hacking24-Dec-2023
Hackeando GraphQL: Introducciónhttps://medium.com/@soyelmago/hackeando-graphql-introducci%C3%B3n-1537af763d0c?source=rss------bug_bounty-5Alan Brian @soyelmagographql, bug-bounty, information-security, pentesting, hacking24-Dec-2023
Ceklis Web Pentesting Untuk Pemula — Registration Feature Testinghttps://riodrwn.medium.com/ceklis-web-pentesting-untuk-pemula-registration-feature-testing-aceb545b587c?source=rss------bug_bounty-5Rio Darmawanbug-bounty-writeup, bug-bounty, pentesting, bugbounty-writeup, web-penetration-testing23-Dec-2023
The Crucial Role of Threat Intelligence Sharing in Cybersecurityhttps://medium.com/@paritoshblogs/the-crucial-role-of-threat-intelligence-sharing-in-cybersecurity-cd4be0b53a86?source=rss------bug_bounty-5Paritoshprogramming, hacking, threat-intelligence, cybersecurity, bug-bounty23-Dec-2023
The Evolving Role of a SOC Analysthttps://medium.com/@paritoshblogs/the-evolving-role-of-a-soc-analyst-c82e3e515558?source=rss------bug_bounty-5Paritoshinformation-security, cybersecurity, hacking, bug-bounty, soc-analyst23-Dec-2023
Out-of-Scope, Not Out-of-Impact: Unveiling Significant Sensitive Information Disclosurehttps://padsalatushal.medium.com/out-of-scope-not-out-of-impact-unveiling-significant-sensitive-information-disclosure-c8e76c1806e8?source=rss------bug_bounty-5Padsala Tushalcybersecurity, bug-bounty, bug-bounty-tips, infosec, information-disclosure23-Dec-2023
Hack Story: Unveiling Security Flaws in a Government Portalhttps://medium.com/@sahadmk/hack-story-unveiling-security-flaws-in-a-government-portal-995217f877c3?source=rss------bug_bounty-5Sahad Mkbug-bounty, javascript, pentesting, vulnerability, hacking23-Dec-2023
The ART of Chaining Vulnerabilitieshttps://ahmdhalabi.medium.com/the-art-of-chaining-vulnerabilities-e65382b7c627?source=rss------bug_bounty-5Ahmad Halabiethical-hacking, hacking, intelligence, hacker, bug-bounty23-Dec-2023
Hacking Communityhttps://medium.com/@mrunknown124154/hacking-community-ab774827006d?source=rss------bug_bounty-5Mrunknownbug-bounty, ethical-hacking, hacking23-Dec-2023
DoS’ing Zsecurityhttps://medium.com/@24bkdoor/dosing-zsecurity-a4cb99396935?source=rss------bug_bounty-524BkDoorbug-bounty, ethical-hacking, hacking, web-development, cybersecurity22-Dec-2023
Securing the Future: Enhancing the Safety of Compound Protocolhttps://medium.com/@topcrypto00/securing-the-future-enhancing-the-safety-of-compound-protocol-940498c78d68?source=rss------bug_bounty-5Top Cryptobug-bounty, bug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, compound-protocol22-Dec-2023
He stored your password in Cookiehttps://medium.com/@fixthis1000time/he-stored-your-password-in-cookie-5a6d0478e570?source=rss------bug_bounty-5fixthi$hacking, bug-bounty, ethical-hacking22-Dec-2023
How I was able to buy 2500 Rs product for 18rs in E-Commerce Website?https://medium.com/@shubhamsonani/how-i-was-able-to-buy-2500-rs-product-for-18rs-in-e-commerce-website-ada4e91b5b91?source=rss------bug_bounty-5Shubham Sonanibug-bounty, hacking, bug-bounty-tips, vulnerability, cybersecurity22-Dec-2023
PJWT Certificationhttps://medium.com/@OmarAlkhowaiter/pjwt-certification-f4f7995d35f6?source=rss------bug_bounty-5Omar Alkhowaitercertification, bug-bounty, penetration-testing, cybersecurity, web-exploitation22-Dec-2023
Consentify hits Beta Test phase boosted by a Bug Bounty program!https://datalaketoken.medium.com/consentify-hits-beta-test-phase-boosted-by-a-bug-bounty-program-6b621eadd02b?source=rss------bug_bounty-5Data Lakehealthcare, desci, bug-bounty, data-lake, research22-Dec-2023
Ideas for Testing Checkouthttps://lopseg.medium.com/ideas-for-testing-checkout-eebe6148729d?source=rss------bug_bounty-5Lopsegbug-bounty-tips, infosec, hacking, bug-bounty22-Dec-2023
Beyond Simple Alerts: Techniques for Evading WAF and Achieving XSS Successhttps://lopseg.medium.com/beyond-simple-alerts-techniques-for-evading-waf-and-achieving-xss-success-4409a5bd2ee0?source=rss------bug_bounty-5Lopsegbug-bounty-tips, hacking, xss-attack, bug-bounty22-Dec-2023
He stored your password in Cookiehttps://medium.com/@fixthis1000time/he-stored-your-password-in-cookie-5a6d0478e570?source=rss------bug_bounty-5fixthi$hacking, bug-bounty, cybersecurity, infosec, ethical-hacking22-Dec-2023
5 Tips Web Fuzz You Should Knowhttps://medium.com/@kerstan/5-tips-web-fuzz-you-should-know-00ef6c59407d?source=rss------bug_bounty-5kerstanbug-bounty, hacking, bug-bounty-tips, security, cybersecurity21-Dec-2023
TryHackMe AoC 2023 Side Quest final thoughtshttps://medium.com/@boogsta/tryhackme-aoc-2023-side-quest-final-thoughts-afcb5880be33?source=rss------bug_bounty-5Boogstahacking, cyber, tryhackme, cybersecurity, bug-bounty21-Dec-2023
88MPH Vulnerability Exploit and Get Free Crypt0S $$$$$$https://medium.com/@vinaysati/88mph-vulnerability-exploit-and-get-free-crypt0s-a4d4a8328dc7?source=rss------bug_bounty-5Vinaysatibug-bounty, hacking, web3bug, bug-bounty-tips, web321-Dec-2023
The art of subdomain monitoringhttps://medium.com/@muhannadahmed042/the-art-of-subdomain-monitoring-da610a0f8031?source=rss------bug_bounty-5muhannad hazaacybersecurity, penetration-testing, bug-bounty, recon21-Dec-2023
A Business logic error in Google Dialogflow enables a developer to delete the agent directly from…https://medium.com/@krityamkarma858041/a-business-logic-error-in-google-dialogflow-enables-a-developer-to-delete-the-agent-directly-from-3a5bf2a07706?source=rss------bug_bounty-5Krityamkarmagoogle-vrp, bug-bounty, ethical-hacking, google, hacking21-Dec-2023
Privacy at Risk: EXIF Metadata Exposure in User-Uploaded Imageshttps://samshadow.medium.com/privacy-at-risk-exif-metadata-exposure-in-user-uploaded-images-c2481f876d03?source=rss------bug_bounty-5Sam Shadowbug-bounty, bug-bounty-tips, bug-bounty-writeup, infosec, vulnerability21-Dec-2023
Aspiring Bug Bounty Hunters’ New Year Goals Toolkithttps://sl4x0.medium.com/aspiring-bug-bounty-hunters-new-year-goals-toolkit-a156c96e9de7?source=rss------bug_bounty-5Abdelrhman Allam (sl4x0)bug-bounty, new-year, goals, mindset, success21-Dec-2023
How Can Artificial Intelligence Revolutionize Bug Bounty?https://medium.com/@zouhairelgarouni/how-can-artificial-intelligence-revolutionize-bug-bounty-664e7f5ed3dd?source=rss------bug_bounty-5ZOUHAIR EL GAROUNItechnology, cybersecurity, bug-bounty, artificial-intelligence, cyberattack21-Dec-2023
I made online store to pay for my orders and get me free refunds.https://medium.com/@shubhamsonani/i-made-online-store-to-pay-for-my-orders-and-get-me-free-refunds-6f4db5893c13?source=rss------bug_bounty-5Shubham Sonanibug-bounty-tips, cybersecurity, vulnerability, hacking, bug-bounty21-Dec-2023
5 Tips Web Fuzz You Should Knowhttps://medium.com/@kerstan/5-tips-web-fuzz-you-should-know-00ef6c59407d?source=rss------bug_bounty-5kerstantechnology, bug-bounty, hacking, security, cybersecurity21-Dec-2023
A list of 50 tools every hacker should knowhttps://thexssrat.medium.com/a-list-of-50-tools-every-hacker-should-know-df8d87cf4b58?source=rss------bug_bounty-5Thexssrathacking-tools, hacking, bug-bounty, ethical-hacking21-Dec-2023
Open Redirect Validation Bypass Leads To Account Take Over (ATO)https://medium.com/@ozomarzu/open-redirect-validation-bypass-leads-to-account-take-over-ato-5166b3416e3f?source=rss------bug_bounty-5CyberOzbug-hunting, bug-bounty, bug-bounty-tips, hacker, web-security21-Dec-2023
Code4rena Blue vs. Traditional Bug Bountieshttps://medium.com/code4rena/code4rena-blue-vs-traditional-bug-bounties-478f469057c9?source=rss------bug_bounty-5aramasbug-bounty, smart-contract-security, code4rena, code4rena-blue21-Dec-2023
A Very Basic Beginner Bug Bounty Methodologyhttps://thexssrat.medium.com/a-very-basic-beginner-bug-bounty-methodology-15eca16ca787?source=rss------bug_bounty-5Thexssrathacking, bug-bounty, ethical-hacking21-Dec-2023
Bug Bounty: Tips for Finding Your First Bug as a Beginnerhttps://graph33.medium.com/bug-bounty-tips-for-finding-your-first-bug-as-a-beginner-120f71c709cd?source=rss------bug_bounty-5GHS08bug-bounty, hacking, cracking, coding21-Dec-2023
How My 9-Month-Old Daughter Earned Over $1,000 in a Bug Bounty Programhttps://maxilect-company.medium.com/how-my-9-month-old-daughter-earned-over-1-000-in-a-bug-bounty-program-be9ba1d77cad?source=rss------bug_bounty-5Maxilectsamsun, bug-bounty-program, bug-bounty20-Dec-2023
This is how much I made in my first year as a Bug Bounty Hunter in 2023 — Graduation Bonus!https://medium.com/@avbhijitdutta99/this-is-how-much-i-made-in-my-first-year-as-a-bug-bounty-hunter-in-2023-graduation-bonus-b45875225c88?source=rss------bug_bounty-5Abhijit Duttabug-bounty-tips, bug-bounty-program, bug-bounty, bugbountychallenge, bug-bounty-writeup20-Dec-2023
DOM XSS in jQuery anchor href attribute sink using location.search sourcehttps://medium.com/@marduk.i.am/dom-xss-in-jquery-anchor-href-attribute-sink-using-location-search-source-b1000b4b16b3?source=rss------bug_bounty-5Marduk I Amcross-site-scripting, portswigger-lab, cybersecurity, bug-bounty, dom-xss20-Dec-2023
How I doubled the store wallet amount for free?https://medium.com/@shubhamsonani/how-i-doubled-the-store-wallet-amount-for-free-d7396c05a304?source=rss------bug_bounty-5Shubham Sonanibug-bounty-tips, hacking, bug-bounty, cybersecurity, web-application-testing20-Dec-2023
Top Burp Suite Extensions Used by Penetration Testershttps://medium.com/@bharatvarshney567/top-burp-suite-extensions-used-by-penetration-testers-fa90fe26816c?source=rss------bug_bounty-5Bharat Varshneyowasp, bug-bounty, security-testing, security-services, penetration-testing20-Dec-2023
How to earn with earn bug boutny part-2?https://medium.com/@ashutoshgiri133/how-to-earn-with-earn-bug-boutny-part-2-1dcfe1922a33?source=rss------bug_bounty-5Tech Blaze ごじょcoding, money, bug-bounty, business20-Dec-2023
“CVE-2023–43837: Two-Factor Authentication (x2FA) Bypass Vulnerability in Roundcube Webmail Plugin”https://medium.com/@ChandSingh/cve-2023-43837-two-factor-authentication-x2fa-bypass-vulnerability-in-roundcube-webmail-plugin-f2fef177187e?source=rss------bug_bounty-5Chand Singhcve, vulnerability, cybersecurity, bug-bounty, security20-Dec-2023
Web Security Diaryhttps://medium.com/@muratkabakk1/web-security-diary-4b2148326abe?source=rss------bug_bounty-5Murat Kbug-bounty, web-security20-Dec-2023
Introducing Code4rena Blue: More than just bug bountieshttps://medium.com/code4rena/introducing-code4rena-blue-more-than-just-bug-bounties-f2a9949c6b9c?source=rss------bug_bounty-5aramassmart-contract-security, code4rena, bug-bounty20-Dec-2023
Learn Command Injection Vulnerabilitieshttps://bicodev.medium.com/learn-command-injection-vulnerabilities-2a8ed26eb47a?source=rss------bug_bounty-5BICODEVlinux, python-programming, cybersecurity, bug-bounty, penetration-testing19-Dec-2023
Hack the Web like a Pirate: Identifying Vulnerabilities with Stylehttps://bicodev.medium.com/hack-the-web-like-a-pirate-identifying-vulnerabilities-with-style-171246a302a5?source=rss------bug_bounty-5BICODEVpython, bug-bounty, cybersecurity, hacker, penetration-testing19-Dec-2023
3 Steps Discovered XXE You should Knowhttps://medium.com/@kerstan/3-steps-discovered-xxe-you-should-know-d779ab5eb056?source=rss------bug_bounty-5kerstansecurity, pentesting, hacking, cybersecurity, bug-bounty19-Dec-2023
DOM XSS in innerHTML sink using source location.searchhttps://medium.com/@marduk.i.am/dom-xss-in-innerhtml-sink-using-source-location-search-a3ac4546ca5c?source=rss------bug_bounty-5Marduk I Ambug-bounty, cybersecurity, dom-xss, cross-site-scripting, portswigger-lab19-Dec-2023
Zero Trust Architecturehttps://medium.com/@khan.ghufran.0000/zero-trust-architecture-f47e9da3eaec?source=rss------bug_bounty-5Khan Ghufranarchitecture, bug-bounty, cybersecurity, cyber-security-solutions, infosec19-Dec-2023
Rekomendasi Buku Bug Bounty Untuk Pemulahttps://medium.com/@arenaldyp/rekomendasi-buku-bug-bounty-untuk-pemula-5aadd03f434f?source=rss------bug_bounty-5K1ngP1ngbug-bounty, indonesia, web-security, recommendations, hacking19-Dec-2023
Is It Worth Quitting 9–5 Job For a Full-Time Bug Bounty?https://ajaksecurity.medium.com/is-it-worth-quitting-9-5-job-for-a-full-time-bug-bounty-8274f6808aab?source=rss------bug_bounty-5Ajak Cyber securityethical-hacking, cybersecurity, blog, jobs, bug-bounty19-Dec-2023
Directory Listing Vulnerabilityhttps://medium.com/@digant_15/directory-listing-vulnerability-b2e1583d8a7e?source=rss------bug_bounty-5Digant Prajapaticybersecurity, directory-listing, bug-bounty19-Dec-2023
How One Bug Scored Me Double Rewards!https://anasbetis023.medium.com/how-one-bug-scored-me-double-rewards-355b8d02cdbf?source=rss------bug_bounty-5Anas H Hmaidycybersecurity, bug-bounty, penetration-testing, ethical-hacking, web-security19-Dec-2023
Join Any Facebook Group As Deactivated Additional Profilehttps://zerocode-ph.medium.com/join-any-facebook-group-as-deactivated-additional-profile-f63a31db7797?source=rss------bug_bounty-5Syd Ricafortfacebook, bug-bounty, facebook-bug-bounty19-Dec-2023
How I Found SQL Injection worth of $4,000 bountyhttps://roberto99.medium.com/how-i-found-sql-injection-worth-of-4-000-bounty-16ca09cbf8ec?source=rss------bug_bounty-5Roberto Nunesbug-bounty, sql-injection, bug-bounty-writeup, bug-bounty-tips, reconnaissance19-Dec-2023
#6.TryHackMe Series writeups: Brooklyn Nine Ninehttps://cyb3rmind.medium.com/6-tryhackme-series-writeups-brooklyn-nine-nine-a0f7f074cbab?source=rss------bug_bounty-5Cyb3r M!ndthm-writeup, tryhackme, ctf-writeup, brooklyn-nine-nine, bug-bounty19-Dec-2023
The Ultimate Guide to Uncovering XSS Vulnerabilities at Scalehttps://medium.com/@cyndybruce1967/the-ultimate-guide-to-uncovering-xss-vulnerabilities-at-scale-1f35ecb765b7?source=rss------bug_bounty-5Cyndybrucecybersecurity, penetration-testing, automation, bug-bounty, xs19-Dec-2023
The Ultimate Guide to Hunting for XSS Vulnerabilities at Scalehttps://medium.com/@elitumbleson1978/the-ultimate-guide-to-hunting-for-xss-vulnerabilities-at-scale-bfde4a9beae6?source=rss------bug_bounty-5Elitumblesoncybersecurity, penetration-testing, bug-bounty, xs, automation19-Dec-2023
Understanding Cross-Site Scripting (XSS) Attacks: Risks, Prevention, and Impacthttps://securitylit.medium.com/understanding-cross-site-scripting-xss-attacks-risks-prevention-and-impact-ce002e5fbb1a?source=rss------bug_bounty-5Security Lit Limitedxss-attack, technology, bug-bounty, cybersecurity, vulnerability18-Dec-2023
why you need to filter the input and the output —  stored xsshttps://medium.com/@Mr3Moe/why-you-need-to-filter-the-input-and-the-output-stored-xss-66f67c663703?source=rss------bug_bounty-5Mr3Moeweb-penetration-testing, appsec, bug-bounty18-Dec-2023
Lets Dive into the Intense World of Malware Analysis!https://medium.com/@paritoshblogs/lets-dive-into-the-intense-world-of-malware-analysis-3c9e242d8c16?source=rss------bug_bounty-5Paritoshinformation-security, malware-analysis, cybersecurity, programming, bug-bounty18-Dec-2023
Burp Suite Bambdahttps://medium.com/offensive-black-hat-hacking-security/burp-suite-bambda-b9b8f57d6b46?source=rss------bug_bounty-5Harshad Shahbug-bounty, hacking, cybersecurity, infosec, penetration-testing18-Dec-2023
Top Burp Suite Extensions Used by Penetration Testershttps://securitycipher.medium.com/top-burp-suite-extensions-used-by-penetration-testers-ee971a73256a?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)bug-bounty-tips, security, cybersecurity, bug-bounty, technology18-Dec-2023
How to write a perfect pentest reporthttps://arex-godofwar.medium.com/how-to-write-a-perfect-pentest-report-edb63cc68b36?source=rss------bug_bounty-5Ahmadreza Parsizadehpentesting, bug-bounty, reporting, offensive-security18-Dec-2023
Mastering Web Application Security: Defending Against Injections and Broken Access Controlhttps://medium.com/@moldovanzsombor/mastering-web-application-security-defending-against-injections-and-broken-access-control-34161cbefc8f?source=rss------bug_bounty-5Moldovan Zsomborhacking, cybersecurity, web-applications, bug-bounty18-Dec-2023
CyberSecurity Day 01 to 100: DAY 08 |A Comprehensive Guide for Novices and Expertshttps://medium.com/@acs_society/cybersecurity-day-01-to-100-day-08-a-comprehensive-guide-for-novices-and-experts-55d3ef86abbf?source=rss------bug_bounty-5Association For Cyber Securityacsociety, ethical-hacking, cybersecurity, bug-bounty, security-engineer18-Dec-2023
This Tool Helps Me To Find The Origin IP Addresshttps://ajaksecurity.medium.com/this-tool-helps-me-to-find-the-origin-ip-address-d9c2abceafb2?source=rss------bug_bounty-5Ajak Cyber securityhacking, ethical-hacking, blog, bug-bounty, penetration-testing18-Dec-2023
ParagonsDAO’s Bug Bounty Programhttps://medium.com/paragonsdao/paragonsdaos-bug-bounty-program-8cfb82f786c0?source=rss------bug_bounty-5ParagonsDAOweb3, immunefi, bug-bounty, paragonsdao18-Dec-2023
Go Witness Install Guide…https://medium.com/@psychomong/go-witness-install-guide-a62d96be30b0?source=rss------bug_bounty-5psychomonghacking-tools, bug-bounty, golang, hacking, osint18-Dec-2023
CyberSecurity Day 01 to 100: DAY 08 | A Comprehensive Guide for Novices and Expertshttps://medium.com/@acs_society/cybersecurity-day-01-to-100-day-08-a-comprehensive-guide-for-novices-and-experts-55d3ef86abbf?source=rss------bug_bounty-5Association For Cyber Securityacsociety, ethical-hacking, cybersecurity, bug-bounty, security-engineer18-Dec-2023
How I Could Leak Phone Numbers and Emails of Indian Voters and Applicantshttps://medium.com/@Mr.Equinox/how-i-could-leak-phone-numbers-and-emails-of-indian-voters-and-applicants-dd1fc699d81e?source=rss------bug_bounty-5Sahil Mhatrebug-bounty, mybugs, bug-hunting, api-security, vapt18-Dec-2023
Horizon Protocol V2 — Hacken Bug Bounty Program Now Live On Testnethttps://horizonprotocol.medium.com/horizon-protocol-v2-hacken-bug-bounty-program-now-live-on-testnet-4617205c7184?source=rss------bug_bounty-5Horizon Protocolbug-bounty, defi, hacken, derivatives, synthetic-asset18-Dec-2023
Getting Started with Recon Automation using ReNgine on Windows (WSL): Installation Guidehttps://mxmd.medium.com/getting-started-with-recon-automation-using-rengine-on-windows-wsl-installation-guide-50ad95b8a7a9?source=rss------bug_bounty-5Max Klosereconnaissance, bug-bounty-hunting, automation, bug-bounty, guides-and-tutorials18-Dec-2023
Bug Zero at a Glance [19–30 November]https://blog.bugzero.io/bug-zero-at-a-glance-19-30-november-8470a11d3015?source=rss------bug_bounty-5Januka Dharmapriyabug-zero, newsletter, cybersecurity, sri-lanka, bug-bounty17-Dec-2023
Mitel MiCollab AWV Directory Traversal Vulnerability (CVE-2020–11798)https://samshadow.medium.com/mitel-micollab-awv-directory-traversal-vulnerability-cve-2020-11798-ec1408cd35b9?source=rss------bug_bounty-5Sam Shadowbug-bounty, bug-bounty-writeup, bug-bounty-tips, vulnerability, directory-traversal17-Dec-2023
Unveiling a Security Flaw: The Divergence of OTP and Link Password Authentication in redacted.comhttps://medium.com/@MohaseenK/unveiling-a-security-flaw-the-divergence-of-otp-and-link-password-authentication-in-redacted-com-27e0cc2dc73c?source=rss------bug_bounty-5Mohaseenbug-hunting, password-reset, bug-bounty, hackerone17-Dec-2023
XSSRF : The Unholy Matrimony of XSS and SSRFhttps://naumankh4n.medium.com/xssrf-the-unholy-matrimony-of-xss-and-ssrf-89f7abfca5b3?source=rss------bug_bounty-5Nauman Khancybersecurity, hacking, bug-bounty, penetration-testing, money17-Dec-2023
Bug Bounty programmes give people the fear (they shouldn’t)https://medium.com/@ethanrom/bug-bounty-programmes-give-people-the-fear-they-shouldnt-755466351140?source=rss------bug_bounty-5Leo Chacking, cybersecurity, ciso, culture, bug-bounty17-Dec-2023
V3 Testnet Bug Bountyhttps://tribeone.medium.com/v3-testnet-bug-bounty-8281b8775843?source=rss------bug_bounty-5TribeOnenft, smart-contract-security, bug-bounty17-Dec-2023
DOM XSS in document.write sink using source location.searchhttps://medium.com/@marduk.i.am/dom-xss-in-document-write-sink-using-source-location-search-ae458bc5c85f?source=rss------bug_bounty-5Marduk I Amdom-xss, cross-site-scripting, cybersecurity, bug-bounty, portswigger-lab17-Dec-2023
Reflected XSS in BGMIhttps://medium.com/@patil97/reflected-xss-in-bgmi-38ed48773981?source=rss------bug_bounty-5Patil97bug-bounty, xs, bugs, security17-Dec-2023
Main Methodology 1 | Part 04 | What To Do After Choosing a Targethttps://infosecwriteups.com/main-methodology-1-part-04-what-to-do-after-choosing-a-target-f9cea586d6af?source=rss------bug_bounty-5Om Arorabug-bounty, bug-bounty-tips, hacking, infosec, methodology17-Dec-2023
When not to rely on Automated Toolshttps://medium.com/@rodriguezjorgex/when-not-to-rely-on-automated-tools-429b331e0613?source=rss------bug_bounty-5Rodriguezjorgexcybersecurity, bug-bounty, xss-attack, prototype-pollution, bug-bounty-tips16-Dec-2023
Escalating DOM XSS to Stored XSShttps://medium.com/@rodriguezjorgex/escalating-dom-xss-to-stored-xss-eb6f3a669af3?source=rss------bug_bounty-5Rodriguezjorgexcross-site-scripting, bug-bounty, hacking, cybersecurity, xss-attack16-Dec-2023
Mitigating Risks: Securing Symfony Profiler from Unwanted Exposurehttps://samshadow.medium.com/mitigating-risks-securing-symfony-profiler-from-unwanted-exposure-14e90a53dd65?source=rss------bug_bounty-5Sam Shadowbug-bounty-writeup, bug-bounty, bug-bounty-tips, vulnerability16-Dec-2023
Unveiling Vulnerabilities: PHP Debug Bar Exposes Sensitive Informationhttps://samshadow.medium.com/unveiling-vulnerabilities-php-debug-bar-exposes-sensitive-information-ca341267fe33?source=rss------bug_bounty-5Sam Shadowvulnerability, bug-bounty, bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter16-Dec-2023
Self-XSS to Stored XSShttps://medium.com/@rodriguezjorgex/self-xss-to-stored-xss-b4b999610c5b?source=rss------bug_bounty-5Rodriguezjorgexhacking, cybersecurity, bug-bounty, xss-attack, bug-bounty-tips16-Dec-2023
Unveiling CVE-2019-11248: A Vulnerability in Kuberneteshttps://samshadow.medium.com/unveiling-cve-2019-11248-a-vulnerability-in-kubernetes-83a831afaccd?source=rss------bug_bounty-5Sam Shadowbug-bounty, bug-bounty-hunter, bug-bounty-tips, vulnerability, bug-bounty-writeup16-Dec-2023
DOM-based vulnerabilitieshttps://ayonthakur101.medium.com/dom-based-vulnerabilities-db02d7437b26?source=rss------bug_bounty-5Ayon Thakurpenetration-testing, bug-bounty, hacker, portswigger, burp-suit16-Dec-2023
SSTI gave me T-Shirt + € 50https://medium.com/@bug.hun3r/ssti-got-me-t-shirt-50-a8672ca766c9?source=rss------bug_bounty-5mo9kHu93rinformation-security, bug-bounty, bug-hunting, info-sec-writeups, cybersecurity16-Dec-2023
Kakar Securityhttps://medium.com/@walikhankakar313/kakar-security-cf15f39baede?source=rss------bug_bounty-5Wali Khan Kakarwebsite-scanning, penetration, security, hacking-world, bug-bounty16-Dec-2023
Headline: Indian Government Issues High-Risk Warning for Samsung Galaxy S23 and Other Modelshttps://riglabscollective.medium.com/headline-indian-government-issues-high-risk-warning-for-samsung-galaxy-s23-and-other-models-2c153d5bcc62?source=rss------bug_bounty-5Riglabs Collectivesamsung-galaxy, india, s23ultra, mobile, bug-bounty15-Dec-2023
6 Quick Discover Bug Search Syntax In Code-basehttps://medium.com/@kerstan/6-quick-discover-bug-search-syntax-in-code-base-eb3d6fb6e929?source=rss------bug_bounty-5kerstanhacker, cybersecurity, bug-bounty, security, bug-bounty-tips15-Dec-2023
Easy Money from the Most Trivially Easy Broken Access Controlhttps://abd11atarek.medium.com/easy-money-from-the-most-trivially-easy-broken-access-control-4d810af327f7?source=rss------bug_bounty-5abda11atarekbugcrowd, bug-bounty-tips, bug-hunter, bug-bounty, broken-access-control15-Dec-2023
HTTP/2 Request Smugglinghttps://medium.com/@kerstan/http-2-request-smuggling-b6ef5ae351fb?source=rss------bug_bounty-5kerstanhacking, https, bug-bounty-tips, bug-bounty, cybersecurity15-Dec-2023
3 Cases of DOM XSS in Bug Bountyhttps://medium.com/@kerstan/3-cases-of-dom-xss-in-bug-bounty-0744003f0b2b?source=rss------bug_bounty-5kerstanbug-bounty, xss-attack, hacking, cybersecurity, bug-bounty-tips15-Dec-2023
How I Automatically Discovered SSRF in Hackerone Programhttps://medium.com/@kerstan/how-i-automatically-discovered-ssrf-in-hackerone-program-2ae0b7a6ef1b?source=rss------bug_bounty-5kerstanbug-bounty-tips, cybersecurity, hacking, ssrf, bug-bounty15-Dec-2023
How I Discovered SSRF on Hackerone Programhttps://medium.com/@kerstan/how-i-discovered-ssrf-on-hackerone-program-7bbe72334f74?source=rss------bug_bounty-5kerstanbug-bounty-tips, bug-bounty, ssrf, hacker, graphql15-Dec-2023
From CloudSec to Application Security, Bug Bounties to Cybersecurity tooling, and Morehttps://infosecwriteups.com/from-cloudsec-to-application-security-bug-bounties-to-cybersecurity-tooling-and-more-9f4a1819620c?source=rss------bug_bounty-5InfoSec Write-upshacking, conference, bug-bounty, security, information-security15-Dec-2023
One port can be a costly mistake | Attack The Rsync Service in a Private Programhttps://medium.com/@sword0x00/one-port-can-be-a-costly-mistake-attack-the-rsync-service-in-a-private-program-cdbf9ecc650d?source=rss------bug_bounty-5Mohanad Heshamrsync, bug-bounty, fingerprinting, port-scan, hacking15-Dec-2023
How To Explore and Exploit GraphQL [Indonesia]https://revan-ar.medium.com/how-to-explore-and-exploit-graphql-indonesia-562c560f46c6?source=rss------bug_bounty-5Revan Abug-bounty, web-security, api, penetration-testing, graphql15-Dec-2023
Subdomain Takeover in Azure Trafficmanager for Fun & Profithttps://padsalatushal.medium.com/subdomain-takeover-in-azure-trafficmanager-for-fun-profit-09c858ca3d0e?source=rss------bug_bounty-5Padsala Tushalbug-bounty, cybersecurity, infosec, subdomain-takeover, bug-bounty-tips15-Dec-2023
Cookie Quest: XSS Admin Assaulthttps://medium.com/@josh.beck2006/cookie-quest-xss-admin-assault-694769f84796?source=rss------bug_bounty-5Josh Beckcybersecurity, programming, penetration-testing, bug-bounty, ctf-writeup14-Dec-2023
How did I find open redirect on LinkedInhttps://medium.com/@neverl0gbughunt/how-did-i-find-open-redirect-on-linkedin-e35918b3b129?source=rss------bug_bounty-5neverl0gbug-bounty-tips, bug-bounty-writeup, bug-bounty14-Dec-2023
All about Ethical Hackinghttps://securitycipher.medium.com/all-about-ethical-hacking-277b9c3e4b36?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)technology, security, cybersecurity, bug-bounty, hacking14-Dec-2023
Uncovering an Account Takeover Vulnerability: Auth Bypass via Response Manipulation.https://medium.com/@kataeriidubstep/uncovering-an-account-takeover-vulnerability-auth-bypass-via-response-manipulation-ba8257f917d2?source=rss------bug_bounty-5Pavan kumar.Gcybersecurity, appsec, bug-bounty14-Dec-2023
Remote Code execution at ws1.aholdusa.com — Compromising logins of Ahold Delhaize USA employeeshttps://medium.com/@jonathanbouman/remote-code-execution-at-ws1-aholdusa-com-compromising-logins-of-ahold-delhaize-usa-employees-c7c9aca7e05d?source=rss------bug_bounty-5Jonathan Boumancybersecurity, bug-bounty, rce, hacking, security14-Dec-2023
How I Quickly Discover Bug In Codebasehttps://medium.com/@kerstan/how-i-quickly-discover-bug-in-code-6a3bfa7e6e82?source=rss------bug_bounty-5kerstanbug-bounty, programming, technology, code-review, cybersecurity14-Dec-2023
How i found a Permanent Denial of Service via Account Lockout:https://medium.com/@kataeriidubstep/how-i-found-a-permanent-denial-of-service-via-account-lockout-ac1bc33c3c0a?source=rss------bug_bounty-5Pavan kumar.Gappsec, cybersecurity, bug-bounty14-Dec-2023
How i found a Misconfigured CORS Vulnerability — Unauthorized Cross-Origin Resource Sharing :https://medium.com/@kataeriidubstep/how-i-found-a-misconfigured-cors-vulnerability-unauthorized-cross-origin-resource-sharing-16effea37e78?source=rss------bug_bounty-5Pavan kumar.Gappsec, cybersecurity, bug-bounty14-Dec-2023
How i found a Password Reset Token Leak via Referer Header:https://medium.com/@kataeriidubstep/how-i-found-a-password-reset-token-leak-via-referer-header-7d71d35b0ea8?source=rss------bug_bounty-5Pavan kumar.Gappsec, cybersecurity, bug-bounty14-Dec-2023
Adobe Recap: 2023 Ambassador World Cup Final Fourhttps://blog.developer.adobe.com/adobe-recap-2023-ambassador-world-cup-final-four-df701e1a1b12?source=rss------bug_bounty-5Chris Parkersonhacking, security, bug-bounty, hackathons, security-research14-Dec-2023
Starlink Router Gen 2 is vulnerable to XSS.https://medium.com/@hackintoanetwork/starlink-router-gen-2-is-vulnerable-to-xss-48cfcadd0b13?source=rss------bug_bounty-5hackintoanetworkbug-bounty, starlink, exploit, dishy, router14-Dec-2023
VulnLab — SQL Injection series — Bypass Login part 2(Database Collect)https://medium.com/@kurobe09/vulnlab-sql-injection-series-bypass-login-part-2-database-collect-1e6aa36a1308?source=rss------bug_bounty-5kurobe09cybersecurity, cyberattack, pentest-learnings, sql-injection, bug-bounty13-Dec-2023
Cross-Site Scripting (XSS)https://medium.com/@savanghori1203/cross-site-scripting-xss-c288793349a9?source=rss------bug_bounty-5SavanGhoribug-bounty, xss-attack, xss-vulnerability, bug-bounty-tips, vulnerability13-Dec-2023
phpinfo() — My First Resolved Bug in HackerOnehttps://medium.com/@ft.eagle.eye.1/phpinfo-my-first-resolved-bug-in-hackerone-a22fea1adb9b?source=rss------bug_bounty-5Muhammad Farhad Ansarybug-bounty, bug-bounty-tips13-Dec-2023
AppSec Tales XXIV | Deserializationhttps://karol-mazurek95.medium.com/appsec-tales-xxiv-deserialization-841d6bfaa710?source=rss------bug_bounty-5Karol Mazurekpenetration-testing, bug-bounty, information-technology, information-security, cybersecurity13-Dec-2023
Only 3 Days Left For IWCON 2023https://infosecwriteups.com/only-3-days-left-for-iwcon-2023-bab915df5ae8?source=rss------bug_bounty-5InfoSec Write-upshacking, bug-bounty, conference, information-security, programming13-Dec-2023
A misconfiguration in the password reset process can lead to an account takeover.https://medium.com/@Mr3Moe/a-misconfiguration-in-the-password-reset-process-can-lead-to-an-account-takeover-30c43e17d744?source=rss------bug_bounty-5Mr3Moeweb-application-security, web-app-pentesting, bug-bounty, web-app-security13-Dec-2023
I found out what my neighbour was looking at on the internet, This is how ?https://navnee1h.medium.com/i-found-out-what-my-neighbour-was-looking-at-on-the-internet-this-is-how-050c4dfef8b4?source=rss------bug_bounty-5Navaneeth M Sbug-bounty, monitoring, dns, hacking, wifi13-Dec-2023
Day 13 Bug Bounty — 60 days 60 bugs challenge (Found P1!!! Hope it gets accepted)https://medium.com/@avbhijitdutta99/day-13-bug-bounty-60-days-60-bugs-challenge-found-p1-hope-it-gets-accepted-670f0dcc25f3?source=rss------bug_bounty-5Abhijit Duttabug-bounty-writeup, bug-bounty, bug-bounty-program, bug-bounty-tips, bugbountychallenge13-Dec-2023
OpenBounty, Shentu’s New Approach in Security Ecosystemhttps://shentuchain.medium.com/openbounty-shentus-new-approach-in-security-ecosystem-fbae6506d956?source=rss------bug_bounty-5Shentu Chainbounty-program, bounty-hunter, bug-bounty, web3, cybersecurity12-Dec-2023
Mobile Application Security Testing: Navigating the Digital Landscape Safelyhttps://medium.com/geekculture/mobile-application-security-testing-navigating-the-digital-landscape-safely-3aead90a5455?source=rss------bug_bounty-5Security Lit Limitedmobile-security, cybersecurity, programming, vapt, bug-bounty12-Dec-2023
I will do Vulnerability Assessment and penetration testing on your websitehttps://securitycipher.medium.com/i-will-do-vulnerability-assessment-and-penetration-testing-on-your-website-5cd4fb147a33?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)services, bug-bounty, security, cybersecurity, technology12-Dec-2023
Skills Needed For Bug Bountyhttps://medium.com/@joshdesharnais1/skills-needed-for-bug-bounty-23e289ef0853?source=rss------bug_bounty-5Joshua Desharnaisxss-attack, idor, bug-bounty, account-takeover12-Dec-2023
Duplicate CSRF… Leads to $$$$https://shellbreaker.medium.com/duplicate-csrf-leads-to-26c1ddc71dc5?source=rss------bug_bounty-5Bhavesh aka Shellbreakerhacking, info-sec-writeups, bug-bounty, cybersecurity, bug-bounty-tips12-Dec-2023
Server-Side Request Forgery (SSRF)https://medium.com/@savanghori1203/server-side-request-forgery-ssrf-ca04465ac41a?source=rss------bug_bounty-5SavanGhoribug-bounty, vulnerability, bug-bounty-tips, ssrf, bugs12-Dec-2023
Remote Code Execution (RCE)https://medium.com/@savanghori1203/remote-code-execution-rce-e8628b1432de?source=rss------bug_bounty-5SavanGhoribug-bounty-tips, bugs, vulnerability, rce, bug-bounty12-Dec-2023
Join ARPA’s Bug Bounty Program with Immunefi — Up to $50,000 in Rewards!https://arpa.medium.com/join-arpas-bug-bounty-program-with-immunefi-up-to-50-000-in-rewards-18d9fbd7b193?source=rss------bug_bounty-5ARPA Officialblockchain, developer, bug-bounty, debugging12-Dec-2023
Easy Admin Access — RVDP (2)https://infosecwriteups.com/easy-admin-access-rvdp-2-bf2ec8349ebf?source=rss------bug_bounty-5hackerdevilpenetration-testing, hacking, bug-bounty-tips, bug-bounty, bug-bounty-writeup12-Dec-2023
One Scheme to Rule Them All: OAuth Account Takeoverhttps://medium.com/@ostorlab/one-scheme-to-rule-them-all-oauth-account-takeover-26ac4cb5e898?source=rss------bug_bounty-5Ostorlabmobile-security, bug-bounty, oauth, bug-bounty-tips, account-takeover12-Dec-2023
The launch of incentivized testnet for TribeOne V3https://tribeone.medium.com/the-launch-of-incentivized-testnet-for-tribeone-v3-6e12a1eb6d0f?source=rss------bug_bounty-5TribeOnebug-bounty, perpetual-contracts, testnet, nft, trading-competition12-Dec-2023
Hacking NASA and Got Hall of Famehttps://medium.com/@bug.hun3r/hacking-nasa-and-got-hall-of-fame-71f9a344d1d0?source=rss------bug_bounty-5mo9kHu93rpenetration-testing, cybersecurity, nasa, ethical-hacking, bug-bounty12-Dec-2023
Build3rs Bug Bounty Programhttps://medium.com/@Lay3rsXR/build3rs-bug-bounty-program-8b874bdfee0e?source=rss------bug_bounty-5Lay3rsbuild3rs, bug-bounty, blockchain, refis12-Dec-2023
Bug Bounty and Hacking Books You Should Read (Must Read)https://rajkaran359.medium.com/bug-bounty-and-hacking-books-you-should-read-must-read-57ca722ad51d?source=rss------bug_bounty-5Rajkaranbug-bounty, hacking-books, hacking, cybersecurity, bug-bounty-tips12-Dec-2023
How I got $300 for Default Credential Login at Bugcrowdhttps://medium.com/@avbhijitdutta99/how-i-got-300-for-default-credential-login-at-bugcrowd-30368eb698f7?source=rss------bug_bounty-5Abhijit Duttabug-bounty-tips, bug-bounty-program, bug-bounty, bug-bounty-writeup12-Dec-2023
missing session scopes lead to authentication bypasshttps://medium.com/@Mr3Moe/missing-session-scopes-lead-to-authentication-bypass-2e1cdaebda7b?source=rss------bug_bounty-5Mr3Moeweb, bug-bounty, appsec, web-penetration-testing12-Dec-2023
Exploiting Django Debug Mode for Unrestricted Access to the Internal Dashboard?https://rokkamvamsi18.medium.com/exploiting-django-debug-mode-for-unrestricted-access-to-the-internal-dashboard-b725783714ae?source=rss------bug_bounty-5Rokkam_Vamshi1_8bug-bounty-tips, django, bug-bounty, hackerone, infosec12-Dec-2023
Portswigger Labs — Api-testinghttps://medium.com/@rynnnn617/portswigger-labs-api-testing-86a8827ddfdc?source=rss------bug_bounty-5Ry4nnnnportswigger, appsec, bug-bounty, burp11-Dec-2023
How to learn Hacking From 0 to Herohttps://rajput623929.medium.com/how-to-learn-hacking-from-0-to-hero-4a5f288c003d?source=rss------bug_bounty-5Mr.Horbiobug-bounty, cryptography, ethical-hacking, cybersecurity, hacking11-Dec-2023
How i found a Host Header Injection in Password Reset Function:https://medium.com/@kataeriidubstep/how-i-found-a-host-header-injection-in-password-reset-function-5c2ba8d209e6?source=rss------bug_bounty-5Pavan kumar.Gcybersecurity, appsec, bug-bounty11-Dec-2023
How I Automatically Discovered SSRF in Hackerone Programshttps://medium.com/@kerstan/how-i-automatically-discovered-ssrf-in-hackerone-programs-39e27a1554b5?source=rss------bug_bounty-5kerstansecurity, ssrf, bug-bounty-tips, bug-bounty, hacker11-Dec-2023
Next js and Antd Desing css demora milesimos de segundos para carregar na página.https://medium.com/@yurioliveiragochi/next-js-and-antd-desing-css-demora-milesimos-de-segundos-para-carregar-na-p%C3%A1gina-77f3b203dac8?source=rss------bug_bounty-5Yuri Oliveira Gochibug-bounty, antd, next, react11-Dec-2023
Unveiling the World of Bug Bounty Programs: Enhancing Cybersecurity Through Collaborationhttps://medium.com/@bahadur4630105/unveiling-the-world-of-bug-bounty-programs-enhancing-cybersecurity-through-collaboration-bde9831b6882?source=rss------bug_bounty-5Syed Dawoodcyber-security-awareness, bug-bounty, bugbounty-writeup, bug-bounty-tips, bug-bounty-hunter11-Dec-2023
Dollars and Detectives: An Unique way to XSS Mysteries ( Not a Simp one ) for a $150 Rewardhttps://naumankh4n.medium.com/dollars-and-detectives-an-unique-way-to-xss-mysteries-not-a-simp-one-for-a-150-reward-f5d2d80d5022?source=rss------bug_bounty-5Nauman Khanmoney, ai, cybersecurity, hacking, bug-bounty11-Dec-2023
Say Goodbye to Password Hassles with These Cutting-Edge Security Trends!https://medium.com/@paritoshblogs/say-goodbye-to-password-hassles-with-these-cutting-edge-security-trends-8b8f6ad8f6d4?source=rss------bug_bounty-5Paritoshbug-bounty, information-security, cybersecurity, passwordless, passwords11-Dec-2023
HackTheBox — Session Security: Obtain Session Identifier via XSShttps://medium.com/@harry.hphu/hackthebox-session-security-obtain-session-identifier-via-xss-c151160c03b0?source=rss------bug_bounty-5Huy Phuhackthebox, web-security, session-security, bug-bounty, xss-attack11-Dec-2023
So you found Auth0 secrets, now what?https://blog.prodefense.io/so-you-found-auth0-secrets-now-what-0945642ac09b?source=rss------bug_bounty-5Nightbanepentesting, security, red-team, bug-bounty, auth011-Dec-2023
Kubernetes CR injection techniquehttps://medium.com/@esonhugh/kubernetes-cr-injection-technique-b4506500b8e9?source=rss------bug_bounty-5Esonhughhacking, custom-resource, bug-bounty, kubernetes-security10-Dec-2023
Bug bounty training from scratch(part2->lesson10):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson10-57551e079751?source=rss------bug_bounty-5Pavan kumar.Gcomputer-science, appsec, bug-bounty, networking10-Dec-2023
Bug bounty training from scratch(part2->lesson9):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson9-4802a25a2570?source=rss------bug_bounty-5Pavan kumar.Gcomputer-science, bug-bounty, appsec, networking10-Dec-2023
Bug bounty training from scratch(part2->lesson8):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson8-e8a2b87c3ac2?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, networking, appsec, computer-science10-Dec-2023
Bug bounty training from scratch(part2->lesson7):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson7-152c167dbc0f?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, appsec, computer-science, networking10-Dec-2023
Bug bounty training from scratch(part2->lesson6):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson6-43abf1f342ec?source=rss------bug_bounty-5Pavan kumar.Gnetworking, computer-science, appsec, bug-bounty10-Dec-2023
Bug bounty training from scratch(part2->lesson5):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson5-f0042df50fca?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, networking, computer-science, appsec10-Dec-2023
Bug bounty training from scratch(part2->lesson4):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson4-29d491577d8c?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, networking, computer-science, appsec10-Dec-2023
Bug bounty training from scratch(part2->lesson3):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson3-80794013cf99?source=rss------bug_bounty-5Pavan kumar.Gnetworking, bug-bounty, computer-science, appsec10-Dec-2023
Bug bounty training from scratch(part2->lesson2):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson2-177e4a21e8d3?source=rss------bug_bounty-5Pavan kumar.Gcomputer-science, appsec, networking, bug-bounty10-Dec-2023
Bug bounty training from scratch(part2->lesson1) :https://medium.com/@kataeriidubstep/understanding-ip-addressing-a-comprehensive-overview-95bf12e05cae?source=rss------bug_bounty-5Pavan kumar.Gnetwork-engineering, computer-science, appsec, bug-bounty10-Dec-2023
Bug bounty training from scratch(part2->lessonhttps://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson-7a58ad73a31d?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, appsec, networking, computer-science10-Dec-2023
How to not implement payment features - Insights from Bugbountyhttps://medium.com/@sivakrishnasamireddi/how-to-not-implement-payment-features-insights-from-bugbounty-e3d375566ad0?source=rss------bug_bounty-5Siva Krishna Samireddihacking, payments, bug-bounty, security, bugbounty-writeup10-Dec-2023
5 Tips for the Beginners Who Want to Start Bug Bountyhttps://medium.com/@bhuiyanaman71/5-tips-for-the-beginners-who-want-to-start-bug-bounty-c1a1a952e605?source=rss------bug_bounty-5Aman Bhuiyanweb-hacking, bug-bounty, bug-bounty-tips, hacking, ethical-hacking10-Dec-2023
In under age (<18), How I Hacked Multi- Billion-Dollar-Corp and got first 4 fig. $2600 Bounty!https://medium.com/@manan_sanghvi/in-under-age-18-how-i-hacked-multi-billion-dollar-corp-and-got-first-4-fig-2600-bounty-d9ce97b3652e?source=rss------bug_bounty-5Manan Sanghviidor, bug-bounty, first-bounty, web-application-security, hacking10-Dec-2023
Bug Bounty Testing: Test Ideashttps://medium.com/@lopseg/bug-bounty-testing-test-ideas-cf6e8ec5aed1?source=rss------bug_bounty-5Lopsegbug-bounty-writeup, bug-bounty, hacking-training, bug-bounty-tips, info-sec-writeups10-Dec-2023
CORS Misconfiguration -> PII Leakhttps://medium.com/@boogsta/cors-misconfiguration-pii-leak-2765ff5b7115?source=rss------bug_bounty-5Boogstacybersecurity, cyber, hacking, bug-bounty-tips, bug-bounty10-Dec-2023
Awesome Bug Bounty Tools Exploring Subdomain Enumeration and Reconnaissance Toolshttps://cyberconqueror.medium.com/awesome-bug-bounty-tools-exploring-subdomain-enumeration-and-reconnaissance-tools-7bffb25210e6?source=rss------bug_bounty-5NEWenumeration, mentoring, bug-bounty, cybersecurity, medium09-Dec-2023
Is it safe to expose your Firebase API key?https://infosecwriteups.com/is-it-safe-to-expose-your-firebase-api-key-bf2a318c0f29?source=rss------bug_bounty-5Suprajabaskarancybersecurity, keys, firebase, bug-bounty, ethical-hacking09-Dec-2023
2FA & MFA Bypass, Bug Bounty Easy Wins ! ! Ultimate Guidehttps://medium.com/@Kalki2121/2fa-mfa-bypass-bug-bounty-easy-wins-ultimate-guide-3722de0ad26c?source=rss------bug_bounty-5ʏᴀꜱʜʜinformation-security, bug-bounty-tips, bug-bounty, infosec, cybersecurity09-Dec-2023
3 Symfony (RCE): A Peek Behind the Curtainhttps://medium.com/@bxrowski0x/3-symfony-rce-a-peek-behind-the-curtain-83da5433e149?source=rss------bug_bounty-5Omar ElSayedbug-bounty-tips, cybersecurity, bug-bounty, symfony, remote-code-execution09-Dec-2023
How I passed my CRTP Examhttps://medium.com/@damaidec/how-i-passed-my-crtp-exam-c1dadd4d9ec1?source=rss------bug_bounty-5Damaidecexam, active-directory, cybersecurity, hacking, bug-bounty09-Dec-2023
Introduction to Burpsuite Bambda Featurehttps://medium.com/@gguzelkokar.mdbf15/introduction-to-burpsuite-bambda-feature-4c6b5fbc168d?source=rss------bug_bounty-5Gökhan Güzelkokarhacking, burpsuite, bug-bounty09-Dec-2023
TryHackMe | Advent of Cyber 2023 | Day 5https://axoloth.medium.com/tryhackme-advent-of-cyber-2023-day-5-60a464ac8d07?source=rss------bug_bounty-5Axolothbug-bounty, tryhackme, hacking, cybersecurity, penetration-testing09-Dec-2023
TryHackMe | Advent of Cyber 2023 | Day 4https://axoloth.medium.com/tryhackme-advent-of-cyber-2023-day-4-efa5f90ccfc1?source=rss------bug_bounty-5Axolothtryhackme, hacking, cybersecurity, bug-bounty, penetration-testing09-Dec-2023
My first Bugs: Persistence and mentality (Not a Writeup).https://medium.com/@Nightbloodz/my-first-bugs-persistence-and-mentality-not-a-writeup-1017714abc8c?source=rss------bug_bounty-5Alvaro Baladabug-bounty-hunter, bug-bounty, bug-bounty-tips, cybersecurity09-Dec-2023
Introduction to Burpsuite Bambdas Featurehttps://medium.com/@gguzelkokar.mdbf15/introduction-to-burpsuite-bambda-feature-4c6b5fbc168d?source=rss------bug_bounty-5Gökhan Güzelkokarhacking, burpsuite, bug-bounty09-Dec-2023
My first dork on GHBDhttps://noorhomaid.medium.com/my-first-dork-on-ghbd-988c21b45869?source=rss------bug_bounty-5NoorHomaidcybersecurity, bug-bounty, google-dork, ethical-hacking, penetration-testing09-Dec-2023
HTTP Noir: The Dark Art of Smuggling Byteshttps://chayandatta.medium.com/http-noir-the-dark-art-of-smuggling-bytes-a471a0f990f5?source=rss------bug_bounty-5CHAYAN DATTAsecurity, http-request-smuggling, hacking, bug-bounty, network09-Dec-2023
Broken Link Hijackinghttps://0xtomcat.medium.com/broken-link-hijacking-e0afc5986ea6?source=rss------bug_bounty-5Tomcatbug-bounty, bug-bounty-writeup, bug-bounty-tips, bugbounty-writeup08-Dec-2023
Testing vulnerabilities beyond traditional cases — around login/signup featureshttps://infosecwriteups.com/testing-vulnerabilities-beyond-traditional-cases-around-login-signup-features-9d496bd283d4?source=rss------bug_bounty-5Suprajabaskaranethical-hacking, bug-bounty-tips, penetration-testing, pentesting, bug-bounty08-Dec-2023
#4 Install Burp’s CA Certificate in Firefox — Guide for Burp Suitehttps://securitycipher.medium.com/4-install-burps-ca-certificate-in-firefox-guide-for-burp-suite-75a555ed7225?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)technology, security, bug-bounty-tips, bug-bounty, cybersecurity08-Dec-2023
Enum is the key — Automatizado + Manual = Full shell.https://aleeeeex264.medium.com/enum-is-the-key-automatizado-manual-full-shell-4eead6c37dc4?source=rss------bug_bounty-5Alejandro Olivares 0x4lexkali-linux, bug-bounty, bug-bounty-tips, hacking, pentesting08-Dec-2023
PEARfection: From LFI to RCI: An iCSI CTF Challenge.https://medium.com/@josh.beck2006/pearfection-from-lfi-to-rci-an-icsi-ctf-challenge-4ecfb77a60c4?source=rss------bug_bounty-5Josh Beckbug-bounty, penetration-testing, ctf-writeup, cybersecurity08-Dec-2023
Unraveling The Story of Multiple Admin Panel Compromiseshttps://vedanttekale20.medium.com/unraveling-the-story-of-multiple-admin-panel-compromises-baac4444285f?source=rss------bug_bounty-5Vedant Tekaleinformation-security, recon, bug-bounty, hacking, cybersecurity08-Dec-2023
Blind XSS on Registration Systemhttps://medium.com/@aurelioyudistira/blind-xss-on-registration-system-410eb0b98109?source=rss------bug_bounty-5MxShinzupentesting, bug-bounty, cybersecurity08-Dec-2023
Bug bounty training from scratch:https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-f62cc13fbe64?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Bug bounty training from scratch for beginners:https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-for-beginners-1f17e609fbf0?source=rss------bug_bounty-5Pavan kumar.Gcybersecurity, appsec, computer-science, bug-bounty, linux07-Dec-2023
Bug bounty training from scratch(part1->lesson12):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson12-206baedf6747?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, appsec, computer-science07-Dec-2023
Bug bounty training from scratch(part1->lesson11):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson11-6f2c71aa8135?source=rss------bug_bounty-5Pavan kumar.Gcomputer-science, appsec, bug-bounty07-Dec-2023
Bug bounty training from scratch(part1->lesson10):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson10-b2af2898a6b1?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Bug bounty training from scratch(part1->lesson9):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson9-44b004fe5550?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Bug bounty training from scratch(part1-> lesson8):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson8-98680d93e4bf?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, appsec, computer-science07-Dec-2023
Bug bounty training from scratch(part1->lesson7):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson7-d04def4b4ef3?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Bug bounty training from scratch (part1->lesson6):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson6-1b4b8742a1ec?source=rss------bug_bounty-5Pavan kumar.Gcomputer-science, bug-bounty, appsec07-Dec-2023
Bug bounty training from scratch(part1->lesson5):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson5-15d8c1f2cc5e?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Bug bounty training from scratch (part1->lesson4):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson4-653699a21284?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Using reNgine with Netlas.io modulehttps://netlas.medium.com/using-rengine-with-netlas-io-module-436e764a5495?source=rss------bug_bounty-5Netlas.iopenetration-testing, reconnaissance, information-security, cybersecurity, bug-bounty07-Dec-2023
Automation for Target Surface Information Gathering — XCOODE + AI Prompting for Bug Bounty Giantshttps://medium.com/@xcoode/automation-for-target-surface-information-gathering-xcoode-ai-prompting-for-bug-bounty-giants-a545dadc87dc?source=rss------bug_bounty-5XCOODEai, hacking, hackerone, bug-bounty, openai07-Dec-2023
Markdown XSS tipshttps://medium.com/@lopseg/markdown-xss-tips-e166905b1f5e?source=rss------bug_bounty-5Rafael Silvabug-bounty-tips, info-sec-writeups, xss-attack, bug-bounty, bug-bounty-writeup07-Dec-2023
Hacking Indian Government, Finding XSS & SQL Injectionhttps://medium.com/@Kalki2121/hacking-indian-government-finding-xss-sql-injection-9f83e5e60c6f?source=rss------bug_bounty-5Yashhbugs, bug-bounty-tips, bug-bounty, hacking, sql-injection07-Dec-2023
Unveiling Critical Vulnerability: Account Hijacking — Art of play on tokenshttps://medium.com/@xcoode/unveiling-critical-vulnerability-account-hijacking-art-of-play-on-tokens-dd270140cd25?source=rss------bug_bounty-5XCOODEfintech, bug-bounty, security, hacking, cloud07-Dec-2023
Advent of Cyber 2023 -Day 6 Walkthrough.. By Manoj Mudabagil.https://medium.com/@manojmudabagil/advent-of-cyber-2023-day-6-walkthrough-by-manoj-mudabagil-cd7062261d33?source=rss------bug_bounty-5Manoj Mudabagiltryhackme, hacking, advent-of-cyber-2023, cybersecurity, bug-bounty07-Dec-2023
Exploring New Vulnerability Vectors: A Systematic Approach to Manual Google Dorkinghttps://medium.com/@mxmd/exploring-new-vulnerability-vectors-a-systematic-approach-to-manual-google-dorking-fdfc79e9825d?source=rss------bug_bounty-5Max Klosecybersecurity, bug-bounty-tips, bug-bounty, google-dorking, osint07-Dec-2023
Markdown XSS tipshttps://medium.com/@lopseg/markdown-xss-tips-e166905b1f5e?source=rss------bug_bounty-5Lopsegbug-bounty-tips, info-sec-writeups, xss-attack, bug-bounty, bug-bounty-writeup07-Dec-2023
Hunt for GitHub leaks with LOPSEG DORK HELPERhttps://medium.com/@lopseg/hunt-for-github-leaks-with-lopseg-dork-helper-c3ce96cb4177?source=rss------bug_bounty-5Lopsegbug-bounty-writeup, hacking-tools, bug-bounty, bug-bounty-tips, bug-bounty-hunter07-Dec-2023
Enhancing Bug Bounty Hunting with Lopseg OSINThttps://medium.com/@lopseg/enhancing-bug-bounty-hunting-with-lopseg-osint-4f2fd075621a?source=rss------bug_bounty-5Lopsegbug-bounty, ctf, bug-bounty-writeup, cybersecurity, bug-bounty-tips07-Dec-2023
Enhancing Bug Bounty Hunting with Lopseg OSINThttps://medium.com/@lopseg/enhancing-bug-bounty-hunting-with-lopseg-osint-4f2fd075621a?source=rss------bug_bounty-5Lopsegbug-bounty, ctf, bug-bounty-writeup, bug-bounty-tips, hacking-tools07-Dec-2023
Markdown XSS polyglothttps://medium.com/@lopseg/markdown-xss-tips-e166905b1f5e?source=rss------bug_bounty-5Lopsegbug-bounty-tips, info-sec-writeups, xss-attack, bug-bounty, bug-bounty-writeup07-Dec-2023
20 Days Of Hacking: Bug Bounty Challenge —Conclusionhttps://wallotry.medium.com/20-days-of-hacking-bug-bounty-challenge-conclusion-0ac57a737883?source=rss------bug_bounty-5Wallotrybug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-hunting06-Dec-2023
The Secret World of Malicious Strings and Hidden Threats – Are You at Risk?https://medium.com/@paritoshblogs/the-secret-world-of-malicious-strings-and-hidden-threats-are-you-at-risk-cb25535d4718?source=rss------bug_bounty-5Paritoshinformation-security, hacking, http-headers, bug-bounty, cybersecurity06-Dec-2023
Python Program to find GCD (Greatest Common Divisor) for Cryptographyhttps://rajput623929.medium.com/python-program-to-find-gcd-greatest-common-divisor-for-cryptography-816075bba2fa?source=rss------bug_bounty-5Mr.Horbiocybersecurity, hacking, crytocurrency, cryptography, bug-bounty06-Dec-2023
API Security — Web Security Academyhttps://mrshan.medium.com/api-security-web-security-academy-3578589fc3fa?source=rss------bug_bounty-5MR SHANweb-security-academy, bug-bounty06-Dec-2023
Spool Unveils Comprehensive Bug Bounty Programme to Fortify DeFi Securityhttps://medium.com/spoolfi/spool-unveils-comprehensive-bug-bounty-programme-to-fortify-defi-security-673559c463dd?source=rss------bug_bounty-5Spoolbug-bounty, security, blockchain, defi, smart-contracts06-Dec-2023
Cheat code for file upload vulnerability by kidnapshadowhttps://medium.com/@kidnapshadow/cheat-code-for-file-upload-vulnerability-by-kidnapshadow-ebb0794581f2?source=rss------bug_bounty-5Kidnapshadowkidnapshadow, owasp, vulnerability, file-upload-vulnerability, bug-bounty06-Dec-2023
API Documentation Tipshttps://medium.com/@lopseg/api-documentation-tips-e36e63f47589?source=rss------bug_bounty-5Rafael Silvabug-bounty-tips, bug-hunting, bug-bounty06-Dec-2023
From Bug Bounty Prodigy to Leadership Luminary: Aditya Shende Ascends at XCOODEhttps://medium.com/@xcoode/from-bug-bounty-prodigy-to-leadership-luminary-aditya-shende-ascends-at-xcoode-18a6aaab1471?source=rss------bug_bounty-5XCOODEcybersecurity, bug-bounty, leadership, cyber05-Dec-2023
Empowering the Next Generation: XCOODE Unveils Hacckers Bug Bounty Platform for Cyber Enthusiastshttps://medium.com/@xcoode/empowering-the-next-generation-xcoode-unveils-hacckers-bug-bounty-platform-for-cyber-enthusiasts-bc6dc31c27b9?source=rss------bug_bounty-5XCOODEcybersecurity, hacker, cyber, bug-bounty05-Dec-2023
PDF Upload Leading to Stored XSShttps://medium.com/@katmaca2014/pdf-upload-leading-to-stored-xss-f712326705ee?source=rss------bug_bounty-5Kaan Atmacacybersecurity, penetration-testing, bug-bounty, hacking, pentesting05-Dec-2023
LFI via SMTP log poisoninghttps://medium.com/@akshadjoshi/lfi-via-smtp-log-poisoning-65e02dd21068?source=rss------bug_bounty-5Akshad Joshilog-poisoning, local-file-inclusion, smtp, bug-bounty, rce05-Dec-2023
Bypassing 2FA Authentication in TeamPass Systemhttps://medium.com/@developer_1991/bypassing-2fa-authentication-in-teampass-system-f3184fe8589d?source=rss------bug_bounty-5HamidReza Faghanibug-bounty, account-takeover, security, 0day, exploitation05-Dec-2023
Admin Panel Accesshttps://medium.com/@omdubey170/admin-panel-access-5dd2fd4938a0?source=rss------bug_bounty-5Omdubeybug-bounty, bugs, bug-bounty-tips, ethical-hacking, pentesting05-Dec-2023
LFI on Microsofthttps://medium.com/@sushilgill08/lfi-on-microsoft-2d30c9283534?source=rss------bug_bounty-5Sushil Choudharyhackerone, bug-hunting, microsoft, bug-bounty, bugbounty-writeup04-Dec-2023
How I Found A Website Vulnerability In Under 10 Minuteshttps://medium.com/@abidmafahim7/how-i-found-a-website-vulnerability-in-under-10-minutes-2b2ff934545d?source=rss------bug_bounty-5Abidmafahimgit-exposed, web-vulnerabilities, bug-bounty04-Dec-2023
Elevating Security: Whatfix Transition to a Custom Vulnerability Disclosure Program (VDP)https://medium.com/whatfix-techblog/elevating-security-whatfix-transition-to-a-custom-vulnerability-disclosure-program-vdp-e6d5a7e11c9d?source=rss------bug_bounty-5Kamlesh Tukaralvulnerability-disclosure, whatfix, vdp, bug-bounty, infosec04-Dec-2023
The Hidden Dangers Lurking in Your Active Directory Certificate Services – What You Need to Know…https://medium.com/@paritoshblogs/the-hidden-dangers-lurking-in-your-active-directory-certificate-services-what-you-need-to-know-7c735c09e0fd?source=rss------bug_bounty-5Paritoshcybersecurity, active-directory, bug-bounty, information-security, adc04-Dec-2023
Bug Hunter journal day #3 and #4https://medium.com/@joaomaia171820/bug-hunter-journal-day-3-and-4-37b4c653abd9?source=rss------bug_bounty-5Jhonny_The_Kidbug-bounty-writeup, bug-bounty-program, bug-bounty, cybersecurity04-Dec-2023
Javascript Analysis to SQL injectionhttps://melguerdawi.medium.com/javascript-analysis-to-sql-injection-ca763f9c4c4e?source=rss------bug_bounty-5Mostafa Elguerdawibug-bounty, bug-bounty-tips, hackerone, sql-injection04-Dec-2023
Web Enumeration With Gobusterhttps://medium.com/@ronak.d.sharma111/web-enumeration-with-gobuster-ca4ac46da90b?source=rss------bug_bounty-5Ronak Sharmacybersecurity, hacking, bug-bounty04-Dec-2023
20 Days Of Hacking: Bug Bounty Challenge — Day 2https://wallotry.medium.com/20-days-of-hacking-bug-bounty-challenge-day-2-51b02ca865ea?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-writeup, bug-bounty-tips03-Dec-2023
How I Found My First Website Vulnerability as a Web Pentesterhttps://medium.com/@abidmafahim7/how-i-found-my-first-website-vulnerability-as-a-web-pentester-2dee809e0eea?source=rss------bug_bounty-5Abidmafahimsql-injection-attack, bug-bounty, web-vulnerabilities, xss-vulnerability03-Dec-2023
My first and simple ATO in a private programhttps://medium.com/@pabs2141/my-first-and-simple-ato-in-a-private-program-212c6b17b245?source=rss------bug_bounty-5PanSabug-bounty, bug-bounty-writeup, hacking, account-takeover03-Dec-2023
My Confusion Over Local File Inclusionhttps://medium.com/illuminations-mirror/my-confusion-over-local-file-inclusion-11f3d7c43b23?source=rss------bug_bounty-5Quintius Walkerpoetry, bug-bounty, writeup, cybersecurity, poetry-on-medium03-Dec-2023
The Shocking Secrets Behind Foolproof Vulnerability Response!https://medium.com/@paritoshblogs/the-shocking-secrets-behind-foolproof-vulnerability-response-fc6fe8b91d47?source=rss------bug_bounty-5Paritoshvulnerability, cybersecurity, bug-bounty, hacking, information-security03-Dec-2023
The ONE Vulnerability Every Website Owner Fears — Learn How YOU Can Expose It!https://medium.com/@paritoshblogs/the-one-vulnerability-every-website-owner-fears-learn-how-you-can-expose-it-71fef31b0ece?source=rss------bug_bounty-5Paritoshprogramming, bug-bounty, hacking, information-security, cybersecurity03-Dec-2023
My First Valid Bug!!!https://medium.com/@sushilgill08/my-first-valid-bug-444f26e1f8be?source=rss------bug_bounty-5Sushil Choudharycybersecurity, bug-bounty-writeup, bugbounty-tips, bug-hunting, bug-bounty03-Dec-2023
Everything I know on Reconhttps://medium.com/@joshdesharnais1/everything-i-know-on-recon-689f6a535757?source=rss------bug_bounty-5Joshua Desharnaisrecon, tools-and-resources, tools, bug-bounty, bug-bounty-tips03-Dec-2023
Streamable Finance Bug Bounty Campaign is live!https://streamablefinance.medium.com/streamable-finance-bug-bounty-campaign-is-live-2ced6e4c68d5?source=rss------bug_bounty-5Streamable Financebug-bounty, product-launch03-Dec-2023
Business Logic Vulnerability: Payment bypasshttps://vrushabhd.medium.com/business-logic-vulnerability-payment-bypass-9335bdbdbdf6?source=rss------bug_bounty-5Mr. Vrushabhpentesting, bug-bounty, vulnerability, bug-bounty-tips, hackerone03-Dec-2023
How I Created an Advanced Web Code Analyzer Using ChatGPThttps://infosecwriteups.com/how-i-created-an-advanced-web-code-analyzer-using-chatgpt-6b32a7d42f88?source=rss------bug_bounty-5Jarred Longoriacybersecurity, chatgpt, infosec, bug-bounty03-Dec-2023
Azure Log Analysis: Real-Life Incidents and Practical Tips to Safeguardhttps://medium.com/@paritoshblogs/azure-log-analysis-real-life-incidents-and-practical-tips-to-safeguard-077faf28919b?source=rss------bug_bounty-5Paritoshcybersecurity, incident-response, azure, bug-bounty, information-security03-Dec-2023
How to debug android native libraries using JEB decompiler?https://medium.com/@shubhamsonani/how-to-debug-android-native-libraries-using-jeb-decompiler-eec681a22cf3?source=rss------bug_bounty-5Shubham Sonanibug-bounty, hacking, android, cybersecurity, penetration-testing03-Dec-2023
How to bypass debugger detection in Android/iOS native libraries using IDA Pro?https://medium.com/@shubhamsonani/how-to-bypass-debugger-detection-in-android-ios-native-libraries-using-ida-pro-3e289c2127d6?source=rss------bug_bounty-5Shubham Sonanibug-bounty, cybersecurity, android, hacking, penetration-testing03-Dec-2023
How to debug Android/iOS native library using GDB debugger?https://medium.com/@shubhamsonani/how-to-debug-android-ios-native-library-using-gdb-debugger-d02c0e0341eb?source=rss------bug_bounty-5Shubham Sonanihacking, penetration-testing, cybersecurity, technology, bug-bounty03-Dec-2023
20 Days Of Hacking: Bug Bounty Challenge — Day 1https://wallotry.medium.com/20-days-of-hacking-bug-bounty-challenge-day-1-38a1735644ab?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty02-Dec-2023
Vulnerability Discovery in SRC — Concurrencyhttps://medium.com/@rynnnn617/vulnerability-discovery-in-src-concurrency-baa9ffdfa9d9?source=rss------bug_bounty-5Ry4nnnnconcurrency, bug-bounty-tips, bug-bounty02-Dec-2023
Lateral Movement Techniques Through File Share Exploitationhttps://medium.com/@paritoshblogs/lateral-movement-techniques-through-file-share-exploitation-a50d1ffdb8e7?source=rss------bug_bounty-5Paritoshlateral-movement, hacking, information-security, cybersecurity, bug-bounty02-Dec-2023
The Rising Threat of Cookie Theft and RMM Takeoverhttps://medium.com/@paritoshblogs/the-rising-threat-of-cookie-theft-and-rmm-takeover-bafe0013ffc0?source=rss------bug_bounty-5Paritoshrealtime-monitoring, cookies, cybersecurity, hacking, bug-bounty02-Dec-2023
Bug Hunter journal day(week) #1https://medium.com/@joaomaia171820/bug-hunter-journal-day-week-1-699926bf1a70?source=rss------bug_bounty-5Jhonny_The_Kidbug-bounty-writeup, bug-bounty-program, bug-bounty, pentest02-Dec-2023
Mastering Bug Bounty: A Comprehensive Guide to Earning Money Ethically and Safely in Cybersecurity.https://medium.com/@thecyberxcompany/mastering-bug-bounty-a-comprehensive-guide-to-earning-money-ethically-and-safely-in-cybersecurity-46c1b44f52fd?source=rss------bug_bounty-5The CyberX Companyethical-hacking, hacking, cybersecurity, bug-bounty, earn-money-online02-Dec-2023
Mastering Bug Bounty Hunting: A Comprehensive Guide to Launch Your Cybersecurity Career.https://medium.com/@thecyberxcompany/mastering-bug-bounty-hunting-a-comprehensive-guide-to-launch-your-cybersecurity-career-5553ddcced30?source=rss------bug_bounty-5The CyberX Companybug-bounty-tips, bugs, ethical-hacking, cybersecurity, bug-bounty02-Dec-2023
How MAC Spoofing works and How attackers do that!!https://medium.com/@hackerdom_devil/how-mac-spoofing-works-and-how-attackers-do-that-57797179430f?source=rss------bug_bounty-5Gokuleswaran Bethical-hacking, mac-spoofing, penetration-testing, bug-bounty, bug-bounty-tips02-Dec-2023
Top 25 Advanced Google Dorks for OSINT and Bug Bounty Huntinghttps://osintteam.blog/top-25-advanced-google-dorks-for-osint-and-bug-bounty-hunting-f2d9dceed068?source=rss------bug_bounty-5as-squirrelbug-bounty, osint, cybersecurity, google-dorks-list, hacking02-Dec-2023
Day 12 Bug Bounty — 60 days 60 bugs challenge (Didn’t found anything, but could be something…https://medium.com/@avbhijitdutta99/day-12-bug-bounty-60-days-60-bugs-challenge-didnt-found-anything-but-could-be-something-ba0324d96ce7?source=rss------bug_bounty-5Abhijit Duttabug-bounty, bug-bounty-hunter, bugbountychallenge, bug-bounty-writeup01-Dec-2023
Writing High-Quality Bug Reports: Best Practices for Effective Bug Bounty Huntinghttps://medium.com/@prathameshbagul/writing-high-quality-bug-reports-best-practices-for-effective-bug-bounty-hunting-74542dff9793?source=rss------bug_bounty-5Prathcybersecurity, pentesting, report, bug-bounty-tips, bug-bounty01-Dec-2023
What is this httpx thing? Using it in your adventure with Bugbounty?https://systemweakness.com/what-is-this-httpx-thing-using-it-in-your-adventure-with-bugbounty-f91f1ef31d49?source=rss------bug_bounty-5Vicky Aryanrecon, bug-bounty, cybersecurity, hacking, httpx01-Dec-2023
Verification Bypass via “Mass Assignment”https://larebsec.medium.com/verification-bypass-via-mass-assignment-25707e210a42?source=rss------bug_bounty-5Larebbug-bounty, cybersecurity, bugbounty-writeup, hacking, vulnerability01-Dec-2023
How attackers use ARP Spoofing / Poisoning to takeover a complete Network!!https://medium.com/@hackerdom_devil/how-attackers-use-arp-spoofing-poisoning-to-takeover-a-complete-network-8477cea362c4?source=rss------bug_bounty-5Gokuleswaran Bpenetration-testing, bug-bounty, ethical-hacking, network-security, arp-spoofing01-Dec-2023
Building Kubernetes Detections: Strengthening Security with Real-world Exampleshttps://medium.com/@paritoshblogs/building-kubernetes-detections-strengthening-security-with-real-world-examples-8268cddd852f?source=rss------bug_bounty-5Paritoshbug-bounty, cybersecurity, programming, information-security, hacking01-Dec-2023
Part 03 | What To Do After Choosing a Target? | Post Recon |Bug Bountyhttps://infosecwriteups.com/part-03-what-to-do-after-choosing-a-target-post-recon-bug-bounty-1a7f431b4d79?source=rss------bug_bounty-5Om Arorabug-bounty, hacking, bug-bounty-tips, methodology, infosec01-Dec-2023
Navigating the Bug Bounty Arena: Earn $605,000 Reward, Learn Morehttps://medium.com/coded-tech-talk/navigating-the-bug-bounty-arena-earn-605-000-reward-learn-more-e754e077a81c?source=rss------bug_bounty-5Coded Conversationsbug-bounty-tips, cybersecurity, security, hacking, bug-bounty01-Dec-2023
Project 2510: Bug Bounty Challenge — The End?https://wallotry.medium.com/project-2510-bug-bounty-challenge-the-end-afb67ea2abd1?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunting, bug-bounty30-Nov-2023
Exploring the Logic of XSS Attacks and Bypassing Techniques through Browser Decodinghttps://medium.com/@test_90648/considering-xss-attacks-and-bypass-logic-from-the-perspective-of-browser-decoding-logic-can-provide-b4579d3c458b?source=rss------bug_bounty-5JessicaSecurityxs, bug-bounty, web, security, browsers30-Nov-2023
What is SQL injectionhttps://medium.com/@savanghori1203/what-is-sql-injection-a3907c6967a5?source=rss------bug_bounty-5Savanghorivulnerability, bug-bounty-tips, bug-bounty, sql-injection, sql30-Nov-2023
Cross-Site Scripting (XSS)https://medium.com/@savanghori1203/cross-site-scripting-xss-b6139b38fa2b?source=rss------bug_bounty-5Savanghoribug-bounty, xss-vulnerability, bug-bounty-tips, bugs, xss-attack30-Nov-2023
The Shocking Truth Behind Indicators of Compromise (IOCs) — You Won’t Believe What We Found!https://medium.com/@paritoshblogs/the-shocking-truth-behind-indicators-of-compromise-iocs-you-wont-believe-what-we-found-5255d54b98d9?source=rss------bug_bounty-5Paritoshbug-bounty, malware-analysis, cybersecurity, ioc, information-security30-Nov-2023
Subdomain Enumeration Techniqueshttps://medium.com/@savanghori1203/subdomain-enumeration-00f487d6b829?source=rss------bug_bounty-5Savanghoribug-bounty-tips, bug-bounty, recon, subdomains-enumeration, subdomain30-Nov-2023
Day 11 Bug Bounty — 60 days 60 bugs challengehttps://medium.com/@avbhijitdutta99/day-11-bug-bounty-60-days-60-bugs-challenge-530119a74c90?source=rss------bug_bounty-5Abhijit Duttabugbountychallenge, bug-bounty-tips, bug-bounty, bug-bounty-writeup30-Nov-2023
Network Managed Detection and Response (NMDR): Strengthening Cybersecurity Defenseshttps://medium.com/@paritoshblogs/network-managed-detection-and-response-nmdr-strengthening-cybersecurity-defenses-a8a5e989b310?source=rss------bug_bounty-5Paritoshinformation-security, managed-detection, bug-bounty, nmdr, cybersecurity30-Nov-2023
Server-Side Request Forgery (SSRF)https://medium.com/@savanghori1203/server-side-request-forgery-ssrf-1e9755b38c59?source=rss------bug_bounty-5SavanGhorissrf, vulnerability, bug-bounty, ssrf-bug, bug-bounty-tips30-Nov-2023
Ödeme sayfasında Business Logichttps://medium.com/@el-cezeri/%C3%B6deme-sayfas%C4%B1nda-business-logic-cba493d9f6b8?source=rss------bug_bounty-5Samet Yiğitbugbounty-writeup, ödülavcılığı, bug-bounty30-Nov-2023
Remote Code Execution (RCE)https://medium.com/@savanghori1203/remote-code-execution-rce-9f078b98316a?source=rss------bug_bounty-5SavanGhoribugs, bug-bounty-tips, bug-bounty, rce, vulnerability30-Nov-2023
Insecure Direct Object Reference(IDOR)https://medium.com/@savanghori1203/idor-insecure-direct-object-reference-88576225e265?source=rss------bug_bounty-5SavanGhorivulnerability, idor, bugs, bug-bounty, bug-bounty-tips30-Nov-2023
Simple Recon Di Android Menggunakan Tools TheTimeMachine dan Dirsearchhttps://alpinnnnnn13.medium.com/simple-recon-di-android-menggunakan-tools-thetimemachine-dan-dirsearch-3384aad17c15?source=rss------bug_bounty-5Mohammad Alfin Hidayatullahbug-bounty, bug-bounty-tips, recon, scanning30-Nov-2023
Race Condition - A cURL Chaoshttps://shahjerry33.medium.com/race-condition-a-curl-chaos-820cb289cbf1?source=rss------bug_bounty-5Jerry Shah (Jerry)cybersecurity, infosec, bug-bounty, vulnerability, pentesting30-Nov-2023
Easy Bug Hunting: HTML Injection Explained Step by Step”https://medium.com/@faizankhaliq26/easy-bug-hunting-html-injection-explained-step-by-step-011901f183d9?source=rss------bug_bounty-5MUHAMMAD FAIZAN KHANbwapp, bug-bounty, web-application-security, penetration-testing, html-injection30-Nov-2023
Top Free Resources for Ethical Hacking and Bug Bounty Beginners & Expertshttps://infosecwriteups.com/top-free-resources-for-ethical-hacking-and-bug-bounty-beginners-experts-9556ef045db4?source=rss------bug_bounty-5Jarred Longoriacybersecurity, ethical-hacking, bug-bounty, free-resources30-Nov-2023
1.11 Lab: Blind SQL injection with time delays and information retrieval | 2023https://cyberw1ng.medium.com/1-11-lab-blind-sql-injection-with-time-delays-and-information-retrieval-2023-e8123405e87d?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, penetration-testing, hacking, bug-bounty30-Nov-2023
Easy Bug Hunting: HTML Injection Explained Step by Stephttps://medium.com/@faizankhaliq26/easy-bug-hunting-html-injection-explained-step-by-step-011901f183d9?source=rss------bug_bounty-5MUHAMMAD FAIZAN KHANbwapp, bug-bounty, web-application-security, penetration-testing, html-injection30-Nov-2023
Rise of Broken Access Controlhttps://medium.com/@rafinrahmanchy/rise-of-broken-access-control-51356916235f?source=rss------bug_bounty-5Rafin Rahman Chybug-bounty, appsec, application-security, infosec, web-security30-Nov-2023
Easy Bug Hunting: HTML Injection Explained Step by Stephttps://medium.com/@faizankhaliq26/easy-bug-hunting-html-injection-explained-step-by-step-011901f183d9?source=rss------bug_bounty-5bwapp, bug-bounty, web-application-security, penetration-testing, html-injection30-Nov-2023
Day 10 Bug Bounty — 60 days 60bugs challenge — New Start!https://medium.com/@avbhijitdutta99/day-10-bug-bounty-60-days-60bugs-challenge-new-start-832988aeb569?source=rss------bug_bounty-5Abhijit Duttabug-bounty, bug-bounty-tips, bugbountychallenge, bug-bounty-writeup29-Nov-2023
Windows Login Bypasshttps://infosecwriteups.com/windows-login-bypass-eab148bc9dd5?source=rss------bug_bounty-5c0d3x27software-development, bug-bounty, cybersecurity, windows, hacking29-Nov-2023
Cybersecurity Risk of Opening Up to the Internethttps://medium.com/@paritoshblogs/cybersecurity-risk-of-opening-up-to-the-internet-c624c9a018ba?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, programming, hacking, internet-of-things29-Nov-2023
OSINT: How to find information on anyonehttps://medium.com/@sakthi172000/osint-how-to-find-information-on-anyone-14514216cec1?source=rss------bug_bounty-5SAKTHIVEL Pbug-bounty, infosec, cybersecurity, osint, osint-tool29-Nov-2023
Mastering API Penetration Testing: A Comprehensive Guide for Security Pentestershttps://infosecwriteups.com/mastering-api-penetration-testing-a-comprehensive-guide-for-security-pentesters-bf62f65b5b21?source=rss------bug_bounty-5Suprajabaskaranethical-hacking, bug-bounty, pentesting, cybersecurity, api29-Nov-2023
Useful tools for bug hunterhttps://medium.com/@cyberhansu/useful-tools-for-bug-hunter-f493866fa1bc?source=rss------bug_bounty-5cyberhansuhunter-s-thompson, bug-hunting, bug-bounty, hacker, bug-hunter29-Nov-2023
How to make money legally as a Hackerhttps://medium.com/@cyberhansu/how-to-make-money-legally-as-a-hacker-c27037b143a9?source=rss------bug_bounty-5cyberhansubug-bounty, make-money, web-application-security, mobileapplicationsecurity29-Nov-2023
PII Disclosure Worth $750https://vijetareigns.medium.com/pii-disclosure-worth-750-758b72e7e8ca?source=rss------bug_bounty-5the_unlucky_guybug-bounty-tips, bugbounty-writeup, bug-bounty, bug-bounty-writeup, cybersecurity29-Nov-2023
R.xyz: Web3 Bug Bounty Platformhttps://medium.com/coinmonks/r-xyz-web3-bug-bounty-platform-95d48c911989?source=rss------bug_bounty-5Officer's Notessmart-contract-security, bug-bounty-tips, bug-bounty, hacking, web329-Nov-2023
CRLF to XSShttps://medium.com/@a7med.ctf/crlf-to-xss-8059ceefd349?source=rss------bug_bounty-5Ahmed Mahmouedsnapchat, bug-bounty-tips, hacker, bug-bounty29-Nov-2023
Aztec Multiple-Spend Error Bugfix Reviewhttps://medium.com/immunefi/aztec-multiple-spend-error-bugfix-review-20074581d224?source=rss------bug_bounty-5Immunefi Editorcryptocurrency, security, bug-bounty, web3, multiple-spend-error29-Nov-2023
1.10 Lab: Blind SQL injection with time delays | 2023https://cyberw1ng.medium.com/1-10-lab-blind-sql-injection-with-time-delays-2023-a95a3b8557ec?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, hacking, cybersecurity, careers29-Nov-2023
IWCON 2023 CTF Registrations Now Openhttps://infosecwriteups.com/iwcon-2023-ctf-registrations-now-open-46c2611714f0?source=rss------bug_bounty-5InfoSec Write-upsctf, conference, infosec, hacking, bug-bounty29-Nov-2023
Top 25 Advanced Google Dorks for Uncovering Sensitive Documentshttps://osintteam.blog/top-25-advanced-google-dorks-for-uncovering-sensitive-documents-a9705e05353d?source=rss------bug_bounty-5as-squirrelosint, cybersecurity, hacking, google-dork, bug-bounty29-Nov-2023
Fat GET Authorization Bypasshttps://medium.com/techiepedia/fat-get-authorization-bypass-521a1ca37b6e?source=rss------bug_bounty-5Jessprogramming, hackerone, security, bug-bounty, bug-bounty-tips29-Nov-2023
HackTheBox — Web Attacks: Error Based XXE to exfiltrate datahttps://medium.com/@harry.hphu/hackthebox-web-attacks-error-based-xxe-to-exfiltrate-data-3f577eef18c7?source=rss------bug_bounty-5Huy Phuowasp-top-10, web-security, hackthebox, xxe-attack, bug-bounty28-Nov-2023
HackTheBox — Web Attacks: XXE with Blind Exfiltration Datahttps://medium.com/@harry.hphu/hackthebox-web-attacks-xxe-with-blind-exfiltration-data-123d4be1245e?source=rss------bug_bounty-5Huy Phubug-bounty, owasp-top-10, web-security, xxe-attack, hackthebox28-Nov-2023
Catching C2s with Regex Signatures, TLS Certificates, and OSINThttps://medium.com/@paritoshblogs/catching-c2s-with-regex-signatures-tls-certificates-and-osint-8871d9a46602?source=rss------bug_bounty-5Paritoshbug-bounty, information-security, cybersecurity, command-and-control, hacking28-Nov-2023
Apple security research.https://medium.com/@abhay2432455/apple-security-research-8780372757be?source=rss------bug_bounty-5Abhay Kailasiagoogle, apple, cybersecurity, bug-bounty, bug-bounty-writeup28-Nov-2023
XSS - Weaponization ATOhttps://p4n7h3rx.medium.com/xss-weaponization-ato-1de0ee30526b?source=rss------bug_bounty-5p4n7h3rxpenetration-testing, cybersecurity, infosec, bug-bounty-tips, bug-bounty28-Nov-2023
1.9 Lab: Visible error-based SQL injection | 2023https://cyberw1ng.medium.com/1-9-lab-visible-error-based-sql-injection-2023-771157e90ad8?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, bug-bounty, careers, penetration-testing28-Nov-2023
VulnLab — SQLi Injection series — Bypass Loginhttps://medium.com/@deandradarra05/vulnlab-sqli-injection-series-bypass-login-0d6af43a395d?source=rss------bug_bounty-5Deandradarrapenetration-testing, cybersecurity, bug-bounty, sqli28-Nov-2023
The Bug Hunter’s Methodology Live Course Reviewhttps://medium.com/@cybersekler/the-bug-hunters-methodology-live-course-review-4261a7a9121e?source=rss------bug_bounty-5Cyber Seklerhacking, red-team, reconnaissance, bug-bounty, application-security28-Nov-2023
Hall of Fame at NASAhttps://medium.com/@bijoy.redteamacademy/hall-of-fame-at-nasa-91539af7826c?source=rss------bug_bounty-5BIJOY Bgoogle-ads, hacker-news, google, nasa, bug-bounty28-Nov-2023
Understanding and Mitigating Insecure Direct Object References (IDOR) Vulnerabilitieshttps://medium.com/@harry.hphu/understanding-and-mitigating-insecure-direct-object-references-idor-vulnerabilities-b27047015e15?source=rss------bug_bounty-5Huy Phuidor-vulnerability, bug-bounty, web-security, owasp-top-10, hackthebox27-Nov-2023
Burpsuite Custom Scan Profileshttps://mrrootsec.medium.com/burpsuite-custom-scan-profiles-12a9df9e36bd?source=rss------bug_bounty-5mrrootsecowasp-top-10, bug-bounty, application-security-test27-Nov-2023
Understanding XML External Entity (XXE) Vulnerabilitieshttps://medium.com/@harry.hphu/understanding-xml-external-entity-xxe-vulnerabilities-e8b64c2c2b3c?source=rss------bug_bounty-5Huy Phubug-bounty, owasp-top-10, xml-injection, hackthebox, web-security27-Nov-2023
Confounding Adversaries Through the Art of Illusionhttps://medium.com/@paritoshblogs/confounding-adversaries-through-the-art-of-illusion-5cc56090d93a?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, information-security, cybersecurity, hacking27-Nov-2023
Unveiling Critical Bug Using Directory Search — Bug Bounty Tip!https://medium.com/@learningstuff110/unveiling-critical-bug-using-directory-search-bug-bounty-tip-330d4d9900ee?source=rss------bug_bounty-5Fahad Hasanweb-app-development, vulnerability, bug-bounty, cybersecurity, penetration-testing27-Nov-2023
Confounding Adversaries Through the Art of Illusionhttps://osintteam.blog/confounding-adversaries-through-the-art-of-illusion-5cc56090d93a?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, information-security, cybersecurity, hacking27-Nov-2023
Ruby One — Bug Bounty Program & Claim Your $RUBYhttps://rubyprotocol.medium.com/ruby-one-bug-bounty-program-claim-your-ruby-848c81c4b164?source=rss------bug_bounty-5Ruby Protocolblockchain, cryptocurrency, bug-bounty, crypto, ethereum27-Nov-2023
HTTP/2 Request Smugglinghttps://medium.com/@kerstanhgnhzhw/http-2-request-smuggling-eb56cfd84a37?source=rss------bug_bounty-5kerstanweb-security, bug-bounty, security, request-smuggling, pentesting27-Nov-2023
Kaynak kodu ile XSS’i nasıl buldum ?https://medium.com/@el-cezeri/kaynak-kodu-ile-xssi-nas%C4%B1l-buldum-9cf2632f4717?source=rss------bug_bounty-5Samet Yiğitxss-attack, bug-bounty-tips, ödülavcılığı, bug-bounty27-Nov-2023
Website Scanner…https://medium.com/@psychomong/website-scanner-4856d77bc600?source=rss------bug_bounty-5psychomonghacking, gui, scanner, bug-bounty, web27-Nov-2023
@pdiscoveryio’s Katana for Bug Bounty.https://medium.com/@BrownBearSec/pdiscoveryios-katana-for-bug-bounty-1aee11cfae14?source=rss------bug_bounty-5BrownBearSecbug-bounty, cybersecurity, bug-bounty-tips, red-team, infosec27-Nov-2023
1.8 Lab: Blind SQL injection with conditional errors | 2023https://cyberw1ng.medium.com/1-8-lab-blind-sql-injection-with-conditional-errors-2023-da84a7836bcd?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, cybersecurity, bug-bounty27-Nov-2023
My bug bounty journey: #1 Linuxhttps://medium.com/@VDMoscar/my-bug-bounty-journey-1-linux-176d3b4f4065?source=rss------bug_bounty-5Oscar Vandermeulenbug-bounty, hacking27-Nov-2023
Code4rena Audithttps://medium.com/@panoptic_xyz/code4rena-audit-96902468eece?source=rss------bug_bounty-5Panopticpanoptic, audit, bug-bounty, perpetual-options27-Nov-2023
“Navigating Risks: Vulnerability Stemming from a Third-Party Integration”https://shubhdeepp.medium.com/navigating-risks-vulnerability-stemming-from-a-third-party-integration-c877d15977d8?source=rss------bug_bounty-5shubhdeepvulnerability-assessment, vulnerability, cybersecurity, bug-bounty, supply-chain-management27-Nov-2023
HackTheBox — Web Attacks: From XXE Injection to Advanced Local File Disclosurehttps://medium.com/@harry.hphu/hackthebox-web-attacks-from-xxe-injection-to-advanced-local-file-disclosure-64d1bf5acdca?source=rss------bug_bounty-5Huy Phuweb-security, owasp-top-10, bug-bounty, xxe-attack, hackthebox27-Nov-2023
HackTheBox — Web Attacks: Mass IDOR enumerationhttps://medium.com/@harry.hphu/hackthebox-web-attacks-mass-idor-enumeration-dc12da1f6333?source=rss------bug_bounty-5Huy Phuhackthebox, owasp-top-10, bug-bounty, web-attack, mass-idor-enumeration26-Nov-2023
Bug Zero at a Glance [01–18 November]https://blog.bugzero.io/bug-zero-at-a-glance-01-18-november-1cfce20b881c?source=rss------bug_bounty-5Januka Dharmapriyabug-zero, cybersecurity, bug-bounty, sri-lanka, newsletter26-Nov-2023
HackTheBox — Web Attacks — IDOR: Bypassing Encoded Referenceshttps://medium.com/@harry.hphu/hackthebox-web-attacks-idor-bypassing-encoded-references-4e28008120fc?source=rss------bug_bounty-5Huy Phuidor-vulnerability, web-security, bug-bounty, hackthebox-writeup, owasp-top-1026-Nov-2023
Waybackurls leads to pwned Admin Panelhttps://medium.com/@cybersolution2172/waybackurls-leads-to-pwned-admin-panel-ac3f728b87ac?source=rss------bug_bounty-5Satyam Singhinfosec, bug-bounty, bug-bounty-tips, hacking, vulnerability26-Nov-2023
A Thrilling Expedition into AWS Securityhttps://medium.com/@paritoshblogs/a-thrilling-expedition-into-aws-security-bbce85cd1eed?source=rss------bug_bounty-5Paritoshaws-security, aws, bug-bounty, information-security, cybersecurity26-Nov-2023
Story of Http password reset link for $$$https://devanshchauhan4565.medium.com/story-of-http-password-reset-link-for-15b583519e03?source=rss------bug_bounty-5Devansh chauhanwriting-tips, bug-bounty, bug-bounty-tips26-Nov-2023
HackTheBox — Web Attacks: IDOR in Insecure APIs Write uphttps://medium.com/@harry.hphu/hackthebox-web-attacks-idor-in-insecure-apis