Security Cipher

Additional Resources

Compilation of Resources Featuring Daily Bug Bounty Writeups

Telegram

Daily Get Bug Bounty Writeups and more on our Telegram Channel

X (Twitter)

Daily Get Bug Bounty Writeups and more on our Twitter Handle

Discord

Daily Get Bug Bounty Writeups and more on our Discord Server

Android App

Daily Get Bug Bounty Writueps and more  on our Android Application

xss
sql injection
xxe
bug-bounty
recon
wordpress
ai
red-team
ctf
graphql
Lab
TitleLinkAuthorTagsPublication date
Same Username, Different Letters? Account Creation with Lookalike Usernameshttps://strangerwhite.medium.com/same-username-different-letters-account-creation-with-lookalike-usernames-e370b2a7d5e3?source=rss------bug_bounty-5StrangeRwhitebug-bounty-tips, bug-bounty, bug-bounty-writeup, hacking, writeup18-May-2025
Meta BBP — Stored XSS at Meta Careershttps://almuntadhar.medium.com/meta-bbp-stored-xss-at-meta-careers-c0bf074bddfa?source=rss------bug_bounty-5Muntadhar M. Ahmedcybersecurity, security, bug-bounty, meta-bug-bounty, web-vulnerabilities18-May-2025
The Most Dangerous Bug I’ve Ever Found (And No One Was Looking)https://infosecwriteups.com/the-most-dangerous-bug-ive-ever-found-and-no-one-was-looking-2e96e5079a01?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, infosec, cybersecurity, hacking, ai18-May-2025
How I Found a P1 Vulnerability That Allowed Full Account Takeoverhttps://medium.com/@hacker_space11/how-i-found-a-p1-vulnerability-that-allowed-full-account-takeover-e959fce8d882?source=rss------bug_bounty-5hacker_space11bug-bounty, bug-bounty-tips18-May-2025
️‍♂️Recon For New Bug bounty Hunters — Short Storyhttps://medium.com/@sudarshan.defcon/%EF%B8%8F-%EF%B8%8Frecon-for-new-bug-bounty-hunters-short-story-4f862a333e6d?source=rss------bug_bounty-5Sudarshan Patelreconnaissance, bug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty18-May-2025
Quantifying Cyber Risk: Moving Beyond Heat Maps to Dollar Valueshttps://medium.com/@paritoshblogs/quantifying-cyber-risk-moving-beyond-heat-maps-to-dollar-values-b4ec44d92b1c?source=rss------bug_bounty-5Paritoshbug-bounty, hacking, cybersecurity, information-security, information-technology18-May-2025
Redirect Roulette: How Poor OAuth Redirect Handling Gave Me Account Takeoverhttps://infosecwriteups.com/redirect-roulette-how-poor-oauth-redirect-handling-gave-me-account-takeover-8c21ca809e3a?source=rss------bug_bounty-5Iskiinfosec, bug-bounty, hacking, money, cybersecurity18-May-2025
$200 Bounty: Sensitive information disclosurehttps://medium.com/meetcyber/200-bounty-sensitive-information-disclosure-791799adb57b?source=rss------bug_bounty-5Monika sharmabug-bounty, technology, hacking, cybersecurity, report18-May-2025
I Found more then 10+ bug in single program: A Warning to Fellow Bug Huntershttps://medium.com/@ravindrajatav0709/i-found-more-then-10-bug-in-single-program-a-warning-to-fellow-bug-hunters-7bc95b8ea860?source=rss------bug_bounty-5Ravindrajatavbug-zero, cybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup18-May-2025
How I Discovered Sensitive Data & Directory Exposure on an Indian Government Medical Institute…https://medium.com/@adithyadhi007/how-i-discovered-sensitive-data-directory-exposure-on-an-indian-government-medical-institute-0d2fbbc5042e?source=rss------bug_bounty-5Adithya Rajbug-bounty, cybersecurity, bugbounty-writeup18-May-2025
OWASP Pentest Series (2/12)https://medium.com/@thezeeshankhan/owasp-pentest-series-2-12-cbbcb32f23ab?source=rss------bug_bounty-5TheZeeshanKhanbug-bounty, penetration-testing, security18-May-2025
DOM XSS Exploitation via postMessage in an iframehttps://osintteam.blog/dom-xss-exploitation-via-postmessage-in-an-iframe-d50df8feac5b?source=rss------bug_bounty-5Bash Overflowdom-xss-exploitation, postmessage-dom-xss, bug-bounty-tips, iframe-xss, bug-bounty18-May-2025
0 to First Bug: What I’d Do Differently If I Started Bug Bounty Todayhttps://infosecwriteups.com/0-to-first-bug-what-id-do-differently-if-i-started-bug-bounty-today-126494ba7e52?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, ai, cybersecurity, infosec, hacking17-May-2025
The Role of AI in Next-Gen Vulnerability Managementhttps://medium.com/@paritoshblogs/the-role-of-ai-in-next-gen-vulnerability-management-f2988ace3de5?source=rss------bug_bounty-5Paritoshbug-bounty, vulnerability, hacking, cybersecurity, vulnerability-management17-May-2025
Hacking My Car, and probably yours— Security Flaws in Volkswagen’s Apphttps://loopsec.medium.com/hacking-my-car-and-probably-yours-security-flaws-in-volkswagens-app-24b34c47ba89?source=rss------bug_bounty-5LoopSecvulnerability, ios, cybersecurity, bug-bounty, ethical-hacking17-May-2025
Reverse Engineering for Beginnerhttps://medium.com/@anandrishav2228/reverse-engineering-for-beginner-0bf9b20542f7?source=rss------bug_bounty-5Rishav anandbug-bounty, hacking, reverse-engineering, beginner, cybersecurity17-May-2025
This One Tool Changed My Hacking Workflow: Meet Proxifyhttps://chintalatarakaram.medium.com/the-secret-weapon-of-ethical-hackers-mastering-proxify-e42d2f3ba0ca?source=rss------bug_bounty-5Chintala Taraka Rambug-bounty, writing, tools, https-proxy, hacking17-May-2025
From IDOR to Admin Door: The Bug That Opened Everythinghttps://medium.com/@dineshnarasimhan27/from-idor-to-admin-door-the-bug-that-opened-everything-9479b4185c05?source=rss------bug_bounty-5Dinesh Narasimhanbug-bounty-tips, cybersecurity, bugbounty-writeup, bug-bounty, hacking17-May-2025
TryHackMe Light: Full Walkthrough & SQL Injection Exploithttps://medium.com/@aawart2005/tryhackme-light-full-walkthrough-sql-injection-exploit-1e25db316905?source=rss------bug_bounty-5Aawarttryhackme, thm, sqlite, thm-writeup, bug-bounty17-May-2025
VAPT vs Bug Bounty: The Security Showdown Your Organization Needs to Know Abouthttps://rootissh.in/vapt-vs-bug-bounty-the-security-showdown-your-organization-needs-to-know-about-fb555be0083f?source=rss------bug_bounty-5Atharva Deshmukhcybersecurity, bug-bounty, pentesting, cybercrime, security17-May-2025
My First Bug Bounty: How I Earned $1,000https://medium.com/@kailasv678/my-first-bug-bounty-how-i-earned-1-000-4ae2bf36039d?source=rss------bug_bounty-5Kailasvbug-bounty-writeup, cybersecurity, hacking, hackerone, bug-bounty17-May-2025
PDTM(Project Discovery Tool Manager)https://medium.com/@aysbnd00/pdtm-project-discovery-tool-manager-770802ad0ce2?source=rss------bug_bounty-5icybndpenetration-testing, enumeration, bug-bounty, vulnerability-scanning17-May-2025
How I Found the Most Weird Bug in the Bug Bounty Field — Is It Really Worth It…https://medium.com/@mahdisalhi0500/how-i-found-the-most-weird-bug-in-the-bug-bounty-field-is-it-really-worth-it-d4b60c0352a8?source=rss------bug_bounty-5CaptinSHArky(Mahdi)cybersecurity, penetration-testing, information-security, bug-bounty, hacking17-May-2025
Wide Reconhttps://medium.com/@rthunt3r/wide-recon-15ead790196f?source=rss------bug_bounty-5R T Hunterhacker, red-teaming, bug-bounty, cybersecurity, bug-bounty-tips17-May-2025
$10,500 Bounty: A Grammarly Account Takeover Vectorhttps://infosecwriteups.com/10-500-bounty-a-grammarly-account-takeover-vector-974ef90fb00a?source=rss------bug_bounty-5Monika sharmabug-bounty-tips, cybersecurity, technology, report, bug-bounty17-May-2025
$500 Bounty: A Referer Leak in Brave’s Private Tor Windowhttps://infosecwriteups.com/500-bounty-a-referer-leak-in-braves-private-tor-window-ee0c846203b5?source=rss------bug_bounty-5Monika sharmatechnology, bug-bounty, cybersecurity, hacking, penetration-testing17-May-2025
Mastering Microservices: The Ultimate Guidehttps://medium.com/@zoningxtr/mastering-microservices-the-ultimate-guide-2537811bb9d3?source=rss------bug_bounty-5Zoningxtrmicroservices, web-development, penetration-testing, cybersecurity, bug-bounty17-May-2025
How I Found Stored HTML Injection in the Invite User Feature and Earned $300https://cybersecuritywriteups.com/how-i-found-stored-html-injection-in-the-invite-user-feature-and-earned-300-3f0d106a7960?source=rss------bug_bounty-5Whitehatcybersecurity, hacking, bug-bounty-tips, bug-bounty, bugbounty-writeup17-May-2025
How I Took Admin Account via JWT Bypasshttps://medium.com/@dharaniswaran.cs22/how-i-took-admin-account-via-jwt-bypass-5bed37a8e7ac?source=rss------bug_bounty-5Dharanisvapt, json, vulnerability, bug-bounty, jwt-token17-May-2025
Token of Misfortune: How a Refresh Token Leak Let Me Regenerate Unlimited Sessionshttps://infosecwriteups.com/token-of-misfortune-how-a-refresh-token-leak-let-me-regenerate-unlimited-sessions-bb6693751c85?source=rss------bug_bounty-5Iskimoney, cybersecurity, bug-bounty, hacking, infosec17-May-2025
How I Discovered Critical Secrets in Docker Images by Scanning Every Tag and Architecturehttps://medium.com/@Ghaazy/how-i-discovered-critical-secrets-in-docker-images-by-scanning-every-tag-and-architecture-3edbc10db0c1?source=rss------bug_bounty-5Ahmed Ghazycybersecurity, infosec, bug-bounty17-May-2025
Easy Bug That Falls Between P5 and P3: Find Broken Access Control & IDOR Using AutoReisze in Burp…https://medium.com/@ahmedashrafshora/easy-bug-that-falls-between-p5-and-p3-find-broken-access-control-idor-using-autoreisze-in-burp-6f427852a788?source=rss------bug_bounty-5Ahmed Ashraf Shoraweb-penetration-testing, bug-bounty, cybersecurity, autorize, hacking17-May-2025
Sharpening Command Injections to get Full RCEhttps://infosecwriteups.com/sharpening-command-injections-to-get-full-rce-e4cf257d2c66?source=rss------bug_bounty-5Mostafa Alrefaihacking, rce, cybersecurity, pentesting, bug-bounty17-May-2025
Bug Bounty desde Cero: De la Curiosidad al Primer Hallazgohttps://medium.com/@bertolanicami/bug-bounty-desde-cero-de-la-curiosidad-al-primer-hallazgo-6642e3944764?source=rss------bug_bounty-5Cami Bertolanibug-bounty, hacking, bug-bounty-tips, cybersecurity, vulnerability17-May-2025
From 0 to $$$: Finding Rate Limit Bypasses Like a Prohttps://infosecwriteups.com/from-0-to-finding-rate-limit-bypasses-like-a-pro-6baf92b6acad?source=rss------bug_bounty-5BugBounty Universitybug-bounty-tips, infosec, penetration-testing, cybersecurity, bug-bounty16-May-2025
Part-2️‍♂️Bug Bounty Secrets They Don’t Tell You: Tricks From 100+ Reported Bugshttps://infosecwriteups.com/part-2-%EF%B8%8F-%EF%B8%8Fbug-bounty-secrets-they-dont-tell-you-tricks-from-100-reported-bugs-46429520beb3?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, cybersecurity, hacking, secrets, bug-bounty16-May-2025
Bug Bounty Burnout: When Serious Bugs Get Dismissedhttps://medium.com/@vivekps143/bug-bounty-burnout-when-serious-bugs-get-dismissed-f22cf0f0f293?source=rss------bug_bounty-5Vivek PShacking, web-development, bug-bounty, programming, burnout16-May-2025
Port- 139,445 SMB Exploitation (Series:1/ [article:2])https://infosecwriteups.com/port-139-445-smb-exploitation-series-1-article-2-6769570eb0ef?source=rss------bug_bounty-5Mr Horbioethical-hacking, hacking, bug-bounty, penetration-testing, cybersecurity16-May-2025
$750 Bounty: From X-Forwarded-Host to Stored DOM XSShttps://osintteam.blog/750-bounty-from-x-forwarded-host-to-stored-dom-xss-de0785adfe05?source=rss------bug_bounty-5Monika sharmapenetration-testing, bug-bounty, hacking, cybersecurity, technology16-May-2025
️‍♂️ From Recon to Report: How I Approach Every Bug Bounty Targethttps://osintteam.blog/%EF%B8%8F-%EF%B8%8F-from-recon-to-report-how-i-approach-every-bug-bounty-target-2663163148d5?source=rss------bug_bounty-5Vipul Sonuleosint, bug-bounty, cybersecurity, hacking, tech16-May-2025
How to escalate a SQL injection if there is a strict WAF?https://medium.com/@bug_vs_me/how-to-escalate-a-sql-injection-if-there-is-a-strict-waf-2a7798bb769e?source=rss------bug_bounty-5Deepakbug-bounty, waf-bypass, hacking, sql-injection, sql16-May-2025
$500 Bounty: Race Condition in Hacker101 CTF Group Joinhttps://infosecwriteups.com/500-bounty-race-condition-in-hacker101-ctf-group-join-d7e84651bc5f?source=rss------bug_bounty-5Monika sharmareport, technology, bug-bounty, penetration-testing, hacking16-May-2025
How a Simple Logic Flaw Led to a $3,250 Bountyhttps://infosecwriteups.com/how-a-simple-logic-flaw-led-to-a-3-250-bounty-476d747bf57a?source=rss------bug_bounty-5Monika sharmareport, technology, cybersecurity, bug-bounty, penetration-testing16-May-2025
Race Condition Seru: Ngebobol Limit Cuma Modal Request Paralelhttps://medium.com/@FufuFaf1/race-condition-seru-ngebobol-limit-cuma-modal-request-paralel-44f1da33e4fb?source=rss------bug_bounty-5FufuFafacybersecurity, bug-bounty-tips, hacking, bug-bounty-writeup, bug-bounty16-May-2025
Caching Trouble: The Public Cache That Leaked Private User Datahttps://infosecwriteups.com/caching-trouble-the-public-cache-that-leaked-private-user-data-0d410af5cb4c?source=rss------bug_bounty-5Iskicybersecurity, bug-bounty, infosec, hacking, money16-May-2025
From Guest to Admin: Chaining Pre-Account Takeover with Privilege Escalationhttps://medium.com/@kroush333/from-guest-to-admin-chaining-pre-account-takeover-with-privilege-escalation-fe970e80cd25?source=rss------bug_bounty-5MahmoudKroushbug-bounty, bug-bounty-tips, cybersecurity16-May-2025
Privilege Escalation via Response Manipulationhttps://mrshan.medium.com/privilege-escalation-via-response-manipulation-efe66697bc98?source=rss------bug_bounty-5MR SHANbug-bounty-tips, response-manipulation, burpsuite, cybersecurity, bug-bounty16-May-2025
FullMounty (Easy) PwnTillDawn Walkthrough.https://medium.com/@3L4CKCYBR/badger-easy-pwntilldawn-walkthrough-50670472cc33?source=rss------bug_bounty-53L4CKCYBR_technology, privilege-escalation, bug-bounty, cybersecurity, pwntilldawn16-May-2025
PII Leak via Emailhttps://medium.com/@hossam_hamada/pii-leak-via-email-3ff4eb5199d9?source=rss------bug_bounty-5Hossam Hamadabug-bounty, bugbounty-tips, bugcrowd, hackerone, bugbounty-writeup16-May-2025
CTF | Brute Force Login Cuma Modal Terminal Gak Perlu UI!https://inrexna.medium.com/ctf-brute-force-login-cuma-modal-terminal-gak-perlu-ui-ddd455c4bf66?source=rss------bug_bounty-5InREXnAethical-hacking, bug-bounty, cybersecurity, penetration-testing, ctf-writeup16-May-2025
How I almost made $1000 from XSS bypass attributehttps://medium.com/@0xRedFox29/how-i-almost-made-1000-from-xss-bypass-attribute-77d68f0bc33c?source=rss------bug_bounty-5kunx90bug-bounty-tips, cybersecurity, bug-bounty-writeup, bug-bounty, red-team-security16-May-2025
2fa, OTP bypass checklists 2025https://medium.com/@mohaned0101/2fa-otp-bypass-checklists-2025-4d45f92dbdaa?source=rss------bug_bounty-5mohaned alkhlototp-verification, 2fa-bypass, bug-bounty-tips, 2fa, bug-bounty16-May-2025
Open Redirect via Base64-Encoded state Parameter in OAuth Flow (returnTo field)https://medium.com/@husseinelturkey/open-redirect-via-base64-encoded-state-parameter-in-oauth-flow-returnto-field-42a0319ef296?source=rss------bug_bounty-5Hussein Elturkeybug-bounty-writeup, duplicate, open-redirect, bugcrowd, bug-bounty16-May-2025
Reflexiones sobre la creación de comunidades: El caso Bug Bounty Argentina y su réplicahttps://medium.com/@yenoyow561/reflexiones-sobre-la-creaci%C3%B3n-de-comunidades-el-caso-bug-bounty-argentina-y-su-r%C3%A9plica-f7a6cf3c9cf1?source=rss------bug_bounty-5KRAQENcybersecurity, inclusion, plágio, ethical-hacking, bug-bounty16-May-2025
How I almost made $1000 from XSS bypass attributehttps://medium.com/@0xRedFox29/how-i-almost-made-1000-from-xss-bypass-attribute-77d68f0bc33c?source=rss------bug_bounty-50xRedFox29bug-bounty-tips, cybersecurity, bug-bounty-writeup, bug-bounty, red-team-security16-May-2025
☕Best Tool for Analyzing Java Files (90% of Hackers Don’t Know This)https://infosecwriteups.com/best-tool-for-analyzing-java-files-90-of-hackers-dont-know-this-07a57d1477f9?source=rss------bug_bounty-5Abhijeet Kumawatjava, bug-bounty, infosec, hacking, cybersecurity15-May-2025
Hacking With No Tools: How to Break Web Apps Using Just Your Browser ️‍♂️https://infosecwriteups.com/hacking-with-no-tools-how-to-break-web-apps-using-just-your-browser-%EF%B8%8F-%EF%B8%8F-255861d3f623?source=rss------bug_bounty-5Vipul Sonuleinfosec, hacking, cybersecurity, bug-bounty, tech15-May-2025
$3,000 Bounty: RCE in Burp Suite via Clickjackinghttps://infosecwriteups.com/3-000-bounty-rce-in-burp-suite-via-clickjacking-3a3bac7cf431?source=rss------bug_bounty-5Monika sharmabug-bounty, hacking, penetration-testing, cybersecurity, technology15-May-2025
Blog Title: Not Your File: How Misconfigured MIME Types Let Me Upload Evil Scriptshttps://infosecwriteups.com/blog-title-not-your-file-how-misconfigured-mime-types-let-me-upload-evil-scripts-889efb18a7ce?source=rss------bug_bounty-5Iskihacking, infosec, money, bug-bounty, cybersecurity15-May-2025
Bypassing OTP Verification via Response Manipulation: A Silent Threathttps://frostyxsec.medium.com/bypassing-otp-verification-via-response-manipulation-a-silent-threat-006dc2b6fa13?source=rss------bug_bounty-5Frostynxthbug-bounty-hunter, bug-bounty-tips, bug-bounty, bug-bounty-writeup15-May-2025
CHAINING THE SCOPEhttps://sijojohnson.medium.com/chaining-the-scope-0f6fcb9e7cf4?source=rss------bug_bounty-5Sijo Johnsonsensitive-data-exposure, easy-pii-leak, pii-data, wedohacks, bug-bounty15-May-2025
QA Mindset Shift: From Bug Hunters to User Whisperershttps://medium.com/@ivan.boklach/qa-mindset-shift-from-bug-hunters-to-user-whisperers-7e9dccff0fc4?source=rss------bug_bounty-5Ivan Boklachbug-bounty, bugs, qa15-May-2025
Top Tools That Helped Me Earn $500 in 30 Dayshttps://infosecwriteups.com/top-tools-that-helped-me-earn-500-in-30-days-00123f09cd7a?source=rss------bug_bounty-5It4chis3cbug-bounty, recon, secrets, hacking, information-security15-May-2025
The Gray Code: When Hackers Wrestle With Their Shadowshttps://medium.com/meetcyber/the-gray-code-when-hackers-wrestle-with-their-shadows-0a2cb5b66e21?source=rss------bug_bounty-5Ahmad Javedhacker, hacking, bug-bounty, cybersecurity, ethical-hacking15-May-2025
GitHub Dorking Brought Us the Bountyhttps://medium.com/@nocley/github-dorking-brought-us-the-bounty-cd1c4675371e?source=rss------bug_bounty-5nocleyintigriti, bugbounty-tips, hacking, bug-bounty, bugbounty-writeup15-May-2025
Introducing SecureCrawl: The Intelligent Web Security Crawlerhttps://medium.com/@N0aziXss/introducing-securecrawl-the-intelligent-web-security-crawler-d258ec05edb8?source=rss------bug_bounty-5N0aziXssethical-hacking, cybersecurity, bug-bounty, python, web-security15-May-2025
Cybersecurity Training: Real-World Code Review Challenges on CodeVulnHunthttps://medium.com/@mithun_/cybersecurity-training-real-world-code-review-challenges-on-codevulnhunt-70a0a36e50bf?source=rss------bug_bounty-5Mithunsource-code, ctf, cybersecurity, infosec, bug-bounty15-May-2025
How Attackers Use Google Dorks to Discover Your Exposed Assetshttps://medium.com/@tejprakashbk1996/how-attackers-use-google-dorks-to-discover-your-exposed-assets-026f367c21e4?source=rss------bug_bounty-5Tejprakashgoogle-dork, security, google-search, reconnaissance, bug-bounty15-May-2025
NoSQL Injection Detection — A hands-on Exploitation Walkthroughhttps://infosecwriteups.com/nosql-injection-detection-a-hands-on-exploitation-walkthrough-03aaa19dab70?source=rss------bug_bounty-5Aditya Bhattnosql-injection, nosql, sql-injection, cybersecurity, bug-bounty15-May-2025
The “Unlimited Leave” Hack I Found at My Collegehttps://medium.com/@swarnimbandekar/the-unlimited-leave-hack-i-found-at-my-college-4c772df5f8e4?source=rss------bug_bounty-5Swarnim Bandekarethical-hacking, bug-bounty, bug-bounty-tips, hacking, penetration-testing15-May-2025
Exploring GoBuster: A Powerful Tool For Directory and File Discoveryhttps://medium.com/@natarajanck2/exploring-gobuster-a-powerful-tool-for-directory-and-file-discovery-0009c500e158?source=rss------bug_bounty-5Natarajan C Kbug-bounty, gobuster, security, browsers, violation15-May-2025
Mi Carta de reconocimiento por la NASA: lo que no se ve detrás del logrohttps://medium.com/@juanfelipeoz.rar/mi-carta-de-reconocimiento-por-la-nasa-lo-que-no-se-ve-detr%C3%A1s-del-logro-59c6cb59671c?source=rss------bug_bounty-5Juan Felipe Osorio Zseguridad-informatica, ciberseguridad, hacking, bug-bounty, nasa15-May-2025
CVE-2025-4455: Local Privilege Escalation in Patch My PC Home Updaterhttps://sneharghya.medium.com/cve-2025-4455-local-privilege-escalation-in-patch-my-pc-home-updater-58f2c2041b46?source=rss------bug_bounty-5Sneharghya Roydll-hijacking, bug-bounty, cybersecurity15-May-2025
403 Bypass Techniques for Bug Bountyhttps://medium.com/@silverxcyber/403-bypass-techniques-for-bug-bounty-dcd449733bec?source=rss------bug_bounty-5SilverXCyber403bypass, bug-bounty, 403-forbidden, bug-bounty-hunter, bug-bounty-writeup15-May-2025
Escalando Privilégios com a Determinação de um Shih Tzuhttps://medium.com/@correa-sergio/escalando-privil%C3%A9gios-com-a-determina%C3%A7%C3%A3o-de-um-shih-tzu-9df40e8a482c?source=rss------bug_bounty-5Sérgio Corrêacybersecurity, ctf, segurança-da-informação, pentest, bug-bounty15-May-2025
What crime did humans commit to attract the punishment of bedbugs!https://medium.com/@Purpledot_/what-crime-did-humans-commit-to-attract-the-punishment-of-bedbugs-5e77ee08aa6c?source=rss------bug_bounty-5Confidencemedium, problems, helping-others, bug-bounty, solutions15-May-2025
My First Year in Bug Bounty $$$https://infosecwriteups.com/my-first-year-in-bug-bounty-9c87e0b68ac4?source=rss------bug_bounty-5RivuDonbug-bounty-writeup, bug-hunter, bug-bounty-tips, bug-bounty, bug-hunting14-May-2025
JWT Exploitation: How I Forged Tokens and Took Over Accountshttps://infosecwriteups.com/jwt-exploitation-how-i-forged-tokens-and-took-over-accounts-2e7ab1cf4df8?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, bug-bounty, hacking, jwt, cybersecurity14-May-2025
Title: Filter Failure: From HTML Injection to Full-Blown XSS via Rich Text Editorshttps://infosecwriteups.com/title-filter-failure-from-html-injection-to-full-blown-xss-via-rich-text-editors-af6809e248b4?source=rss------bug_bounty-5Iskibug-bounty, money, cybersecurity, hacking, infosec14-May-2025
Ethical Hacking Guide: Penetration Testing Apache Tomcat (2025 Edition)https://medium.com/@verylazytech/ethical-hacking-guide-penetration-testing-apache-tomcat-2025-edition-01dc367f070c?source=rss------bug_bounty-5Very Lazy Techpenetration-testing, apache, tomcat, ethical-hacking, bug-bounty14-May-2025
IDOR: When One Tiny Change Exposes Everythinghttps://medium.com/@sachinpv2004/idor-when-one-tiny-change-exposes-everything-c54b6750d2fd?source=rss------bug_bounty-5SACHIN PVpentesting, idor, bug-bounty, vulnerability, owasp14-May-2025
Ditch the Patchwork of Breach-Alert Tools: Monitor Every Credential Leak from One Place with…https://medium.com/@alexandrevandammepro/ditch-the-patchwork-of-breach-alert-tools-monitor-every-credential-leak-from-one-place-with-0b7f6225ecf8?source=rss------bug_bounty-5Alexandre Vandammecyberattack, bug-bounty-tips, technology, bug-bounty, cybersecurity14-May-2025
About Mehttps://0xsakibkhan.medium.com/about-me-673842903ff2?source=rss------bug_bounty-5Muhammad Shakibhacking-tools, bug-bounty, ethical-hacking, red-team-tools, pentesting14-May-2025
End Recon Tool Overload: Centralise Enumeration & Scanning with SubDomainRadar.iohttps://medium.com/@alexandrevandammepro/end-recon-tool-overload-centralise-enumeration-scanning-with-subdomainradar-io-ae387d97cc6c?source=rss------bug_bounty-5Alexandre Vandammehacking, bug-bounty, technology, cybersecurity, bug-bounty-tips14-May-2025
CTF Day(1)https://medium.com/@ahmednarmer1/ctf-day-1-c213568b8321?source=rss------bug_bounty-5Ahmed Narmercybersecurity, bug-bounty, ctf, web-penetration-testing14-May-2025
Breaking In Through the Backdoor: Password Reset Gone Wronghttps://infosecwriteups.com/breaking-in-through-the-backdoor-password-reset-gone-wrong-6e5243c16a19?source=rss------bug_bounty-5Ehtesham Ul Haqinfosec, penetration-testing, bug-bounty, writeup, passwords14-May-2025
How Inconsistent Input Handling and Poor Email Validation Can Lead to Admin Accesshttps://infosecwriteups.com/how-inconsistent-input-handling-and-poor-email-validation-can-lead-to-admin-access-b64b25413b82?source=rss------bug_bounty-5Bash Overflowbug-bounty, bypass-email-registration, bug-bounty-tips, lack-of-email-validation, email-logic-flaws14-May-2025
HackerNote(Medium)TryHackMe Walkthroughhttps://medium.com/@blackcyb3r29/hackernote-medium-tryhackme-walkthrough-41a7080c5046?source=rss------bug_bounty-53L4CKCYBR_tryhackme, cybersecurity, bug-bounty, ctf-writeup, technology14-May-2025
The Crypto Wallet Vulnerability That Went Undetected for Over Six Yearshttps://medium.com/@john-s4d/the-crypto-wallet-vulnerability-that-went-undetected-for-over-six-years-36cd52cb600c?source=rss------bug_bounty-5John Sessfordcrypto, solana-network, bug-bounty, cryptocurrency, cybersecurity14-May-2025
CTF Day(2)https://medium.com/@ahmednarmer1/ctf-day-2-f405f7d0449d?source=rss------bug_bounty-5Ahmed Narmerbug-bounty, ctf, cybersecurity, web-penetration-testing14-May-2025
Publishing your story with allbyhunterhttps://allbyhunter.com/publishing-your-story-with-allbyhunter-a121696ff60d?source=rss------bug_bounty-5kerstanstartup, hacking, bug-bounty, prgramming, coding14-May-2025
$800 Bounty — Web Cache Deception in Shopifyhttps://medium.com/meetcyber/800-bounty-web-cache-deception-in-shopify-c8507c2d99e5?source=rss------bug_bounty-5Monika sharmabug-bounty, bug-bounty-tips, technology, cybersecurity, penetration-testing14-May-2025
Bug Bounty Tips: From Zero to First Payouthttps://medium.com/@appsecwarrior/bug-bounty-tips-from-zero-to-first-payout-6bd8c9df0c48?source=rss------bug_bounty-5appsecwarriorsecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup, penetration-testing14-May-2025
Ethical Hacking Learning Pathhttps://0xben.medium.com/ethical-hacking-learning-path-and-roadmap-5e3252f7c9de?source=rss------bug_bounty-50xBENctf, bug-bounty, ethical-hacking, learning-path, penetration-testing14-May-2025
Breaking the Rules: Deleting Confirmed Organizations Through a Backend Flawhttps://medium.com/@cyberpro151/breaking-the-rules-deleting-confirmed-organizations-through-a-backend-flaw-525dc867841c?source=rss------bug_bounty-5cyberpro151cybersecurity, bug-bounty, penetration-testing, ethical-hacking, bug-bounty-tips14-May-2025
Researcher Yuvi — My Cybersecurity Journey at 16https://medium.com/@codewithyuvi/researcher-yuvi-my-cybersecurity-journey-at-16-e3dde09fba78?source=rss------bug_bounty-5Yuvraj Guptahall-of-fame, researcher-yuvi, ethical-hacking, bug-bounty, cybersecurity13-May-2025
Bypassing CSRF Protectionshttps://medium.com/@itamar.yochpaz/bypassing-csrf-protections-7db64f26b9e5?source=rss------bug_bounty-5Itamar Yochpazhacking, cybersecurity, application-security, bug-bounty, penetration-testing13-May-2025
$256 Bounty : XSS via Web Cache Poisoning in Discoursehttps://infosecwriteups.com/256-bounty-xss-via-web-cache-poisoning-in-discourse-594d5961555e?source=rss------bug_bounty-5Monika sharmabug-bounty, cybersecurity, penetration-testing, technology, hacking13-May-2025
How Hackers Bypass Login Pages with SQL, Logic Flaws, and Headershttps://infosecwriteups.com/how-hackers-bypass-login-pages-with-sql-logic-flaws-and-headers-567a5649e701?source=rss------bug_bounty-5Vipul Sonulebug-bounty, cybersecurity, infosec, programming, hacking13-May-2025
Forget Me Not: How Broken Logout Functionality Let Me Ride Sessions Foreverhttps://infosecwriteups.com/forget-me-not-how-broken-logout-functionality-let-me-ride-sessions-forever-3435e6d98845?source=rss------bug_bounty-5Iskicybersecurity, infosec, hacking, money, bug-bounty13-May-2025
The $1,000 Recon Trick: One Command That Changed My Hunting Gamehttps://infosecwriteups.com/the-1-000-recon-trick-one-command-that-changed-my-hunting-game-58527a7f6d7c?source=rss------bug_bounty-5Abhijeet Kumawattricks, hacking, vulnerability, recon, bug-bounty13-May-2025
Inside the Shadows: Why HTTP Smuggling Still Breaks the Webhttps://medium.com/@es0557533/inside-the-shadows-why-http-smuggling-still-breaks-the-web-c81c69577fdd?source=rss------bug_bounty-5Isvcybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-writeup, https13-May-2025
The Human Firewall: Why Your Employees Are Both Your Greatest Vulnerability and Assethttps://infosecwriteups.com/the-human-firewall-why-your-employees-are-both-your-greatest-vulnerability-and-asset-76a93b879bae?source=rss------bug_bounty-5Paritoshhacking, bug-bounty, firewall, cybersecurity, networking13-May-2025
Meet URLShort: The Ultimate URL Shortener, Fuzzer & Payload Injector for Bug Bounty Hunters &…https://neerajsah.medium.com/meet-urlshort-the-ultimate-url-shortener-fuzzer-payload-injector-for-bug-bounty-hunters-9c631e83d492?source=rss------bug_bounty-5Neeraj Sahbug-bounty, fuzzing, pentesting, hacking-tools, url-shorteners13-May-2025
Exploiting File Upload Vulnerabilities: What, Why & Howhttps://medium.com/@sachinpv2004/exploiting-file-upload-vulnerabilities-what-why-how-68e159aff82a?source=rss------bug_bounty-5SACHIN PVowasp, bug-bounty, file-upload, pentesting, file-upload-vulnerability13-May-2025
How I Found a Way to Prolong Password Reset Code Expiryhttps://infosecwriteups.com/how-i-found-a-way-to-prolong-password-reset-code-expiry-6214391023de?source=rss------bug_bounty-5Ehtesham Ul Haqpasswords, bug-bounty, hacking, penetration-testing, infosec13-May-2025
Web Cachehttps://medium.com/@eddinesaad122/web-cache-6065a266ae95?source=rss------bug_bounty-5saad eddinebug-bounty, web-development, technology, security, web13-May-2025
ASUS DriverHub Vulnerability Exposes Users to Remote Code Executionhttps://wiretor.medium.com/asus-driverhub-vulnerability-exposes-users-to-remote-code-execution-1f924851eeac?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesusa, bug-bounty, hacking, malware, rce13-May-2025
Bug Bounty Roadmap 2025: The Complete Guide to Becoming a Professional Ethical Hackerhttps://medium.com/@jiniyaasma8/bug-bounty-roadmap-2025-the-complete-guide-to-becoming-a-professional-ethical-hacker-a6ff0abc69ef?source=rss------bug_bounty-5Jiniyaasmabug-bounty-tips, technology, resources, cybersecurity, bug-bounty13-May-2025
$$$ bounty via unique username bypasshttps://medium.com/legionhunters/bounty-via-unique-username-bypass-26f2c76f5ee7?source=rss------bug_bounty-5cryptoshantmoney, bug-bounty, bug-bounty-tips, cybersecurity, hacking13-May-2025
My Exceptional SSRF Findinghttps://medium.com/@nocley/my-exceptional-ssrf-finding-73e8039e3a22?source=rss------bug_bounty-5nocleyreadteam, pentest, tips-and-tricks, bug-bounty, ssrf13-May-2025
Upload Vulnshttps://medium.com/@julius.grosserode.19/upload-vulns-3c139f507b28?source=rss------bug_bounty-5Juliopath-traversal, file-upload, bug-bounty, file-upload-vulnerability, bug-bounty-tips13-May-2025
Introducing DomainRecon: Your Advanced WHOIS & DNS Intelligence Toolhttps://medium.com/@N0aziXss/introducing-domainrecon-your-advanced-whois-dns-intelligence-tool-9e2dc63ae774?source=rss------bug_bounty-5N0aziXssethical-hacking, python, bug-bounty, reconnaissance, cybersecurity13-May-2025
Template Report Bug Bounty (Bahasa Indonesia)https://medium.com/@ikhlasul0507/template-report-bug-bounty-d3ad2f9d84ee?source=rss------bug_bounty-5Ikhlasulxss-attack, bugs, bug-bounty, xs12-May-2025
$25,000 SSRF in HackerOne’s Analytics Reportshttps://osintteam.blog/25-000-ssrf-in-hackerones-analytics-reports-b9a5b3aa3d6e?source=rss------bug_bounty-5Monika sharmahacking, bug-bounty, cybersecurity, technology, penetration-testing12-May-2025
How I Earned $200 From a Simple EXIF Bug (Step by Step Guide, You Can Use Today)https://infosecwriteups.com/how-i-earned-200-from-a-simple-exif-bug-step-by-step-guide-you-can-use-today-c71dc2d82389?source=rss------bug_bounty-5BugBounty Universityosint, bug-bounty, infosec, exif, cybersecurity12-May-2025
How I Found SSTI in a Search Barhttps://infosecwriteups.com/how-i-found-ssti-in-a-search-bar-6fede0d3263c?source=rss------bug_bounty-5Umanhonlen Gabrielhacking, bug-bounty, hacker, bug-bounty-tips12-May-2025
Breaking APIs: A Bug Hunter’s Guidehttps://osintteam.blog/breaking-apis-a-bug-hunters-guide-ba20b7098364?source=rss------bug_bounty-5Aditya Bhattapi-testing, bug-bounty, api, cybersecurity, bug-hunting12-May-2025
How I Exploited a Low-Level Logic Flaw to Manipulate Product Prices Using Burp Intruderhttps://osintteam.blog/how-i-exploited-a-low-level-logic-flaw-to-manipulate-product-prices-using-burp-intruder-64143bee2322?source=rss------bug_bounty-5Bash Overflowbug-bounty, exploit-logic-flaw, bypass-price-validation, logic-flaw-bug-bounty, bug-bounty-tips12-May-2025
This Red Teaming Tools can make you a pro Hacker.https://medium.com/@anandrishav2228/this-red-teaming-tools-can-make-you-a-pro-hacker-69b5f60fd735?source=rss------bug_bounty-5Rishav anandmoney, cybersecurity, red-team, bug-bounty, hacking12-May-2025
SSRF via PDF Generator? Yes, and It Led to EC2 Metadata Accesshttps://infosecwriteups.com/ssrf-via-pdf-generator-yes-and-it-led-to-ec2-metadata-access-39b8e5b41840?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, hacking, ssrf, bug-bounty, ssrf-attack12-May-2025
The Psychology of Patch Fatigue: Why Teams Delay Fixeshttps://medium.com/@paritoshblogs/the-psychology-of-patch-fatigue-why-teams-delay-fixes-eb4690cfb38e?source=rss------bug_bounty-5Paritoshcybersecurity, vulnerability, vulnerability-management, hacking, bug-bounty12-May-2025
Top 5 Easiest Bugs for Beginners in Bug Bountyhttps://infosecwriteups.com/top-5-easiest-bugs-for-beginners-in-bug-bounty-45dd81c49e03?source=rss------bug_bounty-5Vipul Sonulehacking, bug-bounty, infosec, technology, cybersecurity12-May-2025
$10,000 Bounty: HackerOne Report Comments Leak via “Export as .zip”https://infosecwriteups.com/10-000-bounty-hackerone-report-comments-leak-via-export-as-zip-a4aed8bd7409?source=rss------bug_bounty-5Monika sharmapenetration-testing, bug-bounty, technology, hacking, cybersecurity12-May-2025
SameSite? SameMess: How I Bypassed Cookie Protections to Hijack Sessions ️‍♂️https://infosecwriteups.com/samesite-samemess-how-i-bypassed-cookie-protections-to-hijack-sessions-%EF%B8%8F-%EF%B8%8F-20520f4be7ec?source=rss------bug_bounty-5Iskibug-bounty, money, cybersecurity, hacking, infosec12-May-2025
How I Find Open Redirect Bugs Using Waybackurls, Gau & GF Toolhttps://ch4ndan.medium.com/how-i-find-open-redirect-bugs-using-waybackurls-gau-gf-tool-64ac3dcb9aa0?source=rss------bug_bounty-5Ch4ndan dasbug-bounty, cybersecurity, bug-bounty-tips, cyber-security-awareness, bug-bounty-writeup12-May-2025
Intercept phone’s traffic in burp (using actual phone)https://medium.com/@ozz0x/intercept-phones-traffic-in-burp-using-actual-phone-ca46317add92?source=rss------bug_bounty-5Ozzapi, mobile-pentesting, api-testing, mobile-bug-bounty, bug-bounty12-May-2025
Researcher Yuvi Teen Hacker to Hall of Fame: My Cybersecurity Journey at 16https://medium.com/@codewithyuvi/researcher-yuvi-teen-hacker-to-hall-of-fame-my-cybersecurity-journey-at-16-230efba091cb?source=rss------bug_bounty-5Yuvraj Guptayoungest, cybersecurity, hacking, bug-bounty, yuvi12-May-2025
$12,000 RCE in GitLab: Arbitrary File Overwrite via Path Injectionhttps://medium.com/meetcyber/12-000-rce-in-gitlab-arbitrary-file-overwrite-via-path-injection-35443b6602df?source=rss------bug_bounty-5Monika sharmacybersecurity, penetration-testing, technology, bug-bounty, hacking12-May-2025
iSCSI— Port 3260 — How to exploit?https://medium.com/@verylazytech/iscsi-port-3260-how-to-exploit-c8402da9cefb?source=rss------bug_bounty-5Very Lazy Techethical-hacking, iscsi, penetration-testing, oscp, bug-bounty12-May-2025
️ Top 25 Most Dangerous Software Weaknesses (CWE)https://medium.com/@shamzen96/%EF%B8%8F-top-25-most-dangerous-software-weaknesses-cwe-91a3e4e58f42?source=rss------bug_bounty-5Shivam Rajbug-bounty, cwe, cybersecurity12-May-2025
Researcher Yuvi — My Cybersecurity Journey at 16https://medium.com/@codewithyuvi/researcher-yuvi-teen-hacker-to-hall-of-fame-my-cybersecurity-journey-at-16-230efba091cb?source=rss------bug_bounty-5Yuvraj Guptayoungest, cybersecurity, hacking, bug-bounty, yuvi12-May-2025
bWAPP HTML Injection CheatSheet — (WebApp Pentesting 1)https://serkanbenol.medium.com/bwapp-html-injection-cheatsheet-webapp-pentesting-1-f6ae6719617a?source=rss------bug_bounty-5serkanbenolbug-bounty-hunter, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-writeup12-May-2025
The Ultimate IDOR Bug Bounty Methodology — Learn & Hunt Like a Pro (2025 Guide)https://hackersatty.medium.com/the-ultimate-idor-bug-bounty-methodology-learn-hunt-like-a-pro-2025-guide-fd79e50fd7fe?source=rss------bug_bounty-5hackersattyidor-vulnerability, bug-hunting, bug-bounty, bug-bounty-writeup, api12-May-2025
[Bug Bounty] How I Leaked Admin Metadata From a Low-Privileged Account — A Deep Dive into…https://hackersatty.medium.com/bug-bounty-how-i-leaked-admin-metadata-from-a-low-privileged-account-a-deep-dive-into-23e0d699d792?source=rss------bug_bounty-5hackersattybug-bounty, idor, bug-bounty-writeup, javascript, api-endpoint12-May-2025
Master CRLF Injection: The Underrated Bug with Dangerous Potentialhttps://infosecwriteups.com/master-crlf-injection-the-underrated-bug-with-dangerous-potential-33bb0d62e031?source=rss------bug_bounty-5coffinxpprogramming, hacking, bug-bounty, cybersecurity, technology12-May-2025
How I Found a Way to Submit LeetCode Premium Problems as a Free Userhttps://medium.com/@ShreyasMahajann/how-i-found-a-way-to-submit-leetcode-premium-problems-as-a-free-user-cb30668b976c?source=rss------bug_bounty-5Shreyas Mahajanleetcode, hacking, cybersecurity, bug-bounty, coding12-May-2025
OSINT Writeups — MIST Cyber Drill 2025https://infosecwriteups.com/osint-writeups-mist-cyber-drill-2025-2d1e398a4672?source=rss------bug_bounty-5Mr Greyctf, osint, ctf-walkthrough, bug-bounty, ctf-writeup12-May-2025
Unauthenticated Cache Purging Vulnerabilityhttps://00x.medium.com/unauthenticated-cache-purging-vulnerability-29f2641fcbb8?source=rss------bug_bounty-500xdatabug-bounty-tips, bug-bounty12-May-2025
$1,120 Bounty: Clickjacking Vulnerability in Twitter Periscopehttps://osintteam.blog/1-120-bounty-clickjacking-vulnerability-in-twitter-periscope-b46e8dfc8915?source=rss------bug_bounty-5Monika sharmapenetration-testing, bug-bounty, technology, cybersecurity, hacking12-May-2025
API Key Exposure in NASA GitHub Repository Leads to Unauthorized Access to Academic Datahttps://infosecwriteups.com/api-key-exposure-in-nasa-github-repository-leads-to-unauthorized-access-to-academic-data-816bfb6ffede?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, infosec, bug-bounty, nasa, hacking11-May-2025
$16,000 Bounty: Stored XSS in GitLabhttps://infosecwriteups.com/16-000-bounty-stored-xss-in-gitlab-a0f57e5c4245?source=rss------bug_bounty-5Monika sharmahacking, penetration-testing, technology, bug-bounty, report11-May-2025
Confessions of a Bug Bounty Hunter: Tales from the Digital Junglehttps://bevijaygupta.medium.com/confessions-of-a-bug-bounty-hunter-tales-from-the-digital-jungle-892e188bc282?source=rss------bug_bounty-5Vijay Kumar Guptabug-bounty, bug-bounty-tips, bugs, confessions, digital11-May-2025
5 Places XSS Hides in Modern Bootstrap Apps (and How to Find Them)https://medium.com/@killuaX/5-places-xss-hides-in-modern-bootstrap-apps-and-how-to-find-them-d22ec62c8359?source=rss------bug_bounty-5Abhirambootstrap, xss-vulnerability, web-security, bug-bounty, ethical-hacking11-May-2025
Bypass Fitur Ganti Email via Request API Langsunghttps://medium.com/@FufuFaf1/bypass-fitur-ganti-email-via-request-api-langsung-fac831a8dc31?source=rss------bug_bounty-5FufuFafacybersecurity, cyber-security-awareness, bug-bounty, bug-bounty-writeup11-May-2025
Bug Bounty Race: Exploiting Race Conditions for Infinite Discountshttps://infosecwriteups.com/bug-bounty-race-exploiting-race-conditions-for-infinite-discounts-a2cb2f233804?source=rss------bug_bounty-5Aditya Bhattburpsuite, hacking, race-condition, cybersecurity, bug-bounty11-May-2025
APIs Hacking : Exploiting Race Condition 101https://iaraoz.medium.com/apis-hacking-exploiting-race-condition-101-e063ea5057cb?source=rss------bug_bounty-5Israel Aráoz Severicheapi, cybersecurity, bug-bounty, hacking, penetration-testing11-May-2025
MFA Update OTP Bypasshttps://medium.com/@aburayhan01734_18069/mfa-update-otp-bypass-64e2cd1cbe86?source=rss------bug_bounty-5Md. Abu Rayhanbypass, 2fa-bypass, mfa, bug-bounty, athentication11-May-2025
The “Unlimited Leave” Hack I Found at My College — And Why I Didn’t Use Ithttps://medium.com/@swarnimbandekar/vtop-idor-d73d42d206bc?source=rss------bug_bounty-5Swarnim Bandekarbug-bounty-writeup, bug-bounty, hacking, penetration-testing, cybersecurity11-May-2025
Unauthorized Access to Meta’s Draft Profile Picture Frames: A Bug Bounty Breakdownhttps://medium.com/@kamramehak445/unauthorized-access-to-metas-draft-profile-picture-frames-a-bug-bounty-breakdown-c46f592005dd?source=rss------bug_bounty-5Mehak kamracyber, meta, bug-bounty, cyberattack, cybersecurity11-May-2025
The Hidden Language: Exploiting GraphQL for Unauthorized Data Dumphttps://infosecwriteups.com/the-hidden-language-exploiting-graphql-for-unauthorized-data-dump-8be49f30a005?source=rss------bug_bounty-5Iskihacking, bug-bounty, infosec, money, cybersecurity11-May-2025
Red Team Concepts by Mr. Davidhttps://medium.com/@darshannnaik1234/red-team-concepts-by-mr-david-5650776fd778?source=rss------bug_bounty-5Darshan Naresh Naikactive-directory, cybersecurity, bug-bounty, ethical-hacking, red-team11-May-2025
Authorization Bypass Through HTTP Response Manipulationhttps://octayus.medium.com/authorization-bypass-through-http-response-manipulation-00e318a5b722?source=rss------bug_bounty-5OctaYusbug-bounty-tips, bug-bounty, twitter, authentication, cybersecurity11-May-2025
Tracking App Data Changes with Git During Mobile App Security Reviewhttps://medium.com/@arkadiy.litvinenko/tracking-app-data-changes-with-git-during-mobile-app-security-review-520af779dd49?source=rss------bug_bounty-5Arkadiy Litvinenkoapplication-security, bug-bounty, mobile-security, penetration-testing, information-security11-May-2025
More Than Broken Access: The Real Power of IDORshttps://medium.com/@xerox0x1/more-than-broken-access-the-real-power-of-idors-a50763e9ff8d?source=rss------bug_bounty-5XeRox01idor, bug-bounty, pentesting, web-security, infosec10-May-2025
Securing and Consuming APIs in the Cloud: A Complete Journey from Provider to Customerhttps://medium.com/@zoningxtr/securing-and-consuming-apis-in-the-cloud-a-complete-journey-from-provider-to-customer-d7c0f736b84d?source=rss------bug_bounty-5Zoningxtrweb-development, bug-bounty, api, cybersecurity, penetration-testing10-May-2025
Hidden HackerOne & Bugcrowd Programs: How to Get Private Inviteshttps://infosecwriteups.com/hidden-hackerone-bugcrowd-programs-how-to-get-private-invites-74f8e8ce38c4?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, cybersecurity, bugcrowd, hackerone, infosec10-May-2025
How to Build an Internal Security Review Checklist Before Every Deployment ✅https://securrtech.medium.com/how-to-build-an-internal-security-review-checklist-before-every-deployment-2c84910293aa?source=rss------bug_bounty-5Securr - Web3 Securitysmart-contract-security, web3-security, blockchain-security, bug-bounty, smart-contract-auditing10-May-2025
Core Banking System Architecture Explained: Layers, Components, and Securityhttps://medium.com/@zoningxtr/core-banking-system-architecture-explained-layers-components-and-security-72368ff7aed8?source=rss------bug_bounty-5Zoningxtrbug-bounty, web-development, cybersecurity, penetration-testing, api10-May-2025
Beyond Patch Tuesday: Managing Vulnerabilities in Real-Timehttps://medium.com/@paritoshblogs/beyond-patch-tuesday-managing-vulnerabilities-in-real-time-63dbfa6ac92f?source=rss------bug_bounty-5Paritoshcybersecurity, patch-tuesday, vulnerability, vulnerability-management, bug-bounty10-May-2025
Blind XXE Attacks via Out-of-Band Interaction Using Burp Collaboratorhttps://bashoverflow.medium.com/blind-xxe-attacks-via-out-of-band-interaction-using-burp-collaborator-af0abd7c7d25?source=rss------bug_bounty-5Bash Overflowxxe-injection, bug-bounty, blind-xxe-vulnerability, out-of-band-xxe-attack, bug-bounty-tips10-May-2025
️‍♂️ The Unwanted Guest: How Misconfigured Firebase Gave Me All the Datahttps://medium.com/@iski/%EF%B8%8F-%EF%B8%8F-the-unwanted-guest-how-misconfigured-firebase-gave-me-all-the-data-80e0e23b7250?source=rss------bug_bounty-5Iskibug-bounty, money, hacking, infosec, cybersecurity10-May-2025
Introduction to Web Applicationshttps://medium.com/@fatimahasan022/introduction-to-web-applications-3567db23580a?source=rss------bug_bounty-5Fatimahasanpenetration-testing, web-attack, bug-bounty, web-development, web-design10-May-2025
Inside the Enemy Lines: How a Simple IDOR Unmasked a Major Malware Campaignhttps://medium.com/@red.whisperer/inside-the-enemy-lines-how-a-simple-idor-unmasked-a-major-malware-campaign-4d61c2293cf6?source=rss------bug_bounty-5Chuxbug-bounty, hacking, malware, technology, cybersecurity10-May-2025
The Vulnerability Management Playbook for Lean Security Teamshttps://medium.com/@paritoshblogs/the-vulnerability-management-playbook-for-lean-security-teams-f253be8a0c85?source=rss------bug_bounty-5Paritoshplaybook, bug-bounty, cybersecurity, hacking, vulnerability-management10-May-2025
How I Earned 100 euros in 4 Hours as a Beginner Bug Bounty Hunterhttps://medium.com/@nn.nkp007/how-i-earned-100-euros-in-4-hours-as-a-beginner-bug-bounty-hunter-623530ba8bf5?source=rss------bug_bounty-5Niranjan Prajapatiintigriti, ethical-hacking, earn-money-online, earn-money, bug-bounty10-May-2025
$12,000 Bounty: From Path Traversal to Remote Code Execution on GitLabhttps://medium.com/meetcyber/12-000-bounty-from-path-traversal-to-remote-code-execution-on-gitlab-eab315e346c3?source=rss------bug_bounty-5Monika sharmareport, technology, penetration-testing, bug-bounty, hacking10-May-2025
LockBit Ransomware Gang Hacked: Internal Data & Victim Chats Leakedhttps://wiretor.medium.com/lockbit-ransomware-gang-hacked-internal-data-victim-chats-leaked-05b1adc7e123?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, money, ai, malware10-May-2025
Inside the Enemy Lines: How a Simple IDOR Unmasked a Major Malware Campaignhttps://infosecwriteups.com/inside-the-enemy-lines-how-a-simple-idor-unmasked-a-major-malware-campaign-4d61c2293cf6?source=rss------bug_bounty-5Chuxbug-bounty, hacking, malware, technology, cybersecurity10-May-2025
Making Your First $1,000 in Bug Bounties: A Practical Roadmap for Aspiring Hackershttps://medium.com/@maxwellcross/making-your-first-1-000-in-bug-bounties-a-practical-roadmap-for-aspiring-hackers-0b74a89c76a9?source=rss------bug_bounty-5Maxwell Crosshacking, bug-bounty, programming, coding10-May-2025
HTML Injectionhttps://medium.com/@fatimahasan022/html-injection-33a2ba6d7562?source=rss------bug_bounty-5Fatimahasanbug-bounty, html-injection, ethical-hacking, hackthebox, penetration-testing10-May-2025
$9,400 Bounty: XSS in Shopify’s Jamf Pro via Exposed Swagger UIhttps://osintteam.blog/9-400-bounty-xss-in-shopifys-jamf-pro-via-exposed-swagger-ui-7b029a4be766?source=rss------bug_bounty-5Monika sharmabug-bounty, hacking, technology, cybersecurity, penetration-testing10-May-2025
Improve your cybersecurity skillshttps://medium.com/@loyalonlytoday/improve-your-cybersecurity-skills-5cdb31d40a4f?source=rss------bug_bounty-5loyalonlytodayctf, bug-bounty, penetration-testing, hacking, cybersecurity09-May-2025
XSS Explained: A Complete Guide to Cross-Site Scripting with Practical Exampleshttps://medium.com/@mazene432/xss-explained-a-complete-guide-to-cross-site-scripting-with-practical-examples-80453349b35f?source=rss------bug_bounty-5Mazen Elsayedvulnerability-assessment, cybersecurity, bug-bounty, web-penetration-testing, penetration-testing09-May-2025
️Recon Automation Like a Pro: My 5-Stage System to Catch More Bugshttps://infosecwriteups.com/%EF%B8%8Frecon-automation-like-a-pro-my-5-stage-system-to-catch-more-bugs-4fff7b7c4726?source=rss------bug_bounty-5Abhijeet Kumawatrecon, hacking, cybersecurity, bug-bounty, infosec09-May-2025
JS File Reconnaissance In Web Hackinghttps://medium.com/@SysSecureLabs/js-file-reconnaissance-in-web-hacking-436215909594?source=rss------bug_bounty-5SysSecureLabsbug-bounty, bounties, reconnaissance, files-j, recon09-May-2025
$50,000 Bounty: GitHub Access Tokenhttps://infosecwriteups.com/50-000-bounty-github-access-token-c29cb6f00182?source=rss------bug_bounty-5Monika sharmatechnology, penetration-testing, report, hacking, bug-bounty09-May-2025
$840 Bounty: How I Stole OAuth Tokens from Twitterhttps://infosecwriteups.com/840-bounty-how-i-stole-oauth-tokens-from-twitter-733f82857eda?source=rss------bug_bounty-5Monika sharmabug-bounty, penetration-testing, cybersecurity, technology, hacking09-May-2025
OttoKit WordPress Plugin Hacked: How 100K+ Sites Fell Prey to Sneaky Exploits ️‍♂️https://ismailtasdelen.medium.com/ottokit-wordpress-plugin-hacked-how-100k-sites-fell-prey-to-sneaky-exploits-%EF%B8%8F-%EF%B8%8F-3c8ddac468e8?source=rss------bug_bounty-5Ismail Tasdelencyberattack, web-security, bug-bounty, wordpress, vulnerability09-May-2025
Security Vulnerability in Hidden Parameters: IDOR Attack on Mighty App Payment Pagehttps://medium.com/@security.tecno/security-vulnerability-in-hidden-parameters-idor-attack-on-mighty-app-payment-page-e01ea2f2dc48?source=rss------bug_bounty-5TECNO Securitybug-bounty, bugs, security, apps, hacking09-May-2025
CSP? More Like Can’t Stop Payloads — Bypassing CSP to XSS Like a Prohttps://infosecwriteups.com/csp-more-like-cant-stop-payloads-bypassing-csp-to-xss-like-a-pro-90d27c2c3a40?source=rss------bug_bounty-5Iskimoney, cybersecurity, bug-bounty, infosec, hacking09-May-2025
Web Application Hacking: Where do I Even Start?https://systemweakness.com/web-application-hacking-where-do-i-even-start-a1e05c240936?source=rss------bug_bounty-5Regan Temudobug-bounty, cybersecurity, web-application-security, advice, how-to09-May-2025
HyperScanner [HxScanner] v1.4: A Fast, Beautiful HTTP & CORS Scanner for Modern Hackershttps://neerajsah.medium.com/hyperscanner-hxscanner-v1-4-a-fast-beautiful-http-cors-scanner-for-modern-hackers-749b36e2d947?source=rss------bug_bounty-5Neeraj Sahgo-programming, cybersecurity, bug-bounty, hacking, open-source09-May-2025
Mastering Rate Limit Bypass Techniqueshttps://infosecwriteups.com/mastering-rate-limit-bypass-techniques-fff9499b0f42?source=rss------bug_bounty-5coffinxppenetration-testing, hacking, bug-bounty, technology, cybersecurity09-May-2025
Squid — Port 3128 — How to exploit?https://medium.com/@verylazytech/squid-port-3128-how-to-exploit-4cc4adcff83a?source=rss------bug_bounty-5Very Lazy Techpenetration-testing, oscp, bug-bounty, ethical-hacking, exploit09-May-2025
$15,000 Bounty: Found a Critical Vulnerability in Snapchathttps://medium.com/meetcyber/15-000-bounty-found-a-critical-vulnerability-in-snapchat-377176a0f0eb?source=rss------bug_bounty-5Monika sharmatechnology, report, bug-bounty, penetration-testing, hacking09-May-2025
Mastering 403 Bypasseshttps://medium.com/@XEyeSecurity/mastering-403-bypasses-cf6d1919404e?source=rss------bug_bounty-5Cybersectoworldbug-bounty, bug-bounty-tips09-May-2025
⚔️ How I Hijacked Password Reset Links with One Sneaky Header Injectionhttps://root-geek.medium.com/%EF%B8%8F-how-i-hijacked-password-reset-links-with-one-sneaky-header-injection-47a0db51bfd9?source=rss------bug_bounty-5ASC Lagesbug-bounty-writeup, account-take-over, bug-bounty09-May-2025
Shifting Left with Vulnerability Management: Security as Codehttps://medium.com/@paritoshblogs/shifting-left-with-vulnerability-management-security-as-code-353c206db2de?source=rss------bug_bounty-5Paritoshbug-bounty, vulnerability, vulnerability-management, programming, cybersecurity08-May-2025
No Auth, No Problem: The API Vulnerability That Led to Full Account Takeoverhttps://akr3ch.medium.com/no-auth-no-problem-the-api-vulnerability-that-led-to-full-account-takeover-199c6d7e7fa7?source=rss------bug_bounty-5akr3chbug-bounty, bug-bounty-tips, hackerone, account-takeover, cybersecurity08-May-2025
Bug Hunting in JS Files: Tricks, Tools, and Real-World POCshttps://infosecwriteups.com/bug-hunting-in-js-files-tricks-tools-and-real-world-pocs-70406e3eb72e?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, vulnerability, json-web-token, json, cybersecurity08-May-2025
A Guide to SQL Injection Attacks: Hackers Don’t Want You to Know This!https://infosecwriteups.com/a-guide-to-sql-injection-attacks-hackers-dont-want-you-to-know-this-a9837f711f6b?source=rss------bug_bounty-5Dhanush Ninformation-security, bug-bounty, hacking, sql-injection, cybersecurity08-May-2025
Tool Review — TraceWeb.io Extensionhttps://infosecwriteups.com/tool-review-traceweb-io-extension-5fdf79396e21?source=rss------bug_bounty-5ne555bug-bounty, infosec, browser-extension, hacking08-May-2025
$100 Bounty: How a Spoofed Email Could Change Any Username on HackerOnehttps://infosecwriteups.com/100-bounty-how-a-spoofed-email-could-change-any-username-on-hackerone-8efd98ab44f5?source=rss------bug_bounty-5Monika sharmabug-bounty, hacking, penetration-testing, technology, cybersecurity08-May-2025
How to Escalate The Payload On The Infected Machine.https://medium.com/meetcyber/how-to-escalate-the-payload-on-the-infected-machine-1d1beaa560ef?source=rss------bug_bounty-5NnFacehacking, bug-bounty, meterpreter, ethical-hacking, metasploit08-May-2025
⚔️ Unsafe Eval = Unlimited Control: How a JS Sink Let Me Run Anythinghttps://infosecwriteups.com/%EF%B8%8F-unsafe-eval-unlimited-control-how-a-js-sink-let-me-run-anything-60794929a295?source=rss------bug_bounty-5Iskibug-bounty, infosec, hacking, cybersecurity, money08-May-2025
From Zero to Recon: Your First ASN-Based Scanning Workflowhttps://brutsecurity.medium.com/from-zero-to-recon-your-first-asn-based-scanning-workflow-b08c88709410?source=rss------bug_bounty-5Saumadip Mandalbug-bounty, nasa, bug-bounty-tips, cybersecurity08-May-2025
Complete Guide to Nuclei Vulnerability Scannerhttps://medium.com/@sksingh887378barat/complete-guide-to-nuclei-vulnerability-scanner-cc67658d30ad?source=rss------bug_bounty-5shubham kumarbug-bounty-tips, nuclei-template, vulnerability-assessment, cybersecurity, bug-bounty08-May-2025
How I Found PII on BBP, Open Door to Sensitive PDFs — But Got a Duplicatehttps://frostyxsec.medium.com/how-i-found-pii-on-bbp-open-door-to-sensitive-pdfs-but-got-a-duplicate-643fa0092e36?source=rss------bug_bounty-5Frostynxthbug-bounty-tips, bug-bounty-hunter, bug-bounty-write-up, bug-bounty08-May-2025
How I Deleted Any User’s Account— No Interaction Neededhttps://ehteshamulhaq198.medium.com/how-i-deleted-any-users-account-no-interaction-needed-faae0442ff4f?source=rss------bug_bounty-5Ehtesham Ul Haqpenetration-testing, infosec, ethical-hacking, bug-bounty, writeup08-May-2025
智能合约漏洞:区块链世界的隐秘威胁https://chartrand.medium.com/%E6%99%BA%E8%83%BD%E5%90%88%E7%BA%A6%E6%BC%8F%E6%B4%9E-%E5%8C%BA%E5%9D%97%E9%93%BE%E4%B8%96%E7%95%8C%E7%9A%84%E9%9A%90%E7%A7%98%E5%A8%81%E8%83%81-d53a3dd495cb?source=rss------bug_bounty-5Mckayla Chartrandweb3, smart-contracts, bug-bounty, security, bugbounty-tips08-May-2025
Exposing a Simple Bug That Crashed an Organization’s Forumhttps://0xmatrix.medium.com/exposing-a-simple-bug-that-crashed-an-organizations-forum-8ac532157d6a?source=rss------bug_bounty-5Mo2men Elmadyhacking, bug-bounty, penetration-testing, bugs, bug-bounty-tips08-May-2025
$700 Bounty from a 2-Year-Old Secret — Found with iScan.todayhttps://medium.com/@arshadkazmi42/700-bounty-from-a-2-year-old-secret-found-with-iscan-today-87fb07eb5f53?source=rss------bug_bounty-5Arshad Kazmiiscantoday, hackerone, bug-bounty, github08-May-2025
Exposing Shadow APIs: The Hidden Attack Surface in Modern Web Appshttps://medium.com/@tejprakashbk1996/exposing-shadow-apis-the-hidden-attack-surface-in-modern-web-apps-6fd1af0ec4e9?source=rss------bug_bounty-5tezpowasp, api, api-documentation, swagger, bug-bounty08-May-2025
From Open Redirect to Full Account Takeover: Exploiting OAuth Misconfigurationhttps://z00x.medium.com/from-open-redirect-to-full-account-takeover-exploiting-oauth-misconfiguration-35b0d215cf02?source=rss------bug_bounty-5z00xoauth, bug-bounty, open-redirect, account-takeover, cybersecurity08-May-2025
The Story Behind 4 Vulnerabilities in a Single Targethttps://medium.com/@mahmoudelsadey56/the-story-behind-4-vulnerabilities-in-a-single-target-11f89224d585?source=rss------bug_bounty-5Mahmoud elsadeybug-bounty-tips, bug-bounty, business-logic-bug, bug-bounty-writeup, race-condition08-May-2025
How I Got a Free Order by Bypassing Login — My First Real-World Bughttps://medium.com/@moh2005rr/how-i-got-a-free-order-by-bypassing-login-my-first-real-world-bug-38798b79a9d7?source=rss------bug_bounty-5Moh2005rrethical-hacking, web-security, bug-bounty, cybersecurity, burpsuite08-May-2025
$5000 Bounty: Critical Stored XSShttps://osintteam.blog/5000-bounty-critical-stored-xss-e93c1730eccc?source=rss------bug_bounty-5Monika sharmatechnology, hacking, penetration-testing, report, bug-bounty08-May-2025
Mastering Host Header Injection: Techniques, Payloads and Real-World Scenarioshttps://osintteam.blog/mastering-host-header-injection-techniques-payloads-and-real-world-scenarios-e00c9e1f85cd?source=rss------bug_bounty-5coffinxphacking, cybersecurity, technology, penetration-testing, bug-bounty08-May-2025
$500 Bounty: Parameter Pollution in HackerOne’shttps://osintteam.blog/500-bounty-parameter-pollution-in-hackerones-976bb0a3caae?source=rss------bug_bounty-5Monika sharmahacking, technology, penetration-testing, bug-bounty, report08-May-2025
A list of tools to find CORS(Cross-Origin Resource Sharing)https://medium.com/@loyalonlytoday/a-list-of-tools-to-find-cors-cross-origin-resource-sharing-37f4c5ead5a1?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, cors, hacking, bug-bounty, cybersecurity07-May-2025
Why CVSS Scores Alone Aren’t Enough in Vulnerability Managementhttps://medium.com/@paritoshblogs/why-cvss-scores-alone-arent-enough-in-vulnerability-management-219e8efad30e?source=rss------bug_bounty-5Paritoshvulnerability, cybersecurity, information-technology, bug-bounty, hacking07-May-2025
Hacking the Frontend Logic: Exploiting JavaScript Business Flawshttps://infosecwriteups.com/hacking-the-frontend-logic-exploiting-javascript-business-flaws-b6600fafd8a4?source=rss------bug_bounty-5Vipul Sonulecybersecurity, hacking, infosec, programming, bug-bounty07-May-2025
$2,900 Bounty: Public S3 Bucket Exposure in Shopifyhttps://infosecwriteups.com/2-900-bounty-public-s3-bucket-exposure-in-shopify-05b14bbf6dad?source=rss------bug_bounty-5Monika sharmacybersecurity, hacking, bug-bounty, technology, report07-May-2025
How to setup a Monthly Free VPS for Bug Huntinghttps://infosecwriteups.com/how-to-setup-a-monthly-free-vps-for-bug-hunting-d41d0fa3ed6c?source=rss------bug_bounty-5Mostafa Alrefaibug-bounty, github, cybersecurity, penetration-testing, hacking07-May-2025
JS Recon To HTML Injectionhttps://medium.com/legionhunters/js-recon-to-html-injection-4cdca8fd88cf?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitinformation-technology, bug-bounty, programming, coding, hacking07-May-2025
“ Mastering Bug Bounty Recon: Tools & Techniques to Uncover Vulnerabilities ”https://medium.com/@devillegiondevils/mastering-bug-bounty-recon-tools-techniques-to-uncover-vulnerabilities-6db1bbfef248?source=rss------bug_bounty-5Hex00bug-bounty-writeup, recon, bug-bounty, bug-bounty-tips, subdomains-enumeration07-May-2025
️‍♂️ Unlisted but Not Unseen: How I Found the Admin Panel in a JavaScript Commenthttps://infosecwriteups.com/%EF%B8%8F-%EF%B8%8F-unlisted-but-not-unseen-how-i-found-the-admin-panel-in-a-javascript-comment-f34af758b4c8?source=rss------bug_bounty-5Iskihacking, cybersecurity, bug-bounty, infosec, money07-May-2025
Exploring the Bug Bounty Program: A Gateway to Ethical Hacking and Cybersecurity Careershttps://medium.com/@narayanananand480/exploring-the-bug-bounty-program-a-gateway-to-ethical-hacking-and-cybersecurity-careers-34649bc79690?source=rss------bug_bounty-5Anand Narayanancybersecurity, bug-bounty-tips, cyber-security-courses, bug-bounty, ethical-hacking07-May-2025
How a JavaScript File Led Me to an Open Redirect Vulnerabilityhttps://systemweakness.com/how-a-javascript-file-led-me-to-an-open-redirect-vulnerability-eefce51303b2?source=rss------bug_bounty-5Shafayat Ahmed Alifbug-bounty, bug-bounty-tips, bug-bounty-writeup, open-redirect, cybersecurity07-May-2025
SubNotifierhttps://medium.com/@eliyevnahid0404/subnotifier-b8a8f2671819?source=rss------bug_bounty-5Nahid Əliyevpentesting, cybersecurity, bug-bounty07-May-2025
Unveiling Critical Weaknesses: A Rigorous Penetration Test of a Web Applicationhttps://medium.com/@tusharpuri6/unveiling-critical-weaknesses-a-rigorous-penetration-test-of-a-web-application-3b60cef532e6?source=rss------bug_bounty-5Tusharpuripenetration-testing, bug-bounty, application-security, infosec, offensive-security07-May-2025
From Cross-Subdomain Cookie Reuse to Becoming Super Admin: An Exploit Chain Walkthroughhttps://medium.com/@cyberpro151/from-cross-subdomain-cookie-reuse-to-becoming-super-admin-an-exploit-chain-walkthrough-32527caa2a11?source=rss------bug_bounty-5cyberpro151hacking, bug-bounty-tips, penetration-testing, bug-bounty, bug-bounty-writeup07-May-2025
Docker — Port 2375,2376 — How to exploit?https://medium.com/@verylazytech/docker-port-2375-2376-how-to-exploit-8faa8d70a7ab?source=rss------bug_bounty-5Very Lazy Techethical-hacking, bug-bounty, docker, exploit, penetration-testing07-May-2025
Discovering a Blind XSS Vulnerability in the Platformhttps://medium.com/@Saeiez/discovering-a-blind-xss-vulnerability-in-the-platform-1fa45a6621db?source=rss------bug_bounty-5Saeiezbug-bounty-tips, web3, ai, bug-bounty, pentesting07-May-2025
Compress-a-thon — Web Exploitation — Pentathon 2025https://medium.com/@dassomnath/compress-a-thon-web-exploitation-pentathon-2025-fea9adf9fa6b?source=rss------bug_bounty-5Somnath Dasweb-hacking, pentathon-2025-writeup, web, hacking, bug-bounty07-May-2025
Discovering a Blind XSS Vulnerability in the Platform AIhttps://medium.com/@Saeiez/discovering-a-blind-xss-vulnerability-in-the-platform-1fa45a6621db?source=rss------bug_bounty-5Saeiezbug-bounty-tips, web3, ai, bug-bounty, pentesting07-May-2025
OttoKit WordPress Plugin Exploit Hackers Create Rogue Admin Accounthttps://wiretor.medium.com/ottokit-wordpress-plugin-exploit-hackers-create-rogue-admin-account-7e654c49e719?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, rce, hacking, ai07-May-2025
Unmasking Robots.txt: What Web Crawlers Hide and relates OSINThttps://osintteam.blog/everything-about-robots-txt-file-3815dddfbfce?source=rss------bug_bounty-5127.0.0.1cybersecurity, robotstxt, osint, site-crawlers, bug-bounty07-May-2025
Shift Left Testinghttps://medium.com/@rashid.alakbarov/shift-left-testing-a9293d520eaa?source=rss------bug_bounty-5Rashid Alakbarovqa, bug-bounty, software-testing, developer06-May-2025
Undeleted Secrets: Uncovering an IDOR Vulnerability in “Recently Deleted” Itemshttps://medium.com/@0x1di0t/undeleted-secrets-uncovering-an-idor-vulnerability-in-recently-deleted-items-6d35db221008?source=rss------bug_bounty-5Wahid Najimidor-vulnerability, bug-bounty, soft-deletion, idor06-May-2025
Mastering Runtime Hooking with Frida — Real-World Challenges (Part 3)https://medium.com/@ch3tanbug/mastering-runtime-hooking-with-frida-real-world-challenges-part-3-b70a62ed4395?source=rss------bug_bounty-5CH3TANbug-bounty, reverse-engineering, jadx, mobile-security, cybersecurity06-May-2025
Query Confusion: How HTTP Parameter Pollution Made the App Spill Secretshttps://infosecwriteups.com/query-confusion-how-http-parameter-pollution-made-the-app-spill-secrets-55b09a1bc98b?source=rss------bug_bounty-5Iskicybersecurity, infosec, bug-bounty, money, hacking06-May-2025
$2000 Bounty: Stored XSS in GitLabhttps://infosecwriteups.com/2000-bounty-stored-xss-in-gitlab-c71b2d7a3c21?source=rss------bug_bounty-5Monika sharmahacking, penetration-testing, technology, bug-bounty, report06-May-2025
How Hackers Exploit CORS Misconfigurationshttps://infosecwriteups.com/how-hackers-exploit-cors-misconfigurations-35a6c5d7e0c8?source=rss------bug_bounty-5Vipul Sonuleinfosec, programming, bug-bounty, cybersecurity, hacking06-May-2025
OAuth Integration Hijack via Predictable state Parameterhttps://kariiem.medium.com/oauth-integration-hijack-via-predictable-state-parameter-facdae83e6b6?source=rss------bug_bounty-5Kariiem Gamaloauth, csrf, bug-bounty, penetration-testing06-May-2025
Email Enumeration melalui Endpoint POST /api/passwordReset/?h=https://medium.com/@FufuFaf1/email-enumeration-melalui-endpoint-post-api-passwordreset-h-80c4aa7d0159?source=rss------bug_bounty-5FufuFafacybersecurity, bug-bounty-writeup, bugcrowd, bug-bounty, hunting06-May-2025
A list of checklists for bug hunters and penetration testershttps://medium.com/@loyalonlytoday/a-list-of-checklists-for-bug-hunters-and-penetration-testers-d94d711375bd?source=rss------bug_bounty-5loyalonlytodaycybersecurity, checklist, penetration-testing, hacking, bug-bounty06-May-2025
How I Found Critical Flaws in a Medical SOAP APIhttps://medium.com/illumination/how-i-found-critical-flaws-in-a-medical-soap-api-382233398015?source=rss------bug_bounty-5om kumarcybersecurity, technology, illumination, bug-bounty, software-engineering06-May-2025
H@cking Hospital For Mass PII Leakhttps://medium.com/meetcyber/h-cking-hospital-for-mass-pii-leak-85c3d89db434?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitinformation-technology, cybersecurity, bug-bounty-writeup, hacking, bug-bounty06-May-2025
The Hidden Dangers of Misconfigured Cloud Storagehttps://medium.com/meetcyber/the-hidden-dangers-of-misconfigured-cloud-storage-c9debc08f506?source=rss------bug_bounty-5Erkan Kavascybersecurity, cloud-security, pentest, bug-bounty, cloud-storage06-May-2025
I Found Bugs in 50+ Paid Bug Bounty Programshttps://medium.com/@mehrabopi33500/i-found-bugs-in-50-paid-bug-bounty-programs-5fcf88dbc761?source=rss------bug_bounty-5Mehrabopibug-bounty, bug-bounty-writeup, bug-bounty-tips, cybersecurity, bugcrowd06-May-2025
NFS Service — Port 2049 — How to exploit?https://medium.com/@verylazytech/nfs-service-port-2049-how-to-exploit-d70875fbaeff?source=rss------bug_bounty-5Very Lazy Techoscp, nfs-server, exploit, penetration-testing, bug-bounty06-May-2025
Accidental Hacker: How I Found a Critical Data Leak Bug with Just a Few Clickshttps://zetzer.medium.com/accidental-hacker-how-i-found-a-critical-data-leak-bug-with-just-a-few-clicks-3cabd1f97aee?source=rss------bug_bounty-5Zetapenetration-testing, bug-zero, cybersecurity, bug-bounty-writeup, bug-bounty06-May-2025
A Must-Have Tool for Bug Hunters: Find Open Redirect Vulnerabilities on Linuxhttps://infosecwriteups.com/a-must-have-tool-for-bug-hunters-find-open-redirect-vulnerabilities-on-linux-21ad0c7d148e?source=rss------bug_bounty-5Elie Attiehcyber-security-awareness, cybersecurity, bug-bounty, pentesting, ethical-hacking06-May-2025
IDOR Allows Unauthorized Access to Other Users’ Personal Datahttps://brbr0s.medium.com/idor-allows-unauthorized-access-to-other-users-personal-data-8f73486cbab0?source=rss------bug_bounty-5brbr0sidor, bug-bounty-writeup, bug-bounty, bug-bounty-tips06-May-2025
How I Built a One-Click Vulnerability Report Generator with Pythonhttps://elcazad0r.medium.com/how-i-built-a-one-click-vulnerability-report-generator-with-python-e61d87983d7b?source=rss------bug_bounty-5EL_Cazad0rbug-bounty, penetration-testing-tools, github, cybersecurity, bug-bounty-tips06-May-2025
FOFA Dorking for Bug Huntershttps://medium.com/legionhunters/fofa-dorking-for-bug-hunters-a35c80bbab6e?source=rss------bug_bounty-5AbhirupKonwarosint, bug-bounty, ethical-hacking, pentesting, bug-bounty-tips06-May-2025
️‍♂️ I Reported a Security Flaw, They Silently Patched It… and Ghosted Me.https://medium.com/@rolextital/%EF%B8%8F-%EF%B8%8F-i-reported-a-security-flaw-they-silently-patched-it-and-ghosted-me-03f0a02a696b?source=rss------bug_bounty-5Rolextitalbug-bounty, cybersecurity, vulnerability, ethical-hacking, hacker06-May-2025
️ How I Earned $150 by Exploiting an XML-RPC SSRF in a WordPress Sitehttps://medium.com/@sauravkrish59/%EF%B8%8F-how-i-earned-150-by-exploiting-an-xml-rpc-ssrf-in-a-wordpress-site-51037eb58252?source=rss------bug_bounty-5@Sauravkrishhacking, ethical-hacking, bug-bounty, bug-bounty-tips, bug-bounty-writeup06-May-2025
The Ultimate Guide to API Security Testing — Cheat sheet 2025 — Part2https://t4144t.medium.com/the-ultimate-guide-to-api-security-testing-cheat-sheet-2025-part2-a7d8a69710ff?source=rss------bug_bounty-5Mohamed Talaat Saada (@t4144t)bug-bounty-writeup, bug-bounty, bug-bounty-tips, application-security, penetration-testing06-May-2025
WordPress Security Posture: More Fragile Than You Thinkhttps://medium.com/@reuvenel5/wordpress-security-posture-more-fragile-than-you-think-15497115b435?source=rss------bug_bounty-5AZwordpress, cybersecurity, bugs, application-security, bug-bounty06-May-2025
Revisiting the Past, Hacking the Futurehttps://ghostman01.medium.com/invalid-bug-c3cae222858c?source=rss------bug_bounty-5SIDDHANT SHUKLAbug-bounty, cybersecurity, programming, hacking, technology06-May-2025
Revisiting the Past, Hacking the Futurehttps://infosecwriteups.com/invalid-bug-c3cae222858c?source=rss------bug_bounty-5SIDDHANT SHUKLAbug-bounty, cybersecurity, programming, hacking, technology06-May-2025
Stop Wasting Time: Build a CTI Collection Plan That Actually Works!https://medium.com/@paritoshblogs/stop-wasting-time-build-a-cti-collection-plan-that-actually-works-6edb5181a383?source=rss------bug_bounty-5Paritoshhacking, cyber-threat-intelligence, bug-bounty, cybersecurity, threat-hunting05-May-2025
Snapdroid: One-Click Android PoC Capture for Bug Bounty Hunters & Pentestershttps://medium.com/@dr34mb0y/snapdroid-one-click-android-poc-capture-for-bug-bounty-hunters-pentesters-2f7a44bf5582?source=rss------bug_bounty-5Sid Joshiandroid-pentest, android-pentesting, snapdroid, android, bug-bounty05-May-2025
Easy Framework based Bugs Series is soon…https://medium.com/@nyany032/easy-framework-based-bugs-series-is-soon-fb8f29e21be0?source=rss------bug_bounty-5Shir0Epentesting, bug-bounty-tips, cybersecurity, bug-bounty-writeup, bug-bounty05-May-2025
Google Dorking: How to Uncover Hidden Vulnerabilities in Penetration Testing ️‍♂️https://medium.com/@vivekbhatt2002/google-dorking-how-to-uncover-hidden-vulnerabilities-in-penetration-testing-%EF%B8%8F-%EF%B8%8F-2a3386522e79?source=rss------bug_bounty-5YoungerSiblingbug-bounty, ethical-hacking, google-dorking, osint, ethical-hacking-tips05-May-2025
Clickjacked to the Core: Turning UI into a Trapdoorhttps://infosecwriteups.com/clickjacked-to-the-core-turning-ui-into-a-trapdoor-a196dde6997b?source=rss------bug_bounty-5Iskimoney, infosec, bug-bounty, cybersecurity, hacking05-May-2025
Bypassing Regex Validations to Achieve RCE: A Wild Bug Storyhttps://infosecwriteups.com/bypassing-regex-validations-to-achieve-rce-a-wild-bug-story-4c523f69b9f8?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, rce, bug-bounty, cybersecurity, hacking05-May-2025
$750 Bounty: Sensitive Data Exposurehttps://infosecwriteups.com/750-bounty-sensitive-data-exposure-c944e626c733?source=rss------bug_bounty-5Monika sharmatechnology, bug-bounty, hacking, penetration-testing, report05-May-2025
Cross-Site Request Forgery (CSRF) Made Easy: A Beginner’s Perspectivehttps://medium.com/@natarajanck2/cross-site-request-forgery-csrf-made-easy-a-beginners-perspective-037b4ba6d62a?source=rss------bug_bounty-5Natarajan C Kbug-bounty, hacking, exploitation, it-security, csrf-attack05-May-2025
une XSS simple sur la page de login CVE-2024–48410https://medium.com/@Itachi0xf/une-xss-simple-sur-la-page-de-login-cve-2024-48410-65435f4a0f84?source=rss------bug_bounty-5Itachix0fcve, xss-attack, bug-bounty05-May-2025
Subdomain Takeover: My $450 Win & How You Can Do It Toohttps://ehteshamulhaq198.medium.com/subdomain-takeover-my-450-win-how-you-can-do-it-too-3337ca0513b6?source=rss------bug_bounty-5Ehtesham Ul Haqwriteup, subdomain, penetration-testing, bug-bounty, bug-bounty-tips05-May-2025
I found Open Redirect on US Government websitehttps://medium.com/@0xpedrop/i-found-open-redirect-on-us-government-website-60a2d1d1e049?source=rss------bug_bounty-50xPedropbug-bounty-writeup, bug-bounty05-May-2025
The Unseen Battle: Why Modern Cybersecurity Demands Proactive Defense and Zero Trusthttps://medium.com/@hemran314/the-unseen-battle-why-modern-cybersecurity-demands-proactive-defense-and-zero-trust-0f63ec875784?source=rss------bug_bounty-5e0xsecopsartificial-intelligence, cybersecurity, blockchain, bug-bounty, information-technology05-May-2025
Bug Bounty : Se confronter au réel, apprendre à encaisser ️‍♂️https://medium.com/@rcottignies/bug-bounty-se-confronter-au-r%C3%A9el-apprendre-%C3%A0-encaisser-%EF%B8%8F-%EF%B8%8F-87376b539175?source=rss------bug_bounty-5Rebecca Cottigniespentest, security, bug-bounty, cybersecurity05-May-2025
Compaq HP Insight Manager — Port 2301, 2381 — How to exploithttps://medium.com/@verylazytech/compaq-hp-insight-manager-port-2301-2381-how-to-exploit-337f1175d2f8?source=rss------bug_bounty-5Very Lazy Techethical-hacking, bug-bounty, oscp, hp, exploit05-May-2025
Here we go , 2 bugs in the same programhttps://medium.com/@0xjoex/here-we-go-2-bugs-in-same-program-0cb99b42a1f4?source=rss------bug_bounty-5Youssef Hanywriteup, broken-access-control, bug-bounty, ssti, security05-May-2025
$500 Bounty for Reflected XSS on HackerOnehttps://osintteam.blog/500-bounty-for-reflected-xss-on-hackerone-29c13793bc91?source=rss------bug_bounty-5Monika sharmabug-bounty, report, penetration-testing, cybersecurity, technology05-May-2025
Hacker’s Recon Guide: Tools & Tricks to Map Any Targethttps://osintteam.blog/hackers-recon-guide-tools-tricks-to-map-any-target-f1e97d7bfdb6?source=rss------bug_bounty-5Vipul Sonuletechnology, hacking, cybersecurity, osint, bug-bounty05-May-2025
The Ultimate Guide to API Security Testing — Cheat sheet 2025 Editionhttps://t4144t.medium.com/the-ultimate-guide-to-api-security-testing-cheat-sheet-2025-edition-b64fd3d158dd?source=rss------bug_bounty-5Mohamed Talaat Saada (@t4144t)penetration-testing, bug-bounty-writeup, bug-bounty-tips, owasp-top-10, bug-bounty05-May-2025
How I Found an Host Header Injection Vulnerability Easily In (Mars)$https://zuksh.medium.com/how-i-found-an-host-header-injection-vulnerability-easily-in-mars-2a56a1c942c3?source=rss------bug_bounty-5Zukshpenetration-testing, infosec, bug-bounty, cybersecurity, host-header-injection04-May-2025
Mastering Boundary Value Analysis: Guide to Uncovering Hidden Bugshttps://medium.com/@sajith-dilshan/mastering-boundary-value-analysis-guide-to-uncovering-hidden-bugs-4eb58b43899b?source=rss------bug_bounty-5sajith dilshansoftware-testing, boundary-value-analysis, qa, qa-testing, bug-bounty04-May-2025
$505 Bounty: Denial of Service Vulnerabilityhttps://osintteam.blog/505-bounty-denial-of-service-vulnerability-bd6daef5fe8a?source=rss------bug_bounty-5Monika sharmareport, hacking, technology, bug-bounty, cybersecurity04-May-2025
Using VirusTotal Graphs and Retro Hunt for IOC Discoveryhttps://medium.com/@paritoshblogs/using-virustotal-graphs-and-retro-hunt-for-ioc-discovery-d1c4b4e209b4?source=rss------bug_bounty-5Paritoshcybersecurity, information-technology, hacking, security, bug-bounty04-May-2025
Bypassing 2FA in a Public Bug Bounty Program: A $6000 Journeyhttps://mokhansec.medium.com/bypassing-2fa-in-a-public-bug-bounty-program-a-6000-journey-bae8a5418461?source=rss------bug_bounty-5Mohsin khanbug-bounty-tips, cybersecurity, bugs, bug-bounty, bug-bounty-writeup04-May-2025
Mastering Event Handlers in JavaScript and HTML: The Complete Guide with Exampleshttps://medium.com/@zoningxtr/mastering-event-handlers-in-javascript-and-html-the-complete-guide-with-examples-60ef2c4d025b?source=rss------bug_bounty-5Zoningxtrhtml, javascript, penetration-testing, bug-bounty, coding04-May-2025
WordPress User Enumeration via author-sitemap.xml on Payapps.comhttps://medium.com/@regan_temudo/wordpress-user-enumeration-via-author-sitemap-xml-on-payapps-com-5ffad0ca1cc2?source=rss------bug_bounty-5Regan Temudowordpress-security, cybersecurity, information-security, bug-bounty, ethical-hacking04-May-2025
$800 Bounty: Account Takeover in Shopifyhttps://infosecwriteups.com/800-bounty-account-takeover-in-shopify-f4394ee37975?source=rss------bug_bounty-5Monika sharmabug-bounty, technology, penetration-testing, report, cybersecurity04-May-2025
$3750 Bounty: Account Creation with Invalid Email Addresseshttps://infosecwriteups.com/3750-bounty-account-creation-with-invalid-email-addresses-aca169eddcc7?source=rss------bug_bounty-5Monika sharmatechnology, bug-bounty, hacking, cybersecurity, report04-May-2025
Modest Payouts, Major Payoff: 4 IDORs That Netted $12Khttps://infosecwriteups.com/modest-payouts-major-payoff-4-idors-that-netted-12k-64f4ab6754c0?source=rss------bug_bounty-5Ashutosh Duttabug-bounty, cybersecurity, bugcrowd, hackerone, infosec04-May-2025
Subdomain Surfing to Server Secrets  — How I Took Over a Forgotten Subdomainhttps://infosecwriteups.com/subdomain-surfing-to-server-secrets-how-i-took-over-a-forgotten-subdomain-4e9b1147f880?source=rss------bug_bounty-5Iskihacking, servers, cybersecurity, bug-bounty, money04-May-2025
The Ultimate Guide to Email Input Field Vulnerability Testinghttps://infosecwriteups.com/the-ultimate-guide-to-email-input-field-vulnerability-testing-18f96fc42251?source=rss------bug_bounty-5coffinxptechnology, bug-bounty-tips, penetration-testing, hacking, bug-bounty04-May-2025
Mastering Bug Bounties with Burp Suite: A Comprehensive Guide to Web Securityhttps://medium.com/@benjaminmillerdev/mastering-bug-bounties-with-burp-suite-a-comprehensive-guide-to-web-security-bb63a03e6511?source=rss------bug_bounty-5Benjaminmillerdevhacking-for-defense, hacking, bugbounty-writeup, bug-bounty04-May-2025
Mastering Nikto: Advanced Bug Bounty Hunting Techniques” by Benjamin Miller.https://medium.com/@benjaminmillerdev/mastering-nikto-advanced-bug-bounty-hunting-techniques-by-benjamin-miller-62d2bc441e6a?source=rss------bug_bounty-5Benjaminmillerdevnikto, bug-bounty, hacker04-May-2025
Beautiful open redirect on Google.comhttps://biswajeetray7.medium.com/beautiful-open-redirect-on-google-com-752c98a80b7d?source=rss------bug_bounty-5Biswajeet Raybug-bounty, open-redirect, vulnerability, bounty-hunter, bugbounty-writeup04-May-2025
MQTT (Message Queuing Telemetry Transport) — Port 1883 — How to exploit?https://medium.com/@verylazytech/mqtt-message-queuing-telemetry-transport-port-1883-how-to-exploit-3ee2f6510bf4?source=rss------bug_bounty-5Very Lazy Techoscp, exploit, ethical-hacking, bug-bounty, mqtt04-May-2025
CLOUD OSINThttps://medium.com/@rr-1k/cloud-osint-0e259c256008?source=rss------bug_bounty-5rr-1kbug-bounty, infosec, osint, osint-tool, tools04-May-2025
How I Found My Favorite Bug in a Top Bug Bounty Programhttps://medium.com/@mahdisalhi0500/how-i-found-my-favorite-bug-in-a-top-bug-bounty-program-bbeb36e898f8?source=rss------bug_bounty-5CaptinSHArky(Mahdi)infosec, hacking, cybersecurity, information-technology, bug-bounty04-May-2025
Understanding Server Side Template Injection (SSTI)https://medium.com/@natarajanck2/understanding-server-side-template-injection-ssti-1cb0465dd46d?source=rss------bug_bounty-5Natarajan C Ksecurity, bugs, ssti-exploitation, it-security, bug-bounty04-May-2025
Best Bug Bounty Programs to Kickstart Your Bug Bounty Journeyhttps://ismailtasdelen.medium.com/best-bug-bounty-programs-to-kickstart-your-bug-bounty-journey-4673d1192389?source=rss------bug_bounty-5Ismail Tasdelenbug-bounty-writeup, bug-bounty, bug-bounty-hunter, bug-bounty-program, bug-bounty-tips04-May-2025
SQLi in .gov.in Exposed Millions of Aadhaar, Bank Data and Personal Datahttps://medium.com/@pkhuyar/sqli-in-gov-in-exposed-millions-of-aadhaar-bank-data-and-personal-data-0bde62a649aa?source=rss------bug_bounty-5Prashant kamkarbug-bounty-writeup, bug-bounty, cybersecurity, cyber-security-awareness, information-security04-May-2025
$750 Bounty: Two-factor Authenticationhttps://osintteam.blog/750-bounty-two-factor-authentication-5241a45e7fc1?source=rss------bug_bounty-5Monika sharmahacking, technology, report, cybersecurity, bug-bounty03-May-2025
IDOR Attacks Made Simple: How Hackers Access Unauthorized Datahttps://infosecwriteups.com/idor-attacks-made-simple-how-hackers-access-unauthorized-data-ca1158d18190?source=rss------bug_bounty-5Vipul Sonulebug-bounty, hacking, technology, cybersecurity, programming03-May-2025
$4,323 Bounty Alerthttps://infosecwriteups.com/4-323-bounty-alert-4af6e66bb8c1?source=rss------bug_bounty-5Monika sharmahacking, bug-bounty, cybersecurity, report, technology03-May-2025
Breaking in Unpardoned.https://medium.com/h7w/breaking-in-unpardoned-02f64d4f412e?source=rss------bug_bounty-5NnFacecybersecurity, hacking, bug-bounty, metasploit, ethical-hacking03-May-2025
Bugged by Backup Files: How .zip and .bak Gave Me the Source Codehttps://infosecwriteups.com/bugged-by-backup-files-how-zip-and-bak-gave-me-the-source-code-872a376b0b2b?source=rss------bug_bounty-5Iskiinfosec, cybersecurity, bug-bounty, hacking, money03-May-2025
How I Found Internal Dashboards Using Google Dorks + OSINThttps://infosecwriteups.com/how-i-found-internal-dashboards-using-google-dorks-osint-5f2c9515fcd6?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, google-dork, ai, bug-bounty, osint03-May-2025
Information Disclosure Vulnerability Writeup HackerOnehttps://medium.com/meetcyber/information-disclosure-vulnerability-writeup-hackerone-be7fbe7e7893?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, hackerone, pentesting, bug-bounty, bug-bounty-writeup03-May-2025
PPTP- Point-to-Point Tunneling Protocol — Port 1723 — How to exploit?https://medium.com/@verylazytech/pptp-point-to-point-tunneling-protocol-port-1723-how-to-exploit-8d36438849c5?source=rss------bug_bounty-5Very Lazy Techethical-hacking, oscp, bug-bounty, exploit, pptp03-May-2025
From Curiosity to Duplicated: How I Found a Critical Account Takeover Bughttps://medium.com/@Hamzawy-1/from-curiosity-to-duplicated-how-i-found-a-critical-account-takeover-bug-8e43bd035ab0?source=rss------bug_bounty-5Hamza Ahmed Youssefwriteup, bug-bounty03-May-2025
Finding more subdomains(part 4)https://medium.com/@loyalonlytoday/finding-more-subdomains-part-4-a9bdde09f052?source=rss------bug_bounty-5loyalonlytodaybug-bounty, hacking, bug-bounty-tips, penetration-testing, cybersecurity02-May-2025
Missed Horizontal Privilege Escalation in a Bug Bounty Program!https://spider7.medium.com/missed-horizontal-privilege-escalation-in-a-bug-bounty-program-d7134b2ffa01?source=rss------bug_bounty-5Zetabug-bounty-writeup, bug-bounty, bug-hunting, bug-bounty-tips, hackerone02-May-2025
$300 Bounty: SSRF to Cloud Metadatahttps://infosecwriteups.com/300-bounty-ssrf-to-cloud-metadata-4c6a7dda9818?source=rss------bug_bounty-5Monika sharmahacking, cybersecurity, technology, report, bug-bounty02-May-2025
️‍♂️ Subdomain Enumeration Automation for Bug Bounty: Save Time, Hack Smart!https://medium.com/@shadyfarouk1986/%EF%B8%8F-%EF%B8%8F-subdomain-enumeration-automation-for-bug-bounty-save-time-hack-smart-dd5d97eba1dc?source=rss------bug_bounty-5Shady Faroukbug-bounty, hacker, bounty-program, hacker-news, hackerone02-May-2025
$400 Bounty: OAuth Token Theft in One Clickhttps://osintteam.blog/400-bounty-oauth-token-theft-in-one-click-4eb29b16d6dc?source=rss------bug_bounty-5Monika sharmatechnology, hacking, cybersecurity, bug-bounty, report02-May-2025
From File Upload to Credential Theft: My $1,000 Bounty Journey with Stored XSShttps://osintteam.blog/from-file-upload-to-credential-theft-my-1-000-bounty-journey-with-stored-xss-76d70ac53817?source=rss------bug_bounty-5Krish_cyberxss-attack, infosec-write-ups, ethical-hacking, osint, bug-bounty02-May-2025
The Ultimate Guide to 403 Forbidden Bypass (2025 Edition)https://osintteam.blog/the-ultimate-guide-to-403-forbidden-bypass-2025-edition-1b2e852e503e?source=rss------bug_bounty-5coffinxpprogramming, bug-bounty, technology, bug-bounty-tips, hacking02-May-2025
Web Security & Bug Bounty: Learn Penetration Testing — Chapter 1https://medium.com/@rikisg2/web-security-bug-bounty-learn-penetration-testing-chapter-1-51af5f98bc59?source=rss------bug_bounty-5Riki SatyaGrahabug-bounty, cybersecurity, web-security, ethical-hacking, penetration-testing02-May-2025
Persistence via Registry — How Attackers Abuse the Windows Registryhttps://medium.com/@paritoshblogs/persistence-via-registry-how-attackers-abuse-the-windows-registry-186be2587c20?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, cybersecurity, information-security, hacking02-May-2025
Payloads in Plain Sight: How Open Redirect + JavaScript Led to Full Account Takeoverhttps://infosecwriteups.com/payloads-in-plain-sight-how-open-redirect-javascript-led-to-full-account-takeover-a7ae1c359679?source=rss------bug_bounty-5Iskicybersecurity, hacking, money, infosec, bug-bounty02-May-2025
My First Paid Bug Bounty: A Hidden Gallery & A Lesson in Misconfiguration 🙂https://medium.com/@gnaitikg/my-first-paid-bug-bounty-a-hidden-gallery-a-lesson-in-misconfiguration-3efefe71c8cf?source=rss------bug_bounty-5Naitik Guptaethical-hacking, bug-bounty, cybersecurity, naitikgupta02-May-2025
Privilege Escalation to Super Admin via Mass Assessment in a Multi-Tenant Laravel Apphttps://medium.com/@rahulms_71093/privilege-escalation-to-super-admin-via-mass-assessment-in-a-multi-tenant-laravel-app-526d1309de73?source=rss------bug_bounty-5Rahul M Scybersecurity, bug-bounty, penetration-testing, access-control02-May-2025
The Ultimate Web Application Hacking Checklist (2025 Edition)https://medium.com/@ZishanAdThandar/the-ultimate-web-application-hacking-checklist-2025-edition-eea1a0a23977?source=rss------bug_bounty-5ZishanAdThandarethical-hacking, web-application-security, bug-bounty, penetration-testing, cybersecurity02-May-2025
Breaking OTPs in the Real World: How Design Flaws Led to Full Account Takeoverhttps://medium.com/@Arioex/breaking-otps-in-the-real-world-how-design-flaws-led-to-full-account-takeover-46a09f95eaba?source=rss------bug_bounty-5Huntsmanbug-bounty, bug-bounty-writeup, hackerone, hacking, bug-bounty-tips02-May-2025
How I Built the Ultimate Web Hacking Checklist — And Why It’s Helping Bug Bounty Hunters Win Morehttps://medium.com/@ZishanAdThandar/how-i-built-the-ultimate-web-hacking-checklist-and-why-its-helping-bug-bounty-hunters-win-more-d6ef0cb8dc4b?source=rss------bug_bounty-5ZishanAdThandarbug-bounty, bug-bounty-tips, red-team, cybersecurity, web-app-pentesting02-May-2025
Insecure Direct Object Reference (IDOR) in a Government Portalhttps://medium.com/@dharaniswaran.cs22/insecure-direct-object-reference-idor-in-a-government-portal-c83c0c638577?source=rss------bug_bounty-5Dharanisweb-pen-testing, bug-bounty, burpsuite, idor, government02-May-2025
$1000 Bounty: Account Takeover via Host Header Injection in Password Reset Flowhttps://ehteshamulhaq198.medium.com/1000-bounty-account-takeover-via-host-header-injection-in-password-reset-flow-dc0cdb2d972b?source=rss------bug_bounty-5Ehtesham Ul Haqpenetration-testing, bug-bounty, infosec, injection, bug-bounty-tips02-May-2025
Exploiting File Inclusion: From Dot-Dot-Slash to RCE using PHP Sessions, Log Poisoning, and…https://infosecwriteups.com/exploiting-file-inclusion-from-dot-dot-slash-to-rce-using-php-sessions-log-poisoning-and-4db1bdf8ad77?source=rss------bug_bounty-5Bash Overflowbug-bounty-tips, lfi-to-rce, local-file-inclusion, bypass-lfi-filters, bug-bounty02-May-2025
Important tool for Pentesters & Bug huntershttps://medium.com/@loyalonlytoday/important-tool-for-pentesters-bug-hunters-ea33ab1269b6?source=rss------bug_bounty-5loyalonlytodaybug-bounty, bug-bounty-tips, ethical-hacking, penetration-testing, cybersecurity01-May-2025
$1000 Bounty: XSS in Phabricator’s Editorhttps://osintteam.blog/1000-bounty-xss-in-phabricators-editor-97fa74b24633?source=rss------bug_bounty-5Monika sharmahacking, technology, bug-bounty, report, penetration-testing01-May-2025
Session Reuse After Logout: Vulnerability Report on Improper Session Invalidationhttps://medium.com/@FufuFaf1/session-reuse-after-logout-vulnerability-report-on-improper-session-invalidation-3e6a8d3d1707?source=rss------bug_bounty-5FufuFafabug-bounty, cybersecurity, bugbounty-tips01-May-2025
SSRF PAYLOADS [ HARVEST CRITICAL FILES AND CREDENTIALhttps://medium.com/@rr-1k/ssrf-payloads-harvest-critical-files-and-credential-261e5b2beda4?source=rss------bug_bounty-5rr-1kinfosec, bug-bounty-writeup, bug-bounty, bug-bounty-tips, ssrf01-May-2025
Techniques Implemented last month as a Bug Hunterhttps://cybersecuritywriteups.com/techniques-implemented-last-month-as-a-bug-hunter-f0e6af9cb12e?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-writeup, bug-bounty-tips, vulnerability-management, bug-bounty, pentesting01-May-2025
Bypassing Email Verification to Hijack Any Account — No User Interaction Neededhttps://medium.com/@Tanvir0x1/bypassing-email-verification-to-hijack-any-account-no-user-interaction-needed-58539b18f36a?source=rss------bug_bounty-5Tanvir Ahmedbug-bounty, ethical-hacking, bounty-program, cybersecurity01-May-2025
Crack Windows Password [Ethical Hacking Article]https://infosecwriteups.com/crack-windows-password-ethical-hacking-article-cb3f0593fe58?source=rss------bug_bounty-5Mr Horbiopenetration-testing, bug-bounty, cybersecurity, hacking, ethical-hacking01-May-2025
Lab: Finding and exploiting an unused API endpointhttps://infosecwriteups.com/lab-finding-and-exploiting-an-unused-api-endpoint-79fa6744f21e?source=rss------bug_bounty-5Mukilan Baskaranbug-bounty, api, cybersecurity, security, ethical-hacking01-May-2025
$500 Bounty: Hijacking HackerOne via window.openerhttps://infosecwriteups.com/500-bounty-hijacking-hackerone-via-window-opener-e16700108e12?source=rss------bug_bounty-5Monika sharmabug-bounty, technology, penetration-testing, hacking, report01-May-2025
How I bypassed an IP block… without changing my IP?https://infosecwriteups.com/how-i-bypassed-an-ip-block-without-changing-my-ip-e8082a43957b?source=rss------bug_bounty-5phoenixcatalanhacking, ethical-hacking, pentesting, portswigger, bug-bounty01-May-2025
From JS File to Jackpot: How I Found API Keys and Secrets Hidden in Production Codehttps://infosecwriteups.com/from-js-file-to-jackpot-how-i-found-api-keys-and-secrets-hidden-in-production-code-87af8750b751?source=rss------bug_bounty-5Iskibug-bounty, cybersecurity, hacking, infosec, money01-May-2025
The Secrets Behind Subdomain Takeovers Nobody Shareshttps://infosecwriteups.com/the-secrets-behind-subdomain-takeovers-nobody-shares-ba6b5d7bf258?source=rss------bug_bounty-5Abhijeet Kumawathacking, cybersecurity, secrets, bug-bounty, subdomain01-May-2025
Shodan: The Search Engine That Exposes Hidden Cameras, Open Doors, and Everything Left Unsecured on…https://osintteam.blog/shodan-the-search-engine-that-exposes-hidden-cameras-open-doors-and-everything-left-unsecured-on-b76dcc3041ac?source=rss------bug_bounty-5Gokuleswaran Bbug-bounty-writeup, pentesting, shodan, bug-bounty, bug-bounty-tips01-May-2025
$1000+ Passive Recon Strategy You’re Not Using (Yet)https://it4chis3c.medium.com/1000-passive-recon-strategy-youre-not-using-yet-164f5b1e6231?source=rss------bug_bounty-5It4chis3chacking, subdomains-enumeration, subdomain, earnings, bug-bounty01-May-2025
How I Used Cloudflare’s Health Checks to Bypass Their WAF Ruleshttps://medium.com/@melege/how-i-used-cloudflares-health-checks-to-bypass-their-waf-rules-75a8a55adcc6?source=rss------bug_bounty-5Ahmed AbdElmaqsoudresponsible-disclosure, security-research, cloudflare, bug-bounty, cybersecurity01-May-2025
Pentesting Oracle TNS Listeners on Default Ports 1521–1529: Techniques, Tools & Remediationhttps://medium.com/@verylazytech/pentesting-oracle-tns-listeners-on-default-ports-1521-1529-techniques-tools-remediation-1a11b1413b0d?source=rss------bug_bounty-5Very Lazy Techethical-hacking, bug-bounty, tns, oscp, penetration-testing01-May-2025
API Hacking on Mercedes-Benzhttps://infosecwriteups.com/mercedes-benz-hacking-f36605954d5f?source=rss------bug_bounty-5SIDDHANT SHUKLAbug-bounty, infosec, cybersecurity, programming, hacking01-May-2025
$1000+ Passive Recon Strategy You’re Not Using (Yet)https://infosecwriteups.com/1000-passive-recon-strategy-youre-not-using-yet-164f5b1e6231?source=rss------bug_bounty-5It4chis3chacking, subdomains-enumeration, subdomain, earnings, bug-bounty01-May-2025
How to hunt for (P1, P2) Blind XSShttps://the7th.medium.com/how-to-hunt-for-p1-p2-blind-xss-87e027acd85b?source=rss------bug_bounty-5Mostafa Alrefaipentesting, web-security, xss-attack, hacking, bug-bounty01-May-2025
Mastering Runtime Hooking with Frida — Real-World Challenges Explained (Part 2)https://medium.com/@ch3tanbug/mastering-runtime-hooking-with-frida-real-world-challenges-explained-part-2-2520d7b1e10c?source=rss------bug_bounty-5CH3TANreverse-engineering, android-pentesting, hackerone, frida, bug-bounty01-May-2025
Review of Security Research Articles: April 2025https://medium.com/meetcyber/review-of-security-research-articles-april-2025-976925d6d181?source=rss------bug_bounty-5Lukasz Wierzbickiautomation, bug-bounty, pentesting, productivity, review01-May-2025
How I Found a $5K Bug in JavaScript — A Bug Bounty Storyhttps://krishna-cyber.medium.com/how-i-found-a-5k-bug-in-javascript-a-bug-bounty-story-dba44140efab?source=rss------bug_bounty-5Krish_cyberbug-bounty, ethical-hacking, javascript, osint, infosec-write-ups01-May-2025
JSRecon 101: Unearthing Hidden Secrets in JavaScript Files for Bug Bounty Success ️♂️https://krishna-cyber.medium.com/jsrecon-101-unearthing-hidden-secrets-in-javascript-files-for-bug-bounty-success-%EF%B8%8F-%EF%B8%8F-0ee75778da59?source=rss------bug_bounty-5Krish_cyberethical-hacking, info-sec-writeups, java, osint, bug-bounty01-May-2025
Need guidance in bug bountyhttps://medium.com/@shahin3541/need-guidance-in-bug-bounty-a5171d591dec?source=rss------bug_bounty-5Shahinbug-bounty-hunter, bug-bounty-tips, bug-hunting, bug-bounty, bug-bounty-program01-May-2025
Find secrets in JS files(bug bounty)https://medium.com/@loyalonlytoday/find-secrets-in-js-files-bug-bounty-587e29025682?source=rss------bug_bounty-5loyalonlytodaycybersecurity, penetration-testing, bug-bounty-tips, hacking, bug-bounty30-Apr-2025
Port Scanning Speed Test: RustScan vs Naabuhttps://medium.com/fmisec/rustscan-vs-naabu-9d7cfbd18424?source=rss------bug_bounty-5Patar Isac Pardomuannetwork-security, cybersecurity, penetration-testing, red-team, bug-bounty30-Apr-2025
One OTP to Rule Them All: How I Replayed a Single Response and Logged in Forever on target.comhttps://medium.com/@choudharinayan05/one-otp-to-rule-them-all-how-i-replayed-a-single-response-and-logged-in-forever-on-target-com-f58e58261607?source=rss------bug_bounty-5Nayan Choudharycybersecurity, bug-bounty, bug-bounty-tips, ethical-hacking, bug-bounty-writeup30-Apr-2025
How I Found Bugs on Adobehttps://infosecwriteups.com/how-i-found-bugs-on-adobe-16cedb79e830?source=rss------bug_bounty-5RivuDonethical-hacking, bug-bounty-tips, bug-bounty, infosec, bug-bounty-writeup30-Apr-2025
How to Detect Credential Dumping Tools like Mimikatz & LaZagne on Endpointshttps://medium.com/@paritoshblogs/how-to-detect-credential-dumping-tools-like-mimikatz-lazagne-on-endpoints-c914ec745e40?source=rss------bug_bounty-5Paritoshmimikatz, bug-bounty, cybersecurity, hacking, information-technology30-Apr-2025
$500 Bug Bounty:Open Redirection via OAuth on Shopifyhttps://infosecwriteups.com/500-bug-bounty-open-redirection-via-oauth-on-shopify-4159387482f9?source=rss------bug_bounty-5Monika sharmatechnology, hacking, bug-bounty, penetration-testing, cybersecurity30-Apr-2025
Starting out Bug Bounty as a Beginnerhttps://medium.com/@bharathi200412/starting-out-bug-bounty-as-a-beginner-12df44ccedcb?source=rss------bug_bounty-5hackerhaishayadbug-bounty, burpsuite, tools30-Apr-2025
Understanding Supply Chain Attackshttps://medium.com/meetcyber/understanding-supply-chain-attacks-19f97e8116cb?source=rss------bug_bounty-5Erkan Kavasbug-bounty, cybersecurity, attack-surface, mitre-attack, mitre-attack-framework30-Apr-2025
DOM-inated! How a Tiny JS Sink Turned Into Critical XSShttps://medium.com/@iski/dom-inated-how-a-tiny-js-sink-turned-into-critical-xss-a9a1dbe97df2?source=rss------bug_bounty-5Iskiinfosec, cybersecurity, hacking, bug-bounty, money30-Apr-2025
Caught an IDOR Vulnerability on a Private Program — Earned a Bountyhttps://cybersecuritywriteups.com/caught-an-idor-vulnerability-on-a-private-program-earned-a-bounty-a99d3ac6602b?source=rss------bug_bounty-5Whitehatcybersecurity, bug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips30-Apr-2025
LLM-powered Agent for Automated Google Dorkinghttps://medium.com/@yee-yore/llm-powered-agent-for-automated-google-dorking-dcb14d609dc2?source=rss------bug_bounty-5yee-yoreagentic-ai, bug-bounty, google, osint, large-language-models30-Apr-2025
Join WING CODE: The Free Telegram Hub for Cybersecurity Learnershttps://medium.com/@wingcode/join-wing-code-the-free-telegram-hub-for-cybersecurity-learners-6e8638f29bd1?source=rss------bug_bounty-5Wing Codebug-bounty, cyber-security-training, learn-cybersecurity, soc, cyber30-Apr-2025
Cybersecurity eBook Collection for Aspiring Hackers and Analysts — Curated by @VeryLazyTechhttps://medium.com/@verylazytech/cybersecurity-ebook-collection-for-aspiring-hackers-and-analysts-curated-by-verylazytech-87dee170b9fb?source=rss------bug_bounty-5Very Lazy Techexploitation, bug-bounty, hacker, ethical-hacking, penetration-testing30-Apr-2025
Mastering RCE: How I Exploit Remote Code Execution Bugs Like a Prohttps://infosecwriteups.com/mastering-rce-how-i-exploit-remote-code-execution-bugs-like-a-pro-ddcc816552bf?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, rce, infosec, hacking, bug-bounty30-Apr-2025
CORS InspectorCORS Inspectorhttps://medium.com/@lukas.simunovic/cors-inspectorcors-inspector-b536fd5449c4?source=rss------bug_bounty-5Lukas Simunovicbug-bounty-tips, hacking, bug-bounty, vulnerability, cybersecurity30-Apr-2025
Understanding User Input Security: Bypasses, Techniques, and Real Exampleshttps://medium.com/@mr45atwork.247/understanding-user-input-security-bypasses-techniques-and-real-examples-dade12f36653?source=rss------bug_bounty-5Mr. Lucifercybersecurity, ethical-hacking, xss-vulnerability, bug-bounty, penetration-testing30-Apr-2025
Key Security Components in Android & Security Metrics: The Foundation of App Securityhttps://justdvnsh.medium.com/key-security-components-in-android-security-metrics-the-foundation-of-app-security-e82eb5ce77de?source=rss------bug_bounty-5Divyansh Dwivedibug-bounty, android, hacking, research-and-development, security30-Apr-2025
From Internal IP Discovery to Full Database Dumphttps://medium.com/@dotHatab/from-internal-ip-discovery-to-full-database-dump-96fbd85dbc7a?source=rss------bug_bounty-5dotHatabdata-breach, information-disclosure, web-application-security, haveibeenpwned, bug-bounty30-Apr-2025
When Does URL Encoding Happen?https://medium.com/@zoningxtr/when-does-url-encoding-happen-a5ff6e88c59f?source=rss------bug_bounty-5Zoningxtrpython-programming, bug-bounty, web-development, javascript, html30-Apr-2025
Complete Guide: URL Encoding Trigger Cases with Detailed Explanations and Exampleshttps://medium.com/@zoningxtr/complete-guide-url-encoding-trigger-cases-with-detailed-explanations-and-examples-0fe80eb6be90?source=rss------bug_bounty-5Zoningxtrhtml, javascript, web-development, bug-bounty, django30-Apr-2025
April Make Me Happy (Bug Bounty Hunting)https://0xshuvo.medium.com/april-make-me-happy-bug-bounty-hunting-2af3fcf15746?source=rss------bug_bounty-5Shuvo Kumar Saharecon, infosec, bugbounty-tips, bug-bounty, dorking30-Apr-2025
Vulnerabilities You Can Find in a Payment Gatewayhttps://medium.com/@sherlock297/vulnerabilities-you-can-find-in-a-payment-gateway-338b944b0f61?source=rss------bug_bounty-5Ravindra Dagalepayments, information-technology, bug-bounty, cybersecurity, vulnerability30-Apr-2025
From Out-of-Scope to Critical: How I Earned 2500$ by Breaking the Ruleshttps://medium.com/@arrasgotcha/from-out-of-scope-to-critical-how-i-earned-2500-by-breaking-the-rules-e8165ec5ef37?source=rss------bug_bounty-5Gotcha1Gbug-bounty, cybersecurity, development, hacking, programming30-Apr-2025
IDOR : Ketika URL Bisa Jadi Kunci untuk Bobol Data Orang lainhttps://medium.com/@zakyputra628/idor-ketika-url-bisa-jadi-kunci-untuk-bobol-data-orang-lain-7b68073f56d0?source=rss------bug_bounty-5Zaky Putra Pratamacybersecurity, bug-bounty, hacking, indonesia, web-security30-Apr-2025
How I Found My First Bug: IDOR Vulnerability & Got a $$$ Bounty!https://medium.com/@zephyrus18/how-i-found-my-first-bug-idor-vulnerability-got-a-500-bounty-d11b983e1460?source=rss------bug_bounty-5Zephyruscybercrime, bug-bounty, cybersecurity, bugs, cyber-security-awareness30-Apr-2025
From Internal IP Discovery to Full Database Dumphttps://medium.com/@drhatab/from-internal-ip-discovery-to-full-database-dump-6fbbac0ff822?source=rss------bug_bounty-5Mustafa Hatabweb-app-pentesting, web-app-security, pentesting, bug-bounty, sensitive-data30-Apr-2025
Hacking Workspace for Fun & Profit: Part IIhttps://0xh7ml.medium.com/hacking-workspace-for-fun-profit-part-ii-de9cd3cc9755?source=rss------bug_bounty-5Md Saikatbroken-access-control, info-sec-writeups, idor, bug-bounty-writeup, bug-bounty30-Apr-2025
How I Earned $1700 from Stripe Bug Bountieshttps://medium.com/@Rinkesh_Patidar/how-i-earned-1700-from-stripe-bug-bounties-28173e8b0a56?source=rss------bug_bounty-5Rinkesh Patidarreport, stripe, hackerone-report, bug-bounty, bugs30-Apr-2025
MCP Prompt Injection: The AI Hack That Cuts Both Ways ️https://ismailtasdelen.medium.com/mcp-prompt-injection-the-ai-hack-that-cuts-both-ways-%EF%B8%8F-f340de123451?source=rss------bug_bounty-5Ismail Tasdelenartificial-intelligence, appsec, application-security, bug-bounty, email-security30-Apr-2025
How I Simply Bypassed a 400 Bad Request and Escalated My Access from Member to Ownerhttps://abumaryamrahmat.medium.com/%D8%A8%D8%B3%D9%85-%D8%A7%D9%84%D9%84%D9%87-%D8%A7%D9%84%D8%B1%D8%AD%D9%85%D9%86-%D8%A7%D9%84%D8%B1%D8%AD%D9%8A%D9%85-7e837698fe4b?source=rss------bug_bounty-5Abu Maryam Rahmatpenetration-testing, bug-bounty-writeup, bug-bounty, bug-bounty-tips, hackerone30-Apr-2025
$500,000 to Catch STON.fi Bugs?! Let’s Get Hunting, STONfiers!https://medium.com/@savesjustice/500-000-to-catch-ston-fi-bugs-lets-get-hunting-stonfiers-8e3c2ba6ad55?source=rss------bug_bounty-5MADEOFBLUrewards, stonfi, bug-bounty, cryptocurrency, defi29-Apr-2025
Find .JS files of your bug bounty target(JS FILES RECON)https://medium.com/@loyalonlytoday/find-js-files-of-your-bug-bounty-target-js-files-recon-306c3b169bae?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, cybersecurity, ethical-hacking, bug-bounty, bug-bounty-tips29-Apr-2025
$100 Password Reset Flawhttps://osintteam.blog/100-password-reset-flaw-7827effebca2?source=rss------bug_bounty-5Monika sharmahacking, cybersecurity, bug-bounty, penetration-testing, technology29-Apr-2025
Password Recovery? More Like Account Delivery Host Header Injection Madnesshttps://medium.com/@loayahmed686/password-recovery-more-like-account-delivery-host-header-injection-madness-b0d0eb3a3b6d?source=rss------bug_bounty-5r00tbug-bounty-writeup, bug-bounty-tips, bug-bounty, infosec29-Apr-2025
How can i find a Jenkins dashboard and ended up with Reverse Shell on shodanhttps://medium.com/@fakechan443/how-can-i-find-a-jenkins-dashboard-and-ended-up-with-reverse-shell-with-shodan-31fcfb8db8b4?source=rss------bug_bounty-5Fakhri Abbas Ailatatjenkins-pipeline, ethical-hacking, bug-bounty, bug-bounty-writeup, shodan29-Apr-2025
Shadow Copy Forensics: Detecting and Investigating VSS Tamperinghttps://medium.com/@paritoshblogs/shadow-copy-forensics-detecting-and-investigating-vss-tampering-17c5bf555230?source=rss------bug_bounty-5Paritoshhacking, detection, cybersecurity, bug-bounty, forensics29-Apr-2025
SyncVault Bug Bounty Challengehttps://medium.com/@syncvault/syncvault-bug-bounty-challenge-bfd466be173c?source=rss------bug_bounty-5SyncVaultsyncvault, airdrop, devsecops, bug-bounty, web329-Apr-2025
️ The ULTIMATE Web App Hacking Checklist for Bug Bounty Huntershttps://redxcybersec.medium.com/%EF%B8%8F-the-ultimate-web-app-hacking-checklist-for-bug-bounty-hunters-a495b436ab6f?source=rss------bug_bounty-5REDx Cybersecbug-bounty, web-security, pentesting, cybersecurity, ethical-hacking29-Apr-2025
GraphQL API hacking Series for Bug Hunters Part 02https://medium.com/@lancersiromony/graphql-api-hacking-series-for-bug-hunters-part-02-837e0bc3be06?source=rss------bug_bounty-5IronGhostgraphql-tools, api, bug-bounty, hacking, graphql29-Apr-2025
What Recruiters Look for in a Cybersecurity Resume in 2025https://infosecwriteups.com/what-recruiters-look-for-in-a-cybersecurity-resume-in-2025-dcc81fa3154e?source=rss------bug_bounty-5Abhijeet Kumawathacking, cybersecurity, bug-bounty, resume, jobs29-Apr-2025
$140 Bounty: Full Path Disclosure on ads.twitter.comhttps://infosecwriteups.com/140-bounty-full-path-disclosure-on-ads-twitter-com-bdedd140ac27?source=rss------bug_bounty-5Monika sharmabug-bounty, hacking, technology, penetration-testing, cybersecurity29-Apr-2025
How Hackers Try to Bypass 403 Forbidden Pageshttps://infosecwriteups.com/how-hackers-try-to-bypass-403-forbidden-pages-239c3f51a674?source=rss------bug_bounty-5Vipul Sonulecybersecurity, bug-bounty, hacking, tech, infosec29-Apr-2025
Not Just a Ping: How SSRF Opened the Gateway to Internal Secretshttps://infosecwriteups.com/not-just-a-ping-how-ssrf-opened-the-gateway-to-internal-secrets-d18eeccd4745?source=rss------bug_bounty-5Iskimone, bug-bounty, cybersecurity, infose, hacking29-Apr-2025
️HTML Encoding Real Cases in deephttps://medium.com/@zoningxtr/%EF%B8%8Fhtml-encoding-real-cases-in-deep-23945237edc6?source=rss------bug_bounty-5Zoningxtrweb-development, bug-bounty, javascript, penetration-testing, html29-Apr-2025
What Happens When You Request a Web Page?https://medium.com/@zoningxtr/what-happens-when-you-request-a-web-page-5e382e05d89f?source=rss------bug_bounty-5Zoningxtrjavascript, penetration-testing, bug-bounty, html, web-development29-Apr-2025
What is HTML Safe Character Encoding?https://medium.com/@zoningxtr/what-is-html-safe-character-encoding-54a687fa8949?source=rss------bug_bounty-5Zoningxtrpenetration-testing, javascript, cybersecurity, bug-bounty, html29-Apr-2025
subdomain-scanner200OKhttps://medium.com/@lukas.simunovic/subdomain-scanner200ok-fcd762413e07?source=rss------bug_bounty-5Lukas Simunovichacking-tools, hacking, bug-bounty29-Apr-2025
Bug bounty program STON.fi: $500,000 in rewardshttps://medium.com/@aqkiler/bug-bounty-program-ston-fi-500-000-in-rewards-c03c1b90c24d?source=rss------bug_bounty-5aqkilerstonfi, dex, bug-bounty, ston29-Apr-2025
Bug Bounty программа STON.fi: $500,000 в наградахhttps://medium.com/@aqkiler/bug-bounty-%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%D0%B0-ston-fi-500-000-%D0%B2-%D0%BD%D0%B0%D0%B3%D1%80%D0%B0%D0%B4%D0%B0%D1%85-ca3da312326d?source=rss------bug_bounty-5aqkilerdex, bug-bounty, ston, stonfi29-Apr-2025
Exploiting SQLi for Total Clients Control in Enterprise Applicationhttps://medium.com/@es0557533/exploiting-sqli-for-total-clients-control-in-enterprise-application-e940acf34aa6?source=rss------bug_bounty-5Isvsql-injection, cybersecurity, bug-bounty, bug-bounty-writeup, bug-bounty-tips29-Apr-2025
1 Click Account Takeover | XSS | CORS Misconfiguration | JWT Forgeryhttps://infosecwriteups.com/1-click-account-takeover-xss-cors-misconfiguration-jwt-forgery-0cf73a28e236?source=rss------bug_bounty-5Raymond Van Wartxss-attack, bug-bounty, jwt, cybersecurity, account-takeover29-Apr-2025
$450 Bounty: Stole Facebook OAuth Access Tokens via Phabricatorhttps://osintteam.blog/450-bounty-stole-facebook-oauth-access-tokens-via-phabricator-4c4468268302?source=rss------bug_bounty-5Monika sharmapenetration-testing, cybersecurity, hacking, technology, bug-bounty29-Apr-2025
From Logs to ATO | How I Hacked IBMhttps://cylent.net/from-logs-to-ato-how-i-hacked-ibm-52552d95dacf?source=rss------bug_bounty-5Mohamed Talaat Saada (@t4144t)penetration-testing, bug-bounty, application-security, bug-bounty-writeup, bug-bounty-tips29-Apr-2025
I Have a Hacking Gig For YOU, Hack Them and Get Paidhttps://muhammadola.medium.com/i-have-a-hacking-gig-for-you-hack-them-and-get-paid-2cddf6442492?source=rss------bug_bounty-5Muhammadethical-hacking, stonfi, bug-bounty, ton, dex29-Apr-2025
️HTML Encoding Real Cases in deephttps://medium.com/@zoningxtr/%EF%B8%8Fhtml-encoding-real-cases-in-deep-23945237edc6?source=rss------bug_bounty-5Zoningxtrweb-development, bug-bounty, javascript, xss-attack, penetration-testing29-Apr-2025
Unlock Bounties by Simply Reading: A Smart Way to Earnhttps://infosecwriteups.com/unlock-bounties-by-simply-reading-a-smart-way-to-earn-63a1cb410450?source=rss------bug_bounty-5Reju Kolebug-bounty-writeup, cyber-security-training, bug-bounty, cybersecurity, bug-bounty-tips29-Apr-2025
Mastering Runtime Hooking with Frida — Real-World Challenges Explained (Part -1)https://medium.com/@ch3tanbug/mastering-runtime-hooking-with-frida-real-world-challenges-explained-part-1-17a7f57ea87b?source=rss------bug_bounty-5CH3TANbug-bounty, cybersecurity, reverse-engineering, frida, android-pentesting29-Apr-2025
JS-URL-Endpoint-Harvesterhttps://medium.com/@lukas.simunovic/js-url-endpoint-harvester-5885d3a69ef6?source=rss------bug_bounty-5Lukas Simunovichacking-tools, bug-bounty, scanning-tool, hacking, automation-tools29-Apr-2025
How I Made $12k in 48 Hours — By Recovering ‘Deleted’ Fileshttps://medium.com/@ibtissamhammadi/how-i-made-12k-in-48-hours-by-recovering-deleted-files-57bf7289ab9e?source=rss------bug_bounty-5Ibtissam Hammadibug-bounty, passive-income, hacking, github, cybersecurity28-Apr-2025
Hunting Suspicious DLL Side-Loading Activityhttps://medium.com/@paritoshblogs/hunting-suspicious-dll-side-loading-activity-5d919f018ac6?source=rss------bug_bounty-5Paritoshdll-sideloading, bug-bounty, hacking, hunting, cybersecurity28-Apr-2025
$500 XSS Payload in Slackhttps://osintteam.blog/500-xss-payload-in-slack-0b99de50f4df?source=rss------bug_bounty-5Monika sharmapenetration-testing, cybersecurity, technology, bug-bounty, hacking28-Apr-2025
☁️How to Setup a Custom Subdomain on xss.ht — A Complete Hacker's Guidehttps://infosecwriteups.com/%EF%B8%8Fhow-to-setup-a-custom-subdomain-on-xss-ht-a-complete-hackers-guide-a0018704c391?source=rss------bug_bounty-5Abhijeet Kumawatvulnerability, hacking, xss-attack, bug-bounty, cybersecurity28-Apr-2025
How I Found a Broken Access Control That Exposed Interview Answers?https://osintteam.blog/how-i-found-a-broken-access-control-vulnerability-that-exposed-interview-answers-e353128f6883?source=rss------bug_bounty-5Sri Shavin Kumarethical-hacking, hall-of-fame, cybersecurity, bug-bounty, bug-bounty-writeup28-Apr-2025
How i Access The Deleted Files of Someone in Google Drive | Bug Bountyhttps://ph-hitachi.medium.com/how-i-access-the-deleted-files-of-someone-in-google-drive-bug-bounty-eac134df1de4?source=rss------bug_bounty-5Ph.Hitachigoogle-vrp, google-drive, bug-bounty, hackerone, broken-access-control28-Apr-2025
How to Master Subdomain Takeovers in 2025https://infosecwriteups.com/how-to-master-subdomain-takeovers-in-2025-023f9f4817af?source=rss------bug_bounty-5Vipul Sonulehacking, infosec, bug-bounty, tech, bug-bounty-tips28-Apr-2025
$500 Bounty: For a Simple Open Redirecthttps://infosecwriteups.com/500-bounty-for-a-simple-open-redirect-a34051071a5c?source=rss------bug_bounty-5Monika sharmatechnology, penetration-testing, hacking, cybersecurity, bug-bounty28-Apr-2025
How I Earned $8947 bounty for Remote Code Execution via a Hijacked GitHub Modulehttps://nvk0x.medium.com/how-i-earned-8947-bounty-for-remote-code-execution-via-a-hijacked-github-module-91c4a4b63255?source=rss------bug_bounty-5Naveen kumawatbug-bounty-tips, hackerone, bug-bounty, bugbounty-writeup, hacking28-Apr-2025
JWT, Meet Me Outside: How I Decoded, Re-Signed, and Owned the Apphttps://infosecwriteups.com/jwt-meet-me-outside-how-i-decoded-re-signed-and-owned-the-app-95791eabcf5d?source=rss------bug_bounty-5Iskiinfosec, hacking, cybersecurity, mone, bug-bounty28-Apr-2025
GraphQL API hacking Series for bug hunters 01https://medium.com/@lancersiromony/graphql-api-hacking-series-for-bug-hunters-01-4db602685d16?source=rss------bug_bounty-5IronGhostapihacking, hacking-tools, bug-bounty, graphql, hacking28-Apr-2025
POC — CVE-2025–29306 FOXCMS /images/index.html Code Execution Vulnerabilityhttps://medium.com/@verylazytech/poc-cve-2025-29306-foxcms-images-index-html-code-execution-vulnerability-0c4db3905fd0?source=rss------bug_bounty-5Very Lazy Techcve-2025-29306, rce, hacking, foxcms, bug-bounty28-Apr-2025
GraphQL API hacking Series for Bug Hunters Part 01https://medium.com/@lancersiromony/graphql-api-hacking-series-for-bug-hunters-01-4db602685d16?source=rss------bug_bounty-5IronGhostapihacking, hacking-tools, bug-bounty, graphql, hacking28-Apr-2025
Exploiting a Referer Header for Open Redirecthttps://ehteshamulhaq198.medium.com/exploiting-a-referer-header-for-open-redirect-ee2baa4a45b5?source=rss------bug_bounty-5Ehtesham Ul Haqpenetration-testing, open-redirect, infosec, rewards, bug-bounty28-Apr-2025
The $2500 bug: Remote Code Execution via Supply Chain Attackhttps://nvk0x.medium.com/the-2500-bug-remote-code-execution-via-supply-chain-attack-3beb07ac1a4c?source=rss------bug_bounty-5Naveen kumawatbug-bounty-writeup, hackerone, bug-bounty, bug-bounty-tips, hacking28-Apr-2025
Simple Tips for Bug Bounty Beginners: Content Spoofing via HTML Injectionhttps://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-content-spoofing-via-html-injection-a0ae7c39a89a?source=rss------bug_bounty-5Anish Narayanoffensive-security, cybersecurity, bug-bounty-tips, bug-bounty-writeup, bug-bounty28-Apr-2025
The OSINT Blueprint: Elevate Your Investigation Skills to Extraordinary Levelshttps://4swolf.medium.com/the-osint-blueprint-elevate-your-investigation-skills-to-extraordinary-levels-0e7f7c832b9d?source=rss------bug_bounty-5wulfhacking-tools, bug-bounty, hackerone, osint, hacker28-Apr-2025
# Walkthrough: VulnHub Machine — Ted 1 (Full Root Access)https://medium.com/@ghostcat1337/walkthrough-vulnhub-machine-ted-1-full-root-access-12b19f4dc036?source=rss------bug_bounty-5ghostcatpenetration-testing, infosec, cybersecurity, bug-bounty, ctf-writeup28-Apr-2025
I Hijacked Accounts in 10 Minutes (IDOR Bug)https://medium.com/@ibtissamhammadi/i-hijacked-accounts-in-10-minutes-idor-bug-b44ae8e53dfa?source=rss------bug_bounty-5Ibtissam Hammadiinfosec, bug-bounty, hacking, cybersecurity, hackerone28-Apr-2025
Day 13: Visible error-based SQL injection — Zero to Hero Blind Injection — Portswiggerhttps://arayofhope7.medium.com/day-13-visible-error-based-sql-injection-zero-to-hero-blind-injection-portswigger-3da2241a1672?source=rss------bug_bounty-5RayofHopepenetration-testing, web-penetration-testing, ethical-hacking, bug-bounty, cybersecurity28-Apr-2025
VeriSource Data Breach Impacts 4 Million Peoplehttps://wiretor.medium.com/verisource-data-breach-impacts-4-million-people-fe05cce5aac4?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesusa, malware, xss-attack, bug-bounty, ai28-Apr-2025
How Breaches Start: Breaking Down 5 Real Vulnerabilities ️‍♂️https://ismailtasdelen.medium.com/how-breaches-start-breaking-down-5-real-vulnerabilities-%EF%B8%8F-%EF%B8%8F-8b1a032b0335?source=rss------bug_bounty-5Ismail Tasdelenvulnerability, application-security, bug-bounty-writeup, bug-bounty-tips, bug-bounty28-Apr-2025
Google Cloud Account Takeover via URL Parsing Confusionhttps://weirdmachine.medium.com/google-cloud-account-takeover-via-url-parsing-confusion-c5e47389b7c7?source=rss------bug_bounty-5Mohamed Benchikhaccount-take-over, bugbounty-writeup, bug-bounty, google-cloud-platform28-Apr-2025
Road to SSRF : PDF generation and filter bypass on ASP.net applicationhttps://medium.com/@supr4s.other/road-to-ssrf-pdf-generation-and-filter-bypass-on-asp-net-application-dd3aa91c0fed?source=rss------bug_bounty-5Supr4sbug-bounty, ssrf-attack28-Apr-2025
How You Can Earn Up to $100,000 with STON.fi Bug Bounty Programhttps://medium.com/@vlad2566/how-you-can-earn-up-to-100-000-with-ston-fi-bug-bounty-program-18861e0285e5?source=rss------bug_bounty-5CRYPTANUAton, stonfi, bug-bounty28-Apr-2025
WolfVision Cynap Smart Presentation Device Vulnerability Discovered: Anonymous Access Risk at…https://medium.com/@hacker_might/wolfvision-cynap-smart-presentation-device-vulnerability-discovered-anonymous-access-risk-at-4a5ed41a9f06?source=rss------bug_bounty-5hacker_mightbug-bounty-writeup, bug-bounty, cyber-security-awareness, iot, iot-security28-Apr-2025
Detecting Hidden Scheduled Tasks & At Jobs Created by Malwarehttps://medium.com/@paritoshblogs/detecting-hidden-scheduled-tasks-at-jobs-created-by-malware-c9038d5d4544?source=rss------bug_bounty-5Paritoshmalware, bug-bounty, malware-analysis, hacking, cybersecurity27-Apr-2025
How to Turn Cybersecurity Into a Full-Time Income (My Blueprint)https://infosecwriteups.com/how-to-turn-cybersecurity-into-a-full-time-income-my-blueprint-f4d70cb01f73?source=rss------bug_bounty-5Abhijeet Kumawatcareers, bug-bounty, infosec, cybersecurity, hacking27-Apr-2025
How I Found The Unauthorized account manipulation?https://doordiefordream.medium.com/how-i-found-the-unauthorized-account-manipulation-3f3312360751?source=rss------bug_bounty-5DOD cyber solutionscybersecurity, bug-bounty, ethical-hacking, technology, vulnerability27-Apr-2025
Attacking Web Applications with FFuFhttps://medium.com/@yashpawar1199/attacking-web-applications-with-ffuf-63673231452e?source=rss------bug_bounty-5Yash Pawar @HackersParadisefuzzing, web-attack, bug-bounty-writeup, ffuf, bug-bounty27-Apr-2025
Understanding XSS (Cross-Site Scripting)https://medium.com/@parthchheda777/understanding-xss-cross-site-scripting-4cfbcc7bab2e?source=rss------bug_bounty-5Parthchhedalearning, xss-attack, cybersecurity, bug-bounty27-Apr-2025
My Journey from last 85 days of Learning Pentestinghttps://medium.com/@gobbledy/my-journey-from-last-85-days-of-learning-pentesting-71fe9bad7e71?source=rss------bug_bounty-5gobbledypentesting, bug-bounty, information-security, cybersecurity27-Apr-2025
“Account Takeovers Made Easy: Critical JWT Exposure via Archived URLs”https://medium.com/@choudharinayan05/account-takeovers-made-easy-critical-jwt-exposure-via-archived-urls-1b7380c62943?source=rss------bug_bounty-5Comp_Nayan Choudharybug-bounty, cybersecurity, ethical-hacking, bug-bounty-writeup27-Apr-2025
The Future of Bug Bounties: What Ethical Hackers Need to Know!https://medium.com/@cybertalents/the-future-of-bug-bounties-what-ethical-hackers-need-to-know-2a5fba3213b9?source=rss------bug_bounty-5CyberTalentscybersecurity, ethical-hacking, careers, cyber-security-awareness, bug-bounty27-Apr-2025
Understanding CSRF (Cross Site Request Forgery)https://medium.com/@parthchheda777/understanding-csrf-cross-site-request-forgery-08d0ea732026?source=rss------bug_bounty-5Parthchhedacsrf, csrf-token, learning, bug-bounty, cybersecurity27-Apr-2025
Dalam dunia ethical hacking dan penetration testing, penguasaan sistem operasi Linux menjadi kunci…https://medium.com/@ahmadcybr21/dalam-dunia-ethical-hacking-dan-penetration-testing-penguasaan-sistem-operasi-linux-menjadi-kunci-f05308396791?source=rss------bug_bounty-5Ahmadcybrhacker, cybersecurity, whitehat, bug-bounty, linux27-Apr-2025
Login? Who Needs That? Bypassing OAuth Like a Lazy Hacker on Sunday ☀️https://infosecwriteups.com/login-who-needs-that-bypassing-oauth-like-a-lazy-hacker-on-sunday-%EF%B8%8F-76802cc8025d?source=rss------bug_bounty-5Iskicybersecurity, bug-bounty, infosec, money, hacking27-Apr-2025
a simple watch tower (:https://medium.com/@cryptoboot123/a-simple-watch-tower-19467f0bee49?source=rss------bug_bounty-5Cryptobootbug-bounty, bug-bounty-writeup, watchtower, bug-bounty-tips27-Apr-2025
POC — Remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code…https://medium.com/@verylazytech/poc-remote-and-unauthenticated-attacker-can-send-crafted-http-requests-to-execute-arbitrary-code-4b591d45ff4f?source=rss------bug_bounty-5Very Lazy Techbug-bounty, cve-2025-3248, exploit, rce, hacking27-Apr-2025
Manual Testing for Privilege Escalation and Broken Access Control My (Methodology)https://medium.com/@kroush333/manual-testing-for-privilege-escalation-and-broken-access-control-my-methodology-a3b9f41b82a2?source=rss------bug_bounty-5MahmoudKroushbug-bounty-tips, bug-bounty, cybersecurity, penetration-testing, bug-bounty-writeup27-Apr-2025
Hacking APIs: Attackers exploiting SSRFhttps://iaraoz.medium.com/hacking-apis-attackers-exploiting-ssrf-57624d575987?source=rss------bug_bounty-5Israel Aráoz Severichecybersecurity, bug-bounty, api, owasp27-Apr-2025
Vaulting over a .innerHTML sink in a Locked-Down CSPhttps://infosecwriteups.com/vaulting-over-a-innerhtml-sink-in-a-locked-down-csp-a628be8ba9dc?source=rss------bug_bounty-5SMHTahsin33dom-xss, csp, innerhtml, xss-attack, bug-bounty27-Apr-2025
The World Needs More Cyber Warriors: Here’s Why You Should Join Cybersecurity Todayhttps://medium.com/@uday7981047612/the-world-needs-more-cyber-warriors-heres-why-you-should-join-cybersecurity-today-323a5a4c7485?source=rss------bug_bounty-5Uday Venkatpenetration-testing, bug-bounty, ethical-hacking, cybersecurity, networking27-Apr-2025
From Discovery to Patch: Critical DOM XSS & Open Redirect in Toyota’s Parts Portalhttps://medium.com/@N0aziXss/from-discovery-to-patch-critical-dom-xss-open-redirect-in-toyotas-parts-portal-e36383fa1aa1?source=rss------bug_bounty-5N0aziXssweb-security, bug-bounty, ethical-hacking, open-redirect, dom-xss27-Apr-2025
Privilege Escalation via IDOR and ACL Bypass in a SaaS Applicationhttps://kumarmohank889.medium.com/privilege-escalation-via-idor-and-acl-bypass-in-a-saas-application-e079bcd2cc4a?source=rss------bug_bounty-5Mohan Kumar Nbug-bounty-tips, hacking, cybersecurity, ethical-hacking, bug-bounty27-Apr-2025
Bypassing Access control through OPTIONS Request + Method Smuggling: A Hacker One Findinghttps://ayushkr12.medium.com/smuggling-my-way-past-frontend-filters-a-fun-find-on-hackerone-4424dad3a16e?source=rss------bug_bounty-5Ayush Kumarpentesting, bug-bounty, hacking, access-control27-Apr-2025
Millions of Records Exposed via SQL Injection in a Tamil Nadu Government Portalhttps://medium.com/@dharineeshj2/millions-of-records-exposed-via-sql-injection-in-a-tamil-nadu-government-portal-0981d3827ed2?source=rss------bug_bounty-5Hack-Batbug-bounty, hacking, cybersecurity, pentesting, ethical-hacking26-Apr-2025
Microsoft Is Paying Up to $30,000 for AI Security Flawshttps://medium.com/@Cyber-AppSec/microsoft-is-paying-up-to-30-000-for-ai-security-flaws-d4f1fec247d6?source=rss------bug_bounty-5Cyber-AppSecinformation-security, cybersecurity, ai, bug-bounty, microsoft26-Apr-2025
⏱️ There were no visible errors, no hints… only the server’s hesitation told me the truth.https://infosecwriteups.com/%EF%B8%8F-there-were-no-visible-errors-no-hints-only-the-servers-hesitation-told-me-the-truth-7b4987f10444?source=rss------bug_bounty-5phoenixcatalanpentesting, bug-bounty, portswigger, ethical-hacking, hacking26-Apr-2025
Path Traversal Attack: How I Accessed Admin Secretshttps://infosecwriteups.com/path-traversal-attack-how-i-accessed-admin-secrets-fa5de1865031?source=rss------bug_bounty-5Vipul Sonulehacking, bug-bounty, cybersecurity, bug-bounty-tips, infosec26-Apr-2025
Symbolic Execution vs Traditional Static Analysis in Smart Contract Securityhttps://securrtech.medium.com/symbolic-execution-vs-traditional-static-analysis-in-smart-contract-security-97a9289bbd48?source=rss------bug_bounty-5Securr - Web3 Securitybug-bounty, smart-contract-security, smart-contract-auditing, blockchain-security, web3-security26-Apr-2025
How I Catch XSS Bugs That Most Hunters Misshttps://infosecwriteups.com/how-i-catch-xss-bugs-that-most-hunters-miss-7f226d3a1dea?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, vulnerability, hacking, xss-attack, bug-bounty26-Apr-2025
Misconfiguration on MinIO S3 Bucket (Similar to AWS S3 Misconfig)https://frostyxsec.medium.com/misconfiguration-on-minio-s3-bucket-similar-to-aws-s3-misconfig-a6754d29d011?source=rss------bug_bounty-5Frostyxsecbug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-writeup26-Apr-2025
OAuth Desync Chain: From Smuggling to Session Hijack Without Credentialshttps://medium.com/@m3681371/oauth-desync-chain-from-smuggling-to-session-hijack-without-credentials-3959cedaf579?source=rss------bug_bounty-5m6r001http2, research, oauth, bug-bounty, web-security26-Apr-2025
Breaking the Hierarchy: How I Bypassed Role Restrictions to Become Ownerhttps://medium.com/meetcyber/breaking-the-hierarchy-how-i-bypassed-role-restrictions-to-become-owner-2635e1e33d85?source=rss------bug_bounty-5Fuzzyy Duckinfo-sec-writeups, web-application-security, cybersecurity, bug-bounty, hacking26-Apr-2025
How I Bypassed Authentication on a Funded Fashion Site — And Took Over an Accounthttps://medium.com/@rolextital/how-i-bypassed-authentication-on-a-funded-fashion-site-and-took-over-an-account-8b8a9189fb4a?source=rss------bug_bounty-5Rolextitalbug-bounty, web-application-security, cybersecurity, ethical-hacking, authentication-bypass26-Apr-2025
The Hidden Param That Opened the Vault: A Dirty Param Tampering Talehttps://infosecwriteups.com/the-hidden-param-that-opened-the-vault-a-dirty-param-tampering-tale-52bfac3539fd?source=rss------bug_bounty-5Iskihacking, money, infosec, bug-bounty, cybersecurity26-Apr-2025
Waiting for admin approve , I don’t think so !https://medium.com/@abdallahehab_31039/waiting-for-admin-approve-i-dont-think-so-195a042f913e?source=rss------bug_bounty-5Abdallah Ehabethical-hacking, hunting, bug-bounty, response-manipulation26-Apr-2025
What if finding a simple bug could earn you $75,000?https://medium.com/@ndaawesome/what-if-finding-a-simple-bug-could-earn-you-75-000-de582f83cbb2?source=rss------bug_bounty-5Awesome Ndabomscrypto, bug-bounty, devops, defi, ton26-Apr-2025
How I Bypassed a WAF & Found My First XSS Bughttps://medium.com/@ibtissamhammadi/how-i-bypassed-a-waf-found-my-first-xss-bug-22429d7a3655?source=rss------bug_bounty-5Ibtissam Hammadibug-bounty, waf-bypass, xss-attack, cybersecurity, hacking26-Apr-2025
Breaking File Upload Security: Finding Hidden XSShttps://medium.com/@es0557533/breaking-file-upload-security-finding-hidden-xss-cfc6e38bcee3?source=rss------bug_bounty-5Isvbug-bounty-writeup, bug-bounty, xss-attack, bug-bounty-tips, xss-bypass26-Apr-2025
Top 10 Beginner Setup Problems in HTB and Bug Bounty (and How to Fix Them Fast)https://medium.com/@verylazytech/top-10-beginner-setup-problems-in-htb-and-bug-bounty-and-how-to-fix-them-fast-1f9a278415ea?source=rss------bug_bounty-5Very Lazy Techtryhackme, bug-bounty, htb, penetration-testing26-Apr-2025
Cybersecurity Roadmap for Beginners in 2025: Avoid These Common Mistakes on Your Learning Journeyhttps://infosecwriteups.com/cybersecurity-roadmap-for-beginners-in-2025-avoid-these-common-mistakes-on-your-learning-journey-7e8701bb1827?source=rss------bug_bounty-5Mr Horbiobug-bounty, penetration-testing, cybersecurity, ethical-hacking, roadmaps26-Apr-2025
Day 3 — Setting Up My Android Pentesting Labhttps://medium.com/@muhammedshemil25/day-3-setting-up-my-android-pentesting-lab-8a0f71de091c?source=rss------bug_bounty-5Muhammed.shemilandroid-pentesting, ethical-hacking, mobile-security, ctf, bug-bounty26-Apr-2025
My First P1https://callgh0st.medium.com/my-first-p1-ae9d09c02927?source=rss------bug_bounty-5callgh0stgenocide, github, hacking, bug-bounty, recon26-Apr-2025
XSS Vulnerability in One of the Top 10 Universities in Indiahttps://mushirsyed.medium.com/xss-vulnerability-on-one-of-the-top-10-universities-in-india-a2088fd31ef5?source=rss------bug_bounty-5Syed Mushirbug-bounty-tips, bug-bounty, bugs, xss-vulnerability, xss-attack26-Apr-2025
How I Chained Template Injections Across Pages to Trigger Reflected XSShttps://medium.com/@zoningxtr/how-i-chained-template-injections-across-pages-to-trigger-reflected-xss-5d4ef68efac5?source=rss------bug_bounty-5Zoningxtrcybersecurity, javascript, bug-bounty, penetration-testing, web-development26-Apr-2025
WooCommerce Admins Targeted by Fake Security Patches That Hijack Siteshttps://wiretor.medium.com/woocommerce-admins-targeted-by-fake-security-patches-that-hijack-sites-7bf1832f2963?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, usa, xss-attack, ai, bug-bounty26-Apr-2025
Subdomain Takeover on VDPhttps://medium.com/@vasubhan/subdomain-takeover-on-vdp-32cac749bf16?source=rss------bug_bounty-5Vasu Bhanwriteup, security-research, vdp, bug-bounty26-Apr-2025
How I Found phpinfo Exposure In telkomsigma.co.idhttps://firdausmuhammadismail.medium.com/how-i-found-phpinfo-in-telkomsigma-co-id-49c89a1b0404?source=rss------bug_bounty-5Firdaus Muhammad Ismailbug-bounty-tips, bug-bounty, vulnerability, bug-bounty-writeup, sensitive-data25-Apr-2025
How i found a RXSS by webpackhttps://medium.com/@yubanbanz/how-i-found-a-rxss-by-webpack-7e2217a3976d?source=rss------bug_bounty-5yubanbansecurity, xss-attack, bug-bounty25-Apr-2025
How to Find Hidden HackerOne & Bugcrowd Programshttps://medium.com/@ibtissamhammadi/how-to-find-hidden-hackerone-bugcrowd-programs-0149457cf048?source=rss------bug_bounty-5Ibtissam Hammadiosint, hackerone, hacking, cybersecurity, bug-bounty25-Apr-2025
Hunting Fileless Malware on Windows Systemshttps://medium.com/@paritoshblogs/hunting-fileless-malware-on-windows-systems-2243d81b1e2d?source=rss------bug_bounty-5Paritoshmalware, hacking, bug-bounty, fileless-malware, cybersecurity25-Apr-2025
Most Pro Hacker Adviced Beginners To Start with on VDP Program I Taked This Advice and After Three…https://medium.com/@youssefmohamed_84205/most-pro-hacker-adviced-beginners-to-start-with-on-vdp-program-i-taked-this-advice-and-after-three-bbc216680b6f?source=rss------bug_bounty-5Youssef Mohamedbug-bounty-tips, bug-bounty, bug-bounty-writeup, bugs, cybersecurity25-Apr-2025
From Casual Curiosity to Crucial Findings: vibe pentesting uncovers serious vulnerabilities in…https://medium.com/@kushjain0107/from-casual-curiosity-to-crucial-findings-vibe-pentesting-uncovers-serious-vulnerabilities-in-7c032383d227?source=rss------bug_bounty-5Kushal Jainbug-bounty, bug-hunting, appsec, cybsersecurity, ethical-hacking25-Apr-2025
The Fastest Way to Learn Web Hacking in 2025 (With Free Resources)https://infosecwriteups.com/the-fastest-way-to-learn-web-hacking-in-2025-with-free-resources-88c8e74a3889?source=rss------bug_bounty-5Abhijeet Kumawatchatgpt, cybersecurity, ai, hacking, bug-bounty25-Apr-2025
Earn your First $5000 Bug-Bounty.https://medium.com/@anandrishav2228/earn-your-first-5000-bug-bounty-c49495337ef0?source=rss------bug_bounty-5Rishav anandactive-directory, bug-bounty, cybersecurity, hacker, money25-Apr-2025
Secret Sauce in Robots.txt — How I Found Hidden Admin Panels and Debug URLshttps://infosecwriteups.com/secret-sauce-in-robots-txt-how-i-found-hidden-admin-panels-and-debug-urls-b7e8a11ea36f?source=rss------bug_bounty-5Iskibug-bounty, hacking, cybersecurity, money, infosec25-Apr-2025
10 Free Tools Every Beginner Bug Bounty Hunter Should Know (2025 Edition)https://medium.com/@aashifm/10-free-tools-every-beginner-bug-bounty-hunter-should-know-2025-edition-571ce494d907?source=rss------bug_bounty-5127.0.0.1bug-bounty, tools, burpsuite, exploitation, cybersecurity25-Apr-2025
$500,000 Up for Grabs: STON.fi Launches a High-Stakes Bug Bounty Program on TONhttps://medium.com/@lygophilea/500-000-up-for-grabs-ston-fi-launches-a-high-stakes-bug-bounty-program-on-ton-6a5a5b5b967f?source=rss------bug_bounty-5Lygoph_writesdefi, bug-bounty, cryptocurrency, hacking, web325-Apr-2025
Mastering Linux Privilege Escalation: Part 3 — Advanced Exploits, NFS, and Real-World Strategyhttps://medium.com/@verylazytech/mastering-linux-privilege-escalation-part-3-advanced-exploits-nfs-and-real-world-strategy-0ba8198f03dc?source=rss------bug_bounty-5Very Lazy Techbug-bounty, oscp-preparation, hacking, oscp, privilege-escalation25-Apr-2025
Understanding Template Engines & Server-Side Template Injection (SSTI)https://medium.com/@yashpawar1199/understanding-template-engines-server-side-template-injection-ssti-81ecf2fefc19?source=rss------bug_bounty-5Yash Pawar @HackersParadisessti-exploitation, penetration-testing, bug-bounty, ssti, web-hacking25-Apr-2025
Web App Reconnaissance Like a Spy ️‍♂️: Tools & Techniques for 2025https://medium.com/@vipulsonule71/web-app-reconnaissance-like-a-spy-%EF%B8%8F-%EF%B8%8F-tools-techniques-for-2025-072032e31adf?source=rss------bug_bounty-5Vipul Sonulebug-bounty-tips, bug-bounty, hacking, infosec, cybersecurity25-Apr-2025
#ERROR!https://medium.com/@zoningxtr/what-is-javascript-and-why-hackers-love-it-b6135b3d089e?source=rss------bug_bounty-5Zoningxtrpenetration-testing, web-development, cybersecurity, bug-bounty, javascript25-Apr-2025
Red Team Recruitment Testhttps://medium.com/@alirezamokhtari82/red-team-recruitment-test-899059166128?source=rss------bug_bounty-5Alireza Mokhtaribug-bounty, red-team, hacking25-Apr-2025
$5,000 Bounty: How iScan.today Helped Me Find a Verified GitHub Token with Org-Wide Write Accesshttps://medium.com/@arshadkazmi42/5-000-bounty-how-iscan-today-helped-me-find-a-verified-github-token-with-org-wide-write-access-615e999a0219?source=rss------bug_bounty-5Arshad Kazmibounties, github-token, iscan, bug-bounty, hackerone-report25-Apr-2025
Before Code Runs: Understanding the JavaScript Execution Environmenthttps://medium.com/@zoningxtr/before-code-runs-understanding-the-javascript-execution-environment-fe79047926af?source=rss------bug_bounty-5Zoningxtrbug-bounty, cybersecurity, penetration-testing, javascript, code-review25-Apr-2025
Mastering HTTPS Traffic Interception in Flutter Using Burp Suitehttps://hatemmohamedabdallah.medium.com/mastering-https-traffic-interception-in-flutter-using-burp-suite-13c02b968bf4?source=rss------bug_bounty-5Hatem Mohamed Abdallahbug-bounty-writeup, mobile-security, bug-bounty, flutter, android-security25-Apr-2025
Hidden Entrances: Where javascript: URLs Are Still Allowedhttps://medium.com/@zoningxtr/hidden-entrances-where-javascript-urls-are-still-allowed-a52842c6aee6?source=rss------bug_bounty-5Zoningxtrbug-bounty, web-development, penetration-testing, javascript, cybersecurity25-Apr-2025
Burp Suite’s Latest Arsenal: AI Power, Smarter Scanning, and Workflow Wizardhttps://bitpanic.medium.com/burp-suites-latest-arsenal-ai-power-smarter-scanning-and-workflow-wizard-42d54edf283f?source=rss------bug_bounty-5Spectat0rguytechnology, programming, bug-bounty, bug-bounty-tips, cybersecurity25-Apr-2025
OOP in Programminghttps://medium.com/@migo.ee0/oop-in-programming-bc0ca618db63?source=rss------bug_bounty-5Migo eeoop, cyebrsecurity, programming, pentesting, bug-bounty25-Apr-2025
Next.js Middleware Vulnerability: How CVE-2025–29927 Enables Authorization Bypasshttps://medium.com/@nitinsgavane/next-js-middleware-vulnerability-how-cve-2025-29927-enables-authorization-bypass-1e0293d10e24?source=rss------bug_bounty-5Nitin Gavhanemiddleware-vulnerability, authorization-bypass, nextjs, cve-2025-29927, bug-bounty25-Apr-2025
From 403 Forbidden to PII Exposure: How I Escalated a Low-Severity Bug to a High P2https://medium.com/@arrasgotcha/from-403-forbidden-to-pii-exposure-how-i-escalated-a-low-severity-bug-to-a-high-p2-915a9b814ce6?source=rss------bug_bounty-5Gotcha1Gweb, hackerone, hacking, development, bug-bounty25-Apr-2025
Null Byte Injection Attackhttps://medium.com/@adhamhashem2024/null-byte-injection-attack-a01de121e376?source=rss------bug_bounty-5Adham Hashemvulnerability, penetration-testing, bug-bounty, cybersecurity, attack25-Apr-2025
We share a pool of $500k in the Bug Bounty eventhttps://medium.com/@kiyotosage/we-share-a-pool-of-500k-in-the-bug-bounty-event-3adf9e9cce0b?source=rss------bug_bounty-5Kiyot0Sagestonfi, bug-bounty, crypto25-Apr-2025
Делим пул 500к$ в ивенте Bug Bountyhttps://medium.com/@kiyotosage/%D0%B4%D0%B5%D0%BB%D0%B8%D0%BC-%D0%BF%D1%83%D0%BB-500%D0%BA-%D0%B2-%D0%B8%D0%B2%D0%B5%D0%BD%D1%82%D0%B5-bug-bounty-b48eabc3407c?source=rss------bug_bounty-5Kiyot0Sagestonfi, crypto, bug-bounty25-Apr-2025
A list of search engines for OSINT investigators and ethical hackers(PART 2)https://medium.com/@loyalonlytoday/a-list-of-search-engines-for-osint-investigators-and-ethical-hackers-part-2-1dd7b3d54b6f?source=rss------bug_bounty-5loyalonlytodaycybersecurity, search-engines, hacking, bug-bounty, tips24-Apr-2025
Hijacking Trust: The Parallels Between Use-After-Free and Insecure Deserializationhttps://medium.com/@MasoudAbdaal/hijacking-trust-the-parallels-between-use-after-free-and-insecure-deserialization-a12c587a2987?source=rss------bug_bounty-5Masoud Abdaalexploit, insecure-deserialization, bug-bounty, c-programming, heap-memory24-Apr-2025
Arjun: The Ultimate Parameter Discovery Tool For Bug Huntershttps://medium.com/@lancersiromony/arjun-the-ultimate-parameter-discovery-tool-for-bug-hunters-6ead8aaf295b?source=rss------bug_bounty-5IronGhostbug-bounty, querystring, hacking, arjun, fuzzing24-Apr-2025
Bug Bounty: failure experience recordshttps://medium.com/@smilemil/bug-bounty-failure-experience-records-62e928efd54a?source=rss------bug_bounty-5smilemilbug-bounty24-Apr-2025
I Used AI to Write a Payload… And It Worked (Sort of)https://infosecwriteups.com/i-used-ai-to-write-a-payload-and-it-worked-sort-of-55b6860d8be9?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, ai, hacking, chatgpt, bug-bounty24-Apr-2025
From 0 to Hacker Herohttps://medium.com/@omkumar.coder/from-0-to-hacker-hero-e9b8b8c0d1af?source=rss------bug_bounty-5om kumarbug-bounty, cybersecurity, hacking, penetration-testing, ctf24-Apr-2025
Hostile Host Headers: How I Hijacked the App with One Sneaky Headerhttps://medium.com/@iski/hostile-host-headers-how-i-hijacked-the-app-with-one-sneaky-header-42c7dd82d2bc?source=rss------bug_bounty-5Iskicybersecurity, money, infosec, hacking, bug-bounty24-Apr-2025
Mastering Linux Privilege Escalation: Part 2 — Cron, Sudo, Kernel, and PATH Exploitshttps://medium.com/@verylazytech/mastering-linux-privilege-escalation-part-2-cron-sudo-kernel-and-path-exploits-ace9404ecfec?source=rss------bug_bounty-5Very Lazy Techoscp, oscp-preparation, ethical-hacking, privilege-escalation, bug-bounty24-Apr-2025
Hostile Host Headers: How I Hijacked the App with One Sneaky Headerhttps://infosecwriteups.com/hostile-host-headers-how-i-hijacked-the-app-with-one-sneaky-header-42c7dd82d2bc?source=rss------bug_bounty-5Iskicybersecurity, money, infosec, hacking, bug-bounty24-Apr-2025
How I’m Learning Web3.0(Blockchain) Bug Bounties from Scratch And Sharing Everything.https://nitin-nitingutte-gutte.medium.com/how-im-learning-web3-blockchain-bug-bounties-from-scratch-and-sharing-everything-d8cf248121b4?source=rss------bug_bounty-5Nitin Guttesolidity, blockchain, web3, bug-bounty, smart-contracts24-Apr-2025
Bypassed the Invite Flow, Gained Admin Accesshttps://medium.com/@yassentaalab51/bypassed-the-invite-flow-gained-admin-access-d37347d57468?source=rss------bug_bounty-5Killuaweb-security, bug-bounty-tips, penetration-testing, broken-access-control, bug-bounty24-Apr-2025
How I Bypassed Template Escaping and Triggered a Reflected XSS Popuphttps://medium.com/@zoningxtr/how-i-bypassed-template-escaping-and-triggered-a-reflected-xss-popup-9567d45fd31c?source=rss------bug_bounty-5Zoningxtrcybersecurity, bug-bounty, penetration-testing, web-development, javascript24-Apr-2025
Bug Hunting for Real: Tools, Tactics, and Truths No One Talks Abouthttps://ehteshamulhaq198.medium.com/bug-hunting-for-real-tools-tactics-and-truths-no-one-talks-about-661f6786d5b3?source=rss------bug_bounty-5Ehtesham Ul Haqwriteup, bug-bounty, reconnaissance, rewards, penetration-testing24-Apr-2025
Insecure Direct Object Reference (IDOR) in a Government Portalhttps://akashxak.medium.com/insecure-direct-object-reference-idor-in-a-government-portal-973758a23473?source=rss------bug_bounty-5Akash kumar Kethical-hacking, cert-in, idor-vulnerability, cybersecurity, bug-bounty24-Apr-2025
How I Reported My First Vulnerabilityhttps://medium.com/@0x004sec/how-i-reported-my-first-vulnerability-b4504ed77ec5?source=rss------bug_bounty-50x004secbug-bounty-tips, bug-bounty-writeup, xss-vulnerability, hackerone, bug-bounty24-Apr-2025
Found a bug? Get rewarded!https://medium.com/@roma_k90/found-a-bug-get-rewarded-94a922aa8ff9?source=rss------bug_bounty-5Romabug-bounty, ton, stonfi, ecosystem, money24-Apr-2025
Нашёл баг — получил награду!https://medium.com/@roma_k90/%D0%BD%D0%B0%D1%88%D1%91%D0%BB-%D0%B1%D0%B0%D0%B3-%D0%BF%D0%BE%D0%BB%D1%83%D1%87%D0%B8%D0%BB-%D0%BD%D0%B0%D0%B3%D1%80%D0%B0%D0%B4%D1%83-e936631f5e02?source=rss------bug_bounty-5Romanews, money, smart-contracts, bug-bounty, stonfi24-Apr-2025
Broken Access Control - Unauthorized users able to add customerhttps://medium.com/@MrPlufy/broken-access-control-unauthorized-users-able-to-add-customer-fd8176343650?source=rss------bug_bounty-5Ahmad Tazkiarni Ramadhanbug-bounty, cybersecurity, penetration-testing, bug-hunting, broken-access-control24-Apr-2025
Inject, Exploit, Repeat: Real-World Adventures in XSShttps://medium.com/@es0557533/inject-exploit-repeat-real-world-adventures-in-xss-a8fd8f7066c8?source=rss------bug_bounty-5Isvbug-bounty-tips, xss-attack, bug-bounty, cybersecurity, bug-bounty-writeup24-Apr-2025
A list of search engines for OSINT investigators and ethical hackers(PART 1)https://medium.com/@loyalonlytoday/a-list-of-search-engines-for-osint-investigators-and-ethical-hackers-part-1-4b035cfc271a?source=rss------bug_bounty-5loyalonlytodaycybersecurity, bug-bounty, hacking, osint, search-engines23-Apr-2025
No rate limithttps://medium.com/@eng.mahmoudbughunter/no-rate-limit-dbb663690fe6?source=rss------bug_bounty-5mahmoud faragpenetration-testing, bug-bounty, hunting23-Apr-2025
#ERROR!https://medium.com/@zoningxtr/%EF%B8%8Fxss-prevention-101-why-using-value-keeps-your-javascript-secure-52d9e062ca13?source=rss------bug_bounty-5Zoningxtrjavascript, bug-bounty, penetration-testing, web-development, xss-attack23-Apr-2025
How I Found Multiple Bugs On Dell Using Reconnaissance (OSINT)https://medium.com/@root0x30/how-i-found-multiple-bugs-on-dell-using-reconnaissance-osint-b71e06fa9031?source=rss------bug_bounty-5Mohit_Negidell, reconnaissance, osint, bug-bounty, red-team23-Apr-2025
Securing HTML Forms Against XSS: A Practical Guide with DOM Methods, Safe JavaScript, and…https://medium.com/@zoningxtr/securing-html-forms-against-xss-a-practical-guide-with-dom-methods-safe-javascript-and-74596ebc9064?source=rss------bug_bounty-5Zoningxtrweb-development, bug-bounty, javascript, html, penetration-testing23-Apr-2025
FOFA Recon for Hidden HackerOne & Bugcrowd Programshttps://medium.com/meetcyber/fofa-recon-for-hidden-hackerone-bugcrowd-programs-e285610bf8a5?source=rss------bug_bounty-5AbhirupKonwarosint, bug-bounty-tips, infosec, bug-bounty-program, bug-bounty23-Apr-2025
❌ Top 10 Mistakes Beginners Make in Bug Bounty — Avoid These!https://infosecwriteups.com/top-10-mistakes-beginners-make-in-bug-bounty-avoid-these-5140f8a5b22b?source=rss------bug_bounty-5Abhijeet Kumawathacking, bug-bounty, infosec, cybersecurity, ai23-Apr-2025
Account Takeover via Email Verification Logic Flawhttps://medium.com/@rolextital/account-takeover-via-email-verification-logic-flaw-a8755f2bc08f?source=rss------bug_bounty-5Rolextitalaccount-takeover, ethical-hacking, web-application-security, cybersecurity, bug-bounty23-Apr-2025
Stored + Reflected XSS on Live Website!https://medium.com/@Nextk/my-journey-from-being-sad-to-getting-a-xss-c0c6a59161f2?source=rss------bug_bounty-5Nextkwaf-detection, bug-bounty, filter-detection, xss-vulnerability, easy23-Apr-2025
Ultimate Bug Bounty Roadmap 2025 — From Zero to Prohttps://mrblogger.medium.com/ultimate-bug-bounty-roadmap-2025-from-zero-to-pro-51373869a243?source=rss------bug_bounty-5Mr Bloggerethical-hacking, cybersecurity, bug-bounty, books, bug-bounty-202523-Apr-2025
Mastering Linux Privilege Escalation: Part 1 — The Fundamentalshttps://medium.com/@verylazytech/mastering-linux-privilege-escalation-part-1-the-fundamentals-01e662e86b1b?source=rss------bug_bounty-5Very Lazy Techprivilege-escalation, ethical-hacking, oscp, oscp-preparation, bug-bounty23-Apr-2025
How to Find Your First Business Logic Vulnerability in a Bug Bounty Program | Step-by-Step Guide |…https://medium.com/@shaikhminhaz1975/how-to-find-your-first-business-logic-vulnerability-in-a-bug-bounty-program-step-by-step-guide-17a6f9785c93?source=rss------bug_bounty-5Shaikh Minhazvulnerability, cybersecurity, ethical-hacking, penetration-testing, bug-bounty23-Apr-2025
The Hidden Recon Routines That Don’t Show Up in Anyone’s Toolkithttps://myselfakash20.medium.com/the-hidden-recon-routines-that-dont-show-up-in-anyone-s-toolkit-0612511c8cc2?source=rss------bug_bounty-5Akash Ghoshmindset, bug-bounty, cybersecurity, technology, bug-bounty-tips23-Apr-2025
How to Create a Botnet Using One Tool: A Proof of Concept for Educational Purposes Aspiring…https://infosecwriteups.com/how-to-create-a-botnet-using-one-tool-a-proof-of-concept-for-educational-purposes-aspiring-d5e7f3d6e10f?source=rss------bug_bounty-5Elie Attiehbug-hunter, bug-bounty, penetration-testing, cybersecurity, botnet23-Apr-2025
Exposing SMTP Misconfigurations: STARTTLS and Self-Signed Certshttps://mrdineshpathro.medium.com/exposing-smtp-misconfigurations-starttls-and-self-signed-certs-01e5ff9a3367?source=rss------bug_bounty-5Dinesh Pathrobug-zero, bugs, bug-bounty-tips, bug-bounty, bug-bounty-writeup23-Apr-2025
Understanding CVEs and CVSShttps://medium.com/@sherlock297/understanding-cves-and-cvss-4f778f144aaa?source=rss------bug_bounty-5Ravindra Dagalevulnerability, cvss, cve, cybersecurity, bug-bounty23-Apr-2025
Burp, Bounce, and Break: How Web Cache Poisoning Let Me Control the Apphttps://infosecwriteups.com/burp-bounce-and-break-how-web-cache-poisoning-let-me-control-the-app-be173528ff8a?source=rss------bug_bounty-5Iskiinfosec, cybersecurity, money, bug-bounty, hacking23-Apr-2025
BB01 - Advanced Recon: Taking Your Subdomain Discovery to the Next Levelhttps://r4gh4v.medium.com/bb01-advanced-recon-taking-your-subdomain-discovery-to-the-next-level-0d2538d1f3a9?source=rss------bug_bounty-5r4gh4vsubdomains-enumeration, reconnaissance, hacker, bug-bounty, hackerone23-Apr-2025
How I Was Able to Make $50 Using Only My Mobile Phone Through Information Disclosure By Google…https://medium.com/@xhacking_z/how-i-was-able-to-make-50-using-only-my-mobile-phone-through-information-disclosure-by-google-a332a5a6e030?source=rss------bug_bounty-5Omarmy-first-bounty, bug-bounty, google-dorking, hackerone23-Apr-2025
Michael Yonesi shares his Top 5 Cybersecurity Tips You Can’t Afford to Ignorehttps://medium.com/@michael.yonesi/michael-yonesi-shares-his-top-5-cybersecurity-tips-you-cant-afford-to-ignore-5efc5e677ea7?source=rss------bug_bounty-5Michael Younsihacking, cybersecurity, bug-bounty, security23-Apr-2025
Ethically hacking Android phones with Phonesploithttps://medium.com/@zishanfiroz/ethically-hacking-android-phones-with-phonesploit-b95924d50c89?source=rss------bug_bounty-5Md Zishan Firozcybersecurity, technology, hacking, bug-bounty23-Apr-2025
Bug Bounty Recon: CIDR, ASN & Subdomain Enumeration Guidehttps://sinhaamrit.medium.com/bug-bounty-recon-cidr-asn-subdomain-enumeration-guide-25c447af9c40?source=rss------bug_bounty-5Amrit Sinhahacking, cybersecurity, tools, bug-bounty, networking23-Apr-2025
Unauthorized Users Could Disclose Information and Execute GraphQL Operations After Permission…https://medium.com/@blackarazi/unauthorized-users-could-disclose-information-and-execute-graphql-operations-after-permission-961094edf7c8?source=rss------bug_bounty-5Azhari Harahapbug-bounty-writeup, websocket, application-security, bug-bounty, graphql23-Apr-2025
One Root Cause, Many Faces: The 6 Silent CSRF That Got Buriedhttps://medium.com/@hamdiyasin135/one-root-cause-many-faces-the-6-silent-csrf-that-got-buried-2dec4472744a?source=rss------bug_bounty-5yassin hamdibug-bounty, csrf, hacking, cybersecurity23-Apr-2025
$12,000 Bounty Won: Uncovering GitLab’s Hidden Data Leak Flawhttps://osintteam.blog/12-000-bounty-won-uncovering-gitlabs-hidden-data-leak-flaw-d623b6b3cff1?source=rss------bug_bounty-5Monika sharmareport, hacking, bug-bounty, technology, penetration-testing23-Apr-2025
Directory Bruteforcing Techniques: Find Hidden Treasures in Websites ️https://medium.com/@vipulsonule71/directory-bruteforcing-techniques-find-hidden-treasures-in-websites-%EF%B8%8F-c11f2f14a7d3?source=rss------bug_bounty-5Vipul Sonulehacking, cybersecurity, tech, bug-bounty, bug-bounty-tips23-Apr-2025
Bypassing Modern WAFs: Techniques That Still Work ️https://medium.com/@vipulsonule71/bypassing-modern-wafs-techniques-that-still-work-%EF%B8%8F-35a6aec5f90f?source=rss------bug_bounty-5Vipul Sonulebug-bounty-tips, bug-bounty, penetration-testing, hacking, cybersecurity23-Apr-2025
How Android Works (And Why It Actually Matters If You Wanna Hack It)https://medium.com/@muhammedshemil25/how-android-works-and-why-it-actually-matters-if-you-wanna-hack-it-d74ded88bac1?source=rss------bug_bounty-5Muhammed.shemilmobile-security, ctf, bug-bounty, android-security, cybersecurity23-Apr-2025
BB01 — Advanced Recon: Taking Your Subdomain Discovery to the Next Levelhttps://r4gh4v.medium.com/bb01-advanced-recon-taking-your-subdomain-discovery-to-the-next-level-0d2538d1f3a9?source=rss------bug_bounty-5r4gh4vsubdomains-enumeration, reconnaissance, hacker, bug-bounty, hackerone23-Apr-2025
Phishing-Style Link Reflected on Microsoft Azure Portal — Not XSS, But Still Trickyhttps://medium.com/@melege/phishing-style-link-reflected-on-microsoft-azure-portal-not-xss-but-still-tricky-559bde6f8252?source=rss------bug_bounty-5Ahmed AbdElmaqsoudbug-bounty, security, azure, ux-design, phishing23-Apr-2025
CSRF Vulnerability in EchoStar Companyhttps://medium.com/@youssefmohamed_84205/csrf-vulnerability-in-echostar-company-ffecbc6edc24?source=rss------bug_bounty-5Youssef Mohamedbug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty23-Apr-2025
️ How I Emulated a Real XSS Vulnerability with Just an Tag — A Practical Guide to…https://medium.com/@zoningxtr/%EF%B8%8F-how-i-emulated-a-real-xss-vulnerability-with-just-an-img-tag-a-practical-guide-to-7fb69d4ec46f?source=rss------bug_bounty-5Zoningxtrpenetration-testing, xss-attack, web-development, javascript, bug-bounty23-Apr-2025
learning how systems fall aparthttps://medium.com/@orxxin/learning-how-systems-fall-apart-b7fd9e42bbb7?source=rss------bug_bounty-5or//inbug-bounty, penetration-testing, learning, infosec23-Apr-2025
One Root Cause, Many Faces: The 6 Silent CSRF That Got Buriedhttps://hamdiyasin135.medium.com/one-root-cause-many-faces-the-6-silent-csrf-that-got-buried-2dec4472744a?source=rss------bug_bounty-5yassin hamdibug-bounty, csrf, hacking, cybersecurity23-Apr-2025
When System Information is Revealed Unknowingly!!https://spider7.medium.com/silent-leaks-ketika-informasi-sistem-dibuka-tanpa-disadari-1b1343d7a1ae?source=rss------bug_bounty-5N/Apoc, bug-bounty, hacker, bug-bounty-tips22-Apr-2025
How to Start Bug Bounty in 2025 (No Experience, No Problem)https://infosecwriteups.com/how-to-start-bug-bounty-in-2025-no-experience-no-problem-89adc68da592?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, hacking, 2025, infosec, bug-bounty22-Apr-2025
Spotting Beaconing Behaviour in Windows Systems: Analysing Timing Patterns in Network Connectionshttps://medium.com/@paritoshblogs/spotting-beaconing-behaviour-in-windows-systems-analysing-timing-patterns-in-network-connections-b41d187b346e?source=rss------bug_bounty-5Paritoshnetwork, beaconing, hacking, cybersecurity, bug-bounty22-Apr-2025
How Did I Hack a Website Just by Reading Its JavaScripthttps://medium.com/developersglobal/how-did-i-hack-a-website-just-by-reading-its-javascript-809f5f755e3d?source=rss------bug_bounty-5Ibtissam Hammadihacking, stored-xss, web-security, bug-bounty, javascript22-Apr-2025
Why JWTs Valid After Logout: A Pentester’s Guide to Testing and Securing Tokenshttps://medium.com/@dr34mb0y/why-jwts-valid-after-logout-a-pentesters-guide-to-testing-and-securing-tokens-6fb232fe57d9?source=rss------bug_bounty-5Sid Joshiweb-security, secure-coding, pentesting, bug-bounty, jwt-exploitation22-Apr-2025
Why I’m Diving Into Android Pentesting in 2025https://medium.com/@muhammedshemil25/why-im-diving-into-android-pentesting-in-2025-c9c78c4f57ac?source=rss------bug_bounty-5Muhammed.shemilandroid-pentesting, bug-bounty, ctf, mobile-security, ethical-hacking22-Apr-2025
404 to 0wnage: How a Broken Link Led Me to Admin Panel Accesshttps://infosecwriteups.com/404-to-0wnage-how-a-broken-link-led-me-to-admin-panel-access-2b58e1fffaa3?source=rss------bug_bounty-5Iskiinfosec, bug-bounty, money, hacking, cybersecurity22-Apr-2025
Privilege Escalation using Client-Side Path Traversalhttps://aboalezz1.medium.com/privilege-escalation-using-client-side-path-traversal-e1d0762a966d?source=rss------bug_bounty-5Mohamed AboAlezzcybersecurity, bugbounty-writeup, bug-bounty, ethical-hacking, bug-bounty-tips22-Apr-2025
Why You’re Not Finding Bugs Yet — And How I’m Fixing Ithttps://medium.com/@k4r7h1kn/why-youre-not-finding-bugs-yet-and-how-i-m-fixing-it-072a84e4fcf4?source=rss------bug_bounty-5Karthikeyanbug-zero, bugs, bug-bounty-tips, bug-bounty, bug-bounty-writeup22-Apr-2025
NTP — Port 123/UDP — How to exploit?https://medium.com/@verylazytech/ntp-port-123-udp-how-to-exploit-051e82cdde08?source=rss------bug_bounty-5Very Lazy Techethical-hacking, bug-bounty, penetration-testing, exploit, ntp22-Apr-2025
‍Crack Into Cybersecurity: A Beginner’s Roadmap Powered by AIhttps://medium.com/@aashish21/crack-into-cybersecurity-a-beginners-roadmap-powered-by-ai-f5dc949595a6?source=rss------bug_bounty-5Aashish Bawejabug-bounty, hacking, artificial-intelligence, cybersecurity22-Apr-2025
Why Did This Simple Bug Pay $5K in 24 Hourshttps://medium.com/@ibtissamhammadi/why-did-this-simple-bug-pay-5k-in-24-hours-cc35a761ae12?source=rss------bug_bounty-5Ibtissam Hammadiprogramming, bug-bounty, technology, cybersecurity, hacking22-Apr-2025
Security Vulnerabilities in Autonomous AI Agentshttps://fdzdev.medium.com/security-vulnerabilities-in-autonomous-ai-agents-26f905b2dc36?source=rss------bug_bounty-5Facundo Fernandezbug-bounty, artificial-intelligence, ai-agent, cybersecurity, machine-learning22-Apr-2025
CVE-2023-40723: Sensitive Information Disclosure in FortiSIEM via Crafted API Requestshttps://medium.com/@knowingly_majesty_tortoise_414/cve-yyyy-xxxx-sensitive-information-disclosure-in-fortisiem-via-crafted-api-requests-10e2519fd90c?source=rss------bug_bounty-5Lance Yeawbug-bounty, security-research, security, fortinet, hacking22-Apr-2025
Sensitive Data Exposure + Public Recon = Instant Account Takeoverhttps://medium.com/@GERRR4Y/sensitive-data-exposure-public-recon-instant-account-takeover-97c2ae752720?source=rss------bug_bounty-5Aya Ayman(GERR4Y)bug-bounty, ato, osint22-Apr-2025
From Curiosity to Report: My First Bug on a Live E-commerce Sitehttps://vux06.medium.com/from-curiosity-to-report-my-first-bug-on-a-live-e-commerce-site-dfa2dc46cd88?source=rss------bug_bounty-5Vux06bug-bounty, xss-attack, sql-injection, hacking, html-injection22-Apr-2025
How I made $64k from deleted files — a bug bounty storyhttps://medium.com/@sharon.brizinov/how-i-made-64k-from-deleted-files-a-bug-bounty-story-c5bd3a6f5f9b?source=rss------bug_bounty-5Sharon Brizinovgithub, hacking, bug-bounty, security22-Apr-2025
Broken Logic, Free Features: A Deep Dive into Access Control Failureshttps://medium.com/@es0557533/broken-logic-free-features-a-deep-dive-into-access-control-failures-7b5db28f0060?source=rss------bug_bounty-5Isvbugbounty-writeup, bug-bounty, broken-access-control, bug-bounty-tips22-Apr-2025
Day 12 Blind SQL injection with conditional errors — Zero to Hero Blind Injection — Portswiggerhttps://arayofhope7.medium.com/day-12-blind-sql-injection-with-conditional-errors-zero-to-hero-blind-injection-portswigger-e94f9e3977a5?source=rss------bug_bounty-5RayofHopeethical-hacking, bug-bounty, cybersecurity, web-penetration-testing, penetration-testing22-Apr-2025
CVE-2023-40723: Agent2Shellv2https://medium.com/@knowingly_majesty_tortoise_414/cve-yyyy-xxxx-sensitive-information-disclosure-in-fortisiem-via-crafted-api-requests-10e2519fd90c?source=rss------bug_bounty-5Lance Yeawbug-bounty, security-research, security, fortinet, hacking22-Apr-2025
Bypass Verification Code in Reset Password Endpointhttps://firdausmuhammadismail.medium.com/bypass-verification-code-in-reset-password-endpoint-91c2fa97e27b?source=rss------bug_bounty-5Firdaus Muhammad Ismailbypass, verification, bug-bounty-tips, bug-bounty, vulnerability21-Apr-2025
Automated Shodan Recon (bug bounty)https://medium.com/@loyalonlytoday/automated-shodan-recon-bug-bounty-776489cf8b6c?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, automation, cybersecurity, hacking, bug-bounty21-Apr-2025
I Clicked a Random Button in Google Slides — Then Google Paid Me $2,240https://infosecwriteups.com/i-clicked-a-random-button-in-google-slides-then-google-paid-me-2-240-22e1c0ca0535?source=rss------bug_bounty-5Ibtissam Hammadigoogle, technology, google-hacking, bug-bounty, cybersecurity21-Apr-2025
The Tools I Use for Bug Bounty Hunting?https://devprogramming.medium.com/the-tools-i-use-for-bug-bounty-hunting-5e544af7df44?source=rss------bug_bounty-5DevProgrammingcybersecurity, ethical-hacking, bug-bounty, infosec, hacking21-Apr-2025
How I Found a Facebook IDOR Bug in 15 Minutes (And How You Can Too)https://medium.com/@ibtissamhammadi/how-i-found-a-facebook-idor-bug-in-15-minutes-and-how-you-can-too-3ca4c6378b7c?source=rss------bug_bounty-5Ibtissam Hammadiethical-hacking, cybersecurity, idor, facebook-security, bug-bounty21-Apr-2025
[Vulnerability Campaign] Protect TECNO deviceshttps://medium.com/@security.tecno/vulnerability-campaign-protect-tecno-devices-070e2324175a?source=rss------bug_bounty-5TECNO Securitybug-bounty, hacking, security, report21-Apr-2025
Authentication Bypass Using Logic Flaws — Real Example + Fixeshttps://infosecwriteups.com/authentication-bypass-using-logic-flaws-real-example-fixes-f80f66587b2c?source=rss------bug_bounty-5Abhijeet Kumawathacker, ai, cybersecurity, infosec, bug-bounty21-Apr-2025
️ Hacking and Securing Kubernetes: A Deep Dive into Cluster Securityhttps://infosecwriteups.com/%EF%B8%8F-hacking-and-securing-kubernetes-a-deep-dive-into-cluster-security-f84436f6544a?source=rss------bug_bounty-5Ajay Naikcybersecurity, bug-bounty, kubernetes, penetration-testing, information-security21-Apr-2025
Stored XSS Led to OAuth App Credential Theft and Info Disclosurehttps://ehteshamulhaq198.medium.com/stored-xss-led-to-oauth-app-credential-theft-and-info-disclosure-85545fca3948?source=rss------bug_bounty-5Ehtesham Ul Haqxss-attack, bug-bounty-tips, bug-bounty, penetration-testing, infosec21-Apr-2025
✅ JWT Security Testing Test Caseshttps://infosecwriteups.com/jwt-security-testing-test-cases-80db5ba4e8a1?source=rss------bug_bounty-5Ajay Naikjwt, penetration-testing, cybersecurity, bug-bounty, information-security21-Apr-2025
​​$1,200 Bounty — IDOR via Phantom API and Parameter Manipulation​https://medium.com/@cadeeper/1-200-bounty-idor-via-phantom-api-and-parameter-manipulation-1f9a9d84f467?source=rss------bug_bounty-5Invikpentesting, cybersecurity, bug-bounty, hacking, bug-bounty-writeup21-Apr-2025
️ The JSON Backdoor: How I Exploited Insecure Deserialization for RCEhttps://infosecwriteups.com/%EF%B8%8F-the-json-backdoor-how-i-exploited-insecure-deserialization-for-rce-1d8aa4130564?source=rss------bug_bounty-5Iskihacking, money, infosec, cybersecurity, bug-bounty21-Apr-2025
Find first Bug [Simple But Critical Bug] That gives you a lot of Bountyhttps://medium.com/@hrofficial62/find-first-bug-simple-but-critical-bug-that-gives-you-a-lot-of-bounty-93b4107ffd82?source=rss------bug_bounty-5Mr Horbiobug-bounty, hacking, cybersecurity, ethical-hacking, penetration-testing21-Apr-2025
Hunting in the labyrinth: Your edge lies in understanding business contexhttps://medium.com/@luthierc/hunting-in-the-labyrinth-your-edge-lies-in-understanding-business-contex-bebeced6dca2?source=rss------bug_bounty-5Luthierctechnology, cybersecurity, bug-bounty, owasp, business21-Apr-2025
Open Redirect Vulnerabilities: How Small Bugs Lead to Big Rewardshttps://medium.com/@vipulsonule71/open-redirect-vulnerabilities-how-small-bugs-lead-to-big-rewards-8d925553dabd?source=rss------bug_bounty-5Vipul Sonulecybersecurity, hacking-tools, hacking, bug-bounty-tips, bug-bounty21-Apr-2025
️ Breaking the Chain of Command: A Critical Team Management DoS via Role Update Abusehttps://medium.com/@nhlimon37/%EF%B8%8F-breaking-the-chain-of-command-a-critical-team-management-dos-via-role-update-abuse-94c1188629b9?source=rss------bug_bounty-5NH Limon ️bug-bounty21-Apr-2025
How I Changed Other Users’ Names on a data integration platform’s team management system as an…https://medium.com/@nhlimon37/how-i-changed-other-users-names-on-a-data-integration-platform-s-team-management-system-as-an-6a47cb98d0e1?source=rss------bug_bounty-5NH Limon ️bug-bounty21-Apr-2025
Web Shells: The Hidden Backdoors Lurking in Your Serverhttps://medium.com/@zrhmz12/web-shells-the-hidden-backdoors-lurking-in-your-server-3ccd3ca8e736?source=rss------bug_bounty-5Zrhmzfile-upload-vulnerability, penetration-testing, webshell, bug-bounty, vulnerability21-Apr-2025
The Blank Page That Hid a Bughttps://infosecwriteups.com/when-a-blank-page-that-hid-a-bug-c0214390d68c?source=rss------bug_bounty-5SIDDHANT SHUKLAhacking, bug-bounty, programming, cybersecurity, vulnerability21-Apr-2025
Next.js CVE-2025–29927 hackinghub walkthroughhttps://medium.com/@abhishek-ji/next-js-cve-2025-29927-hackinghub-walkthrough-f7893cdd90c4?source=rss------bug_bounty-5Abhishek Guptacybersecurity, bug-bounty-tips, bug-bounty, nextjs, web-development21-Apr-2025
Stop Paying for Dozens of Subdomain Tools and Do All Your Enumeration and Recon in One Placehttps://medium.com/@alexandrevandammepro/stop-paying-for-dozens-of-subdomain-tools-and-do-all-your-enumeration-and-recon-in-one-place-19412c592375?source=rss------bug_bounty-5Alexandre Vandammebugbounty-tips, technology, bug-bounty, cybersecurity, infosec21-Apr-2025
That One Time a Forgotten Endpoint Earned Me $$$$$https://medium.com/@dhirenkumar/that-one-time-a-forgotten-endpoint-earned-me-5367838d3ea8?source=rss------bug_bounty-5pradhaninfosec, cybersecurity, hacking, bug-bounty, writeup20-Apr-2025
MOBSF Installation Guide 2025 Apple Silicons MACShttps://medium.com/offensive-black-hat-hacking-security/mobsf-installation-guide-2025-apple-silicons-macs-0f4718f15004?source=rss------bug_bounty-5Harshad Shahcybersecurity, bug-bounty, mobile, mobile-apps, penetration-testing20-Apr-2025
Finding a Password Bypass on Instagram in less than 3 dayshttps://medium.com/@hacktheplanet/finding-a-password-bypass-on-instagram-in-less-than-3-days-b84569c242ce?source=rss------bug_bounty-5SirHaxAlotinstagram, sirhaxalot, bug-bounty, ethical-hacking20-Apr-2025
The $12,000 Redirect, a Misconfigured URLhttps://medium.com/@dhirenkumar/the-12-000-redirect-a-misconfigured-url-f27cba89b622?source=rss------bug_bounty-5pradhanbug-bounty, hacking, cybersecurity, infosec, writeup20-Apr-2025
The Critical Role of Information Security Across the Software Development Lifecycle (SDLC)https://medium.com/@rezauditore/the-critical-role-of-information-security-across-the-software-development-lifecycle-sdlc-1e69fc1f59b6?source=rss------bug_bounty-5rezauditoreprogramming, hacking, bug-bounty, sdlc, software-development20-Apr-2025
Chaining Bugs Like a Hacker: IDOR to Account Takeover in 10 Minuteshttps://infosecwriteups.com/chaining-bugs-like-a-hacker-idor-to-account-takeover-in-10-minutes-db0cba198007?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, hacking, bug-bounty, ai, cybersecurity20-Apr-2025
Get a Free Ubuntu VPS Forever for Your Projects with Superfast Internethttps://r4gh4v.medium.com/get-a-free-ubuntu-vps-forever-for-your-projects-with-superfast-internet-06259b8777f1?source=rss------bug_bounty-5r4gh4vlinux, bug-bounty, vps-hosting, hacking, vps20-Apr-2025
$1000 Bounty Won: The Amazing Winhttps://infosecwriteups.com/1000-bounty-won-the-amazing-win-22da06954089?source=rss------bug_bounty-5Monika sharmahacking, bug-bounty, bug-bounty-tips, report, technology20-Apr-2025
Winning Swags and Hall of Fame for Finding bugs.https://infosecwriteups.com/winning-swags-and-hall-of-fame-for-finding-bugs-7402555fefe3?source=rss------bug_bounty-5RivuDonbug-bounty-hunter, bug-bounty-writeup, bug-bounty-tips, bug-bounty20-Apr-2025
How I Hijacked OAuth Tokens Through a Parallel Auth Flow Race Condition — $8500 P1 Bug Bountyhttps://infosecwriteups.com/how-i-hijacked-oauth-tokens-through-a-parallel-auth-flow-race-condition-8500-p1-bug-bounty-7af1cccc4d4c?source=rss------bug_bounty-5Anmol Singh Yadavbug-bounty, hacking, bug-bounty-writeup, bug-bounty-tips20-Apr-2025
The Brain Left Unlocked: Public etcd and the Risks Beneath Kuberneteshttps://medium.com/@nijina7/the-brain-left-unlocked-public-etcd-and-the-risks-beneath-kubernetes-3e6dd122a9c5?source=rss------bug_bounty-5Nijin Kbug-bounty-tips, bug-bounty, etcd, hacking, ethical-hacking20-Apr-2025
Email Verification Bypass via Sign in with Googlehttps://xsametyigit.medium.com/email-verification-bypass-via-sign-in-with-google-a273827c4968?source=rss------bug_bounty-5Samet Yiğitbug-bounty-tips, bug-bounty, ödülavcılığı, bug-bounty-writeup20-Apr-2025
Nothing changed… except for one detail. And that was enough to hackhttps://medium.com/@phoenixcatalan/nothing-changed-except-for-one-detail-and-that-was-enough-to-hack-791f0f8bc8cb?source=rss------bug_bounty-5phoenixcatalanbug-bounty-tips, bug-bounty, portswigger, hacking, ethical-hacking20-Apr-2025
Tricking system to delete any user account: from informative to 4000$ HIGH Bountyhttps://entropydrifter.medium.com/tricking-system-to-delete-any-user-account-from-informative-to-4000-high-bounty-245944d4eaa9?source=rss------bug_bounty-5Abdullah Ahmed aka entropydrifterbug-bounty, hackerone, bug-bounty-tips, bug-bounty-writeup20-Apr-2025
How a Smart Bug Hunter Found a Big Security Hole in MTN Grouphttps://osintteam.blog/how-a-smart-bug-hunter-found-a-big-security-hole-in-mtn-group-64d661124f51?source=rss------bug_bounty-5Monika sharmabug-bounty, report, hacking, technology, bug-bounty-tips20-Apr-2025
How a Stupid Public Link Opened a Massive Data Exposure (Real Casehttps://medium.com/@Nigga_Hitam/how-a-stupid-public-link-opened-a-massive-data-exposure-real-case-1b1f75846f6c?source=rss------bug_bounty-5Nigga_hitamcybersecurity, bug-bounty20-Apr-2025
picoCTF Web Exploitation: picobrowserhttps://medium.com/@Kamal_S/picoctf-web-exploitation-picobrowser-ce806dfedd2f?source=rss------bug_bounty-5Kamal Sbug-bounty, picoctf, ctf, security-testing, picobrowser20-Apr-2025
MSRPC — Port 135, 539 — How to exploit?https://medium.com/@verylazytech/msrpc-port-135-539-how-to-exploit-1e14a8b8006b?source=rss------bug_bounty-5Very Lazy Techmsrpc, penetration-testing, ethical-hacking, hacking, bug-bounty20-Apr-2025
Lab: Exploiting an API endpoint using documentationhttps://mukibas37.medium.com/lab-exploiting-an-api-endpoint-using-documentation-0a74ce7b7118?source=rss------bug_bounty-5Mukilan Baskaranhacking, bug-bounty, security, ethical-hacking, cybersecurity20-Apr-2025
Escalating Impact: Full Account Takeover in Microsoft via XSS in Login Flowhttps://melotover.medium.com/escalating-impact-full-account-takeover-in-microsoft-via-xss-in-login-flow-f160fa79b008?source=rss------bug_bounty-5Asem Elerakyaccount-takeover, cybersecurity, cross-site-scripting, xss-attack, bug-bounty20-Apr-2025
️ Rate Limiting: The Unsung Guardian of Web Applicationshttps://medium.com/@sachinpv2004/%EF%B8%8F-rate-limiting-the-unsung-guardian-of-web-applications-37a52a96a320?source=rss------bug_bounty-5SACHIN PVcybersecurity, bug-bounty, red-team, pentesting, rate-limiting20-Apr-2025
HTTP Parameter Pollution: The Dirty Little Secret That Gave Me Full Backend Access ️https://infosecwriteups.com/http-parameter-pollution-the-dirty-little-secret-that-gave-me-full-backend-access-%EF%B8%8F-f7777c569648?source=rss------bug_bounty-5Iskicybersecurity, bug-bounty, money, infosec, hacking20-Apr-2025
Lab: Exploiting an API endpoint using documentationhttps://infosecwriteups.com/lab-exploiting-an-api-endpoint-using-documentation-0a74ce7b7118?source=rss------bug_bounty-5Mukilan Baskaranhacking, bug-bounty, security, ethical-hacking, cybersecurity20-Apr-2025
Cyber Kalki Nexus Subdomain WebScanner Pro The Ultimate Free Web Subdomain Discovery Tool for…https://medium.com/@krivadna/cyber-kalki-nexus-subdomain-webscanner-pro-the-ultimate-free-web-subdomain-discovery-tool-for-3d59d7f645a2?source=rss------bug_bounty-5Krivadnainfosec, bug-bounty, bugbounty-writeup, subdomains-enumeration, cybersecurity20-Apr-2025
Mastering Logic Bugs: A Checklist for Bug Hunters — Part 4 (tips from Pro hunters)https://medium.com/@mahdisalhi0500/mastering-logic-bugs-a-checklist-for-bug-hunters-part-4-tips-from-pro-hunters-b098618c67ca?source=rss------bug_bounty-5CaptinSHArky(Mahdi)bug-bounty, penetration-testing, information-security, cybersecurity, hacking20-Apr-2025
A list of good wordlists for bug bounty huntershttps://medium.com/@loyalonlytoday/a-list-of-good-wordlists-for-bug-bounty-hunters-7a6562df2aba?source=rss------bug_bounty-5loyalonlytodaycybersecurity, penetration-testing, wordlist, ethical-hacking, bug-bounty19-Apr-2025
Exposed Secrets in JavaScript Fileshttps://medium.com/@Abhijeet_kumawat_/exposed-secrets-in-javascript-files-430a76834952?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, hacking, cybersecurity, javascript, ai19-Apr-2025
Buy Any Product for Free via Price Tamperinghttps://medium.com/@shyam.sam0704/buy-any-product-for-free-via-price-tampering-75326ff7a767?source=rss------bug_bounty-5Shyamvulnerability-assessment, bug-hunting, bug-bounty, burpsuite, price-tampering19-Apr-2025
Reflected XSS using Bookmarkhttps://infosecwriteups.com/reflected-xss-using-bookmark-937cf27c5725?source=rss------bug_bounty-5cryptoshantjourney, hacking, cybersecurity, samsung, bug-bounty19-Apr-2025
Exposed Secrets in JavaScript Fileshttps://infosecwriteups.com/exposed-secrets-in-javascript-files-430a76834952?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, hacking, cybersecurity, javascript, ai19-Apr-2025
What Is a JavaScript Attribute?https://medium.com/@zoningxtr/what-is-a-javascript-attribute-e6b4e5b6317c?source=rss------bug_bounty-5Zoningxtrhtml, javascript, bug-bounty, penetration-testing, cybersecurity19-Apr-2025
Programming Language for Ethical Hackinghttps://infosecwriteups.com/programming-language-for-ethical-hacking-67eb8b211759?source=rss------bug_bounty-5Mr Horbiohacking, programming, bug-bounty, ethical-hacking, cybersecurity19-Apr-2025
Understanding Session Cookies and Authentication Tokenshttps://medium.com/@sachinpv2004/understanding-session-cookies-and-authentication-tokens-452bd4cc332a?source=rss------bug_bounty-5SACHIN PVbug-bounty, hacking, pentesting, cybersecurity, sessions19-Apr-2025
Hidden in Plain Sight: How Sitemap.xml Gave Me Access to Goldhttps://medium.com/@iski/hidden-in-plain-sight-how-sitemap-xml-gave-me-access-to-gold-101fc0e0bf1e?source=rss------bug_bounty-5Iskiinfosec, money, hacking, cybersecurity, bug-bounty19-Apr-2025
How I Registered the Same Username Twice — No Tools Neededhttps://strangerwhite.medium.com/how-i-registered-the-same-username-twice-no-tools-needed-284f3b46d82a?source=rss------bug_bounty-5StrangeRwhitebug-bounty-writeup, infosec, hacking, bug-bounty-tips, bug-bounty19-Apr-2025
How to detect and exploit OS Command injectionhttps://medium.com/@evyeveline1/how-to-detect-and-exploit-os-command-injection-a5d4d2423ead?source=rss------bug_bounty-5Evyevelinebug-bounty, os-command-injection, web-hacking, ethical-hacking, web-vulnerabilities19-Apr-2025
Business Logic Flaw worth $1250https://vijetareigns.medium.com/business-logic-flaw-worth-1250-35efcd1b9af9?source=rss------bug_bounty-5the_unlucky_guyhacking, bug-bounty, cybersecurity, bug-bounty-tips, bug-bounty-writeup19-Apr-2025
When “One‑Time” Isn’t One‑Time: How a Simple OTP bypass gave me Platform-Wide Account Takeoverhttps://medium.com/@ali.mezar/when-one-time-isnt-one-time-how-a-simple-otp-bypass-gave-me-platform-wide-account-takeover-0554bbd39dbc?source=rss------bug_bounty-5Ali Mezarweb-security, rate-limiting, account-takeover, bug-bounty, otp-bypass19-Apr-2025
SQL injection UNION attack, retrieving multiple values in a single column — PortSwiggerhttps://arayofhope7.medium.com/sql-injection-union-attack-retrieving-multiple-values-in-a-single-column-portswigger-65d850e9cc8e?source=rss------bug_bounty-5RayofHopecybersecurity, ethical-hacking, web-penetration-testing, penetration-testing, bug-bounty19-Apr-2025
HTML Tags and Their JavaScript-Interactive Attributes ✨https://medium.com/@zoningxtr/html-tags-and-their-javascript-interactive-attributes-7534e7de0cb1?source=rss------bug_bounty-5Zoningxtrhtml, penetration-testing, cybersecurity, bug-bounty, javascript19-Apr-2025
NetBios — Port 137,138,139 — How to exploit?https://medium.com/@verylazytech/netbios-port-137-138-139-how-to-exploit-4c0f81af3b94?source=rss------bug_bounty-5Very Lazy Techbug-bounty, netbios, hacking, ethical-hacking, penetration-testing19-Apr-2025
From Curiosity to Shell phpinfo()https://medium.com/@dhirenkumar/from-curiosity-to-shell-phpinfo-fa7a7b7e5d22?source=rss------bug_bounty-5pradhancybersecurity, bug-bounty, tips, infosec, hacking19-Apr-2025
How I Passed the eJPT Certification: Complete Journeyhttps://medium.com/@vipulsonule71/how-i-passed-the-ejpt-certification-complete-journey-a0d3a1206c06?source=rss------bug_bounty-5Vipul Sonuletech, cybersecurity, bug-bounty, hacking, medium19-Apr-2025
“How I Found a Privilege Escalation Bug by Accident and Earned $830”https://medium.com/@saddamzzz65/how-i-found-a-privilege-escalation-bug-by-accident-and-earned-830-af15a35dc3d8?source=rss------bug_bounty-5Saddamzzzethical-hacking, bug-bounty, cybersecurity, web-security, infosec19-Apr-2025
Android Application Analysis: Tools, Techniques and Tipshttps://medium.com/@mayank_prajapati/android-application-analysis-tools-techniques-and-tips-435dcf144c9c?source=rss------bug_bounty-5Mayank Kumar Prajapaticybersecurity, penetration-testing, ethical-hacking, bug-bounty, android19-Apr-2025
UI Says No to Email Change, Backend Says ‘Sure, Why Not?’”https://medium.com/@a0xtrojan/ui-says-no-to-email-change-backend-says-sure-why-not-cff45b3cfe3c?source=rss------bug_bounty-5A0X_Trojanbug-bounty, bussiness-logic-error, penetration-testing, medium, hackerone19-Apr-2025
Blind SQL injection with conditional responses — Zero to Hero Blind Injection — Portswiggerhttps://arayofhope7.medium.com/blind-sql-injection-with-conditional-responses-zero-to-hero-blind-injection-portswigger-dad0cab48d57?source=rss------bug_bounty-5RayofHopeethical-hacking, bug-bounty, web-penetration-testing, cybersecurity, penetration-testing19-Apr-2025
All about Multi-factor Authenticationhttps://hassanjawaid.medium.com/all-about-multi-factor-authentication-a131d6c20bf5?source=rss------bug_bounty-5Hassan Jawaidbug-bounty-writeup, bug-bounty19-Apr-2025
Aswan CTF Web challenges: Yaoguai Bankhttps://medium.com/@karim.engmohamed/aswan-ctf-web-challenges-yaoguai-bank-606d6dd6dd27?source=rss------bug_bounty-5Karim Mohamedctf, web, ctf-writeup, ctf-walkthrough, bug-bounty18-Apr-2025
The Hidden Dangers of an Exposed .env Filehttps://medium.com/@dharineeshj2/the-hidden-dangers-of-an-exposed-env-file-80532158c6f0?source=rss------bug_bounty-5Hack-Batbug-bounty, penetration-testing, hacking, cybersecurity, red-team18-Apr-2025
Burp Suite Beyond Basics: Hidden Features That Save Time and Find More Bugshttps://infosecwriteups.com/burp-suite-beyond-basics-hidden-features-that-save-time-and-find-more-bugs-19f15bb3bcc3?source=rss------bug_bounty-5Abhijeet Kumawatsecrets, bug-bounty, cybersecurity, burpsuite, hacking18-Apr-2025
How I Earned $300 from a Single Rate Limiting Vulnerability — Twice!https://medium.com/@whitehat29/how-i-earned-300-from-a-single-rate-limiting-vulnerability-twice-224b4be29fd0?source=rss------bug_bounty-5Whitehatbug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty, cybersecurity18-Apr-2025
What Bugs you can find as a Beginnerhttps://medium.com/@aashifm/what-bugs-you-can-find-as-a-beginner-e016b5d535d4?source=rss------bug_bounty-5127.0.0.1cybersecurity, idor, bug-bounty, open-redirect, bugs18-Apr-2025
Hours of Recon, One Vulnerable Parameter, and Boom — SQL Injection Found.https://hiddendom.medium.com/hours-of-recon-one-vulnerable-parameter-and-boom-sql-injection-found-e7f2bb74d423?source=rss------bug_bounty-5Gokuleswaran Bbug-bounty-tips, bug-bounty-writeup, sql-injection-attack, sql-injection, bug-bounty18-Apr-2025
Bypassing Like a Pro: How I Fooled the WAF and Made It Payhttps://infosecwriteups.com/bypassing-like-a-pro-how-i-fooled-the-waf-and-made-it-pay-e433193e1d9d?source=rss------bug_bounty-5Iskimoney, cybersecurity, bug-bounty, hacking, infosec18-Apr-2025
Recon Search Assistanthttps://medium.com/@bobby.S/recon-search-assistant-d8506fdc8484?source=rss------bug_bounty-50xBobbybug-bounty-tips, bug-bounty-writeup, bug-bounty, penetration-testing, google-dork18-Apr-2025
Checking for SSL Medium Strength Cipher Suites Supportedhttps://medium.com/@toon.commander/checking-for-ssl-medium-strength-cipher-suites-supported-2a27b1c021c2?source=rss------bug_bounty-5Jormungandrpentest, vulnerability, exploit, bug-bounty18-Apr-2025
WAF Bypass Masterclass: Using SQLMap with Proxychains and Tamper Scripts Against Cloudflare &…https://infosecwriteups.com/waf-bypass-masterclass-using-sqlmap-with-proxychains-and-tamper-scripts-against-cloudflare-9d46b36bae94?source=rss------bug_bounty-5coffinxpcybersecurity, hacking, bug-bounty, programming, technology18-Apr-2025
Automating GraphQL Bug Bounty Hunting with GrapeQLhttps://infosecwriteups.com/automating-graphql-bug-bounty-hunting-with-grapeql-e1e874f11c7c?source=rss------bug_bounty-5Aleksa Zatezalosoftware-development, bug-bounty, graphql, hacking, github18-Apr-2025
Rethinking Deserialization Attacks: Chaining Cloudpickle with Pandas & NumPyhttps://medium.com/@kerkroups/rethinking-deserialization-attacks-chaining-cloudpickle-with-pandas-numpy-cadebb52b69f?source=rss------bug_bounty-5Kerkroupscybersecurity, application-security, bug-bounty, penetration-testing18-Apr-2025
Click Jacking Impact Privilage Escalationhttps://firdausmuhammadismail.medium.com/click-jacking-impact-privilage-escalation-585918563f52?source=rss------bug_bounty-5Firdaus Muhammad Ismailbug-bounty-writeup, clickjacking, vulnerability, bug-bounty, poc18-Apr-2025
SMB — Port 139 445 — How to exploit?https://medium.com/@verylazytech/smb-port-139-445-how-to-exploit-8a1580797bc0?source=rss------bug_bounty-5Very Lazy Techethical-hacking, smb, penetration-testing, port-445, bug-bounty18-Apr-2025
Earn Money by Discovering Bugshttps://medium.com/@2000anujsharma/earn-money-by-discovering-bugs-b434b95ac2b7?source=rss------bug_bounty-5Let's codeinfosec, cybersecurity, ethical-hacking, makemoney-online, bug-bounty18-Apr-2025
Secret to find bugs in five minutes. Juicy reality.https://medium.com/@riazrabia/secret-to-find-bugs-in-five-minutes-juicy-reality-c7ed63cf26a8?source=rss------bug_bounty-5Rabia Riazeasy-bugs, bug-bounty-writeup, bug-bounty-tips, bug-bounty, bug-in-5-minutes18-Apr-2025
Light CTF Write-up: A Deep Dive into SQLite Injection and Enumerationhttps://medium.com/@shxdowz/light-ctf-write-up-a-deep-dive-into-sqlite-injection-and-enumeration-f0253a63171d?source=rss------bug_bounty-5Shxdowztryhackme-walkthrough, bug-bounty, tryhackme, sql-injection, writeup18-Apr-2025
I need your supporthttps://medium.com/@t79877005/i-need-your-support-02984632fd9b?source=rss------bug_bounty-5Rester Testchrome, bug-bounty, software-testing, bugs18-Apr-2025
Pre-Account Takeover: The Account Hack You Never Saw Cominghttps://medium.com/@sachinpv2004/pre-account-takeover-the-account-hack-you-never-saw-coming-25eb518b34f1?source=rss------bug_bounty-5SACHIN PVcybersecurity, bug-bounty, account-takeover, pentesting, security18-Apr-2025
Why You Shouldn’t Share Your Dreams With Everyone — SOCIAL EXPERIMENThttps://medium.com/@ph4nt0mbyt3/why-you-shouldnt-share-your-dreams-with-everyone-social-experiment-e7aae670ab02?source=rss------bug_bounty-5ph4nt0mbyt3bug-bounty, motivation18-Apr-2025
How to Find Hidden APIs and Abuse Them in Web Appshttps://medium.com/@vipulsonule71/how-to-find-hidden-apis-and-abuse-them-in-web-apps-42bd8cd91552?source=rss------bug_bounty-5Vipul Sonulebug-bounty, technology, hacking, ethical-hacking, cybersecurity18-Apr-2025
⚠️ CVE-2025-24054: Actively Exploited Vulnerability Stealing NTLM Credentials – What You Need to…https://chintalatarakaram.medium.com/%EF%B8%8F-cve-2025-24054-actively-exploited-vulnerability-stealing-ntlm-credentials-what-you-need-to-631ac46f45e3?source=rss------bug_bounty-5Chintala Taraka Rambug-bounty-writeup, bug-bounty, hacking, cybersecurity, bug-bounty-tips18-Apr-2025
Header-Fusionhttps://medium.com/@bineeg/header-fusion-3c11da41582e?source=rss------bug_bounty-5bineegidor-vulnerability, infosec, bug-bounty, hacking-tools18-Apr-2025
Race condtion & Logic Bug lead to Pre-ATOhttps://medium.com/@yassentaalab51/race-condtion-logic-bug-lead-to-pre-ato-4fb85dfb4bcc?source=rss------bug_bounty-5Killuaowasp, bug-bounty, penetration-testing, race-condition, bug-bounty-tips18-Apr-2025
F5 BIGIP PROMO CODES- UDEMYhttps://medium.com/@deepdive4learn/f5-bigip-promo-codes-udemy-6ed8534d230d?source=rss------bug_bounty-5DeepDive4learnbug-bounty, web-development, cybersecurity, python-programming, udemy18-Apr-2025
The One Parameter That Changed Everything /api/v1https://medium.com/@dhirenkumar/the-one-parameter-that-changed-everything-api-v1-2747e3b83f84?source=rss------bug_bounty-5Dhiren Kumar Pradhanhacking, bug-bounty, infosec, cybersecurity17-Apr-2025
Detecting Credential Dumping with Windows Built-In Toolshttps://medium.com/@paritoshblogs/detecting-credential-dumping-with-windows-built-in-tools-b51b8eb6f8ca?source=rss------bug_bounty-5Paritoshbug-bounty, cybersecurity, credentials, information-technology, hacking17-Apr-2025
Slow HTTP Denial of Service Attack Pada Subdomain kawasaki.co.idhttps://medium.com/@ricoandreas19/slow-http-denial-of-service-attack-pada-subdomain-kawasaki-co-id-7dca9a319057?source=rss------bug_bounty-5Rico Andreasbug-bounty, denial-of-service-attack, slow-loris, kawasaki-indonesia17-Apr-2025
‍☠️The Ultimate Subdomain Enumeration Guide: Tools, Tricks, and Hidden Secretshttps://infosecwriteups.com/%EF%B8%8Fthe-ultimate-subdomain-enumeration-guide-tools-tricks-and-hidden-secrets-bbae13df9a83?source=rss------bug_bounty-5Abhijeet Kumawatsubdomains-enumeration, infosec, bug-bounty, hacking, cybersecurity17-Apr-2025
Secret tricks to get hidden information in Bug Bountyhttps://infosecwriteups.com/secret-tricks-to-get-hidden-information-in-bug-bounty-107f3e055c4d?source=rss------bug_bounty-5Mr Horbiohacking, github, cybersecurity, penetration-testing, bug-bounty17-Apr-2025
Hacking and Securing Docker Containers: A Deep Dive into Common Vulnerabilities and Test Caseshttps://infosecwriteups.com/hacking-and-securing-docker-containers-a-deep-dive-into-common-vulnerabilities-and-test-cases-e40f2eee58f2?source=rss------bug_bounty-5Ajay Naikdocker, bug-bounty, penetration-testing, information-security, cybersecurity17-Apr-2025
From CSS to AWS: How a Stylesheet Reference Leaked Cloud Secrets ☁️https://medium.com/@iski/from-css-to-aws-how-a-stylesheet-reference-leaked-cloud-secrets-%EF%B8%8F-c55e5048777e?source=rss------bug_bounty-5Iskimoney, bug-bounty, infosec, hacking, cybersecurity17-Apr-2025
️‍♂️ “I Didn’t Plan to Find a P1… But My Script Had Other Plans ”https://infosecwriteups.com/%EF%B8%8F-%EF%B8%8F-i-didnt-plan-to-find-a-p1-but-my-script-had-other-plans-77691a46985b?source=rss------bug_bounty-5Lord Heavens3-bucket, infosecurity, s3, infosec, bug-bounty17-Apr-2025
OSINT Like a Spy: Tools and Techniques for Online Investigations ️‍♂️https://medium.com/@vipulsonule71/osint-like-a-spy-tools-and-techniques-for-online-investigations-%EF%B8%8F-%EF%B8%8F-79571a765ddb?source=rss------bug_bounty-5Vipul Sonulecybersecurity, technology, bug-bounty, ethical-hacking, hacking17-Apr-2025
The Rise of Cloud Hacking: What Every Developer Should Knowhttps://medium.com/write-a-catalyst/the-rise-of-cloud-hacking-what-every-developer-should-know-e99efe9d8e3c?source=rss------bug_bounty-5Monika sharmabug-bounty, ai, hacking, cloud, technology17-Apr-2025
Understanding All HTTP Response Codes & How to Bypass Them!https://medium.com/@gouravrathod8788/understanding-all-http-response-codes-how-to-bypass-them-677b784f8232?source=rss------bug_bounty-5Gourav Singh Rajputhttps, security, red-team, cybersecurity, bug-bounty17-Apr-2025
2FA Bypass: A Case of Insecure Implementationhttps://ehteshamulhaq198.medium.com/2fa-bypass-a-case-of-insecure-implementation-8b9e44f3d68c?source=rss------bug_bounty-5Ehtesham Ul Haq2fa-authentication, ethical-hacking, bug-bounty, penetration-testing, infosec17-Apr-2025
From Betting Addiction to Ethical Hacking: How I Discovered a Security Loophole in a Popular…https://medium.com/@pazzoamani/from-betting-addiction-to-ethical-hacking-how-i-discovered-a-security-loophole-in-a-popular-159720067f1d?source=rss------bug_bounty-5AMANI Patrickcybersecurity, cybersecurity-awareness, offensive-security, bug-bounty17-Apr-2025
How I Earned $3,245 in Bug Bounties(My First 90 Days)https://medium.com/@ibtissamhammadi/how-i-earned-3-245-in-bug-bounties-my-first-90-days-d4b8e397280d?source=rss------bug_bounty-5Ibtissam Hammadimake-money-online, cybersecurity, payu, bug-bounty, hacking17-Apr-2025
Data Disclosed: A Look into Real-World Incidentshttps://medium.com/@sachinpv2004/data-disclosed-a-look-into-real-world-incidents-acc00a02a89c?source=rss------bug_bounty-5SACHIN PVbug-bounty, pentesting, information-disclosure, cybersecurity17-Apr-2025
MASTER IN BASH WITH ONE VIDEOhttps://infosecwriteups.com/master-in-bash-with-one-video-5c77dbe3341d?source=rss------bug_bounty-5Mr Horbiopenetration-testing, cybersecurity, ethical-hacking, bug-bounty, bash17-Apr-2025
SUID Exploitation [Privilege Escalation] Tutorial | EJPT Examhttps://infosecwriteups.com/suid-exploitation-privilege-escalation-tutorial-ejpt-exam-e446f340ba3f?source=rss------bug_bounty-5Mr Horbiopenetration-testing, ethical-hacking, bug-bounty, hacker, cybersecurity17-Apr-2025
How I Took Over Accounts by Disabling 2FA Without Even Logging In | P1 — Criticalhttps://medium.com/@nebty/how-i-took-over-accounts-by-disabling-2fa-without-even-logging-in-p1-critical-a50f109e2ed4?source=rss------bug_bounty-5Nebtycybersecurity, vulnerability, authentication, bug-bounty, 2fa17-Apr-2025
How to Find Hidden SQL Injection Points During Reconhttps://medium.com/@vipulsonule71/how-to-find-hidden-sql-injection-points-during-recon-3f015328fdef?source=rss------bug_bounty-5Vipul Sonulehacking, cybersecurity, penetration-testing, tech, bug-bounty17-Apr-2025
Metasploit Basics For PenTester & Bug Bounty Hunters ⚡https://medium.com/@0b1d1/metasploit-basics-for-pentester-bug-bounty-hunters-72facfc9cdd1?source=rss------bug_bounty-50b1d1bug-bounty-writeup, bug-bounty, bug-bounty-tips, meterpreter, metasploit17-Apr-2025
Powerful One-Liner commands for Ethical Hacking & Bug Huntinghttps://medium.com/@BugRey/powerful-one-liner-commands-for-ethical-hacking-bug-hunting-dd33fd2aaa09?source=rss------bug_bounty-5./Rey~ethical-hacking, cybersecurity, bug-bounty, bug-bounty-tips17-Apr-2025
200$ by Tricking a Global Music App with One Line of Codehttps://myselfakash20.medium.com/200-by-tricking-a-global-music-app-with-one-line-of-code-de2f4ab3cd4a?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, technology, cybersecurity, bug-bounty, ethical-hacking17-Apr-2025
Top 15 Unique Extensions for Programmers: Part(3)https://osintteam.blog/top-15-unique-extensions-for-programmers-part-3-1009695a1199?source=rss------bug_bounty-5Monika sharmahacking, programming, technology, bug-bounty, extension17-Apr-2025
They Used Tools I Used Logic 0-Click Account Takeover Without Breaking a Sweathttps://medium.com/@loayahmed686/they-used-tools-i-used-logic-0-click-account-takeover-without-breaking-a-sweat-fd57c078dc82?source=rss------bug_bounty-5r00tbug-bounty, infosec, cybersecurity, bugbounty-tips, bugbounty-writeup17-Apr-2025
The 50-Day Security Marathon: How I Helped Ford Patch a Critical XSS Vulnerabilityhttps://medium.com/@N0aziXss/the-50-day-security-marathon-how-i-helped-ford-patch-a-critical-xss-vulnerability-fc6c012f40b5?source=rss------bug_bounty-5N0aziXssxss-vulnerability, enterprise-security, responsible-disclosure, web-security, bug-bounty17-Apr-2025
CVE-2025–29927 Authorization bypass vulnerability identified in Next.js.https://shauryasharma05.medium.com/cve-2025-29927-authorization-bypass-vulnerability-identified-in-next-js-9f46812c7826?source=rss------bug_bounty-5Shaurya Sharmahacking, nextjs, cybersecurity, cve, bug-bounty17-Apr-2025
How I got a Zero-Click Account Takeover Bounty — Using Nothing But Logichttps://itsahmedatef.medium.com/how-i-got-a-zero-click-account-takeover-bounty-using-nothing-but-logic-11a3ae151376?source=rss------bug_bounty-5Ahmed Atefcybersecurity, infosec, bug-bounty-writeup, account-takeover, bug-bounty17-Apr-2025
How I Discovered CVE-2025–3568: From XSS to Admin Account Takeoverhttps://medium.com/@sneharghyaroy/how-i-discovered-cve-2025-3568-from-xss-to-admin-account-takeover-6dabfcc7a320?source=rss------bug_bounty-5Sneharghya Roybug-bounty, educational, cybersecurity, ethical-hacking17-Apr-2025
“Analyzing Browser Artifacts During an Incident” : Cache, history, and login data in Chrome, Edge…https://medium.com/@paritoshblogs/analyzing-browser-artifacts-during-an-incident-cache-history-and-login-data-in-chrome-edge-47ee1a7ce2a3?source=rss------bug_bounty-5Paritoshhacking, bug-bounty, cybersecurity, incident-response, information-technology16-Apr-2025
An ultimate information-gathering tool for bug bounty hunters, Osint investigators, and pen testers.https://medium.com/@loyalonlytoday/an-ultimate-information-gathering-tool-for-bug-bounty-hunters-osint-investigators-and-pen-testers-70b8944746f6?source=rss------bug_bounty-5loyalonlytodayhacking, bug-bounty, programming, penetration-testing, cybersecurity16-Apr-2025
How a Software Engineer Earned $40,000 Through Bug Bounty Programs (In His Spare Time)https://medium.com/@cadeeper/how-a-software-engineer-earned-40-000-through-bug-bounty-programs-in-his-spare-time-a9e1834a02c9?source=rss------bug_bounty-5Invikbug-bounty, security, cybersecurity, development, software-development16-Apr-2025
How I Earned My First Bug Bounty and What It Taught Me About Ethical Hackinghttps://medium.com/@dhirenkumar/how-i-earned-my-first-bug-bounty-and-what-it-taught-me-about-ethical-hacking-f3687e212d0a?source=rss------bug_bounty-5Dhiren Kumar Pradhanhacking, bug-bounty, cybersecurity16-Apr-2025
️ Blind XSS Attack in Production: My Favorite Exploit with a Delayed Surprisehttps://infosecwriteups.com/%EF%B8%8F-blind-xss-attack-in-production-my-favorite-exploit-with-a-delayed-surprise-3f7f13427ee4?source=rss------bug_bounty-5Abhijeet Kumawatxss-attack, secrets, bug-bounty, hacking, cybersecurity16-Apr-2025
From ‘Error 404’ to ‘Cha-Ching! BugBountyhttps://medium.com/@xlr44444/from-error-404-to-cha-ching-bugbounty-18d3b839019b?source=rss------bug_bounty-5Blekhatebug-bounty-writeup, bug-bounty, bug-bounty-tips, pentesting, cybersecurity16-Apr-2025
Email Verification Bypass during Account Creation | Insecure Designhttps://raymondv.medium.com/email-verification-bypass-during-account-creation-insecure-design-09122979577f?source=rss------bug_bounty-5Raymond Van Wartinsecure-design, cybersecurity, firebase, bug-bounty16-Apr-2025
Bypassing Content-Type Restrictions to Upload Web Shellshttps://medium.com/@nevershareemail/bypassing-content-type-restrictions-to-upload-web-shells-d10fd45fa10b?source=rss------bug_bounty-5Sumit Tiwaricybersecurity, web-app-security, bug-bounty, web-app-pentesting, bug-bounty-tips16-Apr-2025
My First High-Impact Bug: Unauthenticated Unsubscribe via Token Manipulation (IDOR + PII…https://medium.com/@sauravkrish59/my-first-high-impact-bug-unauthenticated-unsubscribe-via-token-manipulation-idor-pii-872d1004a9bc?source=rss------bug_bounty-5@Sauravkrishbug-bounty-writeup, bug-bounty, bug-bounty-tips, cybersecurity16-Apr-2025
Apache Roller’s Got a Major Bug — and It’s No April Fool’s Joke!https://medium.com/@thecyberghost/apache-rollers-got-a-major-bug-and-it-s-no-april-fool-s-joke-d445fd81d8c4?source=rss------bug_bounty-5The Cyber Ghostcybersecurity, bug-bounty, cyber, cyber-security-awareness, bugs16-Apr-2025
How Race Condition Worth Me $1000 On YesWeHackhttps://medium.com/@manan_sanghvi/how-race-condition-worth-me-1000-on-yeswehack-f90be39ecb2b?source=rss------bug_bounty-5Manan Sanghvipenetration-testing, ethical-hacking, race-condition, hacking, bug-bounty16-Apr-2025
How I discovered a hidden user thanks to server responses ?https://medium.com/@phoenixcatalan/how-i-discovered-a-hidden-user-thanks-to-server-responses-b65e198f4e73?source=rss------bug_bounty-5phoenixcatalanethical-hacking, hacking, pentesting, portswigger, bug-bounty16-Apr-2025
Impostor Admin: Token Editionhttps://medium.com/@tanyago/impostor-admin-token-edition-dfcd1f5643b0?source=rss------bug_bounty-5Tanya Goyalbug-bounty, bugbounty-writeup, bug-bounty-tips, bug-bounty-program16-Apr-2025
️‍♂️ Bug Bounty Secrets They Don’t Tell You: Tricks From 100+ Reported Bugshttps://medium.com/@vipulsonule71/%EF%B8%8F-%EF%B8%8F-bug-bounty-secrets-they-dont-tell-you-tricks-from-100-reported-bugs-2fa23c613f1b?source=rss------bug_bounty-5Vipul Sonulebug-bounty, ethical-hacking, hacking, tech, cybersecurity16-Apr-2025
‍♂️ Bypassing 403/401: All the Tricks Hackers Usehttps://medium.com/@vipulsonule71/%EF%B8%8F-bypassing-403-401-all-the-tricks-hackers-use-6600b005289e?source=rss------bug_bounty-5Vipul Sonulecybersecurity, hacking, penetration-testing, bug-bounty, tech16-Apr-2025
How I Hacked RemoteBinge’s GIF Upload Filterhttps://medium.com/@worm_401/how-i-hacked-remotebinges-gif-upload-filter-5218cd45124b?source=rss------bug_bounty-5Worm_403hacking, ctf-writeup, web-security, file-upload-vulnerability, bug-bounty16-Apr-2025
Day 2: Best Free Ways to Learn Ethical Hacking by Doing!https://medium.com/@omkumar.coder/day-2-best-free-ways-to-learn-ethical-hacking-by-doing-d59617552336?source=rss------bug_bounty-5om kumartechnology, bug-bounty, software-engineering, cybersecurity, hacking16-Apr-2025
How to Bypass 503 Errors Like a Pro! ✨https://medium.com/@gouravrathod8788/how-to-bypass-503-errors-like-a-pro-10f0c110a162?source=rss------bug_bounty-5Gourav Singh Rajputpentesting, 503errorbypass, bypass, cybersecurity, bug-bounty16-Apr-2025
Bug Bounty Google Dorkshttps://medium.com/@shamzen96/bug-bounty-google-dorks-3af9c763de61?source=rss------bug_bounty-5Shivam Rajbug-bounty, dorks, pentesting, hacking, cybersecurity16-Apr-2025
The Hidden Threat in Your XML: Understanding XXE Attackshttps://medium.com/@es0557533/the-hidden-threat-in-your-xml-understanding-xxe-attacks-0d7f91bb5749?source=rss------bug_bounty-5Isvbug-bounty, cybersecurity, bug-bounty-tips, bug-bounty-writeup16-Apr-2025
IMAP — Port 143, 993 — How to exploit?https://medium.com/@verylazytech/imap-port-143-993-how-to-exploit-3bc8778916cd?source=rss------bug_bounty-5Very Lazy Techpenetration-testing, exploit, ethical-hacking, imap, bug-bounty16-Apr-2025
IRC — Ports 194,6667,6660–7000 — How to exploit?https://medium.com/@verylazytech/irc-ports-194-6667-6660-7000-how-to-exploit-5ecac016b853?source=rss------bug_bounty-5Very Lazy Techethical-hacking, bug-bounty, irc, penetration-testing, exploit15-Apr-2025
Why Most PoCs Fail: The Invisible Wall Called SSPhttps://medium.com/@pch.neurodive.fuk060/why-most-pocs-fail-the-invisible-wall-called-ssp-06c489ebfdba?source=rss------bug_bounty-5IRORIweb-security, cybersecurity, ctf, infosec, bug-bounty15-Apr-2025
BugBounty Directoryhttps://medium.com/@abhishekY495/bugbounty-directory-35609687204c?source=rss------bug_bounty-5Abhishekhacker, bug-bounty-tips, bug-bounty, bug-bounty-writeup, hackerone15-Apr-2025
How I Built a Recon Flow Out of Rage and Spitehttps://myselfakash20.medium.com/how-i-built-a-recon-flow-out-of-rage-and-spite-18ddd367149e?source=rss------bug_bounty-5Akash Ghoshhacking, bug-bounty, technology, bug-bounty-tips, cybersecurity15-Apr-2025
How I Exploited Rate Limiting to Access Admin Features (Real Case Study)https://infosecwriteups.com/how-i-exploited-rate-limiting-to-access-admin-features-real-case-study-fe25cb965a0a?source=rss------bug_bounty-5Abhijeet Kumawatsecrets, bug-bounty, cybersecurity, infosec, hacking15-Apr-2025
“How to Find Hidden API Endpoints and Secrets in JavaScript Files for Bug Bounties & Web App…https://hackersatty.medium.com/how-to-find-hidden-api-endpoints-and-secrets-in-javascript-files-for-bug-bounties-web-app-f4ea92d16954?source=rss------bug_bounty-5hackersattyapi-endpoint, bug-bounty-writeup, javascript, bug-bounty, secrets15-Apr-2025
Mastering Business Logic Price Manipulation in Bug Bounty Programshttps://frostyxsec.medium.com/mastering-business-logic-price-manipulation-in-bug-bounty-programs-4d3ac14d9837?source=rss------bug_bounty-5Frostyxsecbug-hunting, bug-bounty-tips, bug-bounty, bugbounty-writeup, bug-bounty-hunter15-Apr-2025
How Telegram’s Bot API Enables Real-Time 2FA Theft and Account Takeoverhttps://medium.com/@princep49036142/how-telegrams-bot-api-enables-real-time-2fa-theft-and-account-takeover-fa438ce9a9e0?source=rss------bug_bounty-5Prince Philiptelegram, hacker, bug-bounty, bug-bounty-writeup, ui15-Apr-2025
Cracking JWT: When the ‘None’ Algorithm Opens the Authentication Gatehttps://medium.com/@arrheniuspaelongan09/cracking-jwt-when-the-none-algorithm-opens-the-authentication-gate-5bafa942c9a5?source=rss------bug_bounty-5Arrhenius Paelonganbug-bounty, cybersecurity, hacking, penetration-testing, red-team15-Apr-2025
I Broke Into /etc/passwd Using a Null Byte and It Was Stupid Easy #HackerVibeshttps://medium.com/@RootPwned/i-broke-into-etc-passwd-using-a-null-byte-and-it-was-stupid-easy-hackervibes-54a4e86e985c?source=rss------bug_bounty-5Sumanth Yerranagulactf, web-application-security, ethical-hacking, cybersecurity, bug-bounty15-Apr-2025
Red Team Tactics vs Blue Team Defenses: Real-World Scenarioshttps://medium.com/@paritoshblogs/red-team-tactics-vs-blue-team-defenses-real-world-scenarios-d8a935b9e100?source=rss------bug_bounty-5Paritoshhacking, red-team, blue-team, bug-bounty, cybersecurity15-Apr-2025
Breaking Into HackDonalds: XXE + Middleware Abuse (CTF Writeup)https://medium.com/@cipher01x/breaking-into-hackdonalds-xxe-middleware-abuse-ctf-writeup-fa33c6bad5d8?source=rss------bug_bounty-5bretsadleahacking, bug-bounty, cybersecurity, hacking-tools, ctf-writeup15-Apr-2025
Breaking the Invite: 3 Easy-to-Find Vulnerabilities in invite users functionhttps://medium.com/@basetm307/breaking-the-invite-3-easy-to-find-vulnerabilities-in-invite-users-function-735c3b75d130?source=rss------bug_bounty-53basetbug-bounty, broken-access-control, bug-bounty-tips, privilege, idor15-Apr-2025
Hi, I’m Modather Ahmed, a penetration tester at Buguard and a part-time bug bounty hunter.https://medium.com/@modtheramohamed/hi-im-modather-ahmed-a-penetration-tester-at-buguard-and-a-part-time-bug-bounty-hunter-fb79a2229281?source=rss------bug_bounty-5Modther A Mohamedbug-bounty15-Apr-2025
How a Curious Curl and a Ghost Domain Got Me into the Dutch Government’s Hall of Famehttps://medium.com/@cyberhrsh/how-a-curious-curl-and-a-ghost-domain-got-me-into-the-dutch-governments-hall-of-fame-bf1537f4a737?source=rss------bug_bounty-5Harsh kotharihall-of-fame, bug-bounty, cybersecurity, hacker15-Apr-2025
Exposing Sensitive Data: How I Found a Critical NASA P1 Vulnerability in Publicly Accessible…https://medium.com/@sivasankardas/exposing-sensitive-data-how-i-found-a-critical-nasa-p1-vulnerability-in-publicly-accessible-57a00a9bccb9?source=rss------bug_bounty-5Sivasankar Dascybersecurity, vulnerability-research, hallof-fame, bug-bounty, nasa15-Apr-2025
From Zero Bugs to Many: My Journey into Web Pentesting and Bug Bountieshttps://medium.com/@omkumar.coder/from-zero-bugs-to-many-my-journey-into-web-pentesting-and-bug-bounties-883f516a507c?source=rss------bug_bounty-5om kumarcybersecurity, hacking, web-development, bug-bounty, technology15-Apr-2025
Breaking Into HackDonalds: XXE + Middleware Abuse (CTF Writeup)https://medium.com/@cipher01x/breaking-into-hackdonalds-xxe-middleware-abuse-ctf-writeup-5e67fadbb1bd?source=rss------bug_bounty-5bretsadleabug-bounty, hacking, ciberseguridad, ctf-writeup15-Apr-2025
Hidden Directories and Files : How Dirb, Dirsearch, and Gobuster Find the Unseenhttps://medium.com/@vipulsonule71/hidden-directories-and-files-how-dirb-dirsearch-and-gobuster-find-the-unseen-27182b2f88f6?source=rss------bug_bounty-5Vipul Sonuleai, cybersecurity, hacking, penetration-testing, bug-bounty15-Apr-2025
9 Criticals in a Row — Mind Hacking on HackerOnehttps://medium.com/@rootplinix/9-criticals-in-a-row-mind-hacking-on-hackerone-b627d1688d69?source=rss------bug_bounty-5Abu Hurayrainfosec, cybersecurity, hacking, pentesting, bug-bounty15-Apr-2025
Web Socket Securityhttps://cybertoucan.medium.com/web-socket-security-8095fd0f8981?source=rss------bug_bounty-5cybertoucanwebsocket, bug-bounty, cybersecurity, pentesting, application-security15-Apr-2025
Google Dorking for Ethical Hacking: A Beginner’s Guide to Finding Your First Bughttps://just-merwan.medium.com/google-dorking-for-ethical-hacking-a-beginners-guide-to-finding-your-first-bug-213ff2fffd1a?source=rss------bug_bounty-5Merwanskycybersecurity, google, hacking, tutorial, bug-bounty15-Apr-2025
SNMP — Ports 161, 162, 10161, and 10162/UDP — How to exploit?https://medium.com/@verylazytech/snmp-ports-161-162-10161-and-10162-udp-how-to-exploit-a9044f1eeb72?source=rss------bug_bounty-5Very Lazy Techpenetration-testing, bug-bounty, ethical-hacking, exploit, snmp15-Apr-2025
Top 15 Browser Extensions For Bug Bounty Hunter 2025: Part(2)https://osintteam.blog/top-15-browser-extensions-for-bug-bounty-hunter-2025-part-2-c2a4e525de21?source=rss------bug_bounty-5Monika sharmatechnology, hacking, bug-bounty, extension, osint15-Apr-2025
CSRF Exploit Leading to Account Takeover (ATO)https://medium.com/@magdy_ali/csrf-exploit-leading-to-account-takeover-ato-e1e89f73cb4c?source=rss------bug_bounty-5Magdy Alibug-bounty, csrf, account-takeover15-Apr-2025
Burp Suite AI: Smarter Scanning Powered by Machine Intelligencehttps://cylent.medium.com/burp-suite-ai-smarter-scanning-powered-by-machine-intelligence-7462bb1da5dc?source=rss------bug_bounty-5Mohamed Talaat (@cylent)application-security, bug-bounty, burp-suite-professional, bug-hunting, penetration-testing15-Apr-2025
Check Point Firewall — Port 264 — How to exploit?https://medium.com/@verylazytech/check-point-firewall-port-264-how-to-exploit-10453634fb26?source=rss------bug_bounty-5Very Lazy Techethical-hacking, port-264, penetration-testing, check-point-firewall, bug-bounty14-Apr-2025
​​How I Earned $800 in 10 Minutes with an IDOR Vulnerability — Just by Going the Extra Mile​​https://medium.com/@cadeeper/how-i-earned-800-in-10-minutes-with-an-idor-vulnerability-just-by-going-the-extra-mile-b8208bec852f?source=rss------bug_bounty-5Invinfo-sec-writeups, penetration-testing, bug-bounty, cybersecurity, hacker14-Apr-2025
SQL Injection Leads to $$$ Bounty: How I Found a Critical Bughttps://medium.com/@arrheniuspaelongan09/sql-injection-leads-to-bounty-how-i-found-a-critical-bug-cbacc35a2f19?source=rss------bug_bounty-5Qchadbug-bounty, hacking, penetration-testing, red-team, cybersecurity14-Apr-2025
Uncovering Hidden APIs: How One Forgotten Endpoint Made Me $500https://infosecwriteups.com/uncovering-hidden-apis-how-one-forgotten-endpoint-made-me-500-424e6388c406?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, secrets, bug-bounty, infosec, hacking14-Apr-2025
Understanding CVE-2025–29927: Next.js Security Vulnerabilityhttps://medium.com/@dasmanish6176/understanding-cve-2025-29927-next-js-security-vulnerability-6a6e20a7bcb0?source=rss------bug_bounty-5Dasmanishbug-bounty, nextjs, security, ethical-hacking, burpsuite14-Apr-2025
From Admin to Ghost: Post-Removal Access Control Bypass in Team Management Functionalityhttps://medium.com/@nhlimon37/from-admin-to-ghost-post-removal-access-control-bypass-in-team-management-functionality-155e3d7faf0d?source=rss------bug_bounty-5NH Limon ️bug-bounty-writeup, bug-bounty14-Apr-2025
From “Buck Bounty?” to My First Real Bug Bountyhttps://medium.com/@bgsswqyh/from-buck-bounty-to-my-first-real-bug-bounty-7490f1907541?source=rss------bug_bounty-5Kailaasbug-bounty-writeup, bug-bounty-tips, bug-bounty, cybersecurity14-Apr-2025
SQL injection UNION attack, retrieving data from other tables — Portswiggerhttps://arayofhope7.medium.com/sql-injection-union-attack-retrieving-data-from-other-tables-portswigger-ab892f5a9527?source=rss------bug_bounty-5RayofHopeweb-penetration-testing, bug-bounty, ethical-hacking, penetration-testing, cybersecurity14-Apr-2025
SQL Injection Leads to $$$ Bounty: How I Found a Critical Bughttps://medium.com/@arrheniuspaelongan09/sql-injection-leads-to-bounty-how-i-found-a-critical-bug-cbacc35a2f19?source=rss------bug_bounty-5Arrhenius Paelonganbug-bounty, hacking, penetration-testing, red-team, cybersecurity14-Apr-2025
Beyond the Payload: Why Understanding Vulnerabilities Matters More Than Exploiting Themhttps://revengermojo.medium.com/beyond-the-payload-why-understanding-vulnerabilities-matters-more-than-exploiting-them-72061821f88b?source=rss------bug_bounty-5RevengerMojohackermindset, revengermojo, application-security, chaining-vulnerabilities, bug-bounty14-Apr-2025
I Hacked a Website With Just ../../../etc/passwdhttps://medium.com/@RootPwned/i-hacked-a-website-with-just-etc-passwd-79fc0d592b4e?source=rss------bug_bounty-5Sumanth Yerranagulactf, web-security, bug-bounty, cybersecurity, ethical-hacking14-Apr-2025
Exposed Session Tokens via Misconfigured Endpointhttps://ehteshamulhaq198.medium.com/exposed-session-tokens-via-misconfigured-endpoint-c6676b79476e?source=rss------bug_bounty-5Ehtesham Ul Haqinfosec, bug-bounty-writeup, penetration-testing, bug-bounty, session-hijacking14-Apr-2025
LFI in the Shadows: A Bug Bounty Private Program Walkthroughhttps://medium.com/@AhmedSamy-X/lfi-in-the-shadows-a-bug-bounty-private-program-walkthrough-a76024d1314f?source=rss------bug_bounty-5Ahmedsamyinformation-security, cybersecurity, hacking, penetration-testing, bug-bounty14-Apr-2025
Click, Recon, Jackpot! ️‍♂️ How a Subdomain Led Me to an S3 Treasure Trovehttps://infosecwriteups.com/click-recon-jackpot-%EF%B8%8F-%EF%B8%8F-how-a-subdomain-led-me-to-an-s3-treasure-trove-2f65c3a80010?source=rss------bug_bounty-5Iskimoney, bug-bounty, hacking, infosec, cybersecurity14-Apr-2025
iOS-Pentesting-101: Jail Breaking iOS 16.7.x+ on iPhone 8/Xhttps://sudosuraj.medium.com/ios-pentesting-101-jail-breaking-ios-16-7-x-on-iphone-8-x-e9d62c529d38?source=rss------bug_bounty-5sudosurajios-bug-bounty, sudosuraj, bug-bounty-tips, bug-bounty, mobile-security14-Apr-2025
Account Takeover Based on Deep Understanding of the Targethttps://medium.com/@Maverick0o0/account-takeover-based-on-deep-understanding-of-the-target-9c02b8af88fa?source=rss------bug_bounty-5Erfan Tavakolibug-bounty-writeup, writeup, cybersecurity, bug-bounty-tips, bug-bounty14-Apr-2025
Hunting eval() XSS: How I Scored a $10K Bounty from Uberhttps://osintteam.blog/hunting-eval-xss-how-i-scored-a-10k-bounty-from-uber-c77aaf93574a?source=rss------bug_bounty-5Krish_cyberosint, bug-bounty, infosec-write-ups, ethical-hacking, xss-attack14-Apr-2025
Google Gemini iOS Vulnerability: Public Link Sharing Silently Leaks Entire Conversationshttps://medium.com/@warisjeet31/google-gemini-ios-vulnerability-public-link-sharing-silently-leaks-entire-conversations-e1f80cbea25c?source=rss------bug_bounty-5sin99xxbug-bounty, bug-bounty-tips, bug-bounty-writeup, cyber-security-awareness, cybersecurity14-Apr-2025
Bug Bounty | Istifadəçi hesablarının oğurlanmasına səbəb ola biləcək bir boşluq tapdım (Account…https://zeynalxan.medium.com/bug-bounty-istifad%C9%99%C3%A7i-hesablar%C4%B1n%C4%B1n-o%C4%9Furlanmas%C4%B1na-s%C9%99b%C9%99b-ola-bil%C9%99c%C9%99k-bir-bo%C5%9Fluq-tapd%C4%B1m-account-2693a2aa2520?source=rss------bug_bounty-5Zeynalxan Quliyevbug-bounty-writeup, bug-bounty, ato, account-takeover, hacker14-Apr-2025
Outsmarting the Crowd: 7 Unconventional Strategies to Dominate Bug Bounty Programshttps://cybersecuritywriteups.com/outsmarting-the-crowd-7-unconventional-strategies-to-dominate-bug-bounty-programs-e5432e5fddd2?source=rss------bug_bounty-5Krish_cyberbug-bounty, info-sec-writeups, osint, ethical-hacking, bug-bounty-writeup14-Apr-2025
HOW I GOT RCE BY THIS ‘ Single quotation Markhttps://medium.com/@amerghaith07/how-i-got-rce-by-this-single-quotation-mark-3a81be69a0d2?source=rss------bug_bounty-5Amerghaithethical-hacking, cybersecurity, sql-injection, bug-bounty, rce-vulnerability14-Apr-2025
Crafting Engaging Web Application Challenges for Your College CTFhttps://medium.com/@shashank_d_s/crafting-engaging-web-application-challenges-for-your-college-ctf-b712e10b9ed6?source=rss------bug_bounty-5D4rkHxndcapture-the-flag, penetration-testing, cybersecurity, bug-bounty, ctf14-Apr-2025
Are You Safe? The Terrifying Truth Behind Silent Attackshttps://medium.com/@Zo0L/are-you-safe-the-terrifying-truth-behind-silent-attacks-544d63139019?source=rss------bug_bounty-5Abdallah Mohammedbehind-the-shadow, cybersecurity, ethical-hacking, bug-bounty, penetration-testing14-Apr-2025
Attacking Common Services (skill assessment→Easy Level) Hack The Box Writeup/Walkthrough by…https://medium.com/@prarabdhsrivastava1403/attacking-common-services-skill-assessment-easy-level-hack-the-box-writeup-walkthrough-by-40cb4ae57d70?source=rss------bug_bounty-5Prarabdh Srivastavainfosec, hackthebox, ctf-walkthrough, penetration-testing, bug-bounty14-Apr-2025
Udemy Promo OFFERhttps://medium.com/@deepdive4learn/udemy-promo-offer-bbf015f60c6a?source=rss------bug_bounty-5DeepDive4learnpenetration-testing, cisco-certifications, promo-code, cybersecurity, bug-bounty14-Apr-2025
Stored XSS — Escalated from High to Criticalhttps://medium.com/@YourFinalSin/stored-xss-escalated-from-high-to-critical-079b5ab44444?source=rss------bug_bounty-53NVZxss-attack, bug-bounty-tips, bug-bounty, xss-vulnerability, bug-bounty-writeup13-Apr-2025
SQL injection UNION attack, finding a column containing texthttps://arayofhope7.medium.com/sql-injection-union-attack-finding-a-column-containing-text-8bb9f92b6430?source=rss------bug_bounty-5RayofHopeweb-penetration-testing, penetration-testing, ethical-hacking, cybersecurity, bug-bounty13-Apr-2025
Spynote, BadBazaar & Moonshine: The Malware Mafia That’s Eyeing Your Phonehttps://medium.com/@thecyberghost/spynote-badbazaar-moonshine-the-malware-mafia-thats-eyeing-your-phone-6b98eafb1af7?source=rss------bug_bounty-5The Cyber Ghostmalware, bug-bounty, bug-bounty-writeup, virus, cyber-security-awareness13-Apr-2025
One Random Recon, One Real Bounty: The Paytm Storyhttps://ghostman01.medium.com/ghost-paytm-xss-bounty-4f5efe6a643b?source=rss------bug_bounty-5SIDDHANT SHUKLAbug-bounty, cybersecurity, programming, hacking, vulnerability13-Apr-2025
Advanced Windows Event Log Hunting for Threat Detectionhttps://medium.com/@paritoshblogs/advanced-windows-event-log-hunting-for-threat-detection-5ae8f259d5e2?source=rss------bug_bounty-5Paritoshhacking, bug-bounty, windows, cybersecurity, threat-intelligence13-Apr-2025
How I Found a Bug in a Government Website (And Got Recognized for It) ️)https://infosecwriteups.com/how-i-found-a-bug-in-a-government-website-and-got-recognized-for-it-%EF%B8%8F-2f057a99f458?source=rss------bug_bounty-5Abhijeet Kumawathacking, bug-bounty, cybersecurity, infosec, secrets13-Apr-2025
Tricky waf bypass for reflected XSS write uphttps://medium.com/@sonahri501/not-so-cool-reflectd-xss-write-up-88da44cdc8c4?source=rss------bug_bounty-5Sonahriwaf-bypass, bug-bounty, cross-site-scripting13-Apr-2025
⚡️Oops, They Logged It! Turning LFI into Remote Shell Like a Pro ⚔️https://medium.com/@iski/%EF%B8%8Foops-they-logged-it-turning-lfi-into-remote-shell-like-a-pro-%EF%B8%8F-272e81c5315f?source=rss------bug_bounty-5Iskimoney, bug-bounty-tips, hacking, bug-bounty, cybersecurity13-Apr-2025
BURPSUITE EXTENSIONS FOR SECURITY ASSESSMENTS: ENHANCED WEB APPLICATION TESTING ️https://medium.com/@0b1d1/burpsuite-extensions-for-security-assessments-enhanced-web-application-testing-%EF%B8%8F-922d2002bf0d?source=rss------bug_bounty-50b1d1burp-suite-pro, pentesting, bug-bounty-tips, bug-bounty, pentesting-lab13-Apr-2025
Hackers Love These Info Disclosure Bugs | CVE, APIs, Buckets, 404s & More!https://medium.com/@spector-sec/hackers-love-these-info-disclosure-bugs-cve-apis-buckets-404s-more-a8b2f7103bb0?source=rss------bug_bounty-5spector-seccybersecurity, hacking, informatonal-disclosure, bug-bounty13-Apr-2025
One Random Recon, One Real Bounty: The Paytm Storyhttps://infosecwriteups.com/ghost-paytm-xss-bounty-4f5efe6a643b?source=rss------bug_bounty-5SIDDHANT SHUKLAbug-bounty, cybersecurity, programming, hacking, vulnerability13-Apr-2025
How Burp Suite AI Makes Vulnerability Testing Easy and Fasthttps://infosecwriteups.com/how-burp-suite-ai-makes-vulnerability-testing-easy-and-fast-03b6ca0ca6e5?source=rss------bug_bounty-5Monika sharmatechnology, bug-bounty, ai, burpsuite, penetration-testing13-Apr-2025
JavaScript All Important Browser Functionshttps://medium.com/@zoningxtr/javascript-all-important-browser-functions-f40423714ebb?source=rss------bug_bounty-5Zoningxtrpenetration-testing, javascript, web-development, cybersecurity, bug-bounty13-Apr-2025
Bypass no rate limit & get Application-Level DDoS Vulnerabilityhttps://frostyxsec.medium.com/bypass-no-rate-limit-get-application-level-ddos-vulnerability-bb4bae99f3a4?source=rss------bug_bounty-5Frostyxsecbug-bounty, bug-hunting, bug-bounty-tips, cybersecurity, bug-bounty-writeup13-Apr-2025
Bypass File Attachment Restrictions in Google Groups via Email Posting | Bug Bountyhttps://ph-hitachi.medium.com/bypass-file-attachment-restrictions-in-google-groups-via-email-posting-bug-bounty-5d96fe39e46d?source=rss------bug_bounty-5Ph.Hitachibug-bounty, permissionsbypass, google-vrp, google-groups, broken-access-control13-Apr-2025
1-CLick OAuth Token Hijacking via Google Apps Script – A Design Flaw Ignored? | Bug Bountyhttps://ph-hitachi.medium.com/1-click-oauth-token-hijacking-via-google-apps-script-a-design-flaw-ignored-bug-bounty-02c6997254ff?source=rss------bug_bounty-5Ph.Hitachihackerone, bug-bounty, google-vrp, google, google-app-script13-Apr-2025
$10,000 worth GitHub Access Tokens | Secret Search Operatorshttps://infosecwriteups.com/10-000-worth-github-access-tokens-secret-search-operators-c67b09062a38?source=rss------bug_bounty-5It4chis3chidden, github, bug-bounty, secrets, access-token13-Apr-2025
From Threats to Allies: Empower Moroccan Cyber Talenthttps://medium.com/@ryadserkouh/from-threats-to-allies-empower-moroccan-cyber-talent-49d0dd07d06a?source=rss------bug_bounty-5Ryad Serkouhbug-bounty, cybersecurity, morocco13-Apr-2025
How to Perform Triage on a Compromised Windows Machinehttps://medium.com/@paritoshblogs/how-to-perform-triage-on-a-compromised-windows-machine-a358edfefd4b?source=rss------bug_bounty-5Paritoshcybersecurity, triage, hacking, windows, bug-bounty13-Apr-2025
Bypass rate limit & get Application-Level DDoS Vulnerabilityhttps://frostyxsec.medium.com/bypass-no-rate-limit-get-application-level-ddos-vulnerability-bb4bae99f3a4?source=rss------bug_bounty-5Frostyxsecbug-bounty, bug-hunting, bug-bounty-tips, cybersecurity, bug-bounty-writeup13-Apr-2025
Effective tool for bug huntershttps://medium.com/@loyalonlytoday/effective-tool-for-bug-hunters-7544a430617d?source=rss------bug_bounty-5loyalonlytodayprogramming, bug-bounty, cybersecurity, hacking, bug-bounty-tips12-Apr-2025
A tool that will find secrets, endpoints, and API keys from a list of URLs(Bug Bounty Hunting)https://medium.com/@loyalonlytoday/a-tool-that-will-find-secrets-endpoints-and-api-keys-from-a-list-of-urls-bug-bounty-hunting-ccaec4babfe1?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, ethical-hacking, bug-bounty, osint, cybersecurity12-Apr-2025
This Was My First Account Takeover Without Any Tool: A Remarkable Experiencehttps://medium.com/@dineshnarasimhan27/this-was-my-first-account-takeover-without-any-tool-a-remarkable-experience-1a224d8efb73?source=rss------bug_bounty-5Dinesh Narasimhancybersecuirty, webapplicationpentest, account-take-over, penetration-testing, bug-bounty12-Apr-2025
Subdomain takeoverhttps://medium.com/@parthchheda777/subdomain-takeover-6642736285fc?source=rss------bug_bounty-5Parthchhedainfosec, pentesting, subdomain-takeover, cybersecurity, bug-bounty12-Apr-2025
SQL injection UNION attack, determining the number of columns returned by the queryhttps://arayofhope7.medium.com/sql-injection-union-attack-determining-the-number-of-columns-returned-by-the-query-01321d3953cb?source=rss------bug_bounty-5RayofHopeethical-hacking, penetration-testing, web-penetration-testing, cybersecurity, bug-bounty12-Apr-2025
Static vs Dynamic Analysis: A Web3 Security Perspectivehttps://securrtech.medium.com/static-vs-dynamic-analysis-a-web3-security-perspective-e0c11bbdde99?source=rss------bug_bounty-5Securr - Web3 Securitybug-bounty, web3-security, blockchain-security, smart-contract-security, smart-contract-auditing12-Apr-2025
Exposing a Critical Data Leak: My Experience in NASA’s Vulnerability Disclosure Programhttps://medium.com/@sivasankardas/exposing-a-critical-data-leak-my-experience-in-nasas-vulnerability-disclosure-program-7ab0ced1ba86?source=rss------bug_bounty-5Sivasankardasvulnerability-disclosure, bug-bounty, critical-vulnerabilities, nasa-vdp, data-security12-Apr-2025
How I Got Access to Other Person’s Chat History and Chat Environment!https://hiddendom.medium.com/how-i-got-access-to-other-persons-chat-history-and-chat-environment-f333cc29f3df?source=rss------bug_bounty-5Gokuleswaran Bpenetration-testing, vapt, bug-bounty-writeup, bug-bounty, bug-bounty-tips12-Apr-2025
️‍♂️ Bug Bounty Secrets They Don’t Tell You: Tricks From 100+ Reported Bugshttps://infosecwriteups.com/%EF%B8%8F-%EF%B8%8F-bug-bounty-secrets-they-dont-tell-you-tricks-from-100-reported-bugs-603e4a6bb84f?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, ai, hacking, cybersecurity, secrets12-Apr-2025
️ Mastering Nmap: From Recon to Automation in Enterprise Securityhttps://medium.com/@zoningxtr/%EF%B8%8F-mastering-nmap-from-recon-to-automation-in-enterprise-security-69f6e3a81096?source=rss------bug_bounty-5Zoningxtrlinux, penetration-testing, nmap, bug-bounty, cybersecurity12-Apr-2025
Why I’m Blogging My Cybersecurity Journey (And Why You Should Too)https://medium.com/@shewagbhai1333/why-im-blogging-my-cybersecurity-journey-and-why-you-should-too-cacfee96f931?source=rss------bug_bounty-5Shewagbhaipentesting, bug-bounty, web, blogging, community12-Apr-2025
Facebook allows malicious script execution in post,comments and direct messages( rejected bug…https://medium.com/@krivadna/facebook-allows-malicious-script-execution-in-post-comments-and-direct-messages-rejected-bug-807ad30e1401?source=rss------bug_bounty-5Krivadnainfo-sec-writeups, infosec-write-ups, bugbounty-writeup, bug-bounty, cybersecurity12-Apr-2025
I Built a Portfolio Website That’s (Almost) Unhackable — Here’s Howhttps://medium.com/@afnaan2180/i-built-a-portfolio-website-thats-almost-unhackable-here-is-how-33351d7d56f7?source=rss------bug_bounty-5Mohammed Afnaan Ahmedinfosec, bug-bounty, cybersecurity, ethical-hacking, web-development12-Apr-2025
Secrets in JavaScript : Finding API Keys and Endpoints Like a Bug Bounty Hunterhttps://medium.com/@vipulsonule71/secrets-in-javascript-finding-api-keys-and-endpoints-like-a-bug-bounty-hunter-613c66412baa?source=rss------bug_bounty-5Vipul Sonulecybersecurity, ethical-hacking, hacking, penetration-testing, bug-bounty12-Apr-2025
️ Detecting Ransomware Pre-Execution with Windows Logs & Sysmonhttps://medium.com/@paritoshblogs/%EF%B8%8F-detecting-ransomware-pre-execution-with-windows-logs-sysmon-2e34dac2ee97?source=rss------bug_bounty-5Paritoshransomware, bug-bounty, windows, hacking, cybersecurity12-Apr-2025
Exposing a Critical Data Leak: My Experience in NASA’s Vulnerability Disclosure Programhttps://medium.com/@sivasankardas/exposing-a-critical-data-leak-my-experience-in-nasas-vulnerability-disclosure-program-7ab0ced1ba86?source=rss------bug_bounty-5Sivasankar Dasvulnerability-disclosure, bug-bounty, critical-vulnerabilities, nasa-vdp, data-security12-Apr-2025
Recon Zen: Hacking With Nothing But Vibes and DevToolshttps://myselfakash20.medium.com/recon-zen-hacking-with-nothing-but-vibes-and-devtools-d809ee497d69?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, hacking, technology, cybersecurity, bug-bounty12-Apr-2025
Understanding DOM-based XSShttps://medium.com/@evyeveline1/understanding-dom-based-xss-70ea74401e7b?source=rss------bug_bounty-5Evyevelineweb-hacking, red-team, dom-based-xss, xss-vulnerability, bug-bounty12-Apr-2025
Found 3 IDOR Vulnerabilities in the Same Target!https://medium.com/@mahmoudelsadey56/found-3-idor-vulnerabilities-in-the-same-target-bc79c1c33376?source=rss------bug_bounty-5Mahmoud elsadeyweb-penetration-testing, bug-bounty-writeup, bug-bounty, penetration-testing12-Apr-2025
LDAP — Ports 389, 636, 3268, 3269 — How to exploit?https://medium.com/@verylazytech/ldap-ports-389-636-3268-3269-how-to-exploit-48af0aaac0ae?source=rss------bug_bounty-5Very Lazy Techldap, penetration-testing, bug-bounty, ethical-hacking, hacking12-Apr-2025
How I Found a Reflected XSS Bug in 45 Minutes Using ChatGPT — and Earned $800https://theindiannetwork.medium.com/how-i-found-a-reflected-xss-bug-in-45-minutes-using-chatgpt-and-earned-800-bc700c4baea8?source=rss------bug_bounty-5TheIndianNetworkchatgpt, bug-bounty-tips, bug-bounty-writeup, bug-bounty, xss-attack11-Apr-2025
A few online tools to find subdomains easily(bug bounty hunting)https://medium.com/@loyalonlytoday/a-few-online-tools-to-find-subdomains-easily-bug-bounty-hunting-64b15b2c2dcf?source=rss------bug_bounty-5loyalonlytodaysubdomains-enumeration, hacking, tips, cybersecurity, bug-bounty11-Apr-2025
How I Earned $1,000 by Exploiting a Hidden Subdomain and Chaining a CORS Misconfiguration with IDORhttps://theindiannetwork.medium.com/how-i-earned-1-000-by-exploiting-a-hidden-subdomain-and-chaining-a-cors-misconfiguration-with-idor-1dc83adf927c?source=rss------bug_bounty-5TheIndianNetworkbug-bounty, idor, subdomain, bug-bounty-writeup, bug-bounty-tips11-Apr-2025
OTP BYPASS METHODOLOGIEShttps://infosecwriteups.com/otp-bypass-methodologies-3ed951d1eb12?source=rss------bug_bounty-5Canonminibeasthacking, bug-bounty, bug-bounty-writeup, bug-bounty-tips, otp-verification11-Apr-2025
How I Pick a Good Bug Bounty Program and Earn $$$https://medium.com/@YourFinalSin/how-i-pick-a-good-bug-bounty-program-and-earn-dc7610bff549?source=rss------bug_bounty-53NVZbug-bounty, bug-bounty-tips, hackerone, bugcrowd, bug-bounty-writeup11-Apr-2025
SQL injection attack, listing the database contents on Oracle — Portswiggerhttps://arayofhope7.medium.com/sql-injection-attack-listing-the-database-contents-on-oracle-portswigger-501f25bda8fd?source=rss------bug_bounty-5RayofHopebug-bounty, ethical-hacking, penetration-testing, web-penetration-testing, cyber-security-training11-Apr-2025
I Made $5,382 in 30 Days Hunting Bugshttps://infosecwriteups.com/i-made-5-382-in-30-days-hunting-bugs-ba770a5d895a?source=rss------bug_bounty-5Ibtissam Hammaditechnology, hacking, bug-bounty, cybersecurity, make-money-online11-Apr-2025
How I Bypassed YouTube Video Ads Using API Manipulation — My Google VRP Discovery (Video PoC…https://muneebalamkhan.medium.com/how-i-bypassed-youtube-video-ads-using-api-manipulation-my-google-vrp-discovery-video-poc-9eaf91f23596?source=rss------bug_bounty-5Muneeb Alam Khanyoutube-hacks-and-tricks, cybersecurity, bug-bounty, google-hacking, api-security-testing11-Apr-2025
Oops. Team Closed it as NAhttps://infosecwriteups.com/oops-team-closed-it-as-na-547d6b20a5d7?source=rss------bug_bounty-5callgh0stgaza, mindset, bug-bounty, genocide, hacking11-Apr-2025
(Ⅱ)【Report Review】2024 OWASP Mobile Top 10 Riskshttps://medium.com/@security.tecno/%E2%85%B1-report-review-2024-owasp-mobile-top-10-risks-216b6cf6b2e3?source=rss------bug_bounty-5TECNO Securityapplication, hacking, bug-bounty, security, owasp11-Apr-2025
SSRF para RCE: Como transformei um pequeno inseto em um grande saláriohttps://medium.com/@miltonslutonadio/ssrf-para-rce-como-transformei-um-pequeno-inseto-em-um-grande-sal%C3%A1rio-e33c53bdb712?source=rss------bug_bounty-5Milton Lutonadiocybersecurity, bounty-program, red-team, bug-bounty, web-applications11-Apr-2025
I Used Shodan to Find Unprotected WordPress Sites — It Was Too Easyhttps://medium.com/@nathans_web/i-used-shodan-to-find-unprotected-wordpress-sites-it-was-too-easy-94dfb9308570?source=rss------bug_bounty-5Gandolfinfosec, shodan, bug-bounty, cybersecurity, hacking11-Apr-2025
5 Web Vulnerabilities That Paid Me the Most (And How to Find Them!)https://infosecwriteups.com/5-web-vulnerabilities-that-paid-me-the-most-and-how-to-find-them-42f3f922740d?source=rss------bug_bounty-5Abhijeet Kumawathacking, vulnerability, cybersecurity, ai, bug-bounty11-Apr-2025
Using Blind XSS to steal session cookies and log in as a different userhttps://medium.com/@evyeveline1/using-blind-xss-to-steal-session-cookies-and-log-in-as-a-different-user-937cce53d829?source=rss------bug_bounty-5Evyevelinexss-vulnerability, bug-bounty, web-hacking, xss-attack, ethical-hacking11-Apr-2025
Security Lessons from TVM’s RPC Designhttps://medium.com/@kerkroups/security-lessons-from-tvms-rpc-design-3cfc4b5c8e82?source=rss------bug_bounty-5Kerkroupsapplication-security, bug-bounty, cybersecurity11-Apr-2025
Bearer Tokens, Broken Trust, and GitHub Classroom’s Flawed Designhttps://vanshal.medium.com/bearer-tokens-broken-trust-and-github-classrooms-flawed-design-8d616adb7ee5?source=rss------bug_bounty-5Vanshal Gaurbug-bounty, cybersecurity, github, education-technology, information-security11-Apr-2025
⏰ Mastering Cron: Automate Like a Pro in Linux and Enterprise IThttps://medium.com/@zoningxtr/mastering-cron-automate-like-a-pro-in-linux-and-enterprise-it-6a5f5694a749?source=rss------bug_bounty-5Zoningxtrautomation, linux, penetration-testing, cybersecurity, bug-bounty11-Apr-2025
A Hacker’s Instinct: The Power You Unlock When You Stop Looking and Start Seeinghttps://myselfakash20.medium.com/a-hackers-instinct-the-power-you-unlock-when-you-stop-looking-and-start-seeing-2715865e13f7?source=rss------bug_bounty-5Akash Ghoshcybersecurity, bug-bounty-tips, infosec, technology, bug-bounty11-Apr-2025
Mastering Google Dorking for Bug Bounty Hunters: Secrets the Pros Use!https://cybersecuritywriteups.com/mastering-google-dorking-for-bug-bounty-hunters-secrets-the-pros-use-5798df19f343?source=rss------bug_bounty-5Krish_cyberosint, cybersecurity, bug-bounty, hacking, google-dorking11-Apr-2025
Unlocking Hidden Paths: Web Fuzzing with FFUFhttps://medium.com/@regan_temudo/unlocking-hidden-paths-web-fuzzing-with-ffuf-9f81381bd9e3?source=rss------bug_bounty-5Regan Temudoctf, cybersecurity, penetration-testing, ethical-hacking, bug-bounty11-Apr-2025
hiii bug bounty huntershttps://krishna-cyber.medium.com/hiii-bug-bounty-hunters-65dec8625cd4?source=rss------bug_bounty-5Krish_cybercybersecurity, artificial-intelligence, coding, software-development, bug-bounty11-Apr-2025
Tittle:https://medium.com/@muhammedelkesht404/tittle-a9218e507b1a?source=rss------bug_bounty-50xAdambug-bounty, bug-bounty-tips, bugs11-Apr-2025
IPsec/IKE VPN — Port 500/UDP — How to exploit?https://medium.com/@verylazytech/ipsec-ike-vpn-port-500-udp-how-to-exploit-dd240223757d?source=rss------bug_bounty-5Very Lazy Techhacking, ethical-hacking, bug-bounty, penetration-testing, ipsec11-Apr-2025
Custom Headers: The Sneaky Trick Every Hacker Should Knowhttps://medium.com/@RoBoHackermann/custom-headers-the-sneaky-trick-every-hacker-should-know-a685246cc3d0?source=rss------bug_bounty-5Rohit Suresh Boratecybersecurity, penetration-testing, vapt, bug-bounty, web-penetration-testing11-Apr-2025
Mastering Reflected XSS with Nuclei: From Zero to $1,500 Bounty!https://krishna-cyber.medium.com/mastering-reflected-xss-with-nuclei-from-zero-to-1-500-bounty-eb5115a1aaf0?source=rss------bug_bounty-5Krish_cyberosint, cybersecurity, bug-bounty, xss-attack, ethical-hacking11-Apr-2025
️ From Curious Clicks to Cyber Pro: How to Start a Career in Ethical Hacking & Cybersecurityhttps://osintteam.blog/hiii-bug-bounty-hunters-65dec8625cd4?source=rss------bug_bounty-5Krish_cybercybersecurity, artificial-intelligence, coding, software-development, bug-bounty11-Apr-2025
A must-use tool for subdomain enumeration.https://medium.com/@loyalonlytoday/a-must-use-tool-for-subdomain-enumeration-12d49bf1a02f?source=rss------bug_bounty-5loyalonlytodaycybersecurity, bug-bounty, ethical-hacking, tips, bug-bounty-tips10-Apr-2025
How I Found a WordPress Database Setup via Shodan (HackerOne)https://enterlectury.medium.com/how-i-found-a-wordpress-database-setup-via-shodan-hackerone-a5de583e2fb4?source=rss------bug_bounty-5Enterlecturycybersecurity, bug-bounty-tips, web-security, bug-bounty-writeup, bug-bounty10-Apr-2025
Cryptography great cheat-sheet for CTF’shttps://medium.com/@anandrishav2228/cryptography-great-cheat-sheet-for-ctfs-d2ada754b319?source=rss------bug_bounty-5Rishav anandbug-bounty, crypto, cybersecurity, ctf, hacking10-Apr-2025
Stop XSS in React Before Hackers Winhttps://rendiero.medium.com/stop-xss-in-react-before-hackers-win-8c2908492c01?source=rss------bug_bounty-5Rendierovulnerability, bug-bounty, hacking, react, xss-attack10-Apr-2025
Critical XXE Vulnerability Found in an Indian Government Websitehttps://medium.com/@dharineeshj2/critical-xxe-vulnerability-found-in-an-indian-government-website-0ae7ffae8fd9?source=rss------bug_bounty-5Hack-Batpentesting, red-team, bug-bounty, cybersecurity, hacking10-Apr-2025
SQL injection attack, listing the database contents on non-Oracle databases — Portswigghttps://arayofhope7.medium.com/sql-injection-attack-listing-the-database-contents-on-non-oracle-databases-portswigg-42fae517cc6e?source=rss------bug_bounty-5RayofHopebug-bounty, penetration-testing, web-penetration-testing, cyber-security-training, ethical-hacking10-Apr-2025
CloudFlare Rate Limit Bypass — OTP Bruteforce using probabilistics leads to ATOhttps://medium.com/@ph4nt0mbyt3/cloudflare-rate-limit-bypass-otp-bruteforce-using-probabilistics-leads-to-ato-511c9f3475cd?source=rss------bug_bounty-5ph4nt0mbyt3bugbounty-writeup, information-security, pentest, bug-bounty10-Apr-2025
The $1,000 Bug: How I Discovered a Critical Security Flaw (Step-by-Step Guide)https://infosecwriteups.com/the-1-000-bug-how-i-discovered-a-critical-security-flaw-step-by-step-guide-89808934e622?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, hacking, bounty-program, bug-bounty, ai10-Apr-2025
From self XSS to RCE in Ruby on railshttps://handball10.medium.com/from-self-xss-to-rce-in-ruby-on-rails-1f9f2d33c1cb?source=rss------bug_bounty-5handball10bug-bounty, remote-code-execution, ruby-on-rails, xss-attack10-Apr-2025
️‍♂️ Identifying C2 Channels: From DNS Tunnelling to HTTPS Beaconshttps://medium.com/@paritoshblogs/%EF%B8%8F-%EF%B8%8F-identifying-c2-channels-from-dns-tunnelling-to-https-beacons-6563c3d2ed5b?source=rss------bug_bounty-5Paritoshcommand-and-control, hacking, cybersecurity, bug-bounty, dns10-Apr-2025
Clickjacking Attackhttps://medium.com/@Maleesha.Rathnayaka/clickjacking-attack-b771b0771499?source=rss------bug_bounty-5Maleesha Rathnayakaweb-security, infosec, clickjacking, bug-bounty, cybersecurity10-Apr-2025
The Financial Fiasco of JavaScript Paywallshttps://medium.com/@cybercitizen.tech/the-financial-fiasco-of-javascript-paywalls-7de0b406dd8f?source=rss------bug_bounty-5CyberCitizenpaywall, bug-bounty, web-development, javascript, cybersecurity10-Apr-2025
(Ⅰ)【Report Review】2024 OWASP Mobile Top 10 Riskshttps://medium.com/@security.tecno/%E2%85%B0-report-review-2024-owasp-mobile-top-10-risks-0a3df63284bc?source=rss------bug_bounty-5TECNO Securityowasp, hacking, security, bug-bounty10-Apr-2025
Bug Bounty Recon Starter Pack: Tools, Coffee, Existential Crisishttps://myselfakash20.medium.com/bug-bounty-recon-starter-pack-tools-coffee-existential-crisis-8ca172820ede?source=rss------bug_bounty-5Akash Ghoshhacking, cybersecurity, technology, bug-bounty, bug-bounty-tips10-Apr-2025
From Markup to Database: A Comprehensive, Line-by-Line Walkthrough of HTML, JS & PHP with SQLhttps://medium.com/@zoningxtr/from-markup-to-database-a-comprehensive-line-by-line-walkthrough-of-html-js-php-with-sql-d8ba5c00b720?source=rss------bug_bounty-5Zoningxtrpenetration-testing, bug-bounty, cybersecurity, javascript, html10-Apr-2025
Top 10 Underrated Tools in a Pentester’s Arsenal (2025 Edition)https://medium.com/@gasmask/top-10-underrated-tools-in-a-pentesters-arsenal-2025-edition-568568e5418f?source=rss------bug_bounty-5gasmaskcybersecurity, penetration-testing, bug-bounty, web-application-security, beginner10-Apr-2025
A tool that will find secrets, endpoints, and API keys from a list of URLs(Bug Bounty Hunting)https://medium.com/@loyalonlytoday/a-tool-that-will-find-secrets-endpoints-and-api-keys-from-a-list-of-urls-bug-bounty-hunting-6b57fbbbf374?source=rss------bug_bounty-5loyalonlytodaycybersecurity, bug-bounty, bug-bounty-tips, ethical-hacking, tips10-Apr-2025
Rexec — Port 512 — How to exploit?https://medium.com/@verylazytech/rexec-port-512-how-to-exploit-138f9eb2d59f?source=rss------bug_bounty-5Very Lazy Techpenetration-testing, hacking, ethical-hacking, port-512, bug-bounty10-Apr-2025
How My Life Went from SSRF to LFI (and Why That’s Not a Metaphor)https://infosecwriteups.com/how-my-life-went-from-ssrf-to-lfi-and-why-thats-not-a-metaphor-a2d97297e10b?source=rss------bug_bounty-5Iskicybersecurity, bug-bounty, infosec, hacking, money10-Apr-2025
Turning 403 into 200: Bypassing Filters with Base64 to Trigger XSShttps://medium.com/@EL_cazad0r/turning-403-into-200-bypassing-filters-with-base64-to-trigger-xss-adbf5f817d85?source=rss------bug_bounty-5EL_Cazad0rbug-bounty-tips, bug-bounty, bug-bounty-writeup, ethical-hacking10-Apr-2025
Modbus — Port 502 — How to exploit?https://medium.com/@verylazytech/modbus-port-502-how-to-exploit-96b7923741ce?source=rss------bug_bounty-5Very Lazy Techport-502, modbus, bug-bounty, penetration-testing, hacking10-Apr-2025
$500-$10k worth Path Traversal | Advanced Methodologyhttps://infosecwriteups.com/500-10k-worth-path-traversal-advanced-methodology-dd80c18c5539?source=rss------bug_bounty-5It4chis3cbug-bounty, secrets, hacking, path-traversal, file-reading10-Apr-2025
The OWASP Methodology for Web Application Penetration Testinghttps://cyberw1ng.medium.com/the-owasp-methodology-for-web-application-penetration-testing-de23c07ed4bf?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, bug-bounty, owasp, cybersecurity10-Apr-2025
The OWASP Methodology for Web Application Penetration Testinghttps://osintteam.blog/the-owasp-methodology-for-web-application-penetration-testing-de23c07ed4bf?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, bug-bounty, owasp, cybersecurity10-Apr-2025
Bug Bounty Journey — Valid Report Part 5https://medium.com/@0xF3r4t/bug-bounty-journey-valid-report-part-5-7c203bbff96b?source=rss------bug_bounty-50xF3r4tmisconfiguration, bug-bounty, email-verification-bypass, aws-cognito, vdp09-Apr-2025
Account Manipulation Lead to Anonymous Account existencehttps://medium.com/@ziademad1923/account-manipulation-lead-to-anonymous-account-existence-211c1ff390a6?source=rss------bug_bounty-5Ziademadbug-bounty, account-take-over, bug-bounty-writeup09-Apr-2025
SQL injection attack, querying the database type and version on MySQL and Microsofthttps://arayofhope7.medium.com/sql-injection-attack-querying-the-database-type-and-version-on-mysql-and-microsoft-85081e7eef71?source=rss------bug_bounty-5RayofHopebug-bounty, penetration-testing, web-penetration-testing, cyber-security-awareness, ethical-hacking09-Apr-2025
OWASP Top 10 Manual Testinghttps://medium.com/@shamzen96/owasp-top-10-manual-testing-caf675448569?source=rss------bug_bounty-5Shivam Rajtesting, cybersecurity, hacking, bug-bounty, owasp-top-1009-Apr-2025
This is how i use browser to fetch JS endpoints for good paying bugshttps://infosecwriteups.com/this-is-how-i-use-browser-to-fetch-js-endpoints-for-good-paying-bugs-6bd91563f7bf?source=rss------bug_bounty-5Canonminibeasthacking-tools, bug-bounty-tips, cybersecurity, bug-bounty-writeup, bug-bounty09-Apr-2025
Google Patches Two Actively Exploited Android Vulnerabilities — Here’s What You Need to Knowhttps://medium.com/@Cyber-AppSec/google-patches-two-actively-exploited-android-vulnerabilities-heres-what-you-need-to-know-7350b60e5803?source=rss------bug_bounty-5Cyber-AppSecbug-bounty, cybersecurity, cybercrime, cybersecurity-awareness, information-security09-Apr-2025
I Bypassed 2FA Using an Old Secret Key — Here’s How I Earned $500https://medium.com/@whitehat29/i-bypassed-2fa-using-an-old-secret-key-heres-how-i-earned-500-cd92c9158f1a?source=rss------bug_bounty-5Whitehatbug-bounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips, hacking09-Apr-2025
️‍♂️ How Hackers Use Subdomain Takeover for Full Domain Controlhttps://medium.com/@vipulsonule71/%EF%B8%8F-%EF%B8%8F-how-hackers-use-subdomain-takeover-for-full-domain-control-c620b100c928?source=rss------bug_bounty-5Vipul Sonulecybersecurity, writing, hacking, bug-bounty, bug-bounty-tips09-Apr-2025
⏳ The 3-Minute Bug: How I Found a Critical Vulnerability Without a Single Toolhttps://infosecwriteups.com/the-3-minute-bug-how-i-found-a-critical-vulnerability-without-a-single-tool-750a7b2913e8?source=rss------bug_bounty-5Abhijeet Kumawatai, bug-bounty, infosec, cybersecurity, hacking09-Apr-2025
Token Tampering leads to change the user detailshttps://levi4.medium.com/token-tampering-leads-to-change-the-user-details-7bf8b5754bde?source=rss------bug_bounty-5Levi Ackermanbug-bounty, cybersecurity, networking, vulnerability, ethical-hacking09-Apr-2025
️‍♂️ Hacker’s Recon Guide: How to Fingerprint Any Website Like a Prohttps://medium.com/@vipulsonule71/%EF%B8%8F-%EF%B8%8F-hackers-recon-guide-how-to-fingerprint-any-website-like-a-pro-9166f23dd4eb?source=rss------bug_bounty-5Vipul Sonulebug-bounty, bug-bounty-tips, hacking, cybersecurity, penetration-testing09-Apr-2025
A useful tool for bug huntershttps://medium.com/@loyalonlytoday/a-useful-tool-for-bug-hunters-6d22ba356f08?source=rss------bug_bounty-5loyalonlytodayethical-hacking, tips, bug-bounty, tools, cybersecurity09-Apr-2025
5 Quick Wins: Exploit These Vulnerabilities for Huge Bug Bounty Paydayshttps://smartscanner.medium.com/5-quick-wins-exploit-these-vulnerabilities-for-huge-bug-bounty-paydays-90ad106bbe10?source=rss------bug_bounty-5SmartScannercyber-secutity, bounty-program, bounty-hunter, bug-bounty-tips, bug-bounty09-Apr-2025
How a ₹1 Gift Card Hack Cost ₹50 Lakh (PVRCinemas): Why Bug Bounty Programs Are a Business…https://osintteam.blog/how-a-1-gift-card-cost-50-lakh-pvrcinemas-why-bug-bounty-programs-are-a-business-essential-c57d50f8a95b?source=rss------bug_bounty-5Vivek PSethical-hacking, bug-bounty, programming, artificial-intelligence, cybersecurity09-Apr-2025
Chasing Bounties: Sometimes You Find Them, Sometimes They Find Youhttps://medium.com/@Ellatora/chasing-bounties-sometimes-you-find-them-sometimes-they-find-you-2db172282dfc?source=rss------bug_bounty-5Ellatoraosint, bug-bounty, friendship, cybersecurity, cyberjourney09-Apr-2025
From Broken Code to SQL Showdown: How I Found Critical Blind Injectionhttps://infosecwriteups.com/from-broken-code-to-sql-showdown-how-i-found-critical-blind-injection-9ae06e5e7010?source=rss------bug_bounty-5Iskihacking, bug-bounty-tips, money, bug-bounty, cybersecurity09-Apr-2025
Privilege escalation worth — $$$https://medium.com/@zildaxx/privilege-escalation-worth-e8cd18fc6cb7?source=rss------bug_bounty-5zildaxxbug-bounty, bug-bounty-tips09-Apr-2025
Stored HTML Injection — Email Invite Manipulationhttps://ehteshamulhaq198.medium.com/stored-html-injection-email-invite-manipulation-63022e21d5db?source=rss------bug_bounty-5Ehtesham Ul Haqinfosec, penetration-testing, bug-bounty, bug-bounty-writeup, html09-Apr-2025
The $1,000,000 Bug: How I Spent 3 Months on a Single Target and Found the Most Critical Chain of My…https://theindiannetwork.medium.com/the-1-000-000-bug-how-i-spent-3-months-on-a-single-target-and-found-the-most-critical-chain-of-my-5827cd7dc866?source=rss------bug_bounty-5TheIndianNetworkbug-bounty-tips, jwt-token, bug-bounty, bug-bounty-writeup, jwt09-Apr-2025
How I Bypassed 2FA Twice on the Same Targethttps://medium.com/@georgeughh/how-i-bypassed-2fa-twice-on-the-same-target-198c08954e82?source=rss------bug_bounty-5georgeughhbusiness-logic-bug, ethical-hacking, bug-bounty, cybersecurity09-Apr-2025
Cross-Site Scripting (XSS) Attack Identifying And Testinghttps://medium.com/@Maleesha.Rathnayaka/cross-site-scripting-xss-attack-identifying-and-testing-07dc5437e1c4?source=rss------bug_bounty-5Maleesha Rathnayakaxss-vulnerability, web-security, infosec, cybersecurity, bug-bounty09-Apr-2025
A Silent Account Takeover That Didn’t Make It — But Still Mattershttps://medium.com/@unionx24/a-silent-account-takeover-that-didnt-make-it-but-still-matters-5b189b5f1d2e?source=rss------bug_bounty-5unionx24bug-bounty, hackerone, cybersecurity, writeup09-Apr-2025
Uncommon Headers That Bypass Everything (Almost): Bug Bounty Edition — 2025https://medium.com/@gasmask/uncommon-headers-that-bypass-everything-almost-bug-bounty-edition-2025-9d2ea65b2076?source=rss------bug_bounty-5gasmaskweb-application-security, penetration-testing, cybersecurity, beginner, bug-bounty09-Apr-2025
Ingress-NGINX Under Siege: A Deep Dive into CVE-2025–1974 and Cluster Securityhttps://fr3ak-hacks.medium.com/ingress-nginx-under-siege-a-deep-dive-into-cve-2025-1974-and-cluster-security-a11744cb76d3?source=rss------bug_bounty-5Anindya Sankar Roynginx-ingress, web-hacking, wiz, bug-bounty, rce09-Apr-2025
Blind XSS: A Tale of Curiosityhttps://medium.com/@negan0/blind-xss-a-tale-of-curiosity-501d47c0256c?source=rss------bug_bounty-5negan0xs, api-sec, blind-xss, self-xss, bug-bounty09-Apr-2025
Critical Security Flaw Discovered in LSG IPL Team’s Website: Wallet Manipulation Vulnerabilityhttps://medium.com/@deepak7903800/critical-security-flaw-discovered-in-lsg-ipl-teams-website-wallet-manipulation-vulnerability-21c485c6e36f?source=rss------bug_bounty-5Deepak kumaripl, hacking, bug-bounty, information-security, cybersecurity09-Apr-2025
Finding Exposed Sensitive API Keys in JS Files — A Hacker’s Guide ️‍♂️https://medium.com/@vipulsonule71/finding-exposed-sensitive-api-keys-in-js-files-a-hackers-guide-%EF%B8%8F-%EF%B8%8F-50809fe2c52a?source=rss------bug_bounty-5Vipul Sonulebug-bounty-tips, hacking, bug-bounty, ethical-hacking, cybersecurity09-Apr-2025
Part 2: Advanced JS Extraction & Analysis Automation for Bug Bounty Reconhttps://cyberw1ng.medium.com/part-2-advanced-js-extraction-analysis-automation-for-bug-bounty-recon-5535e5e04463?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, cybersecurity, automation, bug-bounty, javascript09-Apr-2025
HTML for Deep Understandinghttps://medium.com/@zoningxtr/html-for-deep-understanding-da69c8204e55?source=rss------bug_bounty-5Zoningxtrjavascript, penetration-testing, web-development, html, bug-bounty09-Apr-2025
$100-$1000 Worth Subdomain Takeover | Easy Bounty Methodologyhttps://infosecwriteups.com/100-1000-worth-subdomain-takeover-easy-bounty-methodology-6daf9beacb31?source=rss------bug_bounty-5It4chis3csecrets, subdomain-takeover, reconnaissance, bug-bounty, hidden09-Apr-2025
Part 2: Advanced JS Extraction & Analysis Automation for Bug Bounty Reconhttps://osintteam.blog/part-2-advanced-js-extraction-analysis-automation-for-bug-bounty-recon-5535e5e04463?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, cybersecurity, automation, bug-bounty, javascript09-Apr-2025
HTTP Status Codes: Overlooked Clues in Bug Bountyhttps://medium.com/@cadeeper/http-status-codes-overlooked-clues-in-bug-bounty-f5b0efd556fc?source=rss------bug_bounty-5Invpentesting, cybersecurity, bug-bounty, vulnerability, web-security08-Apr-2025
SQL injection attack, querying the database type and version on Oracle — PortSwiggerhttps://arayofhope7.medium.com/sql-injection-attack-querying-the-database-type-and-version-on-oracle-portswigger-904487db7d3d?source=rss------bug_bounty-5RayofHopeweb-penetration-testing, vapt, bug-bounty, cyber-security-training, penetration-testing08-Apr-2025
A Beginner's Guide to Bug Bounties.https://medium.com/@richard_wachara/a-beginners-guide-to-bug-bounties-f710b10ae188?source=rss------bug_bounty-5RicOnTechhackathons, bugs, bug-bounty, ethical-hacking, hacking08-Apr-2025
Living off the Land Binaries (LOLBins): How Attackers Use Built-In Tools Against Youhttps://medium.com/@paritoshblogs/living-off-the-land-binaries-lolbins-how-attackers-use-built-in-tools-against-you-24c0cb91ba20?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, hacking, lolbin, cybersecurity08-Apr-2025
AI vs. Hackers: Can AI Help in Bug Bounty or Is It Just a Hype?https://infosecwriteups.com/ai-vs-hackers-can-ai-help-in-bug-bounty-or-is-it-just-a-hype-04ce56b454d6?source=rss------bug_bounty-5Abhijeet Kumawathacker, ai, cybersecurity, hacking, bug-bounty08-Apr-2025
How Hackers Find Social Accounts & Passwordshttps://medium.com/@vipulsonule71/how-hackers-find-social-accounts-passwords-1156e14e2faf?source=rss------bug_bounty-5Vipul Sonuletechnology, ethical-hacking, hacking, bug-bounty, cybersecurity08-Apr-2025
Helpful website to find bug bounty and VDP programshttps://medium.com/meetcyber/helpful-website-to-find-bug-bounty-and-vdp-programs-eef63aca3b04?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, cybersecurity, bug-bounty-program, bug-bounty, bug-bounty-hunter08-Apr-2025
From Recon to RCE: How AI and a cup of Boost Helped Me Turn SQLi into a Command Injection Jackpot…https://infosecwriteups.com/from-recon-to-rce-how-ai-and-a-cup-of-boost-helped-me-turn-sqli-into-a-command-injection-jackpot-1f62dc829956?source=rss------bug_bounty-5Iskicybersecurity, hacking, infosec, bug-bounty, bug-bounty-tips08-Apr-2025
Rlogin — Port 513 — How to exploit?https://medium.com/@verylazytech/rlogin-port-513-how-to-exploit-276acd0e30b6?source=rss------bug_bounty-5Very Lazy Techoscp, hacking, penetration-testing, bug-bounty, ethical-hacking08-Apr-2025
Unique MFA / Email Verification Bypass | Bug Bounty Methodologyhttps://progprnv.medium.com/unique-mfa-email-verification-bypass-bug-bounty-methodology-6f4c2d4c4c36?source=rss------bug_bounty-5progprnvbypass, methodology, cybersecurity, bug-bounty, bug-bounty-tips08-Apr-2025
No Program, No Permission — Still Got a Bounty for Doing the Right Thinghttps://medium.com/@Arioex/no-program-no-permission-still-got-a-bounty-for-doing-the-right-thing-eeb084c9bf88?source=rss------bug_bounty-5Huntsmanbug-bounty, cybersecurity, vulnerability, bug-bounty-tips, hacking08-Apr-2025
Hosting a Successful CTF event at Your College on a LAN or Using the Cloud.https://medium.com/@shashank_d_s/hosting-a-successful-ctf-event-at-your-college-on-a-lan-or-using-the-cloud-767da16c92af?source=rss------bug_bounty-5D4rkHxndcybersecurity, penetration-testing, bug-bounty, ctf, capture-the-flag08-Apr-2025
Top 5 Social Engineering Attacks and How Hackers Trick Humanshttps://medium.com/@vipulsonule71/top-5-social-engineering-attacks-and-how-hackers-trick-humans-ff8651f9e6a7?source=rss------bug_bounty-5Vipul Sonulehacking, ethical-hacking, bug-bounty, cybersecurity, ai08-Apr-2025
IDOR in Avatar Selection Allows Unauthorized Access to Premium Avatarshttps://mmnahian.medium.com/idor-in-avatar-selection-allows-unauthorized-access-to-premium-avatars-57ab276d2b6e?source=rss------bug_bounty-5mmnahianpenetration-testing, bug-bounty, web-app-security, infosec, bug-bounty-tips08-Apr-2025
Automate JavaScript (JS) Extraction for Bug Bounty Reconhttps://cyberw1ng.medium.com/automate-javascript-js-extraction-for-bug-bounty-recon-6faab744d22e?source=rss------bug_bounty-5Karthikeyan Nagarajosint, cybersecurity, bug-bounty, programming, careers08-Apr-2025
My First Valid Bug in Hacker One (VDP)Programs Using Google Dorkinghttps://medium.com/@es0557533/my-first-valid-bug-in-hacker-one-vdp-programs-using-google-dorking-913926fb8489?source=rss------bug_bounty-5Isvbug-zero, bugbounty-writeup, bug-bounty, google-dorking, bug-bounty-tips08-Apr-2025
This is how i use browser to fetch JS endpoints for good paying bugshttps://osintteam.blog/this-is-how-i-use-browser-to-fetch-js-endpoints-for-good-paying-bugs-3ca824e20aa5?source=rss------bug_bounty-5Canonminibeastbug-bounty-writeup, cybersecurity, bug-bounty, hacking-tools, bug-bounty-tips08-Apr-2025
Automate JavaScript (JS) Extraction for Bug Bounty Reconhttps://osintteam.blog/automate-javascript-js-extraction-for-bug-bounty-recon-6faab744d22e?source=rss------bug_bounty-5Karthikeyan Nagarajosint, cybersecurity, bug-bounty, programming, careers08-Apr-2025
CVE-2025–31420: wpForo <= 2.4.2 — Authenticated Privilege Escalationhttps://revan-ar.medium.com/cve-2025-31420-wpforo-2-4-2-authenticated-privilege-escalation-99b1aa7498b6?source=rss------bug_bounty-5Revan Abug-bounty, penetration-testing, wordpress-plugins, vulnerability, privilege-escalation07-Apr-2025
My Cyber Security Bug Bounty Side Hustle Paid Off My Mortgagehttps://medium.com/@swaroop.sy/my-cyber-security-bug-bounty-side-hustle-paid-off-my-mortgage-c7b31ad74219?source=rss------bug_bounty-5Swaroop Yermalkarpentesting, cybersecurity, bug-bounty, informaiton-security07-Apr-2025
BUG BOUNTY FRAUD : The Dark Side of Bug Bounty: From Rewards to Punishmenthttps://medium.com/@krivadna_87390/bug-bounty-fraud-the-dark-side-of-bug-bounty-from-rewards-to-punishment-a2b671ec64b6?source=rss------bug_bounty-5Krivadnacybersecurity, bug-bounty, info-sec-writeups, freelancing, bugbounty-writeup07-Apr-2025
Exploiting Unconventional Open Redirects by Manipulating URL Parsinghttps://medium.com/@itamar.yochpaz/exploiting-unconventional-open-redirects-by-manipulating-url-parsing-9e3eee575d31?source=rss------bug_bounty-5Itamar Yochpazhacking, ethical-hacking, bug-bounty, cybersecurity, penetration-testing07-Apr-2025
Hackers’ Hidden Playground: Exploiting Underrated Web Vulnerabilities Like a Prohttps://infosecwriteups.com/hackers-hidden-playground-exploiting-underrated-web-vulnerabilities-like-a-pro-e62ce0887ee7?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, hacker, hacking, bug-bounty, ai07-Apr-2025
AI Jailbreak walkthrough.https://medium.com/@anandrishav2228/ai-jailbreak-walkthrough-4be9229a8e53?source=rss------bug_bounty-5Rishav anandcybersecurity, hacking, bug-bounty, ai, money07-Apr-2025
#Bugbountyfraud Reddit Triaged report on Hackerone for banned URL Bypass I Clearly Proved was…https://medium.com/@krivadna_87390/bugbountyfraud-reddit-triaged-report-on-hackerone-for-banned-url-bypass-i-clearly-proved-was-0a0aff79578d?source=rss------bug_bounty-5Krivadnainfo-sec-writeups, infosec, bug-bounty, bugbounty-writeup, cybersecurity07-Apr-2025
Unmasking GraphQL: Your Next Bug Bounty Goldmine — The Deep Dive ️‍♂️https://medium.com/@shaikrief2/unmasking-graphql-your-next-bug-bounty-goldmine-the-deep-dive-%EF%B8%8F-%EF%B8%8F-759b732ddcd1?source=rss------bug_bounty-5Shxikrfbug-bounty, api-security, graphql, cybersecurity, web-security07-Apr-2025
Non-English Dorks to Find Bug Bounty & VDP Programshttps://cybersecuritywriteups.com/non-english-dorks-to-find-bug-bounty-vdp-programs-d799f0a5161c?source=rss------bug_bounty-5AbhirupKonwarosint, bug-bounty-tips, bug-bounty, ethical-hacking, pentesting07-Apr-2025
How AI Helped Me Turn a Sneaky SQL Param into a Full-Blown RFI Madnesshttps://infosecwriteups.com/how-ai-helped-me-turn-a-sneaky-sql-param-into-a-full-blown-rfi-madness-31837311f6bd?source=rss------bug_bounty-5Iskibug-bounty, hacking, bug-bounty-tips, cybersecurity, infosec07-Apr-2025
When Google Dorking becomes the ultimate Game Changer to Find a Bug on the Indian Governmenthttps://osintteam.blog/when-google-dorking-becomes-the-ultimate-game-changer-to-find-a-bug-on-the-indian-government-f1ec94642c84?source=rss------bug_bounty-5Gokuleswaran Bbug-bounty, google-dork, bug-bounty-tips, osint, dorking07-Apr-2025
The ultimate offensive security learning bundle - a combined review of Hack The Box Academy’s CPTS…https://pyth0nk1d.medium.com/the-ultimate-offensive-security-learning-bundle-a-combined-review-of-hack-the-box-academys-cpts-d9883d766770?source=rss------bug_bounty-5David Prieto Monterobug-bounty, offensive-security, certification, hackthebox, penetration-testing07-Apr-2025
Rsh — Port 514 — How to exploit?https://medium.com/@verylazytech/rsh-port-514-how-to-exploit-025554369230?source=rss------bug_bounty-5Very Lazy Techoscp, bug-bounty, penetration-testing, rsh, ethical-hacking07-Apr-2025
IDOR Exposed: How a Simple ID Can Leak Millions of Recordshttps://infosecwriteups.com/idor-exposed-how-a-simple-id-can-leak-millions-of-records-890d9f200d0a?source=rss------bug_bounty-5Elie Attiehpentesting, bug-bounty, cybersecurity, bug-bounty-tips, penetration-testing07-Apr-2025
Line Printer Daemon (LPD) — Port 515 — How to exploit?https://medium.com/@verylazytech/line-printer-daemon-lpd-port-515-how-to-exploit-841142039707?source=rss------bug_bounty-5Very Lazy Techethical-hacking, oscp, hacking, penetration-testing, bug-bounty07-Apr-2025
Hacking JavaScript files to get the Sensitive Datahttps://anishkashukla.medium.com/hacking-javascript-files-to-get-the-sensitive-data-2526416a8afd?source=rss------bug_bounty-5Anishka Shuklacybersecurity, infosec, bug-bounty, bug-bounty-tips, penetration-testing07-Apr-2025
HackingHub — Prison Hack Senaryosuhttps://aliekberkara.medium.com/hackinghub-prison-hack-senaryosu-e80bc482933f?source=rss------bug_bounty-5Ali Ekber KARAprison, cybersecurity, bug-bounty, discovery, hacking07-Apr-2025
How I Stumbled Into an SQLi at 2 AM (Instead of Doing My Job)https://medium.com/@ramshath1999/how-i-stumbled-into-an-sqli-at-2-am-instead-of-doing-my-job-4506135dea3a?source=rss------bug_bounty-5Ramshathhacking, bug-bounty, sql-injection, cybersecurity07-Apr-2025
How I Found Sensitive Information using Github Dorks in Bug Bounties — Part 3https://mukibas37.medium.com/how-i-found-sensitive-information-using-github-dorks-in-bug-bounties-part-3-750f62908508?source=rss------bug_bounty-5Mukilan Baskarancybersecurity, bug-bounty, code-review, code, github07-Apr-2025
Exposing a Major Data Leak in UPPCL: How Anyone Could Access Consumer PIIhttps://medium.com/@siddharth_1/exposing-a-major-data-leak-in-uppcl-how-anyone-could-access-consumer-pii-c65c10099db5?source=rss------bug_bounty-5Siddharthbugs, bug-bounty, security, bug-bounty-tips07-Apr-2025
Automating Google Dorking with Pythonhttps://cyberw1ng.medium.com/automating-google-dorking-with-python-fcd8601fe1f0?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, programming, cybersecurity, technology, careers07-Apr-2025
How AI Helped Me to Bypass 403 — Forbiddenhttps://infosecwriteups.com/how-ai-helped-me-to-bypass-403-forbidden-06becd32b999?source=rss------bug_bounty-5It4chis3cbug-bounty, hacking, ai, artificial-intelligence, secrets07-Apr-2025
Passive URL gathering tool for bug huntershttps://medium.com/@loyalonlytoday/passive-url-gathering-tool-for-bug-hunters-75d7385217a5?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, penetration-testing, ethical-hacking, bug-bounty-tips06-Apr-2025
Oracle Data Breach: Exploitation of CVE-2021-35587 in Oracle Access Managerhttps://medium.com/@ajeemshaik7/oracle-data-breach-exploitation-of-cve-2021-35587-in-oracle-access-manager-6584bd2d3de5?source=rss------bug_bounty-5Calix Sharptechnology, bug-bounty-tips, cybersecurity, future, bug-bounty06-Apr-2025
Can AI Hack Websites? Testing the Limits of ChatGPT and Cybersecurityhttps://infosecwriteups.com/can-ai-hack-websites-testing-the-limits-of-chatgpt-and-cybersecurity-4e2bc9635bea?source=rss------bug_bounty-5Abhijeet Kumawathacking, bug-bounty, ai, cybersecurity, chatgpt06-Apr-2025
Remix and React Router Vulnerability CVE-2025–31137 -$$$$ BOUNTYhttps://infosecwriteups.com/remix-and-react-router-vulnerability-cve-2025-31137-bounty-c0c716f44888?source=rss------bug_bounty-5Ajay Naikpenetration-testing, information-security, bug-bounty, cybersecurity, cyberattack06-Apr-2025
Error Messages From Hell: 25 Cryptic Warnings That Left Developers in Tearshttps://medium.com/@coders.stop/error-messages-from-hell-25-cryptic-warnings-that-left-developers-in-tears-a87c0c8f2082?source=rss------bug_bounty-5Coders Stopbug-bounty, software-development, programming, error-message, error-handling06-Apr-2025
Apple Filing Protocol (AFP) — PORT 548 — How to exploit?https://medium.com/@verylazytech/apple-filing-protocol-afp-port-548-how-to-exploit-eb4dbb3804f7?source=rss------bug_bounty-5Very Lazy Techethical-hacking, bug-bounty, penetration-testing, port-548, hacking06-Apr-2025
how i found the broken access control vulnerability?https://doordiefordream.medium.com/how-i-found-the-broken-access-control-vulnerability-5ad1b3083c6d?source=rss------bug_bounty-5DOD cyber solutionstechnology, cybersecurity, security, ethical-hacking, bug-bounty06-Apr-2025
Bountymine: The Cleanest Cybersecurity Guide that You Shouldn’t Misshttps://medium.com/developersglobal/bountymine-the-cleanest-cybersecurity-guide-that-you-shouldnt-miss-6f18a36451da?source=rss------bug_bounty-5Gopalakrishnanbug-bounty-tips, bug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-hunting06-Apr-2025
Another Day, Another ₹500 reward: The Not-So-Fancy Reality of Bug Huntinghttps://osintteam.blog/another-day-another-500-reward-the-not-so-fancy-reality-of-bug-hunting-545b5ce4c512?source=rss------bug_bounty-5Vivek PSprogramming, web-development, hacking, bug-bounty, ethical-hacking06-Apr-2025
SQL injection vulnerability allowing login bypass — Post Methodhttps://arayofhope7.medium.com/sql-injection-vulnerability-allowing-login-bypass-post-method-9d219a201de7?source=rss------bug_bounty-5RayofHopecyber-security-training, web-penetration-testing, penetration-testing, vapt, bug-bounty06-Apr-2025
block chain introductionhttps://doordiefordream.medium.com/block-chain-introduction-d0e1806d9c02?source=rss------bug_bounty-5DOD cyber solutionscybersecurity, bug-bounty, web3, bitcoin, blockchain06-Apr-2025
JavaScript Built-in Functionshttps://medium.com/@zoningxtr/javascript-built-in-functions-7a4070ca592a?source=rss------bug_bounty-5Zoningxtrbug-bounty, javascript, penetration-testing, javascript-development, cybersecurity06-Apr-2025
JavaScript Jump Start Series.https://medium.com/@zoningxtr/javascript-jump-start-series-4bf380051fac?source=rss------bug_bounty-5Zoningxtrjavascript, javascript-tips, penetration-testing, bug-bounty, cybersecurity06-Apr-2025
How Hackers Exploit CVE-2025–29927 in Next.js Like a Prohttps://infosecwriteups.com/how-hackers-exploit-cve-2025-29927-in-next-js-like-a-pro-9997f48ed7ce?source=rss------bug_bounty-5coffinxpbug-bounty-tips, cybersecurity, bug-bounty, technology, nextjs06-Apr-2025
How to become a BugBounty Hunter in 2025. Detailed Roadmap !!https://medium.com/@0026rsb/how-to-become-a-bugbounty-hunter-in-2025-detailed-roadmap-084f1233ef8b?source=rss------bug_bounty-5Rupesh_rsroadmaps, career-in-cybersecurity, bug-bounty06-Apr-2025
“One Click, No Consent” — How I Unsubscribed Any User from [target.com] Without Logging Inhttps://cybersecuritywriteups.com/one-click-no-consent-how-i-unsubscribed-any-user-from-target-com-without-logging-in-ef4897f73158?source=rss------bug_bounty-5Guru Prasad Pattanaikbug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips, ethical-hacking06-Apr-2025
RECON GHOST: The 83% Faster Recon Tool That Almost Broke Mehttps://mfaizananwar.medium.com/recon-ghost-the-83-faster-recon-tool-that-almost-broke-me-eb78a7b267c4?source=rss------bug_bounty-5Muhammad Faizan Anwarbug-bounty, offensive-security, cybersecurity, nmap, penetration-testing06-Apr-2025
How to Gather PII From Websites Using Pythonhttps://cyberw1ng.medium.com/how-to-gather-pii-from-websites-using-python-949d36cd8a06?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, technology, programming, bug-bounty, careers06-Apr-2025
Duty Free: A White-Hat Forum with a Shadowed Pasthttps://medium.com/@vasekpentester/duty-free-a-white-hat-forum-with-a-shadowed-past-5cc92ca1c3e7?source=rss------bug_bounty-5vasekethical-hacking, hacking, penetration-testing, bug-bounty, hacker06-Apr-2025
Duty Free как зарождался новый форум для белых хакеровhttps://medium.com/@vasekpentester/duty-free-%D0%BA%D0%B0%D0%BA-%D0%B7%D0%B0%D1%80%D0%BE%D0%B6%D0%B4%D0%B0%D0%BB%D1%81%D1%8F-%D0%BD%D0%BE%D0%B2%D1%8B%D0%B9-%D1%84%D0%BE%D1%80%D1%83%D0%BC-%D0%B4%D0%BB%D1%8F-%D0%B1%D0%B5%D0%BB%D1%8B%D1%85-%D1%85%D0%B0%D0%BA%D0%B5%D1%80%D0%BE%D0%B2-55a0e83a1564?source=rss------bug_bounty-5vasekpentesting, bug-bounty, exploit, hacking, forum06-Apr-2025
How to become a BugBounty Hunter in 2025. Detailed Roadmap !!https://medium.com/@RsHack3r/how-to-become-a-bugbounty-hunter-in-2025-detailed-roadmap-084f1233ef8b?source=rss------bug_bounty-5Rupesh_rsroadmaps, career-in-cybersecurity, bug-bounty06-Apr-2025
100 Google Dorks for Low-Hanging Bug Hunting — Hunt Like a Prohttps://osintteam.blog/100-google-dorks-for-low-hanging-bug-hunting-hunt-like-a-pro-be0a4c29e557?source=rss------bug_bounty-5Adarsh Pandeyosint, cybersecurity, bug-bounty, google, dorks05-Apr-2025
Uncover Hidden Bugshttps://osintteam.blog/uncover-hidden-bugs-851603d187dd?source=rss------bug_bounty-5Monika sharmapenetration-testing, bug-bounty, bug-bounty-tips, technology, hacking05-Apr-2025
A list of tools that will help to find XSS(cross-site scripting ) vulnerability.https://medium.com/@loyalonlytoday/a-list-of-tools-that-will-help-to-find-xss-cross-site-scripting-vulnerability-037dfe279f51?source=rss------bug_bounty-5loyalonlytodayxss-attack, tools, cybersecurity, xss-vulnerability, bug-bounty05-Apr-2025
The story of Conti: part 1https://medium.com/@jakboubmostefa/the-story-of-conti-part-1-c1285a89696f?source=rss------bug_bounty-5Mostefa Jakboubcybersecurity, ransomeware, malware, c-plus-plus-language, bug-bounty05-Apr-2025
JWT Vulnerabilities: How Misconfigurations Can Lead to Authentication Bypasshttps://bitpanic.medium.com/jwt-vulnerabilities-how-misconfigurations-can-lead-to-authentication-bypass-96d520194b6d?source=rss------bug_bounty-5Spectat0rguyai-generated-content, technology, programming, bug-bounty, cybersecurity05-Apr-2025
We Did Everything Right… and Still Got Exploited: What Went Wrong? ‼️https://securrtech.medium.com/we-did-everything-right-and-still-got-exploited-what-went-wrong-%EF%B8%8F-79b7cb973008?source=rss------bug_bounty-5Securr - Web3 Securityweb3-security, bug-bounty, smart-contract-security, smart-contract-auditing, blockchain-security05-Apr-2025
️ SSRF to RCE: How I Turned a Small Bug Into a Big Paycheckhttps://infosecwriteups.com/%EF%B8%8F-ssrf-to-rce-how-i-turned-a-small-bug-into-a-big-paycheck-574b6b889d2a?source=rss------bug_bounty-5Abhijeet Kumawathacking, ssrf, rce, bug-bounty, cybersecurity05-Apr-2025
RTSP — Port 554, 8554 — How to exploit?https://medium.com/@verylazytech/rtsp-port-554-8554-how-to-exploit-674df4aca649?source=rss------bug_bounty-5Very Lazy Techhacking, bug-bounty, port-554, ethical-hacking, penetration-testing05-Apr-2025
Day 29 — CSRF Bypass Using Domain Confusion Leads To Account Takeover (ATO)https://medium.com/@danielbelay/day-29-csrf-bypass-using-domain-confusion-leads-to-account-takeover-ato-bfd27b975e80?source=rss------bug_bounty-5dani3lbug-bounty, ato, account-takeover, cybersecurity05-Apr-2025
Open Bug Bounty — Your XSS Gymhttps://osintteam.blog/open-bug-bounty-your-xss-gym-75fed886d2c0?source=rss------bug_bounty-5RivuDonopenbugbounty, xss-attack, bug-bounty-writeup, bug-bounty, bug-bounty-tips05-Apr-2025
SQL injection vulnerability in WHERE clause allowing retrieval of hidden data — PortSwiggerhttps://arayofhope7.medium.com/sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-portswigger-12342def10ec?source=rss------bug_bounty-5RayofHopepenetration-testing, cyber-security-courses, sql-injection, bug-bounty, vapt05-Apr-2025
Scroll, Find, Boom! How I Tripped Over a Bounty in Just 3 Lines of Codehttps://myselfakash20.medium.com/scroll-find-boom-how-i-tripped-over-a-bounty-in-just-3-lines-of-code-18806bafd56c?source=rss------bug_bounty-5Akash Ghoshethical-hacking, infosec, cybersecurity, bug-bounty, bug-bounty-tips05-Apr-2025
How to Bypass Phone Number Validation for Unlimited Free Trialshttps://medium.com/@Youseef/how-to-bypass-phone-number-validation-for-unlimited-free-trials-98d8bf2f0955?source=rss------bug_bounty-5Yousseffbug-bounty, web-penetration-testing, penetration-testing, hackerone, bug-hunting05-Apr-2025
How I Bypassed Xiaomi’s Rate Limit with Just a Few Extra Slashes ///https://infosecxsalman.medium.com/how-i-bypassed-xiaomis-rate-limit-with-just-a-few-extra-slashes-425b00ded794?source=rss------bug_bounty-5Salmanbug-bounty, hackerone, security, bug-bounty-writeup, rate-limit-bypass05-Apr-2025
CORS Misconfiguration: Bug Bounty Tips to Find and Exploit These Vulnerabilitieshttps://frostyxsec.medium.com/cors-misconfiguration-bug-bounty-tips-to-find-and-exploit-these-vulnerabilities-4856d0a954af?source=rss------bug_bounty-5Frostyxsecbug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-hunting, bug-bouty-tips05-Apr-2025
The AI paradox in bug bounty: Increased efficiency or noise saturation?https://medium.com/@ce.barquet/the-ai-paradox-in-bug-bounty-increased-efficiency-or-noise-saturation-4aab10d94979?source=rss------bug_bounty-5Luthierccybersecurity, artificial-intelligence, bug-bounty, ai, technology05-Apr-2025
Bypassing OTP Verificationhttps://medium.com/@Youseef/bypassing-otp-verification-412978abb332?source=rss------bug_bounty-5Yousseffbug-bounty, cybersecurity, business-logic-flaw, web-penetration-testing05-Apr-2025
$150 IDOR️‍♂️ — How I Added My Own Dishes to a Restaurant Menuhttps://medium.com/@yahiasherif/150-idor-%EF%B8%8F-%EF%B8%8F-how-i-added-my-own-dishes-to-a-restaurant-menu-399dce077878?source=rss------bug_bounty-5Yahia Sherifbug-bounty-writeup, bug-bounty, idor, pentesting, broken-access-control05-Apr-2025
campaign monitor takeoverhttps://aarnavsaboo.medium.com/campaign-monitor-takeover-5cd796c3fe67?source=rss------bug_bounty-5Aarnav Saboopentesting, networking, cybersecurity, ethical-hacking, bug-bounty05-Apr-2025
When APIs Trust Too Much: Chat Impersonation through Broken Auth [Bug bounty write-up] — Kullai 🙂https://kullaisec.medium.com/when-apis-trust-too-much-chat-impersonation-through-broken-auth-bug-bounty-write-up-kullai-943abecaa34d?source=rss------bug_bounty-5Kullaibugbounty-writeup, pentesting, bug-bounty, cybersecurity, hacking05-Apr-2025
From Nap to P4: A Chilled Evening Bug Hunthttps://medium.com/@gourisankara357/from-nap-to-p4-a-chilled-evening-bug-hunt-e3478f20022f?source=rss------bug_bounty-5Gouri Sankar Abugcrowd, bug-bounty, infosec-write-ups, bug-hunting05-Apr-2025
Master Recon P-1: 15+ Ways of Subdomain Scraping Techniques | My 2 Years of Bug Hunting Experiencehttps://medium.com/@janpreet4340/master-recon-p-1-15-ways-of-subdomain-scraping-techniques-my-2-years-of-bug-hunting-experience-c9455a30b520?source=rss------bug_bounty-5Janpreet Singhbug-bounty, penetration-testing, subdomains-enumeration, recon, best05-Apr-2025
Hacking a File Path Traversal Vulnerability: How I Retrieved /etc/passwd & Solved the Labhttps://medium.com/@sumanth1962/hacking-a-file-path-traversal-vulnerability-how-i-retrieved-etc-passwd-solved-the-lab-4e9e1a2f8aa2?source=rss------bug_bounty-5Sumanth Yerranagulacybersecurity, bug-bounty, ethical-hacking, ctf-writeup, ctf05-Apr-2025
How i found XSS and chained it with CSRFhttps://medium.com/@alshormanmomen681/how-i-found-xss-and-chained-it-with-csrf-b99bc589ad5b?source=rss------bug_bounty-5Alshormanmomencsrf, hacking, bug-bounty, bounties, xss-attack05-Apr-2025
Bypassing WAFs in 2025: New Techniques and Evasion Tacticshttps://medium.com/@gasmask/bypassing-wafs-in-2025-new-techniques-and-evasion-tactics-fdb3508e6b46?source=rss------bug_bounty-5gasmaskcybersecurity, web-application-security, beginner, penetration-testing, bug-bounty05-Apr-2025
How I got 324$ for a PII disclosurehttps://aarnavsaboo.medium.com/324-pii-disclosure-89e6b384fab7?source=rss------bug_bounty-5Aarnav Saboovulnerability, penetration-testing, bug-bounty, hacking, cybersecurity05-Apr-2025
HackTheBox: Stocker — Bypass a Logins con Inyecciones NoSQL y Escalada de Privilegios en Node.jshttps://medium.com/@zsodex/hackthebox-stocker-bypass-a-logins-con-inyecciones-nosql-y-escalada-de-privilegios-en-node-js-d0b2666149f3?source=rss------bug_bounty-5zSodexcybersecurity, bug-bounty, hackthebox-writeup, penetration-testing05-Apr-2025
Introduction to OWASP Mobile Top 10 for Androidhttps://cyberw1ng.medium.com/introduction-to-owasp-mobile-top-10-for-android-3be718c566f8?source=rss------bug_bounty-5Karthikeyan Nagarajtechnology, programming, bug-bounty, owasp, cybersecurity05-Apr-2025
Google Rate Limit Bypass: Triggering Infinite Spam Requestshttps://medium.com/@AhmedSamy-X/google-rate-limit-bypass-triggering-infinite-spam-requests-c360019b9c7f?source=rss------bug_bounty-5Ahmedsamyethical-hacking, bug-bounty, cybersecurity, google-hacking, information-technology04-Apr-2025
A tool that will help to analyze security headers of your target domains.https://medium.com/@loyalonlytoday/a-tool-that-will-help-to-analyze-security-headers-of-your-target-domains-86aa06a3fa5c?source=rss------bug_bounty-5loyalonlytodayhacking, cybersecurity, penetration-testing, bug-bounty, programming04-Apr-2025
How I Tricked a Server (with AI) Into Leaking Its Secretshttps://infosecwriteups.com/how-i-tricked-a-server-with-ai-into-leaking-its-secrets-bb18be82b81d?source=rss------bug_bounty-5Iskihacking, cybersecurity, infosec, money, bug-bounty04-Apr-2025
IPMI — Port 623/UDP/TCP — How to exploit?https://medium.com/@verylazytech/ipmi-port-623-udp-tcp-how-to-exploit-4655ec015a0b?source=rss------bug_bounty-5Very Lazy Techhacking, penetration-testing, bug-bounty, port-623, ipmi04-Apr-2025
The Hidden XSS: A Bug Hidden in the Misthttps://ghostman01.medium.com/the-hidden-xss-a-bug-hidden-in-the-mist-907d6cc55322?source=rss------bug_bounty-5SIDDHANT SHUKLAhacking, bug-bounty, cybersecurity, ethical-hacking, hacker04-Apr-2025
Creativity Over Commands: Why Hacking is 80% Mindset, 20% Toolshttps://myselfakash20.medium.com/creativity-over-commands-why-hacking-is-80-mindset-20-tools-517c9ed75046?source=rss------bug_bounty-5Akash Ghoshhacking, cybersecurity, bug-bounty-tips, technology, bug-bounty04-Apr-2025
The Simple P3: Not a Jokehttps://infosecwriteups.com/the-simple-p3-not-a-joke-58d957aceb63?source=rss------bug_bounty-5callgh0sttest, hacking, genocide, bug-bounty, bug-bounty-tips04-Apr-2025
Automation vs. Manual Hacking: Which One Wins in Bug Bounty?https://medium.com/@Abhijeet_kumawat_/automation-vs-manual-hacking-which-one-wins-in-bug-bounty-1b7826452c69?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, hacking, infosec, cybersecurity, ai04-Apr-2025
Automation vs. Manual Hacking: Which One Wins in Bug Bounty?https://infosecwriteups.com/automation-vs-manual-hacking-which-one-wins-in-bug-bounty-1b7826452c69?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, hacking, infosec, cybersecurity, ai04-Apr-2025
Race Condition - Eating Rate Limits for Account Takeoverhttps://shahjerry33.medium.com/race-condition-eating-rate-limits-for-account-takeover-ff44b6dc8798?source=rss------bug_bounty-5Jerry Shah (Jerry)infosec, vulnerability, cybersecurity, pentesting, bug-bounty04-Apr-2025
Extract all Bug Bounty programshttps://osintteam.blog/extract-all-bug-bounty-programs-df37ebd86530?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, bug-bounty, ethical-hacking, pentesting, penetration-testing04-Apr-2025
How to Hackers hack CCTVhttps://infosecwriteups.com/how-to-hackers-hack-cctv-a55b03a4ddf8?source=rss------bug_bounty-5Mr Horbiohacking, cctv, ethical-hacking, bug-bounty, cybersecurity04-Apr-2025
Creativity Over Commands: Why Hacking is 80% Mindset, 20% Toolshttps://infosecwriteups.com/creativity-over-commands-why-hacking-is-80-mindset-20-tools-517c9ed75046?source=rss------bug_bounty-5Akash Ghoshhacking, infosec, cybersecurity, technology, bug-bounty04-Apr-2025
$150 IDOR️‍♂️ — How I Added My Own Dishes to a Restaurant Menuhttps://medium.com/@yahiasherif/150-idor-%EF%B8%8F-%EF%B8%8F-how-i-added-my-own-dishes-to-a-restaurant-menu-a0b4a78c1d8a?source=rss------bug_bounty-5Yahia Sherifbug-bounty-writeup, bug-bounty, broken-access-control, idor, pentesting04-Apr-2025
The Biggest Password Leaks in History: Lessons from Millions of Stolen Accountshttps://medium.com/@vipulsonule71/the-biggest-password-leaks-in-history-lessons-from-millions-of-stolen-accounts-30e1b9d519b3?source=rss------bug_bounty-5Vipul Sonulehacking, cybersecurity, ethical-hacking, bug-bounty, penetration-testing04-Apr-2025
Google Classroom IDOR: Mute Anyone, Even the Owner… But Ignoredhttps://v0ltex.medium.com/google-classroom-idor-mute-anyone-even-the-owner-but-ignored-58def4627507?source=rss------bug_bounty-5Abdo Rabea (VolteX)bug-bounty, broken-access-control, google-vrp, idor, writeup04-Apr-2025
Introduction to OWASP Top 10 API Vulnerabilityhttps://cyberw1ng.medium.com/introduction-to-owasp-top-10-api-vulnerability-43a239e782b7?source=rss------bug_bounty-5Karthikeyan Nagarajapi, bug-bounty, programming, cybersecurity, careers04-Apr-2025
Mastering Logic Bugs: A Checklist for Bug Hunters — Part 3: Account Takeover (ATO )https://medium.com/@mahdisalhi0500/mastering-logic-bugs-a-checklist-for-bug-hunters-part-3-account-takeover-ato-7af98ce87aa3?source=rss------bug_bounty-5CaptinSHArky(Mahdi)infosec, bug-bounty, hacking, information-security, penetration-testing04-Apr-2025
Guide to Identifying and Exploiting TOCTOU Race Conditions in Web Applicationshttps://fdzdev.medium.com/guide-to-identifying-and-exploiting-toctou-race-conditions-in-web-applications-c5f233e32b7f?source=rss------bug_bounty-5Facundo Fernandezpenetration-testing, ethical-hacking, cybersecurity, hacking, bug-bounty04-Apr-2025
Unauthenticated Admin Profile Disclosure via GraphQL IDOR — A Real-World Bug Bounty Find.https://medium.com/@yasser0hamoda1/unauthenticated-admin-profile-disclosure-via-graphql-idor-a-real-world-bug-bounty-find-f8647eae5237?source=rss------bug_bounty-5Yasser Hamodahacking, cybersecurity, bug-bounty, infosec, programming03-Apr-2025
Mobile Application Bounty Practice: SQL Injection Principles, Vulnerability Discovery and…https://medium.com/@cadeeper/mobile-application-bounty-practice-sql-injection-principles-vulnerability-discovery-and-cd3e77ef380b?source=rss------bug_bounty-5Invcybersecurity, penetration-testing, bug-bounty, web-development, hacking03-Apr-2025
How I Found a CSRF Vulnerability Leading to Account Takeover ($2,000 Bounty)https://medium.com/@nareshkandula54/how-i-found-a-csrf-vulnerability-leading-to-account-takeover-2-000-bounty-3dc408f2f134?source=rss------bug_bounty-5Naresh Kandulabug-bounty-writeup, csrf-attack, csrf-protection, bug-bounty, bugbounty-writeup03-Apr-2025
Reverse Engineering a Browser Extension Led Me to a Dangerous Exploit! ($25,000 Bounty)https://theindiannetwork.medium.com/reverse-engineering-a-browser-extension-led-me-to-a-dangerous-exploit-25-000-bounty-c7dda4601753?source=rss------bug_bounty-5TheIndianNetworkexploitation, reverse-engineering, bug-bounty, bug-bounty-tips03-Apr-2025
React Router and the Remix’ed pathhttps://medium.com/@zhero_/react-router-and-the-remixed-path-daa48d6bd6a9?source=rss------bug_bounty-5Rachid.Ahacking, bug-bounty, react, javascript, vulnerability03-Apr-2025
How to Get GraphQL Introspection via WebSockethttps://medium.com/@blackarazi/how-to-get-graphql-introspection-via-websocket-5a1cf23e7bfc?source=rss------bug_bounty-5Azhari Harahapapplication-security, graphql, api-security, bug-bounty, websocket03-Apr-2025
Advanced File Upload Techniques Worth $1000-$5000https://infosecwriteups.com/advanced-file-upload-techniques-worth-1000-5000-66ad72a124bb?source=rss------bug_bounty-5Abhijeet Kumawatfile-upload-vulnerability, hacking, bug-bounty, infosec, cybersecurity03-Apr-2025
Web Security Bug Bounty Write-Up: Bypassing Authentication via Logical Flawhttps://medium.com/@MGtrix/web-security-bug-bounty-write-up-bypassing-authentication-via-logical-flaw-40fb70e861ea?source=rss------bug_bounty-5Meysam Kheiri Koedlarctf-writeup, bug-bounty, penetration-testing, cybersecurity, web-security03-Apr-2025
Internet Printing Protocol (IPP) — Port 631 — How to exploit?https://medium.com/@verylazytech/internet-printing-protocol-ipp-port-631-how-to-exploit-d234cf91487e?source=rss------bug_bounty-5Very Lazy Techhacking, penetration-testing, ethical-hacking, port-631, bug-bounty03-Apr-2025
0-Click Account Takeover on Any Website: A Hacker’s Worst Nightmare ⚡️https://medium.com/@vipulsonule71/0-click-account-takeover-on-any-website-a-hackers-worst-nightmare-%EF%B8%8F-b11cefdb3d57?source=rss------bug_bounty-5Vipul Sonuleai, hacking, bug-bounty, cybersecurity, penetration-testing03-Apr-2025
Bypassing Email Verificationhttps://ehteshamulhaq198.medium.com/bypassing-email-verification-299d94230724?source=rss------bug_bounty-5Ehtesham Ul Haqpentesting, writeup, email-verification, bug-bounty-tips, bug-bounty03-Apr-2025
From Bug Report to HOF: My first valid bug triage from NASA VDPhttps://medium.com/@nani.yashwanth12/from-bug-report-to-hof-my-first-valid-bug-triage-from-nasa-vdp-36a8a1c65072?source=rss------bug_bounty-5Yashwanthsecurity, cybersecurity, bugcrowd, bug-bounty-writeup, bug-bounty03-Apr-2025
Privilege Escalation using SUDO || Exploit SUDO Misconfigurationhttps://medium.com/@hrofficial62/privilege-escalation-using-sudo-exploit-sudo-misconfiguration-f647313c2d72?source=rss------bug_bounty-5Mr Horbiocybersecurity, pentesting, hacking, bug-bounty, ethical-hacking03-Apr-2025
Hacking Workspace for Fun & Profit: Part Ihttps://0xh7ml.medium.com/hacking-workspace-for-fun-profit-part-i-cd28467ea5c6?source=rss------bug_bounty-5Md Saikatbug-bounty-writeup, bug-bounty, infosec03-Apr-2025
Don’t Miss Any Authentication Layer: Bypassing Password Verification for Unauthorized Account…https://hackersatty.medium.com/dont-miss-any-authentication-layer-bypassing-password-verification-for-unauthorized-account-46113106828b?source=rss------bug_bounty-5hackersattymedium, bug-bounty-writeup, bug-bounty, idor, access-control03-Apr-2025
How I Hacked The Chattisgarh High Court Government Portalhttps://medium.com/@digvijaysunil/how-i-hacked-the-chattisgarh-high-court-government-portal-3c26f56186fe?source=rss------bug_bounty-5digvijaysunilcybersecurity, vulnerability, ethical-hacking, hacking, bug-bounty03-Apr-2025
From “Not Reproducible” to Recognition: Reflected XSS on NASAhttps://medium.com/@dikstha1409/from-not-reproducible-to-recognition-reflected-xss-on-nasa-1bc008d1d459?source=rss------bug_bounty-5Dikshya Shresthanasa, bug-bounty-writeup, xss-attack, bug-bounty, recognition03-Apr-2025
Failed XSS? CRLF to the Rescuehttps://anontuttuvenus.medium.com/failed-xss-crlf-to-the-rescue-5febfc03b809?source=rss------bug_bounty-5Anon Tuttu Venusbug-bounty-writeup, penetration-testing, xss-attack, crlf-injection, bug-bounty03-Apr-2025
Email Content Html Injectionhttps://medium.com/@gadashov/email-content-html-injection-9f3132ed4056?source=rss------bug_bounty-5gadashovbug-hunting, bug-bounty, injection, penetration-testing, html-injection03-Apr-2025
Developers Mistake Leads to Bountiesss$$$…https://infosecwriteups.com/developers-mistake-leads-to-bountiesss-088cf2c2ce51?source=rss------bug_bounty-5It4chis3cbug-bounty-tips, bug-bounty, secrets, bug-bounty-writeup, mistakes03-Apr-2025
Same OTP for Email & Phone? Yep, That’s a Bug!https://strangerwhite.medium.com/same-otp-for-email-phone-yep-thats-a-bug-f346668bece6?source=rss------bug_bounty-5StrangeRwhitecybersecurity, otp-bypass, information-technology, hacking, bug-bounty03-Apr-2025
Silent Sabotage: Exploiting Stored XSS in a Chat Featurehttps://medium.com/@youssefhussein212103168/silent-sabotage-exploiting-stored-xss-in-a-chat-feature-71108606b10b?source=rss------bug_bounty-5Youssefhusseinpenetration-testing, xss-attack, stored-xss, bug-bounty, cybersecurity03-Apr-2025
How I Turned a 403 Forbidden Into a Goldminehttps://infosecwriteups.com/how-i-turned-a-403-forbidden-into-a-goldmine-738cdf1407aa?source=rss------bug_bounty-5Iskimoney, bug-bounty-tips, bug-bounty, hacking, cybersecurity03-Apr-2025
Bug bounty: It’s not competition, it’s constant evolutionhttps://medium.com/@ce.barquet/bug-bounty-its-not-competition-it-s-constant-evolution-ffa674462689?source=rss------bug_bounty-5Luthiercbug-bounty, cybersecurity, vulnerability, technology03-Apr-2025
JWT Token Manipulation: Explotando Vulnerabilidades en la Autenticación Webhttps://medium.com/@zsodex/jwt-token-manipulation-explotando-vulnerabilidades-en-la-autenticaci%C3%B3n-web-7f416c1db6b6?source=rss------bug_bounty-5zSodexcybersecurity, pentesting, hacking, bug-bounty, hackthebox03-Apr-2025
How I Uncovered a Sneaky DOM XSS Bug in a Popular Social Media Platform — And Scored a $4,000 Bug…https://theindiannetwork.medium.com/how-i-uncovered-a-sneaky-dom-xss-bug-in-a-popular-social-media-platform-and-scored-a-4-000-bug-892c7a9f3694?source=rss------bug_bounty-5TheIndianNetworkdom, dom-xss, bug-bounty, bug-bounty-tips, xss-attack02-Apr-2025
Price Tampering Vulnerability in the Supreme Court of Indiahttps://medium.com/@deepak7903800/price-tampering-vulnerability-in-the-supreme-court-of-india-4bd3046b2bb9?source=rss------bug_bounty-5Deepak kumarbug-bounty, info-sec-writeups, cybersecurity, hacking, information-security02-Apr-2025
You Say Premium Features? Well, Not Anymorehttps://medium.com/@ahmed_salem/you-say-premium-features-well-not-anymore-e15d5afc14c9?source=rss------bug_bounty-5Ahmed Salemcybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-writeup02-Apr-2025
Reverse Shell Commands and How to Detect Themhttps://medium.com/@paritoshblogs/reverse-shell-commands-and-how-to-detect-them-084884150776?source=rss------bug_bounty-5Paritoshbug-bounty, reverse-shell, information-technology, hacking, reverse-proxy02-Apr-2025
Web Security Vulnerabilities Every Pentester Should Know :https://medium.com/@shamzen96/web-security-vulnerabilities-every-pentester-should-know-742f1e0fda42?source=rss------bug_bounty-5Shivam Rajcybersecurity, bug-bounty, penetration-testing, ethical-hacking, web302-Apr-2025
5 Critical AWS Vulnerabilities You’re Responsible For (And How to Fix Them)https://medium.com/@Cyber-AppSec/5-critical-aws-vulnerabilities-youre-responsible-for-and-how-to-fix-them-f7500c3e41fb?source=rss------bug_bounty-5Cyber-AppSecaws, cyber-security-awareness, aws-security, bug-bounty, information-security02-Apr-2025
How This Simple Account Takeover Gave Me 800 EURhttps://medium.com/@dineshnarasimhan27/how-this-simple-account-takeover-gave-me-800-eur-7d88a2d13a56?source=rss------bug_bounty-5Dinesh Narasimhanbug-bounty-tips, account-takeover, bug-bounty-writeup, bug-bounty, hackerone02-Apr-2025
How I Discovered a Critical Store XSS Vulnerability and Earned a $7,000 Bounty — My Struggle…https://theindiannetwork.medium.com/how-i-discovered-a-critical-store-xss-vulnerability-and-earned-a-7-000-bounty-my-struggle-38d67b6f8ec8?source=rss------bug_bounty-5TheIndianNetworkbug-bounty-tips, xss-attack, bug-bounty, xss-vulnerability, stored-xss02-Apr-2025
How I Found an SMTP Injection Bug & Earned $800 in Just 30 Minutes!https://theindiannetwork.medium.com/ehow-i-found-an-smtp-injection-bug-earned-800-in-just-30-minutes-562f7e3b9a4a?source=rss------bug_bounty-5TheIndianNetworksmtp-injection, bug-bounty, email-spoofing, bug-bounty-tips, smtp02-Apr-2025
How I Stumbled Upon a $5$$$ Data Leak — Just by Googling!https://medium.com/@iski/how-i-stumbled-upon-a-5-data-leak-just-by-googling-99acd54fa7ac?source=rss------bug_bounty-5Iskibug-bounty, money, bug-bounty-tips, hacking, cybersecurity02-Apr-2025
Zero to Pro The Ultimate Guide to CDX API for Your Bug Bounty Recon Journey: Let’s talk about the…https://myselfakash20.medium.com/zero-to-pro-the-ultimate-guide-to-cdx-api-for-your-bug-bounty-recon-journey-lets-talk-about-the-353946e67872?source=rss------bug_bounty-5Akash Ghoshbug-bounty-writeup, cybersecurity, technology, bug-bounty, bug-bounty-tips02-Apr-2025
My First NASA Bug Hunt — A Learning Experience!https://medium.com/@warang.harmit/my-first-nasa-bug-hunt-a-learning-experience-9177b2eac0b0?source=rss------bug_bounty-5Harmit Warang (hwrng0x)cybersecurity, ethical-hacking, infosec, bug-bounty, nasa02-Apr-2025
Earn Bounty by just Reading.https://medium.com/@anandrishav2228/earn-bounty-by-just-reading-dffda7e4744f?source=rss------bug_bounty-5Rishav anandcybersecurity, bug-bounty, hacking, ai, money02-Apr-2025
How to Find Your First Bughttps://infosecwriteups.com/how-to-find-your-first-bug-52f3d57cd63e?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, infosec, hacking, cybersecurity, ai02-Apr-2025
Bug Bounty Tips: Mastering XML-RPC Exploits Like a Prohttps://frostyxsec.medium.com/bug-bounty-hunters-mastering-xml-rpc-exploits-like-a-pro-8c9fa4c003cc?source=rss------bug_bounty-5Frostyxsecbug-hunting, bug-bounty-hunter, bug-bounty-tips, bug-bounty, bug-bounty-writeup02-Apr-2025
Unlocking My First Bug Bounty: The Power of XSS Exploits Revealed!https://medium.com/@rajeevmaurya82/unlocking-my-first-bug-bounty-the-power-of-xss-exploits-revealed-cbaa0ce98cc3?source=rss------bug_bounty-5Rajeevmauryabug-bounty-tips, bug-bounty, cybersecurity, xss-attack, bug-bounty-writeup02-Apr-2025
How I Bypassed an API Security Checkhttps://medium.com/@iamshafayat/how-i-bypassed-an-api-security-check-db99fbd8551d?source=rss------bug_bounty-5Shafayat Ahmed Alifbug-bounty-writeup, cybersecurity, hacking, bug-bounty, bug-bounty-tips02-Apr-2025
8 Powerful Account Takeover (ATO) Methods and How to Exploit Themhttps://medium.com/@verylazytech/8-powerful-account-takeover-ato-methods-and-how-to-exploit-them-4bafa2bdb0d0?source=rss------bug_bounty-5Very Lazy Techpenetration-testing, hacking, bug-bounty, oscp, ethical-hacking02-Apr-2025
$25,000 Bounty just for sensitive information disclosurehttps://infosecwriteups.com/25-000-bounty-just-for-sensitive-information-disclosure-c4f6c5a81795?source=rss------bug_bounty-5Mr Horbiopentesting, hacking, cybersecurity, hackerone, bug-bounty02-Apr-2025
My Experience Reporting an XSS Vulnerability on Shein to HackerOnehttps://medium.com/@24bkdoor/my-experience-reporting-an-xss-vulnerability-on-shein-to-hackerone-f482279a5e19?source=rss------bug_bounty-524BkDoorbug-bounty, ethical-hacking, web, web-security, cybersecurity02-Apr-2025
“Hacking the Hackers!” — Saving the HackerOne from Data Breachhttps://medium.com/@avinash_/hacking-the-hackers-saving-the-hackerone-from-data-breach-75e313fa4898?source=rss------bug_bounty-5Avinash Kumarbug-bounty, bug-bounty-writeup, bug-bounty-tips, hackerone, hacking02-Apr-2025
Detecting and Blocking a Stealthy Adware: BJCAUpdate.exe Case Studyhttps://medium.com/@muhammetalgan3547/detecting-and-blocking-a-stealthy-adware-bjcaupdate-exe-case-study-d5cee8d7f248?source=rss------bug_bounty-5Muhammet ALGANhacking, cybersecurity, malware, bug-bounty02-Apr-2025
How i do reconhttps://osintteam.blog/how-i-do-recon-d24bea0ff421?source=rss------bug_bounty-5Canonminibeasthacking, bug-bounty-tips, bug-bounty-writeup, bug-bounty, reconnaissance02-Apr-2025
Cómo un Bug Bounty de $5,000 Puede Nacer de una Lectura Arbitraria de Archivos en Jenkinshttps://medium.com/@zsodex/explotaci%C3%B3n-de-jenkins-lectura-arbitraria-de-archivos-y-escalada-de-privilegios-00197146678e?source=rss------bug_bounty-5zSodexjenkins, bug-bounty, oscp-preparation, hackthebox, penetration-testing02-Apr-2025
How to Get Into Cybersecurity With No Experience? The Ultimate Beginner’s Guide (2025)https://medium.com/@noahlott/how-to-get-into-cybersecurity-with-no-experience-the-ultimate-beginners-guide-2025-43b938d6d31b?source=rss------bug_bounty-5Noah Lottbug-bounty, pentesting, beginners-guide, how-to, cybersecurity02-Apr-2025
Understanding HTTP Headers: A Bug Bounty Hunter’s Guide to Hidden Secrets️https://medium.com/@kazixabbir/understanding-http-headers-a-bug-bounty-hunters-guide-to-hidden-secrets-%EF%B8%8F-f52c5b297668?source=rss------bug_bounty-5Kazi Sabbirweb-security, bug-bounty, cybersecurity, ethical-hacking, web-development02-Apr-2025
Overprivileged API and Remote Code Execution (RCE)https://medium.com/@rkvb/overprivileged-api-and-remote-code-execution-rce-0fa5e52b022d?source=rss------bug_bounty-5RkVbinfosec, bug-bounty-writeup, cybersecurity, bug-bounty, hacking02-Apr-2025
In-Depth Explanation of Each TCP Flaghttps://medium.com/@zoningxtr/in-depth-explanation-of-each-tcp-flag-622d589b60e4?source=rss------bug_bounty-5Zoningxtrpentesting, bug-bounty, tcp, ai, cybersecurity02-Apr-2025
The “Oops, I Own Your Account” Password Reset Bughttps://medium.com/@dineshkumar_56604/the-oops-i-own-your-account-password-reset-bug-8d7d5fea980a?source=rss------bug_bounty-5Dinesh Kumarethical-hacking, cybersecurity, bug-bounty02-Apr-2025
2FA Bypass By Response Manipulationhttps://medium.com/@FuzzyyDuck/2fa-bypass-by-response-manipulation-f599c2e3341f?source=rss------bug_bounty-5Fuzzyy Duckbug-bounty, bug-bounty-writeup, authentication-bypass, 2fa-authentication, 2fa-bypass01-Apr-2025
Best Tools for Bug Bounty Hunters: A Professional Guidehttps://theindiannetwork.medium.com/best-tools-for-bug-bounty-hunters-a-professional-guide-b939335f4b9d?source=rss------bug_bounty-5TheIndianNetworkhacking-tools, bug-bounty, bug-bounty-tips, hacker, bug-bounty-writeup01-Apr-2025
PATH HIJACKING TECHNIQUE THAT HELPS IN PRIVILEGE ESCALATIONhttps://infosecwriteups.com/path-hijacking-technique-that-helps-in-privilege-escalation-b2e12207ea7a?source=rss------bug_bounty-5Mr Horbiobug-bounty, cybersecurity, pentesting, hacking, ethical-hacking01-Apr-2025
dKargo Warehouse Testnet Bug Bounty Programhttps://medium.com/dkargo-eng/dkargo-warehouse-testnet-bug-bounty-program-9d70de4d2e7f?source=rss------bug_bounty-5dKargobug-bounty, announcements, testnet, dkargo, warehouse01-Apr-2025
API Recon via Google Dorkinghttps://medium.com/developersglobal/api-recon-via-google-dorking-5e72203dccc3?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, pentesting, cybersecurity, bug-bounty, api-testing01-Apr-2025
Never leave any API endpoint request unchecked during login or sign-up!https://hiddendom.medium.com/never-leave-any-api-endpoint-request-unchecked-during-login-or-sign-up-2df8230de2ca?source=rss------bug_bounty-5Gokuleswaran Bbug-bounty-writeup, bug-bounty-tips, publications-on-medium, bug-bounty, indian-post-office01-Apr-2025
Practical SQL Injection Exploitation Cheat Sheethttps://medium.com/@verylazytech/practical-sql-injection-exploitation-cheat-sheet-75c75548f281?source=rss------bug_bounty-5Very Lazy Techsql-injection, ethical-hacking, hacking, bug-bounty, penetration-testing01-Apr-2025
A to Z বাগ বাউন্টি গাইড (HackerOne & Bugcrowd)https://medium.com/@INTELEON404/a-to-z-%E0%A6%AC%E0%A6%BE%E0%A6%97-%E0%A6%AC%E0%A6%BE%E0%A6%89%E0%A6%A8%E0%A7%8D%E0%A6%9F%E0%A6%BF-%E0%A6%97%E0%A6%BE%E0%A6%87%E0%A6%A1-hackerone-bugcrowd-e31e9eb8c8a4?source=rss------bug_bounty-5SHEIKH MOHAMMAD ADILbugcrowd, hackerone, bug-bounty, roadmaps, bug-hunting01-Apr-2025
Find open directories in your bug bounty&pentesting targets.https://medium.com/@loyalonlytoday/find-open-directories-in-your-bug-bounty-pentesting-targets-d8b96f13760f?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, bug-bounty, penetration-testing, hacking, cybersecurity01-Apr-2025
How My Name Crashed a Welcome Party: SSI to RCE Surprise! with $$$$https://medium.com/@iski/how-my-name-crashed-a-welcome-party-ssi-to-rce-surprise-with-f9b8a05ad138?source=rss------bug_bounty-5Iskihacking, bug-bounty-tips, bug-bounty, money, cybersecurity01-Apr-2025
2FA Bypass Using a Simple trickhttps://medium.com/@FuzzyyDuck/2fa-bypass-by-response-manipulation-f599c2e3341f?source=rss------bug_bounty-5Fuzzyy Duckbug-bounty, bug-bounty-writeup, authentication-bypass, 2fa-authentication, 2fa-bypass01-Apr-2025
The Road to CRTP Cert - Part 30https://medium.com/@dineshkumaar478/the-road-to-crtp-cert-part-30-7f87ad387a35?source=rss------bug_bounty-5Dineshkumaar Roffensive-security, cybersecurity, hacking, bug-bounty, hackerone01-Apr-2025
How I Hacked the Voting System: A Deep Dive into Firebase and Firestore Security Vulnerabilitieshttps://medium.com/@anonymoussaid27/how-i-hacked-the-voting-system-a-deep-dive-into-firebase-and-firestore-security-vulnerabilities-f12227d1888b?source=rss------bug_bounty-5Anonymous27hacking, cybersecurity, penetration-testing, bug-bounty, firestore-database01-Apr-2025
Top 10 SSRF (Server-Side Request Forgery) Payloads That Workhttps://medium.com/@vipulsonule71/top-10-ssrf-server-side-request-forgery-payloads-that-work-74fe68b381fa?source=rss------bug_bounty-5Vipul Sonuleai, technology, bug-bounty, cybersecurity, hacking01-Apr-2025
You need to stop making this mistake in Bug Bounty!https://medium.com/@deadoverflow/you-need-to-stop-making-this-mistake-in-bug-bounty-924725c66e68?source=rss------bug_bounty-5Imad Husanovicprogramming, cybersecurity, hacking, bug-bounty, bug-bounty-tips01-Apr-2025
Easy $300: Template Injectionhttps://infosecwriteups.com/easy-300-template-injection-2ea1fc32cf07?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, bug-bounty, template-injection, hacking, cybersecurity01-Apr-2025
How to Find API Keys Leaked in Public Repositorieshttps://medium.com/@vipulsonule71/how-to-find-api-keys-leaked-in-public-repositories-d5bfd29dedd9?source=rss------bug_bounty-5Vipul Sonuleai, bug-bounty, hacking, penetration-testing, cybersecurity01-Apr-2025
Advanced Google Dorking | Part 18https://osintteam.blog/advanced-google-dorking-part-18-c96469860e01?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, bug-bounty-tips, pentesting, ethical-hacking, cybersecurity01-Apr-2025
Business Logic Error Leads to Unauthorized Privilege Downgrade of Report Ownerhttps://som3a.medium.com/business-logic-error-leads-to-unauthorized-privilege-downgrade-of-report-owner-d34fcb43e0f3?source=rss------bug_bounty-50xSOM3Abug-bounty, pentesting, bug-bounty-tips, cybersecurity, business-logic-bug01-Apr-2025
Never leave any API endpoint request unchecked during login or sign-up!https://systemweakness.com/never-leave-any-api-endpoint-request-unchecked-during-login-or-sign-up-2df8230de2ca?source=rss------bug_bounty-5Gokuleswaran Bbug-bounty-writeup, bug-bounty-tips, publications-on-medium, bug-bounty, indian-post-office01-Apr-2025
IDOR Vulnerability in Payment Gateway Exposing User Order Detailshttps://medium.com/@Oiluminado_x86/idor-vulnerability-in-payment-gateway-exposing-user-order-details-d96d8e9453b8?source=rss------bug_bounty-5O iluminado_x86bug-bounty, cybersecurity, hacking, bug-bounty-tips31-Mar-2025
How I Hacked the IRCTC eCatering Portalhttps://medium.com/@deepak7903800/how-i-hacked-the-irctc-ecatering-portal-e25aeb074b7e?source=rss------bug_bounty-5Deepak kumarinformation-security, bug-bounty, ctf, hacking, cybersecurity31-Mar-2025
Next.js Middleware Authentication Bypass (CVE-2025–29927): Exploitation, Impact, and Mitigationhttps://medium.com/@prashunbaral/next-js-middleware-authentication-bypass-cve-2025-29927-exploitation-impact-and-mitigation-2810f6f76bd9?source=rss------bug_bounty-5Prashun Baralbug-bounty, cve-2025-29927, nextjs, vulnerability, cybersecurity31-Mar-2025
Advanced Fuzzing to find entry points to serious bugs!https://aarnavsaboo.medium.com/fuzz-yo-67c26b24c7a0?source=rss------bug_bounty-5Aarnav Saboonetworking, bug-bounty, cybersecurity, vulnerability, ethical-hacking31-Mar-2025
AI-Powered SaaS Security: The Key to Protecting an Expanding Attack Surfacehttps://medium.com/@Cyber-AppSec/ai-powered-saas-security-the-key-to-protecting-an-expanding-attack-surface-9d3e4a34364d?source=rss------bug_bounty-5Cyber-AppSecbug-bounty, bug-bounty-tips, application-security, information-technology, information-security31-Mar-2025
How I Made $9,000 in One Month from Bug Bountyhttps://eulex.medium.com/how-i-made-9-000-in-one-month-from-bug-bounty-9403147b4d07?source=rss------bug_bounty-5Milad Safdari (Eulex)bug-bounty, bug-bounty-tips, vulnerability, hacking, security-research31-Mar-2025
How I Accidentally Became the Sherlock Holmes of RCE! and made $$$https://medium.com/@iski/how-i-accidentally-became-the-sherlock-holmes-of-rce-and-made-b8857eefeecb?source=rss------bug_bounty-5Iskihacking, infosec, cybersecurity, bug-bounty, money31-Mar-2025
Why is this the ultimate SQL injection tool out there in the markethttps://medium.com/@gasmask/sqlmap-on-steroids-unleashing-sql-injection-b4602eefd4a3?source=rss------bug_bounty-5gasmaskhacking, linux, sqlmap, bug-bounty, penetration-testing31-Mar-2025
Never Underestimate Any API Key Leak. This is why I Got a Hall of Fame from “Your Dost”https://hiddendom.medium.com/never-underestimate-any-api-key-leak-this-is-why-i-got-a-hall-of-fame-from-your-dost-25ef5a32dc7e?source=rss------bug_bounty-5Gokuleswaran Bpenetration-testing, bug-bounty, bug-bounty-writeup, bug-bounty-tips, firebase31-Mar-2025
Bug Bounty Tips: Exploiting .git File Disclosure for Fun & Profithttps://frostyxsec.medium.com/bug-bounty-tips-exploiting-git-file-disclosure-for-fun-profit-5a85e82e580c?source=rss------bug_bounty-5Frostyxsecbug-hunting, bug-bounty-tips, bug-bounty, cybersecurity, bug-hunter31-Mar-2025
From LFI to RCE: How I Turned a File Read into Shell Accesshttps://medium.com/@sujeetkamblesrk/from-lfi-to-rce-how-i-turned-a-file-read-into-shell-access-073ec2e5501e?source=rss------bug_bounty-5Sujeetkamblesrkcybersecurity, bug-bounty31-Mar-2025
The Ultimate Roadmap to Becoming a Bug Bounty Hunterhttps://medium.com/@aashifm/the-ultimate-roadmap-to-becoming-a-bug-bounty-hunter-7d4e0cedf5fd?source=rss------bug_bounty-5127.0.0.1roadmaps, bug-bounty, bugs, vulnerability, tools31-Mar-2025
Bug Bounty Automation: Save Time with These Smart Hacking Scripts — @verylazytechhttps://medium.com/@verylazytech/bug-bounty-automation-save-time-with-these-smart-hacking-scripts-verylazytech-5b42f6602636?source=rss------bug_bounty-5Very Lazy Techethical-hacking, subdomain, penetration-testing, bug-bounty, hacking31-Mar-2025
DorkMine — Unleash the Power of Google Dorking Like Never Before!https://gktomic.medium.com/dorkmine-unleash-the-power-of-google-dorking-like-never-before-0eca2f05e111?source=rss------bug_bounty-5Gopalakrishnancybersecurity, google-dorking, bug-bounty-writeup, bug-bounty, bug-bounty-tips31-Mar-2025
How I Accidentally Became the Sherlock Holmes of RCE! and made $$$https://infosecwriteups.com/how-i-accidentally-became-the-sherlock-holmes-of-rce-and-made-b8857eefeecb?source=rss------bug_bounty-5Iskihacking, infosec, cybersecurity, bug-bounty, money31-Mar-2025
I Went on the Dark Web and Instantly Regretted Ithttps://medium.com/@vipulsonule71/i-went-on-the-dark-web-and-instantly-regretted-it-3fffd0583f03?source=rss------bug_bounty-5Vipul Sonuletech, cybersecurity, darkweb, hacking, bug-bounty31-Mar-2025
How I Hacked My School Website (And Reported It!)https://medium.com/@jithendhriyen/how-i-hacked-my-school-website-and-reported-it-ce5882b0f17a?source=rss------bug_bounty-5jithendhriyenvulnerability, sql-injection, bug-bounty, information-security, hacking31-Mar-2025
ClatScope: The Ultimate OSINT Tool for Bug Bounty Hunters & Cyber Sleuths!https://medium.com/@pentesterclubpvtltd/clatscope-the-ultimate-osint-tool-for-bug-bounty-hunters-cyber-sleuths-7a1ea4dbbb65?source=rss------bug_bounty-5Pentester Clubcybersecurity, ctf, bug-bounty, osint, hacking31-Mar-2025
Eyes OSINT: The Ultimate Bug Bounty Tool for Hackers & Cyber Sleuths!https://medium.com/@pentesterclubpvtltd/eyes-osint-the-ultimate-bug-bounty-tool-for-hackers-cyber-sleuths-4bcd8c89b428?source=rss------bug_bounty-5Pentester Clubbug-bounty, hacking, osint, cybersecurity, ctf31-Mar-2025
Master NFS Enumeration with RPCScan & SuperEnum | Ultimate Bug Bounty & Pentesting Guide!https://medium.com/@pentesterclubpvtltd/master-nfs-enumeration-with-rpcscan-superenum-ultimate-bug-bounty-pentesting-guide-aa4da7cf077c?source=rss------bug_bounty-5Pentester Clubcybersecurity, hacking, bug-bounty, ctf, massage-therapy31-Mar-2025
I Found a Critical Bug in JWT Authentication and Earned $10,000 — Here’s How You Can Too!https://theindiannetwork.medium.com/i-found-a-critical-bug-in-jwt-authentication-and-earned-10-000-heres-how-you-can-too-8cec94913727?source=rss------bug_bounty-5TheIndianNetworkjwt, bug-bounty, jwt-token, bug-bounty-tips, auth-bypass31-Mar-2025
My First Bug Bounty Success: Earning $500 by Uncovering a DoS Vulnerabilityhttps://medium.com/@entit_y/my-first-bug-bounty-success-earning-500-by-uncovering-a-dos-vulnerability-f0456eb72576?source=rss------bug_bounty-5Entit_ybug-bounty-writeup, web-hacking, cybersecurity, bug-bounty, bug-bounty-tips31-Mar-2025
Understanding Length Extension Attackshttps://medium.com/@mark-r/understanding-length-extension-attacks-855084c0170d?source=rss------bug_bounty-5Mark Royctf-writeup, ctf, ctf-walkthrough, bug-bounty, penetration-testing30-Mar-2025
Unauthorized Therapist Association Vulnerabilityhttps://medium.com/@EL_cazad0r/unauthorized-therapist-association-vulnerability-bd2979914af1?source=rss------bug_bounty-5EL_Cazad0rbug-bounty-writeup, bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips30-Mar-2025
The Dark Side of Bug Bounty: From Rewards to Punishmenthttps://medium.com/@krivadna_87390/the-dark-side-of-bug-bounty-from-rewards-to-punishment-544a1a6f526e?source=rss------bug_bounty-5Krivadnapenetration-testing, infosec-write-ups, bug-bounty, bugbounty-writeup, cybersecurity30-Mar-2025
This Tool Helped me to find ORIGIN IP(Automated way)https://infosecwriteups.com/this-tool-helped-me-to-find-origin-ip-automated-way-9a95632d65fe?source=rss------bug_bounty-5Canonminibeastbug-bounty, cloudflare, ip, cybersecurity, hacking30-Mar-2025
Recently, I explored an efficient Small Scope Recon approach!https://medium.com/@parthchheda777/recently-i-explored-an-efficient-small-scope-recon-approach-3c46a3bc549e?source=rss------bug_bounty-5Parthchhedapenetration-testing, cybersecurity, bug-bounty30-Mar-2025
Medium and Large Scope Reconhttps://medium.com/@parthchheda777/medium-and-large-scope-recon-8fb8dd9eab15?source=rss------bug_bounty-5Parthchhedacybersecurity, osint, penetration-testing, bug-bounty30-Mar-2025
How I Discovered an Account Takeover Vulnerability (And Earned $300!)https://cybertamarin.medium.com/how-i-discovered-an-account-takeover-vulnerability-and-earned-300-063432bf8e1c?source=rss------bug_bounty-5Cyber Tamarinethical-hacking, bug-bounty, web-security, cybersecurity30-Mar-2025
How I Made $2000 from an Easy Bughttps://infosecwriteups.com/how-i-made-2000-from-an-easy-bug-a05f48e6c7c2?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, hacking, cybersecurity, bug-bounty, money30-Mar-2025
Unlock Exclusive Discounts on My Udemy Courses!https://medium.com/@deepdive4learn/unlock-exclusive-discounts-on-my-udemy-courses-829d1635a2f1?source=rss------bug_bounty-5DeepDive4learnweb-development, penetration-testing, bug-bounty, cybersecurity, aws-certification30-Mar-2025
The $1.7 Billion Blind Spot: How Web2 Flaws Are Wrecking Web3 Projects from the Insidehttps://fr3ak-hacks.medium.com/the-1-7-billion-blind-spot-how-web2-flaws-are-wrecking-web3-projects-from-the-inside-bf03bbf1ef81?source=rss------bug_bounty-5Anindya Sankar Royweb3-security, bug-bounty, web3, web3bugbounty, cryptocurrency30-Mar-2025
How I Found a Payment Tampering Bug and Almost Paid Zero Dollars!https://infosecwriteups.com/how-i-found-a-payment-tampering-bug-and-almost-paid-zero-dollars-0933297f77f0?source=rss------bug_bounty-5Iskibug-bounty, infosec, money, cybersecurity, hacking30-Mar-2025
Privilege Escalation via Registration Feature Writeuphttps://medium.com/@malvinval/privilege-escalation-via-registration-feature-writeup-3f02c66b2391?source=rss------bug_bounty-5Malvin Valerianethical-hacking, cyber-security-awareness, bug-bounty, bug-bounty-writeup30-Mar-2025
Find Subdomains Like a Pro!https://medium.com/@dharineeshj2/find-subdomains-like-a-pro-df2c169ce153?source=rss------bug_bounty-5Hack-Batbug-bounty, security, penetration-testing, hacking, cybersecurity30-Mar-2025
NoSQL Injection: How to Exploit, Identify, and Prevent (Step-by-Step Guide)https://medium.com/@verylazytech/nosql-injection-how-to-exploit-identify-and-prevent-step-by-step-guide-a6c8b7ab60d6?source=rss------bug_bounty-5Very Lazy Techpenetration-testing, nosql, exploit, ethical-hacking, bug-bounty30-Mar-2025
How to Find P4 Bugs Easily ️‍♂️https://medium.com/@vipulsonule71/how-to-find-p4-bugs-easily-%EF%B8%8F-%EF%B8%8F-e2b35416b82d?source=rss------bug_bounty-5Vipul Sonulehacking, ethical-hacking, bug-bounty, penetration-testing, bug-bounty-tips30-Mar-2025
Cybersecurity in the Age of Remote Work: Protecting Your Workforcehttps://medium.com/@nomitvyas.suncity/cybersecurity-in-the-age-of-remote-work-protecting-your-workforce-2220310aa4df?source=rss------bug_bounty-5Nomit Vyashacking, cybersecurity, news, bug-bounty, politics30-Mar-2025
How I Uncovered Sensitive Data in a Public Config File and Injected Fake Logshttps://medium.com/@iamshafayat/how-i-uncovered-sensitive-data-in-a-public-config-file-and-injected-fake-logs-46496eb18f50?source=rss------bug_bounty-5Shafayat Ahmed Alifbug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup, bug-bounty-methodology30-Mar-2025
How I Bypassed 2 layers 2FA on a B2B Site,an awesome experience!https://take0verx0.medium.com/how-i-bypassed-2fa-on-a-b2b-site-and-earned-a-critical-bug-bounty-ea4ff9e4094b?source=rss------bug_bounty-5Shahariar Aminbug-bounty-tips, bug-bounty30-Mar-2025
Eldoria Realms — HackTheBox — Cyber Apocalypse 2025https://medium.com/@dassomnath/eldoria-realms-hackthebox-cyber-apocalypse-2025-ecde31783ec9?source=rss------bug_bounty-5Somnath Dashacking, web, bug-bounty, ctf, ctf-writeup30-Mar-2025
Bug Bounty Hunter’s Nightmare: The Dark Secrets No One Talks About! ⚠️https://theindiannetwork.medium.com/bug-bounty-hunters-nightmare-the-dark-secrets-no-one-talks-about-%EF%B8%8F-f20971abcbee?source=rss------bug_bounty-5TheIndianNetworkbug-bounty, bugs, bug-bounty-writeup, bug-bounty-tips, bug-zero30-Mar-2025
I Bypassed Admin Panel & Stole Data in Minutes! Easility Worth $7500 (Real-World Exploit)https://theindiannetwork.medium.com/i-bypassed-admin-panel-stole-data-in-minutes-easility-worth-7500-real-world-exploit-da9b23fcdb4a?source=rss------bug_bounty-5TheIndianNetworkbug-bounty-tips, bug-bounty-writeup, bug-bounty, broken-access-control, idor30-Mar-2025
Will AI Steal My Job as a Bug Hunter? The Truth About ChatGPT & Cybersecurityhttps://medium.com/dare-to-be-better/will-ai-steal-my-job-as-a-bug-hunter-the-truth-about-chatgpt-cybersecurity-48897ec03ace?source=rss------bug_bounty-5Ahmad Javedai, cybersecurity, chatgpt, bug-bounty, tech-trends29-Mar-2025
150,000 Websites Hijacked by JavaScript Injection: How Hackers Are Promoting Chinese Gambling Siteshttps://medium.com/@Cyber-AppSec/150-000-websites-hijacked-by-javascript-injection-how-hackers-are-promoting-chinese-gambling-sites-0e1e8eb2b990?source=rss------bug_bounty-5Cyber-AppSecbug-bounty, information-technology, cybercrime, cyber-security-awareness, cybersecurity29-Mar-2025
Bug Hunting & Automationhttps://medium.com/h7w/bug-hunting-automation-a284c3ff1967?source=rss------bug_bounty-5Monika sharmapenetration-testing, technology, tech, bug-bounty, bug-bounty-tips29-Mar-2025
Bug Bounty Tips: Subdomain Takeover — Explanation, Steps & Mitigationhttps://frostyxsec.medium.com/bug-bounty-tips-subdomain-takeover-explanation-steps-mitigation-d5be0ea7f8b1?source=rss------bug_bounty-5Frostyxsecbug-hunting, bug-bounty, cybersecurity, bug-bounty-tips, bug-hunter29-Mar-2025
Access Control in Smart Contracts: Why It’s Non-Negotiablehttps://securrtech.medium.com/access-control-in-smart-contracts-why-its-non-negotiable-79af14523f28?source=rss------bug_bounty-5Securr - Web3 Securityblockchain-security, bug-bounty, smart-contract-security, smart-contract-auditing, web3-security29-Mar-2025
Why You Need Your Own Recon Strategy in Bug Bounty (And Why Copy-Pasting Won’t Make You Rich )https://myselfakash20.medium.com/why-you-need-your-own-recon-strategy-in-bug-bounty-and-why-copy-pasting-wont-make-you-rich-faccc53b3d87?source=rss------bug_bounty-5Akash Ghoshbug-bounty-writeup, technology, bug-bounty, cybersecurity, bug-bounty-tips29-Mar-2025
How to Make Bug Bounty Easy?https://infosecwriteups.com/how-to-make-bug-bounty-easy-f2164a69048c?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, money, hacking, bug-bounty, cybersecurity29-Mar-2025
The “Immortal” Password Reset Link: A Bug Hunter’s Delighthttps://medium.com/@garvsanwariya60/the-immortal-password-reset-link-a-bug-hunters-delight-f3233066b8c9?source=rss------bug_bounty-5Garvsanwariyaweb-hacking, hacking, bug-bounty-tips, cyber-security-solutions, bug-bounty29-Mar-2025
Javascript Recon for Bug Bounty & Pentestinghttps://medium.com/meetcyber/javascript-recon-for-bug-bounty-pentesting-3b22617007ec?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, bug-bounty, pentesting, cybersecurity, ethical-hacking29-Mar-2025
Building the Ultimate Docker-Based Bug Bounty Machine: Part 3 — GUI Frontend & Advanced…https://medium.com/@WillFromSwiss/building-the-ultimate-docker-based-bug-bounty-machine-part-3-gui-frontend-advanced-4348d33fa0e5?source=rss------bug_bounty-5WillFromSwisshacking, bug-bounty, docker, metasploit, pentesting29-Mar-2025
Building the Ultimate Docker-Based Bug Bounty Machine: Part 2 — Workflows & Automationhttps://medium.com/@WillFromSwiss/building-the-ultimate-docker-based-bug-bounty-machine-part-2-workflows-automation-9beff4a8b55d?source=rss------bug_bounty-5WillFromSwissdocker, hacking-tools, bug-bounty, hacking, pentesting29-Mar-2025
Building the Ultimate Docker-Based Bug Bounty Machine: Part 1 — Setup & Installationhttps://medium.com/@WillFromSwiss/building-the-ultimate-docker-based-bug-bounty-machine-part-1-setup-installation-fe829bde99a6?source=rss------bug_bounty-5WillFromSwisshacking, automation-testing, pentesting, docker, bug-bounty29-Mar-2025
Mastering Web Pentesting with Nuclei: From Installation to Advanced Techniqueshttps://medium.com/@WillFromSwiss/mastering-web-pentesting-with-nuclei-from-installation-to-advanced-techniques-8c0d734078ee?source=rss------bug_bounty-5WillFromSwisshacking, pentesting, nucleus, bug-bounty, cybersecurity29-Mar-2025
Mastering F5 GTM (BIG-IP DNS): Advanced Traffic Management & Global Load Balancing!https://medium.com/@deepdive4learn/mastering-f5-gtm-big-ip-dns-advanced-traffic-management-global-load-balancing-36267066359a?source=rss------bug_bounty-5DeepDive4learncybersecurity, bug-bounty, load-balancing, dns, networking29-Mar-2025
Master F5 BIG-IP — Limited-Time Promo Codes Inside!https://medium.com/@deepdive4learn/master-f5-big-ip-limited-time-promo-codes-inside-178c0360f925?source=rss------bug_bounty-5DeepDive4learncybersecurity, web-development, penetration-testing, bug-bounty, aws29-Mar-2025
I Built the Ultimate Docker-Based Bug Bounty Machine That Transformed My Workflowhttps://medium.com/@WillFromSwiss/i-built-the-ultimate-docker-based-bug-bounty-machine-that-transformed-my-workflow-47a3bf651895?source=rss------bug_bounty-5WillFromSwissdocker, pentesting, bug-bounty, cybersecurity, hacking29-Mar-2025
What Happens on Next.js?https://cubeesecgroup.medium.com/what-happens-on-next-js-c1e8e6b2161b?source=rss------bug_bounty-5CUBeeSEC Securitiescve-2025-29927, bug-bounty, nextjs, vulnerability-assessment, penetration-testing29-Mar-2025
When Amazon Gave Me Free Storage (But I Gave It Back)https://medium.com/@iski/when-amazon-gave-me-free-storage-but-i-gave-it-back-9734c058cd05?source=rss------bug_bounty-5Iskicybersecurity, bug-bounty, s3-bucket, bug-bounty-tips, aws29-Mar-2025
Biggest Information Disclosure Bug I Found Today — Easily Worth $800+ in Bug Bounty!https://theindiannetwork.medium.com/biggest-information-disclosure-bug-i-found-today-easily-worth-800-in-bug-bounty-e2d5bcfb1569?source=rss------bug_bounty-5TheIndianNetworkinformation-technology, bug-bounty, information-disclosure, information-security, bug-bounty-tips29-Mar-2025
I Found Cache Poisoning & Earned $500 in Just a Few Minutes!https://theindiannetwork.medium.com/i-found-cache-poisoning-earned-500-in-just-a-few-minutes-78337a437d55?source=rss------bug_bounty-5TheIndianNetworkcache, cache-poisoning, bug-bounty-tips, bug-bounty-writeup, bug-bounty29-Mar-2025
I Found Host Header Injection & Got a Quick $1,000 Bounty! (Full Guide)https://theindiannetwork.medium.com/i-found-host-header-injection-got-a-quick-1-000-bounty-full-guide-0573ea19ab19?source=rss------bug_bounty-5TheIndianNetworkhost-header, bug-bounty-writeup, bug-bounty-tips, host-header-injection, bug-bounty29-Mar-2025
Reflected XSS via X-Forwarded-For Header on https://api.target.com/iphttps://medium.com/@ugs20b126_cic.rajesh/reflected-xss-via-x-forwarded-for-header-on-https-api-target-com-ip-96642a4a49ed?source=rss------bug_bounty-5Rajesh Sagarinfosec, bug-bounty, xss-vulnerability29-Mar-2025
A Next.js vulnerability lets attackers bypass middleware using trailing slashes and URL encoding.https://cubeesecgroup.medium.com/what-happens-on-next-js-c1e8e6b2161b?source=rss------bug_bounty-5CUBeeSEC Securitiescve-2025-29927, bug-bounty, nextjs, vulnerability-assessment, penetration-testing29-Mar-2025
Top 5 Websites for Information Gathering — Part 1https://cyberw1ng.medium.com/top-5-websites-for-information-gathering-part-1-90b36746f5b5?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, bug-bounty, programming, technology29-Mar-2025
Mastering Logic Bugs: A Checklist for Bug Hunters PART 2 { IDOR ‍}https://medium.com/@mahdisalhi0500/mastering-logic-bugs-a-checklist-for-bug-hunters-part-2-idor-6f411e90509d?source=rss------bug_bounty-5CaptinSHArky(Mahdi)bug-bounty, cybersecurity, hacking, penetration-testing, infosec29-Mar-2025
“No Good Deed Goes Unnoticed? Not in Cybersecurity.” : An unlucky hacker’s Storyhttps://medium.com/@nijina7/no-good-deed-goes-unnoticed-not-in-cybersecurity-an-unlucky-hackers-story-3ebbb74e5b9e?source=rss------bug_bounty-5Nijin Kcybersecurity, hacking, bugs, bug-bounty-writeup, bug-bounty29-Mar-2025
When Amazon Gave Me Free Storage (But I Gave It Back)https://awstip.com/when-amazon-gave-me-free-storage-but-i-gave-it-back-9734c058cd05?source=rss------bug_bounty-5Iskicybersecurity, bug-bounty, s3-bucket, bug-bounty-tips, aws29-Mar-2025
Finding Information Disclosure Bugs Like a Prohttps://osintteam.blog/finding-information-disclosure-bugs-like-a-pro-19f9840d3f63?source=rss------bug_bounty-5Monika sharmapenetration-testing, hacking, bug-bounty, bug-bounty-tips, technology28-Mar-2025
Understanding Web Request Methods and Responseshttps://medium.com/@aashifm/understanding-web-request-methods-and-responses-4a7abc8e1cba?source=rss------bug_bounty-5127.0.0.1http-request, http-response, cybersecurity, web-penetration-testing, bug-bounty28-Mar-2025
Earn $1000: Account Takeover by This Methodologyhttps://infosecwriteups.com/earn-1000-account-takeover-by-this-methodology-cc1cbf6d9eae?source=rss------bug_bounty-5Abhijeet Kumawataot, cybersecurity, hacking, bug-bounty, infosec28-Mar-2025
Practical OSINT Commands for Cyber Investigationshttps://medium.com/@paritoshblogs/practical-osint-commands-for-cyber-investigations-3e6b039b4b4b?source=rss------bug_bounty-5Paritoshosint, information-technology, threat-intelligence, cybersecurity, bug-bounty28-Mar-2025
DOM-Based Cross-Site Scripting (XSS)https://medium.com/@anandrishav2228/dom-based-cross-site-scripting-xss-828c223a80f3?source=rss------bug_bounty-5Rishav anandmoney, hacking, infosec, bug-bounty, cybersecurity28-Mar-2025
How I Found an Unauthorized RCE Bug in an Amazon EC2 Instance Using Censyshttps://medium.com/@swarooppatil3125/how-i-found-an-unauthorized-rce-bug-in-an-amazon-ec2-instance-using-censys-82c8bac79467?source=rss------bug_bounty-5Swarooppatilcybersecurity, money, bug-bounty, code, remote-code-execution28-Mar-2025
How to Find Hidden API Endpoints That Lead to Critical Bugshttps://medium.com/@vipulsonule71/how-to-find-hidden-api-endpoints-that-lead-to-critical-bugs-054310629e64?source=rss------bug_bounty-5Vipul Sonulepenetration-testing, hacking, bug-bounty, ai, cybersecurity28-Mar-2025
OSINT Secrets: How Hackers and Investigators Uncover Hidden Informationhttps://osintteam.blog/osint-secrets-how-hackers-and-investigators-uncover-hidden-information-5303ee570cc6?source=rss------bug_bounty-5Elie Attiehpenetration-testing, open-source-intelligence, cybersecurity, osint, bug-bounty28-Mar-2025
CVE-2025-31080 WordPress HTML Forms Plugin <= 1.5.1 Vulnerable to Cross-Site Scripting (XSS)https://abhinav-porwal.medium.com/cve-2025-31080-wordpress-html-forms-plugin-1-5-1-vulnerable-to-cross-site-scripting-xss-ae6ec99b7dd3?source=rss------bug_bounty-5Abhinav Porwalethical-hacking, bug-bounty, hacking, information-security, infosec28-Mar-2025
Is Bug Bounty Easy?https://infosecwriteups.com/is-bug-bounty-easy-f1ae04ceb8e6?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, infosecurity, cybersecurity, hacking28-Mar-2025
Critical Wallet Connection Bug Found on OpenSea Dealshttps://medium.com/@emrahcoban_84107/critical-wallet-connection-bug-found-on-opensea-deals-55f071c26288?source=rss------bug_bounty-5Emrah Çobanweb3, github, qa, bug-bounty, metamask28-Mar-2025
I Found HTTP Request Smuggling & Got a Huge Bug Bounty! (Full Exploit Guide)https://theindiannetwork.medium.com/i-found-http-request-smuggling-got-a-huge-bug-bounty-full-exploit-guide-1ac855ee1695?source=rss------bug_bounty-5TheIndianNetworkbug-bounty-tips, http-request-smuggling, bug-bounty, http-request, bug-bounty-writeup28-Mar-2025
I Found Remote Code Execution in a Cookie & Earned $5000! (Full Exploit Guide)https://theindiannetwork.medium.com/i-found-remote-code-execution-in-a-cookie-earned-5000-full-exploit-guide-d2e07d5b253c?source=rss------bug_bounty-5TheIndianNetworkrce-vulnerability, bug-bounty, remote-code-execution, rce, bug-bounty-tips28-Mar-2025
The Ultimate SSRF Testing Guide: Unleash the Hidden Web Secrets (2025)https://theindiannetwork.medium.com/the-ultimate-ssrf-testing-guide-unleash-the-hidden-web-secrets-2025-8c151068cedf?source=rss------bug_bounty-5TheIndianNetworkssrf-attack, bug-bounty-writeup, bug-bounty, ssrf, bug-bounty-tips28-Mar-2025
How A Null Character Was Used to Bypass Paymentshttps://medium.com/@diogo.gouveia2/how-a-null-character-was-used-to-bypass-payments-7b417932dede?source=rss------bug_bounty-5Diogo Gouveiapentesting, bug-bounty-writeup, cybersecurity, bug-bounty, penetration-testing28-Mar-2025
A Great tool for bug bounty hunters and Osint investigators.https://medium.com/@loyalonlytoday/a-great-tool-for-bug-bounty-hunters-and-osint-investigators-4e8c88d92f3a?source=rss------bug_bounty-5loyalonlytodaycybersecurity, bug-bounty, investigation, osint, awareness28-Mar-2025
My First Bug Report: Logical Flaw in Task Completion Allows Unauthorized Coin Increment via Request…https://medium.com/@jaga08official/my-first-bug-report-logical-flaw-in-task-completion-allows-unauthorized-coin-increment-via-request-ab63fe7259b7?source=rss------bug_bounty-5Jagabug-hunting, bug-bounty, vulnerability-disclosure, ethical-hacking, cybersecurity28-Mar-2025
The Naked-Eye Bug Hunt: Finding Flaws Without a Single Toolhttps://strangerwhite.medium.com/the-naked-eye-bug-hunt-finding-flaws-without-a-single-tool-bc4b448cefaf?source=rss------bug_bounty-5StrangeRwhitehacking, bug-bounty-tips, cybersecurity, writeup, bug-bounty28-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-125)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-125-e1adee54884d?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, ethical-hacking, bug-bounty-tips, hacking28-Mar-2025
Risk Management in Cybersecurity: Assessing Probability vs. Impacthttps://medium.com/@deepdive4learn/risk-management-in-cybersecurity-assessing-probability-vs-impact-46ea0016c083?source=rss------bug_bounty-5DeepDive4learnapi, web-development, penetration-testing, cybersecurity, bug-bounty28-Mar-2025
Why SAST is a Must-Have Skill for AppSec Professionals!https://sahildari.medium.com/why-sast-is-a-must-have-skill-for-appsec-professionals-014cc40f98fc?source=rss------bug_bounty-5Sahil Daribug-bounty, cybersecurity, appsec, sast28-Mar-2025
The Zombie Bug — Critical CVE 2025 Storyhttps://0xparth.medium.com/the-zombie-bug-critical-cve-2025-story-6cccb20ee8f5?source=rss------bug_bounty-5Parth Shuklavulnerability, ai, bug-bounty, cybersecurity, technology28-Mar-2025
This Tool Helped me to find ORIGIN IP(Automated way)https://medium.com/@canonminibeast/this-tool-helped-me-to-find-origin-ip-automated-way-d3eb76da3487?source=rss------bug_bounty-5Canonminibeasthacking, cybersecurity, bug-bounty, hacking-tools, web-pen-testing28-Mar-2025
Static Application Security Testing SAST Series: Part 1https://sahildari.medium.com/sast-series-part-1-a7cf18df0022?source=rss------bug_bounty-5Sahil Daricybersecurity, appsec, sast, path-manipulation, bug-bounty28-Mar-2025
How To Deal With Open Ports & Nmap Like a Pro?https://medium.com/@nnface/how-to-deal-with-open-ports-nmap-like-a-pro-6126ef0d9339?source=rss------bug_bounty-5NnFacecybersecurity, hacking, nmap, bug-bounty, kali-linux28-Mar-2025
Part 3: Advanced Techniques & Use Cases of Nuclei for Bug Bountyhttps://cyberw1ng.medium.com/part-3-advanced-techniques-use-cases-of-nuclei-for-bug-bounty-1fb810800b8c?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, technology, cybersecurity, careers, bug-bounty28-Mar-2025
How I Found a $10,000 Typo: A Beginner’s Guide to Bug Bounty Huntinghttps://medium.com/meetcyber/how-i-found-a-10-000-typo-a-beginners-guide-to-bug-bounty-hunting-4550f5af21fa?source=rss------bug_bounty-5Ahmad Javedtech-career, ethical-hacking, bug-bounty, cybersecurity, learn-to-code28-Mar-2025
️Insecure Direct Object Reference (IDOR) — Unauthorized Account Accesshttps://medium.com/@Oiluminado_x86/%EF%B8%8Finsecure-direct-object-reference-idor-unauthorized-account-access-dd4018b98fa9?source=rss------bug_bounty-5O iluminado_x86idor-vulnerability, bug-bounty-tips, privilege-escalation, bug-bounty, cybersecurity28-Mar-2025
How AI is Changing the Bug Bounty Landscape (And Why Hackers Aren’t Mad About It)https://cybersecuritywriteups.com/how-ai-is-changing-the-bug-bounty-landscape-and-why-hackers-arent-mad-about-it-34e2936cf640?source=rss------bug_bounty-5Ahmad Javedcybersecurity, bug-bounty, ai, ethical-hacking, penetration-testing27-Mar-2025
Information Disclosure leads To Unauthorized Access (easy github dork)https://medium.com/@Oiluminado_x86/information-disclosure-leads-to-unauthorized-access-easy-github-dork-7fb94821d30c?source=rss------bug_bounty-5O iluminado_x86bug-bounty, information-disclosure, hacking, penetration-testing27-Mar-2025
From 0 to 100K: How Gamification is Turning Bug Hunting into a Crypto-Style Grindhttps://medium.com/meetcyber/from-0-to-100k-how-gamification-is-turning-bug-hunting-into-a-crypto-style-grind-253e30b7e828?source=rss------bug_bounty-5Ahmad Javedcybersecurity, ethical-hacking, penetration-testing, pentesting, bug-bounty27-Mar-2025
How I Made $1,000 in a Day Exposing a Critical Vulnerabilityhttps://medium.com/@ibtissamhammadi/how-i-made-1-000-in-a-day-exposing-a-critical-vulnerability-3742ac0e58df?source=rss------bug_bounty-5Ibtissam Hammadipassive-income, ethical-hacking, makemoney-online, bug-bounty, cybersecurity27-Mar-2025
How to Choose the Right Bug Bounty Programs as a Beginnerhttps://osintteam.blog/how-to-choose-the-right-bug-bounty-programs-as-a-beginner-3cdfdd86b0c3?source=rss------bug_bounty-5Vivek PSbug-bounty, programming, hacking, web-development, cybersecurity27-Mar-2025
How I Found a CSRF Vulnerability in Profile Picture Deletionhttps://medium.com/@EL_cazad0r/how-i-found-a-csrf-vulnerability-in-profile-picture-deletion-b95bf8e6d579?source=rss------bug_bounty-5EL_Cazad0rbug-bounty-writeup, bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips27-Mar-2025
Facebook Reels Post Audience Privacy Misconfiguration : Meta Bug Bounty (3000 USD)https://zerocode-ph.medium.com/facebook-reels-post-audience-privacy-misconfiguration-meta-bug-bounty-3000-usd-805e39ab7948?source=rss------bug_bounty-5Syd Ricafort (0cod3)facebook-bug-bounty, meta-bug-bounty, bug-bounty27-Mar-2025
HackTheBox Certified Bug Bounty Hunter Study Notes & Guidehttps://motasemhamdan.medium.com/hackthebox-certified-bug-bounty-hunter-study-notes-guide-d05360f200dd?source=rss------bug_bounty-5Motasem Hamdaninfosec, bug-bounty, cybersecurity, hacking, hackthebox27-Mar-2025
Automate Open Redirection and XSS Testing with URL Auto Openerhttps://medium.com/@GrayWhite/automate-open-redirection-and-xss-testing-with-url-auto-opener-61af38087c54?source=rss------bug_bounty-5CrookSecxss-hunting, cybersecurity, open-redirection, url-testing, bug-bounty27-Mar-2025
Debugging PostgreSQL Installation on macOShttps://funnymous43.medium.com/debugging-postgresql-installation-on-macos-a49d2aa343a0?source=rss------bug_bounty-5hipster' Santospostgresql, backend, python, bug-bounty, database27-Mar-2025
Mastering Hydra: The Ultimate Brute-Force Cheatsheet for Ethical Hackershttps://medium.com/@cybrpunked/mastering-hydra-tool-the-biggest-cheatsheet-you-will-ever-need-7a050110a802?source=rss------bug_bounty-5Cybrpunkedinfosec, bug-bounty, cybersecurity, hacking, pentesting27-Mar-2025
The Ultimate XSS Scanner & Parameter Analysis Tool for Bug Huntershttps://medium.com/cyberscribers-exploring-cybersecurity/the-ultimate-xss-scanner-parameter-analysis-tool-for-bug-hunters-3c37111ac267?source=rss------bug_bounty-5Elie Attiehcybersecurity, bug-hunting, bug-bounty, bug-bounty-tips, bug-bounty-writeup27-Mar-2025
How I Hacked Medium (And Medium Hacked Me Back)https://osintteam.blog/how-i-hacked-medium-and-medium-hacked-me-back-c34d48f9199a?source=rss------bug_bounty-5Vivek PScybersecurity, bug-bounty, web-development, hacking, programming27-Mar-2025
HostTracer: A Powerful Tool for DNS and Hosting Reconnaissancehttps://medium.com/@GrayWhite/hosttracer-a-powerful-tool-for-dns-and-hosting-reconnaissance-e2f78ca525b4?source=rss------bug_bounty-5CrookSecreconnaissance, whois, bug-bounty, dns-lookup, hosting27-Mar-2025
RCE Via File upload And How To Fix Ithttps://medium.com/@snpxblack2006/rce-via-file-upload-and-how-to-fix-it-b2f39e745c27?source=rss------bug_bounty-5everythingBlackkkcybersecurity, hacking, bug-bounty, php, web-development27-Mar-2025
How I found 4 vulnerabilities in only 1 day?https://systemweakness.com/how-i-found-4-vulnerabilities-in-only-1-day-473a870b583a?source=rss------bug_bounty-5Imad Husanovicethical-hacking, bug-bounty-tips, bug-bounty, cybersecurity, programming27-Mar-2025
Hidden Backdoors in Web Apps: How Hackers Exploit Them ✨https://medium.com/@vipulsonule71/hidden-backdoors-in-web-apps-how-hackers-exploit-them-6f99c0abd918?source=rss------bug_bounty-5Vipul Sonulehackthebox, tryhackme, hacking, writing, bug-bounty27-Mar-2025
No Risk? Think Again — The DoS Twist That Led to $$$https://medium.com/@0xNayelx/no-risk-think-again-the-dos-twist-that-led-to-0152d6cc1327?source=rss------bug_bounty-50xNayelctf, bug-bounty-tips, pentesting, bug-bounty-writeup, bug-bounty27-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-124)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-124-5dcab5e4c9a1?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, bug-bounty-tips, hacking, bug-bounty, ethical-hacking27-Mar-2025
Advanced Techniques & Use Cases of Nuclei for Bug Bountyhttps://cyberw1ng.medium.com/advanced-techniques-use-cases-of-nuclei-for-bug-bounty-22be32c09d1b?source=rss------bug_bounty-5Karthikeyan Nagarajtechnology, careers, bug-bounty, programming, cybersecurity27-Mar-2025
Account Takeover via Leaked Email Verification Tokenhttps://medium.com/@kalvik/account-takeover-via-leaked-email-verification-token-2612fef3e2d4?source=rss------bug_bounty-5Vikash Mauryaaccount-takeover, bug-bounty-tips, bug-bounty-writeup, bug-bounty, hacking27-Mar-2025
From Blind XSS to Full Server Takeoverhttps://medium.com/@0xnuy/from-blind-xss-to-full-server-takeover-0f63ead701ab?source=rss------bug_bounty-5Nuypenetration-testing, rce, bug-bounty-writeup, bug-bounty, web-vulnerabilities26-Mar-2025
Domain and Subdomain Enumeration: A Practical Guide for Effective Reconnaissancehttps://osintteam.blog/domain-and-subdomain-enumeration-a-practical-guide-for-effective-reconnaissance-9660c40f4e37?source=rss------bug_bounty-5Dzianis Skliarosint, bug-bounty, reconnaissance, bug-bounty-tips, subdomains-enumeration26-Mar-2025
Stealing Money at the Speed of Light: Exploiting Race Conditions for Financial Fraud in…https://myselfakash20.medium.com/stealing-money-at-the-speed-of-light-exploiting-race-conditions-for-financial-fraud-in-a14c2086f5c0?source=rss------bug_bounty-5Akash Ghoshbug-bounty, programming, bug-bounty-tips, technology, cybersecurity26-Mar-2025
Top 10 Vulnerabilities Every Bug Hunter Should Exploit in 2025https://medium.com/@vipulsonule71/top-10-vulnerabilities-every-bug-hunter-should-exploit-in-2025-df28045f6fca?source=rss------bug_bounty-5Vipul Sonulehacking, ethical-hacking, penetration-testing, cybersecurity, bug-bounty26-Mar-2025
How SSRF Leads to RCE in a .NET Applicationhttps://medium.com/@0xUN7H1NK4BLE/how-ssrf-leads-to-rce-in-a-net-application-ee1b13812245?source=rss------bug_bounty-50xUN7H1NK4BLErce-vulnerability, ssrf, bug-bounty, lfi, web-exploitation26-Mar-2025
(Ⅱ) Android Identity Authentication: A Game of Cat and Mouse between Developers and “Hackers”https://medium.com/@security.tecno/%E2%85%B1-android-identity-authentication-a-game-of-cat-and-mouse-between-developers-and-hackers-b1b1789453b0?source=rss------bug_bounty-5TECNO Securitysecurity, hacking, android, development, bug-bounty26-Mar-2025
500s for $560: How I Turned Twitter into My Cash Piñatahttps://stevenfloresca.medium.com/500s-for-560-how-i-turned-twitter-into-my-cash-pi%C3%B1ata-3054e5fd66d0?source=rss------bug_bounty-5Steven Florescatwitter, security, information-security, bug-bounty-tips, bug-bounty26-Mar-2025
How Hackers Abuse XML-RPC to Launch Bruteforce and DDoS Attackshttps://infosecwriteups.com/how-hackers-abuse-xml-rpc-to-launch-bruteforce-and-ddos-attacks-40be5b310960?source=rss------bug_bounty-5coffinxphacking, wordpress, bug-bounty, penetration-testing, bug-bounty-tips26-Mar-2025
I Asked for 200 OK, Apache Gave Me Its Diary Insteadhttps://medium.com/@iski/i-asked-for-200-ok-apache-gave-me-its-diary-instead-6e5b114a6f46?source=rss------bug_bounty-5Iskibug-bounty, injective, servers, apache, bug-bounty-tips26-Mar-2025
Advanced Thick Client Penetration Testing: Techniques, Methodologies, and Execution (Part 2)…https://infosecwriteups.com/advanced-thick-client-penetration-testing-techniques-methodologies-and-execution-part-2-db5738997535?source=rss------bug_bounty-5Ajay Naikthick-client-security, cybersecurity, information-security, bug-bounty, penetration-testing26-Mar-2025
Bug Bounty Tips: How to Find Hidden API Keys in JavaScript Files Like a Pro!https://frostyxsec.medium.com/bug-bounty-tips-how-to-find-hidden-api-keys-in-javascript-files-like-a-pro-6797a31f9cf8?source=rss------bug_bounty-5Frostyxsecbug-bounty-tips, bug-bounty, bug-hunting, penetration-testing, cybersecurity26-Mar-2025
This easy attack can give you $2000 .https://medium.com/@anandrishav2228/this-easy-attack-can-give-you-2000-86e236b5caa5?source=rss------bug_bounty-5Rishav anandcybersecurity, money, servers, hacker, bug-bounty26-Mar-2025
How I Found My First P1 in a Bug Bounty Programhttps://cyxbugs.medium.com/how-i-found-my-first-p1-in-a-bug-bounty-program-a82e6c8cea46?source=rss------bug_bounty-5Cyxbug-bounty-writeup, cybersecurity, bug-bounty, pentesting26-Mar-2025
Bug Bounty 101https://meravytes.medium.com/bug-bounty-101-3e5ca050134f?source=rss------bug_bounty-5Meravytesmeravytes, bug-bounty, cybersecurity, ethical-hacking26-Mar-2025
Rate Limit Bypass in Password Reset Functionalityhttps://medium.com/@FuzzyyDuck/rate-limit-bypass-in-password-reset-functionality-bf4b997c9bae?source=rss------bug_bounty-5Fuzzyy Duckbug-bounty, rate-limit-bypass, bug-bounty-writeup, race-condition-exploit, vulnerability26-Mar-2025
The Sweetest Hack: How a ₹100 Cake Discount Gave Me a Panic Attackhttps://osintteam.blog/the-sweetest-hack-how-a-100-cake-discount-gave-me-a-panic-attack-85eaf62f7cf8?source=rss------bug_bounty-5Vivek PSweb-development, bug-bounty, hacking, programming, cybersecurity26-Mar-2025
Finding subdomains from SSL certificateshttps://medium.com/@loyalonlytoday/finding-subdomains-from-ssl-certificates-6d879a41d5d3?source=rss------bug_bounty-5loyalonlytodayreconnaissance, ethical-hacking, subdomains-enumeration, cybersecurity, bug-bounty26-Mar-2025
Windows Exploitation: Beginner’s Guide to Buffer Overflow (Old OSCP-Level)https://medium.com/@verylazytech/windows-exploitation-beginners-guide-to-buffer-overflow-old-oscp-level-de07b653f287?source=rss------bug_bounty-5Very Lazy Techbug-bounty, buffer-overflow, oscp, cybersecurity, penetration-testing26-Mar-2025
JWT (JSON Web Token) Security Risks: Common Vulnerabilities and Exploits Every Bug Hunter Should…https://infosecwriteups.com/jwt-json-web-token-security-risks-common-vulnerabilities-and-exploits-every-bug-hunter-should-d3fa4182a329?source=rss------bug_bounty-5Elie Attiehjwt, cybersecurity, pentesting, bug-bounty, bug-hunting26-Mar-2025
Understanding and Testing for Content Security Policy (CSP)https://medium.com/@MutexSec/understanding-and-testing-for-content-security-policy-csp-ab01c74a9a1f?source=rss------bug_bounty-5Exhaustedmutexbug-bounty-tips, red-team, pentesting, bug-bounty, penetration-testing26-Mar-2025
AI Safety Bug Bounty 101https://pointlessai.medium.com/ai-safety-bug-bounty-101-50f78c88781b?source=rss------bug_bounty-5PointlessAI Blogai-alignment-and-safety, ai-safety, bug-bounty, ai, bug-bounty-hunter26-Mar-2025
How to Pay High Bounty in Bug Huntinghttps://medium.com/@vipulsonule71/how-to-pay-high-bounty-in-bug-hunting-38691343f3bc?source=rss------bug_bounty-5Vipul Sonuletechnology, penetration-testing, ethical-hacking, hacking, bug-bounty26-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-123)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-123-bb98d1457663?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, bug-bounty, hacking, bug-bounty-tips26-Mar-2025
Zero Trust: Why Your Office Needs a Nightclub Bouncerhttps://medium.com/the-shortform/zero-trust-why-your-office-needs-a-nightclub-bouncer-b21afd41aad0?source=rss------bug_bounty-5Ahmad Javedhacker, hacking, zero-trust, bug-bounty, cybersecurity26-Mar-2025
web cache deception on vdp programhttps://medium.com/@Dorking1/web-cache-deception-on-private-program-eab62d869866?source=rss------bug_bounty-5Doorkingbug-bounty-writeup, penetration-testing, bug-bounty26-Mar-2025
Advanced Techniques to Bypass Restricted shell | Privilege Escalation Tutorialhttps://systemweakness.com/advanced-techniques-to-bypass-restricted-shell-privilege-escalation-tutorial-a02015ebaf49?source=rss------bug_bounty-5Mr Horbiocybersecurity, bug-bounty, ethical-hacking, penetration-testing, hacking26-Mar-2025
Zero to Hero in bug bounty by ‘Vibe Coding’https://medium.com/@nsteckercs/zero-to-hero-in-bug-bounty-by-vibe-coding-b74efc9a1259?source=rss------bug_bounty-5Zaxiebug-bounty, technology, education, cybersecurity, hacking26-Mar-2025
The Power of Nuclei for Bug Bounty Huntinghttps://cyberw1ng.medium.com/the-power-of-nuclei-for-bug-bounty-hunting-ded98a8a47a7?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, technology, bug-bounty, programming26-Mar-2025
Manipulating Response: A Deep Dive into Exploitation => $650https://ehteshamulhaq198.medium.com/manipulating-responses-a-deep-dive-into-exploitation-650-bf5933efe202?source=rss------bug_bounty-5Ehtesham Ul Haqbug-bounty, penetration-testing, infosec, writeup, cybersecurity26-Mar-2025
Inayat hussain chohan (Security Researcher’s journey )https://inayathussain.medium.com/inayat-hussain-chohan-security-researchers-journey-1bf0499e27d9?source=rss------bug_bounty-5Inayat Hussainpenetration-testing, ethical-hacking, bug-bounty, cybersecurity, information-technology26-Mar-2025
Private Keys vs Seed Phrases: What You Need to Knowhttps://medium.com/@itsamanyadav/private-keys-vs-seed-phrases-what-you-need-to-know-71fc6bb70cc4?source=rss------bug_bounty-5Its Aman Yadavbug-bounty, secuirty, seed-phrase, private-key, web3-security-audit25-Mar-2025
Discovering publicly exposed data in AWS S3 and Google Cloud Storagehttps://kkamalesh117.medium.com/discovering-publicly-exposed-data-in-aws-s3-and-google-cloud-storage-5f9583807e7d?source=rss------bug_bounty-5Kamalesh Dhacker, bug-bounty, aws, google, cybersecurity25-Mar-2025
AI vs. Bug Hunters: How ChatGPT is Rewriting the Rules of Vulnerability Discoveryhttps://medium.com/meetcyber/ai-vs-bug-hunters-how-chatgpt-is-rewriting-the-rules-of-vulnerability-discovery-6eae02514f6c?source=rss------bug_bounty-5Ahmad Javedbug-bounty-ai, bug-bounty, future-of-hacking, cybersecurity, penetration-testing25-Mar-2025
The Dark Side of Bug Bounty Hunting: Frustrations No One Talks Abouthttps://osintteam.blog/the-dark-side-of-bug-bounty-hunting-frustrations-no-one-talks-about-ad1b502a5815?source=rss------bug_bounty-5Vivek PSweb-development, bug-bounty, cybersecurity, programming, hacking25-Mar-2025
Uncovering a Hidden Logic Flow-A Deep Dive into Exploitation!https://medium.com/@AhmedSamy-X/uncovering-a-hidden-logic-flow-a-deep-dive-into-exploitation-824e1dec12cc?source=rss------bug_bounty-5Ahmedsamycybersecurity, web-exploitation, bug-bounty, penetration-testing, information-security25-Mar-2025
Introduction to Bug Bounty Programs: How to Legally Get Paid for Hacking (Yes, Really!)https://medium.com/@theautobot/introduction-to-bug-bounty-programs-how-to-legally-get-paid-for-hacking-yes-really-bfbfd84b2933?source=rss------bug_bounty-5theAutoBotbugs, bug-bounty, bug-bounty-writeup, hacking-for-defense, bug-bounty-tips25-Mar-2025
One-Click Account Hijacking on TikTokhttps://infosecwriteups.com/one-click-account-hijacking-on-tiktok-b0d211288abe?source=rss------bug_bounty-5Abhijeet Kumawathacking, tik-tok, bug-bounty, cybersecurity, infosec25-Mar-2025
Hacking APIs :SQL Injection Attackhttps://iaraoz.medium.com/hacking-apis-sql-injection-attack-7c13a7b1f6fb?source=rss------bug_bounty-5Israel Aráoz Severichebug-bounty, cybersecurity, api-development, owasp, hacking25-Mar-2025
Hacking APIs: Authentication Attackhttps://iaraoz.medium.com/hacking-apis-authentication-attack-100623725721?source=rss------bug_bounty-5Israel Aráoz Severichehacking, api, cybersecurity, bug-bounty, apps25-Mar-2025
Top Bug Bounty Platforms Every Ethical Hacker Should Knowhttps://medium.com/@dasmanish6176/top-bug-bounty-platforms-every-ethical-hacker-should-know-9fc5d736fa1d?source=rss------bug_bounty-5Dasmanishethical-hacking, infosec, bug-bounty25-Mar-2025
Which Cybersecurity Course Should I Take? A Comprehensive Guidehttps://medium.com/@verylazytech/which-cybersecurity-course-should-i-take-a-comprehensive-guide-fd5d64786efc?source=rss------bug_bounty-5Very Lazy Techethical-hacking, osep, bug-bounty, penetration-testing, oscp25-Mar-2025
Advanced Techniques for Finding and Exploiting Outdated Softwarehttps://medium.com/@shadyfarouk1986/advanced-techniques-for-finding-and-exploiting-outdated-software-f85f8862e514?source=rss------bug_bounty-5Shady Faroukhacking-training, bug-bounty, pentesting, ethical-hacking, bounty-program25-Mar-2025
Finding JavaScript Files on Websites Using Automationhttps://cyberw1ng.medium.com/finding-javascript-files-on-websites-using-automation-f8b8e03e3d66?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, bug-bounty, programming, technology25-Mar-2025
Bypass Restricted shell | Privilege Escalation Techniques [EJpt exam]https://infosecwriteups.com/bypass-restricted-shell-privilege-escalation-techniques-ejpt-exam-cfe1eb470db9?source=rss------bug_bounty-5Mr Horbioethical-hacking, bug-bounty, pentesting, cybersecurity, hacking25-Mar-2025
OS Commandhttps://medium.com/@520hazem/os-command-c1b7364ddd63?source=rss------bug_bounty-5Hazemportswigger-lab, pentesting, pentester, bug-bounty, os-command-injection25-Mar-2025
Networking Basics for Ethical Hackershttps://medium.com/@akashfalaskar/networking-basics-for-ethical-hackers-99816dc1a2b2?source=rss------bug_bounty-5Akash Falaskarcybersecurity, red-team, bug-bounty, ethical-hacking, networking25-Mar-2025
Bypassing AppLock Pattern via Shared Preferences Analysishttps://medium.com/@youssefhussein212103168/bypassing-applock-pattern-via-shared-preferences-analysis-7bf1bb631dd3?source=rss------bug_bounty-5Youssefhusseinsecurity, bug-bounty, cybersecurity, android, penetration-testing25-Mar-2025
I Want YOU, Hacker To Read This story…https://medium.com/@nnface/i-want-you-hacker-to-read-this-story-2d16079d6e36?source=rss------bug_bounty-5NnFacebug-bounty, ethical-hacking, hacking, writing, cybersecurity25-Mar-2025
Authenticationhttps://medium.com/@520hazem/authentication-ac63cf7ed785?source=rss------bug_bounty-5Hazembug-bounty, portswigger-lab, authentication, pentester, pentesting24-Mar-2025
How to Find Hidden API Endpoints That Lead to Critical Bugshttps://bitpanic.medium.com/how-to-find-hidden-api-endpoints-that-lead-to-critical-bugs-97a38ca40efe?source=rss------bug_bounty-5Spectat0rguytechnology, bug-bounty, programming, ai-generated-content, cybersecurity24-Mar-2025
Think You’re Ready for Real-World Hacking? Think Againhttps://medium.com/@timsuxwales/think-youre-ready-for-real-world-hacking-think-again-1565c6bb27ed?source=rss------bug_bounty-5Timsux Walescybersecurity, bug-bounty, penetration-testing, infosec, hacking24-Mar-2025
Metasploit Framework Commands for Penetration Testinghttps://medium.com/@paritoshblogs/metasploit-framework-commands-for-penetration-testing-505ef6063698?source=rss------bug_bounty-5Paritoshmetasploit, information-security, bug-bounty, cybersecurity, hacking24-Mar-2025
How I Found a Major Security Flaw in a Popular Platform… And They Ignored It.https://medium.com/@rakshitshetty59/how-i-found-a-major-security-flaw-in-a-popular-platform-and-they-ignored-it-dd569ce694ce?source=rss------bug_bounty-5Rakshitshettyethical-hacking, cybersecurity, bug-bounty, web-vulnerabilities, sql-injection24-Mar-2025
Account Take-over Via Password Reset Poisoninghttps://medium.com/@umd04843/account-take-over-via-password-reset-poisoning-e2a8a2f8a642?source=rss------bug_bounty-5Mohamed Usmanbug-bounty, cybersecurity, bug-bounty-tips, vapt, bug-bounty-writeup24-Mar-2025
How I Made $100,000 Discovering a Kernel Vulnerability! (With Exploit Code)https://theindiannetwork.medium.com/how-i-made-100-000-discovering-a-kernel-vulnerability-with-exploit-code-695f4ff18a78?source=rss------bug_bounty-5TheIndianNetworkbug-bounty-tips, kernel, zero-day, bug-bounty, karnel-exploit24-Mar-2025
SSRF Advanced Methodology✨https://infosecwriteups.com/ssrf-advanced-methodology-9583fdf2ae3c?source=rss------bug_bounty-5Abhijeet Kumawathacking, bug-bounty, methodology, ssrf, infosec24-Mar-2025
Exploiting JavaScript Execution in PDFs & How to Prevent Ithttps://frostyxsec.medium.com/exploiting-javascript-execution-in-pdfs-how-to-prevent-it-9e30cf3fe3ef?source=rss------bug_bounty-5Frostyxsecbug-bounty, bug-hunting, web-security, cybersecurity, vulnerability24-Mar-2025
(Ⅰ) Android Identity Authentication: A Game of Cat and Mouse between Developers and “Hackers”https://medium.com/@security.tecno/%E2%85%B0-android-identity-authentication-a-game-of-cat-and-mouse-between-developers-and-hackers-73eda7a36253?source=rss------bug_bounty-5TECNO Securityhacking, bug-bounty, blog, developer, android24-Mar-2025
The story of XSS that leads to ATOhttps://sahandami.medium.com/the-story-of-xss-that-leads-to-ato-edf23f55a47e?source=rss------bug_bounty-5SahandAmiato, account-takeover, csrf-token, bug-bounty, xs24-Mar-2025
From Zero to First Bug Bounty: A Step-by-Step Guide That Anyone Can Follow!https://osintteam.blog/from-zero-to-first-bug-bounty-a-step-by-step-guide-that-anyone-can-follow-247657eec2d7?source=rss------bug_bounty-5Vivek PSbug-bounty, web-development, hacking, cybersecurity, programming24-Mar-2025
Advanced Thick Client Penetration Testing — Techniques, Methodologies, and Execution -PART -1…https://infosecwriteups.com/advanced-thick-client-penetration-testing-techniques-methodologies-and-execution-part-1-c49c7bdb1d0b?source=rss------bug_bounty-5Ajay Naikthick-client-security, information-security, bug-bounty, cybersecurity, information-technology24-Mar-2025
How to Start Your Career in Web3 Security and Make Millions $$$$$$https://medium.com/@whhackerbsac/how-to-start-your-career-in-web3-security-and-make-millions-a07c8aa3ee62?source=rss------bug_bounty-5Bsac Hunterweb3, cybersecurity, web3-security, blockchain, bug-bounty24-Mar-2025
The Dark Side of Invite Links: A Race Condition Exploit Story (English-Hindi)https://medium.com/@ajay.kumar.695632/the-dark-side-of-invite-links-a-race-condition-exploit-story-english-hindi-257d5bd8e9c5?source=rss------bug_bounty-5Ajay Kumarbugs, bug-bounty-writeup, bug-bounty, bug-bounty-tips, bugcrowd24-Mar-2025
The Ultimate Guide to Price Manipulation Vulnerabilities: Techniques, Case Studies & Advanced…https://infosecwriteups.com/the-ultimate-guide-to-price-manipulation-vulnerabilities-techniques-case-studies-advanced-0e1a24c5ee3d?source=rss------bug_bounty-5Ajay Naikinformation-security, penetration-testing, bug-bounty, price-manipulation, cybersecurity24-Mar-2025
How to Detect API Keys and Secrets Hiding in a Web Applicationhttps://medium.com/@aviwolicki/how-to-detect-api-keys-and-secrets-hiding-in-a-web-application-8470945c229d?source=rss------bug_bounty-5Avi Wweb-application-security, bug-bounty, cybersecurity24-Mar-2025
Cybersecurity for Beginners: Protect Yourself Like a Prohttps://medium.com/@agranesamia2/cybersecurity-for-beginners-protect-yourself-like-a-pro-08cc41af9c21?source=rss------bug_bounty-5Amisaabug-bounty, cybersecurity, ethical-hacking, ctf, online-privacy24-Mar-2025
Mastering Bug Bounty Hunting: Exploring Different Types of Payloads for Effective Exploitationhttps://medium.com/@cybertips96/mastering-bug-bounty-hunting-exploring-different-types-of-payloads-for-effective-exploitation-40f922c057f4?source=rss------bug_bounty-5Cybertipsbug-bounty-tips, bug-bounty, payload24-Mar-2025
Bug Findhttps://medium.com/@ashrafulhossainrafi22/bug-find-47717daa7977?source=rss------bug_bounty-5Ashraful Hossain Rafibug-bounty24-Mar-2025
Custom Dorks to find Bug Bounty Programshttps://medium.com/developersglobal/custom-dorks-to-find-bug-bounty-programs-4867da4b9ebf?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, bug-bounty, bug-bounty-hunter, google-dork, bug-bounty-program24-Mar-2025
Automated Information Gathering from Websiteshttps://cyberw1ng.medium.com/automated-information-gathering-from-websites-9c2975861497?source=rss------bug_bounty-5Karthikeyan Nagarajtechnology, programming, bug-bounty, careers, cybersecurity24-Mar-2025
CSRFhttps://medium.com/@520hazem/dw-98bdac9232c6?source=rss------bug_bounty-5Hazembug-bounty, csrf-bypass, csrf, portswigger-lab, pentesting24-Mar-2025
CVE-2025–29927 — Bypass de Middleware en Next.jshttps://medium.com/@juanfelipeoz.rar/cve-2025-29927-bypass-de-middleware-en-next-js-80e900285cf5?source=rss------bug_bounty-5Juan Felipe Osorio Znextjs, bug-bounty, ciberseguridad, cve-2025-29927, hacking24-Mar-2025
Custom Dorks to find Bug Bounty Programshttps://osintteam.blog/custom-dorks-to-find-bug-bounty-programs-4867da4b9ebf?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, bug-bounty, bug-bounty-hunter, google-dork, bug-bounty-program24-Mar-2025
12 Windows Command Line Hacks for Incident Respondershttps://medium.com/@paritoshblogs/12-windows-command-line-hacks-for-incident-responders-d9e95ef1c3a3?source=rss------bug_bounty-5Paritoshcybersecurity, hacking, bug-bounty, information-technology, incident-response23-Mar-2025
Network Pentesting -Active/Passive Information gathering like Pro Part -2https://medium.com/@Cyber_siva/network-pentesting-active-passive-information-gathering-like-pro-part-2-cdbeec6b9300?source=rss------bug_bounty-5Siva Sankarcybersecurity, bug-bounty, networking23-Mar-2025
picoCTF Web Exploitation: SSTI1https://medium.com/@Kamal_S/picoctf-web-exploitation-ssti1-e2363b1885a0?source=rss------bug_bounty-5Kamal Sbug-bounty, picoctf, ssti, command-injection, ssti123-Mar-2025
How I Exploited an SSRF Vulnerability & Earned $5000 — Real-World Exploit!https://theindiannetwork.medium.com/how-i-exploited-an-ssrf-vulnerability-earned-5000-real-world-exploit-e8ded56ef9ce?source=rss------bug_bounty-5TheIndianNetworkssrf-vulnerability, server-side-request, bug-bounty-tips, bug-bounty, ssrf-attack23-Mar-2025
I Found a Zero-Day Exploit & Got Paid $3000 — Full Real-World Breakdown!https://theindiannetwork.medium.com/i-found-a-zero-day-exploit-got-paid-3000-full-real-world-breakdown-42cb6d307699?source=rss------bug_bounty-5TheIndianNetworkbug-bounty-tips, bug-bounty, bug-bounty-writeup, zero-day, zero-day-vulnerability23-Mar-2025
I Hacked a Million-Dollar Website with Just a Text Box — Earned $25,000! (Full Story)https://theindiannetwork.medium.com/i-hacked-a-million-dollar-website-with-just-a-text-box-earned-25-000-full-story-bef4a8ec28fe?source=rss------bug_bounty-5TheIndianNetworkxss-vulnerability, stored-xss, xss-attack, bug-bounty, bug-bounty-tips23-Mar-2025
️ How to Build a Perfect Bug Bounty Methodologyhttps://medium.com/@vipulsonule71/%EF%B8%8F-how-to-build-a-perfect-bug-bounty-methodology-0dacf715874e?source=rss------bug_bounty-5Vipul Sonulebug-bounty, technology, hacking, penetration-testing, ethical-hacking23-Mar-2025
CORShttps://medium.com/@520hazem/cors-add835d8de3b?source=rss------bug_bounty-5Hazembug-bounty, pentesting, portswigger-lab, portswigger, cors23-Mar-2025
The Ultimate Guide to Subdomain Enumeration for Bug Bounty Huntershttps://medium.com/@thexnumb/the-ultimate-guide-to-subdomain-enumeration-for-bug-bounty-hunters-73b60fca62bc?source=rss------bug_bounty-5Thexnumbinfosec, bug-bounty, cybersecurity, hacking, penetration-testing23-Mar-2025
Broken Access Control leads to Addition of Malicious Files / Inclusion of Sensitive Files.https://medium.com/@saurabhcsec/broken-access-control-leads-to-addition-of-malicious-files-inclusion-of-sensitive-files-4d0b424e1515?source=rss------bug_bounty-5Saurabhcsecbug-bounty-writeup, web-development, cybersecurity, hacking, bug-bounty23-Mar-2025
Why SAST is a Must-Have Skill for AppSec Professionals!https://sahildari.medium.com/why-sast-is-a-must-have-skill-for-appsec-professionals-6090e98eb15f?source=rss------bug_bounty-5Sahil Darisecure-coding, appsec, sast, cybersecurity, bug-bounty23-Mar-2025
️ Work-from-Home Bug Bounty: How to Get Started & Succeedhttps://medium.com/@vipulsonule71/%EF%B8%8F-work-from-home-bug-bounty-how-to-get-started-succeed-ce2ee466d9cb?source=rss------bug_bounty-5Vipul Sonulewriting-tips, bug-bounty, writing, technology, hacking23-Mar-2025
How I Got a Bug Bounty Using Only Reconhttps://medium.com/@drhtunaungkyaw1993/how-i-got-a-bug-bounty-using-only-recon-b0c0e92f2503?source=rss------bug_bounty-5Htun Aung Kyawhacking, myanmar, bug-bounty, pentest, yeswehack23-Mar-2025
Cracking a Password-Protected ZIP File with John the Ripper — A Hands-On Guidehttps://medium.com/@rundcodehero/cracking-a-password-protected-zip-file-with-john-the-ripper-a-hands-on-guide-1aea0f6b3627?source=rss------bug_bounty-5Randi Adhityas Saputracrack-passwords, bug-bounty, pentest, john-the-ripper23-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-122)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-122-5b7edf5b959c?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, hacking, bug-bounty-tips, ethical-hacking23-Mar-2025
How I Got a Bug Bounty Reward Using Only Reconhttps://medium.com/@drhtunaungkyaw1993/how-i-got-a-bug-bounty-using-only-recon-b0c0e92f2503?source=rss------bug_bounty-5Htun Aung Kyawhacking, myanmar, bug-bounty, pentest, yeswehack23-Mar-2025
Hacking with GitHub’s hidden gems for subdomain enumeration.https://medium.com/h7w/hacking-with-githubs-hidden-gems-for-subdomain-enumeration-a1266d4a019c?source=rss------bug_bounty-5Abhishek pawarprogramming, bug-bounty, github, hacking, domains23-Mar-2025
Internet Archive: Wayback Hunting for Bug Bounty Huntershttps://osintteam.blog/internet-archive-wayback-hunting-for-bug-bounty-hunters-36b112011a7c?source=rss------bug_bounty-5RivuDonwayback-machine, bug-bounty-writeup, infosec, bug-bounty-tips, bug-bounty23-Mar-2025
Subdomain Found! Now What? (Part 2)https://osintteam.blog/subdomain-found-now-what-part-2-2c2835f459ca?source=rss------bug_bounty-5Monika sharmabug-bounty, penetration-testing, hacking, bug-bounty-tips, technology23-Mar-2025
How I Accidentally Bypassed a Paywall and Got User Data for Freehttps://northstar1.medium.com/how-i-accidentally-bypassed-a-paywall-and-got-user-data-for-free-de73f98a51da?source=rss------bug_bounty-5NorthStarburp-suite-pro, bug-bounty-tips, bug-bounty, bug-bounty-writeup, idor-vulnerability23-Mar-2025
OSINT Techniques for Finding Leaked Credentials on Telegramhttps://medium.com/@0xblackd3v/osint-techniques-for-finding-leaked-credentials-on-telegram-abefee04e19e?source=rss------bug_bounty-5Blackd3vbug-bounty, bugs, cybersecurity, hacking23-Mar-2025
Understanding Privilege Escalation in Web Applicationshttps://cyberw1ng.medium.com/understanding-privilege-escalation-in-web-applications-c560e641b93b?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, technology, bug-bounty, programming23-Mar-2025
Breaking Down CVSS: Understanding Vulnerability Scores Like a Hackerhttps://medium.com/@jkyne6368/breaking-down-cvss-understanding-vulnerability-scores-like-a-hacker-de85b114d07c?source=rss------bug_bounty-5Jordillahacking, bug-bounty, cybersecurity, freelancing, aws22-Mar-2025
How I Found a $4,837 SQLi Bug in Just 17 Minuteshttps://medium.com/@ibtissamhammadi/how-i-found-a-4-837-sqli-bug-in-just-17-minutes-8a4c778d2057?source=rss------bug_bounty-5Ibtissam Hammadibug-bounty, sql, web-security, ethical-hacking, cybersecurity22-Mar-2025
Discovering and Exploiting a Path Traversal Vulnerability in Chromium’s md_browser Toolhttps://medium.com/@piyushbhor22/chromiums-path-traversal-vulnerability-ece8be276859?source=rss------bug_bounty-5Pi - The Kernel Paniccode-analysis, bug-bounty, chromium, vulnerability-assessment, path-traversal22-Mar-2025
Common and Security Vulnerabilities in Restaking Layershttps://securrtech.medium.com/common-and-security-vulnerabilities-in-restaking-layers-110c61049892?source=rss------bug_bounty-5Securr - Web3 Securityblockchain-security, web3-security, smart-contract-security, smart-contract-auditing, bug-bounty22-Mar-2025
Information Disclosure — Exposed Order Details via Shipping Status APIhttps://medium.com/@mIna_x1/information-disclosure-exposed-order-details-via-shipping-status-api-7fd177364d12?source=rss------bug_bounty-5Mina Ashrafbug-bounty, bug-bounty-writeup, cyper-security22-Mar-2025
LegionHunter VPS Setup Script for Bug Bounty & Pentestinghttps://medium.com/developersglobal/legionhunter-vps-setup-script-for-bug-bounty-pentesting-298d3ef16964?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, vps, pentesting, vps-server, linux22-Mar-2025
Microsoft 365 Copilot For Work: Image Data Exfiltration From SharePointhttps://infosecwriteups.com/microsoft-365-copilot-for-work-image-data-exfiltration-from-sharepoint-644bc818a5db?source=rss------bug_bounty-5Cyd Tsengmicrosoft, bug-bounty, cybersecurity, microsoft-copilot, vulnerability22-Mar-2025
Finding new apex domains in a unique way.https://infosecwriteups.com/finding-new-apex-domains-in-a-unique-way-87404d8dfa1d?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, bug-bounty-tips, bug-bounty, apex, cybersecurity22-Mar-2025
LFI Advanced Methodology by Abhijeethttps://medium.com/@Abhijeet_kumawat_/lfi-advanced-methodology-by-abhijeet-9993b827db53?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, cybersecurity, lfi, bug-bounty, hacking22-Mar-2025
How I Bypassed 403 Forbidden & Accessed Restricted Pages — Real-World Exploit!https://theindiannetwork.medium.com/how-i-bypassed-403-forbidden-accessed-restricted-pages-real-world-exploit-e19ccb18bbbb?source=rss------bug_bounty-5TheIndianNetworkbug-bounty-tips, bug-bounty-writeup, bug-bounty, 403-forbidden, 403-bypass22-Mar-2025
How I Deleted Accounts With Just an Email Addresshttps://medium.com/@preetham._.kumar/how-i-deleted-accounts-with-just-an-email-address-d50d60bd6308?source=rss------bug_bounty-5StunnerSeccybersecurity, hacking, bug-bounty, ethical-hacking, penetration-testing22-Mar-2025
TheHarvester: A Powerful OSINT Tool for Cybersecurity Professionalshttps://medium.com/@alidrabkih/theharvester-a-powerful-osint-tool-for-cybersecurity-professionals-cc8660876f31?source=rss------bug_bounty-5Ali Drabkihbug-bounty, tools, hacking, cybrt22-Mar-2025
Hunting Bugs: My Favorite Flawshttps://hackergod00001.medium.com/hunting-bugs-my-favorite-flaws-9b405a8b9f9d?source=rss------bug_bounty-5Hackergod00001cybersecurity, secrets, bug-bounty-tips, knowledge, bug-bounty22-Mar-2025
LFI Advanced Methodology by Abhijeethttps://infosecwriteups.com/lfi-advanced-methodology-by-abhijeet-9993b827db53?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, cybersecurity, lfi, bug-bounty, hacking22-Mar-2025
Mastering DeFi Security Through Hands-On Hacking Challengeshttps://medium.com/@schofieldleonard8/mastering-defi-security-through-hands-on-hacking-challenges-98914ed3a260?source=rss------bug_bounty-5Leonard Schofielddefi-strategy, crypto-hack, web3-security, crypto-exploit, bug-bounty22-Mar-2025
How I Made $4,500 in My First Month Bug Huntinghttps://medium.com/@ibtissamhammadi/how-i-made-4-500-in-my-first-month-bug-hunting-5985a2b6f143?source=rss------bug_bounty-5Ibtissam Hammadibug-bounty, bug-hunting, cybersecurity, hacking, technology22-Mar-2025
Web Hacking Series - Part 1: HTTP Basics – The Invisible Language of the Webhttps://medium.com/@cybertips96/web-hacking-series-part-1-http-basics-the-invisible-language-of-the-web-7e007fd06e7b?source=rss------bug_bounty-5Cybertipsbug-bounty22-Mar-2025
The Ultimate Guide to Bug Bounty Hunting: How to Get Started and Succeedhttps://medium.com/@HexaGaurd/the-ultimate-guide-to-bug-bounty-hunting-how-to-get-started-and-succeed-74bb31926190?source=rss------bug_bounty-5HexaGaurdbug-bounty-hunter, bug-bounty, cybersecurity, ethical-hacking, bugbounty-poc22-Mar-2025
✨ The Art of Reconnaissance: How Hackers Gather Intelhttps://medium.com/@vipulsonule71/the-art-of-reconnaissance-how-hackers-gather-intel-a665e9c58762?source=rss------bug_bounty-5Vipul Sonulepenetration-testing, bug-bounty, cybersecurity, ai, hacking22-Mar-2025
Pico CTF: Easy Challenges | Part - 1https://medium.com/@john1robert2000/pico-ctf-easy-challenges-part-1-8cd54e389dd0?source=rss------bug_bounty-5Rizwanbug-bounty, ctf-walkthrough22-Mar-2025
Chaining Low-Severity Bugs for Critical Impact — Turning Tiny Holes into Major Exploitshttps://osintteam.blog/chaining-low-severity-bugs-for-critical-impact-turning-tiny-holes-into-major-exploits-95a996bbda92?source=rss------bug_bounty-5Vivek PSbug-bounty, web-development, ethical-hacking, cybersecurity, programming22-Mar-2025
Shhh…Be Quiet Hacker.https://medium.com/meetcyber/shhh-be-quiet-hacker-4048643f590d?source=rss------bug_bounty-5NnFacehacking, bug-bounty, it, cybersecurity, quiet22-Mar-2025
Unauthorized Access to “About” Feature via Parameter Manipulationhttps://mmnahian.medium.com/unauthorized-access-to-about-feature-via-parameter-manipulation-b85b08796b87?source=rss------bug_bounty-5mmnahianpenetration-testing, bug-bounty, bug-bounty-tips, infosec, bug-bounty-writeup22-Mar-2025
PAT-tastrophe: How We Hacked Virtuals’ $4.6B Agentic AI & Cryptocurrency Ecosystemhttps://medium.com/@gonzo-hacks/pat-tastrophe-how-we-hacked-virtuals-4-6b-agentic-ai-cryptocurrency-ecosystem-f850b544d0f5?source=rss------bug_bounty-5Dane Sherretshacking, ai, cryptocurrency, agents, bug-bounty22-Mar-2025
How a Security Researcher Earned $1,900 Bounty for Privilege Escalationhttps://cyberw1ng.medium.com/how-a-security-researcher-earned-1-900-bounty-for-privilege-escalation-d430e24e8b1b?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, technology, programming22-Mar-2025
Next.js and the corrupt middleware: the authorizing artifacthttps://medium.com/@zhero_/next-js-and-the-corrupt-middleware-the-authorizing-artifact-14e6fb688d26?source=rss------bug_bounty-5Rachid.Ajavascript, hacking, bug-bounty, vulnerability, nextjs22-Mar-2025
How a Security Researcher Earned $1,900 Bounty for Privilege Escalationhttps://osintteam.blog/how-a-security-researcher-earned-1-900-bounty-for-privilege-escalation-d430e24e8b1b?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, technology, programming22-Mar-2025
Exploiting Blind XSS in a Signup Page: Admin Panel Takeover and Real-World Impact ($3000 P2 Private…https://medium.com/@MianHammadx0root/exploiting-blind-xss-in-a-signup-page-admin-panel-takeover-and-real-world-impact-3000-p2-private-110205e3674b?source=rss------bug_bounty-5Mian Hammadbug-bounty, xss-attack, bugbounty-writeup, blind-xss, pentesting21-Mar-2025
The Essential Guide to Bug Bounties and Responsible Disclosurehttps://medium.com/@locamartin/the-essential-guide-to-bug-bounties-and-responsible-disclosure-b4d34053c139?source=rss------bug_bounty-5Loca Martinbug-bounty21-Mar-2025
How I Made $1000 in Just 30 Minutes by Discovering an Account Takeover (ATO) Vulnerability!https://theindiannetwork.medium.com/how-i-made-1000-in-just-30-minutes-by-discovering-an-account-takeover-ato-vulnerability-84afd6c5d9ab?source=rss------bug_bounty-5TheIndianNetworkbug-bounty, account-takeover-attacks, account-takeover, bug-bounty-tips, bug-bounty-hunter21-Mar-2025
From Lockdown to Payday: Hacking a Porn Site for $1,500https://stevenfloresca.medium.com/from-lockdown-to-payday-hacking-a-porn-site-for-1-500-899bf57cc556?source=rss------bug_bounty-5Steven Florescainformation-security, hacker, bug-bounty, xss-vulnerability, security21-Mar-2025
Find Private Bug Bounty Programs without an invitehttps://osintteam.blog/find-private-bug-bounty-programs-without-an-invite-d2baf4c3be06?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, bug-bounty, bug-bounty-hunter, ethical-hacking, pentesting21-Mar-2025
File Upload Bypass: Pulling off The Ultimate Disrespecthttps://sudosuraj.medium.com/file-upload-bypass-pulling-off-the-ultimate-disrespect-d7200be31717?source=rss------bug_bounty-5sudosurajfile-upload-bypass, file-upload-vulnerability, bug-bounty-tips, sudosuraj, bug-bounty21-Mar-2025
best google dorkinghttps://mknayek101.medium.com/best-google-dorking-00ccc375d415?source=rss------bug_bounty-5MkNayekbug-bounty21-Mar-2025
How I Earned $700 in Just 10 Minutes by Finding a Path Traversal Vulnerabilityhttps://theindiannetwork.medium.com/how-i-earned-700-in-just-10-minutes-by-finding-a-path-traversal-vulnerability-ef311fe25515?source=rss------bug_bounty-5TheIndianNetworkfile-path-traversal, path-traversal, directory-traversal, directory-listing, bug-bounty21-Mar-2025
How to Route Traffic from WSL to Burp Suite on Windows: A Step-by-Step Guidehttps://infosecwriteups.com/how-to-route-traffic-from-wsl-to-burp-suite-on-windows-a-step-by-step-guide-38d58f65b21a?source=rss------bug_bounty-5coffinxphacking, burpsuite, penetration-testing, bug-bounty-tips, bug-bounty21-Mar-2025
Get $5000: GitHub Dorks & Leakshttps://infosecwriteups.com/get-5000-github-dorks-leaks-b26728099d38?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, bug-bounty, hacking, infosec, github21-Mar-2025
Advanced Bug Bounty: API Key and Token Leaks — Tools, Techniques, and Exploitationhttps://infosecwriteups.com/advanced-bug-bounty-api-key-and-token-leaks-tools-techniques-and-exploitation-7d3fcb3b5fb7?source=rss------bug_bounty-5Ajay Naikcybersecurity, information-security, api, bug-bounty, bug-bounty-tips21-Mar-2025
Top Cybersecurity Toolshttps://medium.com/@cy3ek/top-cybersecurity-tools-42b50ee678e2?source=rss------bug_bounty-5cybrklinux, hacking, tools, bug-bounty21-Mar-2025
Understanding the Psychology of Bug Bounty Triage Teams — Why Some Bugs Get Marked as Duplicates…https://infosecwriteups.com/understanding-the-psychology-of-bug-bounty-triage-teams-why-some-bugs-get-marked-as-duplicates-cab9195c6f58?source=rss------bug_bounty-5Vivek PSethical-hacking, cybersecurity, bug-bounty, programming21-Mar-2025
CSRF TO ACCOUNT TAKEOVERhttps://levi4.medium.com/csrf-to-account-takeover-83cacd848903?source=rss------bug_bounty-5Levi Ackermancybersecurity, security, web, hacking, bug-bounty21-Mar-2025
Top 10 Terminal-Based Bug Hunting Tools in 2025https://medium.com/@cybertips96/top-10-terminal-based-bug-hunting-tools-in-2025-9c61e8d79aba?source=rss------bug_bounty-5Cybertipsbug-bounty, technology21-Mar-2025
Top 10 Chrome/Brave Extensions for Bug Hunting in 2025https://medium.com/@cybertips96/top-10-chrome-brave-extensions-for-bug-hunting-in-2025-242b09b8ec45?source=rss------bug_bounty-5Cybertipstechnology, bug-bounty21-Mar-2025
5 Most Useful Websites for Bug Hunters to Knowhttps://medium.com/@vipulsonule71/5-most-useful-websites-for-bug-hunters-to-know-7094055e1e4b?source=rss------bug_bounty-5Vipul Sonulehacking, ethical-hacking, penetration-testing, bug-bounty-writeup, bug-bounty21-Mar-2025
The Power of Bug Bounty Hunting: Strengthening Your Security Posturehttps://medium.com/@jkyne6368/the-power-of-bug-bounty-hunting-strengthening-your-security-posture-dfb77a2869d3?source=rss------bug_bounty-5Jordillacybersecurity, vulnerability, penetration-testing, bug-bounty, security21-Mar-2025
What is a web fuzzer, when to use it and how to use it?https://medium.com/@pars_87944/what-is-a-web-fuzzer-when-to-use-it-and-how-to-use-it-b2e2b720fa7a?source=rss------bug_bounty-5Pars SARICActf, fuzzers, hacking, webfuzzing, bug-bounty21-Mar-2025
The Ultimate Feroxbuster Cheat Sheet: Faster & Better Than Others?https://medium.com/@cybrpunked/the-ultimate-feroxbuster-cheat-sheet-faster-better-than-others-2fbe7d875d77?source=rss------bug_bounty-5Cybrpunkedbug-bounty, ethical-hacking, red-team, cybersecurity, penetration-testing21-Mar-2025
What Is Cybersecurity? (And Why It’s Like Locking Your Front Door)https://medium.com/@ahmadjaved09/what-is-cybersecurity-and-why-its-like-locking-your-front-door-552b0772c0fa?source=rss------bug_bounty-5Ahmad Javedhacking, bug-bounty, pentesting, cybersecurity, digital-self-defense21-Mar-2025
Advanced Dorking Techniques for Bug Bounty Hunters: Part 3https://hackersatty.medium.com/advanced-dorking-techniques-for-bug-bounty-hunters-part-3-2bdadc8acf38?source=rss------bug_bounty-5hackersattyhackersatty, google-dorking, xss-attack, bug-bounty-tips, bug-bounty21-Mar-2025
Top Tools for Ethical Hackers in 2025https://medium.com/@vipulsonule71/top-tools-for-ethical-hackers-in-2025-7f15d53f14d8?source=rss------bug_bounty-5Vipul Sonulebug-bounty, ethical-hacking, tech, hacking, penetration-testing21-Mar-2025
5 Game-Changing Websites Every Bug Hunter Must Know! ️‍♂️https://medium.com/@vipulsonule71/5-most-useful-websites-for-bug-hunters-to-know-7094055e1e4b?source=rss------bug_bounty-5Vipul Sonulehacking, ethical-hacking, penetration-testing, bug-bounty-writeup, bug-bounty21-Mar-2025
Cryptographic Failures: Advanced Insights and Real-World Attackshttps://cyberw1ng.medium.com/cryptographic-failures-advanced-insights-and-real-world-attacks-bb6230f9f5be?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, bug-bounty, careers, technology, cybersecurity21-Mar-2025
Access Control Vulnerability:https://medium.com/@520hazem/access-control-vulnerability-67c0064190c9?source=rss------bug_bounty-5Hazemaccess-control, portswigger, bug-bounty, portswigger-lab, pentesting21-Mar-2025
Bypassing Open Redirect Mitigations: How I Exploited a Trusted Platformhttps://take0verx0.medium.com/bypassing-open-redirect-mitigations-how-i-exploited-a-trusted-platform-8130938083ed?source=rss------bug_bounty-5Shahariar Aminopen-redirect, bypass-wrapper, bug-bounty21-Mar-2025
Blog view count manipulation by automated requests.https://take0verx0.medium.com/blog-view-count-manipulation-by-automated-requests-942eac11c233?source=rss------bug_bounty-5Shahariar Aminbug-bounty21-Mar-2025
The rate limiting request /api/auth/_log is not used causing all APIs to crash.https://medium.com/@VulnRAM/the-rate-limiting-request-api-auth-log-is-not-used-causing-all-apis-to-crash-87dc89c4f178?source=rss------bug_bounty-5ramzey elsayed mohamedbug-bounty, bug-bounty-writeup, penetration-testing, bug-bounty-tips, bugs21-Mar-2025
Authentication Bypass Vulnerability — Impersonation on Article Commentshttps://take0verx0.medium.com/authentication-bypass-vulnerability-impersonation-on-article-comments-97169213b07c?source=rss------bug_bounty-5Shahariar Aminauthentication-bypass, bug-bounty21-Mar-2025
Business Logichttps://medium.com/@520hazem/business-logic-53377a732c8c?source=rss------bug_bounty-5Hazembusiness-logic-flaw, portswigger, portswigger-lab, bug-bounty, business-logic21-Mar-2025
$100 for a Filthy Enterprise Email Leaks in source code.https://medium.com/@rootplinix/100-for-a-filthy-enterprise-email-leaks-in-source-code-c9ddf118d9ae?source=rss------bug_bounty-5Abu Hurayrainfosec, bug-bounty, writeup, hacking, cybersecurity21-Mar-2025
How to Get Root Privilege after getting foothold [ EJPT Notes]https://infosecwriteups.com/how-to-get-root-privilege-after-getting-foothold-ejpt-notes-ce526a535ca3?source=rss------bug_bounty-5Mr Horbiocybersecurity, hacking, bug-bounty, ethical-hacking, privilege-escalation21-Mar-2025
Bug Hunting with HTTPX: A Powerful Security Tool in 2025 ✅https://medium.com/@cybertips96/bug-hunting-with-httpx-a-powerful-security-tool-in-2025-1b20a8425f62?source=rss------bug_bounty-5Cybertipstechnology, bug-bounty, hackerone-report, http-status-code21-Mar-2025
Cryptographic Failures: Advanced Insights and Real-World Attackshttps://osintteam.blog/cryptographic-failures-advanced-insights-and-real-world-attacks-bb6230f9f5be?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, bug-bounty, careers, technology, cybersecurity21-Mar-2025
Mobile Number Verification Bypass CWE-840 Business Logic Errorhttps://medium.com/@VulnRAM/mobile-number-verification-bypass-cwe-840-business-logic-error-1cd80b0bced5?source=rss------bug_bounty-5ramzey elsayed mohamedbug-bounty, pentesting, bug-bounty-writeup, bug-bounty-tips20-Mar-2025
How I Made $5000 in 1 Hour Finding 5 SQLi Vulnerabilities Manuallyhttps://medium.com/@ibtissamhammadi/how-i-made-5000-in-1-hour-finding-5-sqli-vulnerabilities-manually-bfbff1c02a47?source=rss------bug_bounty-5Ibtissam Hammadicybersecurity, sql, web-security, bug-bounty, ethical-hacking20-Mar-2025
How I Made $1,000,000 in Bug Bounties — Finding a Simple $500,000+ Vulnerability with Just a…https://theindiannetwork.medium.com/how-i-made-1-000-000-in-bug-bounties-finding-a-simple-500-000-vulnerability-with-just-a-d5e224041c6e?source=rss------bug_bounty-5TheIndianNetworkidor-vulnerability, api-security, bug-bounty-tips, bug-bounty, bug-bounty-writeup20-Mar-2025
How I Earned $2000 from SQL Injection: A Bug Hunter’s Guidehttps://theindiannetwork.medium.com/how-i-earned-2000-from-sql-injection-a-bug-hunters-guide-3fb2bb0c51bd?source=rss------bug_bounty-5TheIndianNetworkbug-bounty, sql-injection, database-hack, bug-bounty-tips, sql-injection-attack20-Mar-2025
From Zero to Hero: Hunting High-Paying Open Redirect Bugs in Web Appshttps://infosecwriteups.com/from-zero-to-hero-hunting-high-paying-open-redirect-bugs-in-web-apps-fdb80286236e?source=rss------bug_bounty-5coffinxppenetration-testing, cybersecurity, bug-bounty-tips, bug-bounty-writeup, bug-bounty20-Mar-2025
Ghost in the Machine: Advanced Persistent Threats (APTs) Hiding in Firmware and Hardware-Level…https://medium.com/@paritoshblogs/ghost-in-the-machine-advanced-persistent-threats-apts-hiding-in-firmware-and-hardware-level-e2c228c4839d?source=rss------bug_bounty-5Paritoshcybersecurity, hacking, information-technology, bug-bounty, apt20-Mar-2025
One Year of Cybersecurity Writing: Lessons, Insights & What’s Next!https://medium.com/@verylazytech/one-year-of-cybersecurity-writing-lessons-insights-whats-next-beb1cff93805?source=rss------bug_bounty-5Very Lazy Techthank-you, hacking, growth, bug-bounty, cybersecurity20-Mar-2025
Part 1: How I dumped 5,000,000 emails by reading admin panel JS code.https://medium.com/@alimuhammadsecured/how-i-dumped-5-000-000-emails-by-reading-admin-panel-js-code-bb8cfe23bcab?source=rss------bug_bounty-5Alimuhammadsecuredhacking, vulnerability, bug-bounty, red-team, ethicalhackin20-Mar-2025
✅ Step-by-Step Guide: Install WSL (Windows Subsystem for Linux) Terminalhttps://medium.com/@cybertips96/step-by-step-guide-install-wsl-windows-subsystem-for-linux-terminal-674813db62fa?source=rss------bug_bounty-5Cybertipsbug-bounty20-Mar-2025
Server-Side Request Forgery (SSRF) Explainedhttps://medium.com/@abdelrahmanahmetoglu/server-side-request-forgery-ssrf-explained-46cc1468b9ba?source=rss------bug_bounty-5Abdelrahmanahmetogluweb-security, cybersecurity, bug-bounty, web-development, ssrf20-Mar-2025
Easy $250: Discovered Exposed .env Fileshttps://medium.com/@Abhijeet_kumawat_/easy-250-discovered-exposed-env-files-762204fcedcd?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, infosec, cybersecurity, hacking, secrets20-Mar-2025
✅ Step-by-Step Guide: Install and Configure Oh My Posh in Windows Terminal (WSL)https://medium.com/@cybertips96/step-by-step-guide-install-and-configure-oh-my-posh-in-windows-terminal-wsl-080fc7d9f11c?source=rss------bug_bounty-5Cybertipspromptengineeringchatgpt, artificial-intelligence, bug-bounty, psychology, technology20-Mar-2025
Full Account Takeover via XSS: My Bug Hunting Win… or Was It?https://mushirsyed.medium.com/full-account-takeover-via-xss-my-bug-hunting-win-or-was-it-3b3fb05c25a9?source=rss------bug_bounty-5Syed Mushirxss-vulnerability, bug-hunting, account-takeover, bug-bounty, xss-attack20-Mar-2025
I Bypassed WAF To Escalate SQLI ~Reward HOFhttps://ajakcybersecurity.medium.com/i-bypassed-waf-to-escalate-sqli-reward-hof-00c5ddb0053e?source=rss------bug_bounty-5AJAK Cyber Academycybersecurity, learning, hacking, bug-bounty, penetration-testing20-Mar-2025
How to Approach a Target for Bug Hunting ✨https://medium.com/@vipulsonule71/how-to-approach-a-target-for-bug-hunting-81f8ce89cdf3?source=rss------bug_bounty-5Vipul Sonuleethical-hacking, penetration-testing, cybersecurity, bug-bounty, hacking20-Mar-2025
Mastering Recon in Bug Bounty: Advanced Techniques for 2025https://medium.com/@hackerfromhills/mastering-recon-in-bug-bounty-advanced-techniques-for-2025-1c8b5f3c43b9?source=rss------bug_bounty-5Badal kathayathacker, bug-bounty-writeup, hacking, bug-bounty-tips, bug-bounty20-Mar-2025
Improper Access Control Worth $$$ Bountyhttps://medium.com/@mohaned0101/improper-access-control-worth-bounty-e8706ab3a3ec?source=rss------bug_bounty-5mohaned alkhlotbug-bounty, bug-bounty-tips20-Mar-2025
How I Took Admin Account via JWT Bypasshttps://medium.com/@shyam.sam0704/how-i-took-admin-account-via-jwt-bypass-5eb96430c2ad?source=rss------bug_bounty-5Shyamvulnerability-management, jwt-authentication, bug-bounty-writeup, bug-bounty, jwt-exploitation20-Mar-2025
Self-Hosted vs. Third-Party Bug Bounty Platforms: Key Differences Explainedhttps://medium.com/@cybertips96/self-hosted-vs-third-party-bug-bounty-platforms-key-differences-explained-16358ac9488c?source=rss------bug_bounty-5Cybertipstechnology, programming, bug-bounty20-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-121)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-121-f00a0b2a9abe?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, hacking, bug-bounty, bug-bounty-tips, cybersecurity20-Mar-2025
When Life Gave Me a 500 Error, I Found AWS Keys Instead! $$RFhttps://medium.com/@iski/when-life-gave-me-a-500-error-i-found-aws-keys-instead-rf-b416f8ca68f8?source=rss------bug_bounty-5Iskibug-bounty, cybersecurity, bug-bounty-tips, aws20-Mar-2025
Cryptographic Failures: A Comprehensive Guidehttps://cyberw1ng.medium.com/cryptographic-failures-a-comprehensive-guide-410064fe6e4e?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, cybersecurity, careers, bug-bounty, technology20-Mar-2025
Finding and Exploiting XSS in a CRM (and getting paid for it)https://medium.com/@AlasdairGorniak/finding-and-exploiting-xss-in-a-crm-and-getting-paid-for-it-71e2767faeba?source=rss------bug_bounty-5Alasdair Gorniakxss-attack, ethical-hacking, cybersecurity, bug-bounty, hacking20-Mar-2025
No Rate Limiting on Login Endpoint — A Brute Force Vulnerabilityhttps://medium.com/@cybermanx07/no-rate-limiting-on-login-endpoint-a-brute-force-vulnerability-d1300848b445?source=rss------bug_bounty-5Cyber Manethical-hacking, web-security, cybersecurity, burpsuite, bug-bounty19-Mar-2025
Active Directory Federation Services (AD FS)https://medium.com/@paritoshblogs/active-directory-federation-services-ad-fs-1b7c38929964?source=rss------bug_bounty-5Paritoshcybersecurity, information-technology, active-directory, hacking, bug-bounty19-Mar-2025
[CVE Anniversary Activity] CVE report analysis, exclusive activity is now open!https://medium.com/@security.tecno/cve-exclusive-activity-analyze-12-cve-reports-and-start-a-reward-activity-4bab97436b06?source=rss------bug_bounty-5TECNO Securityhacking, cve, security, report, bug-bounty19-Mar-2025
From SSRF to $$$: How I Hacked Autodesk’s Rendering Service and Earned a Bug Bountyhttps://cybersecuritywriteups.com/from-ssrf-to-how-i-hacked-autodesks-rendering-service-and-earned-a-bug-bounty-da444900f7d9?source=rss------bug_bounty-5Krish_cyberosint, bug-bounty-writeup, cybersecurity, bug-bounty, info-sec-writeups19-Mar-2025
BugYatri - web2 & web3 BugBounty Platform for BugHunters!!!https://medium.com/@bugyatri/bugyatri-web2-web3-bugbounty-platform-for-bughunters-476826513b6f?source=rss------bug_bounty-5BugYatribug-bounty, bounty-program, cybersecurity, web3, web19-Mar-2025
A great tool that will be helpful in your bug bounty&pentesting journey.https://infosecwriteups.com/a-great-tool-that-will-be-helpful-in-your-bug-bounty-pentesting-journey-8ce118f4ea00?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, hacking, penetration-testing, tips19-Mar-2025
Users Without Roles/Member Roles Can Create Private Repositories And Secret Teams In Github…https://rhidayah.medium.com/users-without-roles-member-roles-can-create-private-repositories-and-secret-teams-in-github-8fec746ac684?source=rss------bug_bounty-5Rohmad Hidayahbroken-access-control, bug-bounty-writeup, privilege-escalation, bug-bounty, github19-Mar-2025
The Role of Ethical Hackers in Web3 Securityhttps://medium.com/@somtoochukwu65/the-role-of-ethical-hackers-in-web3-security-4b12579da1ef?source=rss------bug_bounty-5Divine Somtoochukwu Innocentblockchain-security, ethical-hacking, web3-security, cyber-threats-2025, bug-bounty19-Mar-2025
Users Without Roles/Member Roles Can Create Private Repositories And Secret Teams In Github…https://infosecwriteups.com/users-without-roles-member-roles-can-create-private-repositories-and-secret-teams-in-github-8fec746ac684?source=rss------bug_bounty-5Rohmad Hidayahbroken-access-control, bug-bounty-writeup, privilege-escalation, bug-bounty, github19-Mar-2025
15+ Linux Environment Variables Hackers Use (You Should Too!)https://medium.com/@verylazytech/15-linux-environment-variables-hackers-use-you-should-too-f4b9397098dd?source=rss------bug_bounty-5Very Lazy Techcybersecurity, penetration-testing, bug-bounty, environmental-variables, hacking19-Mar-2025
Hacking Open Docker Registries: Pulling, Extracting, and Exploiting Images.https://infosecwriteups.com/hacking-open-docker-registries-pulling-extracting-and-exploiting-images-339f41fbf9b4?source=rss------bug_bounty-5nav1nrce-vulnerability, docker, sql-injection, bug-bounty, unauthorized-access19-Mar-2025
How I Got Access to Berkeley University’s One Of Server Using the Legendary ‘admin: admin’ Creds!https://hiddendom.medium.com/how-i-got-access-to-berkeley-universitys-one-of-server-using-the-legendary-admin-admin-creds-64394e6b3152?source=rss------bug_bounty-5Gokuleswaran Bbug-bounty-writeup, penetration-testing, bug-bounty, ethical-hacking, bug-bounty-tips19-Mar-2025
“Secret Keys to Cash: Finding Hidden Flaws for Bug Bounties”https://medium.com/@dimpchubb/secret-keys-to-cash-finding-hidden-flaws-for-bug-bounties-c67ee06dd3eb?source=rss------bug_bounty-5VulnerabilityIntelbug-bounty-writeup, hacking, bug-bounty, penetration-testing, bug-bounty-tips19-Mar-2025
Exclusive Exploit for Sale — Unlock Advanced Security Testing Potential - $$$$ BOUNTYhttps://medium.com/@ajaynaikhack/exclusive-exploit-for-sale-unlock-advanced-security-testing-potential-bounty-197a2cda3c9c?source=rss------bug_bounty-5Ajay Naikpenetration-testing, information-technology, cybersecurity, bug-bounty, information-security19-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-120)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-120-034170afece7?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, bug-bounty-tips, hacking, ethical-hacking19-Mar-2025
HTTP Request Smuggling: Advanced Security Testing Guide and Exploitation Techniqueshttps://infosecwriteups.com/http-request-smuggling-advanced-security-testing-guide-and-exploitation-techniques-1d4dac9a826a?source=rss------bug_bounty-5Ajay Naikbug-bounty, information-security, information-technology, penetration-testing, http-request-smuggling19-Mar-2025
HTTP: The Invisible Language of the Web (And How Hackers Exploit It)https://medium.com/@sobatistacyber/http-the-invisible-language-of-the-web-and-how-hackers-exploit-it-83456833c4c5?source=rss------bug_bounty-5SoBatistahttps, bug-bounty, burpsuite, penetration-testing, hacking19-Mar-2025
No Tools, No Problem — Another Fun Bug Hunting Story!https://strangerwhite.medium.com/no-tools-no-problem-another-fun-bug-hunting-story-22c234331bfd?source=rss------bug_bounty-5StrangeRwhitehacking, information-technology, cyberaware, cybersecurity, bug-bounty19-Mar-2025
Automating Subdomain Takeover Discovery with Shell Scriptinghttps://icecream23.medium.com/automating-subdomain-takeover-discovery-with-shell-scripting-e9016ee77ddd?source=rss------bug_bounty-5Aman Bhuiyanbug-bounty, takeovers, recon, bug-bounty-writeup19-Mar-2025
DOM XSS in portswiggerhttps://medium.com/@testwebsite1244/dom-xss-in-portswigger-50678427bc0f?source=rss------bug_bounty-5Odayportswigger, burpsuite, bug-bounty19-Mar-2025
Why Threat Modeling is a Game Changer for Application Securityhttps://medium.com/@8459vismay/why-threat-modeling-is-a-game-changer-for-application-security-27a225c28f4e?source=rss------bug_bounty-5Vismay Patilcybersecurity, penetration-testing, threat-modeling, bug-bounty, ethical-hacking19-Mar-2025
️ How to Use Nuclei for Bug Huntinghttps://medium.com/@vipulsonule71/%EF%B8%8F-how-to-use-nuclei-for-bug-hunting-413f3496a335?source=rss------bug_bounty-5Vipul Sonulepenetration-testing, hacking, bug-bounty, technology, ethical-hacking19-Mar-2025
Part-3 | Deep Recon Methodology for Bug Bounty Huntershttps://infosecwriteups.com/part-3-deep-recon-methodology-for-bug-bounty-hunters-cd7139eed7e4?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, recon, hacking, infosec, bug-bounty19-Mar-2025
Hacking APIs: Bypassing Rate Limitinghttps://iaraoz.medium.com/hacking-apis-bypassing-rate-limiting-0c7bd075b86c?source=rss------bug_bounty-5Israel Aráoz Severichehacking, appsec, owasp-top-10, bug-bounty, cybersecurity19-Mar-2025
Udemy Savings: Get F5 BIG-IP Courses for Less!https://medium.com/@deepdive4learn/udemy-savings-get-f5-big-ip-courses-for-less-635e7d9cf449?source=rss------bug_bounty-5DeepDive4learncybersecurity, networking, bug-bounty, web, application-security19-Mar-2025
“Unveiled: The Dark Side of Bugcrowd — Unfair Rejections and a Warning to Hackers”https://monsifhmouri.medium.com/unveiled-the-dark-side-of-bugcrowd-unfair-rejections-and-a-warning-to-hackers-ca9d8572ad63?source=rss------bug_bounty-5MONSIF HMOURIbug-bounty, bugcrowd, ethical-hacking19-Mar-2025
$12,900 in Bounties in My First Month of Bug Hunting with Ax Frameworkhttps://medium.com/@EthicalOffsec/12-900-in-bounties-in-my-first-month-of-bug-hunting-with-ax-framework-6d530d25c1c2?source=rss------bug_bounty-50xtavianbug-bounty, bug-bounty-writeup, penetration-testing, hacking, bug-bounty-tips19-Mar-2025
$50K Bounty Just for GitHub Access Token exposurehttps://medium.com/@hrofficial62/50k-bounty-just-for-github-access-token-exposure-d92dcc34eb4d?source=rss------bug_bounty-5Mr Horbiopentesting, cybersecurity, hacking, ethical-hacking, bug-bounty19-Mar-2025
File Inclusion Vulnerabilities: Advanced Exploitation and Mitigation Techniqueshttps://cyberw1ng.medium.com/file-inclusion-vulnerabilities-advanced-exploitation-and-mitigation-techniques-6b47cb6547fd?source=rss------bug_bounty-5Karthikeyan Nagarajtechnology, cybersecurity, bug-bounty, programming, careers19-Mar-2025
♂️ “From Zero to Hero: How 2FA Bypass Turned Me Into a Bug Bounty Legend”https://osintteam.blog/%EF%B8%8F-from-zero-to-hero-how-2fa-bypass-turned-me-into-a-bug-bounty-legend-8eb0b815aaf9?source=rss------bug_bounty-5Krish_cyberbug-bounty, infosec-write-ups, osint, cybersecurity, bug-bounty-writeup19-Mar-2025
File Inclusion Vulnerabilities: Advanced Exploitation and Mitigation Techniqueshttps://osintteam.blog/file-inclusion-vulnerabilities-advanced-exploitation-and-mitigation-techniques-6b47cb6547fd?source=rss------bug_bounty-5Karthikeyan Nagarajtechnology, cybersecurity, bug-bounty, programming, careers19-Mar-2025
Dark Web and Phishing Kits: Exploring the Underground Market for Phishing Toolshttps://medium.com/@paritoshblogs/dark-web-and-phishing-kits-exploring-the-underground-market-for-phishing-tools-a645a9b962f1?source=rss------bug_bounty-5Paritoshhacking, bug-bounty, information-technology, phishing, cybersecurity18-Mar-2025
How to Hacking Amazon Simple Notification Service @amazonhttps://medium.com/@mo7mead/how-to-hacking-amazon-simple-notification-service-amazon-14ff463c402c?source=rss------bug_bounty-5mo7meadcybersecurity, bug-bounty, penetration-testing, bug-bounty-tips18-Mar-2025
Mastering F5 ASM: Web Application Security Like a Pro!https://medium.com/@deepdive4learn/mastering-f5-asm-web-application-security-like-a-pro-2f390613b68a?source=rss------bug_bounty-5DeepDive4learnowasp-top-10, web-development, cybersecurity, bug-bounty, api18-Mar-2025
ChatGPT Jailbreaking: A Sneaky Loophole That Exposes Ethical Gapshttps://medium.com/@dharineeshj2/chatgpt-jailbreaking-a-sneaky-loophole-that-exposes-ethical-gaps-1f3dcf015bf6?source=rss------bug_bounty-5Hack-Batbug-bounty, llm, hacking, cybersecurity, prompt-engineering18-Mar-2025
CRLF Injection: Guide to Finding & Exploiting Vulnerabilitieshttps://infosecwriteups.com/crlf-injection-guide-to-finding-exploiting-vulnerabilities-ec2d55805cc4?source=rss------bug_bounty-5Abhijeet Kumawatcrlf-injection, hacking, cybersecurity, infosec, bug-bounty18-Mar-2025
ZeroCopter Programs for Bug Huntinghttps://osintteam.blog/zerocopter-programs-for-bug-hunting-6b73c4d97fe5?source=rss------bug_bounty-5AbhirupKonwarbug-hunting, pentesting, bug-bounty-tips, ethical-hacking, bug-bounty18-Mar-2025
Modern XSS Challenges: Beyond the Basicshttps://infosecwriteups.com/modern-xss-challenges-beyond-the-basics-90bd9d931e30?source=rss------bug_bounty-5Dhanush Nbug-bounty-writeup, bug-bounty, security, xss-attack, bug-bounty-tips18-Mar-2025
️ How to Be an Ethical Hacker: A Complete Guidehttps://medium.com/@vipulsonule71/%EF%B8%8F-how-to-be-an-ethical-hacker-a-complete-guide-dfa8437aa2d9?source=rss------bug_bounty-5Vipul Sonulebug-bounty, ethical-hacking, cybersecurity, penetration-testing, hacking18-Mar-2025
How to find IDORs like a prohttps://medium.com/@bxrowski0x/how-to-find-idors-like-a-pro-158cf23baf23?source=rss------bug_bounty-5Omar ElSayedinfo-sec-writeups, bug-bounty, infosec, idor, cybersecurity18-Mar-2025
The Ultimate Guide to Setting Up ezXSS on Oracle Cloud Free Tier ARM Serverhttps://medium.com/@curiouskhanna/the-ultimate-guide-to-setting-up-ezxss-on-oracle-cloud-free-tier-arm-server-a60677b2ac2a?source=rss------bug_bounty-5Shubham Khannacybersecurity, blind-xss, bug-bounty, xss-attack18-Mar-2025
CSRF to XSS: Chaining Vulnerabilities for Critical Bug Bountieshttps://krishna-cyber.medium.com/csrf-to-xss-chaining-vulnerabilities-for-critical-bug-bounties-804bced55bb3?source=rss------bug_bounty-5Krish_cyberosint, infosec-write-ups, bug-bounty-writeup, bug-bounty, cybersecurity18-Mar-2025
Can You Find a $4,500 Bug in Google Slides in Under 3 Hourshttps://medium.com/@ibtissamhammadi/can-you-find-a-4-500-bug-in-google-slides-in-under-3-hours-69e9113ccfd3?source=rss------bug_bounty-5Ibtissam Hammadigoogle, bug-hunting, ethical-hacking, cybersecurity, bug-bounty18-Mar-2025
Bug Bounty Hunting in 2025: How to Earn Big with the Best Tools & Platformshttps://medium.com/@modernshubhamgupta/bug-bounty-hunting-in-2025-how-to-earn-big-with-the-best-tools-platforms-a04e66d6575f?source=rss------bug_bounty-5Shubham Rajbug-bounty-tips, bug-bounty, money-making-ideas, cybersecurity, ethical-hacking18-Mar-2025
How to Make Your First $100,000 in Bug Bountyhttps://medium.com/@hackerfromhills/how-to-make-your-first-100-000-in-bug-bounty-51e10cda8f11?source=rss------bug_bounty-5Badal kathayatbug-bounty-tips, bug-hunter, bug-bounty, hacking, bug-bounty-writeup18-Mar-2025
Hacking With Cookieshttps://medium.com/cloud-security/hacking-with-cookies-99d8308169f0?source=rss------bug_bounty-5Teri Radichelpentesting, cookies, penetration-testing, bug-bounty, hacking18-Mar-2025
Some Ways to Find More IDOR Vulnerabilitieshttps://medium.com/@vipulsonule71/some-ways-to-find-more-idor-vulnerabilities-5648f2f6baa7?source=rss------bug_bounty-5Vipul Sonuleethical-hacking, bug-bounty, penetration-testing, hacking, technology18-Mar-2025
The Ultimate Guide to CDX API for Bug Bounty Reconhttps://myselfakash20.medium.com/the-ultimate-guide-to-cdx-api-for-bug-bounty-recon-e98c36d033ed?source=rss------bug_bounty-5Akash Ghoshbug-bounty, bug-bounty-tips, bug-bounty-writeup, programming, cybersecurity18-Mar-2025
Open Redirect Vulnerability: A Detailed Overview and How I Discovered Ithttps://theindiannetwork.medium.com/open-redirect-vulnerability-a-detailed-overview-and-how-i-discovered-it-b95a228f6047?source=rss------bug_bounty-5TheIndianNetworkbug-bounty, open-redirect-vurnability, open-redirect, open-redirection, bug-bounty-tips18-Mar-2025
Understanding File Inclusion Vulnerabilities: A Practical Guidehttps://cyberw1ng.medium.com/understanding-file-inclusion-vulnerabilities-a-practical-guide-25a22c461c2b?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, technology, programming, careers, bug-bounty18-Mar-2025
How I Made $3000 in 3 Minutes with SQLihttps://medium.com/@ibtissamhammadi/how-i-made-3000-in-3-minutes-with-sqli-d32c7f29c869?source=rss------bug_bounty-5Ibtissam Hammadidatabase, bug-bounty, cybersecurity, sql, ethical-hacking17-Mar-2025
Bug Bounty: Cookie timeline utilization when the system uses multiple authentication cookieshttps://medium.com/@expression4865/bug-bounty-cookie-timeline-utilization-when-the-system-uses-multiple-authentication-cookies-7d2e6cc68c34?source=rss------bug_bounty-5expression4865bug-bounty, csrf, xss-attack17-Mar-2025
Subdomain Found! Now What? Next Steps for Bug Huntershttps://infosecwriteups.com/subdomain-found-now-what-next-steps-for-bug-hunters-df8fd79c73b7?source=rss------bug_bounty-5Monika sharmahacking, penetration-testing, bug-bounty-tips, bug-bounty, technology17-Mar-2025
[Best of February — M3Di] From Forest to Code: Transformational Security Researcher Growth Noteshttps://medium.com/@security.tecno/best-of-february-m3di-from-forest-to-code-transformational-security-researcher-growth-notes-5079ac24d1b4?source=rss------bug_bounty-5TECNO Securityapp-development, hacking, bug-bounty, hacker, security17-Mar-2025
Introduction to web3https://doordiefordream.medium.com/introduction-to-web3-b78aa109ced0?source=rss------bug_bounty-5DOD cyber solutionsweb3, blockchain, technology, bug-bounty, ethical-hacking17-Mar-2025
Bug Bounty: Cookie timeline utilization when the system uses multiple authentication cookieshttps://medium.com/@smilemil/bug-bounty-cookie-timeline-utilization-when-the-system-uses-multiple-authentication-cookies-7d2e6cc68c34?source=rss------bug_bounty-5smilemilbug-bounty, csrf, xss-attack17-Mar-2025
Best Bug Bounty Tips of 2025!https://systemweakness.com/best-bug-bounty-tips-of-2025-6f5368491526?source=rss------bug_bounty-5Imad Husanovicbug-bounty, bug-bounty-tips, programming, cybersecurity, hacking17-Mar-2025
How I Bypassed a Firewall, Leading to a Successful SQL Injection Exploithttps://medium.com/@AhmedSamy-X/how-i-bypassed-a-firewall-leading-to-a-successful-sql-injection-exploit-aa605996e163?source=rss------bug_bounty-5Ahmedsamybug-bounty-tips, sql-injection, bug-bounty, cybersecurity, web-exploitation17-Mar-2025
Master Subdomain Enumeration: Step-by-Step Guide to Installing and Using Subfinderhttps://medium.com/@GrayWhite/master-subdomain-enumeration-step-by-step-guide-to-installing-and-using-subfinder-8a9c9b1d0ee9?source=rss------bug_bounty-5CrookSechacking, bug-bounty, cybersecurity17-Mar-2025
Using the full potential of BuiltWith for bug bountyhttps://medium.com/@loyalonlytoday/using-the-full-potential-of-builtwith-for-bug-bounty-24b6145dba44?source=rss------bug_bounty-5loyalonlytodayreconnaissance, bug-bounty, cybersecurity, penetration-testing, tips17-Mar-2025
Is Your Website Vulnerable? Discover the Power of Content Security Policy (CSP)!https://medium.com/@verylazytech/is-your-website-vulnerable-discover-the-power-of-content-security-policy-csp-6b1db2c5779f?source=rss------bug_bounty-5Very Lazy Techcybersecurity, bug-bounty, vulnerability, web-penetration-testing, csp17-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-119)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-119-6da43af9002c?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, ethical-hacking, hacking, bug-bounty, cybersecurity17-Mar-2025
How to start hacking with use AIhttps://medium.com/@vipulsonule71/how-to-start-hacking-with-use-ai-29ff04942528?source=rss------bug_bounty-5Vipul Sonuleethical-hacking, bug-bounty, cybersecurity, penetration-testing, hacking17-Mar-2025
Exif Metadata Not Stripped Leak User Geolocationhttps://firdausmuhammadismail.medium.com/exif-metadata-not-stripped-leak-user-geolocation-67698e6a4ff5?source=rss------bug_bounty-5Firdaus Muhammad Ismailexif-data, bug-bounty, exiftool, server-security, bug-bounty-tips17-Mar-2025
Portswigger XSS Attack Lab 1https://medium.com/@yfhackerinfo/portswigger-xss-attack-lab-1-abf7e06b4344?source=rss------bug_bounty-5Your Friendly Hackercybersecurity, portswigger, bug-bounty, xss-attack, penetration-testing17-Mar-2025
bxbxbhttps://medium.com/@tbryzshmarhkhalh63/bxbxb-b01a7e6ce064?source=rss------bug_bounty-5شماره خاله تبریز =مشهد ـکرمان ـخوزستان ـ زاهدانـstartup, hx, artificial-intelligence, bug-bounty, software-development17-Mar-2025
How I Earned $15,000 from Bug Bounties: Buffer Overflow Exploit Explained (With Practical Code)https://theindiannetwork.medium.com/how-i-earned-15-000-from-bug-bounties-buffer-overflow-exploit-explained-with-practical-code-b662843f6e07?source=rss------bug_bounty-5TheIndianNetworkbuffer-overflow-exploits, buffer-overflow, bug-bounty, buffer-overflow-attack, bug-bounty-tips17-Mar-2025
How I Earned $12,000 Finding a Remote Command Execution Bug (With Real Exploit)https://theindiannetwork.medium.com/how-i-earned-12-000-finding-a-remote-command-execution-bug-with-real-exploit-18aaa66d2703?source=rss------bug_bounty-5TheIndianNetworkbug-bounty, bug-bounty-tips, rce, remote-command-execution, rce-vulnerability17-Mar-2025
Zero-Day Hunting for Rent: The Rise of Bug Bounty Mercenarieshttps://medium.com/dare-to-be-better/zero-day-hunting-for-rent-the-rise-of-bug-bounty-mercenaries-411c88954140?source=rss------bug_bounty-5Ahmad Javedzero-day-economy, penetration-testing, bug-bounty, hackers-for-hire, cybersecurity17-Mar-2025
Best Bug Bounty Tools for Hackers in 2025: Why Digi Astra is the Ultimate Choicehttps://medium.com/@modernshubhamgupta/best-bug-bounty-tools-for-hackers-in-2025-why-digi-astra-is-the-ultimate-choice-fd414bc41fa9?source=rss------bug_bounty-5Shubham Rajethical-hacking, bug-bounty-writeup, hacking, cybersecurity, bug-bounty17-Mar-2025
What Is Race Condition Vulnerabilityhttps://medium.com/@rawansa3ed2002/what-is-race-condition-vulnerability-e01cd1be0e9b?source=rss------bug_bounty-5Rawansaedbug-bounty, race-condition, ethical-hacking, cybersecurity, bug-hunting17-Mar-2025
Simple 2FA Bypass Techniques for Beginnershttps://cyberw1ng.medium.com/simple-2fa-bypass-techniques-for-beginners-edec48befa23?source=rss------bug_bounty-5Karthikeyan Nagarajtechnology, careers, programming, cybersecurity, bug-bounty17-Mar-2025
How to Earn $3000/Hour with a Critical Vulnerabilityhttps://medium.com/@ibtissamhammadi/how-to-earn-3000-hour-with-a-critical-vulnerability-7fe0f262d3e5?source=rss------bug_bounty-5Ibtissam Hammadibug-bounty, hacking, cybersecurity, ethical-hacking, bug-bounty-hunting17-Mar-2025
How I Discovered a P4 Bug on the U.S. Social Security Administrationhttps://osintteam.blog/how-i-discovered-a-p4-bug-on-the-u-s-social-security-administration-8236ecd2a003?source=rss------bug_bounty-5Xh081iXethical-hacking, bug-bounty-tips, infosec, bug-bounty, cybersecurity17-Mar-2025
$$$$ For Full Account Take-over, 2fa bypass, Sensitive data Exposure via Critical CORS…https://mr-pwner.medium.com/for-full-account-take-over-2fa-bypass-sensitive-data-exposure-via-critical-cors-310ee989179a?source=rss------bug_bounty-5Omarethical-hacking, cybersecurity, web-security, bug-bounty, account-takeover17-Mar-2025
Critical IDOR: Unrestricted Access to All Company Published Fileshttps://medium.com/@0xAhM3D/critical-idor-unrestricted-access-to-all-company-published-files-c8db77070e87?source=rss------bug_bounty-50xAhM3Dbug-bounty-tips, idor-vulnerability, bug-bounty, idor-poc, bug-bounty-writeup17-Mar-2025
How To Discover Hidden Endpoints️‍♂️https://medium.com/@Abhijeet_kumawat_/how-to-discover-hidden-endpoints-%EF%B8%8F-%EF%B8%8F-cc4c82c8a886?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, hacking, ai, infosec, cybersecurity17-Mar-2025
How To Discover Hidden Endpoints️‍♂️https://infosecwriteups.com/how-to-discover-hidden-endpoints-%EF%B8%8F-%EF%B8%8F-cc4c82c8a886?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, hacking, ai, infosec, cybersecurity17-Mar-2025
Simple 2FA Bypass Techniques for Beginnershttps://osintteam.blog/simple-2fa-bypass-techniques-for-beginners-edec48befa23?source=rss------bug_bounty-5Karthikeyan Nagarajtechnology, careers, programming, cybersecurity, bug-bounty17-Mar-2025
CVE-2025–26633: A Silent Threat in Windows MMC — What You Need to Knowhttps://medium.com/@jkyne6368/cve-2025-26633-a-silent-threat-in-windows-mmc-what-you-need-to-know-0f5156d97738?source=rss------bug_bounty-5Jordillainformation-security, ethical-hacking, bug-bounty, cve, cybersecurity16-Mar-2025
How I Hacked an E-Commerce Website & Found XSShttps://aiwolfie.medium.com/how-i-hacked-an-e-commerce-website-found-xss-75db71424d4a?source=rss------bug_bounty-5AIwolfiebug-bounty, bug-bounty-writeup, cybersecurity, html-injection, xss-attack16-Mar-2025
VERY BASIC - How I Solve CSRF in Portswigger Labhttps://medium.com/@aashifm/very-basic-how-i-solve-csrf-in-portswigger-lab-f090e3325a0e?source=rss------bug_bounty-5196.0.0.1cybersecurity, proxy, bug-bounty, csrf, burpsuite16-Mar-2025
My journey being hacker #1 in BOLIVIA 2024/2023https://medium.com/@vanpedrazas/my-journey-being-hacker-1-in-bolivia-2024-2023-7299d397a682?source=rss------bug_bounty-5Ivan Bernardo Pedrazas Rodriguezmotivation, life, cybersecurity, bug-bounty, life-lessons16-Mar-2025
A website that will be helpful in your bug bounty journey.https://infosecwriteups.com/a-website-that-will-be-helpful-in-your-bug-bounty-journey-de4f0f1721a8?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, ethical-hacking, cybersecurity, resources, bug-bounty16-Mar-2025
Reverse Engineering APIs with Burp2APIhttps://medium.com/@samhilliard/reverse-engineering-apis-with-burp2api-f333c7a8bab9?source=rss------bug_bounty-5Sam Hilliardbug-bounty, postman, reverse-engineering, burpsuite, pentesting16-Mar-2025
File Upload Vulnerabilities: How Hackers Exploit Them & How to Stay Securehttps://medium.com/@verylazytech/file-upload-vulnerabilities-how-hackers-exploit-them-how-to-stay-secure-fe75b4b5003c?source=rss------bug_bounty-5Very Lazy Techhacking, file-upload-bypass, unrestricted-file-upload, bug-bounty, file-upload-vulnerability16-Mar-2025
How to Start bug hunting in 2025https://medium.com/@vipulsonule71/how-to-start-bug-hunting-in-2025-6e131cefe1eb?source=rss------bug_bounty-5Vipul Sonulebug-bounty, penetration-testing, cybersecurity, hacking, technology16-Mar-2025
My journey being hacker #1 in BOLIVIA 2024/2023https://medium.com/@vanpedrazas/my-journey-being-hacker-1-in-bolivia-2024-2023-7299d397a682?source=rss------bug_bounty-5Ivan Bernardo Pedrazas Rodriguezmotivation, cybersecurity, bug-bounty, life-lessons, startup16-Mar-2025
Blind XSS: When Your Payloads Are Sneakier Than Your Exhttps://medium.com/@shadyfarouk1986/blind-xss-when-your-payloads-are-sneakier-than-your-ex-1321eec7af83?source=rss------bug_bounty-5Shady Faroukbug-bounty, vulnerability, bounty-hunter, pentesting16-Mar-2025
Ethical Hacking with ChatGPThttps://medium.com/@vipulsonule71/ethical-hacking-with-chatgpt-651bf8f00e81?source=rss------bug_bounty-5Vipul Sonulehacking, cybersecurity, bug-bounty, chatgpt, penetration-testing16-Mar-2025
Gas Level Vulnerability: Floating pragma versionhttps://medium.com/@jeetpal2007/gas-level-vulnerability-floating-pragma-version-10a7741ab096?source=rss------bug_bounty-5JEETPALbug-bounty-writeup, web3, smart-contract-security, smartcontract-audit, bug-bounty16-Mar-2025
How I Hacked an E-Commerce Website & Found XSShttps://publication.osintambition.org/how-i-hacked-an-e-commerce-website-found-xss-75db71424d4a?source=rss------bug_bounty-5AIwolfiebug-bounty, bug-bounty-writeup, cybersecurity, html-injection, xss-attack16-Mar-2025
CVE-2025–24993: A Critical Vulnerability in Microsoft Windows NTFShttps://medium.com/@jkyne6368/cve-2025-24993-a-critical-vulnerability-in-microsoft-windows-ntfs-b90782570e2d?source=rss------bug_bounty-5Jordillapenetration-testing, cve, vulnerability, ethical-hacking, bug-bounty16-Mar-2025
CRTO Review — 2025https://abhishekgk.medium.com/crto-review-2025-c3f39480a10d?source=rss------bug_bounty-5Abhishekgkcybersecurity, bug-bounty, crto, red-team, certification16-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-118)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-118-6d657a95f1e7?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, hacking, ethical-hacking, bug-bounty-tips16-Mar-2025
Day 27: The $2,200 ATO Most Bug Hunters Overlookedhttps://medium.com/@danielbelay/day-27-the-2-200-ato-most-bug-hunters-overlooked-3de76d30d96a?source=rss------bug_bounty-5dani3laccount-takeover, bug-bounty, cybersecurity16-Mar-2025
Finding CSRF Bug Bounty Program — Get $$https://firdausmuhammadismail.medium.com/finding-csrf-bug-bounty-program-get-253461291432?source=rss------bug_bounty-5Firdaus Muhammad Ismailcsrf, bug-bounty, csrf-token, vulnerability, hackerone16-Mar-2025
SQL Injection UNION Attack, Retrieving Multiple Values in a Single Columnhttps://medium.com/@marduk.i.am/sql-injection-union-attack-retrieving-multiple-values-in-a-single-column-d6c6d91be74d?source=rss------bug_bounty-5Marduk I Amportswigger-lab, bug-bounty, sqli, sql-injection, information-security16-Mar-2025
Bypassing 2FA to Impersonate Users on Drugs.comhttps://medium.com/@regan_temudo/bypassing-2fa-to-impersonate-users-on-drugs-com-66fb84b0491d?source=rss------bug_bounty-5Regan Temudoethical-hacking, bug-bounty, 2fa, vulnerability-disclosure, cybersecurity16-Mar-2025
CVE-2022–45875: Command Injection Vulnerability in Apache DolphinSchedulerhttps://sahnounoussama.medium.com/cve-2022-45875-command-injection-vulnerability-in-apache-dolphinscheduler-50acfe7dfa07?source=rss------bug_bounty-5Sahnoun Oussamacve-2022-45875, code-review, apache-dolphinscheduler, bug-bounty, ctf-walkthrough16-Mar-2025
OAuth and JWT Attackshttps://medium.com/cloud-security/oauth-and-jwt-attacks-3840fe2a113f?source=rss------bug_bounty-5Teri Radichelbug-bounty, security, penetration-testing, oauth, pentesting16-Mar-2025
CSRF in JSON Requests: A Real-World Exploit on Payout Featureshttps://medium.com/@mohamed.yasser442200/csrf-in-json-requests-a-real-world-exploit-on-payout-features-2829086ace5c?source=rss------bug_bounty-5Spider4hacking, csrf, json, bug-bounty, bug-bounty-tips16-Mar-2025
Mastering Web Recon with WebCopilothttps://osintteam.blog/mastering-web-recon-with-webcopilot-78da58bfb428?source=rss------bug_bounty-5Monika sharmapenetration-testing, bug-bounty-tips, bug-bounty, hacking, technology16-Mar-2025
How a Logic Flaw Allowed Attackers to Hijack Accountshttps://cyberw1ng.medium.com/how-a-logic-flaw-allowed-attackers-to-hijack-accounts-39509d7340e6?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, programming, technology, careers16-Mar-2025
How I Found an Open Redirect Vulnerability Easily (Worth $500!)https://infosecwriteups.com/how-i-found-an-open-redirect-vulnerability-easily-worth-500-274999bb6527?source=rss------bug_bounty-5Abhijeet Kumawathacking, infosec, bug-bounty, ai, cybersecurity16-Mar-2025
How a Logic Flaw Allowed Attackers to Hijack Accountshttps://osintteam.blog/how-a-logic-flaw-allowed-attackers-to-hijack-accounts-39509d7340e6?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, programming, technology, careers16-Mar-2025
How to Access Another’s Systems Remotely like Hacker [Ethical Hacking]https://medium.com/@hrofficial62/how-to-access-anothers-systems-remotely-like-hacker-ethical-hacking-732fca529e49?source=rss------bug_bounty-5Mr Horbiobug-bounty, cybersecurity, hacking, pentesting, ethical-hacking15-Mar-2025
A Website that will be helpful in your Bug bounty and OSINT journeyhttps://infosecwriteups.com/a-website-that-will-be-helpful-in-your-bug-bounty-and-osint-journey-2c3368346924?source=rss------bug_bounty-5loyalonlytodayinvesting, cybersecurity, tips, osint, bug-bounty15-Mar-2025
Bypassing OTP Verification: Another Bug Found Without Any Tools!https://strangerwhite.medium.com/bypassing-otp-verification-another-bug-found-without-any-tools-8b2c1013c3e7?source=rss------bug_bounty-5StrangeRwhitebug-bounty-tips, otp-bypass, bug-bounty, infosec, bugbounty-writeup15-Mar-2025
Low-Level Vulnerability: Fixed Hardcoded Datahttps://medium.com/@jeetpal2007/low-level-vulnerability-fixed-hardcoded-data-f0cc9b9d971f?source=rss------bug_bounty-5JEETPALsmart-contract-auditing, smart-contract-security, web3, smart-contracts, bug-bounty15-Mar-2025
Web 3: — writeups collectionshttps://medium.com/@jeetpal2007/web-3-writeups-collections-9f3cce5bc382?source=rss------bug_bounty-5JEETPALweb3, smart-contract-security, bug-bounty, cybersecurity15-Mar-2025
Title: How a Simple Header Lets Attackers Bypass OTP Rate Limits (And How to Fix It)https://medium.com/@PareXploit/title-how-a-simple-header-lets-attackers-bypass-otp-rate-limits-and-how-to-fix-it-a005167c6eaf?source=rss------bug_bounty-5Paresh Kukadiyaweb-security, bug-bounty, cyber-awareness, ratelimitbypass, cybersecurity15-Mar-2025
The Ultimate Guide to Writing Test Cases for Smart Contractshttps://securrtech.medium.com/the-ultimate-guide-to-writing-test-cases-for-smart-contracts-99ce93f34149?source=rss------bug_bounty-5Securr - Web3 Securitybug-bounty, smart-contract-auditing, smart-contract-security, web3-security, blockchain-security15-Mar-2025
Directory Transversal at 404 (not found)https://medium.com/@saiganesh18062003/directory-transversal-at-404-not-found-def92e74de12?source=rss------bug_bounty-5Levi Ackermanbugs, information-security, hacking, bug-bounty, cybersecurity15-Mar-2025
Day 26: Critical ATO via Business Logic Flawhttps://medium.com/@danielbelay/day-26-critical-ato-via-business-logic-flaw-87236b93eea1?source=rss------bug_bounty-5dani3laccount-takeover, cybersecurity, bug-bounty15-Mar-2025
What After choosing a target ? Recon Methodology— Bug Bounty Restart Phase 3https://infosecwriteups.com/what-after-choosing-a-target-recon-methodology-bug-bounty-restart-phase-3-8d83afee5116?source=rss------bug_bounty-5Om Aroratechnology, bug-bounty-tips, bug-bounty, cybersecurity, infosec15-Mar-2025
Broken Link Hunting The Power of Patience and Persistencehttps://enes478.medium.com/broken-link-hunting-the-power-of-patience-and-persistence-784c4cc61aa9?source=rss------bug_bounty-5Enes Özlekhackerone, bug-bounty-tips, bug-bounty, bugbounty-writeup15-Mar-2025
How to Bypass Web Application Firewalls (WAF)https://medium.com/@vipulsonule71/how-to-bypass-web-application-firewalls-waf-9210c25cbb4c?source=rss------bug_bounty-5Vipul Sonulebug-bounty, ethical-hacking, ai, hacking, cybersecurity15-Mar-2025
XSS Payload Extracted Server Private Key | $$$ Bountyhttps://medium.com/@darshannnaik1234/xss-payload-extracted-server-private-key-bounty-b20730fc0753?source=rss------bug_bounty-5Darshan Naresh Naikcybercrime, bug-bounty, technology, hacking, cyberseurity15-Mar-2025
Bug Bounty Hunting for Absolute Beginnershttps://medium.com/@hackerfromhills/bug-bounty-hunting-for-absolute-beginners-f4ec4a127705?source=rss------bug_bounty-5Badal kathayathacking, bug-bounty, bug-bounty-writeup, bug-bounty-tips, bug-hunter15-Mar-2025
CVE-2025–24813: Apache Tomcat Path Equivalence Vulnerability $$$$ BOUNTYhttps://infosecwriteups.com/cve-2025-24813-apache-tomcat-path-equivalence-vulnerability-bounty-961350b31e16?source=rss------bug_bounty-5Ajay Naikpenetration-testing, bug-bounty, information-technology, cybersecurity, information-security15-Mar-2025
Payload Generation Techniques for Bug Bounty Huntershttps://bitpanic.medium.com/payload-generation-techniques-for-bug-bounty-hunters-ab8b75bdffa6?source=rss------bug_bounty-5Spectat0rguybug-bounty, ai-generated-content, technology, programming, cybersecurity15-Mar-2025
Open Redirect — CodePolitan Vulnerability Catchhttps://firdausmuhammadismail.medium.com/open-redirect-codepolitan-vulnerability-catch-10d33baa6a71?source=rss------bug_bounty-5Firdaus Muhammad Ismailwriteup, bug-bounty, bug-hunter, vulnerability, redirect15-Mar-2025
From ‘alert(1)’ to Account Takeover: A Story of 4-digit Bounties and Bypassing HTML Sanitisershttps://medium.com/@saltify/from-alert-1-to-account-takeover-a-story-of-4-digit-bounties-and-bypassing-html-sanitisers-dd8ca0ac502b?source=rss------bug_bounty-5saltifycybersecurity, ethical-hacking, bug-bounty, infosec15-Mar-2025
How I Bypassed Verification & One Pro Tip for Bug Huntershttps://medium.com/@mahdisalhi0500/how-i-bypassed-verification-one-pro-tip-for-bug-hunters-28dc82578614?source=rss------bug_bounty-5CaptinSHArky(Mahdi)bug-bounty-writeup, bug-bounty-tips, bug-bounty, penetration-testing, infosec15-Mar-2025
Beginner’s SQL Injection Cheat Sheethttps://cyberw1ng.medium.com/beginners-sql-injection-cheat-sheet-7c0f8d217e8e?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, technology, cybersecurity, programming15-Mar-2025
Mastering JSRecon: A Comprehensive Guide to Identifying Sensitive Data in JavaScript Fileshttps://systemweakness.com/mastering-jsrecon-a-comprehensive-guide-to-identifying-sensitive-data-in-javascript-files-352771f10659?source=rss------bug_bounty-50verlo0kedexploitation, bug-bounty, javascript, bugs, js14-Mar-2025
Part-2 | Mastering 403 Forbidden Bypass Techniques✨https://cybersecuritywriteups.com/part-2-mastering-403-forbidden-bypass-techniques-707e7880fa22?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, 403-forbidden, hacking, bug-bounty, infosec14-Mar-2025
How I Found a Critical Billing Bug but Ended Up with a Duplicatehttps://medium.com/@aminouji23/how-i-found-a-critical-billing-bug-but-ended-up-with-a-duplicate-ac6934fab714?source=rss------bug_bounty-5Aminoujipentesting, information-security, infosec, bug-bounty-tips, bug-bounty14-Mar-2025
Metasploit 101: Hack Systems, Test Security, and Stay Ahead!https://medium.com/@paritoshblogs/metasploit-101-hack-systems-test-security-and-stay-ahead-799922167146?source=rss------bug_bounty-5Paritoshcybersecurity, metasploit, bug-bounty, information-technology, hacking14-Mar-2025
The Ultimate Burp Suite Playbook — Hidden Features & Automation!https://medium.com/@paritoshblogs/the-ultimate-burp-suite-playbook-hidden-features-automation-e9a07944dbd4?source=rss------bug_bounty-5Paritoshcybersecurity, ai, burpsuite, bug-bounty, hacking14-Mar-2025
When Code Flaws Strike: How Tiny Bugs Lead to Admin Account Takeovershttps://krishna-cyber.medium.com/when-code-flaws-strike-how-tiny-bugs-lead-to-admin-account-takeovers-74124a437ba3?source=rss------bug_bounty-5Krish_cyberosint, bug-bounty, bug-bounty-tips, infosec-write-ups, cybersecurity14-Mar-2025
Mastering iOS Pentesting with otoolhttps://medium.com/@prasadraj954/mastering-ios-pentesting-with-otool-0803bd65c7ed?source=rss------bug_bounty-5Raj Prasad Kuiripentesting, bug-bounty, ios-penetration-testing, mobile-pentesting, cybersecurity14-Mar-2025
Exploit ZoomEye’s Subscription “Bug” to Unlock 75 Days of Free Recon Powerhttps://medium.com/@kenilalexandra07/exploit-zoomeyes-subscription-bug-to-unlock-75-days-of-free-recon-power-eaf843a339e2?source=rss------bug_bounty-5Kenilalexandrahacking, bug-bounty, vulnerability, shodan, cve14-Mar-2025
How to Find a Job as a Bug Hunterhttps://medium.com/@vipulsonule71/how-to-find-a-job-as-a-bug-hunter-c6e9a8962299?source=rss------bug_bounty-5Vipul Sonulebug-bounty, technews, cybersecurity, hacking, technology14-Mar-2025
How to Find XSS in Bug Hunting (Automated Approach)https://medium.com/@vipulsonule71/how-to-find-xss-in-bug-hunting-automated-approach-f306cce03a76?source=rss------bug_bounty-5Vipul Sonulepenetration-testing, xss-attack, cybersecurity, hacking, bug-bounty14-Mar-2025
How I Found an IDOR Vulnerability – A Responsible Disclosure Storyhttps://medium.com/@vickyrohith70/how-i-found-an-idor-vulnerability-a-responsible-disclosure-story-def2885bbe0c?source=rss------bug_bounty-5Vickyrohithweb-applications, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-writeup14-Mar-2025
Agent T walkthrough — TryHackMehttps://medium.com/@ahmedessmat/agent-t-walkthrough-tryhackme-e6831a57af33?source=rss------bug_bounty-5Ahmed Essmatcybersecurity, agent-t, bug-bounty14-Mar-2025
10 Hacking Tools from the Future: What to Expect in 2025https://medium.com/@hxp7th/10-hacking-tools-from-the-future-what-to-expect-in-2025-efc4d8a21a6a?source=rss------bug_bounty-5Hxp7thfuturism, hacking, cybersecurity, hacking-tools, bug-bounty14-Mar-2025
Automating SQL Injection: A Practical Guide for Security Researchershttps://cyberw1ng.medium.com/automating-sql-injection-a-practical-guide-for-security-researchers-2ee75fd16b84?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, programming, technology, cybersecurity, bug-bounty14-Mar-2025
The Art of SQL Injection : A Comprehensive Guidehttps://zeusvuln.medium.com/the-art-of-sql-injection-a-comprehensive-guide-d394e8affb6d?source=rss------bug_bounty-5ZeUsVuLnbug-bounty, bug-bounty-writeup, bug-bounty-tips, cybersecurity14-Mar-2025
Skills Assessment for Web Service & API attacks: Hackthebox CBBH Coursehttps://medium.com/@treykenyon30/skills-assessment-for-web-service-api-attacks-hackthebox-cbbh-course-51b3b56feb2d?source=rss------bug_bounty-5Treykenyonweb-app-security, hackthebox, cbbh, bug-bounty, hacking14-Mar-2025
This nuclei template made me to find more bugshttps://medium.com/@canonminibeast/this-nuclei-template-made-me-to-find-more-bugs-20de8365be3d?source=rss------bug_bounty-5Canonminibeastcybersecurity, bug-bounty-writeup, bug-bounty, bug-bounty-tips, hacking14-Mar-2025
This nuclei template made me to find more bugshttps://medium.com/@canonminibeast/this-nuclei-template-made-me-to-find-more-bugs-caa8c7d6931e?source=rss------bug_bounty-5Canonminibeastbug-bounty-tips, bug-bounty-writeup, bug-bounty, recon, cybersecurity14-Mar-2025
How I Buy ₹6284 Worth of Items for Just ₹1https://cybersecuritywriteups.com/how-i-buy-6284-worth-of-items-for-just-1-14b96af18c6e?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, money, ai, bug-bounty, cybersecurity14-Mar-2025
Automating SQL Injection: A Practical Guide for Security Researchershttps://osintteam.blog/automating-sql-injection-a-practical-guide-for-security-researchers-2ee75fd16b84?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, programming, technology, cybersecurity, bug-bounty14-Mar-2025
Unauthenticated API Leaks Private Property Datahttps://medium.com/@banertheinrich/unauthenticated-api-leaks-private-property-data-f125e8fe0c4d?source=rss------bug_bounty-5Adham Heinrichbug-bounty-writeup, bug-bounty, bug-bounty-tips, idor, cybersecurity13-Mar-2025
Bug Bountyhttps://medium.com/@hihiprocybertech/bug-bounty-0e661e725299?source=rss------bug_bounty-5hihiproethical-hacking, cybersecurity, bug-bounty, bug-bounty-writeup, bug-bounty-tips13-Mar-2025
How I found my 2nd SQL injection vulnerability on the Indian Government website!https://hiddendom.medium.com/how-i-found-my-2nd-sql-injection-vulnerability-on-the-indian-government-website-e617e682e953?source=rss------bug_bounty-5Gokuleswaran Bbug-bounty-tips, sql-injection-attack, bug-bounty-writeup, sql-injection, bug-bounty13-Mar-2025
How I Hacked NASA And Received an Appreciation Letterhttps://medium.com/@Abhijeet_kumawat_/how-i-hacked-nasa-and-received-an-appreciation-letter-2d4a78a4a1f6?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, cybersecurity, nasa, hacking, infosec13-Mar-2025
How to Earn Money in Bug Hunting Using Automated Toolshttps://medium.com/@vipulsonule71/how-to-earn-money-in-bug-hunting-using-automated-tools-93382ffcd7ed?source=rss------bug_bounty-5Vipul Sonulewriting, ethical-hacking, hacking, cybersecurity, bug-bounty13-Mar-2025
How I Bypassed Email Uniqueness: Exploiting Weak Access Control in a Bug Bounty Programhttps://saconychukwu.medium.com/how-i-bypassed-email-uniqueness-exploiting-weak-access-control-in-a-bug-bounty-program-28177f3c0b29?source=rss------bug_bounty-5Sacony Chukwubug-bounty-hunter, cybersecurity, bug-bounty-writeup, bug-bounty13-Mar-2025
Bypass the Rate limiting mechanism and earn bounty of $5000 and more.https://medium.com/@anandrishav2228/bypass-the-rate-limiting-mechanism-and-earn-bounty-of-5000-and-more-dad3ef6db3ad?source=rss------bug_bounty-5Rishav anandcybersecurity, bug-bounty, hacking, money, infosec13-Mar-2025
Bypassing Windows Defender & AVs with an LNK Exploit to Gain a Reverse Shellhttps://medium.com/@dharineeshj2/bypassing-windows-defender-avs-with-an-lnk-exploit-to-gain-a-reverse-shell-09244fcefb10?source=rss------bug_bounty-5Hack-Bathacking, pentesting, cybersecurity, bug-bounty13-Mar-2025
Hacking Swagger UI - 101https://infosecwriteups.com/hacking-swagger-ui-101-ccbce66ba028?source=rss------bug_bounty-5RivuDonswagger-ui, bug-bounty, infosec, bug-bounty-tips, bug-bounty-writeup13-Mar-2025
GraphQL Vulnerabilities: A Complete Guide to Security Testing and Advanced Exploitation Techniqueshttps://infosecwriteups.com/graphql-vulnerabilities-a-complete-guide-to-security-testing-and-advanced-exploitation-techniques-5eb94af945c0?source=rss------bug_bounty-5Ajay Naikgraphql, penetration-testing, cybersecurity, bug-bounty, information-security13-Mar-2025
2FA & MFA Hacks: Bypass OTP Like a Pro — @VeryLazyTechhttps://medium.com/@verylazytech/2fa-mfa-hacks-bypass-otp-like-a-pro-verylazytech-7eb9f8c4f5c1?source=rss------bug_bounty-5Very Lazy Techotp-bypass, 2fa, mfa, bug-bounty, bypass-technique13-Mar-2025
How to Hack Wifi using | wifite Tool ️https://medium.com/@vipulsonule71/how-to-hack-wifi-using-wifite-tool-%EF%B8%8F-235a6eb67ed4?source=rss------bug_bounty-5Vipul Sonulepenetration-testing, ai, hacking, technology, bug-bounty13-Mar-2025
Get your First bounty as a newbiehttps://medium.com/@saiganesh18062003/get-your-first-bounty-as-a-newbie-fcba6a92e998?source=rss------bug_bounty-5Levi Ackermancyber, bug-bounty, bug-bounty-tips, cybersecurity, bug-bounty-writeup13-Mar-2025
Markdown Parsing Flaw Leads to Persistent System Lockdownhttps://medium.com/@syarifsajjad07/markdown-parsing-flaw-leads-to-persistent-system-lockdown-f7a0820d7685?source=rss------bug_bounty-5Syarifsajjadbug-bounty, cybersecurity, hacking, hackerone, bug-bounty-tips13-Mar-2025
How I Found Sensitive Information using Github Dorks in Bug Bounties — Part 2https://mukibas37.medium.com/find-bugs-using-github-dorking-part-2-2f80c1023592?source=rss------bug_bounty-5Mukilan Baskaranbug-bounty-writeup, ethical-hacking, cybersecurity, bug-bounty, github-dorking13-Mar-2025
How I Found a Bug in Minutes — No Tools, Just Mindful Approach to Testing!https://strangerwhite.medium.com/how-i-found-a-bug-in-minutes-no-tools-just-mindful-approach-to-testing-0dd034ff8ab9?source=rss------bug_bounty-5StrangeRwhitebug-bounty, cybersecurity, hacking, bugbounty-writeup, vulnerability13-Mar-2025
Title: “Mass Assignment Mastery: From Zero to ATO Hero in Bug Bounties ️♂️”https://krishna-cyber.medium.com/title-mass-assignment-mastery-from-zero-to-ato-hero-in-bug-bounties-%EF%B8%8F-%EF%B8%8F-d3bf53027ce7?source=rss------bug_bounty-5Krish_cyberosint, bug-bounty-tips, infosec-write-ups, hacking, bug-bounty13-Mar-2025
Understanding SQL Injection: A Deep Dive into Exploitation and Preventionhttps://cyberw1ng.medium.com/understanding-sql-injection-a-deep-dive-into-exploitation-and-prevention-0d3712bc6b93?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, technology, careers, programming13-Mar-2025
The Hidden Goldmine: Exploiting Exposed API Keys & Tokens in 2025https://cybersecuritywriteups.com/the-hidden-goldmine-exploiting-exposed-api-keys-tokens-in-2025-fc22139f4cbd?source=rss------bug_bounty-5Krish_cyberethical-hacking, cybersecurity, info-sec-writeups, api, bug-bounty13-Mar-2025
Hackyholidays CTF (Grinch Network) Write-Up | Part 2| Hacker101 CTFhttps://medium.com/@sari.mmusab/hackyholidays-ctf-grinch-network-write-up-part-2-hacker101-ctf-89d394702807?source=rss------bug_bounty-5Musab Sarıcybersecurity, ctf, bug-bounty, burpsuite, technology13-Mar-2025
Proffesional Hacker’s Breakout. NnFace’s Advices #3 “The Curve of Hacking”https://osintteam.blog/proffesional-hackers-breakout-nnface-s-advices-3-the-curve-of-hacking-b28c9875145e?source=rss------bug_bounty-5NnFacebug-bounty, bug-bounty-tips, cybersecurity, hacker, hacking13-Mar-2025
Cracking the Cache: A Bug Bounty Hunter’s Guide to Web Cache Vulnerabilities (With Real-World…https://osintteam.blog/cracking-the-cache-a-bug-bounty-hunters-guide-to-web-cache-vulnerabilities-with-real-world-33bb7b47ff1c?source=rss------bug_bounty-5Krish_cyberinfosec-write-ups, hacking, cybersecurity, bug-bounty, bug-bounty-tips13-Mar-2025
Turn website feedback into instant, actionable tickets.https://medium.com/@readybready4/turn-website-feedback-into-instant-actionable-tickets-40ef4bc14be6?source=rss------bug_bounty-5New AI Apps Dailybug-bounty, bugs, bug-report, bug-bounty-writeup, bug-bounty-tips12-Mar-2025
Cómo conseguí mi primera vulnerabilidad válida para Adobehttps://medium.com/@juanfelipeoz.rar/c%C3%B3mo-consegu%C3%AD-mi-primera-vulnerabilidad-v%C3%A1lida-para-adobe-2d6617ec51e5?source=rss------bug_bounty-5Juan Felipe Osorio Zhacking, bug-bounty-writeup, cybersecurity, bug-bounty, hackerone12-Mar-2025
100$ reward from hacking the earning sitehttps://bytesnull44.medium.com/100-reward-from-hacking-the-earning-site-803b49028df7?source=rss------bug_bounty-5Bytesnullbug-bounty, programming, developer, cybersecurity12-Mar-2025
How I Bypassed Cloudflare WAF and Achieve XSS | $500 bountyhttps://cybersecuritywriteups.com/how-i-bypassed-cloudflare-waf-and-achieve-xss-500-bounty-32914f652901?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, hacking, xss-attack, cybersecurity, infosec12-Mar-2025
Earn $$$ Hunting Bugs! A Beginner’s Guide to Bug Bounty Successhttps://medium.com/@paritoshblogs/earn-hunting-bugs-a-beginners-guide-to-bug-bounty-success-6ba585935178?source=rss------bug_bounty-5Paritoshhow-to, bug-bounty, cybersecurity, hacking, ai12-Mar-2025
Zero-Click Account Takeover via Auth Bypasshttps://medium.com/@hossam_hamada/zero-click-account-takeover-via-auth-bypass-c3130fb5a5e0?source=rss------bug_bounty-5Hossam Hamadabug-bounty-tips, bug-bounty, account-takeover, hackerone, authentication12-Mar-2025
Understanding Basic Chmodhttps://medium.com/pndsec/understanding-basic-chmod-8b93a82baf95?source=rss------bug_bounty-5Erkan Kavasethical-hacking, pentesting, linux, chmod, bug-bounty12-Mar-2025
Found Bug in Car and make $20,000 and more.https://medium.com/@anandrishav2228/found-bug-in-car-and-make-20-000-and-more-6c71152bca80?source=rss------bug_bounty-5Rishav anandbug-bounty, cybersecurity, red-team, money, cars12-Mar-2025
Network Pentesting -Active / Passive Information gathering like Pro Part -1https://medium.com/@Cyber_siva/network-pentesting-active-passive-information-gathering-like-pro-part-1-7d0ab04b1491?source=rss------bug_bounty-5Siva Sankarnetwork-security, cybersecurity, hacking, pentesting, bug-bounty12-Mar-2025
LDAP Injection Unleashed: The Hidden Exploit Hackers Use to Break In!https://medium.com/@verylazytech/ldap-injection-unleashed-the-hidden-exploit-hackers-use-to-break-in-42eb28f14325?source=rss------bug_bounty-5Very Lazy Techldap, cybersecurity, hacking, penetration-testing, bug-bounty12-Mar-2025
How I Earned $500 for Getting Trapped in a Private Facebook Eventhttps://infosecwriteups.com/how-i-earned-500-for-getting-trapped-in-a-private-facebook-event-d4b7f3fdaacd?source=rss------bug_bounty-5Vivek PScybersecurity, bug-bounty, hacking, programming, ethical-hacking12-Mar-2025
Recon Done, Now What? A Beginner’s Guide to Finding Bugs After Recon!https://systemweakness.com/recon-done-now-what-a-beginners-guide-to-finding-bugs-after-recon-e13177674833?source=rss------bug_bounty-5Taahir Mujawarrbug-bounty, bug-bounty-writeup, hacking, cybersecurity, bug-bounty-tips12-Mar-2025
How to Find Subdomain Takeover in Bug Huntinghttps://medium.com/@vipulsonule71/how-to-find-subdomain-takeover-in-bug-hunting-33aed8f43c27?source=rss------bug_bounty-5Vipul Sonuletechnology, penetration-testing, hacking, cybersecurity, bug-bounty12-Mar-2025
Ultimate List of Free Resources for Bug Bounty Huntershttps://infosecwriteups.com/ultimate-list-of-free-resources-for-bug-bounty-hunters-bfba8deb5a36?source=rss------bug_bounty-5Om Aroracybersecurity, technology, bug-bounty, programming, infosec12-Mar-2025
how i found the broken link hijacking?https://doordiefordream.medium.com/how-i-found-broken-link-hijacking-46a57e9d40c3?source=rss------bug_bounty-5Bug hunter balubug-bounty, cybersecurity, vulnerability, technology, ethical-hacking12-Mar-2025
Hacking with SSRF: A Deep Dive into Server-Side Request Forgeryhttps://medium.com/codingninjablogs/hacking-with-ssrf-a-deep-dive-into-server-side-request-forgery-e42d9011f672?source=rss------bug_bounty-5#$ubh@nk@rbug-bounty, infosec, ssrf, writeup, hacking12-Mar-2025
How Interesting 2FA Bypass Through Browser Feature Lead Me To Critical Vulnerability.https://medium.com/@dishantsingh989/how-interesting-2fa-bypass-through-browser-feature-lead-me-to-critical-vulnerability-18f9c72a8f8d?source=rss------bug_bounty-5Dishantsinghbug-bounty, cybersecurity, bug-bounty-tips, bug-bounty-writeup, hackerone12-Mar-2025
Penetration Testing: Discovery Phase & Reconnaissance Techniqueshttps://medium.com/@shoaibbinrashid11/penetration-testing-discovery-phase-reconnaissance-techniques-6e1fc9d479f5?source=rss------bug_bounty-5Shoaib Bin Rashidcybersecurity, web-security, bug-bounty, pentesting, penetration-testing12-Mar-2025
Penetration Testing er Discovery Phase: Passive & Active Reconnaissancehttps://medium.com/@shoaibbinrashid11/penetration-testing-er-discovery-phase-passive-active-reconnaissance-436b4bf5485b?source=rss------bug_bounty-5Shoaib Bin Rashidpenetration-testing, pentesting, bug-bounty, web-security, cybersecurity12-Mar-2025
Mastering 403 Bypass: Unlock Hidden Bounties Like a Pro!https://osintteam.blog/mastering-403-bypass-unlock-hidden-bounties-like-a-pro-bc8ee954c209?source=rss------bug_bounty-5Krish_cyberbug-bounty-writeup, bug-bounty, infosec-write-ups, osint, cybersecurity12-Mar-2025
Authentication Bypass leads to PII = ($$$)https://mchklt.medium.com/authentication-bypass-leads-to-pii-01d34fc7f547?source=rss------bug_bounty-5ABDELKARIM MOUCHQUELITAcybersecurity, authentication, automation, bug-bounty, hacking12-Mar-2025
Bug Hunting: Find Hidden Vulnerabilitieshttps://osintteam.blog/bug-hunting-find-hidden-vulnerabilities-32ef94af0d28?source=rss------bug_bounty-5Monika sharmabug-bounty-tips, bug-bounty, hacking, technology, penetration-testing12-Mar-2025
Simple SQL Injection: Exploiting and Preventing One of the Most Dangerous Web Vulnerabilitieshttps://cyberw1ng.medium.com/simple-sql-injection-exploiting-and-preventing-one-of-the-most-dangerous-web-vulnerabilities-f61c6841348a?source=rss------bug_bounty-5Karthikeyan Nagarajtechnology, careers, bug-bounty, programming, cybersecurity12-Mar-2025
What $5,000 Vulnerability Did Everyone Else Misshttps://medium.com/@ibtissamhammadi/what-5-000-vulnerability-did-everyone-else-miss-1afd570a280b?source=rss------bug_bounty-5Ibtissam Hammadibug-bounty, hackerone, vulnerability, ethical-hacking, cybersecurity12-Mar-2025
Investigating Nmap Scans with Wiresharkhttps://medium.com/@thecyberghost/investigating-nmap-scans-with-wireshark-bfe77af6441a?source=rss------bug_bounty-5The Cyber Ghostnmap, bug-bounty, wireshark-tutorial, cybersecurity, wireshark12-Mar-2025
Multiple Account Creation with Same Emailhttps://medium.com/@A0X-Y0S3TRX/multiple-account-creation-with-same-email-81acb37aca96?source=rss------bug_bounty-5A0X-Y0S3TRXbug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, hunting, bug-bounty12-Mar-2025
How to Write Effective Prompts for ChatGPT in Bug Bounty Huntinghttps://medium.com/@ajudeb55/how-to-write-effective-prompts-for-chatgpt-in-bug-bounty-hunting-b885dcf4f743?source=rss------bug_bounty-5Aju Debprogramming, cybersecurity, bug-bounty, chatgpt, technology11-Mar-2025
Exposed! A Massive Data Leak Uncovered with Just a Simple Google Dork ️https://medium.com/@dharineeshj2/exposed-a-massive-data-leak-uncovered-with-just-a-simple-google-dork-%EF%B8%8F-a103b640e2e5?source=rss------bug_bounty-5Hack-Batcybersecurity, bug-bounty, ethical-hacking, hacking11-Mar-2025
IDOR Unlocked: Accessing Unauthorized Data with a Simple Tweak!https://medium.com/@dharineeshj2/idor-unlocked-accessing-unauthorized-data-with-a-simple-tweak-a6a5a01a341f?source=rss------bug_bounty-5Hack-Bathacking, cybersecurity, bug-bounty, ethical-hacking11-Mar-2025
Linux Privilege Escalation [Part-1] | EJPT Noteshttps://medium.com/@hrofficial62/linux-privilege-escalation-part-1-ejpt-notes-7f978d958888?source=rss------bug_bounty-5Mr Horbiohacking, penetration-testing, ethical-hacking, cybersecurity, bug-bounty11-Mar-2025
绕过JsBridge鉴权实现账户接管https://medium.com/@xiaoshi666/%E7%BB%95%E8%BF%87jsbridge%E9%89%B4%E6%9D%83%E5%AE%9E%E7%8E%B0%E8%B4%A6%E6%88%B7%E6%8E%A5%E7%AE%A1-cf421b291484?source=rss------bug_bounty-5xiaoshibug-bounty, cybersecurity11-Mar-2025
Mastering XSS Attacks To Become Professional Bug Bounty Hunterhttps://cybersecuritywriteups.com/mastering-xss-attacks-to-become-professional-bug-bounty-hunter-816f018643b3?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, ai, cybersecurity, bug-bounty, xss-attack11-Mar-2025
PHOTOGRAPHER 1 BY OFFSEChttps://medium.com/@mickeylance001/photographer-1-by-offsec-27dbcc716805?source=rss------bug_bounty-5mickey lancectf-walkthrough, offsec, bug-bounty, penetration-testing, ctf-writeup11-Mar-2025
CORS Misconfigurations & Bypass Techniques: A Hacker’s Guide to Exploiting Weak Policieshttps://medium.com/@verylazytech/cors-misconfigurations-bypass-techniques-a-hackers-guide-to-exploiting-weak-policies-f3229b574a9a?source=rss------bug_bounty-5Very Lazy Techbug-bounty, cors, penetration-testing, ethical-hacking, hacking11-Mar-2025
Disclosure of Secrets – A $1000 Bug Bounty Winhttps://medium.com/@salaheddine_kalada/exploiting-misconfigured-azure-application-insights-a-1000-bug-bounty-win-cf16f6ad2ff0?source=rss------bug_bounty-5Salaheddinebug-bounty, bug-bounty-tips, bug-bounty-writeup, bugbounty-writeup11-Mar-2025
How to Become a Bug Bounty Hunter in 2025https://medium.com/@ebinkantony/how-to-become-a-bug-bounty-hunter-in-2025-e7a528b5cc16?source=rss------bug_bounty-5Ebin K Antonybug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty, ethical-hacking11-Mar-2025
Hijacking the CTF Event: The Story of a Host Header Injection (1000$)https://medium.com/@bajajkrrish11/hijacking-the-ctf-event-the-story-of-a-host-header-injection-1000-f6ef62006f07?source=rss------bug_bounty-5Krrish Bajajhacking, host-header-injection, bug-bounty-tips, bug-bounty, bounty-program11-Mar-2025
One Token, Two Apps: The OAuth Flaw That Can Compromise Your Accounts — A Silent Security Disasterhttps://medium.com/@rahulgairola/one-token-two-apps-the-oauth-flaw-that-can-compromise-your-accounts-a-silent-security-disaster-31cff04dcceb?source=rss------bug_bounty-5Rahul Gairolabug-bounty-tips, cybersecurity, bug-bounty-writeup, bug-bounty, oauth11-Mar-2025
How I uncover an IDOR led to access Private CVhttps://infosecwriteups.com/how-i-uncover-an-idor-led-to-access-private-cv-access-3ff5be987896?source=rss------bug_bounty-5JEETPALcybersecurity, bug-bounty-writeup, bugbounty-tips, idor, bug-bounty11-Mar-2025
WAF(Web Application Firewall) Fingerprinting.https://medium.com/infosecmatrix/waf-web-application-firewall-fingerprinting-035d008094cd?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, fingerprinting, waf, programming11-Mar-2025
Today I Found an XSS Bug: A Lesson in Web Securityhttps://theindiannetwork.medium.com/today-i-found-an-xss-bug-a-lesson-in-web-security-d3fc4e3ae5b6?source=rss------bug_bounty-5TheIndianNetworkcybersecurity, bug-bounty, ethical-hacking, cross-site-scription, xss-vulnerability11-Mar-2025
Client Side Path Traversal (CSPT) - A Deep Dive into an Overlooked Vulnerabilityhttps://0xkratos.medium.com/client-side-path-traversal-cspt-a-deep-dive-into-an-overlooked-vulnerability-cdf91baca715?source=rss------bug_bounty-5Amal PKbugbounty-writeup, cybersecurity, bug-bounty, cyber, hacking11-Mar-2025
Hijacking the CTF Event: The Story of a Host Header Injection (1000$)https://cybersecuritywriteups.com/hijacking-the-ctf-event-the-story-of-a-host-header-injection-1000-f6ef62006f07?source=rss------bug_bounty-5Krrish Bajajhacking, host-header-injection, bug-bounty-tips, bug-bounty, bounty-program11-Mar-2025
This python script saved my recon timehttps://medium.com/@canonminibeast/this-python-script-saved-my-recon-time-b780ade10b97?source=rss------bug_bounty-5Canonminibeastgoogle, bug-bounty-writeup, hacking, cybersecurity, bug-bounty11-Mar-2025
Testing for HTTP Verb Tampering: A Complete Guidehttps://infosecwriteups.com/testing-for-http-verb-tampering-a-complete-guide-ca1fba91fdb6?source=rss------bug_bounty-5Ajay Naikcybersecurity, information-security, information-technology, bug-bounty, penetration-testing11-Mar-2025
This python script saved my recon timehttps://medium.com/@canonminibeast/this-python-script-saved-my-recon-time-66d6206628a0?source=rss------bug_bounty-5Canonminibeastbug-bounty, cybersecurity, bug-bounty-writeup, hacking, website11-Mar-2025
Anomaly Detection in Network Traffic: Enhancing Cybersecurityhttps://medium.com/@paritoshblogs/anomaly-detection-in-network-traffic-enhancing-cybersecurity-2e90277c6af3?source=rss------bug_bounty-5Paritoshbug-bounty, ai, networking, hacking, cybersecurity11-Mar-2025
Account Takeover via postMessagehttps://phlmox.medium.com/account-takeover-via-postmessage-3c493c6d1354?source=rss------bug_bounty-5phlmoxbug-bounty, cybersecurity, account-takeover11-Mar-2025
When Life Throws Errors, I Throw Commands: My Command Injection Bughttps://medium.com/@iski/when-life-throws-errors-i-throw-commands-my-command-injection-bug-18969d979da4?source=rss------bug_bounty-5Iskibug-bounty, bug-bounty-tips, hacking, cybersecurity, command-injection11-Mar-2025
My First Paid Bug Bounty — Stored Blind XSShttps://medium.com/@dante.falls/my-first-paid-bug-bounty-stored-blind-xss-abe8ad06b3b3?source=rss------bug_bounty-5Dante Fallscybersecurity, web-security, bug-bounty11-Mar-2025
Day 25: From alert(origin) to ATO — An XSS Storyhttps://medium.com/@danielbelay/day-25-from-alert-origin-to-ato-an-xss-story-41c78c1fe66d?source=rss------bug_bounty-5dani3lbug-bounty, cybersecurity, account-takeover-attacks, ethical-hacking11-Mar-2025
Advanced SQL Injection (Part 2)https://medium.com/@julius.grosserode.19/advanced-sql-injection-part-2-57bf83e202b1?source=rss------bug_bounty-5Juliomysql, bug-bounty, sql, sql-injection, bug-bounty-reports11-Mar-2025
Critical SQL Injection Exploit in URL Paths: Bounty Reporthttps://cyberw1ng.medium.com/critical-sql-injection-exploit-in-url-paths-bounty-report-6bf36e066f1f?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, careers, technology, bug-bounty, cybersecurity11-Mar-2025
Beyond Alert Boxes: Exploiting DOM XSS for Full Account Takeoverhttps://ehteshamulhaq198.medium.com/beyond-alert-boxes-exploiting-dom-xss-for-full-account-takeover-094e1507d206?source=rss------bug_bounty-5Ehtesham Ul Haqinformation-security, xss-attack, bug-bounty, xss-bypass, bug-bounty-tips11-Mar-2025
From User to Admin: A Privilege Escalation via Business Logichttps://siratsami71.medium.com/from-user-to-admin-a-privilege-escalation-via-business-logic-7ae901be7d81?source=rss------bug_bounty-5Sirat Sami (analyz3r)bug-bounty, logic, privilege-escalation10-Mar-2025
How I Hijacked an Instagram Account and Discovered Open Redirection Vulnerabilitieshttps://medium.com/@josekuttykunnelthazhebinu/how-i-took-over-an-instagram-account-using-broken-link-hijacking-found-open-redirections-on-c03b0c62add6?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuprogramming, bug-bounty, cybersecurity, penetration-testing, hacking10-Mar-2025
Best Tool For Subdomain Enumerationhttps://cybersecuritywriteups.com/best-tool-for-subdomain-enumeration-f3f40a8e1748?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, bug-bounty, cybersecurity, bots, hacking10-Mar-2025
With BLUF — Always write with clarity and effectiveness!https://learningsomecti.medium.com/with-bluf-always-write-with-clarity-and-effectiveness-b4450939b841?source=rss------bug_bounty-5Andy Cwriting, cybersecurity, threat-intelligence, bug-bounty, threat-hunting10-Mar-2025
The Hidden Danger of Social Media: How Just Viewing a Post Exposes Your Datahttps://medium.com/@sulmanfarooq531/the-hidden-danger-of-social-media-how-just-viewing-a-post-exposes-your-data-b2181ec8d667?source=rss------bug_bounty-5Sulman Farooq Ssocial-media, cybersecurity, data, security, bug-bounty10-Mar-2025
Top 10 OAuth 2.0 Hacking Techniques — Part 2https://medium.com/@itamar.yochpaz/top-10-oauth-2-0-hacking-techniques-part-2-a45504ee373b?source=rss------bug_bounty-5Itamar Yochpazpenetration-testing, bug-bounty, application-security, cybersecurity, hacking10-Mar-2025
Bug Report: Authentication Redirect Issue in Sanicle-AI Platformhttps://chanmeng666.medium.com/bug-report-authentication-redirect-issue-in-sanicle-ai-platform-fedbf7c84862?source=rss------bug_bounty-5Chan Mengauthentication, bug-bounty, nextjs, nextauth, debugging10-Mar-2025
Secure Coding Practices for TEE Applications: A Guide for CA and TA Developershttps://medium.com/@security.tecno/secure-coding-practices-for-tee-applications-a-guide-for-ca-and-ta-developers-43978c4b82d4?source=rss------bug_bounty-5TECNO Securitysecurity, bug-bounty, writing, hacking, blog10-Mar-2025
How I Earned $2000 Automated Bug Bounty Huntinghttps://medium.com/@rafaelczanetti/how-i-earned-2000-automated-bug-bounty-hunting-e46ce02d645d?source=rss------bug_bounty-5Rafael Cavalcantebug-bounty10-Mar-2025
Discover the Awesome Bug Bounty Writeups GitHub Repohttps://medium.com/@a.muhzeke/discover-the-awesome-bug-bounty-writeups-github-repo-40d4bfa61241?source=rss------bug_bounty-5Anthony Mazyckthreat-hunting, bug-bounty, soc, cybersecurity10-Mar-2025
Bypassing Rate Limits Like a Pro: Advanced Exploitation Techniqueshttps://medium.com/@verylazytech/bypassing-rate-limits-like-a-pro-advanced-exploitation-techniques-a2643a6ea606?source=rss------bug_bounty-5Very Lazy Techbug-bounty, bypassing-rate-limit, 403-forbidden, web-attack, penetration-testing10-Mar-2025
Bypass To 1-Click ATOhttps://medium.com/@xiaoshi666/bypass-to-1-click-ato-ebfee258d8cc?source=rss------bug_bounty-5xiaoshibug-bounty, cybersecurity10-Mar-2025
What’s the $5 Secret Behind Exploiting IDOR Vulnerabilities? (You Won’t Believe #3)https://medium.com/@ibtissamhammadi/whats-the-5-secret-behind-exploiting-idor-vulnerabilities-you-won-t-believe-3-b8e50c21a352?source=rss------bug_bounty-5Ibtissam Hammadibug-bounty, cybersecurity, web-security, idor-vulnerability, owasp10-Mar-2025
Unexpected input lead to Functionality confusion and P4 easy bug?https://medium.com/@hamdiyasin135/unexpected-input-lead-to-functionality-confusion-and-p4-easy-bug-ba30013caddd?source=rss------bug_bounty-5yassin hamdibug-bounty, cyper-security, logic, access-control10-Mar-2025
Penetration Testing Planning Phase — Ekta Detailed Guidehttps://medium.com/@shoaibbinrashid11/penetration-testing-planning-phase-ekta-detailed-guide-23009766800a?source=rss------bug_bounty-5Shoaib Bin Rashidpenetration-testing, bug-bounty, web-security, cybersecurity, pentesting10-Mar-2025
Penetration Testing Planning Phase — A Complete Guidehttps://medium.com/@shoaibbinrashid11/penetration-testing-planning-phase-a-complete-guide-376140284df0?source=rss------bug_bounty-5Shoaib Bin Rashidweb-security, bug-bounty, cybersecurity, penetration-testing, pentesting10-Mar-2025
Penetration Testing Phases: Full Bangla Explanation with Examplehttps://medium.com/@shoaibbinrashid11/penetration-testing-phases-full-bangla-explanation-with-example-8dd3d5a5043c?source=rss------bug_bounty-5Shoaib Bin Rashidbug-bounty, cybersecurity, web-security, pentesting, penetration-testing10-Mar-2025
How I Turned Government Website Into a Phishing Machine (And How You Can Prevent It)https://medium.com/@nebty/how-i-turned-government-website-into-a-phishing-machine-and-how-you-can-prevent-it-fd70dbe57030?source=rss------bug_bounty-5Nebtybug-bounty-tips, phishing, vulnerability, bug-bounty, cybersecurity10-Mar-2025
️♂️ How I Uncovered a $1000 Vulnerability by Exploiting an “Out-of-Sync” Flawhttps://cybersecuritywriteups.com/%EF%B8%8F-%EF%B8%8F-how-i-uncovered-a-1000-vulnerability-by-exploiting-an-out-of-sync-flaw-0b377c9c411d?source=rss------bug_bounty-5Krish_cyberbug-bounty, infosec-write-ups, cybersecurity, xss-attack, osint10-Mar-2025
Article 2: Setting Up an Emulator in Android Studio with Window ,Linuxhttps://medium.com/@fancybearIN/article-2-setting-up-an-emulator-in-android-studio-with-window-linux-9b7bb490edb7?source=rss------bug_bounty-5Deepak Parkashappsec, android-app-development, android, bug-bounty, androiddev10-Mar-2025
How I Made $500 in 30 Days Using ChatGPT as My Ethical Hacking Coach! ️https://krishna-cyber.medium.com/how-i-made-500-in-30-days-using-chatgpt-as-my-ethical-hacking-coach-%EF%B8%8F-f4e8c48c4501?source=rss------bug_bounty-5Krish_cybercybersecurity, infosec-write-ups, osint, chatgpt, bug-bounty10-Mar-2025
Server Side Parameter Pollution — Deep Dive — Part 1https://medium.com/@prathmeshshendarkar/server-side-parameter-pollution-deep-dive-part-1-51aed2539c07?source=rss------bug_bounty-5Prathmesh Sprogramming, servers, bugs, web, bug-bounty10-Mar-2025
Race Conditions in Bug Bounty: From Beginner to Advancedhttps://cyberw1ng.medium.com/race-conditions-in-bug-bounty-from-beginner-to-advanced-4b48586dfc73?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, technology, programming, bug-bounty, cybersecurity10-Mar-2025
Extracting Forensic Evidence from Smartwatch Data: A CID Hackathon Experiencehttps://infosecwriteups.com/extracting-forensic-evidence-from-smartwatch-data-a-cid-hackathon-experience-8a45b6ef7d5b?source=rss------bug_bounty-5Xh081iXiot, bug-bounty, cybersecurity, infosec, ethical-hacking10-Mar-2025
How to find hidden parameters in your bug bounty targethttps://infosecwriteups.com/how-to-find-hidden-parameters-in-your-bug-bounty-target-35427ac49b91?source=rss------bug_bounty-5loyalonlytodaytips, bug-bounty-tips, cybersecurity, bug-bounty, ethical-hacking10-Mar-2025
Race Conditions in Bug Bounty: From Beginner to Advancedhttps://systemweakness.com/race-conditions-in-bug-bounty-from-beginner-to-advanced-4b48586dfc73?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, technology, programming, bug-bounty, cybersecurity10-Mar-2025
From Partial IDOR to GPS Tracking — API Flaw Explainedhttps://infosecwriteups.com/from-partial-idor-to-gps-tracking-api-flaw-explained-5eebab2af32a?source=rss------bug_bounty-5Mahendra Purbia (Mah3Sec)api, infosec, pentesting, bug-bounty, idor09-Mar-2025
“Blind CSS Exfiltration: The Bug Bounty Tactic That Earns Hackers $10k+ (Here’s How)”https://osintteam.blog/blind-css-exfiltration-the-bug-bounty-tactic-that-earns-hackers-10k-heres-how-fdb12a82826f?source=rss------bug_bounty-5Krish_cyberinfo-sec-writeups, osint, bug-bounty-writeup, bug-bounty, cybersecurity09-Mar-2025
How I Found a Google API Key Leak in a Bug Bounty Programhttps://medium.com/@AhmedSamy-X/how-i-found-a-google-api-key-leak-in-a-bug-bounty-program-c9a497efe479?source=rss------bug_bounty-5Ahmedsamypenetration-testing, hacking, api, cybersecurity, bug-bounty09-Mar-2025
The Original Bug Bounty: Alfred Hobbs and the Great Lock Controversy of 1851https://caseyjohnellis.medium.com/the-original-bug-bounty-alfred-hobbs-and-the-great-lock-controversy-of-1851-cd390705befb?source=rss------bug_bounty-5caseyjohnellisvulnerability-research, cybersecurity, bug-bounty, locksmith09-Mar-2025
Find Exposed Buckets and files, etc., with this resource.https://infosecwriteups.com/find-exposed-buckets-and-files-etc-with-this-resource-115f8865015b?source=rss------bug_bounty-5loyalonlytodaytips, bug-bounty, penetration-testing, cybersecurity, ethical-hacking09-Mar-2025
Attacking and Defending Active Directory: Real-World Scenarioshttps://medium.com/@paritoshblogs/attacking-and-defending-active-directory-real-world-scenarios-6533ca82a8d2?source=rss------bug_bounty-5Paritoshhacking, active-directory, blue-team, bug-bounty, red-team09-Mar-2025
The Art of Bug Reportinghttps://medium.com/nerd-for-tech/the-art-of-bug-reporting-13be09192741?source=rss------bug_bounty-5sajith dilshanbug-bounty, software-testing, bug-report, bug-reporting, qa09-Mar-2025
How to Use Nuclei for Bug Huntinghttps://medium.com/@vipulsonule71/how-to-use-nuclei-for-bug-hunting-0d60bea1fd92?source=rss------bug_bounty-5Vipul Sonulebug-bounty, cybersecurity, technology, ai, hacking09-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-117)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-117-8211b7ea0a72?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty, cybersecurity, ethical-hacking, hacking09-Mar-2025
Found 5 BAC in One Single App within 2 Hourshttps://medium.com/@mrro0o0tt/found-5-bac-in-one-single-app-within-2-hours-07a2307db2ca?source=rss------bug_bounty-5Whoamiidor-vulnerability, broken-access-control, bug-bounty, bug-bounty-tips, privilege-escalation09-Mar-2025
Part-2 | Deep Recon Methodology for Bug Bounty Huntershttps://cybersecuritywriteups.com/part-2-deep-recon-methodology-for-bug-bounty-hunters-2ea73cefb010?source=rss------bug_bounty-5Abhijeet Kumawatrecon, infosec, hacking, bug-bounty, cyber-security-awareness09-Mar-2025
Top 11 Bug Bounty Extensions That Will Save You Hourshttps://infosecwriteups.com/top-11-bug-bounty-extensions-that-will-save-you-hours-bea31a368529?source=rss------bug_bounty-5Om Arorabug-bounty-tips, bug-bounty, technology, cybersecurity, infosec09-Mar-2025
Big Bounty: Uncovering Critical Security Flaws in Android Appshttps://hackersatty.medium.com/big-bounty-uncovering-critical-security-flaws-in-android-apps-0935963703e6?source=rss------bug_bounty-5hackersattyjavascript, android, android-bug-bounty, bug-bounty, bug-bounty-tips09-Mar-2025
JWT Vulnerabilities in Pentesting: Exploitation Techniques & Security Best Practiceshttps://medium.com/@verylazytech/free-link-in-the-first-comment-d6d0cb759590?source=rss------bug_bounty-5Very Lazy Techethical-hacking, jwt-security, jwt-pentesting, jwt-hacking, bug-bounty09-Mar-2025
Penetration Testing: Hacking for Security — The Beginner’s Guidehttps://medium.com/@shoaibbinrashid11/penetration-testing-hacking-for-security-the-beginners-guide-2183261f8d29?source=rss------bug_bounty-5Shoaib Bin Rashidcybersecurity, penetration-testing, ethical-hacking, bug-bounty, pentesting09-Mar-2025
“Oops, I Can See Everything!”: A Funny Tale of Broken Access Controlhttps://medium.com/@bevennyamande/oops-i-can-see-everything-a-funny-tale-of-broken-access-control-9089586d5a86?source=rss------bug_bounty-50xbevenbug-bounty-writeup, bug-bounty, bug-bounty-tips09-Mar-2025
Penetration Testing: Ethical Hacking Er Shundor Duniyahttps://medium.com/@shoaibbinrashid11/penetration-testing-ethical-hacking-er-shundor-duniya-a0335e4e901f?source=rss------bug_bounty-5Shoaib Bin Rashidbug-bounty, pentesting, web-security, cybersecurity, penetration-testing09-Mar-2025
SQL Injectionhttps://medium.com/@julius.grosserode.19/sql-injection-97a239647ac7?source=rss------bug_bounty-5Juliosqli, sql-injection, sql, error-based-sql-injection, bug-bounty09-Mar-2025
Stored XSS on a HackerOne Private Bug Bounty Programhttps://medium.com/@mohaned0101/stored-xss-on-a-hackerone-private-bug-bounty-program-997d5d4a104a?source=rss------bug_bounty-5mohaned alkhlotxss-vulnerability, bug-bounty, bug-bounty-tips, xss-attack09-Mar-2025
The 5 Phases of Penetration Testing: A Complete Guidehttps://medium.com/@shoaibbinrashid11/the-5-phases-of-penetration-testing-a-complete-guide-e6a50572262c?source=rss------bug_bounty-5Shoaib Bin Rashidpenetration-testing, web-security, pentesting, bug-bounty09-Mar-2025
Bug Hunting Recon Guide: Find Hidden Vulnerabilities Like a Prohttps://osintteam.blog/bug-hunting-recon-guide-find-hidden-vulnerabilities-like-a-pro-353accfe65c4?source=rss------bug_bounty-5Monika sharmabug-bounty-tips, hacking, technology, penetration-testing, bug-bounty09-Mar-2025
From Remote Code Execution to Data Base Pwnagehttps://medium.com/@pandurangisuprit/from-remote-code-execution-to-data-base-pwnage-63404905e044?source=rss------bug_bounty-5Suprit Pandurangirce, vulnerability, critical-thinking, remote-code-execution, bug-bounty09-Mar-2025
Exposing PII and SSNs through Persistent Session Tokens — $15,000 Bug Bountyhttps://medium.com/@moblig/exposing-pii-and-ssns-through-persistent-session-tokens-15-000-bug-bounty-293ab06c1606?source=rss------bug_bounty-5Mobligbug-bounty, leaked, cybersecurity, research09-Mar-2025
How i Find IDOR lead to account takeoverhttps://yazeedeliwah.medium.com/how-i-find-idor-lead-to-account-takeover-de762cc1e101?source=rss------bug_bounty-5black_virusrecon, cybersecurity, hacking, idor, bug-bounty09-Mar-2025
$2,162 Bounty: Exploiting VGA Deadlock in Xen Hypervisor for Maximum Impacthttps://cyberw1ng.medium.com/2-162-bounty-exploiting-vga-deadlock-in-xen-hypervisor-for-maximum-impact-2a98238ac0dd?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, technology, bug-bounty, careers, programming09-Mar-2025
$2,162 Bounty: Exploiting VGA Deadlock in Xen Hypervisor for Maximum Impacthttps://osintteam.blog/2-162-bounty-exploiting-vga-deadlock-in-xen-hypervisor-for-maximum-impact-2a98238ac0dd?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, technology, bug-bounty, careers, programming09-Mar-2025
Exploiting Mass Assignment to ATOhttps://medium.com/@GERRR4Y/exploiting-mass-assignment-to-ato-ab0c1aadc2de?source=rss------bug_bounty-5Aya Ayman(GERR4Y)penetration-testing, bug-bounty08-Mar-2025
CORS Misconfiguration vs. CSRF: Battle of the Web Villains!https://medium.com/@shadyfarouk1986/cors-misconfiguration-vs-csrf-battle-of-the-web-villains-6743cb0ed08b?source=rss------bug_bounty-5Shady Faroukbug-bounty-tips, bug-bounty, bounty-program, bug-bounty-writeup08-Mar-2025
Why Custom Linux & Python Tools in Bug Bounty Beat Traditional Tools!https://medium.com/@shadyfarouk1986/why-custom-linux-python-tools-in-bug-bounty-beat-traditional-tools-db2092a8cf9c?source=rss------bug_bounty-5Shady Faroukbug-bounty-tips, bug-bounty-writeup, bug-bounty, pentesting08-Mar-2025
Deep Recon Methodology for Bug Bounty Hunters | Part-1https://medium.com/@Abhijeet_kumawat_/deep-recon-methodology-for-bug-bounty-hunters-part-1-724fa4d6324c?source=rss------bug_bounty-5Abhijeet Kumawatrecon, cybersecurtiy, bug-bounty, hacking, infosec08-Mar-2025
LostFuzzer: Passive URL Fuzzing & Nuclei DAST for Bug Huntershttps://infosecwriteups.com/lostfuzzer-passive-url-fuzzing-nuclei-dast-for-bug-hunters-a33501b9563b?source=rss------bug_bounty-5coffinxpautomation, penetration-testing, bug-bounty-tips, technology, bug-bounty08-Mar-2025
Find apex domains that are related to your bug bounty target (part 2)https://infosecwriteups.com/find-apex-domains-that-are-related-to-your-bug-bounty-target-part-2-e60644fd3cf8?source=rss------bug_bounty-5loyalonlytodayethical-hacking, cybersecurity, apex, bug-bounty, tips08-Mar-2025
Installing Burp Suite Certificate & Frida Setup for Android Penetrationhttps://cybersecuritywriteups.com/installing-burp-suite-certificate-frida-setup-for-android-penetration-b242f5c8a0a9?source=rss------bug_bounty-5Abdul Rehman Parkarbug-bounty, cybersecurity, android-pentesting, burpsuite, ethical-hacking08-Mar-2025
My First IDOR in Hindustan Timeshttps://medium.com/@ShreyasMahajann/my-first-idor-in-hindustan-times-0f93ab372de6?source=rss------bug_bounty-5Shreyas Mahajanpenetration-testing, bug-bounty, security, cybersecurity08-Mar-2025
How a Minor Rounding Error Cost a DeFi Protocol Millionshttps://securrtech.medium.com/how-a-minor-rounding-error-cost-a-defi-protocol-millions-5fedcf2b148d?source=rss------bug_bounty-5Securr - Web3 Securitysmart-contract-auditing, smart-contract-security, web3-security, blockchain-security, bug-bounty08-Mar-2025
Installing Burp Suite Certificate & Frida Setup for Android Penetration testinghttps://cybersecuritywriteups.com/installing-burp-suite-certificate-frida-setup-for-android-penetration-b242f5c8a0a9?source=rss------bug_bounty-5Abdul Rehman Parkarbug-bounty, cybersecurity, android-pentesting, burpsuite, ethical-hacking08-Mar-2025
From Zero to $8k: How I Stumbled Into a Critical Bug (And You Can Too!https://krishna-cyber.medium.com/from-zero-to-8k-how-i-stumbled-into-a-critical-bug-and-you-can-too-f5cb37832b8d?source=rss------bug_bounty-5Krish_cyberhacking, bugs, bug-bounty, osint, infosec-write-ups08-Mar-2025
The Hidden Danger: Sensitive Information Leakage via Log Files!https://cybersecuritywriteups.com/the-hidden-danger-sensitive-information-leakage-via-log-files-6244175b26be?source=rss------bug_bounty-5Krish_cyberbug-bounty, cybersecurity, programming, bug-bounty-writeup, infosec-write-ups08-Mar-2025
Article 1: Setting up Android Studio -the foundation for Android pentestinghttps://medium.com/@itsboyy0007/article-1-setting-up-android-studio-the-foundation-for-android-pentesting-de86726f486a?source=rss------bug_bounty-5Deepak Parkashbug-bounty, hacking, android, appsec, cybersecurity08-Mar-2025
Mr. Robot TryhackMehttps://medium.com/@mr.tripathy/mr-robot-tryhackme-5afa3435b75f?source=rss------bug_bounty-5Madhab Tripathybug-bounty, penetration-testing, red-team, tryhackme-walkthrough, tryhackme08-Mar-2025
How I Found Clickjacking in a Public Programhttps://medium.com/@slash0x01/how-i-found-clickjacking-in-a-public-program-9581aa6bab1f?source=rss------bug_bounty-5Slash0x01penetration-testing, bug-bounty, cybersecurity, bug-bounty-tips, bug-bounty-writeup08-Mar-2025
5 Exploitation Techniques to Exploit HTTP Parameter Pollution (HPP) in Web Applicationshttps://bitpanic.medium.com/5-exploitation-techniques-to-exploit-http-parameter-pollution-hpp-in-web-applications-ead3710f96ac?source=rss------bug_bounty-5Spectat0rguycybersecurity, bug-bounty, ai-generated-content, programming, technology08-Mar-2025
Mastering Shodan Search Engine Dorks: A Comprehensive Guide for Security Researchershttps://infosecwriteups.com/mastering-shodan-search-engine-dorks-a-comprehensive-guide-for-security-researchers-0e70e4e628cb?source=rss------bug_bounty-5Ajay Naiksearch-engines, information-technology, penetration-testing, cybersecurity, bug-bounty08-Mar-2025
Uncovering a critical bug : Zero-click ATOhttps://infosecwriteups.com/uncovering-a-critical-bug-zero-click-ato-cbec5eb33ccf?source=rss------bug_bounty-5JEETPALaccount-takeover, bugbounty-writeup, cybersecurity, bugbounty-tips, bug-bounty08-Mar-2025
Article 1: Setting up Android Studio -the foundation for Android pentestinghttps://medium.com/@fancybearIN/article-1-setting-up-android-studio-the-foundation-for-android-pentesting-de86726f486a?source=rss------bug_bounty-5Deepak Parkashbug-bounty, hacking, android, appsec, cybersecurity08-Mar-2025
The Secret to Choosing Targets That Actually Have Vulnerabilities : Bug Bounty Restart Phase 2https://omarora1603.medium.com/the-secret-to-choosing-targets-that-actually-have-vulnerabilities-bug-bounty-restart-phase-2-3af718bc89bc?source=rss------bug_bounty-5Om Arorabug-bounty, bug-bounty-tips, programming, technology, cybersecurity08-Mar-2025
Static Application Security Testing (SAST) for Xamarin Android Applicationshttps://medium.com/@k3r0/static-application-security-testing-sast-for-xamarin-android-applications-14b1bff84d14?source=rss------bug_bounty-5Kyrillos nadybug-bounty, red-team, xamarin, android, pentesting08-Mar-2025
Bypassing Authentication Like a Pro: Advanced Exploitation Techniqueshttps://javroot.medium.com/bypassing-authentication-like-a-pro-advanced-exploitation-techniques-a0a6463e4179?source=rss------bug_bounty-5Javrootcybersecurity, web-development, bug-bounty, bug-bounty-tips, infosec08-Mar-2025
Automating Information Gathering for Bug Bounty Huntershttps://cyberw1ng.medium.com/automating-information-gathering-for-bug-bounty-hunters-161f23dad2ae?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, automation, bug-bounty, cybersecurity, careers08-Mar-2025
The Secret to Choosing Targets That Actually Have Vulnerabilities : Bug Bounty Restart Phase 2https://infosecwriteups.com/the-secret-to-choosing-targets-that-actually-have-vulnerabilities-bug-bounty-restart-phase-2-3af718bc89bc?source=rss------bug_bounty-5Om Arorabug-bounty, bug-bounty-tips, programming, technology, cybersecurity08-Mar-2025
This tool helped me to find IDORhttps://medium.com/@canonminibeast/this-tool-helped-me-to-find-idor-c87a9c1a04f3?source=rss------bug_bounty-5Canonminibeastbugbout, bug-bounty, website08-Mar-2025
This tool helped me to find IDORhttps://medium.com/@canonminibeast/this-tool-helped-me-to-find-idor-c1897eee1b2d?source=rss------bug_bounty-5Canonminibeastbug-bounty, idor-vulnerability, hacking, cybersecurity, hacker08-Mar-2025
Automating Information Gathering for Bug Bounty Huntershttps://osintteam.blog/automating-information-gathering-for-bug-bounty-hunters-161f23dad2ae?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, automation, bug-bounty, cybersecurity, careers08-Mar-2025
I Found Exposing API Keys and Tokens in a Private Programhttps://medium.com/@Abhijeet_kumawat_/i-found-exposing-api-keys-and-tokens-in-a-private-program-1d02ef9e49d0?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, money, cybersecurity, infosec, hacking07-Mar-2025
I hacked space x and rewarded 2500$ Bypassing Full Payment to Regain Internet Accesshttps://bytesnull44.medium.com/i-hacked-space-x-and-rewarded-2500-bypassing-full-payment-to-regain-internet-access-bd6120483a06?source=rss------bug_bounty-5Bytesnullhacking, bug-bounty, bugcrowd, cybersecurity, hackerone07-Mar-2025
The Art of SSTI: From Detection to Dominationhttps://zeusvuln.medium.com/the-art-of-ssti-from-detection-to-domination-f5fdd2411439?source=rss------bug_bounty-5ZeUsVuLnbug-bounty-tips, bug-bounty-writeup, ssti, bug-bounty, cybersecurity07-Mar-2025
Anonymous access on SMB [Ejpt exam notes]https://medium.com/@hrofficial62/anonymous-access-on-smb-ejpt-exam-notes-b898d6f508fc?source=rss------bug_bounty-5Mr Horbiopentesting, ethical-hacking, cybersecurity, hacking, bug-bounty07-Mar-2025
Understanding DDoS Attacks: A Threat to Online Serviceshttps://medium.com/@HexaGaurd/understanding-ddos-attacks-a-threat-to-online-services-a837e459a311?source=rss------bug_bounty-5HexaGaurdcybersecurity, ddos, ddos-attack, bug-bounty, hexagaurd07-Mar-2025
I Found Exposing API Keys and Tokens in a Private Programhttps://cybersecuritywriteups.com/i-found-exposing-api-keys-and-tokens-in-a-private-program-1d02ef9e49d0?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, money, cybersecurity, infosec, hacking07-Mar-2025
How I Could Pre-Take Over Accounts on Target.com with a Simple Trick!https://medium.com/@jeetpal2007/how-i-could-pre-take-over-accounts-on-target-com-with-a-simple-trick-503599009f3c?source=rss------bug_bounty-5JEETPALcybersecurity, bug-bounty-tips, email-verification, bug-bounty, bugbounty-writeup07-Mar-2025
Bug Hunting: From Recon to Reportinghttps://osintteam.blog/bug-hunting-from-recon-to-reporting-3ad44ffd94dc?source=rss------bug_bounty-5Monika sharmabug-bounty, penetration-testing, bug-bounty-tips, technology, hacking07-Mar-2025
How to Run Tp-Link AC600(Archer T2U Plus) in Kali , and solve error.https://medium.com/@anandrishav2228/how-to-run-tp-link-ac600-archer-t2u-plus-in-kali-and-solve-error-8758c281cb8d?source=rss------bug_bounty-5Rishav anandaircrack-ng, bug-bounty, cybersecurity, tp-link, wifi07-Mar-2025
⚔️ Cyber Storm: Navigating the Digital Battlefield ⚔️https://osintteam.blog/%EF%B8%8F-cyber-storm-navigating-the-digital-battlefield-%EF%B8%8F-8cc433ce7687?source=rss------bug_bounty-5Krish_cyberjavascript, programming, technology, bug-bounty, cybersecurity07-Mar-2025
How a Hacker Mindset Can Save Your Business from Catastrophic Cyberattackshttps://medium.com/@hackrate/how-a-hacker-mindset-can-save-your-business-from-catastrophic-cyberattacks-fbaf484fc496?source=rss------bug_bounty-5Levente Molnarbug-bounty, bug-bounty-tips, penetration-testing, ethical-hacking, cybersecurity07-Mar-2025
Wayback Machine for Bug Bounty Huntinghttps://medium.com/@thexnumb/wayback-machine-for-bug-bounty-hunting-74802a454769?source=rss------bug_bounty-5Thexnumbwayback-machine, reconnaissance, bug-bounty, infosec, penetration-testing07-Mar-2025
Secret Bug Bounty Tips: $10K Dailyhttps://medium.com/@ibtissamhammadi/secret-bug-bounty-tips-10k-daily-5951273f0c29?source=rss------bug_bounty-5Ibtissam Hammadibug-bounty-program, bug-bounty-hunter, bug-bounty, cybersecurity, bug-bounty-tips07-Mar-2025
Uncovering an Account Linking Vulnerability: Persistent Unauthorized Access Without User Awarenesshttps://medium.com/@patidarbhuwan44/uncovering-an-account-linking-vulnerability-persistent-unauthorized-access-without-user-awareness-70141b5ccd2c?source=rss------bug_bounty-5Bhuwan Patidarvulnerability-disclosure, cybersecurity, bug-bounty, web-security, hacking07-Mar-2025
How to Find Vulnerabilities for Bug Hunting ️‍♂️https://medium.com/@vipulsonule71/how-to-find-vulnerabilities-for-bug-hunting-%EF%B8%8F-%EF%B8%8F-050e3a67e40e?source=rss------bug_bounty-5Vipul Sonuleai, cybersecurity, technology, bug-bounty, hacking07-Mar-2025
The Ultimate 2025 Guide to Securing a Job in Red Teaming ‍.https://medium.com/@anandrishav2228/the-ultimate-2025-guide-to-securing-a-job-in-red-teaming-6a1ef6edf1b8?source=rss------bug_bounty-5Rishav anandred-team, bug-bounty, money, hacking, cybersecurity07-Mar-2025
WordPress Misconfiguration Lead to User Files Disclosure ($$$)https://wahaz.medium.com/wordpress-misconfiguration-lead-to-user-files-disclosure-a7cbdce11df0?source=rss------bug_bounty-5Rizaldi Wahazcybersecurity, wordpress, penetration-testing, hacker, bug-bounty07-Mar-2025
Ethically Hacking a Mail Server: Finding Open Relays & Sending Phishing Emailshttps://medium.com/@dharineeshj2/ethically-hacking-a-mail-server-finding-open-relays-sending-phishing-emails-235ced92f076?source=rss------bug_bounty-5Hack-Batcybersecurity, pentesting, hacking, bug-bounty, black-hat-hacker07-Mar-2025
How To Start Bug Hunting in 2025https://medium.com/@anonyhelps.su/how-to-start-bug-hunting-in-2025-58c0c4dc1e9c?source=rss------bug_bounty-5Anonyhelps Suhacking, bug-bounty, hacking-training, earnings, cybersecurity07-Mar-2025
Email Disclosure via .git Config in project: $500 Bounty Bughttps://medium.com/@a13h1/email-disclosure-via-git-config-in-project-500-bounty-bug-ee057ca12e6f?source=rss------bug_bounty-5Abhi Sharmapenetration-testing, information-disclosure, bug-bounty, information-security, cybersecurity07-Mar-2025
Listen to my Podcast Guest Appearancehttps://medium.com/@hacktheplanet/listen-to-my-podcast-guest-appearance-493bd31a5103?source=rss------bug_bounty-5SirHaxAlottor, sirhaxalot, bug-bounty, darkweb, hacking07-Mar-2025
XSS IN OPERA-MINIhttps://davidferreira101.medium.com/xss-in-opera-mini-e0c2dd6b60c6?source=rss------bug_bounty-5David Ferreiracybersecurity, pentesting, bug-bounty07-Mar-2025
Finding Funded TRON Wallets: Is It Possible?https://medium.com/meetcyber/finding-funded-tron-wallets-is-it-possible-8e36f68f7448?source=rss------bug_bounty-5Erkan Kavasreconnaissance, trx, tron, bug-bounty, blockchain07-Mar-2025
Hunting PII Exposures — A Bug Bounty Perspectivehttps://medium.com/@blify/hunting-pii-exposures-a-bug-bounty-perspective-79212c65ab10?source=rss------bug_bounty-5Blifyinformation-security, bug-bounty, bug-bounty-tips, cybersecurity07-Mar-2025
CSPT: Your way to XSS & CSRF in Modern Appshttps://medium.com/@68abdelrahmanmohamed/cspt-your-way-to-xss-csrf-in-modern-apps-59260c8ad19a?source=rss------bug_bounty-5Abdulrahmanweb-penetration-testing, bug-bounty, penetration-testing07-Mar-2025
ZeroClick Account Takeover : A Four-Bug Chain Exploithttps://medium.com/@Cr40/zeroclick-account-takeover-a-four-bug-chain-exploit-115ce0f6fc23?source=rss------bug_bounty-5Asimbug-bounty, account-takeover, cybersecurity, penetration-testing, bug-bounty-writeup07-Mar-2025
OTP Bypass Bug in Public Bug Bounty Programhttps://infosecwriteups.com/otp-bypass-bug-in-public-bug-bounty-program-5554eafc18ab?source=rss------bug_bounty-5It4chis3cbug-bounty, otp-bypass, otp-verification, secrets, responsible-disclosure07-Mar-2025
8 Automated Methods to Discover API Keys Across Websites and API Requestshttps://cyberw1ng.medium.com/8-automated-methods-to-discover-api-keys-across-websites-and-api-requests-08d547cdbb80?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, programming, bug-bounty, automation07-Mar-2025
Day 23: Account Takeover via Response Manipulationhttps://medium.com/@danielbelay/day-23-account-takeover-via-response-manipulation-90a1fe62dd8e?source=rss------bug_bounty-5dani3lcybersecurity, bug-bounty, ethical-hacking, account-takeover-attacks07-Mar-2025
Exposed Files: The Gift That Keeps on Givinghttps://medium.com/@mahad.ahmed0x1/exposed-files-the-gift-that-keeps-on-giving-d0394df80f12?source=rss------bug_bounty-5404NotPentestedcoding, devops, web-development, cybersecurity, bug-bounty06-Mar-2025
Stored xss using PDF a bug?https://medium.com/@dsmodi484/stored-xss-using-pdf-a-bug-0690125015bb?source=rss------bug_bounty-5cryptoshantbug-bounty, lenovo, cybersecurity, pdf, hacking06-Mar-2025
How to Find Your First Bug ️‍♂️https://medium.com/@vipulsonule71/how-to-find-your-first-bug-%EF%B8%8F-%EF%B8%8F-d6a0b0ef40b3?source=rss------bug_bounty-5Vipul Sonuleai, cybersecurity, penetration-testing, bug-bounty, hacking06-Mar-2025
How To Find Low-Hanging Bugs?https://cybersecuritywriteups.com/how-to-find-low-hanging-bugs-6e8b3eb8b3ca?source=rss------bug_bounty-5Abhijeet Kumawatinfosec, money, bug-bounty, cybersecurity, hacking06-Mar-2025
My First Bug Bounty Win: How I Found and Reported a Security Vulnerabilityhttps://heinhtetagg.medium.com/my-first-bug-bounty-win-how-i-found-and-reported-a-security-vulnerability-c41fdfd717c2?source=rss------bug_bounty-5Hein Htet Aungbug-bounty, bug-bounty-writeup06-Mar-2025
CORS Exploitation Walkthrough | Bypass & Exploit Misconfigured CORS | Ethical Hacking Tutorialhttps://medium.com/@spector-sec/cors-exploitation-walkthrough-bypass-exploit-misconfigured-cors-ethical-hacking-tutorial-db15994788d3?source=rss------bug_bounty-5spector-seccors, bug-bounty, penetration-testing, info-sec-writeups, cybersecurity06-Mar-2025
Use this unique way to find broken link hijacking bugs.https://infosecwriteups.com/use-this-unique-way-to-find-broken-link-hijacking-bugs-3081878839d4?source=rss------bug_bounty-5loyalonlytodaybroken-link, cybersecurity, penetration-testing, ethical-hacking, bug-bounty06-Mar-2025
Finding the origin IP part 2https://infosecwriteups.com/finding-the-origin-ip-part-2-c96d7488c40e?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, tips, cybersecurity, programming, bug-bounty06-Mar-2025
How I Earned $4,000+ in My First Six Months of Bug Bounty Huntinghttps://medium.com/@nchaitreddyutilities/how-i-earned-4-000-in-my-first-six-months-of-bug-bounty-hunting-e969144a368a?source=rss------bug_bounty-5Chaitanya Reddybug-bounty-tips, bug-bounty-writeup, bug-bounty, cybersecurity06-Mar-2025
Is Bug Bounty Still a Good Career in 2025?https://medium.com/@HackerNasr/is-bug-bounty-still-a-good-career-in-2025-d5ef726b07f6?source=rss------bug_bounty-5HackerNasrpentesting, bug-bounty-tips, hacking, bug-bounty, ethical-hacking06-Mar-2025
Invite Me Once, I Own Your Account!” (HINDI + ENGLISH)https://medium.com/@ajay.kumar.695632/invite-me-once-i-own-your-account-hindi-english-b27cb72fe64a?source=rss------bug_bounty-5Ajay Kumarbugs, bug-bounty-tips, bug-bounty, bug-bounty-writeup06-Mar-2025
First Italians on Ferrari’s Hall of Fame: Our Experience with the Bug Bounty Programhttps://medium.com/@br3ss/first-italians-on-ferraris-hall-of-fame-our-experience-with-the-bug-bounty-program-5c101dba71c6?source=rss------bug_bounty-5Br3ssbug-bounty, ferrari, security, cybersecurity, seo06-Mar-2025
Never Underestimate Any Error. This is why I Got Appreciation Letter from Drexel University CISOhttps://hiddendom.medium.com/never-underestimate-any-error-this-is-why-i-got-appreciation-letter-from-drexel-university-ciso-ba37a6bad077?source=rss------bug_bounty-5Gokuleswaran Bbug-bounty-tips, bug-bounty-writeup, bug-bounty, bugs, penetration-testing06-Mar-2025
How Recon → SQLi Made €€€€ Bountyhttps://medium.com/@iski/how-recon-sqli-made-bounty-425fc0fa2e92?source=rss------bug_bounty-5Iskip1-bug, sql, cybersecurity, bug-bounty, bug-bounty-tips06-Mar-2025
A list of automated recon toolshttps://cybersecuritywriteups.com/a-list-of-automated-recon-tools-f0d034429532?source=rss------bug_bounty-5loyalonlytodaybug-bounty, recon, tips, penetration-testing, cybersecurity06-Mar-2025
Easy Account Takeover Using OTP Bypasshttps://medium.com/@dharineeshj2/easy-account-takeover-using-otp-bypass-4de2079fb9b1?source=rss------bug_bounty-5Hack-Batbug-bounty, hacking, vulnerability, cybersecurity06-Mar-2025
Enhancing Bug Bounty Hunting and Web App Pentesting with mitmproxy and Burp suitehttps://medium.com/@MutexSec/enhancing-bug-bounty-hunting-and-web-app-pentesting-with-mitmproxy-and-burp-suite-1d6d0f381bd0?source=rss------bug_bounty-5Exhaustedmutexred-team, penetration-testing, proxy, bug-bounty, burpsuite06-Mar-2025
Mastering 403 Forbidden Bypass Techniques ✨https://cybersecuritywriteups.com/mastering-403-forbidden-bypass-techniques-2ab393f1c77f?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, money, hacking, cybersecurity, infosec06-Mar-2025
How to Find SQL Injection ️‍♂️https://medium.com/@vipulsonule71/how-to-find-sql-injection-%EF%B8%8F-%EF%B8%8F-c5e2113ef263?source=rss------bug_bounty-5Vipul Sonulehacking, ai, cybersecurity, bug-bounty, penetration-testing06-Mar-2025
How I Ethically Hacked a Government Portal: SQL Injection in a Gov. Portalhttps://myselfakash20.medium.com/how-i-ethically-hacked-a-government-portal-sql-injection-in-a-gov-portal-9682869e5999?source=rss------bug_bounty-5Akash Ghoshbug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty, ethical-hacking06-Mar-2025
Understanding Race Conditions in Web Applicationshttps://medium.com/@shoaibbinrashid11/understanding-race-conditions-in-web-applications-9cc7c5984471?source=rss------bug_bounty-5Shoaib Bin Rashidweb-security, penetration-testing, bug-bounty, race-condition06-Mar-2025
How I Found My First CVE – A Beginner’s Guidehttps://abhinav-porwal.medium.com/how-i-found-my-first-cve-a-beginners-guide-3cf2b56b37f0?source=rss------bug_bounty-5Abhinav Porwalcybersecurity, bug-bounty, bug-bounty-tips, information-security, hacking06-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-116)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-116-a9a65ad7f24f?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips, hacking06-Mar-2025
The art of hunting logical bugs: Exploiting business logic in modern appshttps://infosecwriteups.com/the-art-of-hunting-logical-bugs-exploiting-business-logic-in-modern-apps-a374c3650b90?source=rss------bug_bounty-5Vivek PSprogramming, cybersecurity, bug-bounty, ethical-hacking06-Mar-2025
Bug Bounty: How a Race Condition Led to Application-Level DoShttps://medium.com/@Bug_Slay3r/bug-bounty-how-a-race-condition-led-to-application-level-dos-76458ae57e9d?source=rss------bug_bounty-5Shrujal Mandawkarbug-bounty, bug-bounty-tips, race-condition, bug-bounty-writeup, bugs06-Mar-2025
“Unlock Bug Bounty Rewards by Hunting Exposed debug.loghttps://krishna-cyber.medium.com/unlock-bug-bounty-rewards-by-hunting-exposed-debug-log-0d50382a64d1?source=rss------bug_bounty-5Krish_cyberbug-bounty-tips, bug-bounty, osint, programming, infosec-write-ups6-Mar-2025
✨ Cyber Guardians Unleashed: The Dynamic Duo of SOC & SIEM ✨https://krishna-cyber.medium.com/cyber-guardians-unleashed-the-dynamic-duo-of-soc-siem-80e3ccdc4c62?source=rss------bug_bounty-5Krish_cybertechnology, javascript, cybersecurity, bug-bounty, programming6-Mar-2025
Information Disclosure: AWS Sensitive API Key Leakagehttps://cyberw1ng.medium.com/information-disclosure-aws-sensitive-api-key-leakage-0b60d3af5109?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, programming, careers, cybersecurity, cloud06-Mar-2025
How I Discovered a Stored XSS Vulnerability in JS Fileshttps://cybersecuritywriteups.com/how-i-discovered-a-stored-xss-vulnerability-in-js-files-7b527d2c8962?source=rss------bug_bounty-5Krish_cyberprogramming, bug-bounty, xss-attack, cybersecurity, bug-bounty-tips06-Mar-2025
Information Disclosure: AWS Sensitive API Key Leakagehttps://osintteam.blog/information-disclosure-aws-sensitive-api-key-leakage-0b60d3af5109?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, programming, careers, cybersecurity, cloud06-Mar-2025
How I Ethically Hacked a Government Portal: SQL Injection in a Gov. Portalhttps://infosecwriteups.com/how-i-ethically-hacked-a-government-portal-sql-injection-in-a-gov-portal-9682869e5999?source=rss------bug_bounty-5Akash Ghoshcybersecurity, bug-bounty-tips, bug-bounty, ethical-hacking, technology06-Mar-2025
How I Found Sensitive Information using Github Dorks in Bug Bounties — Part 1https://mukibas37.medium.com/how-i-found-sensitive-information-using-github-dorks-in-bug-bounties-part-1-09c9465fa902?source=rss------bug_bounty-5Mukilan Baskaranethical-hacking, github-recon, cybersecurity, infosec, bug-bounty05-Mar-2025
One Program, Three Takeovers — A Deep Dive into Subdomain Hijacking!https://medium.com/@AhmedSamy-X/one-program-three-takeovers-a-deep-dive-into-subdomain-hijacking-a97405601a14?source=rss------bug_bounty-5Ahmedsamypenetration-testing, cybersecurity, bug-bounty, subdomain-takeover05-Mar-2025
Cracking the Shield: Advanced WAF Bypass Techniques That Still Work in 2025https://myselfakash20.medium.com/cracking-the-shield-advanced-waf-bypass-techniques-that-still-work-in-2025-814cee616ccf?source=rss------bug_bounty-5Akash Ghoshcybersecurity, bug-bounty-tips, bug-bounty, technology, bug-bounty-writeup05-Mar-2025
Understanding AES-256 Encryption: The Ultimate Security Standardhttps://medium.com/@viveksheela1707/understanding-aes-256-encryption-the-ultimate-security-standard-3535a5a8128a?source=rss------bug_bounty-5Vivek Sheelauser-testing, security, security-systems, technology, bug-bounty05-Mar-2025
$150 Easy HTML Injection Vulnerabilityhttps://medium.com/@Abhijeet_kumawat_/150-easy-html-injection-vulnerability-08de8584001d?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, infosec, cybersecurity, money, hacking05-Mar-2025
Finding jwt tokens that lead to PII data leakage.https://infosecwriteups.com/finding-jwt-tokens-that-lead-to-pii-data-leakage-b047d45d97bf?source=rss------bug_bounty-5loyalonlytodaycybersecurity, programming, bug-bounty, bug-bounty-tips, ethical-hacking05-Mar-2025
Able to create an account without a phone number. (unique bug)https://infosecwriteups.com/able-to-create-an-account-without-a-phone-number-unique-bug-1fe2d14b9d54?source=rss------bug_bounty-5loyalonlytodaytips, bug-bounty-tips, ethical-hacking, cybersecurity, bug-bounty05-Mar-2025
Find new apex domains that are related to your bug bounty target.https://infosecwriteups.com/find-new-apex-domains-that-are-related-to-your-bug-bounty-target-a05fdcbf5875?source=rss------bug_bounty-5loyalonlytodaytips, penetration-testing, bug-bounty, cybersecurity, programming05-Mar-2025
2025 OWASP Vulnerabilities Complete Guide for Security Testerhttps://infosecwriteups.com/2025-owasp-vulnerabilities-complete-guide-for-security-tester-8b20f754bee4?source=rss------bug_bounty-5Ajay Naikinformation-security, penetration-testing, owasp, owasp-top-10, bug-bounty05-Mar-2025
The Curious Case of an Insecure Password Reset Flawhttps://sapienshack.medium.com/the-curious-case-of-an-insecure-password-reset-flaw-135000e4a462?source=rss------bug_bounty-5Sapienshackpentesting, penetration-testing, bug-bounty, application-security, bug-bounty-writeup05-Mar-2025
Cybersecurity Update: Major Attacks and Trendshttps://medium.com/@sivaprakash4112/cybersecurity-update-major-attacks-and-trends-981a2c4e12b0?source=rss------bug_bounty-5Sivaprakash Sivakumarcybersecurity, bug-bounty, news, cyberattack, cryptocurrency05-Mar-2025
Cache Deception Attack help you make a good Bounty.(0–1)https://medium.com/@anandrishav2228/cache-deception-attack-help-you-make-a-good-bounty-0-1-3030c21fa3e6?source=rss------bug_bounty-5Rishav anandhacking, bug-bounty, cybersecurity, cache, money05-Mar-2025
XSS :- When, Where, and How to Strike in Web and Mobile Apps! and make $$$ Easilyhttps://medium.com/@anandrishav2228/xss-when-where-and-how-to-strike-in-web-and-mobile-apps-and-make-easily-b41c2f1e73f6?source=rss------bug_bounty-5Rishav anandhacking, money, xss-attack, bug-bounty, cybersecurity05-Mar-2025
Command Injection: The Ultimate Guide to Exploiting and Preventing OS Command Executionhttps://medium.com/@verylazytech/command-injection-the-ultimate-guide-to-exploiting-and-preventing-os-command-execution-85b74f519fce?source=rss------bug_bounty-5Very Lazy Techbug-bounty, injection-payloads, prevent-injection, command-injection, os-injection05-Mar-2025
$50-$100 worth Sensitive Leaks via Google Dorks | Part 2https://infosecwriteups.com/50-100-worth-sensitive-leaks-via-google-dorks-part-2-868f4b1e7919?source=rss------bug_bounty-5It4chis3cgoogle, secrets, bug-bounty, google-hacking, google-dork05-Mar-2025
How i Bypass 403 and earn bounty $$$$https://medium.com/@anandrishav2228/how-i-bypass-403-and-earn-bounty-faddabb4b497?source=rss------bug_bounty-5Rishav anandservers, cybersecurity, money, bug-bounty, hacking05-Mar-2025
Critical IDOR Vulnerability in Order Tracking System Exposes Customer Datahttps://jxycybersec.medium.com/critical-idor-vulnerability-in-order-tracking-system-exposes-customer-data-a9dbae34d329?source=rss------bug_bounty-5Digvijay Gholasebug-bounty-tips, bug-bounty, information-security, cybersecurity, bug-bounty-writeup05-Mar-2025
100 Kali Linux Commands for Penetration Testinghttps://medium.com/@kanastain1/100-kali-linux-commands-for-penetration-testing-bf578c53b5b6?source=rss------bug_bounty-5Kanastainpenetration-testing, cybersecurity, bug-bounty, pentest05-Mar-2025
How to Become a Bug Bounty Hunter ️‍♂️https://medium.com/@vipulsonule71/how-to-become-a-bug-bounty-hunter-%EF%B8%8F-%EF%B8%8F-daac7a6a4f16?source=rss------bug_bounty-5Vipul Sonulehacking, cybersecurity, bug-bounty-tips, penetration-testing, bug-bounty05-Mar-2025
Cracking the Code: Unveiling the Hidden Dangers of Account Takeoverhttps://osintteam.blog/cracking-the-code-unveiling-the-hidden-dangers-of-account-takeover-487fb5407c2c?source=rss------bug_bounty-5Krish_cyberbug-bounty-tips, infosec-write-ups, bug-bounty, account-takeover, bug-bounty-writeup05-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-115)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-115-35780b6d6fe4?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips, hacking05-Mar-2025
How to Run a Bug Bounty Program Without the Overheadhttps://medium.com/@hackrate/how-to-run-a-bug-bounty-program-without-the-overhead-bc12bcd87c56?source=rss------bug_bounty-5Levente Molnarbug-bounty, hacking, bug-bounty-tips, ethical-hacking, cybersecurity05-Mar-2025
How I Hacked NASA and Got a P1 on Bugcrowdhttps://0xjin.medium.com/how-i-hacked-nasa-and-got-a-p1-on-bugcrowd-512541e57eab?source=rss------bug_bounty-50xJinbugbounty-writeup, ethical-hacking, bugbounty-poc, bug-bounty, bugbounty-tips05-Mar-2025
How to find IDORshttps://medium.com/@julius.grosserode.19/how-to-find-idors-595424fe5fce?source=rss------bug_bounty-5Julioidor-vulnerability, idor, owasp-top-10, api, bug-bounty05-Mar-2025
My Bug Bounty Journey: Mistakes I Made and Advice for Beginnershttps://medium.com/@aminouji23/my-bug-bounty-journey-mistakes-i-made-and-advice-for-beginners-6b4d23ba50b3?source=rss------bug_bounty-5Aminoujimethodology, bug-bounty, cybersecurity, mystery05-Mar-2025
How IDOR and Broken Access Control Exposed Private Data and Earned Me $4,000 in 1 Dayhttps://medium.com/@ibtissamhammadi/how-idor-and-broken-access-control-exposed-private-data-and-earned-me-4-000-in-1-day-dd01a07e93e4?source=rss------bug_bounty-5Ibtissam Hammadiidor, bug-bounty, web-application-security, ethical-hacking, broken-access-control05-Mar-2025
BreachSeek - Multi-Agent Automated Penetration Testerhttps://gaya3-r.medium.com/breachseek-multi-agent-automated-penetration-tester-b5fd61dab0a4?source=rss------bug_bounty-5gayatri rbug-bounty-writeup, pentesting, bug-bounty, llm-pentesting05-Mar-2025
Automating Information Gathering in Cloud Environmentshttps://cyberw1ng.medium.com/automating-information-gathering-in-cloud-environments-ee1e56a4f6bd?source=rss------bug_bounty-5Karthikeyan Nagarajautomation, osint, cloud, bug-bounty, cybersecurity05-Mar-2025
The Prefix, The Suffix, and the SQL Injection That Almost Got Awayhttps://clarkvoss.medium.com/the-prefix-the-suffix-and-the-sql-injection-that-almost-got-away-b76376cb74e1?source=rss------bug_bounty-5Clark Vosshacking, cybersecurity, security, hacking-tools, bug-bounty05-Mar-2025
Finding Exposed AWS Buckets Like a Pro! : Bug Bounty Recon [Part-2]https://medium.com/@hrofficial62/finding-exposed-aws-buckets-like-a-pro-bug-bounty-recon-part-2-81012428256f?source=rss------bug_bounty-5Mr Horbiohacking, cybersecurity, pentesting, bug-bounty, ethical-hacking04-Mar-2025
different types of burp suite extensions for bug hunting and penetration testinghttps://osintteam.blog/different-types-of-burp-suite-extensions-for-bug-hunting-and-penetration-testing-ebc80ec14aa7?source=rss------bug_bounty-5loyalonlytodaybug-bounty, penetration-testing, tips, cybersecurity, burpsuite04-Mar-2025
How I Achieved the Hall of Fame on a U.S. Government Websitehttps://medium.com/@Abhijeet_kumawat_/how-i-achieved-the-hall-of-fame-on-a-u-s-government-website-8ff6fbdcf176?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, cybersecurity, infosec, hacking, us-government04-Mar-2025
Why beginners should look for open redirect vulnerabilities: An easy win in ethical hackinghttps://medium.com/@vivekps143/why-beginners-should-look-for-open-redirect-vulnerabilities-an-easy-win-in-ethical-hacking-18fe21cf630d?source=rss------bug_bounty-5Vivek PSprogramming, hacking, cybersecurity, bugbounty-writeup, bug-bounty04-Mar-2025
Rate limit bypass lead to OTP bypass($600)https://bytesnull44.medium.com/rate-limit-bypass-lead-to-otp-bypass-600-f64f39f9e130?source=rss------bug_bounty-5Bytesnullhackerone, bug-bounty, bugcrowd, cybersecurity04-Mar-2025
The Mindset of a Successful Bug Bounty Hunter: Think Like a Hacker, Act Like a Scientisthttps://medium.com/@vivekps143/the-mindset-of-a-successful-bug-bounty-hunter-think-like-a-hacker-act-like-a-scientist-744253e2f091?source=rss------bug_bounty-5Vivek PSartificial-intelligence, bug-bounty, ethical-hacking, programming, cybersecurity04-Mar-2025
Advanced Bug Hunting Techniques: Unearthing Unique Bugs with AI and Exploitshttps://medium.com/@codelinex/advanced-bug-hunting-techniques-unearthing-unique-bugs-with-ai-and-exploits-d404b7aa9c4b?source=rss------bug_bounty-5CodelineX Pvt Ltdbug-bounty, hacking, cybersecurity04-Mar-2025
The Underground Art of Client-Side Bug Hunting: Uncovering Hidden Vulnerabilities in Web…https://medium.com/@codelinex/the-underground-art-of-client-side-bug-hunting-uncovering-hidden-vulnerabilities-in-web-899330fcb6e5?source=rss------bug_bounty-5CodelineX Pvt Ltdcybersecurity, internet, bug-bounty, hacking04-Mar-2025
I hack the online gambling via xss upload (part 2) (3500 USD)https://bytesnull44.medium.com/i-hack-the-online-gambling-via-xss-upload-part-2-3500-usd-18fb7646b506?source=rss------bug_bounty-5Bytesnullcybersecurity, bug-bounty-tips, xss-vulnerability, xss-attack, bug-bounty04-Mar-2025
The Art of WAF Bypass: Advanced Techniques and Strategies for Ethical Hackershttps://medium.com/@codelinex/the-art-of-waf-bypass-advanced-techniques-and-strategies-for-ethical-hackers-d8f05cea0353?source=rss------bug_bounty-5CodelineX Pvt Ltdhacking, cybersecurity, bug-bounty-tips, cyber-security-awareness, bug-bounty04-Mar-2025
️‍♂️ When Google Became My Personal Vulnerability Scanner and helped me to find Exposed…https://hiddendom.medium.com/%EF%B8%8F-%EF%B8%8F-when-google-became-my-personal-vulnerability-scanner-and-helped-me-to-find-exposed-d1d28d24d2ac?source=rss------bug_bounty-5Gokuleswaran Bdorks, bug-bounty-tips, bug-bounty-writeup, vulnerability, bug-bounty04-Mar-2025
I hack the online gambling via xss upload (part 1) 5000 USD)https://bytesnull44.medium.com/i-hack-the-online-gambling-via-xss-upload-part-1-5000-usd-7a27bedd03a5?source=rss------bug_bounty-5Bytesnullhacking, bugbounty-writeup, cybersecurity, bug-bounty04-Mar-2025
Critical IDOR on chat message (1000 USD)https://bytesnull44.medium.com/critical-idor-on-chat-message-1000-usd-e07f3a28730d?source=rss------bug_bounty-5Bytesnullbugbounty-tips, cybersecurity, hacking, bug-bounty04-Mar-2025
Bypassing Client-Side Controlshttps://medium.com/@muhammad4208/bypassing-client-side-controls-6f85c97747d7?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-program, bug-bounty-hunter, bug-bounty, bug-bounty-tips, web-testing4-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-114)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-114-930889caa359?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, ethical-hacking, cybersecurity, hacking, bug-bounty4-Mar-2025
$1500 Blind Sql injection via json bodyhttps://bytesnull44.medium.com/1500-blind-sql-injection-via-json-body-4091bf8b02cc?source=rss------bug_bounty-5Bytesnullvulnerability, infosec, cybersecurity, bug-bounty4-Mar-2025
Day 22: Account Takeover Worth $1000https://medium.com/@danielbelay/day-22-account-takeover-worth-1000-a07ef7dd460f?source=rss------bug_bounty-5dani3lbug-bounty, cybersecurity, account-takeover, ethical-hacking4-Mar-2025
Blind SSRF with Out-of-Band Detectionhttps://medium.com/@codingbolt.in/blind-ssrf-with-out-of-band-detection-0d53e2986a73?source=rss------bug_bounty-5codingboltethical-hacking, ssrf, bug-bounty-tips, bug-bounty, ssrf-attack04-Mar-2025
Advanced Dorking Methodology for Finding Vulnerabilities (Part 2)https://hackersatty.medium.com/advanced-dorking-methodology-for-finding-vulnerabilities-part-2-47a251b245c1?source=rss------bug_bounty-5hackersattymedium, bug-bounty-writeup, bug-bounty-tips, google-dork, bug-bounty04-Mar-2025
Unauthenticated SharePoint File Enumeration and Downloadinghttps://soltanali0.medium.com/unauthenticated-sharepoint-file-enumeration-and-downloading-a39ecc07e688?source=rss------bug_bounty-5soltanali0sharepoint, microsoft, bug-bounty, hacking04-Mar-2025
How to Use Automated Tools for Information Gatheringhttps://medium.com/@vipulsonule71/how-to-use-automated-tools-for-information-gathering-779bae995dc8?source=rss------bug_bounty-5Vipul Sonulebug-bounty, writing, technology, hacking, cybersecurity04-Mar-2025
Breaking and Fixing My Way Into Cybersecurityhttps://medium.com/@MutexSec/breaking-and-fixing-my-way-into-cybersecurity-1c888d959823?source=rss------bug_bounty-5Exhaustedmutexpenetration-testing, technology, cybersecurity, bug-bounty, journal04-Mar-2025
Footprinting & Information Gathering Master Indexhttps://medium.com/@0xizen/footprinting-information-gathering-master-index-84f00469f45a?source=rss------bug_bounty-5Shashi Raj Jhared-team, information-gathering, footprinting, bug-bounty, bug-bounty-tips04-Mar-2025
Do CTFs Really Make You Better at Hacking?https://medium.com/@HackerNasr/do-ctfs-really-make-you-better-at-hacking-3975e9295266?source=rss------bug_bounty-5HackerNasrbug-bounty-tips, hacking, ctf, bug-bounty, capture-the-flag04-Mar-2025
Top 50 Reconnaissance Tools for 2025https://medium.com/@codingbolt.in/top-50-reconnaissance-tools-for-2025-711ab067c737?source=rss------bug_bounty-5codingboltrecon, cybersecurity, bug-bounty, reconnaissance, ethical-hacking04-Mar-2025
SSRF and the Pitfalls of Blacklist-Based Input Filtershttps://medium.com/@codingbolt.in/ssrf-and-the-pitfalls-of-blacklist-based-input-filters-b19e4765fa6d?source=rss------bug_bounty-5codingboltethical-hacking, ssrf-attack, ssrf, bug-bounty, bug-bounty-tips04-Mar-2025
How I Discovered One More Easy Bug in 5 Minuteshttps://medium.com/@Abhijeet_kumawat_/how-i-discovered-one-more-easy-bug-in-5-minutes-e1f07ac766f6?source=rss------bug_bounty-5Abhijeet Kumawathacking, infosec, bug-bounty, cybersecurity, money04-Mar-2025
Guide to Downloading, Installing, and Configuring Burp Suite Professional on Kali Linuxhttps://abhinav-porwal.medium.com/guide-to-downloading-installing-and-configuring-burp-suite-professional-on-kali-linux-19ca40b0bba4?source=rss------bug_bounty-5Abhinav Porwalburp-suite-pro, bug-bounty, burpsuite, cybersecurity, ethical-hacking04-Mar-2025
Bug Bounty Journey — Valid Report Part 4https://medium.com/@0xF3r4t/bug-bounty-journey-valid-report-part-4-b7bc49aaa737?source=rss------bug_bounty-50xF3r4twayback-machine, bug-bounty04-Mar-2025
Streamline Reconnaissance with NetSanitizer: A URL Deduplication Powerhouse for Bug Bounty Huntershttps://medium.com/@iamsecure1920/streamline-reconnaissance-with-netsanitizer-a-url-deduplication-powerhouse-for-bug-bounty-hunters-a2832821b03c?source=rss------bug_bounty-5iamsecure1920 (Sai Krishna Sobila )bug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips, bounty-program04-Mar-2025
$50-$100 worth Sensitive Leaks via Google Dorks | Part 1https://infosecwriteups.com/50-100-worth-sensitive-leaks-via-google-dorks-part-1-b5e72af87513?source=rss------bug_bounty-5It4chis3cgoogle, bug-bounty, google-dork, secrets, dorking04-Mar-2025
Day 0: Starting My 100-Day Bug Bounty Journeyhttps://medium.com/@swethas274/day-0-starting-my-100-day-bug-bounty-journey-37d032c853d3?source=rss------bug_bounty-5Swethaside-hustle, bug-bounty, cybersecurity, hacking, 100daychallenge04-Mar-2025
Best Browser Extensions for Bug Hunting and Cybersecurityhttps://abhinav-porwal.medium.com/best-browser-extensions-for-bug-hunting-and-cybersecurity-5cfc4866cdab?source=rss------bug_bounty-5Abhinav Porwalinformation-security, cybersecurity, hacking, bug-bounty, bug-bounty-tips04-Mar-2025
How to Find Your First Easy Bug as a Bug Bounty Hunter (Step-by-Step Guide)https://abhinav-porwal.medium.com/how-to-find-your-first-easy-bug-as-a-bug-bounty-hunter-step-by-step-guide-151f3150ba4e?source=rss------bug_bounty-5Abhinav Porwalethical-hacking, cybersecurity, bug-bounty-writeup, bug-bounty, bug-bounty-tips04-Mar-2025
How i breached the US federal goverment and found 10,000 plus classfied infomationhttps://medium.com/@coffeeaddict_exe/how-i-breached-the-us-federal-goverment-and-found-10-000-plus-classfied-infomation-dfac687a8c44?source=rss------bug_bounty-5CoffeeAddictusa, bug-bounty, government, bug-bounty-tips, hacking04-Mar-2025
How I Made $5,000 in 3 Days with Bounty Hunting (No Experience Needed)https://medium.com/@ibtissamhammadi/how-i-made-5-000-in-3-days-with-bounty-hunting-no-experience-needed-9050f3548a84?source=rss------bug_bounty-5Ibtissam Hammadibeginners-guide, cybersecurity, ethical-hacking, bug-bounty, earn-money-online04-Mar-2025
From Zero to Hero: Your Step-by-Step Guide to Bagging Your First Bug Bounty (With Real-World…https://krishna-cyber.medium.com/from-zero-to-hero-your-step-by-step-guide-to-bagging-your-first-bug-bounty-with-real-world-0e2f63ac0030?source=rss------bug_bounty-5Krish_cyberbug-bounty, bug-bounty-writeup, bug-zero, bugs, bug-bounty-tips04-Mar-2025
Auth Bypass & Unauthorized Access via Hidden Loginhttps://medium.com/@hossam_hamada/auth-bypass-unauthorized-access-via-hidden-login-65bca9810ddc?source=rss------bug_bounty-5Hossam Hamadabug-bounty-tips, hackerone, bugbounty-writeup, bug-bounty04-Mar-2025
Sensitive API Key Leakage Report Disclosure: AWS VDPhttps://cyberw1ng.medium.com/sensitive-api-key-leakage-report-disclosure-aws-vdp-b26806e1ecd1?source=rss------bug_bounty-5Karthikeyan Nagarajcloud, programming, jobs, bug-bounty, cybersecurity04-Mar-2025
The Art of Recon: Hunting Bugs Before They Hide — Part Three (From Recon to Reward)https://zeusvuln.medium.com/the-art-of-recon-hunting-bugs-before-they-hide-part-three-from-recon-to-reward-c9eea7cf5b10?source=rss------bug_bounty-5ZeUsVuLnbug-bounty-tips, bug-bounty-writeup, reconnaissance, cybersecurity, bug-bounty04-Mar-2025
Defining the Pentest Scope: OWASP ZAP Context & Subdomainshttps://err0rsecur1ty.medium.com/defining-the-pentest-scope-owasp-zap-context-subdomains-7e5ff5dfd74d?source=rss------bug_bounty-5Zehzah M.A | ( Err0r_SecuR1ty )ethical-hacking, cybersecurity, owaspzap, bug-bounty, penetration-testing04-Mar-2025
I Discovered a Critical Security Flaw That Changed How I Protect My Data Foreverhttps://medium.com/@ibtissamhammadi/i-discovered-a-critical-security-flaw-that-changed-how-i-protect-my-data-forever-30becd75d83c?source=rss------bug_bounty-5Ibtissam Hammadicybersecurity, critical-security, ethical-hacking, bug-bounty, bug-bounty-hunting03-Mar-2025
Mastering XSS on the Fly: The Ultimate Guide to Web Vulnerabilities and Bug Bountieshttps://cybersecuritywriteups.com/mastering-xss-on-the-fly-the-ultimate-guide-to-web-vulnerabilities-and-bug-bounties-78502107ea9b?source=rss------bug_bounty-5Krish_cyberbug-bounty, idor, osint, infosec-write-ups, xss-attack03-Mar-2025
From Zero to Hero: How I Uncovered a Critical Privilege Escalation Flaw and Earned $500https://cybersecuritywriteups.com/from-zero-to-hero-how-i-uncovered-a-critical-privilege-escalation-flaw-and-earned-500-c6be96484090?source=rss------bug_bounty-5Krish_cyberosint, bug-bounty-tips, bug-bounty, info-sec-writeups, information-security03-Mar-2025
ChatGPT for Bug Bounty Hunters: Custom Payloads, Automated Scripts, and Morehttps://medium.com/@Abhijeet_kumawat_/chatgpt-for-bug-bounty-hunters-custom-payloads-automated-scripts-and-more-125aef1e9a80?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, cybersecurity, infosec, hacking, money03-Mar-2025
How to choose a target for Bug-Bounty to earn extra $$$.https://medium.com/@anandrishav2228/how-to-choose-a-target-for-bug-bounty-to-earn-extra-d081bcd93692?source=rss------bug_bounty-5Rishav anandmoney, hacking, bug-bounty-tips, cybersecurity, bug-bounty03-Mar-2025
A BIG MISCONCEPTION: “MY ORGANISATION IS NOT MATURE ENOUGH FOR BUG BOUNTY”https://medium.com/@hackrate/a-big-misconception-my-organisation-is-not-mature-enough-for-bug-bounty-93c87b131baf?source=rss------bug_bounty-5Levente Molnarcybersecurity, hacking, bug-bounty-tips, bug-bounty, ethical-hacking03-Mar-2025
Qumursqa mukofotihttps://medium.com/@buckybyte/qumursqa-mukofoti-1200f848d1b7?source=rss------bug_bounty-5Bucky Bytebug-bounty03-Mar-2025
Setting Up XSSHunter(Latest) with Docker and Cloudflare Proxyhttps://petruknisme.medium.com/setting-up-xsshunter-latest-with-docker-and-cloudflare-proxy-6c35db80762c?source=rss------bug_bounty-5Aanxsshunter, xs, web-pentesting, pentest, bug-bounty03-Mar-2025
Advanced Open Redirection Techniques and Exploitation Using Burp Suite Dynamic Analysishttps://medium.com/@shadyfarouk1986/advanced-open-redirection-techniques-and-exploitation-using-burp-suite-dynamic-analysis-6d6f5bc23f66?source=rss------bug_bounty-5Shady Faroukbug-bounty, bug-bounty-writeup, pentesting, hacking03-Mar-2025
You Have No Experience, But Want to Start Bug Bounty Hunting?https://systemweakness.com/you-have-no-experience-but-want-to-start-bug-bounty-hunting-0fd4e5d700d9?source=rss------bug_bounty-5HackerNasrbug-bounty, ethical-hacking, careers, career-advice, hacking03-Mar-2025
Server-Side Request Forgery (SSRF): Attacking Internal Networks via External Requestshttps://medium.com/ssd-secure-disclosure/server-side-request-forgery-ssrf-attacking-internal-networks-via-external-requests-333afd84ce94?source=rss------bug_bounty-5Oded van Kloetenssrf, code, bug-bounty, cybersecurity, hacking03-Mar-2025
The Curious Case of a Patched IDOR and the Rabbit Hole That Followedhttps://medium.com/@stephenuchechukwu68/the-curious-case-of-a-patched-idor-and-the-rabbit-hole-that-followed-04a40297e5fd?source=rss------bug_bounty-5Stephenuchechukwucybersecurity, ethical-hacking, bug-bounty03-Mar-2025
Secret Google Dorks to Find Bug Bounty Programshttps://medium.com/@Abhijeet_kumawat_/secret-google-dorks-to-find-bug-bounty-programs-3896014e79ce?source=rss------bug_bounty-5Abhijeet Kumawathacking, cybersecurity, google-dork, secrets, bug-bounty03-Mar-2025
Basic SSRF Against Another Back-End Systemhttps://medium.com/@codingbolt.in/basic-ssrf-against-another-back-end-system-5f285cd83b0a?source=rss------bug_bounty-5codingboltbugs, ssrf, bug-bounty-tips, ssrf-attack, bug-bounty03-Mar-2025
My First Private Bug Bounty Invitation — The Real Game Beginshttps://medium.com/@sivasankardas/my-first-private-bug-bounty-invitation-the-real-game-begins-f80af1133f25?source=rss------bug_bounty-5Sivasankardasreconnaissance, hall-of-fame, cybersecurity, bug-bounty, cross-site-scripting-xss03-Mar-2025
Asset discovery with favicon hash.https://medium.com/infosecmatrix/asset-discovery-with-favicon-hash-267cea766385?source=rss------bug_bounty-5loyalonlytodaytips, favicon, programming, cybersecurity, bug-bounty03-Mar-2025
IDOR Allows Attackers to Delete Any User’s Identity Documents | IDOR | $$$$https://medium.com/@Bug_Slay3r/idor-allows-attackers-to-delete-any-users-identity-documents-idor-18f0cc901d16?source=rss------bug_bounty-5Shrujal Mandawkarvulnerability, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bugs03-Mar-2025
Bug Bounty Hunting with Censys: Finding an Unsecured Elasticsearch Instance and Reporting Ithttps://medium.com/@hacker_might/bug-bounty-hunting-with-censys-finding-an-unsecured-elasticsearch-instance-and-reporting-it-13a619cc0b4e?source=rss------bug_bounty-5hacker_mightbug-bounty, reconnaissance, censys, bug-bounty-writeup, threat-intelligence03-Mar-2025
“I Missed $2,200 by Closing Burp Suite Too Fast — Here’s How You Can Avoid My Costly Mistake”https://cybersecuritywriteups.com/i-missed-2-200-by-closing-burp-suite-too-fast-heres-how-you-can-avoid-my-costly-mistake-91dc2e1d865d?source=rss------bug_bounty-5Krish_cyberbug-bounty, bug-bounty-tips, infosec-write-ups, cybersecurity, osint03-Mar-2025
How I Uncovered an Email Leak That Could Have Cost Millionshttps://krishna-cyber.medium.com/how-i-uncovered-an-email-leak-that-could-have-cost-millions-66500548d0b6?source=rss------bug_bounty-5Krish_cyberinfosec-write-ups, information-security, bug-bounty-tips, bug-bounty, bug-bounty-writeup03-Mar-2025
Hacking My Way to $3,000: Unmasking a Sneaky IDOR Vulnerability ️♂️https://cybersecuritywriteups.com/hacking-my-way-to-3-000-unmasking-a-sneaky-idor-vulnerability-%EF%B8%8F-%EF%B8%8F-06ebcb65ba9a?source=rss------bug_bounty-5Krish_cybervulnerability, osint, infosec-write-ups, hacking, bug-bounty03-Mar-2025
Local File Disclosure/..https://medium.com/@julius.grosserode.19/local-file-disclosure-743f88291211?source=rss------bug_bounty-5Juliolocal-file-read, bugs, bug-bounty, directory-traversal, local-file-exposure03-Mar-2025
Discovering Sensitive Information Using GitHub Dorkshttps://cyberw1ng.medium.com/discovering-sensitive-information-using-github-dorks-10fd7e032bbd?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, github, careers, programming, cybersecurity03-Mar-2025
Subdomain Takeover: How I Almost Snatched a Vulnerable Subdomain (But Was Too Late!)chttps://medium.com/@AhmedSamy-X/subdomain-takeover-how-i-almost-snatched-a-vulnerable-subdomain-but-was-too-late-c-a2a0afe7b2d9?source=rss------bug_bounty-5Ahmedsamyethical-hacking, cybersecurity, bug-bounty03-Mar-2025
Discovering 3 in a Row: BAC Read-only Vulnerabilities Total $4,182https://medium.com/@robert0/discovering-3-in-a-row-bac-read-only-vulnerabilities-total-4-182-59c93b753eb8?source=rss------bug_bounty-5Mr Robert | Ahmed M Hassanhackerone, bug-bounty, cybersecurity, bug-bounty-tips, bug-bounty-writeup03-Mar-2025
Cross-System Communication: Injection Vulnerabilities Internalshttps://kalawy.medium.com/cross-system-communication-injection-vulnerabilities-internals-19d406bb57d5?source=rss------bug_bounty-5Kalawysecurity-research, bug-bounty, sql-injection, vulnerability, web-attack03-Mar-2025
How Reading Disclosed Bug Bounty Reports Can Make You a Better Hacker — And Even Earn You Some…https://medium.com/@weaponshot/how-reading-disclosed-bug-bounty-reports-can-make-you-a-better-hacker-and-even-earn-you-some-45fb4d1adf4d?source=rss------bug_bounty-5Matyis Konghackerone, hacking, bugcrowd, cybersecurity, bug-bounty03-Mar-2025
Cómo TLS Pass Through Ayuda a Reducir el Ruido en Burp Suitehttps://medium.com/@ArtsSEC/c%C3%B3mo-tls-pass-through-ayuda-a-reducir-el-ruido-en-burp-suite-091b2b06d165?source=rss------bug_bounty-5ArtsSECbug-bounty, pentesting, security, infosec, burpsuite03-Mar-2025
Discovering Sensitive Information Using GitHub Dorkshttps://osintteam.blog/discovering-sensitive-information-using-github-dorks-10fd7e032bbd?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, github, careers, programming, cybersecurity03-Mar-2025
Web Vulnerabilities 104: Dependency Confusion — When Your App Trusts the Wrong Stranger!https://medium.com/@shadyfarouk1986/web-vulnerabilities-104-dependency-confusion-when-your-app-trusts-the-wrong-stranger-46be46fecb93?source=rss------bug_bounty-5Shady Faroukbug-bounty, bugbounty-writeup02-Mar-2025
How I Found Sensitive Information Disclosurehttps://medium.com/@Abhijeet_kumawat_/how-i-found-sensitive-information-disclosure-21533fb8c6d2?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, sensitive-information, white-hat-hacker, hacking, cybersecurity02-Mar-2025
Blind SQL Injection in Oracle Database: Exfiltrating Data with Burp Collaborator  —  SQL Injection…https://infosecwriteups.com/blind-sql-injection-in-oracle-database-exfiltrating-data-with-burp-collaborator-sql-injection-2b8062b04d51?source=rss------bug_bounty-5Bash Overflowsql-injection-oracle-db, sqli-data-exfiltration, bug-bounty, blind-sql-injection, bug-bounty-writeup02-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-113)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-113-572a98bcfbe0?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, bug-bounty, bug-bounty-tips, hacking, ethical-hacking02-Mar-2025
Day 21: Full Account Takeover via Open Redirectionhttps://medium.com/@danielbelay/day-21-full-account-takeover-via-open-redirection-5f3ca7f0c726?source=rss------bug_bounty-5dani3lbug-bounty, cybersecurity, account-takeover, account-takeover-attacks02-Mar-2025
CVE-2024–57062: The iOS App That Keeps You Logged In — Even After Uninstallinghttps://medium.com/@sahildabhilkar4/cve-2024-57062-the-ios-app-that-keeps-you-logged-in-even-after-uninstalling-ecc334997b7f?source=rss------bug_bounty-5Sahildabhilkarvulnerability-disclosure, cybersecurity, cve, bug-bounty, ios-security02-Mar-2025
This is The Easiest Bug You Can Find✨https://medium.com/@Abhijeet_kumawat_/this-is-the-easiest-bug-you-can-find-b418fade22ee?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, hacking, infosec, money, cybersecurity02-Mar-2025
Open Redirectshttps://medium.com/@julius.grosserode.19/open-redirects-7337ea352c93?source=rss------bug_bounty-5Julioxss-vulnerability, open-redirect, xss-attack, redirect, bug-bounty02-Mar-2025
The Idor vulnerability and its impact on users safelyhttps://medium.com/@Dorking1/steps-to-reproduce-the-vulnerability-df7c7c242507?source=rss------bug_bounty-5Dorking1penetration-testing, bug-bounty02-Mar-2025
I’ve just discovered a new tool that looks very promising: WPProbe, a WordPress security scanner.https://medium.com/@bidushtripathi/ive-just-discovered-a-new-tool-that-looks-very-promising-wpprobe-a-wordpress-security-scanner-266f2da3bbac?source=rss------bug_bounty-5ProgHubbug-bounty, web-development, cybersecurity, hacking, linux02-Mar-2025
TOP 10 Hacking OAuth 2.0 Techniques — Part 1https://medium.com/@itamar.yochpaz/top-10-hacking-oauth-2-0-techniques-part-1-107238663a03?source=rss------bug_bounty-5Itamar Yochpazpenetration-testing, cybersecurity, bug-bounty, application-security, hacking02-Mar-2025
HackTheBox: APKey Mobile Challengehttps://medium.com/@k3r0/hackthebox-apkey-mobile-challenge-6e3cf5647c2d?source=rss------bug_bounty-5Kyrillos nadyhackthebox, bug-bounty, android, mobile, red-team02-Mar-2025
From Web Cache Poisoning to Persistent XSS — A High Severity Bughttps://medium.com/@HackerNasr/from-web-cache-poisoning-to-persistent-xss-a-high-severity-bug-87bb6c19239d?source=rss------bug_bounty-5HackerNasrpentesting, bug-bounty, ethical-hacking, cybersecurity, hacking02-Mar-2025
2/30 Cryptographic Failures Bughttps://jooexploit.medium.com/2-30-cryptographic-failures-bug-3c8f9efa523e?source=rss------bug_bounty-5Jooexploitbug-bounty, writeup, cryptographic02-Mar-2025
Cloud Security Roadmaphttps://medium.com/offensive-black-hat-hacking-security/cloud-security-roadmap-702fdb0815ca?source=rss------bug_bounty-5Harshad Shahbug-bounty, cloud-security, penetration-testing, cloud, cybersecurity02-Mar-2025
Top 10 Tools for Bug Bounty Hunting in 2025https://bitpanic.medium.com/top-10-tools-for-bug-bounty-hunting-in-2025-52cd7c34094d?source=rss------bug_bounty-5Spectat0rguyai-generated-content, cybersecurity, technology, programming, bug-bounty02-Mar-2025
How I Uncovered IDOR, XSS, and Full Account Takeover in a Single Hunthttps://krishna-cyber.medium.com/how-i-uncovered-idor-xss-and-full-account-takeover-in-a-single-hunt-acfce2f9a84f?source=rss------bug_bounty-5Krish_cyberxss-attack, bug-bounty, hacking, idor, infosec-write-ups02-Mar-2025
Bypassing 2FA: Advanced Techniques Hackers Use & How to Stop Themhttps://medium.com/@rishishakya30/bypassing-2fa-advanced-techniques-hackers-use-how-to-stop-them-4e7de384258a?source=rss------bug_bounty-5CodelineX Pvt Ltdcybersecurity, bug-bounty02-Mar-2025
MongoDB Penetration Testing: A Comprehensive Guidehttps://infosecwriteups.com/mongodb-penetration-testing-a-comprehensive-guide-df80d829f060?source=rss------bug_bounty-5Ajay Naikinformation-technology, bug-bounty, information-security, cybersecurity, cyberattack02-Mar-2025
Finding a Publicly Accessible Asset Leak: How I Reported a Critical Vulnerability ##NASAhttps://medium.com/@ashokpandiya71/finding-a-publicly-accessible-asset-leak-how-i-reported-a-critical-vulnerability-nasa-9fd626df59f5?source=rss------bug_bounty-5Ashok kumar pareekbug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity, hall-of-fame02-Mar-2025
How I Exploited an OTP Vulnerability & Reported It! $$$https://medium.com/@Bug_Slay3r/how-i-exploited-an-otp-vulnerability-reported-it-660da35d997a?source=rss------bug_bounty-5Shrujal Mandawkarbug-bounty-writeup, vulnerability, bug-bounty-tips, bug-bounty, bugs02-Mar-2025
How to Earn Bug Bounties with GitHub: A Practical Guide for Beginnershttps://cyberw1ng.medium.com/how-to-earn-bug-bounties-with-github-a-practical-guide-for-beginners-20463cf2c125?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, programming, git, cybersecurity, bug-bounty02-Mar-2025
Day 114 — Exploring Cyber Bug Bounty Programshttps://medium.com/@thecyberkid12/day-114-exploring-cyber-bug-bounty-programs-41b0cc2790fb?source=rss------bug_bounty-5Sushrita Swainbug-bounty, cybersecurity02-Mar-2025
Day 113 — Exploring Bug Bounty Programs and Capture the Flag Challengeshttps://medium.com/@thecyberkid12/day-113-exploring-bug-bounty-programs-and-capture-the-flag-challenges-ba4d45092e1f?source=rss------bug_bounty-5Sushrita Swaincybersecurity, capture-the-flag, ctf, bug-bounty02-Mar-2025
How to Identify Sensitive Data in JavaScript Fileshttps://medium.com/@khalyylgam/how-to-identify-sensitive-data-in-javascript-files-b0bb7eb6d948?source=rss------bug_bounty-5Khalil Gammarjavascript, bug-bounty, web-exploitation02-Mar-2025
How I was able to get two account takeovers via OAuth custom scheme hijacking at the same targethttps://medium.com/@AlQa3Qa3_M0X0101/how-i-was-able-to-get-two-account-takeovers-via-oauth-custom-scheme-hijacking-at-the-same-target-6a6980ebbac1?source=rss------bug_bounty-5Mohamed redabug-bounty-tips, android-security, penetration-testing, bug-bounty01-Mar-2025
HTML Injection vulnerability in Googlehttps://medium.com/@Abhijeet_kumawat_/html-injection-vulnerability-in-google-cb2c73ca5996?source=rss------bug_bounty-5Abhijeet Kumawatmoney, bug-bounty, hacking, cybersecurity, infosec01-Mar-2025
Finding Exposed AWS Buckets Like a Pro! : Bug Bounty Reconhttps://medium.com/@hrofficial62/finding-exposed-aws-buckets-like-a-pro-bug-bounty-recon-c193cc1f9af5?source=rss------bug_bounty-5Mr Horbiocybersecurity, bug-bounty, hacking, ethical-hacking, pentesting01-Mar-2025
WordPress ‘xmlrpc.php’ (CVE-2020–28036) — old is goldhttps://osintteam.blog/wordpress-xmlrpc-php-cve-2020-28036-old-is-gold-a0b9c301fbac?source=rss------bug_bounty-5Abhishek pawarbug-bounty, ai, programming, wordpress, pi01-Mar-2025
Web Application Recon Guide :https://medium.com/@zerohackerone0/web-application-recon-guide-d010e7761d85?source=rss------bug_bounty-5Houssam Milianicybersecurity, bug-bounty, hacking01-Mar-2025
Beyond the Script: Mastering Exploratory Testing Like a Prohttps://medium.com/@sajith-dilshan/beyond-the-script-mastering-exploratory-testing-like-a-pro-b78d6c7d95fb?source=rss------bug_bounty-5sajith dilshansoftware-testing, bug-bounty, qa-engineer, qa, exploratory-testing01-Mar-2025
VPS Setup for Bug Bounty | Part2https://systemweakness.com/vps-setup-for-bug-bounty-part2-07005bf9aa7d?source=rss------bug_bounty-5AbhirupKonwarvps-hosting, information-security, pentesting, bug-bounty, ethical-hacking01-Mar-2025
How Hackers Chain Small Bugs into a Multi-Million Dollar Exploithttps://securrtech.medium.com/how-hackers-chain-small-bugs-into-a-multi-million-dollar-exploit-1bc05dd873f9?source=rss------bug_bounty-5Securr - Web3 Securitysmart-contract-security, web3-security, blockchain-security, smart-contract-auditing, bug-bounty01-Mar-2025
Advanced Dorking Methodology for Finding Vulnerabilities (Part 1)https://hackersatty.medium.com/advanced-dorking-methodology-for-finding-vulnerabilities-part-1-e3564e314819?source=rss------bug_bounty-5hackersattybug-bounty-writeup, google, medium, dorks, bug-bounty01-Mar-2025
How I Bypassed OTP Verification with Response Manipulationhttps://medium.com/@pentestersuresh01/how-i-bypassed-otp-verification-with-response-manipulation-98be8d594a3f?source=rss------bug_bounty-5Suresh Sotp-verification, bug-bounty, bug-bounty-tips, cybersecurity, bug-bounty-writeup01-Mar-2025
PUT到GET轻松收获严重漏洞https://medium.com/@xiaoshi666/put%E5%88%B0get%E8%BD%BB%E6%9D%BE%E6%94%B6%E8%8E%B7%E4%B8%A5%E9%87%8D%E6%BC%8F%E6%B4%9E-3d89cd29462d?source=rss------bug_bounty-5xiaoshibug-bounty, cybersecurity01-Mar-2025
easy business logic bug allowed me to install paid applications for my organization for freehttps://medium.com/@youssefmohamedelgohre1/easy-business-logic-bug-allowed-me-to-install-paid-applications-for-my-organization-for-free-c992c9959910?source=rss------bug_bounty-5Youssefbug-bounty-writeup, bug-hunting, business-logic, hacking, bug-bounty01-Mar-2025
P2 Blind XSShttps://medium.com/@0xchoudhary/p2-blind-xss-ff8206c45372?source=rss------bug_bounty-5Sushil Choudharyhacking, hackerone, bounty-program, hackthebox, bug-bounty01-Mar-2025
Bug Bounty Hunting — Complete Guide (Part-112)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-112-a1a25826fe45?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, hacking, bug-bounty-tips, ethical-hacking01-Mar-2025
Bypassing Business Logic via Race Condition: A $500 Bounty Bughttps://medium.com/@a13h1/bypassing-business-logic-via-race-condition-a-500-bounty-bug-273396b17ec4?source=rss------bug_bounty-5Abhi Sharmarace-condition, infosec, bug-bounty, cybersecurity, pentesting01-Mar-2025
Start Bug Bounty and earn $$$: Top Write-Ups, POCs & Tutorialshttps://medium.com/@Abhijeet_kumawat_/start-bug-bounty-and-earn-top-write-ups-pocs-tutorials-9f88ef743524?source=rss------bug_bounty-5Abhijeet Kumawatdaily-blog, cybersecurity, infosec, bug-bounty, hacking01-Mar-2025
How Bug Bounty Programs Scam Hackers and Get Away With It!https://siratsami71.medium.com/how-bug-bounty-programs-scam-hackers-and-get-away-with-it-175fc06ea45b?source=rss------bug_bounty-5Sirat Sami (analyz3r)bug-bounty, scammer, hackerone01-Mar-2025
From Bug Bounty To Making Our Own Startup!https://medium.com/@the.air.cyborg/from-bug-bounty-to-making-our-own-startup-4887c5627823?source=rss------bug_bounty-5the_air_cyborgindie-game, enterpreneurship, startup, crowdfunding, bug-bounty01-Mar-2025
Unlock the Power of CyberEagle Scanner!https://medium.com/@ubaidhassan/unlock-the-power-of-cybereagle-scanner-2a6a37afc648?source=rss------bug_bounty-5Ubaid Khanweb, bug-bounty, penetration-testing, website, ethical-hacking01-Mar-2025
⚡ Find XSS Vulnerabilities in Just 2 Minutes! ⏳https://cybersecuritywriteups.com/find-xss-vulnerabilities-in-just-2-minutes-ba0e312bbe22?source=rss------bug_bounty-5Krish_cyberosint, xss-attack, infosec-write-ups, bug-bounty, bug-bounty-tips01-Mar-2025
Review of Security Research Articles: February 2025https://medium.com/meetcyber/review-of-security-research-articles-february-2025-be1791bd6761?source=rss------bug_bounty-5Lukasz Wierzbickibug-bounty, penetration-testing, security, productivity, review01-Mar-2025
The Accidental RCE: How a Simple File Upload Led to Remote Code Execution!https://cybersecuritywriteups.com/the-accidental-rce-how-a-simple-file-upload-led-to-remote-code-execution-c3aa19d1e8f3?source=rss------bug_bounty-5Krish_cyberrce-vulnerability, idor, osint, infosec-write-ups, bug-bounty01-Mar-2025
The Forgotten Google Services: Google Alertshttps://medium.com/pndsec/the-forgotten-google-services-google-alerts-74502ba9c963?source=rss------bug_bounty-5Erkan Kavasbug-bounty, old, google, services01-Mar-2025
Subdomain Enumeration with BBOT: Comparative Guide to Outperform Other Tools.https://sankalppatil12112001.medium.com/subdomain-enumeration-with-bbot-comparative-guide-to-outperform-other-tools-5a4b71b28343?source=rss------bug_bounty-5XoXsubdomains-enumeration, cybersecurity, hacking, bug-bounty, infosec01-Mar-2025
How a Single Vulnerability Exposed Millions!https://medium.com/@devdharan24/how-a-single-vulnerability-exposed-millions-49fdc95f4f35?source=rss------bug_bounty-5DevDhacking, security, bug-bounty, bug-bounty-writeup, cybersecurity01-Mar-2025
Exploiting PostMessage | NahamSechttps://medium.com/@julius.grosserode.19/exploiting-postmessage-nahamsec-b24cb197a299?source=rss------bug_bounty-5Juliobug-bounty, iframe, postmessage, xss-attack01-Mar-2025
Firefox and Chrome extensions for bug bounty hunters. (PART 2)https://osintteam.blog/firefox-and-chrome-extensions-for-bug-bounty-hunters-part-2-be175b813a9b?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, penetration-testing, extension, tips01-Mar-2025
VPS Subdomain Monitoringhttps://cybersecuritywriteups.com/vps-subdomain-monitoring-ac89050869e4?source=rss------bug_bounty-5AbhirupKonwarpenetration-testing, pentesting, bug-bounty-tips, bug-bounty, vps-hosting01-Mar-2025
How I Turned the Black Basta Playbook Chat Leak into $4,000 in Just 24 Hourshttps://medium.com/@ibtissamhammadi/how-i-turned-the-black-basta-playbook-chat-leak-into-4-000-in-just-24-hours-de60dff8171b?source=rss------bug_bounty-5Ibtissam Hammadicybersecurity, threat-intelligence, bug-bounty, hacking, infosec01-Mar-2025
When ‘Disabled’ Isn’t Really Disabled! — Exploiting a Weird Logic Flaw to Destroy an Organizationhttps://som3a.medium.com/when-disabled-isn-t-really-disabled-exploiting-a-weird-logic-flaw-to-destroy-an-organization-17ad3d9542d0?source=rss------bug_bounty-50xSOM3Acybersecurity, bug-bounty-writeup, business-logic-flaw, bug-bounty-tips, bug-bounty01-Mar-2025
Insecure Direct Object Reference (IDOR) Vulnerability: A Comprehensive Guidehttps://medium.com/@shadyfarouk1986/insecure-direct-object-reference-idor-vulnerability-a-comprehensive-guide-e61b66bfb20a?source=rss------bug_bounty-5Shady Faroukbugbounty-writeup, bug-bounty01-Mar-2025
$35,000 Bounty: How Inappropriate Access Control Led to GitLab Account Takeoverhttps://cyberw1ng.medium.com/35-000-bounty-how-inappropriate-access-control-led-to-gitlab-account-takeover-39e071b6d9cc?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, jobs, cybersecurity, programming01-Mar-2025
Time Management for Bug Hunters During Ramadan: Balancing Hacking and Lifehttps://medium.com/@mahdisalhi0500/time-management-for-bug-hunters-during-ramadan-balancing-hacking-and-life-1cd2bf3cea0d?source=rss------bug_bounty-5CaptinSHArky(Mahdi)time-management, information-security, cybersecurity, bug-bounty, infosec01-Mar-2025
$500 How I Found XSS Using ChatGPThttps://medium.com/@Abhijeet_kumawat_/500-how-i-found-xss-using-chatgpt-54b5492af41a?source=rss------bug_bounty-5Abhijeet Kumawathacking, infosec, bug-bounty, ai, chatgpt28-Feb-2025
root-me | web-server | lab-3 | HTTP — Open redirect walkthroughhttps://medium.com/@ssh_fsociety/root-me-web-server-lab-3-http-open-redirect-walkthrough-25cdcfb53100?source=rss------bug_bounty-5Sarthak Dukare (ssh_fsociety)bug-bounty, cybersecurity, web-application-security, infosec, penetration-testing28-Feb-2025
CSRF in 2025: “Solved” But Still Bypassablehttps://infosecwriteups.com/csrf-in-2025-solved-but-still-bypassable-942ca382ab77?source=rss------bug_bounty-5Vivek PSweb-development, cybersecurity, programming, hacking, bug-bounty28-Feb-2025
Finding an api key in a .js file in the commentshttps://infosecwriteups.com/finding-an-api-key-in-a-js-file-in-the-comments-67b30af1d451?source=rss------bug_bounty-5loyalonlytodaybug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips, tips28-Feb-2025
Find related files to your bug bounty targethttps://infosecwriteups.com/find-related-files-to-your-bug-bounty-target-4752d769eecc?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, tips, programming, penetration-testing28-Feb-2025
Day 20: Admin Account Takeover via Weird Password Reset Functionalityhttps://medium.com/@danielbelay/day-20-admin-account-takeover-via-weird-password-reset-functionality-33afb15fa4c0?source=rss------bug_bounty-5dani3laccount-takeover, ethical-hacking, cybersecurity, bug-bounty, bug-bounty-tips28-Feb-2025
Best VPS for Bug Bounty & Pentestinghttps://medium.com/meetcyber/best-vps-for-bug-bounty-pentesting-2b556c375f28?source=rss------bug_bounty-5AbhirupKonwarvps-hosting, bug-bounty-tips, penetration-testing, pentesting, bug-bounty28-Feb-2025
OWASP Mobile Top 10 | M3: Insecure Authentication/Authorizationhttps://z0enix.medium.com/owasp-mobile-top-10-m3-insecure-authentication-authorization-7b94b8f23fc3?source=rss------bug_bounty-5Mohamed Hamadoutechnology, owasp, bug-bounty, hacking, cybersecurity28-Feb-2025
The Road to CRTP Cert — Part 22https://medium.com/@dineshkumaar478/the-road-to-crtp-cert-part-22-f2a3d956448a?source=rss------bug_bounty-5Dineshkumaar Rbug-bounty, security, cybersecurity, crtp-exam, offensive-security28-Feb-2025
Severity vs. Priority in Software Testing: Key Differences & Best Practiceshttps://medium.com/@shaktisinghQA/severity-vs-priority-in-software-testing-key-differences-best-practices-eae4e5984616?source=rss------bug_bounty-5Shakti Singhbugs, bug-bounty, priority-queue, qa, testing28-Feb-2025
Hacking Netflix for $$$ — Stored XSS + IDOR to Session Hijacking & Account Takeoverhttps://medium.com/@mares.viktor/hacking-netflix-for-stored-xss-idor-to-session-hijacking-account-takeover-9ba1cdeabbf8?source=rss------bug_bounty-5Viktor Maresethical-hacking, bug-bounty, cybersecurity, netflix, penetration-testing28-Feb-2025
A Deep Dive into Open Port Vulnerabilities in Websites ‍https://medium.com/@sahilchangede2003/a-deep-dive-into-open-port-vulnerabilities-in-websites-b324b9edb8ae?source=rss------bug_bounty-538_Sahil _Changedecybersecurity, bug-bounty, cybercrime, education, cyber-security-awareness28-Feb-2025
How to Find Your First Bug and Earn Your First Bountyhttps://medium.com/@Abhijeet_kumawat_/how-to-find-your-first-bug-and-earn-your-first-bounty-c2d6572eed53?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, money, bug-bounty, infosec, hacking28-Feb-2025
بسم الله الرحمن الرحيمhttps://medium.com/@dark_zone/%D8%A8%D8%B3%D9%85-%D8%A7%D9%84%D9%84%D9%87-%D8%A7%D9%84%D8%B1%D8%AD%D9%85%D9%86-%D8%A7%D9%84%D8%B1%D8%AD%D9%8A%D9%85-acec5d231cf3?source=rss------bug_bounty-5darkzonebug-bounty-tips, bug-bounty28-Feb-2025
Natural Ways to Repel Flower-Eating Bugshttps://medium.com/@deepakbhardwaj23091994/natural-ways-to-repel-flower-eating-bugs-047a9085a74b?source=rss------bug_bounty-5Mysticbhardeating-bugs, bug-bounty-tips, flowers, bugs, bug-bounty28-Feb-2025
Useless P5 path traversal to RCE ☠️https://medium.com/@Hossam.Mesbah/useless-p5-path-traversal-to-rce-%EF%B8%8F-d2c8d3b169e2?source=rss------bug_bounty-5Hossam Mesbahbug-bounty, bug-hunting, vulnerability-management, cybersecurity, penetration-testing28-Feb-2025
Scan React Native APKs for Vulnerable npm Dependencies in 2 Minutes!https://splitunknown.medium.com/scan-react-native-apks-for-vulnerable-npm-dependencies-in-2-minutes-7579df6fe852?source=rss------bug_bounty-5JAY BHATTbug-bounty, android-hacking-tool, android-reversing, reverse-engineering, bug-bounty-tips28-Feb-2025
CORS (Cross-Origin Resource Sharing)https://medium.com/@julius.grosserode.19/cors-cross-origin-resource-sharing-53b4d5840f92?source=rss------bug_bounty-5Juliocors, cross-origin, bug-bounty, cookies28-Feb-2025
The Art of Recon: Hunting Bugs Before They Hide — Part Two (Unleashed)https://zeusvuln.medium.com/the-art-of-recon-hunting-bugs-before-they-hide-part-two-unleashed-227fbd5216b5?source=rss------bug_bounty-5ZeUsVuLnbug-bounty-tips, bugs, cybersecurity, hacking, bug-bounty28-Feb-2025
How I Discovered a P2 Level Sensitive Data Exposure Bug in a Web3 Platformhttps://cybersecuritywriteups.com/how-i-discovered-a-p2-level-sensitive-data-exposure-bug-in-a-web3-platform-4562fcbe655e?source=rss------bug_bounty-5Guru Prasad Pattanaikethical-hacking, bug-bounty-writeup, bug-bounty-tips, cybersecurity, bug-bounty28-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-111)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-111-3cd2067c4ec7?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, hacking, ethical-hacking, cybersecurity, bug-bounty28-Feb-2025
Exploiting WebView Vulnerabilities: Bypassing SOP to Access Internal App Fileshttps://medium.com/@k3r0/exploiting-webview-vulnerabilities-bypassing-sop-to-access-internal-app-files-2d95529c0293?source=rss------bug_bounty-5Kyrillos nadyandroid, mobile-app-development, red-team, bug-bounty, pentesting28-Feb-2025
10 Automation Tricks to Uncover SSRF Flawshttps://cyberw1ng.medium.com/10-automation-tricks-to-uncover-ssrf-flaws-8154529e35b4?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, careers, cybersecurity, jobs, bug-bounty28-Feb-2025
How I Could Access Anyone’s College Subscription — IDOR Strikes Again!https://medium.com/@shxsu1/how-i-could-access-anyones-college-subscription-idor-strikes-again-a4ea7c30f165?source=rss------bug_bounty-5shxsu1ethical-hacking, bug-bounty, hackerone, idor28-Feb-2025
10 Automation Tricks to Uncover SSRF Flawshttps://osintteam.blog/10-automation-tricks-to-uncover-ssrf-flaws-8154529e35b4?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, careers, cybersecurity, jobs, bug-bounty28-Feb-2025
How to Find XSS Vulnerabilities in React JS Websiteshttps://medium.com/h7w/how-to-find-xss-vulnerabilities-in-react-js-websites-46f843bb932e?source=rss------bug_bounty-5Rendierobug-bounty, secure-coding, reactjs, xss-vulnerability, web-security27-Feb-2025
How I Found an Open Redirect Vulnerability Easily (Worth $500!)https://medium.com/@Abhijeet_kumawat_/how-i-found-an-open-redirect-vulnerability-easily-worth-500-44cda132819b?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, open-redirect, bug-bounty, hacking, infosec27-Feb-2025
$1000–$25k worth API Bug Attack & Chaining Strategieshttps://infosecwriteups.com/1000-25k-worth-api-bug-attack-chaining-strategies-ded4121b5791?source=rss------bug_bounty-5It4chis3csecrets, chaining-vulnerabilities, bug-bounty, api, api-attack27-Feb-2025
Sensitive Information Disclosure on Out of scope domain Bug Bounty Writeup ($$$ USD Reward )https://medium.com/@rushikeshchaudhari124/sensitive-information-disclosure-on-out-of-scope-domain-bug-bounty-writeup-usd-reward-58adec34acfb?source=rss------bug_bounty-5Rushikesh chaudhariinformation-disclosure, bug-bounty, responsible-disclosure, hacking27-Feb-2025
Bug Bounty Methodology (Part 1: Basic)https://hackersatty.medium.com/bug-bounty-methodology-part-1-basic-ee4f3f7a4f81?source=rss------bug_bounty-5hackersattybug-bounty-tips, subdomains-enumeration, medium, bug-bounty, bug-bounty-writeup27-Feb-2025
Finding an easy bug in the profile picture field.https://infosecwriteups.com/finding-an-easy-bug-in-the-profile-picture-field-122a7aca2b42?source=rss------bug_bounty-5loyalonlytodaybugs, bug-bounty, hacking, cybersecurity, programming27-Feb-2025
I Found an XSS vulnerability in QuickRide — Here’s how you can too!https://infosecwriteups.com/i-found-an-xss-vulnerability-in-quickride-heres-how-you-can-too-9606203d9e53?source=rss------bug_bounty-5Vivek PSbug-bounty-tips, cybersecurity, bug-bounty, programming, hacking27-Feb-2025
OWASP Mobile Top 10 | M2: Inadequate Supply Chain Security ⛓https://z0enix.medium.com/owasp-mobile-top-10-m2-inadequate-supply-chain-security-771edd9ec109?source=rss------bug_bounty-5Mohamed Hamadoumobile, bug-bounty, hacking, security, owasp27-Feb-2025
Earn $500-$2000 in WordPress website Bug-Bounty Program.https://medium.com/@anandrishav2228/earn-500-2000-in-wordpress-website-bug-bounty-program-4351eb6ce647?source=rss------bug_bounty-5Rishav anandmoney, cybersecurity, bug-bounty, hacking, wordpress27-Feb-2025
How To Discover Hidden Endpoints️‍♂️https://medium.com/@Abhijeet_kumawat_/how-to-discover-hidden-endpoints-%EF%B8%8F-%EF%B8%8F-ac9356dec1d2?source=rss------bug_bounty-5Abhijeet Kumawatbug-bounty, hacking, cybersecurity, socrates, infosec27-Feb-2025
The Only Guide You Need to Find XSS Like a Prohttps://sudosuraj.medium.com/the-only-guide-you-need-to-find-xss-like-a-pro-c337588f9da3?source=rss------bug_bounty-5sudosurajbug-bounty-writeup, xss-vulnerability, sudosuraj, bug-bounty, bug-bounty-tips27-Feb-2025
How to URLing for Bug Bounties -Mastering URLs : Edition 2025https://kongsec.medium.com/how-to-urling-for-bug-bounties-mastering-urls-edition-2025-a9dca9e2a97f?source=rss------bug_bounty-5Kongsecbugcrowd, hackerone, bug-bounty-tips, kongsec, bug-bounty27-Feb-2025
Bypassing Email Checks to Access Private Support Chatshttps://medium.com/@rahulgairola/bypassing-email-checks-to-access-private-support-chats-c2895b1c9ef2?source=rss------bug_bounty-5Rahul Gairolabug-bounty-writeup, bug-bounty, bug-bounty-tips, security27-Feb-2025
How I Hacked HackerOne’s 2FA in 2 Minutes for $50,000https://medium.com/@ibtissamhammadi/how-i-hacked-hackerones-2fa-in-2-minutes-for-50-000-13892c888657?source=rss------bug_bounty-5Ibtissam Hammadicybersecurity, hacking, hackerone, bug-bounty-tips, bug-bounty27-Feb-2025
A Logical Bug That Slipped Throughhttps://infosecwriteups.com/a-logical-bug-that-slipped-through-792b90850e72?source=rss------bug_bounty-5callgh0stbug-bounty, burpsuite, genocide, logic, hacking27-Feb-2025
Best Hackers Channels on Internet Worth Following! #2https://medium.com/@doby4535/best-hackers-channels-on-internet-worth-following-2-9fe4458b3a50?source=rss------bug_bounty-5Dobysecethical-hacking, bug-bounty, penetration-testing, hacking, cybersecurity27-Feb-2025
How I Discovered 5 XSS Vulnerabilities and Built an Automated XSS Scannerhttps://medium.com/@youssefhussein212103168/how-i-discovered-5-xss-vulnerabilities-and-built-an-automated-xss-scanner-4b357423ae61?source=rss------bug_bounty-5Youssefhusseinxss-attack, bug-bounty, xss-vulnerability, penetration-testing, cybersecurity27-Feb-2025
How to Find More IDORs (Insecure Direct Object References)https://medium.com/@verylazytech/how-to-find-more-idors-insecure-direct-object-references-fcabeac2f880?source=rss------bug_bounty-5Very Lazy Techoscp, ethical-hacking, idor, bug-bounty, penetration-testing27-Feb-2025
How I Found an HTML Injection in a Bug Bounty Programhttps://medium.com/@muhammedgalal66/how-i-found-an-html-injection-in-a-bug-bounty-program-81d1a9cdcfb6?source=rss------bug_bounty-5Dg0x6bugs, html, xss-attack, html-injection, bug-bounty27-Feb-2025
Restricted? Not Anymore! Exploiting a Simple race condition Flawhttps://0xmatrix.medium.com/restricted-not-anymore-exploiting-a-simple-race-condition-flaw-2adaefd45f6f?source=rss------bug_bounty-5Mo2men Elmadycybersecurity, bug-bounty-tips, bug-bounty, hacking, penetration-testing27-Feb-2025
Critical phpMyAdmin Authentication Bypass via Shodan Dorkinghttps://medium.com/@youssefhussein212103168/critical-phpmyadmin-authentication-bypass-via-shodan-dorking-9bf664d053f7?source=rss------bug_bounty-5Youssefhusseindorking, unauthorized-access, shodan, authentication-bypass, bug-bounty27-Feb-2025
Account Takeover on Hackerone using Token leakagehttps://infosecwriteups.com/account-takeover-on-hackerone-using-token-leakage-407dcf862679?source=rss------bug_bounty-5Mr Horbiobug-bounty, cybersecurity, hackerone, hacking, pentesting27-Feb-2025
Information Disclosure — The Hidden Risk in Public Reports!https://medium.com/@momenrezkk90/information-disclosure-the-hidden-risk-in-public-reports-fd4ca13fd658?source=rss------bug_bounty-5MOAMEN REZKcybersecurity, bug-bounty, security, bug-bounty-writeup, bug-bounty-tips27-Feb-2025
How I Discovered a High-Severity Information Disclosure via GitHub Dorkinghttps://medium.com/@youssefhussein212103168/how-i-discovered-a-high-severity-information-disclosure-via-github-dorking-f2a781c0a63d?source=rss------bug_bounty-5Youssefhusseinapi, pentesting, penetration-testing, cybersecurity, bug-bounty27-Feb-2025
How I Found an IDOR Vulnerability and Accessed 100000+ User Details and got $$$ Bountyhttps://harshbardhanx.medium.com/how-i-found-an-idor-vulnerability-and-accessed-100000-user-details-and-got-bounty-3f2faf8642cf?source=rss------bug_bounty-5Harsh Bardhanbug-bounty-writeup, cybersecurity, bugs, bug-bounty, bug-bounty-tips27-Feb-2025
“65 Euros for an Account Deletion Fail — When Deleted Doesn’t Mean Deleted”https://balook.medium.com/65-euros-for-an-account-deletion-fail-when-deleted-doesnt-mean-deleted-a6fb055a98ae?source=rss------bug_bounty-5baluzbug-bounty, hacking27-Feb-2025
Account Takeover via Duplicate Registration — A 1500 Euro Jackpothttps://balook.medium.com/account-takeover-via-duplicate-registration-a-1500-euro-jackpot-2912c23b3ac4?source=rss------bug_bounty-5baluzbug-bounty, web-apps, hacking, security27-Feb-2025
Introductionhttps://balook.medium.com/introduction-92e0de28f23a?source=rss------bug_bounty-5baluzhacking, bug-bounty, security27-Feb-2025
0-Click Admin Account Takeover in Netflix Dispatch Projecthttps://ltsirkov.medium.com/0-click-admin-account-takeover-in-netflix-dispatch-project-feec37326004?source=rss------bug_bounty-5Lyubomir Tsirkovvulnerability, hackerone, cybersecurity, bug-bounty27-Feb-2025
JavaScript Enumeration for Bug Bounties: Expose Hidden Endpoints & Secrets Like a Pro!https://myselfakash20.medium.com/javascript-enumeration-for-bug-bounties-expose-hidden-endpoints-secrets-like-a-pro-418c2aec318f?source=rss------bug_bounty-5Akash Ghoshbug-bounty, programming, bug-bounty-writeup, bug-bounty-tips, cybersecurity27-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-110)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-110-1cb2a3f076ae?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, bug-bounty, hacking, bug-bounty-tips, cybersecurity27-Feb-2025
25,000$ Bounty — Simple SSRF Led to AWS Credentials Exposurehttps://cyberw1ng.medium.com/25-000-bounty-simple-ssrf-led-to-aws-credentials-exposure-a6938e0875f9?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, programming, cybersecurity, jobs, careers27-Feb-2025
Admin Account Takeover in Netflix Dispatch Projecthttps://ltsirkov.medium.com/0-click-admin-account-takeover-in-netflix-dispatch-project-feec37326004?source=rss------bug_bounty-5Lyubomir Tsirkovvulnerability, hackerone, cybersecurity, bug-bounty27-Feb-2025
Hands-On Web Exploitation Course by NahamSechttps://medium.com/@julius.grosserode.19/hands-on-web-exploitation-course-by-nahamsec-8807aad7de58?source=rss------bug_bounty-5Juliohacking-hub, web-hacking, bug-bounty, ctf-walkthrough, bugbounty-tips27-Feb-2025
CSRF | NahamSec Coursehttps://medium.com/@julius.grosserode.19/csrf-nahamsec-course-f04b49eca048?source=rss------bug_bounty-5Julioself-xss, bug-bounty, csrf-protection, csrf-token, csrf27-Feb-2025
SQL Injection Unleashed: How I Learned to Hack (and Protect) Databaseshttps://osintteam.blog/sql-injection-unleashed-how-i-learned-to-hack-and-protect-databases-6cd2eb572992?source=rss------bug_bounty-5Abhishek pawarhacking, cybersecurity, programming, bug-bounty, sql26-Feb-2025
How This $999 XSS Bug Bounty Was Found in Just 17 Minuteshttps://infosecwriteups.com/how-this-999-xss-bug-bounty-was-found-in-just-17-minutes-71677d61c2c6?source=rss------bug_bounty-5Ibtissam Hammadihacking, bug-bounty, cybersecurity, web-security, programming26-Feb-2025
✨$500 HTML Injection in Snapchathttps://medium.com/@Abhijeet_kumawat_/500-html-injection-in-snapchat-9513accc6634?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, infosec, hacking, snapchat, bug-bounty26-Feb-2025
$500-$20k worth GraphQL Vulnerabilities | Advanced Tips & Trickshttps://it4chis3c.medium.com/500-20k-worth-graphql-vulnerabilities-advanced-tips-tricks-74e8f4679b91?source=rss------bug_bounty-5It4chis3cattack, graphql-vulnerability, bug-bounty, graphql, secrets26-Feb-2025
WaybackURLs for Bug Bounty: How to Find Hidden Vulnerabilities & Sensitive Datahttps://hackersatty.medium.com/waybackurls-for-bug-bounty-how-to-find-hidden-vulnerabilities-sensitive-data-aea579849c4d?source=rss------bug_bounty-5hackersattywaybackurls, bug-bounty, hackerone, medium, wayback-machine26-Feb-2025
Simple Staking V2 Public testhttps://medium.com/tokamak-network/simple-staking-v2-public-test-7eec1e137ed8?source=rss------bug_bounty-5Jasonnews, public-test, bug-bounty, tokamak-network, staking26-Feb-2025
How i Hacked the Windows machine.https://medium.com/@anandrishav2228/how-i-hacked-the-windows-machine-9c4b08b3d8be?source=rss------bug_bounty-5Rishav anandhacking, bug-bounty, money, cybersecurity, red-team26-Feb-2025
CVE-2025–1094: PostgreSQL Injection Vulnerability Exploithttps://infosecwriteups.com/cve-2025-1094-postgresql-sql-injection-vulnerability-exploit-2acf37ae399a?source=rss------bug_bounty-5Ajay Naikpenetration-testing, security, cybersecurity, bug-bounty, information-security26-Feb-2025
Bug Bounty is Broken: How Some Researchers Are Earning Money Without Hackinghttps://medium.com/@dasmanish6176/bug-bounty-is-broken-how-some-researchers-are-earning-money-without-hacking-c4155f58d49c?source=rss------bug_bounty-5Dasmanishbug-bounty, ethical-hacking, cybersecurity, sensitive-data, hackerone26-Feb-2025
OWASP Mobile Top 10 | M1: Improper Credential Usagehttps://z0enix.medium.com/owasp-mobile-top-10-m1-improper-credential-usage-bf6ee99eed69?source=rss------bug_bounty-5Mohamed Hamadoumobile, cybersecurity, hacking, penetration-testing, bug-bounty26-Feb-2025
Full Customer DB dump in Service Now and they called it “Medium Risk” — what a jokehttps://fdzdev.medium.com/full-customer-db-dump-in-service-now-and-they-called-it-medium-risk-what-a-joke-b9b31cd48172?source=rss------bug_bounty-5Facundo Fernandezhacking, data-breach, vulnerability, penetration-testing, bug-bounty26-Feb-2025
AI Agent Vulnerabilities: Structural Flaws and Exploiting Co-Pilots — A Firsthand Account.https://medium.com/@Logon_thepage/ai-agent-vulnerabilities-structural-flaws-and-exploiting-co-pilots-a-firsthand-account-70f4b221f93d?source=rss------bug_bounty-5Logon_thepagevulnerability-assessment, co-pilot, bug-bounty, ai-agent26-Feb-2025
How One Photo Can Unlock Sensitive Informationhttps://medium.com/@aalgohary950/how-one-photo-can-unlock-sensitive-information-6d65ae982cae?source=rss------bug_bounty-5KhopeshH4xpenetration-testing, information-disclosure, data-lake, bug-bounty-tips, bug-bounty26-Feb-2025
MISCONCEPTION: “ETHICAL HACKERS CAN NEVER BE TRUSTED 100%”https://medium.com/@hackrate/misconception-ethical-hackers-can-never-be-trusted-100-a11566fa2f4e?source=rss------bug_bounty-5Levente Molnarbug-bounty-tips, penetration-testing, bug-bounty, ethical-hacking, cybersecurity26-Feb-2025
Bypassing AWS S3 Bucket Restrictions: Security Testing Techniqueshttps://infosecwriteups.com/bypassing-aws-s3-bucket-restrictions-security-testing-techniques-63fe75aa9ff8?source=rss------bug_bounty-5Ajay Naikbug-bounty, penetration-testing, information-security, security-testing, cybersecurity26-Feb-2025
Maximize Your Bug Bounty Earnings: Automate Endpoint Discovery & Find High-Impact Vulnerabilitieshttps://hackersatty.medium.com/maximize-your-bug-bounty-earnings-automate-endpoint-discovery-find-high-impact-vulnerabilities-c9a530445e97?source=rss------bug_bounty-5hackersattymedium, waybackurls, bug-bounty, wayback-machine, bug-bounty-writeup26-Feb-2025
The Vending Machine Hack: How I Outsmarted a Snack Dispenser!https://krishna-cyber.medium.com/the-vending-machine-hack-how-i-outsmarted-a-snack-dispenser-033eab2e65d6?source=rss------bug_bounty-5Krish_cyberhacking, bug-bounty, cybersecurity, iot, vending-machines26-Feb-2025
$100-$20k worth Stored XSS Vulnerability | Hidden Methodshttps://infosecwriteups.com/100-20k-worth-stored-xss-vulnerability-hidden-methods-e56fe57437c4?source=rss------bug_bounty-5It4chis3cbypass, secrets, stored-xss, xss-attack, bug-bounty26-Feb-2025
The $900 Bug: How I Cashed In with SSRF & LFI Hackshttps://cybersecuritywriteups.com/the-900-bug-how-i-cashed-in-with-ssrf-lfi-hacks-a2c1e8bb159f?source=rss------bug_bounty-5Krish_cyberbug-bounty, bugs, hacking, info-sec-writeups, osint26-Feb-2025
Bypassing Authentication in Keycloak — A Deep Dive into Our Discoveryhttps://bensaad0.medium.com/bypassing-authentication-in-keycloak-a-deep-dive-into-our-discovery-40d89f2b5d45?source=rss------bug_bounty-50xBencybersecurity, bug-bounty26-Feb-2025
How I Turned Limited Access Into a $6,500 RCE Bountyhttps://medium.com/@ibtissamhammadi/how-i-turned-limited-access-into-a-6-500-rce-bounty-75cfb2344806?source=rss------bug_bounty-5Ibtissam Hammaditechnology, bug-bounty, cybersecurity, hacking, 40426-Feb-2025
No Finger? No Problem! iOS Biometrics Bypassed: Bug Bounty Win!https://medium.com/@pandurangisuprit/no-finger-no-problem-ios-biometrics-bypassed-bug-bounty-win-f17bf619a089?source=rss------bug_bounty-5Suprit Pandurangiios, cybersecurity, biometrics, bug-bounty, bypass26-Feb-2025
JUST CRASHED SYSTEM USING IMAGE AND GOT BOUNTY $ 500https://medium.com/@hrofficial62/just-crashed-system-using-image-and-got-bounty-500-eb30dc4b85a5?source=rss------bug_bounty-5Mr Horbiobug-bounty, cybersecurity, ethical-hacking, hacking, pentesting26-Feb-2025
How to Perform Information Gathering Using Google Dorkinghttps://medium.com/@vipulsonule71/how-to-perform-information-gathering-using-google-dorking-c89c33f48ccc?source=rss------bug_bounty-5Vipul Sonulepenetration-testing, cybersecurity, ethical-hacking, hacking, bug-bounty26-Feb-2025
S3 Bucket Recon: Finding Exposed AWS Buckets Like a Pro!https://infosecwriteups.com/s3-bucket-recon-finding-exposed-aws-buckets-like-a-pro-106be5ab9e1d?source=rss------bug_bounty-5coffinxpaws, bug-bounty-tips, amazon-web-services, technology, bug-bounty26-Feb-2025
When a Tiny Sensitive Leak Gave Me a Big $$$ Surprise‍️https://medium.com/@iski/when-a-tiny-sensitive-leak-gave-me-a-big-surprise-%EF%B8%8F-a5feb54d8d82?source=rss------bug_bounty-5Iskibug-bounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips, p1-bug26-Feb-2025
Project : Recuzzerhttps://medium.com/@nevildomain/project-recuzzer-d5a63c195605?source=rss------bug_bounty-5Mayh_mpython, security-tool, tools, penetration-testing, bug-bounty26-Feb-2025
Manual Exploitation SQL Injection CTF LABhttps://medium.com/@hay.chrifi/manual-exploitation-sql-injection-ctf-lab-92180f06a710?source=rss------bug_bounty-5Hayham Chrifiethical-hacking, offensive-security, ctf-writeup, bug-bounty26-Feb-2025
The $500 Cache Trick: How I Turned Cache Deception into Cold, Hard Cash!https://osintteam.blog/the-500-cache-trick-how-i-turned-cache-deception-into-cold-hard-cash-13a49a2a6d78?source=rss------bug_bounty-5Krish_cybercareers, jobs, bug-bounty, cybersecurity, programming26-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-109)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-109-1840bb5bf3e0?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, cybersecurity, hacking, bug-bounty-tips, bug-bounty26-Feb-2025
Cloud Reconnaissance: How to Gather Information from Cloud Serviceshttps://cyberw1ng.medium.com/cloud-reconnaissance-how-to-gather-information-from-cloud-services-34b2e9d42ea0?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, programming, jobs, bug-bounty, careers26-Feb-2025
How to Hack a Websitehttps://medium.com/@vipulsonule71/how-to-hack-a-website-1685484b8c6d?source=rss------bug_bounty-5Vipul Sonulecybersecurity, bug-bounty, penetration-testing, hacking, technology26-Feb-2025
Don’t miss this while working on a bounty target!https://medium.com/@sb12121111/dont-miss-this-while-working-on-a-bounty-target-fa8c8368129c?source=rss------bug_bounty-5Sadra Bakhtiarisecurity-research, ethical-hacking, cybersecurity, bug-bounty, web-security26-Feb-2025
JUST CRASHED SYSTEM USING IMAGE AND GOT BOUNTY $ 500https://infosecwriteups.com/just-crashed-system-using-image-and-got-bounty-500-eb30dc4b85a5?source=rss------bug_bounty-5Mr Horbiobug-bounty, cybersecurity, ethical-hacking, hacking, pentesting26-Feb-2025
How I found clickjacking vulnerability on a bounty targethttps://medium.com/@sb12121111/how-i-found-clickjacking-vulnerability-on-a-bounty-target-fe823f352e36?source=rss------bug_bounty-5Sadra Bakhtiariweb-security, bug-bounty, cybersecurity, ethical-hacking, security-research25-Feb-2025
Best Browser Extensions for Bug Bounty Hunters (Chrome & Firefox)https://medium.com/@ajudeb55/best-browser-extensions-for-bug-bounty-hunters-chrome-firefox-644c3470359f?source=rss------bug_bounty-5Aju Debcybersecurity, bug-bounty, technology, pentesting, programming25-Feb-2025
How I Earned My First Bug Bounty: POST BASED REFLECTED XSShttps://medium.com/@noorvb5/how-i-earned-my-first-bug-bounty-post-based-reflected-xss-570d0e89961d?source=rss------bug_bounty-5MohammedNoor Ebdahbug-bounty25-Feb-2025
$100 Bounty: Username Restriction Bypassedhttps://medium.com/@Abhijeet_kumawat_/100-bounty-username-restriction-bypassed-30f5c057c810?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, hacking, make-money, infosec, bug-bounty25-Feb-2025
$100-$20k worth Account Takeover Vulnerability | Hidden Practical Stepshttps://it4chis3c.medium.com/100-20k-worth-account-takeover-vulnerability-hidden-practical-steps-fd5dd1c8a491?source=rss------bug_bounty-5It4chis3caccount-takeover-attacks, bug-bounty, secrets, advanced, account-takeover25-Feb-2025
Extracting DOM XSS Vulnerabilities from JavaScript Fileshttps://z0enix.medium.com/extracting-dom-xss-vulnerabilities-from-javascript-files-606b0d888740?source=rss------bug_bounty-5Mohamed Hamadouhacking, penetration-testing, bug-bounty, security25-Feb-2025
How I Made $1000+ from a Simple XSS Bug — My Bug Bounty Journeyhttps://krishna-cyber.medium.com/how-i-made-1000-from-a-simple-xss-bug-my-bug-bounty-journey-82283becb91b?source=rss------bug_bounty-5Krish_cyberbug-bounty-tips, osint, bug-bounty, xss-attack, infosec25-Feb-2025
PostgreSQL Penetration Testing: A Comprehensive Guidehttps://infosecwriteups.com/postgresql-penetration-testing-a-comprehensive-guide-33d21c4dceba?source=rss------bug_bounty-5Ajay Naiksecurity, information-security, cybersecurity, bug-bounty, penetration-testing25-Feb-2025
How I Discovered a Facebook Privacy Loophole and Earned $1000https://infosecwriteups.com/how-i-discovered-a-facebook-privacy-loophole-and-earned-1000-44318d196bfc?source=rss------bug_bounty-5Vivek PSbug-bounty, hacking, cybersecurity, bug-bounty-tips, programming25-Feb-2025
Android Security Vulnerabilities and Exploitationhttps://infosecwriteups.com/android-security-vulnerabilities-and-exploitation-4ef95e970e2f?source=rss------bug_bounty-5Ajay Naikbug-bounty, penetration-testing, information-technology, cybersecurity, android25-Feb-2025
Mastering Subdomain Enumerationhttps://infosecwriteups.com/mastering-subdomain-enumeration-05fa958567cd?source=rss------bug_bounty-5Monika sharmapenetration-testing, technology, bug-bounty-tips, hacking, bug-bounty25-Feb-2025
Part 1- Exploiting Content Injection & Info Disclosure: A High-Impact Bug Worth Big Rewards!https://hackersatty.medium.com/part-1-exploiting-content-injection-info-disclosure-a-high-impact-bug-worth-big-rewards-34a25519ecc7?source=rss------bug_bounty-5hackersattyowasp-top-10, medium, hackerone, bug-bounty-tips, bug-bounty25-Feb-2025
Bypassing IP-Based OTP rate limits: A Bug bounty hunter’s guidehttps://infosecwriteups.com/bypassing-ip-based-otp-rate-limits-a-bug-bounty-hunters-guide-16ce8a1f2c71?source=rss------bug_bounty-5Vivek PSprogramming, bug-bounty-tips, cybersecurity, hacking, bug-bounty25-Feb-2025
A simple tool for GitHub Dorking that will be helpful in your bug bounty journey.https://infosecwriteups.com/a-simple-tool-for-github-dorking-that-will-be-helpful-in-your-bug-bounty-journey-d1720c15fc6d?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, cybersecurity, hacking, bug-bounty, tips25-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-72)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-72-6c721aa447b0?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, hacking, bug-bounty, skills25-Feb-2025
How to Find P3 Bugs in Bug Bountyhttps://medium.com/@vipulsonule71/how-to-find-p3-bugs-in-bug-bounty-07eee36e4696?source=rss------bug_bounty-5Vipul Sonulebug-bounty, cybersecurity, technology, hacking, ai25-Feb-2025
TryHackMe|Gobuster: The Basics Write Up (setup troubleshooting)https://medium.com/@Adhiyan24/tryhackme-gobuster-the-basics-write-up-setup-troubleshooting-5b0a3f0f48c4?source=rss------bug_bounty-5Adhiyantryhackme, troubleshooting, bug-bounty, gobuster, hacking25-Feb-2025
Mass Assignment Vulnerability in ty-api.xyz.cloud/api/v1/user/me Allows Permanent Account Lockouthttps://medium.com/@binnaryninjax/mass-assignment-vulnerability-in-ty-api-xyz-cloud-api-v1-user-me-allows-permanent-account-lockout-02b4b84defd9?source=rss------bug_bounty-5Rishav Rayamajhicybersecurity, bug-bounty25-Feb-2025
Aquatone for Ethical Hackers: Master Reconnaissance Toolshttps://devprogramming.medium.com/aquatone-for-ethical-hackers-master-reconnaissance-tools-2573b5b7d295?source=rss------bug_bounty-5DevProgrammingtools, hacking-tools, hacking, bug-bounty, penetration-testing25-Feb-2025
Scan Like a Pro: Bypass WAFs, IDS/IPS, and modern Cloud Security with Nmap Stealth Techniqueshttps://medium.com/@moldovanzsombor/scan-like-a-pro-bypass-wafs-ids-ips-and-modern-cloud-security-with-nmap-stealth-techniques-for-62a671229bc0?source=rss------bug_bounty-5Moldovan Zsomborbug-bounty, nmap, cybersecurity, hacking, recon25-Feb-2025
The $12,000 2FA Bypass — So Simple, Yet So Critical!https://medium.com/@rahulgairola/the-12-000-2fa-bypass-so-simple-yet-so-critical-e3f7d7e5751c?source=rss------bug_bounty-5Rahul Gairolabug-bounty, authentication, 2fa, bug-bounty-writeup, bug-bounty-tips25-Feb-2025
The Top 10 Most Dangerous Web3 Vulnerabilities Right Nowhttps://securrtech.medium.com/the-top-10-most-dangerous-web3-vulnerabilities-right-now-a7197f25f3f5?source=rss------bug_bounty-5Securr - Web3 Securitybug-bounty, smart-contract-security, web3-security, smart-contract-auditing, blockchain-security25-Feb-2025
3 Must-Read Bug Bounty Books to Level Up Your Skills!https://medium.com/@Abhijeet_kumawat_/3-must-read-bug-bounty-books-to-level-up-your-skills-2f6f3886ace8?source=rss------bug_bounty-5Abhijeet Kumawatcybersecurity, bug-bounty, money, hacking, infosec25-Feb-2025
Think Outside The Box Again, With IDOR !https://n0x1.medium.com/think-outside-the-box-again-with-idor-94b010f958ea?source=rss------bug_bounty-5Mohammed Khalidpenetration-testing, bug-bounty, bug-bounty-writeup, bug-bounty-tips, web25-Feb-2025
A tool to find admin panels in your bug bounty targethttps://medium.com/@loyalonlytoday/a-tool-to-find-admin-panels-in-your-bug-bounty-target-c21415e83a87?source=rss------bug_bounty-5loyalonlytodaytips, ethical-hacking, cybersecurity, bug-bounty-tips, bug-bounty25-Feb-2025
Steps for Ethical Bug Huntinghttps://techhindirai.medium.com/steps-for-ethical-bug-hunting-3d187263e77b?source=rss------bug_bounty-5Rahul Kumarbug-bounty-tips, sql-injection, bug-bounty, ethical-hacking, sql25-Feb-2025
Autorize & IDOR: How a Simple Token Swap Exposed Sensitive Datahttps://hackersatty.medium.com/autorize-idor-how-a-simple-token-swap-exposed-sensitive-data-f64ee3ceada6?source=rss------bug_bounty-5hackersattypenetration-testing, medium, idor, bug-bounty-writeup, bug-bounty25-Feb-2025
Bug Bounty Misconception: “I Don’t Have Sufficient Budget to Pay Hunters”https://medium.com/@hackrate/bug-bounty-misconception-i-dont-have-sufficient-budget-to-pay-hunters-7d8b39b70c14?source=rss------bug_bounty-5Levente Molnarcybersecurity, hacking, bug-bounty-tips, bug-bounty, ethical-hacking25-Feb-2025
How to Find Bugs Easily in Bug Huntinghttps://medium.com/@vipulsonule71/how-to-find-bugs-easily-in-bug-hunting-515977caafc8?source=rss------bug_bounty-5Vipul Sonulepenetration-testing, technology, cybersecurity, hacking, bug-bounty25-Feb-2025
How I Unlocked a $5,000 Payday by Hacking a Billion-Dollar App’s Weakest Linkhttps://medium.com/@ibtissamhammadi/how-i-unlocked-a-5-000-payday-by-hacking-a-billion-dollar-apps-weakest-link-7b9f4055d46a?source=rss------bug_bounty-5Ibtissam Hammadiidor, cybersecurity, hacking, bug-bounty, vulnerability25-Feb-2025
Cyber Chat: rs0nhttps://osintteam.blog/cyber-chat-rs0n-ea9725394f6d?source=rss------bug_bounty-5The Cybersec Cafécybersecurity, penetration-testing, bug-bounty, application-security, information-security25-Feb-2025
Breaking the chain of CA Certificate detection & SSL Pinning bypass for Android applicationshttps://medium.com/@pandurangisuprit/breaking-the-chain-of-ca-certificate-detection-ssl-pinning-bypass-for-android-applications-65c4ac66d9f2?source=rss------bug_bounty-5Suprit Pandurangica-certificates, ssl-pinning-bypass, bug-bounty, security, android25-Feb-2025
7 Powerful Ways to Use ChatGPT as a Bug Bounty Assistanthttps://bitpanic.medium.com/7-powerful-ways-to-use-chatgpt-as-a-bug-bounty-assistant-c7fc26ce54fc?source=rss------bug_bounty-5Spectat0rguytechnology, ai-generated-content, programming, bug-bounty, cybersecurity25-Feb-2025
Top Hacking Books for 2025 (plus Resources) — @verylazytechhttps://medium.com/@verylazytech/top-hacking-books-for-2025-plus-resources-verylazytech-90875b0f6f93?source=rss------bug_bounty-5Very Lazy Techpython, hacking, ethical-hacking, cybersecurity, bug-bounty25-Feb-2025
XXE: When XML Becomes Your Worst Nightmarehttps://osintteam.blog/xxe-when-xml-becomes-your-worst-nightmare-291452531da2?source=rss------bug_bounty-5#$ubh@nk@rhacking, xxe, bug-bounty, infosec, owasp25-Feb-2025
How I Took Over a Vercel Subdomainhttps://medium.com/@Pentestforge/how-i-took-over-a-vercel-subdomain-e7b03dbf222d?source=rss------bug_bounty-5Joel I Patrickinformation-security, bug-bounty, ethical-hacking, infosec-write-ups, cybersecurity25-Feb-2025
How I Exploited a Hidden Race Condition to Bypass Licensing and Claim All Subdomains on the targethttps://0onoproblem.medium.com/how-i-exploited-a-hidden-race-condition-to-bypass-licensing-and-claim-all-subdomains-on-the-target-64944b148f49?source=rss------bug_bounty-50_oNoProblemvulnerability-assessment, bug-bounty-tips, vulnerability, bug-bounty, bug-bounty-writeup25-Feb-2025
web cache deception on private programhttps://medium.com/@0x_karim/web-cache-deception-on-private-program-ccce0a612d46?source=rss------bug_bounty-50xkarimhacking, hackerone, bug-bounty, bug-bounty-tips, bug-hunting25-Feb-2025
Day 19: A Tale of 0-Click Account Takeover and 2FA Bypasshttps://medium.com/@danielbelay/day-19-a-tale-of-0-click-account-takeover-and-2fa-bypass-2b2ed4914a3f?source=rss------bug_bounty-5dani3laccount-takeover-attacks, bug-bounty25-Feb-2025
cyber20 Simple Bug Bounty Automation Techniqueshttps://cyberw1ng.medium.com/cyber20-simple-bug-bounty-automation-techniques-b850db32591c?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, programming, bug-bounty, automation25-Feb-2025
20 Simple Bug Bounty Automation Techniqueshttps://osintteam.blog/cyber20-simple-bug-bounty-automation-techniques-b850db32591c?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, programming, bug-bounty, automation25-Feb-2025
I hacked a company using Elon Musk’s AI.https://medium.com/@niels_ae/i-hacked-a-company-using-elon-musks-ai-6eaa48bef222?source=rss------bug_bounty-5Nielsbug-bounty, cybersecurity, hacker24-Feb-2025
Uncovering Hidden Cloudflare Pages and Workershttps://infosecwriteups.com/uncovering-hidden-cloudflare-pages-and-workers-af602df05f1a?source=rss------bug_bounty-5Scott Lindhbug-bounty, cyber-security-awareness, hacker, penetration-testing, hackerone24-Feb-2025
Free VPS for penetration testing and bounty and part 3https://infosecwriteups.com/free-vps-for-penetration-testing-and-bounty-and-part-3-3c5b2f4642cc?source=rss------bug_bounty-5loyalonlytodayvps, cybersecurity, tips, bug-bounty, programming24-Feb-2025
Subscription? No Thanks! We Hack Our Way In!https://medium.com/@ajay.kumar.695632/subscription-no-thanks-we-hack-our-way-in-42f884f56db2?source=rss------bug_bounty-5Ajay Kumarbug-bounty, bugs, bug-bounty-tips, bug-bounty-writeup24-Feb-2025
The biggest misconception: Bug Bounty Programs are only for the largest organizationshttps://medium.com/@hackrate/the-biggest-misconception-bug-bounty-programs-are-only-for-the-largest-organizations-a31b920b9d18?source=rss------bug_bounty-5Levente Molnarcybersecurity, bug-bounty-tips, bug-bounty, hacking, ethical-hacking24-Feb-2025
Interesting Case of CSRF in [Redacted]https://one33se7en.medium.com/interesting-case-of-csrf-in-redacted-981dc2ba5f10?source=rss------bug_bounty-5one33se7enbug-bounty-tips, bug-bounty-writeup, bug-bounty24-Feb-2025
Top 5 Bugs can give you $10,000 and more.https://medium.com/@anandrishav2228/top-5-bugs-can-give-you-10-000-and-more-f51bc93a1162?source=rss------bug_bounty-5Rishav anandhacking, cybersecurity, money, bug-bounty, students24-Feb-2025
Invitation Hijacking via Self-Signup in [Redacted] Enterprisehttps://one33se7en.medium.com/invitation-hijacking-via-self-signup-in-redacted-enterprise-ab0f885a6cdd?source=rss------bug_bounty-5one33se7enbug-bounty-tips, bug-bounty-writeup, bug-bounty24-Feb-2025
$100-$5000 worth LFI Vulnerability | Advanced Tips and Trickshttps://infosecwriteups.com/100-5000-worth-lfi-vulnerability-advanced-tips-and-tricks-f68fb48324a6?source=rss------bug_bounty-5It4chis3cbypass, lfi-vulnerability, secrets, lfi, bug-bounty24-Feb-2025
LiveZilla Server XSS Vulnerabilityhttps://cybersecuritywriteups.com/livezilla-server-xss-vulnerability-81563deea5a8?source=rss------bug_bounty-5RivuDonbug-bounty, ethical-hacking, infosecurity, bug-bounty-tips, infosec24-Feb-2025
$50k BOUNTY JUST FOR GITHUB TOKEN LEAKShttps://medium.com/@hrofficial62/50k-bounty-just-for-github-token-leaks-93c901e076c4?source=rss------bug_bounty-5Mr Horbiohackerone, pentesting, bug-bounty, hacking, cybersecurity24-Feb-2025
Apple has just fixed one of the biggest usability issues with CarPlayhttps://medium.com/@mianhamdan.com/apple-has-just-fixed-one-of-the-biggest-usability-issues-with-carplay-1ed387c075d3?source=rss------bug_bounty-5Mian Hamdanartificial-intelligence, bug-bounty, apple, apple-car, apple-music24-Feb-2025
How to Find XSS Automatically in Bug Huntinghttps://medium.com/@vipulsonule71/how-to-find-xss-automatically-in-bug-hunting-a41a6220dba0?source=rss------bug_bounty-5Vipul Sonulepenetration-testing, cybersecurity, hacking, tryhackme-walkthrough, bug-bounty24-Feb-2025
NoSQL Injection Vulnerabilityhttps://infosecwriteups.com/nosql-injection-vulnerability-ead8ccd60666?source=rss------bug_bounty-5Ajay Naikcyber-security-awareness, cyberattack, penetration-testing, bug-bounty, cybersecurity24-Feb-2025
Interesting Case of CSRFhttps://one33se7en.medium.com/interesting-case-of-csrf-in-redacted-981dc2ba5f10?source=rss------bug_bounty-5one33se7enbug-bounty-tips, bug-bounty-writeup, bug-bounty24-Feb-2025
DS_Store Hunting: Uncovering Sensitive Data in Bug Bounty Programshttps://maordayanofficial.medium.com/ds-store-hunting-uncovering-sensitive-data-in-bug-bounty-programs-fc3f925c9c52?source=rss------bug_bounty-5Maor Dayan - מאור דייןbug-bounty, security-research, sensitive, python, bug-hunting24-Feb-2025
How I Found My First High-Severity Bug and Got Rewarded with 3 Trays of Red Bull!https://medium.com/@iski/how-i-found-my-first-high-severity-bug-and-got-rewarded-with-3-trays-of-red-bull-29ec0ca6a2e4?source=rss------bug_bounty-5Iskibug-bounty-writeup, bug-bounty-hunting, p1-bug, bug-bounty, bug-bounty-tips24-Feb-2025
XSS & HTML Injection via Google Dorking – A Practical Guidehttps://medium.com/@gourisankara357/xss-html-injection-via-google-dorking-a-practical-guide-b535a18fad3b?source=rss------bug_bounty-5Gouri Sankar Axss-attack, bug-bounty-tips, google, infosec, bug-bounty24-Feb-2025
“ From Zero to $500+: How LFIs Can Line Your Pockets (Real-World Examples Inside!)”https://osintteam.blog/from-zero-to-500-how-lfis-can-line-your-pockets-real-world-examples-inside-356d55cf46e3?source=rss------bug_bounty-5Krish_cyberbug-bounty-writeup, bug-bounty, osint, money, infosec-write-ups24-Feb-2025
How I Found The open redirect vulnerability?https://doordiefordream.medium.com/how-i-found-the-open-redirect-vulnerability-e0c3583b4e89?source=rss------bug_bounty-5Bug hunter baluvulnerability, ethical-hacking, technology, cybersecurity, bug-bounty24-Feb-2025
Unpatched RCE in Laravel Voyager = Big Bounties!https://osintteam.blog/unpatched-rce-in-laravel-voyager-big-bounties-2eb3ebb09253?source=rss------bug_bounty-50day storiestechnology, bug-bounty, bug-bounty-tips, penetration-testing, cybersecurity24-Feb-2025
How I Earned $9,750 in 48 Hours by Finding a Critical Security Flawhttps://medium.com/@ibtissamhammadi/how-i-earned-9-750-in-48-hours-by-finding-a-critical-security-flaw-b3ec6172a7c9?source=rss------bug_bounty-5Ibtissam Hammadicybersecurity, bug-bounty, hacking, vulnerability, idor24-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-107)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-107-983c1cd2e667?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, hacking, ethical, cybersecurity, bug-bounty-tips24-Feb-2025
Bug Bounty Recon: Turning Data into Actionable Findings (Part 3)https://medium.com/@weaponshot/bug-bounty-recon-turning-data-into-actionable-findings-part-3-924d7d001ecc?source=rss------bug_bounty-5Matyis Konghacking, recon, cybersecurity, bug-bounty24-Feb-2025
$20,000 Bounty: How a Leaked Session Cookie Led to an Account Takeoverhttps://cyberw1ng.medium.com/20-000-bounty-how-a-leaked-session-cookie-led-to-an-account-takeover-06baed26b707?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, programming, bug-bounty, cybersecurity, jobs24-Feb-2025
HOW I DISCOVERED AN XSS VULNERABILITY IN A VDP PROGRAMhttps://medium.com/@anripo2006/how-i-discovered-an-xss-vulnerability-in-a-vdp-program-7bc3880c6f22?source=rss------bug_bounty-5Antonio Rivera Pobletexss-bypass, xss-vulnerability, bug-bounty24-Feb-2025
Special Characters :^)https://medium.com/cloud-security/special-characters-9a65093c5bfe?source=rss------bug_bounty-5Teri Radichelcharacter, bug-bounty, special-character, encoding, pentesting24-Feb-2025
CÓMO DESCUBRÍ UNA VULNERABILIDAD XSS EN UN PROGRAMA VDPhttps://medium.com/@anripo2006/c%C3%B3mo-descubr%C3%AD-una-vulnerabilidad-xss-en-un-programa-vdp-c9133241cc5b?source=rss------bug_bounty-5Antonio Rivera Pobletevdp, xss-attack, bug-bounty, xss-bypass, hacking24-Feb-2025
$20,000 Bounty: How a Leaked Session Cookie Led to an Account Takeoverhttps://osintteam.blog/20-000-bounty-how-a-leaked-session-cookie-led-to-an-account-takeover-06baed26b707?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, programming, bug-bounty, cybersecurity, jobs24-Feb-2025
Resource consumption Vulnerabilityhttps://medium.com/@VulnRAM/resource-consumption-vulnerability-542d0b38152e?source=rss------bug_bounty-5ramzey elsayed mohamedbug-bounty, penetration-testing, bug-bounty-tips, bugs, bug-bounty-writeup23-Feb-2025
Firefox and Chrome extensions for bug-bounty hunters. (PART 1).https://osintteam.blog/firefox-and-chrome-extensions-for-bug-bounty-hunters-part-1-49e34f70d076?source=rss------bug_bounty-5loyalonlytodayextension, cybersecurity, tips, penetration-testing, bug-bounty23-Feb-2025
Administrator Account Takeoverhttps://medium.com/@hrofficial62/administrator-account-takeover-bf08c592bf6a?source=rss------bug_bounty-5Mr Horbiopentesting, bug-bounty, hacking, hackerone, cybersecurity23-Feb-2025
Uncovering Hidden Treasures: Mastering Wayback URLs for Bug Bounty Huntinghttps://abhayal.medium.com/uncovering-hidden-treasures-mastering-wayback-urls-for-bug-bounty-hunting-8571357b7649?source=rss------bug_bounty-5Abhayalwaybackurls, bug-bounty-tips, bug-bounty, bug-bounty-writeup, hacking23-Feb-2025
Information Disclosure Hunting: Tool Tips & Commandshttps://infosecwriteups.com/information-disclosure-hunting-tool-tips-commands-48003154e8bb?source=rss------bug_bounty-5Monika sharmatechnology, bug-bounty, hacking, penetration-testing, bug-bounty-tips23-Feb-2025
Mapping the Applicationhttps://medium.com/@muhammad4208/mapping-the-application-a922729a6772?source=rss------bug_bounty-5Muhammad Abdullah Niaziweb-mapping, bug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-program23-Feb-2025
The Journey That Changed Everything — My NASA LOR Storyhttps://medium.com/@sivasankardasdas/the-journey-that-changed-everything-my-nasa-lor-story-744ace9f3caf?source=rss------bug_bounty-5Sivasankardascybersecurity, nasa, osint, ethical-hacking, bug-bounty23-Feb-2025
Profile Avatar Unlock vulnerabilityhttps://medium.com/@ajay.kumar.695632/profile-avatar-unlock-vulnerability-c3f53fe278cd?source=rss------bug_bounty-5Ajay Kumarbug-bounty, bug-bounty-writeup, bug-bounty-tips, bugs23-Feb-2025
Web Academy Lab: CORS vulnerability with basic origin reflectionhttps://medium.com/@mehedihasanemonceh/web-academy-lab-cors-vulnerability-with-basic-origin-reflection-a6130cb49053?source=rss------bug_bounty-5Mehedi Hasan Emoncors-vulnerability, portswigger, bug-bounty, cors, pentesting23-Feb-2025
Bypassing HackerOne 2FA due to race condition.https://akashhamal0x01.medium.com/bypassing-hackerone-2fa-due-to-race-condition-8afe2dbff7c9?source=rss------bug_bounty-5Akash Hamalbug-bounty-tips, hackerone, cybersecurity, bug-bounty23-Feb-2025
Subdomain Enumeration Like Never Before: Unveiling rsecloud.com — The Hidden Gem for Advanced Reconhttps://medium.com/@hacker_might/subdomain-enumeration-like-never-before-unveiling-rsecloud-com-the-hidden-gem-for-advanced-recon-322bcd900837?source=rss------bug_bounty-5hacker_mightbug-bounty, subdomains-enumeration, bug-bounty-tips, reconnaissance, hidden-recon23-Feb-2025
Exploiting an Exposed Swagger File to Achieve RCEhttps://elhadadx.medium.com/exploiting-an-exposed-swagger-file-to-achieve-rce-cceb4d1f8ad0?source=rss------bug_bounty-50Xelhadadxpenetration-testing, security, bug-bounty, information-security, rce23-Feb-2025
Part 2: $1000 Bug Bounty Guide — Advanced JavaScript Analysis for Hidden Vulnerabilitieshttps://hackersatty.medium.com/part-2-1000-bug-bounty-guide-advanced-javascript-analysis-for-hidden-vulnerabilities-5a47645b575f?source=rss------bug_bounty-5hackersattybug-bounty-writeup, penetration-testing, bug-bounty, owasp-top-10, hacking23-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-108)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-108-fc10603a0583?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips, hacking23-Feb-2025
Cross-site scripting Lab- 2: Stored XSS into HTML context with nothing encodedhttps://medium.com/@mehedihasanemonceh/cross-site-scripting-lab-2-stored-xss-into-html-context-with-nothing-encoded-67318fe316b2?source=rss------bug_bounty-5Mehedi Hasan Emonbug-bounty, cross-site-scripting, website-security, portswigger, xss-attack23-Feb-2025
$1000-$10k worth Leaks via Github Secret Dorkshttps://infosecwriteups.com/1000-10k-worth-leaks-via-github-secret-dorks-6e13a2b7617a?source=rss------bug_bounty-5It4chis3cleaked, secrets, bug-bounty, github, github-dorking23-Feb-2025
Admin Account Takeover in Moodle!https://medium.com/@Nightbloodz/admin-account-takeover-in-moodle-093708a0f749?source=rss------bug_bounty-5Alvaro Baladainfosec, cve, cybersecurity, bug-bounty-writeup, bug-bounty23-Feb-2025
Comprehensive CEH v13 Study Guidehttps://medium.com/@verylazytech/comprehensive-ceh-v13-study-guide-965965af5c06?source=rss------bug_bounty-5Very Lazy Techethical-hacking, penetration-testing, hacking, ceh-certification, bug-bounty23-Feb-2025
Are Private Bug Bounty Programs Worth It? The Truth About Inviteshttps://medium.com/@HackerNasr/are-private-bug-bounty-programs-worth-it-the-truth-about-invites-164f94842d54?source=rss------bug_bounty-5HackerNasrcybersecurity, ethical-hacking, penetration-testing, hacking, bug-bounty23-Feb-2025
Subdomain Enumeration Like Never Before: Unveiling rsecloud.com — The Hidden Gem for Advanced Reconhttps://osintteam.blog/subdomain-enumeration-like-never-before-unveiling-rsecloud-com-the-hidden-gem-for-advanced-recon-322bcd900837?source=rss------bug_bounty-5hacker_mightbug-bounty, subdomains-enumeration, bug-bounty-tips, reconnaissance, hidden-recon23-Feb-2025
How I Found an Easy Dom xss.https://medium.com/infosecmatrix/how-i-found-an-easy-dom-xss-b93bbe09e2bf?source=rss------bug_bounty-5loyalonlytodaytips, xss-attack, bug-bounty, hacking, cybersecurity23-Feb-2025
️ Top Tools Used for Bug Huntinghttps://medium.com/@vipulsonule71/%EF%B8%8F-top-tools-used-for-bug-hunting-d1f40926733a?source=rss------bug_bounty-5Vipul Sonulehacking, technology, writing, bug-bounty, vulnerability23-Feb-2025
$100-$5000 worth File Upload Vulnerability | Advanced Techniqueshttps://infosecwriteups.com/100-5000-worth-file-upload-vulnerability-advanced-techniques-7c598837607f?source=rss------bug_bounty-5It4chis3cfile-upload-vulnerability, bug-bounty, secrets, file-upload, bypass23-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-106)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-106-f15dc8fd13f8?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, bug-bounty-tips, bug-bounty, ethical-hacking, cybersecurity23-Feb-2025
HackTheBox Challenge Only-Hackshttps://medium.com/@maxcyber882/hackthebox-challenge-only-hacks-d96d3aeb465c?source=rss------bug_bounty-5Maxcyberhackthebox, infosec, cybersecurity, bug-bounty23-Feb-2025
Bank offer IDOR Fix Bypassed: How I Accessed Unauthorized Offers and Secured a $10,000 Bounty —…https://bxmbn.medium.com/bank-offer-idor-fix-bypassed-how-i-accessed-unauthorized-offers-and-secured-a-10-000-bounty-41052b31a2fc?source=rss------bug_bounty-5bombonbug-bounty, cybersecurity, idor-vulnerability23-Feb-2025
Day 18: How a Researcher Hacked One of the Biggest Airlines Group in the Worldhttps://medium.com/@danielbelay/day-18-how-a-researcher-hacked-one-of-the-biggest-airlines-group-in-the-world-e2b896e74503?source=rss------bug_bounty-5dani3lethical-hacking, account-takeover, ato, bug-bounty23-Feb-2025
Let’s Talk About Encryption And IDORs(Yes, IDOR,s Again)— @bxmbnhttps://bxmbn.medium.com/lets-talk-about-encryption-and-idors-yes-idor-s-again-bxmbn-911bfb7a2de3?source=rss------bug_bounty-5bombonbug-bounty, encryption, idor23-Feb-2025
How I Hacked India’s Most Popular Matrimony Website and Earned a ₹10,000 Amazon Gift Cardhttps://infosecwriteups.com/how-i-hacked-indias-most-popular-matrimony-website-and-earned-a-10-000-amazon-gift-card-4dad7b6eff5d?source=rss------bug_bounty-5Vivek PScybersecurity, bug-bounty, programming, penetration-testing, hacking23-Feb-2025
Top 3 Books to get started Bug Huntinghttps://medium.com/@julius.grosserode.19/top-3-books-to-get-started-bug-hunting-e20db0ccb9c6?source=rss------bug_bounty-5Juliobug-bounty, hacking-books, hacking23-Feb-2025
Hijacking Sessions with IDOR and XSS— @bxmbnhttps://bxmbn.medium.com/hijacking-sessions-with-idor-and-xss-bxmbn-396f99761a85?source=rss------bug_bounty-5bombonidor, cross-site-scripting, bug-bounty23-Feb-2025
Account Takeover (ATO): A Practical Guide to Finding and Preventing Attackshttps://cyberw1ng.medium.com/account-takeover-ato-a-practical-guide-to-finding-and-preventing-attacks-64c071d0ae84?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, cybersecurity, bug-bounty, careers, education23-Feb-2025
Account Takeover (ATO): A Practical Guide to Finding and Preventing Attackshttps://osintteam.blog/account-takeover-ato-a-practical-guide-to-finding-and-preventing-attacks-64c071d0ae84?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, cybersecurity, bug-bounty, careers, education23-Feb-2025
How to Find XSS in Web Applications in Bug Hunting ️‍♂️https://medium.com/@vipulsonule71/how-to-find-xss-in-web-applications-in-bug-hunting-%EF%B8%8F-%EF%B8%8F-e5b3e9e27835?source=rss------bug_bounty-5Vipul Sonuletechnology, writing, bug-bounty, cybersecurity, hacking22-Feb-2025
How I Found a Confidential Business Agreement on Wayback Machinehttps://aiwolfie.medium.com/how-i-found-a-confidential-business-agreement-on-wayback-machine-efd1f0abf4cf?source=rss------bug_bounty-5AIwolfiebug-bounty, bug-bounty-writeup, cybersecurity, hacking, hackerone22-Feb-2025
SQL Injection Vulnerability Analysis and Mitigationhttps://medium.com/@shibinkodoth1/sql-injection-vulnerability-analysis-and-mitigation-4a3180976145?source=rss------bug_bounty-5Shibin Balakrishnanhacking, cybersecurity, sql, sql-injection, bug-bounty22-Feb-2025
My Approach to Bypassing Strong WAF in XSShttps://medium.com/@randixploit.shtml/my-approach-to-bypassing-strong-waf-in-xss-0c2e0864043b?source=rss------bug_bounty-5Just Rpenetration-testing, xss-attack, bug-bounty-writeup, bug-bounty, bypass22-Feb-2025
Finding the origin IP addresshttps://infosecwriteups.com/finding-the-origin-ip-address-1e9cd5073e8c?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, programming, tips, ethical-hacking22-Feb-2025
What is the Dark Web? A Complete Guide for Businesseshttps://medium.com/@08hakr/what-is-the-dark-web-a-complete-guide-for-businesses-15413b9a3aba?source=rss------bug_bounty-5Kshirsagar Hrushikeshhacking, computer-science, cybersecurity, bug-bounty, darkweb22-Feb-2025
The Dark Web: A Business Survival Guidehttps://medium.com/@cybershastra7/the-dark-web-a-business-survival-guide-dc4d36d4c3ec?source=rss------bug_bounty-5CyberShastracybersecurity, bug-bounty, darkweb, computer-science, hacking22-Feb-2025
Silent Takeover: How We Hacked Authentication Flows to Compromise 2000+ Healthcare Tenants with…https://pandyamayur2018.medium.com/silent-takeover-how-we-hacked-authentication-flows-to-compromise-2000-healthcare-tenants-with-fa51817c3086?source=rss------bug_bounty-5Mayur Pandyavapt, cybersecurity, authentication, bug-bounty, infosec22-Feb-2025
XSS Chronicles: How I Stumbled Upon a Critical API Key Leakhttps://medium.com/@soufianehabti/xss-chronicles-how-i-stumbled-upon-a-critical-api-key-leak-9ea65ffc3f5a?source=rss------bug_bounty-5Soufiane Habtibug-bounty, cybersecurity, ethical-hacking22-Feb-2025
Silent Takeover: How We Hacked Authentication Flows to Compromise 2000+ Healthcare Tenants with…https://pandyamayurrr.medium.com/silent-takeover-how-we-hacked-authentication-flows-to-compromise-2000-healthcare-tenants-with-fa51817c3086?source=rss------bug_bounty-5Mayur Pandyavapt, cybersecurity, authentication, bug-bounty, infosec22-Feb-2025
Breaking Boundaries: My Journey from limited Stored XSS to Open Redirect & a Sneaky CSRF Referrer…https://medium.com/@0xNayelx/breaking-boundaries-my-journey-from-limited-stored-xss-to-open-redirect-a-sneaky-csrf-referrer-6dc939cf7aed?source=rss------bug_bounty-50xNayelbug-bounty, security, bug-bounty-tips, writeup, bug-bounty-writeup22-Feb-2025
Identifying Our Target from Bugcrowdhttps://medium.com/@mdsahat6397/identifying-our-target-from-bugcrowd-fdb3de6a98ab?source=rss------bug_bounty-5Tasneem Sahatbugcrowd, bug-bounty22-Feb-2025
Web Security Academy: File path traversal, traversal sequences blocked with absolute path bypasshttps://medium.com/@mehedihasanemonceh/web-security-academy-file-path-traversal-traversal-sequences-blocked-with-absolute-path-bypass-99255db560d6?source=rss------bug_bounty-5Mehedi Hasan Emonbug-bounty, portswigger, cybersecurity, lfi, path-traversal22-Feb-2025
90% Hunters V/S 10% Huntershttps://bitpanic.medium.com/90-hunters-v-s-10-hunters-fa9089523181?source=rss------bug_bounty-5Spectat0rguycybersecurity, programming, bug-bounty-tips, bug-bounty, technology22-Feb-2025
1000$ Bounty in less than 30 Seconds via the power of custom wordlistshttps://0xrasputin.medium.com/1000-bounty-in-less-than-30-seconds-via-the-power-of-custom-wordlists-3f7deba5bf08?source=rss------bug_bounty-50xRasputinbug-hunting, pentesting, bug-bounty, recon22-Feb-2025
Web Application Technologieshttps://medium.com/@muhammad4208/web-application-technologies-aaa947303675?source=rss------bug_bounty-5Muhammad Abdullah Niaziweb-technology, bug-bounty-tips, bug-bounty-program, bug-bounty, bug-bounty-hunter22-Feb-2025
Exploiting the Shadows: How I Uncovered a Command Injection via OOB and Bagged $800https://medium.com/@kura1yum3/exploiting-the-shadows-how-i-uncovered-a-command-injection-via-oob-and-bagged-800-73c4bc90a130?source=rss------bug_bounty-5KuroSh1R0hackerone, bug-bounty22-Feb-2025
️‍♂️How to Find XSS in Bug Hunting ️‍♂️https://medium.com/@vipulsonule71/%EF%B8%8F-%EF%B8%8F-how-to-find-xss-in-bug-hunting-%EF%B8%8F-%EF%B8%8F-d7243160da01?source=rss------bug_bounty-5Vipul Sonulecybersecurity, ai, bug-bounty, penetration-testing, technology22-Feb-2025
$100-$200 worth 403 Bypass Techniqueshttps://infosecwriteups.com/100-200-worth-403-bypass-techniques-e4c22064091a?source=rss------bug_bounty-5It4chis3cbug-bounty, secrets, bypass, 403-forbidden, hidden22-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-105)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-105-6016b1f36174?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, bug-bounty, hacking, ethical-hacking, bug-bounty-tips22-Feb-2025
Bug Bounty Restart- Phase 1: Preparation & Mindsethttps://infosecwriteups.com/bug-bounty-restart-phase-1-preparation-mindset-57ca877a9278?source=rss------bug_bounty-5Om Aroracybersecurity, infosec, bug-bounty, bug-bounty-writeup, technology22-Feb-2025
Day 17: [$5K] Misconfigured Reset Password Leads to Account Takeover (No User Interaction ATO)https://medium.com/@danielbelay/day-17-5k-misconfigured-reset-password-leads-to-account-takeover-no-user-interaction-ato-4d378e995fc2?source=rss------bug_bounty-5dani3laccount-takeover, ato, bug-bounty22-Feb-2025
CRLF Injection: How a Simple Bug Can Earn You $1500!https://cybersecuritywriteups.com/crlf-injection-how-a-simple-bug-can-earn-you-1500-ff3aabc54a77?source=rss------bug_bounty-5Krish_cyberbug-bounty, ethical-hacking, infosec-write-ups, bug-bounty-tips, osint22-Feb-2025
The Art of Software Testing: Types, Methods, and Best Practiceshttps://i-am-tibi.medium.com/the-art-of-software-testing-types-methods-and-best-practices-608cc6770136?source=rss------bug_bounty-5Tibb.Insoftware-testing, qa-testing, qa, bugs, bug-bounty22-Feb-2025
Earn $500 with Open Redirect Vulnerabilities!https://osintteam.blog/earn-500-with-open-redirect-vulnerabilities-224d637f683c?source=rss------bug_bounty-5Krish_cyberinformation-security, bug-bounty, infosec-write-ups, osint, open-redirect22-Feb-2025
Methods and Tools for Extracting Information from Websiteshttps://medium.com/@paritoshblogs/methods-and-tools-for-extracting-information-from-websites-c26b4584ef43?source=rss------bug_bounty-5Paritoshai, bug-bounty, python, web-scraping, cybersecurity22-Feb-2025
Finding Juicy Information from GraphQLhttps://cyberw1ng.medium.com/finding-juicy-information-from-graphql-22fb09bd9e61?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, jobs, bug-bounty, programming, cybersecurity22-Feb-2025
Finding Juicy Information from GraphQLhttps://osintteam.blog/finding-juicy-information-from-graphql-22fb09bd9e61?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, jobs, bug-bounty, programming, cybersecurity22-Feb-2025
$100 Bounty: Username Restriction Bypassedhttps://medium.com/@kumawatabhijeet2002/100-bounty-username-restriction-bypassed-0d6422564c36?source=rss------bug_bounty-5Abhijeet kumawatinfosec, cybersecurity, hacking, secrets, bug-bounty21-Feb-2025
Burp Suite AI Extension for Pentesterhttps://hackerassociate.medium.com/burp-suite-ai-extension-for-pentester-742358811884?source=rss------bug_bounty-5Harshad Shahburpsuite, infosec, hacking, cybersecurity, bug-bounty21-Feb-2025
【Recognition】Excellent Security Researcher in January 2025 → iiiiiinvhttps://medium.com/@security.tecno/recognition-excellent-security-researcher-in-january-2025-iiiiiinv-29bcf9b3d91b?source=rss------bug_bounty-5TECNO Securityweb-development, apps, security, research, bug-bounty21-Feb-2025
Getting Started with Bug Bounty Hunting: A Simple Guide(Free Version)https://medium.com/@bombhajohn/getting-started-with-bug-bounty-hunting-a-simple-guide-free-version-3363ecd320c2?source=rss------bug_bounty-5Folks47gheecyber-security-awareness, bug-bounty, bug-bounty-tips, data, cybersecurity21-Feb-2025
OWASP Top 10: The Hacker’s Favorite Menu (And How to Ruin Their Appetite)https://falilu.medium.com/owasp-top-10-the-hackers-favorite-menu-and-how-to-ruin-their-appetite-12b67dfaa998?source=rss------bug_bounty-5Falilu Rahmanowasp-top-10, web-application-security, technology, cybersecurity, bug-bounty21-Feb-2025
$100 Bounty: Username Restriction Bypassedhttps://infosecwriteups.com/100-bounty-username-restriction-bypassed-0d6422564c36?source=rss------bug_bounty-5Abhijeet kumawatinfosec, cybersecurity, hacking, secrets, bug-bounty21-Feb-2025
$50-$500 worth Information Disclosure Bug Automationhttps://it4chis3c.medium.com/50-500-worth-information-disclosure-bug-automation-3afc596fa206?source=rss------bug_bounty-5It4chis3cinformation-disclosure, sensitive-data, bug-bounty, hidden, secrets21-Feb-2025
My First Bug Discovery in Facebook Bug Bounty 2025https://medium.com/@bayusetb/my-first-bug-discovery-in-facebook-bug-bounty-2025-728b14eaf6cc?source=rss------bug_bounty-5Bayusetbfacebook-bug-bounty, meta-bug-bounty, bug-bounty-writeup, idor, bug-bounty21-Feb-2025
From a Steward Security Gaurd to a Cybersecurity Startup Founder!https://ajakcybersecurity.medium.com/from-a-steward-security-gaurd-to-a-cybersecurity-startup-founder-5fed143b6b24?source=rss------bug_bounty-5AJAK Cyber Academybug-bounty, cybersecurity, startup, technology, hacking21-Feb-2025
Note-taking apps for bug bounty hunting and ethical hacking purposeshttps://medium.com/readers-club/note-taking-apps-for-bug-bounty-hunting-and-ethical-hacking-purposes-635a198ec9d9?source=rss------bug_bounty-5loyalonlytodaybug-bounty, notetaking, tips, notes, cybersecurity21-Feb-2025
How to Find Information Disclosure Bugs in Bug Huntinghttps://medium.com/@vipulsonule71/how-to-find-information-disclosure-bugs-in-bug-hunting-44954ee8b2fd?source=rss------bug_bounty-5Vipul Sonuletechnology, cybersecurity, bug-bounty, hacking, penetration-testing21-Feb-2025
Burp Suite AI Extension for Pentesterhttps://medium.com/offensive-black-hat-hacking-security/burp-suite-ai-extension-for-pentester-742358811884?source=rss------bug_bounty-5Harshad Shahburpsuite, infosec, hacking, cybersecurity, bug-bounty21-Feb-2025
Find 100+ CVEs Using These 5 Simple GitHub Dorkshttps://medium.com/@ibtissamhammadi/find-100-cves-using-these-5-simple-github-dorks-bfdde1653a20?source=rss------bug_bounty-5Ibtissam Hammadigithub, programming, infosec, bug-bounty, cybersecurity21-Feb-2025
Inside Our Car Hacking Demonstrator: A Training Platform for Automotive Cybersecurityhttps://medium.com/@maajix/inside-our-car-hacking-demonstrator-a-training-platform-for-automotive-cybersecurity-4c95035b2994?source=rss------bug_bounty-5Majixbug-bounty-tips, car-hacking, bug-bounty, automotive, hacking21-Feb-2025
Day 16: Massive Users Account Takeovers (Chaining Vulnerabilities to IDOR)https://medium.com/@danielbelay/day-16-massive-users-account-takeovers-chaining-vulnerabilities-to-idor-11d1b0731c4c?source=rss------bug_bounty-5dani3lethical-hacking, pen-testing-tool, bug-bounty, ato21-Feb-2025
Easiest Vulnerability $200 You can test it under 2 minuteshttps://progprnv.medium.com/easiest-vulnerability-200-you-can-test-it-under-2-minutes-2f45b4a0c785?source=rss------bug_bounty-5progprnvbug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty21-Feb-2025
I Earned $500 in 2 Minutes by Finding a Sensitive File!https://cybersecuritywriteups.com/i-earned-500-in-2-minutes-by-finding-a-sensitive-file-a71817a66ba9?source=rss------bug_bounty-5Krish_cyberidor, hacking, bug-bounty, ai, infosec21-Feb-2025
Pre-Seeding Trap Story: Exploiting PII Data Before It’s Loggedhttps://medium.com/@ahmedelmorsy312/pre-seeding-trap-story-exploiting-pii-data-before-its-logged-8284f47a5854?source=rss------bug_bounty-5Ahmed Elmorsibug-hunting, cybersecurity, bug-bounty, hackerone21-Feb-2025
How I Discovered a Bug to Delete Any User Account!https://medium.com/@kumawatabhijeet2002/how-i-discovered-a-bug-to-delete-any-user-account-b8ae1c60a6a9?source=rss------bug_bounty-5Abhijeet kumawatcybersecurity, bug-bounty, infosec, money, hacking21-Feb-2025
How to Find Information Disclosure Bughttps://medium.com/@vipulsonule71/how-to-find-information-disclosure-bugs-in-bug-hunting-44954ee8b2fd?source=rss------bug_bounty-5Vipul Sonuletechnology, cybersecurity, bug-bounty, hacking, penetration-testing21-Feb-2025
Announcing the Lysa (Testnet) Bug Bounty Program!https://medium.com/@GoRWAChain/announcing-the-lysa-testnet-bug-bounty-program-b73ed9adbd5c?source=rss------bug_bounty-5Go! SmartChain AIbug-bounty, blockchain, crypto, web3, cryptocurrency21-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-104)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-104-b2c76940b84b?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, hacking, bug-bounty-tips, bug-bounty, cybersecurity21-Feb-2025
How to Choose a Bug Bounty Platformhttps://medium.com/@hackrate/how-to-choose-a-bug-bounty-platform-178e0eb95202?source=rss------bug_bounty-5Levente Molnarhacking, bug-bounty-tips, cybersecurity, ethical-hacking, bug-bounty21-Feb-2025
How I Found 5 Reflected XSS in a Public Programhttps://medium.com/@mahmodziad40/how-i-found-5-reflected-xss-in-a-public-program-44b168ae6526?source=rss------bug_bounty-5httpzuzbug-bounty-writeup, bug-bounty, reflected-xss, bug-bounty-tips, xss-attack21-Feb-2025
API Loophole: How I Bypassed CAPTCHA to Create Unlimited Accountshttps://medium.com/@rahulgairola/api-loophole-how-i-bypassed-captcha-to-create-unlimited-accounts-0d21de1f96e2?source=rss------bug_bounty-5Rahul Gairolaapi-security, bug-bounty, api-security-testing, bug-bounty-tips, bug-bounty-writeup21-Feb-2025
Dynamic Application Security Testing (DAST)https://medium.com/@evoskolyey/dynamic-application-security-testing-dast-95f70aa16745?source=rss------bug_bounty-5Eugene Voskoleybug-bounty, appsec, devsecops, cybersecurity, dast21-Feb-2025
$100 worth Rate Limit Bypass Bug |Advanced Tricks & Tipshttps://it4chis3c.medium.com/100-worth-rate-limit-bypass-bug-advanced-tricks-tips-7722a98553e3?source=rss------bug_bounty-5It4chis3chidden, rate-limit, rate-limit-bypass, secrets, bug-bounty21-Feb-2025
How to Find Your First Bug and Get Paid — Bug Bounty Made Easyhttps://krishna-cyber.medium.com/how-to-find-your-first-bug-and-get-paid-bug-bounty-made-easy-da3de634265c?source=rss------bug_bounty-5Krish_cyberidor, info-sec-writeups, osint, bug-bounty, readers-club21-Feb-2025
Installing and Using Nuclei for Automated Security Scanninghttps://abhayal.medium.com/installing-and-using-nuclei-for-automated-security-scanning-1b4f53de3ae5?source=rss------bug_bounty-5Abhayalbug-bounty, reconnaissance, hacking, bug-bounty-writeup, bug-bounty-tips21-Feb-2025
Bug Report Rejected? Here’s What You Can Do.https://medium.com/@HackerNasr/bug-report-rejected-heres-what-you-can-do-b4407d7c19b8?source=rss------bug_bounty-5HackerNasrcybersecurity, hacking, penetration-testing, bug-bounty, ethical-hacking21-Feb-2025
25000$ IDOR: How a Simple ID Enumeration Exposed Private Datahttps://cyberw1ng.medium.com/25000-idor-how-a-simple-id-enumeration-exposed-private-data-7de2f60c46fd?source=rss------bug_bounty-5Karthikeyan Nagarajjobs, cybersecurity, careers, bug-bounty, programming21-Feb-2025
The Quickest Way To Learn XSS In 2025! (Free Version)https://medium.com/@bombhajohn/the-quickest-way-to-learn-xss-in-2025-free-version-b006fa64f3ed?source=rss------bug_bounty-5Folks47gheebug-bounty, cybersecurity, technology, data, bug-bounty-tips21-Feb-2025
25000$ IDOR: How a Simple ID Enumeration Exposed Private Datahttps://osintteam.blog/25000-idor-how-a-simple-id-enumeration-exposed-private-data-7de2f60c46fd?source=rss------bug_bounty-5Karthikeyan Nagarajjobs, cybersecurity, careers, bug-bounty, programming21-Feb-2025
Multiple Sensitive Data Leaks — A Deep Divehttps://aiwolfie.medium.com/multiple-sensitive-data-leaks-a-deep-dive-b913172b5146?source=rss------bug_bounty-5AIwolfiecybersecurity, osint, bug-bounty, information-disclosure, hacking20-Feb-2025
WordPress users Disclosure Bug Bounty reporthttps://aimasterprompt.medium.com/wordpress-users-disclosure-bug-bounty-report-d1e901bfc6cb?source=rss------bug_bounty-5aimastercybersecurity, wordpress, information-technology, infosec, bug-bounty20-Feb-2025
Top 10 Tools Every Bug Bounty Hunter Must Usehttps://osintteam.blog/top-10-tools-every-bug-bounty-hunter-must-use-18046e2306a8?source=rss------bug_bounty-5Abhijeet kumawathacking, tools, infosec, cybersecurity, bug-bounty20-Feb-2025
OWASP Top 10 Vulnerabilities 2025: A Comprehensive Guidehttps://osintteam.blog/owasp-top-10-vulnerabilities-2025-a-comprehensive-guide-cc0019ded233?source=rss------bug_bounty-5Ajay Naikcybersecurity, security-testing, bug-bounty, penetration-testing, application-security20-Feb-2025
CRLF Injection: Guide to Finding & Exploiting Vulnerabilitieshttps://osintteam.blog/crlf-injection-guide-to-finding-exploiting-vulnerabilities-75df64c274e6?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, crlf-injection, money, cybersecurity, hacking20-Feb-2025
How to crawl a website like a prohttps://siratsami71.medium.com/how-to-crawl-a-website-like-a-pro-008f98f41f9f?source=rss------bug_bounty-5Sirat Sami (analyz3r)pentesting, bug-bounty20-Feb-2025
$5M Critical Vulnerability Discovery: 3 Warning Signs for 2025https://medium.com/@ibtissamhammadi/5m-critical-vulnerability-discovery-3-warning-signs-for-2025-f407bb9b7998?source=rss------bug_bounty-5Ibtissam Hammadisecurity, bug-bounty, vulnerability, infosec, cybersecurity20-Feb-2025
₹1,000 in 10 mins: BookMyShow’s Open redirect bug!https://infosecwriteups.com/1-000-in-10-mins-bookmyshows-open-redirect-bug-914f47590ecf?source=rss------bug_bounty-5Vivek PScybersecurity, bug-bounty, hacking, bug-bounty-tips, programming20-Feb-2025
Core Defense Mechanismshttps://medium.com/@muhammad4208/core-defense-mechanisms-b9ac54c29e52?source=rss------bug_bounty-5Muhammad Abdullah Niazidefense-mechanism, bug-bounty-tips, web-development, bug-bounty20-Feb-2025
UUID Injection: 0-Click Superadmin ATOhttps://medium.com/@RekoJR/uuid-injection-0-click-superadmin-ato-3dc46a19c9ad?source=rss------bug_bounty-5Reko !bug-bounty-tips, bug-bounty, bug-bounty-writeup20-Feb-2025
$1000 Bug Bounty Guide: Uncovering Hidden Vulnerabilities Through JavaScript Analysishttps://hackersatty.medium.com/1000-bug-bounty-guide-uncovering-hidden-vulnerabilities-through-javascript-analysis-c3f1a698b91b?source=rss------bug_bounty-5hackersattyhacking, penetration-testing, owasp-top-10, bug-bounty-writeup, bug-bounty20-Feb-2025
Exploiting GraphQL Vulnerabilities: How Misconfigurations Can Lead to Data Leakshttps://cyberw1ng.medium.com/exploiting-graphql-vulnerabilities-how-misconfigurations-can-lead-to-data-leaks-c41d50a64cc3?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, jobs, careers, education, bug-bounty20-Feb-2025
Y2FuIHlvdSByZWNvbj8/ | can you recon? | Hacker101 CTF Write-Uphttps://medium.com/@sari.mmusab/y2fuihlvdsbyzwnvbj8-can-you-recon-hacker101-ctf-write-up-f2a446ecc9f0?source=rss------bug_bounty-5Musab Sarıcybersecurity, php, ctf, bug-bounty, writeup20-Feb-2025
Open redirect in logouthttps://medium.com/@muhmoud.barket/open-redirect-in-logout-53656dbb922c?source=rss------bug_bounty-5Mahmoud Barkatbug-bounty-writeup, bug-bounty-tips, bug-bounty20-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-103)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-103-695beef8d81c?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, hacking, ethical-hacking, bug-bounty-tips, cybersecurity20-Feb-2025
$100 worth Open Redirect Automationhttps://it4chis3c.medium.com/100-worth-open-redirect-automation-3e2f9e36bade?source=rss------bug_bounty-5It4chis3chidden, secrets, open-redirect, bug-bounty, practical20-Feb-2025
The Most Innovative Bug Bounty Platformhttps://medium.com/@hackrate/the-most-innovative-bug-bounty-platform-bcd812cb3670?source=rss------bug_bounty-5Levente Molnarbug-bounty-tips, hacking, bug-bounty, ethical-hacking, cybersecurity20-Feb-2025
Even Brahma Had Brahmastra — GarudaX Have Digi-Astra for Youhttps://medium.com/@modernshubhamgupta/even-brahma-had-brahmastra-garudax-have-digi-astra-for-you-834a75d7b337?source=rss------bug_bounty-5Shubham Rajvapt, bug-bounty, vulnerability-assessment, digi-astra, cybersecurity20-Feb-2025
Why PortSwigger Labs is Essential for Beginner bug hunterhttps://medium.com/@mehedihasanemonceh/why-portswigger-labs-is-essential-for-beginner-bug-hunter-8a940472d126?source=rss------bug_bounty-5Mehedi Hasan Emonportswigger-lab, bug-bounty, portswigger, bug-hunter, cybersecurity20-Feb-2025
Future of Bug Reporting: How AI in Chrome DevTools is Revolutionizing QAhttps://medium.com/@hafizghulamabbas/future-of-bug-reporting-how-ai-in-chrome-devtools-is-revolutionizing-qa-b2335c092541?source=rss------bug_bounty-5Hafiz Ghulam Abbas - Sr. SQA Automation Engineerqa, ai, chrome, testing, bug-bounty20-Feb-2025
Shodan for Hackers: The Search Engine for the Internet of Everythinghttps://medium.com/@ajudeb55/shodan-for-hackers-the-search-engine-for-the-internet-of-everything-1a6a7c962d85?source=rss------bug_bounty-5Aju Debprogramming, hacking, bug-bounty, cybersecurity, technology20-Feb-2025
Exploiting GraphQL Vulnerabilities: How Misconfigurations Can Lead to Data Leakshttps://osintteam.blog/exploiting-graphql-vulnerabilities-how-misconfigurations-can-lead-to-data-leaks-c41d50a64cc3?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, jobs, careers, education, bug-bounty20-Feb-2025
Top Search Engines for Hackers: The Ultimate Guidehttps://medium.com/@ajudeb55/top-search-engines-for-hackers-the-ultimate-guide-00f7ab52689e?source=rss------bug_bounty-5Aju Debprogramming, hacking, cybersecurity, bug-bounty, technology19-Feb-2025
Bug Bounty Made Me a MADMANhttps://medium.com/@thedevtaskofficial/bug-bounty-made-me-a-madman-346205a6e4af?source=rss------bug_bounty-5thedevtask officialbug-bounty, security-token, security, hacking, vulnerability19-Feb-2025
Free VPS for penetration testing and bug bounty part 2https://infosecwriteups.com/free-vps-for-penetration-testing-and-bug-bounty-part-2-d88e7ec00e2c?source=rss------bug_bounty-5loyalonlytodaycybersecurity, vps, tips, bug-bounty, awareness19-Feb-2025
Insecure Deserialization + Lab Resolutionhttps://medium.com/@0xpedrop/insecure-deserialization-lab-resolution-1f53adbf26a1?source=rss------bug_bounty-50xPedropcybersecurity, hacking, bug-bounty, bug-bounty-tips19-Feb-2025
Unauthorized Access to Internal Panel via Response Manipulationhttps://0onoproblem.medium.com/unauthorized-access-to-internal-panel-via-response-manipulation-0b6baaae9346?source=rss------bug_bounty-50_oNoProblembug-hunting, vulnerability-assessment, bug-bounty, info-sec-writeups, vulnerability19-Feb-2025
$1000 Bounty: Command Injection Vulnerabilityhttps://medium.com/infosecmatrix/1000-bounty-command-injection-vulnerability-b190222bf07a?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, money, hacking, command-injection, infosec19-Feb-2025
How i got a fileupload vulnerability so easilyhttps://infosecwriteups.com/how-i-got-a-fileupload-vulnerability-so-easily-a659421a0523?source=rss------bug_bounty-5Le_Merdienhacking, bug-bounty, networking, hackerone, penetration-testing19-Feb-2025
I Hacked FIDE.com — Call me Hacknus Carlsen!https://infosecwriteups.com/i-hacked-fide-com-call-me-hacknus-carlsen-529eeb55440d?source=rss------bug_bounty-5Vivek PSchess, hacking, programming, cybersecurity, bug-bounty19-Feb-2025
The Quickest Way To Learn XSS In 2025!https://medium.com/@bombhajohn/how-i-learned-xss-e593a9b956e3?source=rss------bug_bounty-5Folks47gheecybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-writeup, technology19-Feb-2025
How to Find Subdomain Takeover in Bug Huntinghttps://medium.com/@vipulsonule71/how-to-find-subdomain-takeover-in-bug-hunting-863b39a68755?source=rss------bug_bounty-5Vipul Sonulepenetration-testing, hacking, cybersecurity, bug-bounty, technology19-Feb-2025
Inside Agoda’s Bug Bounty Program: How We Stay Ahead of Cyber Threatshttps://medium.com/agoda-engineering/how-agoda-works-with-hackers-to-strengthen-its-security-2e4129299b8b?source=rss------bug_bounty-5Agoda Engineeringbug-bounty, engineering, cybersecurity, security, technology19-Feb-2025
How easy is it to earn from bug bounties? The truth behind ethical hacking rewardshttps://infosecwriteups.com/how-easy-is-it-to-earn-from-bug-bounties-the-truth-behind-ethical-hacking-rewards-1a88e1f58444?source=rss------bug_bounty-5Vivek PShacking, programming, cybersecurity, growth-mindset, bug-bounty19-Feb-2025
Learn how to find one of the easy p4 bughttps://cybersecuritywriteups.com/learn-how-to-find-one-of-the-easy-p4-bug-4f6bdf29044c?source=rss------bug_bounty-5loyalonlytodaybugs, penetration-testing, bug-bounty, cybersecurity, ethical-hacking19-Feb-2025
OTP Login Rate Limit Bypass — The Easiest Bug for Beginners to Discoverhttps://infosecwriteups.com/otp-login-rate-limit-bypass-the-easiest-bug-for-beginners-to-discover-74cbf2432b72?source=rss------bug_bounty-5Vivek PSethical-hacking, programming, bug-bounty-tips, web-security, bug-bounty19-Feb-2025
How I Earned a Hall of Fame Spot at UNESCO by Bypassing 403 Forbiddenhttps://infosecwriteups.com/how-i-earned-a-hall-of-fame-spot-at-unesco-by-bypassing-403-forbidden-fdb2185383f7?source=rss------bug_bounty-5Krunal Patelbug-bounty, bug-bounty-writeup, hacking, penetration-testing, hall-of-fame19-Feb-2025
Bluetooth Low Energy Hacking 101https://medium.com/@majix_de/bluetooth-low-energy-hacking-101-15a471d3e956?source=rss------bug_bounty-5Majixbluetooth, hacking, penetration-testing, pentesting, bug-bounty19-Feb-2025
How i got my name featured on Nebraska University Hall Of Fame.https://medium.com/@eabubakr21/how-i-got-my-name-featured-on-nebraska-university-hall-of-fame-fdb1c16fc0f7?source=rss------bug_bounty-5Eslam Abu Bakrpenetration-testing, information-technology, bug-bounty, ethical-hacking, cybersecurity19-Feb-2025
Linux Privilege Escalation, some ideas from tryhackme machines — part 2https://medium.com/@loaymorad11/linux-privilege-escalation-some-ideas-from-tryhackme-machines-part-2-77def0b1e361?source=rss------bug_bounty-5Loaymoradtryhackme, bug-bounty, cybersecurity, hacking, hackthebox19-Feb-2025
Beginner’s Guide: Basic Methods for Finding Android Application Vulnerabilitieshttps://medium.com/@security.tecno/beginners-guide-basic-methods-for-finding-android-application-vulnerabilities-f1da4e05341c?source=rss------bug_bounty-5TECNO Securityhacking, bug-bounty, apps, bonus, security19-Feb-2025
Critical Security Vulnerability: Unauthenticated Access to /shipments/deleted Endpoint Leads to…https://hackersatty.medium.com/critical-security-vulnerability-unauthenticated-access-to-shipments-deleted-endpoint-leads-to-7edb5d9b7f76?source=rss------bug_bounty-5hackersattyhackerone, bug-bounty-writeup, penetration-testing, bug-bounty, owasp-top-1019-Feb-2025
How to Identify a Server’s Origin IP — And hy?https://medium.com/@verylazytech/how-to-identify-a-servers-origin-ip-and-hy-b6312af71e51?source=rss------bug_bounty-5Very Lazy Techbypass, penetration-testing, cloudflare, ethical-hacking, bug-bounty19-Feb-2025
File Upload Restrictions Bypass in S3 Buckethttps://saeed0x1.medium.com/file-upload-restrictions-bypass-in-s3-bucket-87c2717664a3?source=rss------bug_bounty-5SAEEDbug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips, aws19-Feb-2025
tool to generate XSS payloads.https://medium.com/cyberscribers-exploring-cybersecurity/tool-to-generate-xss-payloads-7d8b323d187d?source=rss------bug_bounty-5loyalonlytodaycybersecurity, bug-bounty, xss-vulnerability, bugs, cross-site-scripting19-Feb-2025
$2,000 Bounty: Unauthenticated Remote Code Execution to Reverse Shell — A Real-World Examplehttps://medium.com/@krishna9823420058/2-000-bounty-unauthenticated-remote-code-execution-to-reverse-shell-a-real-world-example-fd9dff5d9c3f?source=rss------bug_bounty-5Krish_cyberosint, idor, hacking, infosec, bug-bounty19-Feb-2025
How I Made $6,000 by Exploiting JWT Manipulation on a Web3 Crypto Apphttps://medium.com/@krishna9823420058/how-i-made-6-000-by-exploiting-jwt-manipulation-on-a-web3-crypto-app-f3ab440f02b6?source=rss------bug_bounty-5Krish_cyberbug-bounty, jwt-token, osint, hacking, cybersecurity19-Feb-2025
HTTP FILTER: Streamlining HTTP Response Analysis for Security Researchershttps://yogsec.medium.com/http-filter-streamlining-http-response-analysis-for-security-researchers-9e356e2065d2?source=rss------bug_bounty-5YogSechttp-filter, httpx, bug-bounty, http-tool, hacking-tools19-Feb-2025
No Rate Limit: The Easiest Bug Bounty Payout You’re Missinghttps://medium.com/@abdulbasitpriv/no-rate-limit-the-easiest-bug-bounty-payout-youre-missing-79335e39c377?source=rss------bug_bounty-5Abdul Basit Khanbug-bounty, website, rate-limit, vulnerability, penetration-testing19-Feb-2025
How I found SQL injection vulnerability on the government organization website!https://hiddendom.medium.com/how-i-found-sql-injection-vulnerability-on-the-government-organization-website-01533dba5158?source=rss------bug_bounty-5Gokuleswaran Bbug-bounty-tips, bug-bounty, sql-injection, sql-injection-attack, bug-bounty-writeup19-Feb-2025
LFI Advanced Methodology by Abhijeethttps://infosecwriteups.com/lfi-advanced-methodology-by-abhijeet-6663bede44c6?source=rss------bug_bounty-5Abhijeet kumawatinfosec, lfi, hacking, money, bug-bounty19-Feb-2025
How to Identify a Server’s Origin IP — And Why?https://medium.com/@verylazytech/how-to-identify-a-servers-origin-ip-and-hy-b6312af71e51?source=rss------bug_bounty-5Very Lazy Techbypass, penetration-testing, cloudflare, ethical-hacking, bug-bounty19-Feb-2025
JSFScan: Automation for JavaScript Recon in Bug Bountyhttps://bevijaygupta.medium.com/jsfscan-automation-for-javascript-recon-in-bug-bounty-af3273ac61bf?source=rss------bug_bounty-5Vijay Kumar Guptarecon, automation, javascript, bug-bounty, jsfscan19-Feb-2025
Turning XSS into Account Takeover (ATO): How to Level Up Your Exploit $$$https://medium.com/@HackerNasr/turning-xss-into-account-takeover-ato-how-to-level-up-your-exploit-16126c271476?source=rss------bug_bounty-5HackerNasrcybersecurity, hacking, penetration-testing, ethical-hacking, bug-bounty19-Feb-2025
EASY P3 “Broken Access Control”https://medium.com/@a0xtrojan/easy-p3-broken-access-control-a178dcda8c58?source=rss------bug_bounty-5A0X_Trojanbug-bounty, broken-access-control, privilege-escalation, medium, bug-bounty-writeup19-Feb-2025
CAPHTBhttps://medium.com/@a.essam0_o/caphtb-32d9a8c5ded1?source=rss------bug_bounty-5A.Essamhacking, networking, ssh, privilege-escalation, bug-bounty19-Feb-2025
Bug Bounty Methodology: Exploiting Dev & Staging Environments for Maximum Bountyhttps://medium.com/@zerodaystories/bug-bounty-methodology-exploiting-dev-staging-environments-for-maximum-bounty-414419faf744?source=rss------bug_bounty-50day storiespenetration-testing, bug-bounty-writeup, bug-bounty, bug-bounty-tips, cybersecurity19-Feb-2025
$50-$100 P5 & P4 Bug Automation with Nucleihttps://cybersecuritywriteups.com/50-100-p5-p4-bug-automation-with-nuclei-e7fce9a60dfd?source=rss------bug_bounty-5It4chis3csecrets, nuclei-template, nucleus, bug-bounty, hidden19-Feb-2025
Hacked My Way Into Google’s Hall of Fame! The Relentless Bug Bounty Hunthttps://rootxabit.medium.com/hacked-my-way-into-googles-hall-of-fame-the-relentless-bug-bounty-hunt-75d9d2cdd8a0?source=rss------bug_bounty-5xabit • hacksbug-bounty, google, hacker, tryhackme, bugcrowd19-Feb-2025
The Web Application Hacker’s Handbook: Web Application (In)securityhttps://medium.com/@muhammad4208/the-web-application-hackers-handbook-web-application-in-security-b2e7df531100?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty, bug-bounty-tips, web-application-security19-Feb-2025
Subdomain Enumeration: Expanding the Attack Surfacehttps://medium.com/@muhammad4208/subdomain-enumeration-expanding-the-attack-surface-5fefe74f1d83?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty, bug-bounty-hunter, bug-bounty-program, subdomains-enumeration, bug-bounty-tips19-Feb-2025
How I Stumbled Upon India’s Government Data Leak – and Why It’s a Wake-Up Callhttps://medium.com/@warisjeet31/how-i-stumbled-upon-indias-government-data-leak-and-why-it-s-a-wake-up-call-c90695d84a29?source=rss------bug_bounty-5sin99xxinformation-technology, bug-bounty, infosec, penetration-testing, cybersecurity19-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-102)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-102-33f5cc96116c?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, hacking, bug-bounty-tips, ethical-hacking, bug-bounty19-Feb-2025
How I Found a CSRF via a misconfiguration in graphqlhttps://medium.com/@ismailismailgamal52/how-i-found-a-csrf-via-a-misconfiguration-in-graphql-42676a1e12b7?source=rss------bug_bounty-5ISMAILSHADOWbug-bounty, graphql, csrf19-Feb-2025
Did You Know … A Woman Launched the U.S. Government’s First Bug Bounty Programhttps://medium.com/did-you-know-short-fun-facts/did-you-know-a-woman-launched-the-u-s-governments-first-bug-bounty-program-3b7a32ebf00b?source=rss------bug_bounty-5Marisa Tranchitella Foltzcybersecurity, did-you-know, bug-bounty, women-in-tech, people19-Feb-2025
“There is no subdomain with no usage” How understanding this rule led to 5 Criticalshttps://kalawy.medium.com/there-is-no-subdomain-with-no-usage-how-understanding-this-rule-led-to-5-criticals-59e815ca6df2?source=rss------bug_bounty-5Kalawyinformation-disclosure, bug-bounty, ssrf, bug-hunting, hacking19-Feb-2025
EASY P3 “Broken Access Control”https://medium.com/@a0xtrojan/easy-p3-broken-access-control-7c28702cb1ee?source=rss------bug_bounty-5A0X_Trojanbroken-access-control, bug-bounty, privilege-escalation, bug-bounty-writeup, medium19-Feb-2025
How a GraphQL Misconfiguration Exposed Sensitive Information: A $25,000 Bug Bounty Reporthttps://cyberw1ng.medium.com/how-a-graphql-misconfiguration-exposed-sensitive-information-a-25-000-bug-bounty-report-a8207bc7ff11?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, cybersecurity, jobs, careers, bug-bounty19-Feb-2025
How a GraphQL Misconfiguration Exposed Sensitive Information: A $25,000 Bug Bounty Reporthttps://osintteam.blog/how-a-graphql-misconfiguration-exposed-sensitive-information-a-25-000-bug-bounty-report-a8207bc7ff11?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, cybersecurity, jobs, careers, bug-bounty19-Feb-2025
✨$500 HTML Injection in Snapchathttps://cybersecuritywriteups.com/500-html-injection-in-snapchat-c546282f1f60?source=rss------bug_bounty-5Abhijeet kumawathacking, infosec, html, snapchat, bug-bounty18-Feb-2025
How I Bypassed BookMyShow’s OTP Limit with Just a Space & Got ₹1000 for It!https://infosecwriteups.com/how-i-bypassed-bookmyshows-otp-limit-with-just-a-space-got-1000-for-it-70eab29fb6aa?source=rss------bug_bounty-5Vivek PSbug-bounty-writeup, hacking, progamming, web-security, bug-bounty18-Feb-2025
No email verification leads to an Oauth account takeover.https://infosecwriteups.com/no-email-verification-leads-to-an-oauth-account-takeover-02eb30496939?source=rss------bug_bounty-5loyalonlytodayawareness, bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips18-Feb-2025
Android App Endpoint API Discovery Using Static Analysis Methodshttps://medium.com/@BugRey/android-app-endpoint-api-discovery-using-static-analysis-methods-2cb2c83ccfbb?source=rss------bug_bounty-5./Rey~bug-bounty-tips, pentesting, penetration-testing, bug-bounty, android-security18-Feb-2025
Practical Guide Arbitrary File Uploadhttps://medium.com/@BugRey/practical-guide-arbitrary-file-upload-7c6a6e6becd6?source=rss------bug_bounty-5./Rey~bug-bounty-tips, web-security, penetration-testing, pentesting, bug-bounty18-Feb-2025
Monday Vulnerability Disclosure (February 17, 2025)https://medium.com/@bombhajohn/monday-vulnerability-disclosure-february-17-2025-08d7fe29c39b?source=rss------bug_bounty-5Folks47gheebug-bounty, data, cybersecurity, data-leak18-Feb-2025
JavaScript for Hackers: A Full Tutorialhttps://medium.com/@hrofficial62/javascript-for-hackers-a-full-tutorial-84a2be091427?source=rss------bug_bounty-5Mr Horbiocybersecurity, javascript, bug-bounty, pentesting, ethical-hacking18-Feb-2025
Hackyholidays CTF (Grinch Network) Write-Up | Part 1 | Hacker101 CTFhttps://medium.com/@sari.mmusab/hackyholidays-ctf-grinch-network-write-up-part-1-hacker101-ctf-4dcf8d1fb2ed?source=rss------bug_bounty-5Musab Sarıburpsuite, ctf, web, bug-bounty, cybersecurity18-Feb-2025
Ever Found a Valid Bug/Leaks in JavaScript Files? Part 1https://systemweakness.com/ever-found-a-valid-bug-leaks-in-javascript-files-part-1-efe1f535983b?source=rss------bug_bounty-5It4chis3cextraction, secrets, js, javascript, bug-bounty18-Feb-2025
How I Hacked My Own Phone, Found 2 Critical Vulnerabilities, and Cashed In $1,500https://medium.com/@krishna9823420058/how-i-hacked-my-own-phone-found-2-critical-vulnerabilities-and-cashed-in-1-500-139535f25fa1?source=rss------bug_bounty-5Krish_cyberbug-bounty, osint, bug-bounty-tips, cybersecurity, idor18-Feb-2025
Improper Authentication: Account TakeOverhttps://medium.com/@mvenkata.bharath/improper-authentication-account-takeover-5dc9095c0b28?source=rss------bug_bounty-5Bharath Kumarauthentication, bug-bounty, cybersecurity, information-security, security-research18-Feb-2025
Insecure Direct Object Reference — Simple casehttps://medium.com/@mvenkata.bharath/insecure-direct-object-reference-simple-case-1bc2afd4e362?source=rss------bug_bounty-5Bharath Kumarbug-bounty, cybersecurity, information-security, idor-vulnerability18-Feb-2025
Instagram Authentication Flaw in Android Apphttps://medium.com/@akashkarmakar787/instagram-authentication-flaw-in-android-app-cf2a59e6a175?source=rss------bug_bounty-5Akash Karmakarinstagram, bug-bounty, facebook, login, security18-Feb-2025
Recon — Finding Information About a Targethttps://medium.com/@yassentaalab51/recon-finding-information-about-a-target-ff146160fb1a?source=rss------bug_bounty-5Killuacybersecurity, penetration-testing, bug-bounty, recon18-Feb-2025
Unverified Email Change Flaw on Apps.Target.com: A Sneaky Account Takeover Trickhttps://infosecwriteups.com/unverified-email-change-flaw-on-apps-target-com-a-sneaky-account-takeover-trick-2d3402223f4f?source=rss------bug_bounty-5JEETPALcybersecurity, bug-bounty, bugbounty-writeup, account-takeover, bug-bounty-tips18-Feb-2025
CORS + XSS : Chaining Vulnerabilities for Critical Data Extractionhttps://medium.com/@blify/cors-xss-chaining-vulnerabilities-for-critical-data-extraction-aed9d8fbd814?source=rss------bug_bounty-5Blifysecurity, bug-bounty, hacking, bug-bounty-writeup18-Feb-2025
Mastering Bug Bounties in 2025 — The Smart Way to Hunt & Earn Bighttps://medium.com/@shaheeryasirofficial/mastering-bug-bounties-in-2025-the-smart-way-to-hunt-earn-big-df69d78ddb10?source=rss------bug_bounty-5Shaheer Yasirbug-bounty-tips, cybersecurity, hackerone, hacking, bug-bounty18-Feb-2025
Ever Found a Valid Bug/Leaks in JavaScript Files in Bug Bounties?https://infosecwriteups.com/ever-found-a-valid-bug-leaks-in-javascript-files-in-bug-bounties-81ba362612a7?source=rss------bug_bounty-5It4chis3cjs, bug-bounty, javascript, practical, secrets18-Feb-2025
$4000 Blind SQL Injection in inDrivehttps://medium.com/@kumawatabhijeet2002/4000-blind-sql-injection-in-indrive-a0a4dcd99cb9?source=rss------bug_bounty-5Abhijeet kumawathacking, infosec, sql-injection, money, bug-bounty18-Feb-2025
️‍♂️ How to Start Bug Hunting Using These 5 Simple Stepshttps://medium.com/@vipulsonule71/%EF%B8%8F-%EF%B8%8F-how-to-start-bug-hunting-using-these-5-simple-steps-1c15f227f852?source=rss------bug_bounty-5Vipul Sonulehacking, technology, machine-learning, cybersecurity, bug-bounty18-Feb-2025
How I Discovered a 0-Click Account Takeover (ATO) Vulnerability in a Flutter Applicationhttps://medium.com/@k3r0/how-i-discovered-a-0-click-account-takeover-ato-vulnerability-in-a-flutter-application-74c7a5c4dc70?source=rss------bug_bounty-5Kyrillos nadyflutter, penetration-testing, android-pentesting, hacking, bug-bounty18-Feb-2025
Registration logic error — 2500$ bug bountyhttps://theclemvp.medium.com/registration-logic-error-2500-bug-bounty-72728ce5ffd0?source=rss------bug_bounty-5Molx32security, web-security, writeup, cybersecurity, bug-bounty18-Feb-2025
Day 13: Chaining Improper Authentication to IDOR and No Rate Limit for Mass Account Takeoverhttps://medium.com/@danielbelay/day-13-chaining-improper-authentication-to-idor-and-no-rate-limit-for-mass-account-takeover-bd6be94a96c3?source=rss------bug_bounty-5dani3laccount-takeover-attacks, bug-bounty18-Feb-2025
The Highest-Paid Bug Bounty Hunters in the World (And Their Secrets)https://medium.com/@krishna9823420058/the-highest-paid-bug-bounty-hunters-in-the-world-and-their-secrets-2e0f13d4fc6a?source=rss------bug_bounty-5Krish_cybercybersecurity, infosec, ethical-hacking, hacking, bug-bounty18-Feb-2025
Finding Peace in the Chaos: A Security Researcher’s Perspectivehttps://medium.com/@thedevtaskofficial/finding-peace-in-the-chaos-a-security-researchers-perspective-06812e7ff767?source=rss------bug_bounty-5thedevtask officialsecurity, vulnerability, peace, bug-bounty, philosophy18-Feb-2025
Reconnaissance with Sn1per: Is This the Ultimate Recon Weapon?https://medium.com/@paritoshblogs/reconnaissance-with-sn1per-is-this-the-ultimate-recon-weapon-b05bf69dc8e1?source=rss------bug_bounty-5Paritoshhacking, bug-bounty, information-technology, cybersecurity, sn1per18-Feb-2025
Bug Bounty in 2025: Part 3 — Investigating 4 Open Redirect Reports at HackerOne, So You Don’t Have…https://medium.com/@halfcircassian/bug-bounty-in-2025-part-3-investigating-4-open-redirect-reports-at-hackerone-so-you-dont-have-499948a0e6b1?source=rss------bug_bounty-5Sıla Özerenbug-bounty-tips, open-redirect, bug-bounty, bug-bounty-writeup, hackerone18-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-101)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-101-ef5f9ed33841?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, hacking, ethical-hacking, bug-bounty, cybersecurity18-Feb-2025
The Biggest Bug Bounty Mythshttps://medium.com/@hackrate/the-biggest-bug-bounty-myths-ec5b56b39e5e?source=rss------bug_bounty-5Levente Molnarbug-bounty, hacking, ethical-hacking, bug-bounty-tips, cybersecurity18-Feb-2025
The Hidden Risks in Multipart/Form-Data Requestshttps://medium.com/@melodicbook/the-hidden-risks-in-multipart-form-data-requests-65a8f8557b22?source=rss------bug_bounty-5Sam Mirovbug-bounty-tips, api-security, security-research, bug-bounty, web-application-security18-Feb-2025
Advanced Techniques to Discover and Secure Exposed Credentials Onlinehttps://cyberw1ng.medium.com/advanced-techniques-to-discover-and-secure-exposed-credentials-online-977e5ec53095?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, jobs, education, cybersecurity18-Feb-2025
How to Earn $50k Finding Critical Vulnerabilities in Bug Bountyhttps://medium.com/@ibtissamhammadi/how-to-earn-50k-finding-critical-vulnerabilities-in-bug-bounty-b78806051ab8?source=rss------bug_bounty-5Ibtissam Hammaditechnology, bug-bounty, hacking, cybersecurity, programming18-Feb-2025
Steal Secrets From The Web: Master Parameter Fuzzing | Recon Part 9https://it4chis3c.medium.com/ever-used-burp-suite-to-the-fullest-recon-part-9-22c389a29ad7?source=rss------bug_bounty-5It4chis3cbug-bounty, parameter, fuzzing, extraction, secrets17-Feb-2025
How I Found an Open Redirect Vulnerability Easily (Worth $500!)https://cybersecuritywriteups.com/how-i-found-an-open-redirect-vulnerability-easily-worth-500-d677d7693c06?source=rss------bug_bounty-5Abhijeet kumawatopen-redirect, bugbounty-tips, infosec, bug-bounty, hacking17-Feb-2025
The Rise of Industrialized Cybercrime: How Threat Actors Scaled Their Operationshttps://medium.com/@paritoshblogs/the-rise-of-industrialized-cybercrime-how-threat-actors-scaled-their-operations-0e863667a383?source=rss------bug_bounty-5Paritoshcybersecurity, hacking, information-technology, cybercrime, bug-bounty17-Feb-2025
Finding Vulnerabilities with Nmaphttps://medium.com/@dasmanish6176/finding-vulnerabilities-with-nmap-713bd8693369?source=rss------bug_bounty-5Dasmanishnmap, network-security, ethical-hacking, bug-bounty, cybersecurity17-Feb-2025
Hidden method to find Bugcrowd Programshttps://medium.com/meetcyber/hidden-method-to-find-bugcrowd-programs-c6ac027be4f4?source=rss------bug_bounty-5AbhirupKonwarethical-hacking, pentesting, bug-bounty, osint, bug-bounty-tips17-Feb-2025
Bug Hunting Automationhttps://infosecwriteups.com/bug-hunting-automation-f91ce2ce70bc?source=rss------bug_bounty-5Monika sharmatechnology, penetration-testing, bug-bounty, bug-bounty-tips, hacking17-Feb-2025
API Endpoints Discovery using Kiterunnerhttps://bitpanic.medium.com/api-endpoints-discovery-using-kiterunner-ded82e092543?source=rss------bug_bounty-5Spectat0rguycybersecurity, bug-bounty, ai-generated-content, technology, programming17-Feb-2025
How a Simple Graphql Vulnerability led to Admin Dashboardhttps://medium.com/@rishi1.beria/how-a-simple-graphql-vulnerability-led-to-admin-dashboard-2fb10df3607a?source=rss------bug_bounty-5Rishi Beriapenetration-testing, hacking, cybersecurity, bug-bounty, graphql17-Feb-2025
Finding more subdomains using security trails api keyhttps://infosecwriteups.com/finding-more-subdomains-using-security-trails-api-key-0abdadd60574?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, hacking, reconnaissance, subdomain17-Feb-2025
Exploiting the Log4j Vulnerability (CVE-2021–44228) — Proof of Concept (PoC)https://medium.com/@muhammadwaseem29/exploiting-the-log4j-vulnerability-cve-2021-44228-proof-of-concept-poc-9b462b73b7a8?source=rss------bug_bounty-5Muhammad Waseemhacking, bug-bounty-tips, infosec, cybersecurity, bug-bounty17-Feb-2025
From Curiosity to $10,000: How I Found a Critical Account Takeover Bughttps://medium.com/@rahulgairola/from-curiosity-to-10-000-how-i-found-a-critical-account-takeover-bug-ca6dd169c36b?source=rss------bug_bounty-5Rahul Gairolabug-bounty-tips, bug-bounty-writeup, account-takeover, bug-bounty, authentication-bypass17-Feb-2025
A Beginner’s Guide to Bash [Special for Hackerhttps://medium.com/@hrofficial62/a-beginners-guide-to-bash-special-for-hacker-ffe5c7ce4c21?source=rss------bug_bounty-5Mr Horbiocybersecurity, pentesting, kali-linux, bug-bounty, bash17-Feb-2025
Zoho Account Takeover: How a Single Click Can Lead to Full Control over your Zoho accounthttps://infosecwriteups.com/zoho-account-takeover-how-a-single-click-can-lead-to-full-control-over-your-zoho-account-cd6f0c245272?source=rss------bug_bounty-5HackerWithOutHatinfose, javascript, bug-bounty, security17-Feb-2025
WHAT IS THE IMPORTANCE OF FINDING AQUISITIONS FOR BUG BOUNTY.https://osintteam.blog/what-is-the-importance-of-finding-aquisitions-for-bug-bounty-3d4920796dc5?source=rss------bug_bounty-5loyalonlytodayawareness, tips, cybersecurity, bug-bounty, hacking17-Feb-2025
How to Find Subdomains Using Shodan and the Favicon Hash Trick on Kali Linuxhttps://medium.com/@securitytalent/how-to-find-subdomains-using-shodan-and-the-favicon-hash-trick-on-kali-linux-8829e3d10297?source=rss------bug_bounty-5MD Mehedi Hasanfavicon-hash-trick, bug-bounty, find-subdomain17-Feb-2025
I Pasted a Simple HTML Code on BookMyShow… and Got ₹1000 for It!https://infosecwriteups.com/i-pasted-a-simple-html-code-on-bookmyshow-and-got-1000-for-it-26313f0e2115?source=rss------bug_bounty-5Vivek PSweb-security, programming, bug-bounty, bug-bounty-writeup, hacking17-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-100)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-100-ded60fc66bf5?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, ethical-hacking, bug-bounty, bug-bounty-tips, cybersecurity17-Feb-2025
Top CVEs to Watch in 2025: Hunting Critical Bugshttps://medium.com/@zerodaystories/top-cves-to-watch-in-2025-hunting-critical-bugs-3d7fee7ef95e?source=rss------bug_bounty-50day storiesbug-bounty-tips, technology, penetration-testing, cybersecurity, bug-bounty17-Feb-2025
IDOR Vulnerability in Group Profile Picture Feature($$)https://medium.com/@Tanvir0x1/idor-vulnerability-in-group-profile-picture-feature-72bbf96e0f6e?source=rss------bug_bounty-5Tanvir Ahmedbugs, bug-bounty-tips, bug-bounty17-Feb-2025
Ethical Hacking Roadmap 2025: Your Ultimate Guide to Landing a Cybersecurity Job!https://medium.com/@krishna9823420058/ethical-hacking-roadmap-2025-your-ultimate-guide-to-landing-a-cybersecurity-job-57b0367fb070?source=rss------bug_bounty-5Krish_cyberhacking, bug-bounty, ai, cybersecurity, ethical-hacking17-Feb-2025
Bug Bounty 101 for Companieshttps://medium.com/@hackrate/bug-bounty-101-for-companies-a6747ae0e3bb?source=rss------bug_bounty-5Levente Molnarbug-bounty-tips, hacking, bug-bounty, cybersecurity, ethical-hacking17-Feb-2025
How to Find SQL Injection and Get Bounty of $100, $200, $500https://medium.com/@kumawatabhijeet2002/how-to-find-sql-injection-and-get-bounty-of-100-200-500-f44e0df0ba77?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, money, sql-injection, infosec, hacking17-Feb-2025
Top 7 Payloads lists Every Bug Bounty Hunter Need To Knowhttps://medium.com/@verylazytech/top-7-payloads-lists-every-bug-bounty-hunter-need-to-know-bbb72c87c779?source=rss------bug_bounty-5Very Lazy Techpenetration-testing, bug-bounty, red-team, payload, ethical-hacking17-Feb-2025
Subdomain Bruteforcing Using Burp Suite: A Step-by-Step Guide for Ethical Hackershttps://medium.com/@hacker_might/subdomain-bruteforcing-using-burp-suite-a-step-by-step-guide-for-ethical-hackers-6f48f59b9f00?source=rss------bug_bounty-5hacker_mightbug-bounty, reconnaissance, subdomains-enumeration, brute-force, burpsuite17-Feb-2025
10 Secrets Every Bug Bounty Hunter Must Knowhttps://medium.com/@ibtissamhammadi/10-secrets-every-bug-bounty-hunter-must-know-20d71c3858a7?source=rss------bug_bounty-5Ibtissam Hammadicybersecurity, infosec, tech-career, bug-bounty, hacking17-Feb-2025
Open Redirect to Xsshttps://medium.com/@0x_karim/open-redirect-to-xss-d35eb8eb1cf4?source=rss------bug_bounty-50xkarimbug-hunting, bug-bounty-tips, bug-bounty, hackerone, hacking17-Feb-2025
Finding Exposed Credentials and Sensitive Data in Cloud, Repositories, and Logshttps://cyberw1ng.medium.com/finding-exposed-credentials-and-sensitive-data-in-cloud-repositories-and-logs-a4a4c9e5323c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, jobs, hacking, bug-bounty, cybersecurity17-Feb-2025
Bug Bounty Recon: Mastering the Art of Information Gathering (Part 1)https://medium.com/@weaponshot/bug-bounty-recon-mastering-the-art-of-information-gathering-part-1-01e24bb24462?source=rss------bug_bounty-5Matyis Kongcybersecurity, bug-bounty17-Feb-2025
Finding Exposed Credentials and Sensitive Data in Cloud, Repositories, and Logshttps://osintteam.blog/finding-exposed-credentials-and-sensitive-data-in-cloud-repositories-and-logs-a4a4c9e5323c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, jobs, hacking, bug-bounty, cybersecurity17-Feb-2025
$500 How I Found XSS Using ChatGPThttps://medium.com/@kumawatabhijeet2002/500-how-i-found-xss-using-chatgpt-ec55792e35bb?source=rss------bug_bounty-5Abhijeet kumawatxss-attack, hacking, chatgpt, bug-bounty, ai16-Feb-2025
Finding a p4 as per bug crowd vrthttps://cybersecuritywriteups.com/finding-a-p4-as-per-bug-crowd-vrt-1de5f8074cda?source=rss------bug_bounty-5loyalonlytodaybug-bounty, bugs, cybersecurity, ethical-hacking, 4ps16-Feb-2025
Bug Bounty Hunting: Automatic Vulnerability Discovery Using Fuzzershttps://medium.com/@muhammad4208/bug-bounty-hunting-automatic-vulnerability-discovery-using-fuzzers-6da56581c8ae?source=rss------bug_bounty-5Muhammad Abdullah Niaziweb-testing, bug-bounty-hunter, bug-bounty, bug-bounty-program, bug-bounty-tips16-Feb-2025
Bug Bounty Hunting: Web Vulnerability (API Testing)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-api-testing-96a49acc4f35?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-tips, bug-bounty, api-testing, bug-bounty-hunter, bug-bounty-program16-Feb-2025
Bug Bounty Hunting: Web Vulnerability (Android Hacking Apps)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-android-hacking-apps-c74f85e81c90?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-tips, bug-bounty, android-hacking-tool, bug-bounty-program, bug-bounty-hunter16-Feb-2025
IDOR Nightmare: Indian Post Office Portal Exposed Thousands of KYC Records with Article ID with…https://systemweakness.com/idor-nightmare-indian-post-office-portal-exposed-thousands-of-kyc-records-with-article-id-with-735cc35a3984?source=rss------bug_bounty-5Gokuleswaran Bidor-vulnerability, bugbounty-writeup, bug-bounty, bug-bounty-writeup, idor16-Feb-2025
Business Logic Vulnerabilitieshttps://medium.com/@0x1di0t/business-logic-vulnerabilities-843ea2a316f2?source=rss------bug_bounty-5Wahid Najimbug-bounty-writeup, business-logic-flaw, business-logic, bug-bounty, business-logic-bug16-Feb-2025
LivePwn Tool: The Ultimate Swiss Army Knife for Hackers and Bug Bounty Huntershttps://livepwn.medium.com/livepwn-tool-the-ultimate-swiss-army-knife-for-hackers-and-bug-bounty-hunters-6faac2c7157c?source=rss------bug_bounty-5livepwncybersecurity, ctf, cybertool, bug-bounty, hacking16-Feb-2025
How I Found a Sensitive Data Leak in Microsoft!”https://rootxabit.medium.com/how-i-found-a-sensitive-data-leak-in-microsoft-6c20c66d0ead?source=rss------bug_bounty-5xabit • hacksbug-bounty, hacking, hacker, medium, microsoft16-Feb-2025
CORS vs Access-Control-Allow-Originhttps://medium.com/@shadyfarouk1986/cors-vs-access-control-allow-origin-af5cecc3f4c7?source=rss------bug_bounty-5Shady Faroukbug-bounty-program, bug-bounty, bug-bounty-writeup, bug-bounty-tips16-Feb-2025
Day 11: Full Account Takeover (ATO) — A Tale of Two Bugshttps://medium.com/@danielbelay/day-11-full-account-takeover-ato-a-tale-of-two-bugs-2e630aeb56ff?source=rss------bug_bounty-5dani3lbug-bounty, account-takeover16-Feb-2025
Hacking Exposed .git Directories: Because Developers Still Don’t Learnhttps://medium.com/@mahad.ahmed0x1/hacking-exposed-git-directories-because-developers-still-dont-learn-095de0b96e2c?source=rss------bug_bounty-5404NotPentestedinformation-security, infosec, cybersecurity, penetration-testing, bug-bounty16-Feb-2025
$9,060 OS Command Injection — Private Bug Bounty P1 | 2023https://medium.com/@krishna9823420058/9-060-os-command-injection-private-bug-bounty-p1-2023-c9ac83a0fe2a?source=rss------bug_bounty-5Krish_cyberosint, bugs, hacking, infosec-write-ups, bug-bounty16-Feb-2025
Portswigger Web Security Academy : “Excessive trust in client-side controls” walkthroughhttps://medium.com/@Kinqdathacker/portswigger-web-security-academy-excessive-trust-in-client-side-controls-walkthrough-ddf5457a6e7b?source=rss------bug_bounty-5Kinqdathackerweb-hacking, penetration-testing, ctf, bug-bounty, business-logic-flaw16-Feb-2025
How To Discover Hidden Endpointshttps://medium.com/@kumawatabhijeet2002/how-to-discover-hidden-endpoints-fef261d619c1?source=rss------bug_bounty-5Abhijeet kumawatsecrets, bug-bounty, infosec, hidden, hacking16-Feb-2025
Top Web Application Penetration Testing Tools in 2025: A Comprehensive Guide for Ethical Hackershttps://medium.com/@verylazytech/top-web-application-penetration-testing-tools-in-2025-a-comprehensive-guide-for-ethical-hackers-863c0640baab?source=rss------bug_bounty-5Very Lazy Techhacking, bug-bounty, cyber, ethical-hacking, penetration-testing16-Feb-2025
Bug Bounty 101: How to Get Started and Earn Your First Rewardhttps://medium.com/@krishna9823420058/bug-bounty-101-how-to-get-started-and-earn-your-first-reward-4693846cc553?source=rss------bug_bounty-5Krish_cyberbug-bounty, information-security, ethical-hacking, osint, infosec16-Feb-2025
Discovering the Power of WaybackURLs: A Tool for Web Archiving and Reconnaissancehttps://medium.com/@cyberawareness/discovering-the-power-of-waybackurls-a-tool-for-web-archiving-and-reconnaissance-2881a1fc614e?source=rss------bug_bounty-5SourceFul Spacewayback-machine, penetration-testing, cybersecurity, bug-bounty, waybackurls16-Feb-2025
find hidden subdomainhttps://medium.com/@dark_zone/find-hidden-subdomain-5d7cc42de1e8?source=rss------bug_bounty-5darkzonebug-bounty, bug-bounty-tips16-Feb-2025
How a Simple RFI Turned into a $300 RCE Jackpot — A Hacker’s Wild Ride!https://medium.com/@krishna9823420058/how-a-simple-rfi-turned-into-a-300-rce-jackpot-a-hackers-wild-ride-207e636e2398?source=rss------bug_bounty-5Krish_cyberpenetration-testing, bug-bounty, vulnerability, cybersecurity, ethical-hacking16-Feb-2025
“Hack the Bounty: Automate Bug Hunting & Get a Free VPS to Supercharge Your Game!”https://medium.com/@krishna9823420058/hack-the-bounty-automate-bug-hunting-get-a-free-vps-to-supercharge-your-game-8ee8ed90b5dc?source=rss------bug_bounty-5Krish_cyberinfosec, cybersecurity, money, ethical-hacking, bug-bounty16-Feb-2025
How to Earn $100k as a Bug Bounty Hunterhttps://medium.com/@ibtissamhammadi/how-to-earn-100k-as-a-bug-bounty-hunter-584690e63ab4?source=rss------bug_bounty-5Ibtissam Hammadicybersecurity, ethical-hacking, bug-bounty, tech-career, programming16-Feb-2025
XSS Hunting Like a Pro: The Ultimate Guide to Finding Cross-Site Scripting Bugshttps://medium.com/@krishna9823420058/xss-hunting-like-a-pro-the-ultimate-guide-to-finding-cross-site-scripting-bugs-3a459245b4bc?source=rss------bug_bounty-5Krish_cyberosint, sql-injection, bug-bounty, xss-attack, hacking16-Feb-2025
Mastering SQL Injection: The Ultimate Guide to Finding Vulnerabilities Like a Prohttps://medium.com/@krishna9823420058/mastering-sql-injection-the-ultimate-guide-to-finding-vulnerabilities-like-a-pro-e64a0ba2d257?source=rss------bug_bounty-5Krish_cyberosint, ethical-hacking, sql-injection, bug-bounty, cybersecurity16-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-99)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-99-a31faa45f6b8?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, bug-bounty, hacking, bug-bounty-tips, ethical-hacking16-Feb-2025
Bypassing OTP via Inspect Elementhttps://medium.com/@noobsechunter/bypassing-otp-via-inspect-element-c95e8df29e54?source=rss------bug_bounty-5Whoamilearning, bug-bounty, otp-bypass, beginner16-Feb-2025
From Noob to $10k: How I Cracked the Bug Bounty Code as a Beginner! ✨https://medium.com/@krishna9823420058/from-noob-to-10k-how-i-cracked-the-bug-bounty-code-as-a-beginner-f4a672ec3169?source=rss------bug_bounty-5Krish_cyberinformation-security, bug-bounty, hacking, osint, ethical-hacking16-Feb-2025
The Ultimate Bug Bounty Hunter’s Toolkit: Must-Have Tools to Hack Your Way to Success! ️‍♂️https://medium.com/@krishna9823420058/the-ultimate-bug-bounty-hunters-toolkit-must-have-tools-to-hack-your-way-to-success-%EF%B8%8F-%EF%B8%8F-be4dfc958d4b?source=rss------bug_bounty-5Krish_cyberbug-bounty, bug-bounty-tips, hacking, ethical-hacking, osint16-Feb-2025
Hackers Assemble: The Vulniverse Sagahttps://medium.com/@abhishek-ji/hackers-assemble-the-vulniverse-saga-84992359a522?source=rss------bug_bounty-5Abhishek Guptaparuluniversity, bug-bounty, web-app-security, cybersecurity, the-hackers-meetup16-Feb-2025
How to Write the Perfect Bug Bounty Report (With Examples!)https://medium.com/@krishna9823420058/how-to-write-the-perfect-bug-bounty-report-with-examples-5d95b95559ea?source=rss------bug_bounty-5Krish_cyberbug-bounty-tips, bug-bounty, cybersecurity, osint, bug-bounty-writeup16-Feb-2025
Top 10 Platforms to Find Bug Bounty Programs in 2025: Hunt Bugs, Earn Cash, and Save the…https://medium.com/@krishna9823420058/top-10-platforms-to-find-bug-bounty-programs-in-2025-hunt-bugs-earn-cash-and-save-the-dbc9a6ac13d1?source=rss------bug_bounty-5Krish_cyberethical-hacking, osint, bug-bounty, infosec-write-ups, bug-bounty-tips16-Feb-2025
Log4j RCE Vulnerability (CVE-2021–44228) Exploitationhttps://medium.com/@muhammadwaseem29/log4j-rce-vulnerability-cve-2021-44228-exploitation-041ff74e1349?source=rss------bug_bounty-5Muhammad Waseemcyber, rce, bug-bounty-tips, bug-bounty, hacking16-Feb-2025
# Exposure of Internal PHP Source Code Leading to Credential & Sensitive Data Leakagehttps://medium.com/@bevennyamande/exposure-of-internal-php-source-code-leading-to-credential-sensitive-data-leakage-209383740e1e?source=rss------bug_bounty-50xbevenbug-bounty-writeup, bug-bounty-tips, bug-bounty16-Feb-2025
How to Extract Information from Websites: Automated OSINT Techniques and Toolshttps://cyberw1ng.medium.com/how-to-extract-information-from-websites-automated-osint-techniques-and-tools-434204e9c9dc?source=rss------bug_bounty-5Karthikeyan Nagarajjobs, osint, cybersecurity, bug-bounty, careers16-Feb-2025
Symfonos2 Security Challengehttps://medium.com/@Y_Waheed/symfonos2-security-challenge-3d6a2a514f37?source=rss------bug_bounty-5Joopenetration-testing, bug-bounty, bug-bounty-writeup, cybersecurity16-Feb-2025
How I Found My First Bug: A Beginner’s Guide to Bug Bounty Huntinghttps://medium.com/@azizkilani88/how-i-found-my-first-bug-a-beginners-guide-to-bug-bounty-hunting-f41afef630d3?source=rss------bug_bounty-5A_SKILLER_007bugbounty-tips, bug-bounty, cybersecurity16-Feb-2025
How to Extract Information from Websites: Automated OSINT Techniques and Toolshttps://osintteam.blog/how-to-extract-information-from-websites-automated-osint-techniques-and-tools-434204e9c9dc?source=rss------bug_bounty-5Karthikeyan Nagarajjobs, osint, cybersecurity, bug-bounty, careers16-Feb-2025
Breaking Architect: Matrix AI Security Challenge by Repellohttps://osintteam.blog/breaking-architect-matrix-ai-security-challenge-by-repello-6853c34a6874?source=rss------bug_bounty-5Rudrakshackerai, prompt-engineering, cybersecurity, bug-bounty, chatbots15-Feb-2025
From Recon to Exploitation: The Power of TerminatorZhttps://osintteam.blog/from-recon-to-exploitation-the-power-of-terminatorz-e86d8bf59c08?source=rss------bug_bounty-5Monika sharmatechnology, penetration-testing, bug-bounty, hacking, bug-bounty-tips15-Feb-2025
How to Easily Find Exposed Credentials in Bug Huntinghttps://osintteam.blog/how-to-easily-find-exposed-credentials-in-bug-hunting-bb70ac603bae?source=rss------bug_bounty-5RivuDonhacking, bug-bounty, infosec, bug-bounty-writeup, bug-bounty-tips15-Feb-2025
Day 10:Turned Cookie-Based XSS into Account Takeoverhttps://medium.com/@danielbelay/day-10-turned-cookie-based-xss-into-account-takeover-ea28620f2888?source=rss------bug_bounty-5dani3lbug-bounty, ethical-hacking15-Feb-2025
WEB APP PENTESTING CHECKLIST 2025https://medium.com/@shaheeryasirofficial/web-app-pentesting-checklist-2025-438eb646b47a?source=rss------bug_bounty-5Shaheer Yasiroffensive-security, web-app-security, bug-bounty, ethical-hacking, pentesting15-Feb-2025
Command Execution in Bug Bounties: How to Find, Test, and Exploithttps://rootxabit.medium.com/command-execution-in-bug-bounties-how-to-find-test-and-exploit-4f863c4a7240?source=rss------bug_bounty-5xabit • hacksbug-bounty, recon, osint, oscp, website-hacking15-Feb-2025
Rate Limits Bypassed — Business Logic Flawhttps://medium.com/@muhammad_saud/rate-limits-bypassed-business-logic-flaw-948a11dce0e4?source=rss------bug_bounty-5Msaudbug-bounty, hackerone, bug-bounty-writeup, penetration-testing, hacking15-Feb-2025
How I Earned $5,000 from a Single Bug Reporthttps://medium.com/@krishna9823420058/how-i-earned-5-000-from-a-single-bug-report-d4a793290a58?source=rss------bug_bounty-5Krish_cyberinformation-security, ethical-hacking, bug-bounty, bug-bounty-tips, osint15-Feb-2025
The Blueprint to Your First $1,000+ Bug Bounty Rewardhttps://medium.com/@krishna9823420058/the-blueprint-to-your-first-1-000-bug-bounty-reward-380e1df3b2b2?source=rss------bug_bounty-5Krish_cyberinfo-sec-writeups, bug-bounty-tips, ethical-hacking, osint, bug-bounty15-Feb-2025
How I Made $200 in 2 Minutes on HackerOne — Zomato Bug Bounty Program (With Real Example)https://medium.com/@krishna9823420058/how-i-made-200-in-2-minutes-on-hackerone-zomato-bug-bounty-program-with-real-example-a851c4042ca6?source=rss------bug_bounty-5Krish_cybercybersecurity, osint, infosec-write-ups, hacking, bug-bounty15-Feb-2025
The Ultimate Guide to Subdomain Enumeration: Brute-Forcing Hidden Subdomains with dnsx, mgwls, and…https://medium.com/@hacker_might/the-ultimate-guide-to-subdomain-enumeration-brute-forcing-hidden-subdomains-with-dnsx-mgwls-and-ffa36ad86519?source=rss------bug_bounty-5hacker_mightreconnaissance, brute-force, subdomains-enumeration, bug-bounty, bug-bounty-tips15-Feb-2025
Content Provider Exploitation: From Simple Misconfiguration to Application Lockdownhttps://medium.com/@muhammedgalal66/content-provider-exploitation-from-simple-misconfiguration-to-application-lockdown-fd09520e9d3a?source=rss------bug_bounty-5Dg0x6bug-bounty-tips, bug-bounty-writeup, android-app-testing, bug-bounty, bugs15-Feb-2025
Cache Control: An Easy P4 Vulnerabilityhttps://infosecwriteups.com/cache-control-an-easy-p4-vulnerability-746138597d10?source=rss------bug_bounty-5JEETPALcache-control, bugbounty-tips, bug-bounty-writeup, bug-bounty, cybersecurity15-Feb-2025
Exposed Admin Panel, $8000 Bounty — The Power of Shodan Recon!”https://medium.com/@rahulgairola/exposed-admin-panel-8000-bounty-the-power-of-shodan-recon-3408ce97531c?source=rss------bug_bounty-5Rahul Gairolabug-bounty-writeup, bug-bounty-tips, authentication-bypass, authentication, bug-bounty15-Feb-2025
The Ultimate Guide to Subdomain Enumeration: Brute-Forcing Hidden Subdomains with dnsx, mgwls, and…https://osintteam.blog/the-ultimate-guide-to-subdomain-enumeration-brute-forcing-hidden-subdomains-with-dnsx-mgwls-and-ffa36ad86519?source=rss------bug_bounty-5hacker_mightreconnaissance, brute-force, subdomains-enumeration, bug-bounty, bug-bounty-tips15-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-98)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-98-65be156058f4?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, hacking, bug-bounty-tips, ethical-hacking, cybersecurity15-Feb-2025
From Cookie to P1: Exploiting a Simple Flaw for Maximum Impacthttps://infosecwriteups.com/from-cookie-to-p1-exploiting-a-simple-flaw-for-maximum-impact-a05ef35c3e8c?source=rss------bug_bounty-50day storiesbug-bounty-writeup, bug-bounty-tips, cybersecurity, bug-bounty, penetration-testing15-Feb-2025
SSRF Advanced Methodology✨https://medium.com/@kumawatabhijeet2002/ssrf-advanced-methodology-ecbe289886ef?source=rss------bug_bounty-5Abhijeet kumawatmoney, infosec, ssrf, hacking, bug-bounty15-Feb-2025
Unauthorized Access to Blinkist Premium Audiobooks — A Case Studyhttps://medium.com/@rstuv/unauthorized-access-to-blinkist-premium-audiobooks-a-case-study-8b3d7e6c3c17?source=rss------bug_bounty-5rstuvbug-bounty, cybersecurity15-Feb-2025
From $0 to $2,500: My Journey Finding Critical Vulnerability Through Bug Bounty Programshttps://medium.com/@ibtissamhammadi/from-0-to-2-500-my-journey-finding-critical-vulnerability-through-bug-bounty-programs-c4d8a5059eec?source=rss------bug_bounty-5Ibtissam Hammadibug-bounty, cybersecurity, hacking, infosec, programming15-Feb-2025
Comparing Burp Suite Pro and OWASP ZAP: Which One is Right for You?https://medium.com/@shadyfarouk1986/comparing-burp-suite-pro-and-owasp-zap-which-one-is-right-for-you-56629b2dac6d?source=rss------bug_bounty-5Shady Faroukbug-bounty-tips, bug-bounty, vulnerability-assessment, bug-bounty-writeup15-Feb-2025
How a Hidden GitHub Token Led to a $50,000 Bug Bountyhttps://cyberw1ng.medium.com/how-a-hidden-github-token-led-to-a-50-000-bug-bounty-6bbec61114d9?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, jobs, careers, bug-bounty, programming15-Feb-2025
API Testing ( Port Swigger Labs ) Solutionshttps://medium.com/@youssefawad1357/api-testing-port-swigger-labs-solutions-2f8f7b949f9f?source=rss------bug_bounty-5youssef awadapi, pentesting, apihacking, penetration-testing, bug-bounty15-Feb-2025
Best Bug Bounty Platforms in 2025: A Comprehensive Comparisonhttps://medium.com/@hackrate/best-bug-bounty-platforms-in-2025-a-comprehensive-comparison-70aaa7d967eb?source=rss------bug_bounty-5Levente Molnarbug-bounty, bug-bounty-tips, ethical-hacking, cybersecurity, hacking15-Feb-2025
How a Hidden GitHub Token Led to a $50,000 Bug Bountyhttps://osintteam.blog/how-a-hidden-github-token-led-to-a-50-000-bug-bounty-6bbec61114d9?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, jobs, careers, bug-bounty, programming15-Feb-2025
A Powerful Web Crawling and OSINT Toolhttps://osintteam.blog/a-powerful-web-crawling-and-osint-tool-c0a5d118f398?source=rss------bug_bounty-5Monika sharmahacking, bug-bounty-tips, penetration-testing, bug-bounty, technology14-Feb-2025
HyperText Transfer Protocol (HTTP)https://medium.com/bug-bounty-bug-hunter-academy/hypertext-transfer-protocol-http-3719e3eda9ea?source=rss------bug_bounty-5Michael Mancusohttp-request, bug-bounty, web, https14-Feb-2025
Get Your First Bughttps://cybersecuritywriteups.com/get-your-first-bug-b50dadbea60a?source=rss------bug_bounty-5Abhijeet kumawatmoney, bug-bounty, infosec, hacking, ai14-Feb-2025
How I can trigger Remote Code Execution Via Cron Jobhttps://r0b0ts.medium.com/how-i-can-trigger-remote-code-execution-via-cron-job-b7d9d7dc9372?source=rss------bug_bounty-5r0b0tsbug-bounty-writeup, pentesting, bug-bounty, bug-bounty-tips, web-security14-Feb-2025
How to Bypass Web Application Firewalls (WAFs)https://medium.com/@vipulsonule71/how-to-bypass-web-application-firewalls-wafs-d4a0212b6fa5?source=rss------bug_bounty-5Vipul Sonuletechnology, hacking, bug-bounty, penetration-testing, cybersecurity14-Feb-2025
Crack Worldhttps://medium.com/@loaymorad11/crack-world-49be8914684d?source=rss------bug_bounty-5Loaymoradtryhackme, bug-bounty, cybersecurity, hacking14-Feb-2025
How to Find Your First Bug and Get Paid — Bug Bounty Made Easyhttps://medium.com/@krishna9823420058/how-to-find-your-first-bug-and-get-paid-bug-bounty-made-easy-cb595ef2aaee?source=rss------bug_bounty-5Krish_cyberinfosec-write-ups, bugs, hacking, bug-bounty, osint14-Feb-2025
Mastering Reconnaissance in Bug Bounty: The Art of Finding Hidden Vulnerabilitieshttps://abhayal.medium.com/mastering-reconnaissance-in-bug-bounty-the-art-of-finding-hidden-vulnerabilities-c34d87cb98c0?source=rss------bug_bounty-5Abhayalhackerone, reconnaissance, bug-bounty, vulnerability, bug-bounty-tips14-Feb-2025
Find secret in S3 Bucket and earn $500 and morehttps://medium.com/@anandrishav2228/find-secret-in-s3-bucket-and-earn-500-and-more-640b341dfe54?source=rss------bug_bounty-5Rishav anandmoney, aws, cybersecurity, amazon, bug-bounty14-Feb-2025
Day 9: CRLF to Account Takeover (Chaining Bugs)https://medium.com/@danielbelay/day-9-crlf-to-account-takeover-chaining-bugs-8e621c9be109?source=rss------bug_bounty-5dani3lbug-bounty-writeup, ethical-hacking, bug-bounty14-Feb-2025
Top CTF Competitions and Where to Practicehttps://medium.com/@BlackHat123/top-ctf-competitions-and-where-to-practice-f71c56ecfef1?source=rss------bug_bounty-5blackhatctf, competition, bug-bounty, walkthrough14-Feb-2025
Why Bug Bounty Programs Are Essential for In-Depth Vulnerability Detectionhttps://medium.com/@hackrate/why-bug-bounty-programs-are-essential-for-in-depth-vulnerability-detection-06bcfd3c6c18?source=rss------bug_bounty-5Levente Molnarcybersecurity, bug-bounty, hacking, ethical-hacking, bug-bounty-tips14-Feb-2025
$1,700 IDOR: Unauthorized Modification of Web Hosting Configurationhttps://medium.com/@a13h1/1-700-idor-unauthorized-modification-of-web-hosting-configuration-d6febc6c6a41?source=rss------bug_bounty-5Abhi Sharmabug-bounty, cybersecurity, vulnerability, idor, pentesting14-Feb-2025
How I got a Stored XSS by searching through JS files.https://medium.com/@oXnoOneXo/how-i-got-a-stored-xss-by-searching-through-js-files-fdfe2490668b?source=rss------bug_bounty-5oXnoOneXobug-bounty-tips, bug-bounty, bug-bounty-writeup14-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-97)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-97-34ad1a8bc36c?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, bug-bounty-tips, bug-bounty, cybersecurity, ethical-hacking14-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-96)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-96-c1cb10e05488?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, hacking, bug-bounty-tips, cybersecurity, ethical-hacking14-Feb-2025
Are You Missing Subdomains? The Resolver Trick You Need to Know!https://medium.com/@maakthon/are-you-missing-subdomains-the-resolver-trick-you-need-to-know-71da4abeb39d?source=rss------bug_bounty-5Mahmoud Abd Alkarimsubdomain, penetration-testing, enumeration, bug-bounty, dns14-Feb-2025
Breaking Through the Firewall: How I Bypassed a WAF and Found a Critical Bug with $1700https://myselfakash20.medium.com/breaking-through-the-firewall-how-i-bypassed-a-waf-and-found-a-critical-bug-with-1700-0680e28c8785?source=rss------bug_bounty-5Akash Ghoshprogramming, bug-bounty, bugbounty-tips, bug-bounty-writeup, cybersecurity14-Feb-2025
Easy $300: Template Injectionhttps://medium.com/@kumawatabhijeet2002/easy-300-template-injection-71e3395c53b3?source=rss------bug_bounty-5Abhijeet kumawathacking, ssti, money, bug-bounty, infosec14-Feb-2025
$1,700 IDOR: Unauthorized Modification of Web Hosting Configurationhttps://infosecwriteups.com/1-700-idor-unauthorized-modification-of-web-hosting-configuration-d6febc6c6a41?source=rss------bug_bounty-5Abhi Sharmabug-bounty, cybersecurity, vulnerability, idor, pentesting14-Feb-2025
From SQL Injection to Remote Code Execution: A Bug Bounty Hunter’s Unexpected Journeyhttps://medium.com/@gouravrathod8788/from-sql-injection-to-remote-code-execution-a-bug-bounty-hunters-unexpected-journey-bc91a3697f24?source=rss------bug_bounty-5Gourav Singh Rajputbug-bounty, cybersecurity14-Feb-2025
Hackers Wanted: Bug Bounty Program Pays $50,000 for Critical Vulnerabilitieshttps://medium.com/@ibtissamhammadi/hackers-wanted-bug-bounty-program-pays-50-000-for-critical-vulnerabilities-e113b868ee0f?source=rss------bug_bounty-5Ibtissam Hammadiethical-hacking, bug-bounty, cybersecurity, tech-career, programming14-Feb-2025
Advanced Secrets Hunting: Finding Exposed Credentials in Unconventional Placeshttps://cyberw1ng.medium.com/advanced-secrets-hunting-finding-exposed-credentials-in-unconventional-places-9aaaf52330a3?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, jobs, programming, cybersecurity14-Feb-2025
Bug Bounty Hunting: Web Vulnerability (Secure Code Review)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-secure-code-review-39c61b961afc?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-tips, bug-bounty, secure-code-review, bug-bounty-program, bug-bounty-hunter14-Feb-2025
Bug Bounty Hunting: Web Vulnerability (Information Disclosure)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-information-disclosure-b1ef91dc0208?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-hunter, information-disclosure, bug-bounty-program, bug-bounty-tips, bug-bounty14-Feb-2025
Bug Bounty Hunting: Web Vulnerability (Single Sign-On services)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-single-sign-on-services-8fc6e85e5ece?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-tips, single-sign-on, bug-bounty-hunter, bug-bounty-program, bug-bounty14-Feb-2025
Advanced Secrets Hunting: Finding Exposed Credentials in Unconventional Placeshttps://osintteam.blog/advanced-secrets-hunting-finding-exposed-credentials-in-unconventional-places-9aaaf52330a3?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, jobs, programming, cybersecurity14-Feb-2025
Powerful Burp Suite Extensionshttps://osintteam.blog/powerful-burp-suite-extensions-d1c960f376b5?source=rss------bug_bounty-5Monika sharmabug-bounty, hacking, bug-bounty-tips, penetration-testing, technology13-Feb-2025
Mastering SQL Injection: Detection, Exploitation & Automation Guidehttps://rootxabit.medium.com/mastering-sql-injection-detection-exploitation-automation-guide-7f0195fe435d?source=rss------bug_bounty-5xabit • hacksexploitation, bug-bounty, sqlinjectiontypes, zero-day-vulnerability, hacking13-Feb-2025
$10.5k Bounty Storyhttps://aimasterprompt.medium.com/10-5k-bounty-story-aa55497d77b6?source=rss------bug_bounty-5aimasterbug-bounty, programming, technology, cybersecurity, infosec13-Feb-2025
Earn $$$$ by Finding CSRF Vulnerabilities!https://infosecwriteups.com/earn-by-finding-csrf-vulnerabilities-638f876918cf?source=rss------bug_bounty-5Abhijeet kumawathacking, infosec, money, csrf, bug-bounty13-Feb-2025
️‍♂️ How to Information Gathering in Bug Hunting on Targethttps://medium.com/@vipulsonule71/%EF%B8%8F-%EF%B8%8F-how-to-information-gathering-in-bug-hunting-on-target-00de7e20afc0?source=rss------bug_bounty-5Vipul Sonulebug-bounty, hacking, cybersecurity, penetration-testing, technology13-Feb-2025
Threat Actor Attribution: A Detailed Guidehttps://medium.com/@paritoshblogs/threat-actor-attribution-a-detailed-guide-39f5b81086ac?source=rss------bug_bounty-5Paritoshcybersecurity, threat-intelligence, ai, bug-bounty, information-technology13-Feb-2025
Day 8: Self-XSS + Login & Logout CSRF + OAuth Hijackinghttps://medium.com/@danielbelay/day-8-self-xss-login-logout-csrf-oauth-hijacking-83c848ad9a1e?source=rss------bug_bounty-5dani3lethical-hacking, account-takeover, bug-bounty13-Feb-2025
How Bug Bounty Programs Have Evolved: From Early Experiments to Modern Security Frameworkshttps://medium.com/@hackrate/how-bug-bounty-programs-have-evolved-from-early-experiments-to-modern-security-frameworks-32b071e44513?source=rss------bug_bounty-5Levente Molnarethical-hacking, hacking, cybersecurity, bug-bounty, bug-bounty-tips13-Feb-2025
Bug Bounty in 2025: Part 2 — Intro to Open Redirect Vulnerability with a Conceptual Labhttps://medium.com/@halfcircassian/bug-bounty-in-2025-part-2-intro-to-open-redirect-vulnerability-with-a-conceptual-lab-c0db11537778?source=rss------bug_bounty-5Sıla Özerenbug-bounty-writeup, open-redirect, bug-bounty-tips, bug-bounty, vulnerability13-Feb-2025
3 Steps to Landing the Highest Paid Bug Bounty: $150K in 30 Dayshttps://medium.com/@ibtissamhammadi/3-steps-to-landing-the-highest-paid-bug-bounty-150k-in-30-days-662da049fb4d?source=rss------bug_bounty-5Ibtissam Hammadibug-bounty, programming, infosec, cybersecurity, ethical-hacking13-Feb-2025
How does an extension help me find a PII data bug?https://infosecwriteups.com/how-does-an-extension-help-me-find-a-pii-data-bug-a95d83043f9a?source=rss------bug_bounty-5loyalonlytodayhacking, bug-bounty, programming, cybersecurity, tips13-Feb-2025
Community Bug Bounty Campaignhttps://medium.com/bitoro-network/community-bug-bounty-campaign-853538e88021?source=rss------bug_bounty-5Kayla.Bitorobug-bounty, defi, injective, arbitrum, testnet13-Feb-2025
website leaking OTP in inspect elementhttps://cybersecuritywriteups.com/website-leaking-otp-in-inspect-element-aa38d15059c9?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, cybersecurity, bug-bounty, hacking, bugs13-Feb-2025
Can Crowdsourced Ethical Hacking Replace Yearly Penetration Testing?https://medium.com/@hackrate/can-crowdsourced-ethical-hacking-replace-yearly-penetration-testing-2c525820088b?source=rss------bug_bounty-5Levente Molnarpenetration-testing, bug-bounty, ethical-hacking, hacking, cybersecurity13-Feb-2025
Get Internship Offers During Second Year of College in Cybersecurity — offensive security domainhttps://abhishekmorla.medium.com/get-internship-offers-during-second-year-of-college-in-cybersecurity-offensive-security-domain-7caecdfaabe5?source=rss------bug_bounty-5Abhishek Morlabtech, bug-bounty, red-team, cse, cybersecurity13-Feb-2025
Locked Features, Unlocked Access: Breaking Restrictions with Response Manipulationhttps://medium.com/@0x5atab/locked-features-unlocked-access-breaking-restrictions-with-response-manipulation-c7546a39c4c7?source=rss------bug_bounty-5Muhammad Khatabbug-hunting, bug-bounty-writeup, infosec, bugbounty-writeup, bug-bounty13-Feb-2025
BUG IN QWEN AI CHATBOThttps://medium.com/@rr-1k/bug-in-qwen-ai-chatbot-77d02e89d77f?source=rss------bug_bounty-5rr-1kbug-bounty, bug-bounty-tips, deepseek, qwen, ai13-Feb-2025
Automate Open Redirect and Earn $250, $200, $100!https://cybersecuritywriteups.com/automate-open-redirect-and-earn-250-200-100-b6bfd75a5dc7?source=rss------bug_bounty-5Abhijeet kumawatmoney, infosec, hacking, bug-bounty, openai13-Feb-2025
Mr Robot CTFhttps://medium.com/@princepr99/mr-robot-ctf-305aea527bcc?source=rss------bug_bounty-5Prince P Ravicybersecurity, ethical-hacking, bug-bounty13-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-95)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-95-81b5e24c7f11?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, bug-bounty-tips, ethical-hacking, hacking13-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-94)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-94-f6432847ad99?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips, hacking13-Feb-2025
$2000 Bounty: Unauthenticated Remote Code Execution to Reverse Shell — A Real-World Examplehttps://medium.com/@krishna9823420058/2000-bounty-unauthenticated-remote-code-execution-to-reverse-shell-a-real-world-example-aee9a7c6851b?source=rss------bug_bounty-5Krish_cyberbug-bounty, info-sec-writeups, bugs, hacking, osint13-Feb-2025
Arcgis SQLi — CVE-2012–4949https://medium.com/@metogmer/arcgis-sqli-cve-2012-4949-06ea278ab6a4?source=rss------bug_bounty-5Muntadhar M. Ahmedbug-bounty, bug-hunter, hackerone, cybersecurity, sql-injection13-Feb-2025
Bug Bounty Hunting: Web Vulnerability (Remote Code Execution)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-remote-code-execution-3935b5823657?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-hunter, bug-bounty-tips, bug-bounty, remote-code-execution, bug-bounty-program13-Feb-2025
New to Bug bounty (simple way)https://medium.com/@bombhajohn/new-to-bug-bounty-simple-way-62cd38d0b9fc?source=rss------bug_bounty-5Bombhajohncybersecurity, bug-bounty, bug-bounty-tips13-Feb-2025
Bug Bounty Hunting: Web Vulnerability (Application Logic Errors and Broken Access Control)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-application-logic-errors-and-broken-access-control-cd15bb9ccc0c?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-program, broken-access-control, bug-bounty-hunter, bug-bounty-tips, bug-bounty13-Feb-2025
Finding Hidden API Keys, Tokens, and Sensitive Information in Applicationshttps://cyberw1ng.medium.com/finding-hidden-api-keys-tokens-and-sensitive-information-in-applications-d8a40a5a162a?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, bug-bounty, jobs, careers, cybersecurity13-Feb-2025
Bug Bounty Hunting: Web Vulnerability (Same-Origin Policy)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-same-origin-policy-23aabe865729?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty, bug-bounty-program, bug-bounty-hunter, same-origin-policy, bug-bounty-tips13-Feb-2025
New to Bug bounty (simple way)https://medium.com/@bombhajohn/new-to-bug-bounty-simple-way-62cd38d0b9fc?source=rss------bug_bounty-5Folks47gheecybersecurity, bug-bounty, bug-bounty-tips13-Feb-2025
Finding Hidden API Keys, Tokens, and Sensitive Information in Applicationshttps://osintteam.blog/finding-hidden-api-keys-tokens-and-sensitive-information-in-applications-d8a40a5a162a?source=rss------bug_bounty-5Karthikeyan Nagarajprogramming, bug-bounty, jobs, careers, cybersecurity13-Feb-2025
N#S# server security misconfiguration.https://medium.com/@hunter_sv/nasa-server-security-misconfiguration-4b7b9b7331b5?source=rss------bug_bounty-5Hunter_svbug-bounty12-Feb-2025
BFAC: The Ultimate Tool to Uncover Hidden Backup Fileshttps://osintteam.blog/bfac-the-ultimate-tool-to-uncover-hidden-backup-files-4a0de1f9e8de?source=rss------bug_bounty-5Monika sharmabug-bounty, technology, penetration-testing, hacking, bug-bounty-tips12-Feb-2025
How I Found an ATO in a Public Programhttps://medium.com/@khaledahmed_56157/how-i-found-an-ato-in-a-public-program-5209be3140f4?source=rss------bug_bounty-5Khaled Ahmedbug-bounty, cybersecurity, penetration-testing, vulnerability, hackerone12-Feb-2025
Earn $5000 using Subdomain Takeover: Step By Step Guidehttps://cybersecuritywriteups.com/earn-5000-using-subdomain-takeover-step-by-step-guide-eec3e8e6336d?source=rss------bug_bounty-5Abhijeet kumawatsubdomain-takeover, money, hacking, infosec, bug-bounty12-Feb-2025
Day 7: Drag & Drop XSS + Cookie Bomb for OAuth Hijackinghttps://medium.com/@danielbelay/day-7-drag-drop-xss-cookie-bomb-for-oauth-hijacking-a9b828cd9c54?source=rss------bug_bounty-5dani3lbug-bounty, ethical-hacking12-Feb-2025
Accessing Admin Portal Without Credentials via Long Redirection Responsehttps://systemweakness.com/accessing-admin-portal-without-credentials-via-long-redirection-response-da79d84bb93a?source=rss------bug_bounty-5Kushanmadurangaredirection, web-security, bug-bounty, burpsuite, hacking12-Feb-2025
Exploiting crAPI with jwt_toolhttps://medium.com/@samhilliard/in-this-post-ill-show-you-how-to-use-jwt-tool-to-analyze-and-exploit-jwt-vulnerabilities-in-97c62a0e6ac5?source=rss------bug_bounty-5Sam Hilliardweb, bug-bounty, pentesting, jwt, hacking12-Feb-2025
Let’s Build a Cybersecurity Knowledge Hub!https://medium.com/@Mike_3xploit3r/lets-build-a-cybersecurity-knowledge-hub-5686d251f632?source=rss------bug_bounty-5Mike_3xploit3rpenetration-testing-tools, penetration-testing, ethical-hacking, cybersecurity, bug-bounty12-Feb-2025
Account Takeover via Lack of Email Verification Vulnerabilityhttps://medium.com/@whitehat29/account-takeover-via-lack-of-email-verification-vulnerability-9b9be0751d8b?source=rss------bug_bounty-5Whitehatinfosec, hacking, bug-bounty-writeup, bug-bounty, bug-bounty-tips12-Feb-2025
Katana: A Fast and Powerful Web Fuzzerhttps://medium.com/meetcyber/katana-a-fast-and-powerful-web-fuzzer-fc41c757d8a0?source=rss------bug_bounty-5Erkan Kavaskatana, bug-hunting, toolkit, bug-bounty, cybersecurity12-Feb-2025
Bug Bounty Hunting: Web Vulnerability (XML External Entity)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-xml-external-entity-c4f1b4b629f3?source=rss------bug_bounty-5Muhammad Abdullah Niazixxe-attack, bug-bounty-tips, bug-bounty, bug-bounty-hunter, xxe12-Feb-2025
Currently, HackerOne Has Over 1400 Bug Bounty Programs. Is It Really That Good?https://medium.com/@hackrate/currently-hackerone-has-over-1400-bug-bounty-programs-is-it-really-that-good-eac92a515e29?source=rss------bug_bounty-5Levente Molnarbug-bounty-tips, ethical-hacking, bug-bounty, hacking, cybersecurity12-Feb-2025
How I Found Information Disclosure Vulnerability?https://doordiefordream.medium.com/how-i-found-information-disclosure-vulnerability-e673c421c104?source=rss------bug_bounty-5Bug hunter baluweb3, ethical-hacking, cybersecurity, technology, bug-bounty12-Feb-2025
Bug Bounty Hunting: Web Vulnerability (Insecure Deserialization)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-insecure-deserialization-6df3491dc33c?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-hunter, insecure-deserialization, bug-bounty-tips, bug-bounty, bug-bounty-program12-Feb-2025
Unleashing the Power of Amass: A Comprehensive Guide to Subdomain Enumeration & Network Mapping…https://medium.com/@zoningxtr/unleashing-the-power-of-amass-a-comprehensive-guide-to-subdomain-enumeration-network-mapping-4d4a9889b2c7?source=rss------bug_bounty-5Zoningxtrpenetration-testing, web-development, web3, cybersecurity, bug-bounty12-Feb-2025
Bug Bounty Hunting: Web Vulnerability (Template Injection)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-template-injection-373ee3c8b80c?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-tips, template-injection, bug-bounty-hunter, bug-bounty, bug-bounty-program12-Feb-2025
Free VPS for ethical hacking and bug bounty hunting.https://infosecwriteups.com/free-vps-for-ethical-hacking-and-bug-bounty-hunting-d9098c2fbe2a?source=rss------bug_bounty-5loyalonlytodayethical-hacking, hacking, bug-bounty, vps, cybersecurity12-Feb-2025
I Pasted a Link, Inspected the HTML, and Facebook Gave Me $1000https://infosecwriteups.com/i-pasted-a-link-inspected-the-html-and-facebook-gave-me-1000-9ed4a91e24d1?source=rss------bug_bounty-5Vivek PShacking, bug-bounty-writeup, bug-bounty-tips, programming, bug-bounty12-Feb-2025
Broken Brute-Force Protection: How to Bypass Rate Limiting in a Single Request  —  Authentication…https://infosecwriteups.com/broken-brute-force-protection-how-to-bypass-rate-limiting-in-a-single-request-authentication-a4a761fc0b5a?source=rss------bug_bounty-5Bash Overflowbypass-login-protection, brute-force-attack, bypass-rate-limiting, broken-access-control, bug-bounty12-Feb-2025
“.DS_Store” – The Accidental Treasure Map Devs Keep Handing Hackershttps://medium.com/@mahad.ahmed0x1/ds-store-the-accidental-treasure-map-devs-keep-handing-hackers-da0dceeead7d?source=rss------bug_bounty-5404NotPentestedethical-hacking, bug-bounty-tips, penetration-testing, cybersecurity, bug-bounty12-Feb-2025
Client-Side Template Injection (CSTI): A Comprehensive Guidehttps://medium.com/@verylazytech/client-side-template-injection-csti-a-comprehensive-guide-ac2f49a77aae?source=rss------bug_bounty-5Very Lazy Techinjection, ethical-hacking, web, pentesting, bug-bounty12-Feb-2025
Unleashing the Power of Sublist3r: The Ultimate Guide to Subdomain Enumerationhttps://medium.com/@zoningxtr/unleashing-the-power-of-sublist3r-the-ultimate-guide-to-subdomain-enumeration-62d1468a2933?source=rss------bug_bounty-5Zoningxtrsecurity-token, cybersecurity, web-development, bug-bounty, penetration-testing12-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-92)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-92-0cc43d2fedb2?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, bug-bounty-tips, ethical-hacking, bug-bounty, hacking12-Feb-2025
How to Automate Hunting for Open Redirecthttps://infosecwriteups.com/how-to-automate-hunting-for-open-redirect-46537cd67b35?source=rss------bug_bounty-5Spectat0rguycybersecurity, bug-bounty-tips, programming, technology, bug-bounty12-Feb-2025
$900 Bounty: Open Redirection Bughttps://cybersecuritywriteups.com/900-bounty-open-redirection-bug-aa82142b0e9d?source=rss------bug_bounty-5Abhijeet kumawathacking, bounty-program, money, bug-bounty, infosec12-Feb-2025
How I Discovered a WordPress Vulnerability: Exposed Usernames & XML-RPC Exploitationhttps://medium.com/@iamshafayat/how-i-discovered-a-wordpress-vulnerability-exposed-usernames-xml-rpc-exploitation-b35b0ec63a54?source=rss------bug_bounty-5Shafayat Ahmed Alifbug-bounty-methodology, cybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup12-Feb-2025
Bug Bounty Hunting — Complete Guide (Part-93)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-93-d66c26764179?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, cybersecurity, hacking, ethical-hacking, bug-bounty12-Feb-2025
Bug Bounty in 2025: Part 1 — Mastering Regex for Securityhttps://medium.com/@halfcircassian/bug-bounty-in-2025-part-1-mastering-regex-for-security-3d58bcf51102?source=rss------bug_bounty-5Sıla Özerenregex, open-redirect, bug-bounty-writeup, bug-bounty-tips, bug-bounty12-Feb-2025
Facebook Bug Bounty: Can You Really Earn $500 for Finding Bugshttps://medium.com/@ibtissamhammadi/facebook-bug-bounty-can-you-really-earn-500-for-finding-bugs-4e71c81af2a2?source=rss------bug_bounty-5Ibtissam Hammadifacebook, hacking, cybersecurity, technology, bug-bounty12-Feb-2025
Hacking tools — Art of my creationhttps://medium.com/@zatikyan.sevada/hacking-tools-art-of-my-creation-2f47ab1eca18?source=rss------bug_bounty-5Zatikyan Sevadabug-bounty, hacking-tools, hacking, cybersecurity12-Feb-2025
$10,500 SSO Misconfiguration Bug on Grammarlyhttps://cyberw1ng.medium.com/10-500-sso-misconfiguration-bug-on-grammarly-438f2cb87a0c?source=rss------bug_bounty-5Karthikeyan Nagarajjobs, bug-bounty, careers, money, cybersecurity12-Feb-2025
$10,500 SSO Misconfiguration Bug on Grammarlyhttps://osintteam.blog/10-500-sso-misconfiguration-bug-on-grammarly-438f2cb87a0c?source=rss------bug_bounty-5Karthikeyan Nagarajjobs, bug-bounty, careers, money, cybersecurity12-Feb-2025
The Hidden Business Logic Error That Exists On Most E-Commerce Web Applicationhttps://medium.com/@makarov_bm/the-hidden-business-logic-error-that-exists-on-most-e-commerce-web-application-7b9be9113073?source=rss------bug_bounty-5makarovbug-bounty-writeup, business-logic, bug-bounty, web-security11-Feb-2025
HOW TO GET STARTED IN BUG BOUNTY AS A BEGINNERhttps://medium.com/@pjha80122/how-to-get-started-in-bug-bounty-as-a-beginner-af49089c375c?source=rss------bug_bounty-5Pratik Jhaethical-hacking, penetration-testing, bug-bounty, web-security, cybersecurity11-Feb-2025
Easy $1000-$10000+ Bounty Using Wayback Machinehttps://medium.com/infosecmatrix/easy-1000-10000-bounty-using-wayback-machine-cb6c5cb77543?source=rss------bug_bounty-5Abhijeet kumawatsensitive, bug-bounty, infosec, money, hacking11-Feb-2025
Finding subdomains that are hidden in the cloud.https://infosecwriteups.com/finding-subdomains-that-are-hidden-in-the-cloud-ec54412802bf?source=rss------bug_bounty-5loyalonlytodaybug-bounty, hacking, penetration-testing, cybersecurity, cloud11-Feb-2025
Threat Hunting Techniques and Generative AI: A Practical Approachhttps://medium.com/@paritoshblogs/threat-hunting-techniques-and-generative-ai-a-practical-approach-797a86ada4fd?source=rss------bug_bounty-5Paritoshinformation-technology, cybersecurity, bug-bounty, threat-hunting, ai11-Feb-2025
Notify Tutorial for Bug Huntershttps://cybersecuritywriteups.com/notify-tutorial-for-bug-hunters-8ccb8d0d0b74?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, cybersecurity, pentesting, hacking, bug-bounty-tips11-Feb-2025
Bug Bounty Hunting: Web Vulnerability (Server-side request forgery)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-server-side-request-forgery-7fb15230a807?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-program, bug-bounty-tips, bug-bounty, bug-bounty-hunter, ssrf11-Feb-2025
GitHub Dorks & Leaks: How To Find Sensitive Datahttps://medium.com/@verylazytech/github-dorks-leaks-how-to-find-sensitive-data-4e96e67f1d51?source=rss------bug_bounty-5Very Lazy Techpenetration-testing, bug-bounty, github, ethical-hacking, exploit11-Feb-2025
Finding SQL Injection Using Wayback Machinehttps://medium.com/@muhammadwaseem29/finding-sql-injection-using-wayback-machine-69409204a205?source=rss------bug_bounty-5Muhammad Waseemsql-injection, hacking, infosec, bug-bounty, cybersecurity11-Feb-2025
How Pentest-as-a-Service Works: The Ultimate Guidehttps://medium.com/@hackrate/how-pentest-as-a-service-works-the-ultimate-guide-a9bc92b28c87?source=rss------bug_bounty-5Levente Molnarethical-hacking, bug-bounty, penetration-testing, hacking, cybersecurity11-Feb-2025
Get $5000: GitHub Dorks & Leakshttps://cybersecuritywriteups.com/get-5000-github-dorks-leaks-30a6a324f368?source=rss------bug_bounty-5Abhijeet kumawathacking, infosec, money, github, bug-bounty11-Feb-2025
How to Report a Security Bug in a Chinese Government Website Responsiblyhttps://yogsec.medium.com/how-to-report-a-security-bug-in-a-chinese-government-website-responsibly-7ab8f7d5a3e1?source=rss------bug_bounty-5YogSecchina-cybersecurity, report-bug-in-chinese, hacking, bug-report, bug-bounty11-Feb-2025
Security researchers, ethical hackers, and bug bounty hunters often come across vulnerabilities in…https://yogsec.medium.com/security-researchers-ethical-hackers-and-bug-bounty-hunters-often-come-across-vulnerabilities-in-45e03a7e156c?source=rss------bug_bounty-5YogSechacking, bug-bounty, cybersecurity, cybersecurity-usa, how-to-report-bug11-Feb-2025
Using Malicious-Website-Demo for Security Research and Bug Bounty Reportshttps://yogsec.medium.com/using-malicious-website-demo-for-security-research-and-bug-bounty-reports-fbb25c6773f0?source=rss------bug_bounty-5YogSechacking-tools, sqli, bug-bounty, xs, cybersecurity11-Feb-2025
How I Found a Critical Vulnerability and Earned $4,000 in Bug Bounty Huntinghttps://medium.com/@krishna9823420058/how-i-found-a-critical-vulnerability-and-earned-4-000-in-bug-bounty-hunting-2cd8e8ad6f43?source=rss------bug_bounty-5Krish_cyberinfo-sec-writeups, osint, bugs, hacking, bug-bounty11-Feb-2025
️‍♂️ How to Choose a Target in Bug Hunting ️‍♀️https://medium.com/@vipulsonule71/%EF%B8%8F-%EF%B8%8F-how-to-choose-a-target-in-bug-hunting-%EF%B8%8F-%EF%B8%8F-2e7dd0ed5c95?source=rss------bug_bounty-5Vipul Sonulecybersecurity, ai, technology, bug-bounty, hacking11-Feb-2025
IAST-Inspired Approach to Security Testing with LLMhttps://medium.com/@pirikara077/iast-inspired-approach-to-security-testing-with-llm-8aae36f4088c?source=rss------bug_bounty-5Tomoya Yamashitallm, cybersecurity, vulnerability-assessment, bug-bounty, penetration-testing11-Feb-2025
How I gained access to Tamil Nadu’s Property Approval Portal Dashboard just with a simple…https://hiddendom.medium.com/how-i-gained-access-to-tamil-nadus-property-approval-portal-dashboard-just-with-a-simple-f0b463cc0635?source=rss------bug_bounty-5Gokuleswaran Btamil-nadu, bug-bounty-writeup, bug-bounty, bug-bounty-tips, ethical-hacking11-Feb-2025
How I found 3 CSRFs on a Public Programhttps://medium.com/@shellreaper/how-i-found-3-csrfs-on-a-public-program-e9b9ff52c1a0?source=rss------bug_bounty-5ShellReaperbug-bounty, bug-bounty-writeup, bug-bounty-tips, csrf-attack, web-security11-Feb-2025
From Brute-Force to Bounty: My $200 and Double XSS Win on Acronishttps://muzamilsheikh.medium.com/from-brute-force-to-bounty-my-200-and-double-xss-win-on-acronis-4fc7c7ccff39?source=rss------bug_bounty-5MuzamilSheikhbug-bounty-writeup, bug-bounty-tips, bug-bounty, cyber-security-awareness, cybersecurity11-Feb-2025
Restarting My Bug Bounty Journey: Why I Quit and What’s Nexthttps://infosecwriteups.com/restarting-my-bug-bounty-journey-why-i-quit-and-whats-next-16b0ae1a027b?source=rss------bug_bounty-5Om Aroratechnology, cybersecurity, bug-bounty-tips, infosec, bug-bounty11-Feb-2025
How a Simple Clickjacking Bug Can Lead to Big Security Riskshttps://cyberw1ng.medium.com/how-a-simple-clickjacking-bug-can-lead-to-big-security-risks-a61882702370?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, programming, jobs, bug-bounty, careers11-Feb-2025
Best Port Scanner for Bug Bounty: How to Install and Use Naabu Efficientlyhttps://medium.com/@hacker_might/best-port-scanner-for-bug-bounty-how-to-install-and-use-naabu-efficiently-4bffdab35ed5?source=rss------bug_bounty-5hacker_mightnaabu, port-scanning, reconnaissance, bug-bounty-tips, bug-bounty11-Feb-2025
Burp Suite — Creación de Issues Manualeshttps://medium.com/@ArtsSEC/burp-suite-creaci%C3%B3n-de-issues-manuales-ac65c5767852?source=rss------bug_bounty-5ArtsSECburpsuite, pentesting, infosec, bug-bounty, security11-Feb-2025
The 7 Most Hilarious Bugs I’ve Encountered in My Careerhttps://blog.stackademic.com/the-7-most-hilarious-bugs-ive-encountered-in-my-career-128aa23532ab?source=rss------bug_bounty-5Coders Stopsoftware-development, bug-bounty, programming, bugs, coding10-Feb-2025
Bypassed Cloudflare: XSS Pop-Uphttps://medium.com/@kumawatabhijeet2002/bypassed-cloudflare-xss-pop-up-f9c67952abcf?source=rss------bug_bounty-5Abhijeet kumawatxss-attack, infosec, hacking, bug-bounty-tips, bug-bounty10-Feb-2025
HTML Injection in Email Invitations: A Security Flaw Exploitedhttps://medium.com/@muralidharan1530/html-injection-in-email-invitations-a-security-flaw-exploited-39394f6ac266?source=rss------bug_bounty-5Murali Dharanbug-bounty-writeup, bug-bounty, bug-bounty-tips10-Feb-2025
GetSubDomains: A Fast & Efficient Subdomain Enumeration Tool ️https://yogsec.medium.com/getsubdomains-a-fast-efficient-subdomain-enumeration-tool-%EF%B8%8F-11c7d8003931?source=rss------bug_bounty-5YogSecsubfinder, subdomains-finder, bug-bounty, cybersecurity, hacking-tools10-Feb-2025
ERC-20, ERC-721, ERC-1155: How Token Standards Introduce Unique Security Riskshttps://securrtech.medium.com/erc-20-erc-721-erc-1155-how-token-standards-introduce-unique-security-risks-ed9fe5083200?source=rss------bug_bounty-5Securr - Web3 Securitysmart-contract-security, blockchain-security, bug-bounty, web3-security, smart-contract-auditing10-Feb-2025
Bypassed Cloudflare: XSS Pop-Uphttps://cybersecuritywriteups.com/bypassed-cloudflare-xss-pop-up-f9c67952abcf?source=rss------bug_bounty-5Abhijeet kumawatxss-attack, infosec, hacking, bug-bounty-tips, bug-bounty10-Feb-2025
Stored XSS into Onclick Event: Bypassing Angle Brackets, Double Quotes, and Escaped Characters —…https://infosecwriteups.com/stored-xss-into-onclick-event-bypassing-angle-brackets-double-quotes-and-escaped-characters-ee347b9e19d9?source=rss------bug_bounty-5Bash Overflowexploiting-onclick-xss, bug-bounty, portswigger-xss-lab, stored-xss-bypass, bypass-html-encoding10-Feb-2025
Bug Bounty Hunting: A Step-by-Step Guide for Beginnershttps://medium.com/cyberilluminati/bug-bounty-hunting-a-step-by-step-guide-for-beginners-05505b12769d?source=rss------bug_bounty-5IAMnkbug-bounty, cyber, bug-bounty-tips, cybersecurity, red-team10-Feb-2025
Finding more subdomains Part 3https://infosecwriteups.com/finding-more-subdomains-part-3-dee1c581c49b?source=rss------bug_bounty-5loyalonlytodaybug-bounty, ethical-hacking, infosec, tips, cybersecurity10-Feb-2025
My First Paid Bug Bounty: A $250 Reward For Session Management Vulnerabilityhttps://medium.com/@sauravkrish59/my-first-paid-bug-bounty-a-250-reward-for-session-management-vulnerability-22cb5163e05f?source=rss------bug_bounty-5Sauravkrishbug-bounty-writeup, bug-bounty-tips, bug-bounty, ethical-hacking10-Feb-2025
How to Get Started in Bug Bounty as a Beginnerhttps://medium.com/@pjha80122/how-to-get-started-in-bug-bounty-as-a-beginner-48bca31622ec?source=rss------bug_bounty-5Pratikcybersecurity, bug-bounty, ethical-hacking, web-security, penetration-testing10-Feb-2025
One of the best tool for subdomain findinghttps://medium.com/infosecmatrix/one-of-the-best-tool-for-subdomain-finding-0a066c9e0841?source=rss------bug_bounty-5loyalonlytodayethical-hacking, cybersecurity, bug-bounty, subdomain, hacking10-Feb-2025
Jira Misconfiguration Leading to Unauthorized Accesshttps://metanetwebhostingsecurity.medium.com/jira-misconfiguration-leading-to-unauthorized-access-69d32ab5a5c7?source=rss------bug_bounty-5metanetwebhosting securitycyber-security-awareness, bug-bounty, bug-bounty-writeup, bug-bounty-tips, cybersecurity10-Feb-2025
My First Year in Bug Bounty: from 0$ to 10k$ Lessons, Successes, and Encouragement for Beginnershttps://medium.com/@hhack4737/my-first-year-in-bug-bounty-from-0-to-10k-lessons-successes-and-encouragement-for-beginners-932bb8884a87?source=rss------bug_bounty-5xssor-dzbug-bounty, bug-bounty-writeup10-Feb-2025
Unveiling EXIF Metadata: How to Extract Hidden Information from Imageshttps://rootxabit.medium.com/unveiling-exif-metadata-how-to-extract-hidden-information-from-images-55e7f3c7f844?source=rss------bug_bounty-5xabit • hacksbugcrowd, hacking, 2025, exiftool, bug-bounty10-Feb-2025
How to Start Your Journey in Bug Bounty Huntinghttps://medium.com/@vipulsonule71/how-to-start-your-journey-in-bug-bounty-hunting-7e939b75a314?source=rss------bug_bounty-5Vipul Sonuletools, bug-bounty, technology, penetration-testing, cybersecurity10-Feb-2025
STIX/TAXII: The Cybersecurity Game-Changer You’re Not Using Yet!”https://medium.com/@paritoshblogs/stix-taxii-the-cybersecurity-game-changer-youre-not-using-yet-f6ac012dae31?source=rss------bug_bounty-5Paritoshthreat-intelligence, hacking, information-technology, cybersecurity, bug-bounty10-Feb-2025
How Bug Bounty Programs Work: The Ultimate Guidehttps://medium.com/@hackrate/how-bug-bounty-programs-work-the-ultimate-guide-143a7bd93451?source=rss------bug_bounty-5Levente Molnarbug-bounty-tips, cybersecurity, ethical-hacking, hacking, bug-bounty10-Feb-2025
XML-RPC Vulnerability: Easy Exploit, Easy Bounty!https://keroayman77.medium.com/xml-rpc-vulnerability-easy-exploit-easy-bounty-8019a35c700b?source=rss------bug_bounty-5Kerolos Aymanbug-bounty-writeup, bug-bounty, bug-bounty-tips10-Feb-2025
Exposed API Keys & Config Files in js file! || Bug Bountyhttps://keroayman77.medium.com/exposed-api-keys-config-files-in-js-file-bug-bounty-790b02a015ff?source=rss------bug_bounty-5Kerolos Aymanbug-bounty-tips, bug-bounty-writeup, bug-bounty10-Feb-2025
Bug Bounty Target Selection: How Hackers Find the Most Profitable & Juicy Bugs Before Anyone Else!https://myselfakash20.medium.com/bug-bounty-target-selection-how-hackers-find-the-most-profitable-juicy-bugs-before-anyone-else-061510e83698?source=rss------bug_bounty-5Akash Ghoshprogramming, bug-bounty-tips, cybersecurity, bug-bounty-writeup, bug-bounty10-Feb-2025
International Operation Dismantles Phobos Ransomware Gang: Key Arrests and 8Base Takedownhttps://medium.com/@wiretor/international-operation-dismantles-phobos-ransomware-gang-key-arrests-and-8base-takedown-61e126bb54c9?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, gangs, ai, money10-Feb-2025
Day 6: CSS Injection + Clickjacking to Account Takeoverhttps://medium.com/@danielbelay/day-6-css-injection-clickjacking-to-account-takeover-c0a0622ac250?source=rss------bug_bounty-5dani3lbug-bounty, ethical-hacking, account-takeover10-Feb-2025
Understanding and Exploiting an Open Redirect Vulnerability in NVIDIAhttps://medium.com/@g0kb0ru/understanding-and-exploiting-an-open-redirect-vulnerability-in-nvidia-3b1b429cb3c5?source=rss------bug_bounty-5g0kb0ruopen-redirect, bug-bounty, bug-bounty-writeup, pentesting, bug-bounty-tips10-Feb-2025
Bug Bounty Target Selection: How Hackers Find the Most Profitable & Juicy Bugs Before Anyone Else!https://infosecwriteups.com/bug-bounty-target-selection-how-hackers-find-the-most-profitable-juicy-bugs-before-anyone-else-061510e83698?source=rss------bug_bounty-5Akash Ghoshtechnology, programming, cybersecurity, bug-bounty-writeup, bug-bounty10-Feb-2025
Easy $250: Discovered Exposed .env Fileshttps://cybersecuritywriteups.com/easy-250-discovered-exposed-env-files-47e0d425795d?source=rss------bug_bounty-5Abhijeet kumawatmoney, bug-bounty, ai, hacking, infosec09-Feb-2025
How I got Bounty and Hall of Fame for finding easy bugshttps://infosecwriteups.com/how-i-got-bounty-and-hall-of-fame-for-finding-easy-bugs-1a72aefe6c3a?source=rss------bug_bounty-5RivuDonbug-bounty-writeup, ethical-hacking, bug-bounty, infosec, bug-bounty-tips09-Feb-2025
How to find bugs in the Microsoft IIS page.https://infosecwriteups.com/how-to-find-bugs-in-the-microsoft-iis-page-120c2050b66f?source=rss------bug_bounty-5loyalonlytodaybug-bounty, info-sec-writeups, hacking, bugs, cybersecurity09-Feb-2025
Sniper: An Automated Penetration Testing Toolhttps://osintteam.blog/sniper-an-automated-penetration-testing-tool-fb54c506f60d?source=rss------bug_bounty-5Monika sharmahacking, bug-bounty-tips, bug-bounty, technology, penetration-testing09-Feb-2025
From Duplicate to Letter of Appreciation: How I Hacked NASAhttps://medium.com/@cyberhrsh/from-duplicate-to-letter-of-appreciation-how-i-hacked-nasa-3f8b5a6c105c?source=rss------bug_bounty-5Harsh kotharinasa, swag, bug-bounty, vdp, hacking09-Feb-2025
Solidity: The Language That Powers the Crypto Revolutionhttps://medium.com/@legendh238/imagine-youre-in-a-futuristic-city-where-every-transaction-contract-and-agreement-is-1a1b49c873aa?source=rss------bug_bounty-5johanbug-bounty, bitcoin, coding, solidity-language, solidity09-Feb-2025
Takeover fresh install nextcloud server admin.https://medium.com/@nanwinata/takeover-fresh-install-nextcloud-server-admin-142b5c179fe4?source=rss------bug_bounty-5nanwnbug-bounty, nextcloud, hackerone09-Feb-2025
How I Found Reflected XSS Vulnerability on Australian Government. [CVE-2022–35653]https://systemweakness.com/how-i-found-reflected-xss-vulnerability-on-australian-government-cve-2022-35653-ead0e56db243?source=rss------bug_bounty-5Gokuleswaran Bbug-bounty-tips, xss-vulnerability, bug-bounty-writeup, xss-attack, bug-bounty09-Feb-2025
BUG BOUNTY Roadmaphttps://medium.com/@codingbolt.in/bug-bounty-roadamp-4acc1220e123?source=rss------bug_bounty-5codingboltbug-bounty-tips, bugs, bug-bounty, bug-hunting, bug-bounty-writeup09-Feb-2025
️‍♂️My Journey of Securing WHOhttps://infosecwriteups.com/%EF%B8%8F-%EF%B8%8Fmy-journey-of-securing-who-85f36c6caf0f?source=rss------bug_bounty-5cryptoshanthtml, tips, bug-bounty, hacking, cybersecurity09-Feb-2025
Automated Bug Hunting With Semgrep: Your Secret Weapon for Catching Sneaky Bugs!https://systemweakness.com/automated-bug-hunting-with-semgrep-your-secret-weapon-for-catching-sneaky-bugs-91439484acf4?source=rss------bug_bounty-5The Cyber Ghostbug-bounty, bugs, bug-bounty-writeup, cybersecurity, bug-bounty-tips09-Feb-2025
My Experience at TheDeccanCTF 2025: A Night of Cybersecurity and Challengeshttps://medium.com/@pavitr_swain/my-experience-at-thedeccanctf-2025-a-night-of-cybersecurity-and-challenges-b7dc2bc1f114?source=rss------bug_bounty-5Pavitr swainbug-bounty, cybersecurity, thedeccanctf09-Feb-2025
How AI Revolutionizes Load Balancing in NGINX, F5 LTM, and GTM ⚙️https://medium.com/@deepdive4learn/how-ai-revolutionizes-load-balancing-in-nginx-f5-ltm-and-gtm-%EF%B8%8F-ee6c8edce7d7?source=rss------bug_bounty-5DeepDive4learncybersecurity, information-technology, pentesting, bug-bounty, web-development09-Feb-2025
Best USB WiFi Adapters for Linux and Windows in 2025https://medium.com/@verylazytech/best-usb-wifi-adapters-for-linux-and-windows-in-2025-fd6dfc4bad2c?source=rss------bug_bounty-5Very Lazy Techwifi-hack, wifi, bug-bounty, penetration-testing, cybersecurity09-Feb-2025
How to Start Bug Bounty Hunting: A Beginner’s Guide with BugBoardhttps://yogsec.medium.com/how-to-start-bug-bounty-hunting-a-beginners-guide-with-bugboard-2be48dffc598?source=rss------bug_bounty-5YogSechacking-tools, bug-bounty, cybersecurity, hacking09-Feb-2025
How Amazon BBP Gave Me $400 bymistakehttps://medium.com/@thedevtaskofficial/how-amazon-bbp-gave-me-400-bymistake-1968334003ac?source=rss------bug_bounty-5thedevtask officialcybersecurity, vulnerability, penetration-testing, bug-bounty, ethical-hacking09-Feb-2025
Ghauri Tool usage for extreme SLQihttps://medium.com/@anandrishav2228/ghauri-tool-usage-for-extreme-slqi-8eb90e65ea64?source=rss------bug_bounty-5Rishav anandsqli, hacking, money, bug-bounty, cybersecurity09-Feb-2025
How I Chained 3 Vulnerabilities to Achieve Account Takeover (ATO)https://medium.com/@hhack4737/how-i-chained-3-vulnerabilities-to-achieve-account-takeover-ato-5238b8acc1ae?source=rss------bug_bounty-5xssor-dzbug-bounty-writeup, bug-bounty09-Feb-2025
Threat Hunting with Email Servers: A Practical Guidehttps://medium.com/@paritoshblogs/threat-hunting-with-email-servers-a-practical-guide-635d524d72f7?source=rss------bug_bounty-5Paritoshhacking, threat-intelligence, bug-bounty, threat-hunting, information-technology09-Feb-2025
Automating Subdomain Takeover Detection: A Step-by-Step Guidehttps://bitpanic.medium.com/automating-subdomain-takeover-detection-a-step-by-step-guide-30d692f70752?source=rss------bug_bounty-5Spectat0rguyprogramming, bug-bounty, technology, cybersecurity, bug-bounty-tips09-Feb-2025
Privacy Disclosure on m.facebook.com after add photo to the posthttps://infosecwriteups.com/title-privacy-disclosure-on-m-facebook-com-after-add-photo-to-the-post-e7e07e2083e5?source=rss------bug_bounty-5Mohamed Laajimibug-bounty-writeup, cybersecurity, bug-bounty09-Feb-2025
Automate Google Dorking And Get Bugs!https://osintteam.blog/automate-google-dorking-and-get-bugs-a34e4e06767c?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, money, ai, hacking, infosec09-Feb-2025
Mobile Pentesting with Frida: A Beginner’s Guidehttps://medium.com/meetcyber/mobile-pentesting-with-frida-a-beginners-guide-996411fa0202?source=rss------bug_bounty-5Erkan Kavasios, android, frida, mobile-pentesting, bug-bounty09-Feb-2025
How to Find Primary Domains Using crt.sh: The Ultimate Guide for Beginners and Expertshttps://medium.com/@hacker_might/how-to-find-primary-domains-using-crt-sh-the-ultimate-guide-for-beginners-and-experts-354ec0c56557?source=rss------bug_bounty-5hacker_mightreconnaissance, primary-domain, pentesting, bug-bounty, recon09-Feb-2025
How to Uncover Hidden Attack Surfaces? Recon part 6https://infosecwriteups.com/how-to-uncover-hidden-attack-surfaces-recon-part-6-61e43976ed22?source=rss------bug_bounty-5It4chis3cbug-bounty, attack-surface, hidden, port-scanning, ip-scans09-Feb-2025
How to Find Primary Domains Using crt.sh: The Ultimate Guide for Beginners and Expertshttps://osintteam.blog/how-to-find-primary-domains-using-crt-sh-the-ultimate-guide-for-beginners-and-experts-354ec0c56557?source=rss------bug_bounty-5hacker_mightreconnaissance, primary-domain, pentesting, bug-bounty, recon09-Feb-2025
Day 5: Chaining Bugs from Self-XSS to Full Account Takeoverhttps://medium.com/@danielbelay/day-5-chaining-bugs-from-self-xss-to-full-account-takeover-d01ab3759e06?source=rss------bug_bounty-5dani3lbug-bounty, ethical-hacking, account-takeover09-Feb-2025
Insecure root-path FileProvider Config Leading to Path Traversal Vulnerabilityhttps://medium.com/@k3r0/insecure-root-path-fileprovider-config-leading-to-path-traversal-vulnerability-7be2d6994aaf?source=rss------bug_bounty-5Kyrillos nadybug-bounty, mobile-app-development, penetration-testing, android, hacking09-Feb-2025
The Art of Recon: Hunting Bugs Before They Hide (Part One)https://zeusvuln.medium.com/the-art-of-recon-hunting-bugs-before-they-hide-part-one-1df269ab1d68?source=rss------bug_bounty-5ZeUsVuLnreconnaissance, bug-bounty-writeup, bug-bounty-tips, bug-bounty09-Feb-2025
Exploiting an IDOR Vulnerability in Target.com Account Management Systemhttps://bugbountylogs.medium.com/exploiting-an-idor-vulnerability-in-target-com-account-management-system-a5bec149e69f?source=rss------bug_bounty-5Bug Bounty Logsidor, cyber-security-awareness, csrf-attack, bug-bounty-tips, bug-bounty09-Feb-2025
SQL Injection and Stored Cross-Site Scripting Vulnerability in Super Store Finder Pluginhttps://medium.com/@wiretor/sql-injection-and-stored-cross-site-scripting-vulnerability-in-super-store-finder-plugin-214237191b5a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, ai, sql-injection, money09-Feb-2025
Massive Data Breach: 882,000 Patients Affected in US Health System Cyberattackhttps://medium.com/@wiretor/massive-data-breach-882-000-patients-affected-in-us-health-system-cyberattack-ce8ddca0edc0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, malware, ai, breach, bug-bounty09-Feb-2025
Exploiting Web Cache Poisoning with Multiple Headers: A Practical Guide Using Param Miner  —  Web…https://bashoverflow.medium.com/exploiting-web-cache-poisoning-with-multiple-headers-a-practical-guide-using-param-miner-web-aca990356da8?source=rss------bug_bounty-5Bash Overflowbug-bounty, bug-bounty-tips, cache-poisoning-xss, web-cache-attack, web-cache-poisoning08-Feb-2025
Selecting A Program for Bug Bounty on HackerOnehttps://vijetareigns.medium.com/selecting-a-program-for-bug-bounty-on-hackerone-e51ce8a83b2a?source=rss------bug_bounty-5the_unlucky_guybug-bounty-tips, bug-bounty-writeup, cybersecurity, hackerone, bug-bounty08-Feb-2025
Sensitive Information Disclosurehttps://medium.com/@kumawatabhijeet2002/sensitive-information-disclosure-f374fa508809?source=rss------bug_bounty-5Abhijeet kumawatmoney, hacking, infosec, bug-bounty-tips, bug-bounty08-Feb-2025
nullcon HackIM CTF Goa 2025https://aftab700.medium.com/nullcon-hackim-ctf-goa-2025-a7e9c6b1c293?source=rss------bug_bounty-5Aftab Samactf, cybersecurity, ctf-writeup, bug-bounty, nullcon08-Feb-2025
Find RXSS using Nuclei (DAST)https://cybersecuritywriteups.com/find-rxss-using-nuclei-dast-87080542adde?source=rss------bug_bounty-5AbhirupKonwarcybersecurity, pentesting, xss-attack, bug-bounty, bug-bounty-tips08-Feb-2025
Behind the Message: Two Critical XSS Vulnerabilities in Zoho’s Web Applicationshttps://infosecwriteups.com/behind-the-message-two-critical-xss-vulnerabilities-in-zohos-web-applications-86aa42887129?source=rss------bug_bounty-5HackerWithOutHatjavascript, bugbounty-writeup, bug-bounty, vulnerability, infosec08-Feb-2025
Best Browser Extensions for Bug Hunting and Cybersecurityhttps://infosecwriteups.com/best-browser-extensions-for-bug-hunting-and-cybersecurity-77faf6bd8188?source=rss------bug_bounty-5coffinxpbug-bounty, hacking, bug-bounty-tips, cybersecurity, technology08-Feb-2025
Web Security 101: Understanding LFI and RFI Attacks: A Bug Bounty Hunter’s Guidehttps://anmolvishwakarma7466.medium.com/web-security-101-understanding-lfi-and-rfi-attacks-a-bug-bounty-hunters-guide-299b6b1d76e7?source=rss------bug_bounty-5Anmolvishwakarmavulnerability, lfi, hacking, cybersecurity, bug-bounty08-Feb-2025
How to Get Your First Bug Bounty: A Beginner’s Guidehttps://medium.com/@krishna9823420058/how-to-get-your-first-bug-bounty-a-beginners-guide-c2a07bb4e792?source=rss------bug_bounty-5Krish_cyberbug-bounty-tips, bug-bounty, cybersecurity, bugbounty-writeup, ethical-hacking08-Feb-2025
BONUS for NAs! How?https://medium.com/@thedevtaskofficial/bonus-for-well-written-nas-46a55eb20bc9?source=rss------bug_bounty-5thedevtask officialethical-hacking, cybersecurity, bug-bounty, penetration-testing, vulnerability08-Feb-2025
Bug bounty triagers have blacklisted you!https://medium.com/@thedevtaskofficial/the-bug-bounty-secret-nobody-tells-you-e66c99adb013?source=rss------bug_bounty-5thedevtask officialvulnerability, ethical-hacking, cybersecurity, penetration-testing, bug-bounty08-Feb-2025
Bug Bounty Hunting: Web Vulnerability (Insecure Direct Object References)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-insecure-direct-object-references-a39038e8f7a3?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-program, bug-bounty-tips, bug-bounty, idor, bug-bounty-hunter08-Feb-2025
Lack of Clarity Costed me $500https://medium.com/@naveen_sparks/lack-of-clarity-costed-me-500-26565aeb05e7?source=rss------bug_bounty-5Naveen Kumarmfa, bug-bounty, 2fa-bypass08-Feb-2025
$500 Bounty: Unlocking Premium Job Features with a Simple API Trick!https://medium.com/@a13h1/500-bounty-unlocking-premium-job-features-with-a-simple-api-trick-1c59814ad8f4?source=rss------bug_bounty-5Abhi Sharmacybersecurity, penetration-testing, api, infosec, bug-bounty08-Feb-2025
Account Verification OTP Bypass in Microsoft Security Response Centrehttps://medium.com/@official.armanreza/account-verification-otp-bypass-in-microsoft-security-response-centre-21855731a6f5?source=rss------bug_bounty-5armanxrezabug-bounty-writeup, security, bug-bounty, microsoft, msrc08-Feb-2025
Account Takeover via Email Change: Exploiting Weak Verification to Access Support Accountshttps://medium.com/@umd04843/account-takeover-via-email-change-exploiting-weak-verification-to-access-support-accounts-a3bb8d59e753?source=rss------bug_bounty-5Mohamed Usmanaccount-takeover, cybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup08-Feb-2025
How I Found My First Bug $$$https://medium.com/@HackerNasr/how-i-found-my-first-bug-c976920cbbe3?source=rss------bug_bounty-5HackerNasrxss-attack, penetration-testing, ethical-hacking, cybersecurity, bug-bounty08-Feb-2025
Strange SQL Injection on a public programhttps://medium.com/@68abdelrahmanmohamed/strange-sql-injection-on-a-public-program-50e93a94f02a?source=rss------bug_bounty-5Abdulrahmanbug-bounty, sql-injection, web-app-security, pentesting, web-app-pentesting08-Feb-2025
My First Finding In Hackeronehttps://islammeshriff.medium.com/my-first-finding-in-hackerone-7521597ca04d?source=rss------bug_bounty-5Islam Meshrifbug-bounty, bug-bounty-writeup, information-disclosure08-Feb-2025
From Hidden XSS to Full Account Takeover – A Deep Dive into Exploiting Modern Web Applicationshttps://medium.com/@mahad.ahmed0x1/from-hidden-xss-to-full-account-takeover-a-deep-dive-into-exploiting-modern-web-applications-811380417387?source=rss------bug_bounty-5404NotPentestedweb-security, xss-attack, cybersecurity, cross-site-scripting, bug-bounty08-Feb-2025
How Subdomain Fuzzing Earned Me a $35,000 Bug Bounty!https://medium.com/@ibtissamhammadi1/how-subdomain-fuzzing-earned-me-a-35-000-bug-bounty-994b39763451?source=rss------bug_bounty-5Ibtissam hammadiweb-security, hacking, cybersecurity, bug-bounty, infosec08-Feb-2025
EASIEST P4 TO FIND IN BUG BOUNTY PART 1https://medium.com/@sahusujal.dev2004/easiest-p4-to-find-in-bug-bounty-part-1-b903ad3cea37?source=rss------bug_bounty-5Sujal Sahucybersecurity, bug-bounty, bug-bounty-tips, bugs, real-world-bug-hunting08-Feb-2025
Ethical Hacking: Reconnaissance/Footprintinghttps://medium.com/@paritoshblogs/ethical-hacking-reconnaissance-footprinting-214055abbf44?source=rss------bug_bounty-5Paritoshethical-hacking, reconnaissance, bug-bounty, information-technology, footprinting08-Feb-2025
Bug Bounty Hunting: Web Vulnerability (Race Condition)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-race-condition-2af68c166721?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-tips, bug-bounty-hunter, bug-bounty-program, bug-bounty, race-condition08-Feb-2025
Bug Bounty Hunting: Web Vulnerability (SQL injection)https://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerability-sql-injection-1abe0f72832d?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-hunter, bug-bounty, sql-injection, bug-bounty-tips, bug-bounty-program08-Feb-2025
My Journey to Earning the HTB Bug Bounty Hunter Certificate: An Honest Reviewhttps://medium.com/@Arsenelupin12/my-journey-to-earning-the-htb-bug-bounty-hunter-certificate-an-honest-review-323fb71b306a?source=rss------bug_bounty-5Wasted Resourceshacking, hackerone, bug-bounty-tips, bug-bounty, cybersecurity08-Feb-2025
Hackers Exploit Cityworks RCE Bug to Breach Microsoft IIS Servershttps://medium.com/@wiretor/hackers-exploit-cityworks-rce-bug-to-breach-microsoft-iis-servers-ad48fc0e13e9?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, money, ai, trump08-Feb-2025
HPE Notifies Employees of Data Breach After Russian Office 365 Hackhttps://medium.com/@wiretor/hpe-notifies-employees-of-data-breach-after-russian-office-365-hack-d5bfed1fd135?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicestrump, ai, malware, bug-bounty, money08-Feb-2025
2.8 Million IPs Power Large-Scale Attack on VPN and Security Deviceshttps://medium.com/@wiretor/2-8-million-ips-power-large-scale-attack-on-vpn-and-security-devices-a889473a5c36?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, usa, trump, ai, money08-Feb-2025
Just a Writeup about 2FA Bypass at a Private Program 🙂https://v0ltex.medium.com/just-a-writeup-about-2fa-bypass-at-a-private-program-509238a0a3a1?source=rss------bug_bounty-5Abdo Rabeabug-hunting, 2fa-bypass, bug-bounty-writeup, bug-bounty, pentesting08-Feb-2025
The $50,000 Mistake — A Read/Write Profile IDOR Storyhttps://medium.com/@shxsu1/the-50-000-mistake-a-read-write-profile-idor-story-c31c353446d4?source=rss------bug_bounty-5shxsu1hackerone, bug-bounty, college, hacking, idor07-Feb-2025
[PART 2] Anyone can use unlimited Trial Premium on accounts that have used Trial Premium beforehttps://aidilarf.medium.com/part-2-anyone-can-use-unlimited-trial-premium-on-accounts-that-have-used-trial-premium-before-b1ac65c9a2d6?source=rss------bug_bounty-5Aidil Ariefbugs, bug-bounty, hackerone, business-logic-bug, linkedin07-Feb-2025
How to Exploit Web Cache Poisoning with an Unkeyed Header Using Param Miner  —  Web Cache…https://bashoverflow.medium.com/how-to-exploit-web-cache-poisoning-with-an-unkeyed-header-using-param-miner-web-cache-a3ffacc546a1?source=rss------bug_bounty-5Bash Overflowbug-bounty-tips, web-cache-poisoning, bug-bounty, cache-poisoning-xss, web-cache-exploit07-Feb-2025
50+ XSS: Mass Huntinghttps://medium.com/@kumawatabhijeet2002/50-xss-mass-hunting-37e51fce5369?source=rss------bug_bounty-5Abhijeet kumawatmoney, xss-attack, hacking, infosec, bug-bounty07-Feb-2025
How I Found an Excel Sheet with 200+ Bank Testing Account Login Details!https://systemweakness.com/how-i-found-an-excel-sheet-with-200-bank-testing-account-login-details-883c38492424?source=rss------bug_bounty-5Gokuleswaran Bgoogle-dork, reconnaissance, bug-bounty, dorking, bug-bounty-tips07-Feb-2025
Do You Struggle Finding Internal/Hidden Subdomains? Recon part 5https://osintteam.blog/do-you-struggle-finding-internal-hidden-subdomains-recon-part-5-b06c99a11364?source=rss------bug_bounty-5It4chis3csubdomain-enumeration, hidden, bug-bounty, brute-force, secrets07-Feb-2025
RXSS Hacking Law Enforcementhttps://systemweakness.com/rxss-hacking-law-enforcement-434ad9b5c03f?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, bug-bounty-tips, ethical-hacking, cybersecurity, pentesting07-Feb-2025
Bug Bounty Program: Crypto Rewards for Finding Bugs in ARMswap Platformhttps://medium.com/@michaeltaylor.armswap/bug-bounty-program-crypto-rewards-for-finding-bugs-in-armswap-platform-e863185b0b07?source=rss------bug_bounty-5Michael Taylorbug-bounty, bug-bounty-program, bug-bounty-hunter, bug-bounty-tips, armswap07-Feb-2025
Exploiting CSRF in GraphQL Applicationshttps://fdzdev.medium.com/exploiting-csrf-in-graphql-applications-f262411588f7?source=rss------bug_bounty-5Facundo Fernandezbug-bounty, data-breach, penetration-testing, cybersecurity, offensive-security07-Feb-2025
How to Find Your 1st Easy Bug as a Bug Bounty Hunter (Step-by-Step Guide) On Real Live Websiteshttps://medium.com/@shaikhminhaz1975/how-to-find-your-1st-easy-bug-as-a-bug-bounty-hunter-step-by-step-guide-on-real-live-websites-cc586d51e1e7?source=rss------bug_bounty-5Shaikh Minhazethical-hacking, cybersecurity, bug-bounty, information-disclosure, how-to07-Feb-2025
How to Approach a Target for Bug Huntinghttps://medium.com/@vipulsonule71/how-to-approach-a-target-for-bug-hunting-ef45c32cf8ee?source=rss------bug_bounty-5Vipul Sonulecybersecurity, penetration-testing, hacking, bug-bounty, technology07-Feb-2025
3 Digit Codes That Decides Your Futurehttps://bitpanic.medium.com/3-digit-codes-that-decides-your-future-dd078f099b06?source=rss------bug_bounty-5Spectat0rguybug-bounty, technology, cybersecurity, web-development, bug-bounty-tips07-Feb-2025
How I Found Sensitive Log Fileshttps://medium.com/@kumawatabhijeet2002/how-i-found-sensitive-log-files-2336cd86226f?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, infosec, logistics, hacking, money07-Feb-2025
Day 3: Account Takeover via XSS in E-Signature Feature (Worth $2500)https://medium.com/@danielbelay/day-3-account-takeover-via-xss-in-e-signature-feature-worth-2500-71db9449f74b?source=rss------bug_bounty-5dani3lbugs, bug-bounty, ethical-hacking07-Feb-2025
Cloudflare Outage Disrupts Multiple Services Due to Phishing Block Mishaphttps://medium.com/@wiretor/cloudflare-outage-disrupts-multiple-services-due-to-phishing-block-mishap-4fdac4bcd365?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, cloudflare, bug-bounty, money, malware07-Feb-2025
Kimsuky Hackers Deploy Custom RDP Wrapper for Remote Accesshttps://medium.com/@wiretor/kimsuky-hackers-deploy-custom-rdp-wrapper-for-remote-access-aa9d9eae74f6?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, money, malware, ai07-Feb-2025
Bypassing Rate Limit on Password Reset Pagehttps://medium.com/@omaroymdm/bypassing-rate-limit-on-password-reset-page-63814feec6f5?source=rss------bug_bounty-5Omar Mahmoudrate-limiting, bug-bounty, pentesting07-Feb-2025
User Interface Says No, Backend Says Yes — Story of Bypassing Email Verificationhttps://som3a.medium.com/user-interface-says-no-backend-says-yes-story-of-bypassing-email-verification-b469f20a141f?source=rss------bug_bounty-50xSOM3Abug-bounty-writeup, bug-bounty, bug-bounty-tips, cybersecurity07-Feb-2025
Introducing Zerodayf, A dynamic, AI-driven code analysis vulnerability scannerhttps://medium.com/@kohihamed3/introducing-zerodayf-a-dynamic-ai-driven-code-analysis-vulnerability-scanner-7e9ab4ffb6e6?source=rss------bug_bounty-50xHamyai, bug-bounty, cve, appsec, vulnerability07-Feb-2025
Extreme Recon Dorkinghttps://medium.com/meetcyber/extreme-recon-dorking-eace7444b7c2?source=rss------bug_bounty-5AbhirupKonwarpentesting, bug-bounty-tips, api-testing, bug-bounty, ethical-hacking06-Feb-2025
The $750 API Leak: Could This Happen to You?https://deepseng.medium.com/the-750-api-leak-could-this-happen-to-you-08fb858b4af1?source=rss------bug_bounty-5Deep SenGuptacybersecurity, api, bug-bounty06-Feb-2025
How I got an Account-Takeover By Race-conditions on Login pagehttps://medium.com/@krishnast545/how-i-got-an-account-takeover-by-race-conditions-on-login-page-3775faaffb4f?source=rss------bug_bounty-5Krishnabug-bounty, bounty-hunter, web-app-security, race-condition, account-take-over06-Feb-2025
Automating Ghauri for SQLi with Bash Scripthttps://medium.com/meetcyber/automating-ghauri-for-sqli-with-bash-script-6ce8fb62c367?source=rss------bug_bounty-5Erkan Kavassqli, sql-injection, ethical-hacking, bug-bounty-tips, bug-bounty06-Feb-2025
Subdomain Enumeration: A Practical Guidehttps://medium.com/@nakshatrasirohi/subdomain-enumeration-a-practical-guide-03b2007aedd7?source=rss------bug_bounty-5Nakshatra Sirohihacking, bug-bounty, recon, reconnaissance, bug-bounty-tips06-Feb-2025
Flutsploit : Flutter on the web manifest exploiterhttps://medium.com/@raituzki/flutsploit-flutter-on-the-web-manifest-exploiter-8fc6b50b9de7?source=rss------bug_bounty-5Muhamad Raidinoor Pashasecurity, bug-bounty, exploit, flutter06-Feb-2025
How to Earn Money in Cybersecurity: A Quick Guidehttps://medium.com/@krishna9823420058/how-to-earn-money-in-cybersecurity-a-quick-guide-30422f14b2e7?source=rss------bug_bounty-5Krish_cyberearn-money-online, cyber-security-awareness, ethical-hacking, cybersecurity, bug-bounty06-Feb-2025
Old CVE in my Old Organizationhttps://medium.com/@naveen_sparks/old-cve-in-my-old-organization-b4f863049171?source=rss------bug_bounty-5Naveen Kumarcve, cve-2023-24488, bug-bounty06-Feb-2025
PHP Type Juggling Vulnerabilities: How Attackers Exploit Loose Comparisonshttps://0xkratos.medium.com/php-type-juggling-vulnerabilities-how-attackers-exploit-loose-comparisons-e4e0c78ec9e6?source=rss------bug_bounty-5Amal PKbug-bounty, bug-bounty-tips, programming, hacking, cybersecurity06-Feb-2025
DAY[4/30] CSRF (Cross-Site Request Forgery): Exploitation and Prevention in depthhttps://medium.com/@hrofficial62/csrf-cross-site-request-forgery-exploitation-and-prevention-in-depth-72ed72ebf23a?source=rss------bug_bounty-5Mr Horbiocybersecurity, bug-bounty, ethical-hacking, owasp, pentesting06-Feb-2025
Time to braking your NOS (☞゚ヮ゚)☞https://medium.com/@mahdisalhi0500/time-to-braking-your-nos-%EF%BE%9F%E3%83%AE%EF%BE%9F-834ee204bdd2?source=rss------bug_bounty-5CaptinSHArky(Mahdi)bug-bounty, information-security, penetration-testing, infosec, cybersecurity06-Feb-2025
$300 Bounty for Easy Default Credentialhttps://medium.com/@kumawatabhijeet2002/300-bounty-for-easy-default-credential-617de40114c4?source=rss------bug_bounty-5Abhijeet kumawatmedium, infosec, hacking, money, bug-bounty06-Feb-2025
DAY[3/30] XSS Attack Techniques: A Deep Dive into Exploitation and Defensehttps://medium.com/@hrofficial62/xss-attack-techniques-a-deep-dive-into-exploitation-and-defense-df62b5f66c44?source=rss------bug_bounty-5Mr Horbioethical-hacking, pentesting, cybersecurity, bug-bounty, xss-attack06-Feb-2025
Advanced Techniques for Identifying Leaked API Keys in JS Fileshttps://systemweakness.com/advanced-techniques-for-identifying-leaked-api-keys-in-js-files-bb67845e5c0e?source=rss------bug_bounty-5Reju Kolebug-bounty, javascript, bug-bounty-writeup, api, bug-bounty-tips06-Feb-2025
Mastering XSS: An Advanced Cheat Sheet for Exploiting Cross-Site Scripting Vulnerabilitieshttps://medium.com/@Arsenelupin12/mastering-xss-an-advanced-cheat-sheet-for-exploiting-cross-site-scripting-vulnerabilities-a1eb1470c3ae?source=rss------bug_bounty-5Wasted Resourcesbug-bounty, xss-vulnerability, cybersecurity, hacking, xss-attack06-Feb-2025
TikTok Bug Bounty — $250https://medium.com/@bhussain894/tiktok-bug-bounty-250-82293995c9e4?source=rss------bug_bounty-5Bilal Hussainbug-bounty, bug-bounty-writeup, ti̇ktok06-Feb-2025
How to Install and Use ZAP Tool for Web Application Security Testing: A Step-by-Step Guidehttps://yaminiyadav583.medium.com/how-to-install-and-use-zap-tool-for-web-application-security-testing-a-step-by-step-guide-f07697a5e6fc?source=rss------bug_bounty-5Yamini Yadavzap, bug-bounty, security, penetration-testing06-Feb-2025
Search Engines Every Pentester Should Knowhttps://osintteam.blog/search-engines-every-pentester-should-know-faabe0c7fb64?source=rss------bug_bounty-5Sacony Chukwubug-bounty-tips, hacking, bug-bounty, bugbounty-writeup, cybersecurity06-Feb-2025
Automating Google Dorking for Bug Bountyhttps://osintteam.blog/automating-google-dorking-for-bug-bounty-2339abb4b910?source=rss------bug_bounty-5Monika sharmatechnology, bug-bounty-tips, hacking, penetration-testing, bug-bounty06-Feb-2025
Day 2: Account Takeover via Stored XSShttps://medium.com/@danielbelay/day-2-account-takeover-via-stored-xss-ac62c49b20c1?source=rss------bug_bounty-5dani3lbug-bounty, learning06-Feb-2025
How to stop a blockchain from reaching consensus? Or 40k bounty for stalling CometBFThttps://medium.com/@unknown_feature/how-to-stop-a-blockchain-from-reaching-consensus-or-40k-bounty-for-stalling-cometbft-1b8a6959e0f0?source=rss------bug_bounty-5Anna Skirko (unknown_feature)crypto, code-review, bug-bounty, blockchain, hacking06-Feb-2025
How to Shutdown Your Computer Remotely by Pressing a Button on Your Smartwatch or Phonehttps://navnee1h.medium.com/how-to-shutdown-your-computer-remotely-by-pressing-a-button-on-your-smartwatch-or-phone-77c07e2562e9?source=rss------bug_bounty-5Navaneeth M Shacking, webhooks, bug-bounty, linux, automation06-Feb-2025
DDoS Attacks Reportedly Behind DayZ and Arma Network Outageshttps://medium.com/@wiretor/ddos-attacks-reportedly-behind-dayz-and-arma-network-outages-937a1078d4c3?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, money, ddos, bug-bounty, hacker06-Feb-2025
Hackers Exploit SimpleHelp RMM Flaws to Deploy Sliver Malwarehttps://medium.com/@wiretor/hackers-exploit-simplehelp-rmm-flaws-to-deploy-sliver-malware-51d42d46079f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, hacker, ai, bug-bounty, malware06-Feb-2025
Critical RCE Bug in Microsoft Outlook Now Exploited in Attackshttps://medium.com/@wiretor/critical-rce-bug-in-microsoft-outlook-now-exploited-in-attacks-ea10ec8761c8?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, money, bug-bounty, malware, rce06-Feb-2025
The Importance of Proxy Usage in Bug Huntinghttps://medium.com/meetcyber/the-importance-of-proxy-usage-in-bug-hunting-9896618da7fc?source=rss------bug_bounty-5Erkan Kavasethical-hacking, bug-bounty, payload, bug-bounty-tips, proxy06-Feb-2025
FINDING A DOS BUG(STEP BY STEP).https://medium.com/infosecmatrix/finding-a-dos-bug-step-by-step-22216cac37d8?source=rss------bug_bounty-5loyalonlytodaybugs, hacking, bug-bounty, cybersecurity, do05-Feb-2025
Critical Session Management Vulnerability Leading to Account Hijackinghttps://medium.com/@ahmadzuriqi4/critical-session-management-vulnerability-leading-to-account-hijacking-ec71e966265a?source=rss------bug_bounty-5Ahmadzuriqibug-bounty-tips, bug-bounty, bug-bounty-writeup, hacking, hacker05-Feb-2025
DOM-Based Reflected XSS in MTN Group’s Notification Serverhttps://medium.com/@regan_temudo/dom-based-reflected-xss-in-mtn-groups-notification-server-84289a87094e?source=rss------bug_bounty-5Regan Temudoweb-security, bug-bounty, xss-attack, cybersecurity, ethical-hacking05-Feb-2025
Get Easy $$$ Bugs by These Dorkshttps://medium.com/@kumawatabhijeet2002/get-easy-bugs-by-these-dorks-b811ca815f3c?source=rss------bug_bounty-5Abhijeet kumawatinfosec, ai, hacking, bug-bounty, money05-Feb-2025
Bypassing OTP Verification: Exposing a Critical Authentication Flawhttps://medium.com/@amanba13.ab/bypassing-otp-verification-exposing-a-critical-authentication-flaw-80a1065a432c?source=rss------bug_bounty-5Aman Bangacybersecurity, authentication, ios, bug-bounty05-Feb-2025
PII Exposure: The Data Heist You Never Knew Was Possible!https://infosecwriteups.com/pii-exposure-the-data-heist-you-never-knew-was-possible-5577b84a1074?source=rss------bug_bounty-5th3.d1p4kmisconfiguration, hacking, bug-bounty, smtp, api05-Feb-2025
Brute Forcing Financial Apps With HackerOnehttps://infosecwriteups.com/brute-forcing-financial-apps-with-hackerone-86e22add374e?source=rss------bug_bounty-5Aleksa Zatezalohackerone, vulnerability, hacking, disclosure, bug-bounty05-Feb-2025
Get Easy $$$ Bugs by These Dorkshttps://osintteam.blog/get-easy-bugs-by-these-dorks-b811ca815f3c?source=rss------bug_bounty-5Abhijeet kumawatinfosec, ai, hacking, bug-bounty, money05-Feb-2025
Accidental Information Disclosure!https://medium.com/@dopednaveen/accidental-information-disclosure-477198f071eb?source=rss------bug_bounty-5Naveen Kumarbug-bounty, bug-bounty-writeup, pentesting05-Feb-2025
10 Must-Have Burp Suite Extensions for Pro Bug Hunters ️https://medium.com/@kumawatabhijeet2002/10-must-have-burp-suite-extensions-for-pro-bug-hunters-%EF%B8%8F-e53aa3b5af48?source=rss------bug_bounty-5Abhijeet kumawatinfosec, hacking, bug-bounty, ai, money05-Feb-2025
Penetration Testing as a Service (PTaaS): The Future of Cybersecurityhttps://medium.com/@hackrate/penetration-testing-as-a-service-ptaas-the-future-of-cybersecurity-f8c0f223069b?source=rss------bug_bounty-5Levente Molnarhacking, ethical-hacking, cybersecurity, penetration-testing, bug-bounty05-Feb-2025
How to find an easy bug is worth $100https://medium.com/cyberscribers-exploring-cybersecurity/how-to-find-an-easy-bug-is-worth-100-bbee4ca57d3d?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, hacking, tips, ethical-hacking05-Feb-2025
($$$$) Critical IDOR Vulnerability Leads to User Information Disclosurehttps://medium.com/@Tanvir0x1/critical-idor-vulnerability-leads-to-user-information-disclosure-b0bb7f06aef5?source=rss------bug_bounty-5Tanvir Ahmedbug-bounty, idor05-Feb-2025
From Demo to Live: Zero-Click Account Takeover via the Same Encryption Algorithmhttps://infosecwriteups.com/from-demo-to-live-zero-click-account-takeover-via-the-same-encryption-algorithm-38b6cabfb21e?source=rss------bug_bounty-5can1337bugbounty-writeup, account-takeover, bug-bounty, cybersecurity05-Feb-2025
Accidental Information Disclosure!https://medium.com/@naveen_sparks/accidental-information-disclosure-477198f071eb?source=rss------bug_bounty-5Naveen Kumarbug-bounty, bug-bounty-writeup, pentesting05-Feb-2025
OTP Bypass on [Redacted]: Contact Forms to Unauthorized Callshttps://medium.com/@manav.surti.13728342/otp-bypass-on-redacted-contact-forms-to-unauthorized-calls-453d09837fa4?source=rss------bug_bounty-5Manav Surtibug-bounty, cybersecurity, otp-bypass05-Feb-2025
Day 1: Defeating the HttpOnly Flag for Account Takeover via RXSShttps://medium.com/@danielbelay/day-1-defeating-the-httponly-flag-for-account-takeover-via-rxss-a2fa9cbc0156?source=rss------bug_bounty-5dani3lethical-hacking, security, writeup, bug-bounty05-Feb-2025
Cyberforce 2024: How I found my first CVE OpenPLCV3https://medium.com/@alimuhammadsecured/cyberforce-2024-how-i-found-my-first-cve-openplcv3-16c058b114b0?source=rss------bug_bounty-5Alimuhammadsecuredctf, vulnerability, exploit, cve, bug-bounty05-Feb-2025
Netgear Warns of Zero-Day Vulnerabilities in WiFi Routershttps://medium.com/@wiretor/netgear-warns-of-zero-day-vulnerabilities-in-wifi-routers-ffc2d8299b8f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, netgear, usa, money, ai05-Feb-2025
All You Need To Know About Path Traversalhttps://medium.com/@ossama.cybersec/all-you-need-to-know-about-path-traversal-5a01c18e01e4?source=rss------bug_bounty-5Ossama Ahmed (@pent0ss)bug-bounty, pentesting, bug-bounty-tips, path-traversal, vulnerability05-Feb-2025
Practical and Easy Steps to Find XSS with a REAL CASE Studyhttps://medium.com/@BugRey/practical-and-easy-steps-to-find-xss-with-a-real-case-study-6959a3fbd6bf?source=rss------bug_bounty-5./Rey~web-security, penetration-testing, web-security-testing, bug-bounty-tips, bug-bounty04-Feb-2025
How I Hacked My Way Into College (and Became a Life Job Afterward)https://medium.com/@shxsu1/how-i-hacked-my-way-into-college-and-became-a-life-job-afterward-aef3e0e7e843?source=rss------bug_bounty-5shxsu1college, bug-bounty, hacking04-Feb-2025
[A Practical Guide] Exploiting SSRF with Filter Bypass via Open Redirection  —  SSRF Labshttps://bashoverflow.medium.com/a-practical-guide-exploiting-ssrf-with-filter-bypass-via-open-redirection-ssrf-labs-e0cfaa0c5774?source=rss------bug_bounty-5Bash Overflowbug-bounty, ssrf-exploitation, open-redirection-exploit, ssrf, bypassing-ssrf-filters04-Feb-2025
Bug Bounty Hunting: Lab Setup & Traffic Interception Guidehttps://medium.com/@muhammad4208/bug-bounty-hunting-lab-setup-traffic-interception-guide-d2b9956fa455?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty, bug-bounty-program, bug-bounty-tips04-Feb-2025
How I Earned 50000 United Miles(And how you can!)https://medium.com/@thedevtaskofficial/how-i-earned-50000-united-miles-and-how-you-can-793a3b47142e?source=rss------bug_bounty-5thedevtask officialcybersecurity, vulnerability, ethical-hacking, bug-bounty, penetration-testing04-Feb-2025
Exposing Millions of Apple Users’ ticket and other details! ( Part -1 )https://virtuvil.medium.com/exposing-millions-of-apple-users-ticket-and-other-details-part-1-36bf35281cd6?source=rss------bug_bounty-5Virtuvilapple, mac, iphone, bug-bounty, bugs04-Feb-2025
Hacking the Unseen: Finding Bugs Others Misshttps://medium.com/@Zebbern/hacking-the-unseen-finding-bugs-others-miss-a561efecf35d?source=rss------bug_bounty-5Zebbernbug-bounty, pentesting, cybersecurity, hacking, artificial-intelligence04-Feb-2025
How I Found 2000+ Employee Details of the Indian Government Using Just Google Dorks(And What You…https://hiddendom.medium.com/how-i-found-2000-employee-details-of-the-indian-government-using-just-google-dorks-and-what-you-d8e07afba27e?source=rss------bug_bounty-5Gokuleswaran Bbug-bounty-tips, bug-bounty, bugs, google-dork, penetration-testing04-Feb-2025
Easy Way to Find Exposed Sensitive API Keys in JS Fileshttps://infosecwriteups.com/easy-way-to-find-exposed-sensitive-api-keys-in-js-files-d9f9fccb18bb?source=rss------bug_bounty-5Abhijeet kumawatinfosec, bug-bounty, hacking, money, bug-bounty-tips04-Feb-2025
Bug Bounty Hunting: Web Hacking Reconnaissancehttps://medium.com/@muhammad4208/bug-bounty-hunting-web-hacking-reconnaissance-78ac0effbae7?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-program04-Feb-2025
How I Earned 50000 bounty(And how you can do it too)https://medium.com/@thedevtaskofficial/how-i-earned-50000-united-miles-and-how-you-can-793a3b47142e?source=rss------bug_bounty-5thedevtask officialcybersecurity, vulnerability, ethical-hacking, bug-bounty, penetration-testing04-Feb-2025
The Rising Importance of Bug Bounty Programs in the Fight Against Cybercrimehttps://medium.com/@moredevraj370/the-rising-importance-of-bug-bounty-programs-in-the-fight-against-cybercrime-266f3e03bc2a?source=rss------bug_bounty-5Devraj Morelinux, cybersecurity-course, bug-bounty, ethical-hacking-course, ransomware04-Feb-2025
Bug Bounty Hunting: Web Vulnerabilitieshttps://medium.com/@muhammad4208/bug-bounty-hunting-web-vulnerabilities-1e9b6a0d5ec3?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty, bug-bounty-hunter, bug-bounty-program, bug-bounty-tips04-Feb-2025
Mastering Burp Suite: The Ultimate Cyber Swiss Army Knife for Bug Bountieshttps://myselfakash20.medium.com/mastering-burp-suite-the-ultimate-cyber-swiss-army-knife-for-bug-bounties-df1398bb037f?source=rss------bug_bounty-5Akash Ghoshtechnology, bug-bounty-tips, bugbounty-writeup, bug-bounty, cybersecurity04-Feb-2025
XSS — Cross-site scripting (DOM-Based)https://medium.com/@F4lc0n/xss-cross-site-scripting-dom-based-e7b83ab67a1e?source=rss------bug_bounty-5F4lc0nhacking, pentest, dom-based-xss, bug-bounty, xss-vulnerability04-Feb-2025
Day[2/30] Bug Bounty for Beginners Full coursehttps://medium.com/@hrofficial62/day-2-30-bug-bounty-for-beginners-full-course-0a8de66836c0?source=rss------bug_bounty-5Mr Horbiobug-bounty, tips, ethical-hacking, pentesting, cybersecurity04-Feb-2025
Find Details of Any Phone Number Using PhoneInfogahttps://aimasterprompt.medium.com/find-details-of-any-phone-number-using-phoneinfoga-8b200015a479?source=rss------bug_bounty-5aimastertechnology, investigation, cybersecurity, bug-bounty, infosec04-Feb-2025
The Silent Breach: A Story of Leaked Token and PIIhttps://medium.com/@bughunt.bochi/the-silent-breach-a-story-of-leaked-token-and-pii-4576658030e3?source=rss------bug_bounty-5Yash Nimbalkarsecurity, bug-bounty, bug-bounty-writeup, information-security, cybersecurity04-Feb-2025
Best Hackers Channels on Internet Worth Following!https://medium.com/@doby4535/best-hackers-channels-on-internet-worth-following-a498f1caf697?source=rss------bug_bounty-5Dobysecexploit, penetration-testing, bug-bounty, hacking, ethical-hacking04-Feb-2025
Russian Hackers Exploit Zero-Day Attacks Against Ukrainehttps://medium.com/@wiretor/russian-hackers-exploit-zero-day-attacks-against-ukraine-c96042b7989e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, bug-bounty, ai, hacker, russian04-Feb-2025
Exploring a New SQLi Vulnerability: A Ghauri Experiencehttps://medium.com/meetcyber/exploring-a-new-sqli-vulnerability-a-ghauri-experience-541c588dc00d?source=rss------bug_bounty-5Erkan Kavassql-injection, bug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity04-Feb-2025
From Rookie to Bounty: How a $400 IDOR Flaw on HackerOne Cracked Open My Cybersecurity Journeyhttps://medium.com/@Arsenelupin12/from-rookie-to-bounty-how-a-400-idor-flaw-on-hackerone-cracked-open-my-cybersecurity-journey-1566b8564ae4?source=rss------bug_bounty-5Wasted Resourcesbug-bounty-tips, hacking, bug-bounty, hackthebox, cybersecurity04-Feb-2025
From alert(origin) to ATO, an XSS Storyhttps://medium.com/@remmy9/from-alert-origin-to-ato-an-xss-story-d6bd2684bdca?source=rss------bug_bounty-5Remmybug-bounty, xss-attack, cybersecurity04-Feb-2025
Live Love WAF — Skirt the firewalls or die tryinghttps://medium.com/@l_s_/live-love-waf-skirt-the-firewalls-or-die-trying-4120facb41c8?source=rss------bug_bounty-5LSbug-bounty, hacking, javascript, bug-bounty-writeup, cybersecurity04-Feb-2025
The Ghost Email Heist — Stealing Accounts from the Futurehttps://medium.com/@shxsu1/the-ghost-email-heist-stealing-accounts-from-the-future-9fce3ae1c086?source=rss------bug_bounty-5shxsu1hacking, email, brute-force, account-takeover, bug-bounty04-Feb-2025
Understanding API Security with OpenAPI: A Security Engineer’s Perspectivehttps://medium.com/cyprox-io/understanding-api-security-with-openapi-a-security-engineers-perspective-b8083c457a8a?source=rss------bug_bounty-5Orhan YILDIRIMbug-bounty, ai, web, cybersecurity, artificial-intelligence03-Feb-2025
Javascript to API Bugshttps://medium.com/cyprox-io/javascript-to-api-bugs-3b5a778e51b7?source=rss------bug_bounty-5Orhan YILDIRIMapi, vulnerability-scanning, bug-bounty, web-application-security, bug-bounty-tips03-Feb-2025
Google did an Oopsie: a simple IDOR worth $3,133.7https://infosecwriteups.com/google-did-an-oopsie-a-simple-idor-worth-3-133-7-2abefaef954d?source=rss------bug_bounty-5accalonidor, hacking, bug-bounty03-Feb-2025
Blind SSRF with Out-of-Band Detection: Step-by-Step Exploitation & Prevention  —  SSRF Labshttps://bashoverflow.medium.com/blind-ssrf-with-out-of-band-detection-step-by-step-exploitation-prevention-ssrf-labs-d8a4d890184d?source=rss------bug_bounty-5Bash Overflowportswigger-lab, ssrf, blind-ssrf, ssrf-exploitation, bug-bounty03-Feb-2025
Top 235 IDOR Bug Bounty Reportshttps://aimasterprompt.medium.com/top-235-idor-bug-bounty-reports-e00c8061fe28?source=rss------bug_bounty-5aimasterinfosec, bug-bounty, vulnerability, hacking, idor03-Feb-2025
Manually Bypassing the Client-Side Validation leading to Command Injectionhttps://medium.com/@markanthonyagudo/manually-bypassing-the-client-side-validation-leading-to-command-injection-b0aa6ee531e4?source=rss------bug_bounty-5Angelo Agudocybersecurity, security, hacking, bug-bounty, hackthebox03-Feb-2025
When the Walls Aren’t as Secure as They Seem: My Instagram Discoveryhttps://medium.com/@nowshekhari/when-the-walls-arent-as-secure-as-they-seem-my-instagram-discovery-cf29a7f40741?source=rss------bug_bounty-5Abhishek Harimeta, cybersecurity, bug-bounty, privacy, instagram03-Feb-2025
20 Comprehensive Browser Extensions You Can’t Miss as a Bug Bounty Hunterhttps://osintteam.blog/20-comprehensive-browser-extensions-you-cant-miss-as-a-bug-bounty-hunter-e33042e59a6d?source=rss------bug_bounty-5Sacony Chukwubug-bounty-tips, penetration-testing, cybersecurity, hacking, bug-bounty03-Feb-2025
FFUF Mastery: The Ultimate Web Fuzzing Guidehttps://osintteam.blog/ffuf-mastery-the-ultimate-web-fuzzing-guide-f7755c396b92?source=rss------bug_bounty-5coffinxptechnology, hacking, bug-bounty, bug-bounty-tips, cybersecurity03-Feb-2025
Finding a no-limit bug on the invite teammate page.https://cybersecuritywriteups.com/finding-a-no-limit-bug-on-the-invite-teammate-page-c495f9f86781?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, no-rate-limit, hacking, penetration-testing03-Feb-2025
Web Cache Poisoning: The Overlooked Attack with High Impacthttps://medium.com/@HackerNasr/web-cache-poisoning-the-overlooked-attack-with-high-impact-4cede5c04f7b?source=rss------bug_bounty-5HackerNasrbug-bounty, cybersecurity, penetration-testing, ethical-hacking, web-security03-Feb-2025
1 Click ATO on a public Bugcrowd Programhttps://medium.com/@68abdelrahmanmohamed/1-click-ato-on-a-public-bugcrowd-program-94ef037d0d50?source=rss------bug_bounty-5Abdulrahmanbug-bounty03-Feb-2025
Solving the Basic Pentesting CTF | TryHackMehttps://medium.com/@heshammr.robot/solving-the-basic-pentesting-ctf-tryhackme-fceb90aa1fbe?source=rss------bug_bounty-50xData Ghosthacking, tryhackme, penetration-testing, ctf, bug-bounty03-Feb-2025
Platforms and vulnerable web apps for practicing and learning web pen testinghttps://medium.com/h7w/platforms-and-vulnerable-web-apps-for-practicing-and-learning-web-pen-testing-815a86ea5247?source=rss------bug_bounty-5loyalonlytodayhacking, cybersecurity, tips, learning, bug-bounty03-Feb-2025
Best YouTube channels to learn bug hunting and penetration testinghttps://osintteam.blog/best-youtube-channels-to-learn-bug-hunting-and-penetration-testing-350b1422bbe9?source=rss------bug_bounty-5loyalonlytodayethical-hacking, cybersecurity, bug-bounty, tips, hacking03-Feb-2025
how i found xss in lenovo asset?https://doordiefordream.medium.com/how-i-found-xss-in-lenovo-asset-64cf5e58676a?source=rss------bug_bounty-5Bug hunter balutechnology, bug-bounty, cybersecurity, ethical-hacking, web303-Feb-2025
Top Hacking Gadgets for 2025https://medium.com/@verylazytech/top-hacking-gadgets-for-2025-174c5bd4f284?source=rss------bug_bounty-5Very Lazy Techhacking-gadgets, hacking, hak5, cybersecurity, bug-bounty03-Feb-2025
Mattermost Privilege Escalation — A Business Acceptable Risk?https://medium.com/@duality084/mattermost-privilege-escalation-a-business-acceptable-risk-d83b91d4413e?source=rss------bug_bounty-5Matias Ramirezbugbounty-writeup, bug-bounty-tips, mattermost, bug-bounty03-Feb-2025
Get Easy $$$ from Web Parameter Tamperinghttps://medium.com/readers-club/get-easy-from-web-parameter-tampering-df993b0136b1?source=rss------bug_bounty-5Abhijeet kumawatai, bug-bounty, hacking, infosec, money03-Feb-2025
⚡Critical XSS in DeepSeek AIhttps://systemweakness.com/critical-xss-in-deepseek-ai-b57090985e97?source=rss------bug_bounty-5It4chis3cxss-attack, ai, hacking, bug-bounty, deepseek03-Feb-2025
Find Primary Domains for Bug Bounty Using Censys Search: Complete Guidehttps://medium.com/@hacker_might/find-primary-domains-for-bug-bounty-using-censys-search-complete-guide-a26ea5eea5c2?source=rss------bug_bounty-5hacker_mightbug-bounty, reconnaissance, primary-domain, recon, bug-bounty-tips03-Feb-2025
How Loose Regex Can Earn You a Bounty for an Open Redirect Filter Bypass Bughttps://medium.com/@halfcircassian/how-bad-regex-can-earn-you-a-bounty-for-an-open-redirect-filter-bypass-bug-6845a2b83f7c?source=rss------bug_bounty-5Sıla Özerenbug-bounty-writeup, regex, bug-bounty-tips, open-redirect, bug-bounty03-Feb-2025
From Debug page to Database accesshttps://ro0od.medium.com/from-debug-page-to-database-access-e81ca8be1711?source=rss------bug_bounty-5roodbug-bounty03-Feb-2025
Discovering and Reporting a Reflective XSS Vulnerabilityhttps://medium.com/@debang5hu/discovering-and-reporting-a-reflective-xss-vulnerability-8c5e14206d17?source=rss------bug_bounty-5debang5hucross-site-scripting, blackbox-ai, cybersecurity, bug-bounty03-Feb-2025
Common Vulnerabilities Found in Bug Bounty Programs but Overlooked in Traditional Penetration…https://medium.com/@hackrate/common-vulnerabilities-found-in-bug-bounty-programs-but-overlooked-in-traditional-penetration-10edc6a9ec1e?source=rss------bug_bounty-5Levente Molnarbug-bounty, hacking, ethical-hacking, bug-bounty-tips, penetration-testing03-Feb-2025
Secator: A Powerful Security Workflow Automation Toolhttps://osintteam.blog/secator-a-powerful-security-workflow-automation-tool-41995057c731?source=rss------bug_bounty-5Monika sharmabug-bounty-tips, hacking, bug-bounty, technology, penetration-testing03-Feb-2025
Practical Guide to Finding SQL Injection (Real Case Study)https://medium.com/@BugRey/practical-guide-to-finding-sql-injection-real-case-study-3625bdb9d8c3?source=rss------bug_bounty-5./Rey~bug-bounty, bug-bounty-tips, web-security-testing, web-security, penetration-testing03-Feb-2025
Find Primary Domains for Bug Bounty Using Censys Search: Complete Guidehttps://osintteam.blog/find-primary-domains-for-bug-bounty-using-censys-search-complete-guide-a26ea5eea5c2?source=rss------bug_bounty-5hacker_mightbug-bounty, reconnaissance, primary-domain, recon, bug-bounty-tips03-Feb-2025
Top 10 Bug Bounty Platforms to Earn Money Onlinehttps://hackreveals.medium.com/top-10-bug-bounty-platforms-to-earn-money-online-fbea54cf7cbb?source=rss------bug_bounty-5Prakash Tiwaribug-bounty, side-hustle, earn-money-online, make-money-online, bug-bounty-writeup02-Feb-2025
Automate Vulnerability Detection in Burp Suite with bCheckshttps://medium.com/mr-plan-publication/automate-vulnerability-detection-in-burp-suite-with-bchecks-667b6e58a70c?source=rss------bug_bounty-5Monika sharmapentesting, bug-bounty-tips, hacking, bug-bounty, technology02-Feb-2025
XSS on GeeksforGeekshttps://cybersecuritywriteups.com/xss-on-geeksforgeeks-2eafcbbf90b0?source=rss------bug_bounty-5AbhirupKonwarpentesting, xss-attack, bug-bounty-tips, bug-bounty-writeup, bug-bounty02-Feb-2025
Bug Bounty Hunting: How the Internet Workshttps://medium.com/@muhammad4208/bug-bounty-hunting-how-the-internet-works-ca0327bf53c5?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty, bug-bounty-program, bug-bounty-tips, bug-bounty-hunter02-Feb-2025
Bug Bounty Hunting: Sustaining Your Successhttps://medium.com/@muhammad4208/bug-bounty-hunting-sustaining-your-success-6b9e3880411b?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty, bug-bounty-tips, bug-bounty-program, bug-bounty-hunter02-Feb-2025
Introducing CMS Detector — A Powerful CMS Detection Tool!https://mistry4592.medium.com/introducing-cms-detector-a-powerful-cms-detection-tool-8b7a2f1dcdc4?source=rss------bug_bounty-5Chirag-Mistrypython3, cms-detector, penetration-testing, bug-bounty, cybersecurity02-Feb-2025
Bug Bounty Huntinghttps://medium.com/@muhammad4208/bug-bounty-hunting-ac9b732559b5?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-program02-Feb-2025
Day[1/30] Bug Bounty for Beginners Full coursehttps://medium.com/@hrofficial62/day-1-30-bug-bounty-for-beginners-full-course-e88e7425c92c?source=rss------bug_bounty-5Mr Horbiohacking, pentesting, cybersecurity, bug-bounty, ethical-hacking02-Feb-2025
Hacking Routers & IoT Devices with Routersploit: A Detailed Cheat Sheethttps://medium.com/@verylazytech/hacking-routers-iot-devices-with-routersploit-a-detailed-cheat-sheet-470a54fd3621?source=rss------bug_bounty-5Very Lazy Techroutersploit, penetration-testing, hacking-router, iot-security, bug-bounty02-Feb-2025
Unveiling the Power of Shodan: A Step-by-Step Technical Guide to Internet Reconnaissancehttps://medium.com/@zoningxtr/unveiling-the-power-of-shodan-a-step-by-step-technical-guide-to-internet-reconnaissance-e61212b7407f?source=rss------bug_bounty-5Zoningxtrpython-programming, bug-bounty, penetration-testing, web-development, iot02-Feb-2025
100 DAYS OF JAVASCRIPThttps://medium.com/@KC100/100-days-of-javascript-09392b1797fc?source=rss------bug_bounty-5Keorapetse Malgasbug-bounty, ethical-hacking, 100daysofcode, cybersecurity, javascript02-Feb-2025
2 Arrested in Crackdown on Nulled and Cracked Hacking Forumshttps://medium.com/@wiretor/2-arrested-in-crackdown-on-nulled-and-cracked-hacking-forums-249ed458214a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, money, cybersecurity, lafires, ai02-Feb-2025
Apple iPhone USB-C Security Breachhttps://medium.com/@wiretor/apple-iphone-usb-c-security-breach-34011863045a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, money, malware, ai, apple02-Feb-2025
Finding Exposed Sensitive API Keys in JS Fileshttps://infosecwriteups.com/finding-exposed-sensitive-api-keys-in-js-files-5c129fb1f2c7?source=rss------bug_bounty-5Spectat0rguycybersecurity, technology, programming, bug-bounty, bug-bounty-tips02-Feb-2025
DeepSeek’s Vulnerabilities and Challenges: A Critical Analysishttps://medium.com/@HexaGaurd/deepseeks-vulnerabilities-and-challenges-a-critical-analysis-7b350644626d?source=rss------bug_bounty-5HexaGaurdethical-hacking, penetration-testing, security, bug-bounty, cybersecurity02-Feb-2025
2025: The Year to Start PTaaShttps://medium.com/@hackrate/2025-the-year-to-start-ptaas-c180f83617dd?source=rss------bug_bounty-5Levente Molnarbug-bounty, cybersecurity, hacking, ethical-hacking, penetration-testing02-Feb-2025
A $150 Bug in My Methodology!https://medium.com/@jkooo12/a-150-bug-in-my-methodology-8a51cdac53d4?source=rss------bug_bounty-5jack markezcybersecurity, hackerone, hacking, bug-bounty, writers-on-medium02-Feb-2025
Easy Peasy RXSShttps://medium.com/@dsmodi484/easy-peasy-rxss-2f4bb1ec1d38?source=rss------bug_bounty-5cryptoshantcybersecurity, bug-bounty, xss-attack, sqlmap, hacking01-Feb-2025
Finding an easy bug to get an easy $$$https://osintteam.blog/finding-an-easy-bug-to-get-an-easy-14f2426ba933?source=rss------bug_bounty-5loyalonlytodaybug-bounty, tips, penetration-testing, cybersecurity, hacking01-Feb-2025
Google: HTML Injection Bughttps://medium.com/@kumawatabhijeet2002/google-html-injection-bug-14a50e12bb96?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, money, hacking, infosec, bug-bounty-tips01-Feb-2025
The Art of Doing Source Code Reviewhttps://green-terminals.medium.com/the-art-of-doing-source-code-review-c98ae0e35f84?source=rss------bug_bounty-5Aditya Ranacybersecurity, ai, source-code-review, programming, bug-bounty01-Feb-2025
Dangerous Commands You Shouldn’t Execute in Linuxhttps://bitpanic.medium.com/dangerous-commands-you-shouldnt-execute-in-linux-fce596a45a8c?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, cybersecurity, programming, technology, bug-bounty01-Feb-2025
How to Create Advanced Custom Wordlist? Dive into Recon Part 4https://systemweakness.com/how-to-create-advanced-custom-wordlist-dive-into-recon-part-4-78c2d218a35a?source=rss------bug_bounty-5It4chis3csubdomain-enumeration, secrets, custom-wordlist, bug-bounty, wordlist01-Feb-2025
How I Earned a $500 Bounty by Exploiting a Hidden Vulnerability (Without Even Trying)https://medium.com/@thedevtaskofficial/how-i-earned-a-500-bounty-by-exploiting-a-hidden-vulnerability-without-even-trying-d22229d4d8bd?source=rss------bug_bounty-5thedevtask officialbug-bounty-tips, bug-bounty-writeup, bug-bounty, hacking, bugs01-Feb-2025
Most Overlooked & Easiest Vulnerability - Part 2https://progprnv.medium.com/most-overlooked-easiest-vulnerability-ever-existed-550f1e2dc912?source=rss------bug_bounty-5progprnvbug-bounty-writeup, bug-bounty-tips, bug-bounty, bug-bounty-program, cybersecurity01-Feb-2025
How to hack cameras easily and quicklyhttps://medium.com/@CTRL2030/how-to-hack-cameras-easily-and-quickly-babde709a9b8?source=rss------bug_bounty-5CTRLcybersecurity, hacking, bug-bounty, penetration-testing, iot01-Feb-2025
WEB REQUEST — CRUD APIhttps://medium.com/@markanthonyagudo/web-request-crud-api-962284ea5e2b?source=rss------bug_bounty-5Angelo Agudocybersecurity, bug-bounty, penetration-tester, webrequest, web-security01-Feb-2025
How I Earned a $500 Bounty by Exploiting a Hidden Vulnerability (Without Even Trying)https://medium.com/@thedevtaskofficial/how-i-earned-a-500-bounty-by-exploiting-a-hidden-vulnerability-without-even-trying-d22229d4d8bd?source=rss------bug_bounty-5thedevtask officialbug-bounty, vulnerability, penetration-testing, ethical-hacking, cybersecurity01-Feb-2025
Unauthorized Data Upload in Alibaba Cloud Object Storage Servicehttps://medium.com/@muhammadwaseem29/unauthorized-data-upload-in-alibaba-cloud-object-storage-service-cefa6abcef7f?source=rss------bug_bounty-5Muhammad Waseembug-bounty-tips, infosec, bug-bounty, cybersecurity, hacking01-Feb-2025
Collection of Wordlists for Bug Bounty Huntershttps://aimasterprompt.medium.com/collection-of-wordlists-for-bug-bounty-hunters-a07c0dee92ff?source=rss------bug_bounty-5aimastercybersecurity, bug-bounty-tips, bug-bounty, technology, infosec01-Feb-2025
Top Forensic Tools Every Investigator Should Know About | The Complete Guide to Essential Tools and…https://mhmmuneef.medium.com/top-forensic-tools-every-investigator-should-know-about-the-complete-guide-to-essential-tools-and-b32081321cf9?source=rss------bug_bounty-5Mohammed Muneefforensics, hacking, technology, bug-bounty, cybersecurity01-Feb-2025
️Nmap Command that Bug Hunters use often️https://medium.com/@shaheeryasirx1/%EF%B8%8Fnmap-command-that-bug-hunters-use-often-%EF%B8%8F-6bc599576641?source=rss------bug_bounty-5Shaheer Yasirbug-bounty, offensive-security, hacking, cybersecurity, nmap01-Feb-2025
Basics In Reverse Engineering (RE)https://medium.com/@lukwagoasuman236/basics-in-reverse-engineering-re-0591c96b5c1e?source=rss------bug_bounty-5lukewagomalware-analysis, reverse-engineering, bug-bounty, programming-languages, cybersecurity01-Feb-2025
Top Alternatives to Burp Collaborator: Using Interactsh for SSRF Detection and Bug Bounty Huntinghttps://medium.com/@hacker_might/top-alternatives-to-burp-collaborator-using-interactsh-for-ssrf-detection-and-bug-bounty-hunting-099a1e156dfc?source=rss------bug_bounty-5hacker_mightreconnaissance, discovery-projects, ssrf, ssrf-detection, bug-bounty01-Feb-2025
1000$ Bounty: OAuth Bypasshttps://cybersecuritywriteups.com/1000-bounty-oauth-bypass-97c3658729c0?source=rss------bug_bounty-5Abhijeet kumawatmoney, hacking, bug-bounty, infosec, bug-bounty-tips01-Feb-2025
PS 5 pin bypasshttps://medium.com/@momo334678/ps-5-pin-bypass-457c41aca93b?source=rss------bug_bounty-5coderMohammedprogramming, bug-bounty, playstation, automation, hacking01-Feb-2025
Easy P3 Bug | LDAP Null Bind leads to extract sensitive credentialshttps://medium.com/meetcyber/easy-p3-bug-ldap-null-bind-leads-to-extract-sensitive-credentials-0d06b8d58d99?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, vulnerability, bug-bounty-tips, pentesting, bug-bounty-writeup01-Feb-2025
picoCTF Web Exploitation: IntroToBurphttps://medium.com/@Kamal_S/picoctf-web-exploitation-introtoburp-a2b50bf8e985?source=rss------bug_bounty-5Kamal Sowasp, bug-bounty, burpsuite, picoctf, intro-to-burp01-Feb-2025
Mock Test Capen: How We Cracked Ithttps://medium.com/@aleens09/mock-test-capen-how-we-cracked-it-f735df5a6a2c?source=rss------bug_bounty-5Aleenscybersecurity, capture-the-flag, bug-bounty, hacking, ctf-writeup01-Feb-2025
Connect Burp suite to your Browser.https://medium.com/@aravindhyox/connect-burp-suite-to-your-browser-f819fada96a5?source=rss------bug_bounty-5Aravindh Yoxburpsuite, bug-bounty, browsers, hacking01-Feb-2025
My Bug Hunting Methodology Approach to Finding Bugs Easilyhttps://medium.com/@mahdisalhi0500/my-bug-hunting-methodology-approach-to-finding-bugs-easily-30082f35b455?source=rss------bug_bounty-5CaptinSHArky(Mahdi)bug-bounty-tips, hacking, bug-bounty, information-security, penetration-testing01-Feb-2025
Understanding MITRE ATT&CK Groups: A Technical Analysishttps://medium.com/@paritoshblogs/understanding-mitre-att-ck-groups-a-technical-analysis-e35773a46cd5?source=rss------bug_bounty-5Paritoshhacking, cybersecurity, information-technology, mitre-attack, bug-bounty01-Feb-2025
Texas Governor Orders Ban on DeepSeek, RedNote for Government Deviceshttps://medium.com/@wiretor/texas-governor-orders-ban-on-deepseek-rednote-for-government-devices-45faa723107e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, hacking, ai, deepseek, bug-bounty01-Feb-2025
Hackers Exploit Gemini AI to Enhance Cyberattackshttps://medium.com/@wiretor/hackers-exploit-gemini-ai-to-enhance-cyberattacks-45f360de9de5?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, ai, bug-bounty, google, hacking01-Feb-2025
Top Alternatives to Burp Collaborator: Using Interactsh for SSRF Detection and Bug Bounty Huntinghttps://osintteam.blog/top-alternatives-to-burp-collaborator-using-interactsh-for-ssrf-detection-and-bug-bounty-hunting-099a1e156dfc?source=rss------bug_bounty-5hacker_mightreconnaissance, discovery-projects, ssrf, ssrf-detection, bug-bounty01-Feb-2025
$150 Bug Bounty No Rate Limit 🙂https://cyberritzzz.medium.com/150-bug-bounty-no-rate-limit-b77cc6fa7708?source=rss------bug_bounty-5Cyb3rR1tzzzcybersecurity, bug-bounty, hackerone01-Feb-2025
AI & Digital Tools for Neurodiverse Bug Bounty Hunters — A Beginner’s Guidehttps://medium.com/@neurodiversehackers/ai-digital-tools-for-neurodiverse-bug-bounty-hunters-a-beginners-guide-b1d24fdc7bbb?source=rss------bug_bounty-5NeurodiverseHackerscybersecurity, cyber-security-awareness, organization, neurodiversity, bug-bounty01-Feb-2025
OoHow to get a Job in the Cybersecurity field [With my experience]https://medium.com/@hrofficial62/oohow-to-get-a-job-in-the-cybersecurity-field-with-my-experience-84b34ad95641?source=rss------bug_bounty-5Mr Horbiopentesting, bug-bounty, bugbounty-writeup, ethical-hacking, cybersecurity31-Jan-2025
How I used shodan to discover 3 easy bugs on VDP program?https://medium.com/@hamdiyasin135/how-i-used-shodan-to-discover-3-easy-bugs-on-vdp-program-1ddd8b291320?source=rss------bug_bounty-5yassin hamdihacking, hacker, recon, information-security, bug-bounty31-Jan-2025
Fuzzuli: A Powerful Content Discovery Tool for Bug Bounty Huntershttps://medium.com/@commanak46/fuzzuli-a-powerful-content-discovery-tool-for-bug-bounty-hunters-f33b67dd4410?source=rss------bug_bounty-5Monika sharmabug-bounty-tool, technology, bug-bounty-tips, bug-bounty, pentesting31-Jan-2025
Secret Dork Hunting Methodology (Part1)https://systemweakness.com/secret-dork-hunting-methodology-part1-6f06b5c47931?source=rss------bug_bounty-5AbhirupKonwarpenetration-testing, pentesting, bug-bounty, ethical-hacking, bug-bounty-tips31-Jan-2025
AI Security: Challenges and Practical Solutionshttps://medium.com/@paritoshblogs/ai-security-challenges-and-practical-solutions-8a78a348fe1d?source=rss------bug_bounty-5Paritoshsecurity, hacking, bug-bounty, ai, cybersecurity31-Jan-2025
Zero Trust Security: Why It’s the Future of Cyber Protection in 2025https://medium.com/@adibostoninstitute123/zero-trust-security-why-its-the-future-of-cyber-protection-in-2025-86b5f0e42fa4?source=rss------bug_bounty-5Aditya Tripathiethical-hacking, bug-bounty, cybersecurity, cybersecurity-course, security31-Jan-2025
Finding an Easy Bughttps://cybersecuritywriteups.com/finding-an-easy-bug-a326dca448ed?source=rss------bug_bounty-5loyalonlytodaytips, cybersecurity, bug-bounty, hacking, bugs31-Jan-2025
Start Web3 Bug Bounty and earn upto $1Mhttps://medium.com/@anandrishav2228/start-web3-bug-bounty-and-earn-upto-1m-e212f9468b88?source=rss------bug_bounty-5Rishav anandbug-bounty, web3, money, cybersecurity, hacking31-Jan-2025
XSS + ARP Poisoning results in full account takeoverhttps://medium.com/@amir_kazi3/xss-arp-poisoning-results-in-full-account-takeover-f3f2be2ff843?source=rss------bug_bounty-5Amirali Kazeroonicybersecurity, xss-attack, pentesting, networking, bug-bounty31-Jan-2025
How I Found Dom-XSS on My Collage Website !!!https://medium.com/@jainilborisagar123/how-i-found-dom-xss-on-my-collage-website-572453ed1227?source=rss------bug_bounty-5Jainil Borisagarbug-bounty, college, xss-attack, cybersecurity, xss-vulnerability31-Jan-2025
Dorks For Sensitive Information Disclosurehttps://medium.com/@devanshpatel930/dorks-for-sensitive-information-disclosure-31fb90ad6f21?source=rss------bug_bounty-5Devanshpatelbug-bounty, information-disclosure, bug-bounty-tips, bug-bounty-writeup, cybersecurity31-Jan-2025
Admin Panel Exploit Leaks 1 Million User Records on Logitechhttps://medium.com/@zerodaystories/admin-panel-exploit-leaks-1-million-user-records-on-logitech-3c0b20189d30?source=rss------bug_bounty-50day storiesbug-bounty-tips, penetration-testing, bug-bounty, cybersecurity, bug-bounty-writeup31-Jan-2025
SaaS platform for Subdomain Enumeration Tool for Bug Hunters and Pentestershttps://aimasterprompt.medium.com/saas-platform-for-subdomain-enumeration-tool-for-bug-hunters-and-pentesters-cf20d4b8ff18?source=rss------bug_bounty-5aimastertechnology, bug-bounty-writeup, saas, cybersecurity, bug-bounty31-Jan-2025
Admin Panel Exploit Leaks 1 Million User Records on Logitechhttps://osintteam.blog/admin-panel-exploit-leaks-1-million-user-records-on-logitech-3c0b20189d30?source=rss------bug_bounty-50day storiesbug-bounty-tips, penetration-testing, bug-bounty, cybersecurity, bug-bounty-writeup31-Jan-2025
Web Cache Deception Attack: How Hackers Trick Your Cachehttps://medium.com/@nikith_g_karkera/web-cache-deception-attack-how-hackers-trick-your-cache-e71fd64b5e23?source=rss------bug_bounty-5zer0_bugspentesting, hacking, web-cache-deception, ethical-hacking, bug-bounty31-Jan-2025
Title:The Silent Takeover: How a Tiny Oversight Led to a Major Security Riskhttps://medium.com/@thedevtaskofficial/title-the-silent-takeover-how-a-tiny-oversight-led-to-a-major-security-risk-1d051030d6e8?source=rss------bug_bounty-5thedevtask officialhacking, hacker, bug-bounty, bug-bounty-tips, bug-bounty-writeup31-Jan-2025
Account Takeover via Cookie Attribute Manipulation — A Unique Methodhttps://medium.com/@pauldipesh29/account-takeover-via-cookie-attribute-manipulation-a-unique-method-ea66a78cdb06?source=rss------bug_bounty-5Dipesh Paulowasp, hacking, ethical-hacking, bug-bounty, penetration-testing31-Jan-2025
Globe Life Data Breach May Impact an Additional 850,000 Clientshttps://medium.com/@wiretor/globe-life-data-breach-may-impact-an-additional-850-000-clients-822a0d4084c1?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, bug-bounty, globe, trump, money31-Jan-2025
Mizuno USA Data Breach: Hackers Had Access for Two Monthshttps://medium.com/@wiretor/mizuno-usa-data-breach-hackers-had-access-for-two-months-ed0ae492ada5?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmizuno, bug-bounty, money, ai, trump31-Jan-2025
Google Blocks 2.36 Million Risky Android Apps from Play Store in 2024https://medium.com/@wiretor/google-blocks-2-36-million-risky-android-apps-from-play-store-in-2024-8ae68808d046?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, bug-bounty, trump, google, money31-Jan-2025
$100 Easy Bounty p4 bug 🙂https://cyberritzzz.medium.com/100-easy-bounty-p4-bug-083943865238?source=rss------bug_bounty-5Cyb3rR1tzzzwriters-on-medium, hacking, bug-bounty, bugs, hackerone31-Jan-2025
Bug Bounty Recon Guide — Part: 1https://aimasterprompt.medium.com/bug-bounty-recon-guide-part-1-0927e7df82ef?source=rss------bug_bounty-5aimastercybersecurity, bug-bounty, bug-bounty-tips, infosec, technology30-Jan-2025
From the Dark Web to Ethical Hacking: The Journey of Monsif Hmouri in Cybersecurityhttps://monsifhmouri.medium.com/from-the-dark-web-to-ethical-hacking-the-journey-of-monsif-hmouri-in-cybersecurity-db0f5056b044?source=rss------bug_bounty-5MONSIF HMOURIanonymous, hacker, ethical-hacking, hacking, bug-bounty30-Jan-2025
Web Cache Deception: Understanding and Mitigating Security Riskshttps://0xkratos.medium.com/web-cache-deception-understanding-and-mitigating-security-risks-c35b79963a49?source=rss------bug_bounty-5Amal PKweb-security, bug-bounty, cybersecuirty, hacking, technology30-Jan-2025
️‍♂️ Mastering Recon in Bug Bounty: Tools, Techniques, and a Step-by-Step Guidehttps://medium.com/@zoningxtr/%EF%B8%8F-%EF%B8%8F-mastering-recon-in-bug-bounty-tools-techniques-and-a-step-by-step-guide-d27345269a5e?source=rss------bug_bounty-5Zoningxtrcybersecurity, penetration-testing, web3, api, bug-bounty30-Jan-2025
AppSec Logic Master on OpenBugBountyhttps://medium.com/mr-plan-publication/appsec-logic-master-on-openbugbounty-5fe67f4cd07a?source=rss------bug_bounty-5AbhirupKonwartechnology, pentesting, cybersecurity, bug-bounty, ethical-hacking30-Jan-2025
Earnings in 2025https://medium.com/@workwithsane/earnings-in-2025-1f7f344cd07d?source=rss------bug_bounty-5Saneearning-money-online, making-money, earning-money, bug-bounty, earnings30-Jan-2025
Most Overlooked & Easiest P4 Vulnerabilityhttps://progprnv.medium.com/most-overlooked-easiest-p4-vulnerability-d3a89cb10497?source=rss------bug_bounty-5progprnvbug-bounty-writeup, hacking, bug-bounty-tips, cybersecurity, bug-bounty30-Jan-2025
Ridiculously Wrong Time to Get Into Bug Bountyhttps://medium.com/@thedevtaskofficial/ridiculously-wrong-time-to-get-into-bug-bounty-364e066d6017?source=rss------bug_bounty-5thedevtaskhacking, bugcrowd, cybersecurity, hackerone, bug-bounty30-Jan-2025
Campaign: Report a Bug & Earn GUIDE Tokenshttps://bmy-guide.medium.com/campaign-report-a-bug-earn-guide-tokens-0b1d6b5613a2?source=rss------bug_bounty-5bmy.guiderewards, bmy-guide, bug-bounty, report, crypto30-Jan-2025
Ultimate Nuclei Templates: Private Collection for Quick Bountieshttps://medium.com/meetcyber/my-private-nuclei-template-collection-for-easy-bounties-ba704073d065?source=rss------bug_bounty-5coffinxpbug-bounty, technology, bug-bounty-tips, hacking, cybersecurity30-Jan-2025
3 Must-Read Bug Bounty Books to Level Up Your Skills!https://medium.com/@kumawatabhijeet2002/3-must-read-bug-bounty-books-to-level-up-your-skills-2a1c3bc2b72f?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, money, bug-bounty, hacking, books30-Jan-2025
How I Hacked the Dutch Government and Got a Lousy T-Shirthttps://medium.com/@cyberhrsh/how-i-hacked-the-dutch-government-and-got-a-lousy-t-shirt-bb0f5716bbe1?source=rss------bug_bounty-5Harsh kotharidutch, swag, hacking, dutch-government, bug-bounty30-Jan-2025
Exploring the World of Offensive Linux Security: A Deep Dive into Cyber Warfare Toolshttps://medium.com/@thecyberghost/exploring-the-world-of-offensive-linux-security-a-deep-dive-into-cyber-warfare-tools-35785e82a36d?source=rss------bug_bounty-5The Cyber Ghostoffensive-security, cybersecurity, bug-bounty, cyber-security-awareness30-Jan-2025
Advanced GitHub Dorking: More Secrets, More Automation, More Bounties!https://myselfakash20.medium.com/advanced-github-dorking-more-secrets-more-automation-more-bounties-f39dd553b1c2?source=rss------bug_bounty-5Akash Ghoshcybersecurity, bug-bounty, technology, bugbounty-writeup, bug-bounty-tips30-Jan-2025
# API Penetration Testing: Basics and Roadmap for Aspiring Security Professionalshttps://medium.com/@hack8655793/api-penetration-testing-basics-and-roadmap-for-aspiring-security-professionals-4b957e6f85ac?source=rss------bug_bounty-5CrackBugbounthuntertesting-tools, bug-bounty, api-pentesting30-Jan-2025
New Syncjacking Attack Hijacks Devices Using Chrome Extensionshttps://medium.com/@wiretor/new-syncjacking-attack-hijacks-devices-using-chrome-extensions-8d3afc416e3d?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, hacking, bug-bounty, money, ai30-Jan-2025
Ransomware Attack Disrupts New York Blood Donation Gianthttps://medium.com/@wiretor/ransomware-attack-disrupts-new-york-blood-donation-giant-a0f51c787fc6?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, trump, blood, bug-bounty, ai30-Jan-2025
Police Seizes Cracked and Nulled Hacking Forum Servers, Arrests Suspectshttps://medium.com/@wiretor/police-seizes-cracked-and-nulled-hacking-forum-servers-arrests-suspects-6f837dfec1b0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicespolice, ai, money, servers, bug-bounty30-Jan-2025
How I Bagged $300 for a Sneaky yet Simple Bughttps://medium.com/@thedevtaskofficial/how-i-bagged-300-for-a-sneaky-yet-simple-bug-f21a8a02b6e1?source=rss------bug_bounty-5thedevtaskmoney, hacking, bounty-program, money-making-ideas, bug-bounty30-Jan-2025
If Pentest-as-a-Service Is So Effective, Why Don’t Most Companies Adopt It?https://medium.com/@hackrate/if-pentest-as-a-service-is-so-effective-why-dont-most-companies-adopt-it-8b5c66ce679c?source=rss------bug_bounty-5Levente Molnarethical-hacking, cybersecurity, hacking, penetration-testing, bug-bounty30-Jan-2025
How I Earned $200 Using GitHub Dorking P=2:Advanced GitHub Dorking: More Secrets, More Automation…https://myselfakash20.medium.com/advanced-github-dorking-more-secrets-more-automation-more-bounties-f39dd553b1c2?source=rss------bug_bounty-5Akash Ghoshcybersecurity, bug-bounty, technology, bugbounty-writeup, bug-bounty-tips30-Jan-2025
Bug Bounty Hunt : Playbookhttps://santhosh-adiga-u.medium.com/bug-bounty-hunt-playbook-418866d82e84?source=rss------bug_bounty-5Santhosh Adiga Uhacking-tools, owasp-top-10, ethical-hacking, penetration-testing, bug-bounty30-Jan-2025
Google Dorking for Bug Bounty Hunters: Beginner’s Editionhttps://medium.com/@ajudeb55/google-dorking-for-bug-bounty-hunters-beginners-edition-969ecf7ccd63?source=rss------bug_bounty-5Aju Debhacking, technology, google, bug-bounty, programming30-Jan-2025
Bug Hunting Recon: Finding acquisitions of targethttps://medium.com/@ethicalhackerhuzaifa/bug-hunting-recon-finding-acquisitions-of-target-de4ec6a252a9?source=rss------bug_bounty-5Huzaifa Shaikhrecon, penetration-testing, bug-bounty-writeup, hacking, bug-bounty30-Jan-2025
Step-by-Step Guide to Solving HTB’s XSS Module: Section-by-Section Flag Solutionshttps://medium.com/@Arsenelupin12/step-by-step-guide-to-solving-htbs-xss-module-section-by-section-flag-solutions-bc07e0cb9928?source=rss------bug_bounty-5Wasted Resourceshacking, bug-bounty, cybersecurity, xss-attack, htb30-Jan-2025
Sensitive Information Disclosure in 5 minuteshttps://medium.com/@mhaziqulkhair/sensitive-information-disclosure-in-5-minutes-0de7ce868069?source=rss------bug_bounty-5Muhammad Haziqul Khairsensitive-data-exposure, web-pentesting, reconnaissance, cybersecurity, bug-bounty29-Jan-2025
Start Bug Bounty and earn $$$: Top Write-Ups, POCs & Tutorialshttps://cybersecuritywriteups.com/start-bug-bounty-and-earn-top-write-ups-pocs-tutorials-739b8a8456ab?source=rss------bug_bounty-5Abhijeet kumawathacking, infosec, bounty-program, money, bug-bounty29-Jan-2025
Discovering a Critical Vulnerability in Deepseek’s Password Reset Functionality leads to Zero Click…https://medium.com/@teamtea.ye/discovering-a-critical-vulnerability-in-deepseeks-password-reset-functionality-leads-to-zero-click-96c597fe852c?source=rss------bug_bounty-5Teamteapenetration-testing, account-takeover, deepseek-v3, deepseek, bug-bounty29-Jan-2025
Uncovering SQL Injection Vulnerabilities through JavaScript File Analysishttps://medium.com/@muhammad-/uncovering-sql-injection-vulnerabilities-through-javascript-file-analysis-d07e430ef862?source=rss------bug_bounty-5Mohammadreconnaissance, security, sql-injection, bug-bounty, web-hacking29-Jan-2025
A case study of vulnerabilities in US government systemshttps://research.ifcr.dk/a-case-study-of-vulnerabilities-in-us-government-systems-a82e9afbf6c2?source=rss------bug_bounty-5Martin Thirup Christensenbug-bounty29-Jan-2025
Uncovering Deepseek AI’s Hidden Flaw: A Dive Into Its Response Filtering Systemhttps://1-day.medium.com/uncovering-deepseek-ais-hidden-flaw-a-dive-into-its-response-filtering-system-96203b727192?source=rss------bug_bounty-51dayai, deepseek, bug-bounty, deepseek-ai, deepseek-v329-Jan-2025
2025: The Year to Start a Bug Bounty Programhttps://medium.com/@hackrate/2025-the-year-to-start-a-bug-bounty-program-6fa1b96f2013?source=rss------bug_bounty-5Levente Molnarbug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips, hacking29-Jan-2025
Top 8 Bug Bounty Books for 2025: Must-Reads for Ethical Hackershttps://medium.com/@verylazytech/top-8-bug-bounty-books-for-2025-must-reads-for-ethical-hackers-9c73d457c0f9?source=rss------bug_bounty-5Very Lazy Techcybersecurity, exploit, ethical-hacking, bug-bounty, hacking29-Jan-2025
How to Find More Subdomains for Bug Bounties? Dive into Recon part 3https://it4chis3c.medium.com/how-to-find-more-subdomains-for-bug-bounties-dive-into-recon-part-3-c9825eac2d68?source=rss------bug_bounty-5It4chis3csubdomain, subdomains-enumeration, assets, bug-bounty-tips, bug-bounty29-Jan-2025
Hackers exploiting flaws in SimpleHelp RMM to breach networkshttps://medium.com/@wiretor/hackers-exploiting-flaws-in-simplehelp-rmm-to-breach-networks-d923ec39b353?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, hacking, bug-bounty, malware, hacker29-Jan-2025
Garmin GPS Watches Crash and Enter Reboot Loop, Users Frustratedhttps://medium.com/@wiretor/garmin-gps-watches-crash-and-enter-reboot-loop-users-frustrated-d1b60092a1bb?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, ai, hacker, garmin, bug-bounty29-Jan-2025
Incident Response & Forensics: Log Analysis, Timeline Creation, and Root Cause Analysishttps://medium.com/@paritoshblogs/incident-response-forensics-log-analysis-timeline-creation-and-root-cause-analysis-95085ab1fc49?source=rss------bug_bounty-5Paritoshincident-response, cybersecurity, hacking, bug-bounty, forensics29-Jan-2025
The $500 Vulnerability: How Censys Search Led Me to a Quick Bug Bountyhttps://medium.com/@hacker_might/the-500-vulnerability-how-censys-search-led-me-to-a-quick-bug-bounty-afabeec7a176?source=rss------bug_bounty-5hacker_mightbug-bounty, reconnaissance, censys, recon, bounty-program29-Jan-2025
Easiest $225 Ever: A Simple SQL Injection Win!https://medium.com/@whoadnan01/easiest-225-ever-a-simple-sql-injection-win-f40c0a6b8e45?source=rss------bug_bounty-5WhoAdnansecurity, bug-bounty-tips, bug-hunting, bug-bounty-writeup, bug-bounty29-Jan-2025
Race Condition Attacks: Exploiting Tiny Gaps in Business Logichttps://medium.com/@HackerNasr/race-condition-attacks-exploiting-tiny-gaps-in-business-logic-c2589b9ac2e7?source=rss------bug_bounty-5HackerNasrinfosec, ethical-hacking, penetration-testing, bug-bounty, cybersecurity29-Jan-2025
How to Find More Subdomains for Bug Bounties? Dive into Recon part 3https://systemweakness.com/how-to-find-more-subdomains-for-bug-bounties-dive-into-recon-part-3-c9825eac2d68?source=rss------bug_bounty-5It4chis3csubdomain, subdomains-enumeration, assets, bug-bounty-tips, bug-bounty29-Jan-2025
Start your CTF journey now.(101)https://medium.com/@anandrishav2228/start-your-ctf-journey-now-101-fa68ed995bca?source=rss------bug_bounty-5Rishav anandctf, hacking, bug-bounty, money, cybersecurity28-Jan-2025
My Journey to Finding a Bug and Earning an Appreciation Letterhttps://medium.com/@sachinkewat809/my-journey-to-finding-a-bug-and-earning-an-appreciation-letter-88cac7109e0e?source=rss------bug_bounty-5Sachin kewatcybersecurity, hacking, oscp, vulnerability, bug-bounty28-Jan-2025
Rank Top 66 + 214 Rep on HackerOnehttps://medium.com/meetcyber/rank-top-66-214-rep-on-hackerone-c260d244ae61?source=rss------bug_bounty-5AbhirupKonwarcybersecurity, bug-bounty, hackerone, penetration-testing, ethical-hacking28-Jan-2025
Feeding Nuclei!https://clarkvoss.medium.com/feeding-nuclei-06192a30de1c?source=rss------bug_bounty-5Clark Vossbug-bounty, hacking-tools, hacking, security, cybersecurity28-Jan-2025
Opengrep : A Hype and Marketing Gimmick, let’s rename it to Privategrep.https://rohitcoder.medium.com/opengrep-a-hype-and-marketing-gimmick-lets-rename-it-to-privategrep-61225dbf9090?source=rss------bug_bounty-5Rohit kumarinfosec, bug-bounty, hacking, semgrep, cybersecurity28-Jan-2025
20 Comprehensive Browser Extensions You Can’t Miss as a Bug Bounty Hunterhttps://cybersecuritywriteups.com/20-comprehensive-browser-extensions-you-cant-miss-as-a-bug-bounty-hunter-e85b7d7c4234?source=rss------bug_bounty-5Sacony Chukwubug-bounty-tips, penetration-testing, hacking, bug-bounty, cybersecurity28-Jan-2025
️‍♂️Ultimate Guide to Finding Bugs in APIs: From Recon to Bountyhttps://medium.com/@zoningxtr/ultimate-guide-to-finding-bugs-in-apis-from-recon-to-bounty-f0cc3487780b?source=rss------bug_bounty-5Zoningxtrapi, bug-bounty, bug-bounty-tips, cybersecurity, bug-bounty-writeup28-Jan-2025
Secondary Context Leads To Company Takeover.https://medium.com/@Berserker1337/secondary-context-leads-to-company-takeover-0dc88ca751ea?source=rss------bug_bounty-5Berserkercybersecurity, web-security, vulnerability, infosec, bug-bounty28-Jan-2025
Introduction to WhiteBox Testinghttps://medium.com/@huyvo2910/introduction-to-whitebox-testing-ae4316269915?source=rss------bug_bounty-5Huy Vowhite-box-testing, bug-bounty, web-application-security, cybersecurity, penetration-testing28-Jan-2025
Web Proxyler ve Burp Suitehttps://medium.com/@onalahmet2631/web-proxyler-ve-burp-suite-c2fffb373da5?source=rss------bug_bounty-5Ahmet Önalpenetration-testing, pentesting, red-team, cybersecurity, bug-bounty28-Jan-2025
How to Exploit Reflected XSS and Bypass Cloudflare Using Waybackurls — A Bug Hunter’s Guidehttps://hackersatty.medium.com/how-to-exploit-reflected-xss-and-bypass-cloudflare-using-waybackurls-a-bug-hunters-guide-3aef1ffb80ee?source=rss------bug_bounty-5hackersattybug-bounty, bug-bounty-writeup, xss-attack, bypass-cloudflare, penetration-testing28-Jan-2025
Why Companies Are Hesitant About Bug Bounty Programshttps://medium.com/@hackrate/why-companies-are-hesitant-about-bug-bounty-programs-a5dcdea30f5c?source=rss------bug_bounty-5Levente Molnarbug-bounty-tips, hacking, cybersecurity, bug-bounty, ethical-hacking28-Jan-2025
How I Found a Ticket Booking Bug That Allowed Me to Travel Almost for Free in TNSTChttps://infosecwriteups.com/how-i-found-a-ticket-booking-bug-that-allowed-me-to-travel-almost-for-free-in-tnstc-2c7aa23aebf6?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup, infosec28-Jan-2025
CRLF Injection: A Critical Web Application Vulnerabilityhttps://0xkratos.medium.com/understanding-crlf-injection-and-its-exploitation-b8271d14452a?source=rss------bug_bounty-5Amal PKcybersecurity, vulnerability, injection, bug-bounty, web28-Jan-2025
FEW DATA BREACHES AND LEAK’S SEARCH ENGINES.https://medium.com/secure-g-o-a-t/few-data-breaches-and-leaks-search-engines-62e82e2ae682?source=rss------bug_bounty-5loyalonlytodayhacking, penetration-testing, leaked, bug-bounty, cybersecurity28-Jan-2025
XSS and CSRF ki Jodihttps://medium.com/@ajay.kumar.695632/xss-and-csrf-ki-jodi-800c3b940ddb?source=rss------bug_bounty-5Ajay Kumarpenetration-testing, bug-bounty-writeup, xss-attack, bug-bounty, bug-bounty-tips28-Jan-2025
How to Find First Bug (For Beginners)https://medium.com/@hrofficial62/how-to-find-first-bug-for-beginners-de5d82302f25?source=rss------bug_bounty-5Mr Horbiocybersecurity, penetration-testing, bug-bounty, hacking28-Jan-2025
How I Earned $200 Using GitHub Dorking: A Manual and Automated Guide to Finding Sensitive…https://myselfakash20.medium.com/how-i-earned-200-using-github-dorking-a-manual-and-automated-guide-to-finding-sensitive-ebbbfcad7296?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, bug-bounty, technology, cybersecurity, bug-bounty-writeup28-Jan-2025
Insecure Data Transport: The Hidden Danger of Downloads Without Integrity Checkshttps://medium.com/@HackerNasr/insecure-data-transport-the-hidden-danger-of-downloads-without-integrity-checks-e190883d3f14?source=rss------bug_bounty-5HackerNasrbug-bounty, cybersecurity, data-analysis, penetration-testing, ethical-hacking28-Jan-2025
The Biggest Mistake in My Bug Bounty Journey and How I Fixed Ithttps://medium.com/@mahdisalhi0500/the-biggest-mistake-in-my-bug-bounty-journey-and-how-i-fixed-it-576e2d43ea2f?source=rss------bug_bounty-5CaptinSHArky(Mahdi)penetration-testing, learning, infosec, information-security, bug-bounty28-Jan-2025
SubFinder: Automating Subdomain Enumeration for Bug Bounty in 2025https://medium.com/@halfcircassian/subfinder-automating-subdomain-enumeration-for-bug-bounty-in-2025-2fc17e385e4f?source=rss------bug_bounty-5Sıla Özerensubfinder, bug-bounty, bug-bounty-tips, bugbounty-writeup, subdomains-enumeration28-Jan-2025
What is a Supply Chain Attack?https://medium.com/@stish834/what-is-a-supply-chain-attack-84f485e371bf?source=rss------bug_bounty-5stish834computer-science, bug-bounty-tips, bug-bounty-writeup, bug-bounty, vulnerability28-Jan-2025
5 Things You Should Understand Before Jumping into Bug Bountyhttps://bitpanic.medium.com/5-things-you-should-understand-before-jumping-into-bug-bounty-813cd960c6bc?source=rss------bug_bounty-5Spectat0rguycybersecurity, technology, programming, bug-bounty, bug-bounty-tips28-Jan-2025
EU Sanctions Russian GRU Hackers for Cyberattacks Against Estoniahttps://medium.com/@wiretor/eu-sanctions-russian-gru-hackers-for-cyberattacks-against-estonia-ac7fcd59f84b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, hacker, bug-bounty, trump, money28-Jan-2025
How do I find my first CVE ?https://medium.com/@AhmadSopyan/how-do-i-find-my-first-cve-e368a89c93c5?source=rss------bug_bounty-5Ahmad Sopyancve, cybersecurity, bug-bounty, worpdress, hacking28-Jan-2025
Working SSRF Methodology For ME!https://medium.com/@sharathi72/working-ssrf-methodology-for-me-4763ae34b7db?source=rss------bug_bounty-5sharathi72bug-bounty-tips, bug-bounty, cybersecurity, methodology, bugbounty-writeup28-Jan-2025
Don’t know how to find Bounty Earning Assets? Let’s Dive Deep into Recon part 2https://it4chis3c.medium.com/dont-know-how-to-find-bounty-earning-assets-let-s-dive-deep-into-recon-part-2-7c85fdd5b6b7?source=rss------bug_bounty-5It4chis3cdmarc-record, bug-bounty-tips, dns, bug-bounty, bug-bounty-writeup28-Jan-2025
A Security Gap (PII) in a Bus Companyhttps://medium.com/meetcyber/a-security-gap-pii-in-a-bus-company-ecfe972875ff?source=rss------bug_bounty-5Erkan Kavasbug-bounty-tips, pii, bug-bounty-writeup, cybersecurity, bug-bounty28-Jan-2025
.DS_Store File: A Gift for Researchers and a Headache for Website Ownershttps://infosecwriteups.com/ds-store-file-a-gift-for-researchers-and-a-headache-for-website-owners-219724b99043?source=rss------bug_bounty-5Jioninbug-bounty, tools, information-security, mac28-Jan-2025
Pimcore 11.4.2-SQL Injection (CVE-2024–11956)https://medium.com/@maeitsec/pimcore-11-4-2-sql-injection-cve-2024-11956-869c7d5812d8?source=rss------bug_bounty-5Maeitsecbug-bounty, security28-Jan-2025
Pimcore 11.4.2-Stored XSS (CVE-2024–11954)https://medium.com/@maeitsec/pimcore-11-4-2-stored-xss-cve-2024-11954-fc262469e5b4?source=rss------bug_bounty-5Maeitsecpoc, bug-bounty, security28-Jan-2025
Practical amass — How I configure and use amass in my recon flowhttps://medium.com/@samhilliard/practical-amass-how-i-configure-and-use-amass-in-my-recon-flow-94b8814b9025?source=rss------bug_bounty-5Sam Hilliardbug-bounty-tips, recon, web, bug-bounty27-Jan-2025
IDOR Leads to Deletion of Organization Ownerhttps://medium.com/@saurabhcsec/idor-leads-to-deletion-of-organization-owner-0f0deb6a71aa?source=rss------bug_bounty-5Saurabhcsecbug-bounty-writeup, bug-bounty-tips, cybersecurity, bug-bounty27-Jan-2025
Finding an easy p4 it can be worth 200$https://medium.com/infosecmatrix/finding-a-easy-p4-it-can-be-worth-200-ddd90ffe08d8?source=rss------bug_bounty-5loyalonlytodayhacking, 4ps, ethical-hacking, bug-bounty, cybersecurity27-Jan-2025
Mastering Bug Management (Part 1)https://medium.com/@vadoliya.nikhil99/mastering-bug-management-part-1-f951e1cf46d0?source=rss------bug_bounty-5Nikhil Vadoliyaleadership, product-management, technology, bug-bounty, programming27-Jan-2025
Bypassing Web Application Firewalls with Shell Globbinghttps://0xkratos.medium.com/bypassing-web-application-firewalls-with-shell-globbing-8af82ff0cc8a?source=rss------bug_bounty-5Amal PKlinux, cybersecurity, bug-bounty, bash, waf27-Jan-2025
Duplicate Accounts Using the Same Email [BUG]: A Business Logic Vulnerabilityhttps://medium.com/@osamamohamed21212121/duplicate-accounts-using-the-same-email-bug-a-business-logic-vulnerability-d1852a589c79?source=rss------bug_bounty-5Osamamohamed (db3wy)bug-bounty-tips, bugs, bug-bounty, cybersecurity, bug-bounty-writeup27-Jan-2025
how i got $$$$ from old public bug bounty programhttps://medium.com/@ibrahimsyamgame/how-i-got-from-old-public-bug-bounty-program-aee4af074bbd?source=rss------bug_bounty-5Ibrahimsyamgamebug-bounty, bug-bounty-tips, bug-bounty-writeup27-Jan-2025
Exploring the Top 10 Free OSINT Tools for 2025https://medium.com/@verylazytech/exploring-the-top-10-free-osint-tools-for-2025-5f23d0e4e49a?source=rss------bug_bounty-5Very Lazy Techrecon, hacking, cybersecurity, bug-bounty, osint27-Jan-2025
Admin Panel Login Bypass Programs HackerOne $3000https://medium.com/@HackerPlus/admin-panel-login-bypass-programs-hackerone-3000-4e95803fff92?source=rss------bug_bounty-5HackerPlus+bug-bounty, ctf-writeup, bugcrowd, ctf, hackerone27-Jan-2025
Automating Bug Bounty with Pythonhttps://medium.com/@Chandravarma.Hattaraki/automating-bug-bounty-with-python-ca146dcc5a9d?source=rss------bug_bounty-5Chandravarma.Hattarakibugbounty-automation, pentesting, vapt, vulnerability, bug-bounty27-Jan-2025
Beginner’s Toolkit: 9 Tools That Simplified My Cybersecurity Journeyhttps://medium.com/@d3vilz50n/beginners-toolkit-9-tools-that-simplified-my-cybersecurity-journey-420c3c320d0a?source=rss------bug_bounty-5d3vilz50nethical-hacking, hacking-tools, cybersecurity, bug-bounty, cybersecurity-tools27-Jan-2025
Finding Bugs Beyond the Obvious: A Rate Limit Bypass Storyhttps://medium.com/@dev.rawal0143/finding-bugs-beyond-the-obvious-a-rate-limit-bypass-story-d627e926b7e5?source=rss------bug_bounty-5Dev Rawalrate-limit-bypass, bugs, hackerone, rate-limiting, bug-bounty27-Jan-2025
$9,500 Bug Bounty: How I Chained IDOR and BAC to Discover This Critical Vulnerabilityhttps://medium.com/@ibtissamhammadi/9-500-bug-bounty-how-i-chained-idor-and-bac-to-discover-this-critical-vulnerability-a6ff942d4bac?source=rss------bug_bounty-5Ibtissam Hammadihacking, bug-bounty, cybersecurity, infosec, programing27-Jan-2025
“From Frustration to Fulfillment:Why Bug Bounty Hunting is Worth the Effort and How to Succeed”https://medium.com/@Arsenelupin12/from-frustration-to-fulfillment-why-bug-bounty-hunting-is-worth-the-effort-and-how-to-succeed-ed632833f78d?source=rss------bug_bounty-5Wasted Resourceshacking, hackathons, bug-bounty, bug-bounty-tips, cybersecurity27-Jan-2025
Guía de Bug Bounty Hunting #1https://medium.com/@mon.cybersec/gu%C3%ADa-de-bug-bounty-hunting-1-b40f056a98d8?source=rss------bug_bounty-5Mon Patiñocybersecurity, hacking, bug-bounty, ciberseguridad, bug-bounty-tips27-Jan-2025
2 good tools for subdomain enumeration.https://osintteam.blog/2-good-tools-for-subdomain-enumeration-fdceb84ac685?source=rss------bug_bounty-5loyalonlytodaypentesting, cybersecurity, subdomains-enumeration, reconnaissance, bug-bounty27-Jan-2025
ATM | Penetration Testinghttps://medium.com/@HackerPlus/atm-penetration-testing-24a9514c6858?source=rss------bug_bounty-5HackerPlus+ctf, pentesting, atm, bug-bounty, hacker27-Jan-2025
How I found a p4 as per bug crowd vrt.https://medium.com/h7w/how-i-found-a-p4-as-per-bug-crowd-vrt-aacbd2e9d285?source=rss------bug_bounty-5loyalonlytoday4ps, bug-bounty, ethical-hacking, cybersecurity, pentesting27-Jan-2025
HTTP Request Smuggling ft TryHackMe and morehttps://medium.com/@rizn0x0cruz/http-request-smuggling-a92a5411435e?source=rss------bug_bounty-5rinz0x0cruzweb-hacking, bug-bounty, tryhackme-writeup, cybersecurity, computer-science27-Jan-2025
The Evolution of Cybersecurity: Trends, Threats, and Solutions for 2025https://0xhassan.medium.com/the-evolution-of-cybersecurity-trends-threats-and-solutions-for-2025-d7f7a7726423?source=rss------bug_bounty-5Hassan Ali Arshadcybersecurity, bug-bounty, infosec, it, information-technology27-Jan-2025
Subdomain TakeOver Programs BugCrowd $2100 Bountyhttps://medium.com/@HackerPlus/subdomain-takeover-programs-bugcrowd-2100-bounty-f47e78cdb945?source=rss------bug_bounty-5HackerPlus+bug-bounty, bug-bounty-tips, ctf-writeup, ctf, hackerone27-Jan-2025
My Journey to Finding My First XSS Vulnerabilityhttps://medium.com/@shaikrief2/my-journey-to-finding-my-first-xss-vulnerability-a342f685d7dc?source=rss------bug_bounty-5Shxikrfbug-bounty, cybersecurity, bug-bounty-writeup27-Jan-2025
Way to find IDORs or Broken access bugshttps://medium.com/@curiouskhanna/way-to-find-idors-or-broken-access-bugs-2c9a07c32281?source=rss------bug_bounty-5Shubham Khannaidor, cybersecurity, bug-bounty, hacking, broken-access-control27-Jan-2025
These books will help to learn bug bounty & penetration testing and ethical hacking. Part 1.https://cybersecuritywriteups.com/these-books-will-help-to-learn-bug-bounty-penetration-testing-and-ethical-hacking-part-1-852f54c6e075?source=rss------bug_bounty-5loyalonlytodaybooks, pdf, bug-bounty, cybersecurity, ethical-hacking26-Jan-2025
These books will help to learn bug bounty & penetration testing and ethical hacking. Final part.https://cybersecuritywriteups.com/these-books-will-help-to-learn-bug-bounty-penetration-testing-and-ethical-hacking-final-part-b1147247c9dc?source=rss------bug_bounty-5loyalonlytodaybooks, bug-bounty, pdf, hacking, cybersecurity26-Jan-2025
These books will help to learn bug bounty & penetration testing and ethical hacking—part 2.https://cybersecuritywriteups.com/these-books-will-help-to-learn-bug-bounty-penetration-testing-and-ethical-hacking-part-2-7796010139e2?source=rss------bug_bounty-5loyalonlytodaybug-bounty, pdf, books, cybersecurity, hacking26-Jan-2025
Here are some solutions on countering CTF mistake happened while panicking and over extement.https://medium.com/@shalomo.social/here-are-some-solutions-on-countering-ctf-mistake-happened-while-panicking-and-over-extement-9f090424f08b?source=rss------bug_bounty-5Shalomo Agarwarkarbug-bounty, machine-learning, cryptocurrency, programming, data-science26-Jan-2025
Securing NASA For Certificate: P3 Vulnerabilityhttps://medium.com/@manan_sanghvi/securing-nasa-for-certificate-p3-vulnerability-272a6e5f2fca?source=rss------bug_bounty-5Manan Sanghvimanan-sanghvi, bug-bounty, nasa, penetration-testing, hacking26-Jan-2025
Finding an easy p4 bug.https://medium.com/cyberscribers-exploring-cybersecurity/finding-an-easy-p4-bug-489d91e9c754?source=rss------bug_bounty-5loyalonlytodaycybersecurity, hacking, bug-bounty, bugs, penetration-testing26-Jan-2025
Técnicas Avanzadas para Analizar y Comprender Web Application Firewalls (WAF)https://medium.com/@kimera71/t%C3%A9cnicas-avanzadas-para-analizar-y-comprender-web-application-firewalls-waf-515713cf6edd?source=rss------bug_bounty-5Kimerared-team, bug-bounty, waf, pentesting26-Jan-2025
Light: TryHackMe Writeuphttps://medium.com/@samyakkatiyar2/light-tryhackme-writeup-230c3d6c26ca?source=rss------bug_bounty-5Samyakkatiyarctf-writeup, ethical-hacking, cybersecurity, bug-bounty, application-security26-Jan-2025
Beginner’s Guide to Bug Bounty: Easy Tips for Finding Open Redirect Vulnerabilitieshttps://medium.com/@anishnarayan/beginners-guide-to-bug-bounty-easy-tips-for-finding-open-redirect-vulnerabilities-ffda668e6533?source=rss------bug_bounty-5Anish Narayanbug-bounty-tips, open-redirect, bug-bounty, bug-bounty-writeup, bug-bounty-hunting26-Jan-2025
Unlock the Full Potential of the Wayback Machine for Bug Bountyhttps://infosecwriteups.com/unlock-the-full-potential-of-the-wayback-machine-for-bug-bounty-8b6f57e2637d?source=rss------bug_bounty-5coffinxpbug-bounty-tips, technology, tech, hacking, bug-bounty26-Jan-2025
How I “Hacked” discord.rockshttps://medium.com/@iusedarchbtw/how-i-hacked-discord-rocks-8044266b4775?source=rss------bug_bounty-5Wuemelidiscord, bug-bounty26-Jan-2025
Waybackurls: The Ultimate Tool for Recon in Bug Bounty Huntinghttps://medium.com/@verylazytech/waybackurls-the-ultimate-tool-for-recon-in-bug-bounty-hunting-3465a1786162?source=rss------bug_bounty-5Very Lazy Techrecon, waybackurls, hacking, bug-bounty, cybersecurity26-Jan-2025
Ransomware Gang Exploits SSH Tunnels for Stealthy VMware ESXi Accesshttps://medium.com/@wiretor/ransomware-gang-exploits-ssh-tunnels-for-stealthy-vmware-esxi-access-1f281b18deb8?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, malware, ai, hacking, bug-bounty26-Jan-2025
Mastering Amass: The Ultimate Recon Toolkithttps://medium.com/@muhammad4208/mastering-amass-the-ultimate-recon-toolkit-d66a56627849?source=rss------bug_bounty-5Muhammad Abdullah Niazibug-bounty-tips, reconnaissance, enumeration, bug-bounty26-Jan-2025
Silver Platter | TryHackMe | Walkthroughhttps://medium.com/@lkmn1/silver-platter-tryhackme-walkthrough-7ae5719aa8c0?source=rss------bug_bounty-5Lukman Ardiyansyahhacking, pentesting, linux, cybersecurity, bug-bounty26-Jan-2025
How I Gained Admin Access Through DeepLink Hijackinghttps://medium.com/@k3r0/privilege-escalation-via-deeplink-hijacking-23b30f74b0ff?source=rss------bug_bounty-5Kyrillos nadypenetration-testing, hacking, mobile-app-development, bug-bounty, android26-Jan-2025
If Bug Bounty Programs Are So Effective, Why Don’t Most Companies Have Them?https://medium.com/@hackrate/if-bug-bounty-programs-are-so-effective-why-dont-most-companies-have-them-fbba2f221089?source=rss------bug_bounty-5Levente Molnarbug-bounty, hacking, cybersecurity, ethical-hacking, bug-bounty-tips26-Jan-2025
Netgate Needs a Bug Bountyhttps://medium.com/cloud-security/netgate-needs-a-bug-bounty-90ae5eebe821?source=rss------bug_bounty-5Teri Radichelbug-bounty, ubiquiti, pfsense, troubleshooting, net-gate26-Jan-2025
Exploiting XSS To Steal Cookieshttps://osintteam.blog/exploiting-xss-to-steal-cookies-f0aebdcd815b?source=rss------bug_bounty-5The Cybersec Cafébug-bounty-tips, penetration-testing, cybersecurity, bug-bounty, information-security25-Jan-2025
Threat Hunting with Python (Cybersecurity)https://medium.com/@paritoshblogs/threat-hunting-with-python-cybersecurity-b90b76415972?source=rss------bug_bounty-5Paritoshcybersecurity, threat-hunting, bug-bounty, programming, python25-Jan-2025
How I Turned a Tiny Security Flaw into a $250 Bountyhttps://medium.com/@ramshath1999/how-i-turned-a-tiny-security-flaw-into-a-250-bounty-90a0227d6c6f?source=rss------bug_bounty-5Ramshathpentesting, bug-bounty, bug-bounty-tips, bug-bounty-writeup25-Jan-2025
How I Discovered a Bypass in WhatsApp’s “View Once” Featurehttps://medium.com/@ramshath1999/how-i-discovered-a-bypass-in-whatsapps-view-once-feature-aea3bdf6405a?source=rss------bug_bounty-5Ramshathhacking, bug-bounty, pentesting, meta25-Jan-2025
How to Bypass SSL Pinning for Android Apps: A Step-by-Step Guide for Security Testinghttps://medium.com/@usmandasthaheer/how-to-bypass-ssl-pinning-for-android-apps-a-step-by-step-guide-for-security-testing-13f2f4d10a2e?source=rss------bug_bounty-5The Cyber Monkeybug-bounty, penetration-testing, bug-bounty-tips, cybersecurity25-Jan-2025
Practical Bug Bounty: A Complete Guide to Finding & Reporting Vulnerabilitieshttps://santhosh-adiga-u.medium.com/practical-bug-bounty-a-complete-guide-to-finding-reporting-vulnerabilities-b46a79910ab8?source=rss------bug_bounty-5Santhosh Adiga Ubug-bounty, ethical-hacking, penetration-testing, cybersecurity25-Jan-2025
Hello everyone!https://medium.com/@sahusujal.dev2004/hello-everyone-8550eb37820f?source=rss------bug_bounty-5Sujal Sahubug-bounty-tips, bug-bounty, bounty-program, bug-bounty-dorks, bug-bounty-program25-Jan-2025
JSON Web Token (JWT) Vulnerabilities: Breaking Tokens for Fun and Profithttps://medium.com/@HackerNasr/json-web-token-jwt-vulnerabilities-breaking-tokens-for-fun-and-profit-cf36fc0122db?source=rss------bug_bounty-5HackerNasrweb-security, bug-bounty, infosec, pentesting, ethical-hacking25-Jan-2025
Business Logic Vulnerability — IDOR (Insecure Direct Object Reference)https://medium.com/@ilhambachtiar578/business-logic-vulnerability-idor-insecure-direct-object-reference-3dfe04298392?source=rss------bug_bounty-5Ilhambachtiaridor, penteration-testing, idor-vulnerability, bug-bounty, cybersecurity25-Jan-2025
FINDING UNIQUE BUG BOUNTY PROGRAMShttps://medium.com/@sahusujal.dev2004/hello-everyone-8550eb37820f?source=rss------bug_bounty-5Sujal Sahubug-bounty-tips, bug-bounty, bounty-program, bug-bounty-dorks, bug-bounty-program25-Jan-2025
$35K Bug Bounty: Python Scripts Crack Subdomainshttps://medium.com/@ibtissamhammadi/35k-bug-bounty-python-scripts-crack-subdomains-bd2a131cc372?source=rss------bug_bounty-5Ibtissam Hammadipython-hacking, bug-bounty, ethical-hacking, cybersecurity, network-security25-Jan-2025
OSINT (Reconnaissance) section: What is GithubDorking ?https://medium.com/@nagavicyn2/osint-reconnaissance-section-what-is-githubdorking-0145221d1206?source=rss------bug_bounty-5Jioninbug-bounty, github, github-dorking, reconnaissance, osint25-Jan-2025
Hemos lanzado un programa de recompensas por errores de $500,000 para identificar vulnerabilidades…https://medium.com/@dolaresciberneticos/hemos-lanzado-un-programa-de-recompensas-por-errores-de-500-000-para-identificar-vulnerabilidades-d4c16fe7ec84?source=rss------bug_bounty-5Carlos Melgarproof-system, expander-polyhdera, zero-knowledge, bug-bounty, expander25-Jan-2025
How I Found a Vulnerability in Lemonsqueezy’s Checkout Flowhttps://medium.com/@rstuv/how-i-found-a-vulnerability-in-lemonsqueezys-checkout-flow-393cc7026ab0?source=rss------bug_bounty-5rstuvbug-bounty, cybersecurity25-Jan-2025
Zyxel Warns of Critical Firewall Issues Due to Faulty Updatehttps://medium.com/@wiretor/zyxel-warns-of-critical-firewall-issues-due-to-faulty-update-1bedcc5ad085?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, bug-bounty, zynel, malware, hacking25-Jan-2025
Privilege Escalation in GraphQL : Exploiting Finance Role Token to Access Admin Data : Part 1https://hackersatty.medium.com/privilege-escalation-in-graphql-exploiting-finance-role-token-to-access-admin-data-part-1-7a017a7aeb89?source=rss------bug_bounty-5hackersattyidor, vulnerability, medium, bug-bounty, graphql25-Jan-2025
PayPal Agrees to $2 Million Settlement Over 2022 Data Breachhttps://medium.com/@wiretor/paypal-agrees-to-2-million-settlement-over-2022-data-breach-672e1b417dcc?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, malware, bug-bounty, paypal, money25-Jan-2025
Subdomain enumeration technique to discover critical vulnerabilities…https://mahim-firoj.medium.com/subdomain-enumeration-technique-to-discover-critical-vulnerabilities-dfb4f4daa1af?source=rss------bug_bounty-5Md. Mahim Bin Firojvulnerability-assessment, subdomain, cybersecurity, bug-bounty, enumeration25-Jan-2025
Shodan Dorking : 50+ Dorks To Uncover Hidden Worldhttps://bitpanic.medium.com/shodan-dorking-50-dorks-to-uncover-hidden-world-41e10819b7c8?source=rss------bug_bounty-5Spectat0rguycybersecurity, bug-bounty-tips, programming, bug-bounty, technology25-Jan-2025
Comprehensive Guide to SQL Injection Attacks: Understanding and Prevention | By Gentil Securityhttps://gentilsecurity.medium.com/comprehensive-guide-to-sql-injection-attacks-understanding-and-prevention-by-gentil-security-8f02e3461344?source=rss------bug_bounty-5Gentil Securitypenetration-testing, sql-injection, cybersecurity, web-vulnerabilities, bug-bounty25-Jan-2025
Full GitHub Dorking guide: for OSINT and BugBounty (Reconnaissance)https://infosecwriteups.com/full-github-dorking-guide-for-osint-and-bugbounty-reconnaissance-27557fb67ee0?source=rss------bug_bounty-5Jioningithub, reconnaissance, bug-bounty, osint, github-dorking25-Jan-2025
Making use of Javascript Source Maps (js.map) files in Bug Bounty — Information gathering tipshttps://medium.com/@0x_Ju1ian/making-use-of-javascript-source-maps-js-map-files-in-bug-bounty-information-gathering-tips-87deddf1aa8d?source=rss------bug_bounty-50x_Ju1ianbug-bounty-tips, bug-bounty24-Jan-2025
$200 Easy Directory Listing Vulnerability on a US Websitehttps://cybersecuritywriteups.com/200-easy-directory-listing-vulnerability-on-a-us-website-7d35fcda8aa2?source=rss------bug_bounty-5Abhijeet kumawatinfosec, bug-bounty, hacking, medium, money24-Jan-2025
CTF vs. Bug Bounty: Navigating Two Worlds of Cybersecurityhttps://medium.com/@mehakchoradia1/ctf-vs-bug-bounty-navigating-two-worlds-of-cybersecurity-919ed152bed3?source=rss------bug_bounty-5Mehakchoradiaguidance, cybersecurity, capture-the-flag, careers, bug-bounty24-Jan-2025
How I Found a Stripe Key Disclosure Leading to PII Exposurehttps://medium.com/@nihaltikka/how-i-found-a-stripe-key-disclosure-leading-to-pii-exposure-6e57d5fca9d5?source=rss------bug_bounty-5EL_Cazad0rbug-bounty, bug-bounty-tips, bug-bounty-writeup, penetration-testing24-Jan-2025
Broken Link : My Story Of Hijacking a Twitter Handlehttps://bitpanic.medium.com/broken-link-my-story-of-hijacking-a-twitter-handle-f087536db8c5?source=rss------bug_bounty-5Spectat0rguycybersecurity, technology, programming, bug-bounty, bug-bounty-tips24-Jan-2025
How to Spot XSS Bugs on Any Websitehttps://medium.com/h7w/how-to-spot-xss-bugs-on-any-website-5b4eed955c35?source=rss------bug_bounty-5Rendieropenetration-testing, xss-attack, red-team, bug-bounty, vulnerability24-Jan-2025
Bug Bounty Scams in 2025: How to Identify Fake Opportunities and Safeguard Yourselfhttps://medium.com/@adibostoninstitute123/bug-bounty-scams-in-2025-how-to-identify-fake-opportunities-and-safeguard-yourself-e08cd7af5bce?source=rss------bug_bounty-5Aditya Tripathicybersecurity, learn-ethical-hacking, bug-bounty, cybersecurity-course, ethical-hacking-course24-Jan-2025
Subdomain Enumeration: A Practical Guidehttps://medium.com/@nakshatrasirohi/subdomain-enumeration-a-practical-guide-31eb662d3bfb?source=rss------bug_bounty-5Nakshatra Sirohireconnaissance, bug-bounty, bug-bounty-tips, hacking-tools, recon24-Jan-2025
Exploiting XSS via Markdown on Xiaomihttps://medium.com/@n45ht/exploiting-xss-via-markdown-on-xiaomi-ad93519a42f5?source=rss------bug_bounty-5N45HTweb-security, cross-site-scripting, xs, bug-bounty, markdown24-Jan-2025
Bypassed Access Control Using a Simple Method-Based Request Trick  —  Access Control Labshttps://bashoverflow.medium.com/bypassed-access-control-using-a-simple-method-based-request-trick-access-control-labs-61ec15242d88?source=rss------bug_bounty-5Bash Overflowbypass-access-control, http-method-based-bypass, privilege-escalation, bug-bounty, access-control-flaw24-Jan-2025
Linux Basics for Hackers, Developers, and System Administratorshttps://medium.com/@v1xtron/linux-basics-for-hackers-developers-and-system-administrators-419b828f2a98?source=rss------bug_bounty-5v1xtronbug-bounty, bug-bounty-writeup, ethical-hacking, linux, system-administration24-Jan-2025
Currently Bugcrowd has over 1400 bug bounty programs. Is it really so good?https://medium.com/@hackrate/currently-bugcrowd-has-over-1400-bug-bounty-programs-is-it-really-so-good-383130cfb406?source=rss------bug_bounty-5Levente Molnarcybersecurity, ethical-hacking, bug-bounty, hacking, bug-bounty-tips24-Jan-2025
Become a Bug Bounty Expert: Tips to Maximize Your Earningshttps://medium.com/@ramanidhaval11/become-a-bug-bounty-expert-tips-to-maximize-your-earnings-1cd13984631a?source=rss------bug_bounty-5Er Dhaval Ramaniai, cybersecurity, bug-bounty24-Jan-2025
Admin Panel Exploit to Access Logitech Dashboardhttps://medium.com/@asingh25377/admin-panel-exploit-to-access-logitech-dashboard-e4c3943dbf21?source=rss------bug_bounty-5aman singhbugbounty-writeup, bugs, bug-bounty24-Jan-2025
CORS Misconfigurations: How Poor Policies Open Doors to Exploitshttps://medium.com/@HackerNasr/cors-misconfigurations-how-poor-policies-open-doors-to-exploits-ef0af71e0302?source=rss------bug_bounty-5HackerNasrpenetration-testing, infosec, bug-bounty, ethical-hacking, web-security24-Jan-2025
Best Linux Distros for Cyber Security , Web & App Developmenthttps://bitpanic.medium.com/best-linux-distros-for-cyber-security-web-app-development-72422faa37a2?source=rss------bug_bounty-5Spectat0rguybug-bounty, web-development, cybersecurity, technology, programming24-Jan-2025
SQL injection in largest Electricity Board of Sri Lankahttps://infosecwriteups.com/sql-injection-in-largest-electricity-board-of-sri-lanka-1a55c12104bd?source=rss------bug_bounty-5coffinxptechnology, sql-injection, sql, hacking, bug-bounty24-Jan-2025
Bypassing Rate Limit Protection to Account Takeoverhttps://medium.com/@sohailahmed0x0/bypassing-rate-limit-protection-to-account-takeover-fe44598fc1df?source=rss------bug_bounty-5Sohail Ahmedbrute-force, rate-limiting, cybersecurity, bug-bounty, pentesting24-Jan-2025
Setting up Lab for Active Directoryhttps://medium.com/@sohailahmed0x0/setting-up-lab-for-active-directory-9b0cb69041cd?source=rss------bug_bounty-5Sohail Ahmedcybersecurity, infosec, bug-bounty, active-directory, pentesting24-Jan-2025
Escalate P3 SSRF TO P1https://medium.com/@anonanoon9/escalate-p3-ssrf-to-p1-a9ed4eaaefeb?source=rss------bug_bounty-5Yazeed Bilalbug-bounty, bug-bounty-strategy, bug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup23-Jan-2025
Easy $10,000 bounty using Wayback Machinehttps://blog.bugbountyhunter.xyz/easy-10-000-bounty-using-wayback-machine-1b08e3b1cafe?source=rss------bug_bounty-5Japz Divinobug-bounty-tips, bug-bounty-writeup, hackerone, bug-bounty23-Jan-2025
Create Your Free Red Teaming Lab at Zero Cost!https://medium.com/@paritoshblogs/create-your-free-red-teaming-lab-at-zero-cost-d2547b2de11a?source=rss------bug_bounty-5Paritoshcybersecurity, how-to, bug-bounty, hacking, pentesting23-Jan-2025
A Simple P2 Bug Via Forced Browsinghttps://medium.com/@cyberpro151/a-simple-p2-bug-via-forced-browsing-d4926a82891f?source=rss------bug_bounty-5cyberpro151bug-bounty, bug-bounty-writeup, bug-bounty-tips, broken-access-control, cybersecurity23-Jan-2025
Get sonyliv free subscriptionshttps://medium.com/@hrofficial62/get-sonyliv-free-subscriptions-fcc58f89bae6?source=rss------bug_bounty-5Mr Horbiobug-bounty, bugbounty-writeup, cybersecurity, pentesting, hacki23-Jan-2025
Exposed Credentials Guide: Not just in client javascripts || 101 case studieshttps://medium.com/@illoyscizceneghposter/exposed-credentials-guide-not-just-in-client-javascripts-101-case-studies-131b765e07a2?source=rss------bug_bounty-5Illoy Scizceneghposterbug-bounty, hacking, infosec23-Jan-2025
Security Risks of Medium Paywall Bypass Methods.https://pwndecoco.medium.com/security-risks-of-medium-paywall-bypass-methods-28b92f557a3a?source=rss------bug_bounty-5Pwndec0c0bug-bounty, hacking, bug-bounty-writeup, bug-bounty-tips, medium23-Jan-2025
$600 Vulnerability: My First Bug Hunting Journeyhttps://asyary.medium.com/600-vulnerability-my-first-bug-hunting-journey-98b961a62f4b?source=rss------bug_bounty-5Asyary Raihanbug-bounty, bug-hunting, bug-bounty-writeup, hacking, cybersecurity23-Jan-2025
Introducing AZEx Incentivized Testnethttps://medium.com/@AZEX.io/introducing-azex-incentivized-testnet-04ddc32d83a1?source=rss------bug_bounty-5AZEXtestnet, berachain, defi, azex, bug-bounty23-Jan-2025
How a Vulnerability in Cinema Booking Systems Can Block Seats and Impact Revenuehttps://medium.com/@anonymousshetty2003/how-a-vulnerability-in-cinema-booking-systems-can-block-seats-and-impact-revenue-c28e93d26616?source=rss------bug_bounty-5Anonymousshettybug-bounty-writeup, bug-bounty, ethical-hacking, hacking, cybersecurity23-Jan-2025
Finding more subdomains.(part 2)https://medium.com/readers-club/finding-more-subdomains-part-2-07a64b331b43?source=rss------bug_bounty-5loyalonlytodaycybersecurity, penetration-testing, subdomains-enumeration, hacking, bug-bounty23-Jan-2025
$5,000 Bug Bounty: The Hacker’s Unexpected Goldminehttps://medium.com/@ibtissamhammadi/5-000-bug-bounty-the-hackers-unexpected-goldmine-b87ab9fd0c3b?source=rss------bug_bounty-5Ibtissam Hammadibug-bounty, ethical-hacking, cybersecurity, infosec, tech-jobs23-Jan-2025
OSINT (Reconnaissance) section: What is GitDorking ?https://medium.com/@nagavicyn2/osint-reconnaissance-section-what-is-gitdorking-3215520de9c7?source=rss------bug_bounty-5Jioningithub, osint, recon, bug-bounty, pentesting23-Jan-2025
Next.js, cache, and chains: the stale elixirhttps://medium.com/@zhero_/next-js-cache-and-chains-the-stale-elixir-a4c6b3062e1b?source=rss------bug_bounty-5Rachid.Ajavascript, cve, hacking, nextjs, bug-bounty23-Jan-2025
The Ultimate Guide to Hacking AWS S3: Find Vulnerable Buckets and Earn Big $$$$https://medium.com/@nebty/the-ultimate-guide-to-hacking-aws-s3-find-vulnerable-buckets-and-earn-big-5b089d921814?source=rss------bug_bounty-5Nebtypenetration-testing, cybersecurity, ethical-hacking, bug-bounty, s323-Jan-2025
Biggest innovation in Penetration Testing so farhttps://medium.com/@hackrate/biggest-innovation-in-penetration-testing-so-far-d6fac4800119?source=rss------bug_bounty-5Levente Molnarethical-hacking, bug-bounty, penetration-testing, cybersecurity, hacking23-Jan-2025
How To Convert Your Android Device In A Recon Device ?https://bitpanic.medium.com/how-to-convert-your-android-device-in-a-recon-device-4ad22c3bbdab?source=rss------bug_bounty-5Spectat0rguybug-bounty, technology, programming, bug-bounty-tips, cybersecurity23-Jan-2025
How I Found a Bug in Sony and Earned Exclusive Swag!https://medium.com/@josekuttykunnelthazhebinu/how-i-found-a-bug-in-sony-and-earned-exclusive-swag-f565d56c395e?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binubug-bounty, cybersecurity, programming, technology, vulnerability23-Jan-2025
Essential Tools and Technologies Every SOC Analyst Must Master to Stay Ahead in Cybersecurityhttps://mhmmuneef.medium.com/essential-tools-and-technologies-every-soc-analyst-must-master-to-stay-ahead-in-cybersecurity-50d76cc87ec5?source=rss------bug_bounty-5Mohammed Muneefhacking, bug-bounty, cybersecurity, technology, soc23-Jan-2025
CTI REPORT - LockBit 3.0:https://medium.com/@muhammetalgan3547/cti-report-lockbit-3-0-33e224e1d8d6?source=rss------bug_bounty-5Muhammet ALGANbug-bounty, cybersecurity, incident-response, cyber-threat-intelligence, hacking23-Jan-2025
Unique ways to Recon for Bug Hunters: Short series [Part 1]https://osintteam.blog/unique-ways-to-recon-for-bug-hunters-short-series-part-1-7e91f3fcfe25?source=rss------bug_bounty-5RivuDonethical-hacking, infosec, bug-bounty-tips, bug-bounty-writeup, bug-bounty22-Jan-2025
Polluting My Way to Victory: How I Found HTTP Parameter Pollution (HPP) and Exploited It Like a Prohttps://myselfakash20.medium.com/polluting-my-way-to-victory-how-i-found-http-parameter-pollution-hpp-and-exploited-it-like-a-pro-c4cf39ec90fe?source=rss------bug_bounty-5Akash Ghoshcybersecurity, bug-bounty, bug-bounty-writeup, technology, bug-bounty-tips22-Jan-2025
Appreciation Letter from NASA for Uncovering Unauthorized file Accesshttps://medium.com/@hackxb12/appreciation-letter-from-nasa-for-uncovering-unauthorized-file-access-a1d1497a33e6?source=rss------bug_bounty-5Bhautik Patelcybersecurity, bug-bounty22-Jan-2025
Threat Hunting Using Powershellhttps://medium.com/@paritoshblogs/threat-hunting-using-powershell-ce8502307b65?source=rss------bug_bounty-5Paritoshprogramming, threat-hunting, bug-bounty, cybersecurity, powershell22-Jan-2025
Earn $100–500 after Pentesting OAuthhttps://medium.com/@anandrishav2228/earn-100-500-after-pentesting-oauth-02018371d4c2?source=rss------bug_bounty-5Rishav anandpentesting, money, cybersecurity, oauth, bug-bounty22-Jan-2025
Polluting My Way to Victory: How I Found HTTP Parameter Pollution (HPP) and Exploited It Like a Prohttps://osintteam.blog/polluting-my-way-to-victory-how-i-found-http-parameter-pollution-hpp-and-exploited-it-like-a-pro-c4cf39ec90fe?source=rss------bug_bounty-5Akash Ghoshcybersecurity, programming, bug-bounty, bug-bounty-writeup, technology22-Jan-2025
BY USING JAVASCRIPT ANALYSIS GOT 200$ for JUST AN API TOKEN Leak [Information Disclosure…https://medium.com/@hrofficial62/by-using-javascript-analysis-got-200-for-just-an-api-token-leak-information-disclosure-a2f1868ab94f?source=rss------bug_bounty-5Mr Horbioethical-hacking, bug-bounty, cybersecurity, pentesting, hacking22-Jan-2025
What if XML-RPC.php file show 403 Forbiddenhttps://medium.com/@hrofficial62/what-if-xml-rpc-php-file-show-403-forbidden-0ba7141a8d52?source=rss------bug_bounty-5Mr Horbiobug-bounty, hacking, penetration-testing, wordpress, cybersecurity22-Jan-2025
Recon | Subdomainshttps://z0enix.medium.com/recon-subdomains-230f37ea97b1?source=rss------bug_bounty-5Mohamed Hamadourecon, subdomain, bug-bounty, bug-bounty-tips22-Jan-2025
CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)https://z0enix.medium.com/cwe-79-improper-neutralization-of-input-during-web-page-generation-cross-site-scripting-db5719c34014?source=rss------bug_bounty-5Mohamed Hamadoubug-bounty, vulnerability22-Jan-2025
Account Tackoverhttps://z0enix.medium.com/account-tackover-765357c12e45?source=rss------bug_bounty-5Mohamed Hamadoubug-bounty, bug-bounty-tips22-Jan-2025
How I Hacked a User Management System and Found 3 Critical GraphQL Vulnerabilitieshttps://medium.com/@4bdo/how-i-hacked-a-user-management-system-and-found-3-critical-graphql-vulnerabilities-4362eff1a38f?source=rss------bug_bounty-54bd0_m4g3dinfosec, cybersecurity, data-privacy, bug-bounty, ethical-hacking22-Jan-2025
Understanding Privilege Escalation in Linux and Windows Systems - [Part 1]https://bashoverflow.medium.com/understanding-privilege-escalation-in-linux-and-windows-systems-part-1-f9c98c8a0a14?source=rss------bug_bounty-5Bash Overflowprivilege-escalation, penetration-testing, bug-bounty, linux-priv-esc, windows-priv-escalation22-Jan-2025
CertificateFinder: A Game-Changer for All Hidden Subdomains(freeGUI tool)https://anontriager.medium.com/certificatefinder-a-game-changer-for-all-hidden-subdomains-freegui-tool-c9c58c910b3c?source=rss------bug_bounty-5Anonymous Traigerjobs, hacking, bug-bounty, programming, developer22-Jan-2025
My Bug Bounty Journey: A Middle-Class Kid’s Quest for Free and Beyondhttps://medium.com/@vivekps143/my-bug-bounty-journey-a-middle-class-kids-quest-for-free-and-beyond-1cd6b65240d6?source=rss------bug_bounty-5Vivek PSbug-bounty-writeup, web-security, hacking, bug-bounty22-Jan-2025
The Biggest Bug Bounty Payouts of All Time and What We Learnedhttps://medium.com/@hackrate/the-biggest-bug-bounty-payouts-of-all-time-and-what-we-learned-0a35c8a327c2?source=rss------bug_bounty-5Levente Molnarbug-bounty, cybersecurity, ethical-hacking, hacking, bug-bounty-tips22-Jan-2025
IPany VPN Breached in Supply-Chain Attack: Hackers Deploy SlowStepper Malwarehttps://medium.com/@wiretor/ipany-vpn-breached-in-supply-chain-attack-hackers-deploy-slowstepper-malware-ba0ae1c2ddb9?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacker, ai, malware, hacking22-Jan-2025
️ How to Stay Anonymous Online: A Hacker’s Perspectivehttps://medium.com/@atnoforcybersecurity/%EF%B8%8F-how-to-stay-anonymous-online-a-hackers-perspective-920b4bdc2401?source=rss------bug_bounty-5ATNO For Cybersecurity | Hackingbug-bounty, cybersecurity, cyberattack, cybercrime22-Jan-2025
Easy Hacking with Google Dorking — Finding NASA High P2 Vulnerabilityhttps://abhirdd.medium.com/easy-hacking-with-google-dorking-finding-nasa-high-p2-vulnerability-8b9797eac370?source=rss------bug_bounty-5Abhi Rantia Dharmawanbug-bounty-tips, bugcrowd, bug-bounty, bug-bounty-writeup, nasa22-Jan-2025
Intent Redirect: Unlocking Hidden Pathways in Android Applicationshttps://medium.com/@k3r0/intent-redirect-unlocking-hidden-pathways-in-android-applications-8f3390965236?source=rss------bug_bounty-5Kyrillos nadyandroid-app-development, hacking, mobile-app-development, bug-bounty, pentesting22-Jan-2025
Basic Windows CMD Commands for Hackers: A Guide to Privilege Escalationhttps://medium.com/@ajudeb55/basic-windows-cmd-commands-for-hackers-a-guide-to-privilege-escalation-99ad396aadf6?source=rss------bug_bounty-5Aju Debbug-bounty, money, technology, programming, cybersecurity21-Jan-2025
From Order to Exploit: A Deep Dive into Restaurant Network Securityhttps://medium.com/@davimouar/from-order-to-exploit-a-deep-dive-into-restaurant-network-security-64aeaf3a6f64?source=rss------bug_bounty-5Davi Mouraprogramming, bug-bounty, cybersecurity, hacking, security21-Jan-2025
Comprehensive XSS Learning Roadmaphttps://medium.com/@shuklaneel525/comprehensive-xss-learning-roadmap-6f48585d8fe8?source=rss------bug_bounty-5NEEL SHUKLAcross-site-scripting, bug-bounty-tips, cybersecurity, ethical-hacking, bug-bounty21-Jan-2025
Earn $1000–2000 by identifying Common vulnerability in Tech.https://medium.com/@anandrishav2228/earn-1000-2000-by-identifying-common-vulnerability-in-tech-e8fd44da2a1c?source=rss------bug_bounty-5Rishav anandbug-bounty, security, hacking, cyber, money21-Jan-2025
These Hackers Earn 7 figure incomehttps://medium.com/@BlackHat123/these-hackers-earn-7-figure-income-73013c4225f4?source=rss------bug_bounty-5blackhatbug-bounty, ethical-hacking, earn-money-online, hackerone, hacker21-Jan-2025
How a Routine Security Test Led to My First CVE and Bug Bounty: Lessons in API Security and Beyondhttps://tech.cashfree.com/how-a-routine-security-test-led-to-my-first-cve-and-bug-bounty-lessons-in-api-security-and-beyond-8f0da2bb553e?source=rss------bug_bounty-5Anubhav Sharmavulnerability, api-security, infosec, bug-bounty, cybersecurity21-Jan-2025
I found my first bug [Google Dorking]https://medium.com/@krishnathegr817/i-found-my-first-bug-google-dorking-30c974be94f2?source=rss------bug_bounty-5Krishna Agarwalcybersecurity, bug-bounty, first-bug21-Jan-2025
Easy MFA Setup bypass Lead to unauthorized access to PII data Of usershttps://medium.com/@0xOsman/easy-mfa-setup-bypass-lead-to-unauthorized-access-to-pii-data-of-users-443d41ae98a3?source=rss------bug_bounty-5Abdalah Osman2fa-bypass, bug-bounty, bugbounty-writeup, bugbounty-tips21-Jan-2025
“My Journey as a Bug Hunter: Reporting to the Dutch Government”https://cybersecuritywriteups.com/my-journey-as-a-bug-hunter-reporting-to-the-dutch-government-7bfd18d616fa?source=rss------bug_bounty-5Taha Diwanhacking, dutch-government, bug-bounty, cybersecurity, ethical-hacking21-Jan-2025
Bug Bounty Insights: 10 Key Findings - ZeroClick Account Takeover - Part 5https://medium.com/@maakthon/bug-bounty-insights-10-key-findings-zeroclick-account-takeover-part-5-a6acb3dce5e7?source=rss------bug_bounty-5Mahmoud Abd Alkarimweb-development, bug-bounty, hacking, account-takeover, bugbounty-writeup21-Jan-2025
How AI and Free Open-Source Tools are Revolutionizing Bug Bounty Huntinghttps://medium.com/@zoningxtr/how-ai-and-free-open-source-tools-are-revolutionizing-bug-bounty-hunting-37241798177b?source=rss------bug_bounty-5Zoningxtrbug-bounty, cybersecurity, penetration-testing21-Jan-2025
Unauthenticated Vulnerabilities: Maximum Impact $$$https://medium.com/@HackerNasr/unauthenticated-vulnerabilities-maximum-impact-9b51b4a0c719?source=rss------bug_bounty-5HackerNasrinformation-security, cyberattack, bug-bounty, cybersecurity, vulnerability21-Jan-2025
How to Install MobSF on Kali Linux for Android Application Pentesting (2025)https://medium.com/@usmandasthaheer/how-to-install-mobsf-on-kali-linux-for-android-application-pentesting-2025-50c4948a1c0d?source=rss------bug_bounty-5Usman Dasthaheerpenetration-testing, bug-bounty, cybersecurity, kali-linux21-Jan-2025
7-Zip Fixes Bug That Bypasses Windows MoTW Security Warningshttps://medium.com/@wiretor/7-zip-fixes-bug-that-bypasses-windows-motw-security-warnings-569ac8a89068?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, bug-bounty, 7zip, money, malware21-Jan-2025
Hi everyone, and welcome to this lab project: Finding Open Service Ports Using Kali Linux.https://medium.com/@.rai/hi-everyone-and-welcome-to-this-lab-project-finding-open-service-ports-using-kali-linux-9be24cde101e?source=rss------bug_bounty-5Gamuchiraiopen-source, metasploitable, nmap, kali, bug-bounty21-Jan-2025
The correct approach to testing for privilege escalation bugs...❕❗https://medium.com/@mahdisalhi0500/the-correct-approach-to-testing-for-privilege-escalation-bugs-d03bd9281a3e?source=rss------bug_bounty-5CaptinSHArky(Mahdi)infosec, bug-bounty-tips, penetration-testing, information-security, bug-bounty21-Jan-2025
How to transition from Pentesting to Bug Bounty Huntinghttps://medium.com/@hackrate/how-to-transition-from-pentesting-to-bug-bounty-hunting-f98398c4ea0a?source=rss------bug_bounty-5Levente Molnarpenetration-testing, hacking, bug-bounty, cybersecurity, ethical-hacking21-Jan-2025
WordPress Hacking 2025https://medium.com/infosec-notes/wordpress-hacking-2025-03985e7d2e08?source=rss------bug_bounty-5Mr Horbiowordpress, pentesting, cybersecurity, ethical-hacking, bug-bounty21-Jan-2025
response manipulation leads to access admin panelhttps://medium.com/@ajax12395/response-manipulation-leads-to-access-admin-panel-2295655c646d?source=rss------bug_bounty-5xlr7bug-bounty20-Jan-2025
How I Turned a $10 RFI Bug into a $300 RCE Bounty (Step-by-Step Guide)https://medium.com/@ibtissamhammadi/how-i-turned-a-10-rfi-bug-into-a-300-rce-bounty-step-by-step-guide-75042267969a?source=rss------bug_bounty-5Ibtissam Hammadiweb-security, rce, rfi, infosec, bug-bounty20-Jan-2025
Found HTML Injection in Emails! Earned HOFhttps://medium.com/@dsmodi484/found-html-injection-in-emails-earned-hof-24a8a8223f29?source=rss------bug_bounty-5cryptoshantcybersecurity, hacking, security, html, bug-bounty20-Jan-2025
Insecure Direct Object Reference (iDOR) via Programs HackerOnehttps://medium.com/@HackerPlus/insecure-direct-object-reference-idor-via-programs-hackerone-3c8e261b7ca3?source=rss------bug_bounty-5HackerPlus+ctf, bug-bounty, bug-bounty-writeup, bug-bounty-tips, hackerone20-Jan-2025
How to Prepare for Incident Response ? A Step-by-Step Guide for Studentshttps://mhmmuneef.medium.com/how-to-prepare-for-incident-response-a-step-by-step-guide-for-students-fcf9f77cc56b?source=rss------bug_bounty-5Mohammed Muneefbug-bounty, study-abroad, cybersecurity, technology, incident-response20-Jan-2025
Unlock Hidden Backups with wayBackupFinder.pyhttps://anmolksachan.medium.com/unlock-hidden-backups-with-waybackupfinder-py-7b98041a82d9?source=rss------bug_bounty-5Anmol K Sachanwriteup, bug-bounty, backup, automation, pentesting20-Jan-2025
Various Methods to Exploit Insecure Direct Object Reference (IDOR)https://medium.com/@sahusujal.dev2004/various-methods-to-exploit-insecure-direct-object-reference-idor-f50a131fe651?source=rss------bug_bounty-5Sujal Sahubug-reporting, bug-bounty, writeup, web-penetration-testing, bug-bounty-tips20-Jan-2025
How to Turn Bug Bounty Scopes into Goldmines: Recon Techniques That Workhttps://medium.com/@HackerNasr/how-to-turn-bug-bounty-scopes-into-goldmines-recon-techniques-that-work-4b6a1bd4979d?source=rss------bug_bounty-5HackerNasrcyber-security-awareness, bug-bounty-writeup, bug-bounty, security-research, cybersecurity20-Jan-2025
Using Tor Network to Bypass Rate Limitshttps://saeed0x1.medium.com/using-tor-network-to-bypass-rate-limits-9fe2b174c316?source=rss------bug_bounty-5SAEEDbug-bounty-writeup, bug-bounty-tips, tor, bug-bounty, cybersecurity20-Jan-2025
Agent Sudo 2.0https://medium.com/@pavanboss/agent-sudo-2-0-1d92f6232ff8?source=rss------bug_bounty-5PavanBossbug-bounty, sudo, agents, thm, ctf20-Jan-2025
Reconnaissance — Finding Apex/Root Domainshttps://it4chis3c.medium.com/reconnaissance-finding-apex-root-domains-b822cf54663e?source=rss------bug_bounty-5It4chis3csecrets, bug-bounty, apex-domain, reconnaissance, bug-bounty-tips20-Jan-2025
Security Session #2https://medium.com/@mon.cybersec/security-session-2-7b2ec1a2d03e?source=rss------bug_bounty-5Mon Worksburpsuite, hacking, bug-bounty, security, ciberseguridad20-Jan-2025
The ROI of Bug Bounty Programs: Cost vs. Impacthttps://medium.com/@hackrate/the-roi-of-bug-bounty-programs-cost-vs-impact-591de5eb3630?source=rss------bug_bounty-5Levente Molnarethical-hacking, bug-bounty-tips, hacking, cybersecurity, bug-bounty20-Jan-2025
Using Tor Network to Bypass Rate Limitshttps://systemweakness.com/using-tor-network-to-bypass-rate-limits-9fe2b174c316?source=rss------bug_bounty-5SAEEDbug-bounty-writeup, bug-bounty-tips, tor, bug-bounty, cybersecurity20-Jan-2025
40+ Google Dorks For Low Hanging Fruitshttps://bitpanic.medium.com/40-google-dorks-for-low-hanging-fruits-d8fc3d5d7a8d?source=rss------bug_bounty-5Spectat0rguycybersecurity, bug-bounty, programming, bug-bounty-tips, technology20-Jan-2025
HTML Injection At Email Via Programs HackerOnehttps://medium.com/@HackerPlus/html-injection-at-email-via-programs-hackerone-07f2e6652523?source=rss------bug_bounty-5HackerPlus+bug-bounty-tips, ctf, bugcrowd, bug-bounty, hackerone20-Jan-2025
Discovering backups, secrets, and more using the wayBackupFinder.py tool.https://anmolksachan.medium.com/discovering-backups-secrets-and-more-using-the-waybackupfinder-py-tool-b97f67e95c50?source=rss------bug_bounty-5Anmol K Sachanwayback-machine, bug-bounty, pentesting, bug-bounty-tips, osint20-Jan-2025
A Beginner’s Guide to Testing for Directory Traversal Attackshttps://medium.com/@mcooter/a-beginners-guide-to-testing-for-directory-traversal-attacks-300e7af275bd?source=rss------bug_bounty-5Michael Cooterbug-bounty, oswa, directory-traversal, hacking, web-application-security20-Jan-2025
Exploiting Race Condition Bugshttps://medium.com/@vuk.ivanovic9000/exploiting-race-condition-bugs-41af288c9e0f?source=rss------bug_bounty-5Vuk Ivanovicrace-condition, exploitation, burpsuite, infosec, bug-bounty20-Jan-2025
A List of Known and Unknown Bug Bounty Platformshttps://medium.com/meetcyber/a-list-of-known-and-unknown-bug-bounty-platforms-c7e8a87e59f8?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, hacking, ethical-hacking20-Jan-2025
How I found S3 buckets in Bug bountieshttps://infosecwriteups.com/how-i-found-s3-buckets-in-bug-bounties-501faf76c3f9?source=rss------bug_bounty-5Mukilan Baskaranbug-bounty, s3, s3-bucket, aws, aws-hacking20-Jan-2025
How I Made $500 in 30 Days Using ChatGPT as My Hacking Mentorhttps://medium.com/@ibtissamhammadi/how-i-made-500-in-30-days-using-chatgpt-as-my-hacking-mentor-113226deed78?source=rss------bug_bounty-5Ibtissam Hammadiethical-hacking, hacking, cybersecurity, chatgpt, bug-bounty20-Jan-2025
What is a WAF ? How it works ?https://medium.com/@rohitmaity001/what-is-a-waf-how-it-works-931a5f6fee84?source=rss------bug_bounty-5Rohit Maityhow-it-works, cyber, cybersecurity, cyber-securty, bug-bounty20-Jan-2025
PicoCTF Writeup — Web Gauntlethttps://medium.com/@sobatistacyber/picoctf-writeup-web-gauntlet-7c3b8c7c7946?source=rss------bug_bounty-5SoBatistapenetration-testing, hacking, ctf, sql-injection, bug-bounty20-Jan-2025
Hackers Deploy Malicious npm Packages to Steal Solana Wallet Keys via Gmail SMTPhttps://medium.com/@wiretor/hackers-deploy-malicious-npm-packages-to-steal-solana-wallet-keys-via-gmail-smtp-cfdae9876dec?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, hacking, hacker, ai, bug-bounty20-Jan-2025
Easy P4: Cloudflare Bypass, Origin IP Found (Part 2)https://sudosuraj.medium.com/easy-p4-cloudflare-bypass-origin-ip-found-part-2-5ffc615bff1f?source=rss------bug_bounty-5sudosurajcloudflare, bug-bounty-tips, bug-bounty-writeup, bug-bounty, sudosuraj20-Jan-2025
SQL Injection Vulnerability in Microsoft’s DevBlogs [devblogs.microsoft.com]https://zhenwarx.medium.com/sql-injection-vulnerability-in-microsofts-devblogs-devblogs-microsoft-com-690792213d1f?source=rss------bug_bounty-5Zhenwarxbug-bounty, sql-injection, microsoft20-Jan-2025
Incident Response in Digital Forensics | A Beginners-Friendly Guidehttps://mhmmuneef.medium.com/incident-response-in-digital-forensics-a-beginners-friendly-guide-7ec0b4789519?source=rss------bug_bounty-5Mohammed Muneefhacking, information-technology, technology, bug-bounty, cybersecurity20-Jan-2025
Finding my First SQL Injection On HackerOnehttps://infosecwriteups.com/finding-my-first-sql-injection-on-hackerone-6a031ab5aa1c?source=rss------bug_bounty-5Aleksa Zatezalohackerone, sql-injection, bug-bounty, burpsuite, hacking19-Jan-2025
Unlimited XSS | This is the Dumbest Way to Find XSS Bughttps://medium.com/readers-club/unlimited-xss-this-is-the-dumbest-way-to-find-xss-bug-6ee92de5df38?source=rss------bug_bounty-5Abhijeet kumawatinfosec, xss-attack, money, bug-bounty, hacking19-Jan-2025
From Path Traversal to RCE: A $40,000 Bug Bounty Journeyhttps://medium.com/@ibtissamhammadi/from-path-traversal-to-rce-a-40-000-bug-bounty-journey-a8316994ab3d?source=rss------bug_bounty-5Ibtissam Hammadiinfosec, hacking-tutorial, remote-code-execution, bug-bounty, web-security19-Jan-2025
Monsif Hmouri: بين الأخلاقيات التقنية والنضال من أجل العدالةhttps://monsifhmouri.medium.com/monsif-hmouri-%D8%A8%D9%8A%D9%86-%D8%A7%D9%84%D8%A3%D8%AE%D9%84%D8%A7%D9%82%D9%8A%D8%A7%D8%AA-%D8%A7%D9%84%D8%AA%D9%82%D9%86%D9%8A%D8%A9-%D9%88%D8%A7%D9%84%D9%86%D8%B6%D8%A7%D9%84-%D9%85%D9%86-%D8%A3%D8%AC%D9%84-%D8%A7%D9%84%D8%B9%D8%AF%D8%A7%D9%84%D8%A9-dd651dada725?source=rss------bug_bounty-5MONSIF HMOURIbug-bounty, cybersecurity, palestinian-cause, digital-activism, ethical-hacking19-Jan-2025
Choosing Your First Program in Bug Bounties: A Beginner’s Guidehttps://it4chis3c.medium.com/choosing-your-first-program-in-bug-bounties-a-beginners-guide-6b27c58316da?source=rss------bug_bounty-5It4chis3cbug-bounty-writeup, bug-bounty-tips, secrets, roadmaps, bug-bounty19-Jan-2025
How i am Starting my Bug Hunting..?https://medium.com/@Charon19d/how-i-am-starting-my-bug-hunting-7a727e3dfb74?source=rss------bug_bounty-5Charon19dhacking, learning, cybersecurity, bug-bounty, bug-hunting19-Jan-2025
Command Injection for Beginners: From Detection to Exploitationhttps://medium.com/@HackerNasr/command-injection-for-beginners-from-detection-to-exploitation-8e7816dcb53d?source=rss------bug_bounty-5HackerNasrcyber-secuity, bug-bounty, information-security, security-research19-Jan-2025
Wolf Haldenstein Data Breach Impacts 3.4 Million Individualshttps://medium.com/@wiretor/wolf-haldenstein-data-breach-impacts-3-4-million-individuals-8e567c04e0b6?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, money, ai, hacker, bug-bounty19-Jan-2025
Star Blizzard Hackers Abuse WhatsApp to Target High-Value Diplomatshttps://medium.com/@wiretor/star-blizzard-hackers-abuse-whatsapp-to-target-high-value-diplomats-beed8a06a0ec?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, hacker, money, bug-bounty, malware19-Jan-2025
CVE-2024–57767: Critical Server-Side Request Forgery (SSRF) Vulnerabilityhttps://medium.com/@wiretor/cve-2024-57767-critical-server-side-request-forgery-ssrf-vulnerability-722db6cbba17?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, ai, bug-bounty, money, ssrf19-Jan-2025
How I Found a SQL Injection Vulnerability in websitehttps://medium.com/@Bl4cky/how-i-found-a-sql-injection-vulnerability-in-website-56a8b2b1edab?source=rss------bug_bounty-5Bl4ckypenetration-testing, sqlmap, bug-bounty, sql-injection, pentest19-Jan-2025
API Testinghttps://0xy37.medium.com/api-testing-9de53e7736d3?source=rss------bug_bounty-5Yara AlHumaidan (0xy37)bug-bounty, security, api, api-testing19-Jan-2025
From Low to Whoa: Elevating a P5 SSRF to a P3https://medium.com/@loayahmed686/from-low-to-whoa-elevating-a-p5-ssrf-to-a-p3-6db1afdbde4c?source=rss------bug_bounty-5r00tbug-bounty-tips, bug-bounty, bug-bounty-writeup19-Jan-2025
How Did a Simple Path Traversal to RCE Bug Land Me $40K?https://medium.com/@ibtissamhammadi/how-did-a-simple-path-traversal-to-rce-bug-land-me-40k-e20aecb162b0?source=rss------bug_bounty-5Ibtissam Hammadicybersecurity, information-security, ethical-hacking, bug-bounty18-Jan-2025
The Road to CRTP Cert — Part 16https://medium.com/@dineshkumaar478/the-road-to-crtp-cert-part-16-edc129cf1277?source=rss------bug_bounty-5Dineshkumaar Rpentesting, hacking, cybersecurity, active-directory, bug-bounty18-Jan-2025
How to Stay Anonymous While Doing OSINThttps://medium.com/@paritoshblogs/how-to-stay-anonymous-while-doing-osint-519f607fa79d?source=rss------bug_bounty-5Paritoshthreat-intelligence, osint, hacking, bug-bounty, chatgpt18-Jan-2025
Bug Bounty | Privilege Escalation From Admin To Ownerhttps://medium.com/@yog_sahare/bug-bounty-privilege-escalation-from-admin-to-owner-90d86e2395e6?source=rss------bug_bounty-5Yog Saharebug-bounty, bug-bounty-writeup, privilege-escalation, vulnerability, idor-vulnerability18-Jan-2025
Google XSS Gamehttps://medium.com/@PhilopaterSh/google-xss-game-6dbd1c8b3eb8?source=rss------bug_bounty-5Philopater Shenoudagoogle-xss-game, xss-attack, xss-challenge, web-penetration-testing, bug-bounty18-Jan-2025
AI-Powered Recon: Unearthing PII from Non-English Fileshttps://bunny0417.medium.com/ai-powered-recon-unearthing-pii-from-non-english-files-4bf9e91e6b6b?source=rss------bug_bounty-5Aayush kumarbugbounty-writeup, infosec, bug-bounty-tips, bug-bounty, ai-security18-Jan-2025
This 200 Dorks cheats can change your life.https://medium.com/@anandrishav2228/this-200-dorks-cheats-can-change-your-life-13217162aba4?source=rss------bug_bounty-5Rishav anandhacking, bug-bounty, money, google-dork, cybersecurity18-Jan-2025
Threat Hunting Tool: Email Analyzerhttps://hackerassociate.medium.com/threat-hunting-tool-email-analyzer-19518c7d2645?source=rss------bug_bounty-5Harshad Shahinfosec, bug-bounty, cyberattack, threat-hunting, cybersecurity18-Jan-2025
WIFI Hacking , user and password hacking [How hackers get Password of any wifi network]https://medium.com/@hrofficial62/wifi-hacking-user-and-password-hacking-how-hackers-get-password-of-any-wifi-network-015ae6575bed?source=rss------bug_bounty-5Mr Horbiobug-bounty, hacking, wifi, cybersecurity, pentesting18-Jan-2025
Comprehensive Scripts for Red teaminghttps://saconychukwu.medium.com/comprehensive-scripts-for-red-teaming-72c3d2980369?source=rss------bug_bounty-5Sacony Chukwuhacking, cybersecurity, bug-bounty-writeup, bug-bounty, bug-bounty-tips18-Jan-2025
Basic Linux Commands Every Newbie Bug Bounty Hunter Should Knowhttps://bitpanic.medium.com/basic-linux-commands-every-newbie-bug-bounty-hunter-should-know-d990da113f1c?source=rss------bug_bounty-5Spectat0rguycybersecurity, bug-bounty-tips, bug-bounty, technology, programming18-Jan-2025
Unlocking the Doors: How I Took Over Accounts with a Single Flaw!https://medium.com/@omdubey170/unlocking-the-doors-how-i-took-over-accounts-with-a-single-flaw-239900ab5ee9?source=rss------bug_bounty-5Omdubeybug-bounty-tips, bug-bounty-writeup, bugs, cybersecurity, bug-bounty18-Jan-2025
Re-captcha token generating secret key leaking identified via way back machinehttps://medium.com/@swaroopvenkat828/re-captcha-token-generating-secret-key-leaking-identified-via-way-back-machine-8b7fc04e90f8?source=rss------bug_bounty-5swaroop 04|16bug-bounty, wayback-machine, bug-bounty-writeup, bugbounty-tips, sensitive-information18-Jan-2025
Master Bug Bounty Recon: Using GoWitness and Eyeballer to Uncover Juicy Subdomainshttps://medium.com/@hacker_might/master-bug-bounty-recon-using-gowitness-and-eyeballer-to-uncover-juicy-subdomains-c7f79a3f3d06?source=rss------bug_bounty-5hacker_mightrecon, bug-bounty-tips, tools, bug-bounty, reconnaissance18-Jan-2025
Game Real-Time Communication Is Vulnerability higher impact than XSS and ATOhttps://medium.com/@bylyblyblybly/game-real-time-communication-is-vulnerability-higher-impact-than-xss-and-ato-c3d6b9ba77e5?source=rss------bug_bounty-5Bylyblyblyblybug-bounty, gamehacking, android-bugs, cyper-security, android-security18-Jan-2025
Stored XSS to Admin in Unauthenticated-WordPresshttps://infosecwriteups.com/stored-xss-to-admin-in-unauthenticated-wordpress-cb76bae66623?source=rss------bug_bounty-5c0d3x27bug-bounty, javascript, cybersecurity, hacking, software-development18-Jan-2025
Tools Used by Bug Bounty Hunters: A Comprehensive Guidehttps://medium.com/@ajudeb55/tools-used-by-bug-bounty-hunters-a-comprehensive-guide-c5286a0da36a?source=rss------bug_bounty-5Aju Debcybersecurity, bug-bounty, hacking, programming, python18-Jan-2025
IDOR to Partial Access and ACCOUNT TAKEOVER in a Top 5 Cloud Storage Platformhttps://q19.medium.com/idor-to-partial-access-and-account-takeover-in-a-top-5-cloud-storage-platform-844707a2cc01?source=rss------bug_bounty-5Q19hacking, security, bug-bounty, vulnerability18-Jan-2025
Otelier Data Breach Exposes Info, Hotel Reservations of Millionshttps://medium.com/@wiretor/otelier-data-breach-exposes-info-hotel-reservations-of-millions-14e75e47e589?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, ai, malware, breach, bug-bounty18-Jan-2025
Malicious PyPi Package Steals Discord Auth Tokens from Developershttps://medium.com/@wiretor/malicious-pypi-package-steals-discord-auth-tokens-from-developers-2a6707bb84f7?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, ai, money, bug-bounty, python18-Jan-2025
Tool Overviewhttps://xss0r.medium.com/tool-overview-6c255fe7ec9b?source=rss------bug_bounty-5xss0rxss0, bug-bounty, xss0rrecon, recon18-Jan-2025
Find First Bug for Beginner Bounty Huntershttps://infosecwriteups.com/find-first-bug-for-beginner-bounty-hunters-533f2da9dab1?source=rss------bug_bounty-5Mr Horbiohacking, ethical-hacking, pentesting, bug-bounty, cybersecurity18-Jan-2025
WIFI Hacking , user and password hacking [How hackers get Password of any wifi network]https://infosecwriteups.com/wifi-hacking-user-and-password-hacking-how-hackers-get-password-of-any-wifi-network-015ae6575bed?source=rss------bug_bounty-5Mr Horbiobug-bounty, hacking, wifi, cybersecurity, pentesting18-Jan-2025
Zero Click Account Takeover — JWT Token Manipulation via Programs HackerOnehttps://medium.com/@HackerPlus/zero-click-account-takeover-jwt-token-manipulation-via-programs-hackerone-07da3868ada9?source=rss------bug_bounty-5HackerPlus+bugcrowd, js, hackerone, jwt, bug-bounty18-Jan-2025
Cross-Site Scripting (XSS) attackshttps://medium.com/@rishuraj2666/cross-site-scripting-xss-attacks-cbb84d7f912d?source=rss------bug_bounty-5Rishurajxss-vulnerability, cybersecurity, security-researchers, hacking, bug-bounty18-Jan-2025
S3Bucket Enumeration and Takeoverhttps://medium.com/@sahusujal.dev2004/s3bucket-enumeration-and-takeover-f1ff24ad8187?source=rss------bug_bounty-5Sujal Sahubug-bounty, s3-bucket, cybersecurity, information-disclosure, bucket-takeover18-Jan-2025
How I Discovered a Password Reset Vulnerability on a Web Applicationhttps://medium.com/@Dorking1/how-i-discovered-a-password-reset-vulnerability-on-a-web-application-14fe29f9499c?source=rss------bug_bounty-5Dorking1penetration-testing, bug-bounty, cybersecurity18-Jan-2025
Day 2 — Hacker101 MicroCMS v1 Flag 3 Write-Uphttps://medium.com/@devinmack39/hacker101-microcms-v1-flag-3-write-up-db82e442b922?source=rss------bug_bounty-5Devin McCullumappsec, learning, bug-bounty17-Jan-2025
Critical Vulnerability Alert: CVE-2025-22949 – Tenda AC9 Router Command Injectionhttps://medium.com/@muhammetalgan3547/critical-vulnerability-alert-cve-2025-22949-tenda-ac9-router-command-injection-3fe10252a835?source=rss------bug_bounty-5Muhammet ALGANbug-bounty, network-security, hacking, vulnerability, cybersecurity17-Jan-2025
Android Intent Redirection: A Hacker’s Gateway to Internal Componentshttps://medium.com/@0x3adly/android-intent-redirection-a-hackers-gateway-to-internal-components-ebe126bbb2e0?source=rss------bug_bounty-5Anas Eladly ( 0x3adly )cybersecurity, bug-bounty, mobile-security, penetration-testing, android17-Jan-2025
One More Easy Bug | HTML Injectionhttps://medium.com/@kumawatabhijeet2002/one-more-easy-bug-html-injection-4279fccabbc6?source=rss------bug_bounty-5Abhijeet kumawatinfosec, money, bug-bounty, hacking, bug-bounty-tips17-Jan-2025
One More Easy Bug | HTML Injectionhttps://cybersecuritywriteups.com/one-more-easy-bug-html-injection-4279fccabbc6?source=rss------bug_bounty-5Abhijeet kumawatinfosec, money, bug-bounty, hacking, bug-bounty-tips17-Jan-2025
Stored DOM-based XSS Vulnerability on VPSServer.comhttps://medium.com/@hasanfahad769/stored-dom-based-xss-vulnerability-on-vpsserver-com-f96980104e4b?source=rss------bug_bounty-5Fahad Hossainbug-bounty, cybersecurity, web-security-testing17-Jan-2025
Focusing on Expired Sessions to Uncover IDOR Vulnerabilitieshttps://medium.com/@alvinbijo_174/focusing-on-expired-sessions-to-uncover-idor-vulnerabilities-75f5055c7452?source=rss------bug_bounty-5session-xbugs, bug-bounty, bug-bounty-tips, bugbounting, bugbounty-writeup17-Jan-2025
Collected XSS Payloads ⛏✌️⬇️https://medium.com/@alvinbijo_174/collected-xss-payloads-%EF%B8%8F-%EF%B8%8F-da7df1be4bbb?source=rss------bug_bounty-5session-xhacking, bugbounty-tips, idor, bugbounty-writeup, bug-bounty17-Jan-2025
Privilege Escalation in 5 minutes: When you’re just one URL away from becoming the Boss…https://medium.com/@forte.social/privilege-escalation-in-5-minutes-when-youre-just-one-url-away-from-becoming-the-boss-32a1f0934a0b?source=rss------bug_bounty-5eSecFortebug-bounty, bugbounty-tips, hacking, privilege-escalation, web-app-security17-Jan-2025
Account Takeover: Trading OAuth Codes for fun and profithttps://medium.com/@sazouki/account-takeover-trading-oauth-codes-for-fun-and-profit-f65463e9a6c9?source=rss------bug_bounty-5Sazoukibugbounty-writeup, bug-bounty17-Jan-2025
Hacker101 MicroCMS v1 Flag 3 Write-Uphttps://medium.com/@devinmack39/hacker101-microcms-v1-flag-3-write-up-db82e442b922?source=rss------bug_bounty-5Devin McCullumappsec, learning, bug-bounty17-Jan-2025
Why You Should Start a Bug Bounty Program for Your Mobile Applicationshttps://medium.com/@hackrate/why-you-should-start-a-bug-bounty-program-for-your-mobile-applications-a476c3646978?source=rss------bug_bounty-5Levente Molnarcybersecurity, bug-bounty, ethical-hacking, bug-bounty-tips, hacking17-Jan-2025
XSS: Bypass CloudFront WAFhttps://medium.com/@n45ht/xss-bypass-cloudfront-waf-9d0c8a12dc33?source=rss------bug_bounty-5N45HTbug-bounty-writeup, cross-site-scripting, xs, bug-bounty-tips, bug-bounty17-Jan-2025
How I Hacked Hackers Accounthttps://0xshuvo.medium.com/how-i-hacked-hackers-account-d5409b095133?source=rss------bug_bounty-5Shuvo Kumar Sahabugbounty-writeup, idor, infose, bug-bounty, bugbounty-tips17-Jan-2025
Account Takeover via IDOR form JWT Programs HackerOne 2500$https://medium.com/@HackerPlus/account-takeover-via-idor-form-jwt-programs-hackerone-2500-0a378fe2c951?source=rss------bug_bounty-5HackerPlus+hackerone, hacker, bug-hunting, bugcrowd, bug-bounty17-Jan-2025
The rise of scammer bug bounty programs — and the reason I quit bug bounty hunting.https://medium.com/@brotheralameen/the-rise-of-scammer-bug-bounty-programs-and-the-reason-i-quit-bug-bounty-hunting-4cc661c92e09?source=rss------bug_bounty-5Alameen Karim Meralibugs, bug-bounty-writeup, bug-bounty, bug-bounty-tips, cybersecurity17-Jan-2025
Leaking PII at Scale: How Third Parties Can Unintentionally Put Your Data at Risk.https://medium.com/@omarahmed_13016/leaking-pii-at-scale-how-third-parties-can-unintentionally-put-your-data-at-risk-6101fcb3d5e0?source=rss------bug_bounty-5Omar Ahmedhacking, writeup, vulnerability, hackerone, bug-bounty17-Jan-2025
Web Directory Free Plugin <= 1.7.2: Unauthenticated LFI Exploit (CVE-2024-3673)https://bashoverflow.medium.com/web-directory-free-plugin-1-7-2-unauthenticated-lfi-exploit-cve-2024-3673-f3721f79477d?source=rss------bug_bounty-5Bash Overflowcve-2024-3673, unauthenticated-lfi, bug-bounty, bug-bounty-tips, exploiting-lfi17-Jan-2025
US Sanctions Chinese Firm and Hacker Behind Treasury and Telecom Hackshttps://medium.com/@wiretor/us-sanctions-chinese-firm-and-hacker-behind-treasury-and-telecom-hacks-c25cfb0ae32a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, money, ai, hacking, malware17-Jan-2025
US Cracks Down on North Korea’s IT Worker Army with New Sanctionshttps://medium.com/@wiretor/us-cracks-down-on-north-koreas-it-worker-army-with-new-sanctions-e95efd40850a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, north, malware, money, ai17-Jan-2025
W3 Total Cache Plugin Flaw Exposes Over 1 Million WordPress Sites to Attackshttps://medium.com/@wiretor/w3-total-cache-plugin-flaw-exposes-over-1-million-wordpress-sites-to-attacks-15e0b6ace4e0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, marketing, ai, malware, hacker17-Jan-2025
100 Free Tools To Supercharge Your Bug Bounty Journeyhttps://bitpanic.medium.com/100-free-tools-to-supercharge-your-bug-bounty-journey-747ffb5d4bef?source=rss------bug_bounty-5Spectat0rguycybersecurity, bug-bounty, bug-bounty-tips, programming, technology17-Jan-2025
Finding a easy p4 it can be worth 200$https://medium.com/infosecmatrix/finding-a-easy-p4-it-can-be-worth-200-5d65a9faad0b?source=rss------bug_bounty-5loyalonlytodayhacking, ethical-hacking, bugs, bug-bounty, cybersecurity16-Jan-2025
Day One — HACKER 101 MicroCMS v1 Flag 1 — CTFhttps://medium.com/@devinmack39/day-one-hacker-101-microcms-v1-flag-1-ctf-eb606905eea7?source=rss------bug_bounty-5Devin McCullumbug-bounty, web-app-security, learning-and-development, ctf-writeup, sql-injection16-Jan-2025
This is The Easiest Bug You Can Find✨https://cybersecuritywriteups.com/this-is-the-easiest-bug-you-can-find-feadc3ef95a5?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, money, hacking, infosec, easy16-Jan-2025
Capturing of Network Traffic Using Wireshark Toolhttps://mhmmuneef.medium.com/capturing-of-network-traffic-using-wireshark-tool-09a9926f18dd?source=rss------bug_bounty-5Mohammed Muneefnetworking, cybersecurity, technology, bug-bounty, hacking16-Jan-2025
Kicking Off 2025: Findings on U.S. Department of Energyhttps://cybersecuritywriteups.com/kicking-off-2025-findings-on-u-s-department-of-energy-a92149e43102?source=rss------bug_bounty-5Guru Prasad Pattanaik || TH3N00BH4CK3Rethical-hacking, bug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips16-Jan-2025
How to Tackle Vulnerable JavaScript Dependencies: Lessons from the Kerala Government Websitehttps://medium.com/@ashwin74/how-to-tackle-vulnerable-javascript-dependencies-lessons-from-the-kerala-government-website-220722709ac4?source=rss------bug_bounty-5ASHWIN KUMARbug-bounty-tips, bug-bounty-writeup, bug-bounty, cybersecurity, javascript16-Jan-2025
Bug Bounty is live: Code breakers, welcome to Apillon!https://blog.apillon.io/bug-bounty-is-live-code-breakers-welcome-to-apillon-6dd4ff40fc82?source=rss------bug_bounty-5Apillonapillon-news, web3, bug-bounty, web3-development, rewards-programs16-Jan-2025
Cybersecurity with AI Roadmap in 2025https://medium.com/@anandrishav2228/cybersecurity-with-ai-roadmap-in-2025-25ced0372d5b?source=rss------bug_bounty-5Rishav anandroadmaps, hacking, ai, bug-bounty, cybersecurity16-Jan-2025
My first step into Bug Bountyhttps://medium.com/@n4itr0_07/my-first-step-into-bug-bounty-718d967e0576?source=rss------bug_bounty-5N4!TR0 07bug-bounty-writeup, sql-injection, bug-bounty-tips, security, bug-bounty16-Jan-2025
Hack The Box Curling Writeup:[Linux][Retired]https://medium.com/@vignesh6872610/hack-the-box-curling-writeup-linux-retired-7be2cc094707?source=rss------bug_bounty-5Vignesh Pbug-bounty-tips, hackthebox-writeup, retiredmachine, hackthebox, bug-bounty16-Jan-2025
CISA Adds Two New Actively Exploited Vulnerabilities to Known Exploited Vulnerabilities Cataloghttps://medium.com/@shalomo.social/cisa-adds-two-new-actively-exploited-vulnerabilities-to-known-exploited-vulnerabilities-catalog-023c1bd81754?source=rss------bug_bounty-5Shalomo Agarwarkarcybersecurity, data-science, business, programming, bug-bounty16-Jan-2025
Using Full potential of Virustotal for Bugbountyhttps://osintteam.blog/using-full-potential-of-virustotal-for-bugbounty-51d27750f588?source=rss------bug_bounty-5loyalonlytodayhacking, bug-bounty, bugs, ethical-hacking, cybersecurity16-Jan-2025
A Journey of Limited Path Traversal To RCE With $40,000 Bounty!https://medium.com/@HX007/a-journey-of-limited-path-traversal-to-rce-with-40-000-bounty-fc63c89576ea?source=rss------bug_bounty-5HX007programming, hacking, cybersecurity, security, bug-bounty16-Jan-2025
OTP BYPASS TECHNIQUE its My StOry [sweet and sour]https://medium.com/infosec-notes/otp-bypass-technique-its-my-story-sweet-and-sour-3e96b9eb63a0?source=rss------bug_bounty-5Mr Horbiopentesting, hacking, bug-bounty, cybersecurity, ethical-hacking16-Jan-2025
Java Script file analysis to find bugshttps://medium.com/@hrofficial62/java-script-file-analysis-to-find-bugs-1fb865fee83e?source=rss------bug_bounty-5Mr Horbioethical-hacking, pentesting, bug-bounty, hacking, cybersecurity16-Jan-2025
Bug Bounty Unlocked: Secrets, Strategies, and Mindset Hacks for Successhttps://it4chis3c.medium.com/bug-bounty-unlocked-secrets-strategies-and-mindset-hacks-for-success-e5d94a632220?source=rss------bug_bounty-5It4chis3cmindset, secrets, bug-bounty, bug-bounty-tips, bug-bounty-writeup16-Jan-2025
Bounty Hunters Take Note: How Leaked Zoom Links Can Unveil Security Flawshttps://bevijaygupta.medium.com/bounty-hunters-take-note-how-leaked-zoom-links-can-unveil-security-flaws-9f524423b5bc?source=rss------bug_bounty-5Vijay Kumar Guptazoom-meetings, securityflaw, bug-bounty, security, zoom16-Jan-2025
Hackers Leak Configs and VPN Credentials for 15,000 FortiGate Deviceshttps://medium.com/@wiretor/hackers-leak-configs-and-vpn-credentials-for-15-000-fortigate-devices-c9586b6e6051?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, money, vpn, hacker, bug-bounty16-Jan-2025
How to pass EMAPT examhttps://medium.com/@nomad8061/how-to-pass-emapt-exam-78bed982d061?source=rss------bug_bounty-5Ahmed Badryine, bug-bounty, bug-bounty-writeup, bug-bounty-tips, emapt16-Jan-2025
Exploring CORS Misconfiguration Vulnerabilities in Modern Applicationshttps://rootast.medium.com/exploring-cors-misconfiguration-vulnerabilities-in-modern-applications-def492a23e95?source=rss------bug_bounty-5Arash Shahbazicross-origin-resource, pentest, owasp-top-10, web-application-security, bug-bounty16-Jan-2025
The Top 8 Kali Linux Tools For 2025https://mhmmuneef.medium.com/the-top-8-kali-linux-tools-for-2025-d5904319b1d7?source=rss------bug_bounty-5Mohammed Muneefbug-bounty, technology, hacking, kali-linux, cybersecurity16-Jan-2025
What You Can Expect: A Personal Introduction and Blog Overviewhttps://medium.com/@T3chnocr4t/what-you-can-expect-a-personal-introduction-and-blog-overview-3a0a6cc984f6?source=rss------bug_bounty-5T3chnocr4tbug-bounty-writeup, writeup, bug-bounty-tips, cybersecurity, bug-bounty15-Jan-2025
Metasploit for Beginners — A Guide to the Powerful Exploitation Frameworkhttps://medium.com/@manishmshiva/metasploit-for-beginners-a-guide-to-the-powerful-exploitation-framework-a8b4245c8893?source=rss------bug_bounty-5Manish Shivanandhancybersecurity, bug-bounty, penetration-testing, metasploit, ethical-hacking15-Jan-2025
Hack with your mind! That’s enough?https://osintteam.blog/hack-with-your-mind-thats-enough-1c6b645d1384?source=rss------bug_bounty-5Abu Hurayrainfosec, ethical-hacking, cybersecurity, bug-bounty, hacking15-Jan-2025
NTLM Auth Disclosing Internal System Info via HTTP/2 to HTTP/1.1 Downgradehttps://medium.com/meetcyber/ntlm-auth-disclosing-internal-system-info-via-http-2-to-http-1-1-downgrade-603cc35c2dc4?source=rss------bug_bounty-5AbhirupKonwarpentesting, cybersecurity, bug-bounty, infosec, vulnerability15-Jan-2025
kya medium account jo suspend ho giya vo vapes aya ga .??https://medium.com/@subhash_9358/kya-medium-account-jo-suspend-ho-giya-vo-vapes-aya-ga-1d480676922e?source=rss------bug_bounty-5Schoudharybug-bounty, culture, cryptocurrency, business, artificial-intelligence15-Jan-2025
Bypassing Razer’s WAF for XSShttps://medium.com/@n45ht/bypassing-razers-waf-for-xss-afcaea744ab4?source=rss------bug_bounty-5N45HTbug-bounty-tips, bug-bounty-writeup, bug-bounty, xs, cross-site-scripting15-Jan-2025
My 2nd Bounty on the Same Company Again: ¥15,000 for a Medium Bughttps://medium.com/@dibyaranjanmohanta2806/my-2nd-bounty-on-the-same-company-again-15-000-for-a-medium-bug-e3dd70c0d40a?source=rss------bug_bounty-5Dibyaranjanmohantamoney, currency, reporting, bug-bounty, japan15-Jan-2025
Exploiting IDOR in a Support Portal Chatbothttps://infosecwriteups.com/exploiting-idor-in-a-support-portal-chatbot-f1d0617bace1?source=rss------bug_bounty-5Supun Halangoda (Suppa)bug-bounty, idor-vulnerability, bugbounty-tips, cybersecurity15-Jan-2025
EMC Mainnet Is Live! Join the Bug Bounty Blitz Program and Earn Rewards!https://medium.com/@EdgeMatrixChain/emc-mainnet-is-live-join-the-bug-bounty-blitz-program-and-earn-rewards-f309b16ee396?source=rss------bug_bounty-5EMC ( Edge Matrix Chain)ai, mainnet, depin, emc, bug-bounty15-Jan-2025
Stored XSS Found in Query Parameters of dhtmlxGrid.js on NASA.gov Subdomain (P3)https://medium.com/@aleenscode/stored-xss-found-in-query-parameters-of-dhtmlxgrid-js-on-nasa-gov-subdomain-p3-2b343fa5f045?source=rss------bug_bounty-5Aleenscodebug-bounty, hackerone, bugcrowd, cross-site-scripting, cybersecurity15-Jan-2025
User Enumeration: From Overlooked to Medium-Impact Bughttps://infosecwriteups.com/user-enumeration-from-overlooked-to-medium-impact-bug-48bbefa2ab3b?source=rss------bug_bounty-5callgh0stgenocide, bug-bounty, hacking, email, palestine15-Jan-2025
The Future of Bug Bounty and Penetration Testinghttps://medium.com/@hackrate/the-future-of-bug-bounty-and-penetration-testing-bce3f23cb095?source=rss------bug_bounty-5Levente Molnarbug-bounty, penetration-testing, ethical-hacking, hacking, cybersecurity15-Jan-2025
I found Reflected XSS on another university’s websitehttps://medium.com/@Bl4cky/hunting-reflected-xss-uncovering-vulnerabilities-on-university-websites-daa6c5ac790d?source=rss------bug_bounty-5Bl4ckyxss-attack, pentest, reflected-xss, bug-bounty15-Jan-2025
What Is Bug Bounty Hunting? A Complete Guidehttps://medium.com/@atnoforcybersecurity/what-is-bug-bounty-hunting-a-complete-guide-58f7019e5871?source=rss------bug_bounty-5ATNO For Cybersecurity | Hackingbug-bounty, hacking, network-security, cybersecurity15-Jan-2025
Allstate Faces Lawsuit for Tracking Drivers Without Permissionhttps://medium.com/@wiretor/allstate-faces-lawsuit-for-tracking-drivers-without-permission-e53b2cf5ed6b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, malware, money, hacker, bug-bounty15-Jan-2025
Web Cache Poisoning: Turning Speed into a Security Nightmarehttps://medium.com/@bughunt.bochi/web-cache-poisoning-turning-speed-into-a-security-nightmare-b2cde92e1036?source=rss------bug_bounty-5Bochixxcyber-security-awareness, ethical-hacking, vulnerability, bug-bounty, web-cache-poisoning15-Jan-2025
Zero Day Alert: Google OAuth Flaw Could Expose Abandoned Accountshttps://medium.com/@wiretor/zero-day-alert-google-oauth-flaw-could-expose-abandoned-accounts-40dbaa77260d?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, money, bug-bounty, zero-day, business15-Jan-2025
FBI Deletes Chinese PlugX Malware from Thousands of US Computershttps://medium.com/@wiretor/fbi-deletes-chinese-plugx-malware-from-thousands-of-us-computers-f212a3f27f14?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, ai, hacker, fbi, money15-Jan-2025
Basics of Bypassing Authentication Mechanismshttps://bitpanic.medium.com/cracking-the-code-how-hackers-bypass-authentication-mechanisms-efa9a09f41ea?source=rss------bug_bounty-5Spectat0rguybug-bounty, bug-bounty-tips, technology, cybersecurity, programming15-Jan-2025
How I Found and Reported a Critical Credential Stuffing Bug Worth $2000https://medium.com/@sc128496/how-i-found-and-reported-a-critical-credential-stuffing-bug-worth-2000-a76d3b4eebb2?source=rss------bug_bounty-5Sahil Choudharytechnology, information-security, hacking, cybersecurity, bug-bounty15-Jan-2025
how I found a Google map it’s worth 300$https://cybersecuritywriteups.com/how-i-found-a-google-map-its-worth-300-99da8061fc67?source=rss------bug_bounty-5loyalonlytodaycybersecurity, bug-bounty, ethical-hacking, hacking, bugs15-Jan-2025
Best Resources for Learning Cybersecurity: A Student’s Guidehttps://medium.com/@himzyoti.talukdar1234/best-resources-for-learning-cybersecurity-a-students-guide-002694679378?source=rss------bug_bounty-5Himjyoti talukdarpenetration-testing, ctf, infosec, bug-bounty, cybersecurity15-Jan-2025
How i found RXSS in href Attributehttps://medium.com/@mohaned0101/how-i-found-rxss-in-href-attribute-13a85e4e2c4d?source=rss------bug_bounty-5mohaned alkhlotxss-attack, bug-bounty, bug-bounty-tips, xss-vulnerability15-Jan-2025
Account Takeover in Mobile Apps: How to Exploit Vulnerabilitieshttps://medium.com/meetcyber/account-takeover-in-mobile-apps-how-to-exploit-vulnerabilities-dc1b55ef6891?source=rss------bug_bounty-5Erkan Kavasaccount-take-over, mobile-app-development, phishing, bug-bounty, cybersecurity15-Jan-2025
Tips to find Stored XSS [Bug_Bounty_Tips]https://medium.com/infosec-notes/tips-to-find-stored-xss-bug-bounty-tips-86cb62a529c8?source=rss------bug_bounty-5Mr Horbiobug-bounty, xss-attack, bugbounty-writeup, cybersecurity, pentesting14-Jan-2025
OWASP Top 10 Testing Guide V4 Checklisthttps://medium.com/@enigma_/owasp-top-10-testing-guide-v4-checklist-02448c971539?source=rss------bug_bounty-5enigma_owasp, oscp, infosec, cybersecurity, bug-bounty14-Jan-2025
The Road to CRTP Cert — Part 15https://medium.com/@dineshkumaar478/the-road-to-crtp-cert-part-15-d9ab41f827a4?source=rss------bug_bounty-5Dineshkumaar Rcybersecurity, bug-bounty, active-directory, hacking, offensive-security14-Jan-2025
OWASP Top 10 Testing Guide V4 Checklisthttps://infosecwriteups.com/owasp-top-10-testing-guide-v4-checklist-02448c971539?source=rss------bug_bounty-5enigma_owasp, oscp, infosec, cybersecurity, bug-bounty14-Jan-2025
Mobile Pentesting Toolshttps://hackerassociate.medium.com/mobile-pentesting-tools-479b797cd6a5?source=rss------bug_bounty-5Harshad Shahcybersecurity, infosec, pentesting, bug-bounty, mobile-app-development14-Jan-2025
From Zero to Bounty — My Journey as a Bug Hunterhttps://medium.com/@joaovmb15/from-zero-to-bounty-my-journey-as-a-bug-hunter-44d2bd63f657?source=rss------bug_bounty-50xJotavebug-hunter, bug-hunting, cybersecurity, bug-bounty14-Jan-2025
Nmap Cheat Sheet: Essential Commands and Advanced Techniques for Scanninghttps://medium.com/@verylazytech/nmap-cheat-sheet-essential-commands-and-advanced-techniques-for-scanning-2274e21654e0?source=rss------bug_bounty-5Very Lazy Techoscp, vulnerability, cybersecurity, nmap, bug-bounty14-Jan-2025
Reflected XSS protected by very strict CSP, with dangling markup attack (Port Swigger XSS Lab)https://medium.com/@hackllego/reflected-xss-protected-by-very-strict-csp-with-dangling-markup-attack-port-swigger-xss-lab-e8811c2e476d?source=rss------bug_bounty-5Hackllegobug-hunting, pentesting, bug-bounty, bug-bounty-tips, web-security14-Jan-2025
Simple Tips for Bug Bounty Beginners: Finding Open AWS S3 buckets, impact, and causeshttps://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-open-aws-s3-buckets-impact-and-causes-52f252bcddfa?source=rss------bug_bounty-5Anish Narayancybersecurity, bug-bounty-writeup, programming, bug-bounty-tips, bug-bounty14-Jan-2025
Improper Authentication in a famous Trading websitehttps://medium.com/@anonymousshetty2003/improper-authentication-in-a-famous-trading-website-0ffd27fb665e?source=rss------bug_bounty-5Anonymousshettybug-bounty, otp-bypass, cybersecurity, ethical-hacking, improper-access-control14-Jan-2025
How I found an account take over by session fixation (Bugbounty)https://medium.com/@leomsec/how-i-found-an-account-take-over-by-session-fixation-bugbounty-f2551f19be3e?source=rss------bug_bounty-5Leonardohacking, hacker, bug-bounty-tips, bug-bounty, web-hacking14-Jan-2025
Bug Bounty Programs: YES or NO?https://medium.com/@hackrate/bug-bounty-programs-yes-or-no-6b866eea8b01?source=rss------bug_bounty-5Levente Molnarethical-hacking, bug-bounty-tips, hacking, cybersecurity, bug-bounty14-Jan-2025
Day 4. The 100-Day Bug Bounty Challenge: Understanding SQL Injection Classic(In-band)https://mahhesshh.medium.com/day-4-the-100-day-bug-bounty-challenge-understanding-sql-injection-classic-in-band-2b8854d2e0e5?source=rss------bug_bounty-5Mahesh Dhakadhacking, sql-injection, bug-bounty, sqli, cybersecurity14-Jan-2025
7 Ways to Be Better at Bug Bounty Huntinghttps://bitpanic.medium.com/7-ways-to-be-better-at-bug-bounty-hunting-7eae956e500d?source=rss------bug_bounty-5Spectat0rguytechnology, bug-bounty-tips, programming, bug-bounty, cybersecurity14-Jan-2025
Improper Authentication in a famous Trading websitehttps://medium.com/@anonymousshetty2003/improper-authentication-in-a-famous-trading-website-0ffd27fb665e?source=rss------bug_bounty-5Anonymousshettybug-bounty, cybersecurity, ethical-hacking, improper-access-control, bug-bounty-tips14-Jan-2025
How to Use Wireshark: Comprehensive Tutorial + Tipshttps://mhmmuneef.medium.com/how-to-use-wireshark-comprehensive-tutorial-tips-24252ed2673d?source=rss------bug_bounty-5Mohammed Muneefbug-bounty, wireshark, cybersecurity, hacking, technology14-Jan-2025
Guía: instalación de VM + Kalihttps://medium.com/@mon.cybersec/gu%C3%ADa-instalaci%C3%B3n-de-vm-kali-fb7230a5263c?source=rss------bug_bounty-5Mon Workskali-linux, hacking, virtualbox, ciberseguridad, bug-bounty14-Jan-2025
The Definitive Guide to GitHub Recon: Lessons from Analyzing 100+ Reportshttps://medium.com/@iamakashce19010/the-definitive-guide-to-github-recon-lessons-from-analyzing-100-reports-bd5d4891a815?source=rss------bug_bounty-5Akashbug-bounty-tips, bug-bounty, bug-bounty-writeup14-Jan-2025
From Containers to Host: Privilege Escalation Techniques in Dockerhttps://medium.com/@kankojoseph4/from-containers-to-host-privilege-escalation-techniques-in-docker-487fe2124b8e?source=rss------bug_bounty-5Joseph "Sk4r1” KANKObug-bounty, cybersecurity, hacking, ethical-hacking, docker13-Jan-2025
Hire a hackerhttps://medium.com/@carl19722401/hire-a-hack-c54710808c3c?source=rss------bug_bounty-5Dimitris Nicholascybersecurity, hire-a-hacker, find-a-hacker, bug-bounty, ethical-hacking13-Jan-2025
Stored CSRF via Uploaded HTML File in User Account Document Sectionhttps://medium.com/@dee.gholase/stored-csrf-via-uploaded-html-file-in-user-account-document-section-dbe98e9184a3?source=rss------bug_bounty-5Digvijay Gholasebug-bounty-tips, bug-bounty, infosec, bug-bounty-writeup, cybersecurity13-Jan-2025
JavaScript Reconhttps://anontriager.medium.com/javascript-recon-efd981a85cfc?source=rss------bug_bounty-5Anonymous Traigerjobs, cybersecurity, hacker, programming, bug-bounty13-Jan-2025
Diving in Android Securityhttps://anontriager.medium.com/diving-in-android-security-a93f017b16f0?source=rss------bug_bounty-5Anonymous Traigerjobs, hacking, troubleshooting, cybersecurity, bug-bounty13-Jan-2025
Emerging Cyber Threats: The Latest Trends in Ransomware, Phishing, and APTshttps://medium.com/@paritoshblogs/emerging-cyber-threats-the-latest-trends-in-ransomware-phishing-and-apts-e3393f6410bc?source=rss------bug_bounty-5Paritoshcybersecurity, ransomware, threat-intelligence, hacking, bug-bounty13-Jan-2025
How I got my name on WHO’s Hall of Famehttps://infosecwriteups.com/how-i-got-my-name-on-whos-hall-of-fame-060d57662b16?source=rss------bug_bounty-5RivuDonbug-bounty, bug-bounty-tips, cybersecurity, hall-of-fame, infosec13-Jan-2025
Stored CSRF via Uploaded HTML File in User Account Document Sectionhttps://jxycybersec.medium.com/stored-csrf-via-uploaded-html-file-in-user-account-document-section-dbe98e9184a3?source=rss------bug_bounty-5Digvijay Gholasebug-bounty-tips, bug-bounty, infosec, bug-bounty-writeup, cybersecurity13-Jan-2025
Remember, the key is to stay motivated at every step.https://medium.com/@rhonnysharma783/linkedin-linkedin-com-in-rhonny-99f682300332?source=rss------bug_bounty-5Rhonnysharmabug-zero, bug-bounty, bug-bounty-tips, bugs, bug-bounty-writeup13-Jan-2025
Breaking into Jenkins for funhttps://medium.com/@24bkdoor/breaking-into-jenkins-for-fun-7070496521eb?source=rss------bug_bounty-524BkDoorcybersecurity, jenkins, hacking, web-development, bug-bounty13-Jan-2025
Crack the Code — Part 2https://it4chis3c.medium.com/crack-the-code-part-2-aeaa5055251e?source=rss------bug_bounty-5It4chis3cbug-bounty, roadmap-to-success, bug-bounty-writeup, bug-bounty-tips, roadmaps13-Jan-2025
MASS HUNTING TO FIND XSS(CROSS SITE SCRIPTING)https://medium.com/h7w/mass-hunting-to-find-xss-cross-site-scripting-fd8218822dca?source=rss------bug_bounty-5loyalonlytodaycross-site-scripting, xss-attack, hacking, bugs, bug-bounty13-Jan-2025
Does Your Company Need a Bug Bounty Program?https://medium.com/@hackrate/does-your-company-need-a-bug-bounty-program-22d8dc5c1e7f?source=rss------bug_bounty-5Levente Molnarethical-hacking, bug-bounty-tips, hacking, bug-bounty, cybersecurity13-Jan-2025
This is How I Turned an Informative Bug into a Valid $500 Bughttps://infosecwriteups.com/this-is-how-i-turned-an-informative-bug-into-a-valid-500-bug-174ffeb94737?source=rss------bug_bounty-5Shubham Bhamarefacebook-bug-bounty, bug-bounty-tips, cybersecurity, bug-bounty, infosec13-Jan-2025
Building Your Own Bug Bounty Lab: A Hands-On Guide with Metasploit and Morehttps://myselfakash20.medium.com/building-your-own-bug-bounty-lab-a-hands-on-guide-with-metasploit-and-more-9595a71fc4c6?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, bug-bounty, cybersecurity, technology, bug-bounty-writeup13-Jan-2025
Critical Vulnerability Discovered: CVE-2025–22567https://medium.com/@wiretor/critical-vulnerability-discovered-cve-2025-22567-b0e4d9d852c1?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, hacker, xss-attack, hacking13-Jan-2025
Top Hacking Tools and Skills You Need to Learn in 2025https://medium.com/@verylazytech/top-hacking-tools-and-skills-you-need-to-learn-in-2025-70cb90650c0f?source=rss------bug_bounty-5Very Lazy Techcybersecurity, hacking, bug-bounty, 2025, linux13-Jan-2025
I Changed Someone’s Profile Picture… And They Had No Idea!!https://infosecwriteups.com/i-changed-someones-profile-picture-and-they-had-no-idea-a1dc621d12c4?source=rss------bug_bounty-5Krishnadev P Melevilabug-bounty, cybersecurity, infosec, pentesting, burp13-Jan-2025
Bug Bounty Kültürü Neden Önemlidir?https://medium.com/@omermertkaya/bug-bounty-k%C3%BClt%C3%BCr%C3%BC-neden-%C3%B6nemlidir-cdb126ede8cb?source=rss------bug_bounty-5Ömer Mert KAYAsecurity-awareness, cybersecurity, bug-bounty, vulnerability-management, proactive-security13-Jan-2025
How to Make Nmap Recognize New Serviceshttps://mhmmuneef.medium.com/how-to-make-nmap-recognize-new-services-af44e6f9c20e?source=rss------bug_bounty-5Mohammed Muneefcybersecurity, technology, networking, bug-bounty13-Jan-2025
Building Your Own Bug Bounty Lab: A Hands-On Guide with Metasploit and Morehttps://infosecwriteups.com/building-your-own-bug-bounty-lab-a-hands-on-guide-with-metasploit-and-more-9595a71fc4c6?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, bug-bounty, cybersecurity, technology, bug-bounty-writeup13-Jan-2025
How To Bypass CSRF Defenses With XSShttps://medium.com/@dante.falls/how-to-bypass-csrf-defenses-with-xss-44a124b7646a?source=rss------bug_bounty-5Dante Fallsinformation-security, web-security, cybersecurity, bug-bounty13-Jan-2025
Get Your First Bug Bounty with Burp Suite’s Match and Replace Featurehttps://medium.com/@mahdisalhi0500/get-your-first-bug-bounty-with-burp-suites-match-and-replace-feature-7a32f81a3cb0?source=rss------bug_bounty-5CaptinSHArky(Mahdi)infosec, penetration-testing, cybersecurity, bug-bounty-tips, bug-bounty13-Jan-2025
Methodology for Detecting IDOR Vulnerabilityhttps://medium.com/@dogxxx10/methodology-for-detecting-idor-vulnerability-1590b14d45a9?source=rss------bug_bounty-5Dogx0xbug-bounty-writeup, web-hacking, bug-bounty-tips, hacking, bug-bounty13-Jan-2025
Bug Bounty vs VDP: Building Effective Security Programs with Hacker Collaborationhttps://medium.com/@dzianisskliar29/bug-bounty-vs-vdp-building-effective-security-programs-with-hacker-collaboration-0a7db1b3f2df?source=rss------bug_bounty-5Dzianis Skliarhackerone, bugcrowd, intigriti, bug-bounty, attack-surface-management13-Jan-2025
Security Session #1https://medium.com/@mon.cybersec/security-session-1-9457a0f5bd27?source=rss------bug_bounty-5Mon Worksbug-bounty, pentesting, ciberseguridad, cybersecurity, hacking13-Jan-2025
The Ultimate IDOR Testing Checklisthttps://medium.com/@muhammetalgan3547/the-ultimate-idor-testing-checklist-ba4a7c094def?source=rss------bug_bounty-5Muhammet ALGANcybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty12-Jan-2025
How i Hacked into NASA & got Hall-Of-Fame, Acknowledgement -2025https://medium.com/@securityinsights/how-i-hacked-into-nasa-got-hall-of-fame-acknowledgement-2025-d22815f09e29?source=rss------bug_bounty-5Mehboob Khanhacking, cybersecurity, nasa, ethical-hacking, bug-bounty12-Jan-2025
How to find my first bounty $$$$$https://systemweakness.com/how-to-find-my-first-bounty-68ba0022dcf0?source=rss------bug_bounty-5Mr Horbiopentesting, cybersecurity, hacking, ethical-hacking, bug-bounty12-Jan-2025
How I Found This Crazy PII Data Leak Worth 500$https://medium.com/@sc128496/how-i-found-this-crazy-pii-data-leak-worth-500-e39d6dd19133?source=rss------bug_bounty-5Sahil Choudharyoutside-the-box, think-different, cybersecurity, reconnaissance, bug-bounty12-Jan-2025
The Road to CRTP Cert — Part 14https://medium.com/@dineshkumaar478/the-road-to-crtp-cert-part-14-b7f9cb8bd87f?source=rss------bug_bounty-5Dineshkumaar Rinfosec, vapt, penetration-testing, red-team, bug-bounty12-Jan-2025
Server-Side Vulnerabilities | #5 File Upload Vulnerabilitieshttps://medium.com/@agapehearts/server-side-vulnerabilities-5-file-upload-vulnerabilities-7f5f68688cc7?source=rss------bug_bounty-5Agape HearTsvulnerability, bug-bounty, ethical-hacking, portswigger, bugs12-Jan-2025
10 Best Bug Bounty Platforms to Earn Money Onlinehttps://hackreveals.medium.com/10-best-bug-bounty-platforms-to-earn-money-online-e5b83767ac20?source=rss------bug_bounty-5Prakash Tiwaribug-bounty, cybersecurity, bug-bounty-tips, bug-bounty-program, osint12-Jan-2025
How I Got Access to Over 60,000 Traders’ Datahttps://0xglss.medium.com/how-i-got-access-to-over-60-000-traders-data-b6043b2363c3?source=rss------bug_bounty-50xglssadmin-panel, account-takeover, xss-attack, bug-bounty, penetration-testing12-Jan-2025
hunting #2https://medium.com/@dark_zone/hunting-2-f06b275adf5c?source=rss------bug_bounty-5darkzonebug-bounty12-Jan-2025
Day 3. The 100-Day Bug Bounty Challenge: Understanding DOM-Based XSS (Cross-Site Scripting)https://mahhesshh.medium.com/day-2-the-100-day-bug-bounty-challenge-understanding-dom-based-xss-cross-site-scripting-96b2bf92a7f0?source=rss------bug_bounty-5Mahesh Dhakadxss-attack, cybersecurity, dom-xss, bug-bounty, cross-site-scripting12-Jan-2025
nform“SOCMINT: The Digital Crystal Ball of Cybersecurity and Beyond”https://medium.com/@paritoshblogs/nform-socmint-the-digital-crystal-ball-of-cybersecurity-and-beyond-1dfddad6193b?source=rss------bug_bounty-5Paritoshhacking, socmint, information-technology, bug-bounty, cybersecurity12-Jan-2025
How To Get free burpsuite professionalhttps://cybersecuritywriteups.com/how-to-get-free-burpsuite-professional-f124ebaf529d?source=rss------bug_bounty-5loyalonlytodaybug-bounty, hacking, burpsuite, penetration-testing, cybersecurity12-Jan-2025
Unmasking a Captcha Bypass Vulnerability: Step-by-Step Walkthroughhttps://medium.com/@vishalsharma445500/unmasking-a-captcha-bypass-vulnerability-step-by-step-walkthrough-6131519a3788?source=rss------bug_bounty-5Vishal Sharmacybersecurity, ethical-hacking, vulnerability, penetration-testing, bug-bounty12-Jan-2025
IDOR & UUIDs to leak PIIhttps://medium.com/@CANITEY/idor-uuids-to-leak-pii-7675130ab784?source=rss------bug_bounty-5CANITEYidor, cybersecurity, bug-bounty-tips, bug-bounty-writeup, bug-bounty12-Jan-2025
How Improper cache storage lead to Make me $$$https://medium.com/@test123cybertest/how-improper-cache-storage-lead-to-make-me-4de4c003b376?source=rss------bug_bounty-5praveenarsh0xx0bug-bounty, tips-and-tricks, cybersecurity, ethical-hacking, penetration-testing12-Jan-2025
Logic Bugs in Payment Gatewayhttps://bitpanic.medium.com/logic-bugs-in-payment-gateway-25d5d48068c4?source=rss------bug_bounty-5Spectat0rguytechnology, cybersecurity, bug-bounty-tips, programming, bug-bounty12-Jan-2025
A Simple Bug to Get Started in Bug Bountyhttps://medium.com/infosecmatrix/a-simple-bug-to-get-started-in-bug-bounty-599121c1b997?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, hacking, bugs, pentesting12-Jan-2025
How i found Broken Access Controlhttps://medium.com/@gitlime71/how-i-found-broken-access-control-c3377d3df60e?source=rss------bug_bounty-5Raccoonbug-bounty, pentesting, bug-bounty-tips, bug-bounty-writeup, penetration-testing12-Jan-2025
The State of Web3 Security in 2024https://medium.com/coinmonks/the-state-of-web3-security-in-2024-f3713fbe9e04?source=rss------bug_bounty-5Raidersbug-bounty, web3, blockchain, hacking, security12-Jan-2025
The Art of Note-Taking in Bug Bounty Huntinghttps://medium.com/@mahdisalhi0500/the-art-of-note-taking-in-bug-bounty-hunting-9b28876316e3?source=rss------bug_bounty-5CaptinSHArky(Mahdi)infosec, information-security, penetration-testing, bug-bounty, bug-bounty-tips12-Jan-2025
Portswigger Web Security Academy : File path traversal, simple case walkthroughhttps://medium.com/@Kinqdathacker/portswigger-web-security-academy-file-path-traversal-simple-case-walkthrough-d04418d04b76?source=rss------bug_bounty-5Kinqdathackerpath-traversal, web-security, hacking, web-app-security, bug-bounty12-Jan-2025
Server-side vulnerabilities | #4 Server-Side Request Forgeryhttps://medium.com/@agapehearts/server-side-vulnerabilities-4-server-side-request-forgery-71b7c525eadc?source=rss------bug_bounty-5Agape HearTsservers, bug-bounty, ethical-hacking, cybersecurity, bugs11-Jan-2025
Crawling for Emails In Websites  — OSINT Methodologyhttps://osintteam.blog/crawling-for-emails-in-websites-osint-methodology-602e2b274c6e?source=rss------bug_bounty-5Jason Jacobs, MSc.osint, bug-bounty, cybersecurity11-Jan-2025
LFI Bug can help you make $500 and more.(Noob-Advance)https://medium.com/@anandrishav2228/lfi-bug-can-help-you-make-500-and-more-noob-advance-be001cb2d152?source=rss------bug_bounty-5Rishav anandcybersecurity, money, bug-bounty, hacking, lfi11-Jan-2025
How to Hack Single Page Applications (SPAs): Modern Techniqueshttps://medium.com/@bootstrapsecurity/how-to-hack-single-page-applications-spas-modern-techniques-4f69c020b0ff?source=rss------bug_bounty-5BootstrapSecuritybug-bounty-tips, hacking, bug-bounty, api, ethical-hacking11-Jan-2025
Understanding Large Language Models (LLMs): The Power of AI in Text Generationhttps://medium.com/@paritoshblogs/understanding-large-language-models-llms-the-power-of-ai-in-text-generation-dce8c1ddeb7b?source=rss------bug_bounty-5Paritoshchatgpt, llm, ai, hacking, bug-bounty11-Jan-2025
From Innocent Messages to Total Takeover: How I Hacked a Professional Network!https://medium.com/@lordofheaven1234/from-innocent-messages-to-total-takeover-how-i-hacked-a-professional-network-2033537d5d6a?source=rss------bug_bounty-5Lord Heavenblind-xss, bug-bounty, hacking, account-takeover11-Jan-2025
GOT 700$ BOUNTY BY Store XSS VULNERABILITYhttps://medium.com/@hrofficial62/got-700-bounty-by-store-xss-vulnerability-bc48f2e31e46?source=rss------bug_bounty-5Mr Horbiobug-bounty-tips, ethical-hacking, cybersecurity, bug-bounty, xss-attack11-Jan-2025
Microsoft ADFS Reconhttps://medium.com/meetcyber/microsoft-adfs-recon-e56fcace8551?source=rss------bug_bounty-5AbhirupKonwarcybersecurity, infosec, bug-bounty, penetration-testing, bug-bounty-tips11-Jan-2025
Breaking Vercel’s Clone URL with a Simple XSS Exploithttps://medium.com/@n45ht/breaking-vercels-clone-url-with-a-simple-xss-exploit-8f55b21f32eb?source=rss------bug_bounty-5N45HTbug-bounty, hacking, bug-bounty-writeup, cross-site-scripting, xs11-Jan-2025
Telefónica Confirms Internal Ticketing System Breach After Data Leakhttps://medium.com/@wiretor/telef%C3%B3nica-confirms-internal-ticketing-system-breach-after-data-leak-6067f759f65d?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, money, malware, bug-bounty, ai11-Jan-2025
The Subdomain They Forgot — How I Chained Bugs for a $1,000 Bountyhttps://myselfakash20.medium.com/the-subdomain-they-forgot-how-i-chained-bugs-for-a-1-000-bounty-094d89758489?source=rss------bug_bounty-5Akash Ghoshbug-bounty, cybersecurity, bug-bounty-tips, technology, bug-bounty-writeup11-Jan-2025
Secure Code Review Assessment for Javascript (Full Stack NextJS)https://medium.com/@0xNayelx/secure-code-review-assessment-for-javascript-full-stack-nextjs-59651da6fb24?source=rss------bug_bounty-50xNayelsource-code, ctf-writeup, pentesting, bug-bounty, offensive-security11-Jan-2025
Exposing the Weak Points: Vulnerabilities in REST APIshttps://bitpanic.medium.com/exposing-the-weak-points-vulnerabilities-in-rest-apis-8e4acb4861b0?source=rss------bug_bounty-5Spectat0rguyprogramming, bug-bounty-tips, cybersecurity, technology, bug-bounty11-Jan-2025
Crack the Code: Your Bug Bounty Hunting Journey Starts Herehttps://it4chis3c.medium.com/crack-the-code-your-bug-bounty-hunting-journey-starts-here-e61701f8cb36?source=rss------bug_bounty-5It4chis3cbug-bounty-tips, bug-bounty-writeup, bug-bounty, tryhackme, hackthebox11-Jan-2025
Critical IDOR Vulnerability: Unauthorized Users Can Modify Company’s PayPal Emailhttps://medium.com/@mahdisalhi0500/critical-idor-vulnerability-unauthorized-users-can-modify-companys-paypal-email-92bf24ae19df?source=rss------bug_bounty-5CaptinSHArky(Mahdi)infosec, bug-bounty, bug-bounty-tips, ethical-hacking, pentesting11-Jan-2025
EXIF Metadata-Based XSS Attacks: A Web Security Researchhttps://medium.com/@enesonder001/exif-metadata-based-xss-attacks-a-web-security-research-e88c7ea7b69b?source=rss------bug_bounty-5enes önderbugs, bug-bounty-tips, xss-attack, xss-vulnerability, bug-bounty11-Jan-2025
GOT 700$ BOUNTY BY Store XSS VULNERABILITYhttps://systemweakness.com/got-700-bounty-by-store-xss-vulnerability-bc48f2e31e46?source=rss------bug_bounty-5Mr Horbiobug-bounty-tips, ethical-hacking, cybersecurity, bug-bounty, xss-attack11-Jan-2025
Day 08: My Bug Bounty Challenge … 0–100k without knowledge in one year!https://medium.com/@dogxxx10/day-08-my-bug-bounty-challenge-0-100k-without-knowledge-in-one-year-70422a5cd7eb?source=rss------bug_bounty-5Dogx0xhacking, bug-bounty-writeup, bug-bounty, bug-bounty-tips, hacking-training10-Jan-2025
Finding a easy p3https://medium.com/h7w/finding-a-easy-p3-a16186613391?source=rss------bug_bounty-5loyalonlytodaybug-bounty, ethical-hacking, cybersecurity, hacking, penetration-testing10-Jan-2025
30+ Standard Linux Commands for Beginner or Intermediate Usershttps://medium.com/@BetterBy0x01/30-standard-linux-commands-for-beginner-or-intermediate-users-eacae976d92c?source=rss------bug_bounty-5Ashutosh Singh Patelcommand-line, linux, hacking, bug-bounty, security10-Jan-2025
Server-side vulnerabilities | #3 AUTHENTICATIONhttps://medium.com/@agapehearts/server-side-vulnerabilities-3-authentication-ff80ac2efdb4?source=rss------bug_bounty-5Agape HearTsbugs, bug-bounty, ethical-hacking, authentication, web-applications10-Jan-2025
The Road to CRTP Cert — Part 13https://medium.com/@dineshkumaar478/the-road-to-crtp-cert-part-13-8d14193f660f?source=rss------bug_bounty-5Dineshkumaar Ractive-directory, hacking, cybersecurity, security, bug-bounty10-Jan-2025
Mastering HTTP Request Smuggling: Bypassing Firewalls and Filtershttps://medium.com/@bootstrapsecurity/mastering-http-request-smuggling-bypassing-firewalls-and-filters-a3d69bcbe4d9?source=rss------bug_bounty-5BootstrapSecurityhacking, ethical-hacking, bug-bounty-tips, api, bug-bounty10-Jan-2025
How I got CERT-EU Hall of Famehttps://cybersecuritywriteups.com/how-i-got-cert-eu-hall-of-fame-e65b3e72510b?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, bug-bounty, pentesting, bug-bounty-writeup, cybersecurity10-Jan-2025
PoC — Vulnérabilité Cache Varnish PURGE DDoS by @GupS3Chttps://medium.com/@GupS3C/poc-vuln%C3%A9rabilit%C3%A9-cache-varnish-purge-ddos-by-gups3c-9ce181fe7fca?source=rss------bug_bounty-5GupS3Cbug-bounty, bug-bounty-writeup, varnish-cache, bug-hunt, pentesting10-Jan-2025
Web Application Pentesting Roadmaphttps://medium.com/@codingbolt.in/web-application-pentesting-roadmap-4013e89b963b?source=rss------bug_bounty-5codingboltpentesting, web-pen-testing, bug-bounty, penetration-testing, bug-hunting10-Jan-2025
Finding Hidden Subdomains with OSINT Toolshttps://infosecwriteups.com/finding-hidden-subdomains-with-osint-tools-ad7e411587ee?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, technology, cybersecurity, careers10-Jan-2025
From Directory Traversal to Full Account Takeover: A Researcher’s Journeyhttps://medium.com/@sulmanfarooq531/from-directory-traversal-to-full-account-takeover-a-researchers-journey-150044cbf109?source=rss------bug_bounty-5Sulman Farooq Sdirectory-traversal, cybersecurity, path-traversal, bug-bounty, account-takeover10-Jan-2025
Missing Rate Limit on Several Endpoints $1300https://ehteshamulhaq198.medium.com/missing-rate-limit-on-several-endpoints-1300-60f37e16be6b?source=rss------bug_bounty-5Ehtesham Ul Haqtechnology, hacking, infosec, cybersecurity, bug-bounty10-Jan-2025
My Worst Informative Report //false positive Bughttps://medium.com/@0xoroot/my-worst-informative-report-false-positive-bug-6117039012cb?source=rss------bug_bounty-50xorootbug-bounty-tips, programming, hacking, bug-bounty, bounty-program10-Jan-2025
how i found the “Insufficient Authorization in Password Change Endpoint” vulnerability ?https://doordiefordream.medium.com/how-i-found-the-insufficient-authorization-in-password-change-endpoint-vulnerability-1f0e943daeea?source=rss------bug_bounty-5Bug hunter baluhacking, bug-bounty, cybersecurity, ethical-hacking, vulnerability10-Jan-2025
MirrorFace Hackers Targeting Japanese Government & Politicians Since 2019https://medium.com/@wiretor/mirrorface-hackers-targeting-japanese-government-politicians-since-2019-080121705345?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, ai, malware, hacking, bug-bounty10-Jan-2025
Data Breach Alert: BayMark Health Services Targeted by Ransomware Attackhttps://medium.com/@wiretor/data-breach-alert-baymark-health-services-targeted-by-ransomware-attack-5c4cf81d8e79?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, hacking, money, ai10-Jan-2025
How to Identify Overlooked Bugs in Android Applications: A Bug Bounty Hunter’s Guidehttps://bitpanic.medium.com/how-to-identify-overlooked-bugs-in-android-applications-a-bug-bounty-hunters-guide-5c194ed283a4?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, bug-bounty, technology, programming, cybersecurity10-Jan-2025
A New Bug Hunting Story: Open Redirection Vulnerabilityhttps://medium.com/meetcyber/a-new-bug-hunting-story-open-redirection-vulnerability-33a1b6374f88?source=rss------bug_bounty-5Erkan Kavasbug-bounty, open-redirection, bug-bounty-writeup, bug-bounty-tips, cybersecurity10-Jan-2025
Behind the Scenes: How I Discovered Flaws in a Rewards and Recognition Portalhttps://medium.com/@niraj1mahajan/behind-the-scenes-how-i-discovered-flaws-in-a-rewards-and-recognition-portal-27948a75c4d4?source=rss------bug_bounty-5Niraj Mahajanbug-bounty, idor, broken-access-control, hacking, cybersecurity10-Jan-2025
Race Condition to Bypass Rate-Limiting: A new technique made by Nillsxhttps://infosecwriteups.com/race-condition-to-bypass-rate-limiting-a-new-technique-made-by-nillsx-6a60f41dbae6?source=rss------bug_bounty-5Nillsxbug-bounty, ethical-hacking, race-condition, bug-bounty-writeup, rate-limit10-Jan-2025
Revisiting a Simple SQL Injection Methodologyhttps://infosecwriteups.com/revisiting-a-simple-sql-injection-methodology-ecd42634a21e?source=rss------bug_bounty-5Jason Jacobs, MSc.bug-bounty, ethical-hacking, cybersecurity, penetration-testing10-Jan-2025
Day 09: My Bug Bounty Challenge … 0–100k without knowledge in one year!https://medium.com/@dogxxx10/day-09-my-bug-bounty-challenge-0-100k-without-knowledge-in-one-year-220c7c6bb0cf?source=rss------bug_bounty-5Dogx0xhacking, hackthebox, bug-bounty-writeup, bug-bounty-tips, bug-bounty10-Jan-2025
Telegram Leaks PII, doesn’t care.https://medium.com/@hacktheplanet/telegram-leaks-pii-doesnt-care-c75465be1cc2?source=rss------bug_bounty-5sirhaxalothacking, telegram, bug-bounty, security09-Jan-2025
Discovering Hidden Subdomains: Tools, Techniqueshttps://medium.com/@bootstrapsecurity/discovering-hidden-subdomains-tools-techniques-7c874c4f5966?source=rss------bug_bounty-5BootstrapSecurityhacking, api, bug-bounty, ethical-hacking, bug-bounty-tips09-Jan-2025
The following content is purely fictional written with the intent to motivate the reader.https://medium.com/@personaldevelop100/the-following-content-is-purely-fictional-written-with-the-intent-to-motivate-the-reader-6b23c19d70d8?source=rss------bug_bounty-5Personal_huntbug-bounty, motivation, bug-hunting09-Jan-2025
Finding subdomains using goole dorking.https://medium.com/infosecmatrix/finding-subdomains-using-goole-dorking-4d6966e70637?source=rss------bug_bounty-5loyalonlytodaydorking, penetration-testing, bug-bounty, hacking, cybersecurity09-Jan-2025
Hack. Earn. Secure the Future: Bug Bounties in 2025https://sagarjethi.medium.com/hack-earn-secure-the-future-bug-bounties-in-2025-0e2d05fcb364?source=rss------bug_bounty-5Sagar Jethihackathons, earn, bug-bounty, smart-contract-auditing, blockchain-developer09-Jan-2025
NTLM Authentication Disclosure Vulnerability Reporthttps://medium.com/@dasmanish6176/ntlm-authentication-disclosure-vulnerability-report-b47029c2e491?source=rss------bug_bounty-5Dasmanishvapt, web-app-security, active-directory, ethical-hacking, bug-bounty09-Jan-2025
How I get 7 open redirect and 7 XSS in public program!https://medium.com/@mohamed.yasser442200/how-i-get-7-open-redirect-and-7-xss-in-public-program-7518a3f26b49?source=rss------bug_bounty-5Spider4bug-bounty, security, bug-bounty-tips, xss-attack, bug-bounty-writeup09-Jan-2025
From Exploit to Payday-Chaining Stored XSS in PDF Upload to Full AccountTakeover via Email change…https://medium.com/@meljith6355484/from-exploit-to-payday-chaining-stored-xss-in-pdf-upload-to-full-accounttakeover-via-email-change-d36e855e0575?source=rss------bug_bounty-5Meljith Pereirahacking, ethical-hacking, xss-attack, bugcrowd, bug-bounty09-Jan-2025
Unlock the Ultimate Resource Hub for Security Researchershttps://infosecwriteups.com/unlock-the-ultimate-resource-hub-for-security-researchers-9fa52bbff1ff?source=rss------bug_bounty-5JEETPALbug-bounty-hunter, bug-bounty, bugbounty-writeup, cybersecurity, bugbounty-tips09-Jan-2025
Exposing Sensitive Data: A Wake-Up Call for Nokia's Securityhttps://medium.com/@gourisankara357/exposing-sensitive-data-a-wake-up-call-for-nokias-security-c5ba75fddd22?source=rss------bug_bounty-5Gouri Sankar Ainfo-sec-writeups, bug-bounty, infosec-write-ups, cybersecurity, bugs09-Jan-2025
Biggest Misconceptions About Bug Bounty Programs (From a Company Perspective)https://medium.com/@hackrate/biggest-misconceptions-about-bug-bounty-programs-from-a-company-perspective-42481997d40d?source=rss------bug_bounty-5Levente Molnarcybersecurity, bug-bounty-tips, bug-bounty, hacking, ethical-hacking09-Jan-2025
Critical [9.8] SQL Injection in a Major Indonesian Web Hosting Platformhttps://medium.com/@n45ht/critical-9-8-sql-injection-in-a-major-indonesian-web-hosting-platform-8bda5d2913d3?source=rss------bug_bounty-5N45HTbug-bounty-writeup, bug-bounty, vulnerability, sql-injection, hacking09-Jan-2025
Hacking made easy with XSSIFYhttps://aravind07.medium.com/hacking-made-easy-with-xssify-9637890cd33b?source=rss------bug_bounty-5Gnana Aravind Khacking, security, xss-attack, cybersecurity, bug-bounty09-Jan-2025
Stay Ahead of Cyber Threats, Top Websites for Real-Time Updates and Insightshttps://medium.com/@b.mythili123/stay-ahead-of-cyber-threats-top-websites-for-real-time-updates-and-insights-57a1b384cdfa?source=rss------bug_bounty-5Hello Lovehackthebox, tryhackme, cybersecurity, bug-bounty, hacking09-Jan-2025
Top 10 Overlooked Business Logic Flaws in Web Applicationshttps://bitpanic.medium.com/top-10-overlooked-business-logic-flaws-in-web-applications-6745d42f3786?source=rss------bug_bounty-5Spectat0rguybug-bounty, technology, cybersecurity, bug-bounty-tips, programming09-Jan-2025
From N/A to $$$: A Simple Python Script Led to Application-Level DoShttps://hashimamin.medium.com/from-n-a-to-a-simple-python-script-led-to-application-level-dos-83a65f75b7dc?source=rss------bug_bounty-5Hashim Aminbug-bounty, privilege-escalation, infosec, cybersecurity, pentesting09-Jan-2025
Urgent: Patch SonicWall SSLVPN Vulnerability Nowhttps://medium.com/@wiretor/urgent-patch-sonicwall-sslvpn-vulnerability-now-385713cdfa2f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, hacking, money, sonicwall09-Jan-2025
The Great FAQ Collection About Bug Bountyhttps://medium.com/@hackrate/the-great-faq-collection-about-bug-bounty-87421d970ddd?source=rss------bug_bounty-5Levente Molnarhacking, bug-bounty-tips, bug-bounty, cybersecurity, ethical-hacking09-Jan-2025
What Is Cross Site Scripting (XSS)?https://medium.com/@dante.falls/what-is-cross-site-scripting-xss-d74b19920d8e?source=rss------bug_bounty-5Dante Fallsinformation-security, bug-bounty, web-security, cybersecurity, xss-attack09-Jan-2025
How I Discovered a Delete CSRF Vulnerabilityhttps://medium.com/@Ursula-/how-i-discovered-a-delete-csrf-vulnerability-a46d4bc2e700?source=rss------bug_bounty-5Fatma Mustafabug-hunting, bug-bounty, bug-bounty-writeup09-Jan-2025
Threat Hunting with MITRE ATT&CK: A Proactive Approach to Cyber Defencehttps://medium.com/@paritoshblogs/threat-hunting-with-mitre-att-ck-a-proactive-approach-to-cyber-defence-a84945f61bda?source=rss------bug_bounty-5Paritoshbug-bounty, hacking, cybersecurity, mitre-attck, threat-hunting08-Jan-2025
A Beginner’s Guide to Pentesting GraphQL APIshttps://medium.com/@suprajabaskaran8/a-beginners-guide-to-pentesting-graphql-apis-395fa1878f6a?source=rss------bug_bounty-5Suprajabaskarangraphql, cybersecurity, bug-bounty, bugbounty-writeup, hacking08-Jan-2025
First bounty — Second Order Stored XSS on club.paris2024.orghttps://medium.com/@swaroopvenkat828/first-bounty-second-order-stored-xss-on-club-paris2024-org-9a3ad7fe7c7f?source=rss------bug_bounty-5swaroop 04|16bug-bounty-tips, bug-bounty, bug-bounty-writeup08-Jan-2025
Weird JavaScript fileshttps://medium.com/@dsmodi484/weird-javascript-files-7e6e7296e914?source=rss------bug_bounty-5cryptoshanthacking, cybersecurity, javascript, bug-bounty, tips08-Jan-2025
File Upload Vulnerabilities: Techniques and Payloadshttps://medium.com/@bootstrapsecurity/file-upload-vulnerabilities-techniques-and-payloads-b0bdf97eb298?source=rss------bug_bounty-5BootstrapSecurityhacking, ethical-hacking, bug-bounty-tips, bug-bounty, api08-Jan-2025
ChatGPT for Bug Bounty Hunters: Custom Payloads, Automated Scripts, and Morehttps://medium.com/@kumawatabhijeet2002/chatgpt-for-bug-bounty-hunters-custom-payloads-automated-scripts-and-more-8a15690c3fa5?source=rss------bug_bounty-5Abhijeet kumawatinfosec, chatgpt, hacking, bug-bounty, bug-bounty-tips08-Jan-2025
A Beginner’s Guide to Pentesting GraphQL APIshttps://infosecwriteups.com/a-beginners-guide-to-pentesting-graphql-apis-395fa1878f6a?source=rss------bug_bounty-5Suprajabaskarangraphql, cybersecurity, bug-bounty, bugbounty-writeup, hacking08-Jan-2025
POC — WordPress File Upload plugin, in the wfu_file_downloader.phphttps://medium.com/@verylazytech/poc-wordpress-file-upload-plugin-in-the-wfu-file-downloader-php-57a173ab9e90?source=rss------bug_bounty-5Very Lazy Techwordpress-plugins, cve-2024-9047, cybersecurity, bug-bounty, hacking08-Jan-2025
Day 0. The 100-Day Bug Bounty Challenge: Sharing 100 Vulnerabilities in 100 Dayshttps://medium.com/@mahhesshh/day-0-the-100-day-bug-bounty-challenge-sharing-100-vulnerabilities-in-100-days-17308f82d741?source=rss------bug_bounty-5Mahesh Dhakadcybersecurity, bug-bounty, hacking, vulnerability, 100daychallenge08-Jan-2025
How a YouTube Video Led Me to $650: My Host Header Injection Adventurehttps://medium.com/@trffnsec/how-a-youtube-video-led-me-to-650-my-host-header-injection-adventure-696fd82b2886?source=rss------bug_bounty-5TrffnSecethical-hacking, cybersecurity, bug-bounty, website-testing08-Jan-2025
The Rate Limit bypass which almost killed my brainhttps://siratsami71.medium.com/this-rate-limit-bypass-which-almost-killed-my-brain-1905749a5f4d?source=rss------bug_bounty-5Sirat Sami (analyz3r)brute-force, hackerone, bug-bounty08-Jan-2025
Automate-XSS Five-In-One Toolhttps://medium.com/@saket590/automate-xss-five-in-one-tool-95a947545b2c?source=rss------bug_bounty-5Dr. Saket Acharyabug-bounty, hacking, xss-vulnerability, xss-attack, xss-bypass08-Jan-2025
Day 0. The 100-Day Bug Bounty Challenge: Sharing 100 Vulnerabilities in 100 Dayshttps://mahhesshh.medium.com/day-0-the-100-day-bug-bounty-challenge-sharing-100-vulnerabilities-in-100-days-17308f82d741?source=rss------bug_bounty-5Mahesh Dhakadcybersecurity, bug-bounty, hacking, vulnerability, 100daychallenge08-Jan-2025
Weird JavaScript fileshttps://infosecwriteups.com/weird-javascript-files-7e6e7296e914?source=rss------bug_bounty-5cryptoshanthacking, cybersecurity, javascript, bug-bounty, tips08-Jan-2025
Leaky Response, Easy Takeover!https://medium.com/@tanyago/leaky-response-easy-takeover-25367c18f0dc?source=rss------bug_bounty-5Tanya Goyalbug-bounty, bug-bounty-tips, bug-bounty-writeup08-Jan-2025
Why Companies Should Adopt a Bug Bounty Programhttps://medium.com/@hackrate/why-companies-should-adopt-a-bug-bounty-program-cd4e1a492989?source=rss------bug_bounty-5Levente Molnarbug-bounty, hacking, cybersecurity, ethical-hacking, bug-bounty-tips08-Jan-2025
How I Ethically Hacked the Indian Army for the Second Timehttps://cybersecuritywriteups.com/how-i-ethically-hacked-the-indian-army-for-the-second-time-edf6ec4495f8?source=rss------bug_bounty-5Guru Prasad Pattanaik || TH3N00BH4CK3Rcybersecurity, bug-bounty-writeup, ethical-hacking, bug-bounty-tips, bug-bounty08-Jan-2025
Blind OS Command Injection with Output Redirectionhttps://osintteam.blog/blind-os-command-injection-with-output-redirection-1d08c3793ff1?source=rss------bug_bounty-5The Cybersec Cafécybersecurity, bug-bounty, penetration-testing, bug-bounty-tips, information-security08-Jan-2025
No Session Expiry after log-out, attacker can reuse the old cookieshttps://mknayek101.medium.com/no-session-expiry-after-log-out-attacker-can-reuse-the-old-cookies-b90a4a45032d?source=rss------bug_bounty-5MkNayekpenetration-testing, cybersecurity, bug-bounty-tips, bug-bounty, pentesting08-Jan-2025
Disclosure of any bpost.be username via emailhttps://mknayek101.medium.com/disclosure-of-any-bpost-be-username-via-email-afde00aff7d9?source=rss------bug_bounty-5MkNayekpenetration-testing, pentesting, bug-bounty-tips, bug-bounty, cybersecurity08-Jan-2025
User information disclosed via API endpointhttps://mknayek101.medium.com/user-information-disclosed-via-api-endpoint-80a1b82e3f3a?source=rss------bug_bounty-5MkNayekpenetration-testing, web-hacking, pentesting, bug-bounty-tips, bug-bounty08-Jan-2025
AI Security Insights from HackerOne’s 8th Annual Security Reporthttps://medium.com/ai-security-hub/ai-security-insights-from-hackerones-8th-annual-security-report-f775473c1226?source=rss------bug_bounty-5Tal Eliyahuhackerone, bug-bounty, hacking, cybersecurity, artificial-intelligence08-Jan-2025
PowerSchool Hacked: 18K Customers and 60M Students’ Privacy Compromisedhttps://medium.com/@wiretor/powerschool-hacked-18k-customers-and-60m-students-privacy-compromised-e418e3ed8ccc?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, ai, malware, powerschool, bug-bounty08-Jan-2025
UN Aviation Agency Hit by Cyberattack: 42K Recruitment Records Stolenhttps://medium.com/@wiretor/un-aviation-agency-hit-by-cyberattack-42k-recruitment-records-stolen-6a51c8817d7f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, bug-bounty, un, ai, malware08-Jan-2025
Green Bay Packers Pro Shop Breach: Over 8,500 Credit Cards Stolen!https://medium.com/@wiretor/green-bay-packers-pro-shop-breach-over-8-500-credit-cards-stolen-e99ea97bf154?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmoney, green-bay, ai, malware, bug-bounty08-Jan-2025
CISA Alerts: Critical Oracle WebLogic & Mitel Vulnerabilities Exploited!https://medium.com/@wiretor/cisa-alerts-critical-oracle-weblogic-mitel-vulnerabilities-exploited-136f227dcfb0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, programming, malware, business, bug-bounty08-Jan-2025
Breaking Barriers: Understanding and Mastering WAF Bypass Techniqueshttps://bitpanic.medium.com/breaking-barriers-understanding-and-mastering-waf-bypass-techniques-2277150d2574?source=rss------bug_bounty-5Spectat0rguycybersecurity, bug-bounty, technology, programming, bug-bounty-tips08-Jan-2025
Day 07: My Bug Bounty Challenge … 0–100k without knowledge in one year!https://medium.com/@dogxxx10/day-07-my-bug-bounty-challenge-0-100k-without-knowledge-in-one-year-cc5eff18ae10?source=rss------bug_bounty-5Dogx0xbug-bounty-writeup, bug-bounty, web-hacking, hacking, bug-bounty-tips08-Jan-2025
Detect Open Redirect Vulnerabilities with RedirXploithttps://angixblack.medium.com/detect-open-redirect-vulnerabilities-with-redirxploit-946ac287846f?source=rss------bug_bounty-5Angix blackbugs, open-redirect, tools, bug-bounty, bug-bounty-tips07-Jan-2025
How i found ssti injection (Server-side template injection)on yeswehack platform in public programhttps://medium.com/@ravindrajatav0709/how-i-found-ssti-injection-server-side-template-injection-on-yeswehack-platform-in-public-program-bfde6a89f477?source=rss------bug_bounty-5Ravindrajatavbug-bounty, bugbounty-writeup, bug-bounty-tips, bugs, cybersecurity07-Jan-2025
Getting Started with Bug Bounty Hunting in 2025: A Real World Guidehttps://medium.com/@hackbynight/getting-started-with-bug-bounty-hunting-in-2025-a-real-world-guide-051a3fb36376?source=rss------bug_bounty-5hackbynightbug-bounty-tips, bug-bounty, cybersecurity, information-security, hacking07-Jan-2025
Server-Side Template Injection (SSTI): Advanced Exploitation Techniqueshttps://medium.com/@bootstrapsecurity/server-side-template-injection-ssti-advanced-exploitation-techniques-2d8ccdf6270f?source=rss------bug_bounty-5BootstrapSecurityethical-hacking, bug-bounty-tips, bug-bounty, api, hacking07-Jan-2025
Finding more subdomainshttps://medium.com/@loyalonlytoday/finding-more-subdomains-8b1abb32f3e5?source=rss------bug_bounty-5loyalonlytodayreconnaissance, hacking, bug-bounty-tips, cybersecurity, bug-bounty07-Jan-2025
Burp Suite + Form Deletion = Admin Storage Nightmarehttps://infosecwriteups.com/burp-suite-form-deletion-admin-storage-nightmare-240618a8c983?source=rss------bug_bounty-5callgh0sthumanity, hacking, gaza, genocide, bug-bounty07-Jan-2025
Web Application Penetration Testing Checklisthttps://saconychukwu.medium.com/web-application-penetration-testing-checklist-3da7d3be8f1a?source=rss------bug_bounty-5Sacony Chukwubug-bounty-tips, hacking, bug-bounty, bug-bounty-writeup, cybersecurity07-Jan-2025
Automated Penetration Testing: A Guide to Domain Collectionhttps://medium.com/@security.tecno/automated-penetration-testing-a-guide-to-domain-collection-a79df50d74a0?source=rss------bug_bounty-5TECNO Securityweb, hacking, bug-bounty, security07-Jan-2025
Hack The Box UpDown[Retired][Linux]https://medium.com/@vignesh6872610/hack-the-box-updown-retired-linux-5e0a9f6ec84e?source=rss------bug_bounty-5Vignesh Phtb-writeup, hackthebox-walkthrough, retiredmachine, bug-bounty, linux07-Jan-2025
P4 Bugs and POC | Part-9https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-9-16b5a8ffb52d?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, bug-bounty-tips, hacking, infosec, money07-Jan-2025
bug-bounty Rate Limit vulnerabilityhttps://medium.com/@eslamatef396/bug-bounty-rate-limit-vulnerability-cb81481456bc?source=rss------bug_bounty-5UnStoppableweb-penetration-testing, rate-limiting, bug-bounty07-Jan-2025
CVE-2024–12033: A Critical WordPress Vulnerability in Jupiter X Corehttps://medium.com/@wiretor/cve-2024-12033-a-critical-wordpress-vulnerability-in-jupiter-x-core-38ac3380b909?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, wordpress, malware, rce, cve07-Jan-2025
CVE-2024–12532: Vulnerability in BWD Elementor Addons Pluginhttps://medium.com/@wiretor/cve-2024-12532-vulnerability-in-bwd-elementor-addons-plugin-da1a34bd2f99?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, malware, wordpress, hacking, bug-bounty07-Jan-2025
CVE-2024–12711: Vulnerability in RSVP and Event Management Pluginhttps://medium.com/@wiretor/cve-2024-12711-vulnerability-in-rsvp-and-event-management-plugin-2a0b374807e1?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, malware, ai, bug-bounty, hacking07-Jan-2025
Critical Infrastructure Ransomware Attack Tracker Surpasses 2,000 Incidents!https://medium.com/@wiretor/critical-infrastructure-ransomware-attack-tracker-surpasses-2-000-incidents-431f5531a2af?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, bug-bounty, hacking, business, malware07-Jan-2025
Bug Bounty Hunting Prerequisiteshttps://it4chis3c.medium.com/bug-bounty-hunting-prerequisites-964560919547?source=rss------bug_bounty-5It4chis3croadmaps, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-hunting07-Jan-2025
The Most Groundbreaking Bug Bounty Discoveries That Changed Cybersecurity Foreverhttps://medium.com/@hackrate/the-most-groundbreaking-bug-bounty-discoveries-that-changed-cybersecurity-forever-a2a39e7e10af?source=rss------bug_bounty-5Levente Molnarhacking, bug-bounty, bug-bounty-tips, ethical-hacking, cybersecurity07-Jan-2025
Beginners Introduction To Server Side Request Forgeryhttps://bitpanic.medium.com/beginners-introduction-to-server-side-request-forgery-85c3a35eb726?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, programming, bug-bounty, cybersecurity, technology07-Jan-2025
My Journey to Finding Two XSS Vulnerabilities on a Bug Bounty Websitehttps://medium.com/@mickaelbenlolo/my-journey-to-finding-two-xss-vulnerabilities-on-a-bug-bounty-website-b6a1e38425df?source=rss------bug_bounty-5Mickael Benlolopenetration-testing, xss-vulnerability, cybersecurity, bug-bounty07-Jan-2025
Humorous XSS Vulnerabilities in a Movie Websitehttps://medium.com/meetcyber/humorous-xss-vulnerabilities-in-a-movie-website-3600d7828661?source=rss------bug_bounty-5Erkan Kavasxss-vulnerability, cybersecurity, xss-challenge, xss-attack, bug-bounty07-Jan-2025
Day 06: My Bug Bounty Challenge ... 0–100k without knowledge in one year!https://medium.com/@dogxxx10/day-06-my-bug-bounty-challenge-0-100k-without-knowledge-in-one-year-5ed71536fd89?source=rss------bug_bounty-5Dogx0xbug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty, web-hacking07-Jan-2025
P4 Bugs and POC | Part 7https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-7-a379f057ba96?source=rss------bug_bounty-5Abhijeet kumawathacking, bug-bounty, infosec, bug-bounty-tips, money06-Jan-2025
Day 27 of 30 Day — 30 Vulnerabilities | Server-Side Template Injection (SSTI)https://it4chis3c.medium.com/day-27-of-30-day-30-vulnerabilities-server-side-template-injection-ssti-12f933587800?source=rss------bug_bounty-5It4chis3cbug-bounty, 30dayswritingchallenge, ssti, bug-bounty-tips, bug-bounty-writeup06-Jan-2025
From oos — getting bounty Improper Access Control to create an commentor account on the application.https://medium.com/@swaroopvenkat828/from-oos-getting-bounty-improper-access-control-to-create-an-commentor-account-on-the-application-027b517928bb?source=rss------bug_bounty-5swaroop 04|16bug-bounty-tips, bugbounty-writeup, bug-bounty06-Jan-2025
Bypassing API Authentication: Exploiting Token Reuse and Expiryhttps://medium.com/@bootstrapsecurity/bypassing-api-authentication-exploiting-token-reuse-and-expiry-0432e7689659?source=rss------bug_bounty-5BootstrapSecuritybug-bounty, api, bug-bounty-tips, ethical-hacking, hacking06-Jan-2025
Missing SPF BUG HUNTINGhttps://medium.com/@cybertips96/missing-spf-bug-hunting-121294c9572e?source=rss------bug_bounty-5Cybertipsbug-bounty06-Jan-2025
How I Found PII at NASA Using Google Dorkinghttps://medium.com/@salaheddine_kalada/how-i-found-pii-at-nasa-using-google-dorking-6447a89decc7?source=rss------bug_bounty-5Salaheddine KALADAbug-bounty-tips, bug-bounty-writeup, bug-bounty-program, bug-bounty, bug-bounty-hunter06-Jan-2025
How I Got My First Critical Bug ## Easy Bughttps://medium.com/@0xoroot/how-i-got-my-first-critical-bug-easy-bug-fb5d1631bcd4?source=rss------bug_bounty-50xorootcritical-thinking, bug-bounty, penetration-testing, hacking, bugs06-Jan-2025
How I Was Able to Block Any Usernamehttps://infosecwriteups.com/how-i-was-able-to-block-any-username-5707a1fbd25c?source=rss------bug_bounty-5JEETPALbug-bounty-tips, cybersecurity, bug-bounty-writeup, business-logic-flaw, bug-bounty06-Jan-2025
Chrome Extension Hacked: - A Wake-Up Call for Users.https://medium.com/@forte.social/chrome-extension-hacked-a-wake-up-call-for-users-c0c8de0281aa?source=rss------bug_bounty-5eSecFortebug-bounty-tips, cybersecurity, chrome-extension, bug-bounty, hacking06-Jan-2025
The Evolution of Bug Bounties: A Decade of Digital Vigilancehttps://medium.com/@hackrate/the-evolution-of-bug-bounties-a-decade-of-digital-vigilance-99b1e86421b0?source=rss------bug_bounty-5Levente Molnarethical-hacking, hacking, bug-bounty-tips, bug-bounty, cybersecurity06-Jan-2025
How IBM Helped Me Get Private Invites on Hacker1https://medium.com/@oxab/how-ibm-helped-me-get-private-invites-on-hacker1-ffbe3c1b26d3?source=rss------bug_bounty-5Oxabbugbounting, bug-bounty-tips, bug-bounty, bug-bounty-writeup06-Jan-2025
Introduction to My Bug Bounty Hunting Serieshttps://it4chis3c.medium.com/introduction-to-my-bug-bounty-hunting-series-79a68dcb07a6?source=rss------bug_bounty-5It4chis3cbug-hunting, bug-bounty, bug-bounty-writeup, web-security, bug-bounty-tips06-Jan-2025
Comprehensive Command and Control Tools for Red Teaming Operationshttps://saconychukwu.medium.com/comprehensive-command-and-control-tools-for-red-teaming-operations-23e458d830c0?source=rss------bug_bounty-5Sacony Chukwubug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity, ethical-hacking06-Jan-2025
Advanced C# Offensive Frameworks for Red Team Operationshttps://saconychukwu.medium.com/advanced-c-offensive-frameworks-for-red-team-operations-a001cac7e10f?source=rss------bug_bounty-5Sacony Chukwuethical-hacking, bug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips06-Jan-2025
Exploiting Session Hijacking Vulnerability: My Bug Bounty Experiencehttps://medium.com/@mickaelbenlolo/exploiting-session-hijacking-vulnerability-my-bug-bounty-experience-659706a24a93?source=rss------bug_bounty-5Mickael Benlolobug-bounty, session-hijacking, penetration-testing, cybersecurity06-Jan-2025
Chasing Bugs, Finding Purpose: My Journey to the First Bounty!https://medium.com/@he4dr0/chasing-bugs-finding-purpose-my-journey-to-the-first-bounty-cf610c0f023e?source=rss------bug_bounty-5he4dr0bug-bounty, hackerone, security-research, information-disclosure, journey06-Jan-2025
How I Found My First Bughttps://medium.com/@dibyaranjanmohanta2806/i-found-my-first-bug-52e20e37b429?source=rss------bug_bounty-5Dibyaranjanmohantabugs, my-first-bug, bug-bounty, bug-bounty-tips, bug-bounty-writeup06-Jan-2025
Eagerbee Backdoor Targets Middle Eastern Government Orgs & ISPshttps://medium.com/@wiretor/eagerbee-backdoor-targets-middle-eastern-government-orgs-isps-e0246bb044c4?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbackdoor, bug-bounty, business, malware, ai06-Jan-2025
Cryptocurrency Wallet Drainers Stole $500 Million in 2024https://medium.com/@wiretor/cryptocurrency-wallet-drainers-stole-500-million-in-2024-7e1da1edb1b7?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, malware, crypto, bug-bounty, ai06-Jan-2025
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tipshttps://mhmmuneef.medium.com/thn-weekly-recap-top-cybersecurity-threats-tools-and-tips-b11776bb3c7b?source=rss------bug_bounty-5Mohammed Muneeftechnology, cybersecurity, bug-bounty, cybercrime, hacking06-Jan-2025
Breaking News: Chinese Hackers Breach U.S. Telecom Networks!https://medium.com/@wiretor/breaking-news-chinese-hackers-breach-u-s-telecom-networks-be8249641716?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, cve, ai, malware06-Jan-2025
A List Of Default Admin Panel Passwords to Boost Your Bug Bountyhttps://bitpanic.medium.com/a-list-of-default-admin-panel-passwords-to-boost-your-bug-bounty-67af4c4f45b2?source=rss------bug_bounty-5Spectat0rguycybersecurity, programming, bug-bounty, technology, bug-bounty-tips06-Jan-2025
HR Admin Account Takeover: Chaining Stored XSS and IDOR in a Human Resource Apphttps://medium.com/@abdullah12987654/hr-admin-account-takeover-chaining-stored-xss-and-idor-in-a-human-resource-app-9718c9e77d34?source=rss------bug_bounty-5Abdullahcyebrsecurity, offensive-security, bug-bounty, ethical-hacking, hacking06-Jan-2025
Bug Bounty — How I Found an XSS Vulnerability Through a “Change Email” Option!https://medium.com/@mickaelbenlolo/bug-bounty-how-i-found-an-xss-vulnerability-through-a-change-email-option-3ed57ba2d11f?source=rss------bug_bounty-5Mickael Benloloxss-vulnerability, penetration-testing, bug-bounty, cybersecurity06-Jan-2025
How I Found My First Bug (RXSS)https://medium.com/@a0xtrojan/how-i-found-my-first-bug-rxss-2ac44e94d628?source=rss------bug_bounty-5A0X_Trojantips-and-tricks, xss-attack, bug-bounty, penetration-testing, web-app-security06-Jan-2025
Hidden Dangers of XSS Vulnerabilities — Real Casehttps://medium.com/meetcyber/hidden-dangers-of-xss-vulnerabilities-real-case-22177daa6fc8?source=rss------bug_bounty-5Erkan Kavasxss-bypass, cybersecurity, xss-attack, bug-bounty, xss-vulnerability06-Jan-2025
Day 0 — 05 : M y Bug Bounty Challenge 0–100k without knowledge in one year!https://medium.com/@dogxxx10/day-0-05-m-y-bug-bounty-challenge-0-100k-without-knowledge-in-one-year-94f090fdf54a?source=rss------bug_bounty-5Dogxxxbug-bounty-writeup, hacking, bug-bounty, bug-bounty-tips, web-hacking06-Jan-2025
P4 Bugs and POC | Part-8https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-8-2b4ed878c53a?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, money, bug-bounty-tips, infosec, hacking06-Jan-2025
How I Exposed IDOR and Path Traversal Vulnerabilities in a Parking Portalhttps://medium.com/@br3ss/how-i-exposed-idor-and-path-traversal-vulnerabilities-in-a-parking-portal-0ae8e4940306?source=rss------bug_bounty-5Br3ssidor, cybersecurity, hacking, path-traversal, bug-bounty06-Jan-2025
P4 Bugs and POC | Part-8https://infosecwriteups.com/p4-bugs-and-poc-part-8-2b4ed878c53a?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, money, bug-bounty-tips, infosec, hacking06-Jan-2025
My First Bug Report in Microsoft Windows Task Managerhttps://medium.com/@abdullah.farwees/my-first-bug-report-in-microsoft-windows-task-manager-726972722e50?source=rss------bug_bounty-5Abdullah Farwees - Video Audio Software Engineermicrosoft-bug, microsoft-bug-bounty, bug-bounty-tips, bugs, bug-bounty05-Jan-2025
From Recon to Exploitation: 100 Linux Commands Every Pentester Must Knowhttps://medium.com/@rundcodehero/from-recon-to-exploitation-100-linux-commands-every-pentester-must-know-e8f118226de6?source=rss------bug_bounty-5Randi Adhityas Saputrabug-bounty, linux-tutorial, cybersecurity, command-line, penetration-testing05-Jan-2025
Exploiting CORS Misconfigurations: A Bug Bounty Case Studyhttps://medium.com/@mickaelbenlolo/exploiting-cors-misconfigurations-a-bug-bounty-case-study-8e85a868c3c8?source=rss------bug_bounty-5Mickael Benlolobug-bounty, cybersecurity, entry-level, pentesting05-Jan-2025
Frontrunning Vulnerability: What It Is, How to Exploit, Prevent, and Mitigate Ithttps://infosecwriteups.com/frontrunning-vulnerability-what-it-is-how-to-exploit-prevent-and-mitigate-it-19149db077bd?source=rss------bug_bounty-5JEETPALcybersecurity, front-running, web3, bugbounty-writeup, bug-bounty05-Jan-2025
Peering into the Shadows: How an Empty Domain Led to a Full-Blown Exploitation Chainhttps://medium.com/@tusharpuri6/peering-into-the-shadows-how-an-empty-domain-led-to-a-full-blown-exploitation-chain-b06219d92d0e?source=rss------bug_bounty-5Tusharpuribug-bounty, penetration-testing, application-security, offensive-security, infosec05-Jan-2025
Easy P4: Cloudflare Bypass, Origin IP Found (Part 1)https://sudosuraj.medium.com/easy-p4-cloudflare-bypass-origin-ip-found-part-1-685d27e73dd0?source=rss------bug_bounty-5sudosurajhackerone, bug-bounty, sudosuraj, bug-bounty-writeup, info-sec-writeups05-Jan-2025
Comprehensive Reconnaissance Tools for Red Teaming and OSINT Operationshttps://saconychukwu.medium.com/comprehensive-reconnaissance-tools-for-red-teaming-and-osint-operations-17b06b698548?source=rss------bug_bounty-5Sacony Chukwupenetration-testing, bug-bounty, hacking05-Jan-2025
Comprehensive Phishing Tools for Red Teaming and Delivery Tacticshttps://saconychukwu.medium.com/comprehensive-phishing-tools-for-red-teaming-and-delivery-tactics-cf30c615ab24?source=rss------bug_bounty-5Sacony Chukwuethical-hacking, penetration-testing, hacking, bug-bounty05-Jan-2025
Bug Bounty — Finding and Exploiting a Cookie Security Flaw: A Deep Dive into PHPSESSID and Missing…https://medium.com/@mickaelbenlolo/bug-bounty-finding-and-exploiting-a-cookie-security-flaw-a-deep-dive-into-phpsessid-and-missing-3aca0db6c1cd?source=rss------bug_bounty-5Mickael Benlolopenetration-testing, bug-bounty, cybersecurity, entry-level05-Jan-2025
Discovering SQLi Vulnerabilities Through Deeper Analysishttps://medium.com/@erkankavas/discovering-sqli-vulnerabilities-through-deeper-analysis-4e305dfbc181?source=rss------bug_bounty-5Erkan Kavascybersecurity, bug-bounty-tips, bug-bounty-writeup, sqli, bug-bounty05-Jan-2025
How I was able to Sign Up at one of the Company Panels ? P3 $$$https://19whoami19.medium.com/how-i-was-able-to-sign-up-at-one-of-the-company-panels-p3-c824d76e36e9?source=rss------bug_bounty-5WHO AM I ?cybersecurity, bug-bounty, pentesting, broken-access-control05-Jan-2025
Finding and Reporting an XSS Vulnerability: My Bug Bounty Journeyhttps://medium.com/@mickaelbenlolo/finding-and-reporting-an-xss-vulnerability-my-bug-bounty-journey-0bc4a4609d34?source=rss------bug_bounty-5Mickael Benloloentry-level, xss-vulnerability, cybersecurity, penetration-testing, bug-bounty05-Jan-2025
Strategies to Maximize Your Earnings on Bug Bounty Platformshttps://bitpanic.medium.com/strategies-to-maximize-your-earnings-on-bug-bounty-platforms-6053aaf0a781?source=rss------bug_bounty-5Spectat0rguycybersecurity, information-technology, technology, bug-bounty, bug-bounty-tips05-Jan-2025
CVE-2025–0224: Provision-ISR SH-4050A-2 Server.js Information Disclosurehttps://medium.com/@wiretor/cve-2025-0224-provision-isr-sh-4050a-2-server-js-information-disclosure-42df13998a66?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicescve, ai, bug-bounty, malware, business05-Jan-2025
CVE-2025–0226: Information Disclosure Vulnerability in Tsinghua Unigroup Electronic Archives…https://medium.com/@wiretor/cve-2025-0226-information-disclosure-vulnerability-in-tsinghua-unigroup-electronic-archives-cf44084fc78c?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, malware, ai, business05-Jan-2025
Account Deletion Flaw Exposes Chats, Researcher Gets $1,000 (5/30DAYS)https://medium.com/@zerodaystories/account-deletion-flaw-exposes-chats-researcher-gets-1-000-5-30days-d51245c30c65?source=rss------bug_bounty-50day storiestechnology, bug-bounty, penetration-testing, hacking, cybersecurity05-Jan-2025
Bug Bounty Goldmine: The Wildest Cybersecurity Discoverieshttps://medium.com/@hackrate/bug-bounty-goldmine-the-wildest-cybersecurity-discoveries-bb6d1be478dd?source=rss------bug_bounty-5Levente Molnarethical-hacking, bug-bounty-tips, bug-bounty, hacking, cybersecurity05-Jan-2025
Top 8 Bug Bounty Platforms in 2025https://hackers-guild-blog.medium.com/top-8-bug-bounty-platforms-in-2025-84a1f6b7b226?source=rss------bug_bounty-5Hackers Guildbug-bounty, hacking, osint, hacker, bug-bounty-program05-Jan-2025
Brute Force Attack (Owaspbwa Lab, Hydra Tool)https://medium.com/@BetterBy0x01/brute-force-attack-owaspbwa-lab-hydra-tool-f3cd947f86bb?source=rss------bug_bounty-5Ashutosh Singh Patelbug-bounty, hacking, security, attack, owasp04-Jan-2025
Besides bXSShttps://wanderication.medium.com/besides-bxss-681f3d97cda9?source=rss------bug_bounty-5Jay Wanderybug-bounty, xss-attack04-Jan-2025
Account TakeOver | Abusing the Application logic flaw in the reset password functionalityhttps://wanderication.medium.com/account-takeover-abusing-the-application-logic-flaw-in-the-reset-password-functionality-1b0a92caafca?source=rss------bug_bounty-5Jay Wanderyaccount-takeover-attacks, bug-bounty04-Jan-2025
Account Takeover via Facebook Oauthhttps://anontriager.medium.com/account-takeover-via-facebook-oauth-cd1f6219f7dd?source=rss------bug_bounty-5Anonymous Traigerbug-bounty, programming, jobs, hacker, cybersecurity04-Jan-2025
Top 15 Vulnerable Web Applications and Websites for Ethical Hacking Practicehttps://saconychukwu.medium.com/top-15-vulnerable-web-applications-and-websites-for-ethical-hacking-practice-d2062e5bc383?source=rss------bug_bounty-5Sacony Chukwupentesting, bug-bounty, hacking04-Jan-2025
Boost Cybersecurity with Bug Bounty Programshttps://medium.com/@ramanidhaval11/boost-cybersecurity-with-bug-bounty-programs-26498ce74226?source=rss------bug_bounty-5Er Dhaval Ramanicybersecurity, bug-bounty, cyber-security-awareness, bugbounty-writeup04-Jan-2025
How I Discovered an Email Disclosure Vulnerabilityhttps://infosecwriteups.com/how-i-discovered-an-email-disclosure-vulnerability-bf798d3f3228?source=rss------bug_bounty-5JEETPALbug-bounty-writeup, cybersecurity, bug-bounty, bugbounty-tips04-Jan-2025
Bug Bash: 11 Creeping Critters Every QA Tester Must Squash!https://medium.com/@divyarajsinhdev/bug-bash-11-creeping-critters-every-qa-tester-must-squash-31d4da2f7805?source=rss------bug_bounty-5Divyarajsinh Dodiabug-bounty, software-testing, qa, automation, software-development04-Jan-2025
List of Top Bug Bounty Platforms for 2025https://medium.com/@hackrate/list-of-top-bug-bounty-platforms-for-2025-a13d86290a14?source=rss------bug_bounty-5Levente Molnarpenetration-testing, ethical-hacking, cybersecurity, bug-bounty, hacking04-Jan-2025
The Power of Swagger UI Docs-Broken access controlhttps://medium.com/@hamdiyasin135/the-power-of-swagger-ui-docs-broken-access-control-a3b57fb035bd?source=rss------bug_bounty-5yassin hamdiaccess-control, hackerone, bug-bounty04-Jan-2025
P4 Bugs and PoC | Part 4https://infosecwriteups.com/p4-bugs-and-poc-part-4-c65113b489b0?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, money, bug-bounty-tips, infosec, hacking04-Jan-2025
Microsoft Vulnerability Exploitation — [IDOR] — Unbinding of Any Microsoft Account’s Recovery Emailhttps://medium.com/@iamjamehas/microsoft-vulnerability-exploitation-idor-unbinding-of-any-microsoft-accounts-recovery-email-0f6dcf50820e?source=rss------bug_bounty-5jamehadvzero-day, red-team, exploits-zero-day, microsoft, bug-bounty04-Jan-2025
API Fuzzing for Bug Bounty: Unlock the Secrets of Vulnerable APIshttps://bevijaygupta.medium.com/api-fuzzing-for-bug-bounty-unlock-the-secrets-of-vulnerable-apis-d8b297280caa?source=rss------bug_bounty-5Vijay Kumar Guptaapi, fuzzing, vulnerability, bug-bounty, api-vulnerabilities04-Jan-2025
Bad Tenable Plugin Updates Take Down Nessus Agents Worldwidehttps://medium.com/@wiretor/bad-tenable-plugin-updates-take-down-nessus-agents-worldwide-baf7c48c34a3?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, xss-attack, ai, malware, bug-bounty04-Jan-2025
New Android Malware Alert: FireScam Targets RuStore Users!https://medium.com/@wiretor/new-android-malware-alert-firescam-targets-rustore-users-b5de983bd805?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, rce, ai, bug-bounty, xss-attack04-Jan-2025
Find XSS Vulnerabilities in Minuteshttps://medium.com/@phirojshah20/find-xss-vulnerabilities-in-minutes-912d02d2b848?source=rss------bug_bounty-5Phirojshahbugs, bug-bounty, bug-bounty-tips, xss-vulnerability, cybersecurity04-Jan-2025
Detecting GraphQL Injection: Tools and Techniques for Security Testershttps://bitpanic.medium.com/detecting-graphql-injection-tools-and-techniques-for-security-testers-f3742d0388aa?source=rss------bug_bounty-5Spectat0rguytechnology, programming, bug-bounty-tips, bug-bounty, cybersecurity04-Jan-2025
How I Found P1 Vulnerability Using Google Dorkhttps://h0x1d.medium.com/how-i-found-a-p1-vulnerability-using-google-dork-33ac0250df89?source=rss------bug_bounty-5Hamed Mohamed - h0x1dbug-bounty, bug-bounty-writeup, bug-bounty-tips04-Jan-2025
My First Year in Bug Bountyhttps://cyxbugs.medium.com/my-first-year-in-bug-bounty-42f39a42fc7f?source=rss------bug_bounty-5Cyxbug-bounty-tips, cybersecurity, hacking, bug-bounty04-Jan-2025
Nikto : VulnerabilityScanner COMMANDShttps://jawstar.medium.com/nikto-vulnerabilityscanner-commands-578b76344097?source=rss------bug_bounty-5Jawstarpenetration-testing, technology, cybersecurity, bug-bounty, nikto04-Jan-2025
P4 Bugs and POC | Part 5https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-5-556962ec83f7?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, money, infosec, hacking, bug-bounty-tips04-Jan-2025
What Is Cross Site Request Forgery?https://medium.com/@dante.falls/what-is-cross-site-request-forgery-a52a48562f58?source=rss------bug_bounty-5Dante Fallscybersecurity, information-security, web-security, bug-bounty04-Jan-2025
Detecting GraphQL Injection: Tools and Techniques for Security Testershttps://medium.com/infosecmatrix/detecting-graphql-injection-tools-and-techniques-for-security-testers-f3742d0388aa?source=rss------bug_bounty-5Spectat0rguytechnology, programming, bug-bounty-tips, bug-bounty, cybersecurity04-Jan-2025
SQL Injection: A Beginner’s Guide PART 1https://medium.com/@hamzamabdulrhman/sql-injection-a-beginners-guide-part-1-0bdb41ec8609?source=rss------bug_bounty-5Hamza M. Abdulrhmanbug-bounty, sql-injection, hacking, sql, sql-server03-Jan-2025
How My Journey Started as a Bug Bounty Hunterhttps://virpalsinh.medium.com/how-my-journey-started-as-a-bug-bounty-hunter-67641b57d01f?source=rss------bug_bounty-5virpalsinhinformation-security, cybersecurity, careers, ethical-hacking, bug-bounty03-Jan-2025
What is an Advanced Persistent Threat (APT)?https://ritikshrivas.medium.com/what-is-an-advanced-persistent-threat-apt-bbf9bb366e2d?source=rss------bug_bounty-5Ritik Shrivasbug-bounty, information-security, vulnerability, cybersecurity, information-technology03-Jan-2025
P4 Bugs and POC | Part 1https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-1-0dab3517bbe9?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, money, infosec, hacking, bug-bounty-tips03-Jan-2025
How I Uncovered an LFI in 15 Seconds: The Tale of a Curious Hacker and an Unprepared Serverhttps://medium.com/@shyamfdo82/how-i-uncovered-an-lfi-in-15-seconds-the-tale-of-a-curious-hacker-and-an-unprepared-server-e49925452007?source=rss------bug_bounty-5Shyamfdocybersecurity, red-team, hacking, penetration-testing, bug-bounty03-Jan-2025
Use SQL-Map at its best.https://medium.com/@anandrishav2228/use-sql-map-at-its-best-64180f9ad279?source=rss------bug_bounty-5Rishav anandhacker, money, cybersecurity, bug-bounty, sql03-Jan-2025
Bug Bounty Methodology Version 2025https://medium.com/@techinsights5/bug-bounty-methodology-version-2025-4cb701838658?source=rss------bug_bounty-5TechInsightsbug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup, bug-bounty-methodology03-Jan-2025
PDF.js Arbitrary JavaScript Code Execution (CVE-2024-4367)https://infosecwriteups.com/pdf-js-arbitrary-javascript-code-execution-cve-2024-4367-be4a64f877df?source=rss------bug_bounty-5coffinxpcve, bug-bounty-tips, bug-bounty, bug-bounty-writeup, pdf03-Jan-2025
What is a Hacker?https://hackers-guild-blog.medium.com/what-is-a-hacker-c957e390855b?source=rss------bug_bounty-5Hackers Guildbounty-program, osint, cybersecurity, hacking, bug-bounty03-Jan-2025
Here’s 24 web-application hacking tools:https://saconychukwu.medium.com/heres-24-web-application-hacking-tools-17369f7f5097?source=rss------bug_bounty-5Sacony Chukwubug-bounty03-Jan-2025
My First RCE Vulnerabilityhttps://medium.com/@RekoJR/my-first-rce-vulnerability-636cdc9f2dab?source=rss------bug_bounty-5Reko !bug-bounty, bug-bounty-writeup03-Jan-2025
PDF.js Arbitrary JavaScript Code Execution (CVE-2024-4367)https://infosecwriteups.com/pdf-js-arbitrary-javascript-code-execution-cve-2024-4367-be4a64f877df?source=rss------bug_bounty-5coffinxpbug-bounty-tips, bug-bounty, bug-bounty-writeup, technology, xss-attack03-Jan-2025
How to Start Penetration Testing: Tools, Techniques, and Tips.https://cybersaurabh.medium.com/how-to-start-penetration-testing-tools-techniques-and-tips-bfbf09a0130a?source=rss------bug_bounty-5The Saurabh Palpenetration-testing, bug-bounty-writeup, bug-bounty, ethical-hacking, hacking03-Jan-2025
Free Labs to Practice XSShttps://medium.com/@MaMad4Ever/free-labs-to-practice-xss-08b11016ba05?source=rss------bug_bounty-5MaMadxss-attack, xss-vulnerability, penetration-testing, xss-challenge, bug-bounty03-Jan-2025
The Ultimate Guide to Top Bug Bounty Platforms in 2025https://medium.com/@hackrate/the-ultimate-guide-to-top-bug-bounty-platforms-in-2025-b6d6c3442188?source=rss------bug_bounty-5Levente Molnarbug-bounty, ethical-hacking, cybersecurity, hacking, penetration-testing03-Jan-2025
MFA Bypass Exposed: A C Flaw in Two-Factor Authenticationhttps://medium.com/@swaroopvenkat828/mfa-bypass-exposed-a-c-flaw-in-two-factor-authentication-6e126b1cfbd0?source=rss------bug_bounty-5swaroop 04mfa, bug-bounty, mfa-bypass, 2025, bugbounty-writeup03-Jan-2025
Siri Privacy Crisis: Apple Faces $95 Million Settlement for Secret Recordings!https://medium.com/@wiretor/siri-privacy-crisis-apple-faces-95-million-settlement-for-secret-recordings-32472ca8e705?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, business, apple, siri, ai03-Jan-2025
€10B Cybersecurity Giant Denies Space Bears Ransomware Breach Claimshttps://medium.com/@wiretor/10b-cybersecurity-giant-denies-space-bears-ransomware-breach-claims-464a80206f57?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, ai, business, malware03-Jan-2025
Hackers’ New Trick — DoubleClickjacking Hijacks Your Accounts Without a Tracehttps://medium.com/@wiretor/hackers-new-trick-doubleclickjacking-hijacks-your-accounts-without-a-trace-d812ec920ac8?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, malware, hacker, bug-bounty, ai03-Jan-2025
Over 3 Million Mail Servers Exposed: Time to Encrypt!https://medium.com/@wiretor/over-3-million-mail-servers-exposed-time-to-encrypt-1c1065932c89?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, ai, malware, bug-bounty, hacking03-Jan-2025
Improper Access Control in APIs Earns $3,900 Bounty(4/30 DAYS)https://medium.com/@zerodaystories/improper-access-control-in-apis-earns-3-900-bounty-4-30-days-5a8668695b84?source=rss------bug_bounty-50day storiespenetration-testing, bug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips03-Jan-2025
Time based user enumeration [identitytoolkit.googleapis.com]https://medium.com/bug-bounty/time-based-user-enumeration-identitytoolkit-googleapis-com-72b2710b380a?source=rss------bug_bounty-5Philippe Delteiluser-enumeration, google-api, bug-bounty03-Jan-2025
P4 Bugs and PoC | Part 2https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-2-0842039eddf3?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, infosec, bug-bounty, money, hacking03-Jan-2025
PicoCTF Writeups — dont-use-client-sidehttps://medium.com/@sobatistacyber/picoctf-writeups-dont-use-client-side-1cda7ae1cc87?source=rss------bug_bounty-5SoBatistactf, bug-bounty, picoctf, hacking, penetration-testing03-Jan-2025
Mastering 403 Bypass Techniques: A Penetration Tester’s Guidehttps://bitpanic.medium.com/mastering-403-bypass-techniques-a-penetration-testers-guide-f3a1cb16b9a3?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, cybersecurity, technology, programming, bug-bounty03-Jan-2025
Python libraries every Hacker should knowhttps://infosecwriteups.com/python-libraries-every-hacker-should-know-97fb5dae2efd?source=rss------bug_bounty-5Abhishek pawarhacking, programming, cybersecurity, python, bug-bounty03-Jan-2025
#ERROR!https://medium.com/@cybertips96/-d6a3961c1fdd?source=rss------bug_bounty-5Cybertipsbug-bounty03-Jan-2025
Vulnerability Testing Techniqueshttps://medium.com/@phirojshah20/vulnerability-testing-techniques-b9498fefd4b3?source=rss------bug_bounty-5Phirojshahbug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty, bugs03-Jan-2025
P4 Bugs and PoC | Part 3https://medium.com/@kumawatabhijeet2002/p4-bugs-and-poc-part-3-8ca9776c87bc?source=rss------bug_bounty-5Abhijeet kumawatinfosec, hacking, bug-bounty-tips, bug-bounty, money03-Jan-2025
TOP 10 VULNERABILITIES IN CYBER SECURITYhttps://medium.com/@saiganesh18062003/top-10-vulnerabilities-in-cyber-security-337bb7a28760?source=rss------bug_bounty-5Levi Ackermansecurity, cybersecurity, technology, bug-bounty, security-services03-Jan-2025
Be Aware Of It, Hacker! How To Keep Yourself Off Dangerous Triggers During Hacking Story!https://medium.com/@nnface/be-aware-of-it-hacker-how-to-keep-yourself-off-dangerous-triggers-during-hacking-story-b4e0962c05a7?source=rss------bug_bounty-5NnFacescammer-alert, cybersecurity, bug-bounty, scam, hacking03-Jan-2025
How I Found an Open AWS S3 Bucket and Used It to Take Over a Subdomainhttps://medium.com/@bochamekh21/how-i-found-an-open-aws-s3-bucket-and-used-it-to-take-over-a-subdomain-75736e90c945?source=rss------bug_bounty-5Boubker Chamekhsubdomain-takeover, bug-bounty, hacking, hackerone, bug-bounty-writeup03-Jan-2025
P4 Bugs and PoC | Part 3https://infosecwriteups.com/p4-bugs-and-poc-part-3-8ca9776c87bc?source=rss------bug_bounty-5Abhijeet kumawatinfosec, hacking, bug-bounty-tips, bug-bounty, money03-Jan-2025
Security Misconfiguration (Tryhackme)https://medium.com/@BetterBy0x01/security-misconfiguration-tryhackme-9c763a743a71?source=rss------bug_bounty-5Ashutosh Singh Pateltryhackme-writeup, tryhackme, hacking, security, bug-bounty02-Jan-2025
Zero Click Account Takeoverhttps://anontriager.medium.com/zero-click-account-takeover-7f8bdcda2236?source=rss------bug_bounty-5Anonymous Traigerrewards, bug-bounty, programing, hacking, cybersecurity02-Jan-2025
hunting #1https://medium.com/@dark_zone/hunting-1-ee308e923359?source=rss------bug_bounty-5darkzonebug-bounty02-Jan-2025
A Recon Tool That Uses AI to Predict Subdomainshttps://medium.com/@kumawatabhijeet2002/a-recon-tool-that-uses-ai-to-predict-subdomains-73a41aaa774d?source=rss------bug_bounty-5Abhijeet kumawatai, bug-bounty, infosec, hacking, recon02-Jan-2025
Code Analysis can help you make $200-$500 (C,C++,Node and general codes)https://medium.com/@anandrishav2228/code-analysis-can-help-you-make-200-500-c-c-node-and-general-codes-cb7752617931?source=rss------bug_bounty-5Rishav anandmoney, programming, cybersecurity, bug-bounty, code02-Jan-2025
WP-CRON Leading to a Complete Denial of Service (DoS) for Bank ‘X’https://cybersecuritywriteups.com/wp-cron-leading-to-a-complete-denial-of-service-dos-for-bank-x-82de725dfa4f?source=rss------bug_bounty-5Guru Prasad Pattanaikethical-hacking, cyber-security-awareness, cyberattack, bug-bounty, cybersecurity02-Jan-2025
【Activities Guide】A detailed overview of the TECNO Security Response Center’s security incentive…https://medium.com/@security.tecno/activities-guide-a-detailed-overview-of-the-tecno-security-response-centers-security-incentive-6e43effd8d37?source=rss------bug_bounty-5TECNO Securitybug-bounty, hacking, security, activity02-Jan-2025
How to Build a Cloud Security Monitoring Dashboard !https://medium.com/@paritoshblogs/how-to-build-a-cloud-security-monitoring-dashboard-81951b57613f?source=rss------bug_bounty-5Paritoshcloud-security, bug-bounty, hacking, cybersecurity, cloud02-Jan-2025
Google Dorks Checklist for Bug Bounty — Bug Bounty Thursdayhttps://medium.com/@kerstan/google-dorks-checklist-for-bug-bounty-bug-bounty-thursday-ab5ccadb91b2?source=rss------bug_bounty-5kerstancybersecurity, bug-bounty, hacking02-Jan-2025
Zendesk Access Token Disclosed in a JavaScript File Allowing Ticket Accesshttps://medium.com/@aloneh1/zendesk-access-token-disclosed-in-a-javascript-file-allowing-ticket-access-cfc5ba637dde?source=rss------bug_bounty-5Anzilbug-bounty, vapt, cybersecurity, bug-bounty-writeup02-Jan-2025
Finding Hidden API-Keys & How to Use themhttps://medium.com/@sumitcfe/finding-hidden-api-keys-how-to-use-them-9c8a187d922b?source=rss------bug_bounty-5Sumit Jainvulnerability, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bugs02-Jan-2025
US Arrests Army Soldier Over AT&T, Verizon Hacking | Linked to Presidential Call Log Leakshttps://medium.com/@wiretor/us-arrests-army-soldier-over-at-t-verizon-hacking-linked-to-presidential-call-log-leaks-25897c6b4e0b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacker, bug-bounty, malware, ai, business02-Jan-2025
Rhode Islanders’ Data Breach: Protect Yourself from Cyberattacks Today!https://medium.com/@wiretor/rhode-islanders-data-breach-protect-yourself-from-cyberattacks-today-1c0f4f79b40b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, business, bug-bounty, hacking, ai02-Jan-2025
Election Interference Exposed: Iranian and Russian Cyber Tactics in the Spotlighthttps://medium.com/@wiretor/election-interference-exposed-iranian-and-russian-cyber-tactics-in-the-spotlight-3e9059006021?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, hacking, business, ai, bug-bounty02-Jan-2025
Three Russian-German Nationals Charged with Spying for Russiahttps://medium.com/@wiretor/three-russian-german-nationals-charged-with-spying-for-russia-838f9b0d39d4?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, ransomware, hacking, secret-service, bug-bounty02-Jan-2025
postMessage XSShttps://medium.com/@rootast/postmessage-xss-f5402c9e219c?source=rss------bug_bounty-5Arash Shahbazijavascript, api, xss-attack, bug-bounty, postmessage02-Jan-2025
WP-CRON Leading to a Complete Denial of Service (DoS) for Bank ‘X’https://cybersecuritywriteups.com/wp-cron-leading-to-a-complete-denial-of-service-dos-for-bank-x-82de725dfa4f?source=rss------bug_bounty-5Guru Prasad Pattanaik || TH3N00BH4CK3Rethical-hacking, cyber-security-awareness, cyberattack, bug-bounty, cybersecurity02-Jan-2025
A Guide to MITRE ATT&CK Cloud Matrices: Simplified with Exampleshttps://medium.com/@paritoshblogs/a-guide-to-mitre-att-ck-cloud-matrices-simplified-with-examples-2f6588b9ac0e?source=rss------bug_bounty-5Paritoshcloud, bug-bounty, hacking, cloud-computing, cybersecurity01-Jan-2025
Refer Friends, Win Credit Rewards!https://medium.com/@security.tecno/refer-friends-win-credit-rewards-574795eeb6a9?source=rss------bug_bounty-5TECNO Securitybug-bounty, hacker, rewards, security01-Jan-2025
Bug Bounty Journey in 2024https://medium.com/@suganthankumaralingam/bug-bounty-journey-in-2024-e4f23874f991?source=rss------bug_bounty-5Suganthankumaralingambug-bounty-writeup, bug-zero, hackerone, bug-bounty-tips, bug-bounty01-Jan-2025
Bypassing Email verification through HTTP response interceptionhttps://callgh0st.medium.com/bypassing-email-verification-through-http-response-interception-7644a907899a?source=rss------bug_bounty-5callgh0stemail, bug-bounty, gaza, hacking, support01-Jan-2025
Win the Race | Exploiting Race Condition Vulnerabilityhttps://medium.com/codingninjablogs/win-the-race-exploiting-race-condition-vulnerability-21ba7297f039?source=rss------bug_bounty-5#$ubh@nk@rinfosec, bug-bounty, web-security, race-condition, hacking01-Jan-2025
My first 100 Days with Bug Bounties.https://medium.com/@rootplinix/my-first-100-days-with-bug-bounties-7c4f69f73d3d?source=rss------bug_bounty-5Abu Hurayrabug-bounty, infosec, vulnerability, cybersecurity, hacking01-Jan-2025
Bypassing Email verification through HTTP response interceptionhttps://infosecwriteups.com/bypassing-email-verification-through-http-response-interception-7644a907899a?source=rss------bug_bounty-5callgh0stemail, bug-bounty, gaza, hacking, support01-Jan-2025
Understanding DNS for Bug Bounty Huntinghttps://medium.com/@mastergojo122/understanding-dns-for-bug-bounty-hunting-428ec422aac6?source=rss------bug_bounty-5Wahid Najimdns-servers, dns, bug-bounty, bug-bounty-writeup01-Jan-2025
Advanced Enumeration Techniqueshttps://medium.com/@phirojshah20/advanced-enumeration-techniques-45cbeb429231?source=rss------bug_bounty-5Phirojshahbugs, cybersecurity, bug-bounty, bug-bounty-tips01-Jan-2025
Discovery and Probing Toolshttps://medium.com/@phirojshah20/discovery-and-probing-tools-5bb0a594b5d2?source=rss------bug_bounty-5Phirojshahbug-bounty-tips, cybersecurity, bug-bounty01-Jan-2025
Bug Bounty Hunting Methodology 2025https://medium.com/@phirojshah20/bug-bounty-hunting-methodology-2025-797bf8ae4c27?source=rss------bug_bounty-5Phirojshahbug-bounty, bug-hunting, reconnaissance, cybersecurity, bugs01-Jan-2025
CVE-2024–56803: Ghostty Vulnerability Allows Command Injectionhttps://medium.com/@wiretor/cve-2024-56803-ghostty-vulnerability-allows-command-injection-23e41eb1e8ad?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, ai, bug-bounty, business, malware01-Jan-2025
Uncover Hidden Web Paths with Recursive Dirbustinghttps://bitpanic.medium.com/uncover-hidden-web-paths-with-recursive-dirbusting-6befea8ab485?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, technology, bug-bounty, cybersecurity, programming01-Jan-2025
Over 3.1 Million Fake Stars on GitHub: A Threat to Trust & Security ️https://medium.com/@wiretor/over-3-1-million-fake-stars-on-github-a-threat-to-trust-security-%EF%B8%8F-f6af3a43224d?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, bug-bounty, malware, hacking, business01-Jan-2025
This Simple GraphQL SSRF Bug Earned Me $3,000 (3/30 DAYS)https://medium.com/@zerodaystories/this-simple-graphql-ssrf-bug-earned-me-3-000-3-30-days-9bd13e2c2f9d?source=rss------bug_bounty-50day storiesbug-bounty, penetration-testing, bug-bounty-writeup, cybersecurity, bug-bounty-tips01-Jan-2025
Dive into Go: A Full Guide for Penetration Testers, Bounty Hunters, and Developershttps://medium.com/@v1xtron/dive-into-go-a-full-guide-for-penetration-testers-bounty-hunters-and-developers-5cc013d3f5c6?source=rss------bug_bounty-5v1xtrongo, learn-to-code, programming-languages, bug-bounty01-Jan-2025
Welcome to our first article on this account!https://medium.com/@Dorking1/welcome-to-our-first-article-on-this-account-f7eb4049b768?source=rss------bug_bounty-5Dorking1bug-bounty, penetration-testing, cybersecurity01-Jan-2025
This Simple GraphQL SSRF Bug Earned $3,000 (3/30 DAYS)https://medium.com/@zerodaystories/this-simple-graphql-ssrf-bug-earned-me-3-000-3-30-days-9bd13e2c2f9d?source=rss------bug_bounty-50day storiesbug-bounty, penetration-testing, bug-bounty-writeup, cybersecurity, bug-bounty-tips01-Jan-2025
File upload bypass — Fuzz magic bytes / Mime types with ffufhttps://medium.com/@opabravo/file-upload-bypass-fuzz-magic-bytes-mime-types-with-ffuf-b218171533d4?source=rss------bug_bounty-5Fate Walkerffuf, fuzzing, penetration-testing, file-upload-vulnerability, bug-bounty31-Dec-2024
From Hidden Parameter to Account Takeoverhttps://medium.com/@radwan0x/from-hidden-parameter-to-account-takeover-e6905f35d93a?source=rss------bug_bounty-5Mohamed Radwanbug-bounty, csrf-attack, bug-bounty-tips31-Dec-2024
Vertical Privilege Escalation from Manager to Owner: A Bug Bounty Storyhttps://medium.com/@swaroopvenkat828/vertical-privilege-escalation-from-manager-to-owner-a-bug-bounty-story-7a039eb0b938?source=rss------bug_bounty-5swaroop 04privilege-escalation, bug-bounty-tips, bug-bounty31-Dec-2024
Sensitive Data Exposure (Tryhackme)https://medium.com/@BetterBy0x01/sensitive-data-exposure-tryhackme-111ed71542af?source=rss------bug_bounty-5Ashutosh Singh Patelsecurity, data, tryhackme, hacking, bug-bounty31-Dec-2024
Mastering XSS in a single read!https://anontriager.medium.com/mastering-xss-in-a-single-read-40bc850427bd?source=rss------bug_bounty-5Anonymous Traigerbug-bounty, hacker, programming, cybersecurity, jobs31-Dec-2024
Mastering 403 Forbidden Bypass Techniques Part-2✨https://medium.com/@kumawatabhijeet2002/mastering-403-forbidden-bypass-techniques-part-2-658af618d5b0?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, 403-forbidden, hacking, infosec, bug-bounty31-Dec-2024
How I Discovered Exposed .env Files on a Subdomain of a Popular Exam Proctoring Websitehttps://medium.com/@anonymousshetty2003/how-i-discovered-exposed-env-files-on-a-subdomain-of-a-popular-exam-proctoring-website-50f1847a9e59?source=rss------bug_bounty-5Anonymousshettyinformation-disclosure, hacking, bug-bounty, cybersecurity, bug-bounty-tips31-Dec-2024
How I Discovered a Leaked cAdvisor Panel Dashboard on a Websitehttps://medium.com/@anonymousshetty2003/how-i-discovered-a-leaked-cadvisor-panel-dashboard-on-a-website-1f097b526b3e?source=rss------bug_bounty-5Anonymousshettycybersecurity, shodan, hacking, bug-bounty, bug-hunting31-Dec-2024
API Pentesting: Unrestricted Resource Consumptionhttps://devilwrites.medium.com/api-pentesting-unrestricted-resource-consumption-2692bf368575?source=rss------bug_bounty-5hackerdevilapi, api-penetration-testing, owasp, api-security, bug-bounty31-Dec-2024
Advanced Analysis: XSS Vulnerability in an AI-Powered Chatbot Servicehttps://medium.com/@MianHammadx0root/advanced-analysis-xss-vulnerability-in-an-ai-powered-chatbot-service-53212f545624?source=rss------bug_bounty-5Mian Hammadxss-attack, cybersecurity, ai-chat-bot, ai, bug-bounty31-Dec-2024
How I Discovered an 8.2 Severity bug on hackerone for Account Takeover via HTML Injectionhttps://medium.com/@ravindrajatav0709/how-i-discovered-an-8-2-severity-bug-on-hackerone-for-account-takeover-via-html-injection-3e5b0ec32cc9?source=rss------bug_bounty-5Ravindrajatavbugs, bug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty31-Dec-2024
My First Year in Bug Bounty Huntinghttps://0xshuvo.medium.com/my-first-year-in-bug-bounty-hunting-2b5c2cb9c205?source=rss------bug_bounty-5Shuvo Kumar Sahabug-bounty-hunter, bug-bounty-writeup, bug-bounty, bug-bounty-tips, infosec31-Dec-2024
OTP Bypass Leads to $2000 (2/30 DAYS)https://medium.com/@zerodaystories/otp-bypass-leads-to-2000-2-30-days-7845b2580e7e?source=rss------bug_bounty-50day storiesbug-bounty-tips, bug-bounty-writeup, bug-bounty, cybersecurity, penetration-testing31-Dec-2024
2024 Bug Bounty Achievementshttps://medium.com/readers-club/2024-bug-bounty-achievements-15c5195031d3?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, cybersecurity, failure, growth-mindset, never-give-up31-Dec-2024
How was I able to lock any user’s account?https://zerocode-ph.medium.com/how-was-i-able-to-lock-any-users-account-4303ff175a04?source=rss------bug_bounty-5Syd Ricafort (0cod3)bug-bounty31-Dec-2024
The Struggles of Manual Security Testers in an Automation-Heavy Bug Bounty Erahttps://mixbanana.medium.com/the-struggles-of-manual-security-testers-in-an-automation-heavy-bug-bounty-era-22cccf32fc13?source=rss------bug_bounty-5MixBananapenetration-testing, security, bug-bounty, cybersecurity31-Dec-2024
U.S. Treasury Breached via Remote Support Platform: Lessons for Cybersecurity Professionalshttps://medium.com/@wiretor/u-s-treasury-breached-via-remote-support-platform-lessons-for-cybersecurity-professionals-bd25d69ee856?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, bug-bounty, ai, xss-attack, hacker31-Dec-2024
Session Hijacking Vulnerability in Password Reset Flow Leading to Cross-Account Accesshttps://medium.com/@iPsalmy/session-hijacking-vulnerability-in-password-reset-flow-leading-to-cross-account-access-4823d88e680a?source=rss------bug_bounty-5iPsalmypenetration-testing, cybersecurity, application-security, information-security, bug-bounty31-Dec-2024
My story of hacking Dutch Government | by Chinmaya Ranahttps://chinmayarana.medium.com/my-story-of-hacking-dutch-government-by-chinmaya-rana-b54ea26c92dd?source=rss------bug_bounty-5Chinmaya Ranahacking, readteam, bug-bounty, cybersecurity, web-security31-Dec-2024
Unleashing My Recon Weapon: A Custom Bash Tool for Bug Bountyhttps://medium.com/@kumawatabhijeet2002/unleashing-my-recon-weapon-a-custom-bash-tool-for-bug-bounty-d946b5f26dd9?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, bug-bounty-tips, recon, hacking, infosec31-Dec-2024
This is a writeup of how can I get critical $$$$ bounty from PII Disclosure - Broken Accesshttps://medium.com/@0xNayelx/this-is-a-writeup-of-how-can-i-get-critical-bounty-from-pii-disclosure-broken-access-7a113e5dc50c?source=rss------bug_bounty-50xNayelbug-bounty-writeup, ctf-writeup, cybersecurity, bug-bounty-tips, bug-bounty31-Dec-2024
SQLi Time-Based Blind Finding Methodshttps://medium.com/@erkankavas/sqli-time-based-blind-finding-methods-cdef02de2d0e?source=rss------bug_bounty-5Erkan Kavassqli, ethical-hacking, bug-bounty, bug-bounty-tips, hacking31-Dec-2024
Old School Out-of-Band (OOB) SQL Injection Manual Approachhttps://anontuttuvenus.medium.com/old-school-out-of-band-oob-sql-injection-manual-approach-cc50b81c5984?source=rss------bug_bounty-5Anon Tuttu Venuswebapplicationpentest, sql-injection, bug-bounty, owasp-top-10, sqli31-Dec-2024
Alhamdulillah ❤️https://medium.com/@momenrezkk90/alhamdulillah-%EF%B8%8F-4c8ba456bec1?source=rss------bug_bounty-5MOAMEN REZKbug-bounty, cybersecurity, penetration-testing, bugs, red-team31-Dec-2024
Mastering Wfuzz: Uncover Hidden Web Vulnerabilitiesehttps://medium.com/@kumawatabhijeet2002/mastering-wfuzz-uncover-hidden-web-vulnerabilitiese-351cbbef18d6?source=rss------bug_bounty-5Abhijeet kumawathacking, bug-bounty-tips, bug-bounty, infosec, medium30-Dec-2024
Sql Injection Vulnerability via Registration Formhttps://medium.com/@kevstrs_/sql-injection-vulnerability-via-registration-form-ccaf7bbddd0b?source=rss------bug_bounty-5kevstrs_sql-injection, bug-bounty, injection, pentesting30-Dec-2024
How I was able to delete a production backend server in my first finding.https://gr3yg05t.medium.com/how-i-was-able-to-delete-a-production-backend-server-in-my-first-finding-5dcce8aa093c?source=rss------bug_bounty-5Mr Greybug-bounty, bug-bounty-tips, info-sec-writeups, infosec, bug-bounty-writeup30-Dec-2024
Triaging an LFI Vulnerability Reporthttps://anontriager.medium.com/triaging-an-lfi-vulnerability-report-ad9a33016f0c?source=rss------bug_bounty-5Anonymous Traigerjobs, programming, money, bug-bounty, cybersecurity30-Dec-2024
US Healthcare Providers May Be Hit With New Cybersecurity Ruleshttps://mhmmuneef.medium.com/us-healthcare-providers-may-be-hit-with-new-cybersecurity-rules-61aa2655ea79?source=rss------bug_bounty-5Mohammed Muneefhealthcare-technology, cybersecurity-awareness, news, bug-bounty, technology30-Dec-2024
️‍♂️ Enhancing Bug Bounty Programs in an AI-Driven Markethttps://infosecwriteups.com/%EF%B8%8F-%EF%B8%8F-enhancing-bug-bounty-programs-in-an-ai-driven-market-e512b0b2766a?source=rss------bug_bounty-5Tal Eliyahubug-bounty, genai, artificial-intelligence, security, cybersecurity30-Dec-2024
DNS Tunneling to Bypass Firewall.https://medium.com/@anandrishav2228/dns-tunneling-to-bypass-firewall-ab5e9d91bd7b?source=rss------bug_bounty-5Rishav anandfirewall, bug-bounty, money, hacking, cybersecurity30-Dec-2024
When APIs Can’t Keep Up: How I Exploited Misconfigured Rate Limits to Crash the Partyhttps://myselfakash20.medium.com/when-apis-cant-keep-up-how-i-exploited-misconfigured-rate-limits-to-crash-the-party-e5be48d4cacd?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, bug-bounty, bug-bounty-writeup, technology, cybersecurity30-Dec-2024
Exploiting SQLi to Query Database Version on MySQL and Microsofthttps://osintteam.blog/exploiting-sqli-to-query-database-version-on-mysql-and-microsoft-8d38a3ec42b4?source=rss------bug_bounty-5The Cybersec Cafésql-injection, cybersecurity, information-security, penetration-testing, bug-bounty30-Dec-2024
Server-side vulnerabilities | #1 PATH TRAVERSALhttps://medium.com/@agapehearts/server-side-vulnerabilities-1-path-traversal-5df782acb60d?source=rss------bug_bounty-5Agape HearTsethical-hacking, portswigger, servers, cybersecurity, bug-bounty30-Dec-2024
CSRF Enable 2FA allow User Lose Access to Their Account.https://anjarwilujeng.medium.com/csrf-enable-2fa-allow-user-lose-access-to-their-account-331eaed89d25?source=rss------bug_bounty-5AWesomebug-bounty, bug-bounty-writeup, csrf30-Dec-2024
Hacker Nedir ve Türleri Nelerdir?https://medium.com/@gzmpyrz99/hacker-nedir-ve-t%C3%BCrleri-nelerdir-abff0e616fbf?source=rss------bug_bounty-5Gizem Poyrazblue-team, hacker, red-team, scriptkkiddie, bug-bounty30-Dec-2024
When APIs Can’t Keep Up: How I Exploited Misconfigured Rate Limits to Crash the Partyhttps://infosecwriteups.com/when-apis-cant-keep-up-how-i-exploited-misconfigured-rate-limits-to-crash-the-party-e5be48d4cacd?source=rss------bug_bounty-5Akash Ghoshbug-bounty, hacking, programming, technology, cybersecurity30-Dec-2024
Weirdest access control vulnerability I have ever found…https://siratsami71.medium.com/weirdest-access-control-vulnerability-i-have-ever-found-b3ea97019fad?source=rss------bug_bounty-5Sirat Sami (analyz3r)hackerone, security, pentesting, bug-bounty30-Dec-2024
What Bug Bounty Hunters Don’t Tell You.https://medium.com/@padhyepushkar/what-bug-bounty-hunters-dont-tell-you-78969ca0916a?source=rss------bug_bounty-5Pushkar Padhyebug-bounty, bug-bounty-writeup, bug-bounty-tips, blogging, knowledge30-Dec-2024
Unauthorized Account Deletion via Email Spoofinghttps://medium.com/@Salmansaifeldin/unauthorized-account-deletion-via-email-spoofing-dbfccad287c7?source=rss------bug_bounty-5Salman SaifEl-Dinbug-bounty-tips, cybersecurity, bug-bounty30-Dec-2024
Unlocking Secrets: How to Create Your Own Wordlist for Hidden Directories and Endpoints ✨https://medium.com/@kumawatabhijeet2002/unlocking-secrets-how-to-create-your-own-wordlist-for-hidden-directories-and-endpoints-9d78539857b3?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, hacking, bug-bounty, medium, infosec30-Dec-2024
Bug Bounty Insights: 10 Key Findings - Email Verification Flaws - Part 4https://medium.com/@maakthon/bug-bounty-insights-10-key-findings-email-verification-flaws-part-4-49412c461450?source=rss------bug_bounty-5Mahmoud Abd Alkarimbug-bounty-tips, security-research, bug-bounty, cybersecurity, broken-access-control30-Dec-2024
Delete any comment without admin privilegehttps://medium.com/@a.essam0_o/delete-any-comment-without-admin-privilege-d5af9105ed9d?source=rss------bug_bounty-5A.Essamattack, bug-bounty, web, hacking, pentesting30-Dec-2024
PortSwigger — Authenticationhttps://medium.com/@rzashirinov38/portswigger-authentication-e3760f4d1411?source=rss------bug_bounty-5Rza Shirinovportswigger, authentication, web, bug-bounty, login30-Dec-2024
Hidden Gems: Simple Exploits Overlooked by Most Bug Huntershttps://bitpanic.medium.com/hidden-gems-simple-exploits-overlooked-by-most-bug-hunters-3113cc1db4b8?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, bug-bounty, technology, cybersecurity, programming30-Dec-2024
Apache MINA CVE-2024–52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serializationhttps://medium.com/@wiretor/apache-mina-cve-2024-52046-cvss-10-0-flaw-enables-rce-via-unsafe-serialization-1d042d0ad53e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesxss-attack, malware, hacking, bug-bounty, apache-mina30-Dec-2024
Outdated D-Link Routers Under Siege: Botnets Exploit Vulnerabilitieshttps://medium.com/@wiretor/outdated-d-link-routers-under-siege-botnets-exploit-vulnerabilities-24fa380d9e2e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, ai, xss-attack, hacking30-Dec-2024
US Cracks Down on Foreign Exploitation of Personal Informationhttps://medium.com/@wiretor/us-cracks-down-on-foreign-exploitation-of-personal-information-1c57dd844750?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, usa, bug-bounty, hacker, xss-attack30-Dec-2024
Telecom Giants Secure Networks After Salt Typhoon Espionage Scandalhttps://medium.com/@wiretor/telecom-giants-secure-networks-after-salt-typhoon-espionage-scandal-106159c959ba?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesxss-attack, bug-bounty, malware, ai, hacking30-Dec-2024
Useful Extensions for Bug Bounty Huntinghttps://medium.com/@phirojshah20/useful-extensions-for-bug-bounty-hunting-0a1f4e32344c?source=rss------bug_bounty-5Phirojshahcybersecurity, bug-bounty, bugs, bug-bounty-tips, extension30-Dec-2024
How to Find Origin IP of any Website Behind a WAFhttps://infosecwriteups.com/how-to-find-origin-ip-of-any-website-behind-a-waf-c85095156ef7?source=rss------bug_bounty-5coffinxpbug-bounty-tips, waf-bypass, bug-bounty, technology, recon30-Dec-2024
Mastering the Art of Bug Bounty Hunting: A Step-by-Step Guidehttps://medium.com/@kumawatabhijeet2002/mastering-the-art-of-bug-bounty-hunting-a-step-by-step-guide-8eaabfe1cbf6?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, infosec, hacking, free, bug-bounty-tips30-Dec-2024
Discovered 30 BOLA + IDOR vulnerabilities in a single subdomain (BBP).https://im4x.medium.com/discovered-30-bola-idor-vulnerabilities-in-a-single-subdomain-bbp-a382e4554e71?source=rss------bug_bounty-5Ahmed Najehhacking, bug-bounty, hackerone30-Dec-2024
How I Took Over Millions of Instagram Accounts Using SQL Injection Method & Takeover via Filtering…https://pwn0sec.medium.com/how-i-took-over-millions-of-instagram-accounts-using-sql-injection-method-takeover-via-filtering-cd858d486a54?source=rss------bug_bounty-5PwnOsec Research Groupsindonesian, bug-bounty, pemerintah-indonesia, bug-bounty-tips30-Dec-2024
Breaking app’s logic workflow to decrease the payments’ amountshttps://medium.com/@bag0zathev2/breaking-apps-logic-workflow-to-decrease-the-payments-amounts-9c9f44efe23d?source=rss------bug_bounty-5Fares Walid (SirBugs)cybersecurity, bug-bounty, bug-hunting, payment-gateway, payments29-Dec-2024
Command Injection (Tryhackme and Owaspbwa)https://medium.com/@BetterBy0x01/command-injection-tryhackme-and-owaspbwa-6765b324c99d?source=rss------bug_bounty-5Ashutosh Singh Patelcommand-injection, security, bug-hunting, hacking, bug-bounty29-Dec-2024
how i found the parameter tempering vulnerability?https://doordiefordream.medium.com/how-i-found-the-parameter-tempering-vulnerability-09c4ea5f9675?source=rss------bug_bounty-5Bug hunter balubug-bounty, hacking, cybersecurity, ethical-hacking, web329-Dec-2024
Cross-Domain Referrer Leakage (Bug Bounty)https://anontriager.medium.com/cross-domain-referrer-leakage-bug-bounty-5c7fb967883d?source=rss------bug_bounty-5Anonymous Traigerbug-bounty, cybersecurity, bug-bounty-tips, jobs, bug-bounty-writeup29-Dec-2024
How to find SSRF, Bypass Cloudflare, and extract AWS metadatahttps://anontriager.medium.com/how-to-find-ssrf-bypass-cloudflare-and-extract-aws-metadata-46d1ee6d1857?source=rss------bug_bounty-5Anonymous Traigercybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty, jobs29-Dec-2024
Uncovering Race Conditions in Endpoint API Key Generationhttps://anjarwilujeng.medium.com/uncovering-race-conditions-in-endpoint-api-key-generation-dec3abf31a83?source=rss------bug_bounty-5AWesomerace-condition, bug-bounty-writeup, bug-bounty29-Dec-2024
HTB Write-Up: Retrieving the Flag via cURL | 使用 cURL 提取 Flaghttps://medium.com/@lixinlovestudy/htb-write-up-retrieving-the-flag-via-curl-%E4%BD%BF%E7%94%A8-curl-%E6%8F%90%E5%8F%96-flag-5987084868bb?source=rss------bug_bounty-5Lixin Zhanghackthebox, writeup, bug-bounty29-Dec-2024
Complete Guide to SQL Injection Detection: A Security Researcher’s Handbookhttps://medium.com/@phirojshah20/complete-guide-to-sql-injection-detection-a-security-researchers-handbook-c3b25d40bdb6?source=rss------bug_bounty-5Phirojshahcybersecurity, bug-bounty, sql, sql-injection, bugs29-Dec-2024
Apk Bug Boundy Guidehttps://medium.com/@adithyakrishnav001/apk-bug-boundy-guide-7968d04baf7e?source=rss------bug_bounty-5Adithyakrishna Vhacking, android, bug-bounty, apk, aad129-Dec-2024
Crack the Code: A Beginner’s Blueprint to Cybersecurity Successhttps://medium.com/@divyesh.jagad/crack-the-code-a-beginners-blueprint-to-cybersecurity-success-6aa6546a89bd?source=rss------bug_bounty-5Divyesh Jagadinfosec, cybersecurity, bug-bounty, beginner, income29-Dec-2024
Hunting Hidden Gems: Bug Bounties in the Code of JavaScripthttps://medium.com/@loayahmed686/hunting-hidden-gems-bug-bounties-in-the-code-of-javascript-f369a6617204?source=rss------bug_bounty-5r00tcode-review, bug-bounty-tips, bug-bounty29-Dec-2024
BEST AUTOMATED TOOLS THAT YOU NEED TO KNOW NOW ?????https://jawstar.medium.com/best-automated-tools-that-you-need-to-know-now-f7c883f0487c?source=rss------bug_bounty-5Jawstarautomation-testing, automation, penetration-testing, vulnerability, bug-bounty29-Dec-2024
OWASP Top 10 2025: What to Expecthttps://infosecwriteups.com/owasp-top-10-2025-what-to-expect-22b8ede0c428?source=rss------bug_bounty-5Aditya Sawantpenetration-testing, bug-bounty, information-security, owasp, cybersecurity29-Dec-2024
Brazilian Hacker Charged with Extorting $3.2M in Bitcoin After Breaching 300,000 Accountshttps://medium.com/@wiretor/brazilian-hacker-charged-with-extorting-3-2m-in-bitcoin-after-breaching-300-000-accounts-22a888c20177?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesxss-attack, ai, business, bug-bounty, malware29-Dec-2024
Ruijie Networks’ Cloud Platform Vulnerabilities Could Expose 50,000 Devices to Remote Attackshttps://medium.com/@wiretor/ruijie-networks-cloud-platform-vulnerabilities-could-expose-50-000-devices-to-remote-attacks-0c71e3e230b0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacker, bug-bounty, ai, business, malware29-Dec-2024
Critical Alert: CVE-2024–12356 Command Injection Vulnerability in BeyondTrust RS & PRAhttps://medium.com/@wiretor/critical-alert-cve-2024-12356-command-injection-vulnerability-in-beyondtrust-rs-pra-6e8df2f63471?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, bug-bounty, ai, bus, malware29-Dec-2024
Hackers Target ZAGG Customers in Third-Party Breach: Credit Card Data Exposedhttps://medium.com/@wiretor/hackers-target-zagg-customers-in-third-party-breach-credit-card-data-exposed-8d2ac0f66ba2?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, business, bug-bounty, malware, hacker29-Dec-2024
Mastering DIRB: Your Guide to Uncovering Hidden Web Directorieshttps://medium.com/@kumawatabhijeet2002/mastering-dirb-your-guide-to-uncovering-hidden-web-directories-d336f6dafa36?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, hacking, infosec, free, bug-bounty-tips29-Dec-2024
Every Flask app hides a story—be the one to uncover ithttps://bitpanic.medium.com/every-flask-app-hides-a-story-be-the-one-to-uncover-it-32f2942f7927?source=rss------bug_bounty-5Spectat0rguyinformation-security, cybersecurity, technology, bug-bounty, bug-bounty-tips29-Dec-2024
How I Unsubscribed 100+ Emails Including CEO*CTO*CISO* Etc Of The Company With Out User Interactionhttps://medium.com/@alexandermr289/how-i-unsubscribed-100-emails-including-ceo-cto-ciso-etc-of-the-company-with-out-user-interaction-f6d78320ddaf?source=rss------bug_bounty-5Mr_alexanderosint, cybersecurity, medium, bug-bounty, darkweb29-Dec-2024
HTML Injectionhttps://medium.com/@mastergojo122/html-injection-b6f4151c7d6a?source=rss------bug_bounty-5Wahid Najimhtml-injection, bug-bounty-writeup, cybersecurity, bug-bounty29-Dec-2024
403/401 Bypass Methods + Bash Automation + Your Support 😉https://anontriager.medium.com/403-401-bypass-methods-bash-automation-your-support-5468b93599fd?source=rss------bug_bounty-5Anonymous Traigerbug-bounty, cybersecurity, bugbounty-tips, bug-bounty-writeup28-Dec-2024
The Bug Bounty Reconnaissance Framework (BBRF)https://anontriager.medium.com/the-bug-bounty-reconnaissance-framework-bbrf-9e6d5d814551?source=rss------bug_bounty-5Anonymous Traigerbug-bounty, cybersecurity, bugbounty-tips, bug-bounty-writeup28-Dec-2024
You can find hardcoded API-Key, Secret, Token Etc…https://anontriager.medium.com/you-can-find-hardcoded-api-key-secret-token-etc-d27130c481a8?source=rss------bug_bounty-5Anonymous Traigercybersecurity, bugbounty-poc, bug-bounty, bugbounting, bug-bounty-tips28-Dec-2024
Exploiting Weak Password Change Mechanisms: Real-World Scenarioshttps://medium.com/@alvinbijo_174/exploiting-weak-password-change-mechanisms-real-world-scenarios-84394158e9d8?source=rss------bug_bounty-5session-xbug-bounty-tips, bug-bounty28-Dec-2024
IDOR Flaw Leads to $1160 Bounty (1/30 DAYS)https://medium.com/@zerodaystories/idor-flaw-leads-to-1160-bounty-1-30-days-406cd288bebb?source=rss------bug_bounty-50day storiesbug-bounty, cybersecurity, bug-bounty-tips, bug-bounty-writeup, penetration-testing28-Dec-2024
How I was able to delete MFA of any user without Authenticationhttps://medium.com/@sharp488/how-i-was-able-to-delete-mfa-of-any-user-without-authentication-814904b506a2?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbug-bounty-writeup, information-security, bug-bounty-hunter, bug-bounty-tips, bug-bounty28-Dec-2024
Bug Hunting Methodology: A Comprehensive Guidehttps://medium.com/@phirojshah20/bug-hunting-methodology-a-comprehensive-guide-619978852f89?source=rss------bug_bounty-5Phirojshahrecon, reconnaissance, bug-bounty, bug-bounty-tips, cybersecurity28-Dec-2024
Best Cyber Security tools You Must Know before 2024 ENDShttps://medium.com/meetcyber/best-cyber-security-tools-you-must-know-before-2024-ends-c207bd6ba0cd?source=rss------bug_bounty-5Abhishek pawarbug-bounty, hacking, news, cybersecurity, ethical-hacking28-Dec-2024
Default Credentials Put 15,000+ Four-Faith Routers at Riskhttps://medium.com/@wiretor/default-credentials-put-15-000-four-faith-routers-at-risk-65d235b23cfe?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacker, malware, business, bug-bounty, ai28-Dec-2024
✈️ Japan Airlines Hit by Cyberattack: A Wake-Up Call for Aviation Cybersecurity! ✈️https://medium.com/@wiretor/%EF%B8%8F-japan-airlines-hit-by-cyberattack-a-wake-up-call-for-aviation-cybersecurity-%EF%B8%8F-dfddcafa3d34?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, xss-attack, hacking, japan, bug-bounty28-Dec-2024
Volkswagen Leak Reveals 800,000 Cars’ Data: Precision Geo-Locations Exposed!https://medium.com/@wiretor/volkswagen-leak-reveals-800-000-cars-data-precision-geo-locations-exposed-80acc7587581?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, ai, bug-bounty, hacking, business28-Dec-2024
Chinese Hackers Target U.S. Telecoms: What You Need to Knowhttps://medium.com/@wiretor/chinese-hackers-target-u-s-telecoms-what-you-need-to-know-4637ca456eeb?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, bug-bounty, malware, ai, business28-Dec-2024
Mastering Gobuster: Unveiling Hidden Paths in Web Applicationshttps://medium.com/@kumawatabhijeet2002/mastering-gobuster-unveiling-hidden-paths-in-web-applications-2c7b6bb2fb1d?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, bug-bounty-tips, hidden, hacking, infosec28-Dec-2024
Admin Hunter: Fast and Efficient Admin Panel Discoveryhttps://medium.com/@rootspaghetti/admin-hunter-fast-and-efficient-admin-panel-discovery-6461e818942c?source=rss------bug_bounty-5Root@Spaghettibug-bounty-tips, bug-bounty28-Dec-2024
Logic Flaw: Turning an Invitation Function into a Revenue Blockerhttps://gr3yg05t.medium.com/logic-flaw-turning-an-invitation-function-into-a-revenue-blocker-b4523dc46dde?source=rss------bug_bounty-5Mr Greybug-bounty-writeup, bug-bounty-tips, bug-bounty, business-logic-flaw, infosec27-Dec-2024
Most commonly found Vulnerabilities in Web Applications.https://medium.com/paktolus-engineering/most-commonly-found-vulnerabilities-in-web-applications-01dfb54530e2?source=rss------bug_bounty-5Jay Shankarpenetration-testing, web-vulnerabilities, bug-bounty-writeup, bug-bounty, vapt-services27-Dec-2024
Logic Flaw: Using Invitation Function to Block Other Accountshttps://gr3yg05t.medium.com/logic-flaw-turning-an-invitation-function-into-a-revenue-blocker-b4523dc46dde?source=rss------bug_bounty-5Mr Greybug-bounty-writeup, bug-bounty-tips, bug-bounty, business-logic-flaw, infosec27-Dec-2024
Cookie Replayhttps://vikasrai11.medium.com/cookie-replay-e379800e40b2?source=rss------bug_bounty-5Vikas Raipenetration-testing, bug-bounty, vulnerability, security-token, cybersecurity27-Dec-2024
How i accidentally found a 1-click account takeover bughttps://infosecwriteups.com/how-i-accidentally-found-a-1-click-account-takeover-bug-dd27a512dd22?source=rss------bug_bounty-5callgh0staccount-takeover, transparency, gaza, bug-bounty, hacking27-Dec-2024
Is 2025 the Year to Begin Bug Bounty Hunting? Here’s What you need to Know ..https://medium.com/@techinsights5/is-2025-the-year-to-begin-bug-bounty-hunting-heres-what-you-need-to-know-3e61bcf14a4b?source=rss------bug_bounty-5TechInsightsethical-hacking, bug-bounty-tips, bug-bounty-writeup, bug-bounty, cybersecurity27-Dec-2024
AdsPower「安全众测计划」后,What’s Next?https://medium.com/@AdsPowerHK/adspower-%E5%AE%89%E5%85%A8%E4%BC%97%E6%B5%8B%E8%AE%A1%E5%88%92-%E5%90%8E-whats-next-01a612937c93?source=rss------bug_bounty-5AdsPower 指紋瀏覽器bug-bounty, 指纹浏览器, adspower27-Dec-2024
The WAF Gambit: How I Bypassed a Client’s Web Application Firewall and Exposed a Vulnerabilityhttps://medium.com/@GHOSTWIELD/the-waf-gambit-how-i-bypassed-a-clients-web-application-firewall-and-exposed-a-vulnerability-d8f47452429a?source=rss------bug_bounty-5GhostWieldcybersecurity, money, hacking, trends, bug-bounty27-Dec-2024
Game Hacking: Exploiting Executables and Librarieshttps://medium.com/@k3r0/game-hacking-exploiting-executables-and-libraries-27c1b144732a?source=rss------bug_bounty-5Kyrillos nadyhacking, android, bug-bounty, penetration-testing, games27-Dec-2024
Bug Bounty Hunting Using Android: A Mobile Hacker’s Toolkithttps://bitpanic.medium.com/bug-bounty-hunting-using-android-a-mobile-hackers-toolkit-195ea39cccd6?source=rss------bug_bounty-5Spectat0rguyinformation-security, bug-bounty, technology, bug-bounty-tips, cybersecurity27-Dec-2024
Hackers Exploit CVE-2024–3393 to Disable Palo Alto Networks Firewallshttps://medium.com/@wiretor/hackers-exploit-cve-2024-3393-to-disable-palo-alto-networks-firewalls-00e89bb60c11?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, xss-attack, malware, hacking27-Dec-2024
Beware of ‘OtterCookie’ Malware: Devs Targeted with Fake Job Offers!https://medium.com/@wiretor/beware-of-ottercookie-malware-devs-targeted-with-fake-job-offers-01367c51f639?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, malware, bug-bounty, hacking, ai27-Dec-2024
Chrome Extensions Hijacked: Protect Your Data Now!https://medium.com/@wiretor/chrome-extensions-hijacked-protect-your-data-now-8bd0e43d8473?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesxs, hacking, malware, bug-bounty, ai27-Dec-2024
Mastering FFUF: The Ultimate Fuzzing Toolkithttps://medium.com/@kumawatabhijeet2002/mastering-ffuf-the-ultimate-fuzzing-toolkit-e16a85416c5c?source=rss------bug_bounty-5Abhijeet kumawathacking, bug-bounty, bug-bounty-tips, infosec, medium27-Dec-2024
BPP [$750]Arbitrary File Upload Vulnerability To Remote Code Execution (RCE) Outside the Platform.https://aryasec.medium.com/bpp-750-arbitrary-file-upload-vulnerability-to-remote-code-execution-rce-outside-the-platform-9093b51d044d?source=rss------bug_bounty-5Tengku Arya Saputrarce-vulnerability, penetration-testing, bug-bounty, rce, bug-bounty-writeup27-Dec-2024
Must-Have Browser Extensions for Bug Bounty Huntershttps://aiwolfie.medium.com/must-have-browser-extensions-for-bug-bounty-hunters-58edff558912?source=rss------bug_bounty-5AIwolfiebug-bounty, bug-bounty-tips, hacking, ethical-hacking, bug-bounty-writeup27-Dec-2024
Bug Chain: pre-auth takeover to permanent access.https://gr3yg05t.medium.com/bug-chain-pre-auth-takeover-to-permanent-access-4d92829ed816?source=rss------bug_bounty-5Mr Greybug-bounty-tips, bug-bounty, infosec, bug-bounty-writeup, business-logic-flaw27-Dec-2024
Bug Bounty Hunting Using Android: A Mobile Hacker’s Toolkithttps://medium.com/infosecmatrix/bug-bounty-hunting-using-android-a-mobile-hackers-toolkit-195ea39cccd6?source=rss------bug_bounty-5Spectat0rguyinformation-security, bug-bounty, technology, bug-bounty-tips, cybersecurity27-Dec-2024
Uncovering Amazon S3 Bucket Vulnerabilities: A Comprehensive Guide for Ethical Hackershttps://medium.com/@kumawatabhijeet2002/uncovering-amazon-s3-bucket-vulnerabilities-a-comprehensive-guide-for-ethical-hackers-124790bf9e62?source=rss------bug_bounty-5Abhijeet kumawats3, amazon, hacking, bug-bounty-tips, bug-bounty26-Dec-2024
How i Found WCP To DoS Attack Worth of $$$https://medium.com/@RekoJR/how-i-found-wcp-to-dos-attack-worth-of-f1a14553be82?source=rss------bug_bounty-5Reko !bug-bounty-tips, cache, bug-bounty26-Dec-2024
My Second Year into Bug Bounties — From Google Dorks to Manual Huntinghttps://medium.com/@vedantroy/my-second-year-into-bug-bounties-from-google-dorks-to-manual-hunting-ea8f80dc5b21?source=rss------bug_bounty-5Vedant Roybugbounty-writeup, cybersecurity, bugs, bug-bounty, bug-bounty-tips26-Dec-2024
Find XSS Vulnerabilities in Just 2 Minuteshttps://coffinxp.medium.com/find-xss-vulnerabilities-in-just-2-minutes-d14b63d000b1?source=rss------bug_bounty-5coffinxpxss-attack, hacking, automation, bug-bounty-tips, bug-bounty26-Dec-2024
Uncovering Amazon S3 Bucket Vulnerabilities: A Comprehensive Guide for Ethical Hackershttps://medium.com/infosecmatrix/uncovering-amazon-s3-bucket-vulnerabilities-a-comprehensive-guide-for-ethical-hackers-124790bf9e62?source=rss------bug_bounty-5Abhijeet kumawats3, amazon, hacking, bug-bounty-tips, bug-bounty26-Dec-2024
Easy Bounties: JavaScript (JS) File Analysishttps://aditya-narayan.medium.com/easy-bounties-javascript-js-file-analysis-72ba5eb44822?source=rss------bug_bounty-5Aditya Narayanbug-bounty-writeup, cybersecurity, writers-on-medium, bug-bounty-tips, bug-bounty26-Dec-2024
Stuxnet: The Virus That Shook the Worldhttps://medium.com/@zerodaystories/stuxnet-the-virus-that-shook-the-world-27e7f1349c8f?source=rss------bug_bounty-50day storiestechnology, science, bug-bounty, cybersecurity, hacking26-Dec-2024
Unauthenticated RCE Bug Bounty POC | Private Bug Bounty Program | CVE-2020–11798https://pwn0sec.medium.com/unauthenticated-rce-bug-bounty-poc-private-bug-bounty-program-cve-2020-11798-dbbb626b9fdb?source=rss------bug_bounty-5PwnOsec Research Groupsferari, bug-bounty-tips, bug-bounty26-Dec-2024
Access Granted !https://vikasrai11.medium.com/access-granted-5f4747775247?source=rss------bug_bounty-5Vikas Raibug-bounty, cybersecurity, acces, vulnerability26-Dec-2024
Traditional Pentest vs. Bug Bounty Program: The Pros, The Cons, and How to Do It Righthttps://medium.com/@hackrate/traditional-pentest-vs-bug-bounty-program-the-pros-the-cons-and-how-to-do-it-right-f2d8beff40bf?source=rss------bug_bounty-5Levente Molnarpenetration-testing, ethical-hacking, hacking, cybersecurity, bug-bounty26-Dec-2024
Apache Traffic Control Vulnerability Let Attackers Inject Malicious SQL Commandshttps://mhmmuneef.medium.com/apache-traffic-control-vulnerability-let-attackers-inject-malicious-sql-commands-66188cbcd84d?source=rss------bug_bounty-5Mohammed Muneefhacking, bug-bounty, information-security, technology, cybersecurity26-Dec-2024
Critical SQL Injection Vulnerability in Apache Traffic Controlhttps://medium.com/@wiretor/critical-sql-injection-vulnerability-in-apache-traffic-control-a28cedca8b93?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, malware, xss-attack, bug-bounty, ai26-Dec-2024
IBM AIX Vulnerability: Attackers Can Trigger DoS Conditionhttps://medium.com/@wiretor/ibm-aix-vulnerability-attackers-can-trigger-dos-condition-5a5532a8ba66?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, bug-bounty, hacker, xss-attack, malware26-Dec-2024
Find Secrets in Hidden Directories Using Fuzzing ️https://medium.com/@kumawatabhijeet2002/find-secrets-in-hidden-directories-using-fuzzing-%EF%B8%8F-21a9a96c3246?source=rss------bug_bounty-5Abhijeet kumawatfuzzing, infosec, bug-bounty, hacking, bounty-program26-Dec-2024
How I found an IDOR on Achmeahttps://medium.com/@nayeems3c/how-i-found-idor-on-achmea-cf9ce4b7d908?source=rss------bug_bounty-5Nayeem Islambug-bounty, idor, penetration-testing, bug-bounty-writeup, web-security26-Dec-2024
Earn up to $30,000 by just thinking like a pro hacker while pentesting.https://medium.com/@anandrishav2228/earn-up-to-30-000-by-just-thinking-like-a-pro-hacker-while-pentesting-da8e5984ccb9?source=rss------bug_bounty-5Rishav anandbug-bounty, hacker, money, penetration-testing, cybersecurity26-Dec-2024
Fuzzing with AFL++https://medium.com/@arohablue/introduction-to-fuzzing-with-afl-42d37ea78386?source=rss------bug_bounty-5Aroha bluebug-bounty, afl, fuzzing, kali, security26-Dec-2024
XSS Via SVG File Uploadhttps://abhishekgk.medium.com/xss-via-svg-file-upload-5c30af809107?source=rss------bug_bounty-5Abhishekgkbug-bounty, file-upload-vulnerability, bug-bounty-tips, xss-attack, bug-bounty-writeup26-Dec-2024
Interesting Technique to Enumerate Table Names in MySQL 8.xhttps://j3x.medium.com/interesting-technique-to-enumerate-table-names-in-mysql-8-x-668857d43186?source=rss------bug_bounty-5Amdjed Zerrouguibug-bounty, cybersecurity, hacking, penetration-testing26-Dec-2024
Bug Critical Flaw: Default Password to Super Admin!https://medium.com/@firdansp/bug-critical-flaw-default-password-to-super-admin-ef20c4214231?source=rss------bug_bounty-50verRidabugs, cybersecurity, bug-bounty, bug-bounty-tips, hacker25-Dec-2024
Business logic: I can order anything from your account without paying for ithttps://gr3yg05t.medium.com/business-logic-i-can-order-anything-from-your-account-without-paying-for-it-86ef070e01dd?source=rss------bug_bounty-5Mr Greyinfosec, bug-bounty, business-logic-flaw, infosec-write-ups, bug-bounty-writeup25-Dec-2024
My First Encounter with Stored XSS ️‍♂️https://infosecwriteups.com/my-first-encounter-with-stored-xss-%EF%B8%8F-%EF%B8%8F-88e167582b7e?source=rss------bug_bounty-5cryptoshantcybersecurity, bug-bounty, hacking, stored-xss, success25-Dec-2024
How I accidentally found an IDOR bug in Google slides and rewarded $3,133.70https://medium.com/@atikqur007/how-i-accidentally-found-an-idor-bug-in-google-slides-and-rewarded-3-133-70-96866fac3af1?source=rss------bug_bounty-5Atikqur Rahmanbugbounty-writeup, cybersecurity, bug-bounty, google, pentesting25-Dec-2024
Escalating a duplicate Access Control bug to hijack Google Calendar Accounts for a €300 Bountyhttps://medium.com/@saltify/escalating-a-duplicate-access-control-bug-to-hijack-google-calendar-accounts-for-a-300-bounty-a5358cfc868f?source=rss------bug_bounty-5saltifyinfosec, bug-bounty, ethical-hacking, cybersecurity25-Dec-2024
API Pentesting: Broken Object Property Level Authorizationhttps://devilwrites.medium.com/api-pentesting-broken-object-property-level-authorization-21d65939ad24?source=rss------bug_bounty-5hackerdevilapi-security, api, owasp, penetration-testing, bug-bounty25-Dec-2024
Autentic Platform Launches Bug Bounty Program to Strengthen Securityhttps://autentic.medium.com/autentic-platform-launches-bug-bounty-program-to-strengthen-security-0aaad03b4a6e?source=rss------bug_bounty-5Autentic RWAautentic, bug-bounty25-Dec-2024
10 of the biggest cybersecurity stories of 2024https://mhmmuneef.medium.com/10-of-the-biggest-cybersecurity-stories-of-2024-45037b13530f?source=rss------bug_bounty-5Mohammed Muneefnews, medium, bug-bounty, technology, hacker25-Dec-2024
10 Burp Suite Extensions you must have in your arsenalhttps://bitpanic.medium.com/10-burp-suite-extensions-you-must-have-in-your-arsenal-a3ce81fefb05?source=rss------bug_bounty-5Spectat0rguybug-bounty, technology, infosec, cybersecurity, bug-bounty-tips25-Dec-2024
Cross-Site Scripting (XSS): Techniques, Bypasses, and Detectionhttps://medium.com/@rootast/cross-site-scripting-xss-techniques-bypasses-and-detection-927af5a55d02?source=rss------bug_bounty-5Arash shahbazixss-attack, javascript, hacker, methodology, bug-bounty25-Dec-2024
How Would I Start Cybersecurity If I Knew This? A 1-Year Roadmap for 2025https://medium.com/@afilalbadr2/how-would-i-start-cybersecurity-if-i-knew-this-a-1-year-roadmap-for-2025-c069ba183dc0?source=rss------bug_bounty-5Afilalbadrjob-preparation, active-directory-attack, hacking, bug-bounty, penetration-testing25-Dec-2024
The Ultimate Checklist for Detecting IDOR and Broken Access Control Vulnerabilitieshttps://thexssrat.medium.com/the-ultimate-checklist-for-detecting-idor-and-broken-access-control-vulnerabilities-b1585dd4e999?source=rss------bug_bounty-5Thexssrathacking, bug-bounty, hacker, broken-access-control, bug-bounty-tips25-Dec-2024
How Would I Start Cybersecurity If I Knew This? A 1-Year Roadmap for 2025https://medium.com/@GHOSTWIELD/how-would-i-start-cybersecurity-if-i-knew-this-a-1-year-roadmap-for-2025-c069ba183dc0?source=rss------bug_bounty-5GhostWieldjob-preparation, active-directory-attack, hacking, bug-bounty, penetration-testing25-Dec-2024
Website Enumeration and Information Gathering [Part 2]https://medium.com/@BetterBy0x01/website-enumeration-and-information-gathering-part-2-3588cf9e0529?source=rss------bug_bounty-5Ashutosh Singh Patelsecurity, bug-bounty, hacking, bug-bounty-tips24-Dec-2024
How I Test for Open Redirecthttps://osintteam.blog/how-i-test-for-open-redirect-271cd0d0ae55?source=rss------bug_bounty-5Cybersec with Hemmarsbug-bounty, cybersecurity, technology, open-redirect, bug-bounty-writeup24-Dec-2024
Find Bug in 10 Minutes: Critical SQL File Leak Reveals Sensitive Datahttps://medium.com/@firdansp/find-bug-in-10-minutes-critical-sql-file-leak-reveals-sensitive-data-84e48fece4bb?source=rss------bug_bounty-50verRidabug-bounty-tips, bug-bounty, bugs, cybersecurity, writeup24-Dec-2024
Important Windows Events Every SOC Analyst Should Knowhttps://medium.com/@paritoshblogs/important-windows-events-every-soc-analyst-should-know-ed91bce15ed2?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, chatgpt, cybersecurity, hacking24-Dec-2024
Rickdiculouslyeasy 1 — VulnHub Write-uphttps://medium.com/@aminouji23/rickdiculouslyeasy-1-vulnhub-write-up-eb59e824baa7?source=rss------bug_bounty-5Aminoujivulnhub, bug-bounty, ctf-writeup, penetration-testing, cybersecurity24-Dec-2024
Bug Bounty Journey — Valid Report Part 2https://medium.com/@0xF3r4t/bug-bounty-journey-valid-report-part-2-0f3a075e2a65?source=rss------bug_bounty-50xF3r4twaybackurls, bug-bounty-writeup, bug-bounty24-Dec-2024
Bug Bounty Journey — Valid Report 1https://medium.com/@0xF3r4t/bug-bounty-journey-valid-report-1-ffc38d6799a4?source=rss------bug_bounty-50xF3r4tdirsearch, bug-bounty, vdp24-Dec-2024
Penetration Testing Tools — The Basicshttps://medium.com/@iamshafayat/penetration-testing-tools-the-basics-46367acc653e?source=rss------bug_bounty-5Shafayat Ahmed Alifpentest, cybersecurity, bug-bounty, pentest-tools, penetration-testing24-Dec-2024
500$ Secrets: Uncovering Critical Vulnerabilities with Advanced JavaScript Analysishttps://hackersatty.medium.com/500-secrets-uncovering-critical-vulnerabilities-with-advanced-javascript-analysis-ab9a970dc8e8?source=rss------bug_bounty-5hackersattymedium, bug-bounty, javascript, hackerone, bug-bounty-tips24-Dec-2024
A Seemingly Harmless Bug That Could Cost a Company Millionshttps://bitpanic.medium.com/a-seemingly-harmless-bug-that-could-cost-a-company-millions-aeada3a31bae?source=rss------bug_bounty-5Spectat0rguycybersecurity, technology, programming, bug-bounty, bug-bounty-tips24-Dec-2024
Why 2025 Will Be the Year of Bug Bountyhttps://medium.com/@hackrate/why-2025-will-be-the-year-of-bug-bounty-9811e3987e78?source=rss------bug_bounty-5Levente Molnarpenetration-testing, cybersecurity, ethical-hacking, hacking, bug-bounty24-Dec-2024
RISE OF 0-DAYhttps://medium.com/@zerodaystories/rise-of-0-day-cd35fe1c8e62?source=rss------bug_bounty-50day storiespenetration-testing, hacker, technology, bug-bounty, hacking24-Dec-2024
Seven Critical Vulnerabilities Found in Premium WPLMS WordPress Pluginshttps://medium.com/@wiretor/seven-critical-vulnerabilities-found-in-premium-wplms-wordpress-plugins-c3ce57c55bae?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, xss-attack, bug-bounty, hacking, ai24-Dec-2024
New Glutton Malware Exploits Popular PHP Frameworkshttps://medium.com/@wiretor/new-glutton-malware-exploits-popular-php-frameworks-2a5914f89407?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, ai, malware, hacking, bug-bounty24-Dec-2024
Advent of Cyber 2024 [ Day 24 ] Writeup with Answers | TryHackMe Walkthroughhttps://medium.com/infosecmatrix/advent-of-cyber-2024-day-24-writeup-with-answers-tryhackme-walkthrough-18393b422649?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, tryhackme, hacking, careers24-Dec-2024
From Broken Access Control to First Bountyhttps://infosecwriteups.com/from-broken-access-control-to-first-bounty-01712b1dab53?source=rss------bug_bounty-5callgh0stgaza, bug-bounty, palestine, hacking, access-control24-Dec-2024
Received an Appreciation Letter from NASAhttps://medium.com/@kumawatabhijeet2002/received-an-appreciation-letter-from-nasa-927c3d1ae828?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, nasa, appreciation, xss-attack, infosec24-Dec-2024
A Seemingly Harmless Bug That Could Cost a Company Millionshttps://medium.com/infosecmatrix/a-seemingly-harmless-bug-that-could-cost-a-company-millions-aeada3a31bae?source=rss------bug_bounty-5Spectat0rguycybersecurity, technology, programming, bug-bounty, bug-bounty-tips24-Dec-2024
Breaking Through the Limits: How I Bypassed Rate-Limiting with IP and Username Rotationhttps://medium.com/@abdelrahhmanhisham/breaking-through-the-limits-how-i-bypassed-rate-limiting-with-ip-and-username-rotation-d8de230aec2a?source=rss------bug_bounty-5Abdelrahhmanhishambug-bounty-tips, bug-bounty, rate-limit, exploit, rate-limit-bypass23-Dec-2024
How I Discovered Private Programs and New Programs Set to Launch on HackerOnehttps://medium.com/@hossam_hamada/how-i-discovered-private-programs-and-new-programs-set-to-launch-on-hackerone-a85117a70d7b?source=rss------bug_bounty-5Hossam Hamadahacking, bugbounty-writeup, hackerone, bug-bounty, bugbounty-tips23-Dec-2024
Website Enumeration & Information Gathering [Part 1]https://medium.com/@BetterBy0x01/website-enumeration-information-gathering-part-1-8392422178da?source=rss------bug_bounty-5Ashutosh Singh Patelbug-hunting, enumeration, bug-bounty, information-gathering23-Dec-2024
Website Leak (gov): Sensitive Credentials and API Keys Exposedhttps://medium.com/@firdansp/website-leak-gov-sensitive-credentials-and-api-keys-exposed-44b2ebbebb7b?source=rss------bug_bounty-50verRidabug-bounty, bug-bounty-tips, cybersecurity, bugs, red-team23-Dec-2024
PROTOTYPE POLLUTION VULNERABILITYhttps://medium.com/@0xpedrop/prototype-pollution-vulnerability-f62e1c59a3fd?source=rss------bug_bounty-5Pedro Paulo D.bug-bounty-tips, cybersecurity, bug-bounty23-Dec-2024
Google Dorks to Find Bug Bounty Programshttps://medium.com/infosecmatrix/google-dorks-to-find-bug-bounty-programs-003a80375d13?source=rss------bug_bounty-5Abhijeet kumawathacking, google, dorks, infosec, bug-bounty23-Dec-2024
Shield Your Enterprise: Tackling Cyber Threats Head-Onhttps://medium.com/@paritoshblogs/shield-your-enterprise-tackling-cyber-threats-head-on-fd26be10c366?source=rss------bug_bounty-5Paritoshai, hacking, cybersecurity, information-technology, bug-bounty23-Dec-2024
Bash Scripting: Guide for Security & Bug Bounty Huntershttps://infosecwriteups.com/bash-scripting-guide-for-security-bug-bounty-hunters-cybersecurity-d07794c33412?source=rss------bug_bounty-5Mukilan Baskaransecurity-researchers, bug-bounty, cybersecurity, information-security, penetration-testing23-Dec-2024
POC — CVE-2024–50623- Cleo Unrestricted file upload and downloadhttps://medium.com/@verylazytech/poc-cve-2024-50623-cleo-unrestricted-file-upload-and-download-382afa5a15db?source=rss------bug_bounty-5Very Lazy Techunrestricted-file-upload, vulnerability, exploit, bug-bounty, cve-2024-5062323-Dec-2024
Bug Bounty Pemula Kusus Peretasan Aplikasi Webhttps://medium.com/@mansorihack/bug-bounty-pemula-kusus-peretasan-aplikasi-web-cb7e8ea75f75?source=rss------bug_bounty-5Mansorihackbug-bounty, cybersecurity, readteam23-Dec-2024
How I Found an XSS Bug That Made Websites Scream “Alert!”https://aiwolfie.medium.com/how-i-found-an-xss-bug-that-made-websites-scream-alert-1b6f9eebcf14?source=rss------bug_bounty-5AIwolfiepentesting, xss-attack, ethical-hacking, bug-bounty, hacking23-Dec-2024
Exploiting Password Reset Link After Email Changehttps://medium.com/@0xboody/exploiting-password-reset-link-after-email-change-17fe2babc01e?source=rss------bug_bounty-5Abdelrahman Sayedbug-bounty-writeup, bug-bounty, bug-bounty-tips, penetration-testing23-Dec-2024
Blazing-Fast Recon & Vulnerability Scanning with SubDomainRadar.iohttps://medium.com/@alexandrevandammepro/blazing-fast-recon-vulnerability-scanning-with-subdomainradar-io-701baef23ff2?source=rss------bug_bounty-5Alexandre Vandammebug-bounty, cybersecurity, vulnerability, bug-bounty-tips, bounty-program23-Dec-2024
Stop Data Breaches in Their Tracks with LeakRadar.iohttps://medium.com/@alexandrevandammepro/stop-data-breaches-in-their-tracks-with-leakradar-io-cc3c4b887c14?source=rss------bug_bounty-5Alexandre Vandammebug-bounty, data, bug-bounty-writeup, bug-bounty-tips, cybersecurity23-Dec-2024
Dutch DPA Fines Netflix €4.75 Million for GDPR Violationshttps://medium.com/@wiretor/dutch-dpa-fines-netflix-4-75-million-for-gdpr-violations-d2ad59170118?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, bug-bounty, malware, ai, business23-Dec-2024
North Korean Hackers Steal $1.3 Billion in Crypto in 2024https://medium.com/@wiretor/north-korean-hackers-steal-1-3-billion-in-crypto-in-2024-d53c409930df?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, malware23-Dec-2024
Italy Fines OpenAI €15 Million for ChatGPT GDPR Violationshttps://medium.com/@wiretor/italy-fines-openai-15-million-for-chatgpt-gdpr-violations-42a93c87a4fe?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, ai, business, hacking23-Dec-2024
[$$$ Bug Bounty Write Up] SSRF in OAuth Implementation of a Client Applicationhttps://medium.com/@ahmedfadel6162/bug-bounty-write-up-ssrf-in-oauth-implementation-of-a-client-application-57ba02539e20?source=rss------bug_bounty-5Ahmed Fadelbug-bounty, penetration-testing, cybersecurity, hacking23-Dec-2024
This Is How I Bypassed The Most Critical Security Check!https://medium.com/@mdnafeed3/this-is-how-i-bypassed-the-most-critical-security-check-00e9ba525ebc?source=rss------bug_bounty-5H4cker-Nafeedbug-bounty, bug-bounty-tips, cybersecurity, hacking, technology23-Dec-2024
EWPTX Examination Structure and Contenthttps://medium.com/@vishalsuwalkab/ewptx-examination-structure-and-content-577d81379c39?source=rss------bug_bounty-5Vishalsuwalkabcybersecurity, ewptx, ejpt, ine, bug-bounty23-Dec-2024
How Technology Can Enhance Information Security in Organizationshttps://medium.com/@bi___ya/how-technology-can-enhance-information-security-in-organizations-9b0ce5029472?source=rss------bug_bounty-5biyainformation-security, bug-bounty, company, hacking, business23-Dec-2024
Bug Bounty Isn’t Always Fair: A Researcher’s Perspectivehttps://medium.com/@ph4nt0mbyt3/bug-bounty-isnt-always-fair-a-researcher-s-perspective-be0a62b9f0eb?source=rss------bug_bounty-5ph4nt0mbyt3bug-bounty23-Dec-2024
How to Make Money with WebSocket: 10 Vulnerabilities You Should Be Aware Ofhttps://im4x.medium.com/what-is-wss-fa2476eeddc1?source=rss------bug_bounty-5Ahmed Najehbug-bounty, hacker, hackerone, websocket, wss23-Dec-2024
EWPTX Examination Structure and Content Part(2)https://medium.com/@vishalsuwalkab/ewptx-examination-structure-and-content-577d81379c39?source=rss------bug_bounty-5Vishalsuwalkabcybersecurity, ewptx, ejpt, ine, bug-bounty23-Dec-2024
Very Basic Beginner Bug Bounty Methodology: Practical Tips and Techniques for Web Appshttps://thexssrat.medium.com/very-basic-beginner-bug-bounty-methodology-practical-tips-and-techniques-for-web-apps-3cf9104e7f50?source=rss------bug_bounty-5Thexssrathacks, hacking, bug-bounty-tips, bug-bounty23-Dec-2024
100 CLI Flags and Tricks Every Bug Bounty Hunter Should Knowhttps://thexssrat.medium.com/100-cli-flags-and-tricks-every-bug-bounty-hunter-should-know-959813992077?source=rss------bug_bounty-5Thexssrathacks, hacking, cli, bug-bounty-tips, bug-bounty23-Dec-2024
Reflected XSS bypass WAF & Page notfoundhttps://kresec.medium.com/reflected-xss-bypass-waf-page-notfound-e149db1ee6c4?source=rss------bug_bounty-5KreSecxss-attack, security, bug-bounty22-Dec-2024
Automate MAC Address Change on Arch Linux at Boothttps://theexploitlab.medium.com/automate-mac-address-change-on-arch-linux-at-boot-893f6ccdb1b4?source=rss------bug_bounty-5The Exploit Labbug-bounty, bugs, macchanger, cybersecurity22-Dec-2024
Different terms, same services across providers (AWS, Azure, GCP)https://medium.com/@RaunakGupta1922/different-terms-same-services-across-providers-aws-azure-gcp-2337af0640db?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitgcp, azure, bug-bounty, aws, devops22-Dec-2024
API pentesting: Broken Authenticationhttps://infosecwriteups.com/api-pentesting-broken-authentication-987658c691c0?source=rss------bug_bounty-5hackerdevilpenetration-testing, owasp, bug-bounty, api-security, api22-Dec-2024
Top 7 Cybersecurity Certificates in 2025https://osintteam.blog/top-7-cybersecurity-certificates-in-2025-26228b661f1d?source=rss------bug_bounty-5Tahir Ayoubtechnology, ai, ethical-hacking, bug-bounty, cybersecurity22-Dec-2024
Day 24 of 30 Days — 30 Vulnerabilities | Web Cache Poisoninghttps://it4chis3c.medium.com/day-24-of-30-days-30-vulnerabilities-web-cache-poisoning-790697f073da?source=rss------bug_bounty-5It4chis3c30dayswritingchallenge, bug-bounty-tips, bug-bounty, web-cache-poisoning22-Dec-2024
Unveiling default Security Flaws with the defaulty Nmap Scripthttps://medium.com/@defaulty.io/unveiling-default-security-flaws-with-the-defaulty-nmap-script-800d97654a15?source=rss------bug_bounty-5Defaulty.iohacking, bug-bounty, compliance, pentesting, cybersecurity22-Dec-2024
Bug Bounty Hunting With Burp Suite (Intercept, Repeater & Intruder)https://medium.com/@BetterBy0x01/bug-bounty-hunting-with-burp-suite-intercept-repeater-intruder-cdcb3e3966bf?source=rss------bug_bounty-5Ashutosh Singh Patelbug-hunting, burpsuite, bug-bounty, proxy22-Dec-2024
10 Minutes to Finding Your First Open Redirect Bughttps://medium.com/@k4r7h1kn/10-minutes-to-finding-your-first-open-redirect-bug-68f764d6b5d3?source=rss------bug_bounty-5Karthikeyancybersecurity, bug-bounty-tips, bug-bounty, hacking, open-redirect22-Dec-2024
How to Enable HTTPS Using a Free SSL Certificate from Certbothttps://medium.com/@awsdevops183/how-to-enable-https-using-a-free-ssl-certificate-from-certbot-99b71f808b1e?source=rss------bug_bounty-5Madhukar Reddysecurity, bug-bounty, tls, amazon-web-services, devops22-Dec-2024
open redirect GET — Basedhttps://medium.com/@zpx15266/open-redirect-get-based-bc86e62c3af2?source=rss------bug_bounty-5ramzey elsayed mohamedcve, bug-bounty, bug-bounty-writeup, bugs, penetration-testing22-Dec-2024
SSRF Burpsuite Extensionhttps://hackerassociate.medium.com/ssrf-burpsuite-extension-b494d4e70b28?source=rss------bug_bounty-5Harshad Shahhacking, infosec, bug-bounty, cybersecurity, penetration-testing22-Dec-2024
Chasing P3 Bug: My Hunt for Vulnerabilities in the ‘Wishlists’ Functionality and Its Resultshttps://medium.com/@nebty/chasing-p3-bug-my-hunt-for-vulnerabilities-in-the-wishlists-functionality-and-its-results-86b6e79b9274?source=rss------bug_bounty-5Nebtycybersecurity, bug-bounty-tips, idor, ethical-hacking, bug-bounty22-Dec-2024
So, You want a strong bug bounty methodology?https://medium.com/@shaheen101sec/so-you-want-a-strong-bug-bounty-methodology-57fdef27cad6?source=rss------bug_bounty-5Shaheen101secbug-bounty-writeup, cybersecurity, bug-bounty, pentesting, bug-bounty-tips22-Dec-2024
Exposed‼️ How a Simple Bug Uncovered a Default Credential Data Leak on Indonesia Governmenthttps://medium.com/@firdansp/exposed-how-a-simple-bug-uncovered-a-default-credential-data-leak-on-indonesia-government-ba73f2175e81?source=rss------bug_bounty-50verRidadata-leak, bugs, cybersecurity, bug-bounty, bug-bounty-tips22-Dec-2024
How I Found My First Bug Using Shodanhttps://medium.com/@bughunt.bochi/how-i-found-my-first-bug-using-shodan-3d8826a7655b?source=rss------bug_bounty-5Bochixxbug-bounty, bug-bounty-writeup, pentesting, ethical-hacking22-Dec-2024
SSRF Burpsuite Extensionhttps://medium.com/offensive-black-hat-hacking-security/ssrf-burpsuite-extension-b494d4e70b28?source=rss------bug_bounty-5Harshad Shahhacking, infosec, bug-bounty, cybersecurity, penetration-testing22-Dec-2024
The Top 2 Strategies for Finding Your First XSS Vulnerability — Part 2https://medium.com/@halfcircassian/the-top-2-strategies-for-finding-your-first-xss-vulnerability-part-2-8bae7b49cc6d?source=rss------bug_bounty-5Sıla Özerencybersecurity, web-application-security, bug-bounty, xss-attack, dom-manipulation22-Dec-2024
Payment Bypass Guide for Bug Bounty | 69 case studieshttps://medium.com/@illoyscizceneghposter/payment-bypass-guide-for-bug-bounty-69-case-studies-15379b4f76fa?source=rss------bug_bounty-5Illoy Scizceneghposterbug-bounty, bug-bounty-tips, cybersecurity21-Dec-2024
The Bounty Hunters: Bug Bounty Programshttps://medium.com/@investigator515/the-bounty-hunters-bug-bounty-programs-8dcd24d5bafa?source=rss------bug_bounty-5Investigator515hacking, technology, information-security, bug-bounty, cybersecurity21-Dec-2024
How I Exploited an OTP Bypass Vulnerability on a Cryptocurrency Platformhttps://medium.com/@anonymous512/how-i-exploited-an-otp-bypass-vulnerability-on-a-cryptocurrency-platform-2a817b02b3ea?source=rss------bug_bounty-5Wafa Abbasaccount-hacking, bug-bounty, authentication-bypass, otp-bypass, vulnerability21-Dec-2024
Mastering 403 Forbidden Bypass Techniques ✨https://medium.com/@kumawatabhijeet2002/mastering-403-forbidden-bypass-techniques-4ab1482afe49?source=rss------bug_bounty-5Abhijeet kumawatbounty-program, infosec, 403-forbidden, hacking, bug-bounty21-Dec-2024
Kali Linux 2024.4: 14 New Tools to Supercharge Your Penetration Testing Arsenalhttps://bitpanic.medium.com/kali-linux-2024-4-14-new-tools-to-supercharge-your-penetration-testing-arsenal-543ff8370091?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, technology, cybersecurity, programming, bug-bounty21-Dec-2024
Understanding Tycoon 2FA Phishing: A New Era of Security Threatshttps://medium.com/@paritoshblogs/understanding-tycoon-2fa-phishing-a-new-era-of-security-threats-19fb14dc83a5?source=rss------bug_bounty-5Paritoshcybersecurity, information-technology, hacking, tycoon-phshing, bug-bounty21-Dec-2024
Malicious Rspack & Vant Packages Exploited Using Stolen NPM Tokenshttps://medium.com/@wiretor/malicious-rspack-vant-packages-exploited-using-stolen-npm-tokens-0b69df1512fd?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, ai, business, hacking, bug-bounty21-Dec-2024
FlowerStorm: The New Microsoft Phishing Threat Filling the Void Left by Rockstar2FAhttps://medium.com/@wiretor/flowerstorm-the-new-microsoft-phishing-threat-filling-the-void-left-by-rockstar2fa-578144a14487?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, bug-bounty, microsoft, hacking, malware21-Dec-2024
LockBit Developer Rostislav Panev Charged for Billions in Global Ransomware Damageshttps://medium.com/@wiretor/lockbit-developer-rostislav-panev-charged-for-billions-in-global-ransomware-damages-bee0bfc4c9b9?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, malware, bug-bounty, business, ai21-Dec-2024
Kali Linux 2024.4: 14 New Tools to Supercharge Your Penetration Testing Arsenalhttps://medium.com/infosecmatrix/kali-linux-2024-4-14-new-tools-to-supercharge-your-penetration-testing-arsenal-543ff8370091?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, technology, cybersecurity, programming, bug-bounty21-Dec-2024
Mastering 403 Forbidden Bypass Techniques ✨https://medium.com/infosecmatrix/mastering-403-forbidden-bypass-techniques-4ab1482afe49?source=rss------bug_bounty-5Abhijeet kumawatbounty-program, infosec, 403-forbidden, hacking, bug-bounty21-Dec-2024
Blind XXE with OOB Interaction via XML Parameter Entitieshttps://osintteam.blog/blind-xxe-with-oob-interaction-via-xml-parameter-entities-97244bf2b85e?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafécybersecurity, bug-bounty-tips, information-security, bug-bounty, pentesting20-Dec-2024
CSRF On Delete Profile: High Severity(7.1) HackerOnehttps://medium.com/@josuofficial327/csrf-on-delete-profile-high-severity-7-1-hackerone-33bdb598ef67?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binubug-bounty-writeup, bug-bounty, ethical-hacking, bug-bounty-program, cybersecurity20-Dec-2024
Part-2 | Deep Recon Methodology for Bug Bounty Huntershttps://medium.com/@kumawatabhijeet2002/part-2-deep-recon-methodology-for-bug-bounty-hunters-644077ee41d4?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-writeup, infosec, bugs, bug-bounty, hacking20-Dec-2024
The Most Easiest OTP Bypass Vulnerability I’ve Found: A Critical Flaw in Session Managementhttps://medium.com/@ajay.kumar.695632/the-most-easiest-otp-bypass-vulnerability-ive-found-a-critical-flaw-in-session-management-09b1555dbf9e?source=rss------bug_bounty-5Ajay Kumarbug-hunting, bug-bounty, bug-bounty-tips, bugs, bug-bounty-writeup20-Dec-2024
The Secret World of Hackers: A Beginner’s Guide to Understanding Cyber Attackshttps://medium.com/@paritoshblogs/the-secret-world-of-hackers-a-beginners-guide-to-understanding-cyber-attacks-81377a0b477e?source=rss------bug_bounty-5Paritoshai, information-technology, cybersecurity, bug-bounty, hacking20-Dec-2024
Utilizing machine learning to collect more subdomains using subwizhttps://medium.com/@demonia/utilizing-machine-learning-to-collect-more-subdomains-using-subwiz-2d65cec1ee80?source=rss------bug_bounty-5Mohammed Diefbug-bounty, recon, cybersecurity, reconnaissance, bug-bounty-tips20-Dec-2024
Information Disclosure On Password cancel Endpointhttps://medium.com/@regan_temudo/information-disclosure-on-password-cancel-endpoint-4b6f43cc5fd7?source=rss------bug_bounty-5Regan Temudocybersecurity, information-disclosure, bug-bounty, ethical-hacking, csrf20-Dec-2024
OSI Model Explanationhttps://medium.com/@hossennaim547/osi-model-explanation-09259ce7a5af?source=rss------bug_bounty-5naimHOSSENbug-bounty, hacking, osi-model, cybersecurity20-Dec-2024
Simple ATO in private program.https://medium.com/@oXnoOneXo/simple-ato-in-private-program-890cd1485675?source=rss------bug_bounty-5oXnoOneXobug-bounty-tips, bug-bounty-writeup, bug-bounty20-Dec-2024
From Comments to Command Execution: How an E-Book Platform Gave Me RCEhttps://imooaaz.medium.com/from-comments-to-command-execution-how-an-e-book-platform-gave-me-rce-f27a079ca584?source=rss------bug_bounty-5Moaaz Afifibug-bounty, penetration-testing, cybersecurity, rce-vulnerability, xss-attack20-Dec-2024
Unlocking Web Security: A Deep Dive into the OWASP Top 10https://medium.com/@rootast/unlocking-web-security-a-deep-dive-into-the-owasp-top-10-d669199277bd?source=rss------bug_bounty-5Arash shahbazicybersecurity, students, owasp-top-10, bug-bounty, university20-Dec-2024
Discover All Paths in Next.js Websiteshttps://rhashibur75.medium.com/discover-all-paths-in-next-js-websites-43e319b24be9?source=rss------bug_bounty-5Kazi Hashibur Rahmanbug-bounty, bug-bounty-tips, bug-bounty-writeup, nextjs, penetration-testing20-Dec-2024
Ascension Data Breach: 5.6M Health Records Stolen by Black Basta Ransomwarehttps://medium.com/@wiretor/ascension-data-breach-5-6m-health-records-stolen-by-black-basta-ransomware-a8d2f7ba6856?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, business, malware, ai20-Dec-2024
Android Malware on Amazon Appstore Disguised as Health Apphttps://medium.com/@wiretor/android-malware-on-amazon-appstore-disguised-as-health-app-3cda80dfc856?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, ai, hacking, malware20-Dec-2024
SQL Injection via ORDER BY Parameterhttps://medium.com/@mfthylmaz/sql-injection-via-order-by-parameter-a7cb7d04017f?source=rss------bug_bounty-5mfthylmazsql-injection, bug-bounty, web-security, hacking20-Dec-2024
Essential Stuff For Your First Hacking Trip. Hacking Gadgets #2 “Assortment For The Little Hacker”https://medium.com/h7w/essential-stuff-for-your-first-hacking-trip-hacking-gadgets-2-assortment-for-the-little-hacker-e886dba68a11?source=rss------bug_bounty-5NnFacehacking, trip, technology, bug-bounty, cybersecurity19-Dec-2024
No Rate Limit Vulnerability on a US Government Websitehttps://medium.com/@kumawatabhijeet2002/no-rate-limit-vulnerability-on-a-us-government-website-ae47402b663d?source=rss------bug_bounty-5Abhijeet kumawatinfosec, bug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty19-Dec-2024
How I Got $1000 AWS Credits and Maximized Its Potentialhttps://medium.com/@awsdevops183/how-i-got-1000-aws-credits-and-maximized-its-potential-e08650930171?source=rss------bug_bounty-5Madhukar Reddyaws, devops, python, cybersecurity, bug-bounty19-Dec-2024
The Day I Found a Cross-Site Scripting (XSS) Vulnerability in a Bug Bounty Programhttps://medium.com/@awsdevops183/the-day-i-found-a-cross-site-scripting-xss-vulnerability-in-a-bug-bounty-program-4edec6f09bed?source=rss------bug_bounty-5Madhukar Reddycybersecurity, bug-bounty, devsecops, cross-site-scripting19-Dec-2024
First Google Chrome v8 JIT bug bounty before Christmas .https://vxrl.medium.com/first-google-chrome-v8-jit-bug-bounty-before-christmas-1338fb2c8255?source=rss------bug_bounty-5VXRLgoogle, v8, chromium, psvr, bug-bounty19-Dec-2024
Exploiting a Rate Limiting Bug in the Chat Section of a Health Application (got me $200)https://medium.com/@awsdevops183/exploiting-a-rate-limiting-bug-in-the-chat-section-of-a-health-application-got-me-200-a06ca465707f?source=rss------bug_bounty-5Madhukar Reddydevsecops, cybersecurity, information-technology, bug-bounty, burpsuite19-Dec-2024
POC — CVE-2024–9935 — PDF Generator Addon for Elementor Page Builder <= 1.7.5https://medium.com/@verylazytech/poc-cve-2024-9935-pdf-generator-addon-for-elementor-page-builder-1-7-5-2c3436b95fb1?source=rss------bug_bounty-5Very Lazy Techbug-bounty, arbitrary-file-download, cybersecurity, lfi, cve-2024-993519-Dec-2024
The Day I Found a Cross-Site Scripting (XSS) Vulnerability in a Bug Bounty Program ( $411)https://medium.com/@awsdevops183/the-day-i-found-a-cross-site-scripting-xss-vulnerability-in-a-bug-bounty-program-4edec6f09bed?source=rss------bug_bounty-5Madhukar Reddycybersecurity, bug-bounty, devsecops, cross-site-scripting19-Dec-2024
How I Bypassed View-Only Mode with a Simple Trick ( duplicate bug ‍ )https://medium.com/@mahdisalhi0500/how-i-bypassed-view-only-mode-with-a-simple-trick-duplicate-bug-92e1ec91a8d7?source=rss------bug_bounty-5CaptinSHArky(Mahdi)security, information-security, bug-bounty, penetration-testing, infosec19-Dec-2024
How i Found X-Forwarded Header Injection — Server Be Like, ‘Ab Toh Trust Issues Ho Rahe Hain!’https://aiwolfie.medium.com/how-i-found-x-forwarded-header-injection-server-be-like-ab-toh-trust-issues-ho-rahe-hain-220e100332a3?source=rss------bug_bounty-5AIwolfiecybersecurity, bug-bounty, servers, ethical-hacking, host-header-injection19-Dec-2024
Subdomain Takeover guides, methodology and exploit POCshttps://aditya-narayan.medium.com/subdomain-takeover-guides-methodology-and-exploit-pocs-9f5dd632c175?source=rss------bug_bounty-5Aditya Narayanbug-bounty-writeup, subdomain-takeover, bug-bounty-tips, reconnaissance, bug-bounty19-Dec-2024
Installing Xposed Framework for Enhanced Penetration Testing (SSLunpinning)https://medium.com/@sumith.ec12/installing-xposed-framework-for-enhanced-penetration-testing-sslunpinning-d50fbb2354c6?source=rss------bug_bounty-5sumith p vbug-bounty, vapt, pentesting, security-testing, ssl-pinning-bypass19-Dec-2024
HTML Injection to Mass Phishinghttps://infosecwriteups.com/html-injection-to-mass-phishing-5701d495cdc2?source=rss------bug_bounty-5Bharat Singhphishing, bug-bounty, cybersecurity, penetration-testing, bug-bounty-writeup19-Dec-2024
Zero-Click Account Takeover Through Response Manipulationhttps://medium.com/@abdullayman04/zero-click-account-takeover-through-response-manipulation-ee786a7a06dd?source=rss------bug_bounty-5Abdullah Aymancybersecurity, bug-bounty, account-takeover, penetration-testing19-Dec-2024
How I Found an Authentication Bypass Vulnerability in the Password Change Processhttps://medium.com/@ajay.kumar.695632/how-i-found-an-authentication-bypass-vulnerability-in-the-password-change-process-160359fae1bc?source=rss------bug_bounty-5Ajay Kumarbugs, bug-bounty-writeup, bug-bounty-tips, bug-bounty, bug-hunting19-Dec-2024
HACKING NASA TO GET APPRECIATION LETTERhttps://medium.com/@click2jit/hacking-nasa-to-get-appreciation-letter-a6ff93a3bcbc?source=rss------bug_bounty-5Prasenjit Malakarcybersecurity, bug-bounty, ethical-hacking, programming, xss-attack19-Dec-2024
Interpol Replaces “Pig Butchering” with “Romance Baiting” to Protect Victimshttps://medium.com/@wiretor/interpol-replaces-pig-butchering-with-romance-baiting-to-protect-victims-4c702d62adaa?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, ai, bug-bounty, malware, hacker19-Dec-2024
Beginners Guide for Exploiting Race Conditionshttps://bitpanic.medium.com/beginners-guide-for-exploiting-race-conditions-ab73c843b44a?source=rss------bug_bounty-5Spectat0rguybug-bounty, programming, cybersecurity, bug-bounty-tips, technology19-Dec-2024
“Do Your Best, and Let Allah Do the Rest” led me to a Privilege Escalation Bughttps://medium.com/@mrasg/do-your-best-and-let-allah-do-the-rest-leads-me-to-privilege-escalation-bug-60a3c028c802?source=rss------bug_bounty-5Ahmed Samir Ghallabpentesting, penetration-testing, bug-bounty, bug-bounty-tips, bug-bounty-writeup19-Dec-2024
Successfully Gained Full Admin Access and Changed the Password Through Token Manipulation ⚔️https://medium.com/@momenrezkk90/successfully-gained-full-admin-access-and-changed-the-password-through-token-manipulation-%EF%B8%8F-fe91fc0d9a0f?source=rss------bug_bounty-5Momenrezkpenetration-testing, bug-bounty, cybersecurity18-Dec-2024
Easiest P1 $$$$$!https://medium.com/@mrsingh10978/easiest-p1-702990960a50?source=rss------bug_bounty-5Anonymous Traigerbug-bounty-program, bug-bounty-hunter, bug-bounty, bug-bounty-writeup, bug-bounty-tips18-Dec-2024
Mobile Application Bounty Practice: SQL Injection Principles, Vulnerability Discovery and…https://medium.com/@security.tecno/mobile-application-bounty-practice-sql-injection-principles-vulnerability-discovery-and-3921ad2e6998?source=rss------bug_bounty-5TECNO Securityhacking, security, sql, bug-bounty18-Dec-2024
FROM STRUGGLES TO SUCCESS: MY JOURNEY TO THE NASA HALL OF FAMEhttps://rootxabit.medium.com/from-struggles-to-success-my-journey-to-the-nasa-hall-of-fame-38700dd6303a?source=rss------bug_bounty-5sudo-xabitinfo-sec-writeups, bugcrowd, bug-bounty, hacked, nasa18-Dec-2024
Admin Panel Access via Default Credentialshttps://infosecwriteups.com/admin-panel-access-via-default-credentials-215b92b030bb?source=rss------bug_bounty-5cryptoshantbug-bounty-tips, pentesting, bug-bounty, hall-of-fame, hacking18-Dec-2024
Rate Limit Bypass Using Response Manipulation.https://aman0.medium.com/rate-limit-bypass-using-response-manipulation-dcce19aff7ef?source=rss------bug_bounty-5Aman Hweb3, bug-bounty, infosec, bug-bounty-tips, penetration-testing18-Dec-2024
$150 Easy HTML Injection Vulnerabilityhttps://medium.com/@kumawatabhijeet2002/150-easy-html-injection-vulnerability-5c176b5d07fa?source=rss------bug_bounty-5Abhijeet kumawathacking, bounty-program, infosec, bug-bounty, bug-bounty-tips18-Dec-2024
What is Passive Reconnaissance? ️‍♂️https://theexploitlab.medium.com/what-is-passive-reconnaissance-%EF%B8%8F-%EF%B8%8F-4de8a9ce5003?source=rss------bug_bounty-5The Exploit Labhacking, bugs, bug-bounty, bug-bounty-tips18-Dec-2024
How to Use Enum4linux for SMB Enumeration in Kali Linuxhttps://theexploitlab.medium.com/how-to-use-enum4linux-for-smb-enumeration-in-kali-linux-d96e27f9391d?source=rss------bug_bounty-5The Exploit Labbug-bounty, smb, bug-bounty-tips, bugs18-Dec-2024
How to Use Corsy for CORS Misconfiguration Scanninghttps://theexploitlab.medium.com/how-to-use-corsy-for-cors-misconfiguration-scanning-7ba7b22ee9d5?source=rss------bug_bounty-5The Exploit Labcors, hacking, bug-bounty, bug-bounty-tips18-Dec-2024
Useful Wordlists for Bug Bounty Huntershttps://medium.com/@iamshafayat/useful-wordlists-for-bug-bounty-hunters-09f9b3cd2344?source=rss------bug_bounty-5Shafayat Ahmed Alifbug-bounty, cybersecurity, penetration-testing, bug-bounty-tips, bug-bounty-writeup18-Dec-2024
Step-by-Step Guide to Building Secure Web Applications with OWASP Top 10https://medium.com/@dhatchu9715/step-by-step-guide-to-building-secure-web-applications-with-owasp-top-10-7c603dda58f3?source=rss------bug_bounty-5Dhatchuowasp, bug-bounty, hacking, networking, cybersecurity18-Dec-2024
Bug Bounty Findings: 10 Major Vulnerabilities Exposed in Cloverleaf’s Application - BAC in GraphQL…https://medium.com/@maakthon/bug-bounty-findings-10-major-vulnerabilities-exposed-in-cloverleafs-application-bac-in-graphql-0ae1ee0eb4d5?source=rss------bug_bounty-5Mahmoud Abd Alkarimcybersecurity, bug-bounty, broken-access-control, bug-bounty-writeup, security-research18-Dec-2024
The Dark Side of Shodanhttps://yasinspace.medium.com/the-dark-side-of-shodan-2d9b422e28a8?source=rss------bug_bounty-5Yasinred-team, hacking, bug-bounty, shodan, bug-bounty-tips18-Dec-2024
This 200$ Gadget Can Hack Anythinghttps://osintteam.blog/this-200-gadget-can-hack-anything-c482888871e3?source=rss------bug_bounty-5Tahir Ayoubbug-bounty, cybersecurity, technology, cybercrime, hacking18-Dec-2024
Best python scripts for cybersecurity analysthttps://medium.com/@paritoshblogs/best-python-scripts-for-cybersecurity-analyst-d5ebc91b4cdb?source=rss------bug_bounty-5Paritoshinformation-technology, cybersecurity, hacking, bug-bounty, python18-Dec-2024
Turning a Known Issue into €100 Bounty: My Bug Bounty Breakthrough✨https://medium.com/@anmolv77654/turning-a-known-issue-into-a-100-bounty-my-bug-bounty-breakthrough-3bd89c281ea9?source=rss------bug_bounty-5AnmolSecSavvyweb-security, cybersecurity, bug-bounty, ethical-hacking, bug-bounty-tips18-Dec-2024
$750 Domain Hijacking Vulnerabilityhttps://1-day.medium.com/750-domain-hijacking-vulnerability-f6e4b4445711?source=rss------bug_bounty-51daybug-bounty, information-security, penetration-testing, ethical-hacking, bug-bounty-tips18-Dec-2024
Meta Hit with $264M Fine! Irish DPC Takes a Stand on Facebook Data Breachhttps://medium.com/@wiretor/meta-hit-with-264m-fine-irish-dpc-takes-a-stand-on-facebook-data-breach-60cb69abe3df?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, bug-bounty, ai, business, malware18-Dec-2024
Beware of New Ledger Phishing Attack: Protect Your Crypto Wallet!https://medium.com/@wiretor/beware-of-new-ledger-phishing-attack-protect-your-crypto-wallet-a048705d2b58?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, ai, hacking, business18-Dec-2024
CVE-2024–54385 | WordPress Pluginhttps://medium.com/@malvinval/cve-2024-54385-wordpress-plugin-7ff0f8e5ad1d?source=rss------bug_bounty-5Malvin Valeriancve, hacking, cybersecurity, bug-bounty, wordpress17-Dec-2024
200$ DLL Hijacking Attackhttps://cybersecuritywriteups.com/200-dll-hijacking-attack-fdb4fd46fea9?source=rss------bug_bounty-5AbhirupKonwarcybersecurity, penetration-testing, bug-bounty, bug-bounty-writeup, bug-bounty-tips17-Dec-2024
OSINT AND DORKING TOOLShttps://medium.com/@reazatih/osint-and-dorking-tools-67dc970d049d?source=rss------bug_bounty-5Re@Zaosint, hacking, dorks, bug-bounty17-Dec-2024
Utilizing MITRE ATT&CK Framework: Examples and Practical Applicationshttps://medium.com/@paritoshblogs/utilizing-mitre-att-ck-framework-examples-and-practical-applications-0c4ea468ad53?source=rss------bug_bounty-5Paritoshmitre-attck, hacking, threat-intelligence, bug-bounty, cybersecurity17-Dec-2024
Open Redirect to XSS: Chaining Vulnerabilities for Maximum Impacthttps://medium.com/@iPsalmy/open-redirect-to-xss-chaining-vulnerabilities-for-maximum-impact-36ae8dd9f198?source=rss------bug_bounty-5iPsalmyweb-application-security, bug-bounty, xss-attack17-Dec-2024
API Keys Attack: How to Find and Exploit Secrets in Web Applicationshttps://medium.com/@bootstrapsecurity/api-keys-attack-how-to-find-and-exploit-secrets-in-web-applications-1896d75d716b?source=rss------bug_bounty-5BootstrapSecurityethical-hacking, bug-bounty, api, hacking, hacking-team17-Dec-2024
Top 9 Books to Master Bug Hunting and Penetration Testinghttps://osintteam.blog/top-9-books-to-master-bug-hunting-and-penetration-testing-c40039b330bb?source=rss------bug_bounty-5Bicitro Biswashacking, cybersecurity, bug-bounty, books, penetration-testing17-Dec-2024
Exposing Facebook’s Hidden Goldmine: Creators’ Private Data at Riskhttps://gtm0x01.medium.com/exposing-facebooks-hidden-goldmine-creators-private-data-at-risk-01317f3f0031?source=rss------bug_bounty-5Gtm Mänôzgraphql, hacking, facebook, infosec, bug-bounty17-Dec-2024
SubScanX: A Powerful Recon Tool for Bug Bounty and Pentestinghttps://medium.com/@rootspaghetti/subscanx-a-powerful-recon-tool-for-bug-bounty-and-pentesting-ed229128a661?source=rss------bug_bounty-5Root@Spaghettibug-bounty-tips, bug-bounty17-Dec-2024
Documenting Bug Bounty Journey and Current Approachhttps://aditya-narayan.medium.com/documenting-bug-bounty-journey-and-current-approach-334db57e857e?source=rss------bug_bounty-5Aditya Narayanbug-bounty-tips, writeup, hacker, bug-bounty, cybersecurity17-Dec-2024
How I got Appreciation Letters for finding bugs.https://infosecwriteups.com/how-i-got-appreciation-letters-for-finding-bugs-e935f42e2f71?source=rss------bug_bounty-5Rivek Raj Tamang ( RivuDon )hacking, cybersecurity, ethical-hacking, bug-bounty, bug-bounty-tips17-Dec-2024
How I Broke the Speed Limit: A Bug Bounty Tale of Bypassing Rate Limitinghttps://infosecwriteups.com/how-i-broke-the-speed-limit-a-bug-bounty-tale-of-bypassing-rate-limiting-29a1ec4e8681?source=rss------bug_bounty-5Akash Ghoshbug-bounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips, technology17-Dec-2024
6 AI Tools Used by Hackers 2025https://ai.plainenglish.io/6-ai-tools-used-by-hackers-2025-dfdda79cf51f?source=rss------bug_bounty-5Tahir Ayoubchatgpt, hacking, ai, cybersecurity, bug-bounty17-Dec-2024
403 Bypass changing http method onlyhttps://rahman0x01.medium.com/403-bypass-changing-http-method-only-f0a32b43a3c8?source=rss------bug_bounty-5rahman0x01hunting, ethical-hacking, bug-bounty17-Dec-2024
Cybersecurity Alert: Texas Tech University System Data Breach Impacts 1.4 Million Patients!https://medium.com/@wiretor/cybersecurity-alert-texas-tech-university-system-data-breach-impacts-1-4-million-patients-caceb8096be9?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, ai, hacking, business17-Dec-2024
FBI ALERT: HiatusRAT Malware Attacks Targeting Web Cameras & DVRs!https://medium.com/@wiretor/fbi-alert-hiatusrat-malware-attacks-targeting-web-cameras-dvrs-37f2eeb2bd01?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, business, hacking, fbi, malware17-Dec-2024
Easy 100$ in public Hackerone program under 3 minuteshttps://medium.com/@loayahmed686/easy-100-in-public-hackerone-program-under-3-minutes-69b20e185d3b?source=rss------bug_bounty-5r00tbug-bounty17-Dec-2024
Uncovering Vulnerabilities Through Swagger UI Directory Enumerationhttps://hackersatty.medium.com/uncovering-vulnerabilities-through-swagger-ui-directory-enumeration-49e6b43558cd?source=rss------bug_bounty-5hackersattycybersecurity, javascript, vulnerability, bug-bounty, swagger17-Dec-2024
Top 5 Ways to Hack APIs and find good bugshttps://medium.com/@sreedeep200/top-5-ways-to-hack-apis-and-find-good-bugs-dfd4a7bbb623?source=rss------bug_bounty-5Sreedeep cvcybersecurity, hacking, api, security, bug-bounty17-Dec-2024
Exploiting Access Control Misconfiguration: Privilege Escalation via Improper PATCH Method…https://medium.com/@momenrezkk90/exploiting-access-control-misconfiguration-privilege-escalation-via-improper-patch-method-b653bb92ada6?source=rss------bug_bounty-5Momenrezkbug-bounty, privilege-escalation, cybersecurity, penetration-testing17-Dec-2024
HTB University CTF 2024 Web challenges writeup: Armaxis[very easy]https://medium.com/@0xNayelx/htb-university-ctf-2024-web-challenges-writeup-armaxis-very-easy-404ac9f101b8?source=rss------bug_bounty-50xNayelsecurity, web-security, htb, ctf, bug-bounty16-Dec-2024
HTB University CTF 2024 Web challenges writeup: Breaking Bank[easy]https://medium.com/@0xNayelx/htb-university-ctf-2024-web-challenges-writeup-breaking-bank-easy-1c3064092abc?source=rss------bug_bounty-50xNayelwriteup, htb, bug-bounty, ctf, security16-Dec-2024
Advanced Google Dorking | Part14https://systemweakness.com/advanced-google-dorking-part14-79b21e11ae25?source=rss------bug_bounty-5AbhirupKonwarpenetration-testing, cybersecurity, ethical-hacking, bug-bounty, bug-bounty-tips16-Dec-2024
How I Got 200 euro bounty?https://doordiefordream.medium.com/how-i-got-200-euro-bounty-03bcce712a51?source=rss------bug_bounty-5Bug hunter baluhacking, vulnerability, ethical-hacking, bug-bounty, cybersecurity16-Dec-2024
Master the Art of Cyber Defense: Top Open-Source Tools for Threat Intelligence!https://medium.com/@paritoshblogs/master-the-art-of-cyber-defense-top-open-source-tools-for-threat-intelligence-7c575e69b853?source=rss------bug_bounty-5Paritoshcybersecurity, hacking, bug-bounty, information-technology, threat-intelligence16-Dec-2024
How I Discovered SSTI Vulnerability in Just 5 Minutes | $300 Bountyhttps://medium.com/@kumawatabhijeet2002/how-i-discovered-ssti-vulnerability-in-just-5-minutes-f7ac31f3f6b0?source=rss------bug_bounty-5Abhijeet kumawatinfose, hacking, bug-bounty-tips, bug-bounty, penetration-testing16-Dec-2024
Unmasking a Privacy Oversight: A Deep Dive into Persistent User Datahttps://medium.com/@najeebkm010/unmasking-a-privacy-oversight-a-deep-dive-into-persistent-user-data-5ee433397021?source=rss------bug_bounty-5Najeebkmbug-bounty, information-disclosure, cyber, security16-Dec-2024
RCE in 2 Universitieshttps://osintteam.blog/rce-in-2-universities-d2f13a2a2afb?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, cybersecurity, cyberattack, penetration-testing, bug-bounty-tips16-Dec-2024
Ethical Dilemmas in Using AI for Security Testing and Bug Bountieshttps://pointlessai.medium.com/ethical-dilemmas-in-using-ai-for-security-testing-and-bug-bounties-ad6d75e6fab7?source=rss------bug_bounty-5PointlessAI Mediumchatgpt, bug-bounty, bugbounty-writeup, ai16-Dec-2024
My Bug Hunting Methodology: Reconhttps://gentilsecurity.medium.com/my-bug-hunting-methodology-recon-cbc6821708d8?source=rss------bug_bounty-5GenTiLreconnaissance, cybersecurity, hacking, bug-hunting, bug-bounty16-Dec-2024
How to Hack JSON Web Tokens (JWT): Weak Implementations for Critical Vulnerabilitieshttps://medium.com/@bootstrapsecurity/how-to-hack-json-web-tokens-jwt-weak-implementations-for-critical-vulnerabilities-75462988cb11?source=rss------bug_bounty-5BootstrapSecurityethical-hacking, cybersecurity, jwt-token, bug-bounty, bug-bounty-tips16-Dec-2024
A Beginner's guide for Starting Web3 Bug Bountyhttps://bitpanic.medium.com/how-to-start-web3-bug-bounty-30f7f968ae11?source=rss------bug_bounty-5Spectat0rguybug-bounty, cybersecurity, web3, bug-bounty-tips, technology16-Dec-2024
My Bug Hunting Methodology: Recon | by ahmedhamdy0xhttps://gentilsecurity.medium.com/my-bug-hunting-methodology-recon-cbc6821708d8?source=rss------bug_bounty-5GenTiLreconnaissance, cybersecurity, hacking, bug-hunting, bug-bounty16-Dec-2024
2FA Testing Tips for Bug Bounty Huntershttps://bevijaygupta.medium.com/2fa-testing-tips-for-bug-bounty-hunters-d6d77322e1b4?source=rss------bug_bounty-5Vijay Guptabug-bounty, bug-bounty-tips, 2fa-authentication, bugs, 2fa16-Dec-2024
How I Discovered a High-Severity Vulnerability on Discord (and got rewarded)https://mirzebaba.medium.com/how-i-discovered-a-high-severity-vulnerability-on-discord-and-got-rewarded-bb327902fbb9?source=rss------bug_bounty-5Mirzəbabavulnerabilit, discord, ethical-hacking, cybersecurity, bug-bounty16-Dec-2024
Clop Ransomware Gang Behind Major Cleo Data Breachhttps://medium.com/@wiretor/clop-ransomware-gang-behind-major-cleo-data-breach-421b729bafde?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, ai, hacking, business16-Dec-2024
ConnectOnCall Breach Exposes 900K+ Records! Don’t Be Next — Get Wire Tor Protection Todayhttps://medium.com/@wiretor/connectoncall-breach-exposes-900k-records-dont-be-next-get-wire-tor-protection-today-d4dd7de3570d?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, bug-bounty, malware, ai, business16-Dec-2024
Winnti Hackers Strike Again: New ‘Glutton’ Backdoor Exposed!https://medium.com/@wiretor/winnti-hackers-strike-again-new-glutton-backdoor-exposed-5cd7bbb0faf0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, business, hacking, malware, ai16-Dec-2024
[Hacking Scope] Exposure for tons of secret documentshttps://medium.com/@nagashygaballah/hacking-scope-exposure-for-tons-of-secret-documents-5ba5c3906600?source=rss------bug_bounty-5111xNagashybug-bounty, penetration-testing, hacking16-Dec-2024
Traditional Penetration Testing vs. Bug Bounty Programshttps://medium.com/@hackrate/traditional-penetration-testing-vs-bug-bounty-programs-bb792a4d0d3f?source=rss------bug_bounty-5Levente Molnarethical-hacking, penetration-testing, bug-bounty, hacking, cybersecurity16-Dec-2024
From Minor Glitches to Major Wins: How I Chained CSRF and IDOR for a Critical Exploithttps://osintteam.blog/from-minor-glitches-to-major-wins-how-i-chained-csrf-and-idor-for-a-critical-exploit-0b110170cd9c?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, programming, cybersecurity, technology, bug-bounty16-Dec-2024
Searching web security lessons?https://medium.com/@l1ttlewing/searching-web-security-lessons-8a4dbefd0d04?source=rss------bug_bounty-5littlewinginfosec, cybersecurity, bug-bounty, information-security, web-security16-Dec-2024
Wordlists Every Pentester Must Have !!https://theartificialthinker.medium.com/wordlists-every-pentester-must-have-7ad4c1e46ce5?source=rss------bug_bounty-5Abhishek pawarethical-hacking, hacker, tech, pentest, bug-bounty16-Dec-2024
JWT Auth Gone Wild: The Unexpected Twist!https://medium.com/@ProwlSec/jwt-auth-gone-wild-the-unexpected-twist-a0b2ed943225?source=rss------bug_bounty-5ProwlSecjwt, bugs, bug-bounty, hacking, pentesting15-Dec-2024
What are Low Hanging Bugs? | Easy way to find them️‍♂️https://medium.com/@kumawatabhijeet2002/what-are-low-hanging-bugs-easy-way-to-find-them-%EF%B8%8F-%EF%B8%8F-399b37b354b7?source=rss------bug_bounty-5Abhijeet kumawathacking, bug-bounty-tips, infose, bugs, bug-bounty15-Dec-2024
MSSQL (Microsoft SQL Server) — Port 1433https://medium.com/@verylazytech/mssql-microsoft-sql-server-port-1433-bc26d0bbdca9?source=rss------bug_bounty-5Very Lazy Techpenetration-testing, mssql, oscp, bug-bounty, cybersecurity15-Dec-2024
Automotive Penetration Testing Checklisthttps://infosecwriteups.com/automotive-penetration-testing-checklist-8bbe83091c47?source=rss------bug_bounty-5Ajay Naikpenetration-testing, cybersecurity, information-technology, information-security, bug-bounty15-Dec-2024
SQL Injection Vulnerability on a Security Awareness website: From Database Dump to cPanel Accesshttps://medium.com/@anonymousshetty2003/sql-injection-vulnerability-on-a-security-awareness-website-from-database-dump-to-cpanel-access-4bb3645eef07?source=rss------bug_bounty-5Anonymousshettybug-bounty, sql-injection, cybersecurity, ethical-hacking15-Dec-2024
How i found a Email Spoofing vulnerability to perform Phishing Attackshttps://medium.com/@anonymousshetty2003/how-i-found-a-email-spoofing-vulnerability-to-perform-phishing-attacks-00ec2cc934bb?source=rss------bug_bounty-5Anonymousshettyemail-spoofing, cybersecurity, bug-bounty, ethical-hacking15-Dec-2024
ShadowJS: JavaScript File Discovery Toolhttps://medium.com/@rootspaghetti/shadowjs-javascript-file-discovery-tool-1ede2f3172b6?source=rss------bug_bounty-5Root@Spaghettibug-bounty-tips, bug-bounty15-Dec-2024
Ultimate Django Vulnerability Checklisthttps://bitpanic.medium.com/ultimate-django-vulnerability-checklist-ceb7f428c45f?source=rss------bug_bounty-5Spectat0rguytechnology, cybersecurity, python, bug-bounty, bug-bounty-tips15-Dec-2024
LKQ Hacked: Cyberattack Disrupts Canadian Unit Operations and Exposes Company Datahttps://medium.com/@wiretor/lkq-hacked-cyberattack-disrupts-canadian-unit-operations-and-exposes-company-data-7db6b9763011?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, xs, bug-bounty, lkq, hacking15-Dec-2024
Russia Blocks Viber: Latest Move to Censor Communicationshttps://medium.com/@wiretor/russia-blocks-viber-latest-move-to-censor-communications-9dce4d823d67?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesrussia, malware, viber, hacking, bug-bounty15-Dec-2024
JavaScript BugBounty Methodhttps://medium.com/@cc1a2bb/javascript-bugbounty-method-5b789bfa7f44?source=rss------bug_bounty-5cc1a2bhacking, cybersecurity, javascript, bug-bounty, bug-bounty-tips15-Dec-2024
Cybersecurity Roadmap 2025https://hackerassociate.medium.com/cybersecurity-roadmap-2025-f7ad9d4ac49c?source=rss------bug_bounty-5Harshad Shahcybersecurity, infosec, bug-bounty, penetration-testing, hacking14-Dec-2024
Simplifying Reconnaissance: Building a Custom Bug Hunting Discord Bothttps://medium.com/@najeebkm010/simplifying-reconnaissance-building-a-custom-bug-hunting-discord-bot-6792ab4249bf?source=rss------bug_bounty-5Najeebkmbug-bounty-tool, bug-bounty, cybersecurity14-Dec-2024
How I Discovered a $7,000 Critical Vulnerability: IDOR to BAC to Account Takeoverhttps://medium.com/@najeebkm010/how-i-discovered-a-7-000-critical-vulnerability-idor-to-bac-to-account-takeover-0c195eae2ed2?source=rss------bug_bounty-5Najeebkmbug-bounty-writeup, bug-bounty14-Dec-2024
10 day with Me | OWASP Top 10 | Day -1: Broken Access Controlhttps://infyra.medium.com/10-day-with-me-owasp-top-10-day-1-broken-access-control-e75572ce157e?source=rss------bug_bounty-5Md. EMTIAZ AHMEDbroken-access-control, owasp, owasp-top-10, bug-bounty, cybersecurity14-Dec-2024
Exploiting API Rate Limiting: Bypassing Restrictionshttps://medium.com/@bootstrapsecurity/exploiting-api-rate-limiting-bypassing-restrictions-c89a1bd61aee?source=rss------bug_bounty-5BootstrapSecurityapi-security, development, rate-limiting, hacking, bug-bounty14-Dec-2024
How I Found a Broken Link Hijacking Vulnerability in 2 Minutes | $250 Bountyhttps://medium.com/@kumawatabhijeet2002/how-i-found-a-broken-link-hijacking-vulnerability-in-2-minutes-250-bounty-0d991eb9c61b?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, bugs, infosec, broken-link-hijacking, hacking14-Dec-2024
My First Critical Bug: Exposing 3.5 Lakh+ PII! ️https://infosecwriteups.com/my-first-critical-bug-exposing-3-5-lakh-pii-%EF%B8%8F-fbad616ddbea?source=rss------bug_bounty-5cryptoshanthacking, bug-bounty-tips, penetration-testing, cybersecurity, bug-bounty14-Dec-2024
Git Information Leak: How to Exploit an Exposed .git Repository on a Web Serverhttps://medium.com/@burhankhansodhar/git-information-leak-how-to-exploit-an-exposed-git-repository-on-a-web-server-ac190ae18928?source=rss------bug_bounty-5Itz Burhan Khanpenetration-testing, web-server, directory-listing, bug-bounty, git14-Dec-2024
Are you looking for an Intigriti alternative?https://medium.com/@hackrate/are-you-looking-for-an-intigriti-alternative-4128a25888ed?source=rss------bug_bounty-5Levente Molnarcybersecurity, bug-bounty, hacking, ethical-hacking, penetration-testing14-Dec-2024
Dubai Police Identity Used in Sophisticated UAE Mobile Scamshttps://medium.com/@wiretor/dubai-police-identity-used-in-sophisticated-uae-mobile-scams-36b9d149db17?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, malware, hacking, ai, bug-bounty14-Dec-2024
Using Platform Profiles to send Fake in Information: A Security Risk Good logic bughttps://medium.com/@mahdisalhi0500/using-platform-profiles-to-send-fake-in-information-a-security-risk-good-logic-bug-0510d73802b8?source=rss------bug_bounty-5CaptinSHArky(Mahdi)penetration-testing, cybersecurity, bug-bounty-tips, bug-bounty, security14-Dec-2024
P4 bug’s and their POC steps | Part 9https://osintteam.blog/p4-bugs-and-their-poc-steps-part-9-c1f873227917?source=rss------bug_bounty-5socalledhackerinfosec, bug-bounty, bug-bounty-tips, cybersecurity, hacking14-Dec-2024
Reflected XSS on Gaming Blog Websitehttps://medium.com/@enigma_/reflected-xss-on-gaming-blog-website-edc448d613a3?source=rss------bug_bounty-5enigma_writeup, bug-bounty-writeup, hackin, penetration-testing, bug-bounty13-Dec-2024
Introducing ShodanSpider v2: Your Ultimate Free Tool for CVE Searching and Shodan Data Analysis…https://shubhamrooter.medium.com/introducing-shodanspider-v2-your-ultimate-free-tool-for-cve-searching-and-shodan-data-analysis-ba7c7b3097b0?source=rss------bug_bounty-5Shubham Tiwaricybersecurity, shodanspider, bug-bounty, redteam-tool, pentesting13-Dec-2024
#ERROR!https://medium.com/meetcyber/hidden-ace-up-hackers-sleeve-hacking-gadgets-1-phone-on-a-simmy-8b3d3cd540cf?source=rss------bug_bounty-5NnFacecybersecurity, hacking, termux, kali-linux, bug-bounty13-Dec-2024
Deep Recon Methodology for Bug Bounty Hunters | Part-1https://medium.com/@kumawatabhijeet2002/deep-recon-methodology-for-bug-bounty-hunters-part-1-54bdac09dcf4?source=rss------bug_bounty-5Abhijeet kumawatinfosec, bug-bounty, methodology, bug-bounty-tips13-Dec-2024
Critical Unauthorized Access to Admin Pages via Vulnerable Endpointshttps://hackersatty.medium.com/critical-unauthorized-access-to-admin-pages-via-vulnerable-endpoints-e8799b3f7f69?source=rss------bug_bounty-5hackersattyadmin-panel, javascript, bug-bounty, hackerone, hackersatty13-Dec-2024
Third Party Services Takeover using Oauth Misconfigurationhttps://infosecwriteups.com/third-party-services-takeover-using-oauth-misconfiguration-8888a0c1ad86?source=rss------bug_bounty-5Ronak Patelinformation-security, cybersecurity, ethical-hacking, bug-bounty13-Dec-2024
Idor Is Easy ! You may Don’t know ! The Longest PrivEsc I’ve ever faced on Public BBPhttps://medium.com/@Ahmex000/idor-is-easy-you-may-dont-know-the-longest-privesc-i-ve-ever-faced-on-public-bbp-1bf67cd699d8?source=rss------bug_bounty-5Ahmex000bug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-hunting, bugbounty-writeup13-Dec-2024
How I Found and Fixed XSS on a Website: A Bug Hunter’s Talehttps://medium.com/@mayankmalaviya3/how-i-found-and-fixed-xss-on-a-website-a-bug-hunters-tale-bc7351043928?source=rss------bug_bounty-5Mayank Malaviya (Aiwolfie)hacking, bug-bounty, security, xss-attack, vulnerability13-Dec-2024
429 Bypasser Extension Guidehttps://medium.com/@raxomara/429-bypasser-extension-guide-1d4f86b7d630?source=rss------bug_bounty-5Raxomaracybersecurity, 429-bypasser, rate-limit-bypass, bug-bounty, bug-bounty-tips13-Dec-2024
Make Penetration Testing Sexy Againhttps://medium.com/@hackrate/make-penetration-testing-sexy-again-with-hackgate-51c556944c0b?source=rss------bug_bounty-5Levente Molnarethical-hacking, bug-bounty, cybersecurity, penetration-testing, hacking13-Dec-2024
The Growing Threat of Identity Attacks in Cybersecurityhttps://medium.com/@paritoshblogs/the-growing-threat-of-identity-attacks-in-cybersecurity-5e847cf4ab6d?source=rss------bug_bounty-5Paritoshinformation-technology, hacking, cybersecurity, identity, bug-bounty13-Dec-2024
Bug Bounty Training Programhttps://bevijaygupta.medium.com/bug-bounty-training-program-78c927572385?source=rss------bug_bounty-5Vijay Guptabug-bounty-writeup, bug-bounty, bug-bounty-tips, bugs, bug-zero13-Dec-2024
A Beginner’s Guide to Testing for Server-Side Request Forgery (SSRF)https://medium.com/@mcooter/a-beginners-guide-to-testing-for-server-side-request-forgery-ssrf-9a4b5e16fdd2?source=rss------bug_bounty-5Michael Cooterbug-bounty, ssrf, oswa, web-application-security, hacking13-Dec-2024
Android vs iOS Security Introhttps://medium.com/@in3tinct/android-vs-ios-security-intro-4a9b5ecc65cf?source=rss------bug_bounty-5Vaibhavsecurity, android, bug-bounty, ios, mobile-app-development13-Dec-2024
Bug Bounty Findings: 10 Major Vulnerabilities Exposed in Cloverleaf’s Application — IDOR — Part 2https://medium.com/@maakthon/bug-bounty-findings-10-major-vulnerabilities-exposed-in-cloverleafs-application-idor-part-2-932746b6b445?source=rss------bug_bounty-5Mahmoud Abd Alkarimsecurity-research, web-application-security, cybersecurity, bug-bounty, bug-bounty-writeup13-Dec-2024
APIS are so easy to exploithttps://medium.com/@momen_besher/apis-are-so-easy-to-exploit-80bf65941e28?source=rss------bug_bounty-5steve55555api, vulnerability, bug-bounty-tips, cybersecurity, bug-bounty13-Dec-2024
【Award-winning Survey】About Security Vulnerability Submission Functionhttps://medium.com/@security.tecno/award-winning-survey-about-security-vulnerability-submission-function-c3113e2baec0?source=rss------bug_bounty-5TECNO Securityrewards, bugs, surveys, hacking, bug-bounty12-Dec-2024
[Bugbounty]SQLI — Data Exfiltration via DNShttps://medium.com/@kauenavarro/bugbounty-sqli-data-exfiltration-via-dns-3e68ece08205?source=rss------bug_bounty-5Kauê Navarrohacking, sqli, bug-hunter, bug-bounty, bugcrowd12-Dec-2024
How I Bypassed Email Confirmation: A Playful Journey into the World of Bug Huntinghttps://medium.com/@mrasg/how-i-bypassed-email-confirmation-a-playful-journey-into-the-world-of-bug-hunting-30f72d6c2fb6?source=rss------bug_bounty-5Ahmed Samir Ghallabpentesting, bug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty12-Dec-2024
Measuring the Success of Bug Bounty Programs: Outdated vs. Modern Approacheshttps://medium.com/@hackrate/measuring-the-success-of-bug-bounty-programs-outdated-vs-modern-approaches-9cf87655092b?source=rss------bug_bounty-5Levente Molnarethical-hacking, penetration-testing, cybersecurity, hacking, bug-bounty12-Dec-2024
How I hacked Universityhttps://medium.com/@Wantet/how-i-hacked-university-76097e703cb5?source=rss------bug_bounty-5Wantetpenetration-testing, university, bug-bounty, hacking12-Dec-2024
How to Find and Identify Race Condition Vulnerabilities as a Penetration Testerhttps://cyberw1ng.medium.com/how-to-find-and-identify-race-condition-vulnerabilities-as-a-penetration-tester-9d9ecce6ed56?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, hacking, careers, technology12-Dec-2024
Bug Bounty Findings: 10 Major Vulnerabilities Exposed in Cloverleaf’s Application - Open Redirect …https://medium.com/@maakthon/bug-bounty-findings-10-major-vulnerabilities-exposed-in-cloverleafs-web-application-part-1-95f659ff7d0a?source=rss------bug_bounty-5Mahmoud Abd Alkarimweb-application-security, cybersecurity, bug-bounty-writeup, bug-bounty, security-research12-Dec-2024
Account Takeover using SSO Loginshttps://rikeshbaniya.medium.com/account-takeover-using-sso-logins-fa35f28a358b?source=rss------bug_bounty-5Rikesh Baniyabugcrowd, bug-bounty-writeup, bug-bounty-tips, hackerone, bug-bounty12-Dec-2024
Hack The Box Academy — File Inclusion — Skills Assessmenthttps://medium.com/@d4nglz17/hack-the-box-academy-file-inclusion-skills-assessment-1ca0283a9a06?source=rss------bug_bounty-5Danglzhackthebox, penetration-testing, bug-bounty-writeup, bug-bounty, information-security12-Dec-2024
Identity & Access Alert: Microsoft MFA Bypassed via AuthQuake Attack!https://medium.com/@wiretor/identity-access-alert-microsoft-mfa-bypassed-via-authquake-attack-fc57043fe39a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, microsoft, bug-bounty, ai, business12-Dec-2024
Critical Alert: Hackers Exploit Hunk Companion WordPress Plugin!https://medium.com/@wiretor/critical-alert-hackers-exploit-hunk-companion-wordpress-plugin-50fcf5834f84?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, wordpress, hacking, bug-bounty, malware12-Dec-2024
€XXX bounty for 2FA disabled without password and OTP by response manipulationhttps://osintteam.blog/xxx-bounty-for-2fa-disabled-without-password-and-otp-by-response-manipulation-499ba5234a4f?source=rss------bug_bounty-5socalledhackerhacking, bug-bounty, infosec, cybersecurity, bug-bounty-tips12-Dec-2024
“Bypasseando controles en un POS” (Un poco de humo… del bueno)https://medium.com/@andresbe.be/bypasseando-controles-en-un-pos-un-poco-de-humo-del-bueno-b18b6ecbc775?source=rss------bug_bounty-5Andres Barrosobypass-restriction, point-of-sale-device, bug-bounty12-Dec-2024
How a Race Condition Became an Account Takeover Vulnerabilityhttps://medium.com/@mrasg/how-a-race-condition-became-an-account-takeover-vulnerability-756f14990f38?source=rss------bug_bounty-5Ahmed Samir Ghallabbug-bounty-writeup, bug-bounty-tips, security, pentesting, bug-bounty12-Dec-2024
“Bypasseando controles en un POS”https://medium.com/@andresbe.be/bypasseando-controles-en-un-pos-un-poco-de-humo-del-bueno-b18b6ecbc775?source=rss------bug_bounty-5Andres Barrosobypass-restriction, point-of-sale-device, bug-bounty12-Dec-2024
Exposed Git Directory P1 Bughttps://medium.com/@abhirupkonwar04/exposed-git-directory-p1-bug-5fd272a62f51?source=rss------bug_bounty-5AbhirupKonwarvulnerability-management, pentesting, bug-bounty-tips, bug-bounty, bug-bounty-writeup11-Dec-2024
We Faced a Brute Force Attack — Here’s What Saved Us!https://medium.com/@paritoshblogs/we-faced-a-brute-force-attack-heres-what-saved-us-1d33547eca61?source=rss------bug_bounty-5Paritoshinformation-technology, hacking, cybersecurity, bug-bounty, brute-force11-Dec-2024
Exposed Git Directory P1 Bughttps://systemweakness.com/exposed-git-directory-p1-bug-5fd272a62f51?source=rss------bug_bounty-5AbhirupKonwarvulnerability-management, pentesting, bug-bounty-tips, bug-bounty, bug-bounty-writeup11-Dec-2024
Email Flooding Without Knowing Victim Email Via CSRFhttps://0xshuvo.medium.com/email-flooding-without-knowing-victim-email-via-csrf-8de8bf5de3a3?source=rss------bug_bounty-5Shuvo Kumar Sahaemail-flooding, csrf, bug-bounty, bugbounty-writeup, bug-bounty-tips11-Dec-2024
How I Earned My First $100 in a Bug Bounty Program (And How You Can Too!)https://medium.com/@divyesh.jagad/how-i-earned-my-first-100-in-a-bug-bounty-program-and-how-you-can-too-57b58b37226a?source=rss------bug_bounty-5Divyesh Jagadpassive-income, data-security, bug-bounty, ethical-hacking, cybersecurity11-Dec-2024
Easy SQLI in just 30 minuteshttps://medium.com/@mohammed01550038865/easy-sqli-in-just-30-minutes-0296038bb473?source=rss------bug_bounty-5Muhammed Mubarakbug-bounty, hackerone, sql-injection, bugcrowd, writing-tips11-Dec-2024
IDOR leads to leak private user’s datahttps://medium.com/@banertheinrich/idor-leads-to-leak-private-users-data-3a2b59f58826?source=rss------bug_bounty-5Adham Heinrichidor, bug-bounty, idor-vulnerability, cybersecurity, penetration-testing11-Dec-2024
Hackrate PTaaS Powered by HackGATE: Redefining Penetration Testinghttps://medium.com/@hackrate/hackrate-ptaas-powered-by-hackgate-redefining-penetration-testing-cb91c07ecc8f?source=rss------bug_bounty-5Levente Molnarpenetration-testing, bug-bounty, ethical-hacking, cybersecurity, hacking11-Dec-2024
Data Breach: 446K Patients & Employees Affected at Center for Vein Restorationhttps://medium.com/@wiretor/data-breach-446k-patients-employees-affected-at-center-for-vein-restoration-a75cf6fc1a5e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesai, bug-bounty, hacking, malware, business11-Dec-2024
Urgent Warning: Ivanti CSA Flaw Exposes Admin Controls to Hackers!https://medium.com/@wiretor/urgent-warning-ivanti-csa-flaw-exposes-admin-controls-to-hackers-d6937ede4389?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, ivanti, ransomware, business11-Dec-2024
Critical WPForms Flaw Exposes 6M Sites to Unauthorized Stripe Refundshttps://medium.com/@wiretor/critical-wpforms-flaw-exposes-6m-sites-to-unauthorized-stripe-refunds-da9f48a7bfd0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, wpforms, business, malware11-Dec-2024
How I Secured The Indian Army?https://cybersecuritywriteups.com/how-i-secured-the-indian-army-9a80ba399202?source=rss------bug_bounty-5Guru Prasad Pattanaikbug-bounty-tips, cybersecurity, ethical-hacking, bug-bounty-writeup, bug-bounty11-Dec-2024
Mastering JavaScript, Can It Make You an XSS Bug Hunter?https://rendiero.medium.com/mastering-javascript-can-it-make-you-an-xss-bug-hunter-a0f0aaba0c6f?source=rss------bug_bounty-5Rendierohacking, penetration-testing, bug-bounty, xss-attack, javascript10-Dec-2024
Email and home address disclosure using unauthenticated API endpoint worth $500https://vijetareigns.medium.com/email-and-home-address-disclosure-using-unauthenticated-api-endpoint-worth-500-4a497ff0678c?source=rss------bug_bounty-5the_unlucky_guycybersecurity, bug-bounty, application-security, bug-bounty-writeup, bug-bounty-tips10-Dec-2024
Investigating a Linux Machine Security Breach Without Tools!https://medium.com/@paritoshblogs/investigating-a-linux-machine-security-breach-without-tools-464e14bdeab0?source=rss------bug_bounty-5Paritoshhacking, information-technology, linux, bug-bounty, cybersecurity10-Dec-2024
$500 Bypassing Cloudflare WAF to Achieve XSShttps://medium.com/@kumawatabhijeet2002/500-bypassing-cloudflare-waf-to-achieve-xss-f3b9c4acb702?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, xss-vulnerability, bug-bounty-writeup, bug-bounty-tips, bugs10-Dec-2024
HackerOne 香港汇丰接收赏金https://medium.com/@dem0ns/hackerone-%E9%A6%99%E6%B8%AF%E6%B1%87%E4%B8%B0%E6%8E%A5%E6%94%B6%E8%B5%8F%E9%87%91-353356389bc9?source=rss------bug_bounty-5猫猫虫hsbc, h1, bug-bounty, hackerone, 挖洞10-Dec-2024
One way hackers stole API keys, Passwords, Tokens and Secrets.https://osintteam.blog/one-way-hackers-stole-api-keys-passwords-tokens-and-secrets-4e731435bbd4?source=rss------bug_bounty-5Pwndec0c0programming, bug-bounty, cybersecurity, hacking, web-development10-Dec-2024
Zoho QEngine: Arbitrary File Readhttps://infosecwriteups.com/zoho-qengine-arbitrary-file-read-08df3d1e167e?source=rss------bug_bounty-5Jayateertha Guruprasadhacking, cybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup10-Dec-2024
NASA P2 Google Dorkinghttps://medium.com/@srinathkk99/nasa-p3-google-dorking-f7bd4b56d395?source=rss------bug_bounty-5Srinath K Kcybersecurity, bug-bounty, nasa, vulnerability, appreciation10-Dec-2024
The Ultimate Guide to Starting a Bug Bounty Program: A Company’s Perspectivehttps://medium.com/@hackrate/the-ultimate-guide-to-starting-a-bug-bounty-program-a-companys-perspective-4feebb585ac4?source=rss------bug_bounty-5Levente Molnarethical-hacking, hacking, penetration-testing, cybersecurity, bug-bounty10-Dec-2024
I Found 7 Log4j (RCE) in a Single Program!https://medium.com/@rootplinix/i-found-7-log4j-rce-in-a-single-program-5afb7d02dd06?source=rss------bug_bounty-5Abu Hurayrabug-bounty-tips, cybersecurity, bug-bounty-writeup, log4shell, bug-bounty10-Dec-2024
Must-Have Hacking Extensions For Bugbounty Huntershttps://medium.com/@The_scratch/must-have-hacking-extensions-for-bugbounty-hunters-5de4c56c6963?source=rss------bug_bounty-5Scratchreconnaissance, bug-bounty, cybersecurity, hacking, bug-bounty-tips10-Dec-2024
Naabu: A Fast and Efficient Port Scanning Toolhttps://medium.com/@rootspaghetti/naabu-a-fast-and-efficient-port-scanning-tool-a5f8a4cf0641?source=rss------bug_bounty-5Root@Spaghettibug-bounty-tips, hacking, bug-bounty10-Dec-2024
OAuth Account Hijacking via redirect_urihttps://osintteam.blog/oauth-account-hijacking-via-redirect-uri-ae8ca7a66930?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafébug-bounty, pentesting, bug-bounty-tips, information-security, cybersecurity10-Dec-2024
How i bypassed 403 forbidden (private method)https://medium.com/@reazatih/how-i-bypassed-403-forbidden-private-method-fc066c11f90f?source=rss------bug_bounty-5Re@Zacybersecurity, bug-bounty, penetration-testing, 403-forbidden, hacking10-Dec-2024
$50M Crypto Heist Linked to North Korean Hackers in Radiant Capital Attackhttps://medium.com/@wiretor/50m-crypto-heist-linked-to-north-korean-hackers-in-radiant-capital-attack-71be5b6515d7?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, ai, crypto, bug-bounty, malware10-Dec-2024
Chinese Cyber Attack Targets European IT Firms Using Visual Studio Code for Supply-Chain…https://medium.com/@wiretor/chinese-cyber-attack-targets-european-it-firms-using-visual-studio-code-for-supply-chain-761a472b00b2?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, ai, bug-bounty, malware, hacking10-Dec-2024
Romanian Energy Supplier Electrica Hit by Ransomware Attack ⚡https://medium.com/@wiretor/romanian-energy-supplier-electrica-hit-by-ransomware-attack-8e1b3d8e453d?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, hacking, malware, romania, bug-bounty10-Dec-2024
OpenWrt Sys upgrade Flaw: Hackers Can Push Malicious Firmware Imageshttps://medium.com/@wiretor/openwrt-sys-upgrade-flaw-hackers-can-push-malicious-firmware-images-088a0d23a1b0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, openwrt, business, bug-bounty, hacking10-Dec-2024
Mastering Bug Bounty Recon: Essential Techniques for Ethical Hackershttps://medium.com/@verylazytech/mastering-bug-bounty-recon-essential-techniques-for-ethical-hackers-549c5b472975?source=rss------bug_bounty-5Very Lazy Techsubdomain-enumeration, bug-bounty, github-recon, ethical-hacking, bug-bounty-techniques10-Dec-2024
How I Bypassed OTP Like a Devil, Leading to Full Account Takeoverhttps://infosecwriteups.com/how-i-bypassed-otp-like-a-devil-leading-to-full-account-takeover-7bb7a673f7a0?source=rss------bug_bounty-5Ranjanaccount-takeover, bug-bounty, ethical-hacking, otp-bypass, hacking10-Dec-2024
How I Earned Over 100 Points on HackerOne with Email Spoofing.https://j0nasdias.medium.com/how-i-earned-over-100-points-on-hackerone-with-email-spoofing-1ae0c4bc6aba?source=rss------bug_bounty-5Jonas Dias Rebelopentest, vulnerability, email-spoofing, hackerone, bug-bounty10-Dec-2024
NASA P3 Google Dorkinghttps://cybersecuritywriteups.com/nasa-p3-google-dorking-6779970b6f03?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-writeup, cybersecurity, bug-bounty-tips, pentesting, bug-bounty09-Dec-2024
Vote Manipulation & Debug Exposure, Another Interesting Finding…https://medium.com/@josuofficial327/vote-manipulation-debug-exposure-another-interesting-finding-ec31f8cb939c?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuprogramming, bug-bounty-tips, penetration-testing, cybersecurity, bug-bounty09-Dec-2024
How I Exploited Amazon Cognito Misconfigurations to Access Confidential S3 Datahttps://1-day.medium.com/how-i-exploited-amazon-cognito-misconfigurations-to-access-confidential-s3-data-badb62cabfab?source=rss------bug_bounty-51daybug-bounty-writeup, writeup, pentesting, bug-bounty, aws09-Dec-2024
From Couch to Cloud: Bug Hunting Made Easy!https://udayshelke17-40981.medium.com/from-couch-to-cloud-bug-hunting-made-easy-993039c8208b?source=rss------bug_bounty-5sudo udayhacking, bug-bounty, cybersecurity, cloud-security, bug-bounty-tips09-Dec-2024
How I Earned $$$ | Open Redirectionhttps://medium.com/@A0X-Y0S3TRX/how-i-earned-open-redirection-c26e191dbff2?source=rss------bug_bounty-5A0X-Y0S3TRXbug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-bounty-hunter, bug-bounty-program09-Dec-2024
The List of Top Penetration Testing as a Service (PTaaS) Platforms for 2024https://medium.com/@hackrate/the-list-of-top-penetration-testing-as-a-service-ptaas-platforms-for-2024-e04969614042?source=rss------bug_bounty-5Levente Molnarethical-hacking, cybersecurity, bug-bounty, hacking, penetration-testing09-Dec-2024
How I Exploited Amazon Cognito Misconfigurations to Access Confidential S3 Datahttps://awstip.com/how-i-exploited-amazon-cognito-misconfigurations-to-access-confidential-s3-data-badb62cabfab?source=rss------bug_bounty-51daybug-bounty-writeup, writeup, pentesting, bug-bounty, aws09-Dec-2024
VPS for Hackers: Top Picks for Bug Bounty and Cloud Pentesters Enthusiasts 2025https://hackerassociate.medium.com/vps-for-hackers-top-picks-for-bug-bounty-and-cloud-pentesters-enthusiasts-2025-195b17eea9f7?source=rss------bug_bounty-5Harshad Shahcybersecurity, bug-bounty, penetration-testing, infosec, vps09-Dec-2024
Exposed Prometheus Server Endpointhttps://osintteam.blog/exposed-prometheus-server-endpoint-cfb8e82e441b?source=rss------bug_bounty-5AbhirupKonwarpentesting, bug-bounty, bug-bounty-writeup, vulnerability-management, bug-bounty-tips09-Dec-2024
2.9 Billion Records Compromised in NPD Breach: The Largest Data Leak Ever!https://medium.com/@wiretor/2-9-billion-records-compromised-in-npd-breach-the-largest-data-leak-ever-9edaa25d362c?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, ransomware, bug-bounty, breach, malware09-Dec-2024
One Phishing Hit Leads to Massive Breach: 11K Children’s Data Exposedhttps://medium.com/@wiretor/one-phishing-hit-leads-to-massive-breach-11k-childrens-data-exposed-f8bb80abc574?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesphising, business, malware, bug-bounty, hacking09-Dec-2024
Eight Suspected Phishers Arrested in Belgium, Netherlands for Multi-Million Euro Fraud Schemehttps://medium.com/@wiretor/eight-suspected-phishers-arrested-in-belgium-netherlands-for-multi-million-euro-fraud-scheme-2df2e53d1fe3?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, phishing, business, malware, scam09-Dec-2024
How to Earn Money with Bug Bounties and Other Platformshttps://medium.com/@tuteja_lovish/how-to-earn-money-with-bug-bounties-and-other-platforms-6a248db1a94d?source=rss------bug_bounty-5Lovish Kumarsecurity-token, bugs, bug-bounty, security, bounties09-Dec-2024
QR Codes Bypass Browser Isolation for Malicious C2 Communication ️https://medium.com/@wiretor/qr-codes-bypass-browser-isolation-for-malicious-c2-communication-%EF%B8%8F-6dddc201d532?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, hacking, business, bug-bounty, qr-code09-Dec-2024
Server Security Misconfiguration: Misconfigured DNS — High-Impact Subdomain Takeover (P2)https://medium.com/@mathewskuruvila32/server-security-misconfiguration-misconfigured-dns-high-impact-subdomain-takeover-p2-cb9e7ccadf2d?source=rss------bug_bounty-5Mathews kuruvilavulnerability, hacking, ethical-hacking, web-app-development, bug-bounty09-Dec-2024
The HackerOne-Wayback Machine Saga: An Unofficial Vulnerability or Just Public Oversight?https://huntrai.medium.com/the-hackerone-wayback-machine-saga-an-unofficial-vulnerability-or-just-public-oversight-22c1fb0112bb?source=rss------bug_bounty-5Aditya sunnybug-bounty, bugs, hacking09-Dec-2024
How I Discovered a Critical Vulnerability in WhatsApp’s Admin Systemhttps://huntrai.medium.com/how-i-discovered-a-critical-vulnerability-in-whatsapps-admin-system-ce0a3f2bbcb2?source=rss------bug_bounty-5Aditya sunnyinfosec, bug-bounty, hackerone, hacking, bugs09-Dec-2024
1-Click Account Takeover (ATO) via CORS Misconfigurationhttps://medium.com/@mohammed01550038865/1-click-account-takeover-ato-via-cors-misconfiguration-64dc26d24917?source=rss------bug_bounty-5Muhammed Mubarakhackerone, bugcrowd, bug-bounty-tips, ato, bug-bounty09-Dec-2024
From Dev to Disaster: My Hilarious First Attempt at Bug Bounties with Burp Suite Prohttps://medium.com/@zero_4583/from-dev-to-disaster-my-hilarious-first-attempt-at-bug-bounties-with-burp-suite-pro-20fddd3ad295?source=rss------bug_bounty-5Nathan Vincentbug-bounty, burpsuite, appsec, penetration-testing08-Dec-2024
Misconfigurations That Paid Me Big: How I Exploited Them (And How You Can Stop Me)https://systemweakness.com/misconfigurations-that-paid-me-big-how-i-exploited-them-and-how-you-can-stop-me-788a5375aa3c?source=rss------bug_bounty-5Akash Ghoshtechnology, bug-bounty, cybersecurity, bug-bounty-writeup, programming08-Dec-2024
$400 Bounty in 10 sechttps://systemweakness.com/400-bounty-in-10-sec-14d26c2976ec?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-writeup, pentesting, bug-bounty-tips, cybersecurity, bug-bounty08-Dec-2024
Critical Authentication Bypass & Account Takeover via Attacker’s MFA Codehttps://medium.com/@sharp488/critical-authentication-bypass-account-takeover-via-attackers-mfa-code-fadf36fe6e34?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbug-bounty, information-technology, bug-bounty-writeup, bug-bounty-tips, information-security08-Dec-2024
WhiteLevel Error Page / Spring Boot Actuators Huntinghttps://0xshuvo.medium.com/whitelevel-error-page-spring-boot-actuators-hunting-b0290c4ccdbd?source=rss------bug_bounty-5Shuvo Kumar Sahabug-bounty-writeup, bug-bounty, infosec, bug-hunting, exploit08-Dec-2024
The Dark Side of AI: Inside PyTorch’s Unpatched Vulnerabilitieshttps://medium.com/@piyushbhor22/the-dark-side-of-ai-inside-pytorchs-unpatched-vulnerabilities-0d8ce74fc9b5?source=rss------bug_bounty-5Pi - The Kernel Panicmachine-learning, pytorch, zero-day, exploits-zero-day, bug-bounty08-Dec-2024
All About Pentesting & Securing Checkouts and Transactionshttps://infosecwriteups.com/all-about-pentesting-securing-checkouts-and-transactions-f7bb1de4fd7b?source=rss------bug_bounty-5Xcheaterbug-bounty, appsec, payment-gateway08-Dec-2024
Exploiting PHP Insecure Deserializationhttps://medium.com/@mayank_prajapati/exploiting-php-insecure-deserialization-2e301557f12f?source=rss------bug_bounty-5Mayank Kumar Prajapatibug-bounty, cybersecurity, red-team, ethical-hacking, penetration-testing08-Dec-2024
$200 Recon Bug Bountyhttps://medium.com/infosecmatrix/200-recon-bug-bounty-3538566b94dc?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, pentesting, bug-bounty-writeup, ethical-hacking, bug-bounty08-Dec-2024
The Ultimate Guide to Starting a Penetration Testing as a Service (PTaaS) Project for Your Companyhttps://medium.com/@hackrate/the-ultimate-guide-to-starting-a-penetration-testing-as-a-service-ptaas-project-for-your-company-5d7919eed353?source=rss------bug_bounty-5Levente Molnarbug-bounty, hacking, penetration-testing, ethical-hacking, cybersecurity08-Dec-2024
PoC: Bypass Input with SQL Injection to Gaining Information in SMK Maarif Terpadu Cicalengka and…https://medium.com/@baracarlo/poc-bypass-input-with-sql-injection-to-gaining-information-in-smk-maarif-terpadu-cicalengka-and-51d56cfbbd60?source=rss------bug_bounty-5Baradikasql-injection, cybersecurity, bug-hunting, bug-bounty08-Dec-2024
How I Found Info disclosure vulnerability?https://doordiefordream.medium.com/how-i-found-info-disclosure-vulnerability-32fa9e9b9a45?source=rss------bug_bounty-5Bug hunter baluethical-hacking, hacking, cybersecurity, bug-bounty, web308-Dec-2024
Russia’s ‘BlueAlpha’ APT Hides in Cloudflare Tunnelshttps://medium.com/@wiretor/russias-bluealpha-apt-hides-in-cloudflare-tunnels-7d7372615241?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, malware, business, russia08-Dec-2024
Top 5 Must-Read Books to Master Web Penetration Testing (Beginners & Beyond)https://medium.com/@verylazytech/top-5-must-read-books-to-master-web-penetration-testing-beginners-beyond-9bf99651445f?source=rss------bug_bounty-5Very Lazy Techhacking, bug-bounty, penetration-testing, web-development, web-penetration-testing08-Dec-2024
How I Found a Critical Vulnerability and Earned $4,000 in Bug Bounty Huntinghttps://medium.com/@zack0x01_/how-i-found-a-critical-vulnerability-and-earned-4-000-in-bug-bounty-hunting-2ce4a1227fdc?source=rss------bug_bounty-5zack0x01idor, cybersecurity, bug-bounty, hacking08-Dec-2024
Mastering Git Conflicts: A Developer’s Guide to Seamless Merges ️⚡https://rajuhemanth456.medium.com/mastering-git-conflicts-a-developers-guide-to-seamless-merges-%EF%B8%8F-19718b819da0?source=rss------bug_bounty-5Hemanth Rajubug-bounty, coding, software-development, interview, github08-Dec-2024
Privilege Escalation via Impersonation Features featurehttps://medium.com/@0x_xnum/privilege-escalation-via-impersonation-features-feature-c49cf3a3dc03?source=rss------bug_bounty-5Ahmed Tarekprivilege-escalation, hacking, bug-bounty-tips, bug-bounty, pentesting08-Dec-2024
Mastering Internet Scanning: How to Use ZMap and Censys for Ethical Hacking — Part 1https://systemweakness.com/mastering-internet-scanning-how-to-use-zmap-and-censys-for-ethical-hacking-part-1-2ca54401e2e0?source=rss------bug_bounty-5hacker_mightreconnaissance, recon, ip-security, zmap, bug-bounty08-Dec-2024
Unlocking Cybersecurity with Censys: A Guide to Ethical Hacking, Bug Bounties, and Pentesting —…https://systemweakness.com/unlocking-cybersecurity-with-censys-a-guide-to-ethical-hacking-bug-bounties-and-pentesting-4e1c6e4358c3?source=rss------bug_bounty-5hacker_mightfun, bug-bounty, recon, censys, osint08-Dec-2024
Mastering Subdomain Visualization: Using Aquatone for Effective Reconnaissanchttps://medium.com/@kalkumbe7745/mastering-subdomain-visualization-using-aquatone-for-effective-reconnaissanc-6409c7846c2c?source=rss------bug_bounty-5Rutvik Kalkumbeethical-hacking, cybersecurity, bug-bounty, security, aquatone08-Dec-2024
How I Test for Cross-Site Scriptinghttps://osintteam.blog/how-i-test-for-cross-site-scripting-9262de5e949d?source=rss------bug_bounty-5Cybersec with Hemmarswriting, technology, cybersecurity, bug-bounty08-Dec-2024
My First Bounty of ₹₹₹https://osintteam.blog/my-first-bounty-of-37c2d40cbdd9?source=rss------bug_bounty-5cryptoshantpassword-reset, bug-bounty, journey, cybersecurity, hacking07-Dec-2024
From Low Privileges to Owner Rights: A Wild Journey Through an ATO Vulnerabilityhttps://medium.com/@mrasg/from-low-privileges-to-owner-rights-a-wild-journey-through-an-ato-vulnerability-cb21c468634c?source=rss------bug_bounty-5Ahmed Samir Ghallabbug-bounty-tips, bug-bounty-writeup, cybersecurity, hacking, bug-bounty07-Dec-2024
P3 Bug in Few Minuteshttps://medium.com/meetcyber/p3-bug-in-few-minutes-006f57913f71?source=rss------bug_bounty-5AbhirupKonwarpentesting, cybersecurity, bug-bounty, infosec, bug-bounty-tips07-Dec-2024
How I Found an ATO Vulnerability in Stripe Program in an Overlooked Cornerhttps://medium.com/@mrasg/how-i-found-an-ato-vulnerability-in-stripe-program-in-an-overlooked-corner-dce7d2cdaaf9?source=rss------bug_bounty-5Ahmed Samir Ghallabsecurity, bug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty07-Dec-2024
How to Make a Clickjacking Vulnerability Scanner with Pythonhttps://infosecwriteups.com/how-to-make-a-clickjacking-vulnerability-scanner-with-python-a53f48e70b58?source=rss------bug_bounty-5Muhammad Abdullahipython, cybersecurity, bug-bounty, hacking, python-programming07-Dec-2024
Beyond signUP OR resetPassword || Send , Confirm AND Setting !https://medium.com/@0xAwali/beyond-signup-or-resetpassword-send-confirm-and-setting-d153f3ab6e17?source=rss------bug_bounty-5Mahmoud M. Awaliweb-security, bug-bounty07-Dec-2024
5 Ways I Got RCE’s In the Wildhttps://medium.com/@red.whisperer/5-ways-i-got-rces-99a78901ba33?source=rss------bug_bounty-5Chuxcybersecurity, hacking, bug-bounty, technology, programming07-Dec-2024
Code Flaws and Consequences: The Bug That Exposed PIIhttps://medium.com/@CANITEY/code-flaws-and-consequences-the-bug-that-exposed-pii-3de5251e1484?source=rss------bug_bounty-5CANITEYpenetration-testing, bugbounty-writeup, pentesting, cybersecurity, bug-bounty07-Dec-2024
When One Isn’t Enough: Multiple SQL Injections Found in 1 VDPhttps://osintteam.blog/when-one-isnt-enough-multiple-sql-injections-found-in-1-vdp-f45de0b4c674?source=rss------bug_bounty-5#$ubh@nk@rhackerone, infosec, sql-injection, bug-bounty, web-security07-Dec-2024
Ransomware Breach Exposes 310K Patient Records at Anna Jaques Hospitalhttps://medium.com/@wiretor/ransomware-breach-exposes-310k-patient-records-at-anna-jaques-hospital-8548c120ad63?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, hacking, bug-bounty, business, malware07-Dec-2024
Ultralytics AI Supply Chain Breach: Cryptominer Infects Thousands!https://medium.com/@wiretor/ultralytics-ai-supply-chain-breach-cryptominer-infects-thousands-5a0d82d1c32e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmachine-learning, hacking, bug-bounty, malware, ai07-Dec-2024
New Windows Zero-Day Alert: NTLM Credentials at Risk!https://medium.com/@wiretor/new-windows-zero-day-alert-ntlm-credentials-at-risk-ad6256807d0c?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, bug-bounty-tips, windows, hacking07-Dec-2024
Police Shut Down Manson Cybercrime Market & Arrest Key Suspects!https://medium.com/@wiretor/police-shut-down-manson-cybercrime-market-arrest-key-suspects-29bdcbaae6cf?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, bus, bug-bounty, malware, manson07-Dec-2024
11 Must-Read Blogs to Understand IDORhttps://saminbinh.medium.com/11-best-blogs-to-learn-idor-7769511d5e05?source=rss------bug_bounty-5SAMIN BIN HUMAYUNinformation-technology, cybersecurity, bug-bounty, idor, idor-vulnerability07-Dec-2024
How I discovered my first CVEhttps://medium.com/@zumiyumi/how-i-discovered-my-first-cve-7b1e2987326c?source=rss------bug_bounty-5Zumi Yumibug-bounty, xss-attack, cve, code-review, cybersecurity07-Dec-2024
Hackers Aren’t Built by Tools — They Build the Toolshttps://shuvonsec.medium.com/hackers-arent-built-by-tools-they-build-the-tools-6581f38dbb34?source=rss------bug_bounty-5Shariar Shahnawaz Shuvonhacking, bug-bounty, information-security, cybersecurity, bug-bounty-tips07-Dec-2024
Why Are You Not Identifying Bugs in Website 2025https://osintteam.blog/why-are-you-not-identifying-bugs-in-website-2025-8ff218815b7d?source=rss------bug_bounty-5Tahir Ayoubhacking, cyber-security-awareness, bug-bounty-tips, bug-bounty, hackathons06-Dec-2024
How I Found 3x XSS in 6 Seconds! Without Automated Toolshttps://medium.com/@embossdotar/how-i-found-3x-xss-in-6-seconds-without-automated-tools-b0c852dea66f?source=rss------bug_bounty-5embossdotarcybersecurity-awareness, hacking, bug-bounty, cybersecurity, ethical-hacking06-Dec-2024
10 RXSS on HackerOne VDPshttps://medium.com/infosecmatrix/10-rxss-on-hackerone-vdps-5162d3ee42af?source=rss------bug_bounty-5AbhirupKonwarinfosec, cybersecurity, xss-attack, bug-bounty, pentesting06-Dec-2024
From Newbie to Pro: My Journey to a $3,000 Bug Bountyhttps://myselfakash20.medium.com/from-newbie-to-pro-my-journey-to-a-3-000-bug-bounty-61abe935e3db?source=rss------bug_bounty-5Akash Ghoshtechnology, bug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips06-Dec-2024
The Art of Pwning Okta For Profit and Funhttps://whoisshuvam.medium.com/the-art-of-pwning-okta-for-profit-and-fun-075dedbc4715?source=rss------bug_bounty-5Suvam Adhikaribug-bounty-tips, cybersecurity, info-sec-writeups, bug-bounty, hackerone06-Dec-2024
“The Hidden GPS Threat: Unstripped Metadata on Redacted.com led 5K Rubel in bounties” ️‍♂️https://infosecwriteups.com/the-hidden-gps-threat-unstripped-metadata-on-redacted-com-led-5k-rubel-in-bounties-%EF%B8%8F-%EF%B8%8F-fd044d2031b6?source=rss------bug_bounty-5JEETPALbug-bounty, bug-bounty-writeup, exif-data, cybersecurity, bugbounty-tips06-Dec-2024
10 Essential Tips for Bug Bounty Beginners: A Fun, Practical, and Slightly Cheeky Guide to Kicking…https://medium.com/@mrasg/10-essential-tips-for-bug-bounty-beginners-a-fun-practical-and-slightly-cheeky-guide-to-kicking-c7da8a9b1b31?source=rss------bug_bounty-5Ahmed Samir Ghallabhacking, cybersecurity, penetration-testing, bug-bounty, bug-bounty-tips06-Dec-2024
Atrium Health Data Breach Impacts 585,000 People: Why Healthcare Cybersecurity Needs Immediate…https://medium.com/@wiretor/atrium-health-data-breach-impacts-585-000-people-why-healthcare-cybersecurity-needs-immediate-38a479e96e39?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, bug-bounty, marketing, business, malware06-Dec-2024
️ BREAKING: U.S. Arrests Scattered Spider Suspect Behind Telecom Hacks & Phishing Scams ️https://medium.com/@wiretor/%EF%B8%8F-breaking-u-s-arrests-scattered-spider-suspect-behind-telecom-hacks-phishing-scams-%EF%B8%8F-cd44ea215b09?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, business, ransomware, malware, hacking06-Dec-2024
Now let’s set Frida For SSL Pinning Bypass.https://aman0.medium.com/now-lets-set-frida-for-ssl-pinning-bypass-9ee8ae11b7b5?source=rss------bug_bounty-5Aman Hpenetration-testing, bug-bounty, mobile-app-development, infosec, hacking06-Dec-2024
List of Top Bug Bounty Platforms for 2024https://medium.com/@hackrate/list-of-top-bug-bounty-platforms-for-2024-fc31553c2e78?source=rss------bug_bounty-5Levente Molnarpenetration-testing, cybersecurity, vulnerability, bug-bounty, ethical-hacking06-Dec-2024
Path Traversal Vulnerabilities in Web Applications: Understanding CVE-2024–9935 and How to Protect…https://chintalatarakaram.medium.com/path-traversal-vulnerabilities-in-web-applications-understanding-cve-2024-9935-and-how-to-protect-40de3cca8ac8?source=rss------bug_bounty-5Chintala Taraka Ramvulnerability, bug-bounty, python, education, web-development06-Dec-2024
How I Found 3x XSS in 6 Seconds! Without Automated Toolshttps://medium.com/meetcyber/how-i-found-3x-xss-in-6-seconds-without-automated-tools-b0c852dea66f?source=rss------bug_bounty-5embossdotarcybersecurity-awareness, hacking, bug-bounty, cybersecurity, ethical-hacking06-Dec-2024
A01: Broken Access Control and A05: Security Misconfiguration Leads to Unauthenticated Access to…https://medium.com/@enigma_/a01-broken-access-control-and-a05-security-misconfiguration-leads-to-unauthenticated-access-to-0897e3bec491?source=rss------bug_bounty-5enigmacybersecurity, bug-bounty, vulnerability, penetration-testing, ethical-hacking06-Dec-2024
How I Turned a Low-Hanging Fruit Bug Into Mass Unauthorized Deletion of Invited Membershttps://medium.com/@ahmedsamirghallab/how-i-turned-a-low-hanging-fruit-bug-into-mass-unauthorized-deletion-of-invited-members-6f195deffe11?source=rss------bug_bounty-5Ahmed Samir Ghallabbug-bounty, bug-bounty-tips, bug-bounty-writeup, hacking, penetration-testing05-Dec-2024
How To Find Sensitive Log Files Easily..https://medium.com/@josuofficial327/how-to-find-sensitive-log-files-easily-1dd14bb5f221?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuethical-hacking, vulnerability, bug-bounty-tips, bug-bounty-writeup, bug-bounty05-Dec-2024
Mission: Exploit – Advanced Bug Bounty Techniques Inspired by James Bondhttps://bitpanic.medium.com/mission-exploit-advanced-bug-bounty-techniques-inspired-by-james-bond-a891ee3d0ef9?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, bug-bounty, cybersecurity, programming, technology05-Dec-2024
How I Achieved a Full Account Takeover Through Information Disclosurehttps://medium.com/@ahmedsamirghallab/how-i-achieved-a-full-account-takeover-through-information-disclosure-16c6f697b76e?source=rss------bug_bounty-5Ahmed Samir Ghallabbug-bounty-tips, penetration-testing, bug-bounty-writeup, bug-bounty, cybersecurity05-Dec-2024
How Note-Taking and Hacktivity Analysis Led to Privilege Escalationhttps://medium.com/@ahmedsamirghallab/how-note-taking-and-hacktivity-analysis-led-to-privilege-escalation-627aaf3bbd84?source=rss------bug_bounty-5Ahmed Samir Ghallabpentesting, bug-bounty-tips, bug-bounty-writeup, security, bug-bounty05-Dec-2024
Unveiling the Unseen: A Journey from Simple Recon Using Shodan to Leaking AWS Secretshttps://medium.com/@security.tecno/unveiling-the-unseen-a-journey-from-simple-recon-using-shodan-to-leaking-aws-secrets-bc7bed1ad16f?source=rss------bug_bounty-5TECNO Securityhacking, security, writing, bug-bounty05-Dec-2024
How Note-Taking and Hacktivity Analysis Led to Privilege Escalationhttps://medium.com/@mrasg/how-note-taking-and-hacktivity-analysis-led-to-privilege-escalation-627aaf3bbd84?source=rss------bug_bounty-5Ahmed Samir Ghallabpentesting, bug-bounty-tips, bug-bounty-writeup, security, bug-bounty05-Dec-2024
How I Achieved a Full Account Takeover Through Information Disclosurehttps://medium.com/@mrasg/how-i-achieved-a-full-account-takeover-through-information-disclosure-16c6f697b76e?source=rss------bug_bounty-5Ahmed Samir Ghallabbug-bounty-tips, penetration-testing, bug-bounty-writeup, bug-bounty, cybersecurity05-Dec-2024
How I Turned a Low-Hanging Fruit Bug Into Mass Unauthorized Deletion of Invited Membershttps://medium.com/@mrasg/how-i-turned-a-low-hanging-fruit-bug-into-mass-unauthorized-deletion-of-invited-members-6f195deffe11?source=rss------bug_bounty-5Ahmed Samir Ghallabbug-bounty, bug-bounty-tips, bug-bounty-writeup, hacking, penetration-testing05-Dec-2024
How Two Hardcoded Credentials Led To Payment System Takeover, Exposed 20,000 Credit Cards & Enabled…https://medium.com/@Berserker1337/how-two-hardcoded-credentials-led-to-payment-system-takeover-exposed-20-000-credit-cards-enabled-04b0ac232786?source=rss------bug_bounty-5Berserkerbug-hunting, bug-bounty, writeup, cybersecurity, web-security05-Dec-2024
Fix “Failed to load BApp” Burp Suite Extensions!https://medium.com/@d3vilz50n/fix-failed-to-load-bapp-burp-suite-extensions-923efa10659d?source=rss------bug_bounty-5d3vilz50nhacking-tools, hacking, fix, bug-bounty, burpsuite05-Dec-2024
How I Earned My First Bug Bounty: A Beginner’s Storyhttps://medium.com/@kingstar75114/how-i-earned-my-first-bug-bounty-a-beginners-story-58e8a3023cc6?source=rss------bug_bounty-5TehanG07bugs, bug-hunting, bug-bounty-tips, bug-bounty, bug-hunter05-Dec-2024
Correct Innerstanding + Overstandinghttps://medium.com/@onelovemafia/correct-innerstanding-overstanding-8d3cfd9baa7d?source=rss------bug_bounty-5OneLoveMafiadeep-learning, mysticism, bug-bounty, game-development, zen05-Dec-2024
Earn $10,000 XSS in Android Apps Scratch to Advance.https://medium.com/@anandrishav2228/earn-10-000-xss-in-android-apps-scratch-to-advance-cb3aa6c2b98f?source=rss------bug_bounty-5Rishav anandhacking, bug-bounty, cybersecurity, xss-attack, money05-Dec-2024
AZEx Testnet Campaign is LIVEhttps://medium.com/@AZEX.io/azex-testnet-campaign-is-live-ac553c18af8a?source=rss------bug_bounty-5AZEXberachain, bug-bounty, testnet, dois, azex05-Dec-2024
How I Exploited Passkey to Gain Unauthorized Access and TakeOver Invited Accountshttps://medium.com/@mrasg/how-i-exploited-passkey-to-gain-unauthorized-access-and-takeover-invited-accounts-b8b4547ffe70?source=rss------bug_bounty-5Ahmed Samir Ghallabpenetration-testing, pentesting, bug-bounty-tips, bug-bounty-writeup, bug-bounty05-Dec-2024
How I Broke Into My Dev Friend’s Website in Less Than 24 Hourhttps://infosecwriteups.com/how-i-broke-into-my-dev-friends-website-in-less-than-24-hour-6fdb31ad65a1?source=rss------bug_bounty-5sM0ky4hacking, bug-bounty, cyberattack, cybersecurity, bug-bounty-writeup05-Dec-2024
The Story of How I Hacked an International University in Indonesiahttps://infosecwriteups.com/the-story-of-how-i-hacked-an-international-university-in-indonesia-ec819a8c8fc0?source=rss------bug_bounty-5JCbug-bounty-tips, infosec, cybersecurity, bug-bounty-writeup, bug-bounty05-Dec-2024
Penetration Testing on Steroids: Revolutionizing Ethical Hacking with Hackrate and HackGATEhttps://medium.com/@hackrate/penetration-testing-on-steroids-revolutionizing-ethical-hacking-with-hackrate-and-hackgate-7edaf7244075?source=rss------bug_bounty-5Levente Molnarcybersecurity, penetration-testing, ethical-hacking, cybersecurity-news, bug-bounty05-Dec-2024
Practical Bug Bounty — TCM Academy | Report writing, Bypass, Best Programs.https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-report-writing-bypass-best-programs-710516804f53?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamipenetration-testing, cybersecurity, ethical-hacking, web-penetration-testing, bug-bounty05-Dec-2024
Chinese Hackers Salt Typhoon Breach Global Telecom Networkshttps://medium.com/@wiretor/chinese-hackers-salt-typhoon-breach-global-telecom-networks-00b40e0ce07e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicestelecom, bug-bounty, business, hacking, networking05-Dec-2024
New DroidBot Malware Targets 77 Banking & Crypto Apps!https://medium.com/@wiretor/new-droidbot-malware-targets-77-banking-crypto-apps-1b5105a66625?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbots, hacking, bug-bounty, business, malware05-Dec-2024
UK Cracks Down on Russian Money Laundering Networkshttps://medium.com/@wiretor/uk-cracks-down-on-russian-money-laundering-networks-4dfae89f9000?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, uk, business, malware, bug-bounty05-Dec-2024
⚠️ Critical Zero-Day Uncovered: Mitel MiCollab Wide Open to Attackers! ⚠️https://medium.com/@wiretor/%EF%B8%8F-critical-zero-day-uncovered-mitel-micollab-wide-open-to-attackers-%EF%B8%8F-cdc36da3552e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, zero-day, business, programming05-Dec-2024
Bug Huntinghttps://medium.com/meetcyber/bug-hunting-ff366260d8df?source=rss------bug_bounty-5Nazrul Islam Ranabug-hunting, platform, hacker, xx, bug-bounty05-Dec-2024
From Frustration to Exploitation: How a Link Shortener Helped Me Bypass WAFhttps://imooaaz.medium.com/from-frustration-to-exploitation-how-a-link-shortener-helped-me-bypass-waf-03724dca1592?source=rss------bug_bounty-5Moaaz Afifibug-bounty, bugs, bug-bounty-tips, bug-bounty-writeup, cybersecurity05-Dec-2024
How I Climbed to #1 Hackerhttps://medium.com/@CipherHawk/how-i-climbed-to-1-hacker-ffb52e2799c3?source=rss------bug_bounty-5CipherHawknetworking, bug-bounty-tips, cybersecurity, hacking, bug-bounty04-Dec-2024
Modern Security Vulnerabilities: Lessons from Recent Breacheshttps://medium.com/@SakshifromKushoAI/modern-security-vulnerabilities-lessons-from-recent-breaches-b925a6928bbf?source=rss------bug_bounty-5Sakshi from KushoAIsecure-coding, cybersecurity, bug-bounty, app-security, data-breach04-Dec-2024
Path Traversal, bypass file extension validation with null byteshttps://medium.com/@sulthanyluthfi/path-traversal-bypass-file-extension-validation-with-null-bytes-0cedc4fb53f5?source=rss------bug_bounty-5Luthfi Sulthanycybersecurity, bug-bounty, burpsuite, penetration-testing, path-traversal04-Dec-2024
Firebase URL Exploitation: Taking Over Android Databases Like a Pro!https://infosecwriteups.com/firebase-url-exploitation-taking-over-android-databases-like-a-pro-79a00844496d?source=rss------bug_bounty-5JEETPALbug-bounty, android, cybersecurirty, bug-bounty-tips, bugbountywriteup04-Dec-2024
How to Bypass Firewalls and IDS on Filtered Ports: The Ultimate Step-by-Step Guide to Advanced…https://medium.com/@shaikhminhaz1975/how-to-bypass-firewalls-and-ids-on-filtered-ports-the-ultimate-step-by-step-guide-to-advanced-9cb238d66450?source=rss------bug_bounty-5Shaikh Minhazfirewall, step-by-step-guide, cybersecurity, bug-bounty, penetration-testing04-Dec-2024
Critical RCE Vulnerability in Veeam Service Provider Console — Update Now! ️https://medium.com/@wiretor/critical-rce-vulnerability-in-veeam-service-provider-console-update-now-%EF%B8%8F-1e147e98458b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, hacking, rce, business04-Dec-2024
Critical RCE Flaw Discovered in WhatsUp Gold (CVE-2024–8785) — Update Immediately! ️https://medium.com/@wiretor/critical-rce-flaw-discovered-in-whatsup-gold-cve-2024-8785-update-immediately-%EF%B8%8F-8b6e69c183ab?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbusiness, bug-bounty, ransomware, malware, rce04-Dec-2024
Backdoor Discovered in Solana’s Web3.js npm Library: Crypto Wallets at Riskhttps://medium.com/@wiretor/backdoor-discovered-in-solanas-web3-js-npm-library-crypto-wallets-at-risk-605bcb02a292?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, solana-network, business, malware, bug-bounty04-Dec-2024
CORS Implementation & Various Headers, CORS series (Part 2)https://medium.com/@vipulparveenjain/cors-implementation-various-headers-cors-series-part-2-895a04ef481d?source=rss------bug_bounty-5Vipul Jainbug-bounty, cors-vulnerability, cross-origin-resource, web-security, hacking04-Dec-2024
Bug Bounty Methodology Checklist for Web Applications (B2B Apps)https://thexssrat.medium.com/bug-bounty-methodology-checklist-for-web-applications-b2b-apps-b876a20236d0?source=rss------bug_bounty-5Thexssratbug-bounty-tips, hacker, bug-bounty, hacks, hacking04-Dec-2024
My Experience at the 2024 FIRST & AfricaCERT Symposium: A CyberGirl’s Perspective- Part Finalhttps://medium.com/@.rai/my-experience-at-the-2024-first-africacert-symposium-a-cybergirls-perspective-part-final-b190349785b4?source=rss------bug_bounty-5Gamuchiraiforensics, osint, bug-bounty, open-source, digital-marketing04-Dec-2024
SQL injection UNION attack, finding a column containing texthttps://medium.com/@Laxious8848/sql-injection-union-attack-finding-a-column-containing-text-10a0e36cc062?source=rss------bug_bounty-5Laxioussql-injection, web-penetration-testing, union-based-sql-injection, bug-bounty, web-pen-testing04-Dec-2024
Why Penetration Testing as a Service (PTaaS) Outperforms Traditional Pentest Providershttps://medium.com/@hackrate/why-penetration-testing-as-a-service-ptaas-outperforms-traditional-pentest-providers-7b1e6b0a6d0a?source=rss------bug_bounty-5Levente Molnarcybersecurity, ethical-hacking, bug-bounty, penetration-testing03-Dec-2024
Bug Bounty Tips Series: 10 Ways To Find HTTP Host Header Injection Vulnerabilityhttps://medium.com/@alishoaib5929/bug-bounty-tips-series-10-ways-to-find-http-host-header-injection-vulnerability-1ad56c9dddd2?source=rss------bug_bounty-5Shoaib Aliweb-hacking, bug-bounty, bug-bounty-writeup, bug-bounty-tips, web-security03-Dec-2024
The Art of Blind Command Injection: Unlocking Internal Secretshttps://medium.com/@yogeshbhandage/the-art-of-blind-command-injection-unlocking-internal-secrets-917daa755463?source=rss------bug_bounty-5Yogesh Bhandagebug-bounty, bug-bounty-tips, hacking, penetration-testing, command-injection03-Dec-2024
20 Bug Bounty CrowdSourced Platformshttps://systemweakness.com/20-bug-bounty-crowdsourced-platforms-a4c486c85671?source=rss------bug_bounty-5AbhirupKonwarbug-bounty-tips, pentesting, infosec, ethical-hacking, bug-bounty03-Dec-2024
Practical Bug Bounty — TCM Academy | Other Common Vulnerabilitieshttps://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-other-common-vulnerabilities-433dc6b1b3bc?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamipenetration-testing, ethical-hacking, bug-bounty, cybersecurity, tcm-academy03-Dec-2024
Story Of 15 Vulnerabilities in one public BBP !https://medium.com/@Ahmex000/story-of-15-vulnerabilities-in-one-buplic-bbp-561e68213991?source=rss------bug_bounty-5Ahmex000bug-bounty-hunter, bug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips03-Dec-2024
Critical Bug: Deny Sign-In & Steal Sensitive Info on Behalf of Victimshttps://infosecwriteups.com/critical-bug-deny-sign-in-steal-sensitive-info-on-behalf-of-victims-cad4ced9227d?source=rss------bug_bounty-5JEETPALcybersecurity, bugbounty-tips, auth-bypass, bug-bounty, bug-bounty-writeup03-Dec-2024
Ensuring Comprehensive Ethical Hacking with Penetration Testing as a Servicehttps://medium.com/@hackrate/ensuring-comprehensive-ethical-hacking-with-penetration-testing-as-a-service-9b67734f46cd?source=rss------bug_bounty-5Levente Molnarethical-hacking, penetration-testing, bug-bounty, cybersecurity03-Dec-2024
Tricky & Simple EXIF protection Bypasshttps://saurabhsanmane.medium.com/tricky-simple-exif-protection-bypass-5d0babd908f3?source=rss------bug_bounty-5Saurabh sanmanebug-bounty, information-disclosure, vulnerability, ethical-hacking, cybersecurity03-Dec-2024
Exploring Lightning Bounties: The Intersection of Open-Source and Bitcoinhttps://medium.com/@mabramo11/exploring-lightning-bounties-the-intersection-of-open-source-and-bitcoin-8555c6403310?source=rss------bug_bounty-5Mike Abramobug-bounty, lightning-bounties, open-source, bitcoin, lightning-network03-Dec-2024
Cisco Warns of Attacks Exploiting Decade-Old ASA Vulnerabilityhttps://medium.com/@wiretor/cisco-warns-of-attacks-exploiting-decade-old-asa-vulnerability-11462bd60f7b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesprogramming, business, hacking, bug-bounty, cisco03-Dec-2024
Energy Sector Contractor ENGlobal Targeted in Ransomware Attackhttps://medium.com/@wiretor/energy-sector-contractor-englobal-targeted-in-ransomware-attack-a56112b119d3?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, energy, business, bug-bounty, malware03-Dec-2024
Docker/Kubernetes (K8s)Penetration Testing Checklisthttps://infosecwriteups.com/docker-kubernetes-k8s-penetration-testing-checklist-4d0a13c38495?source=rss------bug_bounty-5Ajay Naikpenetration-testing, bug-bounty, docker, kubernetes, cybersecurity03-Dec-2024
How to Create an Android Payload in Just 1 Minute | Ethical Hackinghttps://bjamali.medium.com/how-to-create-an-android-payload-in-just-1-minute-ethical-hacking-bc109b368909?source=rss------bug_bounty-5Babar Ali Jamalipenetration-testing, ethical-hacking, android, bug-bounty, cybersecurity03-Dec-2024
Crack the Code: Earn Up to $500K in InceptionLRT’s Bug Bounty Programhttps://medium.com/@InceptionLRT/crack-the-code-earn-up-to-500k-in-inceptionlrts-bug-bounty-program-3b5d2feb6ed6?source=rss------bug_bounty-5InceptionLRTcrypto, restaking, bug-bounty, defi, ethereum03-Dec-2024
What is Cybersecurityhttps://twanstcodes.medium.com/what-is-cybersecurity-52e71fe7dfa2?source=rss------bug_bounty-5Twana Muhammedit, programming, cybersecurity, bug-bounty03-Dec-2024
Mastering Bug Bounty Hunting with White Rabbit Neo AIhttps://medium.com/@curiouskhanna/mastering-bug-bounty-hunting-with-white-rabbit-neo-ai-452a3bc3adce?source=rss------bug_bounty-5Shubham Khannahackerone, bug-bounty, ai, security-researchers03-Dec-2024
Python — Program Security Headershttps://medium.com/@ibnu.rusdianto55/python-program-security-headers-966786261d5f?source=rss------bug_bounty-5Ibnu Rusdiantopython, bug-bounty, security-header, indonesia, keamanan-siber03-Dec-2024
How I got access to Credentials easilyhttps://medium.com/infosecmatrix/how-i-got-access-to-credentials-easily-00ced4ba15bd?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, cybersecurity, ethical-hacking, google-dork, pentest02-Dec-2024
How to Master Advanced Threat Huntinghttps://medium.com/@paritoshblogs/how-to-master-advanced-threat-hunting-bcfb9d1e159c?source=rss------bug_bounty-5Paritoshcybersecurity, threat-hunting, hacking, ai, bug-bounty02-Dec-2024
CTFLearn Series| Challenge 96 : Forensics 101 — Walkthroughhttps://medium.com/@rishikeshkhot26/ctflearn-series-challenge-96-forensics-101-walkthrough-13100d9f45fb?source=rss------bug_bounty-5Rishikesh_Khothacking, forensics, bug-bounty, capture-the-flag, cybersecurity02-Dec-2024
Some Easiest P4 Bugshttps://icecream23.medium.com/some-easiest-p4-bugs-561cd710a7e1?source=rss------bug_bounty-5Aman Bhuiyanethical-hacking, bugbounty-tips, bug-bounty, p4-bugs, bug-hunter02-Dec-2024
All UPI IDs in India have Predictable Patterns that allow the disclosure of mail IDs!https://infosecwriteups.com/all-upi-ids-in-india-have-predictable-patterns-that-allow-the-disclosure-of-mail-ids-eede37a35758?source=rss------bug_bounty-5JEETPALupi, cybersecurity, bugbounty-tips, bug-bounty, bug-bounty-writeup02-Dec-2024
Command Injection: Mastering Exploitation Techniques with a Comprehensive Cheatsheethttps://medium.com/@verylazytech/command-injection-mastering-exploitation-techniques-with-a-comprehensive-cheatsheet-6f549fee46b8?source=rss------bug_bounty-5Very Lazy Techethical-hacking, command-injection, cybersecurity, bug-bounty, oscp02-Dec-2024
$3 Billion Crypto Exchange XT Allegedly Hackedhttps://medium.com/@wiretor/3-billion-crypto-exchange-xt-allegedly-hacked-c560c9572168?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicescrypto, xt, malware, bug-bounty, ransomeware02-Dec-2024
Hackers Steal $17 Million from Uganda’s Central Bankhttps://medium.com/@wiretor/hackers-steal-17-million-from-ugandas-central-bank-533dcbabbeff?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacked, ransomeware, bug-bounty, bank-hacked, malware02-Dec-2024
Small Bugs, Big Bounties: A Hacker’s Guide to Quick Winshttps://myselfakash20.medium.com/small-bugs-big-bounties-a-hackers-guide-to-quick-wins-46a75dbc3573?source=rss------bug_bounty-5Akash Ghoshprogramming, technology, bug-bounty, bug-bounty-tips, cybersecurity02-Dec-2024
Critical Vulnerability Discovered in Zabbix Network Monitoring Toolhttps://medium.com/@wiretor/critical-vulnerability-discovered-in-zabbix-network-monitoring-tool-df358293a1a9?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomeware, malware, bug-bounty, zabbix, hacking02-Dec-2024
From File Upload To LFI: A Journey To Exploitationhttps://medium.com/@red.whisperer/from-file-upload-to-lfi-a-journey-to-exploitation-02ab5e1a7d0a?source=rss------bug_bounty-5Chuxbug-bounty, cybersecurity, hacking, ethical-hacking, infosec02-Dec-2024
Small Bugs, Big Bounties: A Hacker’s Guide to Quick Winshttps://infosecwriteups.com/small-bugs-big-bounties-a-hackers-guide-to-quick-wins-46a75dbc3573?source=rss------bug_bounty-5Akash Ghoshprogramming, hacking, technology, bug-bounty, cybersecurity02-Dec-2024
Unpacking an IDOR-Based Exploit in International Shipping (70 Million+ PII Data Breach)https://medium.com/@susapr/unpacking-an-idor-based-exploit-in-international-shipping-70-million-pii-data-breach-8c29cf33347d?source=rss------bug_bounty-5susaprbug-bounty-writeup, cybersecurity, data-breach, information-technology, bug-bounty02-Dec-2024
How I got my first Hall of Fame - Bug Bountyhttps://medium.com/@pranavrp77/how-i-got-my-first-hall-of-fame-bug-bounty-d296637e37dd?source=rss------bug_bounty-5Pranav Patilbug-bounty, hacking, bug-bounty-writeup, bug-bounty-tips, cybersecurity02-Dec-2024
Command Injection: Mastering Exploitation Techniques with a Comprehensive Cheatsheethttps://systemweakness.com/command-injection-mastering-exploitation-techniques-with-a-comprehensive-cheatsheet-6f549fee46b8?source=rss------bug_bounty-5Very Lazy Techethical-hacking, command-injection, cybersecurity, bug-bounty, oscp02-Dec-2024
Understanding the Scope: Navigating Website Pentesting and Bug Bounty Targetshttps://medium.com/@zero_4583/understanding-the-scope-navigating-website-pentesting-and-bug-bounty-targets-a6ab701df932?source=rss------bug_bounty-5Nathan Vincentappsec, bug-bounty, pentesting, scopes01-Dec-2024
Critical Account Takeover (MFA + Auth Bypass) due to Cookie Misconfigurationhttps://medium.com/@sharp488/critical-account-takeover-mfa-auth-bypass-due-to-cookie-misconfiguration-3ca7d1672f9d?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbug-bounty, hackerone, information-security, bug-bounty-writeup, bug-bounty-tips01-Dec-2024
Week 4: A Drive to Recharge and Reconnecthttps://mokhansec.medium.com/week-4-a-drive-to-recharge-and-reconnect-4d0f8b7258d0?source=rss------bug_bounty-5Mohsin khanbug-bounty-writeup, bug-bounty-tips, bugs, cybersecurity, bug-bounty01-Dec-2024
From Minor Bug to Major DoS: My Journey with Web Cache Poisoninghttps://crunkcode.medium.com/from-minor-bug-to-major-dos-my-journey-with-web-cache-poisoning-4b721e5358f4?source=rss------bug_bounty-5Ayushkrweb-exploitation, web-cache-poisoning, bug-bounty, pentesting01-Dec-2024
Exploiting Facebook Ads: $2100 Bug Bounty for Role Management DoShttps://infosecwriteups.com/exploiting-facebook-ads-2100-bug-bounty-for-role-management-dos-afe09c1ecbb0?source=rss------bug_bounty-5Kiril Krivoguzfacebook, cybersecurity, hacking, information-security, bug-bounty01-Dec-2024
Smart Contract Funds Lost Due to Missing Address Validation: $80M in Danger!https://medium.com/@jeetpal2007/smart-contract-funds-lost-due-to-missing-address-validation-80m-in-danger-a4ec7d823a3f?source=rss------bug_bounty-5JEETPALsmartcontract-audit, cybsersecurity, zeroaddress, web3, bug-bounty01-Dec-2024
How I Discovered an API Security Issue: My First Bug Bounty Bloghttps://hackersatty.medium.com/how-i-discovered-an-api-security-issue-my-first-bug-bounty-blog-7deec48453ff?source=rss------bug_bounty-5hackersattybug-bounty, hackersatty, bug-bounty-writeup, swagger-ui, api-security01-Dec-2024
Hack IOT devices to earn $100–$200 in an hour.https://medium.com/@anandrishav2228/hack-iot-devices-to-earn-100-200-in-an-hour-f211a54e87f3?source=rss------bug_bounty-5Rishav anandcybersecurity, penetration-testing, money, bug-bounty, iot01-Dec-2024
Ketika Validasi MIME Type Tak Cukup: Perbaikan Aman untuk Upload Filehttps://medium.com/@ferizco/ketika-validasi-mime-type-tak-cukup-perbaikan-aman-untuk-upload-file-4df4ac6ec0ff?source=rss------bug_bounty-5Ferizcobug-bounty, security, cybersecurity, web-development, php01-Dec-2024
Firmware Penetration Testing Checklisthttps://infosecwriteups.com/firmware-penetration-testing-checklist-9d5e70388371?source=rss------bug_bounty-5Ajay Naikpenetration-testing, security, information-technology, bug-bounty, cybersecurity01-Dec-2024
Basics of SQL Injectionhttps://medium.com/@mayank_prajapati/basics-of-sql-injection-88ab0e57588b?source=rss------bug_bounty-5Mayank Kumar Prajapatipenetration-testing, vulnerability, hacking, bug-bounty-tips, bug-bounty01-Dec-2024
Why I Failed This November: A Clown’s Reflection on Failurehttps://jackhavoltrey.medium.com/why-i-failed-this-november-a-clowns-reflection-on-failure-3223fec4451e?source=rss------bug_bounty-5Jack Havoltreybug-bounty-tips, bug-bounty01-Dec-2024
Execution of a clickjacking attack on Gemini (Google’s AI-powered assistant) - which I recently…https://systemweakness.com/execution-of-a-clickjacking-attack-on-gemini-googles-ai-powered-assistant-which-i-recently-45e60a98316a?source=rss------bug_bounty-5NIKHIL KUMAR GANDLApenetration-testing, cybersecurity, bug-bounty, application-security, information-security01-Dec-2024
From Minor Bug to Major DoS: My Journey with Web Cache Poisoninghttps://ayushkr12.medium.com/from-minor-bug-to-major-dos-my-journey-with-web-cache-poisoning-4b721e5358f4?source=rss------bug_bounty-5Ayushkrweb-exploitation, web-cache-poisoning, bug-bounty, pentesting01-Dec-2024
Russia Arrests Cybercriminal Wazawaka Tied to Ransomware Gangshttps://medium.com/@wiretor/russia-arrests-cybercriminal-wazawaka-tied-to-ransomware-gangs-9354c557f1d5?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, hacking, wazawaka, malware, bug-bounty01-Dec-2024
SpyLoan Android Malware Installed Over 8 Million Times on Google Play!https://medium.com/@wiretor/spyloan-android-malware-installed-over-8-million-times-on-google-play-d0331b3c762e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, hacking, ransomeware, bug-bounty, spyloan01-Dec-2024
picoCTF Web Exploitation: Unminifyhttps://medium.com/@Kamal_S/picoctf-web-exploitation-unminify-6dd45341b7f5?source=rss------bug_bounty-5Kamal Sowasp, unminify, ctf, bug-bounty, picoctf01-Dec-2024
Exploring Alternatives to Cobalt: Why Hackrate Stands Outhttps://medium.com/@hackrate/exploring-alternatives-to-cobalt-why-hackrate-stands-out-67473c1e74e6?source=rss------bug_bounty-5Levente Molnarcybersecurity, bug-bounty, ethical-hacking, penetration-testing01-Dec-2024
Web Shell Upload via Extension Blacklist Bypass — File Upload Vulnerabilityhttps://medium.com/@rcxsecurity/web-shell-upload-via-extension-blacklist-bypass-file-upload-vulnerability-f98ee877aff1?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafécybersecurity, hacking, information-security, bug-bounty, pentesting01-Dec-2024
The Ultimate Guide to Top Pentest-as-a-Service Providers in 2024https://medium.com/@hackrate/the-ultimate-guide-to-top-pentest-as-a-service-providers-in-2024-f03b0408b0a5?source=rss------bug_bounty-5Levente Molnarethical-hacking, cybersecurity, penetration-testing, bug-bounty, hacking01-Dec-2024
SQL injection UNION attack, determining the number of columns returned by the queryhttps://medium.com/@Laxious8848/sql-injection-union-attack-determining-the-number-of-columns-returned-by-the-query-4792d89ad93f?source=rss------bug_bounty-5Laxioussql-injection, web-pen-testing, web-penetration-testing, bug-bounty, union-based-sql-injection01-Dec-2024
Out of Scope, Out of Mind? Thehttps://medium.com/@talatumsolutions/out-of-scope-out-of-mind-the-0e5f558c43ba?source=rss------bug_bounty-5Talatum-solutionstalatum, hacking, cyber-security-solutions, pentesting, bug-bounty30-Nov-2024
Turn Cybersecurity Tricks Into Cash: Here’s How You Can Start Todayhttps://medium.com/@divyesh.jagad/turn-cybersecurity-tricks-into-cash-heres-how-you-can-start-today-9ccfff1ee0f4?source=rss------bug_bounty-5Divyesh Jagadtrending, bug-bounty, freelancing, infosec, remote-working30-Nov-2024
Privilege Escalation via Role Persistence Vulnerabilityhttps://medium.com/@aalgohary950/privilege-escalation-via-role-persistence-vulnerability-0c22a002d6ff?source=rss------bug_bounty-5C1pher_1hacking, penetration-testing, bug-bounty, access-control, privilege-escalation30-Nov-2024
Discovery of Xss / Html Injection by analyzing target source codehttps://medium.com/@gheeX/discovery-of-xss-html-injection-by-analyzing-target-source-code-0bc7a96c3ca4?source=rss------bug_bounty-5Ghee1337vulnerability, bug-bounty-writeup, bug-bounty-tips, xss-attack, bug-bounty30-Nov-2024
Delete Account Functionality Helped Me Earn $250https://vijetareigns.medium.com/delete-account-functionality-helped-me-earn-250-21baa23c4034?source=rss------bug_bounty-5the_unlucky_guybug-bounty-tips, bug-bounty, bug-bounty-writeup, application-security, cybersecurity30-Nov-2024
Marianas Web — The Danger Part of the Internet!https://medium.com/@TahirAyoub/marianas-web-the-danger-part-of-the-internet-be69e3118e3d?source=rss------bug_bounty-5Tahir Ayoubcybersecurity, darkweb, bug-bounty, deep-web, hacking30-Nov-2024
A massive security breach at Andrew Tate’s platform The Real World has exposed the personal…https://medium.com/@wiretor/a-massive-security-breach-at-andrew-tates-platform-the-real-world-has-exposed-the-personal-576892ffca1c?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, malware, expose, andrew-tate30-Nov-2024
5 Side Hustles For Ethical Hackershttps://medium.com/@red.whisperer/5-side-hustles-for-ethical-hackers-8f3e0ca983ed?source=rss------bug_bounty-5Chuxethical-hacking, cybersecurity, hacking, bug-bounty, side-hustle30-Nov-2024
The Ultimate Guide to Top Ethical Hacking Platforms in 2024https://medium.com/@hackrate/the-ultimate-guide-to-top-ethical-hacking-platforms-in-2024-adcfc808caea?source=rss------bug_bounty-5Hackratebug-bounty, cybersecurity, ethical-hacking, penetration-testing30-Nov-2024
⚠️ Microsoft Hacking Warning 450 Million Windows Users Must Now Act! ️https://medium.com/@wiretor/%EF%B8%8F-microsoft-hacking-warning-450-million-windows-users-must-now-act-%EF%B8%8F-a7be6255a338?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, windows, ransomeware, breached, bug-bounty30-Nov-2024
Russian Script Kiddie Builds Massive DDoS Botnethttps://medium.com/@wiretor/russian-script-kiddie-builds-massive-ddos-botnet-bac1b6c57e9f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, programming, hacking, russian30-Nov-2024
P4 bug’s and their POC steps | Part 8https://osintteam.blog/p4-bugs-and-their-poc-steps-part-8-910ee6ba5710?source=rss------bug_bounty-5socalledhackercybersecurity, infosec, bug-bounty, hacking, bug-bounty-tips30-Nov-2024
X(twitter) & my first real bughttps://medium.com/@elkhawaga1900/x-twitter-my-first-real-bug-7c7d26bef48f?source=rss------bug_bounty-5sponge2003bug-bounty, duplicate30-Nov-2024
The Ultimate Guide to Top Ethical Hacking Platforms in 2024https://medium.com/@hackrate/the-ultimate-guide-to-top-ethical-hacking-platforms-in-2024-adcfc808caea?source=rss------bug_bounty-5Levente Molnarbug-bounty, cybersecurity, ethical-hacking, penetration-testing30-Nov-2024
The Ultimate Guide to Top Bug Bounty Platforms in 2024https://medium.com/@hackrate/the-ultimate-guide-to-top-bug-bounty-platforms-in-2024-08f53b117063?source=rss------bug_bounty-5Hackrateethical-hacking, cybersecurity, penetration-testing, bug-bounty29-Nov-2024
The Ultimate Guide to Top Bug Bounty Platforms in 2024: Why Hackrate Stands Outhttps://medium.com/@hackrate/the-ultimate-guide-to-top-bug-bounty-platforms-in-2024-why-hackrate-stands-out-d402c86c407b?source=rss------bug_bounty-5Hackratepenetration-testing, bug-bounty, ethical-hacking, cybersecurity29-Nov-2024
Exploring Alternatives to HackerOne: Why Hackrate Stands Outhttps://medium.com/@hackrate/exploring-alternatives-to-hackerone-why-hackrate-stands-out-894092aec0aa?source=rss------bug_bounty-5Hackrateethical-hacking, penetration-testing, cybersecurity, bug-bounty, hacking29-Nov-2024
How To Become Up-To-Date Hacker? 8 Gold Points To Stay Informed During Lifetime-Hacking Storyhttps://osintteam.blog/how-to-become-up-to-date-hacker-8-gold-points-to-stay-informed-during-lifetime-hacking-story-2e95f33c5d6f?source=rss------bug_bounty-5NnFacebug-bounty, cybersecurity, kali-linux, hacking, technology29-Nov-2024
Advanced Google Dorking | Part7https://systemweakness.com/advanced-google-dorking-part7-a8df43d00743?source=rss------bug_bounty-5AbhirupKonwarinfosec, pentesting, ethical-hacking, cybersecurity, bug-bounty29-Nov-2024
Email Verification Bypass Vulnerability: A Critical Flaw Exploitedhttps://medium.com/@muralidharan1530/email-verification-bypass-vulnerability-a-critical-flaw-exploited-1d7a316b2514?source=rss------bug_bounty-5Murali Dharanbounties, bug-bounty-writeup, bug-bounty, bugs, bug-bounty-tips29-Nov-2024
POC — CVE-2024–21534 Jsonpath-plus vulnerable to Remote Code Execution (RCE) due to improper input…https://medium.com/@verylazytech/poc-cve-2024-21534-jsonpath-plus-vulnerable-to-remote-code-execution-rce-due-to-improper-input-a466ae69aa92?source=rss------bug_bounty-5Very Lazy Techcybersecurity, cve, exploit, cve-2024-21534, bug-bounty29-Nov-2024
hackthebox-Administrator-walkthroughhttps://medium.com/@ryuzakiryuga31/hackthebox-administrator-walkthrough-217d01374d00?source=rss------bug_bounty-5R09shbug-bounty, hackthebox, network-security, network-penetration-test, system-administration29-Nov-2024
Google Dorking Made Simpler with GFUhttps://medium.com/@sheryx00/google-dorking-made-simpler-with-gfu-20c67c5c8fc4?source=rss------bug_bounty-5Sheryx00google-dork, open-source, bug-bounty, pentesting, bug-bounty-tips29-Nov-2024
Authentication Bypass Vulnerability 🙂https://aman0.medium.com/authentication-bypass-vulnerability-a7b8fff3361f?source=rss------bug_bounty-5Aman Hauthentication-bypass, vulnerability, penetration-testing, bug-bounty-tips, bug-bounty29-Nov-2024
Exploring Alternatives to Bugcrowd: Why Hackrate Stands Outhttps://medium.com/@hackrate/exploring-alternatives-to-bugcrowd-why-hackrate-stands-out-8d54235f62d1?source=rss------bug_bounty-5Hackratebug-bounty, cybersecurity, penetration-testing, ethical-hacking29-Nov-2024
The Ultimate Bug Bounty Roadmap Zero to Prohttps://medium.com/@adinesh02/the-ultimate-bug-bounty-roadmap-zero-to-pro-56440ac4cef2?source=rss------bug_bounty-5DINESH Atechnology, tech, bug-bounty, hacking, cybersecurity29-Nov-2024
Phishing-as-a-Service (PhaaS): “Rockstar 2FA” Targets Microsoft 365 with AiTM Attackshttps://medium.com/@wiretor/phishing-as-a-service-phaas-rockstar-2fa-targets-microsoft-365-with-aitm-attacks-572617422ea5?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, xs, phaa, american-dream, hacking29-Nov-2024
Critical Flaw in ProjectSend Under Active Exploitation — Protect Your Servers!https://medium.com/@wiretor/critical-flaw-in-projectsend-under-active-exploitation-protect-your-servers-c0903ab96a68?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesxs, malware, bug-bounty, hacking, pentest29-Nov-2024
Unmasking Open Redirect Vulnerabilities: A Real-World Discoveryhttps://medium.com/@360Security/unmasking-open-redirect-vulnerabilities-a-real-world-discovery-348081e5d03e?source=rss------bug_bounty-5Anand Patelpenetration-testing, vapt, bug-bounty, web-security, cybersecurity29-Nov-2024
Hacking AI — Understanding LLM Attacks and Prompt Injectionshttps://medium.com/@anmol.sh/hacking-ai-understanding-llm-attacks-and-prompt-injections-9354f26a8353?source=rss------bug_bounty-5Anmol Shahai, hacking, penetration-testing, artificial-intelligence, bug-bounty29-Nov-2024
Website’s for fake mobile numbers and sms services.https://osintteam.blog/websites-for-fake-mobile-numbers-and-sms-services-9057442ef82b?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, bug-bounty-tips, tips, hacking28-Nov-2024
30 Best Hacking Promptshttps://medium.com/@TahirAyoub/30-best-hacking-prompts-0c10ee61edf4?source=rss------bug_bounty-5Tahir Ayoubbug-bounty, hacking, chatgpt, cybersecurity, ai28-Nov-2024
The More Confident You Are About Your Testing, The Bigger the Bug You Missedhttps://manishsaini74.medium.com/the-more-confident-you-are-about-your-testing-the-bigger-the-bug-you-missed-189fe169c005?source=rss------bug_bounty-5Manish Sainibug-bounty, test-automation, software-engineering, software-testing, quality-assurance28-Nov-2024
8 Shocking Ways to Protect Your Identity Onlinehttps://medium.com/@paritoshblogs/8-shocking-ways-to-protect-your-identity-online-fe13ad3b92e1?source=rss------bug_bounty-5Paritoshai, identity, hacking, cybersecurity, bug-bounty28-Nov-2024
Finding Low-Hanging Bugs: A Practical Guide with Commandshttps://medium.com/@ayansheikh45689/finding-low-hanging-bugs-a-practical-guide-with-commands-d6fb9159857d?source=rss------bug_bounty-5Ayanpenetration-testing, bug-finding, bug-bounty, ethical-hacking, cybersecurity28-Nov-2024
Finding more subdomains.(part 2)https://infosecwriteups.com/finding-more-subdomains-part-2-1850ead4dd92?source=rss------bug_bounty-5loyalonlytodaybug-bounty, penetration-testing, reconnaissance, cybersecurity, hacking28-Nov-2024
JWTs: A Comedy of Errors and Exploitshttps://jackhavoltrey.medium.com/jwts-a-comedy-of-errors-and-exploits-81d1fb25d24d?source=rss------bug_bounty-5Jack Havoltreybug-bounty, authentication, bug-bounty-tips, jwt, web-development28-Nov-2024
Bug Bounty Chronicles: Exploiting the PUT Method for Remote Code Execution (RCE)https://medium.com/@pawarpushpak36/bug-bounty-chronicles-exploiting-the-put-method-for-remote-code-execution-rce-c2782bea61da?source=rss------bug_bounty-5Pawarpushpakbug-zero, remote-code-execution, bug-bounty-tips, bug-bounty, infosec28-Nov-2024
The Art of Account Take Over #1: Chaining XSS and non-HttpOnly Session Cookiehttps://xdead4f.medium.com/the-art-of-account-take-over-1-chaining-xss-and-non-httponly-session-cookie-8e474bc83e5c?source=rss------bug_bounty-50xdead4fxs, penetration-testing, bug-bounty, cybersecurity28-Nov-2024
How to find Access control vulnerabilities useful Tips PART (1)☢https://medium.com/@mahmodziad40/how-to-find-access-control-vulnerabilities-useful-tips-part-1-56ca1a9c60ce?source=rss------bug_bounty-5httpzuzportswigger, penetration-testing, access-control, bug-bounty-tips, bug-bounty28-Nov-2024
UK Hospital Network Hit by Cyberattack, Procedures Postponedhttps://medium.com/@wiretor/uk-hospital-network-hit-by-cyberattack-procedures-postponed-3b9622eec715?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, malware, cyberattack, uk-hospital-attack, bug-bounty28-Nov-2024
T-Mobile Detects Network Intrusion Attempts from Wireline Providerhttps://medium.com/@wiretor/t-mobile-detects-network-intrusion-attempts-from-wireline-provider-ee7fab1a7eac?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, xs, t-mobile, hacking28-Nov-2024
Malicious npm Library @0xengine/xmlrpc Steals Data and Mines Cryptocurrencyhttps://medium.com/@wiretor/malicious-npm-library-0xengine-xmlrpc-steals-data-and-mines-cryptocurrency-50171f172ef7?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, xs, bug-bounty, malware, ransomeware28-Nov-2024
Exploiting CSRF and OTP Reuse: How Weak Token Management Enables Password Reset Attacks, Leading…https://medium.com/@iPsalmy/exploiting-csrf-and-otp-reuse-how-weak-token-management-enables-password-reset-attacks-leading-to-c2f6b914f398?source=rss------bug_bounty-5iPsalmybug-bounty, infosec, web-application-security, api-security, cybersecurity28-Nov-2024
#HappyThanksgiving from Wire Tor!https://medium.com/@wiretor/happythanksgiving-from-wire-tor-5a655498f35f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, happy-thanksgiving, happy-thanksgiving-day, malware28-Nov-2024
Private IP Disclosure in Bug Bounty Programs: Understanding the Risk and Rewardhttps://medium.com/@shamzen96/private-ip-disclosure-in-bug-bounty-programs-understanding-the-risk-and-reward-6441aa866db0?source=rss------bug_bounty-5Shivam Rajbug-bounty, bug-bounty-tips27-Nov-2024
The P2 Bug You Could Miss Without Reading the Documentationhttps://mokhansec.medium.com/the-p2-bug-you-could-miss-without-reading-the-documentation-b0eacc3b7587?source=rss------bug_bounty-5Mohsin khancybersecurity, bugs, bug-bounty-tips, bug-bounty-writeup, bug-bounty27-Nov-2024
Easy Way To Root Your Virtual Device 🙂https://aman0.medium.com/easy-way-to-root-your-virtual-device-9d1a2aa99ea1?source=rss------bug_bounty-5Aman Hpenetration-testing, mobile-app-development, root-android-phone, bug-bounty, app-security-testing27-Nov-2024
Install MassDNS in Linuxhttps://medium.com/@mohamdaminporsalari/install-massdns-in-linux-4a5937829972?source=rss------bug_bounty-5MaMadbug-bounty, dns, massdns, pentesting, bug-bounty-tool27-Nov-2024
How I Turned NASA’s Search Bar into a Phishing Gatewayhttps://systemweakness.com/how-i-turned-nasas-search-bar-into-a-phishing-gateway-697de30859b0?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, cybersecurity, technology, bug-bounty, programming27-Nov-2024
0-Click ATO: How I Can Take Over Every Account on the Websitehttps://medium.com/@aesmail034/0-click-ato-how-i-can-take-over-every-account-on-the-website-9a69c9afb57c?source=rss------bug_bounty-5Ahmed Esmailhackerone, bug-bounty, cybersecurity, account-takeover27-Nov-2024
Race Condition Exploit Enables Free Plan Users to Access Premium Featureshttps://medium.com/@rawansa3ed2002/race-condition-exploit-enables-free-plan-users-to-access-premium-features-9619d0fa0a53?source=rss------bug_bounty-5Rawansaedbug-bounty, race-condition, hackerone, penetration-testing, cybersecurity27-Nov-2024
System Hacking Techniquehttps://medium.com/@TahirAyoub/system-hacking-technique-ac376bd3f0ef?source=rss------bug_bounty-5Tahir Ayoubbug-bounty, hacking-tools, cybersecurity, hacking, computer-security27-Nov-2024
Install MassDNS in Linuxhttps://medium.com/@MaMad4Ever/install-massdns-in-linux-4a5937829972?source=rss------bug_bounty-5MaMadbug-bounty, dns, massdns, pentesting, bug-bounty-tool27-Nov-2024
Introducing JSNinja: Your Ultimate JavaScript Bug Hunting Companion ️‍♂️https://medium.com/@vikas0vks/introducing-jsninja-your-ultimate-javascript-bug-hunting-companion-%EF%B8%8F-%EF%B8%8F-bee1fcc4bd75?source=rss------bug_bounty-5Vikasinformation-security, bug-bounty-tips, bug-bounty27-Nov-2024
SMB Enumeration and Exploitation: Master Ports 139 and 445 for Penetration Testinghttps://medium.com/@verylazytech/smb-enumeration-and-exploitation-master-ports-139-and-445-for-penetration-testing-ddca90a384c5?source=rss------bug_bounty-5Very Lazy Techbug-bounty, oscp, smb, hacking, cybersecurity27-Nov-2024
Understanding Ethical Hacking: The Key to Cybersecurityhttps://medium.com/@harshkatiyar5556/understanding-ethical-hacking-the-key-to-cybersecurity-454c6671c5f9?source=rss------bug_bounty-5Harsh Katiyarweb3, mind-hacking-techniques, ethical-hacking, cybersecurity, bug-bounty27-Nov-2024
How to Find DNS Rebinding Vulnerabilities in Bug Bounty Huntinghttps://dineshpathro9.medium.com/how-to-find-dns-rebinding-vulnerabilities-in-bug-bounty-hunting-3323da71f5ee?source=rss------bug_bounty-5Hunterbugs, bug-bounty-tips, bug-bounty, bug-zero27-Nov-2024
0-Click ATO: How I Can Take Over Every Account on the Websitehttps://som3a.medium.com/0-click-ato-how-i-can-take-over-every-account-on-the-website-9a69c9afb57c?source=rss------bug_bounty-5Ahmed Esmailhackerone, bug-bounty, cybersecurity, account-takeover27-Nov-2024
IDOR Allows an Admin to Add SuperAdmin (Which is not allowed)https://medium.com/@mrro0o0tt/idor-allows-an-admin-to-add-superadmin-which-is-not-allowed-239fcc82ff69?source=rss------bug_bounty-5Whoamiidor-vulnerability, bug-bounty, broken-access-control, business-logic-bug, bug-bounty-tips27-Nov-2024
Researchers Unveil “Bootkitty” — The First UEFI Bootkit Targeting Linux Kernels!https://medium.com/@wiretor/researchers-unveil-bootkitty-the-first-uefi-bootkit-targeting-linux-kernels-30ff7b7c6819?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceszero-day, cve, bug-bounty, malware, bootkitty27-Nov-2024
Interpol Arrests 1,000+ in Massive ‘Operation Serengeti’ Anti-Cybercrime Crackdownhttps://medium.com/@wiretor/interpol-arrests-1-000-in-massive-operation-serengeti-anti-cybercrime-crackdown-45ffa24e6f4a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, xss-attack, interpol, hacking, bug-bounty27-Nov-2024
New NachoVPN Attack: Rogue VPN Servers Installing Malicious Updates ️https://medium.com/@wiretor/new-nachovpn-attack-rogue-vpn-servers-installing-malicious-updates-%EF%B8%8F-262c85645850?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, vpn, malware, bug-bounty, programming27-Nov-2024
JS Review and Abuse GraphQL Result 10xBAC + Admin Panel ATOhttps://medium.com/@0xbugatti/js-review-and-abuse-graphql-result-10xbac-admin-panel-ato-0f013fe471ea?source=rss------bug_bounty-50xbugattiowasp-top-10, bug-bounty, bugbounty-writeup, web-app-security, bugbounty-tips27-Nov-2024
How I abled to get users/admins PII Disclosurehttps://medium.com/@a7madhacck/how-i-abled-to-get-users-admins-pii-disclosure-6c02fef82c11?source=rss------bug_bounty-5Ahmad Yusseftechnology, hackerone, bug-bounty-writeup, cybersecurity, bug-bounty27-Nov-2024
Automating the Setup of a Bug Bounty Toolkithttps://dineshpathro9.medium.com/automating-the-setup-of-a-bug-bounty-toolkit-05b3e589eb84?source=rss------bug_bounty-5hunterbug-bounty, bug-bounty-tips, bugs, hacking26-Nov-2024
VOIP Penetration Testing Checklisthttps://infosecwriteups.com/voip-penetration-testing-checklist-890bb4e09bac?source=rss------bug_bounty-5Ajay Naiksecurity, information-technology, penetration-testing, cybersecurity, bug-bounty26-Nov-2024
Find Website Vulnerabilities with One Hacking Toolhttps://medium.com/@TahirAyoub/find-website-vulnerabilities-with-one-hacking-tool-0008a908c6fd?source=rss------bug_bounty-5Tahir Ayoubcybersecurity, bug-bounty-tips, bug-bounty, hacking, tools26-Nov-2024
Bugbounty Hunting: The First Step After Finding Your Targethttps://dineshpathro9.medium.com/bugbounty-hunting-the-first-step-after-finding-your-target-998267eeeb28?source=rss------bug_bounty-5Hunterbug-bounty-tips, bug-bounty, bug-zero, bugs26-Nov-2024
Challenges and Pitfalls of Automating Bug Bounty Submissions with AIhttps://pointlessai.medium.com/challenges-and-pitfalls-of-automating-bug-bounty-submissions-with-ai-adb06ab0d2c6?source=rss------bug_bounty-5PointlessAI Mediumai, bug-bounty, cybersecurity, chatgpt, vulnerability-management26-Nov-2024
IBM Fixes RCE Vulnerabilities in Data Virtualization Manager and Security SOARhttps://medium.com/@wiretor/ibm-fixes-rce-vulnerabilities-in-data-virtualization-manager-and-security-soar-dfbc178710f5?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, rce, bug-bounty, malware, ibm26-Nov-2024
Firefox and Windows Zero-Days Exploited by Russian RomCom Hackers: A Cybersecurity Wake-Up Call!https://medium.com/@wiretor/firefox-and-windows-zero-days-exploited-by-russian-romcom-hackers-a-cybersecurity-wake-up-call-a8029dacd27b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, malware, windows-hacking, bug-bounty, firefox-hacked26-Nov-2024
Critical Vulnerabilities Discovered in Popular Anti-Spam Plugin for WordPress ️https://medium.com/@wiretor/critical-vulnerabilities-discovered-in-popular-anti-spam-plugin-for-wordpress-%EF%B8%8F-353b3a727d7e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacked, malware, wordpress, ransomware, bug-bounty26-Nov-2024
Find Website Vulnerabilities with One Hacking Toolhttps://blog.cubed.run/find-website-vulnerabilities-with-one-hacking-tool-0008a908c6fd?source=rss------bug_bounty-5Tahir Ayoubcybersecurity, bug-bounty-tips, bug-bounty, hacking, tools26-Nov-2024
How I Hacked NASAhttps://vikram1337.medium.com/how-i-hacked-nasa-74f4ada6e90c?source=rss------bug_bounty-5Vikramwriteup, pentesting, bug-bounty, nasa26-Nov-2024
race condition on BBPhttps://medium.com/@mohanad9837/race-condition-on-bbp-7294e8582ade?source=rss------bug_bounty-5mohanedbug-bounty, race-condition25-Nov-2024
Why Subdomain Enumeration ?https://ahmed-rezk.medium.com/why-subdomain-enumeration-3e4570dd9aba?source=rss------bug_bounty-5Ahmed Rezkcybersecurity, red-teaming, bug-bounty-tips, pentesting, bug-bounty25-Nov-2024
Privilege Escalation in Collaborative Platforms — BugBountyhttps://medium.com/@Zero-Ray/privilege-escalation-in-collaborative-platforms-bugbounty-e1e240384b43?source=rss------bug_bounty-5Mahmoud Fawzyprivilege-escalation, bug-bounty, bug-bounty-hunter, bugcrowd, bug-bounty-writeup25-Nov-2024
HOW I FOUND MY FIRST XSS BUGhttps://medium.com/@Zeroo_sec/how-i-found-my-first-xss-bug-553225548d29?source=rss------bug_bounty-5Ranjanethical-hacking, hacking, bug-bounty, bug-bounty-tips25-Nov-2024
Google Dorks for Bug Bounty: The Ultimate Guidehttps://medium.com/@verylazytech/google-dorks-for-bug-bounty-the-ultimate-guide-e7611b533aee?source=rss------bug_bounty-5Very Lazy Techethical-hacking, google-dork, google-hacking, penetration-testing, bug-bounty25-Nov-2024
Google dorking the right way.https://osintteam.blog/google-dorking-the-right-way-27b0eeb31212?source=rss------bug_bounty-5an0nbilbug-bounty-tips, bug-bounty, programming, ethical-hacking, cybersecurity25-Nov-2024
Microlise Data Breach Confirmed: SafePay Ransomware Group Claims Responsibility ️https://medium.com/@wiretor/microlise-data-breach-confirmed-safepay-ransomware-group-claims-responsibility-%EF%B8%8F-035e36e25afc?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesusa, ransomeware, bug-bounty, malware, xs25-Nov-2024
Bangkok Busts High-Tech SMS Scam Operationhttps://medium.com/@wiretor/bangkok-busts-high-tech-sms-scam-operation-e13909a2625f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, bug-bounty, hacking, malware, xxe25-Nov-2024
Finastra Data Breach: What Financial Institutions Need to Know ️https://medium.com/@wiretor/finastra-data-breach-what-financial-institutions-need-to-know-%EF%B8%8F-df9e960c90c7?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, pentest, hacking, xs25-Nov-2024
SSRF To Internal Data Access Via PDF Print Featurehttps://bishal0x01.medium.com/ssrf-to-internal-data-access-via-pdf-print-feature-b8e6a912844a?source=rss------bug_bounty-5Bishal Shresthassrf, bug-bounty, information-security25-Nov-2024
Bug Bounty Tips and Trickshttps://bevijaygupta.medium.com/bug-bounty-tips-and-tricks-7b25317c8e7e?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bug-zero, bug-bounty-writeup, bugs, bug-bounty25-Nov-2024
Google Dorks for Bug Bounty: The Ultimate Guidehttps://systemweakness.com/google-dorks-for-bug-bounty-the-ultimate-guide-e7611b533aee?source=rss------bug_bounty-5Very Lazy Techethical-hacking, google-dork, google-hacking, penetration-testing, bug-bounty25-Nov-2024
here is how I got my first bounty $$$https://medium.com/@mohanad9837/here-is-how-i-got-my-first-bounty-78c18da7feeb?source=rss------bug_bounty-5mohanedxss-vulnerability, xss-bypass, bug-bounty, xss-attack25-Nov-2024
GitTrash: Digging Deep into Git Repositories for Hidden Treasureshttps://medium.com/@sheryx00/gittrash-digging-deep-into-git-repositories-for-hidden-treasures-dfa6b3ff9251?source=rss------bug_bounty-5Sheryx00pentesting, bug-bounty, open-source, git24-Nov-2024
SSRF(Server-Side Request Forgery)https://medium.com/@mukkagopi50/ssrf-server-side-request-forgery-50329b7e39fb?source=rss------bug_bounty-5Gopi Mukkavapt, ssrf, ssrf-attack, vulnerability-assessment, bug-bounty24-Nov-2024
Mastering Web Application Pentesting Part — IIhttps://infosecwriteups.com/mastering-web-application-pentesting-part-ii-f02898bf48e3?source=rss------bug_bounty-5Mukilan Baskaranweb-security, infosec, bug-bounty, cybersecurity, computer-security24-Nov-2024
Week 3: When the Drive to Work Fadeshttps://mokhansec.medium.com/week-3-when-the-drive-to-work-fades-3e94a89559c0?source=rss------bug_bounty-5Mohsin khanbug-bounty-writeup, bugs, bug-bounty-tips, bug-bounty, cybersecurity24-Nov-2024
Hacking WordPress: Where to Begin?https://0x4a6f76616e.medium.com/hacking-wordpress-where-to-begin-60179dc403d9?source=rss------bug_bounty-5Jovanbug-bounty, hacking, pentesting, vulnerability, wordpress24-Nov-2024
7 Steps guide to CNAME Subdomain Takeoverhttps://bitpanic.medium.com/7-steps-guide-to-cname-subdomain-takeover-f10eebd7e952?source=rss------bug_bounty-5Spectat0rguybug-bounty-tips, cybersecurity, information-security, bug-bounty24-Nov-2024
Cyberattack at French Hospital Exposes Health Data of 750,000 Patientshttps://medium.com/@wiretor/cyberattack-at-french-hospital-exposes-health-data-of-750-000-patients-01b8f62893d1?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicespentest, hacking, xs, malware, bug-bounty24-Nov-2024
Microsoft Disrupts ONNX Phishing-as-a-Service Operation ️https://medium.com/@wiretor/microsoft-disrupts-onnx-phishing-as-a-service-operation-%EF%B8%8F-a1b5535f5d9a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, malware, xs, bug-bounty, pentest24-Nov-2024
Microsoft Tests Third-Party Passkey Support in Windows 11: A Passwordless Futurehttps://medium.com/@wiretor/microsoft-tests-third-party-passkey-support-in-windows-11-a-passwordless-future-92a5fe28571a?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmicrosoft, pentest, bug-bounty, hacking, xs24-Nov-2024
Hackers Exploit Avast Anti-Rootkit Driver to Disable Security Defenseshttps://medium.com/@wiretor/hackers-exploit-avast-anti-rootkit-driver-to-disable-security-defenses-13df8a3c313e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, ransomware, bug-bounty, malware, xss-attack24-Nov-2024
How I got 50euro bounty?https://doordiefordream.medium.com/how-i-got-50euro-bounty-71dcf4c6e335?source=rss------bug_bounty-5Bug hunter baluhtml, cybersecurity, technology, vulnerability, bug-bounty24-Nov-2024
Recon. Useful Tips for Bug Bounty — PART 1https://medium.com/@dzchalevich/recon-useful-tips-for-bug-bounty-part-1-0defee9bc7cf?source=rss------bug_bounty-5theroo@tttweb-security, bug-bounty-tips, bug-bounty, penetration-testing, recon24-Nov-2024
Happy hunting!https://medium.com/@hacker_33169/happy-hunting-eae0a858b540?source=rss------bug_bounty-5B3ntl3ycybersecurity, bug-bounty, penetration-testing24-Nov-2024
Beginner’s Guide to Ethical Hacking: What I Learned from My First Bug Bountyhttps://medium.com/@yarmuhammadnizamani556/beginners-guide-to-ethical-hacking-what-i-learned-from-my-first-bug-bounty-724a9f97f38b?source=rss------bug_bounty-5Curious Mindethical-hacking, cybersecurity, bug-bounty24-Nov-2024
Android Pentesting can make you $500/day.https://medium.com/@anandrishav2228/android-pentesting-can-make-you-500-day-818158f9b43d?source=rss------bug_bounty-5Rishav anandcybersecurity, android, hacking, money, bug-bounty24-Nov-2024
How I do my recon and end up finding hidden assets and vulnerabilities before anyone else Pt.2https://medium.com/@demonia/how-i-do-my-recon-and-end-up-finding-hidden-assets-and-vulnerabilities-before-anyone-else-pt-2-2c8dd13d6c19?source=rss------bug_bounty-5Mohammed Diefcybersecurity, information-security, bug-bounty, hackerone, recon24-Nov-2024
IDOR is NOT only on the IDhttps://medium.com/@mshulkhan/idor-is-not-only-on-the-id-8e94b5cc193e?source=rss------bug_bounty-5M Shulkhangoogle-bug, bug-bounty, hacking, hackerkamp150, sysbraykr24-Nov-2024
My Bug Bounty Hunting Methodologyhttps://cybersechemmars.medium.com/my-bug-bounty-hunting-methodology-51ac0a891978?source=rss------bug_bounty-5Cybersec with Hemmarscybersecurity, writing, bug-bounty, bug-bounty-writeup24-Nov-2024
TryHackMe | NoSQLi Walkthroughhttps://medium.com/@k3r0/tryhackme-nosqli-walkthrough-155c6380f5b3?source=rss------bug_bounty-5Kyrillos nadypenetration-testing, bug-bounty, nosql, web-penetration-testing, hacking24-Nov-2024
Bug House Exterminator in Wilton: Your Ultimate Guide to a Pest-Free Homehttps://medium.com/@muhammadmohsinsiddique46/bug-house-exterminator-in-wilton-your-ultimate-guide-to-a-pest-free-home-47d56773c394?source=rss------bug_bounty-5Muhammadmohsinsiddiquebed-bug-extermination, bug-bounty, wilton, bugs23-Nov-2024
7 Main Sins Of A Hacker, What To Stay Away From During Hacking Story?https://medium.com/h7w/7-main-sins-of-a-hacker-what-to-stay-away-from-during-hacking-story-115d749952e2?source=rss------bug_bounty-5NnFacefaith, hacking, bug-bounty, cybersecurity, kali-linux23-Nov-2024
HTML INJECTION- My Second Major Bountyhttps://medium.com/@josuofficial327/html-injection-my-second-major-bounty-cb7c3b32ce60?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuowasp-top-10, bug-bounty-tips, cybersecurity, penetration-testing, bug-bounty23-Nov-2024
Building a Bug Bounty Journey: Exploring Web Security with a Custom CMShttps://medium.com/@zero_4583/building-a-bug-bounty-journey-exploring-web-security-with-a-custom-cms-06dffc81e969?source=rss------bug_bounty-5Nathan Vincentphp, appsec, cms-development, bug-bounty23-Nov-2024
Why Bug Bounty Is Just for You 🙂https://infosecwriteups.com/why-bug-bounty-is-just-for-you-61541deb62b8?source=rss------bug_bounty-5Satyam Pathaniabug-bounty, money, cybersecurity, infosec, technology23-Nov-2024
Disallowed but Discoverable: The Hacker’s robots.txt Playbookhttps://myselfakash20.medium.com/disallowed-but-discoverable-the-hackers-robots-txt-playbook-73dca570f23e?source=rss------bug_bounty-5Akash Ghoshbug-bounty, cybersecurity, technology, programming, bug-bounty-writeup23-Nov-2024
Vulnerable WordPress October 2024 (Zahhak Castle)https://medium.com/@onhexgroup/vulnerable-wordpress-october-2024-zahhak-castle-fb7da609b5e1?source=rss------bug_bounty-5Onhexgroupinformation-security, infosec, cybersecurity, bug-bounty, wordpress23-Nov-2024
North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedInhttps://medium.com/@wiretor/north-korean-hackers-steal-10m-with-ai-driven-scams-and-malware-on-linkedin-25daddc61809?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, malware, ai, programming23-Nov-2024
Over 2,000 Palo Alto Firewalls Hacked Using Recently Patched Bugshttps://medium.com/@wiretor/over-2-000-palo-alto-firewalls-hacked-using-recently-patched-bugs-ccc83ef8b4d6?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, hacking, hacked, xss-attack23-Nov-2024
Chinese Hackers Target Linux with WolfsBane Malwarehttps://medium.com/@wiretor/chinese-hackers-target-linux-with-wolfsbane-malware-c4a313c0e63f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceschinese, linux, hacking, malware, bug-bounty23-Nov-2024
Cyber Alert: APT28 Hackers Breach US Firm with Innovative “Nearest Neighbor Attack”https://medium.com/@wiretor/cyber-alert-apt28-hackers-breach-us-firm-with-innovative-nearest-neighbor-attack-9245d88841d8?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, apt-28, hacking, xss-attack23-Nov-2024
Ubuntu Users Alert: Decade-Old Needrestart Flaws Expose Root Privilege Riskshttps://medium.com/@wiretor/ubuntu-users-alert-decade-old-needrestart-flaws-expose-root-privilege-risks-a504f5d2b949?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesusa, ubuntu, penetration-testing, bug-bounty, malware23-Nov-2024
Step into my Professional Life(:Finding my first Bug:)https://medium.com/@anshjain722/step-into-my-professional-life-finding-my-first-bug-e8175b1d9601?source=rss------bug_bounty-5Ansh Jaincybersecurity, xss-vulnerability, vulnerability, bugs, bug-bounty23-Nov-2024
Methods to bypass 403 & 401https://infosecwriteups.com/methods-to-bypass-403-401-38df4cec069e?source=rss------bug_bounty-5Dishant Modipenetration-testing, cybersecurity, bug-bounty-tips, bug-bounty, hacking23-Nov-2024
How I Discovered an Email Change Vulnerability Leading to Pre-Account Takeover | p2https://medium.com/@dhananjay_00/how-i-discovered-an-email-change-vulnerability-leading-to-pre-account-takeover-p2-7e76e0002eef?source=rss------bug_bounty-5Dhananjay Pathakbug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty, hacking23-Nov-2024
Why I Switched from Cloud to Local Password Managementhttps://expectme.medium.com/why-i-switched-from-cloud-to-local-password-management-2b79448495dc?source=rss------bug_bounty-5Mamoud Eidbug-bounty, privacy, cybersecurity23-Nov-2024
Bug Bounty Beginner’s Roadmap-02https://medium.com/@sheikh.mohammad.adil.71/bug-bounty-beginners-roadmap-02-3236f15df715?source=rss------bug_bounty-5SHEIKH MOHAMMAD ADILroadmaps, ethical-hacking, bounty-program, bug-bounty23-Nov-2024
My OSWA Experiencehttps://medium.com/@zumyumi/my-oswa-experience-eaa4e94d1797?source=rss------bug_bounty-5Zumi Yumioswe, oscp, web, oswa, bug-bounty23-Nov-2024
️‍♂️ Bug Bounty Beginner’s Roadmap-01https://medium.com/@sheikh.mohammad.adil.71/%EF%B8%8F-%EF%B8%8F-ultimate-bug-bounty-roadmap-ee81e805ad6b?source=rss------bug_bounty-5SHEIKH MOHAMMAD ADILbug-bounty, ethical-hacking, hackerone, cybersecurity, roadmaps23-Nov-2024
File path traversal, validation of file extension with null byte bypasshttps://medium.com/@Laxious8848/file-path-traversal-validation-of-file-extension-with-null-byte-bypass-6625f4a4fbec?source=rss------bug_bounty-5Laxiousweb-penetration-testing, lfi, lfi-vulnerability, bug-bounty, web-pen-testing22-Nov-2024
File path traversal, validation of start of pathhttps://medium.com/@Laxious8848/file-path-traversal-validation-of-start-of-path-063e8995a55d?source=rss------bug_bounty-5Laxiouslfi, web-penetration-testing, web-pen-testing, lfi-vulnerability, bug-bounty22-Nov-2024
Ghost Tap Exploits NFC Payments for Fraudhttps://medium.com/@wiretor/ghost-tap-exploits-nfc-payments-for-fraud-dc2a263ff603?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, ransomware, hacking, programming, bug-bounty22-Nov-2024
Oracle Agile PLM Vulnerability Exploited in the Wild: Protect Your Data!https://medium.com/@wiretor/oracle-agile-plm-vulnerability-exploited-in-the-wild-protect-your-data-129f8d9ac922?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, ransomware, malware, pentest, hacking22-Nov-2024
File path traversal, traversal sequences stripped with superfluous URL-decodehttps://medium.com/@Laxious8848/file-path-traversal-traversal-sequences-stripped-with-superfluous-url-decode-0b303cfe5b69?source=rss------bug_bounty-5Laxiousweb-penetration-testing, web-pen-testing, bug-bounty, lfi-vulnerability, lfi22-Nov-2024
Resolving the “externally-managed-environment” Error in Pythonhttps://medium.com/@prathameshbagul/resolving-the-externally-managed-environment-error-in-python-b91650d45946?source=rss------bug_bounty-5Prathbug-bounty, python, pentesting, kali-linux, cybersecurity22-Nov-2024
ShodanSpider: A Powerful Tool for Cybersecurity Researchhttps://shubhamrooter.medium.com/shodanspider-a-powerful-tool-for-cybersecurity-research-02eac3ed75e2?source=rss------bug_bounty-5Shubham Tiwaribug-bounty, security-analytics, vapt, shodan, bug-hunting22-Nov-2024
My Journey Finding Bugs on NASAhttps://cybersecuritywriteups.com/my-journey-finding-bugs-on-nasa-a2296d142b0a?source=rss------bug_bounty-5Shridhar Rajaputbug-bounty-writeup, inspiration, cybersecurity, bug-bounty, information-technology22-Nov-2024
Why Bug Bounty Could Be a Career for You 🙂https://osintteam.blog/why-bug-bounty-could-be-a-career-for-you-17b6b7b66e16?source=rss------bug_bounty-5Satyam Pathaniamoney, technology, cybersecurity, bug-bounty, infosec22-Nov-2024
Unveiling a Critical Bug in One of the World’s Largest Banks: My Barclays Storyhttps://cybersecuritywriteups.com/unveiling-a-critical-bug-in-one-of-the-worlds-largest-banks-my-barclays-story-34a9fb5f5140?source=rss------bug_bounty-5Guru Prasad Pattanaikbug-bounty-tips, bug-bounty, cybersecurity, bug-bounty-writeup, ethical-hacking22-Nov-2024
The $900 Bug: My Journey Through SSRF and LFI Exploitshttps://myselfakash20.medium.com/the-900-bug-my-journey-through-ssrf-and-lfi-exploits-222feb276deb?source=rss------bug_bounty-5Akash Ghoshprogramming, technology, cybersecurity, hacking, bug-bounty22-Nov-2024
IDOR Checklist 2025https://medium.com/@mohanad9837/idor-checklist-2025-443575a389d4?source=rss------bug_bounty-5mohanedidor, bug-bounty, idor-vulnerability22-Nov-2024
Finding and Exploiting open SMB service [bug bounty write-up].https://medium.com/@sugamdangal52/finding-and-exploiting-open-smb-service-bug-bounty-write-up-492d72cd2fa3?source=rss------bug_bounty-5Sugam Dangalethical-hacking, bug-bounty, bug-hunting, hacking, bug-bounty-writeup22-Nov-2024
Forbidden Bypass Cloudflare Zero Trust — English Versionhttps://medium.com/@j0hnZ3RA/forbidden-bypass-cloudflare-zero-trust-english-version-436efff4a548?source=rss------bug_bounty-5j0hnZ3RAbug-bounty, red-team, pentesting, security22-Nov-2024
Forbidden Bypass Cloudflare Zero Trusthttps://medium.com/@j0hnZ3RA/forbidden-bypass-cloudflare-zero-trust-6bcc7ad464ee?source=rss------bug_bounty-5j0hnZ3RAsecurity, pentesting, bypass, red-team, bug-bounty22-Nov-2024
They Ignored My Bug Report but Fixed It Silently: My Experience with Enhancvhttps://medium.com/@0xw01f/they-ignored-my-bug-report-but-fixed-it-silently-my-experience-with-enhancv-a8ffe5e3e790?source=rss------bug_bounty-5w01fcybersecurity, bug-bounty, vulnerability, responsibility, ethics22-Nov-2024
HTML encode ilə XSS və HTML İnjection hücumlarının qarşısının alınmasıhttps://medium.com/@rootelvin/html-encode-il%C9%99-xss-v%C9%99-html-i%CC%87njection-h%C3%BCcumlar%C4%B1n%C4%B1n-qar%C5%9F%C4%B1s%C4%B1n%C4%B1n-al%C4%B1nmas%C4%B1-01e21dfe11b5?source=rss------bug_bounty-5Elvin Nuruyevappsec-testing, web-pentesting, cyber-security-solutions, secure-coding, bug-bounty22-Nov-2024
captainX404https://medium.com/@captainX404/captainx404-b41a7f1e3ff3?source=rss------bug_bounty-5captainX404bug-bounty22-Nov-2024
Reconnaissance on archive URLshttps://medium.com/@mayank_prajapati/reconnaissance-on-archive-urls-4125ce7544ed?source=rss------bug_bounty-5Mayank Kumar Prajapatibug-bounty-tips, cybersecurity, bugs, bug-bounty, hacking22-Nov-2024
HTML encode ilə XSS və HTML İnjection hücumlarının qarşısının alınmasıhttps://elvinnuruyev.medium.com/html-encode-il%C9%99-xss-v%C9%99-html-i%CC%87njection-h%C3%BCcumlar%C4%B1n%C4%B1n-qar%C5%9F%C4%B1s%C4%B1n%C4%B1n-al%C4%B1nmas%C4%B1-01e21dfe11b5?source=rss------bug_bounty-5Elvin Nuruyevappsec-testing, web-pentesting, cyber-security-solutions, secure-coding, bug-bounty22-Nov-2024
Cloud Hacking : flaws.cloud level 1 walkthroughhttps://medium.com/@Kinqdathacker/cloud-hacking-flaws-cloud-level-1-walkthrough-9f966da07e82?source=rss------bug_bounty-5Kinqdathackerctf-writeup, cloud-security, bug-bounty, s3-bucket, hacking22-Nov-2024
How i finded a p4 as per bugcrowd.https://osintteam.blog/how-i-finded-a-p4-as-per-bugcrowd-c7c72718583a?source=rss------bug_bounty-5loyalonlytodayhacking, tips, bugs, bug-bounty, cybersecurity21-Nov-2024
Master My Skill Student got highest bounty of $5000 by Vikrant Sharmahttps://medium.com/@mastermyskill/master-my-skill-student-got-highest-bounty-of-5000-by-vikrant-sharma-287a9b46522e?source=rss------bug_bounty-5Master My Skillbug-bounty21-Nov-2024
Unlock the $4 Million Bounty: Join Microsoft’s Zero Day Quest!https://byteshiva.medium.com/unlock-the-4-million-bounty-join-microsofts-zero-day-quest-87c6e50c1010?source=rss------bug_bounty-5Sivainfosec, cybersecurity, microsoftzerodayquest, hacking, bug-bounty21-Nov-2024
Unique XSS Earned Me a $$$ Bountyhttps://wgetkb.medium.com/unique-xss-earned-me-a-bounty-b7156c36fd32?source=rss------bug_bounty-5Prasad KBbounty-program, xss-vulnerability, infosec, bug-bounty, security21-Nov-2024
Insecure direct object referenceshttps://medium.com/@Laxious8848/insecure-direct-object-references-2ce01fa76018?source=rss------bug_bounty-5Laxiousweb-pen-testing, idor, idor-vulnerability, webapplicationpentest, bug-bounty21-Nov-2024
HTB — Learn the basics of Penetration Testing: Meowhttps://medium.com/@febrywiji12/htb-learn-the-basics-of-penetration-testing-meow-6158f97c3c6e?source=rss------bug_bounty-5Sheperd01telnet, hackthebox, ctf, bug-bounty, tutorial21-Nov-2024
How to Find Open Redirect Vulnerabilities: A Comprehensive Guidehttps://medium.com/@rupaitanudas/how-to-find-open-redirect-vulnerabilities-a-comprehensive-guide-e2b6e8c965c6?source=rss------bug_bounty-5Rupaitanudasopen-redirect, bug-bounty, web-application-security21-Nov-2024
BugBoard: The Ultimate Dashboard for Bug Huntershttps://medium.com/@abhinavsingwal/bugboard-the-ultimate-dashboard-for-bug-hunters-1fc7177117bb?source=rss------bug_bounty-5Abhinavsingwalbug-bounty, hacking, hacker, bugboard, hacking-tools21-Nov-2024
Introduction to CORS-Cross-origin resource sharing & SOP-Same Origin Policy, CORS series (Part 1)https://medium.com/@vipulparveenjain/introduction-to-cors-cross-origin-resource-sharing-sop-same-origin-policy-cors-series-part-1-149ad6f77cf6?source=rss------bug_bounty-5Vipul Jainhacking, bug-bounty, web-security-testing, cors-vulnerability, cross-origin-resource21-Nov-2024
Antivirus Evasion for Beginners: A Step-by-Step Guide to Bypassing AV for Penetration Testershttps://medium.com/@verylazytech/antivirus-evasion-for-beginners-a-step-by-step-guide-to-bypassing-av-for-penetration-testers-e600de35be20?source=rss------bug_bounty-5Very Lazy Techpenetration-testing, bug-bounty, antivirus-evasion, bypassing-av, hacking21-Nov-2024
How I Hacked a Website While Dancinghttps://medium.com/@shaikhminhaz1975/how-i-hacked-a-website-while-dancing-22c3e1cd3431?source=rss------bug_bounty-5Shaikh Minhazhacking, cybersecurity, how-to, ethical-hacking, bug-bounty21-Nov-2024
BugBoard: The Ultimate Dashboard for Bug Huntershttps://medium.com/@abhinavsingwal/bugboard-the-ultimate-dashboard-for-bug-hunters-1fc7177117bb?source=rss------bug_bounty-5Abhinav Singwalbug-bounty, hacking, hacker, bugboard, hacking-tools21-Nov-2024
Bypass Email Verification in Mozillahttps://0d-amr.medium.com/bypass-email-verification-in-mozilla-2ab45ac36c42?source=rss------bug_bounty-5Amrbug-bounty-tips, cybersecurity, ethical-hacking, penetration-testing, bug-bounty21-Nov-2024
Mastering Web Application Pentesting with TryhackMehttps://infosecwriteups.com/mastering-web-application-pentesting-with-tryhackme-24257ef182c5?source=rss------bug_bounty-5Mukilan Baskarantryhackme, cybersecurity, bug-bounty, tryhackme-walkthrough, infosec21-Nov-2024
PART 2: THE NEXT CHAPTER IN MY NASA BUG HUNTING JOURNEYhttps://rootxabit.medium.com/part-2-the-next-chapter-in-my-nasa-bug-hunting-journey-1d6338c5f017?source=rss------bug_bounty-5sudo-xabithacking-nasa, bug-bounty, india, tips, nasa21-Nov-2024
File path traversal, simple casehttps://medium.com/@Laxious8848/file-path-traversal-simple-case-d0dd8c493981?source=rss------bug_bounty-5Laxiouslfi, webapplicationpentest, lfi-vulnerability, bug-bounty, web-pen-testing21-Nov-2024
File path traversal, traversal sequences stripped non-recursivelyhttps://medium.com/@Laxious8848/file-path-traversal-traversal-sequences-stripped-non-recursively-647780ace38e?source=rss------bug_bounty-5Laxiousweb-penetration-testing, web-pen-testing, lfi, bug-bounty, lfi-vulnerability21-Nov-2024
File path traversal, traversal sequences blocked with absolute path bypasshttps://medium.com/@Laxious8848/file-path-traversal-traversal-sequences-blocked-with-absolute-path-bypass-b909ad161fa2?source=rss------bug_bounty-5Laxiousbug-bounty, web-pentesting, web-penetration-testing, lfi-vulnerability, lfi21-Nov-2024
HTB — Learn the basics of Penetration Testing: Meowhttps://medium.com/@febrywiji/htb-learn-the-basics-of-penetration-testing-meow-6158f97c3c6e?source=rss------bug_bounty-5Sheperd01telnet, hackthebox, ctf, bug-bounty, tutorial21-Nov-2024
Worth 10000$ Cracking the Price Barrier: Exploiting Price Tampering on an E-Commerce Websitehttps://medium.com/@kumawatabhijeet2002/worth-10000-cracking-the-price-barrier-exploiting-price-tampering-on-an-e-commerce-website-19e3f82f52aa?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, bug-bounty-writeup, bug-bounty-tips, bugs20-Nov-2024
How I was able to Take over a Subdomain and got Hall of Famehttps://rivudon.medium.com/how-i-was-able-to-take-over-a-subdomain-and-got-hall-of-fame-aca4aaca761b?source=rss------bug_bounty-5Rivek Raj Tamang ( RivuDon )subdomain-takeover, ethical-hacking, bug-bounty-tips, bug-hunting, bug-bounty20-Nov-2024
Web vulnerability bounty rules updatehttps://medium.com/@security.tecno/web-vulnerability-bounty-rules-update-20bcf6f6e3da?source=rss------bug_bounty-5TECNO Securityhacking, web, security, bug-bounty20-Nov-2024
Bypassing Password Reuse Restriction A Security Flaw.https://aman0.medium.com/bypassing-password-reuse-restriction-a-security-flaw-1bf2210d9bbd?source=rss------bug_bounty-5Aman Hbug-bounty-writeup, vulnerability, information-security, penetration-testing, bug-bounty20-Nov-2024
The $2,200 ATO Most Bug Hunters Overlooked by Closing Intruder Too Soonhttps://mokhansec.medium.com/the-2-200-ato-most-bug-hunters-overlooked-by-closing-intruder-too-soon-505f21d56732?source=rss------bug_bounty-5Mohsin khancybersecurity, bug-bounty, bug-bounty-writeup, bugs, bug-bounty-tips20-Nov-2024
Reflected Cross-Site Scripting (XSS) via POST request:https://ak-rizk.medium.com/reflected-cross-site-scripting-xss-via-post-request-f0d54ee84f99?source=rss------bug_bounty-5A-RIZKxss-attack, web-hacking, pentesting, bug-bounty20-Nov-2024
How Hidden 3xXSS got revealedhttps://medium.com/@0xbugatti/how-hidden-3xxss-got-revealed-b42f041d36f6?source=rss------bug_bounty-50xbugattibug-bounty, bug-bounty-writeup, web-app-security, web-app-pentesting, bug-bounty-tips20-Nov-2024
How I Earned $650 Using Just Recon: A Bug Hunter’s Success Storyhttps://myselfakash20.medium.com/how-i-earned-650-using-just-recon-a-bug-hunters-success-story-4d78788e46a5?source=rss------bug_bounty-5Akash Ghoshbug-bounty, programming, penetration-testing, cybersecurity, technology20-Nov-2024
Swiss Army Knife of Top Bug Huntershttps://bitpanic.medium.com/swiss-army-knife-of-top-bug-hunters-dd1bf237c513?source=rss------bug_bounty-5Spectat0rguyinformation-security, bug-bounty-tips, cybersecurity, cyber-security-awareness, bug-bounty20-Nov-2024
Honey, did you leave the APIs open again?https://medium.com/@l_s_/honey-you-left-the-apis-open-again-c382a3a2d917?source=rss------bug_bounty-5LShacking, api, bug-bounty, cybersecurity, bug-bounty-writeup20-Nov-2024
Introduction to Bug Bountyhttps://medium.com/@hakoje3813/introduction-to-bug-bounty-5461825079ad?source=rss------bug_bounty-5Hackeraidp, bug-bounty20-Nov-2024
How to Start in the Masochistic World of Bug Bounty — what nobody told you before.https://j0nasdias.medium.com/how-to-start-in-the-masochistic-world-of-bug-bounty-what-nobody-told-you-before-22b789933cdd?source=rss------bug_bounty-5Jonas Dias Rebelointigriti, hackerone, xs, pentest, bug-bounty20-Nov-2024
GhostFilter: Automating URL Filtering for Smarter Bug Huntinghttps://osintteam.blog/ghostfilter-automating-url-filtering-for-smarter-bug-hunting-d779d8fc844f?source=rss------bug_bounty-5SIDDHANT SHUKLAhacking, bug-bounty-tips, bug-bounty, ctf, cybersecurity20-Nov-2024
Importance of Shodan in Bug Hunting: Your Ultimate Guide to Finding Hidden Gemshttps://osintteam.blog/importance-of-shodan-in-bug-hunting-your-ultimate-guide-to-finding-hidden-gems-45cf87201d11?source=rss------bug_bounty-5Akash Ghoshbug-bounty, bug-bounty-writeup, bug-bounty-tips, cybersecurity, infosec19-Nov-2024
Finding subdomains those are hidden in cloud.https://osintteam.blog/finding-subdomains-those-are-hidden-in-cloud-f0c13d3d80ea?source=rss------bug_bounty-5loyalonlytodaybug-bounty, bugs, tips, cybersecurity, hacking19-Nov-2024
【Vulnerability Campaign】Earn Your Thanksgiving Bonus Rebatehttps://medium.com/@security.tecno/vulnerability-campaign-earn-your-thanksgiving-bonus-rebate-95847ac8b144?source=rss------bug_bounty-5TECNO Securityhacking, security, bonus, bug-bounty19-Nov-2024
OTP Bypass — Weak brute-force protectionhttps://medium.com/@Jitheshjithu/otp-bypass-weak-brute-force-protection-42c3f6b7899d?source=rss------bug_bounty-5Jitheshbug-bounty-tips, brute-force, bug-bounty, otp-bypass, burpsuite19-Nov-2024
How a CSRF Vulnerability Can Be Exploited to Target Email Accounts — A Practical Walkthroughhttps://medium.com/@muhammedgalal66/how-a-csrf-vulnerability-can-be-exploited-to-target-email-accounts-a-practical-walkthrough-60e6c2eac31f?source=rss------bug_bounty-5Dg0x6bug-bounty, bounty-program, bug-hunting, csrf, hunting19-Nov-2024
The Easiest $$$ I Made from a Business Logic Vulnerabilityhttps://medium.com/@0xsussy/the-easiest-i-made-from-a-business-logic-vulnerability-5c11a31ca455?source=rss------bug_bounty-5Hamza Khaledbugbounty-writeup, bugbounty-poc, bug-bounty, bugbounty-tips19-Nov-2024
Enumeração de subdomínios através da homepagehttps://medium.com/@sarkis093/enumera%C3%A7%C3%A3o-de-subdom%C3%ADnios-atrav%C3%A9s-da-homepage-971d7aa341bf?source=rss------bug_bounty-5sarkis093shell, pentesting, red-team, osint, bug-bounty19-Nov-2024
From User to Admin: The Art of Privilege Escalationhttps://bootcampsecurity.medium.com/from-user-to-admin-the-art-of-privilege-escalation-b80a4cd1e89b?source=rss------bug_bounty-5Garv Katariacybersecurity, privilege-escalation, ethical-hacking, bug-bounty-tips, bug-bounty19-Nov-2024
Common Security Risks in Browser Extensionshttps://medium.com/@Parag_Bagul/common-security-risks-in-browser-extensions-e61422499f7c?source=rss------bug_bounty-5ParagBagulbrowser-extension, web-browser-extension, cybersecurity, bug-bounty, extension-development19-Nov-2024
Exploiting Business Logic Flaws in e-commerce platformshttps://medium.com/@Pentestforge/exploiting-business-logic-flaws-in-e-commerce-platforms-c3042a240c4a?source=rss------bug_bounty-5Joel I Patrickethical-hacking, bug-bounty, cybersecurity, web-exploitation, hacking19-Nov-2024
Unlock Bug Bounty Brilliance: The Ultimate Guide to Browser Extensions That Supercharge Your…https://osintteam.blog/unlock-bug-bounty-brilliance-the-ultimate-guide-to-browser-extensions-that-supercharge-your-fbb323e29dc0?source=rss------bug_bounty-5Akash Ghoshbug-bounty, bug-bounty-tips, extension, bug-bounty-writeup, cybersecurity19-Nov-2024
Critical Remote Code Execution (RCE) Bug in VMware vCenter Server Now Exploited in Active…https://medium.com/@wiretor/critical-remote-code-execution-rce-bug-in-vmware-vcenter-server-now-exploited-in-active-a03c8fe37d02?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesprogramming, hacking, pentesting, bug-bounty, malware19-Nov-2024
Maxar Data Breach: U.S. Space Tech Giant Compromisedhttps://medium.com/@wiretor/maxar-data-breach-u-s-space-tech-giant-compromised-391640982117?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, pentest, programming, malware, bug-bounty19-Nov-2024
Chinese Hackers Exploit Fortinet VPN Zero-Day to Steal Credentialshttps://medium.com/@wiretor/chinese-hackers-exploit-fortinet-vpn-zero-day-to-steal-credentials-b10232aaabef?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, hacking, bug-bounty, progamming, malware19-Nov-2024
How I Uncovered an Unsubscribe Exploit While Checking My Internship Applicationshttps://expl0it32.medium.com/how-i-uncovered-an-unsubscribe-exploit-while-checking-my-internship-applications-9661aacad8f9?source=rss------bug_bounty-5eXpl0it_32hacking, cybersecurity, idor, bug-report, bug-bounty19-Nov-2024
HOW I FOUND A BUG IN NASAhttps://rootxabit.medium.com/how-i-found-a-bug-in-nasa-f76800eaf3b9?source=rss------bug_bounty-5sudo-xabitbug-bounty, hacking, hall-of-fame, nasa, vdp19-Nov-2024
Bug bounty hunting : Profitable Pursuit or Time Trap?https://medium.com/@Arsenelupin12/bug-bounty-hunting-profitable-pursuit-or-time-trap-a99ecb11358f?source=rss------bug_bounty-5Lupinbug-bounty, bug-bounty-tips, hackthebox, cybersecurity, hacking19-Nov-2024
SQL injection vulnerability in where clause allowing retrieval of hidden datahttps://medium.com/@Laxious8848/sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-c6ca0c949382?source=rss------bug_bounty-5Laxiouspenetration-testing, bug-bounty, webapplicationpentest, error-based-sql-injection, sql-injection19-Nov-2024
BUG BOUNTY HUNTINGhttps://medium.com/@muazutopclass/bug-bounty-hunting-0536a314d4e4?source=rss------bug_bounty-5Mu'azu S. Ahmedcybersecurity, money, bug-bounty, techie-delight, freelancing19-Nov-2024
Easy admin Access By Gaming with JSONhttps://medium.com/@0xbugatti/easy-admin-access-by-gaming-with-json-5ec5313e2236?source=rss------bug_bounty-50xbugattibug-bounty, web-security, penetration-testing, bug-bounty-tips, bug-bounty-writeup19-Nov-2024
Bug bounty hunting : Profitable Pursuit or Time Trap?https://medium.com/@Arsenelupin12/bug-bounty-hunting-profitable-pursuit-or-time-trap-a99ecb11358f?source=rss------bug_bounty-5Wasted Resourcesbug-bounty, bug-bounty-tips, hackthebox, cybersecurity, hacking19-Nov-2024
Hackers’ Cache Hotlisthttps://medium.com/h7w/hackers-cache-hotlist-5649742c35b1?source=rss------bug_bounty-5Lukasz Wierzbickibug-bounty, pentesting, hacking, articles, security18-Nov-2024
How SubDomainRadar.io Simplifies Your Recon Workflowhttps://medium.com/@alexandrevandammepro/how-subdomainradar-io-simplifies-your-recon-workflow-173e4061ceb3?source=rss------bug_bounty-5Alexandre Vandammeinfosec, cyberattack, bug-bounty, hacking, cybersecurity18-Nov-2024
File Upload - Upload. Intercept. Exploit.https://p4n7h3rx.medium.com/file-upload-upload-intercept-exploit-b5aa18cb8e9d?source=rss------bug_bounty-5p4n7h3rxbug-bounty, pentesting, pentest, bug-bounty-tips, hacking18-Nov-2024
BioCorp CTFhttps://ghostman01.medium.com/biocorp-ctf-99a072260842?source=rss------bug_bounty-5SIDDHANT SHUKLActf, web-hacking, bug-bounty, cybersecurity, hacking18-Nov-2024
M4 — Insufficient Input/Output Validationhttps://medium.com/@tamires.scruz/m4-insufficient-input-output-validation-fccc6cfc2561?source=rss------bug_bounty-5Tamy Angelcybersecurity, android, pentesting, bug-bounty, vulnerability18-Nov-2024
From Novice to Pro: My Journey to Earning Through Bug Bounty Huntinghttps://myselfakash20.medium.com/from-novice-to-pro-my-journey-to-earning-through-bug-bounty-hunting-3f123d19c39a?source=rss------bug_bounty-5Akash Ghoshbug-bounty-writeup, ethical-hacking, bug-bounty, cybersecurity, bug-bounty-tips18-Nov-2024
Automating XXE Exploitation: A Write-Up on Intigriti CTF 2024 BioCorp Challengehttps://osintteam.blog/biocorp-ctf-99a072260842?source=rss------bug_bounty-5SIDDHANT SHUKLActf, web-hacking, bug-bounty, cybersecurity, hacking18-Nov-2024
How I Hacked an Entire Company’s IT Infrastructure by Uncovering a Critical Bug Through Effective…https://medium.com/@0xbedo/how-i-hacked-an-entire-companys-it-infrastructure-by-uncovering-a-critical-bug-through-effective-8322d4d763a8?source=rss------bug_bounty-50xbedobug-bounty, aem, pentesting, cybersecurity, security18-Nov-2024
Top 9 Books on Cyber Securityhttps://medium.com/@bicitrobiswas/top-9-books-on-cyber-security-e3984ec1e48b?source=rss------bug_bounty-5Bicitro Biswascybersecurity, hacking, programming, bug-bounty, students18-Nov-2024
How I Found an IDOR Vulnerability in a Local News App and What You Can Learn From Ithttps://medium.com/@sulmanfarooq531/how-i-found-an-idor-vulnerability-in-a-local-news-app-and-what-you-can-learn-from-it-0b02a2ab91d5?source=rss------bug_bounty-5Sulman Farooq Scybersecurity, bug-bounty, idor-vulnerability, idor18-Nov-2024
How to Use Proxy for Bug Huntinghttps://medium.com/@Progsky/how-to-use-proxy-for-bug-hunting-64e08cb33cc1?source=rss------bug_bounty-5Progskybug-hunting, ethical-hacking, ethical-hacking-tools, bug-bounty, cybersecurity18-Nov-2024
AI vs. Human: Why Bug Bounty Hunting Still Needs Human Intuitionhttps://pointlessai.medium.com/ai-vs-human-why-bug-bounty-hunting-still-needs-human-intuition-40b6e023c184?source=rss------bug_bounty-5PointlessAIbug-bounty-tips, ai, bug-bounty, chatgpt, vulnerability-management18-Nov-2024
Data Breaches Demand Proactive Security: AnnieMac Hack Impacts 171,000 Individuals ️https://medium.com/@wiretor/data-breaches-demand-proactive-security-anniemac-hack-impacts-171-000-individuals-%EF%B8%8F-27a46bece7d2?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesanniemac-hacked, bug-bounty, data-breach, programming, hacked18-Nov-2024
Phishing Emails Using SVG Attachments: A Growing Threathttps://medium.com/@wiretor/phishing-emails-using-svg-attachments-a-growing-threat-c531fe9d3806?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, bug-bounty, phising, hacking, email18-Nov-2024
How to Start a Career in Cybersecurity: A Step-by-Step Guide for Beginnershttps://medium.com/@griffin_dev.il/how-to-start-a-career-in-cybersecurity-a-step-by-step-guide-for-beginners-77a5457aa6e7?source=rss------bug_bounty-5GriFfin_Dev.iLethical-hacking, cybersecurity, cyber-security-awareness, bug-bounty, careers18-Nov-2024
B-Huntershttps://medium.com/@ebraamemil/b-hunters-a5b53aa9df42?source=rss------bug_bounty-5Ebraam Emilbug-bounty-tips, framework, bug-bounty18-Nov-2024
2FA simple bypasshttps://medium.com/@kcaaditya976/2fa-simple-bypass-1eb82080b914?source=rss------bug_bounty-5Laxiousbug-bounty, web-application-security, web-penetration-testing, mfa-bypass, web-pentesting18-Nov-2024
CTF Walkthrough: Grayboardhttps://medium.com/@nehalrajesh10/ctf-walkthrough-grayboard-c5955fff6410?source=rss------bug_bounty-5Nehal Pillaictf, bug-bounty, ctf-walkthrough18-Nov-2024
Breaking into Bug Bounties: A Guide to Hunting Business Logic and BAC Vulnerabilities in B2B…https://thexssrat.medium.com/breaking-into-bug-bounties-a-guide-to-hunting-business-logic-and-bac-vulnerabilities-in-b2b-58a8f4a89711?source=rss------bug_bounty-5Thexssratidor-vulnerability, penetration-testing, bug-bounty, hacking, hacker18-Nov-2024
2FA simple bypasshttps://medium.com/@Laxious8848/2fa-simple-bypass-1eb82080b914?source=rss------bug_bounty-5Laxiousbug-bounty, web-application-security, web-penetration-testing, mfa-bypass, web-pentesting18-Nov-2024
Vietnamese Hackers Unleash PXA Stealer: Targeting Sensitive Data Across Europe and Asiahttps://medium.com/@wiretor/vietnamese-hackers-unleash-pxa-stealer-targeting-sensitive-data-across-europe-and-asia-2d0723c11ff1?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, ransomeware, xss-attack, hacking, bug-bounty17-Nov-2024
DEEPDATA Malware Exploits Fortinet Flaw to Steal VPN Credentialshttps://medium.com/@wiretor/deepdata-malware-exploits-fortinet-flaw-to-steal-vpn-credentials-2605280c2e8c?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomeware, xss-attack, bug-bounty, hacking, malware17-Nov-2024
Botnet Exploits GeoVision Zero-Day to Install Mirai Malwarehttps://medium.com/@wiretor/botnet-exploits-geovision-zero-day-to-install-mirai-malware-98ce1622dc21?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, bug-bounty, usa, malware, hacking17-Nov-2024
Comprehensive Guide to Exploitation Techniques for Bug Bounty Hunters: From Beginner to Advancedhttps://myselfakash20.medium.com/comprehensive-guide-to-exploitation-techniques-for-bug-bounty-hunters-from-beginner-to-advanced-b32001326b9e?source=rss------bug_bounty-5Akash Ghoshbug-bounty-writeup, exploitation, bug-bounty-tips, cybersecurity, bug-bounty17-Nov-2024
The $300 Journey from RFI to RCE that Changed Everythinghttps://medium.com/@dhabaleshward/the-300-journey-from-rfi-to-rce-that-changed-everything-2b4c00c05da0?source=rss------bug_bounty-5Dhabaleshwar Daspenetration-testing, bug-bounty, vulnerability, ethical-hacking, cybersecurity17-Nov-2024
How I Found open-redirect vulnerability using virus total?https://doordiefordream.medium.com/how-i-found-open-redirect-using-virus-total-460d721b9596?source=rss------bug_bounty-5balu bandibug-bounty-tips, ethical-hacking, bug-bounty, cybersecurity, vulnerability17-Nov-2024
Week 2: Hard Work Transforms into a 5-Digit Paydayhttps://mokhansec.medium.com/week-2-hard-work-transforms-into-a-5-digit-payday-8087819bccd9?source=rss------bug_bounty-5Mohsin khanbug-bounty-tips, bugs, cybersecurity, bug-bounty, bug-bounty-writeup17-Nov-2024
Exposing Open Redirect Vulnerabilities: JavaScript File Analysis in HTTP History Burp Suitehttps://medium.com/@gheeX/exposing-open-redirect-vulnerabilities-javascript-file-analysis-in-http-history-burp-suite-c64bd1c93c54?source=rss------bug_bounty-5Ghee1337bug-bounty-writeup, javascript, vulnerability, bug-bounty-tips, bug-bounty17-Nov-2024
XSS in Registration Form: A Bug Bounty Successhttps://medium.com/@ziadsakr/xss-in-registration-form-a-bug-bounty-success-6fb9450b0e66?source=rss------bug_bounty-5Ziad Sakrxss-bypass, xss-vulnerability, bug-bounty, xss-attack, firewall17-Nov-2024
8 Advanced Techniques For Novice Bug Bounty Huntershttps://bitpanic.medium.com/8-advanced-techniques-for-novice-bug-bounty-hunters-ab6110185e55?source=rss------bug_bounty-5Spectat0rguycybersecurity, information-security, cyber-security-awareness, bug-bounty, bug-bounty-tips17-Nov-2024
SQL injection vulnerability allowing login bypasshttps://medium.com/@kcaaditya976/sql-injection-vulnerability-allowing-login-bypass-1e9f7bd45adf?source=rss------bug_bounty-5Laxioussql, web-penetration-testing, web-pentesting, bug-bounty, sql-injection17-Nov-2024
Bug bounty Cheatsheethttps://medium.com/@shardulsawant67/bug-bounty-cheatsheet-b87d3250bc2e?source=rss------bug_bounty-5Shardul Sawantbug-bounty, bug-bounty-cheatsheet, web-penetration-testing, hacking, website-hacking17-Nov-2024
API Hacktics: Unveiling Vulnerabilities in Modern Web APIshttps://myselfakash20.medium.com/api-hacktics-unveiling-vulnerabilities-in-modern-web-apis-e41cc09a2b9d?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, cybersecurity, bug-bounty-writeup, bugs, bug-bounty17-Nov-2024
How to Find P4 Vulnerabilities and Information Disclosure Bugs | Step-by-Step Guide to All Key…https://medium.com/@shaikhminhaz1975/how-to-find-p4-vulnerabilities-and-information-disclosure-bugs-step-by-step-guide-to-all-key-6ba8fc84c882?source=rss------bug_bounty-5Shaikh Minhazpenetration-testing, how-to-find-bug, information-disclosure, ethical-hacking, bug-bounty17-Nov-2024
Hunting for Default Credentials: A Deeper Dive into the Toolkithttps://medium.com/@defaulty.io/hunting-for-default-credentials-a-deeper-dive-into-the-toolkit-2b3edde86f01?source=rss------bug_bounty-5Defaulty.iocybersecurity, information-security, hacking, bug-bounty, penetration-testing17-Nov-2024
FB OAuth Misconfigurationhttps://xsametyigit.medium.com/fb-oauth-misconfiguration-d6c2f5d067d8?source=rss------bug_bounty-5Samet Yiğitbug-bounty-writeup, bug-bounty-tips, bug-bounty17-Nov-2024
OWASP Top 10–2021 Tryhackme Writeuphttps://infosecwriteups.com/owasp-top-10-2021-tryhackme-writeup-56f2a04c895e?source=rss------bug_bounty-5Mukilan Baskarancybersecurity, bug-bounty, infosec, information-security, web-security17-Nov-2024
DOM XSS in document.write sink using source location.searchhttps://medium.com/@kcaaditya976/dom-xss-in-document-write-sink-using-source-location-search-cc0ba7b461c2?source=rss------bug_bounty-5Laxiousxss-attack, web-pen-testing, dom-xss, bug-bounty, xss-vulnerability17-Nov-2024
Who needs credentials, when you have the phone number…?https://medium.com/@thelazypentester/who-needs-credentials-when-you-have-the-phone-number-fc0c8f51b87e?source=rss------bug_bounty-5Jobsonidor, bug-bounty, hacking, cybersecurity, sensitive-information17-Nov-2024
API Hacktics: Unveiling Vulnerabilities in Modern Web APIshttps://osintteam.blog/api-hacktics-unveiling-vulnerabilities-in-modern-web-apis-e41cc09a2b9d?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, cybersecurity, bug-bounty-writeup, bugs, bug-bounty17-Nov-2024
Lemons: A Bug Bounty Analogyhttps://medium.com/@lixipluv/lemons-a-bug-bounty-analogy-ef427f514b2a?source=rss------bug_bounty-5Lixipluvlemon, introduction, bug-bounty16-Nov-2024
Race condition — can cause a flood of forgotten password verification SMS requestshttps://medium.com/@viperblitzz/race-condition-can-cause-a-flood-of-forgotten-password-verification-sms-requests-1775a375653d?source=rss------bug_bounty-5Viperblitzzbug-bounty-tips, bug-hunting, bug-bounty16-Nov-2024
Chaining CSRF and an Open-Redirect leads to sensitive information disclosurehttps://medium.com/@rvanwart_49640/chaining-csrf-and-an-open-redirect-leads-to-sensitive-information-disclosure-5915b24bc53b?source=rss------bug_bounty-5Raymond Van Wartbug-bounty, cybersecurity, web-application-security16-Nov-2024
Heroku Subdomain Takeoverhttps://xsametyigit.medium.com/heroku-subdomain-takeover-39b9f1ce7c4c?source=rss------bug_bounty-5Samet Yiğitbug-bounty-writeup, bug-bounty, subdomain-takeover, bug-bounty-tips16-Nov-2024
Secret OSINT Tricks to Dig Up Hidden Info Online!https://medium.com/@paritoshblogs/secret-osint-tricks-to-dig-up-hidden-info-online-5401ffdd9c89?source=rss------bug_bounty-5Paritoshbug-bounty, hacking, osint, cybersecurity, information-technology16-Nov-2024
Chaining CSRF and an Open-Redirect leads to sensitive information disclosurehttps://raymondv.medium.com/chaining-csrf-and-an-open-redirect-leads-to-sensitive-information-disclosure-5915b24bc53b?source=rss------bug_bounty-5Raymond Van Wartbug-bounty, cybersecurity, web-application-security16-Nov-2024
How I Helped Secure Millions of Users’ Medical Reports — Bug Bounty!https://kumarmohank889.medium.com/how-i-helped-secure-millions-of-users-medical-reports-bug-bounty-bccf61a8ecee?source=rss------bug_bounty-5Mohan Kumar Ncybersecurity, hacking, bug-bounty-tips, ethical-hacking, bug-bounty16-Nov-2024
Mastering Recon for Bug Hunters, Part 4: Advanced Strategies & Real-World Exampleshttps://myselfakash20.medium.com/mastering-recon-for-bug-hunters-part-4-advanced-strategies-real-world-examples-5de1a7aa7f84?source=rss------bug_bounty-5Akash Ghoshbugs, bug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips16-Nov-2024
Account takover via forget passwordhttps://medium.com/@amirreza.marzban/account-takover-via-forget-password-4ec6514f29ee?source=rss------bug_bounty-5AmirReza Marzbanbug-bounty, bug-bounty-writeup, hacking, account-takeover, bug-bounty-hunter16-Nov-2024
Account takover of an online casinohttps://bug-abdelilah.medium.com/account-takover-of-an-online-casino-e13987835266?source=rss------bug_bounty-5abdelilahbug-bounty, xss-attack, penetration-testing, cybersecurity, account-takeover16-Nov-2024
How Did I Get My First Collaboration Bounty Of $1000?https://medium.com/@pguru978/how-did-i-get-my-first-collaboration-bounty-of-1000-dc64ec02a6c7?source=rss------bug_bounty-5Guru Prasad Pattanaikbug-bounty, bug-bounty-writeup, ethical-hacking, cybersecurity, bug-bounty-tips16-Nov-2024
Exploiting Android Activities with Drozer: A Step-by-Step Guidehttps://medium.com/@ayushkumar12021987/exploiting-android-activities-with-drozer-a-step-by-step-guide-ebc9b564758d?source=rss------bug_bounty-5Ayush Kumarbug-bounty, pentesting, android, bug-bounty-writeup, security16-Nov-2024
How I Turned a Low Blind SSRF Into a Critical Vulnerability With Strategic Impact Escalationhttps://medium.com/@DrakenKun/how-i-turned-a-low-blind-ssrf-into-a-critical-vulnerability-with-strategic-impact-escalation-536505cc4352?source=rss------bug_bounty-5DrakenKunweb-security, pentesting, bug-bounty, ssrf, cybersecurity16-Nov-2024
Sensitive Data Exposure in a Moodle Config Filehttps://medium.com/@mrcix/sensitive-data-exposure-in-a-moodle-config-file-648ca3d54676?source=rss------bug_bounty-5mrci0x1bug-bounty, information-security, web-security16-Nov-2024
These Two Tools Helped Me Earn $40K in Bountieshttps://medium.com/@alwalxed/these-two-tools-helped-me-earn-40k-in-bounties-8c688b9deccd?source=rss------bug_bounty-5Awaosint, cybersecurity, bug-bounty, golang, tools16-Nov-2024
Bypass of Username Policy: Breaking the Rules with a Simple Trickhttps://medium.com/@mrcix/bypass-of-username-policy-breaking-the-rules-with-a-simple-trick-fcf7ce97925c?source=rss------bug_bounty-5mrci0x1bug-bounty-tips, penetration-testing, bug-bounty-writeup, web-security, bug-bounty16-Nov-2024
How Did I Get My First Collaboration Bounty Of $1000?https://cybersecuritywriteups.com/how-did-i-get-my-first-collaboration-bounty-of-1000-dc64ec02a6c7?source=rss------bug_bounty-5Guru Prasad Pattanaikbug-bounty, bug-bounty-writeup, ethical-hacking, cybersecurity, bug-bounty-tips16-Nov-2024
$500 Bounty for Account Takeover on European Bug Bounty Platformhttps://0vulns.medium.com/500-bounty-for-account-takeover-on-european-bug-bounty-platform-cd5af3edb1ec?source=rss------bug_bounty-50vulnscybersecurity, bug-bounty15-Nov-2024
HOW I HACKED BILLION ANDROID USERS SOCIAL AND 3rd PARTY ACCOUNT | A STORY ABOUT 5000$ BUG |…https://medium.com/@karthithehacker/how-i-hacked-billion-android-users-social-and-3rd-party-account-a-story-about-5000-bug-54d8b6ce75df?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, bugbounty-writeup15-Nov-2024
NahamStore CTF Çözümü: Web Güvenlik Açıklarıyla Bug Bounty Pratiğihttps://berkkahya0.medium.com/nahamstore-ctf-%C3%A7%C3%B6z%C3%BCm%C3%BC-web-g%C3%BCvenlik-a%C3%A7%C4%B1klar%C4%B1yla-bug-bounty-prati%C4%9Fi-a1b3d7133329?source=rss------bug_bounty-5Berk Kahyabug-bounty, tryhackme, nahamstore, ctf-writeup, cybersecurity15-Nov-2024
Simple RXSS di website insight.kontan.co.idhttps://medium.com/@0xRedFox29/simple-rxss-di-website-insight-kontan-co-id-cfb39dd64a3a?source=rss------bug_bounty-5kunx90bug-bounty-tips, bug-bounty15-Nov-2024
TAKEOVERhttps://medium.com/@mukkagopi50/takeover-16aa79977e6b?source=rss------bug_bounty-5Gopi Mukkaaccount-takeover-attacks, vulnerability, bug-bounty, takeovers15-Nov-2024
Server-Side Request Forgery (SSRF)https://medium.com/@mukkagopi50/server-side-request-forgery-ssrf-80d168fd82f7?source=rss------bug_bounty-5Gopi Mukkabug-bounty, vulnerability, ssrf15-Nov-2024
How to Test for DNS Zone Transfer Attackshttps://dineshpathro9.medium.com/how-to-test-for-dns-zone-transfer-attacks-bf7c604bb28a?source=rss------bug_bounty-5hunterbug-bounty, bug-bounty-writeup, hacking, bugs, bug-bounty-tips15-Nov-2024
How I Exploited a Vulnerability to Change a User’s Backup Email Address (Easy P1 vulnerability)https://medium.com/@hasap134/how-i-exploited-a-vulnerability-to-change-a-users-backup-email-address-easy-p1-vulnerability-f854041f8e91?source=rss------bug_bounty-5Beescocybersecurity, vulnerability, bug-bounty, bug-bounty-tips, bugs15-Nov-2024
Earn $5000 After Learning How to Bypass the Rate Limiting for API Bug Hunting .https://medium.com/@anandrishav2228/earn-5000-after-learning-how-to-bypass-the-rate-limiting-for-api-bug-hunting-89dc40289120?source=rss------bug_bounty-5Rishav anandapi, money, cybersecurity, bug-bounty, hacking-tools15-Nov-2024
TALE OF A VULNERABILITY WHICH LEADS TO ACCOUNT TAKEOVER OF GOVERNMENT ANDROID APPLICATIONhttps://medium.com/@karthithehacker/tale-of-a-vulnerability-which-leads-to-account-takeover-of-government-android-application-6f47a57b8cfb?source=rss------bug_bounty-5Karthikeyan.Vvapt, bug-bounty, android15-Nov-2024
Easy $20,160 bug from hackeronehttps://medium.com/@loaymorad11/easy-20-160-bug-from-hackerone-aeac67ce3e81?source=rss------bug_bounty-5Loaymoradcybersecurity, penetration-testing, bug-bounty, hackerone, bugbounty-writeup15-Nov-2024
How did I found Account Takeover Vulnerability on takeuforward.orghttps://rajukani100.medium.com/how-did-i-found-account-takeover-vulnerability-on-takeuforward-org-735630b4167c?source=rss------bug_bounty-5Raj Ukanihacking, cyber-security-awareness, bug-bounty, bug-bounty-writeup, developer15-Nov-2024
Today How to get $500 Bounty on HackerOne — P3https://medium.com/@bugbounty_learners/today-how-to-get-500-bounty-on-hackerone-p3-345fa44f76a3?source=rss------bug_bounty-5bugbounty_learnersbug-bounty-writeup, bugs, bug-bounty-tips, software-development, bug-bounty15-Nov-2024
My first bountyhttps://medium.com/@josuofficial327/my-first-bounty-fdddb7ef5611?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binupenetration-testing, ethical-hacking, bug-bounty-writeup, bug-bounty, bug-bounty-tips15-Nov-2024
These books will help to learn bug bounty & penetration testing and ethical hacking. Part 1 .https://osintteam.blog/these-books-will-help-to-learn-bug-bounty-penetration-testing-and-ethical-hacking-part-1-635781cd3aaa?source=rss------bug_bounty-5loyalonlytodaytips, books, hacking, bug-bounty, cybersecurity15-Nov-2024
Known Brands, Government Domains, and More Hijacked via Sitting Ducks Attacks!https://medium.com/@wiretor/known-brands-government-domains-and-more-hijacked-via-sitting-ducks-attacks-fddd61bd6105?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesusa, hacking, ransomware, malware, bug-bounty15-Nov-2024
New Glove Infostealer Malware Bypasses Chrome’s Cookie Encryption: A Growing Threathttps://medium.com/@wiretor/new-glove-infostealer-malware-bypasses-chromes-cookie-encryption-a-growing-threat-e4377ef1f2a7?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, programming, hacking15-Nov-2024
Critical Plugin Flaw Exposed 4 Million WordPress Websites to Takeoverhttps://medium.com/@wiretor/critical-plugin-flaw-exposed-4-million-wordpress-websites-to-takeover-7cf7b5984ab4?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesprogramming, ransomware, malware, bug-bounty, wordpress15-Nov-2024
CSRF leads to delete accounthttps://xsametyigit.medium.com/csrf-leads-to-delete-account-711dde21af1e?source=rss------bug_bounty-5Samet Yiğitbug-bounty-tips, bugbounty-writeup, bug-bounty15-Nov-2024
How I Got Access to an Admin Portal by Response Manipulationhttps://medium.com/@anonymousshetty2003/how-i-got-access-to-an-admin-portal-by-response-manipulation-d2abeec7ce58?source=rss------bug_bounty-5Anonymousshettycybersecurity, bug-bounty, bug-bounty-writeup, bug-bounty-tips, ethical-hacking15-Nov-2024
3 reflected XSS in one programhttps://xsametyigit.medium.com/3-reflected-xss-in-one-program-c50469c6d522?source=rss------bug_bounty-5Samet Yiğitbug-bounty-writeup, bug-bounty, bug-bounty-tips15-Nov-2024
New Script — Leakix CLI by VECERThttps://medium.com/@vecert/new-script-leakix-cli-by-vecert-68abbf35d08d?source=rss------bug_bounty-5VECERTpentesting, leakix, osint, bug-bounty15-Nov-2024
2 good tools for subdomain enumration.https://osintteam.blog/2-good-tools-for-subdomain-enumration-ca3ee36fbf81?source=rss------bug_bounty-5loyalonlytodaytips, hacking, bug-bounty, subdomains-enumeration, cybersecurity14-Nov-2024
Beginner's guide for Input Data Validation Checklisthttps://bitpanic.medium.com/beginners-guide-for-input-data-validation-checklist-2f9d5ef4a341?source=rss------bug_bounty-5Spectat0rguycybersecurity, information-technology, bug-bounty, cyber-security-awareness, bug-bounty-tips14-Nov-2024
Critical File Upload Vulnerabilities: Exploits and Mitigation Strategieshttps://medium.com/@security.tecno/critical-file-upload-vulnerabilities-exploits-and-mitigation-strategies-90230e8a31bf?source=rss------bug_bounty-5TECNO Securityblog, scurity, bug-bounty, hacking14-Nov-2024
Is HackerOne Support Service Degrading?https://medium.com/@abdulparkar/is-hackerone-support-service-degrading-cbfa6adc1027?source=rss------bug_bounty-5Abdul Rehman Parkarprogramming, hackerone, cybersecurity, ethical-hacking, bug-bounty14-Nov-2024
ISRO: YouTube Broken Link Hijackhttps://infosecwriteups.com/isro-youtube-broken-link-hijack-304a92001b47?source=rss------bug_bounty-5Dishant Modibug-bounty, bug-bounty-tips, broken-link, hall-of-fame, vulnerability14-Nov-2024
Helpful Resources for Bug Huntershttps://medium.com/meetcyber/helpful-resources-for-bug-hunters-53dbe011cdd4?source=rss------bug_bounty-5AbhirupKonwarethical-hacking, bug-bounty-tips, bug-bounty, pentesting, hacking14-Nov-2024
How i hacked NASA (WARNING: Dad Jokes)https://medium.com/@rootplinix/how-i-hacked-nasa-warning-dad-jokes-7424faec5790?source=rss------bug_bounty-5Abu Hurayrahacking, cybersecurity-awareness, bug-bounty, cybersecurity, bug-bounty-tips14-Nov-2024
Finding Security Design Flaw in a FAANG to later be ghosted by Recruiter: A funny Talehttps://medium.com/bug-bounty-hunting/finding-security-design-flaw-in-a-faang-to-later-be-ghosted-by-recruiter-a-funny-tale-73e73fb0d6aa?source=rss------bug_bounty-5Ronnie Josephgoogle, netflix, bug-bounty, cybersecurity, meta14-Nov-2024
AI in Bug Bounty Hunting: A Step-by-Step Tutorial for Beginnershttps://prakash888kpk.medium.com/ai-in-bug-bounty-hunting-a-step-by-step-tutorial-for-beginners-673e24aed66c?source=rss------bug_bounty-5Lets Unlearnmachine-learning, bug-bounty, bug-bounty-tips, ai, bug-bounty-writeup14-Nov-2024
How I Uncovered an SSRF Vulnerability in a Private HackerOne Programhttps://medium.com/@josuofficial327/how-i-uncovered-an-ssrf-vulnerability-in-a-private-hackerone-program-4c3146b414ff?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuethical-hacking, bugbounty-writeup, bug-bounty-tips, bug-bounty, bug-bounty-writeup14-Nov-2024
Basics of Stored XSS and Demohttps://medium.com/@kcaaditya976/basics-of-stored-xss-and-demo-d410714a77c0?source=rss------bug_bounty-5Laxiousbug-bounty, cybersecurity, bug-bounty-hunting, xss-attack, stored-xss14-Nov-2024
Bug Report: Broken Access Control in Google Photoshttps://medium.com/@abhinavsingwal/bug-report-broken-access-control-in-google-photos-d9c10ca8c472?source=rss------bug_bounty-5Abhinavsingwalgoogle-vulnerability, bug-bounty, google-bug-report, bug-report, google-photos-bug14-Nov-2024
My Journey to Drugs Hall of Fame in just 10 minuteshttps://medium.com/@bugbounty_learners/my-journey-to-drugs-hall-of-fame-in-just-10-minutes-dcd03240e42a?source=rss------bug_bounty-5bugbounty_learnersbug-bounty-tips, bug-bounty-writeup, bugs, web-development, bug-bounty14-Nov-2024
Mastering Reconnaissance Part 3: Unleashing Advanced Exploitation and Post-Recon Tacticshttps://myselfakash20.medium.com/mastering-reconnaissance-part-3-unleashing-advanced-exploitation-and-post-recon-tactics-b81369678040?source=rss------bug_bounty-5Akash Ghoshcybersecurity, bug-bounty-tips, bug-bounty-writeup, bugbounty-writeup, bug-bounty14-Nov-2024
CISA & FBI Confirm China Hacked Telecom Providers for Spying: What Does This Mean for Your…https://medium.com/@wiretor/cisa-fbi-confirm-china-hacked-telecom-providers-for-spying-what-does-this-mean-for-your-f523b2459c75?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, pentest, bug-bounty, malware, ransomeware14-Nov-2024
Idaho Man Sentenced to 10 Years for Hacking, Data Theft, and Extortionhttps://medium.com/@wiretor/idaho-man-sentenced-to-10-years-for-hacking-data-theft-and-extortion-003b243e419f?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesprogramming, malware, bug-bounty, zero-day, hacking14-Nov-2024
Windows Zero-Day Exploited by Russia Triggered With File Drag-and-Drop, Delete Actionshttps://medium.com/@wiretor/windows-zero-day-exploited-by-russia-triggered-with-file-drag-and-drop-delete-actions-0dd82469e486?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, usa, hacking, bug-bounty, ransomware14-Nov-2024
Storm-1811’s Quick-Assist phishing could have been worsehttps://mrsheepsheep.medium.com/storm-1811s-quick-assist-phishing-could-have-been-worse-fd84e04b0daa?source=rss------bug_bounty-5Alexandre Souleaucybersecurity, xss-attack, bug-bounty, microsoft14-Nov-2024
Server-Side Request Forgery $(SSRF)$ allows internal ports scanninghttps://medium.com/h7w/server-side-request-forgery-ssrf-allows-internal-ports-scanning-ef7edf6534b7?source=rss------bug_bounty-5socalledhackerhacking, infosec, cybersecurity, bug-bounty-tips, bug-bounty14-Nov-2024
Bypass Rate-Limit via X-Forwarded-Forhttps://medium.com/@null.x.b1ty/bypass-rate-limit-via-x-forwarded-for-ea26c7a25a90?source=rss------bug_bounty-5Snoop-doghackerone, bug-bounty14-Nov-2024
How i Finded a easy dom xss.https://infosecwriteups.com/how-i-finded-a-easy-dom-xss-6499afc21b5d?source=rss------bug_bounty-5loyalonlytodaybug-bounty, tips, hacking, xss-attack, cybersecurity14-Nov-2024
SQL Injection: How I Secured Personal Information (PII) of 1.1M Job Seekershttps://infosecwriteups.com/sql-injection-how-i-secured-personal-information-pii-of-1-1m-job-seekers-7f7c55d11fbc?source=rss------bug_bounty-5brutexploitercybersecurity, software-engineering, bug-bounty, technology, programming14-Nov-2024
Exposing a Data Leak Vulnerability: My Journey to Discoveryhttps://infosecwriteups.com/exposing-a-data-leak-vulnerability-my-journey-to-discovery-d7222b48d81c?source=rss------bug_bounty-5Abhishek Bhujangsecurity, hacking, bug-hunting, ethical-hacking, bug-bounty14-Nov-2024
Discovering My First Vulnerability in a Few Minuteshttps://medium.com/@jagdishdammala/discovering-my-first-vulnerability-in-a-few-minutes-6bbc9419cbfc?source=rss------bug_bounty-5Jagdish Dammalabug-bounty14-Nov-2024
Account Takeover: How I Gained Access to Any User Account Through a Simple Registration Flawhttps://0d-amr.medium.com/account-takeover-how-i-gained-access-to-any-user-account-through-a-simple-registration-flaw-96f9f6bdc0ae?source=rss------bug_bounty-5Amrctf, pentesting, hacking, bug-bounty, security14-Nov-2024
Exploiting SSTI Vulnerability on an E-commerce Website: A Professional Walkthroughhttps://medium.com/@MianHammadx0root/exploiting-ssti-vulnerability-on-an-e-commerce-website-a-professional-walkthrough-6cc95afb2b38?source=rss------bug_bounty-5Mian Hammadbug-bounty, server-side, server-security, penetration-testing, ssti13-Nov-2024
How I Found an SQL Injection in coupon codehttps://medium.com/@gheeX/how-i-found-an-sql-injection-in-coupon-code-f31d6eb1a720?source=rss------bug_bounty-5Ghee1337bug-bounty, infosec, bug-bounty-tips, sql-injection, bug-bounty-writeup13-Nov-2024
Breaking In with Guest: My First Bug Bountyhttps://ghostman01.medium.com/guest-admin-a7c70aa10ddb?source=rss------bug_bounty-5SIDDHANT SHUKLAhacking, bug-bounty, bug-bounty-writeup, cybersecurity, bug-hunting13-Nov-2024
Introducing Loxs: The Ultimate Multi-Vulnerability Scanner for Web Applicationshttps://anishalx.medium.com/introducing-loxs-the-ultimate-multi-vulnerability-scanner-for-web-applications-907ed2b2004b?source=rss------bug_bounty-5Anish alxhacking-tools, python, pentesting, hacking, bug-bounty13-Nov-2024
1500$ Open Reduction Bug: Performed Restricted Actions in login pagehttps://medium.com/@bugbounty_learners/1500-open-reduction-bug-performed-restricted-actions-in-login-page-4194359c1fc2?source=rss------bug_bounty-5bugbounty_learnersbug-bounty-writeup, bug-bounty-tips, web-development, bug-bounty, open-redirect13-Nov-2024
Blind XSS Bug Hunting Methodologyhttps://osintteam.blog/blind-xss-bug-hunting-methodology-b997c37a9620?source=rss------bug_bounty-5AbhirupKonwarpentesting, cybersecurity, ethical-hacking, xss-attack, bug-bounty13-Nov-2024
A Deep Dive into Nmap Scripts for Web Application Testinghttps://systemweakness.com/a-deep-dive-into-nmap-scripts-for-web-application-testing-6a9b3a06995e?source=rss------bug_bounty-5Khaleel Khanhacking, nmap, infosec, bug-bounty, cybersecurity13-Nov-2024
SQL Injection UNION Attack, Retrieving Data from Other Tableshttps://medium.com/@marduk.i.am/sql-injection-union-attack-retrieving-data-from-other-tables-38f471813c57?source=rss------bug_bounty-5Marduk I Ambug-bounty, information-security, sql-injection, portswigger-lab, sqli13-Nov-2024
Easy Bug: How I Uncovered and Re-Exploited a Resolved Vulnerability from a Disclosed Reporthttps://medium.com/@cvjvqmmsm/easy-bug-how-i-uncovered-and-re-exploited-a-resolved-vulnerability-from-a-disclosed-report-ab2211a98b7b?source=rss------bug_bounty-5Barbarossabug-bounty, bugbounty-writeup13-Nov-2024
Common Mistakes in Coding: How to Avoid Themhttps://medium.com/@kharodawalam/common-mistakes-in-coding-how-to-avoid-them-9e5c881b0473?source=rss------bug_bounty-5Mohammed Kharodawalamistakes-to-avoid, bug-bounty, data-structure-algorithm, programming, software-development13-Nov-2024
Mobile Application Penetration Testing Checklisthttps://infosecwriteups.com/mobile-application-penetration-testing-checklist-460deadf3d9f?source=rss------bug_bounty-5Ajay Naikinformation-security, penetration-testing, information-technology, cybersecurity, bug-bounty13-Nov-2024
5 Golden Tips to Land Your First Job in Offensive Securityhttps://medium.com/@eran25670/5-golden-tips-to-land-your-first-job-in-offensive-security-e960b4215dc7?source=rss------bug_bounty-5Erancybersecurity, offensive-security, penetration-testing, bug-bounty-tips, bug-bounty13-Nov-2024
clickjacking: definição, impactos, mecanismo e prevençãohttps://medium.com/@Poystick/clickjacking-defini%C3%A7%C3%A3o-impactos-mecanismo-e-preven%C3%A7%C3%A3o-46e05a89614b?source=rss------bug_bounty-5Tarcísio Luchesihacking, bug-bounty, programação12-Nov-2024
Mastering Reconnaissance Part 2: Advanced Scanning, Content Discovery, and Automation for Bug…https://myselfakash20.medium.com/mastering-reconnaissance-part-2-advanced-scanning-content-discovery-and-automation-for-bug-8903a7c190a6?source=rss------bug_bounty-5Akash Ghoshbugbounty-writeup, bug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips12-Nov-2024
Your Guide to Web Reconnaissance: Mastering the Art of Information Gatheringhttps://medium.com/@secinfinitylabs/your-guide-to-web-reconnaissance-mastering-the-art-of-information-gathering-32dfee5f2deb?source=rss------bug_bounty-5Secinfinity Labsinformation-gathering, information-security, penetration-testing, bug-bounty-tips, bug-bounty12-Nov-2024
Top 10 Threat Actors of 2024https://medium.com/@alexandermr289/top-10-threat-actors-of-2024-4ac605357291?source=rss------bug_bounty-5Mr_alexanderosint, cybersecurity, bug-bounty, news, medium12-Nov-2024
Become a Writer for Cybersecurity Write-ups!https://cybersecuritywriteups.com/become-a-writer-for-cybersecurity-write-ups-3f1e780323a8?source=rss------bug_bounty-5Abdul Rehman Parkarbug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips, bugbounty-writeup12-Nov-2024
Showing Impact is Your friend (500$+500$ bounties)https://medium.com/@noureldin1042/showing-impact-is-your-friend-500-500-bounties-2ed87f3a64b7?source=rss------bug_bounty-5Noureldin(0x_5wf)programming-languages, bug-bounty, bug-bounty-tips, programming, bug-bounty-writeup12-Nov-2024
Exploring docker-compose.yaml leads to sensitive disclosurehttps://medium.com/@raituzki/exploring-docker-compose-yaml-leads-to-sensitive-disclosure-1feaa3d3317f?source=rss------bug_bounty-5Muhamad Raidinoor Pashahacking, bug-bounty-tips, docker, yaml, bug-bounty12-Nov-2024
How I hacked 100 hackershttps://corneacristian.medium.com/how-i-hacked-100-hackers-5c3c313e8a1a?source=rss------bug_bounty-5Cristian Corneabug-bounty, intelligence, hacking, cybersecurity, penetration-testing12-Nov-2024
Bug Bounty | Here’s Why Your Way To Success Doesn’t Lie In Learninghttps://medium.com/@sM0ky4/bug-bounty-heres-why-your-way-to-success-doesn-t-lie-in-learning-bc72d4000b88?source=rss------bug_bounty-5sM0ky4cybersecurity, bug-bounty-tips, bug-bounty, time-management12-Nov-2024
How Can You Be Sure That Ethical Hackers Are TRULY Ethical?https://medium.com/@hackrate/how-can-you-be-sure-that-ethical-hackers-are-truly-ethical-17ee0fcc6058?source=rss------bug_bounty-5Hackratebug-bounty, ethical-hacking, hacking, penetration-testing, cybersecurity12-Nov-2024
HTTP Desync Attack (Request Smuggling) - Mass Account Takeoverhttps://medium.com/@bugbounty_learners/http-desync-attack-request-smuggling-mass-account-takeover-0292fcc8c4a4?source=rss------bug_bounty-5bugbounty_learnersbug-bounty, web-development, bug-bounty-tips, bug-bounty-writeup, bugs12-Nov-2024
Complete Guide to Securing Web Applications on Ports 80 and 443https://medium.com/@verylazytech/complete-guide-to-securing-web-applications-on-ports-80-and-443-a123def0b82c?source=rss------bug_bounty-5Very Lazy Techowasp-top-10, web-application-security, bug-bounty, penetration-testing, web-security12-Nov-2024
Advanced Techniques for Bypassing Web Filters: A Practical Guide to Identifying and Exploiting XSS…https://thexssrat.medium.com/advanced-techniques-for-bypassing-web-filters-a-practical-guide-to-identifying-and-exploiting-xss-f6cadeedf9ca?source=rss------bug_bounty-5Thexssrathacks, bug-bounty, penetration-testing, xss-attack, hacking12-Nov-2024
M3 — Insecure Authentication/Authorizationhttps://medium.com/@tamires.scruz/m3-insecure-authentication-authorization-cedf6e94d1ce?source=rss------bug_bounty-5Tamy Angelbug-bounty, owasp, pentesting, android, cybersecurity12-Nov-2024
SHODAN Cheat Sheet — A Comprehensive Guide to Shodan: The Search Engine for Hackershttps://medium.com/@iamshafayat/shodan-cheat-sheet-a-comprehensive-guide-to-shodan-the-search-engine-for-hackers-451b403f328f?source=rss------bug_bounty-5Shafayat Ahmed Alifcheatsheet, shodan, cybersecurity, ethical-hacking, bug-bounty12-Nov-2024
Exploiting Server-Side Template Injection (SSTI) with a Custom Exploit: PortSwigger Lab Walkthroughhttps://medium.com/@0xA4zOo0/exploiting-server-side-template-injection-ssti-with-a-custom-exploit-portswigger-lab-walkthrough-a661d5c47001?source=rss------bug_bounty-5A Z Obug-bounty, ssti, hacking12-Nov-2024
Complete Guide to pentesting Web Applications on Ports 80 and 443https://medium.com/@verylazytech/complete-guide-to-securing-web-applications-on-ports-80-and-443-a123def0b82c?source=rss------bug_bounty-5Very Lazy Techowasp-top-10, web-application-security, bug-bounty, penetration-testing, web-security12-Nov-2024
How I Hijacked an Abandoned Twitter Account and Why Broken Link Hijacking Mattershttps://medium.com/@anonymousshetty2003/how-i-hijacked-an-abandoned-twitter-account-and-why-broken-link-hijacking-matters-0128e0f562c8?source=rss------bug_bounty-5Anonymousshettyethical-hacking, broken-link-hijacking, cybersecurity, bug-bounty12-Nov-2024
How AI is Making Bug Bounties More Accessible for New Hackershttps://pointlessai.medium.com/how-ai-is-making-bug-bounties-more-accessible-for-new-hackers-726f9a058eac?source=rss------bug_bounty-5PointlessAIbug-bounty-tips, ai, bug-bounty, vulnerability-management12-Nov-2024
How I Discovered a Private Key Leak on a Company’s Subdomainhttps://medium.com/@anonymousshetty2003/how-i-discovered-a-private-key-leak-on-a-companys-subdomain-929100e7a561?source=rss------bug_bounty-5Anonymousshettybug-bounty, cybersecurity, ethical-hacking12-Nov-2024
Top Cybersecurity Tools Every Professional Should Knowhttps://medium.com/@paritoshblogs/top-cybersecurity-tools-every-professional-should-know-0aff34558518?source=rss------bug_bounty-5Paritoshinformation-security, chatgpt, bug-bounty, cybersecurity, hacking12-Nov-2024
North Korean Hackers Use Flutter Apps to Evade macOS Securityhttps://medium.com/@wiretor/north-korean-hackers-use-flutter-apps-to-evade-macos-security-e22221dd9696?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicespentesting, malware, bug-bounty, ransomware, hacking12-Nov-2024
Massive Data Breach Affects Millions of Hot Topic Customershttps://medium.com/@wiretor/massive-data-breach-affects-millions-of-hot-topic-customers-b03fe562e0f7?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicespentesting, malware, bug-bounty, ransomware12-Nov-2024
Form I-9 Compliance Data Breach Impacts Over 190,000 Peoplehttps://medium.com/@wiretor/form-i-9-compliance-data-breach-impacts-over-190-000-people-adee0a89694c?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, malware, hacking, bug-bounty, pentesting12-Nov-2024
Finding more infromation about a email using a osint tool.https://osintteam.blog/finding-more-infromation-about-a-email-using-a-osint-tool-d557a0579414?source=rss------bug_bounty-5loyalonlytodaycybersecurity, osint, bug-bounty, hacking, osint-investigation12-Nov-2024
️‍♂️Recon For New Bug bounty Hunters — Short Storyhttps://sud-defcon.medium.com/%EF%B8%8F-%EF%B8%8Frecon-for-new-bug-bounty-hunters-short-story-2992e780fbbb?source=rss------bug_bounty-5Sudarshan Patelreconnaissance, bug-bounty-tips, bug-bounty, recon, bug-bounty-writeup12-Nov-2024
Hacking Knowledge Around The Corner. From Where To Learn Hacking Skills?https://medium.com/meetcyber/hacking-knowledge-around-the-corner-c2a48214d052?source=rss------bug_bounty-5NnFacecybersecurity, kali-linux, bug-bounty, hacking, knowledge12-Nov-2024
Volt Typhoon Botnet Rebuilds After FBI Crackdownhttps://medium.com/@wiretor/volt-typhoon-botnet-rebuilds-after-fbi-crackdown-e23a74459ff6?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Serviceshacking, programming, malware, ransomeware, bug-bounty12-Nov-2024
Extract full photos/videos database from any locked Google Pixel phonehttps://medium.com/@rus1r105/extract-full-photos-videos-database-from-any-locked-google-pixel-phone-be6da35ad93d?source=rss------bug_bounty-5rus1r105cybersecurity, android, google-vrp, bug-bounty, writeup11-Nov-2024
How I Found an HTML Injection in Email Vulnerability on Samsung, Leading to a $$$$ Paydayhttps://cybersecuritywriteups.com/how-an-html-injection-vulnerability-in-samsung-emails-led-to-a-payday-3dcfccc12a36?source=rss------bug_bounty-5Taha Diwanbug-bounty, cybersecurity, ethical-hacking, penetration-testing, web-penetration-testing11-Nov-2024
[2024 Thanksgiving] Security Technology Research Writing Activityhttps://medium.com/@security.tecno/2024-thanksgiving-security-technology-research-writing-activity-325e4b0fd9c8?source=rss------bug_bounty-5TECNO Securitywriting, research, bug-bounty, security11-Nov-2024
Hacking Active Directory and Earn upto $30,000.https://medium.com/@anandrishav2228/hacking-active-directory-and-earn-upto-30-000-9561858a3c8f?source=rss------bug_bounty-5Rishav anandbug-bounty, active-directory, money, hacking, cybersecurity11-Nov-2024
Recon JavaScript Files with Rarely Encountered Techniqueshttps://zucki.medium.com/recon-javascript-files-with-rarely-encountered-techniques-5882a3ad1955?source=rss------bug_bounty-5Marzuckibug-bounty, automation, recon, automation-testing, javascript11-Nov-2024
#Task 20 - HTTP Request Sumgling — Basics & Types -> Only for Bignershttps://medium.com/@bugbounty_learners/task-1-http-request-sumgling-basics-types-only-for-bigners-2157461dca3e?source=rss------bug_bounty-5bugbounty_learnerscybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty, web-development11-Nov-2024
GetSimpleCMS CSRF | Parol Dəyişdirmə Funksiyasında Tapdığım CSRF boşluğuhttps://zeynalxan.medium.com/getsimplecms-csrf-parol-d%C9%99yi%C5%9Fdirm%C9%99-funksiyas%C4%B1nda-tapd%C4%B1%C4%9F%C4%B1m-csrf-bo%C5%9Flu%C4%9Fu-8786c125453e?source=rss------bug_bounty-5Zeynalxan Quliyevcsrf-attack, csrf, ato, bug-bounty, cybersecurity11-Nov-2024
PRE-ACCOUNT TAKEOVER through Oauth misconfiguration on a mailing websitehttps://infosecwriteups.com/pre-account-takeover-through-misconfigured-oauth-on-a-mailing-website-b906a5c118e9?source=rss------bug_bounty-5Harishcybersecurity, ethical-hacking, cyber-security-awareness, bug-bounty-tips, bug-bounty11-Nov-2024
Jumping into Bug Bounty Automationhttps://bitpanic.medium.com/jumping-into-bug-bounty-automation-4739abdb6d15?source=rss------bug_bounty-5Spectat0rguyinformation-security, cybersecurity, bug-bounty, information-technology, infosec11-Nov-2024
Won’t Fix Vulnerabilities in Google Colabhttps://0xjin.medium.com/wont-fix-vulnerabilities-in-google-colab-fcd3b6581746?source=rss------bug_bounty-50xJinbug-bounty, bug-bounty-writeup, google, bug-bounty-tips11-Nov-2024
Exposing the Dark Side of Google Dorks: How I Extracted Millions of Emails.https://pwndecoco.medium.com/exposing-the-dark-side-of-google-dorks-how-i-extracted-millions-of-emails-0fe0f7f6db8b?source=rss------bug_bounty-5Pwndec0c0hacking, cybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty11-Nov-2024
Server-Side Template Injection in an Unknown Language with a Documented Exploit — SSTI…https://medium.com/@rcxsecurity/server-side-template-injection-in-an-unknown-language-with-a-documented-exploit-ssti-de01a069b946?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Caféhacking, information-security, pentesting, bug-bounty, cybersecurity11-Nov-2024
P4 bug’s and their POC steps | Part 7 | $Easy Money$https://medium.com/h7w/p4-bugs-and-their-poc-steps-part-7-easy-money-d7cb9270f539?source=rss------bug_bounty-5socalledhackerinfosec, hacking, cybersecurity, bug-bounty-tips, bug-bounty11-Nov-2024
How I Found a Critical 9.8 Bug — Directory Listing leads to Critical P1 Exposure of PII and morehttps://medium.com/@enigma_/how-i-found-a-critical-9-8-9c4d14d82e20?source=rss------bug_bounty-5enigmaowasp, bug-bounty, directory-listing, ethical-hacking, hacker10-Nov-2024
Addressing OWASP Top 10 Vulnerabilities: Why You Need Wire Tor’s Pentesting Serviceshttps://medium.com/@wiretor/addressing-owasp-top-10-vulnerabilities-why-you-need-wire-tors-pentesting-services-5d2f374c3f22?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbreached, hacking, usa, bug-bounty, malware10-Nov-2024
How I was able to inject my malicious link in Email Confirmation Link ( Link Injection / Open…https://infosecwriteups.com/how-i-able-to-inject-my-malicious-link-in-email-confirmation-link-link-injection-open-redirect-dbf95075f89c?source=rss------bug_bounty-5Abdul Rehman Parkarcybersecurity, bug-bounty-writeup, infosec-write-ups, ethical-hacking, bug-bounty10-Nov-2024
Mastering Reconnaissance: The Ultimate Guide for Bug Hunters (Part 1)https://myselfakash20.medium.com/mastering-reconnaissance-the-ultimate-guide-for-bug-hunters-part-1-b91a2367ee65?source=rss------bug_bounty-5Akash Ghoshbug-bounty-writeup, bug-bounty, bug-bounty-tips, recon, bugbounty-writeup10-Nov-2024
Week 1: Documenting My Journey as a Full-Time Bug Hunterhttps://mokhansec.medium.com/week-1-documenting-my-journey-as-a-full-time-bug-hunter-fbe1bbefeb79?source=rss------bug_bounty-5Mohsin khanbugs, bug-bounty-tips, bug-bounty-writeup, bug-bounty10-Nov-2024
From P5(Informational)to Medium(P3) : How I was able to achieve it it in Dept of Defense VDP?https://medium.com/@tirqwork1/from-p5-informational-to-medium-p3-how-i-was-able-to-achieve-it-it-in-dept-of-defense-vdp-76e5eda28b5a?source=rss------bug_bounty-5ARoyus-dept-of-defense, data-protection, hackerone, bug-bounty, cybersecurity10-Nov-2024
From System Administrator to Bug Bounty Hunter: A Journey into Web Securityhttps://medium.com/@zero_4583/from-system-administrator-to-bug-bounty-hunter-a-journey-into-web-security-9b37bb52dde2?source=rss------bug_bounty-5Nathan Vincentapp-security, learning-to-code-journey, bug-bounty, secure-coding10-Nov-2024
How I was able to inject malicious link in Email Confirmation Link ( Link Injection / Open…https://cybersecuritywriteups.com/how-i-able-to-inject-my-malicious-link-in-email-confirmation-link-link-injection-open-redirect-dbf95075f89c?source=rss------bug_bounty-5Abdul Rehman Parkarcybersecurity, bug-bounty-writeup, infosec-write-ups, ethical-hacking, bug-bounty10-Nov-2024
How a Unique Combination Opened the Door to an IDORhttps://infosecwriteups.com/how-a-unique-combination-opened-the-door-to-an-idor-f44a3efe51e8?source=rss------bug_bounty-5Supun Halangoda (Suppa)cybersecurity, bug-bounty-writeup, bug-bounty-tips, secure-coding, bug-bounty10-Nov-2024
POC — CVE-2024–10914 Command Injection Vulnerability in `name` parameter for D-Link NAShttps://medium.com/@verylazytech/poc-cve-2024-10914-command-injection-vulnerability-in-name-parameter-for-d-link-nas-194e70f68120?source=rss------bug_bounty-5Very Lazy Techcommand-injection, cybersecurity, cve-2024-10914, bug-bounty, remote-code-execution10-Nov-2024
CRLF Injection Zero to Masterhttps://medium.com/@bugbounty_learners/crlf-injection-zero-to-master-17a93afc33a3?source=rss------bug_bounty-5bugbounty_learnersbug-bounty-tips, bug-bounty-writeup, bug-bounty, software-development, web-development10-Nov-2024
Possible subdomain takeovers gives me 1000 dollarshttps://medium.com/lucky-vulnerabilities/possible-subdomain-takeovers-gives-me-1000-dollars-9f3ad682ddce?source=rss------bug_bounty-5Lucky Vulnerabilitiesbug-bounty, bug-bounty-tips, bug-hunting, updates, news10-Nov-2024
HackTheBox: Information Gatheringhttps://medium.com/@rodripadisec/hackthebox-information-gathering-7af3526f13f5?source=rss------bug_bounty-5pad1ryoshireconnaissance, web3, hackthebox-academy, hackthebox, bug-bounty10-Nov-2024
Understanding Common Windows Commands and How Threat Actors Use Them:https://medium.com/@wtrentond/understanding-common-windows-commands-and-how-threat-actors-use-them-34298408e163?source=rss------bug_bounty-5Trent Wtech, cybersecurity, microsoft, bug-bounty, technology10-Nov-2024
Double Race Condition : Breaking Ruleshttps://sayedv2.medium.com/double-race-condition-breaking-rules-88850372afb8?source=rss------bug_bounty-5Mohamed Sayedcybersecurity, bugbounty-writeup, race-condition, bugbounty-tips, bug-bounty10-Nov-2024
Ethical Hacking — How It Helps Prevent Cyber Attackshttps://medium.com/@RocketMeUpCybersecurity/ethical-hacking-how-it-helps-prevent-cyber-attacks-41d3d791c7c9?source=rss------bug_bounty-5RocketMe Up Cybersecurityethical-hacking, bug-bounty, cyberattack, penetration-testing, vulnerability-assessment10-Nov-2024
Hackers Evade Detection with New ZIP File Concatenation Technique!https://medium.com/@wiretor/hackers-evade-detection-with-new-zip-file-concatenation-technique-3bd29544f96e?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransom, bug-bounty, hacking, pentesting, malware10-Nov-2024
HackTheBox: Information Gatheringhttps://pad1ryoshi.medium.com/hackthebox-information-gathering-7af3526f13f5?source=rss------bug_bounty-5pad1ryoshireconnaissance, web3, hackthebox-academy, hackthebox, bug-bounty10-Nov-2024
30 Books To Learn H@ackinghttps://osintteam.blog/30-books-to-learn-h-acking-2911c57f148c?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitprogramming, bug-bounty, books, technology, hacking10-Nov-2024
Understanding Common Windows Commands and How Threat Actors Use Them:https://medium.com/@wtrentond/understanding-common-windows-commands-and-how-threat-actors-use-them-34298408e163?source=rss------bug_bounty-5Trent Wtech, artificial-intelligence, cybersecurity, bug-bounty, technology10-Nov-2024
Possible subdomain takeovers gives me 1000 dollarshttps://medium.com/lucky-vulnerabilities/possible-subdomain-takeovers-gives-me-1000-dollars-9f3ad682ddce?source=rss------bug_bounty-5Lucky Vulnerabilitiesbug-bounty, bug-bounty-tips, bug-hunting, updates, news10-Nov-2024
BugBounty — Mastering the Basics (along with Resources)[Part-3]https://medium.com/@iabhipathak/bugbounty-mastering-the-basics-along-with-resources-part-3-1619f6854e20?source=rss------bug_bounty-5Abhinav Pathaksecurity, privacy, cybersecurity, hacking, bug-bounty09-Nov-2024
Analyzing JavaScript Files for Retrieving Admin Credentialshttps://medium.com/@abdullah12987654/analyzing-javascript-files-for-retrieving-admin-credentials-0c6f25ff507a?source=rss------bug_bounty-5Abdullahweb-vulnerabilities, pentesting, cyber-security-services, hacking, bug-bounty09-Nov-2024
IDOR and Excessive Data Exposure in Mobile Application — The Tale of an IDOR # 02https://medium.com/@abdullah12987654/idor-and-excessive-data-exposure-in-mobile-application-9bab953ea2b6?source=rss------bug_bounty-5Abdullahbug-bounty, idor-vulnerability, hacking, cyber-security-services, pentesting09-Nov-2024
Username restrictions bypass on Hackerone programhttps://medium.com/@bugbounty_learners/username-restrictions-bypass-on-hackerone-program-61f4c8ff8b44?source=rss------bug_bounty-5bugbounty_learnersbug-bounty-writeup, bug-bounty, bug-zero, bug-bounty-tips, bugs09-Nov-2024
API Security Penetration Testing Checklisthttps://infosecwriteups.com/api-security-testing-penetration-testing-checklist-bb2969906ec1?source=rss------bug_bounty-5Ajay Naikinfosec, information-security, information-technology, bug-bounty, cybersecurity09-Nov-2024
how i found 3 open redirect bugs on hackerone public program?https://doordiefordream.medium.com/how-i-found-3-open-redirect-bugs-on-hackerone-public-program-d6f75850996b?source=rss------bug_bounty-5balu bandiethical-hacking, hacking, cybersecurity, vulnerability, bug-bounty09-Nov-2024
How I Accidentally Found a ‘Cache Magic Trick’ — aka Unauthenticated PURGE on Varnish (Hold My…https://medium.com/@mayankmalaviya3/how-i-accidentally-found-a-cache-magic-trick-aka-unauthenticated-purge-on-varnish-hold-my-5e13e5056618?source=rss------bug_bounty-5Mayank Malaviya (Aiwolfie)bug-bounty, unauthenticated-purge, penetration-testing, security, unauthenticated09-Nov-2024
“Hack Smarter, Not Harder: Google Dorks for Fast Bug Hunting and Recon”https://myselfakash20.medium.com/hack-smarter-not-harder-google-dorks-for-fast-bug-hunting-and-recon-3029a4004cfd?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, bugs, bug-bounty, bug-bounty-writeup09-Nov-2024
John the Ripper in Cybersecurityhttps://infosecwriteups.com/john-the-ripper-in-cybersecurity-46c8f5c3a99f?source=rss------bug_bounty-5Ajay Naikcybersecurity-training, cybersecurity, bug-bounty, information-technology, penetration-testing09-Nov-2024
Predicting Cyber Threats: Can We Use Threat Intelligence to Forecast Attacks Like Weather?https://medium.com/@paritoshblogs/predicting-cyber-threats-can-we-use-threat-intelligence-to-forecast-attacks-like-weather-4f57175b25ec?source=rss------bug_bounty-5Paritoshinformation-technology, bug-bounty, hacking, threat-intelligence, cybersecurity09-Nov-2024
Critical Vulnerabilities in Aruba Access Points: What You Need to Know!https://medium.com/@wiretor/critical-vulnerabilities-in-aruba-access-points-what-you-need-to-know-7053d6349bf1?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicespentesting, malware, bug-bounty, ransomware, hacking09-Nov-2024
D-Link Exposes 60,000+ NAS Devices to Unpatched Critical Flawhttps://medium.com/@wiretor/d-link-exposes-60-000-nas-devices-to-unpatched-critical-flaw-c06b62cf67e9?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesransomware, hacking, xss-attack, malware, bug-bounty09-Nov-2024
Critical Veeam RCE Vulnerability Exploited in New Frag Ransomware Attackshttps://medium.com/@wiretor/critical-veeam-rce-vulnerability-exploited-in-new-frag-ransomware-attacks-ae75d32f6bb0?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, hacking, malware, ransomware, xss-attack09-Nov-2024
Palo Alto Networks Warns of Potential PAN-OS RCE Vulnerability! ️https://medium.com/@wiretor/palo-alto-networks-warns-of-potential-pan-os-rce-vulnerability-%EF%B8%8F-148d8b8da5a9?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, xss-attack, malware, hacking, ransomware09-Nov-2024
How to Integrate Artificial Intelligence in Bug Bounty?https://bitpanic.medium.com/how-to-integrate-artificial-intelligence-in-bug-bounty-fab592ae6c80?source=rss------bug_bounty-5Spectat0rguybug-bounty, cybersecurity, ai, penetration-testing09-Nov-2024
My Obsidian Setuphttps://cybersechemmars.medium.com/my-obsidian-setup-b3e96516feaa?source=rss------bug_bounty-5Cybersec with Hemmarsnotetaking, cybersecurity, notes, bug-bounty, obsidian09-Nov-2024
Broken Authentication: Full Methodology for Identifying and Exploiting Vulnerabilitieshttps://dineshpathro9.medium.com/broken-authentication-full-methodology-for-identifying-and-exploiting-vulnerabilities-63a55c3d4399?source=rss------bug_bounty-5hunterbug-zero, bug-bounty, bugs, bug-bounty-tips, bug-bounty-writeup09-Nov-2024
Advanced Techniques for CSRF (Cross-Site Request Forgery) Attacks: A Full Methodology Guidehttps://dineshpathro9.medium.com/advanced-techniques-for-csrf-cross-site-request-forgery-attacks-a-full-methodology-guide-8db29faecc01?source=rss------bug_bounty-5hunterbug-bounty-tips, csrf, bug-zero, bugs, bug-bounty09-Nov-2024
CVE-2023–27350 : PaperCut Tryhackme Write uphttps://jawstar.medium.com/cve-2023-27350-papercut-tryhackme-write-up-2237fe48d3a7?source=rss------bug_bounty-5Jawstartechnology, bug-bounty, tryhackme, software-development, cybersecurity09-Nov-2024
Escalating RXSS with HttpOnly SameSite Session Cookieshttps://medium.com/@dhakatedeep909/escalating-rxss-with-httponly-samesite-session-cookies-a1ba3b9e50c1?source=rss------bug_bounty-5Deep Dhakate AKA intrud3rcybersecurity, hacking, bug-bounty09-Nov-2024
RCE by finding secret hidden files via Encryption and hashinghttps://medium.com/@karim.engmohamed/%D8%A7%D9%84%D8%B3%D9%84%D8%A7%D9%85-%D8%B9%D9%84%D9%8A%D9%83%D9%85-e37717c23cfd?source=rss------bug_bounty-5Karim Mohamedhacker, cybersecurity, hackerone, bug-bounty, bug-bounty-tips09-Nov-2024
Fast Setup Mobile Apps Pentest With Burpsuite And memuhttps://zucki.medium.com/fast-setup-mobile-apps-pentest-with-burpsuite-and-memu-567d661b6bb9?source=rss------bug_bounty-5Marzuckiandroid-pentesting, android, pentesting, mobile-apps, bug-bounty08-Nov-2024
Why is recon so very important? API key exposure by only reconhttps://medium.com/@karim.engmohamed/why-is-recon-so-very-important-api-key-exposure-by-only-recon-f8aff4ab1ac3?source=rss------bug_bounty-5Karim Mohamedcybersecurity, hacking, bug-bounty-tips, bug-bounty, bug-bounty-writeup08-Nov-2024
Advanced Google Dorking Techniques for Bug Bounty Hunting: Finding Responsible Disclosure Programs…https://dineshpathro9.medium.com/advanced-google-dorking-techniques-for-bug-bounty-hunting-finding-responsible-disclosure-programs-5a00a0d9d0e9?source=rss------bug_bounty-5DiNeSh_PaThRobug-bounty, bugbounty-writeup, web-app-security, dorks, bug-bounty-tips08-Nov-2024
Metasploit Guide :- Main weapon of Hackershttps://medium.com/@anandrishav2228/metasploit-guide-main-weapon-of-hackers-a791e72df686?source=rss------bug_bounty-5Rishav anandmetasploit, cybersecurity, money, hacker, bug-bounty08-Nov-2024
SQL Injection UNION Attack, Finding a Column Containing Texthttps://medium.com/@marduk.i.am/sql-injection-union-attack-finding-a-column-containing-text-ee28ff48eb30?source=rss------bug_bounty-5Marduk I Amsqli, portswigger-lab, bug-bounty, infosec, sql-injection08-Nov-2024
What to Do After Choosing a Bug Bounty Target? Part 2 | Bug Bounty Guidehttps://medium.com/@js8971105/what-to-do-after-choosing-a-bug-bounty-target-part-2-bug-bounty-guide-811affb17572?source=rss------bug_bounty-5cyberghostinfo-sec-writeups, ethical-hacking, reconnaissance-techniques, bug-bounty, cybersecurity08-Nov-2024
CyberDef Dokumentasi | Time-Based Blind SQLIhttps://hack4funacademy.medium.com/cyberdef-dokumentasi-time-based-blind-sqli-7db756ddf2ad?source=rss------bug_bounty-5Hack4Fun Academybug-bounty, hacking, cybersecurity08-Nov-2024
Finding My First Bug: The Power of Understanding Website Logic ‍♀️https://medium.com/@mahdisalhi0500/finding-my-first-bug-the-power-of-understanding-website-logic-%EF%B8%8F-4197dd08cf29?source=rss------bug_bounty-5CaptinSHArky(Mahdi)infosec, bug-bounty, bug-bounty-tips, ethical-hacking, information-security08-Nov-2024
How to Get Started in Web App Bug Bounty: Practical Steps to Keep You Motivated! ️‍♂️https://medium.com/@soorajv910/how-to-get-started-in-web-app-bug-bounty-practical-steps-to-keep-you-motivated-%EF%B8%8F-%EF%B8%8F-c6c1507c84fd?source=rss------bug_bounty-5sooraj vhacking, bug-bounty, bugcrowd, bug-bounty-tips, hackerone08-Nov-2024
How i earned easy$$$ by deleting user comments on any posthttps://medium.com/thedeephub/how-i-earned-easy-by-deleting-user-comments-on-any-post-c2e226f2157a?source=rss------bug_bounty-5Le_Merdienpentesting, cybersecurity, bug-bounty, penetration-testing, hacker08-Nov-2024
“XSS ve Context Örnekleri”https://medium.com/@sgzldmrc/xss-ve-context-%C3%B6rnekleri-6ba2bc976c1f?source=rss------bug_bounty-5Serdar Güzeldemircixss-attack, bug-bounty, cyber-security-awareness, xss-bypass08-Nov-2024
How to Prepare for the OSEP Roadmap — A Comprehensive Guide for Cybersecurity Professionalshttps://medium.com/@verylazytech/how-to-prepare-for-the-osep-roadmap-a-comprehensive-guide-for-cybersecurity-professionals-f3fecede5919?source=rss------bug_bounty-5Very Lazy Techhacking, ethical-hacking, bug-bounty, osep, cybersecurity08-Nov-2024
20 Open Redirect Bugs in Few Minuteshttps://systemweakness.com/20-open-redirect-bugs-in-few-minutes-c9fdabf75642?source=rss------bug_bounty-5AbhirupKonwarpentesting, bug-bounty, bug-bounty-tips, cybersecurity, vulnerability08-Nov-2024
Web App Fingerprinting in 9 Stepshttps://bitpanic.medium.com/web-app-fingerprinting-in-9-steps-5b86615b56f7?source=rss------bug_bounty-5Spectat0rguybug-bounty, cybersecurity, bugbounty-tips08-Nov-2024
Email HTML injection with a simple tiphttps://medium.com/@mohamed.yasser442200/email-html-injection-with-a-simple-tip-aeab346fbefc?source=rss------bug_bounty-5Spider4bug-bounty, hunting, bugcrowd, cybersecurity, pentesting08-Nov-2024
Unpatched Vulnerabilities in Mazda Infotainment Systems Pose Serious Security Riskshttps://medium.com/@wiretor/unpatched-vulnerabilities-in-mazda-infotainment-systems-pose-serious-security-risks-b634ae8883d8?source=rss------bug_bounty-5WIRE TORbug-bounty, malware, ransomware, hacking, pentesting08-Nov-2024
Texas Oilfield Supplier Newpark Resources Hit by Ransomware Attackhttps://medium.com/@wiretor/texas-oilfield-supplier-newpark-resources-hit-by-ransomware-attack-fc374aa6b8dc?source=rss------bug_bounty-5WIRE TORbug-bounty, ransomware, pentesting, malware, hacking08-Nov-2024
Malwarebytes Acquires AzireVPN to Enhance Privacy and Security Offeringshttps://medium.com/@wiretor/malwarebytes-acquires-azirevpn-to-enhance-privacy-and-security-offerings-194b3bf42554?source=rss------bug_bounty-5WIRE TORbug-bounty, ransomware, hacking, pentesting, malware08-Nov-2024
Hackers Leveraging Winos4.0: A Growing Threat in Post-Exploitation Attackshttps://medium.com/@wiretor/hackers-leveraging-winos4-0-a-growing-threat-in-post-exploitation-attacks-e830dac3766b?source=rss------bug_bounty-5WIRE TORmalware, hacking, ransomware, bug-bounty, xss-attack08-Nov-2024
A Comprehensive Toolkit for Web Penetration Testing and Bug Huntinghttps://dineshpathro9.medium.com/a-comprehensive-toolkit-for-web-penetration-testing-and-bug-hunting-21a7b01d722f?source=rss------bug_bounty-5DiNeSh_PaThRobug-bounty, bug-zero, hacking, bug-bounty-tips, web-app-security08-Nov-2024
Top Search Engines for Pentestershttps://osintteam.blog/top-search-engines-for-pentesters-6fa90ffb6aa0?source=rss------bug_bounty-5D.Haddadcybersecurity, bug-bounty, penetration-testing, hacking-tools, osint08-Nov-2024
Unpatched Vulnerabilities in Mazda Infotainment Systems Pose Serious Security Riskshttps://medium.com/@wiretor/unpatched-vulnerabilities-in-mazda-infotainment-systems-pose-serious-security-risks-b634ae8883d8?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, malware, ransomware, hacking, pentesting08-Nov-2024
Texas Oilfield Supplier Newpark Resources Hit by Ransomware Attackhttps://medium.com/@wiretor/texas-oilfield-supplier-newpark-resources-hit-by-ransomware-attack-fc374aa6b8dc?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, ransomware, pentesting, malware, hacking08-Nov-2024
Malwarebytes Acquires AzireVPN to Enhance Privacy and Security Offeringshttps://medium.com/@wiretor/malwarebytes-acquires-azirevpn-to-enhance-privacy-and-security-offerings-194b3bf42554?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesbug-bounty, ransomware, hacking, pentesting, malware08-Nov-2024
Hackers Leveraging Winos4.0: A Growing Threat in Post-Exploitation Attackshttps://medium.com/@wiretor/hackers-leveraging-winos4-0-a-growing-threat-in-post-exploitation-attacks-e830dac3766b?source=rss------bug_bounty-5WIRE TOR - The Ethical Hacking Servicesmalware, hacking, ransomware, bug-bounty, xss-attack08-Nov-2024
Google Dorking in Bug Hunting: Uncovering Hidden Vulnerabilitieshttps://myselfakash20.medium.com/google-dorking-in-bug-hunting-uncovering-hidden-vulnerabilities-aebe773f73be?source=rss------bug_bounty-5Akash Ghoshbug-bounty, bug-bounty-writeup, dorking, bugs, bug-bounty-tips07-Nov-2024
My first acknowledgement from Government NCIIPC India (A unit of NTRO) of my bug Bounty journey…https://medium.com/@subhajit_taki77/my-first-acknowledgement-from-government-nciipc-india-a-unit-of-ntro-of-my-bug-bounty-journey-fda6637766f9?source=rss------bug_bounty-5Subhajit_Taki77cybersecurity, bug-bounty, acknowledgement, nciipc07-Nov-2024
Bypass Rich Text Editors lead to Stored XSS - $500 Rewardshttps://medium.com/@bugbounty_learners/bypass-rich-text-editors-lead-to-stored-xss-500-rewards-077e22eba20f?source=rss------bug_bounty-5bugbounty_learnersbug-bounty-writeup, bug-bounty, bugs, bug-bounty-tips07-Nov-2024
Why Bug Bounty Failures Occur — Key Insights for Successhttps://r3dw4n4hm3d.medium.com/why-bug-bounty-failures-occur-key-insights-for-success-2813349c5e1a?source=rss------bug_bounty-5R3DW4N 4HM3Dbug-bounty, vulnerabilityresearch, cybersecurity, ethical-hacking07-Nov-2024
Exploring the OWASP API Security Top 10: A Guide to Securing Your APIshttps://medium.com/@ad.abhi0013/exploring-the-owasp-api-security-top-10-a-guide-to-securing-your-apis-5ee4456cb9c3?source=rss------bug_bounty-5Abhishek Adhikaribug-bounty, owasp-api-security-top-10, api07-Nov-2024
Account Takeover for Google SSO Usershttps://7odamoo.medium.com/account-takeover-for-google-sso-users-b50f99b49f0d?source=rss------bug_bounty-5Mahmoud Hamedbug-bounty, pentesting07-Nov-2024
From an Out-of-Scope Bug to Unlocking Lifetime Premium Accounts in Mozillahttps://0d-amr.medium.com/from-an-out-of-scope-bug-to-unlocking-lifetime-premium-accounts-in-mozilla-fe96371d814c?source=rss------bug_bounty-5Amrctf, bug-bounty, penetration-testing, cyber-secuity07-Nov-2024
Exposing hidden DOS techniques laying in plain sight.https://medium.com/@omarahmed_13016/exposing-hidden-dos-techniques-laying-in-plain-sight-29965ab1d53b?source=rss------bug_bounty-5Omar Ahmedhacking, vulnerability, bug-bounty-writeup, bug-bounty, bug-bounty-tips07-Nov-2024
No Rate Limiting — Bughttps://medium.com/@Jitheshjithu/no-rate-limiting-bug-7107cfc5d175?source=rss------bug_bounty-5Jitheshbug-bounty-writeup, no-rate-limit, bugs, bug-bounty, bug-bounty-tips07-Nov-2024
Canada Orders TikTok to Close Canadian Operations Amid Growing Security Concernshttps://medium.com/@wiretor/canada-orders-tiktok-to-close-canadian-operations-amid-growing-security-concerns-45b40c461986?source=rss------bug_bounty-5WIRE TORhacking, xss-attack, malware, bug-bounty, pentesting07-Nov-2024
SteelFox Malware Hits Hard: Protect Your System This Black Friday & Cyber Monday with 50% Off…https://medium.com/@wiretor/steelfox-malware-hits-hard-protect-your-system-this-black-friday-cyber-monday-with-50-off-d96831583b9e?source=rss------bug_bounty-5WIRE TORhacking, breached, bug-bounty, malware, usa07-Nov-2024
How to Find CSRF Vulnerabilities Using Kali Linux: A Full Methodologyhttps://dineshpathro9.medium.com/how-to-find-csrf-vulnerabilities-using-kali-linux-a-full-methodology-070a21aee0b5?source=rss------bug_bounty-5DiNeSh_PaThRobug-bounty-tips, bug-bounty, hacking, csrf, bugbounty-writeup07-Nov-2024
North Korean Hackers Target macOS Users with Fake Crypto PDFshttps://medium.com/@wiretor/north-korean-hackers-target-macos-users-with-fake-crypto-pdfs-d6d93c347dfe?source=rss------bug_bounty-5WIRE TORusa, pentesting, malware, hacking, bug-bounty07-Nov-2024
Uygulamalarla XSS’e Gerçekçi Bir Yaklaşımhttps://medium.com/@sgzldmrc/uygulamalarla-xsse-ger%C3%A7ek%C3%A7i-bir-yakla%C5%9F%C4%B1m-a3e82ae0be3a?source=rss------bug_bounty-5Serdar Güzeldemircixss-attack, bug-bounty, xss-vulnerability, web-app-security, cross-site-scripting07-Nov-2024
OAuth Misconfiguration Pre-Account Takeoverhttps://medium.com/h7w/oauth-misconfiguration-pre-account-takeover-535beb8d1987?source=rss------bug_bounty-5socalledhackerinfosec, hacking, bug-bounty-tips, cybersecurity, bug-bounty07-Nov-2024
China-Aligned MirrorFace Hackers Target EU Diplomats with World Expo 2025 Baithttps://medium.com/@wiretor/china-aligned-mirrorface-hackers-target-eu-diplomats-with-world-expo-2025-bait-a289ad3ec600?source=rss------bug_bounty-5WIRE TORbug-bounty, hacking, malware, usa, xss-attack07-Nov-2024
How To Automate Your Broad Scope Reconhttps://thexssrat.medium.com/how-to-automate-your-broad-scope-recon-a4ff998dea0e?source=rss------bug_bounty-5Thexssratbug-bounty-writeup, hacks, bug-bounty-tips, hacking, bug-bounty07-Nov-2024
Understanding Broken Access Control (BAC): A Comprehensive Guidehttps://thexssrat.medium.com/understanding-broken-access-control-bac-a-comprehensive-guide-c0e325c43b04?source=rss------bug_bounty-5Thexssrathacking, broken-access-control, hacker, hacks, bug-bounty07-Nov-2024
Developers Don’t Care About Securityhttps://medium.com/@krishanthan2022.4.4/developers-dont-care-about-security-e4814ecc4907?source=rss------bug_bounty-5R.Krishanthanbug-bounty, web-security, penetration-testing, vulnerability, development06-Nov-2024
Stored HTML Injection to Stored Url Redirectionhttps://medium.com/@abdullah12987654/stored-html-injection-to-stored-url-redirection-40a1c8452f12?source=rss------bug_bounty-5Abdullahhtml-injection, url-redirection, hacking, bug-bounty, pentesting06-Nov-2024
FUZZING That Leads to Internal Source Code!https://medium.com/@rootplinix/fuzzing-that-leads-to-internal-source-code-ef992143c015?source=rss------bug_bounty-5Abu Hurayrainfosec, cybersecurity, bug-bounty, hacking06-Nov-2024
OAuth Under Siege: The Dangers of Account Impersonationhttps://medium.com/@ProwlSec/oauth-under-siege-the-dangers-of-account-impersonation-df0e780f1c4f?source=rss------bug_bounty-5ProwlSechacking, tips, account-takeover, bug-bounty, bug-hunting06-Nov-2024
How I Earned $350 Exploiting Clickjacking Vulnerability to Trigger XSS Attackhttps://medium.com/@abdulparkar/how-i-earned-350-exploiting-clickjacking-vulnerability-to-trigger-xss-attack-23b3216ca640?source=rss------bug_bounty-5Abdul Rehman Parkarbug-bounty-tips, bug-bounty-writeup, bug-bounty, hacking, ethical-hacking06-Nov-2024
SQL Injection UNION Attack, Determining the Number of Columns Returned by the Queryhttps://medium.com/@marduk.i.am/sql-injection-union-attack-determining-the-number-of-columns-returned-by-the-query-a740b76989fe?source=rss------bug_bounty-5Marduk I Amportswigger-lab, bug-bounty, sql-injection, sqli, information-security06-Nov-2024
XSS Restction bypass on Hackerone programhttps://medium.com/@bugbounty_learners/xss-restction-bypass-on-hackerone-program-a7b37636425d?source=rss------bug_bounty-5bugbounty_learnersbug-bounty, pentesting, bugs, bug-bounty-tips, cybersecurity06-Nov-2024
A Step-by-Step Guide to the Bug Hunting Process: From Reconnaissance to Reportinghttps://myselfakash20.medium.com/a-step-by-step-guide-to-the-bug-hunting-process-from-reconnaissance-to-reporting-9991b06314b8?source=rss------bug_bounty-5Akash Ghoshbug-bounty-tips, bugbounty-writeup, bug-bounty-writeup, bug-hunting, bug-bounty06-Nov-2024
Mastering Bug Hunting: A Beginner’s Guide to Effective Methodologieshttps://medium.com/@secinfinitylabs/mastering-bug-hunting-a-beginners-guide-to-effective-methodologies-fc7491625645?source=rss------bug_bounty-5Secinfinity Labsbug-hunting, infosecurity, cybersecurity, bug-bounty-tips, bug-bounty06-Nov-2024
Bug Hunting Reconhttps://medium.com/@prajwalpatil453/bug-hunting-recon-840455f4d71a?source=rss------bug_bounty-5Anonstrkbug-bounty, reconnaissance, bug-bounty-tips, methodology06-Nov-2024
Manipulated All Files on Server of a HackerOne Targethttps://systemweakness.com/manipulated-all-files-on-server-of-a-hackerone-target-7b60a6dad117?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, pentesting, bug-bounty-tips, infosec, cybersecurity06-Nov-2024
My First and easiest Bug i have foundhttps://aboalezz1.medium.com/my-first-and-easiest-bug-i-have-found-3b7daee5d2f9?source=rss------bug_bounty-5Mohamed AboAlezzweb-hacking, bug-hunting, bug-bounty, bug-bounty-writeup, bug-bounty-tips06-Nov-2024
Understanding Types of Privileged Accounts and Their Security Riskshttps://bitpanic.medium.com/understanding-types-of-privileged-accounts-and-their-security-risks-935605f2232c?source=rss------bug_bounty-5Bit Paniccybersecurity, bugbounty-writeup, bug-bounty06-Nov-2024
All About JWT Vulnerabilitieshttps://medium.com/@0x_xnum/all-about-jwt-vulnerabilities-ef7314c4dd02?source=rss------bug_bounty-5Ahmed Tarekjwt-exploitation, bugbounty-writeup, bug-bounty, authentication, hacking06-Nov-2024
Most Commonly Used Tools in Bug Bountyhttps://medium.com/@halildeniz313/most-commonly-used-tools-in-bug-bounty-4603382ecee3?source=rss------bug_bounty-5Halildenizweb-security, cyber-security-awareness, bug-bounty-tips, cybersecurity, bug-bounty06-Nov-2024
An IDOR and Auth Bypass That Led to Mass Account Takeover — KSFEhttps://1-day.medium.com/an-idor-and-auth-bypass-that-led-to-mass-account-takeover-ksfe-db04cec8d730?source=rss------bug_bounty-51daybug-bounty-writeup, hacking, bug-bounty, penetration-testing, writeup06-Nov-2024
⚠️ Cyberattack Causes Statewide Outage in Washington Courtshttps://medium.com/@wiretor/%EF%B8%8F-cyberattack-causes-statewide-outage-in-washington-courts-cb9bcd6264a4?source=rss------bug_bounty-5WIRE TORxss-attack, malware, usa, hacking, bug-bounty06-Nov-2024
Nokia Breached by IntelBroker: Source Code Allegedly Stolenhttps://medium.com/@wiretor/nokia-breached-by-intelbroker-source-code-allegedly-stolen-a1fa5b62a10a?source=rss------bug_bounty-5WIRE TORmalware, hacked, bug-bounty, hacking, xss-attack06-Nov-2024
INTERPOL Disrupts Over 22,000 Malicious Servers in Global Crackdown on Cybercrimehttps://medium.com/@wiretor/interpol-disrupts-over-22-000-malicious-servers-in-global-crackdown-on-cybercrime-9f4e2840dc6e?source=rss------bug_bounty-5WIRE TORbug-bounty, pentesting, malware, xss-attack, hacking06-Nov-2024
Microchip Technology Reports $21.4 Million Loss From Ransomware Attackhttps://medium.com/@wiretor/microchip-technology-reports-21-4-million-loss-from-ransomware-attack-a123d2609b91?source=rss------bug_bounty-5WIRE TORbug-bounty, malware, trump, usa, hacking06-Nov-2024
Bypassing Promo Code Validation via Response Manipulation Enabled the Creation of a Business…https://anas0x1.medium.com/bypassing-promo-code-validation-via-response-manipulation-enabled-the-creation-of-a-business-3f926b19c0bb?source=rss------bug_bounty-5Anas Ibrahimpenetration-testing, bug-bounty-tips, bug-bounty-writeup, bug-bounty06-Nov-2024
IDOR Vulnerability Allowed the Deletion of Any User from an Administrator Account.https://anas0x1.medium.com/idor-vulnerability-allowed-the-deletion-of-any-user-from-an-administrator-account-da64e79ce1b0?source=rss------bug_bounty-5Anas Ibrahimbug-bounty, bug-bounty-tips, bug-bounty-writeup, penetration-testing, idor06-Nov-2024
Behind the Scenes: How I Hacked one of the largest Amusement Park in the Philippines.https://medium.com/hacking101/behind-the-scenes-how-i-hacked-one-of-the-largest-amusement-park-in-the-philippines-be38566ed563?source=rss------bug_bounty-5Pwndec0c0bug-bounty-tips, bug-bounty-writeup, penetration-testing, bug-bounty, hacking06-Nov-2024
Essential Bug Hunting Tools for Beginners: Start Your Journey in Cybersecurityhttps://myselfakash20.medium.com/essential-bug-hunting-tools-for-beginners-start-your-journey-in-cybersecurity-ea51e1f26068?source=rss------bug_bounty-5Akash Ghoshbugbounty-writeup, bug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty05-Nov-2024
How I Got Paid for an Out-of-Scope Vulnerabilityhttps://medium.com/@abdulparkar/how-i-got-paid-for-an-out-of-scope-vulnerability-4e51eb93db5c?source=rss------bug_bounty-5Abdul Rehman Parkarbug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips, infosec-write-ups05-Nov-2024
Remote Code Execution (RCE): An In-Depth Guide with practicalhttps://medium.com/@anandrishav2228/remote-code-execution-rce-an-in-depth-guide-with-practical-7082a7e17e97?source=rss------bug_bounty-5Rishav anandcybersecurity, money, ai, hacker, bug-bounty05-Nov-2024
IDOR Leading To Improper Access Controlhttps://medium.com/@shadykhaled2002/idor-leading-to-improper-access-control-c3999aa28fc4?source=rss------bug_bounty-5Le_Merdiencybersecurity, bug-bounty, pentesting, penetration-testing05-Nov-2024
Alert: Reflected XSS Detectedhttps://osintteam.blog/alert-reflected-xss-detected-57850c34a61e?source=rss------bug_bounty-5Dishant Modixss-attack, penetration-testing, bug-bounty-tips, bug-bounty, cybersecurity05-Nov-2024
Lesser-Known Tools for Web Bug Bounty Huntinghttps://medium.com/@halildeniz313/lesser-known-tools-for-web-bug-bounty-hunting-e10a95fa25bd?source=rss------bug_bounty-5Halildenizweb-security, cyber-security-awareness, bug-bounty-tips, bug-bounty, cybersecurity05-Nov-2024
Vulnerabilities Weaponizing — Cross-site Scripting (XSS)https://medium.com/@aufzayed/vulnerabilities-weaponizing-cross-site-scripting-xss-608a4f45321c?source=rss------bug_bounty-5Abdelrhman Zayedexploit-development, red-teaming, penetration-testing, cybersecurity, bug-bounty05-Nov-2024
€50 bounty — Long String DOS Attack Bug and POC Stepshttps://medium.com/h7w/50-bounty-long-string-dos-attack-bug-and-poc-steps-eaa8a5777263?source=rss------bug_bounty-5socalledhackercybersecurity, infosec, bug-bounty, bug-bounty-tips, hacking05-Nov-2024
Zero-Day FOMO: The Fear of Missing Out on the Next Big Exploithttps://medium.com/@paritoshblogs/zero-day-fomo-the-fear-of-missing-out-on-the-next-big-exploit-d3b42d35323c?source=rss------bug_bounty-5Paritoshzero-day, vulnerability, cybersecurity, hacking, bug-bounty05-Nov-2024
SIP OPTIONS Abuse And Flood Vulnerability (exploit Voip)https://medium.com/@zpx15266/sip-options-abuse-and-flood-vulnerability-exploit-voip-b9bc030909ae?source=rss------bug_bounty-5ramzey elsayed mohamedbug-bounty-writeup, penetration-testing, bug-bounty, bug-bounty-tips, bugs05-Nov-2024
How I Got Paid for an Out-of-Scope Vulnerability $$$https://medium.com/@abdulparkar/how-i-got-paid-for-an-out-of-scope-vulnerability-4e51eb93db5c?source=rss------bug_bounty-5Abdul Rehman Parkarbug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips, infosec-write-ups05-Nov-2024
Tips to Avoid Duplicates or N/A Reports in Bug Bounty Programshttps://bitpanic.medium.com/tips-to-avoid-duplicates-or-n-a-reports-in-bug-bounty-programs-a067a4e54d5e?source=rss------bug_bounty-5Bit Paniccybersecurity, bug-bounty05-Nov-2024
55 YouTube Channels to Learn HACKING!!!!!https://osintteam.blog/55-youtube-channels-to-learn-hacking-b5167d3125d9?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitbug-bounty, hacking, technology, programming, cybersecurity05-Nov-2024
How I found my first bug!https://medium.com/@karim.engmohamed/how-i-found-my-first-bug-b1f21046deb7?source=rss------bug_bounty-5Karim Mohamedpython, bug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty05-Nov-2024
Unleashing the Bug Hunter Within: A Curated Toolkit and Proven Processhttps://pwndecoco.medium.com/unleashing-the-bug-hunter-within-a-curated-toolkit-and-proven-process-fb2f89c7f1f0?source=rss------bug_bounty-5Pwndec0c0programming, cybersecurity, penetration-testing, bug-bounty, hacking05-Nov-2024
Google Fixes Dangerous Android Exploitshttps://medium.com/@wiretor/google-fixes-dangerous-android-exploits-6e6be3465e6c?source=rss------bug_bounty-5WIRE TORusa, hacking, breached, malware, bug-bounty05-Nov-2024
Easy logic bug that leaks the email for every userhttps://medium.com/@banertheinrich/easy-logic-bug-that-leaks-the-email-for-every-user-ef2d9d0cf088?source=rss------bug_bounty-5Adham Heinrichbug-bounty, cybersecurity, hackerone, bug-bounty-tips, bug-bounty-writeup04-Nov-2024
Panduan “Bug Bounty Programs pada Aplikasi Laravel” berdasarkan kerangka yang telah disusun:https://medium.com/@_azwar/panduan-bug-bounty-programs-pada-aplikasi-laravel-berdasarkan-kerangka-yang-telah-disusun-7cc3b230397c?source=rss------bug_bounty-5azwarlaravel, bug-bounty04-Nov-2024
Cloud flare bypass leads to Account Takeover via Password Reset Poisoninghttps://medium.com/@abdulparkar/cloud-flare-bypass-leads-to-account-takeover-via-password-reset-poisoning-ba349d784b97?source=rss------bug_bounty-5Abdul Rehman Parkarbug-bounty, ethical-hacking, bug-bounty-writeup, cybersecurity, bug-bounty-tips04-Nov-2024
How to Find the Best Resources for Learning Bug Bounty and Cybersecurity |PRO Tiphttps://medium.com/@shaikhminhaz1975/how-to-find-the-best-resources-for-learning-bug-bounty-and-cybersecurity-pro-tip-d5e915e82539?source=rss------bug_bounty-5Shaikh Minhazpenetration-testing, best, cybersecurity, bug-bounty, ethical-hacking04-Nov-2024
Vibe Yo’Tribehttps://medium.com/@onelovemafia/vibe-yotribe-3d8a0c098ee2?source=rss------bug_bounty-5OneLoveMafiaclimate-change, machine-learning, bug-bounty, blockchain, philosophy04-Nov-2024
How to Configure Proxies in Browser for Bug-Bountyhttps://medium.com/@anandrishav2228/how-to-configure-proxies-in-browser-for-bug-bounty-c175c5513e1a?source=rss------bug_bounty-5Rishav anandvpn, proxy, cybersecurity, money, bug-bounty04-Nov-2024
Bypass the Blocked IP address while Pentesting.https://medium.com/@anandrishav2228/bypass-the-blocked-ip-address-while-pentesting-c4c02a8dc14d?source=rss------bug_bounty-5Rishav anandmoney, cybersecurity, bug-bounty, ip-address, hacking04-Nov-2024
bugbountytraining靶场(四)https://medium.com/@starkxun5215/bugbountytraining%E9%9D%B6%E5%9C%BA-%E5%9B%9B-378fa157f500?source=rss------bug_bounty-5xun starkbug-bounty04-Nov-2024
Breaking the Rules: How a Race Condition Allowed Me to Bypass the Limitshttps://medium.com/@manibharathi.b/breaking-the-rules-how-a-race-condition-allowed-me-to-bypass-the-limits-by-mani-d6840746a04e?source=rss------bug_bounty-5Mani Bharathi Bbug-bounty-tips, bug-bounty, cybersecurity, vulnerability, bug-bounty-writeup04-Nov-2024
Account takeover for $3000https://sushantdhopat.medium.com/account-takeover-for-3000-722ee6f5fbde?source=rss------bug_bounty-5sushantdhopatbug-bounty, infosec04-Nov-2024
Exploit exposed zendesk API Token for $1000https://sushantdhopat.medium.com/exploit-exposed-zendesk-api-token-for-1000-847966489070?source=rss------bug_bounty-5sushantdhopatinfosec, bug-bounty, information-security04-Nov-2024
IDOR leading to broken functionalityhttps://medium.com/@shadykhaled2002/idor-leading-to-broken-functionality-3b464213fa76?source=rss------bug_bounty-5Le_Merdienpenetration-testing, cybersecurity, pentesting, bug-bounty04-Nov-2024
The OAuth Oversight: When Configuration Errors Turn into Account Hijackshttps://medium.com/@nightcoders0/the-oauth-oversight-when-configuration-errors-turn-into-account-hijacks-5ed1f9c83d16?source=rss------bug_bounty-5Nightcoderspentesting, hacking, bug-bounty, bug-bounty-tips, bug-bounty-writeup04-Nov-2024
How I Found a €100 Bug at DCU: From “Not Applicable” to Cashing In!https://medium.com/@trffnsec/how-i-found-a-100-bug-at-dcu-from-not-applicable-to-cashing-in-2e58699a8faa?source=rss------bug_bounty-5TrffnSecbugbounty-writeup, hacking, bug-bounty-tips, ethical-hacking, bug-bounty04-Nov-2024
Essential One-Liner Commands for Bug Bounty Hunters and Pentestershttps://infosecwriteups.com/essential-one-liner-commands-for-bug-bounty-hunters-and-pentesters-7648ec305c66?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, automation, cybersecurity04-Nov-2024
How I Found HTML Injection?https://medium.com/@gitlime71/how-i-found-html-injection-bdbbf2861d95?source=rss------bug_bounty-5Raccoonbug-bounty, penetration-testing, bug-bounty-writeup04-Nov-2024
Columbus Ransomware Attack: Data of 500,000 Stolenhttps://medium.com/@wiretor/columbus-ransomware-attack-data-of-500-000-stolen-93076d58689c?source=rss------bug_bounty-5WIRE TORmalware, pentesting, usa, pentest, bug-bounty04-Nov-2024
Unveiling the “Pygmy Goat” Malware: A New Threat in Cybersecurityhttps://medium.com/@wiretor/unveiling-the-pygmy-goat-malware-a-new-threat-in-cybersecurity-aaeb360f9497?source=rss------bug_bounty-5WIRE TORbug-bounty, hacking, usa, malware, pentesting04-Nov-2024
Meet “Interlock” Ransomware — A New Threat Targeting FreeBSD Servershttps://medium.com/@wiretor/meet-interlock-ransomware-a-new-threat-targeting-freebsd-servers-4be6ba312c62?source=rss------bug_bounty-5WIRE TORhacking, malware, pentesting, bug-bounty, usa04-Nov-2024
Introducing SubdomainRadar.io:https://medium.com/@alexandrevandammepro/introducing-subdomainradar-io-727d765445f2?source=rss------bug_bounty-5Alexandre Vandammebug-bounty, vulnerability, bug-bounty-tips, osint, security04-Nov-2024
Essential One-Liner Commands for Bug Bounty Hunters and Pentestershttps://systemweakness.com/essential-one-liner-commands-for-bug-bounty-hunters-and-pentesters-7648ec305c66?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, automation, cybersecurity04-Nov-2024
ExploiterX — Vulnerability Scanner Toolhttps://anishalx.medium.com/exploiterx-vulnerability-scanner-tool-bc1796e278a1?source=rss------bug_bounty-5Anishweb3, python, bug-bounty, penetration-testing, hacking03-Nov-2024
Must-Have Tools for Cybersecurity Researchers: A Complete Installation Guidehttps://myselfakash20.medium.com/must-have-tools-for-cybersecurity-researchers-a-complete-installation-guide-5738022e535f?source=rss------bug_bounty-5Akash Ghoshcybersecurity, tools, bug-bounty, recon, reconnaissance03-Nov-2024
AcquiFinder | a tool to grab acquisitions of a company by Crunchbasehttps://medium.com/@AmmarxLe0x/acquifinder-a-tool-to-grab-acquisitions-of-a-company-by-crunchbase-6315db784813?source=rss------bug_bounty-5xLe0xbug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty-program, bug-bounty03-Nov-2024
“Keyed In” Compromising an entire organization through their APIhttps://medium.com/@s1renhead/keyed-in-compromising-an-entire-organization-through-their-api-2ed6cb54eec5?source=rss------bug_bounty-5S1renheadbug-bounty-writeup, bug-bounty, hacking, bug-bounty-tips03-Nov-2024
[Hacking impact] Acees admin panelhttps://medium.com/@nagashygaballah/hacking-impact-acees-admin-panel-a4326a36e208?source=rss------bug_bounty-5111xNagashyhacker, hackerone, hacking, bug-bounty, security03-Nov-2024
How I Discovered RXSS Bug on Microsoft subdomain !!!https://medium.com/@sayantichy/how-i-discovered-rxss-bug-on-microsoft-subdomain-21082191ad10?source=rss------bug_bounty-5Sayanti Chowdhuryxss-vulnerability, bug-bounty, xss-attack, first-bug, reflected-xss03-Nov-2024
Getting Back on the Cybersecurity Write-Ups: Return to Mediumhttps://mukibas37.medium.com/getting-back-on-the-cybersecurity-write-ups-return-to-medium-1ac51c9edde9?source=rss------bug_bounty-5Mukilan Baskarancybersecurity, infosec, back-to-writing, ctf, bug-bounty03-Nov-2024
A Comprehensive Guide to SQL Injection: Types, Hunting Methods, and Toolshttps://medium.com/@n4itr0_07/a-comprehensive-guide-to-sql-injection-types-hunting-methods-and-tools-8d716dd34355?source=rss------bug_bounty-5N4!TR0 07sql-injection, bug-bounty, bug-bounty-tips, bugbounty-writeup, cybersecurity03-Nov-2024
IDOR Exploit: Gaining Unauthorized Control Over Users’ Shopping Basketshttps://0xmatrix.medium.com/idor-exploit-gaining-unauthorized-control-over-users-shopping-baskets-122650091cf5?source=rss------bug_bounty-5Mo2men Elmadybug-bounty, hacking, idor, penetration-testing, bugs03-Nov-2024
Dstat.cc DDoS Site Seized & Two Suspects Arrested in Germanyhttps://medium.com/@wiretor/dstat-cc-ddos-site-seized-two-suspects-arrested-in-germany-c8d44187b181?source=rss------bug_bounty-5WIRE TORbug-bounty, malware, hacking, pentesting, usa03-Nov-2024
CRA Breach Exposed: Over 62,000 Taxpayer Accounts Compromised!https://medium.com/@wiretor/cra-breach-exposed-over-62-000-taxpayer-accounts-compromised-62bc0cf3cb9a?source=rss------bug_bounty-5WIRE TORmalware, bug-bounty, hacking, pentesting, usa03-Nov-2024
FBI Arrests Suspect in SEC Account Hack: What This Means for Cybersecurityhttps://medium.com/@wiretor/fbi-arrests-suspect-in-sec-account-hack-what-this-means-for-cybersecurity-735d8dd72512?source=rss------bug_bounty-5WIRE TORhacking, usa, bug-bounty, pentesting, malware03-Nov-2024
Becoming a Web Security Specialist: Essential Insights and a Roadmaphttps://medium.com/@halildeniz313/becoming-a-web-security-specialist-essential-insights-and-a-roadmap-91032925d1aa?source=rss------bug_bounty-5Halildenizcyber-security-awareness, bug-bounty, cybersecurity, web-security, ethical-hacking03-Nov-2024
Time Based SQL Injection Bug Hunting Methodologyhttps://medium.com/@abhirupkonwar04/time-based-sql-injection-bug-hunting-methodology-be485de5ab9e?source=rss------bug_bounty-5AbhirupKonwarethical-hacking, bug-bounty, cybersecurity, sql-injection, pentesting02-Nov-2024
Time Based SQL Injection Bug Hunting Methodologyhttps://osintteam.blog/time-based-sql-injection-bug-hunting-methodology-be485de5ab9e?source=rss------bug_bounty-5AbhirupKonwarethical-hacking, bug-bounty, cybersecurity, sql-injection, pentesting02-Nov-2024
Simple Tips for Bug Bounty Beginners: Escalating to XSS (XSS Series Part — 2)https://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-escalating-to-xss-xss-series-part-2-1d6b75ecf942?source=rss------bug_bounty-5Anish Narayantechnology, programming, cybersecurity, bug-bounty-writeup, bug-bounty02-Nov-2024
Breaking Into Information Security as a Fresher: A Guide to Starting Your Journeyhttps://medium.com/@nitinbasera11/breaking-into-information-security-as-a-fresher-a-guide-to-starting-your-journey-caa253c0f5ae?source=rss------bug_bounty-5Nitinbaserabug-bounty, security, cybersecurity, web-app-security, infosec02-Nov-2024
My Journey as a Bug Bounty Hunter and Web3 Enthusiast: Tips for Beginnershttps://medium.com/@veerendravamshi/my-journey-as-a-bug-bounty-hunter-and-web3-enthusiast-tips-for-beginners-50aa0bfbfc78?source=rss------bug_bounty-5Veerendra Vamshiblockchain, bug-bounty, web3, cryptocurrency, defi02-Nov-2024
Hacking For Free. Dodging Paying For Hacking Knowledge System | Primary Hacking School #9https://medium.com/@nnface/hacking-for-free-dodging-paying-for-hacking-knowledge-system-primary-hacking-school-9-c86f6dd3752c?source=rss------bug_bounty-5NnFacehacking, cybersecurity, kali-linux, money, bug-bounty02-Nov-2024
Microsoft Acknowledges Outlook Freezing Issue and Offers Workaroundshttps://medium.com/@wiretor/microsoft-acknowledges-outlook-freezing-issue-and-offers-workarounds-52fa28e41f13?source=rss------bug_bounty-5WIRE TORhacking, ransomware, malware, pentesting, bug-bounty02-Nov-2024
Account Takeover Via Google Auth Misconfigurationhttps://medium.com/@abdulparkar/account-takeover-via-google-auth-misconfiguration-af4a59dd82e7?source=rss------bug_bounty-5Abdul Rehman Parkarethical-hacking, bug-bounty-tips, hacking, bug-bounty, bug-bounty-writeup02-Nov-2024
bugbountytraining靶场(三)https://medium.com/@starkxun5215/bugbountytraining%E9%9D%B6%E5%9C%BA-%E4%B8%89-dfe55be3123f?source=rss------bug_bounty-5xun starkbug-bounty01-Nov-2024
Hard Server-Side Request Forgery (SSRF) A bypass method to RCE and Port Scanhttps://medium.com/@sarvour/hard-server-side-request-forgery-ssrf-a-bypass-method-to-rce-and-port-scan-61adf085d62a?source=rss------bug_bounty-5sarvourpentesting, security, rce, bug-bounty, writeup01-Nov-2024
Template Engines Injection 101https://medium.com/@0xAwali/template-engines-injection-101-4f2fe59e5756?source=rss------bug_bounty-5Mahmoud M. Awalibug-bounty, hacking01-Nov-2024
Web Application Basics — Tryhackme Walkthroughhttps://medium.com/@TRedEye/web-application-basics-tryhackme-walkthrough-ee6a0cf2f1f6?source=rss------bug_bounty-5TRedEyecybersecurity, hacking, bug-bounty, website, tryhackme01-Nov-2024
Configuring Burp Suite with Firefox (Step-by-Step)https://harshbardhanx.medium.com/configuring-burp-suite-with-firefox-step-by-step-40f56a706546?source=rss------bug_bounty-5Harsh Bardhanbug-bounty, cybersecurity, bug-bounty-writeup, burpsuite, bug-bounty-tips01-Nov-2024
Hackers Target Critical Zero-Day Vulnerabilities in PTZ Camerashttps://medium.com/@wiretor/hackers-target-critical-zero-day-vulnerabilities-in-ptz-cameras-d2d5023d329d?source=rss------bug_bounty-5WIRE TORpentest, zero-day, malware, bug-bounty, ransomware01-Nov-2024
qBittorrent Security Flaw Fixed After 14 Years Upgrade Now!https://medium.com/@wiretor/qbittorrent-security-flaw-fixed-after-14-years-upgrade-now-bfa491d214bb?source=rss------bug_bounty-5WIRE TORxss-attack, bug-bounty, hacking, malware, pentesting01-Nov-2024
New LightSpy Spyware Version Targets iPhones with Advanced Surveillance Tacticshttps://medium.com/@wiretor/new-lightspy-spyware-version-targets-iphones-with-advanced-surveillance-tactics-154f8887cd42?source=rss------bug_bounty-5WIRE TORhacking, apple, xss-attack, bug-bounty, malware01-Nov-2024
The Pen-Tester’s Muse: Writing Exploits into Earnings on Mediumhttps://medium.com/illumination/the-pen-testers-muse-writing-exploits-into-earnings-on-medium-a739abaab422?source=rss------bug_bounty-5Quintius Walkerbug-bounty, cybersecurity, poetry, creativity, poetry-on-medium01-Nov-2024
Reasons for Failure in Bug Bounty Programs and the Path to Successhttps://medium.com/@halildeniz313/reasons-for-failure-in-bug-bounty-programs-and-the-path-to-success-af19917f4be9?source=rss------bug_bounty-5Halildenizbug-bounty-tips, cybersecurity, bug-bounty, pentesting, ethical-hacking01-Nov-2024
bugbountytraining靶场(二)https://medium.com/@starkxun5215/bugbountytraining%E9%9D%B6%E5%9C%BA-%E4%BA%8C-669c3ac29651?source=rss------bug_bounty-5xun starkbug-bounty31-Oct-2024
How HTML injection can help to make $1000.https://medium.com/@anandrishav2228/how-html-injection-can-help-to-make-1000-531c6f7b6672?source=rss------bug_bounty-5Rishav anandhtml, ai, bug-bounty, money, cybersecurity31-Oct-2024
HOW I FOUND CVE-2023–35813?https://doordiefordream.medium.com/how-i-found-cve-2023-35813-c239c2f03192?source=rss------bug_bounty-5balu bandicve, ethical-hacking, bug-bounty, cybersecurity, writing31-Oct-2024
OAuth Account Takeover (ATO) Vulnerability via Email Manipulationhttps://medium.com/@muhammedgalal66/oauth-account-takeover-ato-vulnerability-via-email-manipulation-94e0e942bcb8?source=rss------bug_bounty-5Dg0x6account-takeover-attacks, account-takeover, bug-bounty-tips, hackerone, bug-bounty31-Oct-2024
SSRF to Internal Port Scanning on Self-Hosted Platformhttps://infosecwriteups.com/ssrf-to-internal-port-scanning-on-self-hosted-platform-05a17a461eed?source=rss------bug_bounty-5JEETPALssrf, bugbounty-tips, bug-bounty, bug-bounty-writeup, cybersecurity31-Oct-2024
7 Real-Life Bug Bounties That Made Headlines: Lessons You Can’t Afford to Miss!https://medium.com/@qaafqasim/7-real-life-bug-bounties-that-made-headlines-lessons-you-cant-afford-to-miss-4b812b2caafa?source=rss------bug_bounty-5Qasim Mahmood Khalidcyber-security-awareness, bug-bounty-writeup, bug-bounty, ethical-hacking, cybersecurity31-Oct-2024
Responsible Discovery, Irresponsible Response: The Cost of Punishing Security Researchershttps://khalifayakub.medium.com/responsible-discovery-irresponsible-response-the-cost-of-punishing-security-researchers-8bbb15f66ab7?source=rss------bug_bounty-5Mohammed Yakub Khalifaethics, cybersecurity-awareness, cybersecurity, bug-bounty, ethical-hacking31-Oct-2024
0-Click ATO Via reset password weird scenariohttps://medium.com/@mos693570/0-click-ato-via-reset-password-weird-scenario-9afa4a88e413?source=rss------bug_bounty-5Mo Salahbug-bounty31-Oct-2024
Could a Simple IDOR Vulnerability in Facebook Affects the Outcome of US Elections?https://medium.com/@bazzounbassem/could-a-simple-idor-vulnerability-in-facebook-affects-the-outcome-of-us-elections-c17bc5e12e30?source=rss------bug_bounty-5Bassem M Bazzounethical-hacking, bug-bounty, us-election-2024, cybersecurity31-Oct-2024
How One Accidental Find Led to Full App Security Testinghttps://medium.com/@hasirhamdan77/how-one-accidental-find-led-to-full-app-security-testing-ea1c317174cb?source=rss------bug_bounty-5Hasirhamdanjwt-exploitation, application-security, bug-bounty, mobile-security, hacking31-Oct-2024
Comprehensive Bug Bounty Hunting Methodology (2024 Edition)https://xalgord.medium.com/comprehensive-bug-bounty-hunting-checklist-2024-edition-4abb3a9cbe66?source=rss------bug_bounty-5Krishna Kaushalcybersecurity, bug-bounty-tips, bug-bounty, hacking, reconnaissance31-Oct-2024
Tale of Zendesk 0 day and a potential 25K $ bountyhttps://rikeshbaniya.medium.com/tale-of-zendesk-0-day-and-a-potential-25k-bounty-61bcf9c5dc06?source=rss------bug_bounty-5Rikesh Baniyabug-bounty-writeup, bug-bounty-tips, hackerone, security-research, bug-bounty31-Oct-2024
XML Upload Challenge: Breaking Boundaries with External Entitieshttps://medium.com/@josh.beck2006/xml-upload-challenge-breaking-boundaries-with-external-entities-79677649485f?source=rss------bug_bounty-5Josh Beckcybersecurity, ctf-writeup, bug-bounty31-Oct-2024
Hunting for IDOR and BAC Vulnerabilities in B2B Applications with Burp Suite’s Authorize Extensionhttps://thexssrat.medium.com/hunting-for-idor-and-bac-vulnerabilities-in-b2b-applications-with-burp-suites-authorize-extension-597877b53d94?source=rss------bug_bounty-5Thexssratidor, broken-access-control, bug-bounty, bug-bounty-tips, burpsuite31-Oct-2024
LottieFiles Hacked: A Cautionary Tale for the Crypto Community!https://medium.com/@wiretor/lottiefiles-hacked-a-cautionary-tale-for-the-crypto-community-8cc3b6cf9148?source=rss------bug_bounty-5WIRE TORmalware, xss-attack, hacking, usa, bug-bounty31-Oct-2024
Protecting E-Commerce: Understanding the Phish n’ Ships Campaignhttps://medium.com/@wiretor/protecting-e-commerce-understanding-the-phish-n-ships-campaign-619cc4f3d150?source=rss------bug_bounty-5WIRE TORmalware, hacking, usa, bug-bounty, xss-attack31-Oct-2024
Ex-Disney Employee Charged with Hacking: A Cautionary Tale!https://medium.com/@wiretor/ex-disney-employee-charged-with-hacking-a-cautionary-tale-d9174351fd7c?source=rss------bug_bounty-5WIRE TORmalware, bug-bounty, xss-attack, usa, hacking31-Oct-2024
File Transfer Cheatsheet: Windows and Linuxhttps://medium.com/@verylazytech/file-transfer-cheatsheet-windows-and-linux-1e36ec9a22ac?source=rss------bug_bounty-5Very Lazy Techfile-transfer, bug-bounty, post-exploitation, exfiltration, cybersecurity30-Oct-2024
Hacking your first OAuth on the Web application: Account takeover using Redirect and State…https://medium.com/@security.tecno/hacking-your-first-oauth-on-the-web-application-account-takeover-using-redirect-and-state-5e857c7b1d43?source=rss------bug_bounty-5TECNO Securityresearch-reports, hacking, bug-bounty, security30-Oct-2024
Discovered a Unique Email Verification Bypasshttps://mo9khu93r.medium.com/discovered-a-unique-email-verification-bypass-47bb1e955a13?source=rss------bug_bounty-5mo9khu93rpenetration-testing, email-verification, hacking, cybersecurity, bug-bounty30-Oct-2024
Apple $1,000,000 Bounty: Zero-Click Exploit Achieves Kernel Execution and PAC Bypass on Latest iOS…https://medium.com/@vintaconnect/apple-1-000-000-bounty-zero-click-exploit-achieves-kernel-execution-and-pac-bypass-on-latest-ios-7cdf35ff8bc6?source=rss------bug_bounty-5VintaConnectapple, apple-bug-bounty, ios, kernel, bug-bounty30-Oct-2024
CVE-2024–27954 — WordPress Automatic Plugin < 3.92.1 — Arbitrary File Download and SSRFhttps://infosecwriteups.com/cve-2024-27954-wordpress-automatic-plugin-3-92-1-arbitrary-file-download-and-ssrf-34f2e938db54?source=rss------bug_bounty-5Ajay Naikbug-bounty, penetration-testing, wordpress, cybersecurity, bug-bounty-hunter30-Oct-2024
$200-$10,000 for Command Injection Bug .https://medium.com/@anandrishav2228/200-10-000-for-command-injection-bug-2279041f3478?source=rss------bug_bounty-5Rishav anandhacking, cybersecurity, bug-bounty, money, command-injection30-Oct-2024
My First Remote Code Execution (RCE)https://medium.com/@prasenjitkantipaul/my-first-remote-code-execution-rce-ea9c3e32943f?source=rss------bug_bounty-5Prasenjit Kanti Paulbug-bounty, bug-bounty-tips, bug-bounty-hunter, rce, bug-bounty-writeup30-Oct-2024
CVE-2024–4577 — PHP CGI Argument Injection Remote Code Executionhttps://infosecwriteups.com/cve-2024-4577-php-cgi-argument-injection-remote-code-execution-294ed4758e4f?source=rss------bug_bounty-5Ajay Naikmedium, penetration-testing, bug-bounty, cybersecurity, information-technology30-Oct-2024
A Guide to Burp Suite for Ethical Hackershttps://medium.com/@codingbolt.in/a-guide-to-burp-suite-for-ethical-hackers-e1b985470547?source=rss------bug_bounty-5codingboltpenetration-testing, cybersecurity, bug-bounty, burpsuite, ethical-hacking30-Oct-2024
Multi-Step Process with No Access Control on One Step — Access Control Vulnerabilityhttps://medium.com/@rcxsecurity/multi-step-process-with-no-access-control-on-one-step-access-control-vulnerability-599aee989521?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafépentesting, cybersecurity, penetration-testing, information-security, bug-bounty30-Oct-2024
Chaining Four Vulnerabilities Leading to Account Takeoverhttps://medium.com/@jke3595/chaining-four-vulnerabilities-leading-to-account-takeover-664f18508600?source=rss------bug_bounty-5Joel I Patrickbounty-program, ethical-hacking, security, bug-bounty, cybersecurity30-Oct-2024
Predictable Initial Passwords vulnerabilityhttps://medium.com/@istibaroudissou/predictable-initial-passwords-vulnerability-3292322bfdd4?source=rss------bug_bounty-5Istibarou DISSOUvulnerability, bug-bounty, pentesting30-Oct-2024
Lets Get into the Real field.https://harshbardhanx.medium.com/lets-get-into-the-real-field-b2c9278d0b63?source=rss------bug_bounty-5Harsh Bardhanbug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty-hunter30-Oct-2024
Email Spoofinghttps://medium.com/@hacragon/email-spoofing-1a81728f92b3?source=rss------bug_bounty-5Subin Kumardmarc-record, email-spoofing, bug-bounty30-Oct-2024
Exposed Git Configs Lead to 15,000 Stolen Cloud Credentials: The WireTor Solutionhttps://medium.com/@wiretor/exposed-git-configs-lead-to-15-000-stolen-cloud-credentials-the-wiretor-solution-d6de23eaca26?source=rss------bug_bounty-5WIRE TORmalware, election2024, usa, bug-bounty, pentesting30-Oct-2024
WIRE TOR — The Ethical Hacking Serviceshttps://medium.com/@wiretor/wire-tor-the-ethical-hacking-services-bac69e4fa28a?source=rss------bug_bounty-5WIRE TORbug-bounty, pentesting, malware, xss-attack, hacking30-Oct-2024
Protect Yourself from Election Scams: Insights from WireTorhttps://medium.com/@wiretor/protect-yourself-from-election-scams-insights-from-wiretor-1e118e682f76?source=rss------bug_bounty-5WIRE TORbug-bounty, pentesting, xss-attack, hacking, malware30-Oct-2024
Spooktacular Halloween Sale: 50% Off!https://medium.com/@wiretor/spooktacular-halloween-sale-50-off-f1967438dac0?source=rss------bug_bounty-5WIRE TORpentesting, bug-bounty, usa, hacking, halloween30-Oct-2024
Automating Bug Bounty Hunts with Bash: A Beginner-Friendly Guidehttps://pwndecoco.medium.com/automating-bug-bounty-hunts-with-bash-a-beginner-friendly-guide-3fc2b3d7f341?source=rss------bug_bounty-5Pwndec0c0hacking, bug-bounty-tips, penetration-testing, bug-bounty, cybersecurity30-Oct-2024
Full Account Takeover at One of the Largest E-Commerce Companieshttps://m0uka.medium.com/full-account-takeover-at-one-of-the-largest-e-commerce-companies-8cf416e9dc7e?source=rss------bug_bounty-5m0ukahackerone, hacking, bug-bounty, bugcrowd, security-research29-Oct-2024
Account Linked Domains Takeoverhttps://medium.com/@ph4nt0mbyt3/account-linked-domains-takeover-852cab92e018?source=rss------bug_bounty-5ph4nt0mbyt3pentesting, bug-bounty, pentest29-Oct-2024
How to find Information Disclouser in any WebTech or Mobile App. and Earn upto $500-$2000https://medium.com/@anandrishav2228/how-to-find-information-disclouser-in-any-webtech-or-mobile-app-and-earn-upto-500-2000-7bda67bbe754?source=rss------bug_bounty-5Rishav anandcybersecurity, money, api, bug-bounty, hacker29-Oct-2024
From Study Stress to Critical Account Takeover: How a Gym Break and a Little Curiosity Uncovered a…https://medium.com/@CipherHawk/from-study-stress-to-critical-account-takeover-how-a-gym-break-and-a-little-curiosity-uncovered-a-d15cfc2e142b?source=rss------bug_bounty-5CipherHawkbug-bounty, hackerone, hacking, yeswehack, bugbounty-tips29-Oct-2024
How I get Open Redirect Vulnerability in BBP ?https://medium.com/@keroayman77/how-i-get-open-redirect-vulnerability-in-bbp-6006e5a34602?source=rss------bug_bounty-5Kerolos Aymanbug-bounty-writeup, bug-bounty29-Oct-2024
Web cache poisoning explainedhttps://medium.com/@ad.abhi0013/web-cache-poisoning-explained-f3ddc4bfbf94?source=rss------bug_bounty-5Abhishek Adhikaricybersecurity, web-cache-poisoning, bug-bounty29-Oct-2024
Find Open Redirect in Just 2 min - $1000https://medium.com/@mdnafeed3/find-open-redirect-in-just-2-min-1000-c527bb3e65fb?source=rss------bug_bounty-5H4cker-Nafeedcybersecurity, bug-bounty, bug-bounty-tips29-Oct-2024
How can SQL injection, CSRF, and XSS attacks be prevented in Golang — Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-can-sql-injection-csrf-and-xss-attacks-be-prevented-in-golang-bug-bounty-tuesday-2f857b2e4b53?source=rss------bug_bounty-5kerstangolang, coding, cybersecurity, hacking, bug-bounty29-Oct-2024
How I Started My Bug Bounty Journey…!!!https://harshbardhanx.medium.com/how-i-started-my-bug-bounty-journey-1b9683fa6252?source=rss------bug_bounty-5Harsh Bardhanbug-hunting, bug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips29-Oct-2024
My step by step process on how I do Bug Bounty Hunting: From finding targets to Submission of the…https://pwndecoco.medium.com/my-step-by-step-process-on-how-i-do-bug-bounty-hunting-from-finding-targets-to-submission-of-the-c3ad5d4b07ad?source=rss------bug_bounty-5Pwndec0c0penetration-testing, bug-bounty, cybersecurity, bug-bounty-writeup, hacking29-Oct-2024
How do SSL Scanners Workhttps://medium.com/@serhatcck/how-do-ssl-scanners-work-b4977308e981?source=rss------bug_bounty-5Serhat ÇİÇEKcryptography, application-security, bug-bounty, hacking, pentesting29-Oct-2024
Data Breach Affects 800,000 Citizens in Italyhttps://medium.com/@wiretor/data-breach-affects-800-000-citizens-in-italy-1f977df0cab6?source=rss------bug_bounty-5WIRE TORbug-bounty, malware, italian, pentesting, hacking29-Oct-2024
Massive PSAUX Ransomware Attack Targets 22,000 CyberPanel Instances!https://medium.com/@wiretor/massive-psaux-ransomware-attack-targets-22-000-cyberpanel-instances-2925859c759c?source=rss------bug_bounty-5WIRE TORhacking, bug-bounty, usa, malware, cybersecurity29-Oct-2024
WIRE TOR — The Ethical Hacking Serviceshttps://medium.com/@wiretor/wire-tor-the-ethical-hacking-services-47ef9ecf7471?source=rss------bug_bounty-5WIRE TORhacking, bug-bounty, malware, usa, pentesting29-Oct-2024
Payment Bypass via API Request to Activate Premium Plan on Private Bug Bounty Programhttps://medium.com/@sharp488/payment-bypass-via-api-request-to-activate-premium-plan-on-private-bug-bounty-program-bbd7fc91ef99?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbug-bounty, information-technology, bug-bounty-tips, bugs, information-security28-Oct-2024
How to find a Race-condition Bug and make $1300https://medium.com/@anandrishav2228/how-to-find-a-race-condition-bug-and-make-1300-66d7e14040e9?source=rss------bug_bounty-5Rishav anandrace-condition, hacker, bug-bounty, cybersecurity, money28-Oct-2024
$150,000 Evmos Vulnerability Through Reading Documentationhttps://medium.com/@jjordanjjordan/150-000-evmos-vulnerability-through-reading-documentation-d26328590a7a?source=rss------bug_bounty-5jayjonah.ethbug-bounty, crypto, web3, ethereum, blockchain28-Oct-2024
Blind Cross Site Scripting in License Applicationhttps://medium.com/@abdullah12987654/blind-cross-site-scripting-in-license-application-aa865c0e0496?source=rss------bug_bounty-5Abdullahpenetration-testing, cross-site-scripting, xss-vulnerability, hacking, bug-bounty28-Oct-2024
HTTP Request Smuggling: From Needs More Info to Confirmed Impact!https://medium.com/@rezauditore/http-request-smuggling-from-needs-more-info-to-confirmed-impact-9b36349355ca?source=rss------bug_bounty-5rezauditorebug-bounty, http-request, peace, lgbtq, hacking28-Oct-2024
Best AI Tool to Learn Hacking 2025https://medium.com/@TahirAyoub/best-ai-tool-to-learn-hacking-2025-e30b11c551c8?source=rss------bug_bounty-5Tahir Ayoubai, cybersecurity, artificial-intelligence, bug-bounty, hacking28-Oct-2024
Easy 400$ Bounty on Hackerone Public BBPhttps://medium.com/@kaforybory/easy-400-bounty-on-hackerone-public-bbp-b7a9aa2d6767?source=rss------bug_bounty-5Hassan Makkicybersecurity, infosec, bug-bounty-tips, penetration-testing, bug-bounty28-Oct-2024
Exposing a Data Leak Vulnerability: My Journey to Discoveryhttps://infosecwriteups.com/exposing-a-data-leak-vulnerability-my-journey-to-discovery-7be93ce2c5b0?source=rss------bug_bounty-5Abhishek Bhujangethical-hacking, security, bug-bounty, bug-hunting, hacking28-Oct-2024
Ethical Hacking and Bug Bounty Programs —  Harnessing Hackers for Goodhttps://medium.com/@RocketMeUpCybersecurity/ethical-hacking-and-bug-bounty-programs-harnessing-hackers-for-good-ac8417374af0?source=rss------bug_bounty-5RocketMe Up Cybersecuritysecurity-testing, vulnerability-assessment, white-hat-hacker, ethical-hacking, bug-bounty28-Oct-2024
My first bug bountyhttps://medium.com/@zatikyan.sevada/my-first-bug-bounty-5dc382b7cd50?source=rss------bug_bounty-5Zatikyan Sevadacybersecurity, information-disclosure, bug-bounty, hacking-tools28-Oct-2024
Portswigger Lab: Reflected XSS in a JavaScript URL with some characters blockedhttps://medium.com/@iamdeusx/portswigger-lab-reflected-xss-in-a-javascript-url-with-some-characters-blocked-fa15ae95d90e?source=rss------bug_bounty-5DeusXbug-bounty, portswigger, cybersecurity, ctf28-Oct-2024
LLM Pentest Services at Wire Tor️https://medium.com/@wiretor/llm-pentest-services-at-wire-tor-%EF%B8%8F-e2617eb98a89?source=rss------bug_bounty-5WIRE TORcybersecurity, malware, hacking, usa, bug-bounty28-Oct-2024
Breaking Down My Bug Bounty Find: Exploiting EC-Council’s iClass Platformhttps://medium.com/@salaheddine_kalada/breaking-down-my-bug-bounty-find-exploiting-ec-councils-iclass-platform-68bd9a6c8460?source=rss------bug_bounty-5Salaheddine KALADAresponsible-disclosure, ethical-hacking, bug-bounty-writeup, bug-bounty, cybersecurity28-Oct-2024
How I Leveraged HTML Injection to Create an Account Using Someone Else’s Emailhttps://infosecwriteups.com/how-i-leveraged-html-injection-to-create-an-account-using-someone-elses-email-b80f83ab9465?source=rss------bug_bounty-5Devanshcybersecurity, html-injection, bug-bounty, information-security27-Oct-2024
Use Burp Suite Community version like a professional version Save upto $449https://medium.com/@anandrishav2228/use-burp-suite-community-version-like-a-professional-version-2225e9d0404f?source=rss------bug_bounty-5Rishav anandburpsuite, hacking, bug-bounty, money, cybersecurity27-Oct-2024
My Roadmap and the Tools I plan to use to aid my journey.https://cybersechemmars.medium.com/my-roadmap-and-the-tools-i-plan-to-use-to-aid-my-journey-4f720504fce6?source=rss------bug_bounty-5Cybersec with Hemmarsbug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips27-Oct-2024
Unauthorized Privilege Escalation: Gaining Command Line Access on Unpermitted Company Devices $$$$https://sp1der0x.medium.com/unauthorized-privilege-escalation-gaining-command-line-access-on-unpermitted-company-devices-1a67e55f1b63?source=rss------bug_bounty-5Spiderhacking, business-logic, privilege-escalation, access-control, bug-bounty27-Oct-2024
Bypassing File Upload Defenses: My Journey from Simple Bypass to Near RCEhttps://medium.com/@dsmodi484/bypassing-file-upload-defenses-my-journey-from-simple-bypass-to-near-rce-ffbd23400efa?source=rss------bug_bounty-5Dishant Modibug-bounty, vulnerability, file-upload, methodology, rce27-Oct-2024
How to find bugs in Microsoft iis page.https://infosecwriteups.com/how-to-find-bugs-in-microsoft-iis-page-ef336a229abc?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, cybersecurity, hacking, tips, bug-bounty27-Oct-2024
How I Leveraged HTML Injection to Create an Account Using Someone Else’s Emailhttps://infosecwriteups.com/how-i-leveraged-html-injection-to-create-an-account-using-someone-elses-email-b80f83ab9465?source=rss------bug_bounty-5Devansh Doshicybersecurity, html-injection, bug-bounty, information-security27-Oct-2024
Fog & Akira Ransomware Exploit SonicWall VPN: Is Your Network Safe?https://medium.com/@wiretor/fog-akira-ransomware-exploit-sonicwall-vpn-is-your-network-safe-81da77b75cae?source=rss------bug_bounty-5WIRE TORpentesting, hacking, cybersecurity, usa, bug-bounty27-Oct-2024
China-Backed Cyber Attack: Donald Trump and JD Vance Targeted!https://medium.com/@wiretor/china-backed-cyber-attack-donald-trump-and-jd-vance-targeted-004518c60c89?source=rss------bug_bounty-5WIRE TORmalware, bug-bounty, usa, hacking, cybersecurity27-Oct-2024
Unauthorized Privilege Escalation: Gaining Command Line Access on Unpermitted Company Devices $$$$https://sp1der0x.medium.com/unauthorized-privilege-escalation-gaining-command-line-access-on-unpermitted-company-devices-1a67e55f1b63?source=rss------bug_bounty-5Sp1der0xhacking, business-logic, privilege-escalation, access-control, bug-bounty27-Oct-2024
Firefox&Chrome extensions for bugbounty hunters.(PART 2)https://osintteam.blog/firefox-chrome-extensions-for-bugbounty-hunters-part-2-c3febcb6e64b?source=rss------bug_bounty-5loyalonlytodaytips, hacking, penetration-testing, cybersecurity, bug-bounty26-Oct-2024
Free vps for hacking and bug bounty hunting.https://osintteam.blog/free-vps-for-hacking-and-bug-bounty-hunting-921d1dda71ce?source=rss------bug_bounty-5loyalonlytodaybug-bounty, hacking, tips-and-tricks, vps, cybersecurity26-Oct-2024
Bug Bounty with AI in Real-Time: The Future of Cybersecurityhttps://prakash888kpk.medium.com/bug-bounty-with-ai-in-real-time-the-future-of-cybersecurity-b3f783c7f0de?source=rss------bug_bounty-5Lets Unlearntips-and-tricks, ai, bug-bounty26-Oct-2024
Find CSRF and get a bounty of $900 Quicklyhttps://medium.com/@anandrishav2228/find-csrf-and-get-a-bounty-of-900-quickly-a9c3bf311dfb?source=rss------bug_bounty-5Rishav anandmoney, bug-bounty, cybersecurity, hacker, ai26-Oct-2024
One idea Uncovers Authentication Bypass & Session management flawhttps://medium.com/@CipherHawk/one-idea-uncovers-authentication-bypass-session-management-flaw-2e1536f5c52d?source=rss------bug_bounty-5CipherHawkbug-bounty, hackerone, vulnerability, bugcrowd, hacking26-Oct-2024
How to Handle Burnout as a Bug Bounty Hunter: Step-by-Step Guidehttps://bevijaygupta.medium.com/how-to-handle-burnout-as-a-bug-bounty-hunter-step-by-step-guide-173bdc11386d?source=rss------bug_bounty-5Vijay Guptaburnout, bug-bounty-writeup, bug-bounty, bugs, bug-bounty-tips26-Oct-2024
Curious Case of a Feedback Linkhttps://medium.com/@thelazypentester/curious-case-of-a-feedback-link-0b1f5b208df0?source=rss------bug_bounty-5Jobsonsensitive-information, bug-bounty, cybersecurity, hacking, burpsuite26-Oct-2024
Bug Hunting Methodologyhttps://medium.com/@prajwalpatil453/bug-hunting-methodology-0780e74958be?source=rss------bug_bounty-5Anonstrkcybersecurity, bug-bounty-tips, bug-bounty, methodology, bug-hunting26-Oct-2024
500$ Idor vulnerability.https://medium.com/@noureldin1042/500-idor-vulnerability-dfc5d6f31119?source=rss------bug_bounty-5Noureldin(0x_5wf)programming, hacking, bug-bounty, bug-bounty-writeup, bug-bounty-tips26-Oct-2024
INICON: A One-Stop Recon Tool for Bug Bounty Huntershttps://medium.com/@jwalanth/inicon-a-one-stop-recon-tool-for-bug-bounty-hunters-8e1dcfa90a6c?source=rss------bug_bounty-5Kira61(Jwalanth)cybersecurity, python, pentesting, reconnaissance, bug-bounty26-Oct-2024
How I Discovered an Easy 2FA Vulnerability on Logitechhttps://medium.com/@dhananjay_00/how-i-discovered-an-easy-2fa-vulnerability-on-logitech-ff0d07178b04?source=rss------bug_bounty-5Dhananjay Pathakbug-bounty-tips, bug-bounty, bugbounty-writeup, hackerone, hacking26-Oct-2024
Dependency Confusion Unleashed: How One Misconfiguration Can Compromise an Entire Systemhttps://medium.com/@omargamal4em/dependency-confusion-unleashed-how-one-misconfiguration-can-compromise-an-entire-system-e0df2a26c341?source=rss------bug_bounty-5omar gamalbug-bounty-writeup, bug-bounty, bug-bounty-hunter, bug-bounty-tips26-Oct-2024
AIO Web App Pentesting Checklisthttps://cristivlad.medium.com/aio-web-app-pentesting-checklist-afe277d735dd?source=rss------bug_bounty-5Cristi Vladcybersecurity, bug-bounty, infosec, penetration-testing, pentesting26-Oct-2024
Apple Paying Big Bucks for Security Flaws: Your Chance to Cash In!https://medium.com/@v55232352/apple-paying-big-bucks-for-security-flaws-your-chance-to-cash-in-edb0f4f5ad21?source=rss------bug_bounty-5Patrick Hoovercyber-security-services, bug-bounty, apple-security-update26-Oct-2024
SQL Injections and the cute $2000 bountyhttps://medium.com/@nireshpandian19/sql-injections-and-the-cute-2000-bounty-2d18441ee0e3?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty, bug-bounty-writeup, idor-vulnerability, bug-bounty-tips, sql-injection26-Oct-2024
Bind Shells: A Practical Guidehttps://medium.com/@learntheshell/bind-shells-a-practical-guide-9c00b3d7ad74?source=rss------bug_bounty-5LearnTheShellcybersecurity, bug-bounty, pentesting, bind-shell, bug-bounty-tips26-Oct-2024
Cronjobs for hackers (bugbounty article)https://medium.com/@bag0zathev2/cronjobs-for-hackers-bugbounty-article-7d51588d0fd5?source=rss------bug_bounty-5Fares Walid (SirBugs)cybersecurity, bugbounty-tips, cronjob, bug-bounty, hacking26-Oct-2024
BugBounty — Mastering the Basics (along with Resources)[Part-1]https://medium.com/@iabhipathak/bugbounty-mastering-the-basics-along-with-resources-part-1-47d30eb3d19a?source=rss------bug_bounty-5Abhinav Pathakbug-bounty, cybersecurity, security, ethical-hacking, hacking26-Oct-2024
DVWA : Brute Force Vulnerability Solution (Low & Medium Security Level)https://medium.com/@Kamal_S/dvwa-brute-force-vulnerability-solution-low-medium-security-level-9c01eadf3720?source=rss------bug_bounty-5Kamal Sdvwa, burpsuite, brute-force, owasp, bug-bounty26-Oct-2024
New Cisco ASA and FTD Features: Blocking VPN Brute-Force Password Attacks!https://medium.com/@wiretor/new-cisco-asa-and-ftd-features-blocking-vpn-brute-force-password-attacks-c9065ef3ccfd?source=rss------bug_bounty-5WIRE TORpresidential-election-usa, cybersecurity, usa, bug-bounty, hacking26-Oct-2024
New Windows Driver Signature Bypass Enables Rootkit Installs!https://medium.com/@wiretor/new-windows-driver-signature-bypass-enables-rootkit-installs-42d64a4e973a?source=rss------bug_bounty-5WIRE TORbug-bounty, cybersecurity, networking, hacking, malware26-Oct-2024
Black Basta Ransomware Targets Teams: Stay Vigilant!https://medium.com/@wiretor/black-basta-ransomware-targets-teams-stay-vigilant-a76d8550003c?source=rss------bug_bounty-5WIRE TORhacking, cybersecurity, malware, xss-attack, bug-bounty26-Oct-2024
Hunting for Open Redirect Vulnerabilities: A Beginner to Expert Guidehttps://medium.com/@360Security/hunting-for-open-redirect-vulnerabilities-a-beginner-to-expert-guide-c33dd1ac1875?source=rss------bug_bounty-5360 Securityweb-security, penetration-testing, vulnerability, cybersecurity, bug-bounty26-Oct-2024
Red Hat SSO 7.6 Host Header Injection Vulnerabilityhttps://medium.com/@mark.roy.1337/exploiting-and-securing-red-hat-sso-7-6-host-header-injection-vulnerability-654424f6889a?source=rss------bug_bounty-5Mark R.vulnerability, bug-bounty, cybersecurity25-Oct-2024
TECNO Security Year-End Reward Sprint Preview: Grand Prizes Await You!https://medium.com/@security.tecno/tecno-security-year-end-reward-sprint-preview-grand-prizes-await-you-7dec791e12ce?source=rss------bug_bounty-5TECNO Securitybug-bounty, hacking, bonus, security25-Oct-2024
How I Bypassed Rate Limit on Loginhttps://mo9khu93r.medium.com/how-i-bypassed-rate-limit-on-login-b600b15158ef?source=rss------bug_bounty-5mo9khu93rbug-bounty, hacking, cybersecurity, pentesting, rate-limit-bypass25-Oct-2024
Remote Code Execution - Rage of Race Condition on Gen AIhttps://shahjerry33.medium.com/remote-code-execution-rage-of-race-condition-on-gen-ai-6f4cbc1a0e62?source=rss------bug_bounty-5Jerry Shah (Jerry)cybersecurity, penetration-testing, infosec, vulnerability, bug-bounty25-Oct-2024
Bug punya severity & priorityhttps://ilhamday.medium.com/bug-punya-severity-priority-5552885eebd6?source=rss------bug_bounty-5Ilham Ferrytesting, bug-bounty, qa, quality-assurance, software-development25-Oct-2024
Red Hat SSO 7.6 Host Header Injection Vulnerabilityhttps://medium.com/@mark-r/exploiting-and-securing-red-hat-sso-7-6-host-header-injection-vulnerability-654424f6889a?source=rss------bug_bounty-5Mark R.vulnerability, bug-bounty, cybersecurity25-Oct-2024
Advance AI Test Cases For Penetration Testinghttps://infosecwriteups.com/advance-ai-testcases-for-penetration-testing-d61b2196311d?source=rss------bug_bounty-5Ajay Naikinformation-technology, cyberattack, cybersecurity, bug-bounty, ai25-Oct-2024
Exploiting BAC: Unlimited Likes in Comment Sectionshttps://medium.com/@RaunakGupta1922/exploiting-bac-unlimited-likes-in-comment-sections-64f173b951fe?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitbug-bounty-tips, cybersecurity, programming, bug-bounty, technology25-Oct-2024
Information Disclosure in Top 500 Company through Source Codehttps://medium.com/@anonymousshetty2003/information-disclosure-in-top-500-company-through-source-code-fe91a7806acc?source=rss------bug_bounty-5Anonymousshettybug-bounty, cybersecurity, hacking, information-disclosure, security25-Oct-2024
WordPress Penetration Testing: A Hacker’s Playbookhttps://systemweakness.com/wordpress-penetration-testing-a-hackers-playbook-bb97b8a009b1?source=rss------bug_bounty-5Ahmed Makawipenetration-testing, ethical-hacking, wordpress, bug-bounty25-Oct-2024
How to install WhatWeb & usage samples.https://pwndecoco.medium.com/how-to-install-whatweb-usage-samples-8b735fc4d645?source=rss------bug_bounty-5Pwndec0c0penetration-testing, whatweb, bug-bounty, cybersecurity, linux25-Oct-2024
My step by step process on how I do Bug Bounty Hunting: From finding targets to Submission of the…https://pwndecoco.medium.com/my-step-by-step-process-on-how-i-do-bug-bounty-program-from-finding-targets-to-submission-of-the-d25939b2a1b3?source=rss------bug_bounty-5Pwndec0c0bug-bounty-tips, bug-bounty-writeup, bug-bounty, penetration-testing, cybersecurity25-Oct-2024
Uncovering Vulnerabilities: My Discovery of Hashed Passwords on a Dutch Government Websitehttps://medium.com/@anonymousshetty2003/uncovering-vulnerabilities-my-discovery-of-hashed-passwords-on-a-dutch-government-website-f30969e6ebbc?source=rss------bug_bounty-5Anonymousshettycybersecurity, security, bug-bounty, hacking, information-disclosure25-Oct-2024
Finding Cross-Site Scripting (XSS) vulnerabilities in Bug bounty programhttps://medium.com/@curiouskhanna/finding-cross-site-scripting-xss-vulnerabilities-in-bug-bounty-program-2a40bef4c8d7?source=rss------bug_bounty-5Shubham Khannacybersecurity, earn-money-online, research, bug-bounty25-Oct-2024
Cracking JWT Tokens: A Path to Identifying Bugs and Earn upto $700https://medium.com/@anandrishav2228/cracking-jwt-tokens-a-path-to-identifying-bugs-and-earn-upto-700-4028bcdcbebf?source=rss------bug_bounty-5Rishav anandbug-bounty, hacking, money, token, cybersecurity24-Oct-2024
50€ Rabbit Hole — Plain as Cake Bugshttps://medium.com/@rootplinix/50-rabbit-hole-plain-as-cake-bugs-e3e0940f93ce?source=rss------bug_bounty-5Abu Hurayrabug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips, cybersecurity24-Oct-2024
IDOR+Privilege Escalation+No Rate Limit+Business Logic into a Single Vulnerabilityhttps://medium.com/@hossam_hamada/idor-privilege-escalation-no-rate-limit-business-logic-into-a-single-vulnerability-1e6acc9a3884?source=rss------bug_bounty-5Hossam Hamadahackerone, idor, bug-bounty, privilege-escalation, business-logic24-Oct-2024
Bug Bounty Burnout: Stay Motivated and Mentally Stronghttps://bevijaygupta.medium.com/bug-bounty-burnout-stay-motivated-and-mentally-strong-9408b92fa6c8?source=rss------bug_bounty-5Vijay Guptamentally-strong, bug-bounty, motivation, bug-bounty-tips, bugs24-Oct-2024
Critical Threat for WordPress Developers and Users, if You are Using a General Password to login…https://medium.com/@a5adujjaman/critical-threat-for-wordpress-developers-and-users-if-you-are-using-a-general-password-to-login-359ff16fcc45?source=rss------bug_bounty-5Asadujjaman Asifsecurity, two-factor-authentication, bug-bounty, wordpress, wordpress-security24-Oct-2024
Web3 BBP Journal: Oct.24, 2024https://medium.com/@harryfyx/web3-bbp-journal-oct-24-2024-d3c7083ac416?source=rss------bug_bounty-5hhhkbbug-bounty24-Oct-2024
Bugcrowd Triage is Terriblehttps://medium.com/@cybersecnoneed/bugcrowd-triage-is-terrible-97065059aaff?source=rss------bug_bounty-5Cybersecnoneedbug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-bounty-hunter, bug-bounty-program24-Oct-2024
Unreleased function leads to 150$ bountyhttps://medium.com/@noureldin1042/unreleased-function-leads-to-150-bounty-c8521e3e3ba8?source=rss------bug_bounty-5Noureldin(0x_5wf)bug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-hunting, programming24-Oct-2024
How I Accessed Microsoft’s ServiceNow — Exposing ALL Microsoft Employee emails, Chat Support…https://medium.com/@moblig/how-i-accessed-microsofts-servicenow-exposing-all-microsoft-employee-emails-chat-support-5f8d535eb63b?source=rss------bug_bounty-5Mobligbug-bounty, cybersecurity, microsoft, news24-Oct-2024
Seprate Active and Dead Subdomains part 4https://osintteam.blog/seprate-active-and-dead-subdomains-part-4-18f092dc8423?source=rss------bug_bounty-5Mr Abdullahbugbounty-writeup, subdomains-enumeration, hacking, bug-bounty, web-hacking24-Oct-2024
Smart recon to PWN the panelhttps://ro0od.medium.com/smart-recon-to-pwn-the-panel-a23b0b9466bb?source=rss------bug_bounty-5roodhacking, bug-bounty, hackerone, writeup, bug-bounty-tips24-Oct-2024
Penalized for Responsible Disclosurehttps://geochen.medium.com/penalized-for-responsible-disclosure-e36b3f57dc8a?source=rss------bug_bounty-5George Chenbig-four, hacking, bug-bounty, cybersecurity, responsible-disclosure24-Oct-2024
Bug Bounty with AI: Enhancing Cybersecurity Through Artificial Intelligencehttps://prakash888kpk.medium.com/bug-bounty-with-ai-enhancing-cybersecurity-through-artificial-intelligence-fc679204b800?source=rss------bug_bounty-5Lets Unlearnai-tools, bug-bounty, ai, bugs, bounties24-Oct-2024
Cheat Sheet : Utilisation de Nuclei pour les Tests de Sécurité et bhttps://medium.com/@Itachi0xf/cheat-sheet-utilisation-de-nuclei-pour-les-tests-de-s%C3%A9curit%C3%A9-et-b-e4d9d57aff32?source=rss------bug_bounty-5Itachix0fhacking, cheatsheet, learning, bug-bounty24-Oct-2024
Das CRUD-Prinziphttps://medium.com/@rainer_zufall111/das-crud-prinzip-786530d1a302?source=rss------bug_bounty-5R4In3RZuf4LLcybersecurity, hacking, bug-bounty, api24-Oct-2024
How i found exposed db creds on .gov sitehttps://medium.com/@jenroots/how-i-found-exposed-db-creds-on-gov-site-24588d9eb9c8?source=rss------bug_bounty-5Jenrootsbug-bounty-tips, information-security, penetration-testing, bugs, bug-bounty24-Oct-2024
Second Strike: Uncovering a GraphQL IDOR That Let Me Delete Anyones Posthttps://dukrov.medium.com/second-strike-uncovering-a-graphql-idor-that-let-me-delete-anyones-post-7c6fefd71db7?source=rss------bug_bounty-5͏ ͏Dukrovbug-bounty, hackerone, cybersecurity, bugbounty-tips, hacking24-Oct-2024
How to Handle Burnout as a Bug Bounty Hunter: Step By Step guidehttps://medium.com/@shaikhminhaz1975/how-to-handle-burnout-as-a-bug-bounty-hunter-step-by-step-guide-c83b06c4fc1f?source=rss------bug_bounty-5Shaikh Minhazburnout-prevention, stress-management, cybersecurity, stress, bug-bounty23-Oct-2024
How to Find CVEs, Report Them, and Leverage Them for Career Growth and Bounties of $$$$$.https://medium.com/@anandrishav2228/how-to-find-cves-report-them-and-leverage-them-for-career-growth-and-bounties-of-3b62538c64d1?source=rss------bug_bounty-5Rishav anandai, money, cybersecurity, cve, bug-bounty23-Oct-2024
One Payload for Bugbounty(X$$)!https://pwndecoco.medium.com/one-payload-for-bugbounty-x-ace7dfd4859d?source=rss------bug_bounty-5Pwndec0c0penetration-testing, bugbounty-tips, bug-bounty, hacking, bugbounty-writeup23-Oct-2024
Hacking Tools That You Need To Learnhttps://aircorridor.medium.com/hacking-tools-that-you-need-to-learn-2d8ebb8b47aa?source=rss------bug_bounty-5Aircorridorbug-bounty, cybersecurity, linux, tools, hacking23-Oct-2024
Improper Access Control — Generic: How I Gained Full Control Over an Admin Panelhttps://medium.com/@rezauditore/improper-access-control-generic-how-i-gained-full-control-over-an-admin-panel-c82587a1a09f?source=rss------bug_bounty-5rezauditorebug-bounty, lgbtq, appsec, ethical-hacking, api23-Oct-2024
How I Discovered Sensitive App_ID and App_Key Disclosure in a JavaScript File and Earned $150https://medium.com/@dhananjay_00/how-i-discovered-sensitive-app-id-and-app-key-disclosure-in-a-javascript-file-and-earned-150-ad3fb7f942bc?source=rss------bug_bounty-5Dhananjay Pathakpenetration-testing, cybersecurity, hacking, bug-bounty, hackerone23-Oct-2024
Understanding SMTP User Enumeration via MX Record Attackshttps://hackerhalt.medium.com/smtp-user-enumeration-mx-record-4e5761d52e57?source=rss------bug_bounty-5Hacker Haltpentesting, bugcrowd, bug-bounty, hackerone23-Oct-2024
Entering The Dark Web And Explaining The Art Of Deep Anonymity | Primary Hacking School #8https://medium.com/@nnface/entering-the-dark-web-and-explaining-the-art-of-deep-anonymity-primary-hacking-school-8-20239706e4fc?source=rss------bug_bounty-5NnFacedarkweb, web, hacking, kali-linux, bug-bounty23-Oct-2024
Eyeglass Adventures: From Typos to Admin Access — A Hacker’s Talehttps://medium.com/@khode4li/eyeglass-adventures-from-typos-to-admin-access-a-hackers-tale-0a3149acd6e9?source=rss------bug_bounty-5Khod4lisecurity, mass-assignment, bug-bounty, broken-access-control, vulnerability23-Oct-2024
Stored XSS Critical or NOT?https://medium.com/@mrro0o0tt/stored-xss-critical-or-not-da9eb9b19029?source=rss------bug_bounty-5Whoamibug-bounty-hunter, bug-bounty-tips, bug-bounty, hacking, bug-bounty-writeup23-Oct-2024
Requisições Web  —  Tudo que você deve saber para começar em cybersegurançahttps://medium.com/@malwarilia/requisi%C3%A7%C3%B5es-web-tudo-que-voc%C3%AA-deve-saber-para-come%C3%A7ar-em-cyberseguran%C3%A7a-ef01a89b250c?source=rss------bug_bounty-5Marília Rochabug-bounty-tips, pentesting, cybersecurity, infosec, bug-bounty22-Oct-2024
Bug Bounty Methodology for SQL Injection with Waybash URLshttps://pwn0sec.medium.com/bug-bounty-methodology-for-sql-injection-with-waybash-urls-d1d13d0ebdaa?source=rss------bug_bounty-5Imhunterandbug-bounty-tips, waybash, sql-injection, bug-bounty-writeup, bug-bounty22-Oct-2024
Oracle SQL Injection | Database Reconhttps://systemweakness.com/oracle-sql-injection-database-recon-0c384d4a085a?source=rss------bug_bounty-5AbhirupKonwarcybersecurity, sql-injection, bug-bounty, pentesting, bug-bounty-tips22-Oct-2024
Forget password OTP flaw lead to Account Takeover.https://medium.com/@bughunt789/forget-password-otp-flaw-lead-to-account-takeover-b3f2b847952b?source=rss------bug_bounty-5BUG HUNTERbug-bounty, bug-bounty-writeup, response-manipulation, account-takeover, account-takeover-attacks22-Oct-2024
How I Hacked Over 150k PII on a Programhttps://medium.com/@rootplinix/how-i-hacked-over-150k-pii-on-a-program-f58b8b141d4a?source=rss------bug_bounty-5Abu Hurayrapii-data, infosec, hackerone, bug-bounty-tips, bug-bounty22-Oct-2024
SQL Injection Attack, Listing the Database Contents on Oraclehttps://medium.com/@marduk.i.am/sql-injection-attack-listing-the-database-contents-on-oracle-3be23e33a43d?source=rss------bug_bounty-5Marduk I Amsqli, information-security, sql-injection, portswigger-lab, bug-bounty22-Oct-2024
Discovery of Reflected XSS Vulnerability on a Global Car Website #2https://medium.com/@gg20205959/discovery-of-reflected-xss-vulnerability-on-a-global-car-website-2-ddfc7ba9f67d?source=rss------bug_bounty-5VulnSniperxss-attack, xss-vulnerability, bug-bounty, penetration-testing22-Oct-2024
LLM Penetration Testing Checklisthttps://infosecwriteups.com/llm-penetration-testing-checklist-87eda0ce2991?source=rss------bug_bounty-5Ajay Naikinformation-technology, information-security, penetration-testing, cybersecurity, bug-bounty22-Oct-2024
Security Flaw in Styra’s OPA Exposes NTLM Hashes to Remote Attackershttps://medium.com/@wiretor/security-flaw-in-styras-opa-exposes-ntlm-hashes-to-remote-attackers-f4c9ce201de8?source=rss------bug_bounty-5WIRE TORpenetration-testing, hacking, bug-bounty, cybersecurity, usa22-Oct-2024
Shodan Secrets | Hack Hidden Files Easilyhttps://osintteam.blog/shodan-secrets-hack-hidden-files-easily-94de007def73?source=rss------bug_bounty-5AbhirupKonwarcybersecurity, bug-hunting, shodan, bug-bounty, pentesting22-Oct-2024
Hunting Broken Object Level Authorizationhttps://blackhawkk.medium.com/hunting-broken-object-level-authorization-9b499fc0f327?source=rss------bug_bounty-5Tanmay Bhattacharjeebug-bounty, api-sec, owasp22-Oct-2024
Single endpoint leads to two bounties!(400$)https://medium.com/@noureldin1042/single-endpoint-leads-to-two-bounties-400-7dd96cf601c7?source=rss------bug_bounty-5Noureldin(0x_5wf)bug-bounty, bug-hunting, bug-bounty-writeup, hackerone, bug-bounty-tips22-Oct-2024
Breaking Boundaries: Discovering Session Invalidation Failures in User Roleshttps://medium.com/@hawkeye69669/breaking-boundaries-discovering-session-invalidation-failures-in-user-roles-84711777f9f2?source=rss------bug_bounty-5Hawkeyebug-bounty-tips, bug-bounty, infosec-write-ups, bug-bounty-writeup, infosec22-Oct-2024
Google Warns of Samsung Zero-Day Exploited in the Wildhttps://medium.com/@wiretor/google-warns-of-samsung-zero-day-exploited-in-the-wild-fb98c84b3e06?source=rss------bug_bounty-5WIRE TORusa, cybersecurity, hacking, bug-bounty, malware22-Oct-2024
Critical Vulnerabilities Expose mbNET.mini and Helmholz Industrial Routers to Attackshttps://medium.com/@wiretor/critical-vulnerabilities-expose-mbnet-mini-and-helmholz-industrial-routers-to-attacks-feac904b23b5?source=rss------bug_bounty-5WIRE TORusa, hacking, bug-bounty, cybersecurity, pentesting22-Oct-2024
Ransomware Alert: Cicada3301 Emerges as Successor to BlackCathttps://medium.com/@wiretor/ransomware-alert-cicada3301-emerges-as-successor-to-blackcat-e0e468472e08?source=rss------bug_bounty-5WIRE TORpentesting, bug-bounty, cybersecurity, usa, hacking22-Oct-2024
How i tricked Crypto Trading Site into sending Dangerous email to it’s Usershttps://medium.com/@Rahulkrishnan_R_Panicker/how-i-tricked-crypto-trading-site-into-sending-dangerous-email-to-its-users-a11a972c470f?source=rss------bug_bounty-5Rahulkrishnan R Panickerbug-bounty, bug-bounty-tips, bug-bounty-writeup, pentesting, security21-Oct-2024
Oops, Nykaa! How I Almost Ordered ₹1 Lakh Worth of Makeup (Without Even Logging In!)https://medium.com/@lungfu-chingchung/oops-nykaa-how-i-almost-ordered-1-lakh-worth-of-makeup-without-even-logging-in-f10679e0d8c9?source=rss------bug_bounty-5LungFulearning, firstwriteup, mastmaula, security, bug-bounty21-Oct-2024
Another Dark Reality of Bug Huntinghttps://bevijaygupta.medium.com/another-dark-reality-of-bug-hunting-0c8fa62e9867?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, dark-reality, bug-bounty, bugs, bug-zero21-Oct-2024
How to Use nslookup from Beginner to Advanced: A Comprehensive Guidehttps://medium.com/@anandrishav2228/how-to-use-nslookup-from-beginner-to-advanced-a-comprehensive-guide-846ad93955e4?source=rss------bug_bounty-5Rishav anandmoney, cybersecurity, hacker, bug-bounty, dns21-Oct-2024
How I Found and Reported a High Severity Stored XSS Vulnerability in the UK Ministry of Defence: A…https://medium.com/@sagarjondhle/how-i-found-and-reported-a-critical-stored-xss-vulnerability-in-the-uk-ministry-of-defence-a-bug-e44497befaa8?source=rss------bug_bounty-5IronPurushbug-bounty, cybersecurity, information-technology, education21-Oct-2024
Hacking LLMNR and NBT-NShttps://medium.com/@nishcyber22/hacking-llmnr-and-nbt-ns-3187458ee89d?source=rss------bug_bounty-50xn1shpenetration-testing, hacking, cybersecurity, windows-hacking, bug-bounty21-Oct-2024
HTTP para Pentesters: Tudo que você precisa saberhttps://medium.com/@malwarilia/introdu%C3%A7%C3%A3o-ao-http-para-pentesters-tudo-que-voc%C3%AA-precisa-saber-f3cce97d42e9?source=rss------bug_bounty-5Marília Rochaoffensive-security, segurança-da-informação, cybersecurity, bug-bounty, pentes21-Oct-2024
What’s Session Managementhttps://medium.com/@vishalsahu1604/whats-session-management-306c08a9afcf?source=rss------bug_bounty-5Vishal Sahoobug-bounty, cybersecurity, website-traffic, website, website-development21-Oct-2024
Unlocking Cybersecurity with Censys: A Guide to Ethical Hacking, Bug Bounties, and Pentesting —…https://medium.com/@vulnlabresearcher/unlocking-cybersecurity-with-censys-a-guide-to-ethical-hacking-bug-bounties-and-pentesting-f4c29e89ac54?source=rss------bug_bounty-5VulnResearcherpassive-network-scanning, internet-scanning-tools, censys-tutorial, bug-bounty, ethical-hacking21-Oct-2024
CSRF-ATTACK-PREVENTION-GUIDEhttps://osintteam.blog/csrf-attack-prevention-guide-3afe8791af6d?source=rss------bug_bounty-5Asad Mohsincyber-security-awareness, cybersecuirty, cyber-attack-prevention, bug-bounty, csrf21-Oct-2024
How No rate limiting got me 150$ in 5 minutes.https://medium.com/@noureldin1042/how-no-rate-limiting-got-me-150-in-5-minutes-e0abbec48f35?source=rss------bug_bounty-5Noureldin(0x_5wf)bug-bounty, bounty-hunter, penetration-testing, bounty-program, bug-hunting21-Oct-2024
How i found 22 LFI in the same program using automation trickshttps://medium.com/@zomasec/how-i-found-22-lfi-in-the-same-program-using-automation-tricks-3ea303d24f4a?source=rss------bug_bounty-5Hazem El-Sayedbug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips, web-security21-Oct-2024
My First $100 Bounty: Exploiting IDOR Vulnerability in Account Sectionhttps://medium.com/@tinu7494/my-first-100-bounty-exploiting-idor-vulnerability-in-account-section-fc81d28dbed9?source=rss------bug_bounty-5Whitehatbug-bounty, penetration-testing, bug-bounty-tips, hacking, cybersecurity21-Oct-2024
How Sensitive Information Disclosure Can Lead to Account Takeoverhttps://medium.com/@D2Cy/how-sensitive-information-disclosure-can-lead-to-account-takeover-vulnerabilities-4d18d2a3711d?source=rss------bug_bounty-5Devanshinformation-security, bug-bounty, idor, account-takeover21-Oct-2024
Mastering Arsenal (How to Use the Nuclei Tool Effectively)https://medium.com/@bitthr3at/mastering-arsenal-how-to-use-the-nuclei-tool-effectively-5ff976dfaeb0?source=rss------bug_bounty-5Naman Gupta (Bitthr3at)nucleus, scanning, bug-bounty, pentest, tools21-Oct-2024
Microsoft Blocks Windows 11 24H2 on Select ASUS Models: A Cautionary Tale for Usershttps://medium.com/@wiretor/microsoft-blocks-windows-11-24h2-on-select-asus-models-a-cautionary-tale-for-users-5fc3314e0cfa?source=rss------bug_bounty-5WIRE TORcybersecurity, bug-bounty, pentest, usa, hacking21-Oct-2024
Cisco Takes DevHub Portal Offline Following Hacker Leak of Sensitive Datahttps://medium.com/@wiretor/cisco-takes-devhub-portal-offline-following-hacker-leak-of-sensitive-data-b6ca5cffe3c3?source=rss------bug_bounty-5WIRE TORpentesting, hacking, usa, bug-bounty, cybersecurity21-Oct-2024
Massive WordPress Breach: Over 6,000 Sites Hacked by Infostealing Malware Plugins! ️https://medium.com/@wiretor/massive-wordpress-breach-over-6-000-sites-hacked-by-infostealing-malware-plugins-%EF%B8%8F-2a4cb7e80d0c?source=rss------bug_bounty-5WIRE TORpentest, usa, pentesting, bug-bounty, cybersecurity21-Oct-2024
North Korean Hackers Exploit Microsoft Zero-Day: APT37’s “Code-on-Toast” Attack Uncoveredhttps://medium.com/@wiretor/north-korean-hackers-exploit-microsoft-zero-day-apt37s-code-on-toast-attack-uncovered-c10af50cf040?source=rss------bug_bounty-5WIRE TORcybersecurity, usa, bug-bounty, hacking, malware21-Oct-2024
My Bug Hunting Journey Beginshttps://medium.com/@ahmsyhmi/my-bug-hunting-journey-begins-c75c291ffe9c?source=rss------bug_bounty-5Ahmad Syahmibug-bounty-tips, bug-bounty, cybersecurity, bug-bounty-hunter, bug-hunting20-Oct-2024
How i got 300euro bounty?https://doordiefordream.medium.com/how-i-got-300euro-bounty-5e25f0a212de?source=rss------bug_bounty-5balu bandiethical-hacking, hacking, bug-bounty, writeup, cybersecurity20-Oct-2024
How I Found My First P1 Bug ??https://medium.com/@prajwalpatil453/how-i-found-my-first-p1-bug-705b6ba5e3e2?source=rss------bug_bounty-5Anonstrkbug-bounty-tips, cybersecurity, tips-and-tricks, vdp, bug-bounty20-Oct-2024
How Much Does Penetration Testing Cost?https://securitylit.medium.com/how-much-does-penetration-testing-cost-945fdb94e973?source=rss------bug_bounty-5Security Lit Limitedit-security, penetration-testing, pentesting, services, bug-bounty20-Oct-2024
Is CISSP Certification Still Worth It in 2025? Find Out Why You Should Consider It!https://securitylit.medium.com/is-cissp-certification-still-worth-it-in-2025-find-out-why-you-should-consider-it-dda36a443f80?source=rss------bug_bounty-5Security Lit Limitedpenetration-testing, it-security, bug-bounty, cybersecurity20-Oct-2024
Bypassing Email Uniqueness Check: A Logic Flaw Disrupting Password Recoveryhttps://medium.com/@0xoroot/bypassing-email-uniqueness-check-a-logic-flaw-disrupting-password-recovery-95464c95b664?source=rss------bug_bounty-50xorootbug-bounty-tips, broken-access-control, hacking, bug-bounty, hackerone20-Oct-2024
Mastering SQLMap Tool for Effective SQL Injection Testinghttps://medium.com/@prasanna.acharya/mastering-sqlmap-tool-for-effective-sql-injection-testing-38911178d3f6?source=rss------bug_bounty-5Prasanna Acharyasqlmap, sql-injection, bug-bounty-tips, web-penetration-testing, bug-bounty20-Oct-2024
Mastering Internet Scanning: How to Use ZMap and Censys for Ethical Hacking — Part 1https://medium.com/@vulnlabresearcher/mastering-internet-scanning-how-to-use-zmap-and-censys-for-ethical-hacking-part-1-9d05feb7a382?source=rss------bug_bounty-5VulnResearcherbug-bounty, ethical-hacking, network-scanning, cybersecurity, zmap-tutorial20-Oct-2024
Hack Application Pattern Lockhttps://medium.com/@k3r0/hack-application-pattern-lock-5ade6b8128dc?source=rss------bug_bounty-5Kyrillos nadybug-bounty, pentesting, hacking, mobi̇le, android20-Oct-2024
Bug Bounty Roadmap for Beginner’shttps://medium.com/@kumawatabhijeet2002/bug-bounty-roadmap-for-beginners-de747ab39036?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, hacking, bugbounty-writeup, bug-bounty-tips20-Oct-2024
The Deceptive Dance of Self-XSS: How to Protect Yourself from Your Own Browserhttps://medium.com/@mrutunjayasenapati0/the-deceptive-dance-of-self-xss-how-to-protect-yourself-from-your-own-browser-303ffe642073?source=rss------bug_bounty-5Mrutunjaya Senapatixss-attack, bug-bounty, vulnerability, bugs, hacking20-Oct-2024
My Adventure in Bug Bounty: Sharing My Very First Successful Discoveryhttps://medium.com/@prateek.baghela/my-adventure-in-bug-bounty-sharing-my-very-first-successful-discovery-526124148107?source=rss------bug_bounty-5Prateek Baghelacybersecurity, hacking, ethical-hacking, bug-bounty20-Oct-2024
My first SQLi vulnerabilityhttps://medium.com/@rimed.software/my-first-sqli-vulnerability-f1eaab78eadf?source=rss------bug_bounty-5muhammed demirowasp-top-10, bug-bounty, bug-bounty-writeup, sqli, cybersecurity20-Oct-2024
Halloween Special Offer: 25% Off All Cybersecurity Services!https://medium.com/@wiretor/halloween-special-offer-25-off-all-cybersecurity-services-01ff60356d66?source=rss------bug_bounty-5WIRE TORhacking, bug-bounty, halloween, cybersecurity, usa20-Oct-2024
Finally I got My First Bounty | From Self Hosted Programhttps://medium.com/@the.air.cyborg/finally-i-got-my-first-bounty-from-self-hosted-program-71ffe09473c4?source=rss------bug_bounty-5the_air_cyborgclickjacking, bugbounty-writeup, bug-bounty, bugbounty-tips, clickbait20-Oct-2024
Mastering Nmap Firewall Evasion Techniques: A Detailed Guidehttps://medium.com/@anandrishav2228/mastering-nmap-firewall-evasion-techniques-a-detailed-guide-f5d5b9f00587?source=rss------bug_bounty-5Rishav anandfirewall, bug-bounty, nmap, cybersecurity, money20-Oct-2024
How to Start Hacking: A Comprehensive Guide to Ethical Hacking and Penetration Testing for…https://medium.com/@verylazytech/how-to-start-hacking-a-comprehensive-guide-to-ethical-hacking-and-penetration-testing-for-db6e3fcd63ea?source=rss------bug_bounty-5Very Lazy Techbug-bounty, books, how-to-start-hacking, penetration-testing, cybersecurity20-Oct-2024
Superior Tool Untuk Melakukan Google Dorking Dalam Mencari Kerentanan Websitehttps://medium.com/@bimosp56/superior-tool-untuk-melakukan-google-dorking-dalam-mencari-kerentanan-website-ec7719b05a5b?source=rss------bug_bounty-5Bimo Salasa Putrabug-bounty, bigbountyrecon, vulnerability-assessment, google-dorking, vulnerability20-Oct-2024
FINDING A DOS BUG(STEP BY STEP).https://osintteam.blog/finding-a-dos-bug-step-by-step-5f13d361dc90?source=rss------bug_bounty-5loyalonlytodayhacking, penetration-testing, bug-bounty-tips, cybersecurity, bug-bounty20-Oct-2024
$$$ Bounty for PII disclosure through APIhttps://osintteam.blog/bounty-for-pii-disclosure-through-api-71b660bc984b?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitcybersecurity, hacking, bug-bounty, ethical-hacking, technology20-Oct-2024
Security Misconfigurations in Docker Containers: My $500 Win!https://osintteam.blog/security-misconfigurations-in-docker-containers-my-500-win-241af85882b2?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitethical-hacking, hacking, bug-bounty, cybersecurity, technology20-Oct-2024
Exploiting Auth0 Misconfigurations: A Case Study on Account Linking Vulnerabilitieshttps://medium.com/@iknowhatodo/exploiting-auth0-misconfigurations-a-case-study-on-account-linking-vulnerabilities-76fb6b9703f8?source=rss------bug_bounty-5Hossam Ahmedsecurity, penetration-testing, bug-bounty, information-security20-Oct-2024
What are Cookies? and How Attackers Take Privilege of Cookieshttps://medium.com/@vishalsahu1604/what-are-cookies-and-how-attackers-take-privilege-of-cookies-a016145c5fff?source=rss------bug_bounty-5Vishal Sahoowebsite-development, bug-bounty, technology, cybersecurity, website20-Oct-2024
How I could steal Telegram OTPs using SMS relayshttps://medium.com/@cyberletmewin/how-i-could-steal-telegram-otps-using-sms-relays-4672769c98e3?source=rss------bug_bounty-5Abdelkhalek Beraoud (letmewin)telegram, information-security, mobile-network, cybersecurity, bug-bounty20-Oct-2024
VDP vs CVD vs Bug Bountyhttps://medium.com/@ali.abdollahi/vdp-vs-cvd-vs-bug-bounty-bc2402038e4f?source=rss------bug_bounty-5Ali Abdollahicybersecurity, security, information-security, vulnerability, bug-bounty20-Oct-2024
Hackers Exploit Roundcube Webmail Vulnerability to Steal Login Credentialshttps://medium.com/@wiretor/hackers-exploit-roundcube-webmail-vulnerability-to-steal-login-credentials-6b2761a7dd81?source=rss------bug_bounty-5WIRE TORhacking, pentest, usa, cybersecurity, bug-bounty20-Oct-2024
Hackers Exploit Redbox Kiosks: A Wake-Up Call for Digital Securityhttps://medium.com/@wiretor/hackers-exploit-redbox-kiosks-a-wake-up-call-for-digital-security-1d19e18f3a80?source=rss------bug_bounty-5WIRE TORhacking, usa, cybersecurity, malware, bug-bounty20-Oct-2024
How to Find XSS in Real-Life Bug Bounty Targetshttps://medium.com/@rupaitanudas/how-to-find-xss-in-real-life-bug-bounty-targets-319177706ad8?source=rss------bug_bounty-5Rupaitanudasxss-attack, bug-bounty, tips-and-tricks20-Oct-2024
Internet Archive Breached Again: Urgent Call for Enhanced Cybersecurityhttps://medium.com/@wiretor/internet-archive-breached-again-urgent-call-for-enhanced-cybersecurity-4cb161fc5408?source=rss------bug_bounty-5WIRE TORcybersecurity, bug-bounty, usa, malware, hacking20-Oct-2024
how did I lose $5000?https://medium.com/@mr.matrex00.7/how-did-i-lose-5000-6bf4a5c7cbf7?source=rss------bug_bounty-5Mr Matrexhackthebox, tryhackme, bug-bounty, bug-bounty-tips, bug-bounty-writeup20-Oct-2024
Unveiling Hidden Vulnerabilities: A Journey into E-Commerce Securityhttps://medium.com/@CipherHawk/unveiling-hidden-vulnerabilities-a-journey-into-e-commerce-security-db7993b788cc?source=rss------bug_bounty-5CipherHawkbug-bounty-tips, bug-bounty, bugcrowd, cybersecurity, hackerone20-Oct-2024
VDP vs CVD vs Bug Bountyhttps://systemweakness.com/vdp-vs-cvd-vs-bug-bounty-bc2402038e4f?source=rss------bug_bounty-5Ali Abdollahicybersecurity, security, information-security, vulnerability, bug-bounty20-Oct-2024
How I Found My First Easy P3 Vulnerability in HackerOne Bug Bounty‍https://medium.com/@aryan9868/how-i-found-my-first-easy-p3-vulnerability-in-hackerone-bug-bounty-f9227942c6c0?source=rss------bug_bounty-5h4ck3rrawatbugs, bug-bounty-tips, bugbounty-writeup, hackerone, bug-bounty19-Oct-2024
Google Dorking Queries to find vulnurable targetshttps://medium.com/@kanishk.k1410/google-dorkingqueries-to-find-vulnurable-targets-89ee672b6996?source=rss------bug_bounty-5Kanishk Kumargoogle-dorking, hacking, technology, bug-bounty, offensive-security19-Oct-2024
How a NoSQL Injection Attack Helped Me Earn $500: A Step-by-Step Guidehttps://medium.com/@anandrishav2228/how-a-nosql-injection-attack-helped-me-earn-500-a-step-by-step-guide-51370a95bb93?source=rss------bug_bounty-5Rishav anandbug-bounty, ai, money, nosql, cybersecurity19-Oct-2024
A Comprehensive Guide to API Fuzzing: Strengthen Your API Securityhttps://medium.com/@Code_With_Ssn/a-comprehensive-guide-to-api-fuzzing-strengthen-your-api-security-5c00aac974b0?source=rss------bug_bounty-5N4!TR0 07api-fuzzing, api, bug-bounty, bug-bounty-writeup, reconnaissance19-Oct-2024
From JavaScript Analysis To UUID Pattern Exploration Revealed a Critical IDOR!https://medium.com/@ozomarzu/from-javascript-analysis-to-uuid-pattern-exploration-revealed-a-critical-idor-5c526451e7ec?source=rss------bug_bounty-5CyberOzbug-bounty-tips, js, idor, bug-bounty-writeup, bug-bounty19-Oct-2024
Password Brute-Forcing: The Cybersecurity Game Show You Didn’t Sign Up Forhttps://medium.com/@mrutunjayasenapati0/password-brute-forcing-the-cybersecurity-game-show-you-didnt-sign-up-for-c03052aedeeb?source=rss------bug_bounty-5Mrutunjaya Senapatihacking, vulnerability, bug-bounty, passwords, bugs19-Oct-2024
How I Uncovered a Hidden XSS Vulnerability in a Global Car Websitehttps://medium.com/@gg20205959/how-i-uncovered-a-hidden-xss-vulnerability-in-a-global-car-website-1e0b86a86a7a?source=rss------bug_bounty-5VulnSniperxss-attack, xss-vulnerability, hacking, alerts, bug-bounty19-Oct-2024
How I Uncovered a High-Severity Vulnerability Using a Single HTTP Headerhttps://medium.com/@ahmeedhisham2019/how-i-uncovered-a-high-severity-vulnerability-using-a-single-http-header-bf678a2775dc?source=rss------bug_bounty-5CipherHawkcybersecurity, ethical-hacking, hackerone, bug-bounty-tips, bug-bounty19-Oct-2024
SubdomainRadar.io — The best Subdomain Finder And Port Scannerhttps://medium.com/@alexandrevandammepro/subdomainradar-io-the-best-subdomain-finder-and-port-scanner-a5390b5fee67?source=rss------bug_bounty-5Alexandre Vandammesubdomains-enumeration, osint, bug-bounty, infose, cybersecurity19-Oct-2024
How I am starting my Bug Bounty Hunting Journeyhttps://cybersechemmars.medium.com/how-i-am-starting-my-bug-bounty-hunting-journey-6d807a367d80?source=rss------bug_bounty-5Cybersec with Hemmarsbug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter, cybersecurity19-Oct-2024
Get easy $50,000 bugbounty hunting from hackerone programhttps://medium.com/@loaymorad11/get-easy-50-000-bugbounty-hunting-from-hackerone-program-e5a119d2af0c?source=rss------bug_bounty-5Loaymoradhackerone, writeup, information-disclosure, cybersecurity, bug-bounty19-Oct-2024
Attack on Zendeskhttps://medium.com/@skirkanna/attack-on-zendesk-6f4f3adf3458?source=rss------bug_bounty-5Anna Skirko (unknown_feature)bug-bounty, apple, zendesk, supply-chain, slack19-Oct-2024
How I Uncovered a High-Severity Vulnerability Using a Single HTTP Headerhttps://medium.com/@CipherHawk/how-i-uncovered-a-high-severity-vulnerability-using-a-single-http-header-bf678a2775dc?source=rss------bug_bounty-5CipherHawkcybersecurity, ethical-hacking, hackerone, bug-bounty-tips, bug-bounty19-Oct-2024
How I Found a Subdomain Takeover Bug and Earned a $500 Bountyhttps://medium.com/@D2Cy/how-i-found-a-subdomain-takeover-bug-and-earned-a-500-bounty-0edc139fe994?source=rss------bug_bounty-5D2Cyinformation-security, bug-bounty, bug-bounty-writeup, cybersecurity, subdomain-takeover19-Oct-2024
XSShttps://medium.com/@cyberviperx/xss-f5daee1b9e95?source=rss------bug_bounty-5Majd abuleilxss-vulnerability, bug-bounty, cybersecurity, hacking, xss-attack19-Oct-2024
6 BEST Hacking Books for Learning Cybersecurityhttps://medium.com/illumination/6-best-hacking-books-for-learning-cybersecurity-bbe0e9bdf0ae?source=rss------bug_bounty-5Tahir Ayoubpenetration-testing, bug-bounty, hacking, cybersecurity, ethical-hacking19-Oct-2024
Alabama Man Arrested for SEC Social Media Hack That Caused Bitcoin Price Spikehttps://medium.com/@wiretor/alabama-man-arrested-for-sec-social-media-hack-that-caused-bitcoin-price-spike-eebee5fe0a88?source=rss------bug_bounty-5WIRE TORinformation-technology, cybersecurity, malware, xss-attack, bug-bounty19-Oct-2024
Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Varianthttps://medium.com/@wiretor/russian-romcom-attacks-target-ukrainian-government-with-new-singlecamper-rat-variant-89d740937358?source=rss------bug_bounty-5WIRE TORcybersecurity, xss-attack, hacking, bug-bounty, usa19-Oct-2024
Attention WordPress Users! Critical Jetpack Vulnerability Fixed!https://medium.com/@wiretor/attention-wordpress-users-critical-jetpack-vulnerability-fixed-f52d455499fe?source=rss------bug_bounty-5WIRE TORbug-bounty, usa, sqli, malware, hacking19-Oct-2024
How I Found a Subdomain Takeover Bug and Earned a $500 Bountyhttps://medium.com/@D2Cy/how-i-found-a-subdomain-takeover-bug-and-earned-a-500-bounty-0edc139fe994?source=rss------bug_bounty-5Devanshinformation-security, bug-bounty, bug-bounty-writeup, cybersecurity, subdomain-takeover19-Oct-2024
2FA Bypass via OAuth Linkinghttps://medium.com/@sharp488/2fa-bypass-via-oauth-linking-c8a640519ae8?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbug-bounty-tips, bug-bounty, hacking, information-security, information-technology18-Oct-2024
Stored XSS & Privilege Escalation in Profile Field -Private Programhttps://cyb3rc4t.medium.com/stored-xss-privilege-escalation-in-profile-field-private-program-2bdde55e34b2?source=rss------bug_bounty-5CYB3RC4Tinfosec, bugbounty-writeup, bug-bounty, security, privilege-escalation18-Oct-2024
Managing and Modifying URLs in SubScope for Bug Bounty Programs: A Comprehensive Guidehttps://medium.com/@hunthubspace/managing-and-modifying-urls-in-subscope-for-bug-bounty-programs-a-comprehensive-guide-667df5ed07ab?source=rss------bug_bounty-5hunThubautomation, bug-bounty, penetration-testing, cybersecurity, bug-bounty-tips18-Oct-2024
I found this Bug in just 5 min. Only and Earn $300.https://medium.com/@anandrishav2228/i-found-this-bug-in-just-5-min-only-and-earn-300-6b57528a7291?source=rss------bug_bounty-5Rishav anandcors, bug-bounty, cybersecurity, money, vulnerability18-Oct-2024
Exploiting Session Fixation via Stored XSS and Cookie Jar Overflow Attackhttps://akashc99.medium.com/exploiting-session-fixation-via-stored-xss-and-cookie-jar-overflow-attack-7cf8d60e1f9e?source=rss------bug_bounty-5Akash ccybersecurity, web-app-security, bug-bounty, bug-hunter, hacking18-Oct-2024
A Security Researcher’s Journey: Uncovering an Account Takeover Vulnerabilityhttps://medium.com/@cybershree/a-security-researchers-journey-uncovering-an-account-takeover-vulnerability-624763bd4ecd?source=rss------bug_bounty-5Shridhar Rajaputcybersecurity, security, bug-bounty-tips, vulnerability, bug-bounty18-Oct-2024
The Harsh Reality of Bug Bounty Hunting Bugcrowdhttps://medium.com/@cybershree/the-harsh-reality-of-bug-bounty-hunting-on-bugcrowd-aac3b29e9f43?source=rss------bug_bounty-5Shridhar Rajaputbugcrowd, cybersecurity, bugbounty-writeup, bugs, bug-bounty18-Oct-2024
Exploring Session Hijacking: How Attackers Compromise Web Sessionshttps://medium.com/@mrutunjayasenapati0/exploring-session-hijacking-how-attackers-compromise-web-sessions-6a1c78e6c718?source=rss------bug_bounty-5Mrutunjaya Senapativulnerability, bug-bounty, sessions, bug-bounty-tips, hacking18-Oct-2024
IDOR: User Information Disclosurehttps://systemweakness.com/idor-user-information-disclosure-7c6951a55a7a?source=rss------bug_bounty-5Aswin Thambi Panikulangaracybersecurity, bug-bounty, hacking, bug-bounty-tips, bugbounty-writeup18-Oct-2024
How Do Hackers Crack ANY Softwarehttps://medium.com/@TahirAyoub/how-do-hackers-crack-any-software-8e8e201bb169?source=rss------bug_bounty-5Tahir Ayoubhacking, bug-bounty, cybersecurity, medium, pentesting18-Oct-2024
Business logic vulnerability : Permanent Comments lockhttps://sayedv2.medium.com/business-logic-vulnerability-permanent-comments-lock-f118087967ba?source=rss------bug_bounty-5Mohamed Sayedsecurity, bug-bounty, cybersecurity, business-logic, infosec18-Oct-2024
How I Earned $150 for Reporting a Simple Parameter Bughttps://medium.com/@janmaciejewski07/how-i-earned-150-for-reporting-a-simple-parameter-bug-90734441dcd5?source=rss------bug_bounty-5Jan Maciejewskiprogramming, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-program18-Oct-2024
Easy P3 Bug: A Spoofing Vulnerabilityhttps://medium.com/@cybershree/easy-p3-bug-a-spoofing-vulnerability-ca73a62b6f48?source=rss------bug_bounty-5Shridhar Rajaputcybersecurity, penetration-testing, bug-bounty, linkedin, information-technology18-Oct-2024
Easy P4 Bug #2: Account Deletion Lacks Password Verificationhttps://medium.com/@cybershree/p4-bug-2-account-deletion-lacks-password-verification-a8633a00c9fc?source=rss------bug_bounty-5Shridhar Rajaputcybersecurity, bugs, security-research, bug-bounty, information-technology18-Oct-2024
Easy P4 Bug : Failure to Invalidate Sessions Post Password Changehttps://medium.com/@cybershree/easy-p4-bug-failure-to-invalidate-sessions-post-password-change-56a3aee9e8cc?source=rss------bug_bounty-5Shridhar Rajaputcybersecurity, bug-bounty, information-technology, hackerone, ethical-hacking18-Oct-2024
The Harsh Reality of Bug Bounty Hunting on Bugcrowdhttps://medium.com/@cybershree/the-harsh-reality-of-bug-bounty-hunting-on-bugcrowd-aac3b29e9f43?source=rss------bug_bounty-5Shridhar Rajaputbugcrowd, cybersecurity, bugbounty-writeup, bugs, bug-bounty18-Oct-2024
Microsoft Unveils macOS Vulnerability: A Deep Dive into the HM Surf Flaw ️https://medium.com/@wiretor/microsoft-unveils-macos-vulnerability-a-deep-dive-into-the-hm-surf-flaw-%EF%B8%8F-1bb8b77b2a63?source=rss------bug_bounty-5WIRE TORcybersecurity, cve, bug-bounty, hacking, zero-day18-Oct-2024
Hong Kong Crime Ring Swindles Victims Out of $46M Using Deepfakeshttps://medium.com/@wiretor/hong-kong-crime-ring-swindles-victims-out-of-46m-using-deepfakes-9dc8cb713248?source=rss------bug_bounty-5WIRE TORhacking, usa, shell, sql, bug-bounty18-Oct-2024
Omni Family Health Impacts 470,000 Individualshttps://medium.com/@wiretor/omni-family-health-impacts-470-000-individuals-d20a82cd0ac8?source=rss------bug_bounty-5WIRE TORusa, sql, rce, bug-bounty, hacking18-Oct-2024
Another Dark Reality of Bug Huntinghttps://medium.com/@akashmotkar001/another-dark-reality-of-bug-hunting-6539c60dac31?source=rss------bug_bounty-5Akashmotkarethical-hacking, hacking, bug-bounty, bugs, cybersecurity18-Oct-2024
How Do Hackers Crack ANY Softwarehttps://medium.com/h7w/how-do-hackers-crack-any-software-8e8e201bb169?source=rss------bug_bounty-5Tahir Ayoubhacking, bug-bounty, cybersecurity, medium, pentesting18-Oct-2024
Bug Bounty Tools that make you Rich and Independent and Help earn upto $100–$50,000https://medium.com/@anandrishav2228/bug-bounty-tools-that-make-you-rich-and-independent-and-help-earn-upto-100-50-000-eddc92485bae?source=rss------bug_bounty-5Rishav anandhacking, tools, bug-bounty, money, cybersecurity17-Oct-2024
Bug Bounty Millionaires: Are You Missing Out on Easy Money?https://medium.com/@paritoshblogs/bug-bounty-millionaires-are-you-missing-out-on-easy-money-e5b10a9e2cc1?source=rss------bug_bounty-5Paritoshinformation-technology, cybersecurity, money, bug-bounty, hacking17-Oct-2024
Electron JS Application Penetration Testinghttps://medium.com/@ajaynaikhack/electron-js-application-penetration-testing-b0809af324f6?source=rss------bug_bounty-5Ajay Naikcybersecurity, bug-bounty, information-security, electronjs, penetration-testing17-Oct-2024
How to Find XSS in Bug Bounty Programs: A Step-by-Step Guide with Source Code Exampleshttps://medium.com/@shaikhminhaz1975/how-to-find-xss-in-bug-bounty-programs-a-step-by-step-guide-with-source-code-examples-804e4b8a225d?source=rss------bug_bounty-5Shaikh Minhazcybersecurity, step-by-step-guide, penetration-testing, xss-attack, bug-bounty17-Oct-2024
Your approach to finding XSS would change after you read thishttps://medium.com/@nireshpandian19/your-approach-to-finding-xss-would-change-after-you-read-this-8292fcafefc1?source=rss------bug_bounty-5JAI NIRESH Jidor-vulnerability, bug-bounty, cybersecurity, bug-bounty-writeup, idor17-Oct-2024
Electron JS Application Penetration Testinghttps://infosecwriteups.com/electron-js-application-penetration-testing-b0809af324f6?source=rss------bug_bounty-5Ajay Naikcybersecurity, bug-bounty, information-security, electronjs, penetration-testing17-Oct-2024
E-commerce website vulnerability bounty practice sharing(II)https://medium.com/@security.tecno/e-commerce-website-vulnerability-bounty-practice-sharing-ii-739d47705908?source=rss------bug_bounty-5TECNO Securitysecurity, hacking, bonus, bug-bounty17-Oct-2024
IDOR lead to Restriction Bypass!!https://kumarmohank889.medium.com/idor-lead-to-restriction-bypass-7f42d593ffd4?source=rss------bug_bounty-5Mohan Kumar Nbug-bounty-tips, bug-bounty, bug-bounty-writeup, cybersecurity, hacking17-Oct-2024
Over 7 Million WooCommerce Sites Affected by a Simple HTML Injection: CVE-2024–9944 Analysishttps://dropn0w.medium.com/over-7-million-woocommerce-sites-affected-by-a-simple-html-injection-cve-2024-9944-analysis-ce81c918c39a?source=rss------bug_bounty-5dropcve, cybersecurity, bug-bounty, woocommerce, wordpress17-Oct-2024
Advanced IDOR Exploitation: Discovering Hidden Vulnerabilities Through Delayed Object Creationhttps://medium.com/@ashfquejahan5/advanced-idor-exploitation-discovering-hidden-vulnerabilities-through-delayed-object-creation-beb9da9e036f?source=rss------bug_bounty-5jahanajbug-bounty, idor, web17-Oct-2024
Unmasking Server-Side Request Forgery (SSRF): How Attackers Exploit Internal Systemshttps://medium.com/@mrutunjayasenapati0/unmasking-server-side-request-forgery-ssrf-how-attackers-exploit-internal-systems-286b5b71a46a?source=rss------bug_bounty-5Mrutunjaya Senapatibug-bounty, vulnerability, ethical-hacking, hacking, ssrf-attack17-Oct-2024
Bug Bounty — IDOR lead to Restriction Bypass!!https://kumarmohank889.medium.com/idor-lead-to-restriction-bypass-7f42d593ffd4?source=rss------bug_bounty-5Mohan Kumar Nbug-bounty-tips, bug-bounty, bug-bounty-writeup, cybersecurity, hacking17-Oct-2024
Maximizing Web3 Security with Bug Bounty Program Datahttps://securrtech.medium.com/maximizing-web3-security-with-bug-bounty-program-data-1434315dbcdb?source=rss------bug_bounty-5Securrweb3-security, blockchain-technology, bug-bounty, smart-contract-auditing, web317-Oct-2024
Walkthrough for the Appointment Machine — Hack The Box (HTB) Challengehttps://medium.com/@jessemridley/walkthrough-for-the-appointment-machine-hack-the-box-htb-challenge-b228fe34e2f5?source=rss------bug_bounty-5Jesse Ridleyethical-hacking, cybersecurity, bug-bounty, technology, penetration-testing17-Oct-2024
FROM OUT OF SCOPE TO ACCEPTEDhttps://medium.com/@nightcoders0/from-out-of-scope-to-accepted-4f52e626b734?source=rss------bug_bounty-5Nightcodersbugs, bug-bounty-writeup, ethical-hacking, bug-bounty, bug-bounty-tips17-Oct-2024
Hack The Box Challenge: Day 4 — Knowledge Check Walkthroughhttps://medium.com/@jessemridley/hack-the-box-challenge-day-4-knowledge-check-walkthrough-ce22f62d0854?source=rss------bug_bounty-5Jesse Ridleycybersecurity, freelancing, technology, bug-bounty, hacking17-Oct-2024
Payload Pursuit: XSS Challengehttps://medium.com/@josh.beck2006/payload-pursuit-xss-challenge-40105e34379c?source=rss------bug_bounty-5Josh Beckcybersecurity, ctf-writeup, bug-bounty, ctf17-Oct-2024
ACCESS MEDIUM PAID BLOGS FOR YOUR RESEARCH IN BUG BOUNTYhttps://medium.com/@anonymousshetty2003/access-medium-paid-blogs-for-your-research-in-bug-bounty-b19395d20e0b?source=rss------bug_bounty-5Anonymousshettycybersecurity, hacking, ethical-hacking, bug-bounty17-Oct-2024
$600 Bug Bounty: How I Poked Microservices and Got Paid!https://osintteam.blog/600-bug-bounty-how-i-poked-microservices-and-got-paid-9e1bbe0f45e8?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitvulnerability, programming, cybersecurity, bug-bounty, penetration-testing17-Oct-2024
Breaking News: Sudan Brothers Charged in DDoS Attack Service Disruption!https://medium.com/@wiretor/breaking-news-sudan-brothers-charged-in-ddos-attack-service-disruption-856290eb0dfb?source=rss------bug_bounty-5WIRE TORusa, virus, bug-bounty, hacking, trojan17-Oct-2024
Vulnerability Discovered in Kubernetes Image Builder!https://medium.com/@wiretor/vulnerability-discovered-in-kubernetes-image-builder-5846cf32cb80?source=rss------bug_bounty-5WIRE TORbug-bounty, usa, hacking, europe, virus17-Oct-2024
Use Case: Bypassing In-App Purchase By Payment Client-Side Validationhttps://secfathy0x1.medium.com/use-case-bypassing-in-app-purchase-by-payment-client-side-validation-e87e2c775a9c?source=rss------bug_bounty-5Mohamed K. Fathybug-bounty-writeup, hacking, bug-bounty, android, cybersecurity17-Oct-2024
I Can Crash Anyone’s Instagram Post - Zero Day-Permanent DoS | Meta | BugBounty | 2024https://prathapilango.medium.com/i-can-crash-anyones-instagram-post-zero-day-permanent-dos-meta-bugbounty-2024-a2e50ac15caf?source=rss------bug_bounty-5Prathapilangocyebrsecurity, bug-bounty, bug-bounty-writeup, meta-bug-bounty, info-sec-writeups17-Oct-2024
Admin Panel Takeover Using a Leaky JS Filehttps://medium.com/@RaunakGupta1922/admin-panel-takeover-using-a-leaky-js-file-dc41fac0f86d?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitjavascript, programming, technology, bug-bounty, cybersecurity16-Oct-2024
How I Deleted Users from the Database on Private Bug Bounty Programhttps://medium.com/@sharp488/how-i-deleted-users-from-the-database-on-private-bug-bounty-program-f1939e83dd6f?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbugs, bug-bounty, information-technology, information-security, bug-bounty-tips16-Oct-2024
Birdie Flies in to Save the Day: Our Custom Bug Tracking Tool for Android & iOS Appshttps://engineering.probo.in/birdie-flies-in-to-save-the-day-our-custom-bug-tracking-tool-for-android-ios-apps-3834ab2bc434?source=rss------bug_bounty-5Probocoding, app-development, engineering, bug-bounty, prediction-markets16-Oct-2024
How Website Workhttps://medium.com/@Joshua_su/how-website-work-3df5e4e93a61?source=rss------bug_bounty-5Joshua Suksakorncurl, cybersecurity, website, bug-bounty16-Oct-2024
How to Find API Bugs and Earn Big with Bug Bounties upto $20,000https://medium.com/@anandrishav2228/how-to-find-api-bugs-and-earn-big-with-bug-bounties-upto-20-000-12358743fcf9?source=rss------bug_bounty-5Rishav anandmoney, api, bug-bounty, hacker, cybersecurity16-Oct-2024
Admin Panel Takeover Using a Leaky JS Filehttps://osintteam.blog/admin-panel-takeover-using-a-leaky-js-file-dc41fac0f86d?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitjavascript, programming, technology, bug-bounty, cybersecurity16-Oct-2024
Quantity Manipulation Allows Purchases at Reduced Priceshttps://medium.com/@abdelrahman0x01/quantity-manipulation-allows-purchases-at-reduced-prices-d2e998b82a02?source=rss------bug_bounty-5Abdelrahman0x01bug-bounty, information-security, cybersecurity, penetration-testing, cyberattack16-Oct-2024
How I do my recon and end up finding hidden assets and vulnerabilities before anyone else Pt.1https://medium.com/@demonia/how-i-do-my-recon-and-end-up-finding-hidden-assets-and-vulnerabilities-before-anyone-else-pt-1-30777f987c93?source=rss------bug_bounty-5Mohammed Diefreconnaissance, bug-bounty, hacking, bug-bounty-tips, cybersecurity16-Oct-2024
Cracking the HTB Cap Box: A Step-by-Step Walkthroughhttps://medium.com/@vignesh6872610/cracking-the-htb-cap-box-a-step-by-step-walkthrough-0b08a4fff3f9?source=rss------bug_bounty-5Vignesh Pcap, hackthebox, retiredmachine, bug-bounty-tips, bug-bounty16-Oct-2024
How to Earn money online using Cybersecurity knowledgehttps://medium.com/@rashad.desk/how-to-earn-money-online-using-cybersecurity-knowledge-ece1078969f4?source=rss------bug_bounty-5Rashadul Islamfreelancing, cybersecurity, earn-money-online, bug-bounty16-Oct-2024
Unauthorized SQL Injection: Turning ‘No Entry’ Signs into Dollar Signs!https://medium.com/@Xt3sY/unauthorized-sql-injection-turning-no-entry-signs-into-dollar-signs-80dcf1168dbd?source=rss------bug_bounty-5Pushkar Bhagatbug-bounty, hacking, hackerone, bugcrowd, hacker16-Oct-2024
Hidden Reflected XSS via Android Application in VDPhttps://cyb3rc4t.medium.com/hidden-reflected-xss-via-android-application-in-vdp-68f4210196f1?source=rss------bug_bounty-5CYB3RC4Tbug-bounty-tips, security, infosec, android-pentesting, bug-bounty16-Oct-2024
Insecure direct object referenceshttps://medium.com/@codingbolt.in/insecure-direct-object-references-8daea91886f4?source=rss------bug_bounty-5codingboltbug-bounty, ethical-hacking, idor, cybersecurity, owasp16-Oct-2024
User ID controlled by request parameter with password disclosurehttps://medium.com/@codingbolt.in/user-id-controlled-by-request-parameter-with-password-disclosure-98e4f9ebe167?source=rss------bug_bounty-5codingboltethical-hacking, owasp, owasp-top-10, bug-bounty, cybersecurity16-Oct-2024
User ID controlled by request parameter with data leakage in redirecthttps://medium.com/@codingbolt.in/user-id-controlled-by-request-parameter-with-data-leakage-in-redirect-65b571611c7b?source=rss------bug_bounty-5codingboltcybersecurity, ethical-hacking, owasp-top-10, owasp, bug-bounty16-Oct-2024
User ID controlled by request parameter, with unpredictable user IDshttps://medium.com/@codingbolt.in/user-id-controlled-by-request-parameter-with-unpredictable-user-ids-b9e12542330d?source=rss------bug_bounty-5codingboltcybersecurity, bug-bounty, owasp-top-10, ethical-hacking, owasp16-Oct-2024
User ID controlled by request parameterhttps://medium.com/@codingbolt.in/user-id-controlled-by-request-parameter-7a0bb3006f68?source=rss------bug_bounty-5codingboltcybersecurity, owasp, owasp-top-10, bug-bounty, ethical-hacking16-Oct-2024
User role can be modified in user profilehttps://medium.com/@codingbolt.in/user-role-can-be-modified-in-user-profile-eb1a28631358?source=rss------bug_bounty-5codingboltcybersecurity, bug-bounty, owasp-top-10, owasp, ethical-hacking16-Oct-2024
Exposing Vulnerabilities: The Power of Google Dorking in Cybersecurity Part-2https://medium.com/@abhilov/exposing-vulnerabilities-the-power-of-google-dorking-in-cybersecurity-part-2-90dbf2e68ded?source=rss------bug_bounty-5Abhilov Guptabug-bounty, dorking, google, cybersecurity, hacking16-Oct-2024
HOW I FIND XXS REFLECTED IN 5 SEChttps://medium.com/@mr.matrex00.7/xxxs-reflected-in-external-programme-1d234bd3b3c3?source=rss------bug_bounty-5Mr Matrexxss-attack, xss-vulnerability, hunter, bug-bounty16-Oct-2024
WAF Bypass — Parameter Poisoninghttps://medium.com/@unrealdenis2020/waf-bypass-parameter-poisoning-21ad6e0db83c?source=rss------bug_bounty-5E1nZwaf, bugbounty-writeup, waf-bypass, parameter-poisoning, bug-bounty16-Oct-2024
Hidden Reflected XSS via Android Application in VDPhttps://cyb3rc4t.medium.com/hidden-reflected-xss-via-android-application-in-vdp-68f4210196f1?source=rss------bug_bounty-5CYB3RC4Tbug-bounty-tips, cybersecurity, infosec, bug-bounty, hackerone16-Oct-2024
Zero-Hero Hacker By Reading. Top 5 Books Designed For Hackers | Primary Hacking School #7https://medium.com/@nnface/zero-hero-hacker-by-reading-top-5-books-designed-for-hackers-primary-hacking-school-7-559618b200b3?source=rss------bug_bounty-5NnFacecybersecurity, linux, hacking, bug-bounty, kali-linux16-Oct-2024
How Google Dorking Helps me to Earn more than $2,000 in Bug Bounty.https://medium.com/@anandrishav2228/how-google-dorking-helps-me-to-earn-more-than-2-000-in-bug-bounty-b2ac959b3905?source=rss------bug_bounty-5Rishav anandcybersecurity, google, bug-bounty, money, advanced15-Oct-2024
5 Cybersecurity Projects You Can Build This Weekend (with Python)https://medium.com/@paritoshblogs/5-cybersecurity-projects-you-can-build-this-weekend-with-python-74bf03c3ba5d?source=rss------bug_bounty-5Paritoshbug-bounty, python, coding, cybersecurity, hacking15-Oct-2024
Perform a Command Injection Attack in Large Language Models (LLMs)https://medium.com/@360Security/perform-a-command-injection-attack-in-large-language-models-llms-86cd7db5e528?source=rss------bug_bounty-5360 Securitypenetration-testing, llm, cybersecurity, bug-bounty, ai15-Oct-2024
Sensitive Information Disclosure (Critical Finding)https://medium.com/@bughunt789/sensitive-information-disclosure-critical-finding-8fcbd7fe1704?source=rss------bug_bounty-5BUG HUNTERbắc, bug-bounty, sensitive-information, idor15-Oct-2024
Best AI Tool Used by Hacker 2025https://medium.com/@TahirAyoub/best-ai-tool-used-by-hacker-2025-715ab6ac8843?source=rss------bug_bounty-5Tahir Ayoubai, hacking, cybersecurity, ethical-hacking, bug-bounty15-Oct-2024
Google Dorks for Bug Bounty | Find Sensitive Informationhttps://medium.com/@shardulsawant67/google-dorks-for-bug-bounty-find-sensitive-information-6ed3e165bc02?source=rss------bug_bounty-5Shardul Sawantenumeration, hacking, google-dork, google-hacking, bug-bounty15-Oct-2024
The 50 Ultimate Fuzzing Guide for Bug Bounty Hunters: Mastering FUZZINGhttps://medium.com/@pankajkryadav1/the-50-ultimate-fuzzing-guide-for-bug-bounty-hunters-mastering-fuzzing-9f70e5474dc5?source=rss------bug_bounty-5Pankaj kr Yadavbug-bounty-tips, bug-bounty, fuzzing, web-security, ethical-hacking15-Oct-2024
How I got Account Take Over in a Bug Bounty Programhttps://hiroki-sawada.medium.com/how-i-got-account-take-over-in-a-bug-bounty-program-df3412c46274?source=rss------bug_bounty-5Hiroki Sawadabugcrowd, xss-attack, account-takeover, bug-bounty, hackerone15-Oct-2024
Mass Account Takeover via simple IDOR and funny OTP Bypasshttps://medium.com/@manibharathi.b/mass-account-takeover-via-simple-idor-and-funny-otp-bypass-23c12979e92d?source=rss------bug_bounty-5Mani Bharathi Bbug-bounty, hacker, cybersecurity, ethical-hacking, bug-bounty-tips15-Oct-2024
Insufficient Workflow Validationhttps://medium.com/@rcxsecurity/insufficient-workflow-validation-795d90f881dc?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafepenetration-testing, cybersecurity, hacking, information-security, bug-bounty15-Oct-2024
How I Discovered My First Bug: Worth $150 for Information Exposure Through Debug Logs (CWE-215)https://medium.com/@rupaitanudas/how-i-discovered-my-first-bug-worth-150-for-information-exposure-through-debug-logs-cwe-215-6a66dd10b21b?source=rss------bug_bounty-5Rupaitanudasyeswehack, hacking, ethical-hacking, hackerone, bug-bounty15-Oct-2024
How I Accessed an Admin Panel Without Touching the Keyboardhttps://medium.com/@ranjanyadav2003/how-i-accessed-an-admin-panel-without-touching-the-keyboard-43ad45a06f8d?source=rss------bug_bounty-5Ranjan_Yadavbug-bounty, hacking, cybersecurity, web-security, programming15-Oct-2024
How I Accidentally Deleted My Medium Account While Hacking Medium (Oops)https://medium.com/@vivekps143/how-i-accidentally-deleted-my-medium-account-while-hacking-medium-oops-82aa44c6bc69?source=rss------bug_bounty-5Vivek PSbug-hunter, bloging, automation, developer, bug-bounty15-Oct-2024
Peeling Back the Layers: Exploring Critical Security Flaws in Chatbot Systemshttps://medium.com/@tusharpuri6/peeling-back-the-layers-exploring-critical-security-flaws-in-chatbot-systems-940e14d62ac6?source=rss------bug_bounty-5Tusharpuriinfosec, bug-bounty, application-security, penetration-testing, offensive-security15-Oct-2024
Attacking organisations with big scope: Part 2https://medium.com/@sabirasdev/attacking-organisations-with-big-scope-part-2-6a0ee0387551?source=rss------bug_bounty-5S A B I Rcybersecurity, cyberattack, reconnaissance, bug-bounty, dorking15-Oct-2024
Best AI Tool Used by Hacker 2025https://infosecwriteups.com/best-ai-tool-used-by-hacker-2025-715ab6ac8843?source=rss------bug_bounty-5Tahir Ayoubai, hacking, cybersecurity, ethical-hacking, bug-bounty15-Oct-2024
How I Accessed an Admin Panel Without Touching the Keyboardhttps://medium.com/@ranjanyadav2003/how-i-accessed-an-admin-panel-without-touching-the-keyboard-43ad45a06f8d?source=rss------bug_bounty-5Ranjanbug-bounty, hacking, cybersecurity, web-security, programming15-Oct-2024
OAuth: A Backdoor in Disguise — a $7500 Study Casehttps://xdead4f.medium.com/oauth-a-backdoor-in-disguise-a-7500-study-case-3383a4012295?source=rss------bug_bounty-50xdead4fcyber-sec, security-reseach, cybersecurity, bug-bounty, cyber-security-writeup14-Oct-2024
Web3 BBP journal:https://medium.com/@harryfyx/web3-bbp-journal-777d830f35d0?source=rss------bug_bounty-5hhhkbweb3, bug-bounty14-Oct-2024
Passively Found Secrets in Javascript File on a Private Bug Bounty Programhttps://medium.com/@sharp488/passively-found-secrets-in-javascript-file-on-a-private-bug-bounty-program-36eb29c2a35c?source=rss------bug_bounty-5Sharat Kaikolamthuruthilbug-bounty, bug-bounty-tips, burpsuite-extension, burpsuite, bug-bounty-writeup14-Oct-2024
Bug bounty programs pada aplikasi Laravel memungkinkan penemuan celah keamanan (vulnerabilities)…https://medium.com/@_azwar/bug-bounty-programs-pada-aplikasi-laravel-memungkinkan-penemuan-celah-keamanan-vulnerabilities-7db40b405794?source=rss------bug_bounty-5azwarbug-bounty, vulnerability, laravel14-Oct-2024
ColdRoot Malwarehttps://medium.com/@reemmoslem34/coldroot-malware-de44cf04e319?source=rss------bug_bounty-5Rem Khalidbug-bounty, cyberattack, cybersecurity, hacking, malware14-Oct-2024
Zerologon Exploithttps://medium.com/@reemmoslem34/zerologon-exploit-ce83a5a8ef3b?source=rss------bug_bounty-5Rem Khalidbug-bounty, hacking, malware, cybersecurity, cyberattack14-Oct-2024
List of the Best Free Labs to Start Learning Cybersecurity on TryHackMehttps://medium.com/@malwarilia/list-of-the-best-free-labs-to-start-learning-cybersecurity-on-tryhackme-b94c1803c496?source=rss------bug_bounty-5Marília Rochabug-bounty, information-security, cybersecurity, pentest, cyberattack14-Oct-2024
Finding XSS Vulnerabilities and earn upto $200-$10,000 easily .https://medium.com/@anandrishav2228/finding-xss-vulnerabilities-and-earn-upto-200-10-000-easily-0aab2c725882?source=rss------bug_bounty-5Rishav anandcompany, xss-attack, bug-bounty, cybersecurity, money14-Oct-2024
Bug on ParrotCTFhttps://infosecwriteups.com/bug-on-parrotctf-e64424b0d043?source=rss------bug_bounty-5SIDHARTH PANDAparrotctf, bug-bounty, extention, hacking14-Oct-2024
TERGET WEBSITE RECON PROCESShttps://medium.com/@MdAktarujaman.ehp/terget-website-recon-process-d8e38649782e?source=rss------bug_bounty-5Md Aktarujjamanbug-bounty, hacking, penetration-testing, target, website14-Oct-2024
GraphQL Hacking 101: Finding and Exploiting APIs for Fun and Profithttps://medium.com/@v1xtron/graphql-hacking-101-finding-and-exploiting-apis-for-fun-and-profit-af34b5ea15f3?source=rss------bug_bounty-5v1xtrongraphql, reconnaissance, bug-bounty-tips, bug-bounty, penetration-testing14-Oct-2024
Attacking organisation with big scope: Part 1https://medium.com/@sabirasdev/attacking-organisation-with-big-scope-part-1-631fdc00e973?source=rss------bug_bounty-5S A B I Rcyber-security-awareness, reconnaissance, cybersecurity, bug-bounty14-Oct-2024
10 Habits to Become A PRO Hacker!https://medium.com/@TahirAyoub/10-habits-to-become-a-pro-hacker-3c826b650192?source=rss------bug_bounty-5Tahir Ayoubbug-bounty, habits, hacking, cybersecurity, ethical-hacking14-Oct-2024
JWT Authentication Bypass leads to Admin Control Panelhttps://infosecwriteups.com/jwt-authentication-bypass-leads-to-admin-control-panel-dfa6efcdcbf5?source=rss------bug_bounty-5Hohkybug-bounty, bug-bounty-writeup, account-takeover, jwt-token, hacking14-Oct-2024
❤Bug Bounty tool List❤https://medium.com/@shardulsawant67/bug-bounty-tool-list-fee6620c0048?source=rss------bug_bounty-5Shardul Sawantbug-bounty-tool, website-hosting, bug-bounty, bug-bounty-tips, web-enumeration14-Oct-2024
Social media account hijacking — VDPhttps://medium.com/@embossdotar/social-media-account-hijacking-vdp-fa674b25af44?source=rss------bug_bounty-5embossdotarcybersecurity, bug-bounty, it-security, vulnerability, hacking14-Oct-2024
Exposing 100,000 User Data : Massive API Bug Exposinghttps://medium.com/@360Security/exposing-100-000-user-data-massive-api-bug-exposing-037b56cfe98d?source=rss------bug_bounty-5360 Securitycybersecurity, bug-bounty, penetration-testing, information-security, api-security14-Oct-2024
10 Habits to Become A PRO Hacker!https://osintteam.blog/10-habits-to-become-a-pro-hacker-3c826b650192?source=rss------bug_bounty-5Tahir Ayoubbug-bounty, habits, hacking, cybersecurity, ethical-hacking14-Oct-2024
Blind SSRF Vulnerabilityhttps://medium.com/@guravtushar231/blind-ssrf-vulnerability-97d2f1decfe6?source=rss------bug_bounty-5Tushar_infosecbug-bounty, cybersecurity, ethical-hacking, ssrf, hacking14-Oct-2024
Pokémon Developer Game Freak Hacked: 2,600 Employees’ Data Leaked!https://medium.com/@wiretor/pok%C3%A9mon-developer-game-freak-hacked-2-600-employees-data-leaked-9e00ad9b3b0e?source=rss------bug_bounty-5WIRE TORvirus, pentest, malware, bug-bounty, hacking14-Oct-2024
10 Habits to Become A PRO Hacker!https://infosecwriteups.com/10-habits-to-become-a-pro-hacker-3c826b650192?source=rss------bug_bounty-5Tahir Ayoubbug-bounty, habits, hacking, cybersecurity, ethical-hacking14-Oct-2024
0dSSRF | Automate Finding SSRF & External Service Interactions & Open Redirectshttps://kariiem.medium.com/0dssrf-automate-finding-ssrf-external-service-interactions-open-redirects-944be6770a02?source=rss------bug_bounty-5Kariiem Gamalbug-bounty, bug-bounty-tips, ssrf, web-pen-testing, pentesting14-Oct-2024
P4 bug’s and their POC steps | Part 6https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-6-8e3aa981673a?source=rss------bug_bounty-5socalledhackerbugs, infosec, web-security, bug-bounty, cybersecurity14-Oct-2024
IDOR chained with JWT token cracking leads to edit, view and deletion of 160000 user accounts.https://aswinthambipanik07.medium.com/idor-chained-with-jwt-token-cracking-leads-to-edit-view-and-deletion-of-160000-user-accounts-65e65e6dc1f1?source=rss------bug_bounty-5Aswin Thambi Panikulangarabug-bounty, bug-bounty-tips, jwt, hacking, cybersecurity13-Oct-2024
No Rate Limit on Forgot Password: Leading to Email Flooding or mail bombinghttps://medium.com/@mrutunjayasenapati0/no-rate-limit-on-forgot-password-leading-to-email-flooding-or-mail-bombing-c68d842d6eaf?source=rss------bug_bounty-5Mrutunjaya Senapaticybersecurity, linux, hunting, bug-bounty, hacking13-Oct-2024
How I got Time Based SQL Injection in an Old Public Bug Bounty Programhttps://medium.com/@kshunya/how-i-got-time-based-sql-injection-in-an-old-public-bug-bounty-program-f6260cd4e75e?source=rss------bug_bounty-5Vishal Barotethical-hacking, bug-bounty, vapt, cybersecurity, penetration-testing13-Oct-2024
IDOR : Step by Step guide to Account Takeover of Any Userhttps://medium.com/@360Security/idor-step-by-step-guide-to-account-takeover-of-any-user-cb90bbcfd0fc?source=rss------bug_bounty-5360 Securityinformation-security, cybersecurity, bug-bounty, penetration-testing, vulnerability13-Oct-2024
Recon Nədir və Niyə Əhəmiyyətlidir? : Zəifliklərin Aşkar Edilməsi və Etik Hakerlik (Bölüm 2)https://zeynalxan.medium.com/recon-n%C9%99dir-v%C9%99-niy%C9%99-%C9%99h%C9%99miyy%C9%99tlidir-z%C9%99iflikl%C9%99rin-a%C5%9Fkar-edilm%C9%99si-v%C9%99-etik-hakerlik-b%C3%B6l%C3%BCm-2-c4b554db0c8e?source=rss------bug_bounty-5Zeynalxan Quliyevrecon, recon-nece-edilir, bug-bounty-tips, recon-nədir, bug-bounty13-Oct-2024
⚠️ How to crash a PC Forever ⚠️https://medium.com/@emailrajdeepmishra/%EF%B8%8F-how-to-crash-a-pc-forever-%EF%B8%8F-09aa122c1844?source=rss------bug_bounty-5RAJDEEP MISHRAbug-bounty, cybersecurity, ethical-hacking, crash, bugs13-Oct-2024
Breaking the Game: Score Manipulation and Leaderboard Takeoverhttps://aminudin.medium.com/breaking-the-game-score-manipulation-and-leaderboard-takeover-b3ab16d02060?source=rss------bug_bounty-5Aminudinbug-bounty-tips, bug-bounty-writeup, bugs, bug-bounty13-Oct-2024
A Deep Dive into Subdomain Management Using SubScopehttps://medium.com/@hunthubspace/a-deep-dive-into-subdomain-management-using-subscope-43f8653b4593?source=rss------bug_bounty-5hunThubpenetration-testing, bug-bounty, bug-bounty-tips, cybersecurity, automation13-Oct-2024
Bypassing Location Restrictions on a Android App Using Fridahttps://medium.com/@omdubey170/hello-pentester-07209d5d8d42?source=rss------bug_bounty-5Omdubeyandroid, bug-bounty, android-pentesting, hacking, cybersecurity13-Oct-2024
The Great Photo Heist: IDOR Vulnerability Strikes Againhttps://rofes1337.medium.com/the-great-photo-heist-idor-vulnerability-strikes-again-6ed9a47c8c74?source=rss------bug_bounty-5Yousef Muhammedelkhirhackerone, bug-bounty, poc, idor-vulnerability, idor-poc13-Oct-2024
Creating a Honeypot: A Practical Guide to Understanding Cybersecurity Threatshttps://medium.com/@paritoshblogs/creating-a-honeypot-a-practical-guide-to-understanding-cybersecurity-threats-9d2e63e90892?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, cybersecurity, hacking, honeypot13-Oct-2024
“The Biggest Mistake Holding You Back in Bug Bounty Hunting: Why You’re Not Making Progress”https://medium.com/@mahdisalhi0500/the-biggest-mistake-holding-you-back-in-bug-bounty-hunting-why-youre-not-making-progress-1475eef8f04b?source=rss------bug_bounty-5CaptinSHArky(Mahdi)infosec, hacking, ethical-hacking, cybersecurity, bug-bounty13-Oct-2024
Cracking WordPress Security with WPScan: A Bug Bounty Hunter’s Journey ️️‍♂️https://medium.com/@gouravrathod8788/cracking-wordpress-security-with-wpscan-a-bug-bounty-hunters-journey-%EF%B8%8F-%EF%B8%8F-%EF%B8%8F-c9389c94cc6b?source=rss------bug_bounty-5Gourav Singh Rajputcybersecurity, bug-bounty, bug-bounty-tips, wordpress13-Oct-2024
From simple recon to PWN wordpress admin panel writeuphttps://ro0od.medium.com/from-simple-recon-to-pwn-wordpress-admin-panel-writeup-622156a1c9b2?source=rss------bug_bounty-5roodbug-bounty, writeup, infosec-write-ups, infosec13-Oct-2024
How to create a custom daemon using shell scriptshttps://medium.com/@mysticraganork66/how-to-create-a-custom-daemon-using-shell-scripts-ce27c13657d1?source=rss------bug_bounty-50verlo0kedhacking, cybersecurity, writeup, daemon, bug-bounty13-Oct-2024
Unleashing the Power of Kali Linux Daemonshttps://systemweakness.com/unleashing-the-power-of-kali-linux-daemons-c19133db43ec?source=rss------bug_bounty-50verlo0kedbug-bounty, penetration-testing, docker, hacking, cybersecurity13-Oct-2024
Cache Deception | 450$https://medium.com/@0x_karim/cache-deception-450-a02cd655b33f?source=rss------bug_bounty-50xkarimbug-bounty, bug-bounty-tips, hacking, web-security, bugs13-Oct-2024
OAuth Misconfiguration: How I Hijacked Accounts with 0 Clicks and Got Paid!https://osintteam.blog/oauth-misconfiguration-how-i-hijacked-accounts-with-0-clicks-and-got-paid-df8f7a20b438?source=rss------bug_bounty-5Raunak Gupta Aka Biscuittechnology, programming, cybersecurity, bug-bounty, javascript13-Oct-2024
Open Redirect to XSS to Account Takeover to $$$$https://osintteam.blog/open-redirect-to-xss-to-account-takeover-to-de8739f9a4f0?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitjavascript, technology, programming, cybersecurity, bug-bounty13-Oct-2024
UNION Tabanlı SQL Injectionhttps://medium.com/@kenes7667/union-tabanl%C4%B1-sql-injection-bcc023156b64?source=rss------bug_bounty-5EnessKoçbug-bounty, sql-injection12-Oct-2024
Automation in Cyber Defence: The Future of Securing Digital Frontiershttps://medium.com/@paritoshblogs/automation-in-cyber-defence-the-future-of-securing-digital-frontiers-992fa1ceb552?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, coding, cybersecurity, automation12-Oct-2024
Clickjacking Is Worth Reporting Nowadays? | Removing all confusion on Clickjacking bugs.https://medium.com/@the.air.cyborg/clickjacking-is-worth-reporting-nowadays-removing-all-confusion-on-clickjacking-bugs-a1c77fc4e5b8?source=rss------bug_bounty-5the_air_cyborgclickjacking, bug-bounty-tips, bugbounty-writeup, bug-bounty, vulnerability12-Oct-2024
Port Scanning Essentials for Bug Bounty Researchershttps://bevijaygupta.medium.com/port-scanning-essentials-for-bug-bounty-researchers-de52c6aa7b8a?source=rss------bug_bounty-5Vijay Guptabug-bounty, port-scanning, bounty-program, bugs, bug-bounty-tips12-Oct-2024
Cracking ATO via Email HTML Injectionhttps://medium.com/@dsmodi484/cracking-ato-via-email-html-injection-edd19c8e1b8f?source=rss------bug_bounty-5Dishant Modiemail, injection, vulnerability, html, bug-bounty12-Oct-2024
How I Discovered Account Takeover (ATO) via Cross-Site Scripting (XSS)https://osintteam.blog/how-i-discovered-account-takeover-ato-via-cross-site-scripting-xss-34698ee54009?source=rss------bug_bounty-5JEETPALato, bug-bounty-tips, xss-attack, bug-bounty, bug-bounty-writeup12-Oct-2024
Understanding Server-Side Request Forgery (SSRF): A Critical Web Vulnerabilityhttps://medium.com/@mrutunjayasenapati0/understanding-server-side-request-forgery-ssrf-a-critical-web-vulnerability-11a7ee2d87f7?source=rss------bug_bounty-5Mrutunjaya Senapatiowasp, vulnerability, hacking, ssrf, bug-bounty12-Oct-2024
Cybersecurity Breach Forces Calgary Public Library to Shut Down All Locations ️https://medium.com/@wiretor/cybersecurity-breach-forces-calgary-public-library-to-shut-down-all-locations-%EF%B8%8F-f1c0921f40e8?source=rss------bug_bounty-5WIRE TORhacked, bug-bounty, hacker, data, breach12-Oct-2024
Unlocking Some Effective Information Gathering Methodologieshttps://medium.com/@prasanna.acharya/unlocking-some-effective-information-gathering-methodologies-1f67787019d1?source=rss------bug_bounty-5Prasanna Acharyabug-bounty, web-security, bug-bounty-tips, information-gathering, web-penetration-testing12-Oct-2024
From NA to P1, How i was able to get access to a Bank Admin Panelhttps://medium.com/@yousefmoh15/from-na-to-p1-how-i-was-able-to-get-access-to-a-bank-admin-panel-52e5f9ef7ef5?source=rss------bug_bounty-5Yousef Mohamedhacking, bug-bounty, wordpress, bugcrowd12-Oct-2024
Uncovering Path Traversal Vulnerabilities Through Host Monitoringhttps://mchklt.medium.com/uncovering-path-traversal-vulnerabilities-through-host-monitoring-c8abb65f48f5?source=rss------bug_bounty-5ABDELKARIM MOUCHQUELITAautomation, ethical-hacking, penetration-testing, bug-bounty-hunter, bug-bounty12-Oct-2024
Uncovering Path Traversal Through Host Monitoringhttps://mchklt.medium.com/uncovering-path-traversal-vulnerabilities-through-host-monitoring-c8abb65f48f5?source=rss------bug_bounty-5ABDELKARIM MOUCHQUELITAautomation, ethical-hacking, penetration-testing, bug-bounty-hunter, bug-bounty12-Oct-2024
Effective Port Scanning for Finding Vulnerabilities in Bug Bountieshttps://bevijaygupta.medium.com/effective-port-scanning-for-finding-vulnerabilities-in-bug-bounties-0c16871a7e0b?source=rss------bug_bounty-5Vijay Guptabug-bounty, bugs, bug-bounty-tips, vulnerability, port-scanning11-Oct-2024
Bug Hunting Recon Methodology | Part2 | LegionHunterhttps://osintteam.blog/bug-hunting-recon-methodology-part2-legionhunter-4bb925e3e1bf?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, pentesting, infosec, cybersecurity, bug-bounty-tips11-Oct-2024
How to Find SQL Vulnerabilities in Web Applications and Websites and Earn up to $500—$10,000https://medium.com/@anandrishav2228/how-to-find-sql-vulnerabilities-in-web-applications-and-websites-and-earn-up-to-500-10-000-f0935e9d4892?source=rss------bug_bounty-5Rishav anandbug-bounty, money, ai, cybersecurity, india11-Oct-2024
How I Made $6,200 in a Single Bug Bounty Using SubdomainRadar.iohttps://medium.com/@alexandrevandammepro/how-i-made-6-200-in-a-single-bug-bounty-using-subdomainradar-io-a557f2baae0b?source=rss------bug_bounty-5Alexandre Vandammepentesting, cybersecurity, osint, bug-bounty, bug-bounty-tips11-Oct-2024
How I Got $250 with a Weak Signup Flowhttps://infosecwriteups.com/how-i-got-250-with-a-weak-signup-flow-3d87d34059fa?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitbug-bounty, technology, programming, cybersecurity11-Oct-2024
Hacking Documentaries and Movies for Bug Bounty Huntershttps://medium.com/cyberscribers-exploring-cybersecurity/hacking-documentaries-and-movies-for-bug-bounty-hunters-92e02b6ab264?source=rss------bug_bounty-5Tahir Ayoubcybersecurity, documentary, hacking, security, bug-bounty11-Oct-2024
CVE-2024–0195 Improper Control of Generation of Code (‘Code Injection’)https://infosecwriteups.com/cve-2024-0195-improper-control-of-generation-of-code-code-injection-c292836e03ec?source=rss------bug_bounty-5Ajay Naikvulnerability, bugs, bug-bounty, cyber-security-awareness, cybersecurity11-Oct-2024
Introduction to Netcathttps://medium.com/@Code_With_Ssn/introduction-to-netcat-af57e11ee756?source=rss------bug_bounty-5N4!TR0 07bug-bounty-writeup, bug-bounty-tips, netcat, bug-bounty, cybersecurity11-Oct-2024
One Cookie Paid Me $500 in under a minutehttps://medium.com/@nireshpandian19/one-cookie-paid-me-500-in-under-a-minute-8a9fb1a034ae?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty-tips, cybersecurity, programming, technology, bug-bounty11-Oct-2024
Lenfi Successfully Concludes Its Bug Bounty Programhttps://medium.com/@lenfi/lenfi-successfully-concludes-its-bug-bounty-program-e317df3967b2?source=rss------bug_bounty-5Lenfidefi, bug-bounty, cardano, project-catalyst, lenfi11-Oct-2024
File Path Traversal Sequences Stripped Non-Recursivelyhttps://medium.com/@rcxsecurity/file-path-traversal-sequences-stripped-non-recursively-6d8a6a2d92d4?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafeinformation-security, cybersecurity, red-team, penetration-testing, bug-bounty11-Oct-2024
Understanding Security Logging and Monitoring Failures: A Crucial Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-security-logging-and-monitoring-failures-a-crucial-vulnerability-in-web-security-d63a7b42062e?source=rss------bug_bounty-5Mrutunjaya Senapatihacking, vulnerability, bugs, bug-bounty, owasp11-Oct-2024
How I discovered 2FA bypass leading to potential ATO lead funds loss in a web3https://medium.com/@jeetpal2007/how-i-discovered-2fa-bypass-leading-to-potential-ato-lead-funds-loss-in-a-web3-dc19f5588fbd?source=rss------bug_bounty-5JEETPALcybersecurity, bug-bounty, bugbounty-writeup, ato, web311-Oct-2024
How I discovered 2FA bypass leading to potential ATO lead funds loss in a web3https://medium.com/h7w/how-i-discovered-2fa-bypass-leading-to-potential-ato-lead-funds-loss-in-a-web3-e498ce26b29e?source=rss------bug_bounty-5JEETPALbug-bounty, bugbounty-writeup, ato, web3, cybersecurity11-Oct-2024
Broken Access Control Vulnerability in an Order Management Systemhttps://medium.com/@omdubey170/broken-access-control-vulnerability-in-an-order-management-system-8a1097b03926?source=rss------bug_bounty-5Omdubeybug-bounty, infosec, hacking, cybersecurity, vulnerability11-Oct-2024
Effective Domain Management for Bug Bounty Programs Using SubScopehttps://medium.com/@hunthubspace/effective-domain-management-for-bug-bounty-programs-using-subscope-f74b7a0db428?source=rss------bug_bounty-5hunThubprogramming, penetration-testing, automation, bug-bounty, bug-bounty-tips11-Oct-2024
Endpoint confusion lead to 2FA bypasshttps://medium.com/@mohamed0xmuslim/endpoint-confusion-lead-to-2fa-bypass-67015dbb4c70?source=rss------bug_bounty-5Muhammad_Mostafabug-bounty-hunter, bug-bounty, bug-bounty-writeup, penetration-testing, bug-bounty-tips11-Oct-2024
CVE-2024-44000 - WordPress Debug Log Exposure Leading to Session Cookie Hijackinghttps://infosecwriteups.com/cve-2024-44000-wordpress-debug-log-exposure-leading-to-session-cookie-hijacking-afcfada02c44?source=rss------bug_bounty-5Ajay Naikvulnerability, vulnerability-management, penetration-testing, cybersecurity, bug-bounty11-Oct-2024
Bypass WAF & Grab a $200 Bug Bounty!https://osintteam.blog/bypass-waf-grab-a-200-bug-bounty-4442621cd90a?source=rss------bug_bounty-5Raunak Gupta Aka Biscuittechnology, bug-bounty, cybersecurity, javascript, programming11-Oct-2024
Firefox&Chrome extensions for bugbounty hunters.https://osintteam.blog/firefox-chrome-extensions-for-bugbounty-hunters-4006707ee87b?source=rss------bug_bounty-5loyalonlytodaycybersecurity, hacking, penetration-testing, bug-bounty, tips11-Oct-2024
Bypass WAF & Grab a $300 Bug Bounty!https://osintteam.blog/bypass-waf-grab-a-200-bug-bounty-4442621cd90a?source=rss------bug_bounty-5Raunak Gupta Aka Biscuittechnology, bug-bounty, cybersecurity, javascript, programming11-Oct-2024
Unlocking the Potential of OSINT: Shaping the Future of Intelligence in Our Data-Driven Worldhttps://medium.com/@narayanadasbalaji2004/unlocking-the-potential-of-osint-shaping-the-future-of-intelligence-in-our-data-driven-world-b0cda62d6bb5?source=rss------bug_bounty-5Narayanadas Balajihacking, osint, cybersecurity, bugbounty-tips, bug-bounty10-Oct-2024
Streamlining Your Bug Bounty Projects: Adding and Managing Programs via SubScopehttps://medium.com/@hunthubspace/streamlining-your-bug-bounty-projects-adding-and-managing-programs-via-subscope-e394acfdf711?source=rss------bug_bounty-5hunThubautomation, bug-bounty-tips, bug-bounty, penetration-testing, cybersecurity10-Oct-2024
How I Earned $250 for Reporting a simple Bug To CodaPaymentshttps://medium.com/@aligoodluck427/how-i-earned-250-for-reporting-a-simple-bug-to-codapayments-b8f1be275138?source=rss------bug_bounty-5Aligoodluckbugbounty-tips, bug-bounty, bugbounty-automation, bugbounty-writeup, bugbounty-poc10-Oct-2024
First Bug, Big Win: How a $100 IDOR Bug Kicked-off My Bug Bounty Journeyhttps://dukrov.medium.com/first-bug-big-win-how-a-100-idor-bug-kicked-off-my-bug-bounty-journey-69e2e7179477?source=rss------bug_bounty-5͏ ͏Dukrovhackerone, bugbounty-tips, hacking, cybersecurity, bug-bounty10-Oct-2024
How i got my first Letter of Appreciation + Hall of Famehttps://rivudon.medium.com/how-i-got-my-first-letter-of-appreciation-hall-of-fame-a3c0079e60ef?source=rss------bug_bounty-5Rivek Raj Tamang ( RivuDon )bug-bounty-tips, bug-bounty, infosec, information-security, cybersecurity10-Oct-2024
Critical IDOR Vulnerability leads to PII leakagehttps://snc0pe.medium.com/critical-idor-vulnerability-leads-to-pii-leakage-684795ede850?source=rss------bug_bounty-5Snc0pebug-bounty, web-app-security, idor10-Oct-2024
How to Use ChatGPT Effectively for Bug Bounty Huntinghttps://medium.com/@anandrishav2228/how-to-use-chatgpt-effectively-for-bug-bounty-hunting-47ff0762139e?source=rss------bug_bounty-5Rishav anandchatgpt, money, ai, bug-bounty, cybersecurity10-Oct-2024
The Truth About Bug Bounty Hunting.https://medium.com/@thebughunttribe/the-truth-about-bug-bounty-hunting-597e54acd2a0?source=rss------bug_bounty-5The Hunt Tribebug-bounty-hunter, bug-bounty, bugs, bugbounty-tips, bugbounty-writeup10-Oct-2024
Forced OAuth Profile Linking Lead to Account Takeoverhttps://medium.com/@0xtal3at/forced-oauth-profile-linking-lead-to-account-takeover-954114158818?source=rss------bug_bounty-50Xtal3atbug-bounty, bugbounty-writeup, cybersecurity10-Oct-2024
Understanding Software and Data Integrity Failures: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-software-and-data-integrity-failures-a-critical-vulnerability-in-web-security-9d3f96f20bb9?source=rss------bug_bounty-5Mrutunjaya Senapatihacking, bugs, bug-bounty, vulnerability, owasp10-Oct-2024
Bypassing Multiple Checks on Android Applications: A Security Researcher’s Experiencehttps://medium.com/@sc128496/bypassing-multiple-checks-on-android-applications-a-security-researchers-experience-2ec1a3005b60?source=rss------bug_bounty-5Sahil Choudharyandroid, pentesting, bug-bounty, cybersecurity, reverse-engineering10-Oct-2024
How i found my first open redirecthttps://medium.com/@yagomartins30/how-i-found-my-first-open-redirect-cd9ca60d307d?source=rss------bug_bounty-5Yago Martinshacking, bug-bounty, programming, writeup, pentesting10-Oct-2024
Top 10 Cybersecurity Tools Every Business Should Use in 2024https://cyberconsultingcompany.medium.com/top-10-cybersecurity-tools-every-business-should-use-in-2024-f7b93c208722?source=rss------bug_bounty-5Cyber Consulting Companycyber, cyber-security-awareness, cyber-security-solutions, bug-bounty, cyber-security-services09-Oct-2024
Unlock Unlimited Access to ChatGPT-4: A Step-by-Step Guide to Using Images and Files Without Limitshttps://medium.com/@shaikhminhaz1975/unlock-unlimited-access-to-chatgpt-4-a-step-by-step-guide-to-using-images-and-files-without-limits-0f1db3ca57d8?source=rss------bug_bounty-5Shaikh Minhazbug-bounty, gpt-4, cybersecurity, free, chatgpt09-Oct-2024
Bug Hunting Recon Methodology | Part1 | LegionHunterhttps://systemweakness.com/bug-hunting-recon-methodology-part1-legionhunter-975b7bbe3231?source=rss------bug_bounty-5AbhirupKonwarbug-bounty, pentesting, bug-hunting, legionhunter, bug-bounty-tips09-Oct-2024
Port Scanning Demystified for Bug Bounty Successhttps://bevijaygupta.medium.com/port-scanning-demystified-for-bug-bounty-success-a820c2c632cd?source=rss------bug_bounty-5Vijay Guptaport-scanning, bug-bounty-tips, bugs, bug-zero, bug-bounty09-Oct-2024
E-commerce website vulnerability bounty practice sharing: Pre-Authentication takeover, API security…https://medium.com/@security.tecno/e-commerce-website-vulnerability-bounty-practice-sharing-pre-authentication-takeover-api-security-b27b51edfaff?source=rss------bug_bounty-5TECNO Securityhacking, web, security, bug-bounty09-Oct-2024
How I Found SSRF in 5 minuteshttps://medium.com/@gguzelkokar.mdbf15/how-i-found-ssrf-in-5-minutes-a3a58e3d53e1?source=rss------bug_bounty-5Gökhan Güzelkokarbug-bounty, web-security, application-security, hacking, ssrf09-Oct-2024
Curated List of Awesome Hacker Search Engines for Penetration Testing and Cybersecurity…https://osintteam.blog/curated-list-of-awesome-hacker-search-engines-for-penetration-testing-and-cybersecurity-9f0b9cb63a1d?source=rss------bug_bounty-5Ajay Naikvulnerability, information-security, cybersecurity, bug-bounty, bug-bounty-tips09-Oct-2024
How to Start Your Hacking Journey and Choose the Right Role in Cybersecurityhttps://medium.com/@harshkatiyar5556/how-to-start-your-hacking-journey-and-choose-the-right-role-in-cybersecurity-9eff1ec5e7f2?source=rss------bug_bounty-5Harsh Katiyarethical-hacking, bug-bounty, careers, penetration-testing, cybersecurity09-Oct-2024
My Active Subdomain Enumeration Techniquehttps://mr-abdullah.medium.com/my-active-subdomain-enumeration-technique-57a508343fc4?source=rss------bug_bounty-5Mr Abdullahbug-bounty, web-hacking, enumeration, hacking, information09-Oct-2024
SSRF via Flawed Request Parsinghttps://medium.com/@rcxsecurity/ssrf-via-flawed-request-parsing-7b32a119f047?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafepenetration-testing, information-security, hacking, cybersecurity, bug-bounty09-Oct-2024
Understanding Identification and Authentication Failures: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-identification-and-authentication-failures-a-critical-vulnerability-in-web-security-88a4bcbcc783?source=rss------bug_bounty-5Mrutunjaya Senapatibug-bounty, bugs, vulnerability, hacking, owasp09-Oct-2024
Understanding Vulnerable and Outdated Components: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-vulnerable-and-outdated-components-a-critical-vulnerability-in-web-security-f8a9a9ae0b10?source=rss------bug_bounty-5Mrutunjaya Senapatiowasp, hacking, bug-bounty, vulnerability, bugs09-Oct-2024
No Easy P1s on the fly if your site runs WP or Drupalhttps://medium.com/@nireshpandian19/no-easy-p1s-on-the-fly-if-your-site-runs-wp-or-drupal-a7700650f86b?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty, wordpress, bug-bounty-writeup, ethical-hacking, idor09-Oct-2024
Finding a no ratelimit bug on invite teammate page.https://osintteam.blog/finding-a-no-ratelimit-bug-on-invite-teammate-page-02c97e845b00?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, cybersecurity, bug-bounty, tips, hacking09-Oct-2024
Easy P1s on the fly if your site runs WP or Drupalhttps://medium.com/@nireshpandian19/no-easy-p1s-on-the-fly-if-your-site-runs-wp-or-drupal-a7700650f86b?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty, wordpress, bug-bounty-writeup, ethical-hacking, idor09-Oct-2024
Race Condition leads to Cache Poisoning ?!https://ltidi.medium.com/race-condition-leads-to-cache-poisoning-77bdfb9483fd?source=rss------bug_bounty-5LTiDiweb-cache-poisoning, bug-bounty08-Oct-2024
Unlocking Hidden Vulnerabilities: How to Automate Your Bug Bounty Game with GitHub Actionshttps://theshaco.com/unlocking-hidden-vulnerabilities-how-to-automate-your-bug-bounty-game-with-github-actions-3f6c9501fe64?source=rss------bug_bounty-5Khaleel Khanhacking, bug-bounty, bug-bounty-tips, cybersecurity, infosec08-Oct-2024
From Ports to Payouts: Scanning Strategies for Bug Bountieshttps://bevijaygupta.medium.com/from-ports-to-payouts-scanning-strategies-for-bug-bounties-a2861077a0d8?source=rss------bug_bounty-5Vijay Guptascanning, bug-bounty-tips, bug-bounty, payouts, ports08-Oct-2024
How I Discovered an Email Verification Bypasshttps://mo9khu93r.medium.com/how-i-discovered-an-email-verification-bypass-e487270a61d3?source=rss------bug_bounty-5mo9khu93rvulnerability, hacking, bug-bounty, cybersecurity, pentesting08-Oct-2024
Understanding and Detecting XSS Vulnerabilities: A Complete Guidehttps://medium.com/@anandrishav2228/understanding-and-detecting-xss-vulnerabilities-a-complete-guide-4d3a85e4bed0?source=rss------bug_bounty-5Rishav anandai, bug-bounty, testing, cybersecurity, money08-Oct-2024
A quick P2 vulnerability, just like that !https://medium.com/@nireshpandian19/a-quick-p2-vulnerability-just-like-that-5fc4f25f3b09?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty, hackerone, bug-bounty-writeup, idor, ethical-hacking08-Oct-2024
Methods to Bypass Captchas: A Deep Dive into Common Techniqueshttps://medium.com/@dasmanish6176/methods-to-bypass-captchas-a-deep-dive-into-common-techniques-309006f28923?source=rss------bug_bounty-5Dasmanishbug-bounty, ethical-hacking, vapt, captcha08-Oct-2024
How i found endpoints from reading hacker-one reportshttps://medium.com/@anonymousshetty2003/how-i-found-endpoints-from-reading-hacker-one-reports-20cfd6f0f62c?source=rss------bug_bounty-5Anonymousshettycybersecurity, hacking, dorking, bug-bounty08-Oct-2024
Blind XSS Practical Guide — Bug Bounty Tuesdayhttps://medium.com/@kerstan/blind-xss-practical-guide-bug-bounty-tuesday-3126bd52fae6?source=rss------bug_bounty-5kerstanhacking, cybersecurity, bug-bounty08-Oct-2024
ironCTF 2024 Writeuphttps://medium.com/@pphreak313/ironctf-2024-writeup-782f41854341?source=rss------bug_bounty-5Shlok Kctf-writeup, cybersecurity, bug-bounty, ctf08-Oct-2024
From 401 — Unauthorized Access to 3000 $ Bounty from Microsoft.https://medium.com/@bashir69emceeaka5/from-401-unauthorized-access-to-3000-bounty-from-microsoft-53b086379a08?source=rss------bug_bounty-5Bashir Mohammedred-team, microsoft, bug-bounty, bugbounty-writeup, security08-Oct-2024
How I Hacked an Admin Panel in Just 2 Minuteshttps://medium.com/@ranjanyadav2003/how-i-hacked-an-admin-panel-in-just-2-minutes-19d145820ee7?source=rss------bug_bounty-5Ranjan_Yadavbug-bounty, cybersecurity08-Oct-2024
CVE-2024–25600: WordPress Bricks Builder Remote Code Execution Vulnerability -$$$$ BOUNTYhttps://infosecwriteups.com/cve-2024-25600-wordpress-bricks-builder-remote-code-execution-vulnerability-bounty-997d488fd54e?source=rss------bug_bounty-5Ajay Naikbug-bounty, cyberattack, rewards, cybersecurity, information-technology08-Oct-2024
Exploiting NoSQL operator injection to extract unknown fieldshttps://medium.com/@codingbolt.in/exploiting-nosql-operator-injection-to-extract-unknown-fields-b0d58bea9bbe?source=rss------bug_bounty-5codingboltcybersecurity, bug-bounty, nosql-injection, nosql, ethical-hacking08-Oct-2024
Exploiting NoSQL injection to extract datahttps://medium.com/@codingbolt.in/exploiting-nosql-injection-to-extract-data-70fea37ed111?source=rss------bug_bounty-5codingboltethical-hacking, nosql-injection, cybersecurity, nosql, bug-bounty08-Oct-2024
Exploiting NoSQL operator injection to bypass authenticationhttps://medium.com/@codingbolt.in/exploiting-nosql-operator-injection-to-bypass-authentication-9239353b9424?source=rss------bug_bounty-5codingboltethical-hacking, nosql-injection, bug-bounty, cybersecurity, nosql08-Oct-2024
How Disabling 2FA Could End with a Bug?https://7odamoo.medium.com/hacking-hackerone-how-disabling-2fa-could-end-with-a-bug-b637c154ce06?source=rss------bug_bounty-5Mahmoud Hamedbug-bounty, pentesting08-Oct-2024
Breaking into the Shoutcast Server of a Multimedia Companyhttps://medium.com/@anonymousshetty2003/breaking-into-the-shoutcast-server-of-a-multimedia-company-e13dae3b17a3?source=rss------bug_bounty-5Anonymousshettycybersecurity, hacking, bug-bounty, vapt, wapt08-Oct-2024
Understanding Security Misconfiguration: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-security-misconfiguration-a-critical-vulnerability-in-web-security-4c87a5de4937?source=rss------bug_bounty-5Mrutunjaya Senapatihacking, owasp, bug-bounty, server-misconfiguration, vulnerability08-Oct-2024
Account Takeover via Hidden Parameters in BBPhttps://cyb3rc4t.medium.com/account-takeover-via-hidden-parameters-in-bbp-f65ce42ca96f?source=rss------bug_bounty-5CYB3RC4Tbounty-program, bug-bounty, infosec, account-takeover, hackerone8-Oct-2024
Using ‘Waymore’ to Uncover Archived Treasures and Customer Datahttps://sl4x0.medium.com/using-waymore-to-uncover-archived-treasures-and-customer-data-a969474447a7?source=rss------bug_bounty-5Abdelrhman Allam (sl4x0)bugcrowd, hackerone, web-security, pentesting, bug-bounty8-Oct-2024
How I got a 5000 $ Bounty from Microsofthttps://medium.com/@bashir69emceeaka5/how-i-got-a-5000-bounty-from-microsoft-fb2e27fd40f7?source=rss------bug_bounty-5Bashir Mohammedred-team, bug-bounty-tips, security, bug-bounty-writeup, bug-bounty8-Oct-2024
How I got a 5000 $ Bounty from Microsofthttps://medium.com/@bashir69emceeaka5/how-i-got-a-5000-bounty-from-microsoft-fb2e27fd40f7?source=rss------bug_bounty-5Bashir Mohamedred-team, bug-bounty-tips, security, bug-bounty-writeup, bug-bounty08-Oct-2024
From 401 — Unauthorized Access to 3000 $ Bounty from Microsoft.https://medium.com/@bashir69emceeaka5/from-401-unauthorized-access-to-3000-bounty-from-microsoft-53b086379a08?source=rss------bug_bounty-5Bashir Mohamedred-team, microsoft, bug-bounty, bugbounty-writeup, security08-Oct-2024
HOW TO INSTALL GO IN KALILINUX.https://osintteam.blog/how-to-install-go-in-kalilinux-95924b5e9cde?source=rss------bug_bounty-5loyalonlytodaybug-bounty, cybersecurity, hacking, go, tips08-Oct-2024
Top 10 BurpSuite Extensions Every Bug Bounty Hunter Needshttps://osintteam.blog/top-10-burpsuite-extensions-every-bug-bounty-hunter-needs-67b6fddf612b?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitprogramming, ethical-hacking, hacking, burpsuite, bug-bounty08-Oct-2024
Asset discovery with favicon hash.https://osintteam.blog/asset-discovery-with-favicon-hash-515d1c8a85cd?source=rss------bug_bounty-5loyalonlytodayhacking, tips, bug-bounty-tips, cybersecurity, bug-bounty07-Oct-2024
Finding a easy p4 as per bugcrowd vrthttps://osintteam.blog/finding-a-easy-p4-as-per-bugcrowd-vrt-3e5c132f28d0?source=rss------bug_bounty-5loyalonlytodaybugs, tips, bug-bounty, cybersecurity, hacking07-Oct-2024
Bug Bounty VS Motivationhttps://osintteam.blog/bug-bounty-vs-motivation-27c3c37f2c28?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitprogramming, motivation, hacking, cybersecurity, bug-bounty07-Oct-2024
Subdomain Enumeration | BBOT ✅>= Subfinder + Sublist3r + Assetfinder + Amass ❌https://medium.com/@kumawatabhijeet2002/subdomain-enumeration-bbot-subfinder-sublist3r-assetfinder-amass-e4880cf4ab5b?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, subdomain-takeover, subdomain-enumeration, bug-bounty, bug-bounty-writeup07-Oct-2024
Scanning Kerentanan Website zero.webappsecurity.comhttps://medium.com/@bimosp56/scanning-kerentanan-website-zero-webappsecurity-com-ce1d10f730b7?source=rss------bug_bounty-5Bimo Salasa Putracybersecurity, scanning, bug-bounty, vulnerabili, pentesting07-Oct-2024
Chinese Hackers Breach US Court Wiretap Systemhttps://medium.com/@wiretor/chinese-hackers-breach-us-court-wiretap-system-b7181fbe93b2?source=rss------bug_bounty-5WIRE TORcybersecurity, bug-bounty, hacking, pentesting, xss-attack07-Oct-2024
How a Simple Bug Could Have Taken Down Your Instagram Tagshttps://medium.com/@kiril.krivogyz/how-a-simple-bug-could-have-taken-down-your-instagram-tags-d3247e931c9d?source=rss------bug_bounty-5Kiril Krivogyzbug-bounty, bug-bounty-tips, bug-bounty-writeup, hacking, instagram07-Oct-2024
Accidental Exposure of Private GraphQL Fieldshttps://medium.com/@codingbolt.in/accidental-exposure-of-private-graphql-fields-729b3fb99471?source=rss------bug_bounty-5codingboltapi, bug-bounty, graphql, cybersecurity, api-penetration-testing07-Oct-2024
Exploiting server-side parameter pollution in a REST URLhttps://medium.com/@codingbolt.in/exploiting-server-side-parameter-pollution-in-a-rest-url-2ed599aafdbc?source=rss------bug_bounty-5codingboltcybersecurity, bugs, api-penetration-testing, api-testing, bug-bounty07-Oct-2024
Exploiting a mass assignment vulnerabilityhttps://medium.com/@codingbolt.in/exploiting-a-mass-assignment-vulnerability-07dd9e598302?source=rss------bug_bounty-5codingboltapi-testing, api-penetration-testing, bug-bounty, apihacking, cybersecurity07-Oct-2024
Finding and Exploiting an Unused API Endpointhttps://medium.com/@codingbolt.in/finding-and-exploiting-an-unused-api-endpoint-0a79f47f38f1?source=rss------bug_bounty-5codingboltbugs, cybersecurity, bug-bounty, api-penetration-testing, api-testing07-Oct-2024
Introducing Bug Bounty Program For Thorn Protocolhttps://thornprotocol.medium.com/introducing-bug-bounty-program-for-thorn-protocol-4d7a89d898e0?source=rss------bug_bounty-5Thorn Protocolbug-bounty07-Oct-2024
xmlrpc.php allows SSRF!https://take0verx0.medium.com/xmlrpc-php-allows-ssrf-5357049d43e9?source=rss------bug_bounty-5Shahariar Aminbug-bounty, cybersecurity, bug-bounty-tips07-Oct-2024
cURL for API Testing & Automation: Advanced Commands for Penetration Testers and Developershttps://theshaco.com/curl-for-api-testing-automation-advanced-commands-for-penetration-testers-and-developers-67b2ce7d8f4f?source=rss------bug_bounty-5Khaleel Khanhacking, infosec, kali-linux, cybersecurity, bug-bounty07-Oct-2024
Finding a Hidden GraphQL Endpointhttps://medium.com/@codingbolt.in/finding-a-hidden-graphql-endpoint-56001ab29f85?source=rss------bug_bounty-5codingboltgraphql, api, api-testing, cybersecurity, bug-bounty07-Oct-2024
How I Got my First Bounty €€ ?https://medium.com/@muralidharan1530/how-i-got-my-first-bounty-776e8487f9a0?source=rss------bug_bounty-5Murali Dharanbug-bounty-tips, bug-bounty-writeup, bug-bounty, bugs07-Oct-2024
Finding DOM XSS via File Uploadhttps://medium.com/@0Xdarsh/finding-dom-xss-via-file-upload-2a533a97cfaa?source=rss------bug_bounty-50Xdarshpentesting, web-penetration-testing, bug-hunting, bug-bounty07-Oct-2024
My 2nd bounty : Referer-based access control + Response manipulationhttps://medium.com/@adebayosec/my-2nd-bounty-referer-based-access-control-response-manipulation-2ab7f54d083f?source=rss------bug_bounty-5Toriouspenetration-testing, broken-access-control, hacking, bug-bounty, cybersecurity07-Oct-2024
Bypassing GraphQL brute force protectionshttps://medium.com/@codingbolt.in/bypassing-graphql-brute-force-protections-5cce7b3657c8?source=rss------bug_bounty-5codingboltapi, api-testing, cybersecurity, bug-bounty, graphql07-Oct-2024
First Bug report as a beginner in Bug Bountyhttps://blue3dot.medium.com/first-bug-report-as-a-beginner-in-bug-bounty-367e406cd960?source=rss------bug_bounty-5Manikanta Ginfo-sec-writeups, hackerone, cybersecurity, bug-bounty07-Oct-2024
How I found Cache Deception in a private bug bounty program.https://medium.com/@mos693570/how-i-found-cache-deception-in-a-private-bug-bounty-program-0e3056d15858?source=rss------bug_bounty-5Mo Salahweb-cache-deception, bug-bounty07-Oct-2024
IDOR Attack Slips Through the Cracks: Vulnerability Scanners Miss Critical Security Flaw!https://medium.com/@Aman-Gupta.cse/idor-attack-slips-through-the-cracks-vulnerability-scanners-miss-critical-security-flaw-c0061ea8c122?source=rss------bug_bounty-5Aman Guptabug-bounty, news, idor-vulnerability, cybersecurity, automation07-Oct-2024
tool to generate xss payloads.https://medium.com/h7w/tool-to-generate-xss-payloads-09bf1e519121?source=rss------bug_bounty-5loyalonlytodayhacking, bug-bounty-tips, cybersecurity, bug-bounty, xss-attack07-Oct-2024
5 Most Usefull Programming Language For Hackers | Primary Hacking School #6https://medium.com/@nnface/5-most-usefull-programming-language-for-hackers-primary-hacking-school-6-21b5979f0fe6?source=rss------bug_bounty-5NnFaceprogramming, kali-linux, cybersecurity, bug-bounty, hacking07-Oct-2024
How i get to find no rate limit bug worth $300https://medium.com/@sreejihkn43073/how-i-get-to-find-no-rate-limit-bug-worth-300-5036b0abbc7f?source=rss------bug_bounty-5Sreejihknbugcrowd, cybersecurity, bug-bounty, no-rate-limit, bug-bounty-tips06-Oct-2024
What To Do After Installing Kali #2? | Primary Hacking School #5https://medium.com/@nnface/what-to-do-after-installing-kali-2-primary-hacking-school-5-e9a4a8272dfa?source=rss------bug_bounty-5NnFacecybersecurity, hacking, kali-linux, bug-bounty, linux06-Oct-2024
Enhancing Vulnerability Detection: Leveraging Shodan and ChatGPT for Efficient CIDR Scanninghttps://medium.com/@malzureedi/enhancing-vulnerability-detection-leveraging-shodan-and-chatgpt-for-efficient-cidr-scanning-48970d4b94fa?source=rss------bug_bounty-5Malzureedired-team, bug-bounty-tips, cybersecurity, penetration-testing, bug-bounty06-Oct-2024
Exploiting server-side parameter pollution in a query stringhttps://medium.com/@codingbolt.in/exploiting-server-side-parameter-pollution-in-a-query-string-38768943c6ca?source=rss------bug_bounty-5codingboltbug-bounty-tips, bug-bounty, api-security, cybersecurity, bug-bounty-writeup06-Oct-2024
I Studied 100+ SSRF Reports, and Here’s What I Learnedhttps://infosecwriteups.com/i-studied-100-ssrf-reports-and-heres-what-i-learned-1654c72ee2df?source=rss------bug_bounty-5Aditya Sawantbug-bounty, cybersecurity, penetration-testing, appsec, bug-bounty-tips06-Oct-2024
Exploiting an API endpoint using documentationhttps://medium.com/@codingbolt.in/exploiting-an-api-endpoint-using-documentation-d07d3cedfddc?source=rss------bug_bounty-5codingboltbug-bounty, api-penetration-testing, cybersecurity, bug-bounty-tips, api-testing06-Oct-2024
High-Risk Vulnerabilities in Apache HTTP Server’s mod_proxy Encoding Problem Allow Authentication…https://infosecwriteups.com/high-risk-vulnerabilities-in-apache-http-servers-mod-proxy-encoding-problem-allow-authentication-cbe8d422738d?source=rss------bug_bounty-5Ajay Naikcybersecurity, cyberattack, bug-bounty, vulnerability, bug-bounty-tips06-Oct-2024
Understanding Insecure Design: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-insecure-design-a-critical-vulnerability-in-web-security-1185e989ba0c?source=rss------bug_bounty-5Mrutunjaya Senapatibug-bounty, vulnerability, insecure-design, owasp, hacking06-Oct-2024
How i found the rxss on hackerone vdp program?https://doordiefordream.medium.com/how-i-found-the-rxss-on-hackerone-vdp-program-c14530481c90?source=rss------bug_bounty-5balu bandiethical-hacking, cybersecurity, bug-bounty, xss-attack, bugs06-Oct-2024
How I Secured the Data of 15 Million Consumers: Uncovering Critical Vulnerabilities in Gujarat’s…https://medium.com/@yashprajapati791/how-i-secured-the-data-of-15-million-consumers-uncovering-critical-vulnerabilities-in-gujarats-6dc453323851?source=rss------bug_bounty-5Yash Virendra Prajapatiresponsible-disclosure, bug-bounty, unauthorized-access, trending, ethical-hacking06-Oct-2024
Conditional Error Blind SQLi — Real World vs. Portswigger Labshttps://medium.com/@rodriguezjorgex/conditional-error-blind-sqli-real-world-vs-portswigger-labs-75d8eaee8c13?source=rss------bug_bounty-5Rodriguezjorgexsql-injection, bug-bounty, hacking06-Oct-2024
Race Condition , Allows creation of unlimited projects, bypassing free-tier limits.https://dark0x.medium.com/race-condition-allows-creation-of-unlimited-projects-bypassing-free-tier-limits-109dd91c6783?source=rss------bug_bounty-5Mahmoud Hatem (0xDark)sybersecurity, bugs, bug-bounty, hacking, bug-bounty-writeup06-Oct-2024
Network Penetration Testing: A Comprehensive Guide to Securing Your Infrastructurehttps://systemweakness.com/network-penetration-testing-a-comprehensive-guide-to-securing-your-infrastructure-64ce44712dd2?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, technology, bug-bounty, hacking, careers06-Oct-2024
Why I Quit Bug Bounty Hunting 🙁https://infosecwriteups.com/why-i-quit-bug-bounty-hunting-95e81c907a6f?source=rss------bug_bounty-5Satyam Pathaniabug-bounty, technology, hacking, cybersecurity, information-technology06-Oct-2024
Critical Vulnerabilities in porte_plume plugin to Remote Exploits -$$$$ Bounty -CVE-2024–7954https://infosecwriteups.com/critical-vulnerabilities-in-porte-plume-plugin-to-remote-exploits-bounty-cve-2024-7954-3dbee45134ac?source=rss------bug_bounty-5Ajay Naikbug-bounty, rewards, information-security, cybersecurity, penetration-testing06-Oct-2024
Finding a easy bug in profile picture field.https://infosecwriteups.com/finding-a-easy-bug-in-profile-picture-field-a9b5f853a5bf?source=rss------bug_bounty-5loyalonlytodaycybersecurity, bug-bounty, bug-bounty-tips, hacking, penetration-testing06-Oct-2024
Unrestricted File Upload in AWS S3 Buckethttps://infosecwriteups.com/unrestricted-file-upload-in-aws-s3-bucket-2a764a3965f4?source=rss------bug_bounty-5mo9khu93rpentesting, aws, bug-bounty, hacking, cybersecurity06-Oct-2024
Understanding XSS Vulnerability For Beginners: A Deep Dive into Web Security Riskshttps://medium.com/@error.not.known.404/understanding-xss-vulnerability-a-deep-dive-into-web-security-risks-189276a2d695?source=rss------bug_bounty-5Errorhacking, bug-bounty, ethical-hacking, security, bug-bounty-tips06-Oct-2024
Write-Up — Telegram Anonymous Chat Hack Bothttps://medium.com/@EroHack/write-up-telegram-anonymous-chat-hack-bot-ad3497f813ed?source=rss------bug_bounty-5EroHackbug-bounty, telegram-bot, hacking, pentesting, writeup05-Oct-2024
Sensitive Data Leak using Cors Misconfiguration in prominent Domain Registrarhttps://infosecwriteups.com/sensitive-data-leak-using-cors-misconfiguration-in-prominent-domain-registrar-b3010e4e6501?source=rss------bug_bounty-5Ronak Patelbug-bounty, bug-bounty-writeup, ethical-hacking, information-security05-Oct-2024
SQL Injection Due To Weak Filtering in PHPhttps://medium.com/@bountyget/sql-injection-due-to-weak-filtering-in-php-51f9e8d705c0?source=rss------bug_bounty-5Dhiren Kumar Pradhansql-injection, info-sec-writeups, bug-bounty, secure-coding, infosec05-Oct-2024
Burp Suite and Android: A Step-by-Step Connection Guide #part 1https://medium.com/@mahdisalhi0500/burp-suite-and-android-a-step-by-step-connection-guide-part-1-550dab3aa4c5?source=rss------bug_bounty-5CaptinSHArky(Mahdi)penetration-testing, androidhacking, infosec, ethical-hacking, bug-bounty05-Oct-2024
Uncovering Hidden Vulnerabilities: How I Earned Two Bounties for the Same Issuehttps://medium.com/@milanjain7906/uncovering-hidden-vulnerabilities-how-i-earned-two-bounties-for-the-same-issue-f55cf960110d?source=rss------bug_bounty-5Milanjainbug-bounty, hacker, bugbounty-writeup, hacking, cybersecurity05-Oct-2024
Resource Exhaustion: Leveraging Denial-of-Service Attacks for Maximum Impacthttps://medium.com/@tusharpuri6/unleashing-the-chaos-my-dive-into-denial-of-service-dos-attacks-1ad06478b89a?source=rss------bug_bounty-5Tusharpuripenetration-testing, infosec, bug-bounty, application-security, offensive-security05-Oct-2024
#6. Bug Bounty Series: Vertical Privilege Escalation via Session Storagehttps://cyb3rmind.medium.com/6-bug-bounty-series-vertical-privilege-escalation-via-session-storage-be377380bfe4?source=rss------bug_bounty-5Cyb3r M!ndspenetration-testing, bug-bounty-tips, privilege-escalation, hacking, bug-bounty05-Oct-2024
Understanding Coordinated Vulnerability Disclosure (CVD) & Vulnerability Disclosure Programs (VDP)https://medium.com/@yotamperkal/understanding-coordinated-vulnerability-disclosure-cvd-vulnerability-disclosure-programs-vdp-27ea33c882e0?source=rss------bug_bounty-5Yotam Perkalinformation-security, cybersecurity, bug-bounty, ethical-hacking, vulnerability-management05-Oct-2024
Understanding Injection: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-injection-a-critical-vulnerability-in-web-security-7c5c5b692958?source=rss------bug_bounty-5Mrutunjaya Senapatiowasp, bug-bounty, hacking, injection, vulnerability05-Oct-2024
WHAT IS THE IMPORTANCE OF FINDING AQUISITIONS FOR BUG BOUNTY.https://osintteam.blog/what-is-the-importance-of-finding-aquisitions-for-bug-bounty-02688ef90553?source=rss------bug_bounty-5loyalonlytodaybug-bounty, tips, cybersecurity, hacking, bug-bounty-tips05-Oct-2024
Bug Bounty VS Procrastinationhttps://osintteam.blog/bug-bounty-vs-procrastination-66fadc0a3ace?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitprogramming, bug-bounty, patience, procrastination, cybersecurity05-Oct-2024
Subdomain Enumeration & Takeovers  (Part-3: Takeovers)https://medium.com/@bitthr3at/subdomain-enumeration-takeovers-part-3-takeovers-e5c2b66be7fa?source=rss------bug_bounty-5Naman Gupta (Bitthr3at)bug-bounty, recon, web, attack-surface, subdomain-takeover05-Oct-2024
Power of SQL Injection: How a Simple Query Can Lead to Complete Database Compromisehttps://cyberw1ng.medium.com/power-of-sql-injection-how-a-simple-query-can-lead-to-complete-database-compromise-11ddbefd9e9a?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, cybersecurity, technology, bug-bounty05-Oct-2024
Full Privilege Escalation from Agent to Admin Leads to Team Takeoverhttps://medium.com/@abdelrahman0x01/full-privilege-escalation-from-agent-to-admin-leads-to-team-takeover-2819507af2f1?source=rss------bug_bounty-5Abdelrahman0x01cybersecurity, cyberattack, bug-bounty-tips, penetration-testing, bug-bounty05-Oct-2024
My First XSS Vulnerability Discovery on WebApphttps://medium.com/@sultonhasan017/my-first-xss-vulnerability-discovery-on-webapp-60cfad40f67a?source=rss------bug_bounty-5Sulton hasanbug-bounty, dom-based-xss, xss-vulnerability, penetration-testing05-Oct-2024
Well, now that you’ve put your mind in the right direction and started testing a website, the first…https://medium.com/@shaikhminhaz1975/well-now-that-youve-put-your-mind-in-the-right-direction-and-started-testing-a-website-the-first-c900776d6f89?source=rss------bug_bounty-5Shaikh Minhazbrute-force, bug-bounty, ethical-hacking, cybersecurity, penetration-testing04-Oct-2024
Guarding the Gateway: Understanding and Preventing File Upload Attackshttps://medium.com/@wintersoldiers/guarding-the-gateway-understanding-and-preventing-file-upload-attacks-b116abd5eef0?source=rss------bug_bounty-5Winter_Soldiersfile-upload-vulnerability, web-security, hacking, bug-bounty, rce-vulnerability04-Oct-2024
Directory Brute-Forcing: All Methods You Need to Know — File Extension, Status Filter, and…https://medium.com/@shaikhminhaz1975/well-now-that-youve-put-your-mind-in-the-right-direction-and-started-testing-a-website-the-first-c900776d6f89?source=rss------bug_bounty-5Shaikh Minhazbrute-force, bug-bounty, ethical-hacking, cybersecurity, penetration-testing04-Oct-2024
SQL injection with filter bypass via XML encodinghttps://medium.com/@codingbolt.in/sql-injection-with-filter-bypass-via-xml-encoding-754808d7d29a?source=rss------bug_bounty-5codingboltbug-bounty, sql-injection-attack, sql-injection, bug-bounty-tips, cybersecurity04-Oct-2024
Identifying the LLM Attack Surface: A Beginner’s Guidehttps://medium.com/@360Security/identifying-the-llm-attack-surface-a-beginners-guide-190b6e1c0aba?source=rss------bug_bounty-5Anandllm, bug-bounty, vapt, penetration-testing, cybersecurity04-Oct-2024
GraphQL vs REST: Comparison and exploithttps://medium.com/@kabi_777/graphql-vs-rest-comparison-and-security-insights-f481f3389e43?source=rss------bug_bounty-5Kabi_777bug-bounty, bug-bounty-writeup, bug-bounty-hunter, cybersecurity, bug-bounty-tips04-Oct-2024
Unlocking Cybersecurity: The Power of Bug Bounty Programs in 2024https://medium.com/@eyowas1994/unlocking-cybersecurity-the-power-of-bug-bounty-programs-in-2024-d77d33137e64?source=rss------bug_bounty-5CyberSec Tacticsethical-hacking, bug-bounty, cybersecurity, hacking, web-security04-Oct-2024
From File Upload to Remote Code Execution (RCE)https://medium.com/@lukasz.wierzbicki/from-file-upload-to-remote-code-execution-rce-d8f210b22a8c?source=rss------bug_bounty-5Lukasz Wierzbickisecurity-testing, security-research, bug-bounty, pentesting, pentest04-Oct-2024
Broken Access Control — Unprotected admin functionalityhttps://medium.com/@codingbolt.in/broken-access-control-unprotected-admin-functionality-9905f57fa88a?source=rss------bug_bounty-5codingboltaccess-control, privilege-escalation, cybersecurity, bug-bounty, broken-access-control04-Oct-2024
A Methodology Guide to Bypassing RASP and Root Detection in Mobile Apps with Fridahttps://medium.com/@abhijithknamboothiri96/a-methodology-guide-to-bypassing-rasp-and-root-detection-in-mobile-apps-with-frida-17e4f97b88bc?source=rss------bug_bounty-5Abhijith Namboothirycybersecurity, mobile-pentesting, penetration-testing, bug-bounty, security04-Oct-2024
Understanding Cryptographic Failures: A Key Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-cryptographic-failures-a-key-vulnerability-in-web-security-bb024a4c41ca?source=rss------bug_bounty-5Mrutunjaya Senapatiowasp-top-10, bug-bounty, web-penetration-testing, cyrptography, hacking04-Oct-2024
How to choose the Correct Severity or CVSS Score for a Bug: A Practical Guidehttps://medium.com/@a13h1/how-to-choose-the-correct-severity-or-cvss-score-for-a-bug-a-practical-guide-7a83be0096f3?source=rss------bug_bounty-5Abhi Sharmacybersecurity, bug-bounty, bug-bounty-tips, hacking, infosec04-Oct-2024
Are you ready to take over entire infrastructure?https://medium.com/@alex122303q/are-you-ready-to-take-over-entire-infrastructure-a93d2a0f902c?source=rss------bug_bounty-5Nebtyctf, malicious-document, standoff365, bug-bounty, penetration-testing04-Oct-2024
US Trading Account Fund Exploit: An IDOR Vulnerability Walkthroughhttps://medium.com/@360Security/us-trading-account-fund-exploit-an-idor-vulnerability-walkthrough-a61ba5186874?source=rss------bug_bounty-5360 Securityvapt, web-security, bug-bounty, cybersecurity, penetration-testing04-Oct-2024
Identifying the LLM Attack Surface: A Beginner’s Guidehttps://medium.com/@360Security/identifying-the-llm-attack-surface-a-beginners-guide-190b6e1c0aba?source=rss------bug_bounty-5360 Securityllm, bug-bounty, vapt, penetration-testing, cybersecurity04-Oct-2024
Command Injection: How Exploiting User Input Can Lead to Full System Compromisehttps://systemweakness.com/command-injection-how-exploiting-user-input-can-lead-to-full-system-compromise-6becf5b981a1?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, hacking, technology, bug-bounty04-Oct-2024
one of the best tool for subdomains finding.https://osintteam.blog/one-of-the-best-tool-for-subdomains-finding-0769dff261f4?source=rss------bug_bounty-5loyalonlytodaybug-bounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips, hacking04-Oct-2024
easy bug bounty as a beginner part 1https://medium.com/@canonminibeast/easy-bug-bounty-as-a-beginner-part-1-38833747da8d?source=rss------bug_bounty-5Canonminibeasthacking-tools, hacking, web-penetration-testing, bug-bounty, bugbounty-poc04-Oct-2024
Are you ready to take over entire infrastructure?https://medium.com/@nebty/are-you-ready-to-take-over-entire-infrastructure-a93d2a0f902c?source=rss------bug_bounty-5Nebtyctf, malicious-document, standoff365, bug-bounty, penetration-testing04-Oct-2024
Some XSS Situationhttps://medium.com/@haticezkmnl/some-xss-situation-31fa64e113fe?source=rss------bug_bounty-5Hatice Zehra Kamanlıcyber, xss-attack, bug-bounty, exploitation, cybersecurity03-Oct-2024
OTP Bypass Methods | Bug Bountyhttps://medium.com/@arrheniuspaelongan09/otp-bypass-methods-bug-bounty-4a988573c12a?source=rss------bug_bounty-5Qchadprogramming, bug-bounty, penetration-testing, technology, hacking03-Oct-2024
Understanding Broken Access Control: A Critical Vulnerability in Web Securityhttps://medium.com/@mrutunjayasenapati0/understanding-broken-access-control-a-critical-vulnerability-in-web-security-6ebd33ad4d35?source=rss------bug_bounty-5Mrutunjaya Senapatibug-bounty, web-penetration-testing, owasp, hacking, broken-access-control03-Oct-2024
Hacker Kali Toolkit Zero-Hero | Primary Hacking School #4https://medium.com/@nnface/hacker-kali-toolkit-zero-hero-primary-hacking-school-4-a489aafb7f75?source=rss------bug_bounty-5NnFacelinux, cybersecurity, hacking, bug-bounty, kali-linux03-Oct-2024
Visible error-based SQL injectionhttps://medium.com/@codingbolt.in/visible-error-based-sql-injection-46b8bafe9059?source=rss------bug_bounty-5codingboltbug-bounty-tips, sql-injection, bug-bounty, sql-injection-attack, cybersecurity03-Oct-2024
Blind SQL injection with conditional errorshttps://medium.com/@codingbolt.in/blind-sql-injection-with-conditional-errors-f7c05ef531ad?source=rss------bug_bounty-5codingboltsql-injection, cybersecurity, sql-injection-attack, bug-bounty-tips, bug-bounty03-Oct-2024
Blind SQL injection with conditional responseshttps://medium.com/@codingbolt.in/blind-sql-injection-with-conditional-responses-7ffa3a1ac84d?source=rss------bug_bounty-5codingboltbug-bounty-tips, sql-injection, bug-bounty, sql-injection-attack, cybersecurity03-Oct-2024
SQL injection UNION attack, retrieving multiple values in a single columnhttps://medium.com/@codingbolt.in/sql-injection-union-attack-retrieving-multiple-values-in-a-single-column-ed5ce734abf2?source=rss------bug_bounty-5codingboltsql-injection-attack, cybersecurity, bug-bounty-tips, bug-bounty, sql-injection03-Oct-2024
SQL injection UNION attack, retrieving data from other tableshttps://medium.com/@codingbolt.in/sql-injection-union-attack-retrieving-data-from-other-tables-11cc211f5ad3?source=rss------bug_bounty-5codingboltsql-injection-attack, sql-injection, bug-bounty, cybersecurity, bug-bounty-tips03-Oct-2024
DNS — Port 53 — Pentestinghttps://medium.com/@verylazytech/dns-port-53-pentesting-7b8ca6307d54?source=rss------bug_bounty-5Very Lazy Techcybersecurity, bug-bounty, hacking, dns-exploit, dns03-Oct-2024
VDP: Broken Session Management Allows Unlimited Free Scans on Pentesting Websitehttps://medium.com/@enigma_/vdp-broken-session-management-allows-unlimited-free-scans-on-pentesting-website-99467dce1d3c?source=rss------bug_bounty-5enigmapenetration-testing, hacking, owasp, bug-bounty, bug-bounty-writeup03-Oct-2024
Subdomain Enumeration & Takeovers (Part-2: Active Enumeration)https://medium.com/@bitthr3at/subdomain-enumeration-takeovers-part-2-active-enumeration-304cb3381813?source=rss------bug_bounty-5Naman Gupta (Bitthr3at)recon, subdomain-enumeration, web, bug-bounty, attack-surface03-Oct-2024
How I hacked RD Sharma’s Publisher Website?https://abhayvis.medium.com/how-i-hacked-rd-sharmas-publisher-website-7a76b3cb12ae?source=rss------bug_bounty-5Abhay Vishwakarmasql-injection, hacking, bug-bounty03-Oct-2024
Blind SQL injection with out-of-band data exfiltrationhttps://medium.com/@codingbolt.in/blind-sql-injection-with-out-of-band-data-exfiltration-0a08129bfad5?source=rss------bug_bounty-5codingboltsql-injection, cybersecurity, bug-bounty-tips, sql-injection-attack, bug-bounty03-Oct-2024
Blind SQL injection with out-of-band interactionhttps://medium.com/@codingbolt.in/blind-sql-injection-with-out-of-band-interaction-e44f6f75bc47?source=rss------bug_bounty-5codingboltbug-bounty-tips, sql-injection-attack, cybersecurity, sql-injection, bug-bounty03-Oct-2024
Blind SQL injection with time delays and information retrievalhttps://medium.com/@codingbolt.in/blind-sql-injection-with-time-delays-and-information-retrieval-fa38f3618a99?source=rss------bug_bounty-5codingboltsql-injection-attack, cybersecurity, sql-injection, bug-bounty, bug-bounty-tips03-Oct-2024
Blind SQL injection with time delayshttps://medium.com/@codingbolt.in/blind-sql-injection-with-time-delays-94cc5d962902?source=rss------bug_bounty-5codingboltcybersecurity, sql-injection-attack, bug-bounty, sql-injection, bug-bounty-tips03-Oct-2024
Pre-Account Takeover via Facebook OAuth Misconfigurationhttps://nyein-chan-aung.medium.com/pre-account-takeover-via-facebook-oauth-misconfiguration-e16b984b7953?source=rss------bug_bounty-5Nyein Chan Aungbug-bounty-tips, takeovers, bug-bounty03-Oct-2024
XML External Entity (XXE) Injection: How Malicious XML Payloads Can Breach Your Applicationhttps://systemweakness.com/xml-external-entity-xxe-injection-how-malicious-xml-payloads-can-breach-your-application-4837f732781e?source=rss------bug_bounty-5Karthikeyan Nagarajtechnology, cybersecurity, hacking, bug-bounty, careers03-Oct-2024
How ChatGPT Made Me a Hacker.https://medium.com/@wajeehakhan9797/how-chatgpt-made-me-a-hacker-b89b1cce992b?source=rss------bug_bounty-5Wajeeha Khanlearning, openai, large-language-models, hacking, bug-bounty03-Oct-2024
Critical Vulnerabilities in DrayTek Vigor Routers: Over 700,000 Devices Exposed to Remote Exploits…https://infosecwriteups.com/critical-vulnerabilities-in-draytek-vigor-routers-over-700-000-devices-exposed-to-remote-exploits-2f3f731b50d9?source=rss------bug_bounty-5Ajay Naikcybersecurity, penetration-testing, bug-bounty, rewards, hacking03-Oct-2024
Blind SQL injection with out-of-band data exfiltrationhttps://systemweakness.com/blind-sql-injection-with-out-of-band-data-exfiltration-0a08129bfad5?source=rss------bug_bounty-5codingboltsql-injection, cybersecurity, bug-bounty-tips, sql-injection-attack, bug-bounty03-Oct-2024
Critical Information Disclosure Vulnerability via CNAME (AUTOMATED SCAN)https://offsec01.medium.com/critical-information-disclosure-vulnerability-via-cname-automated-scan-be0f6597ac5e?source=rss------bug_bounty-5Facundo Fernandezbug-bounty, penetration-testing, ethical-hacking, hacking, cybersecurity03-Oct-2024
https://forms.gle/bHE9FbPTuzYzREAz7https://medium.com/@a1il7j99h/https-forms-gle-bhe9fbptuzyzreaz7-5f9f5d561a4b?source=rss------bug_bounty-5Re$@T!l<cyber, bug-bounty, hacker02-Oct-2024
How I Earned $4000+ from a Simple Information Disclosure Bughttps://medium.com/@rajauzairabdullah/how-i-earned-4000-from-a-simple-information-disclosure-bug-d644c47803c1?source=rss------bug_bounty-5Raja Uzair Abdullahinformation-disclosure, bug-bounty-tips, bug-bounty, penetration-testing02-Oct-2024
Seri Belajar APT (Advanced Persistent Threat) Secara Sederhana Pada Target OS Linux — Pengumpulan…https://medium.com/@mrp.bpp/seri-belajar-apt-advanced-persistent-threat-secara-sederhana-pada-target-os-linux-pengumpulan-967c3c2f46cc?source=rss------bug_bounty-5Mada Perdhanahacking, apt, linux-hacking, bug-bounty, ethical-hacking-tips02-Oct-2024
Seri Belajar APT (Advanced Persistent Threat) Secara Sederhana Pada Target OS Linux — Pengumpulan…https://medium.com/@mrp.bpp/seri-belajar-apt-advanced-persistent-threat-secara-sederhana-pada-target-os-linux-pengumpulan-4cbd83db98af?source=rss------bug_bounty-5Mada Perdhanaapt, nmap, hacking, bug-bounty, ethical-hacking-tips02-Oct-2024
How i got my first bounty of $$$https://rivudon.medium.com/how-i-got-my-first-bounty-of-e163f970d1e0?source=rss------bug_bounty-5Rivek Raj Tamang ( RivuDon )infosec, hackerone, bug-bounty-tips, bug-bounty02-Oct-2024
Mastering Code Qualityhttps://python.plainenglish.io/mastering-code-quality-2f595404d547?source=rss------bug_bounty-5rahul bhatiacoverage, python, code-quality, bug-bounty, bug-detection02-Oct-2024
$175 Prototype Pollution Vulnerability — My first bountyhttps://1-day.medium.com/175-prototype-pollution-vulnerability-my-first-bounty-197738a32330?source=rss------bug_bounty-51daywriteup, penetration-testing, bug-bounty, hacking, bug-bounty-writeup02-Oct-2024
Boost Your Code Quality with Python Coveragehttps://python.plainenglish.io/mastering-code-quality-2f595404d547?source=rss------bug_bounty-5rahul bhatiacoverage, python, code-quality, bug-bounty, bug-detection02-Oct-2024
Comment j’ai découvert une vulnérabilité d’Information Disclosure sur un site que j’utilisehttps://medium.com/@Itachi0xf/comment-jai-d%C3%A9couvert-une-vuln%C3%A9rabilit%C3%A9-d-information-disclosure-sur-un-site-que-j-utilise-3a9fed9daa02?source=rss------bug_bounty-5Itachix0finformation-disclosure, hacking, apihacking, bug-bounty02-Oct-2024
How to Find Bugs and Vulnerabilities Using ChatGPT: Guaranteed Resultshttps://bevijaygupta.medium.com/how-to-find-bugs-and-vulnerabilities-using-chatgpt-guaranteed-results-288ff81dfe40?source=rss------bug_bounty-5Vijay Guptabugs, bug-bounty, vulnerability, bug-bounty-tips, chatgpt02-Oct-2024
SQL injection attack, listing the database contents on non-Oracle databaseshttps://medium.com/@codingbolt.in/sql-injection-attack-listing-the-database-contents-on-non-oracle-databases-718de8ba755a?source=rss------bug_bounty-5codingboltbugs, bug-bounty, cybersecurity, sql-injection, bug-bounty-tips02-Oct-2024
SQL injection UNION attack, determining the number of columns returned by the queryhttps://medium.com/@codingbolt.in/sql-injection-union-attack-determining-the-number-of-columns-returned-by-the-query-f04154bd5b3c?source=rss------bug_bounty-5codingboltsql-injection-attack, sql-injection, bug-bounty, bug-bounty-tips, cybersecurity02-Oct-2024
Exfiltration of Data from a Standalone PChttps://roadtooscp.medium.com/exfiltration-of-data-from-a-standalone-pc-00a538f0f773?source=rss------bug_bounty-5RoadToOSCPbug-bounty, hacking, red-teaming, malware, data-security02-Oct-2024
Découverte d’une vulnérabilité XSS avec contournement de la CSP via unpkg.comhttps://medium.com/@Itachi0xf/d%C3%A9couverte-dune-vuln%C3%A9rabilit%C3%A9-xss-avec-contournement-de-la-csp-via-unpkg-com-02437e0eac34?source=rss------bug_bounty-5Itachix0fhacking, xss-attack, csp-bypass, bug-bounty, xss-bypass02-Oct-2024
“A Vulnerability, A Treasure: Go on a Fun Treasure Hunt with OWASP Top 10!”https://medium.com/@rootspaghetti/a-vulnerability-a-treasure-go-on-a-fun-treasure-hunt-with-owasp-top-10-d9fe21911856?source=rss------bug_bounty-5Root@Spaghettihacking, bug-bounty, bug-bounty-tips02-Oct-2024
SQL injection attack, listing the database contents on Oraclehttps://medium.com/@codingbolt.in/sql-injection-attack-listing-the-database-contents-on-oracle-ceb843466f32?source=rss------bug_bounty-5codingboltsql-injection, bug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty02-Oct-2024
Exploiting Blind XSS to Access Admin Dashboard for Bounty Rewardshttps://medium.com/@arrheniuspaelongan09/exploiting-blind-xss-to-access-admin-dashboard-for-bounty-rewards-fcdd54ddea7c?source=rss------bug_bounty-5Qchadtechnology, hacking, bug-bounty, penetration-testing, hacker02-Oct-2024
Which path to choose in cybersecurity?https://medium.com/@mr_prey3r/which-path-to-choose-in-cybersecurity-ca048e621ba0?source=rss------bug_bounty-5Rubayet Hasan aka MR_Prey3rcybersecurity, hacking, bug-bounty, ethical-hacking02-Oct-2024
OWASP Top 10: 2021 vs. 2017 — A Comparative Analysishttps://medium.com/@mrutunjayasenapati0/owasp-top-10-2021-vs-2017-a-comparative-analysis-70990e5570f8?source=rss------bug_bounty-5Mrutunjaya Senapatibug-bounty, bugs, vulnerability, owasp, hacking02-Oct-2024
Deep Dive in Reconnaissancehttps://medium.com/@bitthr3at/deep-dive-in-reconnaissance-a1e88cfdebf5?source=rss------bug_bounty-5Naman Gupta (Bitthr3at)recon, subdomains-enumeration, bug-bounty, web, attack-surface02-Oct-2024
Bug Bounty Proqramlarına Giriş: Zəifliklərin Aşkar Edilməsi və Etik Hakerlik (Bölüm 1)https://zeynalxan.medium.com/bug-bounty-proqramlar%C4%B1na-giri%C5%9F-z%C9%99iflikl%C9%99rin-a%C5%9Fkar-edilm%C9%99si-v%C9%99-etik-hakerlik-b%C3%B6l%C3%BCm-1-8caa7eb90dd8?source=rss------bug_bounty-5Zeynalxan Quliyevetik-xaker, bug-bounty, whitehat, bug-bounty-nədir, hakerlik2-Oct-2024
A Comprehensive Bug Bounty Checklist for Beginners.https://medium.com/@anandrishav2228/a-comprehensive-bug-bounty-checklist-for-beginners-f96ba591cf3d?source=rss------bug_bounty-5Rishav anandcomputer-science, security, cybersecurity, engineering, bug-bounty2-Oct-2024
Cross-Origin Resource Sharing (CORS) Misconfiguration: How Attackers Exploit Weak Policies to Steal…https://cyberw1ng.medium.com/cross-origin-resource-sharing-cors-misconfiguration-how-attackers-exploit-weak-policies-to-steal-5902af92d71f?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, technology, bug-bounty, cybersecurity2-Oct-2024
SQL injection UNION attack, finding a column containing texthttps://medium.com/@codingbolt.in/sql-injection-union-attack-finding-a-column-containing-text-09d913162e0f?source=rss------bug_bounty-5codingboltsql-injection, sql-injection-attack, bug-bounty, cybersecurity, bug-bounty-tips2-Oct-2024
Reverse Shells: A Practical Guidehttps://medium.com/@learntheshell/reverse-shells-a-practical-guide-af1815bc3127?source=rss------bug_bounty-5LearnTheShellbug-bounty, bug-bounty-tips, reverse-shell, cybersecurity, pentesting02-Oct-2024
Secrets Manager exposed (HasiCorp Vault)https://medium.com/@manumanram2/secrets-manager-exposed-hasicorp-vault-7075539a9e1e?source=rss------bug_bounty-5SrPatoManinformation-disclosure, hacking, bug-bounty02-Oct-2024
Cross-Origin Resource Sharing (CORS) Misconfiguration: How Attackers Exploit Weak Policies to Steal…https://systemweakness.com/cross-origin-resource-sharing-cors-misconfiguration-how-attackers-exploit-weak-policies-to-steal-5902af92d71f?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, technology, bug-bounty, cybersecurity02-Oct-2024
Utilizing AI Model for Hacking: Bypassing CAPTCHAs using AI leads to Account Takeover | Bug Bountyhttps://ph-hitachi.medium.com/utilizing-ai-model-for-hacking-bypassing-captchas-using-ai-leads-to-account-takeover-bug-bounty-028804b779a0?source=rss------bug_bounty-5Ph.Hitachivulnerability, bug-bounty, captcha, security, ai01-Oct-2024
Chaining Application-Level DoS with CSRF: A Sneaky Exploit to Block User Loginshttps://medium.com/@dsmodi484/chaining-application-level-dos-with-csrf-a-sneaky-exploit-to-block-user-logins-4caaac781883?source=rss------bug_bounty-5Dishant Modihackerone, bug-bounty, csrf, python, vulnerability01-Oct-2024
Top 10 Documentation Every Hacker Should Knowhttps://medium.com/@RaunakGupta1922/top-10-documentation-every-hacker-should-know-f28e73f7c207?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitethical-hacking, cybersecurity, bug-bounty, programming, infosec01-Oct-2024
Mastering XSS (Cross-Site Scripting) Attacks: A Comprehensive Guide to become Professional Bug…https://medium.com/@kumawatabhijeet2002/mastering-xss-cross-site-scripting-attacks-a-comprehensive-guide-to-become-professional-bug-6251058c576e?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, xss-vulnerability, bug-bounty-tips, dom-based-xss, xss-attack01-Oct-2024
Don’t Miss Out! The Best Platforms to Report Vulnerabilities and Earn Big!https://medium.com/@paritoshblogs/dont-miss-out-the-best-platforms-to-report-vulnerabilities-and-earn-big-787bbb03607a?source=rss------bug_bounty-5Paritoshhow-to, vulnerability, hacking, bug-bounty, cybersecurity01-Oct-2024
Why can’t Bug Bounty Hunter find a bug?https://m0hitrawat.medium.com/why-cant-bug-bounty-hunter-find-a-bug-b5c9bc72a30d?source=rss------bug_bounty-5Mohit Rawatpentesting-checklist, bug-bounty, bug-bounty-writeup, pentesting-guide, bug-bounty-tips01-Oct-2024
Android Application Pentesting Part 2 ‍ | Android Platform Architecturehttps://dkcyberz.medium.com/android-application-pentesting-part-2-android-platform-architecture-0db5e27f209a?source=rss------bug_bounty-5Harpy Hunterandroid-pentesting, bug-bounty, bugbounty-writeup, pentesting, ethical-hacking01-Oct-2024
Understanding the OWASP Top 10: Your Guide to Web Application Securityhttps://medium.com/@mrutunjayasenapati0/understanding-the-owasp-top-10-your-guide-to-web-application-security-fab59537db8b?source=rss------bug_bounty-5Mrutunjaya Senapatihacking, bug-bounty, owasp-top-10, hunting, bounty-program01-Oct-2024
Why Web3Projects Should Start with Smaller Bug Bountieshttps://medium.com/@rangashree.rangaraja/why-web3projects-should-start-with-smaller-bug-bounties-a391777bc559?source=rss------bug_bounty-5Rangashree Rangarajabug-bounty, web3-security, web3, blockchain, blockchain-technology01-Oct-2024
Exploiting the Unprotected: How I Gained Unauthorized Access to Redishttps://medium.com/@impratikdabhi/exploiting-the-unprotected-how-i-gained-unauthorized-access-to-redis-5070eea7da35?source=rss------bug_bounty-5Pratik Dabhihacking, hacking-tools, bugcrowd, hackerone, bug-bounty01-Oct-2024
Taming Post Clapshttps://medium.engineering/taming-post-claps-273d97ce1ced?source=rss------bug_bounty-5Ryan Lattanzidynamodb, software-development, programming, bug-bounty01-Oct-2024
4 Burpsuite Intruder Attack Types You Should Know —Bug Tuesdayhttps://medium.com/@kerstan/4-burpsuite-intruder-attack-types-you-should-know-bug-tuesday-5c7a0900cb56?source=rss------bug_bounty-5kerstanbug-bounty, hacking, cybersecurity01-Oct-2024
Escalating stored XSS to Account Takeoverhttps://nyein-chan-aung.medium.com/escalating-stored-xss-to-account-takeover-28c549cd5f6b?source=rss------bug_bounty-5Nyein Chan Aungbug-bounty, bug-bounty-writeup, bug-bounty-tips01-Oct-2024
Unauthenticated PHP Object Injection in GiveWP Plugin for WordPresshttps://infosecwriteups.com/unauthenticated-php-object-injection-in-givewp-plugin-for-wordpress-5fffa8df79c8?source=rss------bug_bounty-5Ajay Naikrewards, hacking, bug-bounty, vulnerability, cybersecurity01-Oct-2024
File Upload (RCE) to Bounty | HackerOnehttps://starlox.medium.com/file-upload-rce-to-bounty-hackerone-928e8e5b375e?source=rss------bug_bounty-5#$ubh@nk@rinfosec, hacking, pentesting, bug-bounty, cybersecurity01-Oct-2024
Sneaking into your documents: How I hacked DigiLocker?https://medium.com/codechef-vit/sneaking-into-your-documents-how-i-hacked-digilocker-ae6dc44267fb?source=rss------bug_bounty-5Prateek Srivastavabug-bounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips, penetration-testing01-Oct-2024
Cross-Site Request Forgery (CSRF): How Attackers Exploit Trust to Hijack User Actionshttps://systemweakness.com/cross-site-request-forgery-csrf-how-attackers-exploit-trust-to-hijack-user-actions-94d29d787e47?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, bug-bounty, technology, hacking01-Oct-2024
How I Manipulated A User’s Email: A CSRF PoC Walkthrough from TCM Academyhttps://medium.com/@trixiahorner/csrf-walkthrough-5876cdf437ea?source=rss------bug_bounty-5Trixia Hornercybersecurity, hacking, bug-bounty, vulnerability, website01-Oct-2024
Nmap: A Comprehensive Guide for Web Application Bug Huntinghttps://medium.com/@anandrishav2228/nmap-a-comprehensive-guide-for-web-application-bug-hunting-d8c2a0ef360a?source=rss------bug_bounty-5Rishav anandcybersecurity, nmap, bug-bounty, engineering, hacking01-Oct-2024
Bug in a Mailing List Exposed Hundreds of American Universities: How I Found and Exploited the…https://medium.com/@sarvagnpathak/bug-in-a-mailing-list-exposed-hundreds-of-american-universities-how-i-found-and-exploited-the-cf5df54baf37?source=rss------bug_bounty-5Sarvagn Pathakcybersecurity, bug-bounty, awareness, hacking01-Oct-2024
AllSafe Challengeshttps://medium.com/@soliman_almansor/all-safe-challenges-599a09cce447?source=rss------bug_bounty-5Soliman Almansorhacking, bug-bounty, information-security, android-pentesting, infosec01-Oct-2024
Excited to announce our Industrial Security Training Program at @security_lit!https://securitylit.medium.com/excited-to-announce-our-industrial-security-training-program-at-security-lit-82a21753634e?source=rss------bug_bounty-5Security Lit Limitedit-security, cybersecurity, penetration-testing, bug-bounty, traning01-Oct-2024
Open Redirect Bug | wedohackshttps://wedohack.medium.com/open-redirect-bug-wedohacks-26012e51d50c?source=rss------bug_bounty-5WE DO HACKSopen-redirect, bug-bounty, bugs, bug-hunting, hacking01-Oct-2024
CORS Vulnerability with Trusted Insecure Protocolshttps://medium.com/@rcxsecurity/cors-vulnerability-with-trusted-insecure-protocols-09df3304e3d8?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafebug-bounty, information-security, penetration-testing, cybersecurity, hacking01-Oct-2024
Remote code Executionhttps://medium.com/@roshiniyathakula/remote-code-execution-9b2e9f26963d?source=rss------bug_bounty-5Roshiniyathakularce-vulnerability, penetration-testing, bug-bounty, reverse-shell, hacking30-Sep-2024
Uncovering Hidden Subdomains with Favicons: Advanced Enumeration Techniqueshttps://systemweakness.com/uncovering-hidden-subdomains-with-favicons-advanced-enumeration-techniques-e92cb30cbcc3?source=rss------bug_bounty-5Khaleel Khanbug-bounty-tips, hacking, cybersecurity, infosec, bug-bounty30-Sep-2024
Discovering Facebook OAuth Misconfigurations: A Journey into Pre-Account Takeoverhttps://medium.com/@cybershree/discovering-facebook-oauth-misconfigurations-a-journey-into-pre-account-takeover-92a38254cbec?source=rss------bug_bounty-5cybershreebug-bounty, bug-bounty-tips, writing, cybersecurity, bugcrowd30-Sep-2024
Android Application Penetration Testing Part 1 ‍ | Introductionhttps://dkcyberz.medium.com/android-application-penetration-testing-part-1-introduction-738351fe8806?source=rss------bug_bounty-5Harpy Hunterbug-bounty, pentesting, mobile-pentesting, android-pentesting, bugbounty-writeup30-Sep-2024
How to use AI for Bug Bounty in 2024https://medium.com/@anandrishav2228/how-to-use-ai-for-bug-bounty-in-2024-39ef4d2a518a?source=rss------bug_bounty-5Rishav anandai, networking, security, cybersecurity, bug-bounty30-Sep-2024
SQL Injection vulnerability in CRMEB v.5.2.2 — $$$$ Bountyhttps://osintteam.blog/sql-injection-vulnerability-in-crmeb-v-5-2-2-bounty-7bc056a19cce?source=rss------bug_bounty-5Ajay Naikvulnerability, sql, rewards, bug-bounty, sql-injection30-Sep-2024
Easy P2 — Pre account takeover via Facebook OAuth misconfigurationhttps://sudosuraj.medium.com/easy-p2-pre-account-takeover-via-facebook-oauth-misconfiguration-23c681ba8f07?source=rss------bug_bounty-5sudosurajcybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup, penetration-testing30-Sep-2024
SQL Injection Vulnerability on Login Page Allows Unauthorized Database Dumphttps://medium.com/@harshitha431/sql-injection-sqli-9675e21cc54a?source=rss------bug_bounty-5Harshithabug-bounty, vulnerability, hacking, penetration-testing, sql-injection30-Sep-2024
Prototype Pollution: How a JavaScript Quirk Can Lead to Complete Application Takeoverhttps://cyberw1ng.medium.com/prototype-pollution-how-a-javascript-quirk-can-lead-to-complete-application-takeover-9adb5e4f6b6b?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, hacking, cybersecurity, technology30-Sep-2024
CVE-2024–23897 — Jenkins File Read Vulnerability — POChttps://medium.com/@verylazytech/cve-2024-23897-jenkins-file-read-vulnerability-poc-6a1dfdbfd6f2?source=rss------bug_bounty-5Very Lazy Techcve-2024-23897, jenkins, cybersecurity, bug-bounty, pentesting30-Sep-2024
XSS + OAuth Misconfigs = Token Theft and ATOhttps://7odamoo.medium.com/xss-oauth-misconfigs-token-theft-and-ato-d0837c44cd31?source=rss------bug_bounty-5Mahmoud Hamedpenetration-testing, bug-bounty, cybersecurity30-Sep-2024
How to Use Medusa for Fast, Multi-Protocol Brute-Force Attackshttps://medium.com/@stealthsecurity/how-to-use-medusa-for-fast-multi-protocol-brute-force-attacks-0627997c5686?source=rss------bug_bounty-5Stealth Securityethical-hacking, penetration-testing, cybersecurity, bug-bounty, hacking30-Sep-2024
Prototype Pollution: How a JavaScript Quirk Can Lead to Complete Application Takeoverhttps://infosecwriteups.com/prototype-pollution-how-a-javascript-quirk-can-lead-to-complete-application-takeover-9adb5e4f6b6b?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, hacking, cybersecurity, technology30-Sep-2024
OWASP juice shop -How I get account takeover from XSShttps://medium.com/@abdo-eg/owasp-juice-shop-how-i-get-account-takeover-from-xss-ae3cfc978381?source=rss------bug_bounty-5Abdullah Ahmedxss-attack, owasp, hashing, bug-bounty, ato29-Sep-2024
Hacking with Linux: Your Ultimate Guide to Cyber Security Masteryhttps://medium.com/@RaunakGupta1922/hacking-with-linux-your-ultimate-guide-to-cyber-security-mastery-e8f8bb38510c?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitcybersecurity, linux, ethical-hacking, bug-bounty, hacking29-Sep-2024
OWASP juice-shop login as an admin using SQLi and OSINThttps://medium.com/@abdo-eg/owasp-juice-shop-login-as-an-admin-using-sqli-and-osint-90c4abc4322b?source=rss------bug_bounty-5Abdullah Ahmedweb-security, ethical-hacking, owasp, bug-bounty, penetration-testing29-Sep-2024
H7CTF — WEB CHALLENGEShttps://medium.com/@josangeorge27/h7ctf-web-challenges-db1883775dfd?source=rss------bug_bounty-5Josan Georgectf, ctf-walkthrough, cybersecurity, bug-bounty, web-application-security29-Sep-2024
Essential Port Scanning Skills for Bug Bounty Huntershttps://bevijaygupta.medium.com/essential-port-scanning-skills-for-bug-bounty-hunters-f0e09f3612ce?source=rss------bug_bounty-5Vijay Guptabug-bounty, port-scanning, bug-zero, bugs, bug-bounty-tips29-Sep-2024
Bypassing Filters: SSRF Exploitation via DNS Rebinding with Just 1 in 30 Successful Requestshttps://mokhansec.medium.com/bypassing-filters-ssrf-exploitation-via-dns-rebinding-with-just-1-in-30-successful-requests-2fdc3a9cfd7d?source=rss------bug_bounty-5Mohsin khanbug-bounty-writeup, bug-bounty-tips, bug-bounty, ssrf, bugs29-Sep-2024
Privacy concern bughttps://osintteam.blog/privacy-concern-bug-72b30aead215?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, tips, bug-bounty, cybersecurity, hacking29-Sep-2024
How to Find Bugs and Vulnerabilities Using ChatGPT: Guaranteed Resultshttps://medium.com/@shaikhminhaz1975/how-to-find-bugs-and-vulnerabilities-using-chatgpt-guaranteed-results-3b630fae4691?source=rss------bug_bounty-5Shaikh Minhazbug-bounty, chatgpt, penetration-testing, cybersecurity, how-to29-Sep-2024
Find Vulnerabilities With This Single Nmap Commandhttps://medium.com/@josuofficial327/find-vulnerabilities-with-this-single-nmap-command-a4476c16c82c?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuethical-hacking, cybersecurity, vulnerability, bug-bounty-tips, bug-bounty29-Sep-2024
Performing a Dependency Confusion Attack with Remote Code Execution (RCE): A Step-by-Step Guidehttps://medium.com/@360Security/performing-a-dependency-confusion-attack-with-remote-code-execution-rce-a-step-by-step-guide-8d6055aa53e4?source=rss------bug_bounty-5Anandvapt, cybersecurity, sdlc, rce, bug-bounty29-Sep-2024
Critical bug in MediaTek Chips:CVE-2024–20017https://medium.com/@dudleydaniel.raj2005/critical-bug-in-mediatek-chips-cve-2024-20017-6e955ad56923?source=rss------bug_bounty-5Hydra_101mediatek, chips, cybersecurity, bug-bounty, wifi29-Sep-2024
Mastering Advanced Google Dorks for Ethical Hacking and Vulnerability Discoveryhttps://osintteam.blog/mastering-advanced-google-dorks-for-ethical-hacking-and-vulnerability-discovery-6d9e3dde0433?source=rss------bug_bounty-5Ajay Naikbug-bounty, cybersecurity, rewards, medium, google-dork29-Sep-2024
SMTP/s — Port 25,465,587 For pentestershttps://medium.com/@verylazytech/smtp-s-port-25-465-587-3e5706e081e9?source=rss------bug_bounty-5Very Lazy Techbug-bounty, cybersecurity, smtp, penetration-testing, hacking29-Sep-2024
how i found union based sql injection in hackerone public vdp program?https://doordiefordream.medium.com/how-i-found-union-based-sql-injection-in-hackerone-public-vdp-program-7c76d61f6c77?source=rss------bug_bounty-5cybersecurity researcherethical-hacking, cyber-security-awareness, bug-bounty-writeup, bug-bounty, cybersecurity29-Sep-2024
KidRecon: The Ultimate Automated Subdomain Reconnaissance Tool for Ethical Hackershttps://angixblack.medium.com/kidrecon-the-ultimate-automated-subdomain-reconnaissance-tool-for-ethical-hackers-afb8ed8ea883?source=rss------bug_bounty-5Angix blackinfosec, bug-bounty, recon, automation, bug-bounty-tips29-Sep-2024
Server-Side Request Forgery (SSRF): How Attackers Can Exploit Internal Networkshttps://systemweakness.com/server-side-request-forgery-ssrf-how-attackers-can-exploit-internal-networks-417ed78ae69b?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, technology, cybersecurity29-Sep-2024
Best Bug Bounty and VA/PT Tools in 2024: Use Cases & Commandshttps://medium.com/@anandrishav2228/best-bug-bounty-and-va-pt-tools-in-2024-use-cases-commands-42986d594190?source=rss------bug_bounty-5Rishav anandcybersecurity, bug-bounty, company, pentesting, computer-science29-Sep-2024
Why is Bug Triage Important in Software Testing?https://medium.com/@divyarajsinhdev/why-is-bug-triage-important-in-software-testing-678decfb727f?source=rss------bug_bounty-5Divyarajsinh Dodiaautomation, qa, bug-bounty, testing29-Sep-2024
Understanding Bug Triage: A Crucial Process for Efficient Software Testinghttps://medium.com/@divyarajsinhdev/understanding-bug-triage-a-crucial-process-for-efficient-software-testing-790b9b353177?source=rss------bug_bounty-5Divyarajsinh Dodiatest, qa, automation, bug-bounty, testing29-Sep-2024
DVWA : Cross Site Scripting (XSS) Vulnerability Solution (Low Security Level)https://medium.com/@Kamal_S/dvwa-cross-site-scripting-xss-vulnerability-solution-low-security-level-452396997b5a?source=rss------bug_bounty-5Kamal Ssecurity-testing, xs, bug-bounty, dvwa, owasp29-Sep-2024
Mac Spoofinghttps://bob218.medium.com/mac-spoofing-ad0b180f3fad?source=rss------bug_bounty-5bob218cybersecurity, network-security, cyberattack, osint, bug-bounty29-Sep-2024
Life Sucks P-1https://medium.com/@janpreet9697/life-sucks-p-1-182d702bab02?source=rss------bug_bounty-5Janpreetcybersecurity, life, engineering, bug-bounty, motivation29-Sep-2024
How Bug Bounty Programs can enable widespread fraudhttps://medium.com/@hacktheplanet/how-bug-bounty-programs-can-enable-widespread-fraud-b027f36a49ef?source=rss------bug_bounty-5SirHaxAlotbug-bounty, hacking, fraud, cybersecurity28-Sep-2024
Stories of a sporadic bug bounty hunterhttps://jayaye15.medium.com/stories-of-a-sporadic-bug-bounty-hunter-a09cd32cf0a2?source=rss------bug_bounty-5jb00giecybersecurity, sql-injection, bug-bounty28-Sep-2024
My First Bounty Report Experiencehttps://medium.com/@sreedeepcs.gurukripa/my-first-bounty-report-experience-71095e5c34cd?source=rss------bug_bounty-5ambuheckerbug-bounty, cybersecurity, bug-hunting, hacking28-Sep-2024
Account Takeover and DoS: Weaponizing Enumeration, IDOR, and Registration Floodinghttps://medium.com/@tusharpuri6/account-takeover-and-dos-weaponizing-enumeration-idor-and-registration-flooding-4b88fce20f4b?source=rss------bug_bounty-5Tusharpuripenetration-testing, bug-bounty, offensive-security, application-security, infosec28-Sep-2024
Exploiting a Logic Bug in Discounts Code Generationhttps://medium.com/@sam_0x0/exploiting-a-logic-bug-in-discount-code-generation-a7f624bb396f?source=rss------bug_bounty-5Eslam Omarbug-bounty, logic-bug, hackerone, bug-bounty-tips, bug-bounty-writeup28-Sep-2024
Exploring the Role of Port Scanning in Bug Bounty Huntinghttps://bevijaygupta.medium.com/exploring-the-role-of-port-scanning-in-bug-bounty-hunting-a365e9006b6e?source=rss------bug_bounty-5Vijay Guptaport-scanning, bug-bounty-hunter, scanning, bug-bounty, bugs28-Sep-2024
Essential Tools for Bug Bounty Huntershttps://medium.com/@jatniwalafizza786/essential-tools-for-bug-bounty-hunters-3c2788cf64ae?source=rss------bug_bounty-5Jatniwalafizzacybersecurity, cybersecurity-course, bug-bounty-courses, bug-bounty28-Sep-2024
500$ Email Verification Token Leaks in Requesthttps://medium.com/@0xchoudhary/500-email-verification-token-leaks-in-request-4f0b5ff4b121?source=rss------bug_bounty-5Sushil Choudharyhackerone, bug-bounty, hacking, bounty-program, bugbounty-writeup28-Sep-2024
Top 20 Must-Have Hacking Gadgets for Cybersecurity Professionalshttps://medium.com/@ajaynaikhack/top-20-must-have-hacking-gadgets-for-cybersecurity-professionals-bec4dfe896cf?source=rss------bug_bounty-5Ajay Naikcybersecurity, bug-bounty, gadgets, hacking, information-security28-Sep-2024
Security Misconfiguration: Identifying and Preventing This Common Vulnerabilityhttps://medium.com/@mrutunjayasenapati0/security-misconfiguration-identifying-and-preventing-this-common-vulnerability-14ab1c4989ac?source=rss------bug_bounty-5Mrutunjaya Senapativulnerability, hacking, security-misconfiguration, bug-bounty, penetration-testing28-Sep-2024
Insecure Direct Object References (IDOR): Understanding and Preventing This Vulnerabilityhttps://medium.com/@mrutunjayasenapati0/insecure-direct-object-references-idor-understanding-and-preventing-this-vulnerability-4c8e831f17b4?source=rss------bug_bounty-5Mrutunjaya Senapatibug-bounty, idor, idor-vulnerability, vulnerability, hacking28-Sep-2024
Exploiting a Logic Bug in Discount Codes Generationhttps://medium.com/@sam_0x0/exploiting-a-logic-bug-in-discount-code-generation-a7f624bb396f?source=rss------bug_bounty-5Eslam Omarbug-bounty, logic-bug, hackerone, bug-bounty-tips, bug-bounty-writeup28-Sep-2024
Why Go is the Perfect Choice for CLIshttps://medium.com/@rezauditore/why-go-is-the-perfect-choice-for-clis-477281989ace?source=rss------bug_bounty-5rezauditorepeace, lgbtq, golang, bug-bounty, programming28-Sep-2024
Exposed private key leads to Google cloud service account takeover — Privilege Escalationhttps://vettrivel007.medium.com/exposed-private-key-leads-to-google-cloud-service-account-takeover-privilege-escalation-6f031e20c819?source=rss------bug_bounty-5VETTRIVELbug-bounty-tips, bounty-program, pentesting, bug-bounty, cybersecurity28-Sep-2024
Broken Authentication: A Common Vulnerability Exposing User Accountshttps://cyberw1ng.medium.com/broken-authentication-a-common-vulnerability-exposing-user-accounts-2b48b6f9b644?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, cybersecurity, technology28-Sep-2024
Nuclei ile Zafiyet Tespitihttps://medium.com/@alperenkeskk/nuclei-ile-zafiyet-tespiti-ec94aa180aab?source=rss------bug_bounty-5Alperen Keskincyber-security-awareness, bug-bounty-tips, security, tools, bug-bounty28-Sep-2024
HackTheBox Broken Authentication (Skills Assessment)https://medium.com/@N0UR0X01/hackthebox-broken-authentication-skills-assessment-c43feaab1a52?source=rss------bug_bounty-5N0UR0x01htb-writeup, htb-academy, bug-bounty, htb-academy-writeup, broken-authentication28-Sep-2024
How to google dork effectively for private and other bug bounty programshttps://medium.com/@malikirtizameg/how-to-google-dork-effectively-for-private-and-other-bug-bounty-program-d54f9e7b4d57?source=rss------bug_bounty-5bug bountypenetration-testing, python, bug-bounty, cybersecurity, hacking28-Sep-2024
Full Account Takeover via Facebook OAuth Misconfigurationhttps://medium.com/@0x_xnum/full-account-takeover-via-facebook-oauth-misconfiguration-9e30fe1c1da1?source=rss------bug_bounty-5Ahmed Tarekbug-bounty, oauth, bugbounty-writeup, bugcrowd, account-takeover28-Sep-2024
SQL injection attack, querying the database type and version on MySQL and Microsofthttps://medium.com/@codingbolt.in/sql-injection-attack-querying-the-database-type-and-version-on-mysql-and-microsoft-162715c6cd0e?source=rss------bug_bounty-5codingboltsql-injection-attack, sql-injection, bug-bounty-writeup, bug-bounty, bug-bounty-tips28-Sep-2024
SQL injection attack, querying the database type and version on Oraclehttps://medium.com/@codingbolt.in/sql-injection-attack-querying-the-database-type-and-version-on-oracle-f78a035c654d?source=rss------bug_bounty-5codingboltbug-bounty-tips, sql-injection, bug-bounty-writeup, bug-bounty, sql-injection-attack28-Sep-2024
ORM HQL Injectionhttps://medium.com/@oscuridad1010/orm-hql-injection-e072207e8942?source=rss------bug_bounty-5Gamiel Manbiotaninfosec, hackerone, bugcrowd, developer, bug-bounty28-Sep-2024
How to use built with for bugbountyhttps://osintteam.blog/how-to-use-built-with-for-bugbounty-9f58ba501f5a?source=rss------bug_bounty-5loyalonlytodayhacking, bug-bounty-tips, cybersecurity, bug-bounty, recon28-Sep-2024
P4 bug’s and their POC steps | Part 5https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-5-242eddd02fd0?source=rss------bug_bounty-5socalledhackerinfosec, hacking, bug-bounty, web-security, bug-bounty-tips28-Sep-2024
Level Up your Bug Bounty Game — to P1s and P2s Series : PART 1https://medium.com/@nireshpandian19/level-up-your-bug-bounty-game-to-p1s-and-p2s-series-part-1-edaa702c8499?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty-writeup, bug-bounty, cybersecurity, ethical-hacking, bug-hunting27-Sep-2024
Web App Hacking Tips & Trick—Celah File Upload — Bagian 1https://medium.com/@mrp.bpp/web-app-hacking-tips-trick-celah-file-upload-bagian-1-1df16a844279?source=rss------bug_bounty-5Mada Perdhanafile-upload-vulnerability, hacking, bug-bounty-tips, bug-bounty, web-hacking27-Sep-2024
Sedikit Tips & Trick Saat Testing API — Bagian 2https://medium.com/@mrp.bpp/sedikit-tips-trick-saat-testing-api-bagian-2-a548a85bcea6?source=rss------bug_bounty-5Mada Perdhanaweb-hacking, api-hacing, bug-bounty, bug-hunting, bug-bounty-tips27-Sep-2024
Sedikit Tips & Trick Saat Testing API — Bagian 1https://medium.com/@mrp.bpp/sedikit-tips-trick-saat-testing-api-bagian-1-3983017fec4d?source=rss------bug_bounty-5Mada Perdhanahacking-apis, web-hacking, bug-bounty, bug-bounty-tips, bug-hunting27-Sep-2024
Deep Dive in Reconnaissance (Chapter 1 [part-2] — Root Domain Enumeration)https://medium.com/@bitthr3at/deep-dive-in-reconnaissance-chapter-1-part-2-root-domain-enumeration-87765a50d125?source=rss------bug_bounty-5Naman Gupta (Bitthr3at)appsec, recon, osint, attack-surface-discovery, bug-bounty27-Sep-2024
How to Become a Bug Bounty Hunter: A Complete Guide for Beginnershttps://medium.com/@anandrishav2228/how-to-become-a-bug-bounty-hunter-a-complete-guide-for-beginners-316c27bb2c8c?source=rss------bug_bounty-5Rishav anandbug-bounty, hackerspaces, hacking, website, cybersecurity27-Sep-2024
SQL injection vulnerability allowing login bypasshttps://medium.com/@codingbolt.in/sql-injection-vulnerability-allowing-login-bypass-7f1de7d77a6a?source=rss------bug_bounty-5codingboltbug-bounty, sql-injection, bug-bounty-tips, bug-bounty-writeup, cybersecurity27-Sep-2024
SQL injection vulnerability in WHERE clause allowing retrieval of hidden datahttps://medium.com/@codingbolt.in/sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-8ea2be5f13df?source=rss------bug_bounty-5codingboltbug-bounty-tips, bug-bounty-writeup, sql-injection, bugs, bug-bounty27-Sep-2024
NMAP Usagehttps://medium.com/@mohanmecktro/nmap-usage-780a7f4ccdcc?source=rss------bug_bounty-5Mohan Mecktrohacking-tools, nmap, bug-bounty, penetration-testing, kali27-Sep-2024
Web App Hacking Tips & Trick — Celah File Upload — Bagian 2https://medium.com/@mrp.bpp/web-app-hacking-tips-trick-celah-file-upload-bagian-2-fdc536d3045e?source=rss------bug_bounty-5Mada Perdhanafile-upload-vulnerability, bug-bounty, web-hacking, bug-bounty-tips, hacking27-Sep-2024
Cross-Site Request Forgery (CSRF): Understanding the Threat and How to Mitigate Ithttps://medium.com/@mrutunjayasenapati0/cross-site-request-forgery-csrf-understanding-the-threat-and-how-to-mitigate-it-fb5db007f13b?source=rss------bug_bounty-5Mrutunjaya Senapatihunting, hacking, vulnerability, csrf, bug-bounty27-Sep-2024
5 Key Factors to Help You Choose the Best Bug Bounty Program on HackerOnehttps://medium.com/@blackarazi/5-key-factors-to-help-you-choose-the-best-bug-bounty-program-on-hackerone-b27bb2159d07?source=rss------bug_bounty-5Azhari Harahapbug-bounty-tips, hackerone, bug-bounty-program, bug-bounty27-Sep-2024
I Spent a Month on a Private Program and Earned $$$$$https://mokhansec.medium.com/i-spent-a-month-on-a-private-program-and-earned-c57b4c3d7dba?source=rss------bug_bounty-5Mohsin khanbug-bounty-tips, bugs, bug-bounty27-Sep-2024
What is Bug Bountyhttps://medium.com/@iabhipathak/what-is-bug-bounty-fc9fe6a73e16?source=rss------bug_bounty-5Abhinav Pathakinformation-security, hacking, bug-bounty, security, cybersecurity27-Sep-2024
Unlocking Success: My Journey to Bypassing 2FA and Winning My First Bounty $800https://medium.com/@mihad0x1/unlocking-success-my-journey-to-bypassing-2fa-and-winning-my-first-bounty-800-c6e7654feea4?source=rss------bug_bounty-5mihad0x1hacking, security-research, bugbounty-writeup, bug-bounty, hacker27-Sep-2024
High vs. Low Severity Bugs: A Complete Guide to Bug Classification in Software and Cybersecurityhttps://medium.com/@shoaibjamal663/classification-of-bugs-high-vs-low-severity-bugs-62ce16630ddf?source=rss------bug_bounty-5Muhammad Shoaib Jamalsoftware-development, bugs, risk-management, cybersecurity, bug-bounty27-Sep-2024
NoSQL Injection Attackshttps://medium.com/@majix_de/nosql-injection-attacks-1397fd366c28?source=rss------bug_bounty-5Majixhacking, bug-bounty, penetration-testing, nosql, bug-bounty-tips27-Sep-2024
️ Information Disclosure Vulnerability: Exposing API Keys and Tokens in a Private Programhttps://medium.com/@kumawatabhijeet2002/%EF%B8%8F-information-disclosure-vulnerability-exposing-api-keys-and-tokens-in-a-private-program-e06c4d110552?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, information-disclosure, vulnerability, bug-bounty-tips, pii-data27-Sep-2024
From Enumeration to Takeover: Crack the Code of Subdomain Vulnerabilities!https://enigma96.medium.com/from-enumeration-to-takeover-crack-the-code-of-subdomain-vulnerabilities-4fea92cd0374?source=rss------bug_bounty-5enigmabug-bounty-tips, pentesting, bug-bounty, bugs, hacking27-Sep-2024
How a Simple Exploit Can Lead to a $500 Bounty — Cache Deceptionhttps://infosecwriteups.com/how-a-simple-exploit-can-lead-to-a-500-bounty-cache-deception-8da0583f6013?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, technology, bug-bounty, cybersecurity, careers27-Sep-2024
How I Found an Authentication Flaw in a Chat Featurehttps://medium.com/@krishnast545/my-first-high-severity-bug-how-i-found-an-authentication-flaw-in-a-chat-feature-58fb0f939a4a?source=rss------bug_bounty-5Krishnabugs, bug-bounty27-Sep-2024
Privilege Escalation on Amazon Linux (SageMaker)https://medium.com/@rickconsole/privilege-escalation-on-amazon-linux-sagemaker-cf115042ea5f?source=rss------bug_bounty-5Rick Consolebug-bounty, cloud-computing, cybersecurity, aws, penetration-testing27-Sep-2024
Web App Hacking Tips & Trick — Celah File Upload — Bagian 3https://medium.com/@mrp.bpp/web-app-hacking-tips-trick-celah-file-upload-bagian-3-8ec192d1633b?source=rss------bug_bounty-5Mada Perdhanahacking, bug-hunting, bug-bounty-tips, bug-bounty, file-upload-vulnerability27-Sep-2024
Web Cache Poisoning with Multiple Headershttps://medium.com/@rcxsecurity/web-cache-poisoning-with-multiple-headers-d4e27497288e?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafeinformation-security, information-technology, penetration-testing, cybersecurity, bug-bounty27-Sep-2024
It’s not a bug. It really is a feature.https://medium.com/@info_11548/its-not-a-bug-it-really-is-a-feature-b758f1454970?source=rss------bug_bounty-5Cloette Zager with FranGuardian Corporationbug-bounty, features, featured, featured-stories, bugs27-Sep-2024
Vulnerability: Multiple Vulnerabilities in Linux CUPS (CVSS 9.9)https://infosecwriteups.com/vulnerability-multiple-vulnerabilities-in-linux-cups-cvss-9-9-49dbdcd73cb0?source=rss------bug_bounty-5Ajay Naikbug-bounty, vulnerability, rewards, information-security, cybersecurity27-Sep-2024
my first easy IDOR in a big companyhttps://medium.com/@malikirtizameg/my-first-easy-idor-in-a-big-company-104ee6c4a7ff?source=rss------bug_bounty-5bug bountybug-bounty-tips, cybersecurity, bug-bounty, hacking, ethical-hacking27-Sep-2024
Shodan Revealed: How to Discover Vulnerabilities Across the Webhttps://medium.com/@RejuKole.com/shodan-revealed-how-to-discover-vulnerabilities-across-the-web-925a382bb9bd?source=rss------bug_bounty-5Reju Kolebug-bounty, ethical-hacking, shodan, bug-bounty-tips, web27-Sep-2024
The Art of the Phantom Deposit: a study on vulnerabilities in crypto exchangeshttps://medium.com/@silviosaturnowk/the-art-of-the-phantom-deposit-a-study-on-vulnerabilities-in-crypto-exchanges-3a356153bfe2?source=rss------bug_bounty-5Silvio Saturnoexploit, cybersecurity, bug-bounty, smart-contracts, solidity27-Sep-2024
How to install Subdominator & how to find subdomains using Subdominator !!https://medium.com/@sherlock297/how-to-install-subdominator-how-to-find-subdomains-using-subdominator-fe9b48be2aea?source=rss------bug_bounty-5Ravindra Dagalewindows, tools, tutorial, bug-bounty, subdominator26-Sep-2024
10 Essential Blog Sites For Bug Bounty Huntershttps://medium.com/@RaunakGupta1922/10-essential-blog-sites-for-bug-bounty-hunters-8309cbbe3756?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitknowledge, learning, articles, hacking, bug-bounty26-Sep-2024
Deep Dive in Reconnaissance (Chapter 1 [part-1] — Root Domain Enumeration)https://medium.com/@bitthr3at/deep-dive-in-reconnaissance-chapter-1-part-1-root-domain-enumeration-7ddfda1283fd?source=rss------bug_bounty-5Naman Gupta (Bitthr3at)osint, appsec, recon, attack-surface-discovery, bug-bounty26-Sep-2024
Exploiting SMTP on Metasploitable 2: Unveiling the Power of Port 25https://medium.com/@thefellowhacker/exploiting-smtp-on-metasploitable-2-unveiling-the-power-of-port-25-4fab583855f8?source=rss------bug_bounty-5Taahir Mujawarrhacker, hacking, cybersecurity, technology, bug-bounty26-Sep-2024
Cross-Site Scripting (XSS): Understanding and Mitigating a Common Web Vulnerabilityhttps://medium.com/@mrutunjayasenapati0/cross-site-scripting-xss-understanding-and-mitigating-a-common-web-vulnerability-fe82824c24f5?source=rss------bug_bounty-5Mrutunjaya Senapatihacking, hunting, xss-attack, vulnerability, bug-bounty26-Sep-2024
Story of Time Machines: Where Archived URLs and Juicy Information Handshake Each Otherhttps://medium.com/@security.tecno/story-of-time-machines-where-archived-urls-and-juicy-information-handshake-each-other-11efd831da46?source=rss------bug_bounty-5TECNO Securitysecurity, bug-bounty, research, hacking26-Sep-2024
Vulnerable WordPress August 2024 (Museum of Ostad Bohtouni)https://medium.com/@onhexgroup/vulnerable-wordpress-august-2024-museum-of-ostad-bohtouni-dad683a3ef15?source=rss------bug_bounty-5Onhexgroupwordpress-security, wordpress, bug-bounty, info, cybersecurity26-Sep-2024
Top 7 Free Cybersecurity Tools Every Beginner Must Try Today!https://medium.com/@paritoshblogs/top-7-free-cybersecurity-tools-every-beginner-must-try-today-44eea1aa91b8?source=rss------bug_bounty-5Paritoshbug-bounty, hacking, projects, cybersecurity, free26-Sep-2024
Analyzing a Real HTTP Request Smuggling Attack. What Happened here?https://medium.com/@rezauditore/analyzing-a-real-http-request-smuggling-attack-what-happened-here-19dbc6edf9a4?source=rss------bug_bounty-5rezauditorepentesting, bug-bounty, ctf-writeup, lgbtq, tips26-Sep-2024
CVE-2024–45519 in Zimbra — Bounty 1000 USDhttps://infosecwriteups.com/cve-2024-45519-in-zimbra-bounty-1000-usd-0304b2a813f3?source=rss------bug_bounty-5Ajay Naikhacking, vulnerability, bug-bounty, rewards, cybersecurity26-Sep-2024
Mastering IDS: A Comprehensive Guide with Snort Implementationhttps://medium.com/@hackeraakash2002/mastering-ids-a-comprehensive-guide-with-snort-implementation-4ccc8192a0cf?source=rss------bug_bounty-5HackwithAJnetwork-security, bug-bounty, hacking, cyber-security-awareness, ids-ips26-Sep-2024
SSH Hacking: How to Exploit Port 22 Vulnerabilities for Penetration Testinghttps://medium.com/@verylazytech/ssh-hacking-how-to-exploit-port-22-vulnerabilities-for-penetration-testing-601d257ee491?source=rss------bug_bounty-5Very Lazy Techcybersecurity, hacking, penetration-testing, bug-bounty, exploit26-Sep-2024
Bug bounty – Recon Tips for subdomain enumerationhttps://medium.com/@tharunteja725_8686/bug-bounty-recon-tips-for-subdomain-enumeration-0b3d51ad1cc8?source=rss------bug_bounty-5Chidurala Tharun tejabug-bounty-tips, bug-bounty-writeup, bug-bounty, cybersecurity, oscp26-Sep-2024
Akamai WAF Bypass Lead To Discover 30 XSS bugshttps://medium.com/@nagashygaballah/akamai-waf-bypass-lead-to-discover-30-xss-bugs-bea0f8be1dd4?source=rss------bug_bounty-5111xNagashytips-and-tricks, cybersecurity, xss-attack, penetration-testing, bug-bounty26-Sep-2024
SUBDOMAIN ENUMERATION — BUGBOUNTYhttps://medium.com/@tharunteja725_8686/subdomain-enumeration-bugbounty-2831b70ee735?source=rss------bug_bounty-5Chidurala Tharun tejapenetration-testing, bug-bounty, cybersecurity, oscp, bug-bounty-tips26-Sep-2024
Reflected XSS with event handlers and href attributes blockedhttps://medium.com/@codingbolt.in/reflected-xss-with-event-handlers-and-href-attributes-blocked-b333eb18942e?source=rss------bug_bounty-5codingboltxss-attack, xss-vulnerability, cyberattack, cybersecurity, bug-bounty26-Sep-2024
Reflected XSS with AngularJS sandbox escape and CSPhttps://medium.com/@codingbolt.in/reflected-xss-with-angularjs-sandbox-escape-and-csp-e68867138b6f?source=rss------bug_bounty-5codingboltxss-attack, cybersecurity, bug-bounty, cybercrime, bug-bounty-tips26-Sep-2024
Reflected XSS with AngularJS sandbox escape without stringshttps://medium.com/@codingbolt.in/reflected-xss-with-angularjs-sandbox-escape-without-strings-e434c669ac56?source=rss------bug_bounty-5codingboltbug-bounty, xss-attack, cyberattack, cybersecurity, bug-bounty-tips26-Sep-2024
Exploiting XSS to perform CSRFhttps://medium.com/@codingbolt.in/exploiting-xss-to-perform-csrf-1aac291690bd?source=rss------bug_bounty-5codingboltxss-attack, bug-bounty-writeup, bug-bounty-tips, bug-bounty, cybersecurity26-Sep-2024
How To Configure Metasploitable Machine To Hack? | Primary Hacking School #3https://medium.com/@nnface/how-to-configure-metasploitable-machine-to-hack-primary-hacking-school-3-083cd63c47cf?source=rss------bug_bounty-5NnFacehacking-tools, hacking, bug-bounty, cybersecurity, kali-linux26-Sep-2024
White Hat vs Black Hat Hackers: What’s the Real Difference & Which One Are You?https://codingrasi.medium.com/white-hat-vs-black-hat-hackers-whats-the-real-difference-which-one-are-you-f2c7327d77a7?source=rss------bug_bounty-5CodingRasiyoutube-creators, hacking, bug-bounty, ethical-hacking, hacker26-Sep-2024
Reflected XSS protected by CSP, with CSP bypasshttps://medium.com/@codingbolt.in/reflected-xss-protected-by-csp-with-csp-bypass-58d46ec1fc71?source=rss------bug_bounty-5codingboltxss-attack, xss-vulnerability, bug-bounty, bug-bounty-tips, cybersecurity26-Sep-2024
Reflected XSS protected by very strict CSP, with dangling markup attackhttps://medium.com/@codingbolt.in/reflected-xss-protected-by-very-strict-csp-with-dangling-markup-attack-029d16b86163?source=rss------bug_bounty-5codingboltxss-vulnerability, xss-attack, bug-bounty-tips, bug-bounty, cybersecurity26-Sep-2024
SSRF Simplified (OWASP 2021-A10)https://medium.com/@kannnannmk/ssrf-simplified-owasp-2021-a10-62586a3468f4?source=rss------bug_bounty-5Neelamegha Kannan Spenetration-testing, vulnerability, cybersecurity, bug-bounty, information-security26-Sep-2024
Reflected XSS in a JavaScript URL with some characters blockedhttps://medium.com/@codingbolt.in/reflected-xss-in-a-javascript-url-with-some-characters-blocked-7decfa413c79?source=rss------bug_bounty-5codingboltbug-bounty-tips, cybersecurity, bugs, xss-attack, bug-bounty26-Sep-2024
Finding subdomains using security trails api keyhttps://osintteam.blog/finding-subdomains-using-security-trails-api-key-8b45d5a4629e?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, hacking, bug-bounty-tips, cybersecurity, bug-bounty26-Sep-2024
IDORS — leaking 1.5 crore user detailshttps://medium.com/@nireshpandian19/idors-leaking-1-5-crore-user-details-5bbc3b9368e2?source=rss------bug_bounty-5JAI NIRESH Jbug-bounty, idor-vulnerability, ethical-hacking, idor, cybersecurity25-Sep-2024
Exploring the Role of Port Scanning in Bug Bounty Huntinghttps://bevijaygupta.medium.com/exploring-the-role-of-port-scanning-in-bug-bounty-hunting-169a1d723bb0?source=rss------bug_bounty-5Vijay Guptaport-scanning, bug-bounty, bugs, bug-bounty-writeup, bug-bounty-tips25-Sep-2024
My First Easy IDOR: A Simple Guide to Understanding Insecure Direct Object Referenceshttps://medium.com/@Alireza.salmani/my-first-easy-idor-a-simple-guide-to-understanding-insecure-direct-object-references-8b48aa1da8ea?source=rss------bug_bounty-5Alireza Salmanibug-bounty, access-control, ethical-hacking, web-application-security, cybersecurity25-Sep-2024
Golang edge case: when “defer” will never work out in your codehttps://waclawthedev.medium.com/golang-edge-case-when-defer-will-never-work-out-in-your-code-f783518679e9?source=rss------bug_bounty-5Wacław The Developergolang, bug-bounty, defer, go, backend25-Sep-2024
Finding a p4 as per bugcrowd vrthttps://medium.com/@loyalonlytoday/finding-a-p4-as-per-bugcrowd-vrt-9f08278a75ae?source=rss------bug_bounty-5loyalonlytodaybug-bounty, penetration-testing, web-hacking, bugbounty-writeup, bugs25-Sep-2024
How I Discovered DOM XSS by Analyzing Javascript Codehttps://medium.com/@fajarsylvana/how-i-discovered-dom-xss-by-analyzing-javascript-code-6fa57c680a0e?source=rss------bug_bounty-5Fajar Sylvanapentesting, bug-bounty-tips, hacking, penetration-testing, bug-bounty25-Sep-2024
FTP Hacking: How to Exploit Port 21 Vulnerabilities for Penetration Testinghttps://medium.com/@verylazytech/ftp-hacking-how-to-exploit-port-21-vulnerabilities-for-penetration-testing-bbd65e2238da?source=rss------bug_bounty-5Very Lazy Technetwork-security, ethical-hacking, bug-bounty, cybersecurity, penetration-testing25-Sep-2024
Cracking the Code: How I Took Over Admin Accounts Across Organizationshttps://medium.com/@ismailsaid1603/cracking-the-code-how-i-took-over-admin-accounts-across-organizations-5d135ba152b4?source=rss------bug_bounty-5Esmail Saied (0xSp1DeR)tips-and-tricks, hackerone, bugcrowd, bugbounty-writeup, bug-bounty25-Sep-2024
How I proved impact with Google Map API Keyhttps://r0b0ts.medium.com/how-i-proved-impact-with-google-map-api-key-7aa801616abb?source=rss------bug_bounty-5r0b0tsbug-bounty-writeup, bug-bounty-tips, bugbounty-writeup, bug-bounty, bug-bounty-hunter25-Sep-2024
website leaking otp in inspect elemethttps://osintteam.blog/website-leaking-otp-in-inspect-elemet-8da71ae4004d?source=rss------bug_bounty-5loyalonlytodaybug-bounty, hacking, bugbounty-writeup, bug-bounty-tips, penetration-testing25-Sep-2024
Reflected XSS into a JavaScript string with single quote and backslash escapedhttps://medium.com/@codingbolt.in/reflected-xss-into-a-javascript-string-with-single-quote-and-backslash-escaped-621b6a187f04?source=rss------bug_bounty-5codingboltbugs, bug-bounty-tips, xss-attack, bug-bounty, xss-vulnerability25-Sep-2024
Reflected XSS in canonical link taghttps://medium.com/@codingbolt.in/reflected-xss-in-canonical-link-tag-c4902808a6e7?source=rss------bug_bounty-5codingboltxss-attack, bug-hunting, bug-bounty, bug-bounty-tips, bugs25-Sep-2024
Kerentanan Kritis : Bypass Autentikasi (CVE-2024–7593) pada Ivanti vTM: Penjelasan dan Tindakan…https://medium.com/@mrp.bpp/kerentanan-bypass-autentikasi-kritis-cve-2024-7593-pada-ivanti-vtm-penjelasan-dan-tindakan-77d159f53199?source=rss------bug_bounty-5Mada Perdhanabug-bounty, hacking, ivanti-service-manager, exploit, 0-day-attacks25-Sep-2024
Eksfiltrasi Data Menggunakan Komunikasi DNS (Out-of-Band)https://medium.com/@mrp.bpp/eksfiltrasi-data-menggunakan-komunikas-idns-out-of-band-7932a1ab335f?source=rss------bug_bounty-5Mada Perdhanaoob, bug-bounty, bug-bounty-tips, hacking25-Sep-2024
Exploiting cross-site scripting to steal cookieshttps://medium.com/@codingbolt.in/exploiting-cross-site-scripting-to-steal-cookies-8f57e316e8d3?source=rss------bug_bounty-5codingboltbug-bounty-tips, xss-attack, xss-vulnerability, cookies, bug-bounty25-Sep-2024
Understanding Common Web Vulnerabilities: A Guide for Beginnershttps://medium.com/@mrutunjayasenapati0/understanding-common-web-vulnerabilities-a-guide-for-beginners-398e8987cc4f?source=rss------bug_bounty-5Mrutunjaya Senapatibeginner, bug-bounty, vulnerability, beginners-guide, guides-and-tutorials25-Sep-2024
Reflected XSS into a template literal with angle brackets, single, double quotes, backslash and…https://medium.com/@codingbolt.in/reflected-xss-into-a-template-literal-with-angle-brackets-single-double-quotes-backslash-and-5acbbd9f2631?source=rss------bug_bounty-5codingboltbug-bounty, bug-bounty-writeup, bug-bounty-tips, xss-attack25-Sep-2024
Stored XSS into onclick event with angle brackets and double quotes HTML-encoded and single quotes…https://medium.com/@codingbolt.in/stored-xss-into-onclick-event-with-angle-brackets-and-double-quotes-html-encoded-and-single-quotes-9af43308602b?source=rss------bug_bounty-5codingboltbug-bounty-tips, bug-bounty, xss-vulnerability, bugs, xss-attack25-Sep-2024
Reflected XSS into a JavaScript string with angle brackets and double quotes HTML-encoded and…https://medium.com/@codingbolt.in/reflected-xss-into-a-javascript-string-with-angle-brackets-and-double-quotes-html-encoded-and-e1ad9b482189?source=rss------bug_bounty-5codingboltbug-bounty-tips, xss-attack, xss-vulnerability, bugs, bug-bounty25-Sep-2024
Skrip Otomatisasi XSS (Cross-Site Scripting)https://medium.com/@mrp.bpp/skrip-otomatisasi-xss-cross-site-scripting-6b6064da0408?source=rss------bug_bounty-5Mada Perdhanabug-bounty, xss-attack, tools, hacking, bug-bounty-tips25-Sep-2024
How to Create a Fun, Engaging, and Long-Lasting Bug Bounty Program for Your Communityhttps://medium.com/@GrowthKingdom/how-to-create-a-fun-engaging-and-long-lasting-bug-bounty-program-for-your-community-f67da7fb230a?source=rss------bug_bounty-5Growth Kingdomdapps, blockchain, web3, crypto, bug-bounty25-Sep-2024
Understanding SQL Injection: A Deep Dive into One of the Most Common Web Vulnerabilitieshttps://medium.com/@mrutunjayasenapati0/understanding-sql-injection-a-deep-dive-into-one-of-the-most-common-web-vulnerabilities-2c5d031180c6?source=rss------bug_bounty-5Mrutunjaya Senapatisql-injection, hacking, injection, bug-bounty, sql25-Sep-2024
How Bug Bounties Strengthen Defenses -InITScienceAIhttps://medium.com/@initscienceaiandlooklivenews/how-bug-bounties-strengthen-defenses-initscienceai-c727d3b8a2d3?source=rss------bug_bounty-5InITScienceAibug-bounty-tips, bugs, bugbounting, bug-bounty, bug-bounty-hunter24-Sep-2024
Advanced Port Scanning Techniques for Bug Bounty Programshttps://bevijaygupta.medium.com/advanced-port-scanning-techniques-for-bug-bounty-programs-fd22a049ed37?source=rss------bug_bounty-5Vijay Guptabugs, bug-bounty, bug-bounty-tips, port-scanning, bug-zero24-Sep-2024
test:test not Part 2https://medium.com/@bxrowski0x/test-test-not-part-2-492fb030c8c2?source=rss------bug_bounty-5Omar ElSayedbug-bounty, keycloak, bug-bounty-tips, bug-bounty-writeup, cybersecurity24-Sep-2024
Unlocking Web3 Success: Why Code4rena & Codehawk Are the Ultimate Bug Bounty Platforms for Newbieshttps://medium.com/@firmanregar/unlocking-web3-success-why-code4rena-codehawk-are-the-ultimate-bug-bounty-platforms-for-newbies-c1c041117934?source=rss------bug_bounty-5Firman Siregarbug-bounty, smart-contract-security24-Sep-2024
Mastering Subdomain Takeoverhttps://medium.com/@verylazytech/mastering-subdomain-takeover-48d9b9d593a9?source=rss------bug_bounty-5Very Lazy Techsubdomain-takeover, cybersecurity, bug-bounty, subdomain, hacking24-Sep-2024
DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encodedhttps://medium.com/@codingbolt.in/dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-51f3b873d180?source=rss------bug_bounty-5codingbolthacking, web-hacking, bug-bounty, xss-attack, xss-vulnerability24-Sep-2024
DOM XSS in document.write sink using source location.search inside a select elementhttps://medium.com/@codingbolt.in/dom-xss-in-document-write-sink-using-source-location-search-inside-a-select-element-80223838d4af?source=rss------bug_bounty-5codingboltxss-attack, xss-vulnerability, bug-bounty, hacking, bugs24-Sep-2024
What Are Bugs in Cybersecurity? Understanding the Basicshttps://medium.com/@shoaibjamal663/what-are-bugs-in-cybersecurity-understanding-the-basics-84f2f9ef7304?source=rss------bug_bounty-5Muhammad Shoaib Jamalbugs, cybersecurity, vulnerability, bug-bounty, bug-bounty-tips24-Sep-2024
Price Tampering | Buying course at ₹1!https://medium.com/@anchalrajawat009/price-tampering-buying-course-at-1-09759112e9a4?source=rss------bug_bounty-5Aanchal Singh Rajawatbug-bounty, business-logic-flaw, hacking24-Sep-2024
$1500-P1-Business logic/Failed Defense Vulnerabilityhttps://itsravikiran25.medium.com/1500-p1-business-logic-failed-defense-vulnerability-0b1915aca994?source=rss------bug_bounty-5ravikiraNinfosec, cybersecurity, bug-bounty, hacking, bugbounty-tips24-Sep-2024
Panduan Bagi Pemula untuk Memasuki Dunia Bug Bountyhttps://medium.com/@mrp.bpp/panduan-bagi-pemula-untuk-memasuki-dunia-bug-bounty-bba812d0f680?source=rss------bug_bounty-5Mada Perdhanabug-bounty-writeup, bug-bounty, bug-bounty-tips, bug-bounty-hunter, panduan-pemula24-Sep-2024
Going Crazy with Farming VDPs: Extplorer Admin Panel Bypass & Remote Code Execution (RCE)https://infosecwriteups.com/going-crazy-with-farming-vdps-extplorer-admin-panel-bypass-remote-code-execution-rce-ed6ae27bbce9?source=rss------bug_bounty-5YoungVandainfosec, technology, cybersecurity, hacking, bug-bounty24-Sep-2024
Unlock the Hidden Doors of the Android World: Legendary Recon Tools for Bug Bounty!https://medium.com/@rootspaghetti/unlock-the-hidden-doors-of-the-android-world-legendary-recon-tools-for-bug-bounty-9065e3aa6268?source=rss------bug_bounty-5Root@Spaghettibug-bounty, bug-bounty-tips24-Sep-2024
An IDOR leads to leak users detailshttps://medium.com/@mohameddiv77/an-idor-leads-to-leak-users-details-b54a2280e0f9?source=rss------bug_bounty-5Mohamed Ibrahimbug-bounty-tips, bug-bounty24-Sep-2024
diffrent types of burpsuite extenstions for bughuntinghttps://medium.com/@loyalonlytoday/diffrent-types-of-burpsuite-extenstions-for-bughunting-d411b3d002e1?source=rss------bug_bounty-5loyalonlytodayhacking, bugs, bug-bounty-tips, bug-bounty, burpsuite24-Sep-2024
Reflected XSS with some SVG markup allowedhttps://medium.com/@codingbolt.in/reflected-xss-with-some-svg-markup-allowed-e7aafbf02378?source=rss------bug_bounty-5codingboltxss-attack, xss-vulnerability, ethical-hacking, bug-bounty, cybersecurity24-Sep-2024
Reflected XSS into HTML context with most tags and attributes blockedhttps://medium.com/@codingbolt.in/reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-0bb80ac37064?source=rss------bug_bounty-5codingboltbug-bounty, xss-attack, bug-bounty-tips, xss-vulnerability, bug-bounty-writeup24-Sep-2024
$1500-P1-Business logic/Failed Defense Vulnerabilityhttps://itsravikiran25.medium.com/1500-p1-business-logic-failed-defense-vulnerability-0b1915aca994?source=rss------bug_bounty-5r@v!k!r@ncybersecurity, bug-bounty, hacking, infosec-write-ups, bugbounty-tips24-Sep-2024
Mendapatkan Akses SMTP Melalui Celah SQL Injectionhttps://rdnzx.medium.com/mendapatkan-akses-smtp-melalui-celah-sql-injection-f6d593fcad5e?source=rss------bug_bounty-5Radian IDcybersecurity, bug-bounty, sql-injection, bug-bounty-writeup, bug-bounty-tips24-Sep-2024
You Won’t Find Any Vulnerabilities Without This Technique: Get Your First Bug Bountyhttps://medium.com/@shaikhminhaz1975/you-wont-find-any-vulnerabilities-without-this-technique-get-your-first-bug-bounty-dee2af93e607?source=rss------bug_bounty-5Shaikh Minhazcybersecurity, red-team, penetration-testing, vulnerability, bug-bounty23-Sep-2024
Master the subdomain hunting Part 2https://infosecwriteups.com/master-the-subdomain-hunting-part-2-dea0ee035019?source=rss------bug_bounty-5ʏᴀꜱʜʜ2fa, subdomain, bug-bounty-tips, bugs, bug-bounty23-Sep-2024
Automate Bug Hunting With This Toolhttps://medium.com/@josuofficial327/automate-bug-hunting-with-this-tool-68dfbbaaa0b1?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binucybersecurity, info-sec-writeups, ethical-hacking, bug-bounty, bug-bounty-hunter23-Sep-2024
From Developer to Hacker: Breaking into GraphQLhttps://medium.com/@jonathanmondaut/from-developer-to-hacker-breaking-into-graphql-6083c80b4588?source=rss------bug_bounty-5Jonathan Mondautbug-bounty, graphql, hacker, hacking, technology23-Sep-2024
Unlocking Bug Bounties: The Power of Port Scanninghttps://bevijaygupta.medium.com/unlocking-bug-bounties-the-power-of-port-scanning-ebca71c898a7?source=rss------bug_bounty-5Vijay Guptaport-scanning, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bugs23-Sep-2024
Best Platforms to Learn for Becoming a Pentester or Bug Bounty Hunterhttps://rendiero.medium.com/best-platforms-to-learn-for-becoming-a-pentester-or-bug-bounty-hunter-6c6aa8cbdd64?source=rss------bug_bounty-5Rendierobug-bounty, penetration-testing, hacker, learning, resources23-Sep-2024
RXSS with My Approachhttps://medium.com/@nomad8061/rxss-with-my-approach-c9a989d3ba0b?source=rss------bug_bounty-5Ahmed Badrybug-bounty-tips, bug-bounty-writeup, bug-zero, bugs, bug-bounty23-Sep-2024
From CORS Misconfiguration to Account Takeoverhttps://medium.com/@majix_de/from-cors-misconfiguration-to-account-takeover-1231f263a90e?source=rss------bug_bounty-5Majixbug-bounty-tips, bug-bounty, hacking, penetration-testing, programming23-Sep-2024
Unauthenticated API Endpoint to Create Support Ticket Worth $500https://vijetareigns.medium.com/unauthenticated-api-endpoint-to-create-support-ticket-worth-500-789e91ad9a00?source=rss------bug_bounty-5the_unlucky_guybug-bounty, cybersecurity, bug-bounty-tips, bugbounty-writeup, bug-bounty-writeup23-Sep-2024
DOM XSS using Web Messages and a JavaScript URLhttps://medium.com/@rcxsecurity/dom-xss-using-web-messages-and-a-javascript-url-dcced7fa4195?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafeinformation-technology, information-security, cybersecurity, penetration-testing, bug-bounty23-Sep-2024
Uncovering a Stored XSS Vulnerability on Drugs.comhttps://medium.com/@regan_temudo/uncovering-a-stored-xss-vulnerability-on-drugs-com-1748ccbecc16?source=rss------bug_bounty-5Regan Temudocross-site-scripting, bug-bounty, xx, cybersecurity, stored-xxs23-Sep-2024
How to Guide to SQL Injection Testing: Manual Testing Techniques and SQLMap Usagehttps://medium.com/@mustafa_kamal/how-to-guide-to-sql-injection-testing-manual-testing-techniques-and-sqlmap-usage-5e45046b07bf?source=rss------bug_bounty-5Mustafa Khansql, hacking, bug-bounty, sql-injection, sqlmap23-Sep-2024
finding a easy p4https://medium.com/@loyalonlytoday/finding-a-easy-p4-08272e48f778?source=rss------bug_bounty-5loyalonlytodaybugs, penetration-testing, bug-bounty, bugbounty-writeup, bug-bounty-tips23-Sep-2024
Bypassing restrictions using special charactershttps://medium.com/@youssefmoner2022/bypassing-restrictions-using-special-characters-8f11af75d278?source=rss------bug_bounty-5Youssefmonerbug-bounty, hacking, vulnerability23-Sep-2024
Turning a Closed Bug Report into $650: The Art of Demonstrating Impact!https://hasanka-amarasinghe.medium.com/turning-a-closed-bug-report-into-650-the-art-of-demonstrating-impact-730a3df78df8?source=rss------bug_bounty-5Hasanka Amarasinghebugbounty-writeup, salesforce, bug-bounty, infosec, cybersecurity23-Sep-2024
Cross-Site-Scripting (XSS): Understanding and Mitigating Web Vulnerabilitieshttps://medium.com/@RejuKole.com/cross-site-scripting-xss-understanding-and-mitigating-web-vulnerabilities-b2b5a2c606fc?source=rss------bug_bounty-5Reju Kolebug-bounty-tips, bug-bounty, web, xss-attack, xss-vulnerability23-Sep-2024
Reflected XSS into a JavaScript string with angle brackets HTML encodedhttps://medium.com/@codingbolt.in/reflected-xss-into-a-javascript-string-with-angle-brackets-html-encoded-b9b60f4b2823?source=rss------bug_bounty-5codingboltxss-attack, bug-bounty, bugs, xss-vulnerability, bug-bounty-tips23-Sep-2024
Stored XSS into anchor href attribute with double quotes HTML-encodedhttps://medium.com/@codingbolt.in/stored-xss-into-anchor-href-attribute-with-double-quotes-html-encoded-9f384d27aa95?source=rss------bug_bounty-5codingboltbug-bounty-tips, bugs, bug-bounty, xss-attack, xss-vulnerability23-Sep-2024
750$ in 5 Minutes - XXE to LFIhttps://skramthu.medium.com/750-in-5-minutes-xxe-to-lfi-897bca9c304c?source=rss------bug_bounty-5Ramhackerone, money, security, bug-bounty, infosec23-Sep-2024
How to Guide SQL Injection: Manual Testing Techniques and SQLMap Usagehttps://medium.com/@mustafa_kamal/how-to-guide-to-sql-injection-testing-manual-testing-techniques-and-sqlmap-usage-5e45046b07bf?source=rss------bug_bounty-5Mustafa Khansql, hacking, bug-bounty, sql-injection, sqlmap23-Sep-2024
When a Session Token Isn’t Enough, A Full Account Takeover Storyhttps://medium.com/@ahmedramadan.ar16148/when-a-session-token-isnt-enough-a-full-account-takeover-story-cf99421bb1e3?source=rss------bug_bounty-5Ahmed Ramadanoauth2, oauth, penetration-testing, authentication, bug-bounty23-Sep-2024
Hacking The butler — Jenkins hacking 101https://thexssrat.medium.com/hacking-the-butler-jenkins-hacking-101-e437ed557460?source=rss------bug_bounty-5Thexssrathacks, bug-bounty, hacking, jenkins23-Sep-2024
P4 bug’s and their POC steps | Part 4https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-4-fd81b91fd368?source=rss------bug_bounty-5socalledhackerbugs, web-security, infosec, bug-bounty, cybersecurity23-Sep-2024
TECNO Security Response Center 3rd Anniversary | Safeguarding Product Security, Grateful for Our…https://medium.com/@security.tecno/tecno-security-response-center-3rd-anniversary-safeguarding-product-security-grateful-for-our-550016adce10?source=rss------bug_bounty-5TECNO Securitybirthday, security, hacking, bug-bounty22-Sep-2024
Practical Incident Response: A Step-by-Step Guidehttps://medium.com/@paritoshblogs/practical-incident-response-a-step-by-step-guide-290dadca6e2d?source=rss------bug_bounty-5Paritoshinformation-technology, incident-response, cybersecurity, bug-bounty, ai22-Sep-2024
5 unique Lesser-known methods to find vulnerabilities for bug bounty huntershttps://harish45.medium.com/5-unique-lesser-known-methods-to-find-vulnerabilities-for-bug-bounty-hunters-03799e73c153?source=rss------bug_bounty-5Harishcybersecurity, bug-bounty, bug-bounty-tips, ethical-hacking, hackerrank22-Sep-2024
Port Scanning Tactics to Boost Your Bug Bounty Successhttps://bevijaygupta.medium.com/port-scanning-tactics-to-boost-your-bug-bounty-success-5d46191fa92e?source=rss------bug_bounty-5Vijay Guptabugs, bug-bounty-tips, bug-bounty, tactics, port-scanning22-Sep-2024
How I Leveraged Open Redirect to Account Takeoverhttps://medium.com/@abdelrahman0x01/how-i-leveraged-open-redirect-to-account-takeover-b0ff213d23dc?source=rss------bug_bounty-5Abdelrahman0x01cyberattack, account-takeover, penetration-testing, cybersecurity, bug-bounty22-Sep-2024
Finding emails for this issue. Finding a easy bug to get a easy $$$https://medium.com/@loyalonlytoday/finding-emails-for-this-issue-finding-a-easy-bug-to-get-a-easy-5bc4cd00d112?source=rss------bug_bounty-5loyalonlytodaybug-bounty, penetration-testing, bugbounty-writeup, hacking, bug-bounty-tips22-Sep-2024
How i got 250 euro bountyhttps://doordiefordream.medium.com/how-i-got-250-euro-bounty-9e523fdf807d?source=rss------bug_bounty-5cybersecurity researcherbug-bounty, bugs, cybersecurity, ethical-hacking22-Sep-2024
How I Discovered an Account Takeover from a Reset Password Vulnerabilityhttps://medium.com/@bountyget/how-i-discovered-an-account-takeover-from-a-reset-password-vulnerability-aa39fe0896b5?source=rss------bug_bounty-5Dhiren Kumar Pradhancybersecurity, infosec, bug-bounty-writeup, bug-bounty-tips, bug-bounty22-Sep-2024
From Simple File Import to Full Server Exposure: The Power of SSRF Exploitationhttps://medium.com/@tusharpuri6/from-simple-file-import-to-full-server-exposure-the-power-of-ssrf-exploitation-64ee925e54dc?source=rss------bug_bounty-5Tusharpuriinfosec, bug-bounty, penetration-testing, offensive-security, application-security22-Sep-2024
5 unique Lesser-known methods to find vulnerabilities for bug bounty huntershttps://osintteam.blog/5-unique-lesser-known-methods-to-find-vulnerabilities-for-bug-bounty-hunters-03799e73c153?source=rss------bug_bounty-5Harishcybersecurity, bug-bounty, bug-bounty-tips, ethical-hacking, hackerrank22-Sep-2024
How I was decrypting the traffic and getting from low privilege user to full admin accesshttps://sadc0d3r.medium.com/how-i-was-decrypting-the-traffic-and-getting-from-low-privilege-user-to-full-admin-access-6a2f3b743ac5?source=rss------bug_bounty-5Ahmed Rabeaa Mosaa (SadC0d3r)penetration-test, penetration-testing, cybersecurity, web-attack, bug-bounty22-Sep-2024
How I Hacked Into a Nationwide University Database System Exposing Thousands of Student Recordshttps://1-day.medium.com/how-i-hacked-into-a-nationwide-university-database-system-exposing-thousands-of-student-records-65dce4e4ee23?source=rss------bug_bounty-51daybug-bounty-writeup, penetration-testing, writeup, hacking, bug-bounty22-Sep-2024
Join any project = Criticalhttps://medium.com/@etfchg18/join-any-project-critical-b3625d09876e?source=rss------bug_bounty-5iiiwaleedbug-bounty, web-security, bug-bounty-tips22-Sep-2024
Top 3 subdomain takeovershttps://infosecwriteups.com/top-3-subdomain-takeovers-ea51ecd911fd?source=rss------bug_bounty-5Hicham Almakroudiethical-hacking, hackerone, subdomain-takeover, bug-report, bug-bounty22-Sep-2024
#1 Bug Hunting: Subdomain Enumeration — Explainedhttps://infosecwriteups.com/1-bug-hunting-subdomain-enumeration-explained-389e6fcb3f62?source=rss------bug_bounty-5Om Maniyacybersecurity, enumeration, bug-bounty, programming, bug-bounty-tips21-Sep-2024
Understanding Insecure Deserializationhttps://medium.com/@kannnannmk/understanding-insecure-deserialization-faea7bc5ff5e?source=rss------bug_bounty-5Neelamegha Kannan Sbug-bounty, insecure-deserialization, bug-bounty-tips, cybersecurity, penetration-testing21-Sep-2024
Mastering Port Scanning for Bug Bounty Huntershttps://bevijaygupta.medium.com/mastering-port-scanning-for-bug-bounty-hunters-226c8d007023?source=rss------bug_bounty-5Vijay Guptaport-scanning, bug-bounty-tips, bug-bounty, bugs, port-scan21-Sep-2024
Email Injection | Unseen Threathttps://medium.com/@abolfazl.vaziri/email-injection-unseen-threat-6db7e32ab656?source=rss------bug_bounty-5Abolfazl Vaziriemail, email-attack, bug-bounty, hacking, email-injection21-Sep-2024
My First CVE: A Dream Realizedhttps://medium.com/@mAd13/my-first-cve-a-dream-realized-8bad3ede900a?source=rss------bug_bounty-5Makwana Abhikhacking, cve, cybersecurity, cve-2024-8042, bug-bounty21-Sep-2024
DOM-based XSS: Exploiting `document.write` with `location.search`https://medium.com/@codingbolt.in/dom-based-xss-exploiting-document-write-with-location-search-b5276b34b51b?source=rss------bug_bounty-5Coding Boltxss-attack, bug-bounty, xss-vulnerability, bug-hunting, bugs21-Sep-2024
Some Token Leak Can Lead to Disclose a Lot of Users’ Personal Datahttps://r0b0ts.medium.com/some-token-leak-can-lead-to-disclose-a-lot-of-users-personal-data-6b5b7748ccec?source=rss------bug_bounty-5r0b0tsbug-bounty-writeup, pentesting, bug-bounty, web-security, bug-bounty-tips21-Sep-2024
500$: Open Redirect Vulnerabilityhttps://medium.com/@a13h1/500-open-redirect-vulnerability-9cc9fd4d9b7b?source=rss------bug_bounty-5Abhi Sharmaprogramming, cybersecurity, open-redirect, infosec, bug-bounty21-Sep-2024
My First CVE: A Dream Realizedhttps://medium.com/@mAd13/my-first-cve-a-dream-realized-8bad3ede900a?source=rss------bug_bounty-5Abhik Makwanahacking, cve, cybersecurity, cve-2024-8042, bug-bounty21-Sep-2024
Simple IDOR vulnerability can lead to leak Email address of all usershttps://r0b0ts.medium.com/simple-idor-vulnerability-can-lead-to-leak-email-address-of-all-users-055ada3ba3fc?source=rss------bug_bounty-5r0b0tsbug-bounty, bug-bounty-tips, bug-bounty-writeup, web-security, pentesting21-Sep-2024
How Hackers Crack Active Directory Passwords and Exploit MFA : Are You Next?https://medium.com/@paritoshblogs/how-hackers-crack-active-directory-passwords-and-exploit-mfa-are-you-next-11cfdd0feb20?source=rss------bug_bounty-5Paritoshchatgpt, active-directory, hacking, bug-bounty, cybersecurity21-Sep-2024
Welcome to My Cybersecurity Journeyhttps://medium.com/@mrutunjayasenapati0/welcome-to-my-cybersecurity-journey-e795aebd096d?source=rss------bug_bounty-5Mrutunjaya Senapatiethical-hacking, bugs, bug-bounty, bug-bounty-tips, cybersecurity21-Sep-2024
DOM-based XSS: Exploiting `document.write` with `location.search`https://medium.com/@codingbolt.in/dom-based-xss-exploiting-document-write-with-location-search-b5276b34b51b?source=rss------bug_bounty-5codingboltxss-attack, bug-bounty, xss-vulnerability, bug-hunting, bugs21-Sep-2024
Reflected XSS into Attribute with HTML-Encodedhttps://medium.com/@codingbolt.in/reflected-xss-into-attribute-with-html-encoded-ffe97e2c1439?source=rss------bug_bounty-5codingboltbugs, xss-vulnerability, xss-attack, bug-bounty, cybersecurity21-Sep-2024
Taking ffuf Fuzzing Furtherhttps://medium.com/@learntheshell/taking-ffuf-fuzzing-further-016be44d0b07?source=rss------bug_bounty-5LearnTheShellbug-bounty, hacking, ffuf, bug-bounty-tips, fuzzing21-Sep-2024
Finding a easy Bughttps://medium.com/@loyalonlytoday/finding-a-easy-bug-caed2e199b1d?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, hacking, bug-bounty, bug-bounty-tips, bugbounty-writeup21-Sep-2024
DOM XSS in jQuery: The Danger of `href` Attribute with `location.search` Sourcehttps://medium.com/@codingbolt.in/dom-xss-in-jquery-the-danger-of-href-attribute-with-location-search-source-b2d883cbec59?source=rss------bug_bounty-5codingboltbug-hunting, bug-bounty, xss-attack, bug-bounty-tips, bugs21-Sep-2024
DOM-based XSS: The Case of `innerHTML` and `location.search`https://medium.com/@codingbolt.in/dom-based-xss-the-case-of-innerhtml-and-location-search-373c47866c56?source=rss------bug_bounty-5codingboltbug-bounty, bug-bounty-writeup, xss-vulnerability, xss-attack, bug-bounty-tips21-Sep-2024
Accessing full history of Firepad users.https://medium.com/@adityaahuja.work/accessing-full-history-of-firepad-users-ddc889e73936?source=rss------bug_bounty-5Aditya Ahujaowasp-top-10, cybersecurity, bug-bounty, information-disclosure, cyber-awareness21-Sep-2024
test:test type of bughttps://medium.com/@bxrowski0x/test-test-type-of-bug-cfb352d9bf85?source=rss------bug_bounty-5Omar ElSayedbug-bounty, cybersecurity, keycloak, bug-bounty-writeup, bug-bounty-tips21-Sep-2024
XSS via Cookie Injection: A Deep Dive into the Discoveryhttps://medium.com/@ayushkr99732/xss-via-cookie-injection-a-deep-dive-into-the-discovery-9ef70e22eceb?source=rss------bug_bounty-5Ayushkrpentesting, cross-site-scripting, bug-bounty, cookie-injection21-Sep-2024
Persistent XSS via Cookie Injection: A Deep Dive into the Discoveryhttps://medium.com/@ayushkr99732/xss-via-cookie-injection-a-deep-dive-into-the-discovery-9ef70e22eceb?source=rss------bug_bounty-5Ayushkrpentesting, cross-site-scripting, bug-bounty, cookie-injection21-Sep-2024
Safety above all else! MoreLogin joins Bugrap Bug Bounty Platformhttps://medium.com/@moreloginbrowser/safety-above-all-else-morelogin-joins-bugrap-bug-bounty-platform-b92a99d7e4d7?source=rss------bug_bounty-5MoreLogin Browsersecurity, bug-bounty, antidetect-browser, white-hat-hacker, cybersecurity20-Sep-2024
Common Job Roles in Cyber Securityhttps://medium.com/@RaunakGupta1922/common-job-roles-in-cyber-security-e792d367af67?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitcyber-security-awareness, bug-bounty, diversity, jobs, hacking20-Sep-2024
A Perfect Story Which help to Understand Bug Bountyhttps://medium.com/@Butcher_hell/a-perfect-story-which-help-to-understand-bug-bounty-c0a699239629?source=rss------bug_bounty-5W H I Z H A W Kcybersecurity, storytelling, hacking, bug-bounty, technology20-Sep-2024
How to Learn and Participate in Bug Bountieshttps://rendiero.medium.com/how-to-learn-and-participate-in-bug-bounties-1a2e71dd190b?source=rss------bug_bounty-5Rendierocybersecurity, beginners-guide, learning, bug-bounty, hacking20-Sep-2024
Bypassing Rate Limits: All Known Techniqueshttps://medium.com/@raxomara/bypassing-rate-limits-all-known-techniques-25891bb5ca59?source=rss------bug_bounty-5Raxomararate-limit-bypass, bug-bounty-tips, security-research, cybersecurity, bug-bounty20-Sep-2024
Finding a easy p4https://medium.com/@loyalonlytoday/finding-a-easy-p4-e32c47c8b54a?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bugs20-Sep-2024
The Ultimate Guide to Forgot Password Test Cases ‍https://medium.com/@chinmaya_ramana/the-ultimate-guide-to-forgot-password-test-cases-059e483fdc40?source=rss------bug_bounty-5Chinmaya Ramanasecurity, hacking, bug-bounty, web-application-security, application-security20-Sep-2024
Clickjacking Vulnerability to trigger Reflacted XSShttps://medium.com/@g52238317/clickjacking-vulnerability-to-trigger-reflacted-xss-9029cc5fd676?source=rss------bug_bounty-5Abdelrhman Yassercybersecurity, clickjacking, xss-attack, bug-bounty20-Sep-2024
Bypassing Date Restrictions in an Educational Platform: A Logic Flaw Exploithttps://medium.com/@ahmed_ashraf/bypassing-date-restrictions-in-an-educational-platform-a-logic-flaw-exploit-fdd3d0e3a1cb?source=rss------bug_bounty-5Ahmedashrafbusiness-logic-flaw, privilege-escalation, cybersecurity, bug-bounty, penetration-testing20-Sep-2024
Bug Bounty Dark Reality: The Hidden Truth of Successful Bug Huntinghttps://medium.com/@yashpawar1199/bug-bounty-dark-reality-the-hidden-truth-of-successful-bug-hunting-0b9ed547802d?source=rss------bug_bounty-5Yash Pawar @HackersParadisebug-bounty-dark-reality, bug-bounty, howu-hnters-find-bugs, bounty-efforts-fail, successful-bug-hunting20-Sep-2024
Unlocking Restricted Features: A Vulnerability Analysis of Organization’s Role Managementhttps://0xmatrix.medium.com/unlocking-restricted-features-a-vulnerability-analysis-of-organizations-role-management-aa6a4f7bd0d3?source=rss------bug_bounty-5Mo2men Elmadyhacking, penetration-testing, bug-bounty-tips, bug-bounty, cybersecurity20-Sep-2024
Exploiting GraphQL API Suggestionshttps://nir-choubey-2011.medium.com/exploiting-graphql-api-suggestions-7695e5b8c3ef?source=rss------bug_bounty-5niraj choubeyapi-security, bug-bounty, security, graphql-security20-Sep-2024
Safety above all else! MoreLogin joins Bugrap Bug Bounty Platformhttps://medium.com/@moreloginbrowser/safety-above-all-else-morelogin-joins-bugrap-bug-bounty-platform-cdc178fd6e7e?source=rss------bug_bounty-5MoreLogin Browserbug-bounty, cybersecurity, morelogin, antidetect-browser, security19-Sep-2024
Best Bug Bounty and Pentesting Methodology for Beginners: A Step-by-Step Guidehttps://bevijaygupta.medium.com/best-bug-bounty-and-pentesting-methodology-for-beginners-a-step-by-step-guide-a68170d3acc8?source=rss------bug_bounty-5Vijay Guptabugs, penetration-testing, bug-bounty, bug-bounty-tips, pentesting19-Sep-2024
How to get shodan membership upgrade for freehttps://medium.com/@hichamalmakroudi/how-to-get-shodan-membership-upgrade-for-free-4f21122d2d73?source=rss------bug_bounty-5Hicham Almakroudishodan, hacking-tools, ethical-hacking, bug-bounty, free19-Sep-2024
Nikto A Powerful Web Server Scanner for Vulnerability Assessmenthttps://medium.com/@yashpawar1199/nikto-a-powerful-web-server-scanner-for-vulnerability-assessment-1bd257204f41?source=rss------bug_bounty-5Yash Pawar @HackersParadisebug-bounty, hacking, penetration-testing, cybersecurity, nikto19-Sep-2024
How a 403 bypass got me a bountyhttps://medium.com/@ehsameer/how-a-403-bypass-got-me-a-bounty-7b2d58c0fd88?source=rss------bug_bounty-5ehsameerbug-bounty-tips, bugbounty-writeup, bug-bounty, hackerone19-Sep-2024
How Hackers Trick You Into Actions You Never Meant to Do !https://medium.com/@yassentaalab51/how-hackers-trick-you-into-actions-you-never-meant-to-do-c0993c8f1bbe?source=rss------bug_bounty-5Yassen Taalabowasp, penetration-testing, bug-bounty, cybersecurity, clickjacking19-Sep-2024
How to install Bug Bounty Hunting Tools on Linux and Windows by using Golang(Go)[ProjectDiscovery]https://medium.com/@abdulrahman.muhammad.qarni52/getting-started-with-projectdiscovery-tools-on-linux-and-windows-70e644f1198c?source=rss------bug_bounty-5OxLegacy52hacking, tools-for-hacking, bug-bounty-writeup, bug-bounty-tips, bug-bounty19-Sep-2024
Finding a easy bug to get a easy $$$https://medium.com/@loyalonlytoday/finding-a-easy-bug-to-get-a-easy-f008b2b25f73?source=rss------bug_bounty-5loyalonlytodayhacking, bug-bounty-tips, penetration-testing, bugbounty-writeup, bug-bounty19-Sep-2024
Primary Hacking School #2 After Installing Kalihttps://medium.com/@nnface/primary-hacking-school-2-after-installing-kali-6a226c68e7de?source=rss------bug_bounty-5NnFacekali-linux, linux, bug-bounty, cybersecurity, hacking19-Sep-2024
Understanding File Permissions and Ownershiphttps://cyberw1ng.medium.com/understanding-file-permissions-and-ownership-d73c07f373e2?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, technology, bug-bounty, careers, cybersecurity19-Sep-2024
How I hacked multiple Indian universities (AGAIN).https://medium.com/@alimuhammadsecured/how-i-hacked-multiple-indian-universities-again-d1b9c2a0e01d?source=rss------bug_bounty-5Alimuhammadsecuredctf, cybersecurity, hacking, bug-bounty, malware19-Sep-2024
How Hackers Trick You Into Actions You Never Meant to Do !https://medium.com/@yassentaalab51/how-hackers-trick-you-into-actions-you-never-meant-to-do-c0993c8f1bbe?source=rss------bug_bounty-5Killuaowasp, penetration-testing, bug-bounty, cybersecurity, clickjacking19-Sep-2024
Understanding File Permissions and Ownershiphttps://systemweakness.com/understanding-file-permissions-and-ownership-d73c07f373e2?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, technology, bug-bounty, careers, cybersecurity19-Sep-2024
[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node packagehttps://medium.com/@p0lyxena/2-500-bug-bounty-write-up-remote-code-execution-rce-via-unclaimed-node-package-6b9108d10643?source=rss------bug_bounty-5Fuleki Ioanbugcrowd, bug-bounty, writeup, cybersecurity, remote-code-execution18-Sep-2024
Write up : Business Logic Flaw in Payment Discount Calculation Allows Excessive Discount…https://medium.com/@jakboubmostefa/write-up-business-logic-flaw-in-payment-discount-calculation-allows-excessive-discount-19d567f5da18?source=rss------bug_bounty-5Mostefa Jakboubvulnerability, bug-bounty, cybersecurity18-Sep-2024
10 Essential Browser Extensions for Bug Bounty Huntershttps://medium.com/@firdansp/10-essential-browser-extensions-for-bug-bounty-hunters-f17f8b001bcc?source=rss------bug_bounty-50verRidabug-bounty-tips, writeup, bug-hunting, extension, bug-bounty18-Sep-2024
How to Perform a Cybersecurity Risk Assessment: The Simple Guidehttps://medium.com/@paritoshblogs/how-to-perform-a-cybersecurity-risk-assessment-the-simple-guide-b37d1b986682?source=rss------bug_bounty-5Paritoshbug-bounty, risk, hacking, chatgpt, cybersecurity18-Sep-2024
Leveling Up the Wrong Way: Exploiting API Vulnerabilities in Game Progressionhttps://aminudin.medium.com/leveling-up-the-wrong-way-exploiting-api-vulnerabilities-in-game-progression-19f883f48da8?source=rss------bug_bounty-5Aminudinhacker, bug-bounty, bug-bounty-tips18-Sep-2024
Scanning ip’s got from virustotalhttps://medium.com/@loyalonlytoday/scanning-ips-got-from-virustotal-7baa7398ba83?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, bug-bounty, penetration-testing, hacking, bug-bounty-writeup18-Sep-2024
Mastering Cybersecurity “A Guide to Effective Learning”https://rendiero.medium.com/mastering-cybersecurity-a-guide-to-effective-learning-9e32bd8c5926?source=rss------bug_bounty-5Rendierocybersecurity, bug-bounty, penetration-testing, hacking, learning18-Sep-2024
Scanning ip’s got from virustotal to find a bughttps://medium.com/@loyalonlytoday/scanning-ips-got-from-virustotal-7baa7398ba83?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, bug-bounty, penetration-testing, hacking, bug-bounty-writeup18-Sep-2024
The Reality of Cybersecurity Jobs: Why Freshers Should Focus on Defense✨ Over Hackinghttps://medium.com/@mohammedthoufeeq_25137/the-reality-of-cybersecurity-jobs-why-freshers-should-focus-on-defense-over-hacking-002cd641a453?source=rss------bug_bounty-5Mohamed Thoufeeqcybersecurity, hacking, cyberattack, programming, bug-bounty18-Sep-2024
😞The Reality of Cybersecurity Jobs: Why Freshers Should Focus on Defense✨ Over Hacking 😎https://medium.com/@shari7a0x/protect-your-account-zero-click-account-takeover-for-admin-support-through-password-update-d155c7966b6e?source=rss------bug_bounty-5Shari7a0xbug-bounty-tips, bug-bounty, ato, bugs18-Sep-2024
Real Bug Bounty & Penetration Testing on Live Websites: Step-by-Step Guide (Part 2)https://medium.com/@shaikhminhaz1975/real-bug-bounty-penetration-testing-on-live-websites-step-by-step-guide-part-2-19ca30b17b93?source=rss------bug_bounty-5Shaikh Minhazethical-hacking, bug-bounty, cybersecurity, penetration-testing, chatgpt18-Sep-2024
How Black Hat Hackers Hack into your Telegram Groups !!!https://medium.com/@josuofficial327/how-black-hat-hackers-hack-into-your-telegram-groups-6970a93a20e1?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binupenetration-testing, ethical-hacking, bug-bounty, hacking, cybersecurity18-Sep-2024
Missing Rate Limit Vulnerability: How to Test and Identify Ithttps://medium.com/@octayus/missing-rate-limit-vulnerability-how-to-test-and-identify-it-2f3937e903e6?source=rss------bug_bounty-5OctaYuscybersecurity, infosec, hacking, bug-bounty, twitter18-Sep-2024
How I Utilized AI to Discover an Amazon S3 Bucket Takeover Vulnerability in Red Bull’s Bug Bounty…https://medium.com/@mohamedsaqibc/how-i-utilized-ai-to-discover-an-amazon-s3-bucket-takeover-vulnerability-in-red-bulls-bug-bounty-503d3c4d995f?source=rss------bug_bounty-5Mohamed Saqib Chacking, artificial-intelligence, cybersecurity, bug-bounty18-Sep-2024
Hunting APIs for Bounties: How to Hack and Win Big in Bug Bounties!https://medium.com/@rootspaghetti/hunting-apis-for-bounties-how-to-hack-and-win-big-in-bug-bounties-942d0f4e0885?source=rss------bug_bounty-5Root@Spaghettihacking, bug-bounty, bug-bounty-tips18-Sep-2024
P4 bug’s and their POC steps | Part 3https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-3-298087630cac?source=rss------bug_bounty-5socalledhackerweb, web-security, p4-bugs, bug-bounty, vulnerability18-Sep-2024
Live Bug Bounty Walkthrough: How to Hunt & Report Bugs Effectively (Part 2)https://medium.com/cyberscribers-exploring-cybersecurity/real-bug-bounty-penetration-testing-on-live-websites-step-by-step-guide-part-2-19ca30b17b93?source=rss------bug_bounty-5Shaikh Minhazethical-hacking, bug-bounty, cybersecurity, penetration-testing, chatgpt18-Sep-2024
Using Application Functionality to Exploit Insecure Deserializationhttps://medium.com/@rcxsecurity/using-application-functionality-to-exploit-insecure-deserialization-b4e7c6abdae1?source=rss------bug_bounty-5Ryan G. Cox - The Cybersec Cafeinformation-security, penetration-testing, bug-bounty, information-technology, cybersecurity17-Sep-2024
First-Time Penetration Testing: How to Uncovered Critical Flaws at a Company (Interactive Guide)https://medium.com/@paritoshblogs/first-time-penetration-testing-how-to-uncovered-critical-flaws-at-a-company-interactive-guide-4275f79c02ce?source=rss------bug_bounty-5Paritoshhacking, bug-bounty, ai, penetration-testing, cybersecurity17-Sep-2024
From GitHub Recon to Hotstar Admin Access: A Deep Dive into Security Flawshttps://infosecwriteups.com/from-github-recon-to-hotstar-admin-access-a-deep-dive-into-security-flaws-2e4ae0ec937e?source=rss------bug_bounty-5Vishal Vishwakarmahacking, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-writeup17-Sep-2024
“ part 2 Beginner’s Bug Bounty Methodology: A Journey from Writeups to Real-World Application”https://medium.com/@mahdisalhi0500/part-2-beginners-bug-bounty-methodology-a-journey-from-writeups-to-real-world-application-5d62f79e039f?source=rss------bug_bounty-5CaptinSHArky(Mahdi)cybersecurity, bug-bounty-tips, bug-bounty, ethical-hacking, infose17-Sep-2024
How To Find Clickjacking Easily…https://medium.com/@josuofficial327/how-to-find-clickjacking-under-a-minute-751089be3f74?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binupenetration-testing, bug-bounty, cybersecurity, info-sec-writeups, bug-bounty-tips17-Sep-2024
#5. Bug Bounty Series: $$$ by AWS S3 Bucket misconfigurationshttps://cyb3rmind.medium.com/5-bug-bounty-series-by-aws-s3-bucket-misconfigurations-fb645057d03e?source=rss------bug_bounty-5Cyb3r M!ndspenetration-testing, takeovers, bug-bounty, subdomain-takeover, s3-bucket17-Sep-2024
How I got my first $$$ bounty?https://medium.com/@yashsomalkar/how-i-got-my-first-bounty-098d75ae650d?source=rss------bug_bounty-5Rudrakshackerbug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips, idor-vulnerability17-Sep-2024
Platforms and vulnerable webapps for practing and learning webpentestinghttps://medium.com/@loyalonlytoday/platforms-and-vulnerable-webapps-for-practing-and-learning-webpentesting-b76df42e3ec4?source=rss------bug_bounty-5loyalonlytodaybug-bounty, penetration-testing, hacking, bugbounty-writeup, web-penetration-testing17-Sep-2024
Direct Volume Access Attackhttps://medium.com/@reemmoslem34/direct-volume-access-attack-dfbb2d73e406?source=rss------bug_bounty-5Rem Khalidbug-bounty, cryptocurrency, malware, hacking, cybersecurity17-Sep-2024
Dll Side Loading Attackhttps://medium.com/@reemmoslem34/dll-side-loading-attack-80ea716fd588?source=rss------bug_bounty-5Rem Khalidpython, malware, cybersecurity, hacking, bug-bounty17-Sep-2024
A bypass on GitLab’s Login Email Verification via OAuth ROPC flow.https://cybxis.medium.com/a-bypass-on-gitlabs-login-email-verification-via-oauth-ropc-flow-e194242cad96?source=rss------bug_bounty-5cybxishackerone, gitlab, oauth2, bug-bounty17-Sep-2024
Type of Cyber Securityhttps://medium.com/@RaunakGupta1922/type-of-cyber-security-c43047a34fe7?source=rss------bug_bounty-5Raunak Gupta Aka Biscuithacking, bug-bounty, social-media, cybersecurity, basics16-Sep-2024
Menguasai Reconnaissance: Metode lengkap untuk mengumpulkan informasihttps://hack4funacademy.medium.com/menguasai-reconnaissance-metode-lengkap-untuk-mengumpulkan-informasi-acdeba7dc054?source=rss------bug_bounty-5Hack4Fun Academyprogramming, bug-bounty, hacking, cybersecurity, networking16-Sep-2024
How to Set Up Proxychains in Kali Linuxhttps://medium.com/@vignesh6872610/how-to-set-up-proxychains-in-kali-linux-ddd44c3502af?source=rss------bug_bounty-5Vignesh Pbug-bounty, bug-bounty-writeup, proxychains, linux-tutorial, bug-bounty-tips16-Sep-2024
Three Months of Full-Time Bug Bounty Hunting as a Newbie in 2024https://medium.com/@nchaitreddyutilities/three-months-of-full-time-bug-bounty-hunting-as-a-newbie-in-2024-a941977b61f1?source=rss------bug_bounty-5Chaitanya Reddybug-bounty-tips, cybersecurity, bug-bounty, writeup16-Sep-2024
WhatsApp View Once Privacy Issue Initial Fix Assessment: The Good, the Bad and The Uglyhttps://medium.com/@TalBeerySec/whatsapp-view-once-privacy-issue-initial-fix-assessment-the-good-the-bad-and-the-ugly-be97ec1cc2e5?source=rss------bug_bounty-5Tal Be'erysecurity, web-development, bug-bounty, privacy, whatsapp16-Sep-2024
Guide to Finding and Exploiting Web Cache Poisoninghttps://systemweakness.com/guide-to-finding-and-exploiting-web-cache-poisoning-f32d0962d28d?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, careers, technology, bug-bounty16-Sep-2024
The Curious Case Of MutantBedrog’s Trusted-Types CSP Bypasshttps://blog.confiant.com/the-curious-case-of-mutantbedrogs-trusted-types-csp-bypass-950b19a38b4f?source=rss------bug_bounty-5Eliya Steinbug-bounty, malvertising, hacking, cybersecurity, threat-intelligence16-Sep-2024
How I Found Live Traffic Exposure on a Public Server: One of my interesting findingshttps://medium.com/@josuofficial327/how-i-found-live-traffic-exposure-on-a-public-server-one-of-my-interesting-findings-0ecde16813a8?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binubug-bounty, cybersecurity, penetration-testing, bugbounty-writeup, bug-bounty-hunter16-Sep-2024
Using Full potential of Virustotal for Bugbountyhttps://medium.com/@loyalonlytoday/using-full-potential-of-virustotal-for-bugbounty-8d80221ab2e4?source=rss------bug_bounty-5loyalonlytodaybugbounty-tips, penetration-testing, hacking, bug-bounty, bugbounty-writeup16-Sep-2024
How i accidently found a server side template injectionhttps://medium.com/@malikirtizameg/how-i-accidently-found-a-server-side-template-injection-f5e7aec0b64d?source=rss------bug_bounty-5Insbat Arshadcybersecurity, bug-bounty, programming, devops, python16-Sep-2024
CloudSek CTF 2024 Writeuphttps://naumankh4n.medium.com/cloudsek-ctf-aug-2024-writeup-6b4409675f88?source=rss------bug_bounty-5Nauman Khanhacking, bug-bounty, ctf, penetration-testing, ctf-writeup16-Sep-2024
Subdomain takeover amazon S3https://medium.com/@hichamalmakroudi/subdomain-takeover-amazon-s3-21de0af8a1d3?source=rss------bug_bounty-5Hicham Almakroudibug-bounty, aws, hacking, s3, subdomain-takeover16-Sep-2024
How To Get Easy critical 0 click account takeover on public bug bounty program at hackerone !https://medium.com/@kaforybory/how-to-get-easy-critical-0-click-account-takeover-on-public-bug-bounty-program-at-hackerone-8b1859cc7738?source=rss------bug_bounty-5Hassan Makkiinfosec, bug-bounty-tips, cybersecurity, bug-bounty, bug-hunting16-Sep-2024
Structure your recon files before they structure youhttps://medium.com/@paractmol/structure-your-recon-files-before-they-structure-you-ba3509a182f0?source=rss------bug_bounty-5paractmolgolang, recon, tools, bug-bounty, automation-tools16-Sep-2024
How to Kick Off Your Journey into Bug Hunting: A Beginner's Guidehttps://medium.com/@justluke5691/how-to-kick-off-your-journey-into-bug-hunting-a-beginners-guide-eb5a551f4edb?source=rss------bug_bounty-5K. Niraj Chandra Singhabug-bounty, technology, cybersecurity16-Sep-2024
very easy and helpfull for new hunters, how i accidently found a server side template injectionhttps://medium.com/@malikirtizameg/how-i-accidently-found-a-server-side-template-injection-f5e7aec0b64d?source=rss------bug_bounty-5Insbat Arshadcybersecurity, bug-bounty, programming, devops, python16-Sep-2024
Structure your recon files before they become unstructuredhttps://medium.com/@paractmol/structure-your-recon-files-before-they-structure-you-ba3509a182f0?source=rss------bug_bounty-5paractmolgolang, recon, tools, bug-bounty, automation-tools16-Sep-2024
#3 HOW TO FIND OPEN REDIRECT EASILY ???https://medium.com/@josuofficial327/3-how-to-find-open-redirect-easily-fd8a7ea6e12b?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuthreat-intelligence, bug-bounty, bug-bounty-tips, threat-hunting, cybersecurity15-Sep-2024
Subdomain Takeovers for Beginnershttps://medium.com/@hichamalmakroudi/subdomain-takeovers-for-beginners-a51ed74db543?source=rss------bug_bounty-5Hicham Almakroudisubdomain-takeover, bug-bounty, bug-bounty-tips, ethical-hacking, hacking15-Sep-2024
XSS — Cross Site Scriptinghttps://medium.com/@codingboltacademy/xss-cross-site-scripting-65e1981817df?source=rss------bug_bounty-5Coding Bolt Academyxss-vulnerability, xss-attack, bug-bounty, cross-site-scripting, ethical-hacking15-Sep-2024
IDOR — Broken Access Controlhttps://medium.com/@codingboltacademy/idor-broken-access-control-efeb6698919f?source=rss------bug_bounty-5Coding Bolt Academyethical-hacking, penetration-testing, cybersecurity, bug-bounty, idor15-Sep-2024
How i got 100$ bountyhttps://medium.com/@mukkumukku110/how-i-got-100-bounty-b3dd58e82e00?source=rss------bug_bounty-5bughunterbug-bounty, bugs, bug-bounty-writeup, bug-bounty-tips15-Sep-2024
Hunting for Corporate Accounts: Exploiting IDOR and Parameter Pollution in Web Applicationshttps://medium.com/@tusharpuri6/hunting-for-corporate-accounts-exploiting-idor-and-parameter-pollution-in-web-applications-1792294e0c48?source=rss------bug_bounty-5Tusharpuribug-bounty, application-security, penetration-testing, offensive-security, infosec15-Sep-2024
Live Bug Bounty & Penetration Testing on Real Websites: Step-by-Step Guide (Part 1)https://medium.com/@shaikhminhaz1975/live-bug-bounty-penetration-testing-on-real-websites-step-by-step-guide-part-1-971ccc9b9587?source=rss------bug_bounty-5Shaikh Minhazbug-bounty, bug-bounty-tips, penetration-testing, cybersecurity, information-gathering15-Sep-2024
SQL Injetionhttps://medium.com/@adhikarisudip869/sql-injetion-f6f5f4291cbc?source=rss------bug_bounty-5Sudip Adhikarisql, sql-injection, bug-bounty15-Sep-2024
How to Find IDOR Vulnerabilities: A Guide for Bug Bounty Hunters and Developershttps://cyberw1ng.medium.com/how-to-find-idor-vulnerabilities-a-guide-for-bug-bounty-hunters-and-developers-3d2ba2a766f5?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, cybersecurity, technology, careers15-Sep-2024
BugBounty platforms Listhttps://medium.com/@loyalonlytoday/bugbounty-platforms-list-ed3a5af3a8a2?source=rss------bug_bounty-5loyalonlytodaybugbounty-writeup, bug-bounty-tips, hacking, bug-bounty, penetration-testing15-Sep-2024
Automating the CORS Vulnerability Scanhttps://angixblack.medium.com/automating-the-cors-vulnerability-scan-66d57752cc36?source=rss------bug_bounty-5Angix blackcors, infosec, pentesting, bug-bounty, corsan15-Sep-2024
A very easy bug anyone can findhttps://medium.com/@malikirtizameg/a-very-easy-bug-anyone-can-find-8d2b11a768c7?source=rss------bug_bounty-5Insbat Arshadprogramming, cybersecurity, bug-bounty, software-engineering, devops15-Sep-2024
How to Find IDOR Vulnerabilities: A Guide for Bug Bounty Hunters and Developershttps://systemweakness.com/how-to-find-idor-vulnerabilities-a-guide-for-bug-bounty-hunters-and-developers-3d2ba2a766f5?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, cybersecurity, technology, careers15-Sep-2024
Mastering WordPress Pentesting: The Ultimate Resource Guidehttps://medium.com/@RaunakGupta1922/mastering-wordpress-pentesting-the-ultimate-resource-guide-423bc1e1ddef?source=rss------bug_bounty-5Raunak Gupta Aka Biscuithacking, cybersecurity, wordpress, bug-bounty, wordpress-plugins14-Sep-2024
Telnet Takedown: The Port 23 Exploit on Metasploitable 2, Part IIIhttps://medium.com/@thefellowhacker/telnet-takedown-the-port-23-exploit-on-metasploitable-2-part-iii-a10a6e15b468?source=rss------bug_bounty-5Taahir Mujawarrcybersecurity, bug-bounty, metasploitable, hacking, penetration-testing14-Sep-2024
Open Redirect via Image Uploadhttps://medium.com/@osamamohamed21212121/open-redirect-via-image-upload-bf6f87f8d447?source=rss------bug_bounty-5Osamamohamedbug-bounty-tips, bug-bounty, bugs, bug-zero, bug-bounty-writeup14-Sep-2024
SSRF Via Image Uploadhttps://medium.com/@osamamohamed21212121/ssrf-via-image-upload-f046e2d0e692?source=rss------bug_bounty-5Osamamohamedbug-bounty, bug-zero, bug-bounty-writeup, bugs, bug-bounty-tips14-Sep-2024
Critical Data Breach Exposed: A Deep Dive into a Government Agency’s Security Flawhttps://medium.com/@contact.adnanks/critical-data-breach-exposed-a-deep-dive-into-a-government-agencys-security-flaw-3c4a9b431de6?source=rss------bug_bounty-5Adnan K Sbug-bounty-tips, security, cybersecurity, bug-bounty-writeup, bug-bounty14-Sep-2024
Unlocking Admin Privileges: How I Exploited an IDOR Vulnerabilityhttps://medium.com/@cybsersec/unlocking-admin-privileges-how-i-exploited-an-idor-vulnerability-6829b595889a?source=rss------bug_bounty-5Cybserseccybersecurity, security-research, bug-bounty14-Sep-2024
Unlocking Admin Privileges: How I Exploited an IDOR Vulnerabilityhttps://medium.com/@Krypton09/unlocking-admin-privileges-how-i-exploited-an-idor-vulnerability-6829b595889a?source=rss------bug_bounty-5Kryptoncybersecurity, security-research, bug-bounty14-Sep-2024
How I Discovered a Major Security Flaw in Keltron’s Server Using Google Dorkinghttps://medium.com/@contact.adnanks/how-i-discovered-a-major-security-flaw-in-keltrons-server-using-google-dorking-f8bb3c784803?source=rss------bug_bounty-5Adnan K Scybersecurity, security, owncloud, bug-bounty-tips, bug-bounty14-Sep-2024
how to install kali linux on windows using wsl(windows subsystem linux)https://medium.com/@loyalonlytoday/how-to-install-kali-linux-on-windows-using-wsl-windows-subsystem-linux-92019022ac57?source=rss------bug_bounty-5loyalonlytodaybug-bounty, penetration-testing, wsl-2, hacking, wsl14-Sep-2024
fisher: Cybertalents Cybersecurity Bootcamp Cohort 8https://medium.com/@bridget4/fisher-cybertalents-cybersecurity-bootcamp-cohort-8-cfb9aa6b7a6c?source=rss------bug_bounty-5Bridgetcareers, bug-bounty, cybersecurity, learning, cyber-talents14-Sep-2024
What is Prototype Pollution?https://systemweakness.com/what-is-prototype-pollution-4e2049f68fca?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, technology, careers, hacking, cybersecurity14-Sep-2024
How I Discovered a Major Security Flaw in Keltron’s Server Using Google Dorkinghttps://medium.com/@contact.adnanks/how-i-discovered-a-major-security-flaw-in-keltrons-server-using-google-dorking-e8a8c1dae09b?source=rss------bug_bounty-5Adnan K Shacking, bug-bounty, cybersecurity, ethical-hacking, bug-bounty-tips14-Sep-2024
How I Gained Access to a Corporate CCTV Surveillance System Using Shodanhttps://medium.com/@contact.adnanks/how-i-gained-access-to-a-corporate-cctv-surveillance-system-using-shodan-daac1fa3b37a?source=rss------bug_bounty-5Adnan K Sbug-bounty, surveillance, cctv, cybersecurity, hacking14-Sep-2024
How I Discovered a Critical Vulnerability and Took Over an Organization Using Burp Suitehttps://medium.com/@contact.adnanks/how-i-discovered-a-critical-vulnerability-and-took-over-an-organization-using-burp-suite-fb2d52adc944?source=rss------bug_bounty-5Adnan K Sresearch, bug-bounty-tips, cybersecurity, bug-bounty, ethical-hacking14-Sep-2024
Critical Data Breach Exposed: A Deep Dive into a Government Agency’s Security Flaw (Part 2)https://medium.com/@contact.adnanks/critical-data-breach-exposed-a-deep-dive-into-a-government-agencys-security-flaw-part-2-ba190920e945?source=rss------bug_bounty-5Adnan K Sbug-bounty, grafana, research-reports, cybersecurity, bug-bounty-tips14-Sep-2024
Let the Hunt Begin with Nuclei: The Secret Weapon of the Bug Bounty World!https://medium.com/@rootspaghetti/let-the-hunt-begin-with-nuclei-the-secret-weapon-of-the-bug-bounty-world-9b2491d3a9cb?source=rss------bug_bounty-5Root@Spaghettibug-bounty-tips, hacking, bug-bounty14-Sep-2024
Mastering GraphQL API Pentesting: The Ultimate Resource Guidehttps://medium.com/@RaunakGupta1922/mastering-graphql-api-pentesting-the-ultimate-resource-guide-7755c08bddd2?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitvulnerability, cybersecurity, graphql, bug-bounty, hacking13-Sep-2024
Deleting a folder led to the deactivation of the company’s accounts.https://medium.com/@hossam_hamada/deleting-a-folder-led-to-the-deactivation-of-the-companys-accounts-3759b6b92927?source=rss------bug_bounty-5Hossam Hamadabug-bounty-tips, hackerone, bug-bounty, penetration-testing, bugcrowd13-Sep-2024
#2 ANOTHER EASY BUG- HTML INJECTIONhttps://medium.com/@josuofficial327/2-another-easy-bug-html-injection-0447a79b6c66?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binubug-bounty-hunter, bug-bounty, linux, vulnerability, cybersecurity13-Sep-2024
How Unguessable IDOR Worth me €1000 On Intigritihttps://medium.com/@manan_sanghvi/how-unguessable-idor-worth-me-1000-on-intigriti-7ab6f928b3d9?source=rss------bug_bounty-5Manan Sanghvibounty-program, bug-bounty, intigriti, idor, hacking13-Sep-2024
Logic Flaw: I Can Block You from Accessing Your Own Accounthttps://medium.com/@hashimamin/logic-flaw-i-can-block-you-from-accessing-your-own-account-63fc2a88bb72?source=rss------bug_bounty-5Hashim Aminbug-bounty-tips, bug-bounty, bugs, ethical-hacking, infosec13-Sep-2024
What is an Open Redirect Vulnerability? And How to Find Ithttps://systemweakness.com/what-is-an-open-redirect-vulnerability-and-how-to-find-it-7d94a3b9d0ef?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, technology, bug-bounty, hacking13-Sep-2024
Log4j Exploit Lab: Reverse Shell with JNDI Exploit Kithttps://medium.com/@josh.beck2006/log4j-exploit-lab-reverse-shell-with-jndi-exploit-kit-21f015204e29?source=rss------bug_bounty-5Josh Beckbug-bounty, cybersecurity, ctf13-Sep-2024
How to find and exploit bugsnag API Keyhttps://medium.com/@socalledhacker/how-to-find-and-exploit-bugsnag-api-key-312e0f216735?source=rss------bug_bounty-5socalledhackercybersecurity, bug-bounty, web-security, bug-bounty-tips, infosec13-Sep-2024
How to Write an Effective Bug Bounty Report: Tips, Structure, and Exampleshttps://infosecwriteups.com/how-to-write-an-effective-bug-bounty-report-tips-structure-and-examples-3248d81dd759?source=rss------bug_bounty-5Abhi Sharmabug-bounty, hacking, bug-bounty-tips, cybersecurity, infosec13-Sep-2024
Finding a easy p4 it can be worth 200$https://medium.com/@loyalonlytoday/finding-a-easy-p4-it-can-be-worth-200-10d6682f6923?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, bug-bounty, bugbounty-writeup, website-hacking, hacking13-Sep-2024
Subdomain Enumeration Part 2 (Manual & Automation)https://osintteam.blog/subdomain-enumeration-part-2-manual-automation-77a46d93e2ed?source=rss------bug_bounty-5Mr Abdullahethical-hacking, hacking, web-hacking, bug-bounty, bug-bounty-tips13-Sep-2024
Unleashing GitHub Dorks: The Ultimate Hack for Finding Hidden Secrets in Bug Bounties!https://enigma96.medium.com/unleashing-github-dorks-the-ultimate-hack-for-finding-hidden-secrets-in-bug-bounties-125b83fd9c93?source=rss------bug_bounty-5enigmagithub-dorking, penetration-testing, bug-bounty, hackin, bug-bounty-tips13-Sep-2024
Stored XSS via Image Uploadhttps://medium.com/@osamamohamed21212121/stored-xss-via-image-upload-b75edecf1e54?source=rss------bug_bounty-5Osamamohamedbug-bounty-tips, bugs, bug-bounty, bug-zero, bug-bounty-writeup13-Sep-2024
IDOR in Bug Bounty Programhttps://medium.com/@osamamohamed21212121/idor-in-bug-bounty-program-8fbbffe32f6e?source=rss------bug_bounty-5Osamamohamedbug-bounty, bugs, bug-bounty-writeup, bug-zero, bug-bounty-tips13-Sep-2024
Mastering Dirsearch: Finding Hidden Web Directorieshttps://medium.com/@bootstrapsecurity/mastering-dirsearch-finding-hidden-web-directories-f57327c06fed?source=rss------bug_bounty-5BootstrapSecurityethical-hacking, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-hunter12-Sep-2024
Computer Security: How Bureaucracies Ignore Unexploded Ordinancehttps://kf106.medium.com/computer-security-how-bureaucracies-ignore-unexploded-ordinance-319e8e931ad5?source=rss------bug_bounty-5Keir Finlow-Batesbureaucracy, bug-bounty, security, cybersecurity, hacker12-Sep-2024
The Secrets to Writing Threat Intelligence Reports That Actually Stop Cyber Attacks!https://medium.com/@paritoshblogs/the-secrets-to-writing-threat-intelligence-reports-that-actually-stop-cyber-attacks-330fd6fc37a5?source=rss------bug_bounty-5Paritoshai, hacking, threat-intelligence, bug-bounty, cybersecurity12-Sep-2024
Password Reset Flaws: Key Methods for Finding Vulnerabilitieshttps://medium.com/@dsmodi484/password-reset-flaws-key-methods-for-finding-vulnerabilities-eb843440e06c?source=rss------bug_bounty-5Dishant Modibug-bounty, vulnerability, bug-bounty-tips, account-takeover, testing12-Sep-2024
Leveraging GreyNoise for Enhanced Threat Detection and Intelligencehttps://medium.com/@ajaynaikhack/leveraging-greynoise-for-enhanced-threat-detection-and-intelligence-437aac815d38?source=rss------bug_bounty-5Ajay Naikrewards, vulnerability, cybersecurity, bug-bounty, threat-detection12-Sep-2024
Insecure Direct Object Reference (IDOR)https://medium.com/@security.tecno/insecure-direct-object-reference-idor-ffecf6cbc211?source=rss------bug_bounty-5TECNO Securitybug-bounty, security, research, hacking12-Sep-2024
Mastering IDOR: The Ultimate Resource Guidehttps://medium.com/@RaunakGupta1922/mastering-idor-the-ultimate-resource-guide-84e44052f70c?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitbug-bounty, hacking, cybersecurity, college, idor12-Sep-2024
[IDOR] View other users’ transaction detailshttps://rhidayah.medium.com/idor-view-other-users-transaction-details-73c0c80aada6?source=rss------bug_bounty-5Rohmad Hidayahbroken-access-control, idor, bug-bounty, idor-vulnerability, information-disclosure12-Sep-2024
Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOShttps://mikko-kenttala.medium.com/zero-click-calendar-invite-critical-zero-click-vulnerability-chain-in-macos-a7a434fc887b?source=rss------bug_bounty-5Mikko Kenttälävulnerability, macos, information-security, bug-bounty12-Sep-2024
Hide & Seek - Hidden Open Redirect | Bug Huntinghttps://mo9khu93r.medium.com/hide-seek-hidden-open-redirect-bug-hunting-88499f5e0e99?source=rss------bug_bounty-5mo9khu93rhacking, pentesting, bug-bounty, cybersecurity, kali-linux12-Sep-2024
Hydra for bruteforcinghttps://medium.com/@tharunteja725_8686/hydra-for-bruteforcing-3784a98bab6a?source=rss------bug_bounty-5Chidurala Tharun tejahacking, oscp, bug-bounty, bug-bounty-tips, cybersecurity12-Sep-2024
How an Open Redirect Vulnerability Got a Bug Bounty of $500https://cyberw1ng.medium.com/how-an-open-redirect-vulnerability-got-a-bug-bounty-of-500-13ece7a987d8?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, technology, bug-bounty, careers, cybersecurity12-Sep-2024
My first Account-take-overhttps://medium.com/@osamamohamed21212121/my-first-account-take-over-f6590c4a3a54?source=rss------bug_bounty-5Osamamohamedbugs, bug-bounty, bug-zero, bug-bounty-writeup, bug-bounty-tips12-Sep-2024
My journey to find CSRF (Cross-Site Request Forgery )https://medium.com/@osamamohamed21212121/my-journey-to-find-csrf-cross-site-request-forgery-ddf1e1bd579d?source=rss------bug_bounty-5Osamamohamedbug-bounty-writeup, bug-bounty-tips, bug-bounty, bugs, bug-zero12-Sep-2024
Stored XSS via File upload(using .svg file Extension )https://ch4ndan.medium.com/stored-xss-via-file-upload-using-svg-file-extension-515e23536d4d?source=rss------bug_bounty-5Ch4ndan dascybersecurity, xss-attack, bug-bounty, bugs, bug-bounty-tips12-Sep-2024
My first XSS: Reflected XSShttps://medium.com/@osamamohamed21212121/my-first-xss-reflected-xss-0949992b94ab?source=rss------bug_bounty-5Osamamohamedbugs, bug-bounty-tips, bug-bounty, bug-zero, bug-bounty-writeup12-Sep-2024
Hack Google Like a Pro: Automate Google Dorks with Bash for Bug Bounties!https://enigma96.medium.com/hack-google-like-a-pro-automate-google-dorks-with-bash-for-bug-bounties-7611818a4bf0?source=rss------bug_bounty-5enigmahacker, bug-bounty, pentesting, bug-bounty-tips, dorks12-Sep-2024
How to learn Game Hacking in 6 minutes | Part 1https://medium.com/@deadoverflow/how-to-learn-game-hacking-in-10-minutes-part-1-19991004fd99?source=rss------bug_bounty-5Imad Husanovicgames, hacking, bug-bounty-tips, bug-bounty, cybersecurity12-Sep-2024
How to learn Game Hacking in 6 minutes | Part 1https://systemweakness.com/how-to-learn-game-hacking-in-10-minutes-part-1-19991004fd99?source=rss------bug_bounty-5Imad Husanovicgames, hacking, bug-bounty-tips, bug-bounty, cybersecurity12-Sep-2024
Introduction to Bug Bounty Huntinghttps://medium.com/@kanishkar22052004/introduction-to-bug-bounty-hunting-183f133c7d0d?source=rss------bug_bounty-5Kanishkarbug-bounty, ethical-hacking, cybersecurity11-Sep-2024
Understanding the OWASP Top 10 in 2024https://bootstrapsecurity.medium.com/understanding-the-owasp-top-10-in-2024-245b600737f9?source=rss------bug_bounty-5BootstrapSecuritybug-bounty-tips, bug-bounty, ethical-hacking, cybersecurity, infosec-write-ups11-Sep-2024
Understanding the OWASP Top 10 in 2024https://medium.com/@bootstrapsecurity/understanding-the-owasp-top-10-in-2024-245b600737f9?source=rss------bug_bounty-5BootstrapSecuritybug-bounty-tips, bug-bounty, ethical-hacking, cybersecurity, infosec-write-ups11-Sep-2024
HTB Academy: Information Gathering — Web Edition (Updated).https://medium.com/@mazalwebdesign/htb-academy-information-gathering-web-edition-updated-50058fdec55e?source=rss------bug_bounty-5maz4lhtb-walkthrough, htb-writeup, penetration-testing, bug-bounty, ethical-hacking11-Sep-2024
API Bug Bounty Hunting: Reconnaissance and Reverse Engineering an APIhttps://towardsdev.com/api-bug-bounty-hunting-reconnaissance-and-reverse-engineering-an-api-1d61f82b5d72?source=rss------bug_bounty-5Adithyakrishna Vcybersecurity, bug-bounty, hacking, api11-Sep-2024
NGINX HTTP/3 QUIC Module Vulnerability -CVE-2024–35200https://infosecwriteups.com/nginx-http-3-quic-module-vulnerability-cve-2024-35200-e2f6aaea2a68?source=rss------bug_bounty-5Ajay Naikbug-bounty, security, cve, vulnerability, rewards11-Sep-2024
BIG-IP HSB vulnerability CVE-2024–39778https://medium.com/@ajaynaikhack/big-ip-hsb-vulnerability-cve-2024-39778-9fd33cc4d5e5?source=rss------bug_bounty-5Ajay Naikrewards-and-recognition, vulnerability, bug-bounty, security11-Sep-2024
Why Django’s [DEBUG=True] is a Goldmine for Hackershttps://medium.com/@verylazytech/why-djangos-debug-true-is-a-goldmine-for-hackers-01486289607d?source=rss------bug_bounty-5Very Lazy Techhacking, cybersecurity, django, bug-bounty, misconfiguration11-Sep-2024
Best Bug Bounty and Pentesting Methodology for Beginners(Step By Step)https://medium.com/@shaikhminhaz1975/best-bug-bounty-and-pentesting-methodology-for-beginners-step-by-step-b6167128156a?source=rss------bug_bounty-5Shaikh Minhazcybersecurity, methodology, penetration-testing, bug-bounty, ethical-hacking11-Sep-2024
MY First Bug Hunt: A Beginner’s Guide to Cybersecurity with Google Dorkshttps://medium.com/@KpCyberInfo/my-first-bug-hunt-a-beginners-guide-to-cybersecurity-with-google-dorks-b62a28214d38?source=rss------bug_bounty-5Krunal Patelbug-bounty, cybersecurity, google-dork, beginner, security11-Sep-2024
How Finding an SQL Injection Vulnerability Earned a $1000 Bug Bountyhttps://systemweakness.com/how-finding-an-sql-injection-vulnerability-earned-a-1000-bug-bounty-af2ee0b62f6c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, technology, bug-bounty, hacking11-Sep-2024
Interesting Story of an Account Takeover Vulnerabilityhttps://medium.com/@deepanshudev369/interesting-story-of-an-account-takeover-vulnerability-140a45a058a3?source=rss------bug_bounty-5Deepanshu(golu369)cybersecurity, ethical-hacking, vulnerability-assessment, bug-bounty, research11-Sep-2024
P4 bug’s and their POC steps | Part 2https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-2-17b6583c57d9?source=rss------bug_bounty-5socalledhackerweb-security, hacking, bug-bounty-tips, vulnerability, bug-bounty11-Sep-2024
Pemburuan Hacker Penpie: Menyediakan Hingga 10% dari Dana yang Dikembalikan sebagai Hadiahhttps://blog.penpiexyz.io/pemburuan-hacker-penpie-menyediakan-hingga-10-dari-dana-yang-dikembalikan-sebagai-hadiah-6e81cc0f610b?source=rss------bug_bounty-50xJultoshidefi, bahasa, bug-bounty, investasi, crypto11-Sep-2024
Primary Hacking School #1 Installing Kalihttps://medium.com/@nnface/primary-hacking-school-1-installing-kali-a3e249c41730?source=rss------bug_bounty-5NnFacebug-bounty, cybersecurity, hacking, linux, kali-linux11-Sep-2024
How I Stole a Player Spot with Simple XSShttps://medium.com/@ali_guell/how-i-stole-a-player-spot-with-simple-xss-6a8fa2776a84?source=rss------bug_bounty-5black_wheatearwriteup, bug-bounty, hacking, web-development, cybersecurity11-Sep-2024
Securing Your Applications Against CSRF Attacks: Best Practices for Cybersecurity Expertshttps://medium.com/@kpishear/securing-your-applications-against-csrf-attacks-best-practices-for-cybersecurity-experts-4e572b9fc032?source=rss------bug_bounty-5kpishearbug-bounty, tech, cybersecurity, trading, technology10-Sep-2024
Free Bug Bounty Course For Beginners ️https://medium.com/@amanktec12/free-bug-bounty-course-for-beginners-%EF%B8%8F-f126b9907c96?source=rss------bug_bounty-5Cyberxealfree-bug-hunting-course, free, course, bug-bounty, bug-hunting10-Sep-2024
Would you mind to tell me what your bank balance is? No? Okay, I’ll hack it.https://infosecwriteups.com/would-you-mind-to-tell-me-what-your-bank-balance-is-no-okay-ill-hack-it-b3f49810cfe2?source=rss------bug_bounty-5Manav Bankatwalabank-hack, cybersecurity, information-security, idor, bug-bounty10-Sep-2024
My first Hall of Fame (HoF) | Bug Bounty Journey.https://rivudon.medium.com/my-first-hall-of-fame-hof-bug-bounty-journey-59a56b1e96c2?source=rss------bug_bounty-5Rivek Raj Tamang ( RivuDon )bug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips, infosec-writeup10-Sep-2024
The “Who Needs Secure Attachments Anyway?” Sagahttps://medium.com/@shobitsharma/the-who-needs-secure-attachments-anyway-saga-6026dc61a371?source=rss------bug_bounty-5Shobit Sharmabug-bounty, cybersecurity, bug-bounty-tips, infosec-write-ups, bug-bounty-writeup10-Sep-2024
How Hackers Can Steal Your Data in 15 Secondshttps://medium.com/@kerstan/how-hackers-can-steal-your-data-in-15-seconds-798bbed9cbac?source=rss------bug_bounty-5kerstanhacking, cybersecurity, bug-bounty10-Sep-2024
Basic Challenge Level 11https://aftab700.medium.com/basic-challenge-level-11-eaa689246c31?source=rss------bug_bounty-5Aftab Samactf, cybersecurity, information-security, bug-bounty, ethical-hacking10-Sep-2024
Basic Challenge Level 10https://aftab700.medium.com/basic-challenge-level-10-afaac3919778?source=rss------bug_bounty-5Aftab Samacybersecurity, bug-bounty, ctf-writeup, ctf, information-security10-Sep-2024
Basic Challenge Level 9https://aftab700.medium.com/basic-challenge-level-9-588ab110cc2d?source=rss------bug_bounty-5Aftab Samactf-writeup, ctf, bug-bounty, information-security, cybersecurity10-Sep-2024
OWASP top 10 A09:Security Logging and Monitoring failureshttps://medium.com/@shivamsharma.ss484/owasp-top-10-a09-security-logging-and-monitoring-failures-e2f4bdc50fbe?source=rss------bug_bounty-5Shivamsharmaowasp, hacking, cybersecurity, owasp-top-10, bug-bounty10-Sep-2024
‘find’ command for Reconhttps://medium.com/@DatBoyBlu3/find-command-for-recon-4f3cf296c5d5?source=rss------bug_bounty-5Daniel Edwardscybersecurity, linux, bug-bounty, unix, penetration-testing10-Sep-2024
Top Reconnaissance Tools for Ethical Security Testinghttps://medium.com/@ajaynaikhack/top-reconnaissance-tools-for-ethical-security-testing-2b4088106b81?source=rss------bug_bounty-5Ajay Naikreconnaissance, ethical-hacking, bug-bounty, rewards, vulnerability10-Sep-2024
Introducing FavFreak: Unlock the Power of Favicon Hashing for Bug Bounty Huntinghttps://medium.com/@unreal_umber_hyena_37/introducing-favfreak-unlock-the-power-of-favicon-hashing-for-bug-bounty-hunting-0361dbb629c3?source=rss------bug_bounty-5Cyber Sentinel Xsecurity, cybersecurity, penetration-testing, bug-bounty, ethical-hacking10-Sep-2024
How I got RCE on an Indian university without admin credentials Tale of directory listing, SQL…https://medium.com/@alimuhammadsecured/how-i-got-rce-on-an-indian-university-without-admin-credentials-tale-of-directory-listing-sql-1f77e2933011?source=rss------bug_bounty-5Alimuhammadsecuredbug-bounty, bug-bounty-writeup, ctf, rce, hacking10-Sep-2024
TryHackMe | Simple CTF | Walkthrough | By HexaHunterhttps://hexahunter.medium.com/tryhackme-simple-ctf-walkthrough-by-hexahunter-b9457e4d7d16?source=rss------bug_bounty-5Momal Nazweb-security, penetration-testing, tryhackme-walkthrough, ctf-writeup, bug-bounty09-Sep-2024
Mastering Reconnaissance with Nmap: Unveiling Your Target’s Secretshttps://infosecwriteups.com/mastering-reconnaissance-with-nmap-unveiling-your-targets-secrets-ec940d05a140?source=rss------bug_bounty-5Ajay Naikcybersecurity, information-security, nmap, bug-bounty, infosec-write-ups09-Sep-2024
Self-XSS to ATO via Quick Login featurehttps://thecatfather.medium.com/self-xss-to-ato-via-quick-login-feature-532df12d1c08?source=rss------bug_bounty-5The CatFatherbug-bounty-writeup, bug-bounty, bug-bounty-tips09-Sep-2024
Exploiting Firestore Database Rules: A Pathway to Data Breacheshttps://medium.com/@S3THU/exploiting-firestore-database-rules-a-pathway-to-data-breaches-aa945476cc16?source=rss------bug_bounty-5Sethu Satheeshfirebase, hacking, cybersecurity, bug-bounty, pentesting09-Sep-2024
Google Dorks for Bug Bounty Part 3: Exposing Hidden Admin Panels & Login Portalshttps://enigma96.medium.com/google-dorks-for-bug-bounty-part-3-exposing-hidden-admin-panels-login-portals-52b600e3f10b?source=rss------bug_bounty-5enigmabug-bounty, bug-bounty-tips, pentesting, hacking, penetration-testing09-Sep-2024
2nd Order SQL Injectionhttps://medium.com/@bountyget/2nd-order-sql-injection-e2ac60e792a4?source=rss------bug_bounty-5Dhiren Kumar Pradhanbug-bounty-tips, sql-injection, cybersecurity, penetration-testing, bug-bounty09-Sep-2024
{إِنَّ اللَّهَ وَمَلائِكَتَهُ يُصَلُّونَ عَلَى النَّبِيِّ يَا أَيُّهَا الَّذِينَ آمَنُوا صَلُّوا…https://medium.com/@mahdisalhi0500/%D8%A5%D9%90%D9%86%D9%8E%D9%91-%D8%A7%D9%84%D9%84%D9%8E%D9%91%D9%87%D9%8E-%D9%88%D9%8E%D9%85%D9%8E%D9%84%D8%A7%D8%A6%D9%90%D9%83%D9%8E%D8%AA%D9%8E%D9%87%D9%8F-%D9%8A%D9%8F%D8%B5%D9%8E%D9%84%D9%8F%D9%91%D9%88%D9%86%D9%8E-%D8%B9%D9%8E%D9%84%D9%8E%D9%89-%D8%A7%D9%84%D9%86%D9%8E%D9%91%D8%A8%D9%90%D9%8A%D9%90%D9%91-%D9%8A%D9%8E%D8%A7-%D8%A3%D9%8E%D9%8A%D9%8F%D9%91%D9%87%D9%8E%D8%A7-%D8%A7%D9%84%D9%8E%D9%91%D8%B0%D9%90%D9%8A%D9%86%D9%8E-%D8%A2%D9%85%D9%8E%D9%86%D9%8F%D9%88%D8%A7-%D8%B5%D9%8E%D9%84%D9%8F%D9%91%D9%88%D8%A7-4cdb13f5ff52?source=rss------bug_bounty-5CaptinSHArky(Mahdi)hacking, information-security, ethical-hacking, bug-bounty, information-technology09-Sep-2024
SQL Injection Attack, Listing the Database Contents on Non-Oracle Databaseshttps://medium.com/@marduk.i.am/sql-injection-attack-listing-the-database-contents-on-non-oracle-databases-825485566585?source=rss------bug_bounty-5Marduk I Ambug-bounty, portswigger-lab, sqli, information-security, sql-injection09-Sep-2024
Hunting for Hidden API Endpoints Using Katana and Hakralerhttps://anasbetis023.medium.com/hunting-for-hidden-api-endpoints-using-katana-and-hakraler-ba0bd6b9611f?source=rss------bug_bounty-5Anas H Hmaidybug-bounty, penetration-testing, bug-bounty-tips, cybersecurity09-Sep-2024
Optimal Ethical Hacker Setup for Penetration Testinghttps://infosecwriteups.com/optimal-ethical-hacker-setup-for-penetration-testing-4847a8afbe45?source=rss------bug_bounty-5Ajay Naiksecurity, bug-bounty, vulnerability, desktop09-Sep-2024
Unveiling Hidden Threats: Advanced Recon Techniques and the Path to Automationhttps://medium.com/@rootspaghetti/unveiling-hidden-threats-advanced-recon-techniques-and-the-path-to-automation-4c1b3dd885a3?source=rss------bug_bounty-5Root@Spaghettibug-bounty-tips, bug-bounty, hacking09-Sep-2024
P4 bug’s and their POC steps | Part 1https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-1-1cef0152d1a5?source=rss------bug_bounty-5socalledhackervulnerability, p4-bugs, hacking, web-app-security, bug-bounty09-Sep-2024
How HTTP Request Smuggling Vulnerability Gets You a $750 Bug Bountyhttps://cyberw1ng.medium.com/how-http-request-smuggling-vulnerability-gets-you-a-750-bug-bounty-3dfe9063fd8d?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, cybersecurity, technology09-Sep-2024
Introducing CorScan: A Comprehensive Tool for CORS Vulnerability Detectionhttps://angixblack.medium.com/introducing-corscan-a-comprehensive-tool-for-cors-vulnerability-detection-4ce83be6870e?source=rss------bug_bounty-5Angix blackpenetration-testing, bug-bounty, cors, bugbounty-automation, corscan09-Sep-2024
Lap 1: JWT authentication bypass via unverified signaturehttps://abdelrahmansalaheldeen.medium.com/lap-1-jwt-authentication-bypass-via-unverified-signature-8e450a7b2f59?source=rss------bug_bounty-5Abdelrahman Salaheldeencybersecurity, web-application-security, web-app-pentesting, jwt, bug-bounty08-Sep-2024
The Only Oscp Tip You Needhttps://medium.com/@issam.qsous/the-only-oscp-tip-you-need-cfac65948f68?source=rss------bug_bounty-5Essam Qsousoscp, bug-bounty, cybersecurity, pentesting, hacking08-Sep-2024
JSON Web Token attacks (JWT)https://abdelrahmansalaheldeen.medium.com/json-web-token-attacks-jwt-c082d76f3e4c?source=rss------bug_bounty-5Abdelrahman Salaheldeenjwt, web-penetration-testing, web-application-security, bug-bounty, cybersecurity08-Sep-2024
0-Click Mass Account Takeover via Password Reset Functionalityhttps://0d-samii.medium.com/0-click-mass-account-takeover-via-password-reset-functionality-68cdf27e028d?source=rss------bug_bounty-50d_samiibugs, bug-bounty-tips, bug-bounty, cybersecurity08-Sep-2024
How To Stay Ahead of 99% of Bug Bounty Huntershttps://bevijaygupta.medium.com/how-to-stay-ahead-of-99-of-bug-bounty-hunters-d77030705ed5?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bugs, hackthebox, bug-bounty, bounty-hunter08-Sep-2024
Discovering a Stored XSS Vulnerability on a Bug Bounty Programhttps://anmolvishwakarma7466.medium.com/discovering-a-stored-xss-vulnerability-on-a-bug-bounty-program-8dad1b475695?source=rss------bug_bounty-5Anmolvishwakarmaxss-attack, appsec, bug-bounty-tips, bug-bounty, bug-bounty-writeup08-Sep-2024
Found Bugs, Got Paid, Stayed Poor: Making a Living with Bug Bountieshttps://bevijaygupta.medium.com/found-bugs-got-paid-stayed-poor-making-a-living-with-bug-bounties-a30355564d32?source=rss------bug_bounty-5Vijay Guptamoney-making-ideas, bug-bounty-tips, bug-bounty, money-management, bugs08-Sep-2024
Nmap: The Best Network Scanning Utility for Security Experthttps://medium.com/@mohanmecktro/nmap-the-best-network-scanning-utility-for-security-expert-ea7a6fd01efb?source=rss------bug_bounty-5Mohan Mecktrobug-bounty-hunter, penetration-testing, bug-bounty, nmap, kali-linux-tools08-Sep-2024
How I Become Google HOFhttps://medium.com/@lijoparappur/how-i-become-google-hof-ef697b8b5963?source=rss------bug_bounty-5Lijoparappurbug-bounty, google-hacking08-Sep-2024
How i found xss in goverment website with one tools.https://medium.com/@sulthanyluthfi/how-i-found-xss-in-goverment-website-with-one-tools-5dd5d431ed03?source=rss------bug_bounty-5Luthfi Sulthanyxss-attack, bug-bounty, linux, penetration-testing, cybersecurity08-Sep-2024
Day 30of 30 Day — 30 Vulnerabilities | Cross-Site Request Forgery (CSRF)https://medium.com/@kumawatabhijeet2002/day-30of-30-day-30-vulnerabilities-cross-site-request-forgery-csrf-062ff53c5efd?source=rss------bug_bounty-5Abhijeet kumawat30dayswritingchallenge, bug-bounty, bug-bounty-tips, csrf08-Sep-2024
My recon methodology for hunting CVE-2021–42063 led to discovering an RXSS vulnerability in the…https://medium.com/@karthithehacker/my-recon-methodology-for-hunting-cve-2021-42063-led-to-discovering-an-rxss-vulnerability-in-the-27a7aa435fd3?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, infosec, bugbounty-writeup, ethical-hacking, cybersecurity08-Sep-2024
The Weak Link in Two-Factor Authentication: Exploiting Reusable OTPshttps://medium.com/@tusharpuri6/the-weak-link-in-two-factor-authentication-exploiting-reusable-otps-ed30bd8bf4da?source=rss------bug_bounty-5Tusharpurioffensive-security, bug-bounty, penetration-testing, vulnerability, application-security08-Sep-2024
OWASP top 10 A08:Software and Data Integrity Failureshttps://medium.com/@shivamsharma.ss484/owasp-top-10-a08-software-and-data-integrity-failures-bd41b5f9db2c?source=rss------bug_bounty-5Shivamsharmaowasp-top-10, bug-bounty, cybersecurity, hacking, owasp08-Sep-2024
Post-Exploitation Techniques: What Happens After a Hack?https://cyberw1ng.medium.com/post-exploitation-techniques-what-happens-after-a-hack-961ddc068fb6?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, technology, hacking, cybersecurity, careers08-Sep-2024
Post-Exploitation Techniques: What Happens After a Hack?https://systemweakness.com/post-exploitation-techniques-what-happens-after-a-hack-961ddc068fb6?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, technology, hacking, cybersecurity, careers08-Sep-2024
Bug Bounty Road ️ Map ️https://osintteam.blog/bug-bounty-road-%EF%B8%8F-map-%EF%B8%8F-b42c14750a6a?source=rss------bug_bounty-5Mr Abdullahbug-bounty-roadmap, bug-bounty, bug-bounty-writeup, ethical-hacking, cybersecurity07-Sep-2024
Users without roles are able to find out whether the “Invite other people” feature on a Pinterest…https://rhidayah.medium.com/users-without-roles-are-able-to-find-out-whether-the-invite-other-people-feature-on-a-pinterest-b1cf86305337?source=rss------bug_bounty-5Rohmad Hidayahpinterest, bug-bounty, privacy, business-logic-flaw07-Sep-2024
Exploiting the Silent Threat: Time-Based Blind SQL Injection via the Object_ID Parameterhttps://harshit3.medium.com/exploring-time-based-blind-sql-injection-vulnerability-via-the-object-id-parameter-7cd377c6e00d?source=rss------bug_bounty-5Harshitowasp, vulnerability, cybersecurity, bug-bounty, information-security07-Sep-2024
Account takeover through no rate limitshttps://rhidayah.medium.com/account-takeover-through-no-rate-limits-3d7a82a69779?source=rss------bug_bounty-5Rohmad Hidayahaccount-takeover, no-rate-limit, bug-bounty, broken-authentication07-Sep-2024
The Rise of AI in Cybersecurity: Opportunities and Threatshttps://bootstrapsecurity.medium.com/the-rise-of-ai-in-cybersecurity-opportunities-and-threats-531b42f9bef9?source=rss------bug_bounty-5BootstrapSecuritybug-bounty-tips, bug-bounty, cybersecurity, ethical-hacking, ai-in-cybersecurity07-Sep-2024
how i finded a google map it’s worths 300$https://systemweakness.com/how-i-finded-a-google-map-its-worths-300-9fe5fe32e6de?source=rss------bug_bounty-5loyalonlytodaybugs, penetration-testing, hacking, bug-bounty, bug-bounty-tips07-Sep-2024
Subdomain Takeover : The Hacker’s Jackpot (And How You Can Hit It Too!)https://medium.com/@Kaizen2977/subdomain-takeover-the-hackers-jackpot-and-how-you-can-hit-it-too-76d49b916bc1?source=rss------bug_bounty-5Kapil Chotaliabug-bounty, subdomain-takeover, subdomains-enumeration, hacking, penetration-testing07-Sep-2024
Users without roles are able to find out whether the “Invite other people” feature on a Pinterest…https://rhidayah.medium.com/users-without-roles-are-able-to-find-out-whether-the-invite-other-people-feature-on-a-pinterest-b1cf86305337?source=rss------bug_bounty-5Rohmad Hidayahpinterest, bug-bounty, privacy, bugcrowd, business-logic-flaw07-Sep-2024
Day 29 of 30 Day — 30 Vulnerabilities | Remote Code Execution (RCE)https://medium.com/@kumawatabhijeet2002/day-29-of-30-day-30-vulnerabilities-remote-code-execution-rce-eb3f8f7ccf62?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, rce, bug-bounty, 30dayswritingchallenge, remote-code-execution07-Sep-2024
Vulnerability Scannerhttps://medium.com/@hydra_/vulnerability-scanner-1ad628218979?source=rss------bug_bounty-5hydrabug-bounty, vulnerability-scanner, infosec07-Sep-2024
Understanding window.postMessage() and Its XSS Riskshttps://medium.com/@spideyyy/understanding-window-postmessage-and-its-xss-risks-5a96bcd90428?source=rss------bug_bounty-5spideycybersecurity, bug-bounty, web-security, hacking, xss-attack07-Sep-2024
Find Your First 5 Bug Bounties in Easy Wayshttps://infosecwriteups.com/find-your-first-5-bug-bounties-in-easy-ways-3aaca5c57a2d?source=rss------bug_bounty-5Subh Dhunganahackerone, infosec, cybersecurity, bug-bounty, hacking07-Sep-2024
My recon methodology for hunting CVE-2021–42063 led to discovering an RXSS vulnerability in the…https://medium.com/@karthithehacker/my-recon-methodology-for-hunting-cve-2021-42063-led-to-discovering-an-rxss-vulnerability-in-the-80bd4ca0f623?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, infosec, cybersecurity07-Sep-2024
Hunting in the Cyber World: Effective Recon Strategies for a Successful Bug Bountyhttps://medium.com/@rootspaghetti/hunting-in-the-cyber-world-effective-recon-strategies-for-a-successful-bug-bounty-8ec5f27bd9ae?source=rss------bug_bounty-5Root@Spaghettibug-bounty, cybersecurity, hacking, bug-bounty-tips07-Sep-2024
850$ IDOR:Unauthorized Session Revokation of any userhttps://infosecwriteups.com/850-idor-unauthorized-session-revokation-of-any-user-93f9cb92fdfe?source=rss------bug_bounty-5Abhi Sharmacybersecurity, infosec, idor, bug-bounty, programming07-Sep-2024
Google Dorks Secrets: Discover Hidden Endpoints & Parameters with Google Dorkshttps://enigma96.medium.com/google-dorks-secrets-discover-hidden-endpoints-parameters-with-google-dorks-7c3bb3257ef9?source=rss------bug_bounty-5enigmaweb-security-testing, hacking, bug-bounty-tips, bug-bounty, penetration-testing07-Sep-2024
cyberExploring Client-Side Desync: Understanding the Risk and Mitigating the Threathttps://cyberw1ng.medium.com/cyberexploring-client-side-desync-understanding-the-risk-and-mitigating-the-threat-b375dec78f21?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, technology, cybersecurity, careers07-Sep-2024
Day 28 of 30 Day — 30 Vulnerabilities | DOM-based XSShttps://medium.com/@kumawatabhijeet2002/day-28-of-30-day-30-vulnerabilities-dom-based-xss-e7bfadc56b2f?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, 30dayswritingchallenge, bug-bounty-tips, dom-based-xss06-Sep-2024
Bounty Hunter’s Handbook: Practical Tips for Bug Huntinghttps://medium.com/@security.tecno/bounty-hunters-handbook-practical-tips-for-bug-hunting-b3a8b03d1101?source=rss------bug_bounty-5TECNO Securityhacking, hunting, tips, bug-bounty06-Sep-2024
[$12000] 3 Critical 0-click TikTok Account Takeover Vulnerabilities, 2FA bypass & more security…https://vojtechcekal.medium.com/12000-3-critical-0-click-tiktok-account-takeover-vulnerabilities-2fa-bypass-more-security-78554827cfc3?source=rss------bug_bounty-5Vojtech Cekalvulnerability, bug-bounty-writeup, bug-bounty-tips, cybersecurity, bug-bounty06-Sep-2024
OAuth Based CSRF: Exploiting The Flaw In Implementation Of State Parameterhttps://medium.com/@cyberpro151/oaauth-based-csrf-exploiting-the-flaw-in-implementation-of-state-parameter-36bfae68aa65?source=rss------bug_bounty-5cyberpro151bug-bounty, cybersecurity, appsec, hacking, pentest06-Sep-2024
Google Map API Key Exposure $$$ | Just 2 Minutes | Don’t Miss Your Bountyhttps://dkcyberz.medium.com/google-map-api-key-exposure-just-2-minutes-dont-miss-your-bounty-380eac7b9dd9?source=rss------bug_bounty-5Harpy Hunterbug-bounty-tips, bugbounty-writeup, google-map-api, bug-bounty, owasp-top-1006-Sep-2024
Google Dork Mastery Part 1 : Finding Hidden Critical Files with Google Dorks Like a Prohttps://enigma96.medium.com/google-dork-mastery-part-1-finding-hidden-critical-files-with-google-dorks-like-a-pro-d28ad159e9ae?source=rss------bug_bounty-5enigmapenetration-testing, hacking, bug-bounty-tips, web-security, bug-bounty06-Sep-2024
Master Mobile Traffic Hacking: Intercept Android App Data with Burp Suitehttps://medium.com/@WillFromSwiss/master-mobile-traffic-hacking-intercept-android-app-data-with-burp-suite-9278163310ad?source=rss------bug_bounty-5WillFromSwisscybersecurity, application-security, hacking, android, bug-bounty06-Sep-2024
As Luck Would Have It — tales of good fortune in bug bountyhttps://medium.com/@l_s_/as-luck-would-have-it-tales-of-good-fortune-in-bug-bounty-9c56d31b3ef5?source=rss------bug_bounty-5LSinfosec, information-security, bug-bounty-writeup, hacking, bug-bounty06-Sep-2024
How I Explored Further and Chained HTTP Request Smuggling with Other Vulnerabilitieshttps://cyberw1ng.medium.com/how-i-explored-further-and-chained-http-request-smuggling-with-other-vulnerabilities-cfb974e1e8aa?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, technology, hacking, bug-bounty, cybersecurity06-Sep-2024
How 100% Manual Hacking (Without Even Kali And Burp) Led To 2 Medium Vulnerabilities On YesWeHackhttps://medium.com/@manan_sanghvi/how-100-manual-hacking-without-even-kali-and-burp-led-to-2-medium-vulnerabilities-on-yeswehack-bbda00fcd84e?source=rss------bug_bounty-5Manan Sanghvivulnerability, bug-bounty, xss-attack, cybersecurity, ethical-hacking05-Sep-2024
Day 27 of 30 Day — 30 Vulnerabilities | Server-Side Template Injection (SSTI)https://medium.com/@kumawatabhijeet2002/day-27-of-30-day-30-vulnerabilities-server-side-template-injection-ssti-f12c851d7e08?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, server-side-technology, 30dayswritingchallenge, ssti, bug-bounty-tips05-Sep-2024
Exploiting Salesforce Lightning Permissions Issueshttps://medium.com/@theodorejackson.us/exploiting-salesforce-lightning-permissions-issues-5c04f202c887?source=rss------bug_bounty-5Ted Jacksonpentesting, bug-bounty, security, salesforce, cybersecurity05-Sep-2024
RCE Exploits Explained: Techniques & Tools in 2024https://bootstrapsecurity.medium.com/rce-exploits-explained-techniques-tools-in-2024-79dbbbc67ba6?source=rss------bug_bounty-5BootstrapSecurityethical-hacking, vulnerability-assessment, cybersecurity, bug-bounty-tips, bug-bounty05-Sep-2024
What is WAF? & Secret Techniques to Bypass Ithttps://medium.com/huntersec-security/what-is-waf-secret-techniques-to-bypass-it-2a4de4768131?source=rss------bug_bounty-5Ajay Naikbug-bounty, firewall-security, infosec05-Sep-2024
SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuffhttps://medium.com/@ali.zamini/ssti-in-bug-bounty-program-the-time-i-played-with-handlebars-and-broke-stuff-7dc1f9834a3d?source=rss------bug_bounty-5Ali Zaminibug-hunting, bug-bounty, hacking, web-app-pentesting, ssti05-Sep-2024
Blocking Users from Registrationhttps://medium.com/@patidarbhuwan44/blocking-users-from-registration-e3a584f25e4b?source=rss------bug_bounty-5Bhuwan Patidarbug-bounty, hacking, bug-bounty-tips, web, cybersecurity05-Sep-2024
Uncover Hidden Subdomains with Sublist3r and curl: Boost Your Bug Hunting Successhttps://enigma96.medium.com/uncover-hidden-subdomains-with-sublist3r-and-curl-boost-your-bug-hunting-success-a80b180a9377?source=rss------bug_bounty-5enigmabug-bounty, bug-bounty-tips, penetration-testing, hacking, web-security05-Sep-2024
Find SSRF , LFI , XSS using httpx , waybackurls , gf , gau , qsreplacehttps://medium.com/@SatyamPathania/find-ssrf-lfi-xss-using-httpx-waybackurls-gf-gau-qsreplace-96c4794e404c?source=rss------bug_bounty-5Satyam Pathaniaearn-money-online, cybersecurity, bug-bounty, hacking, money05-Sep-2024
Cybersecurity 101 : Subdomain Scanner ทำงานยังไง ?https://medium.com/@nengapi/cybersecurity-101-subdomain-scanner-%E0%B8%97%E0%B8%B3%E0%B8%87%E0%B8%B2%E0%B8%99%E0%B8%A2%E0%B8%B1%E0%B8%87%E0%B9%84%E0%B8%87-04c9993620ed?source=rss------bug_bounty-5Neng Apichetsubdomain, bug-bounty, subdomain-enumeration, cybersecurity05-Sep-2024
Practical Bug Bounty — TCM Academy | Automated Toolshttps://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-automated-tools-ed177aab16f6?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamiweb-penetration-testing, bug-bounty, penetration-testing, ethical-hacking, cybersecurity05-Sep-2024
Dependency Confusion: A Namespace Takeover Storyhttps://medium.com/@sakshirathore3478/dependency-confusion-a-namespace-takeover-story-fa334533bd50?source=rss------bug_bounty-5Sakshi Rathorebug-bounty-tips, webapplicationpentest, bug-bounty, cybersecurity, bug-bounty-hunter05-Sep-2024
Reflected XSS | US Department of Education Recognitionhttps://codingninjablogs.tech/reflected-xss-us-department-of-education-recognition-270ec27e7f5f?source=rss------bug_bounty-5#$ubh@nk@rvulnerability, bug-bounty, cybersecurity, infosec, hacking05-Sep-2024
My first Bug : Uncovering a Reflected XSS with a Simple Payloadhttps://medium.com/@firdansp/my-first-bug-uncovering-a-reflected-xss-with-a-simple-payload-270b5e3742bb?source=rss------bug_bounty-5Firda Nureliaxs, bug-bounty, bug-bounty-tips, xss-vulnerability, writeup05-Sep-2024
How I Discovered an HTTP Request Smuggling Vulnerability in a Major Web Consolehttps://cyberw1ng.medium.com/how-i-discovered-an-http-request-smuggling-vulnerability-in-a-major-web-console-5188b2b4c539?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, technology, bug-bounty, cybersecurity05-Sep-2024
Hidden Reflected XSS on 403 Page.https://medium.com/@Hacker_Yogi/hidden-reflected-xss-on-403-page-0cbb46683138?source=rss------bug_bounty-5Ruben (Hacker_Yogi)pentesting, bug-bounty-tips, information-security, xss-attack, bug-bounty05-Sep-2024
Broken Authentication Leads to the Ability to Unsubscribe Other Users' Payment Remindershttps://medium.com/@blackarazi/broken-authentication-leads-to-the-ability-to-unsubscribe-other-users-payment-reminders-0fdb1a63edec?source=rss------bug_bounty-5Azhari Harahapbug-bounty, broken-authentication, api-security, application-security, bug-bounty-writeup04-Sep-2024
Ultimate FFUF Cheatsheet: Advanced Fuzzing Tactics for Pro Bug Hunters!https://medium.com/h7w/ultimate-ffuf-cheatsheet-advanced-fuzzing-tactics-for-pro-bug-hunters-492598750150?source=rss------bug_bounty-5Khaleel Khanhacking-tools, bug-bounty, hacking, cybersecurity, infosec04-Sep-2024
dirsearch: Panduan Lengkap untuk Pengumpulan Informasi Web yang Efektif!https://medium.com/@adriansyah1230/dirsearch-panduan-lengkap-untuk-pengumpulan-informasi-web-yang-efektif-c7fdee43b2d4?source=rss------bug_bounty-5Adrian Syah Abidinbug-bounty, cybersecurity, infosec, dirsearch, pentesting04-Sep-2024
Aquatone: Solusi Cerdas untuk Inspeksi Visual Website yang Mendalam!https://medium.com/@adriansyah1230/aquatone-solusi-cerdas-untuk-inspeksi-visual-website-yang-mendalam-68811f0735c7?source=rss------bug_bounty-5Adrian Syah Abidincybersecurity, aquatone, keamanan-informasi, bug-bounty, infosec04-Sep-2024
A Comprehensive Guide to FFUF for Bug Huntershttps://maelstromenigma.medium.com/a-comprehensive-guide-to-ffuf-for-bug-hunters-76942e90f92b?source=rss------bug_bounty-5enigmawebservices-testing, bug-bounty-tips, bug-bounty, bug-hunting, recon04-Sep-2024
Nmap: Pemindai Keamanan Jaringan yang Kuat dan Alat Unggulan untuk Pengumpulan Informasi!https://medium.com/@adriansyah1230/nmap-pemindai-keamanan-jaringan-yang-kuat-dan-alat-unggulan-untuk-pengumpulan-informasi-ce2186eda0d1?source=rss------bug_bounty-5Adrian Syah Abidinnmap-command, cybersecurity, infosec, bug-bounty, nmap04-Sep-2024
Subdomain Enumeration | BBOT ✅>= Subfinder + Sublist3r + Assetfinder + Amasshttps://dkcyberz.medium.com/bbot-subfinder-sublist3r-assetfinder-amass-subdomain-enumeration-c42bbbf76052?source=rss------bug_bounty-5Harpy Hunterbug-bounty, subdomain-takeover, bugbounty-tips, subdomains-enumeration, bugbounty-writeup04-Sep-2024
OWASP Amass: Alat Canggih untuk Pengumpulan Informasi dan Strategi Pemetaan Serangan yang Efektif!https://medium.com/@adriansyah1230/owasp-amass-alat-canggih-untuk-pengumpulan-informasi-dan-strategi-pemetaan-serangan-yang-efektif-7859ad0515ad?source=rss------bug_bounty-5Adrian Syah Abidinmassa, owasp, bug-bounty, pentest, cybersecurity04-Sep-2024
Day 26 of 30 Day — 30 Vulnerabilities | Race Conditionshttps://medium.com/@kumawatabhijeet2002/day-26-of-30-day-30-vulnerabilities-race-conditions-e6b761e006b1?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, bug-bounty, 30dayswritingchallenge, race-condition04-Sep-2024
reNgine: Framework Otomatisasi Terbaik untuk Pengumpulan Informasi dan Pengujian Penetrasi Web!https://medium.com/@adriansyah1230/rengine-framework-otomatisasi-terbaik-untuk-pengumpulan-informasi-dan-pengujian-penetrasi-web-13e338edff02?source=rss------bug_bounty-5Adrian Syah Abidininfosec, bug-bounty, keamanan-informasi, rengine, cybersecurity04-Sep-2024
Exploring the World of `magicRecon`: A Fun Guide to Target Information Gatheringhttps://medium.com/@rootspaghetti/exploring-the-world-of-magicrecon-a-fun-guide-to-target-information-gathering-03a9e2bb7e39?source=rss------bug_bounty-5Root@Spaghetticybersecurity, bug-bounty-tips, hacking, bug-bounty04-Sep-2024
Zomatoooo! IDOR in Saved Paymentshttps://prateeksrivastavaa.medium.com/zomatoooo-idor-in-saved-payments-f8c014879741?source=rss------bug_bounty-5Prateek Srivastavabug-bounty-writeup, bug-bounty, cybersecurity, penetration-testing, bug-bounty-tips04-Sep-2024
Openredirect CSRF SSRF XSS And Sqli vulnerabilityhttps://medium.com/@shadowhackr_87285/openredirect-csrf-ssrf-xss-and-sqli-vulnerability-6a9f3a5662e2?source=rss------bug_bounty-5Shadowhackrxss-attack, cybersecurity, bug-bounty, vulnerability, sql04-Sep-2024
Zero-Day Exploits: An Inconspicuous Dangerhttps://medium.com/@mohanmecktro/zero-day-exploits-an-inconspicuous-danger-7e3ca32c164e?source=rss------bug_bounty-5Mohan Mecktrobug-bounty-tips, cyber, cybersecurity, bug-bounty, hacking04-Sep-2024
Decoding the Enigma: A Deep Dive into the /home/000~ROOT~000/ Directoryhttps://soltanali0.medium.com/decoding-the-enigma-a-deep-dive-into-the-home-000-root-000-directory-3be592f05525?source=rss------bug_bounty-5soltanali0information-security, bug-bounty, directory-listing, security-research, lfi04-Sep-2024
TeamCity Takedown: Breach, Backup, and Break-in.https://medium.com/@josh.beck2006/teamcity-takedown-breach-backup-and-break-in-3ce333b63788?source=rss------bug_bounty-5Josh Beckcybersecurity, bug-bounty, ctf-writeup04-Sep-2024
Advanced Strategies to Defend Against HTTP Request Smuggling: A Deep Divehttps://cyberw1ng.medium.com/advanced-strategies-to-defend-against-http-request-smuggling-a-deep-dive-ba7c0abe911a?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, bug-bounty, technology, penetration-testing04-Sep-2024
Shodan: Senjata Rahasia Wajib Bagi Peretas dan Peneliti Keamanan untuk Pengumpulan Informasi yang…https://medium.com/@adriansyah1230/shodan-senjata-rahasia-wajib-bagi-peretas-dan-peneliti-keamanan-untuk-pengumpulan-informasi-yang-a3f86dd47eed?source=rss------bug_bounty-5Adrian Syah Abidininfosec, shodan, bug-bounty, hacking, cybersecurity03-Sep-2024
Bug Bounty: Your Guide to Ethical Hacking, Rewards, and the Best Learning Resourceshttps://medium.com/@akatrigger53/bug-bounty-your-guide-to-ethical-hacking-rewards-and-the-best-learning-resources-071c6eb14a27?source=rss------bug_bounty-5Akansh Pandaybug-bounty, hacking, darkweb, cybersecurity03-Sep-2024
How to overcome the pause point in BugBountyhttps://anonysm.medium.com/how-to-overcome-the-pause-point-in-bugbounty-02b849cfcff8?source=rss------bug_bounty-5Muthu Dcybersecurity, bug-bounty, penetration-testing, motivation, hacking03-Sep-2024
DNSDumpster: Eksplorasi Informasi Domain Mendalamhttps://medium.com/@adriansyah1230/dnsdumpster-eksplorasi-informasi-domain-mendalam-d20fa2635596?source=rss------bug_bounty-5Adrian Syah Abidinkeamanan-informasi, cybersecurity, infosec, bug-bounty, dnsdumpster03-Sep-2024
Day 25 of 30 Day — 30 Vulnerabilities | HTTP Request Smugglinghttps://medium.com/@kumawatabhijeet2002/day-25-of-30-day-30-vulnerabilities-http-request-smuggling-722c3f01dbc4?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, http-request-smuggling, bug-bounty-tips, 30dayswritingchallenge03-Sep-2024
How to Bypass Web Application Firewalls (WAFs)https://bootstrapsecurity.medium.com/how-to-bypass-web-application-firewalls-10cec76e8276?source=rss------bug_bounty-5BootstrapSecuritybugbounty-tips, cybersecurity, ethical-hacking, bug-bounty03-Sep-2024
The removed employee can see whether the users he invited to the victim’s Pinterest business…https://rhidayah.medium.com/the-removed-employee-can-see-whether-the-users-he-invited-to-the-victims-pinterest-business-085d2ee8e14e?source=rss------bug_bounty-5Rohmad Hidayahbugcrowd, bug-bounty, pinterest, business-logic-flaw03-Sep-2024
[IDOR] Update another user’s profilehttps://rhidayah.medium.com/idor-update-another-users-profile-79d0158ae60c?source=rss------bug_bounty-5Rohmad Hidayahidor, bug-bounty03-Sep-2024
Pre account takeover via google sign inhttps://rhidayah.medium.com/pre-account-takeover-via-google-sign-in-bb442f4c32a2?source=rss------bug_bounty-5Rohmad Hidayahbug-bounty, account-takeover03-Sep-2024
P3 (Medium) : How I Gain Access To NASA's Internal Workspace?!https://medium.com/@srishavinkumar/p3-medium-how-i-gain-access-to-nasas-internal-workspace-d0896fee563c?source=rss------bug_bounty-5Sri Shavin Kumarbug-bounty, bug-bounty-tips, cybersecurity, technology, programming03-Sep-2024
Improper Authorization via Mass Assignment of Membership Parametershttps://ahmedtamer0.medium.com/improper-authorization-via-mass-assignment-of-membership-parameters-7245925b09f5?source=rss------bug_bounty-5Ahmed Tamerbug-hunting, api, mass-assignment, writeup, bug-bounty03-Sep-2024
How Bypassed KonyLab Code Protectionhttps://medium.com/@xmosb7/how-bypassed-konylab-code-protection-cac53da01ad1?source=rss------bug_bounty-5Mahmoud Mosbahmobilesec, infosec, cybersecurity, cyberattack, bug-bounty03-Sep-2024
Subdomain Enumeration part 1 (Manual & Automation)https://mrunknown124154.medium.com/subdomain-enumeration-part-1-manual-automation-45108388bdb2?source=rss------bug_bounty-5Mr Abdullahsubdomains-enumeration, hacking, bug-bounty, web-hacking, web-penetration-testing03-Sep-2024
API VULNERABILITIEShttps://medium.com/@adithyakrishnav001/api-vulnerabilities-9b68a0bd87a8?source=rss------bug_bounty-5Adithyakrishna Vcybersecurity, hacking, aad1, api-security, bug-bounty03-Sep-2024
HTTP Request Smuggling: The Hidden Web Threat You Need to Know Abouthttps://cyberw1ng.medium.com/http-request-smuggling-the-hidden-web-threat-you-need-to-know-about-71ff45c7f94a?source=rss------bug_bounty-5Karthikeyan Nagarajtechnology, cybersecurity, bug-bounty, hacking, careers03-Sep-2024
My First Bounty: How I Exploited a CORS Misconfigurationhttps://anas0x1.medium.com/my-first-bounty-how-i-exploited-a-cors-misconfiguration-bc1f9137b272?source=rss------bug_bounty-5Anas Ibrahimcors, bug-bounty, bug-hunting, hackerone, cybersecurity03-Sep-2024
How I Discovered a Hidden XSS and What I Learnedhttps://medium.com/@issam.qsous/how-i-discovered-a-hidden-xss-and-what-i-learned-9a34995ebbd2?source=rss------bug_bounty-5Essam Qsousweb-development, hacking, penetration-testing, security, bug-bounty03-Sep-2024
The Accidental Discoveryhttps://medium.com/@Kinqdathacker/the-accidental-discovery-8ed6f9622b0c?source=rss------bug_bounty-5Kinqdathackercybersecurity, hacking, technology, web-hacking, bug-bounty02-Sep-2024
Day 23 of 30 Days — 30 Vulnerabilities | JSON Web Token (JWT) Attackshttps://medium.com/@kumawatabhijeet2002/day-23-of-30-days-30-vulnerabilities-json-web-token-jwt-attacks-e77c719fe22d?source=rss------bug_bounty-5Abhijeet kumawatweb, bug-bounty, bug-bounty-tips, 30dayswritingchallenge02-Sep-2024
Advanced Web Application Security Checklisthttps://securitycipher.medium.com/advanced-web-application-security-checklist-6f7ed5917c72?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)cybersecurity, bug-bounty-tips, bug-bounty, technology, security02-Sep-2024
How I Hacked into Yamaha using CVE 2017-5487https://medium.com/@josuofficial327/how-i-found-an-easy-cve-in-yamaha-964366a34b59?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binucybersecurity, bug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-bounty-tips02-Sep-2024
[Specially Customized] TECNO Security 3rd Anniversary Bug Hunting Competition!https://medium.com/@security.tecno/specially-customized-tecno-security-3rd-anniversary-bug-hunting-competition-8a4e6501e91e?source=rss------bug_bounty-5TECNO Securitybug-bounty, bounty-program, hacking, hunting02-Sep-2024
Hunting JavaScript Files for Bug Huntershttps://bevijaygupta.medium.com/hunting-javascript-files-for-bug-hunters-7355df2215ec?source=rss------bug_bounty-5Vijay Guptahunting, javascript, bugs, bug-bounty, bug-hunting02-Sep-2024
A Story About How i Found CVE-2020–27838 in TVH responsible disclosurehttps://medium.com/@karthithehacker/a-story-about-how-i-found-cve-2020-27838-in-tvh-responsible-disclosure-16946f8f8faf?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, cybersecurity, infosec, web-security02-Sep-2024
Advanced Web Application Security Checklisthttps://infosecwriteups.com/advanced-web-application-security-checklist-6f7ed5917c72?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)cybersecurity, bug-bounty-tips, bug-bounty, technology, security02-Sep-2024
Business logic / Failed defense Vulnerability in bug bountyhttps://itsravikiran25.medium.com/business-logic-failed-defense-vulnerability-in-bug-bounty-4ab932a1a200?source=rss------bug_bounty-5Ravikiranbug-bounty-writeup, cybersecurity, penetration-testing, bug-bounty, hacking02-Sep-2024
A Story About How i Found CVE-2020–27838 in TVH responsible disclosurehttps://infosecwriteups.com/a-story-about-how-i-found-cve-2020-27838-in-tvh-responsible-disclosure-16946f8f8faf?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, cybersecurity, infosec, web-security02-Sep-2024
HTML Form Injection Vulnerability in Gmailhttps://medium.com/@h4x0r_dz/html-form-injection-vulnerability-in-gmail-152a01f6d423?source=rss------bug_bounty-5h4x0r_dzgoogle, web, bug-bounty, vulnerability, security02-Sep-2024
Easy 500$ Bounty with Host Header Injection By Ramthullahttps://skramthu.medium.com/easy-500-bounty-with-host-header-injection-by-ramthulla-bb556ebd4c46?source=rss------bug_bounty-5Raminfosec-write-ups, bounty-program, hackerone, bug-bounty, bugbounty-writeup02-Sep-2024
Pentesting vs Bug Bounty: Apa Perbedaannya dan Bagaimana Tahapannya?https://medium.com/@adriansyah1230/pentesting-vs-bug-bounty-apa-perbedaannya-dan-bagaimana-tahapannya-182cc05a2721?source=rss------bug_bounty-5Adrian Syah Abidinhacking, bug-bounty, pentesting, cybersecurity02-Sep-2024
How to Automate Subdomain Takeover Finding: Low Hang Fruit…https://dkcyberz.medium.com/how-to-automate-subdomain-takeover-finding-low-hang-fruit-5733f2794df1?source=rss------bug_bounty-5Harpy Hunterbug-bounty-tips, how-to-takeover-s3-bucket, bug-bounty, bug-bounty-writeup, subdomain-takeover02-Sep-2024
Secure your Instagram Account Today, Or be a victim.https://mayur-jadhav.medium.com/secure-your-instagram-account-today-or-be-a-victim-9f476937a5e2?source=rss------bug_bounty-5Mayur Jadhavbug-bounty, social-media, hacking, cybersecurity02-Sep-2024
26.18 Lab: Web cache poisoning via HTTP/2 request tunnellinghttps://cyberw1ng.medium.com/26-18-lab-web-cache-poisoning-via-http-2-request-tunnelling-72abd219dc68?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, technology, careers, hacking, bug-bounty02-Sep-2024
SSRF via DNS Rebinding That Leads to Several Clouds Access (Arabic)https://medium.com/@Berserker1337/ssrf-via-dns-rebinding-that-leads-to-several-clouds-access-arabic-db9f9a9c530c?source=rss------bug_bounty-5Berserkerbug-bounty, infosec02-Sep-2024
Lessons Learned #1: One line of code can make your application vulnerable (Pre-Auth RCE in Metabase…https://medium.com/appsec-untangled/lessons-learned-1-one-line-of-code-can-make-your-application-vulnerable-pre-auth-rce-in-metabase-a8579ca0102d?source=rss------bug_bounty-5Mohamed AboElKheirthreat-modeling, vulnerability, bug-bounty, application-security, cybersecurity02-Sep-2024
Insider Secrets to Earning $100 to $250 in Bug Bountieshttps://medium.com/@ajaynaikhack/insider-secrets-to-earning-100-to-250-in-bug-bounties-9dd6adb2a304?source=rss------bug_bounty-5Ajay Naikcybersecurity, bug-bounty02-Sep-2024
The Wild World of Path Traversal: Sneaking Around the Web’s Dark Cornershttps://cluelesszay.medium.com/the-wild-world-of-path-traversal-sneaking-around-the-webs-dark-corners-088f5522e371?source=rss------bug_bounty-5zaythecluelessdevpath-traversal, web-security, cybersecurity, bug-bounty, ethical-hacking01-Sep-2024
Race condition to bypass email verify, part #2https://siratsami71.medium.com/race-condition-to-bypass-email-verify-part-2-5efca002cf24?source=rss------bug_bounty-5Sirat Sami (analyz3r)bug-bounty-tips, cybersecurity, bugbounty-writeup, bug-bounty01-Sep-2024
How I found exif metdata leak and earned small bountyhttps://medium.com/@deepk007/how-i-found-exif-metdata-leak-and-earned-small-bounty-34c93de2fa2e?source=rss------bug_bounty-5DEepbug-bounty, ethical-hacking, hacking, bug-bounty-tips, cybersecurity01-Sep-2024
Advanced Techniques for Exploiting SSRF Vulnerabilitieshttps://bootstrapsecurity.medium.com/advanced-techniques-for-exploiting-ssrf-vulnerabilities-9996cade3a64?source=rss------bug_bounty-5BootstrapSecuritybug-bounty-tips, bug-bounty-hunter, cybersecurity, ethical-hacking, bug-bounty01-Sep-2024
Port Scanning for Bug Bountieshttps://bevijaygupta.medium.com/port-scanning-for-bug-bounties-1b660ea41483?source=rss------bug_bounty-5Vijay Guptabug-fixes, port-scanning, bugs, bug-bounty, bug-bounty-tips01-Sep-2024
Subdomain Discovery Toolhttps://medium.com/@World-Breaker/subdomain-discovery-tool-7403e38a760f?source=rss------bug_bounty-5usu@rioZ3r0python, enum, enumeration, subdomain, bug-bounty01-Sep-2024
OWASP A05 :Security Misconfigurationhttps://medium.com/@shivamsharma.ss484/owasp-a05-security-misconfiguration-10518396c757?source=rss------bug_bounty-5Shivamsharmaowasp, owasp-top-10, cybersecurity, bug-bounty, oscp01-Sep-2024
A Story About How I Found XSS in ASUShttps://infosecwriteups.com/a-story-about-how-i-found-xss-in-asus-cb233ce3bb9c?source=rss------bug_bounty-5Karthikeyan.Vbugbounty-tips, infosec, bugbounty-writeup, bug-bounty, bugbounty-poc01-Sep-2024
# 5 Install OWASP Juice Shop on Kali Linux — Guide for Burp Suitehttps://securitycipher.medium.com/5-install-owasp-juice-shop-on-kali-linux-guide-for-burp-suite-6b31c1ece398?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)bug-bounty-tips, security, technology, cybersecurity, bug-bounty01-Sep-2024
How I found My first P1 Bug which ended up ….$?https://medium.com/@yashsomalkar/how-i-found-my-first-p1-bug-which-ended-up-5e6cffdbb066?source=rss------bug_bounty-5Yashsomalkarbugbounty-writeup, bugbounty-poc, aws, bug-bounty, cybersecurity01-Sep-2024
How I Got $250 For My Second Bug In HackerOnehttps://medium.com/@likithteki76/how-i-got-250-for-my-second-bug-in-hackerone-35c75cbd84bd?source=rss------bug_bounty-5Likith Tekihackerone, bug-bounty, bug-bounty-tips, bug-hunting, bugbounty-writeup01-Sep-2024
26.18 Lab: Bypassing access controls via HTTP/2 request tunnelinghttps://cyberw1ng.medium.com/26-18-lab-bypassing-access-controls-via-http-2-request-tunneling-f92ae50661bc?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, bug-bounty, cybersecurity, careers01-Sep-2024
How I found My first P1 Bug which ended up ….$?https://medium.com/@yashsomalkar/how-i-found-my-first-p1-bug-which-ended-up-5e6cffdbb066?source=rss------bug_bounty-5Rudrakshackerbugbounty-writeup, bugbounty-poc, aws, bug-bounty, cybersecurity01-Sep-2024
How I Got $250 For My Second Bug on HackerOnehttps://medium.com/@likithteki76/how-i-got-250-for-my-second-bug-in-hackerone-35c75cbd84bd?source=rss------bug_bounty-5Likith Tekihackerone, bug-bounty, bug-bounty-tips, bug-hunting, bugbounty-writeup01-Sep-2024
26.17 Lab: Exploiting HTTP request smuggling to perform web cache deceptionhttps://cyberw1ng.medium.com/26-17-lab-exploiting-http-request-smuggling-to-perform-web-cache-deception-69a6e9654b7e?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, careers, bug-bounty, cybersecurity31-Aug-2024
All You Need to know About Broken Authentication and Session Managementhttps://medium.com/@ahmed.hilal/all-you-need-to-know-about-broken-authentication-and-session-management-26920f100714?source=rss------bug_bounty-5X0_AhMeD_0Xbug-bounty, pentesting, cybersecurity, bugs, vulnerability31-Aug-2024
DEPENDENCY CONFUSION CAN LEAD TO P5 OR P2 BASED ON LUCKhttps://medium.com/@anonymousshetty2003/dependency-confusion-can-lead-to-p5-or-p2-based-on-luck-64a5b94b80c1?source=rss------bug_bounty-5Anonymousshettyhacking, dependency-confusion, cybersecurity, bug-bounty31-Aug-2024
“Boost Your Productivity: Essential Tips for Organizing Your Work as a Bug Bounty Hunter”https://medium.com/@mahdisalhi0500/boost-your-productivity-essential-tips-for-organizing-your-work-as-a-bug-bounty-hunter-8de1517dc6a4?source=rss------bug_bounty-5Mahdisalhibug-bounty, bug-bounty-tips, ethical-hacking, infosec, hacking31-Aug-2024
HOW I GOT ACCESS TO ACCOUNT BY OTP BYPASShttps://medium.com/@anonymousshetty2003/how-i-got-access-to-account-by-otp-bypass-c49eb0490744?source=rss------bug_bounty-5Anonymousshettycybersecurity, hacking, bug-bounty, otp-bypass31-Aug-2024
Bug bounty Hunting 101https://medium.com/@sys_br3ach3r/bug-bounty-hunting-101-7d2258a3b21d?source=rss------bug_bounty-5sys_br3ach3rbug-bounty-tips, bug-bounty31-Aug-2024
OTP bypass through the Response manipulationhttps://itsravikiran25.medium.com/otp-bypass-through-the-response-manipulation-4f25ab36f60b?source=rss------bug_bounty-5Ravikirancybersecurity, bugbounty-writeup, bug-bounty, hacking, otp-bypass31-Aug-2024
The Discovery of CVE-2024–5947: Authentication Bypass in Deep Sea Electronics DSE855https://medium.com/@karthithehacker/the-discovery-of-cve-2024-5947-authentication-bypass-in-deep-sea-electronics-dse855-5fa2e89cbdfb?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, infosec, information-security, bugbounty-tips, bugbounty-writeup31-Aug-2024
Using Default Credential to Admin Account Takeoverhttps://ch4ndan.medium.com/using-default-credential-to-admin-account-takeover-04c557e67969?source=rss------bug_bounty-5Ch4ndan dasbugs, bug-bounty-tips, hacking, bug-bounty, cybersecurity31-Aug-2024
How to Take Over a Subdomain Through S3 Bucket Takeover…https://dkcyberz.medium.com/how-to-take-over-a-subdomain-through-s3-bucket-takeover-a53238499b81?source=rss------bug_bounty-5Harpy Hunterbug-bounty, bug-hunting, hackerone, s3-bucket, subdomain-takeover31-Aug-2024
How to Get Started in Bug Bounty Hunting: A Comprehensive Beginner’s Guidehttps://shubhdhungana.medium.com/how-to-get-started-in-bug-bounty-hunting-a-comprehensive-beginners-guide-4cdaf3dcd910?source=rss------bug_bounty-5Subh Dhunganabug-bounty, cybersecurity, hacking, hackerone, infosec31-Aug-2024
Most Asked Questions from Cybersecurity Beginners with Answershttps://medium.com/@cham3leon/most-asked-questions-from-cybersecurity-beginners-with-answers-91b7c680e967?source=rss------bug_bounty-5cham3leonfaq, cybersecurity, guides-and-tutorials, pentesting, bug-bounty31-Aug-2024
The Discovery of CVE-2024–5947: Authentication Bypass in Deep Sea Electronics DSE855https://infosecwriteups.com/the-discovery-of-cve-2024-5947-authentication-bypass-in-deep-sea-electronics-dse855-5fa2e89cbdfb?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, infosec, information-security, bugbounty-tips, bugbounty-writeup31-Aug-2024
Bypassing CSP via URL Parser Confusions : XSS on Netlify’s Image CDNhttps://sudhanshur705.medium.com/bypassing-csp-via-url-parser-confusions-xss-on-netlifys-image-cdn-755a27065fd9?source=rss------bug_bounty-5Sudhanshu Rajbharbug-bounty, csp, xss-attack31-Aug-2024
Parameter tampering result in product price manipulationhttps://medium.com/@RaunakGupta1922/parameter-tampering-result-in-product-price-manipulation-356c07a571e5?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitbusiness, cybersecurity, hacking, college, bug-bounty31-Aug-2024
IIS welcome page to source code review to LFI!https://medium.com/@omarahmed_13016/iis-welcome-page-to-source-code-review-to-lfi-23ec581049f5?source=rss------bug_bounty-5Omar Ahmedbug-bounty, hackerone, application-security, bug-bounty-tips31-Aug-2024
How to Get Started in Bug Bounty Hunting: A Comprehensive Beginner’s Guidehttps://infosecwriteups.com/how-to-get-started-in-bug-bounty-hunting-a-comprehensive-beginners-guide-4cdaf3dcd910?source=rss------bug_bounty-5Subh Dhunganabug-bounty, cybersecurity, hacking, hackerone, infosec31-Aug-2024
From Reset to Takeover: The Exploitation Potential of IDOR in Password Recovery Systemshttps://medium.com/@tusharpuri6/from-reset-to-takeover-the-exploitation-potential-of-idor-in-password-recovery-systems-5d1b6f53530a?source=rss------bug_bounty-5Tusharpuribug-bounty, application-security, penetration-testing, offensive-security, authentication31-Aug-2024
How to find webcams using the Google Dorking.https://bob218.medium.com/how-to-find-webcams-using-the-google-dorking-4c7b491fa856?source=rss------bug_bounty-5bob218hacking, bug-bounty, osint, cybersecurity, google-dork31-Aug-2024
How Attackers Sneak in Hidden Requests and What You Can Do About Ithttps://cyberw1ng.medium.com/how-attackers-sneak-in-hidden-requests-and-what-you-can-do-about-it-cc085f245b4e?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing31-Aug-2024
Day 23 of 30 Days — 30 Vulnerabilities | JSON Web Token (JWT) Attackshttps://medium.com/@kumawatabhijeet2002/day-23-of-30-days-30-vulnerabilities-json-web-token-jwt-attacks-d9509595ebd8?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, bug-bounty, jwt-token, jwt-authentication, 30dayswritingchallenge30-Aug-2024
New trick to make self xss impactfulhttps://medium.com/@Rahulkrishnan_R_Panicker/new-trick-to-make-self-xss-impactful-073d52a07d4f?source=rss------bug_bounty-5Rahulkrishnan R Panickerbug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty, xss-attack30-Aug-2024
How to install dnsReaper and use of dnsReaperhttps://medium.com/@sherlock297/how-to-install-dnsreaper-and-use-of-dnsreaper-bc69d66d8c08?source=rss------bug_bounty-5Ravindra Dagalednsreaper, tools, bug-bounty, how-to, subdomain-takeover30-Aug-2024
Google Dorkshttps://medium.com/@twinkspap/google-dorks-c83abf0918ef?source=rss------bug_bounty-5twinksbug-bounty, google-dork, learning, skills, cybersecurity30-Aug-2024
Top 100Vulnerabilities: Identifying and Addressing Security Riskshttps://medium.com/@0xvan/top-100vulnerabilities-identifying-and-addressing-security-risks-bce861b5fa31?source=rss------bug_bounty-50xvanbug-bounty-tips, security, cybersecurity, bug-bounty, web-security30-Aug-2024
./Fingerprinting Web Technologieshttps://gauravdavre.medium.com/fingerprinting-web-technologies-fde6631f9ef7?source=rss------bug_bounty-5Gaurav Davrebug-bounty, cybersecurity, open-source-intelligence, reconnaissance, web-technology30-Aug-2024
26.16 Lab: Exploiting HTTP request smuggling to perform web cache poisoninghttps://cyberw1ng.medium.com/26-16-lab-exploiting-http-request-smuggling-to-perform-web-cache-poisoning-fa35ac4fdf4c?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, bug-bounty, careers, cybersecurity30-Aug-2024
Unlock Hidden Web Vulnerabilities: Advanced ParamSpider Tactics Every Hacker Must Know!https://systemweakness.com/unlock-hidden-web-vulnerabilities-advanced-paramspider-tactics-every-hacker-must-know-62487db3e8c8?source=rss------bug_bounty-5Khaleel Khanpenetration-testing, bug-bounty, hacking, infosec, cybersecurity30-Aug-2024
The Easiest Bug For Beginnershttps://medium.com/@josuofficial327/the-easiest-bug-for-beginners-491986cbc53c?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binubug-bounty-hunter, cybersecurity, ethical-hacking, hacking, bug-bounty30-Aug-2024
The Hunt for XXE to LFI: How I Uncovered CVE-2019–9670 in a Bug Bounty Programhttps://medium.com/@karthithehacker/the-hunt-for-xxe-to-lfi-how-i-uncovered-cve-2019-9670-in-a-bug-bounty-program-5668e4afa806?source=rss------bug_bounty-5Karthikeyan.Vbug-bounty, information-security, infosec, bugbounty-writeup, bug-bounty-tips30-Aug-2024
When Giving Out Cheap Hotel Deals Go Wrong:https://medium.com/@ralph.andalis92/when-giving-out-cheap-hotel-deals-go-wrong-bfea34fa3cde?source=rss------bug_bounty-5Ralph Andalisbug-bounty-tips, pentesting, bug-bounty, web-application-security, web-security30-Aug-2024
My Five Minute Critical Vulnerability Discovery on Hackeronehttps://medium.com/@0xvan/my-five-minute-critical-vulnerability-discovery-on-hackerone-067258333c80?source=rss------bug_bounty-50xvanbug-bounty-writeup, bug-bounty-tips, ethical-hacking, pentesting, bug-bounty30-Aug-2024
DVWA Cheat Sheet (Low & Medium)https://medium.com/@loaysalah276/dvwa-cheat-sheet-low-medium-c7490e76f1b5?source=rss------bug_bounty-5Loay Salahbug-bounty, cybersecurity, penetration-testing, owasp-top-10, dvwa30-Aug-2024
Understanding Bugcrowd’s Vulnerability Rating Taxonomy (VRT):https://medium.com/@js8971105/understanding-bugcrowds-vulnerability-rating-taxonomy-vrt-d5bc946443b5?source=rss------bug_bounty-5jatin singhbug-bounty, web-security, hacking, vrt, web30-Aug-2024
Top 100 Vulnerabilities: Identifying and Addressing Security Riskshttps://medium.com/@0xvan/top-100vulnerabilities-identifying-and-addressing-security-risks-bce861b5fa31?source=rss------bug_bounty-50xvanbug-bounty-tips, security, cybersecurity, bug-bounty, web-security30-Aug-2024
Subdomain Analysis for Bug Bounty Hunting: A Comprehensive Guidehttps://bughunteralltime.medium.com/subdomain-analysis-for-bug-bounty-hunting-a-comprehensive-guide-920e33a59a91?source=rss------bug_bounty-5Bug_Hunter_All_Timebug-bounty30-Aug-2024
How to Hunt for Sensitive Directories in Bug Bounty Huntinghttps://bughunteralltime.medium.com/how-to-hunt-for-sensitive-directories-in-bug-bounty-hunting-f61a7f61d8fb?source=rss------bug_bounty-5Bug_Hunter_All_Timebug-bounty-tips, bug-bounty, hacking30-Aug-2024
How to Map Out a Target for Bug Bounty Huntinghttps://bughunteralltime.medium.com/how-to-map-out-a-target-for-bug-bounty-hunting-acea0ed59783?source=rss------bug_bounty-5Bug_Hunter_All_Timebug-bounty-tips, bug-bounty, hacking, bugs30-Aug-2024
How To FindWeb Technology Identification for Effective Bug Bounty Huntinghttps://bughunteralltime.medium.com/how-to-findweb-technology-identification-for-effective-bug-bounty-hunting-a0f57c80b67b?source=rss------bug_bounty-5Bug_Hunter_All_Timehacking, bug-bounty-tips, bug-bounty, bug-fixes, web-development30-Aug-2024
Interview joke 2: Application Security (Prod.https://medium.com/@kannnannmk/interview-joke-2-application-security-prod-7a0c4c6cdd1a?source=rss------bug_bounty-5Neelamegha Kannan Sbug-bounty, application-security, code-review, pentesting, bug-bounty-tips30-Aug-2024
Easy Subdomain Enumeration Tools & Commandshttps://medium.com/@josuofficial327/easy-subdomain-enumeration-tools-commands-5f8a8fe0f3a0?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binucybersecurity, ethical-hacking, bug-bounty-tips, bug-hunting, bug-bounty30-Aug-2024
Interview joke 1: Application Security (Prod.https://medium.com/@kannnannmk/application-security-prod-3868c0b8cb64?source=rss------bug_bounty-5Neelamegha Kannan Sbug-bounty-tips, interview, bug-bounty, web-security, application-security30-Aug-2024
OWASP A04:2021 INSECURE DESIGNhttps://medium.com/@shivamsharma.ss484/owasp-a04-2021-insecure-design-34ef11e83e6f?source=rss------bug_bounty-5Shivamsharmaowasp, owasp-top-10, bug-bounty, hacking, cybersecurity30-Aug-2024
A Comprehensive AI Security Model for Penetration Testing leverages advanced AI techniques to…https://medium.com/@ajaynaik_16635/a-comprehensive-ai-security-model-for-penetration-testing-leverages-advanced-ai-techniques-to-9caa4febfc21?source=rss------bug_bounty-5Ajay Naikbug-bounty-tips, bug-bounty, ai-security, ethical-hacking30-Aug-2024
Bad Effect Of Bug In Domain.https://medium.com/@nazmulhasan017191/bad-effect-of-bug-in-domain-e0cfd62cb3bc?source=rss------bug_bounty-5Nazmul Hasantechnical-analysis, information-security, cybersecurity, bug-hunting, bug-bounty30-Aug-2024
How to Find Clickjacking Vulnerabilities Using the Command Line in Kali Linuxhttps://bughunteralltime.medium.com/how-to-find-clickjacking-vulnerabilities-using-the-command-line-in-kali-linux-a07cc64437f3?source=rss------bug_bounty-5Bug_Hunter_All_Timebug-bounty-tips, hacking, bugs, bug-bounty30-Aug-2024
Understanding Log Stealer and Its Role in Security Testing — Part 1https://medium.com/haktrak-cybersecurity-squad/understanding-log-stealer-and-its-role-in-security-testing-part-1-5f2223b47847?source=rss------bug_bounty-5YoKo Khosecurity-testing, stealer-logs, stealer-malware, broken-access-control, bug-bounty30-Aug-2024
Understanding Stealer Logs and Its Role in Security Testing — Part 1https://medium.com/haktrak-cybersecurity-squad/understanding-log-stealer-and-its-role-in-security-testing-part-1-5f2223b47847?source=rss------bug_bounty-5YoKo Khostealer-logs, stealer-malware, red-team, broken-access-control, bug-bounty30-Aug-2024
A Comprehensive AI Security Model for Penetration Testing leverages advanced AI techniques to…https://medium.com/@ajaynaikhack/a-comprehensive-ai-security-model-for-penetration-testing-leverages-advanced-ai-techniques-to-9caa4febfc21?source=rss------bug_bounty-5Ajay Naikbug-bounty-tips, bug-bounty, ai-security, ethical-hacking30-Aug-2024
Overview CVE-2024–38063 is a critical zero-click remote code execution (RCE) vulnerability…https://medium.com/@ajaynaikhack/overview-cve-2024-38063-is-a-critical-zero-click-remote-code-execution-rce-vulnerability-9be862382548?source=rss------bug_bounty-5Ajay Naikhacking, bug-bounty, cve, network-security, windows30-Aug-2024
Day 22 of 30 Days — 30 Vulnerabilities | Business Logic Flawshttps://medium.com/@kumawatabhijeet2002/day-22-of-30-days-30-vulnerabilities-business-logic-flaws-734c2f4b0575?source=rss------bug_bounty-5Abhijeet kumawatbusiness-logic, bug-bounty-tips, business-logic-flaw, 30dayswritingchallenge, bug-bounty29-Aug-2024
Part -2: Uncovering a Critical Parameter Tampering Vulnerability on a Major OTT Platformhttps://medium.com/@sulmanfarooq531/uncovering-a-critical-parameter-tampering-vulnerability-on-a-major-ott-platform-e3342cd3437c?source=rss------bug_bounty-5Sulman Farooq Scybersecurity, bug-bounty, http-parameter-pollution, ethical-hacking, ott29-Aug-2024
How Hackers Use Cross-Site Scripting to Break Through Web Application Firewalls!https://theshaco.com/how-hackers-use-cross-site-scripting-to-break-through-web-application-firewalls-ab101f1778a1?source=rss------bug_bounty-5Khaleel Khanweb-development, cybersecurity, infosec, hacking, bug-bounty29-Aug-2024
Practical Bug Bounty — TCM Academy | Module 8 pt.3 (SSTI, XXE, Insecure File Uploads)https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-8-pt-3-ssti-xxe-insecure-file-uploads-1ed7056ea0c7?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamibug-bounty, web-penetration-testing, cybersecurity, ethical-hacking, tcm-academy29-Aug-2024
Part 2 — How I Found Vulnerabilities in NASA and Got into the Hall of Fame — 4 Bugs | Karthikeyan…https://systemweakness.com/part-2-how-i-found-vulnerabilities-in-nasa-and-got-into-the-hall-of-fame-4-bugs-karthikeyan-79c3ec17a336?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, cybersecurity, hacking, bug-bounty29-Aug-2024
Disable Any Customer Ability To Create Service Account With Business Logic Vulnerabilityhttps://medium.com/@bilalresearcher/disable-any-customer-ability-to-create-service-account-with-business-logic-vulnerability-05ab37901a4a?source=rss------bug_bounty-5Bilal Researcherhacking, bug-bounty-writeup, cybersecurity, bug-bounty, bugbounty-writeup29-Aug-2024
Reflected XSS To Account Takeover Without Stealing Session Cookiehttps://medium.com/@bilalresearcher/reflected-xss-to-account-takeover-without-stealing-session-cookie-413e522aac40?source=rss------bug_bounty-5Bilal Researcherhacking, bug-bounty-writeup, bug-bounty, bugbounty-writeup, cybersecurity29-Aug-2024
Detecting Blind Injection Attacks with Discord Webhookshttps://medium.com/@bilalresearcher/detecting-blind-injection-attacks-with-discord-webhooks-9a9d3b566bf1?source=rss------bug_bounty-5Bilal Researcherhacking, cybersecurity, bugbounty-writeup, bug-bounty, bug-bounty-writeup29-Aug-2024
A Beautiful Bug: Interesting URL scheme bypass + Race Conditionhttps://medium.com/@bilalresearcher/a-beautiful-bug-interesting-url-scheme-bypass-race-condition-e8ff79361740?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bugbounty-writeup, hacking, cybersecurity, bug-bounty-writeup29-Aug-2024
Stored XSS to Account Takeover (AWS Cognito)https://medium.com/@bilalresearcher/stored-xss-to-account-takeover-aws-cognito-bd29d241e5d1?source=rss------bug_bounty-5Bilal Researcherxss-vulnerability, bug-bounty-tips, bugbounty-writeup, cybersecurity, bug-bounty29-Aug-2024
My Journey to the United Nations Hall of Fame: A Story of Lucky Mehttps://medium.com/@siddharth_1/my-journey-to-the-united-nations-hall-of-fame-a-story-of-lucky-me-d489d93bd363?source=rss------bug_bounty-5Siddharthcybersecurity, united-nations, vulnerability, bug-bounty, bug-bounty-writeup29-Aug-2024
XSS Web Application Firewall Bypass Techniqueshttps://medium.com/@bilalresearcher/xss-web-application-firewall-bypass-techniques-e10476b5fa72?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-writeup, hacking, bugbounty-writeup, cybersecurity29-Aug-2024
OAuth CSRF: Exploiting the Authorization Code Flow for Account Takeoverhttps://medium.com/@bilalresearcher/oauth-csrf-exploiting-the-authorization-code-flow-for-account-takeover-b1e3790416b7?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bugbounty-writeup, cybersecurity, hacking, bug-bounty-writeup29-Aug-2024
Two Factor Authentication Bypass via using Victim’s DeviceIDhttps://medium.com/@bilalresearcher/two-factor-authentication-bypass-via-using-victims-deviceid-1fc10bfe95c9?source=rss------bug_bounty-5Bilal Researcherhacking, bugbounty-writeup, bug-bounty-writeup, bug-bounty, cybersecurity29-Aug-2024
Bypassed an Admin Panel Using SQL Payloadshttps://medium.com/@bilalresearcher/bypassed-an-admin-panel-using-sql-payloads-572574b41d1c?source=rss------bug_bounty-5Bilal Researcherbug-bounty, hacking, cybersecurity, bug-bounty-writeup, bugbounty-writeup29-Aug-2024
Hunting JavaScript File for Bug Huntershttps://medium.com/@bilalresearcher/hunting-javascript-file-for-bug-hunters-ae4af0479a9c?source=rss------bug_bounty-5Bilal Researchercybersecurity, bugbounty-writeup, hacking, bug-bounty, bug-bounty-writeup29-Aug-2024
Common 403 Bypasses Part 2https://medium.com/@bilalresearcher/common-403-bypasses-part-2-80fd094a86fe?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, hacking, bug-bounty, cybersecurity, bug-bounty-writeup29-Aug-2024
Common 403 Bypasses Part 1https://medium.com/@bilalresearcher/common-403-bypasses-part-1-a693a8413108?source=rss------bug_bounty-5Bilal Researchercybersecurity, bugbounty-writeup, bug-bounty-writeup, bug-bounty, hacking29-Aug-2024
Advanced SQLMap Customizationhttps://medium.com/@bilalresearcher/advanced-sqlmap-customization-34d04b6c0984?source=rss------bug_bounty-5Bilal Researchercybersecurity, hacking, bug-bounty, bug-bounty-writeup, bugbounty-writeup29-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-91)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-91-bcac49fd0f29?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, cybersecurity, money, bug-bounty, hacking28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-90)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-90-0f7e5ae09f8c?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, hacking, ethical-hacking, money28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-89)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-89-f7771af9355f?source=rss------bug_bounty-5Mehedi Hasan Rafidmoney, bug-bounty, hacking, cybersecurity, ethical-hacking28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-88)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-88-5fba54f61fd0?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, money, hacking, cybersecurity, ethical-hacking28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-87)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-87-d78ff97837fd?source=rss------bug_bounty-5Mehedi Hasan Rafidmoney, hacking, cybersecurity, ethical-hacking, bug-bounty28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-86)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-86-dfcf154a34d3?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, cybersecurity, money, bug-bounty, ethical-hacking28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-85)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-85-46305e104b6f?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, ethical-hacking, cybersecurity, bug-bounty, money28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-84)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-84-d3a454db9673?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking, money, cybersecurity, hacking28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-83)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-83-45728838a32c?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, hacking, bug-bounty, cybersecurity, money28-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-82)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-82-8c89ec5c5ef7?source=rss------bug_bounty-5Mehedi Hasan Rafidmoney, bug-bounty, hacking, cybersecurity, ethical-hacking28-Aug-2024
Day 21 of 30 Days — 30 Vulnerabilities | OAuth Misconfigurationshttps://medium.com/@kumawatabhijeet2002/day-21-of-30-days-30-vulnerabilities-oauth-misconfigurations-693c16cf5476?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, web-security-testing, bug-bounty-tips, 30dayswritingchallenge, oauth28-Aug-2024
How to Scan a Range of IP Addresses with Nmaphttps://medium.com/@sherlock297/how-to-scan-a-range-of-ip-addresses-with-nmap-d802dc168846?source=rss------bug_bounty-5Ravindra Dagaletools, nmap, information-technology, bug-bounty, security28-Aug-2024
The Secret to Finding Anyone’s Digital Footprint: Master OSINT in 7 Easy Steps!https://medium.com/@paritoshblogs/the-secret-to-finding-anyones-digital-footprint-master-osint-in-7-easy-steps-bd278a058c73?source=rss------bug_bounty-5Paritoshinformation-technology, cybersecurity, osint, hacking, bug-bounty28-Aug-2024
Exploiting Second-Order IDOR Vulnerabilitieshttps://medium.com/@bountyget/exploiting-second-order-idor-vulnerabilities-6d2554eb1319?source=rss------bug_bounty-5Dhiren Kumar Pradhanbug-bounty, infosec, information-security, bug-bounty-tips, bug-bounty-writeup28-Aug-2024
Exploiting IDORs in APIs That Use Static Keywordshttps://medium.com/@bountyget/exploiting-idors-in-apis-that-use-static-keywords-f94b7797634a?source=rss------bug_bounty-5Dhiren Kumar Pradhaninformation-security, bug-bounty-writeup, bug-bounty-tips, infosec, bug-bounty28-Aug-2024
IDOR : Deleting Comments Like a Boss!https://medium.com/@tanyago/idor-deleting-comments-like-a-boss-0413a375024f?source=rss------bug_bounty-5Tanya Goyalbug-bounty, bug-bounty-tips, bug-bounty-writeup, idor, bug-hunting28-Aug-2024
25.7 Lab: Password reset poisoning via dangling markuphttps://cyberw1ng.medium.com/25-7-lab-password-reset-poisoning-via-dangling-markup-cee4cc5a20f3?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing28-Aug-2024
The Ultimate List of Browser Extensions for Bug Bounty Huntershttps://medium.com/@k4r7hx/the-ultimate-list-of-browser-extensions-for-bug-bounty-hunters-5e349437e063?source=rss------bug_bounty-5Karthikeyanextension, ethical-hacking, bug-bounty, penetration-testing, web28-Aug-2024
How important Cookies can be?https://medium.com/@alireza.razaghzadegan1999/how-important-cookies-can-be-86c7a3fdd790?source=rss------bug_bounty-5Alireza Razaghzadegantechnology, website, bug-bounty, security28-Aug-2024
Blind Command Injection Leads to Nothing!!https://medium.com/@kush.kira/blind-command-injection-leads-to-nothing-ea56f6662a58?source=rss------bug_bounty-5Kiraos-command-injection, command-injection, ssrf, bug-bounty, hacking28-Aug-2024
OTP Bypassing with Response Manipulationhttps://medium.com/@sahilkushwaha275/otp-bypassing-with-response-manipulation-238498b02737?source=rss------bug_bounty-5S33NUbug-hunting, cybersecurity, hacking, pentesting, bug-bounty28-Aug-2024
Dramatic Surge in Password-Stealing Attacks Targeting Amazon, Facebook, and Google Usershttps://medium.com/@realahmedmoses/dramatic-surge-in-password-stealing-attacks-targeting-amazon-facebook-and-google-users-011f6bd3315a?source=rss------bug_bounty-5Moses Ahmedtechnology, coding, bug-bounty, cybersecurity, programming28-Aug-2024
How To Get Stored Xss & RCE Using Bypass Signature & Extension Via File Upload |_|https://medium.com/@bilalresearcher/how-to-get-stored-xss-rce-using-bypass-signature-extension-via-file-upload-9b3e8d9348cd?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, bugbounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips27-Aug-2024
Find Blind XSS like a pro.https://medium.com/@bilalresearcher/find-blind-xss-like-a-pro-ddc9ef8d5e89?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, bug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips27-Aug-2024
The only recon methodology you need to know.https://medium.com/@bilalresearcher/the-only-recon-methodology-you-need-to-know-9feb257ca4a2?source=rss------bug_bounty-5Bilal Researcherbug-bounty, idor, bug-bounty-writeup, cybersecurity, bugbounty-writeup27-Aug-2024
Advanced Web Cache Poisoning Techniques (Part 2): Tools, Methods, and Exploitshttps://medium.com/@bilalresearcher/advanced-web-cache-poisoning-techniques-part-2-tools-methods-and-exploits-b379aeb7ab36?source=rss------bug_bounty-5Bilal Researcheridor, hacking, bug-bounty-writeup, bug-bounty, bugbounty-writeup27-Aug-2024
Unraveling Web Cache Poisoning: A Deep Dive (Part 1)https://medium.com/@bilalresearcher/unraveling-web-cache-poisoning-a-deep-dive-part-1-49fa00e81d1a?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, cybersecurity, idor, bug-bounty, bug-bounty-writeup27-Aug-2024
Finding IDOR Vulnerabilities: Key Endpoints and Resourceshttps://medium.com/@bilalresearcher/finding-idor-vulnerabilities-key-endpoints-and-resources-e4c2457aa231?source=rss------bug_bounty-5Bilal Researcheridor, bug-bounty-writeup, bugbounty-writeup, bug-bounty, hacking27-Aug-2024
How I was able to discover ATO Via IDOR vulnerabilityhttps://medium.com/@bilalresearcher/how-i-was-able-to-discover-ato-via-idor-vulnerability-c31d074a62e8?source=rss------bug_bounty-5Bilal Researchercybersecurity, hacking, bug-bounty, bug-bounty-writeup, bugbounty-writeup27-Aug-2024
SAML Authentication Bypass Leading to Admin Panel Accesshttps://medium.com/@bilalresearcher/saml-authentication-bypass-leading-to-admin-panel-access-751380db249e?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bugbounty-writeup, cybersecurity, bug-bounty-writeup, hacking27-Aug-2024
Critical Security Vulnerability Discovered on Reserve Bank of India’s Website: A Wake-Up Call…https://medium.com/@psychomong/critical-security-vulnerability-discovered-on-reserve-bank-of-indias-website-a-wake-up-call-06fd08db0559?source=rss------bug_bounty-5psychomongbugs, hacker, bug-bounty, no-rate-limit, hacking27-Aug-2024
Day 20 0f 30 Days — 30 Vulnerabilities | Host Header Injectionhttps://medium.com/@kumawatabhijeet2002/day-20-0f-30-days-30-vulnerabilities-host-header-injection-9bc006b4734c?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-writeup, bug-bounty, host-header-injection, bug-bounty-tips, hostattack27-Aug-2024
Day 19 of 30 Days — 30 Vulnerabilities | Rate Limiting Bypasshttps://medium.com/@kumawatabhijeet2002/day-19-of-30-days-30-vulnerabilities-rate-limiting-bypass-896c8e2bdfc1?source=rss------bug_bounty-5Abhijeet kumawat30dayswritingchallenge, bug-bounty-tips, bug-bounty, rate-limit-bypass27-Aug-2024
24.13 Lab: Internal cache poisoninghttps://cyberw1ng.medium.com/24-13-lab-internal-cache-poisoning-2c328e4d4a6d?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing27-Aug-2024
Practical Bug Bounty — TCM Academy | Module 8 pt. 2 (XSS, CMDI)https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-8-pt-2-xss-cmdi-b8728aa5261d?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamibug-bounty, xss-attack, web-penetration-testing, ethical-hacking, cybersecutiy27-Aug-2024
$15k RCE Through Monitoring Debug Modehttps://medium.com/@0xold/15k-rce-through-monitoring-debug-mode-4f474d8549d5?source=rss------bug_bounty-50xoldlocal-file-inclusion, pentesting, hacking, bug-bounty, rce27-Aug-2024
Exploiting IDORs via JSON Globbinghttps://medium.com/@bountyget/exploiting-idors-via-json-globbing-e4c6e2c0535c?source=rss------bug_bounty-5Dhiren Kumar Pradhanpenetration-testing, idor, bug-bounty-tips, bug-bounty, bug-bounty-writeup27-Aug-2024
How i get OTP bypass leads to ATOhttps://kiraadx.medium.com/how-i-get-otp-bypass-leads-to-ato-a7645ade3a90?source=rss------bug_bounty-5KiRaaDxbug-bounty-tips, bug-bounty, bug-bounty-writeup27-Aug-2024
Discovering Two Out-of-Scope Blind/Stored XSS Vulnerabilities in an Admin Panel on a Public Bug…https://medium.com/@octayus/discovering-two-out-of-scope-blind-stored-xss-vulnerabilities-in-an-admin-panel-on-a-public-bug-c0262fa35238?source=rss------bug_bounty-5OctaYusbug-bounty, python, xss-attack, penetration-testing, cybersecurity27-Aug-2024
CSRF Bypass Using Domain Confusion Leads To ATOhttps://infosecwriteups.com/csrf-bypass-using-domain-confusion-leads-to-ato-ac682dd17722?source=rss------bug_bounty-5Osama Alybug-bounty, cybersecurity, hackerone27-Aug-2024
How did I manage to get my first p2 vulnerability using only ffufhttps://medium.com/@loayahmed686/how-did-i-manage-to-get-my-first-p2-vulnerability-using-only-ffuf-a8a70d965d33?source=rss------bug_bounty-5r00tbug-bounty, cybersecurity27-Aug-2024
Fundora on Testnet Bounty Hunt: Spotting Bugs and Reaping Rewardshttps://gingerjoygames.medium.com/fundora-on-testnet-bounty-hunt-spotting-bugs-and-reaping-rewards-7529ec61b1cc?source=rss------bug_bounty-5Ginger Joy Gamesgames, testnet, mobile-games, web3, bug-bounty27-Aug-2024
Monitoring Gitlab Snippets for secrets with TruffleHoghttps://medium.com/@learntheshell/monitoring-gitlab-snippets-for-secrets-with-trufflehog-5c77281ff5b7?source=rss------bug_bounty-5LearnTheShelltrufflehog, bug-bounty, git, bug-bounty-tips, gitlab27-Aug-2024
How I Got Sensitive Directory Using Shodanhttps://ch4ndan.medium.com/how-i-got-sensitive-directory-using-shodan-10e5b91cda86?source=rss------bug_bounty-5Ch4ndan dasbug-bounty, cybersecurity, bug-bounty-tips, bugs, information-disclosure27-Aug-2024
Unveiling the Secrets of Malware Traffic: Analyzing Malware Infected pcap with Wiresharkhttps://medium.com/@dsksatheesh35/unveiling-the-secrets-of-malware-traffic-analyzing-malware-infected-pcap-with-wireshark-5989a9b013fd?source=rss------bug_bounty-5D Satheesh Kumarmalware-analysis, bug-bounty, cybersecurity, wireshark, network-security27-Aug-2024
HTML Injection in email via fname fieldhttps://medium.com/@hossam_hamada/html-injection-in-email-via-fname-field-564c3657e8ad?source=rss------bug_bounty-5Hossam Hamadapenetration-testing, bug-bounty, hackerone, bugcrowd, html-injection27-Aug-2024
How I Took Over Two Subdomains: A Step-by-Step Guidehttps://medium.com/@0xSphinx/how-i-took-over-two-subdomains-a-step-by-step-guide-df5d9eecbb2e?source=rss------bug_bounty-50xSphinxcybersecurity, security, aws, hacking, bug-bounty27-Aug-2024
Day 17 of 30 Days — 30 Vulnerabilities | Path/Directory Traversalhttps://medium.com/@kumawatabhijeet2002/day-17-of-30-days-30-vulnerabilities-path-directory-traversal-008e92c07f23?source=rss------bug_bounty-5Abhijeet kumawat30dayswritingchallenge, bug-bounty-tips, path-traversal, bug-bounty26-Aug-2024
Thief Raccoon — Login Phishing Toolhttps://medium.com/@bountyget/thief-raccoon-login-phishing-tool-59c574687aae?source=rss------bug_bounty-5Bountygetpython3, infosec, info-sec-writeups, bug-bounty, penetration-testing26-Aug-2024
From Developer to Hacker — Entering the Red teamhttps://medium.com/@jonathanmondaut/from-developer-to-hacker-entering-the-red-team-8b50989b9464?source=rss------bug_bounty-5Jonathan Mondautbug-bounty, youtube, networking, twitter, cybersecurity26-Aug-2024
New Malware Uses PHP Exploit to Backdoor Windows Systems - Stay Informed!https://medium.com/@realahmedmoses/new-malware-uses-php-exploit-to-backdoor-windows-systems-stay-informed-8df12e89391a?source=rss------bug_bounty-5Moses Ahmedtechnology, bug-bounty, data-science, cybersecurity, programming26-Aug-2024
Password Reset Glitch Leads to Instant Account Takeoverhttps://bevijaygupta.medium.com/password-reset-glitch-leads-to-instant-account-takeover-a4e67b667eaf?source=rss------bug_bounty-5Vijay Guptavulnerability, reset, bug-bounty, passwords, glitch26-Aug-2024
DNS enumeration methodology and techniqueshttps://systemweakness.com/dns-enumeration-methodology-and-techniques-1945fa4164fd?source=rss------bug_bounty-5Harsh Hatejkali-linux, cybersecurity, linux, subdomains-enumeration, bug-bounty26-Aug-2024
Account Take Over | P1 — Criticalhttps://irsyadsec.medium.com/account-take-over-p1-critical-5468ce8218b9?source=rss------bug_bounty-5Irsyad Muhammad Fawwazwriteup, bugcrowd, bug-bounty, cybersecurity, bug-bounty-tips26-Aug-2024
Understanding Robots.txt: The Key to Managing Web Crawlershttps://medium.com/@kanishk.k1410/understanding-robots-txt-the-key-to-managing-web-crawlers-04eda892ec92?source=rss------bug_bounty-5Kanishk Kumarinformation-technology, investigation, cybersecurity, osint, bug-bounty26-Aug-2024
Hacking My College panel using University Website Like a Prohttps://medium.com/@RaunakGupta1922/hacking-my-college-panel-using-university-website-like-a-pro-9dd075133dce?source=rss------bug_bounty-5Raunak Gupta Aka Biscuithacking, bugbounty-writeup, college, cybersecurity, bug-bounty26-Aug-2024
Exposing Hidden Risks: Uncovering Sensitive Data on a Government Website using Google Dorkshttps://medium.com/@sulmanfarooq531/exposing-hidden-risks-uncovering-sensitive-data-on-a-government-website-using-google-dorks-51748e4f3695?source=rss------bug_bounty-5Sulman Farooq Scybersecurity, government, google-dork, google, bug-bounty26-Aug-2024
“Like” Bypass on Customer Reviews — €500 bountyhttps://medium.com/@asharm.khan7/like-bypass-on-customer-reviews-500-bounty-b8d45a98c096?source=rss------bug_bounty-5Ashar Mahmoodhacking-for-defense, ethical-hacking, bug-bounty, bug-bounty-tips, hacking26-Aug-2024
Best Attack Surface Visualization Toolshttps://netlas.medium.com/best-attack-surface-visualization-tools-8034e681807d?source=rss------bug_bounty-5Netlas.iobug-bounty, penetration-testing, attack-surface, cybersecurity, attack-surface-management26-Aug-2024
Meet Dobby: Your New Bug Bounty Assistanthttps://medium.com/@h3llbl4ckk/meet-dobby-your-new-bug-bounty-assistant-f5bebfeb7607?source=rss------bug_bounty-5Mehmet Kayacybersecurity, github, open-source, hacking, bug-bounty26-Aug-2024
Account Takeover (Same OTP)https://medium.com/@raxomara/account-takeover-same-otp-81bfba35d9b3?source=rss------bug_bounty-5Raxomaraaccount-takeover, bug-bounty-tips, cybersecurity, bug-bounty, race-condition26-Aug-2024
WebSec — CSRF/XSRF (Cross-Site Request Forgery)https://medium.com/@meryemddalgali/websec-csrf-xsrf-cross-site-request-forgery-6c048c6323d1?source=rss------bug_bounty-5Meryem Dalgalıbug-bounty, web-security, xsrf, csrf-attack, vulnerability26-Aug-2024
24.12 Lab: Cache key injection vulnerabilitieshttps://cyberw1ng.medium.com/24-12-lab-cache-key-injection-vulnerabilities-22429a13eebf?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, cybersecurity, penetration-testing26-Aug-2024
Day 18 of 30 Days — 30 Vulnerabilities | Insecure Deserializationhttps://medium.com/@kumawatabhijeet2002/day-18-of-30-days-30-vulnerabilities-insecure-deserialization-29656c0d212a?source=rss------bug_bounty-5Abhijeet kumawatserialization, insecure-design, 30dayswritingchallenge, bug-bounty-tips, bug-bounty26-Aug-2024
How I was able to give verification badge to any YouTube channel and bypass needed requirementshttps://xtt0k.medium.com/how-i-was-able-to-give-verification-badge-to-any-youtube-channel-and-bypass-needed-requirements-b88855afe4b7?source=rss------bug_bounty-5Vojtech Cekalyoutube, bug-bounty, bounty-hunter, bugs, vulnerability26-Aug-2024
OSINT, ChatGPT, and Password Spraying to Takeover System Administrator Accounthttps://medium.com/@mmaulanaabdullah/osint-chatgpt-and-password-spraying-to-takeover-system-administrator-account-b0a6295edbbc?source=rss------bug_bounty-5M Maulana Abdullahcybersecurity, infosec, chatgpt, ai, bug-bounty26-Aug-2024
How I found XSS and open redirect in Kamiapp.com accidentallyhttps://medium.com/@alimuhammadsecured/how-i-found-xss-and-open-redirect-in-kamiapp-com-accidentally-2ff0d3c2b61b?source=rss------bug_bounty-5Alimuhammadsecuredbbp, ctf, bug-bounty, hacking26-Aug-2024
How do I chain multiple Nuclei templates together in a single scan?https://medium.com/@sherlock297/how-do-i-chain-multiple-nuclei-templates-together-in-a-single-scan-621a3fb8787f?source=rss------bug_bounty-5Ravindra Dagalelinux, bug-bounty, how-to, cybersecurity, tips25-Aug-2024
How to get your first valid bug by reading disclosed reportshttps://anonysm.medium.com/how-to-get-your-first-valid-bug-by-reading-disclosed-reports-2663c9987bf3?source=rss------bug_bounty-5Muthu Dcybersecurity, ethical-hacking, bug-bounty, hacking, penetration-testing25-Aug-2024
Bypass Brute-force IP Blockhttps://icecream23.medium.com/bypass-brute-force-ip-block-870a4329c3be?source=rss------bug_bounty-5Aman Bhuiyanethical-hacking, bypassing, ip, bug-bounty25-Aug-2024
The Evolution of Phishing Attacks: A Growing Cybersecurity Challengehttps://medium.com/@paritoshblogs/the-evolution-of-phishing-attacks-a-growing-cybersecurity-challenge-800b0eeacf00?source=rss------bug_bounty-5Paritoshphishing, hacking, social-media, cybersecurity, bug-bounty25-Aug-2024
Vulnerable WordPress July 2024 (Ash-e_doogh)https://medium.com/@onhexgroup/vulnerable-wordpress-july-2024-ash-e-doogh-c7e71d7d94d5?source=rss------bug_bounty-5Onhexgroupwordpress-security, wordpress, bug-bounty, cybersecurity, infosec25-Aug-2024
Finding origin ip addresshttps://systemweakness.com/finding-origin-ip-address-672ca2e2967b?source=rss------bug_bounty-5loyalonlytodaybugbounty-writeup, bug-bounty, bug-bounty-tips, hacking, penetration-testing25-Aug-2024
Explore Koii Network’s DEPIN world with a $10,000 Bug Bounty rewardhttps://medium.com/coinmonks/explore-koii-networks-depin-world-with-a-10-000-bug-bounty-reward-6a57a5450a44?source=rss------bug_bounty-5xeefoxai, koii, depin, koii-network, bug-bounty25-Aug-2024
Defensive Strategies and Best Practices to Protect Against Web Cache Poisoninghttps://cyberw1ng.medium.com/defensive-strategies-and-best-practices-to-protect-against-web-cache-poisoning-7d9b855658c7?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, bug-bounty, penetration-testing, careers25-Aug-2024
HOW TO START IN BUG BOUNTY HUNTINGhttps://medium.com/@gouravrathod8788/how-to-start-in-bug-bounty-hunting-848f5c74807f?source=rss------bug_bounty-5Gourav Singh Rajputcybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty25-Aug-2024
TOP USEFUL CYBR SECURITY & BUG HUNTING TOOLhttps://medium.com/@gouravrathod8788/top-useful-cybr-security-bug-hunting-tool-de9ae281e12f?source=rss------bug_bounty-5Gourav Singh Rajputcybersecurity, hacking-tools, bug-bounty, ethical-hacking, hacking25-Aug-2024
Solving the Prompt Airlines CTFhttps://infosecwriteups.com/solving-the-prompt-airlines-ctf-2235c725050b?source=rss------bug_bounty-5hackerdevilbug-bounty, ctf, ctf-writeup, promptairlines, cybersecurity25-Aug-2024
Hitting the jackpot with RCE!https://medium.com/@gokulsspace/hitting-the-jackpot-with-rce-43755cac1415?source=rss------bug_bounty-5Gokulsspacepentesting, cybersecurity, kerala, ethical-hacking, bug-bounty25-Aug-2024
How I was able to Edit/Read Users Workspaces/Data without any access to ithttps://medium.com/@octayus/how-i-was-able-to-edit-read-users-workspaces-data-without-any-access-to-it-aed616dbde8e?source=rss------bug_bounty-5OctaYusinformation-technology, cybersecurity, infosec, bug-bounty, bounty-program25-Aug-2024
How I got $24000 Bounty from a Log4j RCE in Apple App Store.https://medium.com/@meharhuzaifa777/exploiting-log4j-rce-in-apple-app-store-ca99a549de1f?source=rss------bug_bounty-5Meharhuzaifacybersecurity, bug-bounty-writeup, ethical-hacking, bug-bounty25-Aug-2024
Intruder + Frida to Account Takeoverhttps://medium.com/@bilalresearcher/intruder-frida-to-account-takeover-548d4dd785ef?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-writeup, cybersecurity, bugbounty-writeup, hacking25-Aug-2024
Using E-Notation to bypass Access Control restrictions to access arbitrary user PII-discussionshttps://medium.com/@bilalresearcher/using-e-notation-to-bypass-access-control-restrictions-to-access-arbitrary-user-pii-discussions-d16bbad42394?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, idor, hacking, cybersecurity, bug-bounty25-Aug-2024
PwnOS-1 Walkthroughhttps://erdemstar.medium.com/pwnos-1-walkthrough-fec01bd0e8d4?source=rss------bug_bounty-5Erdemstarbug-bounty, oscp-preparation, oscp, cybersecurity, security25-Aug-2024
Kioptrix Level 4 Walkthroughhttps://erdemstar.medium.com/kioptrix-level-4-walkthrough-96d46095c789?source=rss------bug_bounty-5Erdemstaroscp-preparation, bug-bounty-tips, oscp, cybersecurity, bug-bounty25-Aug-2024
LOLbins / LOLBAS Attack !https://medium.com/@reemmoslem34/lolbins-lolbas-attack-006aad1ac364?source=rss------bug_bounty-5Rem Khalidbug-bounty, cybersecurity, malware, python, cryptocurrency25-Aug-2024
What Really Provides Security in the Cloud?https://medium.com/@paritoshblogs/what-really-provides-security-in-the-cloud-2f0cc83d113a?source=rss------bug_bounty-5Paritoshinformation-technology, bug-bounty, information-security, cybersecurity, infosec24-Aug-2024
Practical Bug Bounty — TCM Academy | Module 8https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-8-44663b4f87e3?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamisqli, bug-bounty, sql-injection, tcm-academy, web-penetration-testing24-Aug-2024
Cross-Site Origin Policy (CORS)https://itsravikiran25.medium.com/cross-site-origin-policy-cors-c82e4b0208f8?source=rss------bug_bounty-5Ravikiraninfosec-write-ups, vulnerability-assessment, cybersecurity, bug-bounty, cors24-Aug-2024
Exploiting Privilege Escalation via Role Parameter Manipulationhttps://medium.com/@tusharpuri6/exploiting-privilege-escalation-via-role-parameter-manipulation-5f8df062eb71?source=rss------bug_bounty-5Tusharpuripenetration-testing, offensive-security, privilege-escalation, application-security, bug-bounty24-Aug-2024
MASS HUNTING TO FIND XSS(CROSS SITE SCRIPTING)https://systemweakness.com/mass-hunting-to-find-xss-cross-site-scripting-27cc687e58e0?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, xss-vulnerability, bugbounty-automation, bug-bounty, bug-bounty-tips24-Aug-2024
Unleash Your Inner Hacker with Koii’s $10,000 Bug Bounty Challengehttps://medium.com/nest-of-rin/unleash-your-inner-hacker-with-koiis-10-000-bug-bounty-challenge-d37c23969df1?source=rss------bug_bounty-5Rinkoii-network, koii, developer, hackathons, bug-bounty24-Aug-2024
Top 5 Vulnerabilities That Can Earn You Big in Bug Bountieshttps://medium.com/@verylazytech/top-5-vulnerabilities-that-can-earn-you-big-in-bug-bounties-4541878d7e19?source=rss------bug_bounty-5Very Lazy Techethical-hacking, cybersecurity, hacking, bug-bounty, cyber24-Aug-2024
What I Learned from Reading 217* Subdomain Takeover Bug Reportshttps://bevijaygupta.medium.com/what-i-learned-from-reading-217-subdomain-takeover-bug-reports-5c6caae2b5da?source=rss------bug_bounty-5Vijay Guptasubdomain, bugs, bug-report, subdomain-takeover, bug-bounty24-Aug-2024
Reset password Checklisthttps://medium.com/@hozayfan782/reset-password-checklist-1ebabdd6c0f3?source=rss------bug_bounty-5Hozayfa Nasserbug-bounty, bug-bounty-writeup, bug-bounty-tips, cybersecurity, research24-Aug-2024
How do I run Nuclei in silent mode to avoid unnecessary output?https://medium.com/@sherlock297/how-do-i-run-nuclei-in-silent-mode-to-avoid-unnecessary-output-25fbb9d2e26d?source=rss------bug_bounty-5Ravindra Dagalenucleus, information-security, bug-bounty, output, how-to24-Aug-2024
Unauthorized Deletion of Forms by Low-Level Unlicensed Users: A 500$ Access Control Bughttps://medium.com/@a13h1/unauthorized-deletion-of-forms-by-low-level-unlicensed-users-a-500-access-control-bug-98dc50c8c193?source=rss------bug_bounty-5Abhi Sharmaprogramming, bug-bounty, infosec, cybersecurity, access-control24-Aug-2024
Essential Resources for Exploiting Web Cache Poisoning: Tools, Techniques, and Learning Materialshttps://cyberw1ng.medium.com/essential-resources-for-exploiting-web-cache-poisoning-tools-techniques-and-learning-materials-cbbef5221392?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, penetration-testing, cybersecurity, bug-bounty24-Aug-2024
Beware of fake bug bounty programs, my real life experiencehttps://harish45.medium.com/beware-of-fake-bug-bounty-programs-my-real-life-experience-ce009d435ed8?source=rss------bug_bounty-5Harishbug-bounty, cybersecurity-awareness, cybersecurity, ethical-hacking, bug-bounty-tips24-Aug-2024
Find Bugs From Google Dorkshttps://ch44nd.medium.com/find-bugs-from-google-dorks-ec574c01471b?source=rss------bug_bounty-5Chandan dasbug-bounty, information-disclosure, bugs, hacking, google-dork24-Aug-2024
One-click Account Take Overhttps://medium.com/@bilalresearcher/one-click-account-take-over-50e4128c990d?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, hacking, bug-bounty-tips, bugbounty-writeup, bug-bounty24-Aug-2024
0-click Full Account Takeoverhttps://medium.com/@bilalresearcher/0-click-full-account-takeover-0ddc951e14ae?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, bug-bounty, hacking, bug-bounty-tips, bugbounty-writeup24-Aug-2024
Drupal Website Takeover | Admin Dashboardhttps://medium.com/@bilalresearcher/drupal-website-takeover-admin-dashboard-6ae4a34d0689?source=rss------bug_bounty-5Bilal Researcherhacking, bug-bounty-writeup, bug-bounty-tips, bugbounty-writeup, bug-bounty24-Aug-2024
STRIPE Live Key Exposed:: Bounty: $1000https://medium.com/@bilalresearcher/stripe-live-key-exposed-bounty-1000-57018f1d4520?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-writeup, bug-bounty-program, hacking, bug-bounty-tips24-Aug-2024
[GraphQL IDOR]Leaking credit card information of 1000s of users [External Audit]https://medium.com/@bilalresearcher/graphql-idor-leaking-credit-card-information-of-1000s-of-users-external-audit-1404256b761f?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, hacking, bugbounty-writeup, bug-bounty-tips, bug-bounty24-Aug-2024
Exposing Database Creds via SVN: A $400 Discoveryhttps://medium.com/@bilalresearcher/exposing-database-creds-via-svn-a-400-discovery-fa7c2de288bf?source=rss------bug_bounty-5Bilal Researcherbug-bounty-tips, bug-bounty-writeup, bug-bounty, hacking, bugbounty-writeup24-Aug-2024
SQL Injections for bug bountyhttps://medium.com/@boogsta/sql-injections-for-bug-bounty-3a608babd9b1?source=rss------bug_bounty-5Boogstahacking, bug-bounty, cybersecurity, programming, cyber24-Aug-2024
Chain of Rate Limit Bypass and Weak Token Expiry Leads To Account Take Overhttps://medium.com/@bilalresearcher/chain-of-rate-limit-bypass-and-weak-token-expiry-leads-to-account-take-over-0cf794fef31c?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-writeup, bugbounty-writeup, bug-bounty-tips, hacking24-Aug-2024
CSRF Bypass Combined with IDOR To Complete Account Takeover!https://medium.com/@bilalresearcher/csrf-bypass-combined-with-idor-to-complete-account-takeover-588b34b9cf60?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, bug-bounty-tips, bug-bounty, hacking, bugbounty-writeup24-Aug-2024
User information disclosure via message reactionshttps://medium.com/@bilalresearcher/user-information-disclosure-via-message-reactions-affc72cfd8de?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, hacking, bug-bounty-writeup, bug-bounty-tips, bug-bounty24-Aug-2024
IDOR Lead to Data Leakhttps://medium.com/@bilalresearcher/idor-lead-to-data-leak-6943ade0a3d6?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-tips, bugbounty-writeup, bug-bounty-writeup, hacking24-Aug-2024
XSS & IDOR & CSRF to ATOhttps://medium.com/@bilalresearcher/xss-idor-csrf-to-ato-0e898876789d?source=rss------bug_bounty-5Bilal Researcherbug-bounty-tips, bug-bounty-writeup, hacking, bugbounty-writeup, bug-bounty24-Aug-2024
How I Turned a Rate-Limit Bypass into an Account Takeoverhttps://medium.com/@bilalresearcher/how-i-turned-a-rate-limit-bypass-into-an-account-takeover-5a50b0f4dc6a?source=rss------bug_bounty-5Bilal Researcherbug-bounty-tips, bugbounty-writeup, bug-bounty-writeup, hacking, bug-bounty24-Aug-2024
$$$ Bypassing SSRF Restrictions on a Google Product: A Journey Through DNS Rebindinghttps://medium.com/@bilalresearcher/bypassing-ssrf-restrictions-on-a-google-product-a-journey-through-dns-rebinding-caaf00ebe479?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, bug-bounty-writeup, bug-bounty-tips, bug-bounty, hacking24-Aug-2024
Discovering a Session Persistence Vulnerability That Led to a $$$$ Bountyhttps://medium.com/@bilalresearcher/discovering-a-session-persistence-vulnerability-that-led-to-a-bounty-bbf3dd526f01?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, bug-bounty-tips, hacking, bug-bounty-writeup, bug-bounty24-Aug-2024
Bypassing methods that I used to find CSRF vulnerabilitieshttps://medium.com/@bilalresearcher/bypassing-methods-that-i-used-to-find-csrf-vulnerabilities-0709cc8a3c4d?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, bugbounty-writeup, bug-bounty, bug-bounty-tips, hacking24-Aug-2024
Mobile Pentesting: A Walkthrough of the First 10 Challenges on Injured Android App-Part1https://medium.com/@mly57003/mobile-pentesting-a-walkthrough-of-the-first-10-challenges-on-injured-android-app-part1-0e85c600494f?source=rss------bug_bounty-5mohamed alibug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-hunter24-Aug-2024
Can AI and ML Stop Cyber Attacks?https://medium.com/@paritoshblogs/can-ai-and-ml-stop-cyber-attacks-291c6425d0e8?source=rss------bug_bounty-5Paritoshai, cybersecurity, machine-learning, bug-bounty, chatgpt23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-81)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-81-833084004f21?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking, money, cybersecurity, hacking23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-80)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-80-ae2ad3c7f971?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, bug-bounty, hacking, money23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-79)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-79-415c1bd4f7c3?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, hacking, money, ethical-hacking, cybersecurity23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-78)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-78-85e87ffc94f9?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking, money, cybersecurity, hacking23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-77)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-77-b9b1354812cc?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, bug-bounty, cybersecurity, money, hacking23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-76)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-76-07a4d8f583c0?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, bug-bounty, cybersecurity, skills, hacking23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-75)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-75-8d5930bd46dc?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, skills, hacking, ethical-hacking, bug-bounty23-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-74)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-74-778fd4767e52?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, bug-bounty, ethical-hacking, hacking, skills23-Aug-2024
Elevate Your Cybersecurity Skills with Expert Training and Penetration Testing!https://imranthe3rd3ye.medium.com/elevate-your-cybersecurity-skills-with-expert-training-and-penetration-testing-b16e8b122642?source=rss------bug_bounty-5Md. Imran Chowdhurylearn-hacking, ethical-hacking, penetration-testing, kali-linux, bug-bounty23-Aug-2024
Monitoring Gists for secrets with Trufflehoghttps://medium.com/@learntheshell/monitoring-gists-with-trufflehog-612b7d9dbab5?source=rss------bug_bounty-5LearnTheShellgithub, git, bug-bounty, trufflehog, bug-bounty-tips23-Aug-2024
Hidden in Plain Sight: Uncovering RCE on a Forgotten Axis2 Instancehttps://medium.com/@domenicoveneziano/hidden-in-plain-sight-uncovering-rce-on-a-forgotten-axis2-instance-86ddc91f1415?source=rss------bug_bounty-5Domenico Venezianobug-bounty-tips, bug-bounty-writeup, bug-bounty23-Aug-2024
Finally, SSL Pinning for Flutter Bypassed After Frustration..https://wahaz.medium.com/finally-ssl-pinning-for-flutter-bypassed-after-frustration-4573e15ed18e?source=rss------bug_bounty-5Rizaldi Wahazbug-bounty, cybersecurity, hacking, flutter, penetration-testing23-Aug-2024
How I Got an Appreciation Letter from NASA for Finding a Simple Bughttps://infosecwriteups.com/how-i-got-an-appreciation-letter-from-nasa-for-finding-a-simple-bug-8812852d0337?source=rss------bug_bounty-5Om Arorabug-bounty, programming, technology, cybersecurity, infosec23-Aug-2024
Web Cache Poisoning: Understanding the Threat and How to Protect Your Websitehttps://cyberw1ng.medium.com/web-cache-poisoning-understanding-the-threat-and-how-to-protect-your-website-82ebaba2f0e8?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, hacking, careers, bug-bounty23-Aug-2024
Day 16 of 30 Days — 30 Vulnerabilities | Subdomain Takeoverhttps://medium.com/@kumawatabhijeet2002/day-16-of-30-days-30-vulnerabilities-subdomain-takeover-01088ad1d525?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty-tips, subdomain-takeover, bug-bounty, 30dayswritingchallenge23-Aug-2024
how i got into the server of our university.https://medium.com/@mesterx54/how-i-got-into-the-server-of-our-university-aae2782bcc64?source=rss------bug_bounty-5Abdeladime Mk (mesterx54)bug-bounty, rce, bug-bounty-tips, sqli, pentesting23-Aug-2024
Stealing Admin Cookies: An XSS Challenge from TCM Security’s Practical Bug Bounty Coursehttps://medium.com/@trixiahorner/stealing-admin-cookies-an-xss-challenge-from-tcm-securitys-practical-bug-bounty-course-b08a990cca84?source=rss------bug_bounty-5Trixia Hornerpenetration-testing, ethical-hacking, hacking, cybersecurity, bug-bounty23-Aug-2024
Boost Subdomain Discovery with Subfinder and API Integrationshttps://saurabh-jain.medium.com/integrating-shodan-and-censys-api-keys-into-subfinder-c28452af2efb?source=rss------bug_bounty-5Saurabh Jainbug-bounty-writeup, bug-bounty, subdomains-enumeration, subfinder, hacking23-Aug-2024
Response Manipulation FTW: Understanding and Exploiting Response Manipulationhttps://medium.com/@security.tecno/response-manipulation-ftw-understanding-and-exploiting-response-manipulation-6ad2d81f2eb4?source=rss------bug_bounty-5TECNO Securitysecurity, reserach, hacking, bug-bounty22-Aug-2024
10 Secrets Ethical Hackers Don’t Want You to Know (But We’re Revealing Them Anyway!)https://medium.com/@paritoshblogs/10-secrets-ethical-hackers-dont-want-you-to-know-but-we-re-revealing-them-anyway-094ca920c3d8?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, hacking, information-technology, ethical-hacking22-Aug-2024
CORRUPT SEBI INDIA JEOPARDIZING DIRECTOES FINANCIAL INFO, ZOMATO BUG BOUNTY HACKERONE FRAUDhttps://medium.com/@krivadna_87390/corrupt-sebi-india-jeopardizing-directoes-financial-info-zomato-bug-bounty-hackerone-fraud-f27145ccfad8?source=rss------bug_bounty-5Krivadnaandroid, social-media, bug-bounty, cybersecurity, bugbounty-writeup22-Aug-2024
Grep tips for Javascript Analysis | Bug Bountyhttps://0xmaruf.medium.com/grep-tips-for-javascript-analysis-bug-bounty-7dce88266121?source=rss------bug_bounty-5Md Maruf Hosan (0xMaruf)cybersecurity, bug-bounty-tips, bug-bounty22-Aug-2024
TESLA MOTORS VIN NUMBER LEAK THROUGH IT’S API ENDPOINT, THEY CALL IT NO SECURITY IMPACT..https://medium.com/@krivadna_87390/tesla-motors-vin-number-leak-through-its-api-endpoint-they-call-it-no-security-impact-bb30fb5f1314?source=rss------bug_bounty-5Krivadnaandroid, bug-bounty, penetration-testing, bugbounty-writeup, cybersecurity22-Aug-2024
CORRUPT SEBI INDIA JEOPARDIZING DIRECTOR'S FINANCIAL INFO • PAN NUMBER LEAK ZOMATO BUG BOUNTY…https://medium.com/@krivadna_87390/corrupt-sebi-india-jeopardizing-directoes-financial-info-zomato-bug-bounty-hackerone-fraud-f27145ccfad8?source=rss------bug_bounty-5Krivadnaandroid, social-media, bug-bounty, cybersecurity, bugbounty-writeup22-Aug-2024
Exposing Source Code via SVN: A $400 Discoveryhttps://infosecwriteups.com/exposing-source-code-via-svn-a-400-discovery-9fc54b3f3f31?source=rss------bug_bounty-5Vipul Sahubug-bounty-tips, bug-bounty, information-security, cybersecurity22-Aug-2024
安全賞金計劃來了,獎金最高達¥6000!https://medium.com/@AdsPowerHK/%E5%AE%89%E5%85%A8%E8%B3%9E%E9%87%91%E8%A8%88%E5%8A%83%E4%BE%86%E4%BA%86-%E7%8D%8E%E9%87%91%E6%9C%80%E9%AB%98%E9%81%94-6000-672c3dcf1483?source=rss------bug_bounty-5AdsPower 指紋瀏覽器adspower, 指纹浏览器, 漏洞, bug-bounty, 指纹浏览器ip22-Aug-2024
Automating the Hunt for Reflected XSS: Essential One-Liners for Web Securityhttps://medium.com/@garvsanwariya60/automating-the-hunt-for-reflected-xss-essential-one-liners-for-web-security-025bbd82f95d?source=rss------bug_bounty-5Garvsanwariyaxss-attack, cybersecurity, hacking, web-security, bug-bounty22-Aug-2024
Instagram and Meta 2FA Bypass by Unprotected Backup Code Retrieval in Accounts Centerhttps://medium.com/@scriptshuva/instagram-and-meta-2fa-bypass-by-unprotected-backup-code-retrieval-in-accounts-center-c735ff650f10?source=rss------bug_bounty-5Shuva Sahabug-bounty-writeup, bug-bounty, facebook-bug-bounty, 2fa-bypass, meta-bug-bounty22-Aug-2024
Exposing Database Creds via SVN: A $400 Discoveryhttps://infosecwriteups.com/exposing-source-code-via-svn-a-400-discovery-9fc54b3f3f31?source=rss------bug_bounty-5Vipul Sahubug-bounty-tips, bug-bounty, information-security, cybersecurity22-Aug-2024
How I can easily get four P1 at NASA using Simple Google Dorking.https://k4tedu.medium.com/how-i-can-easily-get-four-p1-at-nasa-using-simple-google-dorking-d4457bec1971?source=rss------bug_bounty-5k4tedubug-bounty, dorking, penetration-testing, nasa-vdp, pentest-web22-Aug-2024
WebSec — SSTI (Server Site Template Injection)https://medium.com/@meryemddalgali/websec-ssti-server-site-template-injection-1a9603caa51e?source=rss------bug_bounty-5Meryem Dalgalıvulnerability, application-security, bug-bounty, pentest-learnings, web-security22-Aug-2024
Bypassing methods that I used to find CSRF vulnerabilitieshttps://anonysm.medium.com/bypassing-methods-that-i-used-to-find-csrf-vulnerabilities-b7dbf88cdb0a?source=rss------bug_bounty-5Muthu Dcybersecurity, ethical-hacking, hacking, bug-bounty, penetration-testing22-Aug-2024
How I Found Vulnerabilities in NASA and Got into the Hall of Fame — 4 Bugshttps://infosecwriteups.com/how-i-found-vulnerabilities-in-nasa-and-got-into-the-hall-of-fame-4-bugs-78e0fc4cc5cc?source=rss------bug_bounty-5Karthikeyan Nagarajhall-of-fame, careers, cybersecurity, bug-bounty, hacking22-Aug-2024
Easy Bug | Email Spoofinghttps://saeidmicro.medium.com/easy-bug-email-spoofing-5d1bfc1a885e?source=rss------bug_bounty-5Saeid Khaterbug-bounty22-Aug-2024
Blind SSRFhttps://saeidmicro.medium.com/blind-ssrf-ee5f0e6ed86f?source=rss------bug_bounty-5Saeid Khaterbug-bounty22-Aug-2024
Battle of the Web Security Titans: Burp Suite vs. OWASP ZAPhttps://shaifsec.medium.com/battle-of-the-web-security-titans-burp-suite-vs-owasp-zap-e3da58d36203?source=rss------bug_bounty-5Shaif Alipenetration-testing, bug-bounty, web-security, cybersecurity, shaifsec22-Aug-2024
Advanced Web Cache Poisoning Techniques (Part 2): Tools, Methods, and Exploitshttps://medium.com/@dsmodi484/advanced-web-cache-poisoning-techniques-part-2-tools-methods-and-exploits-d35619d4bd75?source=rss------bug_bounty-5Dishant Modiresources, vulnerability, web-cache-poisoning, bug-bounty, methodology21-Aug-2024
Secrets of Red Teaming: Must-Know Tips and Tricks for Beginners!https://medium.com/@paritoshblogs/secrets-of-red-teaming-must-know-tips-and-tricks-for-beginners-7a0dbf8eb021?source=rss------bug_bounty-5Paritoshred-teaming, hacking, bug-bounty, pentesting, cybersecurity21-Aug-2024
Beyond the Login The Path Traversal Attackhttps://medium.com/@rajqureshi07/beyond-the-login-the-path-traversal-attack-30c1cfc09b3a?source=rss------bug_bounty-5Raj Qureshibug-bounty, information-technology, infosec, bug-bounty-tips, information-security21-Aug-2024
Deploying Rust Smart Contractshttps://medium.com/@bugbountydegen/deploying-rust-smart-contracts-7a22e04c4cd9?source=rss------bug_bounty-5bugbountydegenrust, bug-bounty, smart-contract-security, blockchain21-Aug-2024
Forging a Path to Account Takeover: Copy Password Reset Link Vulnerability worth $$$$.https://medium.com/@bilalresearcher/forging-a-path-to-account-takeover-copy-password-reset-link-vulnerability-worth-3135c3df60d6?source=rss------bug_bounty-5Bilal Researcherbug-bounty-tips, bug-bounty-writeup, bug-bounty, hacking, cybersecurity21-Aug-2024
[Account Take Over] through reset password token leaked in response, 2500 € Rewardhttps://medium.com/@bilalresearcher/account-take-over-through-reset-password-token-leaked-in-response-2500-reward-97cc22d0b65d?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-writeup, cybersecur, hacking, bugbounty-writeup21-Aug-2024
Discovering a $5000 RCE via Dependency Confusion Vulnerabilityhttps://medium.com/@bilalresearcher/discovering-a-5000-rce-via-dependency-confusion-vulnerability-9a1cd88ddb0c?source=rss------bug_bounty-5Bilal Researcherbug-bounty, cybersecurity, hacking, bug-bounty-tips, bug-bounty-writeup21-Aug-2024
A Simple 2FA Bypasshttps://medium.com/@bilalresearcher/a-simple-2fa-bypass-368a2861c6df?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, bug-bounty, hacking, bug-bounty-tips, cybersecurity21-Aug-2024
Account Takeover using IDOR in Password reset Functionalityhttps://medium.com/@bilalresearcher/account-takeover-using-idor-in-password-reset-functionality-b736a85f4f02?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bugbounty-writeup, cybersecurity, info-sec-writeups, bug-bounty-writeup21-Aug-2024
How I got my first $13500 bounty through Parameter Polluting (HPP)https://medium.com/@bilalresearcher/how-i-got-my-first-13500-bounty-through-parameter-polluting-hpp-237bd8cdfeff?source=rss------bug_bounty-5Bilal Researcherbug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty, cybersecurity21-Aug-2024
Authorization bypass due to cache misconfigurationhttps://rikeshbaniya.medium.com/authorization-bypass-due-to-cache-misconfiguration-fde8b2332d2d?source=rss------bug_bounty-5Rikesh Baniyasecurity-research, bug-bounty-writeup, hackerone, bug-bounty-tips, bug-bounty21-Aug-2024
The Future of Web Cache Poisoning Defense: Anticipating New Threats and Adopting Next-Generation…https://cyberw1ng.medium.com/the-future-of-web-cache-poisoning-defense-anticipating-new-threats-and-adopting-next-generation-56a62d115bcd?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, penetration-testing, bug-bounty, hacking21-Aug-2024
Race Condition on Likes of Product Leads to Products can appear more popularhttps://medium.com/@omdubey170/race-condition-on-likes-of-product-leads-to-products-can-appear-more-popular-a39038d16203?source=rss------bug_bounty-5Omdubeycache, bug-bounty-tips, security, bug-bounty, race-condition21-Aug-2024
Authorization bypass due to cache misconfigurationhttps://medium.com/@bilalresearcher/authorization-bypass-due-to-cache-misconfiguration-7407aa1c6374?source=rss------bug_bounty-5Bilal Researcherbugbounty-writeup, bug-bounty-writeup, bug-bounty, hacking, cybersecurity21-Aug-2024
Day 15 of 30 Days — 30 Vulnerabilities | ClickJackinghttps://medium.com/@kumawatabhijeet2002/day-15-of-30-days-30-vulnerabilities-clickjacking-33e38c25d528?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, 30-day-challenge, bug-bounty-tips, 30dayswritingchallenge, clickjacking20-Aug-2024
Information Disclosure : 80+ Emails and LongID Disclosed !!https://pushkarhax.medium.com/information-disclosure-80-emails-and-longid-disclosed-8952e2c6978b?source=rss------bug_bounty-5Pushkar Nandwalkarbugbounty-tips, offensive-security, bug-bounty, cybersecurity, hacking20-Aug-2024
Unveiling a Critical Vulnerability: Exposing AWS Credentials in a Penetration Testhttps://notifybugme.medium.com/unveiling-a-critical-vulnerability-exposing-aws-credentials-in-a-penetration-test-2f7119a7c816?source=rss------bug_bounty-5Santosh Kumar Sha (@killmongar1996)penetration-testing, bug-bounty, ethical-hacking, security, aws20-Aug-2024
How a Lazy Bug Bounty Hunter got a place on NASA HOF ( An XSS Story).https://medium.com/@trffnsec/how-a-lazy-bug-bounty-hunter-got-a-place-on-nasa-hof-an-xss-story-e14fccc326e2?source=rss------bug_bounty-5Augustinetriffinxss-attack, bug-bounty, cybersecurity, hacking, nasa20-Aug-2024
How a Lazy Bug Bounty Hunter got a place on NASA HOF ( An XSS Story).https://medium.com/@trffnsec/how-a-lazy-bug-bounty-hunter-got-a-place-on-nasa-hof-an-xss-story-e14fccc326e2?source=rss------bug_bounty-5TrffnSecxss-attack, bug-bounty, cybersecurity, hacking, nasa20-Aug-2024
My first XSS: Reflected XSS in hidden parameterhttps://anonysm.medium.com/my-first-xss-reflected-xss-in-hidden-parameter-4142a02edfb1?source=rss------bug_bounty-5Muthu Dcybersecurity, hacking, penetration-testing, ethical-hacking, bug-bounty20-Aug-2024
cyberseReal-World Applications and Case Studies: Combating Web Cache Poisoning in Complex…https://cyberw1ng.medium.com/cybersereal-world-applications-and-case-studies-combating-web-cache-poisoning-in-complex-5bf41b0073c1?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, penetration-testing, hacking, bug-bounty20-Aug-2024
Invitation link hijacking on a bug bounty programhttps://harish45.medium.com/invitation-link-hijacking-on-a-bug-bounty-program-50d3b92d5532?source=rss------bug_bounty-5Harishhackerone, bugcrowd, bug-bounty, bug-bounty-tips, ethical-hacking20-Aug-2024
Best Directory Brute-forcing Tools for Beginner Bug Huntershttps://medium.com/@josuofficial327/best-directory-brute-forcing-tools-for-beginner-bug-hunters-3388dd97c055?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuethical-hacking, bug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup19-Aug-2024
0-click Full Account Takeoverhttps://dynnyd20.medium.com/0-click-full-account-takeover-9bb6b4d692a9?source=rss------bug_bounty-5dynnyd20cybersecurity, pentest, ato, bug-bounty, pentesting19-Aug-2024
Beyond Web Caching Vulnerabilitieshttps://medium.com/@0xAwali/beyond-web-caching-vulnerabilities-c617d8cdbb85?source=rss------bug_bounty-5Mahmoud M. Awaliweb-security, bug-bounty19-Aug-2024
Discovering a Session Persistence Vulnerability That Led to a $$$$ Bountyhttps://anonysm.medium.com/discovering-a-session-persistence-vulnerability-225e4b38e605?source=rss------bug_bounty-5Muthu Dcybersecurity, penetration-testing, infosec, bug-bounty, ethical-hacking19-Aug-2024
Advanced Techniques for Mitigating Web Cache Poisoning Attackshttps://cyberw1ng.medium.com/advanced-techniques-for-mitigating-web-cache-poisoning-attacks-8f818fd7eb00?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, cybersecurity, bug-bounty, penetration-testing19-Aug-2024
How to Bypass Company Email Feature While Creating an Accounthttps://medium.com/@josuofficial327/how-to-bypass-company-email-feature-while-creating-an-account-f792b37a231f?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binubug-bounty-hunter, cybersecurity, bug-bounty-tips, vulnerability, bug-bounty18-Aug-2024
BugBounty WriteUp — Creative thinking is our everything (Race Condition + Business Logic Error)https://medium.com/@bilalresearcher/bugbounty-writeup-creative-thinking-is-our-everything-race-condition-business-logic-error-c7cfcc6d9125?source=rss------bug_bounty-5Bilal Researcherhacking, writeup, bug-bounty, penetration-testing, programming18-Aug-2024
Bug Bounty Writeup: $2500 Reward for Session Hijack via Chained Attackhttps://medium.com/@bilalresearcher/bug-bounty-writeup-2500-reward-for-session-hijack-via-chained-attack-b5ad443bc9b9?source=rss------bug_bounty-5Bilal Researcherethical-hacking, cybersecurity, xss-attack, bug-bounty-tips, bug-bounty18-Aug-2024
How Automation Detected Default Admin Credential Worth $500https://medium.com/@bilalresearcher/how-automation-detected-default-admin-credential-worth-500-9f2c3ed460c4?source=rss------bug_bounty-5Bilal Researcherbug-bounty-writeup, bug-bounty, bug-bounty-tips, cybersecurity18-Aug-2024
Accessing deleted comment for $$: A Bug Bounty Writeuphttps://medium.com/@bilalresearcher/accessing-deleted-comment-for-a-bug-bounty-writeup-085e836660c1?source=rss------bug_bounty-5Bilal Researchercybersecurity, bug-bounty, writeup, bug-bounty-tips, bug-bounty-writeup18-Aug-2024
PII Disclosure Worth $750https://medium.com/@bilalresearcher/pii-disclosure-worth-750-1f9caeac484f?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-tips, bugbounty-writeup, cybersecurity, bug-bounty-writeup18-Aug-2024
Burp Suite Filtering Trick — Reducing Log Noise with TLS Pass-Throughhttps://systemweakness.com/burp-suite-filtering-trick-reducing-log-noise-with-tls-pass-through-468d00fbc7dc?source=rss------bug_bounty-5Khaleel Khanethical-hacking, infosec, bug-bounty-tips, cybersecurity, bug-bounty18-Aug-2024
Day 15 of 30 Days — 30 Vulnerabilities | ClickJackinghttps://it4chis3c.medium.com/day-15-of-30-days-30-vulnerabilities-clickjacking-592505aff54d?source=rss------bug_bounty-5It4chis3cweb-security, bug-bounty, clickjacking, 30dayswritingchallenge, bug-bounty-tips18-Aug-2024
How I Bypassed 2FA and Earned My First Bounty $$$https://anonysm.medium.com/how-i-bypassed-2fa-and-earned-my-first-bounty-3fdc58938347?source=rss------bug_bounty-5Muthu Dcybersecurity, bug-bounty, ethical-hacking, hacking, penetration-testing18-Aug-2024
SQL Vulnerability in WordPress Automatic Plugin (CVE-2024–27956)https://roadtooscp.medium.com/sql-vulnerability-in-wordpress-automatic-plugin-cve-2024-27956-3635f1d32b4e?source=rss------bug_bounty-5RoadToOSCPbug-bounty, penetration-testing, wordpress-plugins, ethical-hacking, wordpress-security18-Aug-2024
HTML Injection in Mobile App Support Ticket Form on target.techhttps://medium.com/@shobitsharma/html-injection-in-mobile-app-support-ticket-form-on-target-tech-f45d2de510af?source=rss------bug_bounty-5Shobit Sharmahtml-injection, owasp, bug-bounty, vulnerability, bug-bounty-tips18-Aug-2024
Advanced Techniques and Emerging Trends in Web Cache Poisoninghttps://cyberw1ng.medium.com/advanced-techniques-and-emerging-trends-in-web-cache-poisoning-d2c8d3807d46?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing18-Aug-2024
Title: Mastering CSRF Exploits with Port Swigger Academy Lab: How to Bypass SameSite Strict via…https://medium.com/@dsksatheesh35/title-mastering-csrf-exploits-with-port-swigger-academy-lab-how-to-bypass-samesite-strict-via-7976c3f42d12?source=rss------bug_bounty-5D Satheesh Kumarpenetration-testing, bug-bounty, csrf-attack, csrf-bypass, ctf-walkthrough18-Aug-2024
Day 14 of 30 Days — 30 Vulnerabilities | HTTP Parameter Pollution (HPP) Vulnerabilityhttps://medium.com/@kumawatabhijeet2002/day-14-of-30-days-30-vulnerabilities-http-parameter-pollution-hpp-vulnerability-6c767a9227d8?source=rss------bug_bounty-5Abhijeet kumawathttp-parameter-pollution, bug-bounty-tips, 30dayswritingchallenge, bug-bounty18-Aug-2024
XSS CHECKLISThttps://medium.com/@mehmetfarisacar/xss-checklist-a2bf18ed6992?source=rss------bug_bounty-5Mehmet Faris Acarbug-bounty, xss-vulnerability, cybersecurity, xss-attack18-Aug-2024
Day 13 of 30 Days — 30 Vulnerabilities | XML External Entity (XXE)https://medium.com/@kumawatabhijeet2002/day-13-of-30-days-30-vulnerabilities-xml-external-entity-xxe-93118ac3a167?source=rss------bug_bounty-5Abhijeet kumawatxxe-attack, 30dayswritingchallenge, xxe, bug-bounty, bug-bounty-tips17-Aug-2024
Everything about CSP (Content Security Policy)and bypassing it Like a PRO!!https://shauryasharma05.medium.com/everything-about-csp-content-security-policy-and-bypassing-it-like-a-pro-290d3b06b721?source=rss------bug_bounty-5Shaurya Sharmabugbounty-writeup, cybersecurity, bug-bounty, hacking, bug-bounty-tips17-Aug-2024
A Step-by-Step Guide to Installing and Using dirsearchhttps://medium.com/@sherlock297/a-step-by-step-guide-to-installing-and-using-dirsearch-7833d9dbe6c3?source=rss------bug_bounty-5Ravindra Dagaletools, dirsearch, bug-bounty, tips, information-technology17-Aug-2024
Targeting Hidden API Endpoints in IDOR Exploitshttps://systemweakness.com/targeting-hidden-api-endpoints-in-idor-exploits-269b6ae0f16e?source=rss------bug_bounty-5Khaleel Khaninfosec, bug-bounty, cybersecurity, hacking, bug-bounty-tips17-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-73)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-73-210a9520bff3?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, money, hacking, bug-bounty17-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-72)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-72-a2bf155d3162?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, ethical-hacking, cybersecurity, money, bug-bounty17-Aug-2024
Broken Access Control in a Crypto Trading Platform | Auth Bypass worth $$$$https://medium.com/@midnight-mihir/how-i-found-broken-access-control-in-a-crypto-trading-platform-auth-bypass-worth-b0048eb87e09?source=rss------bug_bounty-5Mihirethical-hacking, bug-bounty-tips, bug-bounty, cybersecurity17-Aug-2024
Another 1500$: CR/LF Injectionhttps://infosecwriteups.com/1500-cr-lf-injection-59152daaf413?source=rss------bug_bounty-5Abhi Sharmacrlf-injection, infosec, bug-bounty, programming, cybersecurity17-Aug-2024
Security Flaws in Privilege Downgrades: How Users Can Exploit API Keys and Privilege escalationhttps://medium.com/@Az3m/security-flaws-in-privilege-downgrades-how-users-can-exploit-api-keys-and-privilege-escalation-886b37c2344d?source=rss------bug_bounty-5Az3mbug-bounty-tips, privilege-escalation, bugs, bug-bounty17-Aug-2024
Sub-finder tool methodologyhttps://medium.com/@tharunteja725_8686/sub-finder-tool-methodology-1dcb2622b0d5?source=rss------bug_bounty-5Chidurala Tharun tejabug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty-hunter17-Aug-2024
IDOR Vulnerabilities Between Admin Privilege Users in the Same Organizationhttps://medium.com/@Az3m/idor-vulnerabilities-between-admin-privilege-users-in-the-same-organization-7718192bba0e?source=rss------bug_bounty-5Az3mbug-bounty-tips, idor, bug-bounty, idor-vulnerability17-Aug-2024
How Find Multi open redirect Bugs with Bing search enginehttps://medium.com/@Az3m/how-find-multi-open-redirect-bugs-with-bing-search-engine-14d953b707ec?source=rss------bug_bounty-5Az3mbugs, open-redirect, bug-bounty-tips, bug-bounty17-Aug-2024
Boost Your Bug Bounty Game: Get Started with Free VPS on Krutrim Cloudhttps://infosecwriteups.com/boost-your-bug-bounty-game-get-started-with-free-vps-on-krutrim-cloud-6a37444a9ce0?source=rss------bug_bounty-5Vicky Aryankrutrim-cloud, bug-bounty, vps, cloud, hacking17-Aug-2024
Understanding Web Cache Poisoning: How It Works and How to Prevent Ithttps://cyberw1ng.medium.com/understanding-web-cache-poisoning-how-it-works-and-how-to-prevent-it-55af897e1eb5?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, bug-bounty, cybersecurity, hacking17-Aug-2024
$$$ Bypassing SSRF Restrictions on a Google Product: A Journey Through DNS Rebindinghttps://anonysm.medium.com/bypassing-ssrf-restrictions-on-a-google-product-a-journey-through-dns-rebinding-a4e9d18213af?source=rss------bug_bounty-5Muthu Dbug-bounty, cybersecurity, ethical-hacking, penetration-testing, hacking17-Aug-2024
Understanding Open Redirect Vulnerabilities: A Simple Discoveryhttps://shaifsec.medium.com/understanding-open-redirect-vulnerabilities-a-simple-discovery-476a675839f7?source=rss------bug_bounty-5Shaif Aliweb-security, cybersecurity, shaifsec, penetration-testing, bug-bounty17-Aug-2024
Top 20 Open Redirect Bug Bounty Reportshttps://medium.com/@thenumberof9/top-20-open-redirect-bug-bounty-reports-610c57fb006f?source=rss------bug_bounty-5TheNumberOf-9host-redirect, bug-bounty, open-redirect, hacking, ethical-hacking16-Aug-2024
How to find a easy bug it worth $100https://medium.com/@sangamahesh650/how-to-find-a-easy-bug-it-worth-100-7485f9bf638f?source=rss------bug_bounty-5loyalonlytodaybugbounty-writeup, hacking, bug-bounty-tips, penetration-testing, bug-bounty16-Aug-2024
The Bug Bounty Billionairehttps://medium.com/@shwetapapnai783/the-bug-bounty-billionaire-acaa5e64959e?source=rss------bug_bounty-5Shweta Papnaisecurity, cybersecurity, billionaires, bug-bounty, technology16-Aug-2024
️ Reconnaissance and Vulnerability Scanning Script️https://securitycipher.medium.com/%EF%B8%8F-reconnaissance-and-vulnerability-scanning-script-%EF%B8%8F-086f4051eeba?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)cybersecurity, coding, technology, bug-bounty, hacking16-Aug-2024
Complete Guide on Attack Surface Discoveryhttps://osintteam.blog/complete-guide-on-attack-surface-discovery-d684710d6a3e?source=rss------bug_bounty-5Netlas.iobug-bounty, attack-surface, attack-surface-discovery, cybersecurity, penetration-testing16-Aug-2024
Easy Critical Bugs: Uncovering Treasure Troves in Adobe Experience Manager (AEM)https://anonysm.medium.com/easy-critical-bugs-uncovering-treasure-troves-in-adobe-experience-manager-aem-59ce8656ef9b?source=rss------bug_bounty-5Muthu Dpenetration-testing, bug-bounty, cybersecurity, pentesting, hacking16-Aug-2024
Two Factor Authentication Bypass via using Victim’s DeviceIDhttps://medium.com/@cyberpro151/two-factor-authentication-bypass-via-using-victims-deviceid-b46afb4fe7a5?source=rss------bug_bounty-5cyberpro151application-security, hacking, bug-bounty, cybersecurity, hackerone16-Aug-2024
BlackhatOps #1: A Syndicate Of Hackershttps://medium.com/@red.whisperer/blackhatops-1-a-syndicate-of-hackers-3f599f6f9c63?source=rss------bug_bounty-5Chuxcybersecurity, pentesting, red-team, bug-bounty, hacking16-Aug-2024
Forced SSO Session Fixationhttps://infosecwriteups.com/forced-sso-session-fixation-5d3b457b79cb?source=rss------bug_bounty-5Serj Novoselovbug-bounty, vulnerability, penetration-testing, information-security, writeup16-Aug-2024
24.10 Lab: Web cache poisoning to exploit a DOM vulnerability via a cache with strict cacheability…https://cyberw1ng.medium.com/24-10-lab-web-cache-poisoning-to-exploit-a-dom-vulnerability-via-a-cache-with-strict-cacheability-78d30bb559e4?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, bug-bounty, cybersecurity16-Aug-2024
500$ From Meta by reporting a HTMLi(Accidental Bug)https://armx64.medium.com/500-from-meta-by-reporting-a-htmli-accidental-bug-fef2e5a0f4c4?source=rss------bug_bounty-5A.R Maheerbug-bounty, accidental-bug16-Aug-2024
NewLine Character Cause DoS: Folder & File Deletion Flawhttps://medium.com/@bilalresearcher/newline-character-cause-dos-folder-file-deletion-flaw-2b128252720b?source=rss------bug_bounty-5Bilal Researcherinfosec, denial-of-service, programming, cybersecurity, bug-bounty16-Aug-2024
1000$ IDOR : Unauthorized Project Inclusion in Expensehttps://medium.com/@bilalresearcher/1000-idor-unauthorized-project-inclusion-in-expense-da9176a96015?source=rss------bug_bounty-5Bilal Researcherbug-bounty, cybersecurity, idor, information-security, broken-access-control16-Aug-2024
Bypass Plan Restriction & Get 350$ Bountyhttps://medium.com/@bilalresearcher/bypass-plan-restriction-get-350-bounty-105790e994cb?source=rss------bug_bounty-5Bilal Researcherprivilege-escalation, bug-bounty, cybersecurity, programming, access-control16-Aug-2024
How I Earned $469 Bounty: Bypassing Plan Restrictionhttps://medium.com/@bilalresearcher/how-i-earned-469-bounty-bypassing-plan-restriction-6c215221b6f6?source=rss------bug_bounty-5Bilal Researcheraccess-control, infosec, bug-bounty, cybersecurity, programming16-Aug-2024
$800 Improper Authorization Flaw: Unauthorized Project Reclaiming Post Transferhttps://medium.com/@bilalresearcher/800-improper-authorization-flaw-unauthorized-project-reclaiming-post-transfer-d99ee6b2708c?source=rss------bug_bounty-5Bilal Researcherbug-bounty, bug-bounty-tips, idor, idor-vulnerability, cybersecurity16-Aug-2024
921$ Privilege Escalation: Unauthorized User Addition to Shared APP Connectionshttps://medium.com/@bilalresearcher/921-privilege-escalation-unauthorized-user-addition-to-shared-app-connections-681d807ccd1e?source=rss------bug_bounty-5Bilal Researcherprogramming, bug-bounty, privilege-escalation, cybersecurity, hacking16-Aug-2024
500$: MFA bypass By Race Conditionhttps://medium.com/@bilalresearcher/500-mfa-bypass-by-race-condition-8952b6718b89?source=rss------bug_bounty-5Bilal Researchercybersecurity, 2fa, programming, bug-bounty, race-condition16-Aug-2024
The UI Slip I Hit 750$: UI Manipulation Leading to Unauthorized Permission Changeshttps://medium.com/@bilalresearcher/the-ui-slip-i-hit-750-ui-manipulation-leading-to-unauthorized-permission-changes-23c544918111?source=rss------bug_bounty-5Bilal Researchercybersecurity, user-interface, programming, bug-bounty, hacking16-Aug-2024
1500$: CR/LF Injectionhttps://medium.com/@bilalresearcher/1500-cr-lf-injection-09b7ae3cfaef?source=rss------bug_bounty-5Bilal Researcherbug-bounty, crlf-injection, cybersecurity, hacking, programming16-Aug-2024
$500 for Cracking Invitation Code For Unauthorized Access & Account Takeoverhttps://medium.com/@bilalresearcher/500-for-cracking-invitation-code-for-unauthorized-access-account-takeover-b0b693b2ae47?source=rss------bug_bounty-5Bilal Researcherbug-bounty, cybersecurity, account-takeover16-Aug-2024
Exploiting phar stream wrapperhttps://rudrasarkar.medium.com/exploiting-phar-stream-wrapper-d2140592c6e7?source=rss------bug_bounty-5Rudra Sarkarsource-code-analysis, php, bug-bounty, hackthebox15-Aug-2024
Unauthorized Deletion of Reports via Folder Manipulationhttps://medium.com/@hossam_hamada/unauthorized-deletion-of-reports-via-folder-manipulation-d0760582e168?source=rss------bug_bounty-5Hossam Hamadaidor, hackerone, idor-vulnerability, bug-bounty, bugcrowd15-Aug-2024
Day 12: Mastering Server Side Request Forgery Vulnerability — Essential Tricks & Techniques Based…https://medium.com/@kumawatabhijeet2002/day-12-mastering-server-side-request-forgery-vulnerability-essential-tricks-techniques-based-21dc8b576e37?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, ssrf-bug, ssrf, ssrf-attack, bug-bounty-tips15-Aug-2024
Hacking Large Corporations: The Art and Science of Reconnaissancehttps://harshit3.medium.com/hacking-large-corporations-the-art-and-science-of-reconnaissance-1a6fc8f90616?source=rss------bug_bounty-5Harshitbug-bounty, information-technology, corporations, cybersecurity, ethical-hacking15-Aug-2024
23.7 Lab: Server-side template injection with a custom exploithttps://cyberw1ng.medium.com/23-7-lab-server-side-template-injection-with-a-custom-exploit-263dcc38653e?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, bug-bounty, cybersecurity15-Aug-2024
Fourth Layer And Attacks !https://medium.com/@reemmoslem34/fourth-layer-and-attacks-7bcdbbf6b53c?source=rss------bug_bounty-5Rem Khalidcybersecurity, security, bug-bounty15-Aug-2024
2FA Bypass - IDN Mischiefhttps://shahjerry33.medium.com/2fa-bypass-idn-mischief-157f06cb6904?source=rss------bug_bounty-5Jerry Shah (Jerry)vulnerability, bug-bounty, infosec, cybersecurity, 2fa15-Aug-2024
Cracking the Armour: Bypassed WAF using Ibrahimxss Tool for easyhttps://medium.com/@jitinyaduvanshi/cracking-the-armour-bypassed-waf-using-ibrahimxss-tool-for-easy-6867cfcd850b?source=rss------bug_bounty-5Jitinyaduvanshicybersecurity, xss-attack, bug-bounty15-Aug-2024
Swisstronik: A Blockchain Solution for Privacy and Compliance.https://medium.com/@danishkhatri023/swisstronik-a-blockchain-solution-for-privacy-and-compliance-73c662eadf7a?source=rss------bug_bounty-5Danish Khatritestnet, blockchain, gui̇de, bug-bounty, swisstronik15-Aug-2024
Protecting against multi-step SQL injections: A shield for your datahttps://medium.com/@Progsky/protecting-against-multi-step-sql-injections-a-shield-for-your-data-bf14e41dc412?source=rss------bug_bounty-5Progskybug-bounty, web-security, hacking15-Aug-2024
Passenger Information Disclosure Vulnerability Over the MQTT Protocolhttps://medium.com/@moradloo1779/passenger-information-disclosure-vulnerability-over-the-mqtt-protocol-667402289583?source=rss------bug_bounty-5Moradloobugbounty-writeup, bug-bounty, pentest15-Aug-2024
Account takeover on 8 years old public programhttps://medium.com/@pranshux0x/account-takeover-on-8-years-old-public-program-c0c0a30cfdd2?source=rss------bug_bounty-5priyanshu shakyaaccount-takeover, bug-bounty, bug-bounty-tips, hacking, vulnerability14-Aug-2024
New Bug Bounty Alerthttps://medium.com/@vic-thor/new-bug-bounty-alert-874fefd2ea6b?source=rss------bug_bounty-5victech, online, technology, cybersecurity, bug-bounty14-Aug-2024
XSS Tipleri için Test Caselerhttps://medium.com/@NadirSensoy/xss-tipleri-i%C3%A7in-test-caseler-ce006d2cd57f?source=rss------bug_bounty-5Nadir Sensoyxss-attack, bug-bounty, xss-vulnerability, cybersecurity14-Aug-2024
My journey towards Bug Bounty and Ambassador World Cup 2023 Recaphttps://bhattaraiprashant98.medium.com/my-journey-towards-bug-bounty-and-ambassador-world-cup-2023-recap-bc5fc1d00e72?source=rss------bug_bounty-5Prashant Bhattaraibug-bounty, hacking, hackerone, cybersecurity14-Aug-2024
Server-side template injection in Web App Penetration Testing | 2024https://cyberw1ng.medium.com/server-side-template-injection-in-web-app-penetration-testing-2024-67961a32cadd?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, penetration-testing, bug-bounty, hacking14-Aug-2024
Automate your Google Dorking to Find Bugshttps://mrunknown124154.medium.com/automate-your-google-dorking-to-find-bugs-f7d86dc2d279?source=rss------bug_bounty-5Mr Abdullahbug-bounty, cybersecurity, google-dorking, cyber-security-awareness, dorking14-Aug-2024
Authentication Bypass -MFA , Account Takeover…https://medium.com/@prakashchand72/authentication-bypass-mfa-account-takeover-32166aedb3b9?source=rss------bug_bounty-5ASTUTEbypass, hacking, bug-bounty, authentication-bypass, account-takeover14-Aug-2024
My journey towards Bug Bounty and Ambassador World Cup 2023 Recaphttps://g0ndaar.medium.com/my-journey-towards-bug-bounty-and-ambassador-world-cup-2023-recap-bc5fc1d00e72?source=rss------bug_bounty-5Prashant Bhattaraibug-bounty, hacking, hackerone, cybersecurity14-Aug-2024
Open S3 Buckets Through Reconnaissancehttps://offsec01.medium.com/open-s3-buckets-through-reconnaissance-920f8b35be47?source=rss------bug_bounty-5Facundo Fernandezbug-bounty-tips, bug-bounty, penetration-testing, hacking, offensive-security14-Aug-2024
A Critical 403 Bypass Vulnerability Lead to a Staging Environment with User Enumerationhttps://ay0ub-n0uri.medium.com/a-critical-403-bypass-vulnerability-lead-to-a-staging-environment-with-user-enumeration-25b94ebadcfa?source=rss------bug_bounty-5Ay0ub N0urioffensive-security, bug-bounty-tips, penetration-testing, cybersecurity, bug-bounty14-Aug-2024
How I Prevented a Data Breach by Reporting an IDOR in a System Exposing over 500,000 US Passportshttps://offsec01.medium.com/how-i-prevented-a-data-breach-by-reporting-an-idor-in-a-system-exposing-over-500-000-us-passports-bc6bec99aa3d?source=rss------bug_bounty-5Facundo Fernandezpassport, bug-bounty, penetration-testing, data-breach, hacking14-Aug-2024
Identifying and Exploiting SQL Injection Vulnerabilitieshttps://im4x.medium.com/identifying-and-exploiting-sql-injection-vulnerabilities-cdfaa90b7b04?source=rss------bug_bounty-5Ahmed Najehbug-bounty, bugs, sqlmap14-Aug-2024
Finding a easy p3 bughttps://medium.com/@sangamahesh650/finding-a-easy-p3-bug-05b54f70e14c?source=rss------bug_bounty-5loyalonlytodaybugbounty-writeup, bug-bounty-tips, penetration-testing, bug-bounty, hacking13-Aug-2024
Hidden Form Fields Reveal Test Answers for Easy Perfect Scorehttps://osintteam.blog/hidden-form-fields-reveal-test-answers-for-easy-perfect-score-c4d202416ad7?source=rss------bug_bounty-5enigmabug-bounty, ethical-hacking, penetration-testing, cybersecurity, misconfiguration13-Aug-2024
NoSQL Injection | Try Hack Mehttps://ahmed-makawi.medium.com/nosql-injection-try-hack-me-e624fa71743f?source=rss------bug_bounty-5Ahmed Makawicybersecurity, bug-bounty, it, penetration-testing, sql-injection13-Aug-2024
Role-based Privilege Escalation Worth $2000 in a bug bounty programhttps://medium.com/@_K3rnel/role-based-privilege-escalation-worth-2000-in-a-bug-bounty-program-0ca40a4cecb9?source=rss------bug_bounty-5_K3rnelbugbounting, bug-bounty, bugs, bug-bounty-tips, bugbounty-writeup13-Aug-2024
Threat Modeling 101: Mapping OWASP Top 10 to STRIDEhttps://justm0rph3u5.medium.com/threat-modeling-101-mapping-owasp-top-10-to-stride-cb8e8613e396?source=rss------bug_bounty-5Divyanshustride, bug-bounty, owasp, threat-model, pasta13-Aug-2024
23.6 Lab: Server-side template injection in a sandboxed environmenthttps://cyberw1ng.medium.com/23-6-lab-server-side-template-injection-in-a-sandboxed-environment-f731eacf2530?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, penetration-testing, cybersecurity, careers13-Aug-2024
Logic Flaw: User Account Lockouthttps://medium.com/@raxomara/logic-flaw-user-account-lockout-8865c622cef0?source=rss------bug_bounty-5Raxomarapenetration-testing, bug-bounty, cybersecurity, bug-bounty-tips, bug-hunting13-Aug-2024
NoSQL Injection | Try Hack Mehttps://systemweakness.com/nosql-injection-try-hack-me-e624fa71743f?source=rss------bug_bounty-5Ahmed Makawicybersecurity, bug-bounty, it, penetration-testing, sql-injection13-Aug-2024
My first bounty report was a duplicatehttps://medium.com/@World-Breaker/my-first-bounty-report-was-a-duplicate-ad2ba4ec595e?source=rss------bug_bounty-5usu@rioZ3r0bug-bounty13-Aug-2024
Effortless Go Language Setup: Installing Go Lang Like a Pro!https://imran407704.medium.com/effortless-go-language-setup-installing-go-lang-like-a-pro-e668c51454c3?source=rss------bug_bounty-5Imranbug-bounty, go-language, go-language-tutorial13-Aug-2024
How I Discovered a Directory Listing Vulnerability on a NASA Subdomainhttps://medium.com/@shubhammpawar7438/how-i-discovered-a-directory-listing-vulnerability-on-a-nasa-subdomain-979883e47874?source=rss------bug_bounty-5Shubham pawarvulnerability-disclosure, bug-bounty, cybersecurity, web-security, nasa-security13-Aug-2024
How To Get free burpsuite professionalhttps://medium.com/@sangamahesh650/how-to-get-free-burpsuite-professional-b6ebca7a60a3?source=rss------bug_bounty-5loyalonlytodaybug-bounty, pentesting, bug-bounty-tips, hacking, bugbounty-writeup13-Aug-2024
Breaking the Barrier: Admin Panel Takeover Worth $3500https://medium.com/@noob.assassin/breaking-the-barrier-admin-panel-takeover-worth-3500-78da79089ca3?source=rss------bug_bounty-5Aditya Sharmabug-bounty-tips, bug-bounty, hacker, hacking, vulnerability13-Aug-2024
Simple but Elegant DOM XSS on Hidden Parameter— Bypassing Filterhttps://medium.com/@YourFinalSin/simple-but-elegant-dom-xss-on-hidden-parameter-bypassing-filter-ab58ca1e6135?source=rss------bug_bounty-5SINxss-vulnerability, bug-bounty, xss-attack, bug-bounty-tips, bug-bounty-writeup13-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-71)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-71-3232e47be803?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, cybersecurity, bug-bounty, skills, ethical-hacking13-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-70)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-70-f603b2fde234?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, bug-bounty, hacking, cybersecurity, skills13-Aug-2024
Insecure Direct Object Referencehttps://medium.com/@yassentaalab51/insecure-direct-object-reference-6bddf9be8dcd?source=rss------bug_bounty-5Yassen Taalabidor, bug-bounty, owasp, cybersecurity, broken-access-control13-Aug-2024
CloudBrute — Awesome Cloud Enumeratorhttps://medium.com/@pentesterclubpvtltd/cloudbrute-awesome-cloud-enumerator-b6d86e168b2c?source=rss------bug_bounty-5Pentester Clubbug-bounty, hacking, ethical-hacking, cybersecurity, cloud-computing13-Aug-2024
Embedding Beacon Payloads in PDF Fileshttps://medium.com/@pentesterclubpvtltd/embedding-beacon-payloads-in-pdf-files-e789820f340b?source=rss------bug_bounty-5Pentester Clubhacking, cobalt-strike, bug-bounty, cybersecurity, pdf13-Aug-2024
DOM XSS — Simple but Elegant on Hidden Parameter— Bypassing Filterhttps://medium.com/@YourFinalSin/simple-but-elegant-dom-xss-on-hidden-parameter-bypassing-filter-ab58ca1e6135?source=rss------bug_bounty-5SINxss-vulnerability, bug-bounty, xss-attack, bug-bounty-tips, bug-bounty-writeup13-Aug-2024
Common Types of Bugs in Software Testinghttps://medium.com/optimizory-apps/common-types-of-bugs-in-software-testing-aea2ff2138bd?source=rss------bug_bounty-5Divyansh Vatsbug-bounty, bugs, software-testing12-Aug-2024
How to balance bug fix costs with software performance?https://medium.com/@harleyrose981/how-to-balance-bug-fix-costs-with-software-performance-92e9df481c36?source=rss------bug_bounty-5Harley Roseweb3, technology, bug-bounty, web-development, seo12-Aug-2024
3rd Anniversary Fun Activity: TECNO Security Bug Bounty Rules Challenging Testhttps://medium.com/@security.tecno/3rd-anniversary-fun-activity-tecno-security-bug-bounty-rules-challenging-test-d6dac9f552e7?source=rss------bug_bounty-5TECNO Securitytesting, bug-bounty, activity, security12-Aug-2024
5 Minutes to Take Over the System Administrator Account of a GPS Tracker Solution Providerhttps://medium.com/@mmaulanaabdullah/5-minutes-for-taking-over-system-administrator-account-of-gps-tracker-solution-provider-system-24bd083f1559?source=rss------bug_bounty-5M Maulana Abdullahapi, disruption, bug-bounty, information-security, infosec12-Aug-2024
Maintaining Software Excellence: The Importance of Bug Fixes and Maintenancehttps://medium.com/@harleyrose981/maintaining-software-excellence-the-importance-of-bug-fixes-and-maintenance-87db9a864a5f?source=rss------bug_bounty-5Harley Rosetechnology, software-development, web-development, tech, bug-bounty12-Aug-2024
From Fries to Flaws : My Journey into Web App Security (Part V)https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-v-f0ea86e55845?source=rss------bug_bounty-5OiQpenetration-testing, vulnerability, bug-bounty-tips, cybersecurity, bug-bounty12-Aug-2024
The Importance of Functionality and Usability in Web Applicationshttps://medium.com/@owaisbagali2/the-importance-of-functionality-and-usability-in-web-applications-65f5cf44374d?source=rss------bug_bounty-5OwaisBself-awareness, bug-bounty, audi, software-testing, basics12-Aug-2024
Earned $188 in bug bounty simply through the invitation feature.https://medium.com/@Mu1berry/earned-188-in-bug-bounty-simply-through-the-invitation-feature-534486d6ec1c?source=rss------bug_bounty-5Mu1berrybugcrowd, vulnerability, money, bug-bounty, hacker12-Aug-2024
Detecting Blind Injection Attacks with Discord Webhookshttps://osintteam.blog/detecting-injection-attacks-with-discord-webhooks-5df22a5679c5?source=rss------bug_bounty-5mrunoriginalweb-application-security, cybersecurity, bug-bounty, information-security, ethical-hacking12-Aug-2024
New Reconnaissance Methodologies/Tools for Bug Bounty Hunting & Ethical Hackinghttps://medium.com/@retr0x/new-reconnaissance-methodologies-tools-for-bug-bounty-hunting-ethical-hacking-be7ca14a7ae2?source=rss------bug_bounty-5R3tr0x | Vinay Kumarcyber, ethical-hacking, cyber-security-awareness, cybersecurity, bug-bounty12-Aug-2024
“My Journey to Earning the First Bounty”https://medium.com/@asharm.khan7/my-journey-to-earning-the-first-bounty-5314d1780f84?source=rss------bug_bounty-5Ashar Mahmoodbug-bounty, hacking, cyber-security-awareness, ethical-hacking, find-your-first-bug12-Aug-2024
21.4 Lab: Exploiting insecure output handling in LLMshttps://cyberw1ng.medium.com/21-4-lab-exploiting-insecure-output-handling-in-llms-4b17d8401fe6?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, cybersecurity, bug-bounty, careers12-Aug-2024
Getting all ips from Shodan easyhttps://medium.com/@sangamahesh650/getting-all-ips-from-shodan-easy-400706799e53?source=rss------bug_bounty-5loyalonlytodaybug-bounty-tips, hacking, bugbounty-writeup, penetration-testing, bug-bounty12-Aug-2024
Cross-Site Scripting Explained: Protect Your Website from Modern Threatshttps://7hecoder.medium.com/secure-your-site-xss-guide-d780dd2ad098?source=rss------bug_bounty-5Aamir Khanxss-vulnerability, web-development, secure-coding, bug-bounty, cybersecurity12-Aug-2024
The Hidden Threat: How Reverse Shells Packaged as .pyz Files Evade Detectionhttps://medium.com/@psychomong/the-hidden-threat-how-reverse-shells-packaged-as-pyz-files-evade-detection-e82d1f234187?source=rss------bug_bounty-5psychomonghacker, hacking, meta, bug-bounty, whatsapp12-Aug-2024
How Much Did I Make in My First Year of Bug Bounty Work?https://medium.com/@bountyget/how-much-did-i-make-in-my-first-year-of-bug-bounty-work-2f0583002db6?source=rss------bug_bounty-5Bountygetinfosec-write-ups, bug-bounty, earn-money-online, bug-bounty-tips, hacking12-Aug-2024
How I Hacked Into the World’s Top Universities Including MIT Cambridge & University of Oxfordhttps://medium.com/@josuofficial327/how-i-hacked-into-the-worlds-top-universities-including-mit-cambridge-university-of-oxford-a2e209d8abf7?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binucybersecurity, bug-bounty, vulnerability, ethical-hacking, hacking12-Aug-2024
Stored XSS in LibreOfficehttps://bunny0417.medium.com/stored-xss-in-libreoffice-ed4ad22e0f56?source=rss------bug_bounty-5Aayush kumarbug-bounty-tips, xs, libreoffice, stored-xss, bug-bounty11-Aug-2024
From Fries to Flaws : My Journey into Web App Security (Part IV)https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-iv-956c3fcbec68?source=rss------bug_bounty-5OiQbug-bounty, web-app-security, vulnerability, bug-bounty-tips, penetration-testing11-Aug-2024
Internal and External Network penetration Testinghttps://gaya3-r.medium.com/internal-and-external-network-penetration-testing-6a9421394618?source=rss------bug_bounty-5gayatri rtools, bug-bounty, penetration-testing, owasp11-Aug-2024
How I found my first P3 bug (disclosure of PII/Privilege Escalation)https://medium.com/@the.bugcrowd.testerpawan/how-i-found-my-first-p3-bug-disclosure-of-pii-privilege-escalation-148dbf610334?source=rss------bug_bounty-5the_air_cyborgbug-bounty-tips, bugbounty-writeup, bug-bounty11-Aug-2024
Introduction to JWThttps://medium.com/@chanpreetkaur2005/introduction-to-jwt-f69162b59c24?source=rss------bug_bounty-5Chanpreet Kaurweb-exploitation, cybersecurity, bug-bounty, jwt, web-development11-Aug-2024
20.10 Lab: Using PHAR deserialization to deploy a custom gadget chainhttps://cyberw1ng.medium.com/20-10-lab-using-phar-deserialization-to-deploy-a-custom-gadget-chain-39270975163f?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, careers, cybersecurity11-Aug-2024
Udemy Course off 50% CYBER082024https://cyberbruharmy.medium.com/udemy-course-off-50-cyber082024-c61d755d2714?source=rss------bug_bounty-5CyberBruhArmybug-bounty, firewall, bug-bounty-tips, security, cybersecurity11-Aug-2024
Hacking the System: How I Beat Subscription Restrictions in Admin Controlshttps://0xmatrix.medium.com/hacking-the-system-how-i-beat-subscription-restrictions-in-admin-controls-5684fd90279a?source=rss------bug_bounty-5Mo2men Elmadyhacking, bugs, penetration-testing, red-team, bug-bounty11-Aug-2024
How I Got $150 on HackerOne for My First Bughttps://medium.com/@likithteki76/how-i-got-150-on-hackerone-for-my-first-bug-8af0ed515e79?source=rss------bug_bounty-5Likith Tekibug-bounty-tips, 2fa-bypass, vulnerability, bug-bounty, ethical-hacking11-Aug-2024
IDOR — How I Leaked Data of 50k+ Usershttps://medium.com/@YourFinalSin/idor-how-i-leaked-data-of-50k-users-bc44201e777a?source=rss------bug_bounty-5SINidor, bug-bounty-hunter, bug-bounty-writeup, bug-bounty, bug-bounty-tips10-Aug-2024
How I got my first $13500 bounty through Parameter Polluting (HPP)https://infosecwriteups.com/how-i-got-my-first-13500-bounty-through-parameter-polluting-hpp-179666b8e8bb?source=rss------bug_bounty-5rAmpancisthacking, bug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips10-Aug-2024
IDOR — Exposing private forms $$$https://medium.com/@hellother18/idor-exposing-private-forms-0204c1ed560a?source=rss------bug_bounty-5Manthan_ mahalehacking, cybersecurity, ethical-hacking, bug-bounty, bugbounty-writeup10-Aug-2024
Day 8 of 30 Days — 30 Vulnerabilities | Security Misconfigurationhttps://medium.com/@kumawatabhijeet2002/day-8-of-30-days-30-vulnerabilities-security-misconfiguration-5d8ee574e7e3?source=rss------bug_bounty-5Abhijeet kumawatsecurity-misconfiguration, bug-bounty, bug-bounty-tips10-Aug-2024
What is a Bug Bounty Program?https://medium.com/@pasan62nanayakkara/what-is-a-bug-bounty-program-f64c90197229?source=rss------bug_bounty-5Ravindu Nanayakkarabug-bounty, cybersecurity, security10-Aug-2024
$800 Improper Authorization Flaw: Unauthorized Project Reclaiming Post Transferhttps://medium.com/@a13h1/800-improper-authorization-flaw-unauthorized-project-reclaiming-post-transfer-15fe36976604?source=rss------bug_bounty-5Abhi Sharmaimproper-authorization, cybersecurity, bug-bounty, idor, programming10-Aug-2024
Practice Lab Setup for Application Security Testinghttps://medium.com/@Kamal_S/practice-lab-setup-for-application-security-testing-9fa2c9b45917?source=rss------bug_bounty-5Kamal Sbug-bounty, vapt, security-testing, appsec, owasp10-Aug-2024
The Evolution of Deserialization Attacks: Understanding the Risks and Future Trendshttps://cyberw1ng.medium.com/the-evolution-of-deserialization-attacks-understanding-the-risks-and-future-trends-0e485ec7e833?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, cybersecurity, hacking, bug-bounty10-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-69)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-69-fa42b90989a1?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, bug-bounty, skills, hacking, cybersecurity10-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-68)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-68-8e3af48d1c65?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, ethical-hacking, cybersecurity, bug-bounty, skills10-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-67)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-67-01756817b60c?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, skills, ethical-hacking, bug-bounty, hacking10-Aug-2024
How to Mitigate SQL Injectionhttps://medium.com/@dhiren.pradhan263/how-to-mitigate-sql-injection-20a26cfa96f5?source=rss------bug_bounty-5Dhiren Pradhansecurity, bug-bounty, information-security09-Aug-2024
How to find P1 SQL injection in indian website.https://medium.com/@padhyepushkar/how-to-find-p1-sql-injection-in-indian-website-59ad091a9e1b?source=rss------bug_bounty-5Pushkar Padhyebug-bounty09-Aug-2024
How to Mitigate SQL Injectionhttps://medium.com/@bountyget/how-to-mitigate-sql-injection-20a26cfa96f5?source=rss------bug_bounty-5Bountygetsecurity, bug-bounty, information-security09-Aug-2024
Bug Bounty Programs Launched in August 2024https://medium.com/@vic-thor/bug-bounty-programs-launched-in-august-2024-ab698f18b7c5?source=rss------bug_bounty-5vicbug-bounty, technology, tech, money, cybersecurity09-Aug-2024
Part 3: Enhancing Database Items in Angular using the Decorator Design Pattern: Bug Prevention…https://medium.com/@nemanjablagojevic/part-3-enhancing-database-items-in-angular-using-the-decorator-design-pattern-bug-prevention-e965373a6219?source=rss------bug_bounty-5Nemanja Blagojevicsingleton, programming, angular, bug-bounty, ecommerce-web-development09-Aug-2024
From Developer to Hacker: Putting on the White Hathttps://medium.com/@jonathanmondaut/from-developer-to-hacker-putting-on-the-white-hat-b4292af8c1d4?source=rss------bug_bounty-5Jonathan Mondautcybersecurity, technology, bug-bounty, ethical-hacking, programming09-Aug-2024
How I Turned a Rate-Limit Bypass into an Account Takeoverhttps://anonysm.medium.com/how-i-turned-a-rate-limit-bypass-into-an-account-takeover-4588541c2d29?source=rss------bug_bounty-5Muthu Dethical-hacking, hacking, pentesting, bug-bounty, penetration-testing09-Aug-2024
Enriching Nuclei results with Vulnerability Intelhttps://medium.com/@nvi_90805/enriching-nuclei-results-with-vulnerability-intel-d760b756b066?source=rss------bug_bounty-5NVI - North Vulnerability Intelligencevulnerability, cve, bug-bounty, nuclei-template, exploit09-Aug-2024
Mastering Subfinder for Subdomain Enumeration: A Quick Guide for Bug Bounty Huntershttps://medium.com/@k4r7hx/mastering-subfinder-for-subdomain-enumeration-a-quick-guide-for-bug-bounty-hunters-5d6c3d471896?source=rss------bug_bounty-5Karthikeyansubdomain-enumeration, subdomains-enumeration, subdomain, bug-bounty, subdomain-takeover09-Aug-2024
Bug Bounty Methodology — Step By Step Guide To Find Subdomains And Vulnerable URLshttps://medium.com/@shaikhminhaz1975/bug-bounty-methodology-step-by-step-guide-to-find-subdomains-and-vulnerable-urls-18bdd76e979f?source=rss------bug_bounty-5Shaikh Minhazcybersecurity, reconnaissance, subdomains-enumeration, bug-bounty, methodology09-Aug-2024
20 Essential Google Dorking Queries to find vulnerable targetshttps://offsec01.medium.com/20-essential-google-dorking-queries-to-find-vulnerable-targets-a98b657dc66d?source=rss------bug_bounty-5Facundo Fernandezoffensive-security, google-dorking, hacking-training, bug-bounty, hacking09-Aug-2024
Day 7 of 30 Days — 30 Vulnerability | IDOR (Insecure Direct Object Reference)https://medium.com/@kumawatabhijeet2002/day-7-of-30-days-30-vulnerability-idor-insecure-direct-object-reference-79b8051d67e2?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, 30dayswritingchallenge, idor-vulnerability, idor, bug-bounty-tips09-Aug-2024
How dirsearch Uncovered a $750 Bountyhttps://medium.com/@bountyget/how-dirsearch-uncovered-a-750-bounty-fd215c925eb7?source=rss------bug_bounty-5Bountygetinfosec, dirsearch, wordlist, bug-bounty, hackerone09-Aug-2024
What After Recon ? Part 01 Bug Bounty Methodologyhttps://omarora1603.medium.com/what-after-recon-part-01-bug-bounty-methodology-25ff3705a738?source=rss------bug_bounty-5Om Arorainfosec, bug-bounty, bug-bounty-writeup, methodology, hacking09-Aug-2024
Embracing Proactive Security Measures: Future-Proofing Against PHAR Deserialization and Beyondhttps://cyberw1ng.medium.com/embracing-proactive-security-measures-future-proofing-against-phar-deserialization-and-beyond-49e1dec9000d?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, hacking, penetration-testing, bug-bounty09-Aug-2024
How i hacked NASA? NASA VDP.https://medium.com/@momos1337/how-i-hacked-nasa-bug-bounty-6975b833eb45?source=rss------bug_bounty-5Fadhli Almunawarcybersecurity, bug-bounty09-Aug-2024
How dirsearch Uncovered a $750 Bountyhttps://medium.com/@bountyget/how-dirsearch-uncovered-a-750-bounty-fd215c925eb7?source=rss------bug_bounty-5Bountygetinfosec, dirsearch, wordlist, info-sec-writeups, bug-bounty09-Aug-2024
L6 — Postbookhttps://scissor07.medium.com/l6-postbook-8d5b322a0801?source=rss------bug_bounty-5scissor_sevenwriteup, cybersecurity, bug-bounty, hackerone, ctf08-Aug-2024
Web App Security Scanner- Vex Scannerhttps://medium.com/@pentesterclubpvtltd/web-app-security-scanner-vex-scanner-e150e9a03ffc?source=rss------bug_bounty-5Pentester Clubcybersecurity, scalability, bug-bounty, hacking, security08-Aug-2024
OAuth Impersonation Attack: Misconfiguration of Facebook and Google OAuth Leading to Account…https://medium.com/@security.tecno/oauth-impersonation-attack-misconfiguration-of-facebook-and-google-oauth-leading-to-account-9f838439de31?source=rss------bug_bounty-5TECNO Securitybug-bounty, security, hacker08-Aug-2024
Hijacking User Privileges: The Story of a Patched Vulnerability in Open Bug Bountyhttps://take0verx0.medium.com/hijacking-user-privileges-the-story-of-a-patched-vulnerability-in-open-bug-bounty-4db81fa0fd1f?source=rss------bug_bounty-5Shahariar Aminbug-bounty, bug-bounty-tips, web-security, openbugbounty08-Aug-2024
Last Week in tech — 5th editionhttps://medium.com/@azefox/last-week-in-tech-5th-edition-0f559055dcf6?source=rss------bug_bounty-5Azefoxcloud-computing, ai, bug-bounty, infosec, news08-Aug-2024
O manual do Hacker Modernohttps://medium.com/@espectrx/o-manual-do-hacker-moderno-2a715e35184c?source=rss------bug_bounty-5Rafael Henriquehackingrévolution, hackerone, hacker-ético, bug-bounty, hacking08-Aug-2024
Building a Resilient Security Framework: Long-Term Strategies for Combating PHAR Deserialization…https://cyberw1ng.medium.com/building-a-resilient-security-framework-long-term-strategies-for-combating-phar-deserialization-de5b38c6aff2?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, hacking, penetration-testing, careers08-Aug-2024
Easiest P3 You May Not Knowhttps://muneebalamkhan.medium.com/easiest-p3-you-may-not-know-54ae73cd3361?source=rss------bug_bounty-5Muneeb Alam Khanbug-bounty-tips, penetration-testing, bug-bounty, bounty-hunter, penetration-test07-Aug-2024
SSRF: Blacklist and Whitelist-Based Input Filtershttps://infosecwriteups.com/ssrf-blacklist-and-whitelist-based-input-filters-1c602b872731?source=rss------bug_bounty-5Neetroxcybersecurity, cyber-security-awareness, bug-bounty, cyberattack, technology07-Aug-2024
Client-Side Desync in HTTP: Understanding the Vulnerabilities and How to Mitigate Themhttps://medium.com/@miladkeivanfar/client-side-desync-in-http-understanding-the-vulnerabilities-and-how-to-mitigate-them-f3552164a6c9?source=rss------bug_bounty-5Milad keivanfarsecurity, pentesting, desync, bug-bounty, smuggling07-Aug-2024
Nahamsec’s Intro to Bug Bounty Labs: Your Setup Guidehttps://medium.com/@k4r7hx/nahamsecs-intro-to-bug-bounty-labs-your-setup-guide-145199ee948a?source=rss------bug_bounty-5Karthikeyanbug-bounty, ethical-hacking, penetration-testing, nahamstore, hacking07-Aug-2024
ALL ABOUT TRAVA BUG BOUNTY — FINDING THE FAULTS IN TRAVA.FINANCEhttps://blog.trava.finance/all-about-trava-bug-bounty-finding-the-faults-in-trava-finance-ebdcf476c1d6?source=rss------bug_bounty-5Trava.Financedapps, web3, bug-bounty, blockchain07-Aug-2024
Easiest P3/P4 security misconfiguration to make $$ as a beginner.https://medium.com/@sugamdangal52/easiest-p3-p4-security-misconfiguration-to-make-as-a-beginner-d4f019ad4b85?source=rss------bug_bounty-5Sugam Dangalbug-bounty-program, bug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-bounty-tips07-Aug-2024
Real-World Applications and Case Studies of PHAR Deserialization Defensehttps://cyberw1ng.medium.com/real-world-applications-and-case-studies-of-phar-deserialization-defense-f65b67c503aa?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, bug-bounty, hacking07-Aug-2024
Day 5 of 30 Days — 30 Vulnerabilities | Open Redirectshttps://medium.com/@kumawatabhijeet2002/day-5-of-30-days-30-vulnerabilities-open-redirects-386ea2fa1a66?source=rss------bug_bounty-5Abhijeet kumawatbug-bounty, bug-bounty-tips, open-redirect, 30dayschallenge, 30dayswritingchallenge07-Aug-2024
Mastering Dirsearch for Bug Huntinghttps://medium.com/@josuofficial327/mastering-dirsearch-for-bug-hunting-f34272c0ba28?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binubug-bounty, bug-bounty-tips, ethical-hacking, cybersecurity, hacking06-Aug-2024
SSRF to Server Takeover PoC (Bug Bounty Writeup)https://medium.com/@malvinval/ssrf-to-server-takeover-poc-bug-bounty-writeup-82d6715e333d?source=rss------bug_bounty-5Malvin Valeriancybersecurity, ethical-hacking, bug-bounty-tips, hacking, bug-bounty06-Aug-2024
From Fries to Flaws : My Journey into Web App Security (Part III)https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-iii-ce91eb384da7?source=rss------bug_bounty-5OiQpenetration-testing, broken-access-control, web-app-security, bug-bounty, bug-bounty-tips06-Aug-2024
My First Bug Bounty: CORS Misconfigurationhttps://r0b0ts.medium.com/my-first-bug-bounty-cors-misconfiguration-3e6f38835c4e?source=rss------bug_bounty-5r0b0tsbug-bounty-writeup, bug-bounty, secu, bug-bounty-tips, bug-bounty-hunter06-Aug-2024
Reflected HTML injection leads to redirection and what’s not!https://medium.com/@shahariarwalid/reflected-html-injection-leads-to-redirection-and-whats-not-3de256b16c30?source=rss------bug_bounty-5Shahariar Aminbug-bounty, web-hacking, poc06-Aug-2024
Race Condition About The User Version and Ignoredhttps://r0b0ts.medium.com/race-condition-about-the-user-version-and-ignored-c98fec642d1b?source=rss------bug_bounty-5r0b0tsbug-bounty-tips, bug-bounty-writeup, bug-bounty, security, bug-bounty-hunter06-Aug-2024
Mastering Network Reconnaissance with Nmap: A Comprehensive Guidehttps://medium.com/@WillFromSwiss/mastering-network-reconnaissance-with-nmap-a-comprehensive-guide-e37fe3cdf8ff?source=rss------bug_bounty-5WillFromSwisspentesting, hacking, bug-bounty, recon, nmap06-Aug-2024
Bypass Admin Panel Access Steps — Bug Tuesdayhttps://medium.com/@kerstan/bypass-admin-panel-access-steps-bug-tuesday-36e7be470dae?source=rss------bug_bounty-5kerstancybersecurity, bug-bounty, hacking06-Aug-2024
Discovering and Exploiting an XSS Vulnerability in an Admin Panelhttps://soltanali0.medium.com/discovering-and-exploiting-an-xss-vulnerability-in-an-admin-panel-8abbc97931fd?source=rss------bug_bounty-5soltanali0admin-panel, xss-attack, hackerone, bug-bounty-tips, bug-bounty06-Aug-2024
Reflected HTML injection leads to redirection and what’s not!https://take0verx0.medium.com/reflected-html-injection-leads-to-redirection-and-whats-not-3de256b16c30?source=rss------bug_bounty-5Shahariar Aminbug-bounty, web-hacking, poc06-Aug-2024
Advanced Defense Mechanisms and Continuous Monitoring Against PHAR Deserializationhttps://cyberw1ng.medium.com/advanced-defense-mechanisms-and-continuous-monitoring-against-phar-deserialization-00512489faf1?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, careers, hacking06-Aug-2024
Hacking OWASP Juice Shop: Part 5- Privilege Escalation via Manipulated User Registrationhttps://infosecwriteups.com/hacking-owasp-juice-shop-part-5-privilege-escalation-via-manipulated-user-registration-4b1c5227aa81?source=rss------bug_bounty-5callgh0sthacking, manipulation, logic, privilege-escalation, bug-bounty06-Aug-2024
From Secure to Breached: The Journey from Confidence to Compromisehttps://medium.com/@armandjasharaj/from-secure-to-breached-the-journey-from-confidence-to-compromise-38fcb7e9ef7c?source=rss------bug_bounty-5Armand Jasharajpenetration-testing, bug-bounty, cybersecurity, information-security06-Aug-2024
Understanding and Mitigating Open Redirection Vulnerability (CVE-2021–36580) in Webmail/Basic…https://medium.com/@anonymousshetty2003/understanding-and-mitigating-open-redirection-vulnerability-cve-2021-36580-in-webmail-basic-24b12c3df17d?source=rss------bug_bounty-5Anonymousshettyopen-redirection, ethical-hacking, cybersecurity, bug-bounty06-Aug-2024
How to Use Netcat as a Persistent Backdoor Utility?https://medium.com/@pentesterclubpvtltd/how-to-use-netcat-as-a-persistent-backdoor-utility-57bb01cbf9cc?source=rss------bug_bounty-5Pentester Clubhacking, bug-bounty-tips, bug-bounty, metasploit, cybersecurity06-Aug-2024
Ping a site to find out information about it.https://medium.com/@pentesterclubpvtltd/ping-a-site-to-find-out-information-about-it-43efdb62b4a0?source=rss------bug_bounty-5Pentester Clubcyber-security-awareness, bug-bounty, cybersecurity, ping, cybercrime05-Aug-2024
Maltego — The Automated OSINT Tool for Ethical Hackershttps://medium.com/@pentesterclubpvtltd/maltego-the-automated-osint-tool-for-ethical-hackers-d6bc5737812e?source=rss------bug_bounty-5Pentester Clubbug-bounty, ethical-hacking, maltego, cybersecurity, osint05-Aug-2024
Recon-ng — Complete Scan — Emails, Sub Domains & Hidden Fileshttps://medium.com/@pentesterclubpvtltd/recon-ng-complete-scan-emails-sub-domains-hidden-files-b357cffd1e0b?source=rss------bug_bounty-5Pentester Clubscan, recon, enumeration, cybersecurity, bug-bounty05-Aug-2024
Perform Network Tracerouting in Linux Machineshttps://medium.com/@pentesterclubpvtltd/perform-network-tracerouting-in-linux-machines-28b6bf57bf71?source=rss------bug_bounty-5Pentester Clubbug-bounty, machine-learning, linux, networking, cybersecurity05-Aug-2024
Gather Information About a Target Website Using Photonhttps://medium.com/@pentesterclubpvtltd/gather-information-about-a-target-website-using-photon-839612a85319?source=rss------bug_bounty-5Pentester Clubweb-design, cybersecurity, bug-bounty, web-development, web305-Aug-2024
Mirror a Target Website Using HTTrack website Copierhttps://medium.com/@pentesterclubpvtltd/mirror-a-target-website-using-httrack-website-copier-0489c23d66b3?source=rss------bug_bounty-5Pentester Clubweb3, website-design, web-development, cybersecurity, bug-bounty05-Aug-2024
Extract Companys Website Data Using Web Data Extractorhttps://medium.com/@pentesterclubpvtltd/extract-companys-website-data-using-web-data-extractor-a2957c56fd3f?source=rss------bug_bounty-5Pentester Clubdata, website, bug-bounty, web3, cybersecurity05-Aug-2024
Gather Personal Information Using PeekYou online People Search Servicehttps://medium.com/@pentesterclubpvtltd/gather-personal-information-using-peekyou-online-people-search-service-8a523a180f0d?source=rss------bug_bounty-5Pentester Clubdata, bug-bounty, cybersecurity, people, search-engine-optimizati05-Aug-2024
Mastering Angry IP Scanner: Unleashing the Power of Network Diagnosticshttps://medium.com/@pentesterclubpvtltd/mastering-angry-ip-scanner-unleashing-the-power-of-network-diagnostics-43388a593650?source=rss------bug_bounty-5Pentester Clubnetworking, bug-zero, cybersecurity, bug-bounty, angry05-Aug-2024
Uncover the Shocking Truth Behind HTTP Header Injection Attacks: Protect Yourself Now!https://systemweakness.com/the-hidden-danger-lurking-in-your-http-headers-3f93474933cb?source=rss------bug_bounty-5Khaleel Khanhacking, bug-bounty, cybersecurity, infosec, web-development05-Aug-2024
Exploit Public-Facing Application conceptshttps://medium.com/@alimostafaeiorg/exploit-public-facing-application-concepts-95c9d9efe76b?source=rss------bug_bounty-5Ali Mostafaeipentest, exploit, xs, exploit-public-facing, bug-bounty05-Aug-2024
You might have never understood the OSI Model this way.https://medium.com/@rohillachhavi12/you-might-have-never-understood-the-osi-model-this-way-2b3d234c5bac?source=rss------bug_bounty-5Chhavi Rohillanetworking, technology, bug-bounty, learning, cybersecurity05-Aug-2024
SQL Injection Part 1️⃣https://infosecwriteups.com/sql-injection-part-1%EF%B8%8F%E2%83%A3-eead93a673a2?source=rss------bug_bounty-5Neetroxcybersecurity, sql, data, bug-bounty, cyber-security-awareness05-Aug-2024
Discovering and Exploiting an XSS Vulnerability in a Bug Bounty Program Scopehttps://medium.com/@anonymousshetty2003/discovering-and-exploiting-an-xss-vulnerability-in-a-bug-bounty-program-scope-383327e7f290?source=rss------bug_bounty-5Anonymousshettycybersecurity, bug-bounty, xss-vulnerability, ethical-hacking05-Aug-2024
From Detection to Notification: Security Automation to Earn $$$$https://vijetareigns.medium.com/from-detection-to-notification-security-automation-to-earn-4ea1a13576bc?source=rss------bug_bounty-5the_unlucky_guybugbounty-writeup, cybersecurity, technology, bug-bounty, automation05-Aug-2024
How i found Host Header Injection on SpaceXhttps://medium.com/@gitlime71/how-i-found-host-header-injection-on-spacex-3a9b45db70e8?source=rss------bug_bounty-5Raccoonpenetration-testing, bug-bounty, pentesting, hacking, bug-bounty-tips05-Aug-2024
Zero-Click account Take-overhttps://0xebn-taimia.medium.com/zero-click-account-take-over-deb0fae7a6c1?source=rss------bug_bounty-50xEbn-Taimiabug-bounty, cybersecurity, bugs, ato05-Aug-2024
Advanced Techniques and Defenses Against PHAR Deserialization Exploitshttps://cyberw1ng.medium.com/advanced-techniques-and-defenses-against-phar-deserialization-exploits-c65074fa5035?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, hacking, careers05-Aug-2024
Day 3 of 30 Days — 30 Vulnerability | CSRFhttps://medium.com/@kumawatabhijeet2002/day-3-of-30-days-30-vulnerability-csrf-3958560fb941?source=rss------bug_bounty-5Abhijeet kumawatvulnerability, bug-bounty, cybersecurity, csrf-attack05-Aug-2024
Unveiling Remote Code Execution in AI chatbot workflowshttps://infosecwriteups.com/unveiling-remote-code-execution-in-ai-chatbot-workflows-3c7f633f63c3?source=rss------bug_bounty-5Anurag__Vermaethical-hacking, infosec, penetration-testing, bugs, bug-bounty05-Aug-2024
How I Got Critical P2 Bug on Google VRPhttps://medium.com/@rhashibur75/how-i-got-critical-p2-bug-on-google-vrp-165017145af8?source=rss------bug_bounty-5Kazi Hashibur Rahmangoogle-bug, bugs, bug-bounty-tips, bug-bounty, google04-Aug-2024
Insecure Deserialization — Why it is a vulnerabilityhttps://medium.com/@nanak.singh/insecure-deserialization-why-it-is-a-vulnerability-74e22e878cf4?source=rss------bug_bounty-5Nanak Singh Khuranaweb-security, insecure-deserialization, hacking, bug-bounty04-Aug-2024
Simple Authentication Bypass By Response Manipulation.https://medium.com/@test123cybertest/simple-authentication-bypass-by-response-manipulation-44ba530e803b?source=rss------bug_bounty-5praveenarsh0xx0hacking, tips-and-tricks, cybersecurity, pentest, bug-bounty04-Aug-2024
Hacking OWASP Juice Shop: Part 3- Exploiting Insufficient Server-Side Checks:::Bypassing Input…https://infosecwriteups.com/hacking-owasp-juice-shop-part-3-exploiting-insufficient-server-side-checks-bypassing-input-6b4368449c2f?source=rss------bug_bounty-5callgh0sthacking, input-validation, burpsuite, consistency, bug-bounty04-Aug-2024
SQL Injection Attack, Querying the Database Type and Version on MySQL and Microsofthttps://medium.com/@marduk.i.am/sql-injection-attack-querying-the-database-type-and-version-on-mysql-and-microsoft-caf947d0208a?source=rss------bug_bounty-5Marduk I Amsqli, sql-injection, bug-bounty, information-security, portswigger-lab04-Aug-2024
Hacking OWASP Juice Shop: Part4 — Exploiting Payment and Input Validation Loopholeshttps://infosecwriteups.com/hacking-owasp-juice-shop-part4-exploiting-payment-and-input-validation-loopholes-59f6b8485c3e?source=rss------bug_bounty-5callgh0stprompt, bypass, consistency, hacking, bug-bounty04-Aug-2024
Simple logic flaw lead to P3 bug in public BBPhttps://medium.com/@mohamed0xmuslim/simple-logic-flaw-lead-to-p3-bug-in-public-bbp-7cf21a4fb7c6?source=rss------bug_bounty-5Muhammad_Mostafabug-bounty, bugcrowd, bugbounty-writeup, bug-bounty-tips, hackerone04-Aug-2024
curityPHAR Deserialization: Exploiting Hidden Vulnerabilities in PHPhttps://cyberw1ng.medium.com/curityphar-deserialization-exploiting-hidden-vulnerabilities-in-php-c68891254c13?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, cybersecurity, penetration-testing, hacking04-Aug-2024
Kioptrix Level 3 Walkthroughhttps://erdemstar.medium.com/kioptrix-level-3-walkthrough-25dce894e7e3?source=rss------bug_bounty-5Erdemstaroscp-preparation, bug-bounty, pentesting, oscp, bug-bounty-tips04-Aug-2024
Exploiting Negative Quantity Manipulation for Total Price Reductionhttps://medium.com/@adhammedhat101/s-e615c50a1798?source=rss------bug_bounty-5SemZcybersecurity, bug-bounty, bugbounty-writeup, penetration-testing, web-app-security04-Aug-2024
Don’t Know Where to Look for Bugs? A Beginner’s Guide to Bug Huntinghttps://medium.com/@paritoshblogs/dont-know-where-to-look-for-bugs-a-beginner-s-guide-to-bug-hunting-780780eec09b?source=rss------bug_bounty-5Paritoshbug-bounty-tips, bug-bounty, information-technology, information-security, cybersecurity03-Aug-2024
How I prevented a mass leak of user data at one of the largest Tech companieshttps://medium.com/@syarifsajjad07/how-i-prevented-a-mass-leak-of-user-data-at-one-of-the-largest-tech-companies-caea05474af8?source=rss------bug_bounty-5Syarifsajjadhackerone, bug-bounty-tips, cybersecurity, bug-bounty, bugbounty-writeup03-Aug-2024
30 Days — 30 Vulnerability Challengehttps://it4chis3c.medium.com/30-days-30-vulnerability-challenge-28edae3b25d4?source=rss------bug_bounty-5It4chis3cbug-bounty-tips, bug-bounty, 30dayswritingchallenge03-Aug-2024
Day 1 of 30 Days — 30 Vulnerabilities Tips & Trickshttps://it4chis3c.medium.com/day-1-of-30-days-30-vulnerabilities-tips-tricks-4cff7b2756a2?source=rss------bug_bounty-5It4chis3c30dayswritingchallenge, xss-attack, xss-vulnerability, bug-bounty-tips, bug-bounty03-Aug-2024
How I Hacked and Secured a Croatian Government Website: A White Hat Journeyhttps://harshit3.medium.com/how-i-hacked-and-secured-a-croatian-government-website-a-white-hat-journey-d452fbb8e711?source=rss------bug_bounty-5Harshitethical-hacking, bug-bounty, security, vulnerability, cybersecurity03-Aug-2024
How a Host Header Injection Bug Earned Me My Fourth Hall of Fame Spot at Applehttps://medium.com/@MohaseenK/how-a-host-header-injection-bug-earned-me-my-fourth-hall-of-fame-spot-at-apple-b5d880acbba2?source=rss------bug_bounty-5Mohaseeninfosec, hall-of-fame, hackerone, bug-bounty, apple03-Aug-2024
Your AI Conversations Aren’t Safe: How We Stole Themhttps://h0tak88r.medium.com/your-ai-conversations-arent-safe-how-we-stole-them-02c17db2ed72?source=rss------bug_bounty-5sallambug-bounty-tips, prompt-injection-attack, ai-hacking, bug-bounty, oauth03-Aug-2024
How I Earned $469 Bounty: Bypassing Plan Restrictionhttps://medium.com/@a13h1/how-i-earned-469-bounty-bypassing-plan-restriction-58f6d3120b6e?source=rss------bug_bounty-5Abhi Sharmaaccess-control, programming, infosec, cybersecurity, bug-bounty03-Aug-2024
How to Find Vulnerabilities and Bugs with the Help of ChatGPT and Get Bountyhttps://medium.com/@shaikhminhaz1975/how-to-find-vulnerabilities-and-bugs-with-the-help-of-chatgpt-and-get-bounty-f1ee5b6b0dd0?source=rss------bug_bounty-5Shaikh Minhazbug-bounty-with-ai, bug-bounty, chatgpt, cybersecurity, find-bug-with-chatgpt03-Aug-2024
how I found a critical bug using response manipulationhttps://matrixm0x1.medium.com/how-i-found-a-critical-bug-using-response-manipulation-4403a562db12?source=rss------bug_bounty-5matrixm0x1security, vulnerability, cybersecurity, bugs, bug-bounty03-Aug-2024
20.9 Lab: Developing a custom gadget chain for PHP deserializationhttps://cyberw1ng.medium.com/20-9-lab-developing-a-custom-gadget-chain-for-php-deserialization-c173ff462156?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing03-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-66)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-66-9a60c229db5e?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, skills, hacking, bug-bounty, cybersecurity03-Aug-2024
How could privilege escalation vulnerability lead to full account takeover?https://medium.com/@moxallam/how-could-privilege-escalation-vulnerability-lead-to-full-account-takeover-0d49d3d5fbee?source=rss------bug_bounty-53llampentesting, web-application-security, bug-bounty, cyber-security-services, bug-bounty-writeup03-Aug-2024
Uncovering a Reflected XSS Vulnerability in an Insurance Company’s Websitehttps://medium.com/@anonymousshetty2003/uncovering-a-reflected-xss-vulnerability-in-an-insurance-companys-website-ee56c3492381?source=rss------bug_bounty-5Anonymousshettybug-bounty, cybersecurity, ethical-hacking03-Aug-2024
Discovering a Reflected XSS Vulnerability in an Shopping Websitehttps://medium.com/@anonymousshetty2003/discovering-a-reflected-xss-vulnerability-in-an-shopping-website-d9ea72be73ef?source=rss------bug_bounty-5Anonymousshettybug-bounty, xss-vulnerability, ethical-hacking, cybersecurity03-Aug-2024
The first $100 from Bug Hunterhttps://medium.com/@osamamohamed21212121/the-first-100-from-bug-hunter-aaee9a0ac547?source=rss------bug_bounty-5Osamamohamedcybersecurity, security, vulnerability, bug-bounty, bus03-Aug-2024
How I Escalated N/A to High and Got Rewarded £££: Bug Hunting Journeyhttps://medium.com/@iamrizwanvp/how-i-escalated-n-a-to-medium-and-got-rewarded-bug-hunting-journey-c6e6097fe93c?source=rss------bug_bounty-5iamrizwanvpbug-bounty, penetration-testing, cybersecurity, bugbounty-writeup03-Aug-2024
From Fries to Flaws : My Journey into Web App Security (Part II)https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-ii-6127ecc7d93f?source=rss------bug_bounty-5OiQbug-bounty, web-application-security, cybersecurity, xss-vulnerability, bug-bounty-tips03-Aug-2024
Tips about bug bounty for complete begginershttps://medium.com/@mrkimia097/tips-about-bug-bounty-for-complete-begginers-0fa1c85594ad?source=rss------bug_bounty-5Mrkimiabug-bounty, hacker, bugbounty-tips03-Aug-2024
How I Escalated N/A to High and Got Rewarded $$$: Bug Hunting Journeyhttps://medium.com/@iamrizwanvp/how-i-escalated-n-a-to-medium-and-got-rewarded-bug-hunting-journey-c6e6097fe93c?source=rss------bug_bounty-5iamrizwanvpbug-bounty-tips, bug-bounty, penetration-testing, cybersecurity, bugbounty-writeup03-Aug-2024
#4. Bug Bounty Series: Exploiting Boolean-based SQL Injectionhttps://cyb3rmind.medium.com/4-bug-bounty-series-exploiting-boolean-based-sql-injection-3455d800892e?source=rss------bug_bounty-5Cyb3r M!ndspentesting, hacking, bug-bounty, sql-injection02-Aug-2024
Bounty Hunting — Complete Guide (Part-65)https://medium.com/@rafid19/bounty-hunting-complete-guide-part-65-885040ada45a?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, hacking, cybersecurity, ethical-hacking, bug-bounty02-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-64)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-64-aa6bc5c45197?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, hacking, skills, bug-bounty02-Aug-2024
Bug Bounty Hunting — Complete Guide (Part-63)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-63-fdea83c2c38f?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, ethical-hacking, skills, hacking02-Aug-2024
Best youtube channels to learn bughunting and penetration testinghttps://medium.com/@sangamahesh650/best-youtube-channels-to-learn-bughunting-and-penetration-testing-eea2e78a202a?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, bug-bounty-writeup, bugbounty-tips, bug-bounty-tips, bug-bounty02-Aug-2024
Finding subdomains from googlehttps://medium.com/@sangamahesh650/finding-subdomains-from-google-7f370fe60ad1?source=rss------bug_bounty-5loyalonlytodaypenetration-testing, bugbounting, bug-bounty, bug-bounty-tips, bug-bounty-writeup02-Aug-2024
Search engines for hackers and bughuntershttps://medium.com/@sangamahesh650/search-engines-for-hackers-and-bughunters-16139aa60752?source=rss------bug_bounty-5loyalonlytodaybugbounty-writeup, bug-bounty-tips, bug-bounty, hacking, penetration-testing02-Aug-2024
Finding more subdomainshttps://medium.com/@sangamahesh650/finding-more-subdomains-1f5221e79310?source=rss------bug_bounty-5loyalonlytodaybug-bounty, bugbounty-tips, bug-bounty-tips02-Aug-2024
Overview of API Penetration Testinghttps://medium.com/@aakashgupthagwapt/overview-of-api-penetration-testing-2065f6722f4e?source=rss------bug_bounty-5Aakashgupthapenetration-testing, api-penetration-testing, bug-bounty, cybersecurity, api02-Aug-2024
20.8 Lab: Developing a custom gadget chain for Java deserializationhttps://cyberw1ng.medium.com/20-8-lab-developing-a-custom-gadget-chain-for-java-deserialization-01b85e1e998a?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, hacking, bug-bounty, cybersecurity02-Aug-2024
I found RCE on Viber.https://medium.com/@deadoverflow/i-found-rce-on-viber-432cf9e17eb0?source=rss------bug_bounty-5Imad Husanoviccyber-security-awareness, programming, hacking, rce, bug-bounty02-Aug-2024
Email Verification Bypass Easy-P4https://medium.com/@Ajakcybersecurity/email-verification-bypass-easy-p4-70039d0b8fd9?source=rss------bug_bounty-5AjakCybersecuritytechnology, penetration-testing, bug-bounty, hacking, ethical-hacking02-Aug-2024
Client-Side XSS: The DOM-based Debacle (Cross Site Scripting)https://medium.com/@godsxfinger/client-side-xss-the-dom-based-debacle-cross-site-scripting-7a14904934d9?source=rss------bug_bounty-5Aadi (godsxfinger)xs, web-app-security, bug-bounty, cybersecurity, bug-bounty-tips01-Aug-2024
Serialization and Deserialization: Advanced Concepts and Best Practiceshttps://cyberw1ng.medium.com/serialization-and-deserialization-advanced-concepts-and-best-practices-c6562fce9e4b?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, penetration-testing, cybersecurity01-Aug-2024
Understanding Cross-Site Scripting (XSS)https://medium.com/@soheilvanaee.net/understanding-cross-site-scripting-xss-5610d02cc5c4?source=rss------bug_bounty-5Soheilvanaee Netbug-bounty, cybersecurity, web-hacking01-Aug-2024
First Bug Report: HTML Injection Vulnerability ️‍♂️https://medium.com/@youseftamereg/first-bug-report-html-injection-vulnerability-%EF%B8%8F-%EF%B8%8F-7a5e042d6548?source=rss------bug_bounty-5yousef tamerhtml-injection, writeup, bug-bounty01-Aug-2024
Wasabi Bucket Takeover | Bug Bountyhttps://mo9khu93r.medium.com/wasabi-bucket-takeover-bug-bounty-7520e8decde7?source=rss------bug_bounty-5mo9khu93rethical-hacking, cybersecurity, subdomain-takeover, bug-bounty31-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-62)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-62-4ff0fce045ca?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, skills, bug-bounty, hacking31-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-61)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-61-1c6514a2067b?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, cybersecurity, bug-bounty, skills, hacking31-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-60)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-60-76ea9ba1551c?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, bug-bounty, hacking, cybersecurity, ethical-hacking31-Jul-2024
Step-by-Step Guide On How to Find Your First Bug in Web Applicationshttps://medium.com/@shaikhminhaz1975/step-by-step-guide-on-how-to-find-your-first-bug-in-web-applications-0080f6a7f945?source=rss------bug_bounty-5Shaikh Minhazcybersecurity, bug-bounty, vulnerability, information-disclosure, ethical-hacking31-Jul-2024
How To Find Your 1st Bug For Bug Bounty Hunters (Step by Step Guide) Guarantee Resulthttps://medium.com/@shaikhminhaz1975/step-by-step-guide-on-how-to-find-your-first-bug-in-web-applications-0080f6a7f945?source=rss------bug_bounty-5Shaikh Minhazcybersecurity, bug-bounty, vulnerability, information-disclosure, ethical-hacking31-Jul-2024
SAML Authentication Bypass Leading to Admin Panel Accesshttps://medium.com/@0x_xnum/saml-authentication-bypass-leading-to-admin-panel-access-24f23812ed76?source=rss------bug_bounty-5Ahmed Tarekbug-bounty, saml, privilege-escalation, broken-access-control, authentication-bypass31-Jul-2024
Don’t know where to look for bugs ?? In Depth Recon Bug Bounty — Part 02https://omarora1603.medium.com/dont-know-where-to-look-for-bugs-in-depth-recon-bug-bounty-part-02-9d7c55e045aa?source=rss------bug_bounty-5Om Arorabug-bounty-writeup, hacking, bug-bounty, methodology, infosec31-Jul-2024
My Journey into Cybersecurity: Learning Bug Bounty from Scratchhttps://medium.com/@akashathare411/my-journey-into-cybersecurity-learning-bug-bounty-from-scratch-abc2b45f04c5?source=rss------bug_bounty-5Akash Atharelearning, cybersecurity, bug-bounty, iit, masters-degree31-Jul-2024
Serialization and Deserialization: An Essential Guidehttps://cyberw1ng.medium.com/serialization-and-deserialization-an-essential-guide-30552a9cf379?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, cybersecurity, penetration-testing31-Jul-2024
Hack and make money — Bug Bountyhttps://medium.com/@victoras.croitoru/hack-and-make-money-bug-bounty-d9db818eb33e?source=rss------bug_bounty-5viconline, ethical-hacking, hacking, money, bug-bounty31-Jul-2024
NgeSec Bebas #3 — How to Avoid N/A on Submissionshttps://muh-hidayat7799.medium.com/ngesec-bebas-3-how-to-avoid-n-a-on-submissions-9acf14ef7ba1?source=rss------bug_bounty-5Muhamad Hidayatmethodology, risk-management, bug-bounty, app-security, penetration-testing31-Jul-2024
Don’t know where to look for bugs ?? In Depth Recon Bug Bounty — Part 02https://infosecwriteups.com/dont-know-where-to-look-for-bugs-in-depth-recon-bug-bounty-part-02-9d7c55e045aa?source=rss------bug_bounty-5Om Arorabug-bounty-writeup, hacking, bug-bounty, methodology, infosec31-Jul-2024
Why bug bounty program should be a part of your security strategy — ET CISOhttps://nowitsanurag.medium.com/why-bug-bounty-program-should-be-a-part-of-your-security-strategy-et-ciso-ad5abf991292?source=rss------bug_bounty-5Anuragcybersecurity, bug-bounty, ransomware, vulnerability31-Jul-2024
Uncovering Sensitive Information: A Case Study on a Government Websitehttps://medium.com/@anonymousshetty2003/uncovering-sensitive-information-a-case-study-on-a-government-website-1f5ad0e158ec?source=rss------bug_bounty-5Anonymousshettyhacking, ethical-hacking, bug-bounty, wpscan, cybersecurity31-Jul-2024
Stored XSS: When Bad Code Happens to Good Websites (Cross Site Scripting)https://medium.com/@godsxfinger/stored-xss-when-bad-code-happens-to-good-websites-a5d6b4e629ca?source=rss------bug_bounty-5Aadi (godsxfinger)bug-bounty, cross-site-scripting, xs, web-app-security, cybersecurity31-Jul-2024
Reflected XSS: Navigating the Web’s Wild West (Cross-Site Scripting)https://medium.com/@godsxfinger/reflected-xss-navigating-the-webs-wild-west-cross-site-scripting-a1e092e58b73?source=rss------bug_bounty-5Aadi (godsxfinger)cybersecurity, cross-site-scripting, xs, bug-bounty, web-app-security31-Jul-2024
From Fries to Flaws : My Journey into Web App Security (Part I)https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-i-958c67c20771?source=rss------bug_bounty-5OiQweb-application-security, web-vulnerabilities, bug-bounty, bug-bounty-tips, cybersecurity31-Jul-2024
ICMTC Final CTF 2024 Web Hackig Challengeshttps://medium.com/@medohythem2019/icmtc-final-ctf-2024-web-hackig-challenges-5135cccf09ba?source=rss------bug_bounty-50xdragonbug-bounty, hacking, pentesting, ctf30-Jul-2024
LFI WITH PHPINFO TO RCEhttps://infosecwriteups.com/lfi-with-phpinfo-to-rce-78318f0dc9ce?source=rss------bug_bounty-5c0d3x27bug-bounty, hacking-tools, hacking, web-development, cybersecurity30-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-59)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-59-a0a4a25d7f97?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, cybersecurity, ethical-hacking, bug-bounty, skills30-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-58)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-58-f4102848b19d?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, bug-bounty, ethical-hacking, cybersecurity, skills30-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-57)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-57-1c470cccf094?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, bug-bounty, skills, hacking30-Jul-2024
Triple XSS in a Private Bug Bounty Program via a Hidden Parameterhttps://infosecwriteups.com/triple-xss-in-a-private-bug-bounty-program-via-a-hidden-parameter-b42d0263f56d?source=rss------bug_bounty-5Andreahacking, bug-bounty, xss-attack30-Jul-2024
Interesting Business Logic Error leads to Pre-Account Takeover via Verification bypass on GoogleVRPhttps://medium.com/@jerryhackgather/interesting-business-logic-error-leads-to-pre-account-takeover-via-verification-bypass-on-googlevrp-d362f9469e3d?source=rss------bug_bounty-5Jerry1319cybersecurity, bug-bounty-tips, bug-bounty, bugbounty-writeup30-Jul-2024
Cross-Site Scripting (XSS) Vulnerabilities:https://medium.com/@yassentaalab51/cross-site-scripting-xss-vulnerabilities-1397653cef7d?source=rss------bug_bounty-5Yassen Taalabowasp, web-vulnerabilities, bug-bounty, web-security, xss-attack30-Jul-2024
6 tips for finding security vulnerabilities with GitHub Code Search — Bug Bounty Tuesdayhttps://medium.com/@kerstan/6-tips-for-finding-security-vulnerabilities-with-github-code-search-bug-bounty-tuesday-d4035bc7e302?source=rss------bug_bounty-5kerstanhacking, bug-bounty, cybersecurity30-Jul-2024
Stealing First Party Access Token of Facebook Users: Meta Bug Bountyhttps://iamsaugat.medium.com/stealing-first-party-access-token-of-facebook-users-meta-bug-bounty-44b3b2e87d07?source=rss------bug_bounty-5Saugat Pokharelmeta, cybersecurity, facebook-bug-bounty, bug-bounty, hacking30-Jul-2024
第一次课程笔记整理https://medium.com/@starkxun5215/%E7%AC%AC%E4%B8%80%E6%AC%A1%E8%AF%BE%E7%A8%8B%E7%AC%94%E8%AE%B0%E6%95%B4%E7%90%86-52d34c91f3fc?source=rss------bug_bounty-5xun starkbug-bounty30-Jul-2024
Race Conditions Uncovered: A Practical Guidehttps://yaseenzubair.medium.com/race-conditions-uncovered-a-practical-guide-3cb69d73c946?source=rss------bug_bounty-5Yaseen Zubairweb-security, penetration-testing, bug-bounty, bug-bounty-tips, race-condition30-Jul-2024
Navigating the Dangers of Insecure Deserializationhttps://cyberw1ng.medium.com/navigating-the-dangers-of-insecure-deserialization-73254b5ed415?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, bug-bounty, hacking, careers30-Jul-2024
How I got my first valid bug on nasahttps://medium.com/@mrkimia097/how-i-got-my-first-valid-bug-on-nasa-bf5e95531f00?source=rss------bug_bounty-5Mrkimiabug-bounty30-Jul-2024
Top Google Dorks Explainedhttps://infosecwriteups.com/top-google-dorks-explained-ee6cac1673da?source=rss------bug_bounty-5Mike Takahashi (TakSec)information-security, seo, hacking, cybersecurity, bug-bounty30-Jul-2024
Exposing OTP Bypass Vulnerabilities: Step-by-Step Bug Bounty Case Studyhttps://b0mk35h.medium.com/exposing-otp-bypass-vulnerabilities-step-by-step-bug-bounty-case-study-0dc39dc543bd?source=rss------bug_bounty-5Pronay Biswaspenetration-testing, hacking, bug-bounty, vulnerability, cybersecurity29-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-56)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-56-5d2efa89b759?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, bug-bounty, ethical-hacking, cybersecurity, skills29-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-55)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-55-1032e6222b41?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, skills, bug-bounty, hacking29-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-54)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-54-8e83629a6942?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, hacking, ethical-hacking, skills, bug-bounty29-Jul-2024
Exploiting Open Redirection $1000https://medium.com/@mdnafeed3/how-about-exploiting-open-redirection-how-base64-encoding-can-uncover-hidden-vulnerabilities-cb5beb11b763?source=rss------bug_bounty-5H4cker-Nafeedcybersecurity, web3, infosec, hacking, bug-bounty29-Jul-2024
Insecure Deserialization Vulnerabilities: A Deep Dive into Risks and Mitigationshttps://cyberw1ng.medium.com/insecure-deserialization-vulnerabilities-a-deep-dive-into-risks-and-mitigations-5c37f297c763?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, bug-bounty, penetration-testing, hacking29-Jul-2024
Discovering and Exploiting an XSS Vulnerability in a Large Finance Websitehttps://medium.com/@anonymousshetty2003/discovering-and-exploiting-an-xss-vulnerability-in-a-large-finance-website-f125dbd6d984?source=rss------bug_bounty-5Anonymousshettyxss-vulnerability, cybersecurity, ethical-hacking, hacking, bug-bounty29-Jul-2024
Advanced scan with Bashhttps://mosec0.medium.com/advanced-scan-with-bash-52005537a63c?source=rss------bug_bounty-5Mohamed Alipentester, bug-bounty, new-security-tool29-Jul-2024
Uncovering Sensitive File Information: A Case Study in Web Securityhttps://medium.com/@anonymousshetty2003/uncovering-sensitive-file-information-a-case-study-in-web-security-f5d03f2c5cd4?source=rss------bug_bounty-5Anonymousshettysensitive-data, cybersecurity, ethical-hacking, bug-bounty, dorking29-Jul-2024
Kioptrix Level 2 Walkthroughhttps://erdemstar.medium.com/kioptrix-level-2-walkthrough-439c56f87c?source=rss------bug_bounty-5Erdemstarvulnerability, oscp-preparation, bug-bounty-tips, bug-bounty, oscp29-Jul-2024
JS Link Finder Burp Suite Extension Guidehttps://infosecwriteups.com/js-link-finder-burp-suite-extension-guide-e4809a6da268?source=rss------bug_bounty-5Mike Takahashi (TakSec)information-security, cybersecurity, hacking, bug-bounty, appsec29-Jul-2024
New Planshttps://medium.com/@nnface/new-plans-0b11cfa5495d?source=rss------bug_bounty-5NnFacebugs, bug-bounty, bug-bounty-writeup, hacker, hacking29-Jul-2024
Chain Reaction On Big Playerhttps://medium.com/@nnface/chain-reaction-on-big-player-4e331faf57b9?source=rss------bug_bounty-5NnFacebug-bounty, bug-bounty-tips, bugs, bugs-bunny, hacking29-Jul-2024
JavaScript: Hunting And Analyzing for Bug Bounty..https://hacktivistattacker.medium.com/javascript-hunting-and-analyzing-for-bug-bounty-a15416de32cd?source=rss------bug_bounty-5Hacktivist-Attackerbug-bounty, ethical-hacking, code-analysis, education, javascript28-Jul-2024
Hunting for Vulnerabilities that are ignored by most of the Bug Bounty Hunters — Part 2https://medium.com/@kshunya/hunting-for-vulnerabilities-that-are-ignored-by-most-of-the-bug-bounty-hunters-part-2-d2a51edaa8e8?source=rss------bug_bounty-5Vishal Barotpentesting, infosec, bug-bounty, penetration-testing, vapt28-Jul-2024
Hacking OWASP Juice Shop: Part 2 — Exposing Critical Vulnerabilities in the Payment Flowhttps://callgh0st.medium.com/hacking-owasp-juice-shop-part-2-exposing-critical-vulnerabilities-in-the-payment-flow-45630ed1633e?source=rss------bug_bounty-5callgh0stvulnerability, hacking, bug-bounty, payments, logic28-Jul-2024
Unveiling Hidden Git Repositories: A Deep Dive into the Git Source Code Disclosure Scannerhttps://maordayanofficial.medium.com/unveiling-hidden-git-repositories-a-deep-dive-into-the-git-source-code-disclosure-scanner-f704470de59a?source=rss------bug_bounty-5Maor Dayanthreat-hunting, vulnerability, white-hat-hacker, bug-bounty28-Jul-2024
How I bypass Safegurads of meta AI (Llama)https://medium.com/@jeetpal2007/how-i-bypass-safegurads-of-meta-ai-llama-d735b521da2b?source=rss------bug_bounty-5JEETPALllamas, bug-bounty, llm, bugbounty-tips, bugbounty-writeup28-Jul-2024
How to Fight Procrastination as a Bug Hunterhttps://medium.com/@Progsky/how-to-fight-procrastination-as-a-bug-hunter-48d0d280e572?source=rss------bug_bounty-5Progskybug-bounty, hacking, pentesting, penetration-testing, procrastination28-Jul-2024
Exploiting Insecure Deserialization Vulnerabilitieshttps://cyberw1ng.medium.com/exploiting-insecure-deserialization-vulnerabilities-cb9c586cd146?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, penetration-testing, hacking28-Jul-2024
Subdomain Takeoverhttps://medium.com/@mukkagopi50/subdomain-takeover-1de38466fdcc?source=rss------bug_bounty-5Gopi Mukkabug-bounty28-Jul-2024
Bypass Plan Restriction & Get 350$ Bountyhttps://infosecwriteups.com/bypass-plan-restriction-get-350-bounty-2df24f406462?source=rss------bug_bounty-5Abhi Sharmaprivilege-escalation, bug-bounty, programming, cybersecurity, access-control28-Jul-2024
Here are some common parameters to test for XSS (Cross-Site Scripting) vulnerabilities:https://medium.com/@BugHunterMan/here-are-some-common-parameters-to-test-for-xss-cross-site-scripting-vulnerabilities-fbe25f1968cc?source=rss------bug_bounty-5BugHUnterManbug-bounty, vulnerability28-Jul-2024
Hacking OWASP Juice Shop: Part 2 — Exposing Critical Vulnerabilities in the Payment Flowhttps://infosecwriteups.com/hacking-owasp-juice-shop-part-2-exposing-critical-vulnerabilities-in-the-payment-flow-45630ed1633e?source=rss------bug_bounty-5callgh0stvulnerability, hacking, bug-bounty, payments, logic28-Jul-2024
0-Click ATO Due to Weak Reset Password Tokens and Lack of Rate Limitinghttps://h0tak88r.medium.com/0-click-ato-due-to-weak-reset-password-tokens-and-lack-of-rate-limiting-b7fe20487a45?source=rss------bug_bounty-5sallamcybersecurity, ato, bug-bounty, account-takeover, bug-bounty-tips28-Jul-2024
how did i find leakage of information just by fuzzing?https://medium.com/@onader104/how-did-i-find-leakage-of-information-just-by-fuzzing-888d6ce6d8f7?source=rss------bug_bounty-5Omar Naderinfosec, bug-bounty, cybersecurity, bug-bounty-tips, info-sec-writeups28-Jul-2024
The Looming Threat: How an IDOR Vulnerability Could Have Exposed Millions of Merchants Details.https://medium.com/@cy3erbeast/the-looming-threat-how-an-idor-vulnerability-could-have-exposed-millions-of-merchants-details-f488725489a0?source=rss------bug_bounty-5Rahulbug-bounty-writeup, bug-bounty, idor-vulnerability, bug-bounty-tips, data-breach28-Jul-2024
Discovered Sensitive Data Exposure on Wati.com: A Case Study Using Sublist3r and DirBusterhttps://medium.com/@anonymousshetty2003/discovered-sensitive-data-exposure-on-wati-com-a-case-study-using-sublist3r-and-dirbuster-409a03f8f75d?source=rss------bug_bounty-5Anonymousshettybug-bounty, hacking, cybersecurity, ethical-hacking27-Jul-2024
Open Redirect Vulnerability in Microsoft Create Portalhttps://zeynalxan.medium.com/open-redirect-vulnerability-in-microsoft-create-portal-6654eb3e6b7a?source=rss------bug_bounty-5Zeynalxan Quliyevbug-bounty, microsoft-hack, open-redirect, bug-bounty-writeup, microsoft-open-redirect27-Jul-2024
How I found a Privilege Escalation bug in bug bounty.https://medium.com/@gitlime71/how-i-found-a-privilege-escalation-bug-in-bug-bounty-eff018f19020?source=rss------bug_bounty-5Raccoonhacking, bug-bounty, penetration-testing, pentesting, bug-bounty-tips27-Jul-2024
Jailbreak of Meta AI (Llama -3.1) revealing configuration detailshttps://medium.com/@kiranmaraju/jailbreak-of-meta-ai-llama-3-1-revealing-configuration-details-9f0759f5006a?source=rss------bug_bounty-5Kiran Marajullm, nlp, cybersecurity, bug-bounty, chatbots27-Jul-2024
Subdomain Takeoverhttps://medium.com/@ibnibrahim/subdomain-takeover-34bd662b5a7a?source=rss------bug_bounty-5TestUsercybersecurity, hacking, ethical-hacking, bug-bounty, information-security27-Jul-2024
Exploiting insecure deserialization vulnerabilitieshttps://cyberw1ng.medium.com/exploiting-insecure-deserialization-vulnerabilities-3595e4c24e2d?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, penetration-testing, cybersecurity, careers27-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-48)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-48-241d35293a81?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, cybersecurity, hacking, skills, bug-bounty26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-47)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-47-8d21d898cc97?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, skills, cybersecurity, ethical-hacking, hacking26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-46)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-46-e851213880f4?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, bug-bounty, ethical-hacking, hacking, cybersecurity26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-45)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-45-7a90d1667a7a?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, skills, ethical-hacking, bug-bounty, hacking26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-44)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-44-e4649fab9a0c?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking26-Jul-2024
30-day Time Limit: Swagshop Credit-Giving Activityhttps://medium.com/@security.tecno/30-day-time-limit-swagshop-credit-giving-activity-61454ef3757b?source=rss------bug_bounty-5TECNO Securitybug-bounty, security, bonus, hacker26-Jul-2024
SIMPLE IDEA IN 2FA BYPASS LEADS TO $$$$ & CRITICAL IMPACT !https://medium.com/@alderson.philip/simple-idea-in-2fa-bypass-leads-to-critical-impact-a98e7c6a4190?source=rss------bug_bounty-5Philip Aldersonhacker, bugs, bug-bounty, 2fa-bypass26-Jul-2024
Inside the Bug Bounty World: Challenges, Rewards, and Tips for Successhttps://medium.com/codex/inside-the-bug-bounty-world-challenges-rewards-and-tips-for-success-74ea37cbfd9c?source=rss------bug_bounty-5Security Lit Limitedbug-bounty, vulnerability, bug-bounty-tips, cybersecurity, penetration-testing26-Jul-2024
Quick Guide: API Penetration Testinghttps://medium.com/@miladkeivanfar/quick-guide-api-penetration-testing-496c2e356a2e?source=rss------bug_bounty-5Milad keivanfarpentesting, api-penetration-testing, bug-bounty, bug-bounty-tips, api-security26-Jul-2024
Solving an extremely difficult cryptography CTF pack: Level 1https://medium.com/@f3tch/day-1-of-solving-an-extremely-difficulty-level-cryptography-ctf-pack-level-1-b8b3d89a531c?source=rss------bug_bounty-5f3tchhacking, ctf-writeup, ctf, bug-bounty, cryptography26-Jul-2024
ElasticSearch Smash & Grabhttps://hogarth45.medium.com/elasticsearch-smash-grab-99cf36cdefbb?source=rss------bug_bounty-5Jesselasticsearch, hacking, bug-bounty26-Jul-2024
Pentesting vs. Bug Bounty: Understanding the Differences and Choosing the Right Approachhttps://ip-specialist.medium.com/pentesting-vs-bug-bounty-understanding-the-differences-and-choosing-the-right-approach-0af4e0569193?source=rss------bug_bounty-5IPSpecialistdifference, pentester, pentesting, bug-bounty, security26-Jul-2024
18.7 Lab: Clobbering DOM attributes to bypass HTML filtershttps://cyberw1ng.medium.com/18-7-lab-clobbering-dom-attributes-to-bypass-html-filters-d1af9a33ae41?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, penetration-testing, careers, hacking26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-49)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-49-2ef3a8eb3b4b?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, bug-bounty, cybersecurity, ethical-hacking, skills26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-53)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-53-bea2f5cf6a14?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, cybersecurity, hacking, ethical-hacking, bug-bounty26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-52)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-52-26b5cc12f0c2?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, bug-bounty26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-51)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-51-379ea39fb723?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, skills, cybersecurity, ethical-hacking, hacking26-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-50)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-50-4a59a3c4f97b?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, skills, ethical-hacking, hacking26-Jul-2024
IDOR : Payment Fraud on GYM Membership websitehttps://uzet.medium.com/idor-payment-fraud-on-gym-membership-website-d4e67f07db57?source=rss------bug_bounty-5Timotius Benhurbug-bounty, pentesting, bug-bounty-writeup, bug-bounty-tips, cybersecurity25-Jul-2024
SQL Injection in 5 mins //Just because of CURIOSITY //https://larebsec.medium.com/sql-injection-in-5-mins-just-because-of-curiosity-56e186f6296d?source=rss------bug_bounty-5Larebsql-injection, hacking, cybersecurity, security, bug-bounty25-Jul-2024
Useful JavaScript functions & API’s to exploit XSS (Cross-Site Scripting)https://medium.com/@godsxfinger/useful-javascript-functions-apis-to-exploit-xss-cross-site-scripting-5d99a93d9899?source=rss------bug_bounty-5Aadi (godsxfinger)cross-site-scripting, xs, bug-bounty, cybersecurity25-Jul-2024
Bypassing OTP Verification in a Signup Pagehttps://medium.com/@rat010/bypassing-otp-verification-in-a-signup-page-13976f724017?source=rss------bug_bounty-5Kanhaiya Kumar Singhbug-bounty, web-application-security, web-app-testing, bug-hunting, bug-bounty-tips25-Jul-2024
18.6 Lab: Exploiting DOM clobbering to enable XSShttps://cyberw1ng.medium.com/18-6-lab-exploiting-dom-clobbering-to-enable-xss-640dd7c5fcf8?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing25-Jul-2024
The Importance of Cybersecurity in Today’s Digital Agehttps://medium.com/@erkankavas/the-importance-of-cybersecurity-in-todays-digital-age-8d5a61d47416?source=rss------bug_bounty-5Erkan Kavascybersecurity, bug-bounty, threat-intelligence25-Jul-2024
Automatiser la découverte des XSShttps://medium.com/@hazeprojecte/automatiser-la-d%C3%A9couverte-des-xss-9810f89172a4?source=rss------bug_bounty-5Itachix0fxss-attack, automatisation, bug-bounty-tips, bug-bounty25-Jul-2024
Automatiser la découverte des XSShttps://medium.com/@Itachi0xf/automatiser-la-d%C3%A9couverte-des-xss-9810f89172a4?source=rss------bug_bounty-5Itachix0fxss-attack, automatisation, bug-bounty-tips, bug-bounty25-Jul-2024
The Basic SQLmap Tutorial and SQLInjection | PortswiggerLab with SQLMaphttps://medium.com/@barsavak/the-basic-sqlmap-tutorial-and-sqlinjection-portswiggerlab-with-sqlmap-1bb0cdf086fb?source=rss------bug_bounty-5bariss30bug-bounty, test, sql-injection, web-vulnerabilities, tools24-Jul-2024
Bug Bounty basic for beginners & Types of bug bounty programshttps://systemweakness.com/bug-bounty-basic-for-beginners-types-of-bug-bounty-programs-e4a8dab68fcd?source=rss------bug_bounty-5Harsh Hatejbug-bounty, bug-bounty-program, kali-linux, bug-bounty-tips, bounty-program24-Jul-2024
14.30 Lab: Reflected XSS protected by CSP, with CSP bypasshttps://cyberw1ng.medium.com/14-30-lab-reflected-xss-protected-by-csp-with-csp-bypass-779c76173f7a?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, cybersecurity, careers, hacking24-Jul-2024
Android PenTesting Toolshttps://medium.com/@evilprince007/android-pentesting-tools-efd0685ffeb7?source=rss------bug_bounty-5Prathamesh Khatavkarandroid, bug-bounty, hacking, cybersecurity, mobile24-Jul-2024
Hacking Moodle Apps Via External Functionshttps://medium.com/@dub-flow/hacking-moodle-apps-via-external-functions-1fc88a6d697c?source=rss------bug_bounty-5Florian Walterpenetration-testing, moodle, ethical-hacking, cybersecurity, bug-bounty24-Jul-2024
Accelerating Cybersecurity Learning with Speed Reading and Memory Traininghttps://medium.com/@enigma_/accelerating-cybersecurity-learning-with-speed-reading-and-memory-training-97305b666660?source=rss------bug_bounty-5enigmabug-bounty, memory-improvement, ethical-hacking, speed-reading, cybersecurity24-Jul-2024
How Almost Sacrificing a University Group Project led to a Microsoft Bug Bountyhttps://medium.com/@pyrus369/how-almost-sacrificing-a-university-group-project-led-to-a-microsoft-bug-bounty-9801e0f8f006?source=rss------bug_bounty-5Pyrusmicrosoft, cybersecurity, web-security, bug-bounty, infosec23-Jul-2024
How Almost Sacrificing a University Group Project led to a Microsoft Bug Bountyhttps://medium.com/@ericdesquivel3/how-almost-sacrificing-a-university-group-project-led-to-a-microsoft-bug-bounty-7e1b4eaabe22?source=rss------bug_bounty-5Eric Esquivelbug-bounty, web-app-security23-Jul-2024
Unmasking Keystroke Secrets: How Hackers Exploit Your Keyboard — A Deep Dive into…https://systemweakness.com/unmasking-keystroke-secrets-how-hackers-exploit-your-keyboard-a-deep-dive-into-5bdb1bbabb25?source=rss------bug_bounty-5Khaleel Khaninfosec, bug-bounty, python, hacking, cybersecurity23-Jul-2024
Preparing Your VPS for Bug Bounty Operations: A Complete Guidehttps://medium.com/@adityasingh4180/preparing-your-vps-for-bug-bounty-operations-a-complete-guide-f55c30331df0?source=rss------bug_bounty-5Security Empirecybersecurity, vps, bugcrowd, automation-testing, bug-bounty23-Jul-2024
5 Tips For Writing Bug Bounty Reports — Bug Bounty Tuesdayhttps://medium.com/@kerstan/5-tips-for-writing-bug-bounty-reports-bug-bounty-tuesday-0c5ed937a657?source=rss------bug_bounty-5kerstanhacking, bug-bounty, cybersecurity23-Jul-2024
Complex Attack Types: Sample Scenarios 48https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-48-410ddcb3010e?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, bug-bounty, cyberattack, cybersecurity, penetration-testing23-Jul-2024
Top 10 XSS Payloadshttps://rodoassis.medium.com/top-10-xss-payloads-e4774a43e285?source=rss------bug_bounty-5Rodolfo Assis (Brute)xss-vulnerability, xss-attack, web-security, bug-bounty, web-hacking23-Jul-2024
How i created my first XSS tool:-XSS-Pro #BugBountyhttps://medium.com/@mithun_/how-i-created-my-first-xss-tool-xss-pro-bugbounty-982a16079baf?source=rss------bug_bounty-5Mithunxss-vulnerability, xss-attack, pentesting, bug-bounty, automation23-Jul-2024
I made a big mistake…https://medium.com/@deadoverflow/i-made-a-big-mistake-a3e2dac4138c?source=rss------bug_bounty-5Imad Husanovicbug-bounty, cybsersecurity, bug-bounty-tips, hacking, programming23-Jul-2024
How to start Bug Huntinghttps://medium.com/@hackerhyaato/how-to-start-bug-hunting-73ce283db5ac?source=rss------bug_bounty-5Hackerhyaatohow-to-start-bug-hunting, bug-bounty, bug-hunting, bugbounty-tips, how-to-start-bug-bounty23-Jul-2024
What is CSP (content security policy)?https://cyberw1ng.medium.com/what-is-csp-content-security-policy-cb3580832442?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, penetration-testing, bug-bounty, hacking23-Jul-2024
How to Install websocat on linux (Debian / Ubuntu)https://medium.com/@brianokinyi/how-to-install-websocat-on-linux-debian-ubuntu-85893655355e?source=rss------bug_bounty-5Brian Okinyiwebsocket, bug-bounty, linux, pentesting22-Jul-2024
Case Studies: High-Profile Vulnerabilities Discovered Through Bug Bounty Programshttps://medium.com/@paritoshblogs/case-studies-high-profile-vulnerabilities-discovered-through-bug-bounty-programs-2a063561f733?source=rss------bug_bounty-5Paritoshinformation-technology, hacking, bug-bounty, cybersecurity, information-security22-Jul-2024
OverTheWire — Bandit27https://medium.com/@evilprince007/overthewire-bandit27-465df4274d80?source=rss------bug_bounty-5Prathamesh Khatavkarhacking, cybersecurity, bug-bounty22-Jul-2024
TapSwap Clone Script Your Gateway to a Lucrative Tap-to-Earn Game !!!https://medium.com/@peterkester96/tapswap-clone-script-your-gateway-to-a-lucrative-tap-to-earn-game-68a589821305?source=rss------bug_bounty-5Peterkesterplayers, bug-bounty, telegram, profit, reflections22-Jul-2024
Burp Suite Made Easy: A Step-By-Step Tutorial (Part 1 of 2)https://medium.com/@trixiahorner/burp-suite-made-easy-a-step-by-step-tutorial-part-1-of-2-451695ce84b1?source=rss------bug_bounty-5Trixia Hornertryhackme, ethical-hacking, cybersecurity, penetration-testing, bug-bounty22-Jul-2024
14.28 Lab: Reflected XSS in a JavaScript URL with some characters blockedhttps://cyberw1ng.medium.com/14-28-lab-reflected-xss-in-a-javascript-url-with-some-characters-blocked-db67819d5aa6?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, cybersecurity, penetration-testing22-Jul-2024
What is IDOR (along with IDOR Attack Method)https://medium.com/@errorfiathck/what-is-idor-along-with-idor-attack-method-e183b28e8546?source=rss------bug_bounty-5Errorfiathckvulnerability, hacking, bug-bounty, idor, idor-vulnerability22-Jul-2024
The First Bug bounty forum !https://elb4rt0.medium.com/the-first-bug-bounty-forum-ba0399fb70c0?source=rss------bug_bounty-5Elb4rt0bug-bounty-hunter, bug-bounty-tips, bugs, bug-bounty, bug-bounty-writeup22-Jul-2024
First €200 bug that started my Bug Bounty Careerhttps://medium.com/@sugamdangal52/first-200-bug-that-started-my-bug-bounty-career-c11a871e116f?source=rss------bug_bounty-5Sugam Dangalbug-bounty-hunter, bug-bounty, bug-bounty-tips, bugs, bug-bounty-writeup22-Jul-2024
My Encounter with an Admin Panel in a Gas Agency Websitehttps://medium.com/@parthh_rana/my-encounter-with-an-admin-panel-in-a-gas-agency-website-72ded4fa4345?source=rss------bug_bounty-5Parth Ranalaravel, admin-panel, cybersecurity, bug-bounty, directory-listing22-Jul-2024
HACKERONE IS A SCAMhttps://medium.com/@proseizala/hackerone-is-a-scam-1623a5030284?source=rss------bug_bounty-5Proseizalacybersecurity, hackerone, hacker, bug-bounty22-Jul-2024
Complex Attack Types: Sample Scenarios 47https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-47-c0314c0e0b02?source=rss------bug_bounty-5Baris Dincerpenetration-testing, freedomofinternet, bug-bounty, cyberattack, cybersecurity22-Jul-2024
Discovering Account Takeover Vulnerability Through Source Map Analysishttps://medium.com/@eduardinholuiz691/discovering-account-takeover-vulnerability-through-source-map-analysis-0cd4038cbc04?source=rss------bug_bounty-5Daniel Silvavulnerability, bug-bounty, bug-bounty-writeup, reconnaissance22-Jul-2024
Discovering Account Takeover Vulnerability Through Source Map Analysishttps://medium.com/@danielsilva691/discovering-account-takeover-vulnerability-through-source-map-analysis-0cd4038cbc04?source=rss------bug_bounty-5Daniel Silvavulnerability, bug-bounty, bug-bounty-writeup, reconnaissance22-Jul-2024
CVE-2024–40725 and CVE-2024–40898: Critical Vulnerabilities in Apache HTTP Serverhttps://infosecwriteups.com/cve-2024-40725-and-cve-2024-40898-critical-vulnerabilities-in-apache-http-server-d292084255dc?source=rss------bug_bounty-5ElNiakapache, cybersecurity, https, bug-bounty, vulnerability21-Jul-2024
TryHackMe — NahamStore — Walkthroughhttps://medium.com/@nayanjyoti16/tryhackme-nahamstore-walkthrough-d4ecfe586c96?source=rss------bug_bounty-5Nayanjyoti Kumartryhackme, hacking, web, nahamstore, bug-bounty21-Jul-2024
How I bypassed payment in one of the popular mobile apk and got free subsciptionhttps://medium.com/@deepk007/how-i-bypassed-payment-in-one-of-the-popular-mobile-apk-and-got-free-subsciption-46e94f61c089?source=rss------bug_bounty-5DEepbug-bounty, bug-bounty-tips, ethical-hacking, red-team, cybersecurity21-Jul-2024
Community Building in Bug Bounties: The Power of Networking and Collaborationhttps://sarthakbhingare15.medium.com/community-building-in-bug-bounties-the-power-of-networking-and-collaboration-6adcdea4435b?source=rss------bug_bounty-5Sarthak Bhingarecommunity, improve, bug-bounty-tips, bug-bounty, tips21-Jul-2024
14.27 Lab: Reflected XSS with event handlers and href attributes blockedhttps://cyberw1ng.medium.com/14-27-lab-reflected-xss-with-event-handlers-and-href-attributes-blocked-d2f9871fc8a8?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, penetration-testing, careers, bug-bounty21-Jul-2024
How To Setup Private Interactsh Serverhttps://medium.com/@learntheshell/how-to-setup-private-interactsh-server-016c344a10b3?source=rss------bug_bounty-5LearnTheShellbug-bounty, bug-bounty-tips, cybersecurity, linux21-Jul-2024
Advanced XXE Injectionhttps://medium.com/illumination/advanced-xxe-injection-fb269f281a40?source=rss------bug_bounty-5Quintius Walkerpoetry, poetry-writing, poetry-on-medium, illumination, bug-bounty21-Jul-2024
BSOD error due to crowdstrike.https://gaya3-r.medium.com/bsod-error-due-to-crowdstrike-d675c348d09e?source=rss------bug_bounty-5gayatri rbug-bounty, crowdstrike, crowdstrike-outage, bsod-error, information-security21-Jul-2024
Email verification bypass due to race condition.https://medium.com/@mohamed.yasser442200/email-verification-bypass-due-to-race-condition-8e4492313208?source=rss------bug_bounty-5Spider4race-condition, red-team, bug-bounty, security, pentesting21-Jul-2024
Community Building in Bug Bounties: The Power of Networking and Collaborationhttps://sarthakbhingare15.medium.com/community-building-in-bug-bounties-the-power-of-networking-and-collaboration-6adcdea4435b?source=rss------bug_bounty-5Sarthak Raju Bhingarecommunity, improve, bug-bounty-tips, bug-bounty, tips21-Jul-2024
Uncovering a Critical Vulnerability: Unauthorized Access to Sensitive Datahttps://medium.com/@anonymousshetty2003/uncovering-a-critical-vulnerability-unauthorized-access-to-sensitive-data-024182daa127?source=rss------bug_bounty-5Anonymousshettypenetration-testing, bug-bounty, dorking, cybersecurity, ethical-hacking20-Jul-2024
Discovering a High-Severity Bug in a Major Mobile Distribution Companyhttps://medium.com/@anonymousshetty2003/discovering-a-high-severity-bug-in-a-major-mobile-distribution-company-3fdb2a0f1987?source=rss------bug_bounty-5Anonymousshettycybersecurity, ethical-hacking, bug-bounty20-Jul-2024
How I was able to escalate my privileges and Bypass 403 Forbiddenhttps://medium.com/@momen_besher/how-i-was-able-to-escalate-my-privileges-and-bypass-403-forbidden-17b8aea4cba6?source=rss------bug_bounty-5steve55555cybersecurity, bug-bounty, bug-bounty-tips20-Jul-2024
Kali Linux: Starting Out with Bug Bounty Huntinghttps://medium.com/@nimrashahidktk3/kali-linux-starting-out-with-bug-bounty-hunting-d7a0150645bd?source=rss------bug_bounty-5Nimra Shahidpenetration-testing, cybersecurity, kali-linux, bug-bounty20-Jul-2024
14.26 Lab: Reflected XSS with AngularJS sandbox escape and CSPhttps://cyberw1ng.medium.com/14-26-lab-reflected-xss-with-angularjs-sandbox-escape-and-csp-b98791b2a5a6?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, penetration-testing, bug-bounty, hacking20-Jul-2024
Complex Attack Types: Sample Scenarios 46https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-46-a6707ef9e910?source=rss------bug_bounty-5Baris Dincerpenetration-testing, cyberattack, bug-bounty, freedomofinternet, cybersecurity20-Jul-2024
The Type of Bug That We Can’t Seehttps://medium.com/illumination/the-type-of-bug-that-we-cant-see-82ff07cdcd71?source=rss------bug_bounty-5Quintius Walkercreative-writing, poetry-on-medium, poetry, bug-bounty, illumination20-Jul-2024
This is how i escalated self XSS with CSRFhttps://medium.com/@pvnk24/this-is-how-i-escalated-self-xss-with-csrf-80113ab3080e?source=rss------bug_bounty-5Pavan Kcybersecurity, bug-bounty, penetration-testing, security, pentesting20-Jul-2024
Basic Pentesting 1 Walkthroughhttps://erdemstar.medium.com/basic-pentesting-1-walkthrough-4e447a2ac35d?source=rss------bug_bounty-5Erdemstaroscp-preparation, oscp, bug-bounty, application-security, penetration-testing20-Jul-2024
Discovering an XML File Upload Vulnerability Lead to SSRF: My Bug Hunting Journeyhttps://javroot.medium.com/discovering-an-xml-file-upload-vulnerability-lead-to-ssrf-my-bug-hunting-journey-8e1bac89f60f?source=rss------bug_bounty-5Javrootxml, bug-bounty, vulnerability, cybersecurity, bug-bounty-tips20-Jul-2024
The Type of Bug That We Can’t Seehttps://medium.com/@The_StarHack3r/the-type-of-bug-that-we-cant-see-82ff07cdcd71?source=rss------bug_bounty-5Quintius Walkercreative-writing, poetry-on-medium, poetry, bug-bounty, illumination20-Jul-2024
14.25 Lab: Reflected XSS with AngularJS sandbox escape without stringshttps://cyberw1ng.medium.com/14-25-lab-reflected-xss-with-angularjs-sandbox-escape-without-strings-6ffac9f6bdf4?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, cybersecurity, careers19-Jul-2024
Subdomain Takeover on hatenablog.com (はてなブログ)https://medium.com/@daichiharada/subdomain-takeover-hatenablog-2cb3576bf881?source=rss------bug_bounty-5Daichi Haradasubdomain-takeover, security, bug-bounty19-Jul-2024
1000$ IDOR : Unauthorized Project Inclusion in Expensehttps://medium.com/@a13h1/1000-idor-unauthorized-project-inclusion-in-expense-b9ce08b28c71?source=rss------bug_bounty-5Abhi Sharmacybersecurity, idor, bug-bounty, broken-access-control, information-security19-Jul-2024
Information Disclosure that made me $2000 in under 5 minuteshttps://medium.com/@sugamdangal52/information-disclosure-that-made-me-2000-in-under-5-minutes-63e1ce00ca07?source=rss------bug_bounty-5Sugam Dangalinformation-disclosure, bug-bounty-writeup, bug-bounty, bug-bounty-tips19-Jul-2024
Common Technique To Exploit File Upload Vulnerabilityhttps://medium.com/@p00dl3/common-technique-to-exploit-file-upload-vulnerability-bf84beed7207?source=rss------bug_bounty-5p00dl3cybersecurity, bug-bounty, file-upload19-Jul-2024
Complete Cybersecurity Roadmap 2024 (Part-1)https://osintteam.blog/complete-cybersecurity-roadmap-2024-part-1-c69986288f16?source=rss------bug_bounty-5LogicTechcybersecurity, osint, bug-bounty, hacking, roadmaps19-Jul-2024
Hello …..https://medium.com/@rutujasoundale693/hello-4a42a834d006?source=rss------bug_bounty-5Rutujasoundalecybersecurity, bug-bounty19-Jul-2024
Complex Attack Types: Sample Scenarios 45https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-45-17057d9de6dd?source=rss------bug_bounty-5Baris Dincercybersecurity, bug-bounty, penetration-testing, freedomofinternet, cyberattack19-Jul-2024
Não Experimente a Tela Azul da Microsoft(BUG?)https://medium.com/@liviaxavier200317/n%C3%A3o-experimente-a-tela-azul-da-microsoft-bug-9f631ea24c8d?source=rss------bug_bounty-5Livia Xaviercrowdstrike, cibernéticos, bug-bounty, microsoft, bugs19-Jul-2024
Specialized Bug Sweeps for Unique Environmentshttps://medium.com/@siddiquiasad2299/specialized-bug-sweeps-for-unique-environments-43a1ea56930c?source=rss------bug_bounty-5Asad Siddiquibug-detection, tscm, bug-bounty, bug-sweep19-Jul-2024
Kursus Cyber Security Di Linuxhackingidhttps://medium.com/@linuxhackingid_official/kursus-cyber-security-di-linuxhackingid-dc4e52760661?source=rss------bug_bounty-5Linuxhackingidhacker, bug-bounty, cybersecurity, linuxhackingid, hacking18-Jul-2024
Top 50+ XSS Bug Bounty Writeups | Cross-Site Scripting(XSS) Attacks Reportshttps://medium.com/@proseizala/top-50-xss-bug-bounty-writeups-cross-site-scripting-xss-attacks-reports-700332ed6c87?source=rss------bug_bounty-5Proseizalahacker, hacking, bug-bounty, cybersecurity18-Jul-2024
Sub Domains Finder Toolshttps://medium.com/@proseizala/sub-domains-finder-tools-fefa2b44bb34?source=rss------bug_bounty-5Proseizalabug-bounty, cybersecurity, hacker18-Jul-2024
13.5 Lab: Exploiting server-side parameter pollution in a REST URLhttps://cyberw1ng.medium.com/13-5-lab-exploiting-server-side-parameter-pollution-in-a-rest-url-a1876056a5f6?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, bug-bounty, hacking, cybersecurity18-Jul-2024
Critical Logic Flaw Allows Overwrite of Any User Accounthttps://medium.com/@elcapitano7x/critical-logic-flaw-allows-overwrite-of-any-user-account-015b102e1da7?source=rss------bug_bounty-5Elcapitanobug-bounty, bug-bounty-tips, hackerone, bugbounty-writeup, hacking18-Jul-2024
How I Found and Bypassed a Spring Boot Actuator Information Disclosure Bughttps://cametom006.medium.com/how-i-found-and-bypassed-a-spring-boot-actuator-information-disclosure-bug-c4930b740a50?source=rss------bug_bounty-5Fahad Faisalbug-bounty18-Jul-2024
Summary Of The Basics of Web Hacking, PRT 2https://medium.com/@zghzwbcn/summary-of-the-basics-of-web-hacking-prt-2-e3d7bdbf902d?source=rss------bug_bounty-5Henrietta Awosoberekonbug-bounty, technology, cybersecurity, web-development, web-vulnerabilities18-Jul-2024
IDOR at the Get Payment Data Endpoint Leads to Personal Identifiable Information (PII) Disclosurehttps://medium.com/@blackarazi/idor-at-the-get-payment-data-endpoint-leads-to-personal-identifiable-information-pii-disclosure-7956c57058af?source=rss------bug_bounty-5Azhari Harahapapi-security, broken-access-control, application-security, bug-bounty-writeup, bug-bounty17-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-43)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-43-0699b919a514?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, hacking, cybersecurity, skills, bug-bounty17-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-42)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-42-4cb955de4cc7?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, bug-bounty, skills, hacking, cybersecurity17-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-41)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-41-7b2b5aed416c?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, cybersecurity, skills, bug-bounty, ethical-hacking17-Jul-2024
Why does you all guys think that you really need Python for hackinghttps://systemweakness.com/why-does-you-all-guys-think-that-you-really-need-python-for-hacking-b50b65238401?source=rss------bug_bounty-5Imran Niazprogramming-languages, penetration-testing, cybersecurity, data-science, bug-bounty17-Jul-2024
Temenos Transact Vulnerable to Reflected XSS (CVE-2022–38322)https://qotoz.medium.com/temenos-transact-vulnerable-to-reflected-xss-cve-2022-38322-7b1e2f681db1?source=rss------bug_bounty-5ِAshraf Harbcve, bug-bounty, penetration-testing, temenos17-Jul-2024
Bypassing Account Suspension Using Anonymous Posting | Facebook Bug Bountyhttps://ph-hitachi.medium.com/bypassing-account-suspension-using-anonymous-posting-facebook-bug-bounty-b204433c98d1?source=rss------bug_bounty-5Ph.Hitachibug-bounty, facebook-bug-bounty, bypass-restriction17-Jul-2024
Practical Bug Bounty — TCM Academy | Module 6https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-6-9cab8d004034?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamiethical-hacking, bug-bounty, cybersecurity, appsec, fuzzing17-Jul-2024
Default Credentials Leads to $1200 Bounty Reward (Quest NetVault CVE-2017–17417)https://medium.com/@tester333/default-credentials-leads-to-1200-bounty-reward-quest-netvault-cve-2017-17417-b34c6e0e7a86?source=rss------bug_bounty-5Testercybersecurity, bug-bounty-tips, bug-bounty, penetration-testing, ethical-hacking17-Jul-2024
The WordPress bug very few know about.https://osintteam.blog/the-wordpress-bug-very-few-know-about-1bf16ee4a2a6?source=rss------bug_bounty-5an0nbilwordpress, programming, vulnerability, web-development, bug-bounty17-Jul-2024
Exploiting Server-Side Parameter Pollution in a REST URLhttps://cyberw1ng.medium.com/exploiting-server-side-parameter-pollution-in-a-rest-url-0d52d4261c86?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, hacking, cybersecurity, bug-bounty17-Jul-2024
How Easily I Found My First P2 on Bugcrowdhttps://medium.com/@hashimamin/how-easily-i-found-my-first-p2-on-bugcrowd-ed827a79a50c?source=rss------bug_bounty-5Hashim Amincsrf, recon, csrf-bypass, bug-bounty-tips, bug-bounty17-Jul-2024
OS CTFhttps://medium.com/@Shaybaa/os-ctf-27cc9a8ab0cc?source=rss------bug_bounty-5Shaybaabug-bounty, web-security, idor-vulnerability17-Jul-2024
Hacker Himselfhttps://medium.com/@nnface/hacker-himself-01d4978e189c?source=rss------bug_bounty-5NnFacebugbounty-writeup, bug-bounty, hacking, cybersecurity, bug-bounty-tips17-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-40)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-40-f1b43fb596ae?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, cybersecurity, skills, ethical-hacking, bug-bounty16-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-39)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-39-740c7ada54ea?source=rss------bug_bounty-5Mehedi Hasan Rafidhacking, bug-bounty, cybersecurity, ethical-hacking, skills16-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-38)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-38-fa2ceb6f8bbd?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, ethical-hacking, cybersecurity, hacking, skills16-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-37)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-37-20111980eaa5?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, ethical-hacking, hacking, bug-bounty, cybersecurity16-Jul-2024
Exploiting CVE-2024–22274: A Deep Dive into VMware vCenter Server Vulnerabilities and Defense…https://systemweakness.com/exploiting-cve-2024-22274-a-deep-dive-into-vmware-vcenter-server-vulnerabilities-and-defense-5d79b44ed215?source=rss------bug_bounty-5Khaleel Khaninfosec, cybersecurity, ethical-hacking, hacking, bug-bounty16-Jul-2024
Complex Attack Types: Sample Scenarios 44https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-44-83d2bc9b2d7d?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, information-technology, cybersecurity, bug-bounty, cyberattack16-Jul-2024
How Use 6 Step To Find Ssrf — Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-use-6-step-to-find-ssrf-bug-bounty-tuesday-acc44d806c08?source=rss------bug_bounty-5kerstancybersecurity, hacking, bug-bounty16-Jul-2024
API Recon and Testing for Bug Bountyhttps://cyberw1ng.medium.com/api-recon-and-testing-for-bug-bounty-3969d1f90f5c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, penetration-testing, cybersecurity16-Jul-2024
Intro to Debugging Java Web Servers Without Source Code For Security Researchershttps://infosecwriteups.com/intro-to-debugging-java-web-servers-without-source-code-for-security-researchers-80ff00de4753?source=rss------bug_bounty-5Jayateertha Guruprasadbug-bounty, pentesting, cybersecurity, java, infosec16-Jul-2024
Reflected XSS via Base64-encoded on My college website.https://uzet.medium.com/reflected-xss-via-base64-encoded-on-my-college-website-2df9755b1856?source=rss------bug_bounty-5Timotius Benhurpenetration-testing, pentesting, bug-bounty, bug-hunting, bug-bounty-tips15-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-36)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-36-a8fd178e9b07?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, cybersecurity, hacking, bug-bounty, skills15-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-35)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-35-adbfa228814a?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cybersecurity, ethical-hacking, skills, hacking15-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-34)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-34-73069fab6ff6?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, ethical-hacking, bug-bounty, hacking, skills15-Jul-2024
My First Bounty: A story of a Blind SQL Injectionhttps://medium.com/@adebayosec/my-first-bounty-a-story-of-a-blind-sql-injection-69d9ad6716b6?source=rss------bug_bounty-5Victorioussql-injection, penetration-testing, cybersecurity, bug-bounty, burpsuite15-Jul-2024
CVE-2024–23692: A Critical Vulnerability in Rejetto HTTP File Serverhttps://infosecwriteups.com/cve-2024-23692-a-critical-vulnerability-in-rejetto-http-file-server-1df322a2e688?source=rss------bug_bounty-5ElNiakbug-bounty, python, cybersecurity, system, ssti15-Jul-2024
My First Bounty: A story of a Blind SQL Injectionhttps://medium.com/@adebayosec/my-first-bounty-a-story-of-a-blind-sql-injection-69d9ad6716b6?source=rss------bug_bounty-5Torioussql-injection, penetration-testing, cybersecurity, bug-bounty, burpsuite15-Jul-2024
Echidnahttps://medium.com/@Progsky/echidna-b9e454de096b?source=rss------bug_bounty-5Progskyhacking-tools, pentesting, penetration-testing, bug-bounty, blockchain15-Jul-2024
Complex Attack Types: Sample Scenarios 43https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-43-39deed779c6c?source=rss------bug_bounty-5Baris Dincerpenetration-testing, cyberattack, freedomofinternet, bug-bounty, cybersecurity15-Jul-2024
Understanding White Hat Hacking: The Guardians of Cybersecurityhttps://medium.com/@cosmiczoomies/understanding-white-hat-hacking-the-guardians-of-cybersecurity-87200caf5820?source=rss------bug_bounty-5GalaxyGoosecybersecurity, hacking, white-hat-hacker, bug-bounty, penetration-testing15-Jul-2024
11.9 Lab: Exploiting XXE to retrieve data by repurposing a local DTDhttps://cyberw1ng.medium.com/11-9-lab-exploiting-xxe-to-retrieve-data-by-repurposing-a-local-dtd-30f4098a7789?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, hacking, cybersecurity, bug-bounty15-Jul-2024
XSS Türleri için Test Case Yazmahttps://medium.com/@tugbaglsn/xss-t%C3%BCrleri-i%C3%A7in-test-case-yazma-1832eb0a27f9?source=rss------bug_bounty-5Tuğba Gülşencybersecurity, xss-attack, xss-vulnerability, bug-bounty15-Jul-2024
How to Easily Earn a $200 Bountyhttps://medium.com/@xiaodongsec/how-to-easily-earn-a-200-bounty-6e27eaaec13f?source=rss------bug_bounty-5Mu1berrybugcrowd, hacker, bug-bounty, money, vulnerability14-Jul-2024
Review: AppSec Pentesting eXpert (CAPenX) from The SecOps Grouphttps://medium.com/@p0lyxena/review-appsec-pentesting-expert-capenx-from-the-secops-group-eb5674e4bf8d?source=rss------bug_bounty-5Fuleki Ioanbug-bounty, penetration-testing, certification, cybersecurity, capenx14-Jul-2024
Detection Engineering: A Comprehensive Overviewhttps://medium.com/@paritoshblogs/detection-engineering-a-comprehensive-overview-92fc01973ce7?source=rss------bug_bounty-5Paritoshdetection-engineering, information-technology, cybersecurity, hacking, bug-bounty14-Jul-2024
Hunting for Firebase Enums in Android Applicationhttps://medium.com/@tanish.saxena26/hunting-for-firebase-enums-in-android-application-42b79e9b76f8?source=rss------bug_bounty-5Tanish Saxenacloud, bug-bounty, firebase, android, gcp14-Jul-2024
My First Critical Vulnerabilityhttps://medium.com/@0xchoudhary/my-first-critical-vulnerability-fd83a81f70b3?source=rss------bug_bounty-5Sushil Choudharybugbounty-writeup, bug-hunting, bug-bounty-tips, hackerone, bug-bounty14-Jul-2024
How I Can Get P1 Nasa easily — Dorkinghttps://0xc4thack.medium.com/how-i-can-get-p1-nasa-easily-dorking-c9c4a4cee251?source=rss------bug_bounty-50xc4tpentesting, nasa-vdp, pentest-web, bug-bounty, dorking14-Jul-2024
New York Flankees Room TryHackMe Walkthroughhttps://matsecurity.medium.com/new-york-flankees-room-tryhackme-walkthrough-ef6862c781f1?source=rss------bug_bounty-5MatSecctf-writeup, tryhackme-writeup, bug-bounty, tryhackme, tryhackme-walkthrough14-Jul-2024
The easiest admin panel bypasshttps://medium.com/@paraskhorwal9/the-easiest-admin-panel-bypass-4b6fb4d7d1ea?source=rss------bug_bounty-5Paraskhorwalbug-bounty, penetration-testing, admin-panel14-Jul-2024
Complex Attack Types: Sample Scenarios 42https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-42-d0a11c84cc73?source=rss------bug_bounty-5Baris Dincercyberattack, freedomofinternet, bug-bounty, penetration-testing, cybersecurity14-Jul-2024
New York Flankees TryHackMe Room Walkthrough: Step-by-Step Youtube Guidehttps://matsecurity.medium.com/new-york-flankees-room-tryhackme-walkthrough-ef6862c781f1?source=rss------bug_bounty-5MatSecctf-writeup, tryhackme-writeup, bug-bounty, tryhackme, tryhackme-walkthrough14-Jul-2024
Automate Subdomain Monitoringhttps://medium.com/@Aftab700/automate-subdomain-monitoring-171338c66dd5?source=rss------bug_bounty-5Aftab Samabug-bounty, monitoring, infosec, automation, hacking14-Jul-2024
What is XML external entity (XXE) injectionhttps://cyberw1ng.medium.com/what-is-xml-external-entity-xxe-injection-8914620c2d24?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, penetration-testing, careers14-Jul-2024
Escaping the Citrix Sandbox — Understanding Citrix Breakouthttps://medium.com/@suprajabaskaran8/escaping-the-citrix-sandbox-understanding-citrix-breakout-80320a3d44af?source=rss------bug_bounty-5Suprajabaskaranbug-bounty-tips, hacking, bug-bounty, pentesting, penetration-testing14-Jul-2024
Vulnerable WordPress June 2024 (Turkish delight)https://medium.com/@onhexgroup/vulnerable-wordpress-june-2024-turkish-delight-96cae8ef8161?source=rss------bug_bounty-5Onhexgroupbug-bounty, infosec, web-security, information-security, wordpress14-Jul-2024
Escaping the Citrix Sandbox — Understanding Citrix Breakouthttps://infosecwriteups.com/escaping-the-citrix-sandbox-understanding-citrix-breakout-80320a3d44af?source=rss------bug_bounty-5Suprajabaskaranbug-bounty-tips, hacking, bug-bounty, pentesting, penetration-testing14-Jul-2024
Airplane TryHackMe Room Walkthrough | MatSec Youtubehttps://matsecurity.medium.com/airplane-tryhackme-room-walkthrough-matsec-youtube-7fca40406a20?source=rss------bug_bounty-5MatSectryhackme-walkthrough, bug-bounty, tryhackme-writeup, tryhackme, ctf-writeup13-Jul-2024
10.7 Lab: SSRF with whitelist-based input filterhttps://cyberw1ng.medium.com/10-7-lab-ssrf-with-whitelist-based-input-filter-36db84b1a13d?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, hacking, cybersecurity, bug-bounty13-Jul-2024
Securing Crypto Company: Addressing Web 2.0 Vulnerabilitieshttps://metanetwebhostingsecurity.medium.com/securing-crypto-company-addressing-web-2-0-vulnerabilities-209bd7fc3d85?source=rss------bug_bounty-5metanetwebhosting securitycryptocurrency, cybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty13-Jul-2024
Linux Exploitation: Stack Smashinghttps://medium.com/@boogsta/linux-exploitation-stack-smashing-70c1bf6c13d2?source=rss------bug_bounty-5Boogstahacking, cybersecurity, bug-bounty, cyber, hacker13-Jul-2024
My First Bug: Gitingore exposure combined with 403 bypasshttps://medium.com/@nnface/my-first-bug-gitingore-exposure-combined-with-403-bypass-5db750e211ff?source=rss------bug_bounty-5NnFacebug-bounty, bug-bounty-tips, cybersecurity, hacking, low-hanging-fruit13-Jul-2024
Here is the story of how i found Stored XSS on a targethttps://medium.com/@pvnk24/here-is-the-story-of-how-i-found-stored-xss-on-a-target-7baaeed76765?source=rss------bug_bounty-5Pavan Kpenetration-testing, bug-bounty, pentesting, hacking, ethical-hacking13-Jul-2024
Complex Attack Types: Sample Scenarios 41https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-41-48e4f10a07ef?source=rss------bug_bounty-5Baris Dincerpenetration-testing, freedomofinternet, information-security, bug-bounty, cybersecurity13-Jul-2024
Email Update Restricted Bypasshttps://medium.com/@mahfujwhh/email-update-restricted-bypass-f6af935da67e?source=rss------bug_bounty-5mahfujwhhcybersecurity, bug-bounty13-Jul-2024
Credential stuffing in bug bountieshttps://bunny0417.medium.com/credential-stuffing-in-bug-bounties-d51b8e321135?source=rss------bug_bounty-5Aayush kumarcredential-stuffing, leaked-passwords, bug-bounty, darkweb, bugbounty-writeup12-Jul-2024
Can bug bounty be a full time career?https://medium.com/@shwetapapnai783/can-bug-bounty-be-a-full-time-career-5606f1ddd440?source=rss------bug_bounty-5Shweta Papnaisecurity, cybersecurity, technology, money, bug-bounty12-Jul-2024
The Hidden Pitfalls of Bug Bounties on Indian Government Sites: My First Experiencehttps://medium.com/@rolextital/the-hidden-pitfalls-of-bug-bounties-on-indian-government-sites-my-first-experience-9204312a8325?source=rss------bug_bounty-5Rolextitalhacking, bug-bounty, govt, idor12-Jul-2024
Firmware Analysis: Hands-on Guidehttps://hackerassociate.medium.com/firmware-analysis-hands-on-guide-19913a5166ca?source=rss------bug_bounty-5Harshad Shahbug-bounty, infosec, cybersecurity, hacking, iot12-Jul-2024
DΞX Points Festhttps://d3xxyz.medium.com/d%CE%BEx-points-fest-e39019566b3f?source=rss------bug_bounty-5DΞXairdrop, bounty-program, bug-bounty12-Jul-2024
Windows privilege escalation: Abusing npm’s design patterns to escalate your permissionshttps://medium.com/@demonia/windows-privilege-escalation-abusing-npms-design-patterns-to-escalate-your-permissions-da0ac6c96d72?source=rss------bug_bounty-5Mohammed Diefcybersecurity, npm, bug-bounty, windows, privilege-escalation12-Jul-2024
VULNERABILITY RESEARCHhttps://medium.com/@workwithsane/vulnerability-research-896c0ba07a57?source=rss------bug_bounty-5Sanebug-bounty, cybersecurity, bug-bounty-tips12-Jul-2024
My First Bug!!!Stored Cross Site Scripting(XSS)https://medium.com/@shahariarwalid/my-first-bug-stored-cross-site-scripting-xss-d84051ee4e86?source=rss------bug_bounty-5Shahariar Aminbug-bounty, xss-vulnerability, stored-xss12-Jul-2024
File Upload se kuch hatke : File Inclusion aur Path Traversal Vulnerabiliteshttps://medium.com/@yashprajapati791/file-upload-se-kuch-hatke-file-inclusion-aur-path-traversal-vulnerabilites-d10e16be0d7a?source=rss------bug_bounty-5Yash Virendra Prajapatipenetration-testing, bug-bounty, file-inclusion, vulnerability, file-upload12-Jul-2024
How i got Bug -XSShttps://medium.com/@basxth/how-i-got-bug-xss-8eec781ab58b?source=rss------bug_bounty-5Mohammed Basith K Bbug-bounty, xss-attack, google-dorking, xss-bypass, cybersecurity12-Jul-2024
Master Bug Bounty Hunting with Top Recon Toolshttps://medium.com/@labcodetech/master-bug-bounty-hunting-with-top-recon-tools-83516a4bcc54?source=rss------bug_bounty-5Codetech Labvulnerability, recon, bug-bounty, penetration-testing12-Jul-2024
NewLine Character Cause DoS: Folder & File Deletion Flawhttps://medium.com/@a13h1/newline-character-cause-dos-folder-file-deletion-flaw-8bec3079ed85?source=rss------bug_bounty-5Abhi Sharmacybersecurity, bug-bounty, programming, denial-of-service, infosec12-Jul-2024
10.6 Lab: Blind SSRF with Shellshock Exploitationhttps://cyberw1ng.medium.com/10-6-lab-blind-ssrf-with-shellshock-exploitation-a13e25b27dbc?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, cybersecurity, bug-bounty, penetration-testing12-Jul-2024
Setting up a private Burp Collaborator Serverhttps://medium.com/@AstroKrypTech/setting-up-a-private-burp-collaborator-server-71c55ff85815?source=rss------bug_bounty-5AstroKrypTechweb-application-security, bug-bounty-tips, bug-bounty12-Jul-2024
Git Gone Wrong: Application Compromise via Exposed .git Directoryhttps://medium.com/@cybersekler/git-gone-wrong-application-compromise-via-exposed-git-directory-392806b23435?source=rss------bug_bounty-5Cyber Seklerpenetration-testing, hacking, application-security, bug-bounty12-Jul-2024
RECON IS IMPORTANT !!! In Depth Recon Methodology Bug Bounty Part 01https://omarora1603.medium.com/recon-is-important-in-depth-recon-methodology-bug-bounty-part-01-2b69c3b168fe?source=rss------bug_bounty-5Om Aroramethodology, infosec, hacking, bug-bounty, bug-bounty-tips12-Jul-2024
NewLine Character Cause DoS: Folder & File Deletion Flawhttps://infosecwriteups.com/newline-character-cause-dos-folder-file-deletion-flaw-8bec3079ed85?source=rss------bug_bounty-5Abhi Sharmacybersecurity, bug-bounty, programming, denial-of-service, infosec12-Jul-2024
RECON IS IMPORTANT !!! In Depth Recon Methodology Bug Bounty Part 01https://infosecwriteups.com/recon-is-important-in-depth-recon-methodology-bug-bounty-part-01-2b69c3b168fe?source=rss------bug_bounty-5Om Aroramethodology, infosec, hacking, bug-bounty, bug-bounty-tips12-Jul-2024
How I Make Two SQL Injections Exploitable under the Magic Restricts in WordPresshttps://medium.com/@zpbrent/how-i-make-two-sql-injections-exploitable-under-the-magic-restricts-in-wordpress-817cd60dc80a?source=rss------bug_bounty-5Peng Zhouwordpress-plugins, wordpress, infosec, bug-bounty, web-security12-Jul-2024
آسیب پذیری های Jira را برطرف کنیدhttps://medium.com/@pardis.cloud/%D8%A2%D8%B3%DB%8C%D8%A8-%D9%BE%D8%B0%DB%8C%D8%B1%DB%8C-%D9%87%D8%A7%DB%8C-jira-%D8%B1%D8%A7-%D8%A8%D8%B1%D8%B7%D8%B1%D9%81-%DA%A9%D9%86%DB%8C%D8%AF-b28879e65c2e?source=rss------bug_bounty-5PardisCo Professional Tech Teamآسیبپذیری, bug-bounty, سرور, jira11-Jul-2024
How I Can Still See Your Image on Facebook After You Deleted It | Meta | BugBounty | 2024https://prathapilango.medium.com/how-i-can-still-see-your-image-on-facebook-after-you-deleted-it-meta-bugbounty-2024-3fa63022c4fc?source=rss------bug_bounty-5Prathapilangocybersecurity, meta, bug-bounty, bugbounty-writeup11-Jul-2024
Host Header Injectionhttps://medium.com/@nareshkumar76191/host-header-injection-bd6ffdafe1c0?source=rss------bug_bounty-5Nareshkumarred-team, hacker, bounty-program, bug-bounty, bug-bounty-tips11-Jul-2024
Admin panel Bypassed Just by reading “support team quotes”https://medium.com/@Ajakcybersecurity/admin-panel-bypassed-just-by-reading-support-team-quotes-5462538ea3a4?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, hacking, penetration-testing, ethical-hacking, cybersecurity11-Jul-2024
Cross-Account Profile Picture Deletion via CSRF Token Bypass paid me 500$.https://mustafa2.medium.com/cross-account-profile-picture-deletion-via-csrf-token-bypass-paid-me-500-60d5f4529a7b?source=rss------bug_bounty-5Hajusbug-bounty-tips, csrf-bypass, bug-bounty11-Jul-2024
A Revolutionary Bug Bounty Platform: Zero-Knowledge Proofs in Web3https://medium.com/@JohnnyTime/a-revolutionary-bug-bounty-platform-zero-knowledge-proofs-in-web3-5e9aaa536084?source=rss------bug_bounty-5Johnny Timebug-bounty, web3, bug-hunting, rewards, smart-contracts11-Jul-2024
Building an Ethical Hacking Playground at Homehttps://l00pinfinity.medium.com/building-an-ethical-hacking-playground-at-home-98439af54a78?source=rss------bug_bounty-5Collins K. Boitnetwork, hacking, security-analysts, ethical-hacking, bug-bounty11-Jul-2024
9.6 Lab: Partial construction race conditionshttps://cyberw1ng.medium.com/9-6-lab-partial-construction-race-conditions-303bfc70b5f8?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, penetration-testing, bug-bounty, careers11-Jul-2024
Practical Bug Bounty — TCM Academy | Module 5https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-5-508b7fad93f1?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamiinformation-security, appsec, cybersecurity, bug-bounty, penetration-testing11-Jul-2024
Disclose the email address and phone number of chinese business resellerhttps://gtm0x01.medium.com/disclose-the-email-address-and-phone-number-of-chinese-business-reseller-f882978b8733?source=rss------bug_bounty-5Gtm Mänôzbug-bounty-writeup, facebook, hacking, bug-bounty, facebook-bug-bounty11-Jul-2024
XSS Zafiyetleri Test Casehttps://medium.com/@beyzatekinli/xss-t%C3%BCrleri-test-case-18f91987fb63?source=rss------bug_bounty-5Beyzanur Tekinligallipoli, xss-vulnerability, bug-bounty, xss-attack, xss-challenge11-Jul-2024
Abusing CORS for an XSS on Flickrhttps://medium.com/@proseizala/abusing-cors-for-an-xss-on-flickr-a820e3f28083?source=rss------bug_bounty-5Proseizalabug-bounty, hacker, cybersecurity, bug-bounty-tips11-Jul-2024
No Way Out: Enforced and Inescapable Organizational Membershiphttps://0xmatrix.medium.com/no-way-out-enforced-and-inescapable-organizational-membership-a2247caa1790?source=rss------bug_bounty-5Mo2men Elmadyhacking, bug-bounty, cybersecurity, penetration-testing11-Jul-2024
Complex Attack Types: Sample Scenarios 40https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-40-117efeaeaf61?source=rss------bug_bounty-5Baris Dincercybersecurity, penetration-testing, bug-bounty, information-technology, freedomofinternet11-Jul-2024
No Way Out: Enforced and Inescapable Organizational Membershiphttps://0xmatrix.medium.com/no-way-out-enforced-and-inescapable-organizational-membership-125ae7f52d61?source=rss------bug_bounty-5Mo2men Elmadybug-bounty, hacking, penetration-testing, cybersecurity11-Jul-2024
Reconnaissance Basichttps://medium.com/@ronyhassan091101/reconnaissance-basic-bf292dc3b705?source=rss------bug_bounty-5M. Mahmudul Hassanbug-bounty11-Jul-2024
Cracking the Code: A Walkthrough of the W1seGuy Room on TryHackMehttps://matsecurity.medium.com/cracking-the-code-a-walkthrough-of-the-w1seguy-room-on-tryhackme-678673298429?source=rss------bug_bounty-5MatSeccybersecurity, bug-bounty, tryhackme-walkthrough, ethical-hacking, cryptography11-Jul-2024
Bypass CSRF Protectionhttps://medium.com/@dr4040x00/bypass-csrf-protection-707b81c04149?source=rss------bug_bounty-5Ahmed Mohamedcsrf-attack, xss-vulnerability, bug-bounty, csrf, xss-attack11-Jul-2024
Tryhackme W1seGuy Room Walkthrough | MatSec Youtubehttps://matsecurity.medium.com/cracking-the-code-a-walkthrough-of-the-w1seguy-room-on-tryhackme-678673298429?source=rss------bug_bounty-5MatSeccybersecurity, bug-bounty, tryhackme-walkthrough, ethical-hacking, cryptography11-Jul-2024
Bug Bounty Hunting 101: A Comprehensive Guide for Beginnershttps://cyberw1ng.medium.com/bug-bounty-hunting-101-a-comprehensive-guide-for-beginners-41fa78ff0bbd?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, cybersecurity, careers10-Jul-2024
Magix Bug Bounty: magix.com (RCE, SQLi) and xara.com (LFI, XSS)https://medium.com/@proseizala/magix-bug-bounty-magix-com-rce-sqli-and-xara-com-lfi-xss-c4e8492bbf3e?source=rss------bug_bounty-5Proseizalabug-bounty-tips, hackerone, cybersecurity, bug-bounty, hacking10-Jul-2024
Rate Limit Bypass $150https://medium.com/@mr_ayyan/rate-limit-bypass-150-d4fecc05d31b?source=rss------bug_bounty-5Mrayyanirfanrewards, rate-limit, bug-bounty, bugs, hunting10-Jul-2024
The most important HTTP security headershttps://medium.com/@ronyhassan091101/the-most-important-http-security-headers-be4238f181d7?source=rss------bug_bounty-5M. Mahmudul Hassanbug-bounty10-Jul-2024
Complex Attack Types: Sample Scenarios 39https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-39-5ed408a9075d?source=rss------bug_bounty-5Baris Dincerbug-bounty, information-security, penetration-testing, cybersecurity, freedomofinternet10-Jul-2024
Bug Bounty Program for Gluon on Ergohttps://news.stability.nexus/bug-bounty-program-for-gluon-on-ergo-0ca233ce2d9a?source=rss------bug_bounty-5Zahnentfernercrypto, cryptocurrency, stable-coin, blockchain, bug-bounty10-Jul-2024
Host Header Poisoning Vulnerability: A Critical Web Security Flawhttps://zierax.medium.com/host-header-poisoning-vulnerability-a-critical-web-security-flaw-1c2991177e8c?source=rss------bug_bounty-5Zieraxpenetration-testing, cybersecurity, bug-bounty, hacking, vulnerability10-Jul-2024
The Ultimate Guide to Finding and Escalating XSS Bugshttps://medium.com/@proseizala/the-ultimate-guide-to-finding-and-escalating-xss-bugs-22894ef03fc4?source=rss------bug_bounty-5Proseizalabug-bounty-tips, hacker, cybersecurity, bug-bounty, hacking10-Jul-2024
My First Bug Bountyhttps://vikasrai11.medium.com/my-first-bug-bounty-975c47b3f5b5?source=rss------bug_bounty-5Vikas Raiethical-hacking, security, vulnerability, hacking, bug-bounty10-Jul-2024
Exploiting IDOR Vulnerability in PostgRESThttps://aminudin.medium.com/exploiting-idor-vulnerability-in-postgrest-ba0e980032b7?source=rss------bug_bounty-5Aminudinbugs, bug-bounty-tips, writeup, bug-bounty10-Jul-2024
HackerOne 2FA Bypass Vulnerability Exposed!https://medium.com/@lucas.verdan/hackerone-2fa-bypass-vulnerability-exposed-f41f61d6e7be?source=rss------bug_bounty-5Lucas Verdancybersecurity, cyber-attack-prevention, hackerone, bug-bounty-tips, bug-bounty09-Jul-2024
Detecting and exploiting limit overrun race conditions with Burp Repeaterhttps://cyberw1ng.medium.com/detecting-and-exploiting-limit-overrun-race-conditions-with-burp-repeater-43c26128642d?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, bug-bounty, cybersecurity, hacking09-Jul-2024
Airbnb — When Bypassing JSON Encoding, XSS Filter, WAF, CSP, and Auditor turns into Eight…https://medium.com/@proseizala/airbnb-when-bypassing-json-encoding-xss-filter-waf-csp-and-auditor-turns-into-eight-92a004f1cbe8?source=rss------bug_bounty-5Proseizalahacker, bug-bounty-tips, cybersecurity, bug-bounty09-Jul-2024
XSS TÜRLERİ TEST CASEhttps://medium.com/@aarda418/xss-t%C3%BCrleri%CC%87-test-case-a4ab5849100f?source=rss------bug_bounty-5Arda Aslanxss-attack, bug-bounty, xss-vulnerability09-Jul-2024
Become a Digital Detective: Earn Dollars by Testing Apps and Websiteshttps://medium.com/@wnaim11/become-a-digital-detective-earn-dollars-by-testing-apps-and-websites-00a45433d3e8?source=rss------bug_bounty-5The EmpowHERtech Collectivetesting, software-testing, bugs, crowdtesting, bug-bounty09-Jul-2024
Complex Attack Types: Sample Scenarios 38https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-38-10e2ee4d4316?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, threat-intelligence, cybersecurity, penetration-testing, bug-bounty09-Jul-2024
Nmap Cheat Sheet For Penetration Testing.https://medium.com/@umarhere4u/nmap-cheat-sheet-for-penetration-testing-70b555b91285?source=rss------bug_bounty-5Mohammad Umar Kachiethical-hacking, penetration-testing, nmap, hacking, bug-bounty09-Jul-2024
Account Takeover via Weak Reset Token Entropyhttps://medium.com/@majix_de/account-takeover-via-weak-reset-token-entropy-c475268daae6?source=rss------bug_bounty-5Majixprogramming, penetration-testing, bugbounty-writeup, bug-bounty, python09-Jul-2024
Subdomain Enumerationhttps://medium.com/@ronyhassan091101/subdomain-enumeration-4370bac688e1?source=rss------bug_bounty-5M. Mahmudul Hassanbug-bounty09-Jul-2024
10 tips and questions to help you find secondary context bugs — Bug Bounty Tuesdayhttps://medium.com/@kerstan/10-tips-and-questions-to-help-you-find-secondary-context-bugs-bug-bounty-tuesday-b8b3f9173522?source=rss------bug_bounty-5kerstanhacking, bug-bounty, cybersecurity09-Jul-2024
What Is The Attacks On Session Layer!https://medium.com/@reemmoslem34/what-is-the-attacks-on-session-layer-d3ac90d9c4cb?source=rss------bug_bounty-5Rem Khalidcybersecurity, malware, bug-bounty, programming, security09-Jul-2024
What Is The Attacks On Presentation Layer !https://medium.com/@reemmoslem34/what-is-the-attacks-on-presentation-layer-d98cbde4005b?source=rss------bug_bounty-5Rem Khalidprogramming, security, cybersecurity, malware, bug-bounty09-Jul-2024
What Is The Attacks On Application Layer!https://medium.com/@reemmoslem34/%D8%B7%D9%8A%D8%A8-%D8%AA%D8%B9%D8%A7%D9%84%D9%88%D8%A7-%D8%A3%D8%AE%D8%AA%D8%B5%D8%B1-%D8%A7%D9%84%D8%AD%D9%88%D8%A7%D8%B1-6e6617528bba?source=rss------bug_bounty-5Rem Khalidsecurity, bug-bounty, cybersecurity, malware, programming09-Jul-2024
Unearthing Hidden Assets: The Power of Active DNS Brute Forcing in Subdomain Discoveryhttps://bunny0417.medium.com/unearthing-hidden-assets-the-power-of-active-dns-brute-forcing-in-subdomain-discovery-44ec7f1250d4?source=rss------bug_bounty-5Aayush kumarsubdomains-enumeration, infosec, dns-brute-forcing, bug-bounty-tips, bug-bounty09-Jul-2024
Bypassing Admin Authentication Website Kampushttps://uzet.medium.com/bypassing-admin-authentication-website-kampus-b59bc43b6c98?source=rss------bug_bounty-5Timotius Benhurbug-bounty-tips, penetration-testing, bug-hunting, programming, bug-bounty08-Jul-2024
Revolutionizing Content Issue Detection with CiBI: A Game-Changer in Automationhttps://argotriwidodo.medium.com/revolutionizing-content-issue-detection-with-cibi-a-game-changer-in-automation-1e0f0b6e8ce9?source=rss------bug_bounty-5Argo triwidodoqa, bug-bounty, ai, automation08-Jul-2024
Web3 Development: Key Security Considerationshttps://securrtech.medium.com/web3-development-key-security-considerations-5358015e767a?source=rss------bug_bounty-5Securrblockchain, security, securr, web3, bug-bounty08-Jul-2024
Discovering a Sigma SQLi Vulnerability in Explore CMS 1.0https://soltanali0.medium.com/discovering-a-sigma-sqli-vulnerability-in-explore-cms-1-0-f68599f0e5dd?source=rss------bug_bounty-5soltanali0sqli, programming, bug-bounty-tips, bug-bounty, hackerone08-Jul-2024
PII Disclosure on NASAhttps://medium.com/@psychomong/pii-disclosure-on-nasa-667a96d3c31c?source=rss------bug_bounty-5psychomongbugs, sensitive, hacker, bug-bounty, pii08-Jul-2024
Last week in tech 4th editionhttps://medium.com/@azefox/last-week-in-tech-4th-edition-ec091e853fd3?source=rss------bug_bounty-5Azefoxtech, cybersecurity, infosec, cloud, bug-bounty08-Jul-2024
Ctrl + U to Bounty: How I Found Sensitive Info in the Source Codehttps://rofes1337.medium.com/ctrl-u-to-bounty-how-i-found-sensitive-info-in-the-source-code-e583528ee2fe?source=rss------bug_bounty-5Yousef Muhammedelkhirbug-bounty-writeup, hackerone, bug-bounty, information-disclosure, bugbounty-poc08-Jul-2024
Complex Attack Types: Sample Scenarios 37https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-37-2cd4d68b23f6?source=rss------bug_bounty-5Baris Dincerbug-bounty, freedomofinternet, penetration-testing, information-security, cybersecurity08-Jul-2024
Burpsuite SQL Injection Lab 4(Uhttps://medium.com/@paradoxicalThief/burpsuite-sql-injection-lab-4-u-065f1592531f?source=rss------bug_bounty-5The Cyber Guybug-bounty, ctf, web-security, infosec, ethical-hacking08-Jul-2024
Partial construction race conditionshttps://cyberw1ng.medium.com/partial-construction-race-conditions-007c478c53af?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, bug-bounty, hacking, careers08-Jul-2024
Disguising Malicious Files to Look Like Normal EXE or PDFshttps://osintteam.blog/disguising-malicious-files-to-look-like-normal-exe-or-pdfs-d785e116e989?source=rss------bug_bounty-5Meerabellhacking, osint-tool, bug-bounty, cybersecurity, microsoft08-Jul-2024
IDOR in Multinational Retail Company Leading to Unauthorized Access and Modificationshttps://medium.com/@kamalinux/idor-in-multinational-retail-company-leading-to-unauthorized-access-and-modifications-e36f8ea9e859?source=rss------bug_bounty-5Kamalbug-bounty, application-security, cybersecurity, penetration-testing, web-security08-Jul-2024
Zero to OSWE: Navigating the Journey with HTBhttps://adipsharif.medium.com/zero-to-oswe-navigating-the-journey-with-htb-b1972b99a646?source=rss------bug_bounty-5ADIPbug-bounty, penetration-testing, bug-bounty-tips, infosec-write-ups, infosec08-Jul-2024
The world’s most expensive insect… weighs 5 grams and costs 75 lakhs, know why people are crazy…https://medium.com/@blogy.bub/the-worlds-most-expensive-insect-weighs-5-grams-and-costs-75-lakhs-know-why-people-are-crazy-ce77bc2d8204?source=rss------bug_bounty-5Blogy Hubbug-bounty, health, news, news-articles, bugs08-Jul-2024
Find XSS on the Fly ( Full guide )https://medium.com/@zack0x01_/find-xss-on-the-fly-full-guide-300f07fb86ae?source=rss------bug_bounty-5zack0x01hacking, bug-bounty-writeup, bug-bounty-tips, bug-bounty, bugbounty-poc08-Jul-2024
Escalating XSS in PhantomJS Image Rendering to SSRF/Local-File Readhttps://medium.com/@proseizala/escalating-xss-in-phantomjs-image-rendering-to-ssrf-local-file-read-9e11e94c480a?source=rss------bug_bounty-5Proseizalabug-bounty, bug-bounty-tips, hacking, cybersecurity08-Jul-2024
CVE-2024–34750 Apache Tomcat DoS vulnerability in HTTP/2 connectorhttps://medium.com/@proseizala/cve-2024-34750-apache-tomcat-dos-vulnerability-in-http-2-connector-54033187cd4b?source=rss------bug_bounty-5Proseizalacybersecurity, bugs, hacking, bug-bounty08-Jul-2024
I found an email verification bypasshttps://medium.com/@pvnk24/i-found-an-email-verification-bypass-982b00864366?source=rss------bug_bounty-5Pavan Kethical-hacking, security, web-security, penetration-testing, bug-bounty07-Jul-2024
Demystifying HTTP Parameters for beginnershttps://medium.com/@mrunoriginal/demystifying-http-parameters-for-beginners-219d5c65499e?source=rss------bug_bounty-5mrunoriginalinformation-security, web-application-security, web-application-hacking, bug-bounty, cybersecurity07-Jul-2024
Everything About CISM: Your Comprehensive Guide to the Certified Information Security Manager…https://medium.com/@mazharshadab292/everything-about-cism-your-comprehensive-guide-to-the-certified-information-security-manager-3d57969a066d?source=rss------bug_bounty-5Shadab Mazharcertification, cybersecurity, hacking, bug-bounty07-Jul-2024
Practical Bug Bounty — TCM Academy | Module 1https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-1-17dadeda56a0?source=rss------bug_bounty-5Mohammad Awab Hassan Nizamiinformation-security, tcm-security, bug-bounty, cybersecurity, ethical-hacking07-Jul-2024
Exposing Sensitive Data: A Journey into CDN Path Traversal Vulnerabilitieshttps://medium.com/@sulmanfarooq531/exposing-sensitive-data-a-journey-into-cdn-path-traversal-vulnerabilities-fec1c7917a86?source=rss------bug_bounty-5Sulman Farooq Sbug-bounty, cybersecurity, hacking, path-traversal, cdn07-Jul-2024
Hunting the Hunters: Exposing the Fake SBI YONO APKhttps://medium.com/@tirqwork1/hunting-the-hunters-exposing-the-fake-sbi-yono-apk-0dd979aad23f?source=rss------bug_bounty-5ARoyinformation-security, cybersecurity, bug-bounty, scammer-exposed, info-sec-writeups07-Jul-2024
Using ChatGPT for Bug Bounty and finding vulnerabilitieshttps://medium.com/@siratsami71/using-chatgpt-for-bug-bounty-and-finding-vulnerabilities-4a04de771a68?source=rss------bug_bounty-5Sirat Sami (analyz3r)hacker, chatgpt, bug-bounty, cybersecurity07-Jul-2024
Cracking the Runner: A Step-by-Step Guide to Hacking a Medium-Level Machine on Hack The Boxhttps://medium.com/@niranjanshinde2325/cracking-the-runner-a-step-by-step-guide-to-hacking-a-medium-level-machine-on-hack-the-box-ae6f55ca01bd?source=rss------bug_bounty-5Niranjanethical-hacking, hack-the-box-writeup, bug-bounty, penetration-testing, cybersecurity07-Jul-2024
8.6 Lab: Web shell upload via race conditionhttps://cyberw1ng.medium.com/8-6-lab-web-shell-upload-via-race-condition-1870707752d3?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, penetration-testing, cybersecurity07-Jul-2024
Avoid ‘OR 1=1’ while doing SQL Injection, Why?https://medium.com/@aaftaba.k47/avoid-or-1-1-while-doing-sql-injection-why-5e7cc0716ef3?source=rss------bug_bounty-5Aaftab A. Kadavaikarcybersecurity-awareness, bug-bounty, sql-injection, web-penetration-testing07-Jul-2024
How i got Cross-site Scripting (XSS)Reflected Using an unknown techniquehttps://medium.com/@0xmekky/how-i-got-cross-site-scripting-xss-reflected-using-an-unknown-technique-ca4984827465?source=rss------bug_bounty-5abdelrahem mekkyxss-vulnerability, xss-attack, bug-bounty07-Jul-2024
Race Conditions Attacks To limit bypasshttps://sharmajijvs.medium.com/race-conditions-attacks-to-limit-bypass-c9dee647145b?source=rss------bug_bounty-5Jay Sharmabug-report, bug-bounty-hunter, bug-bounty-tips, bug-bounty, bug-bounty-writeup07-Jul-2024
Complex Attack Types: Sample Scenarios 36https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-36-c648fd8d55bd?source=rss------bug_bounty-5Baris Dincerthreat-intelligence, penetration-testing, freedomofinternet, cybersecurity, bug-bounty07-Jul-2024
404 Not Found to Google cloud service account credentials disclosure!https://kumarmohank889.medium.com/404-not-found-to-google-cloud-service-account-credentials-disclosure-3b5f64e80fd5?source=rss------bug_bounty-5Mohan Kumar Nbug-bounty-tips, bug-bounty, infosec-write-ups, hacking, security-research07-Jul-2024
Bug Hunter? If only…https://medium.com/@ded3y3/bug-hunter-if-only-5fabca6cffb7?source=rss------bug_bounty-5cr00k3d3y3cybersecurity, bug-bounty, life07-Jul-2024
Stored XSS in PDF Viewerhttps://medium.com/@osamaavvan/stored-xss-in-pdf-viewer-9cc5b955de2b?source=rss------bug_bounty-5Osama Avvanbug-bounty, cybersecurity, pdf, xss-attack06-Jul-2024
Understanding and Preventing Server-Side Request Forgery (SSRF)https://medium.com/@ashhadali2019/understanding-and-preventing-server-side-request-forgery-ssrf-15d939dc9529?source=rss------bug_bounty-5Ashhadalissrf, bug-bounty, web, cybersecurity06-Jul-2024
MerlinChain Partners with BugRap, Launches $200,000 Bug Bounty to Enhance BTC Ecosystem Securityhttps://medium.com/@BugRap_Team/merlinchain-partners-with-bugrap-launches-200-000-bug-bounty-to-enhance-btc-ecosystem-security-17ef71444914?source=rss------bug_bounty-5BugRap Teamcrypto, security, web3, btc, bug-bounty06-Jul-2024
A Simple 2FA Bypasshttps://infosecwriteups.com/a-simple-2fa-bypass-43c8af9006ec?source=rss------bug_bounty-5hackerdevilbug-bounty, hacking, bug-bounty-tips, bug-bounty-writeup, penetration-testing06-Jul-2024
Complex Attack Types: Sample Scenarios 35https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-35-bc24cffb5f95?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, cybersecurity, information-technology, bug-bounty, penetration-testing06-Jul-2024
From Long-Term Hacking to Instant Rewards: Finding SQLi in 3 Minutes Worth $3125https://medium.com/@gguzelkokar.mdbf15/from-long-term-hacking-to-instant-rewards-finding-sqli-in-3-minutes-worth-3125-ac36c6e950bf?source=rss------bug_bounty-5Gökhan Güzelkokarsql, hacking, bug-bounty, hackerone, sql-injection06-Jul-2024
$500 for Cracking Invitation Code For Unauthorized Access & Account Takeoverhttps://medium.com/@a13h1/500-for-cracking-invitation-code-for-unauthorized-access-account-takeover-558c663fb947?source=rss------bug_bounty-5Abhi Sharmarate-limiting, bug-bounty, account-takeover, base64, cybersecurity06-Jul-2024
Rate Limit Bypass Due to Cryptographic Weaknesshttps://javroot.medium.com/rate-limit-bypass-due-to-cryptographic-weakness-2cdb3a112bba?source=rss------bug_bounty-5Javrootsecurity-token, bug-bounty, web, cryptography, research06-Jul-2024
Exploiting flawed validation of file uploadshttps://cyberw1ng.medium.com/exploiting-flawed-validation-of-file-uploads-8a089992e3a1?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, cybersecurity, penetration-testing06-Jul-2024
Identifying, ChronosCodeFail, a Critical Bug in the Dayforce Clock Systemhttps://medium.com/@quantumsquint/identifying-chronoscodefail-a-critical-bug-in-the-dayforce-clock-system-58cb98c00d32?source=rss------bug_bounty-5Quantum Squint Research Dept.developer-tools, penetration-testing, bug-bounty, regression-analysis, cybersecurity06-Jul-2024
Penjelasan Wifi Deauth Attack dan Demonstrasinyahttps://hack4funacademy.medium.com/penjelasan-wifi-deauth-attack-dan-demonstrasinya-1cecaca53915?source=rss------bug_bounty-5Hack4Fun Academyethical-hacking, wifi, cybersecurity, hacking, bug-bounty05-Jul-2024
BountyDork: Your Ultimate Automatic Dorking Testing Companion For Bug Bountyhttps://infosecwriteups.com/bountydork-your-ultimate-automatic-dorking-testing-companion-for-bug-bounty-b2bd41cb7344?source=rss------bug_bounty-5ElNiakgoogle-dork, python, bug-bounty, cybersecurity, technology05-Jul-2024
How to Install Bwapp in Virtualboxhttps://medium.com/@bhardwajshekhar/how-to-install-bwapp-in-virtualbox-6bf7f1ba9a0f?source=rss------bug_bounty-5Shekhar Bhardwajowasp-top-10, bwapp, pentesting, bug-bounty05-Jul-2024
How I Found Critical Bugs :: SQL Injection → Compromised 10+ Govt. website’s Whole Databases !!https://medium.com/@p.ra.dee.p_0xx01/how-i-found-critical-bugs-sql-injection-compromised-10-govt-websites-whole-databases-ad55899ff5db?source=rss------bug_bounty-5Professor0xx01cybersecurity, bug-bounty, offensive-security, penetration-testing, vdp05-Jul-2024
How to Find Subdomains Using Various Tools and Methodshttps://medium.com/@j0k3r01/how-to-find-subdomains-using-various-tools-and-methods-583a7311c897?source=rss------bug_bounty-5J0k3Rsubdomains-enumeration, recon, penetration-testing, bug-bounty, osint05-Jul-2024
Complex Attack Types: Sample Scenarios 34https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-34-48d60e2bb0fb?source=rss------bug_bounty-5Baris Dincerthreat-intelligence, penetration-testing, bug-bounty, cybersecurity, freedomofinternet05-Jul-2024
Everything About OSCP: A Comprehensive Guidehttps://medium.com/@mazharshadab292/everything-about-oscp-a-comprehensive-guide-36794d325e67?source=rss------bug_bounty-5Shadab Mazharhacking, bug-bounty, certification, programming05-Jul-2024
Penggunaan Tools Steghide, ExifTool dan Uji Coba Automation Scanner Bug Bounty (Dalfox)https://medium.com/@anggitaniaaurien/penggunaan-tools-steghide-exiftool-dan-uji-coba-automation-scanner-bug-bounty-dalfox-4fbe93e83eb3?source=rss------bug_bounty-5Anggitania Aurienbug-bounty, exiftool, xs, steghide, kxss05-Jul-2024
The PDF Trojan Horse: Leveraging HTML Injection for SSRF and Internal Resource Accesshttps://uchihamrx.medium.com/the-pdf-trojan-horse-leveraging-html-injection-for-ssrf-and-internal-resource-access-fbf69efcb33d?source=rss------bug_bounty-5Abdelrhman Amincybersecurity, web-penetration-testing, penetration-testing, bug-bounty, bug-bounty-tips05-Jul-2024
Unlocking the Power of Nmap: Your Ultimate Guide to Network Scanninghttps://medium.com/@josuofficial327/unlocking-the-power-of-nmap-your-ultimate-guide-to-network-scanning-3cb66fe66d75?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binuhacking, cybersecurity, bug-bounty, penetration-testing, linux05-Jul-2024
2.14 Lab: 2FA bypass using a brute-force attackhttps://cyberw1ng.medium.com/2-14-lab-2fa-bypass-using-a-brute-force-attack-ad74afd23fcd?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, penetration-testing, hacking05-Jul-2024
A Big Gmail Flaw: Sending Hidden Viruses in Gmail.https://medium.com/@azanulrana/a-big-gmail-flaw-sending-hidden-viruses-in-gmail-09b52dd891e9?source=rss------bug_bounty-50xazanulinfosec-write-ups, infosec, hackerone, bug-bounty05-Jul-2024
How I Found Critical Bugs :: SQL Injection → Compromised 10+ Govt. website’s Whole Databases !!https://medium.com/@p.ra.dee.p_0xx01/how-i-found-critical-bugs-sql-injection-compromised-10-govt-websites-whole-databases-ad55899ff5db?source=rss------bug_bounty-5Professor.0xx01cybersecurity, bug-bounty, offensive-security, penetration-testing, vdp05-Jul-2024
How to Use Google Dorks to Access Online Camerashttps://medium.com/@mirabelle.dib/how-to-use-google-dorks-to-access-online-cameras-251e83106f6b?source=rss------bug_bounty-5Meerabellinformation-security, cybersecurity, bug-bounty, hacking, google-dork05-Jul-2024
Nuclei Kullanımıhttps://medium.com/@sabriacun552/nuclei-kullan%C4%B1m%C4%B1-7038742dc53e?source=rss------bug_bounty-5Sabriacunvulnerability-scanning, cybersecurity, bug-bounty, penetration-testing05-Jul-2024
SSRF Vulnerability in HiTranslate: A Technical Breakdownhttps://medium.com/@security.tecno/ssrf-vulnerability-in-hitranslate-a-technical-breakdown-a5f517467a5b?source=rss------bug_bounty-5TECNO Securityhacking, security, bug-bounty, apps04-Jul-2024
Mastering Bug Bounty with Professor: Strategies for Successhttps://bughuntar.medium.com/mastering-bug-bounty-with-professor-strategies-for-success-436fac3c7e28?source=rss------bug_bounty-5Professor the Huntercybersecurity, professorthehunter, bug-bounty, bug-bounty-tips, bughuntar04-Jul-2024
Google launches $250,000 bug bounty, this time targeting KVM, a virtual machine elementhttps://medium.com/@tothe21century/google-launches-250-000-bug-bounty-this-time-targeting-kvm-a-virtual-machine-element-d73cfbd63243?source=rss------bug_bounty-5RICH CHOIbug-bounty04-Jul-2024
How I Found an IDOR Vulnerability in a Public Program on HackerOnehttps://medium.com/@muhammadfurqanoffical/how-i-found-an-idor-vulnerability-in-a-public-program-on-hackerone-44c6724b0292?source=rss------bug_bounty-5Muhammad Furqanbug-bounty-writeup, infosec-write-ups, bug-bounty, idor, hackerone04-Jul-2024
Apa itu XSS dan Bagaimana cara saya menemukan puluhan XSS Vulnerabilityhttps://hack4funacademy.medium.com/apa-itu-xss-dan-bagaimana-cara-saya-menemukan-puluhan-xss-vulnerability-46fba9491bba?source=rss------bug_bounty-5Hack4Fun Academyvulnerability, xss-attack, hacking, cybersecurity, bug-bounty04-Jul-2024
Understanding Request Smuggling: A Hidden Web Vulnerability (K-Edition)https://medium.com/@friendly_/understanding-request-smuggling-a-hidden-web-vulnerability-k-edition-6ffab38d5aa1?source=rss------bug_bounty-5Friendlyhacking, bug-bounty, bugbounty-writeup, bug-bounty-tips04-Jul-2024
How I Used Keylogger XSS to Capture Credentials Leading to ATOhttps://medium.com/@yyaminn/how-i-used-keylogger-xss-to-capture-credentials-leading-to-ato-06593e7a0798?source=rss------bug_bounty-5yyaminncybersecurity, bug-bounty, xss-attack, bugbounty-writeup, infosec04-Jul-2024
HACKBAR: A BROWSER EXTENSION FOR WEB SECURITY TESTINGhttps://medium.com/@Progsky/hackbar-a-browser-extension-for-web-security-testing-461b97d1a9e9?source=rss------bug_bounty-5Progskyhacking, bug-bounty, pentesting, penetration-testing, web-security04-Jul-2024
How I earned $500 bounty for privilege escalation vulnerability !!https://kumarmohank889.medium.com/how-i-earned-500-bounty-for-privilege-escalation-vulnerability-c42977abcc52?source=rss------bug_bounty-5Mohan Kumar Nhacking, bug-bounty, security, bug-bounty-tips, security-research04-Jul-2024
2.13 Lab: Broken brute-force protection, multiple credentials per requesthttps://cyberw1ng.medium.com/2-13-lab-broken-brute-force-protection-multiple-credentials-per-request-1beb6a85b12c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, hacking, bug-bounty, penetration-testing04-Jul-2024
Tools For Beginner Bug Hunter, Penetration Tester or Web Security Engineerhttps://medium.com/@a5adujjaman/tools-for-beginner-bug-hunter-penetration-tester-or-web-security-engineer-a5510748fc5a?source=rss------bug_bounty-5Asadujjaman Asifweb-security, penetration-testing, security, bug-bounty, hacking04-Jul-2024
0 star rating got me 40 EUR. MY first bug I got paid for.https://medium.com/@siyamhassan.main/0-star-rating-got-me-40-eur-my-first-bug-i-got-paid-for-18417f76a707?source=rss------bug_bounty-52004siyam_hassanbug-bounty, bunty04-Jul-2024
IDOR to change other’s Account Namehttps://codingninjablogs.tech/idor-to-change-others-account-name-43ddf7cfe429?source=rss------bug_bounty-5#$ubh@nk@ridor, hacking, bug-bounty, infosec, web-security04-Jul-2024
The Problem With Bug Bountieshttps://kf106.medium.com/the-problem-with-bug-bounties-0c5d956411d8?source=rss------bug_bounty-5Keir Finlow-Batesbug-bounty, bug-bounty-program, hacking, computer-security, cryptocurrency04-Jul-2024
Mass Hunting XSS vulnerabilitieshttps://systemweakness.com/mass-hunting-xss-vulnerabilities-8d4785968727?source=rss------bug_bounty-5Imran Niazcross-site-scripting, bug-bounty-hunter, bug-bounty, bug-bounty-tips, xss-vulnerability04-Jul-2024
0 star rating got me 40 EUR. MY first bug I got paid for.https://medium.com/@siyamhassan.main/0-star-rating-got-me-40-eur-my-first-bug-i-got-paid-for-18417f76a707?source=rss------bug_bounty-5Clasherbug-bounty, bunty04-Jul-2024
IDOR vulnerability allow attacker to make a checkout order on behalf of other usershttps://medium.com/@omarataallah98/idor-vulnerability-allow-attacker-to-make-an-order-checkout-on-behalf-other-users-accounts-2bdc4c7b8eca?source=rss------bug_bounty-5Omarataallahsecurity-testing, hacking, bug-bounty, hacks, idor-vulnerability03-Jul-2024
How to find wildcard bug bounty assets owned by a company.https://medium.com/@tom.sh/how-to-find-wildcard-bug-bounty-assets-owned-by-a-company-991db585a554?source=rss------bug_bounty-5Tombug-bounty, recon, reconnaissance, cybersecurity, hacking03-Jul-2024
26.1 Lab: Exploiting LLM APIs with excessive agencyhttps://cyberw1ng.medium.com/26-1-lab-exploiting-llm-apis-with-excessive-agency-bb94aa506893?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, hacking, cybersecurity, penetration-testing03-Jul-2024
Complex Attack Types: Sample Scenarios 32https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-32-7c47b8e5d139?source=rss------bug_bounty-5Baris Dincercybersecurity, bug-bounty, threat-intelligence, penetration-testing, freedomofinternet03-Jul-2024
Mobile App Testing with Android Studio & Fridahttps://medium.com/@jaylinscorner/mobile-app-testing-with-android-studio-frida-b65484121ba6?source=rss------bug_bounty-5Jaylin Nelsonbug-bounty, penetration-testing, cybersecurity, mobile-app-testing, frida03-Jul-2024
Blind OS Command Injection with time delays from Theory to Practical POChttps://medium.com/@dhruvsingh0203/hola-hackers-im-dhruv-singh-a-cybersecurity-enthusiast-passionate-about-exploring-the-depths-834a9d140115?source=rss------bug_bounty-5Dhruv Singhethical-hacking, command-injection, bug-bounty, hacking03-Jul-2024
IDOR vulnerability allow attacker to make a checkout order on behalf of other usershttps://medium.com/@Bug_Bounty/idor-vulnerability-allow-attacker-to-make-a-checkout-order-on-behalf-of-other-users-397b16ece8fc?source=rss------bug_bounty-5Bug Bountybug-bounty, bountytips, togetherwehitharder, idor03-Jul-2024
Meta MFA bypass security bug was turned down, calling it a feature! What do you think?https://medium.com/@kannnannmk/meta-mfa-bypass-security-bug-was-turned-down-calling-it-a-feature-what-do-you-think-9663e7c5a65e?source=rss------bug_bounty-5Neelamegha Kannan Sbug-bounty-tips, bug-bounty, cybersecurity, penetration-testing, meta03-Jul-2024
Aylık Özet Haziran 2024: Incognitee Hata Ödülü Lansmanı, Polkadot Hazine Teklifi ve Daha Fazlasıhttps://medium.com/@integriteetr/ayl%C4%B1k-%C3%B6zet-haziran-2024-incognitee-hata-%C3%B6d%C3%BCl%C3%BC-lansman%C4%B1-polkadot-hazine-teklifi-ve-daha-fazlas%C4%B1-22beabdf77aa?source=rss------bug_bounty-5Integriteetrintegritee, bug-bounty, blockchain, polkadot, wrap-up03-Jul-2024
PortSwigger LABs- SQL Injectionhttps://medium.com/@1dnz/lab-sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-ec0d03f83574?source=rss------bug_bounty-5H-ACK-inghacks, portswigger-lab, bug-bounty, hacking03-Jul-2024
A story of a nice SSRF vulnerability.https://medium.com/@oXnoOneXo/a-story-of-a-nice-ssrf-vulnerability-51e16ff6a33f?source=rss------bug_bounty-5oXnoOneXohackerone, bug-bounty, ssrf03-Jul-2024
#IBRAHIMXSS TOOL RELEASEhttps://ibrahimxss.medium.com/ibrahimxss-tool-release-97ba90fc3419?source=rss------bug_bounty-5#IbrahimXSSxss-challenge, xss-bypass, xss-attack, xss-vulnerability, bug-bounty03-Jul-2024
How I Discovered Authentication Bypass That Blocks Users from Accessing the Website ?https://sayedv2.medium.com/how-i-discovered-authentication-bypass-that-blocks-users-from-accessing-the-website-93140fa180ac?source=rss------bug_bounty-5Mohamed Sayedbug-bounty-writeup, bug-bounty-tips, hackerone, authentication, bug-bounty03-Jul-2024
Bypassing Input Validation $0 - $1000https://medium.com/@mdnafeed3/bypassing-input-validation-0-1000-799682d547ba?source=rss------bug_bounty-5H4cker-Nafeedtechnology, infosec, cybersecurity, bug-bounty02-Jul-2024
Understanding Admin Login Bypass: A Critical Security Discussionhttps://farrosfr.medium.com/understanding-admin-login-bypass-a-critical-security-discussion-2641e54e60fd?source=rss------bug_bounty-5Mochammad Farros Fatchur Rojiphp, programming, bug-bounty, web, cybersecurity02-Jul-2024
Do Hackers Really Need Coding Skills? Let’s Understand . . .https://d3athcod3.medium.com/do-hackers-really-need-coding-skills-lets-understand-51e60e16c978?source=rss------bug_bounty-5D3athCod3technology, hacking, cybersecurity, bug-bounty, computer-science02-Jul-2024
18.4 Lab: Arbitrary object injection in PHPhttps://cyberw1ng.medium.com/18-4-lab-arbitrary-object-injection-in-php-30a164de4595?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, hacking, cybersecurity02-Jul-2024
Secret phishing bug google dont want you to knowhttps://medium.com/@eyaalgabay/secret-phishing-bug-google-dont-want-you-to-know-4d6d7616fa3f?source=rss------bug_bounty-5Eyaalgabayweb-hacking, bug-bounty, hacking, cybersecurity, unicode02-Jul-2024
LendingOwl introduces Bug Bounty Program.https://medium.com/@valeriecameron70/lendingowl-introduces-bug-bounty-program-739910791826?source=rss------bug_bounty-5Valerie Cameronlending, fintech, p2p, bug-bounty, news-articles02-Jul-2024
How I found IDOR in NASAhttps://infosecwriteups.com/how-i-found-idor-in-nasa-4186a03455b4?source=rss------bug_bounty-5Eslam Omarhacking, bug-bounty, bug-bounty-tips, nasa02-Jul-2024
AT&T Bug Bounty Program Scopehttps://medium.com/@imusabkhan/at-t-bug-bounty-program-scope-ae256fbf1bf9?source=rss------bug_bounty-5Mohammad Musab Khanbug-bounty, ethical-hacking, att, writeup, hackerone02-Jul-2024
Monthly Wrap-Up June 2024: Incognitee Bug Bounty Launch, Polkadot Treasury Proposal & Morehttps://medium.com/integritee/monthly-wrap-up-june-2024-incognitee-bug-bounty-launch-polkadot-treasury-proposal-more-c3623df413d4?source=rss------bug_bounty-5Integritee Networkbug-bounty, integritee, polkadot, wrap-up, blockchain02-Jul-2024
How to Find Your First CVE: A Guide for Aspiring Security Researchershttps://medium.com/@khammassilouay21/how-to-find-your-first-cve-a-guide-for-aspiring-security-researchers-c1e5eb9e819a?source=rss------bug_bounty-5Khammassilouaycve, web-security, bug-bounty, cybersecurity02-Jul-2024
Self XSS + Login CSRF + OAuth = Account Takeoverhttps://medium.com/@l_s_/self-xss-login-csrf-oauth-account-takeover-6357f3395b49?source=rss------bug_bounty-5LSbug-bounty, xss-attack, oauth, csrf, hacking02-Jul-2024
INFORMATION DISCLOSURE THROUGH AN ORGANIZATION’S NETWORKhttps://hackhive.medium.com/information-disclosure-through-an-organizations-network-1f4e0bac1c55?source=rss------bug_bounty-5HackHivebug-bounty, pentesting, vulnerability-assessment, information-security, information-disclosure02-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-33)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-33-31e20416b7aa?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, cybersecurity, hacking, ethical-hacking, bug-bounty02-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-32)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-32-044ea32fd931?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, hacking, skills, cybersecurity, bug-bounty02-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-31)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-31-401155afb539?source=rss------bug_bounty-5Mehedi Hasan Rafidcybersecurity, skills, hacking, bug-bounty, ethical-hacking02-Jul-2024
File upload to RCE — Bug Bounty Tuesdayhttps://medium.com/@kerstan/file-upload-to-rce-bug-bounty-tuesday-f8dda0ed4077?source=rss------bug_bounty-5kerstanhacking, cybersecurity, bug-bounty02-Jul-2024
The Dark Side of Contact Forms: How I Identified 7 CVEs in WordPress Pluginshttps://dropn0w.medium.com/the-dark-side-of-contact-forms-how-i-identified-7-cves-in-wordpress-plugins-30f6111dfebf?source=rss------bug_bounty-5dropbug-bounty, hacking, information-security, wordpress, cybersecurity02-Jul-2024
How to Find Your First CVE: A Guide for Aspiring Security Researchershttps://systemweakness.com/how-to-find-your-first-cve-a-guide-for-aspiring-security-researchers-c1e5eb9e819a?source=rss------bug_bounty-5Khammassilouaycve, web-security, bug-bounty, cybersecurity02-Jul-2024
How to Use Google Dorks to Find Vulnerabilitieshttps://medium.com/@meerabell/how-to-use-google-dorks-to-find-vulnerabilities-da782f05826e?source=rss------bug_bounty-5Meerabellhacking, information-security, bug-bounty, google-dork, cybersecurity02-Jul-2024
Exploiting Response Manipulation for Account Takeoverhttps://medium.com/@sdarmwal17/exploiting-response-manipulation-for-account-takeover-b19ce1494109?source=rss------bug_bounty-5Shubham Darmwalotp-bypass, cybersecurity, account-takeover, bug-bounty, response-manipulation02-Jul-2024
Complex Attack Types: Sample Scenarios 31https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-31-b4f0ee2f90ac?source=rss------bug_bounty-5Baris Dincerbug-bounty, cybersecurity, active-directory, penetration-testing, freedomofinternet02-Jul-2024
How to Use Google Dorks to Find Vulnerabilitieshttps://medium.com/@mirabelle.dib/how-to-use-google-dorks-to-find-vulnerabilities-da782f05826e?source=rss------bug_bounty-5Meerabellhacking, information-security, bug-bounty, google-dork, cybersecurity02-Jul-2024
Effective XSS methodology : The true way to hunt XSShttps://xdead4f.medium.com/effective-xss-methodology-the-true-way-to-hunt-xss-4f4d740035cc?source=rss------bug_bounty-50xdead4fxss-attack, bug-hunting, bug-bounty, cybersecurity01-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-29)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-29-d5e656812d96?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, cybersecurity, bug-bounty, hacking, skills01-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-28)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-28-ae3cb3e93960?source=rss------bug_bounty-5Mehedi Hasan Rafidskills, bug-bounty, cyber-security-awareness, ethical-hacking, hacking01-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-27)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-27-f5c03938d8fb?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, cyber-security-awareness, ethical-hacking, hacking, bug-bounty-tips01-Jul-2024
Understanding and Mitigating Smart Contract Vulnerabilitieshttps://securrtech.medium.com/understanding-and-mitigating-smart-contract-vulnerabilities-291b7fe168f2?source=rss------bug_bounty-5Securrvulnerability, bug-bounty, cybersecurity, securr, smart-contracts01-Jul-2024
18.3 Using application functionality to exploit insecure deserializationhttps://cyberw1ng.medium.com/18-3-using-application-functionality-to-exploit-insecure-deserialization-d6f18fe4811c?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, penetration-testing, bug-bounty, careers01-Jul-2024
Phishing or What?? How I Got Access to the Internal Email of a Companyhttps://infosecwriteups.com/phishing-or-what-how-i-got-access-to-the-internal-email-of-a-company-a098fb08728?source=rss------bug_bounty-5whit3ros3infosec, ethical-hacking, hacking, bug-bounty, bug-bounty-tips01-Jul-2024
Bug Bounty Hunting — Complete Guide (Part-30)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-30-e3519045da6d?source=rss------bug_bounty-5Mehedi Hasan Rafidethical-hacking, skills, cybersecurity, bug-bounty, hacking01-Jul-2024
Unmasking the Danger: Open Redirection via Referer Headerhttps://medium.com/@sulmanfarooq531/unmasking-the-danger-open-redirection-via-referer-header-a527ab4e7be1?source=rss------bug_bounty-5Sulman Farooq Scybersecurity, bug-bounty, hacking, open-redirect01-Jul-2024
How I Found CVE-2019-9826 on one of famous crypto company. $$$$https://medium.com/@a7madhacck/how-i-found-cve-2019-9826-on-one-of-famous-crypto-company-f23d9ba69861?source=rss------bug_bounty-5Ahmad Yussefbug-bounty-writeup, cybersecurity, bug-bounty-tips, hacking, bug-bounty01-Jul-2024
3 Easy cash via cachehttps://medium.com/@mohamed0xmuslim/3-easy-cash-via-cache-99d600565ac5?source=rss------bug_bounty-5Muhammad_Mostafabug-bounty01-Jul-2024
Story of a 1000$ Open Redirecthttps://infosecwriteups.com/story-of-a-1000-open-redirect-1405fb8a0e7a?source=rss------bug_bounty-5Debangshu Kunducybersecurity, medium, bug-bounty, hacking, technology01-Jul-2024
‍Hacking Hidden Gems: Content Discovery with Webseekhttps://medium.com/@hackertam1/hacking-hidden-gems-content-discovery-with-webseek-cf5a00c97d72?source=rss------bug_bounty-5Tahir Mujawarcybersecurity, bug-bounty, recon, ethical-hacking, penetration-testing01-Jul-2024
How I found Bug on NASAhttps://medium.com/@psychomong/how-i-found-bug-on-nasa-b2408e14aa17?source=rss------bug_bounty-5psychomongbug-bounty, real-world-bug-hunting, nasa, hacking, hacker01-Jul-2024
My 60 Days Journey To Find My First Bughttps://medium.com/@binarysleuth247/my-60-days-journey-to-find-my-first-bug-59a2e676fda8?source=rss------bug_bounty-5binarysleuth247bug-bounty01-Jul-2024
VPS -Virtual Private Server-https://medium.com/@haticezkmnl/vps-virtual-private-server-f37ffab2f3f1?source=rss------bug_bounty-5Hatice Zehra Kamanlıservers, website, bug-bounty, public, vps01-Jul-2024
THM — Blog walkthroughhttps://medium.com/@riickyrick/thm-blog-walkthrough-21f2844eafda?source=rss------bug_bounty-5Riickythm, bug-bounty, metasploit, wordpress, writeup01-Jul-2024
Mengumpulkan javascript file pada suatu websites untuk menemukan information disclosurehttps://hack4funacademy.medium.com/mengumpulkan-javascript-file-pada-suatu-websites-untuk-menemukan-information-disclosure-8126fcccd77d?source=rss------bug_bounty-5Hack4Fun Academypentesting, cybersecurity, bug-bounty, bug-bounty-tips, hacking30-Jun-2024
XSS Deep Learning and Test Case Preparationhttps://medium.com/@barsavak/xss-deep-learning-and-test-case-preparation-3f796a7ad5ed?source=rss------bug_bounty-5bariss30bug-bounty-tips, bug-bounty, xss-vulnerability30-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-26)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-26-49760a380496?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty-program, bug-bounty30-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-25)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-25-25328dcc629f?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-hunter, bug-bounty-writeup, bug-bounty-program, bug-bounty, bug-bounty-tips30-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-24)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-24-17e137c514ed?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-hunter, bug-bounty-program, bug-bounty-tips, bug-bounty, bug-bounty-writeup30-Jun-2024
The Only Methodology you need to Know to earn $$$$ in Bug Bounty in your First Dayhttps://xdead4f.medium.com/the-only-methodology-you-need-to-know-to-earn-in-bug-bounty-in-your-first-day-e8a361c89eb5?source=rss------bug_bounty-50xdead4fbug-bounty, side-hustle, bug-bounty-methodology30-Jun-2024
Guide to Using ffufhttps://medium.com/@learntheshell/guide-to-using-ffuf-74824770076b?source=rss------bug_bounty-5LearnTheShellbug-bounty, cybersecurity, fuzzing, hacking, linux30-Jun-2024
Bug Report from Product Testing https://hng.tech/https://medium.com/@teslimahsalahudeen/bug-report-from-product-testing-https-hng-tech-98e290fe3c0e?source=rss------bug_bounty-5CyberGoodness^product-testing, bug-bounty, security30-Jun-2024
XSS TEST CASE TASKhttps://medium.com/@avar.talha08/xss-test-case-task-7a4bfd5b223a?source=rss------bug_bounty-5Talha Acarbug-bounty-writeup, bug-bounty, php30-Jun-2024
Cisco Finesse Remote File Inclusion (CVE-2024–20405)https://0x3zzat.medium.com/cisco-finesse-remote-file-inclusion-cve-2024-20405-7947c3327e0c?source=rss------bug_bounty-5Abd El Rahman Ezzatcve, penetration-testing, bug-bounty, cve-2024-20405, cisco30-Jun-2024
Cisco Finesse Server Side Request Forgery (CVE-2024–20404)https://0x3zzat.medium.com/cisco-finesse-server-side-request-forgery-cve-2024-20404-5d74b449a4a2?source=rss------bug_bounty-5Abd El Rahman Ezzatcve-2024-20404, penetration-testing, cve, cisco, bug-bounty30-Jun-2024
18.2 Modifying Serialized Data Typeshttps://cyberw1ng.medium.com/18-2-modifying-serialized-data-types-726426fb3350?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, cybersecurity, bug-bounty, penetration-testing30-Jun-2024
XSS 101: XSS Nedir ?https://medium.com/@kormorphus/xss-101-xss-nedir-15b04f7e4269?source=rss------bug_bounty-5Kormorphusbug-bounty, cybersecurity, xss-attack30-Jun-2024
How to use Cheat Engine on Opera Gxhttps://medium.com/@MrRipperoni/how-to-use-cheat-engine-on-opera-gx-ea6b121f0301?source=rss------bug_bounty-5Mr.Ripperoniprogramming, bug-bounty, hacking, gamehacking, hacking-tools30-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-23)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-23-9f3497d279f1?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter, bug-bounty-program, bug-bounty29-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-22)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-22-8edd54306b83?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty-program, bug-bounty-hunter, bug-bounty-writeup, bug-bounty29-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-21)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-21-e008298773da?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-writeup, bug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-program29-Jun-2024
XSS TEST CASEhttps://medium.com/@aarda418/xss-test-case-6158aad30604?source=rss------bug_bounty-5Arda Aslanbug-bounty-tips, xss-vulnerability, bug-bounty29-Jun-2024
14.9 Lab: CSRF where token is tied to non-session cookiehttps://cyberw1ng.medium.com/14-9-lab-csrf-where-token-is-tied-to-non-session-cookie-926338db4ba7?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, hacking, cybersecurity, bug-bounty29-Jun-2024
Using AI to hunt for XSS.https://medium.com/@deadoverflow/using-ai-to-hunt-for-xss-e04ba8d32ba8?source=rss------bug_bounty-5Imad Husanoviccybersecurity, ethical-hacking, bug-bounty-tips, bug-bounty, hacking29-Jun-2024
XSS TEST CASEhttps://medium.com/@mehmetfarisacar/xss-test-case-199e0bec59a6?source=rss------bug_bounty-5Mehmet Faris Acarbug-bounty, xss-vulnerability, bug-bounty-tips29-Jun-2024
LEARNING PROCESS module from HTB بالعربيhttps://medium.com/@am3002297/learning-process-module-from-htb-%D8%A8%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A-37675b8144b0?source=rss------bug_bounty-530obdcybersecurity, bug-bounty29-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-19)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-19-7dfd1bd2d1ba?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-program28-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-18)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-18-5179747f60c3?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty, bug-bounty-writeup, bug-bounty-hunter, bug-bounty-program28-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-20)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-20-a60e30106e0c?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-program, bug-bounty-writeup, bug-bounty-hunter, bug-bounty, bug-bounty-tips28-Jun-2024
Race Condition Vulnerability to bypass email confirmationhttps://medium.com/@siratsami71/race-condition-vulnerability-to-bypass-email-confirmation-2af8d916fe61?source=rss------bug_bounty-5Sirat Sami (analyz3r)hacking, bug-bounty, cybersecurity28-Jun-2024
XSS Zafiyeti Hakkında:https://medium.com/@hhuseyinuyar17/xss-zafiyeti-hakk%C4%B1nda-98b5849d4700?source=rss------bug_bounty-5Hhuseyinuyarreflected-xss, xss-attack, dom-xss, stored-xss, bug-bounty28-Jun-2024
An Easy RACE CONDITION Bug That Made Me Famehttps://medium.com/@hashimamin/an-easy-race-condition-bug-that-made-me-fame-97d6921ae7f4?source=rss------bug_bounty-5Hashim Aminvulnerability, race-condition, infosec, bugbounty-writeup, bug-bounty28-Jun-2024
Why is programming so important in bug bounty?https://medium.com/@deadoverflow/why-is-programming-so-important-in-bug-bounty-b7d7889ae026?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, cybersecurity, programming, bug-bounty, hacking28-Jun-2024
HTML Injection — HTB labhttps://zhunter12.medium.com/html-injection-htb-lab-cd7bdcd8fd93?source=rss------bug_bounty-5Oscar Romerohtb-academy, htb, html-injection, cybersecurity, bug-bounty28-Jun-2024
14.8 Lab: CSRF where token is duplicated in cookiehttps://cyberw1ng.medium.com/14-8-lab-csrf-where-token-is-duplicated-in-cookie-d688fd0ac2ac?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, cybersecurity, bug-bounty, careers28-Jun-2024
0-click Account Takeover (ATO) via Google Authenticationhttps://medium.com/@elcapitano7x/0-click-account-takeover-ato-via-google-authentication-b63a01a80a03?source=rss------bug_bounty-5Elcapitanobug-bounty-tips, hackerone, bug-bounty-writeup, account-takeover, bug-bounty28-Jun-2024
[Bounty Weekend] Phone Verification Bypass With Business Logic Vulnerabilityhttps://medium.com/@rifqihz/bounty-weekend-phone-verification-bypass-with-business-logic-vulnerability-1b2844b93d5a?source=rss------bug_bounty-5Rifqi Hilmy Zhafranthackerone, writeup, bug-bounty28-Jun-2024
Writeup: Discovering and Exploiting XSS Vulnerabilities — My First Bug Hunting Rewardhttps://medium.com/@heyrm/writeup-discovering-and-exploiting-xss-vulnerabilities-my-first-bug-hunting-reward-0dfb0ebfd6aa?source=rss------bug_bounty-5heyrmbug-bounty-writeup, cybersecurity, bug-bounty, xss-attack, bug-hunting27-Jun-2024
Writeup: Menemukan dan Mengeksploitasi Kerentanan XSS — Reward Bug Hunting Pertamakuhttps://medium.com/@heyrm/writeup-menemukan-dan-mengeksploitasi-kerentanan-xss-reward-bug-hunting-pertamaku-cbf76c9eaf65?source=rss------bug_bounty-5heyrmxss-vulnerability, bug-bounty, cybersecurity, xss-attack, bug-hunting27-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-17)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-17-8d38292448cf?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-hunter, bug-bounty-program, bug-bounty-writeup, bug-bounty-tips, bug-bounty27-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-16)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-16-aacc2aab0f71?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty, bug-bounty-program, bug-bounty-hunter, bug-bounty-writeup27-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-15)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-15-2cd3a0188386?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, bug-bounty-writeup, bug-bounty-program, bug-bounty-tips, bug-bounty-hunter27-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-14)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-14-985969cf2f17?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-bounty-program, bug-bounty-tips27-Jun-2024
Hunting Bugs for RE Hunter 350https://vijetareigns.medium.com/hunting-bugs-for-re-hunter-350-81338c4ebf20?source=rss------bug_bounty-5the_unlucky_guybug-bounty, bug-bounty-tips, bug-bounty-writeup, bugbounty-writeup, cybersecurity27-Jun-2024
Malicious Document Analysis: Emotet Case Ihttps://medium.com/@brsdncr/malicious-document-analysis-emotet-case-i-4a5f1ca8c565?source=rss------bug_bounty-5Baris Dincercybersecurity, threat-intelligence, penetration-testing, bug-bounty, freedomofinternet27-Jun-2024
IDORs Never Disappoint Me— Hacking Into Online Bookings ($$$$)https://aravind07.medium.com/idors-never-disappoint-me-hacking-into-online-bookings-5b2f34e1af25?source=rss------bug_bounty-5Gnana Aravind Kcybersecurity, penetration-testing, infosec, hacking, bug-bounty27-Jun-2024
How I was able to steal cookies via stored XSShttps://medium.com/@xnum.1/how-i-was-able-to-steal-cookies-via-stored-xss-c7f172fe114c?source=rss------bug_bounty-5Ahmed Tarekstored-xss, xss-attack, bug-bounty, cookies, javascript27-Jun-2024
14.7 Lab: CSRF where token is not tied to user sessionhttps://cyberw1ng.medium.com/14-7-lab-csrf-where-token-is-not-tied-to-user-session-841faddd036a?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, bug-bounty, careers, hacking27-Jun-2024
XSS Test Cases Preperationhttps://medium.com/@NadirSensoy/xss-test-cases-preperation-566e34ff94fb?source=rss------bug_bounty-5Nadir Sensoybug-bounty-tips, bug-bounty, xss-vulnerability27-Jun-2024
Front End y Back End: Lab HTB Exposición de Datos Sensibleshttps://zhunter12.medium.com/front-end-y-back-end-lab-htb-exposici%C3%B3n-de-datos-sensibles-a21431c08d9d?source=rss------bug_bounty-5Oscar Romerocybersecurity, frontend, sensitive-data-exposure, htb-academy, bug-bounty27-Jun-2024
How I was able to steal cookies via stored XSShttps://medium.com/@0x_xnum/how-i-was-able-to-steal-cookies-via-stored-xss-c7f172fe114c?source=rss------bug_bounty-5Ahmed Tarekstored-xss, xss-attack, bug-bounty, cookies, javascript27-Jun-2024
How long did it take me to find my first bug?https://medium.com/@deadoverflow/how-long-did-it-take-me-to-find-my-first-bug-969699fa9080?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, hacking, cybersecurity, bug-bounty, programming27-Jun-2024
ICMTC CTF 2024 (Web Exploitation)https://0x0anas.medium.com/icmtc-ctf-2024-web-exploitation-57998a15107b?source=rss------bug_bounty-5Anas Ibrahimctf, icmtc-ctf, pentesting, bug-bounty27-Jun-2024
IDORs Never Disappoint Me — Hacking Into Online Bookings ($$$$)https://aravind07.medium.com/idors-never-disappoint-me-hacking-into-online-bookings-5b2f34e1af25?source=rss------bug_bounty-5Gnana Aravind Kcybersecurity, penetration-testing, infosec, hacking, bug-bounty27-Jun-2024
Checklist for Forgot Password functionalityhttps://infosecwriteups.com/checklist-for-forgot-password-functionality-3f61c34a15eb?source=rss------bug_bounty-5Suprajabaskaranpenetration-testing, passwords, bug-bounty, bug-bounty-tips, pentesting26-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-13)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-13-b7bc7fa2123b?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-hunter, bug-bounty-program, bug-bounty, bug-bounty-tips, bug-bounty-writeup26-Jun-2024
Basic Cyber Security Course First Dayhttps://mrunknown124154.medium.com/basic-cyber-security-course-first-day-c6ad0cb7d907?source=rss------bug_bounty-5Mr Abdullahcyber-security-awareness, ethical-hacking, bug-bounty, cybersecurity26-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-12)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-12-4b892dc13d9f?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-hunter, bug-bounty-program, bug-bounty-tips, bug-bounty-writeup, bug-bounty26-Jun-2024
XSS: Demonstrating Impact Without Credentialshttps://infosecwriteups.com/xss-demonstrating-impact-without-credentials-db7fff38792a?source=rss------bug_bounty-5Shlok Kxss-attack, vulnerability, infosec, bug-bounty, cross-site-scripting26-Jun-2024
Penetration Testing with Termux: A Newbie’s Success Storyhttps://medium.com/@yp400215/penetration-testing-with-termux-a-newbies-success-story-649e3393a311?source=rss------bug_bounty-5Yash Pawarbug-bounty, penetration-testing, idor-vulnerability26-Jun-2024
Come backhttps://medium.com/@anonymous19999/come-back-802e211927f6?source=rss------bug_bounty-5Anonymouslife, love, bug-bounty, comeback26-Jun-2024
Learn Android Penetration Testing Skill with This Vulnerable APKhttps://medium.com/@phyowathone/learn-android-penetration-testing-skill-with-this-vulnerable-apk-94d9300a11c4?source=rss------bug_bounty-5Phyo WaThone Winandroid-pentesting, android-security, application-security, android-bug-bounty, bug-bounty26-Jun-2024
How I found XSS and open redirect in Kamiapp.com accidentallyhttps://medium.com/@alimuhammadsecured/how-i-found-xss-and-open-redirect-in-kamiapp-com-accidentally-364ef7db939d?source=rss------bug_bounty-5Alimuhammadsecuredxss-attack, cybersecurity, hacking, bug-bounty26-Jun-2024
Complex Attack Types: Sample Scenarios 26https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-26-9b05b2b26815?source=rss------bug_bounty-5Baris Dincerbug-bounty, penetration-testing, freedomofinternet, cybersecurity, information-security26-Jun-2024
Unveiling the Secrets of Server-Side Template Injection (SSTI) in Flask and Jinja2https://medium.com/@baraiprince0111/unveiling-the-secrets-of-server-side-template-injection-ssti-in-flask-and-jinja2-25c57ab3199f?source=rss------bug_bounty-5Baraiprincectf, hacking, cybersecurity, trends, bug-bounty26-Jun-2024
Unveiling OAuth Vulnerabilities: Exploring Account Access Without Email Verificationhttps://medium.com/@sulmanfarooq531/unveiling-oauth-vulnerabilities-exploring-account-access-without-email-verification-d36762361df7?source=rss------bug_bounty-5Sulman Farooq Sbug-bounty, cybersecurity, oauth, hacking, oauth226-Jun-2024
How i’ve found : ( IDOR + XSS ) = all USERS account takeover 🙂 ?https://medium.com/@zack0x01_/how-ive-found-idor-xss-all-users-account-takeover-a49d59cf5108?source=rss------bug_bounty-5zack0x01bugbounty-tips, bug-bounty, bugbounty-poc, hacking, bugbounty-writeup26-Jun-2024
VRP [IDOR] Menghapus dan Melihat Data Korbanhttps://medium.com/@anvilleofficial/vrp-idor-menghapus-dan-melihat-data-korban-a9e1f8978798?source=rss------bug_bounty-5barridor, bug-bounty26-Jun-2024
How I compromised 1500 accounts/month with no technical skillhttps://theclemvp.medium.com/how-i-compromised-1500-accounts-month-with-no-technical-skill-6a83ecd5c8eb?source=rss------bug_bounty-5Clémentcybersecurity, pentesting, penetration-testing, hacking, bug-bounty26-Jun-2024
14.6 Lab: CSRF Vulnerability where token validation depends on request methodhttps://cyberw1ng.medium.com/14-6-lab-csrf-vulnerability-where-token-validation-depends-on-request-method-78f2a2c33173?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, careers, cybersecurity26-Jun-2024
OTP Bypass through Response Manipulationhttps://medium.com/@xnum.1/otp-bypass-through-response-manipulation-905bc70e5ff4?source=rss------bug_bounty-5Ahmed Tarekauthentication-bypass, authentication, bug-bounty, otp-verification, otp-bypass26-Jun-2024
Explotando Vulnerabilidades de Validación de Entrada en un Workflow de Compras — Web Sec Academyhttps://zhunter12.medium.com/explotando-vulnerabilidades-de-validaci%C3%B3n-de-entrada-en-un-workflow-de-compras-web-sec-academy-a1e3265c46b8?source=rss------bug_bounty-5Oscar Romerociberseguridad, portswigger-lab, bug-bounty, business-logic-flaw, burpsuite26-Jun-2024
Understanding Web Security Concepts: A Comprehensive Guidehttps://medium.com/@cybe3king/understanding-web-security-concepts-a-comprehensive-guide-61ced70c3337?source=rss------bug_bounty-5Cybe3kingbug-bounty, cybersecurity, penetration-testing, web-security, ethical-hacking26-Jun-2024
Securing Your Home Network: Final Stepshttps://medium.com/@jessemridley/securing-your-home-network-final-steps-676b1d7c3787?source=rss------bug_bounty-5Jesse Ridleybug-bounty, network-security, hackathons, freelancing, cybersecurity25-Jun-2024
13.31 Lab: Exploiting XSS to perform CSRFhttps://cyberw1ng.medium.com/13-31-lab-exploiting-xss-to-perform-csrf-0fffd6243312?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, bug-bounty, hacking, cybersecurity25-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-10)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-10-466f0806866b?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty, bug-bounty-writeup, bug-bounty-program, bug-bounty-tips, bug-bounty-hunter25-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-9)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-9-f76dc4218c1c?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-hunter, bug-bounty, bug-bounty-program, bug-bounty-writeup, bug-bounty-tips25-Jun-2024
#3. Bug Bounty Series: OTP Verification Bypasshttps://cyb3rmind.medium.com/3-bug-bounty-series-otp-verification-bypass-468526b76720?source=rss------bug_bounty-5Cyb3r M!ndsbug-bounty, otp-bypass, hacking, bug-bounty-tips, pentesting25-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-11)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-11-f5009818fb39?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-program, bug-bounty, bug-bounty-start-up, bug-bounty-tips, bug-bounty-hunting25-Jun-2024
The Role of Ethical Hackers in Web3 Securityhttps://securrtech.medium.com/the-role-of-ethical-hackers-in-web3-security-e858b516b43d?source=rss------bug_bounty-5Securrblockchain, bug-bounty, web3bugbounty, web3-security, web325-Jun-2024
“Onerror” Ne Demek ?https://medium.com/@beratkolay37/onerror-ne-demek-bb751f8e6a1b?source=rss------bug_bounty-5Berat K.kali-linux, html, bug-bounty, onerror, javascript25-Jun-2024
#3. Bug Bounty Series: OTP Verification bypass leads to unauthorized booking appointmenthttps://cyb3rmind.medium.com/3-bug-bounty-series-otp-verification-bypass-468526b76720?source=rss------bug_bounty-5Cyb3r M!ndsbug-bounty, otp-bypass, hacking, bug-bounty-tips, pentesting25-Jun-2024
ZDay Olarak Bulduğum PostMessage XSS Zafiyetinin Analizihttps://grolar.medium.com/zday-olarak-buldu%C4%9Fum-postmessage-xss-zafiyetinin-analizi-4c81471e32e5?source=rss------bug_bounty-5Grolarbug-bounty-writeup, dom-xss, bug-bounty, xss-vulnerability, web-security25-Jun-2024
Testing SolarWinds Serv-U Path Directory Transversal Vulnerability (CVE-2024–28995)https://noorhomaid.medium.com/testing-solarwinds-serv-u-path-directory-transversal-vulnerability-cve-2024-28995-d80e60d31a8d?source=rss------bug_bounty-5NoorHomaidcybersecurity, cve, penetration-testing, bug-bounty, solarwinds-hack25-Jun-2024
The one where I owned a customer service platformhttps://medium.com/@un1tycyb3r/the-one-where-i-owned-a-customer-service-platform-2fd4cff11b28?source=rss------bug_bounty-5Un1tycyb3rbug-bounty25-Jun-2024
Find Sensitive Data’s using via network analysis make me 250$https://medium.com/@test123cybertest/find-sensitive-datas-using-via-network-analysis-make-me-250-a0b23b0cb03b?source=rss------bug_bounty-5praveenarsh0xx0pentesting, bug-bounty, cybersecurity, bug-bounty-tips25-Jun-2024
How I Found a Vulnerability in Paytm and Received a Bountyhttps://mufazmi.medium.com/how-i-found-a-vulnerability-in-paytm-and-received-a-bounty-d580ea14e9a8?source=rss------bug_bounty-5Umair Farooqui ✪paytm-bug-bounty, mufazmi, bug-bounty, umair-farooqui, paytm-bug25-Jun-2024
Hackathon CTF VulnHub | Writeup | Walkthroughhttps://shamsulmehmood.medium.com/hackathon-ctf-vulnhub-writeup-walkthrough-aa36adedc49e?source=rss------bug_bounty-5SHAMS UL MEHMOODvulnerability, cybersecurity, ai, hacker, bug-bounty25-Jun-2024
My First Bug Hunting Experience: A Journey from Disappointment to Successhttps://b0mk35h.medium.com/my-first-bug-hunting-experience-a-journey-from-disappointment-to-success-ae92c222a0d0?source=rss------bug_bounty-5Pronay Biswasbug-bounty, ethical-hacking, cybersecurity, web-security, cyberattack24-Jun-2024
Unseen Dangers: How Cloud Misconfigurations Could Be Your Company’s Biggest Threathttps://medium.com/@paritoshblogs/unseen-dangers-how-cloud-misconfigurations-could-be-your-companys-biggest-threat-c1ed86b10093?source=rss------bug_bounty-5Paritoshcloud-computing, cybersecurity, hacking, bug-bounty, cloud24-Jun-2024
Roadmap to Becoming a Professional Penetration Tester with Estimated Learning Timehttps://medium.com/@cuncis/roadmap-to-becoming-a-professional-penetration-tester-with-estimated-learning-time-d352bdd43fbe?source=rss------bug_bounty-5Cunciscybersecurity, penetration-test, bug-bounty, penetration-testing, hacker24-Jun-2024
Understanding Cybersecurity: Exploits, CVEs, and Morehttps://systemweakness.com/understanding-cybersecurity-exploits-cves-and-more-59b41bf679dc?source=rss------bug_bounty-5Khaleel Khancybersecurity, bug-bounty, hacking, infosec, ethical-hacking24-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-6)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-6-2ad674553fa0?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-writeup, bug-bounty-tips, bug-bounty, bug-bounty-program, bug-bounty-hunter24-Jun-2024
CVE Seeker — Unveiling Cyber Threats: From Assets to Vulnerability Insightshttps://anmolksachan.medium.com/cve-seeker-unveiling-cyber-threats-from-assets-to-vulnerability-insights-b4b485a7aefb?source=rss------bug_bounty-5Anmol K Sachanrecon, shodan, asm, bug-bounty, attack-surface-management24-Jun-2024
13.30 Lab: Exploiting cross-site scripting to capture passwordshttps://cyberw1ng.medium.com/13-30-lab-exploiting-cross-site-scripting-to-capture-passwords-bd3714035b4a?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, penetration-testing, careers, cybersecurity24-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-8)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-8-3d5a833a4842?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty, bug-bounty-program, bug-bounty-hunter, bug-bounty-writeup24-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-7)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-7-6a8786ecb6f4?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-program, bug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup24-Jun-2024
OTP Bypass through Session Manipulationhttps://medium.com/@n4if/otp-bypass-through-session-manipulation-d73deceaa42f?source=rss------bug_bounty-50xNAiFpenetration-testing, bug-bounty, computer-science, cybersecurity24-Jun-2024
Insecure Direct Object Reference (IDOR) Walkthrough — VulnLab by Yavuzlarhttps://medium.com/@muhammadriva/insecure-direct-object-reference-idor-walkthrough-vulnlab-by-yavuzlar-3d16ce3f5345?source=rss------bug_bounty-5Muhammad Riva Fanzury Scybersecurity, bug-bounty, ethical-hacking, penetration-testing, idor-vulnerability24-Jun-2024
Cross Site Scripting (XSS) Walkthrough — VulnLab XSS by Yavuzlarhttps://medium.com/@muhammadriva/cross-site-scripting-xss-walkthrough-vulnlab-xss-by-yavuzlar-149d14ab2d6b?source=rss------bug_bounty-5Muhammad Riva Fanzury Scross-site-scripting, bug-bounty, cybersecurity, penetration-testing, ethical-hacking24-Jun-2024
OAuth CSRF: Exploiting the Authorization Code Flow for Account Takeoverhttps://medium.com/@cyberpro151/oauth-csrf-exploiting-the-authorization-code-flow-for-account-takeover-f67cee914d39?source=rss------bug_bounty-5cyberpro151web-security, account-takeover, bug-bounty, appsec, hacking24-Jun-2024
Bypassing Reset Password ATO (Account takeover) through JavaScript Breakpointshttps://medium.com/@asaad0x/bypassing-reset-password-ato-account-takeover-through-javascript-breakpoints-e71187ad7171?source=rss------bug_bounty-5Ahmad Asaadaccount-takeover, bug-bounty, penetration-testing, cybersecurity, infosec24-Jun-2024
Poodle Haney Bug Bountyhttps://medium.com/@haneypoodle/poodle-haney-bug-bounty-1b0a10a03689?source=rss------bug_bounty-5Poodle Haneymemecoins, haney, bug-bounty, poodle-haney24-Jun-2024
Tutorial Install Burpsuite Beginnerhttps://medium.com/@muhammadriva/tutorial-install-burpsuite-beginner-927375c22f94?source=rss------bug_bounty-5Muhammad Riva Fanzury Sbug-bounty, penetration-testing, cybersecurity, junior-pentester, burpsuite24-Jun-2024
Unrestricted File Upload Walkthrough — VulnLab by Yavuzlarhttps://medium.com/@muhammadriva/unrestricted-file-upload-walkthrough-vulnlab-by-yavuzlar-76854ebafe84?source=rss------bug_bounty-5Muhammad Riva Fanzury Spenetration-testing, bug-bounty, remote-code-execution, cybersecurity, backdoor24-Jun-2024
Bypassing Reset Password ATO (Account takeover) through JavaScript Breakpointshttps://read.martiandefense.llc/bypassing-reset-password-ato-account-takeover-through-javascript-breakpoints-e71187ad7171?source=rss------bug_bounty-5Ahmad Asaadaccount-takeover, bug-bounty, penetration-testing, cybersecurity, infosec24-Jun-2024
Next.js and cache poisoning: a quest for the black holehttps://medium.com/@zhero_/next-js-and-cache-poisoning-a-quest-for-the-black-hole-1ae634170a1e?source=rss------bug_bounty-5Rachid.Ahacking, bug-bounty, nextjs, web-security, javascript24-Jun-2024
Bug Bounty Programs: How Outsourcing Can Help Your Project — Sinhala Translationhttps://medium.com/@integriteesrilanka/bug-bounty-programs-how-outsourcing-can-help-your-project-sinhala-translation-0a40a97e58c7?source=rss------bug_bounty-5Integritee Sri Lankabug-bounty, immunefi, blockchain24-Jun-2024
OTP Bypass through Session Manipulationhttps://medium.com/@n4if/otp-bypass-through-session-manipulation-d73deceaa42f?source=rss------bug_bounty-50xn4ifpenetration-testing, bug-bounty, computer-science, cybersecurity24-Jun-2024
How i got easy multiple RXSShttps://medium.com/@0xmekky/how-i-got-easy-multiple-rxss-dd3a6bc521dd?source=rss------bug_bounty-5abdelrahem mekkyxss-attack, penetration-testing, reflected-xss, web-app-security, bug-bounty23-Jun-2024
Complex Attack Types: Sample Scenarios 23https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-23-c0079166f4d9?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, threat-intelligence, cybersecurity, penetration-testing, bug-bounty23-Jun-2024
13.29 Exploiting cross-site scripting to steal cookieshttps://cyberw1ng.medium.com/13-29-exploiting-cross-site-scripting-to-steal-cookies-21c7d5851ea3?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, penetration-testing, cybersecurity, bug-bounty23-Jun-2024
Duplicate P1 in public programhttps://medium.com/@mohamed.yasser442200/duplicate-p1-in-public-program-aa9ade8f61c3?source=rss------bug_bounty-5Spider4pentesting, bug-bounty-tips, authentication, hacking, bug-bounty23-Jun-2024
New 100$ Bug in My Methodology!https://medium.com/@rewmcode/new-100-bug-in-my-methodology-60d99f0dafe2?source=rss------bug_bounty-5Ali Rembug-bounty-tips, hacking, hacker, bug-bounty23-Jun-2024
Chaining bugs for Account Takeoverhttps://medium.com/@hbenja47/chaining-bugs-for-account-takeover-0b90a2d952af?source=rss------bug_bounty-5Benja (bronxi)hacking, bug-bounty23-Jun-2024
Guide to Using httpxhttps://medium.com/@learntheshell/guide-to-using-httpx-a542cbdc4ed4?source=rss------bug_bounty-5LearnTheShellcybersecurity, httpx, bug-bounty, linux, hacking22-Jun-2024
The Ultimate Shodan Search Guide for Cybersecurity Analystshttps://systemweakness.com/the-ultimate-shodan-search-guide-for-cybersecurity-analysts-283f17f56182?source=rss------bug_bounty-5Khaleel Khanhacking, cybersecurity, infosec, bug-bounty, cheatsheet22-Jun-2024
How I Found a Simple IDOR Bug That Exposed Sensitive Datahttps://medium.com/@dra0x0/how-i-found-a-simple-idor-bug-that-exposed-sensitive-data-36e6e9b508db?source=rss------bug_bounty-5dra0x0application-security, ethical-hacking, cybersecurity, software-testing, bug-bounty22-Jun-2024
How I found a .env file and can access the whole server of mysqlhttps://medium.com/@jeetpal2007/how-i-found-a-env-file-and-can-access-the-whole-server-of-mysql-a21af69cbd12?source=rss------bug_bounty-5JEETPALbug-bounty-tips, bug-bounty, cybersecurity, bugbounty-writeup, env-file22-Jun-2024
Practical Threat Hunting Using Known IOC IPshttps://medium.com/@paritoshblogs/practical-threat-hunting-using-known-ioc-ips-26a4eab0b616?source=rss------bug_bounty-5Paritoshcybersecurity, incident-response, bug-bounty, ransomware, threat-hunting22-Jun-2024
CVE-2024–28999 SolarWinds Race Conditionhttps://medium.com/@0xSphinx/cve-2024-28999-solarwinds-race-condition-62e175339b46?source=rss------bug_bounty-50xSphinxcybersecurity, bug-bounty, hacking, cyber-security-awareness, security22-Jun-2024
13.28 Lab: Reflected XSS into a template literal with angle brackets, single, double quotes…https://cyberw1ng.medium.com/13-28-lab-reflected-xss-into-a-template-literal-with-angle-brackets-single-double-quotes-45602869f45f?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, penetration-testing, cybersecurity22-Jun-2024
Found Bugs, Got paid, Stayed poor: Making a Living with Bug Bountieshttps://slava-moskvin.medium.com/found-bugs-got-paid-stayed-poor-making-a-living-with-bug-bounties-04ba1fbbab73?source=rss------bug_bounty-5Path Cybersec [Slava Moskvin]pentesting, reverse-engineering, cybersecurity, bug-bounty, offensive-security22-Jun-2024
Update on DNS problem with Lubuntu 24.04https://ariedwikusuma9.medium.com/update-on-dns-problem-with-lubuntu-24-04-5c48a903026f?source=rss------bug_bounty-5Ariekusumalinux, lubuntu, ubuntu, wireguard, bug-bounty21-Jun-2024
Bypassing iCloud Web Access Restrictionhttps://ltsirkov.medium.com/bypassing-icloud-web-access-restriction-30cdf12b979c?source=rss------bug_bounty-5Lyubomir Tsirkovbug-bounty, bug-bounty-tips, bugbounty-writeup, cybersecurity21-Jun-2024
How I Found 3 Bugs in a Single Dayhttps://medium.com/@dsmodi484/how-i-found-3-bugs-in-a-single-day-a690e2abd4fb?source=rss------bug_bounty-5Dishant Modioffensive-security, vapt, idor, bugs, bug-bounty21-Jun-2024
Dork Like a Pro: Exploiting Google for Bug Bounty Winshttps://medium.com/@RaunakGupta1922/dork-like-a-pro-exploiting-google-for-bug-bounty-wins-fd2612d7fde3?source=rss------bug_bounty-5Raunak Gupta Aka Biscuitgoogle-dork, bug-bounty, vulnerability, hacking, cyber-security-awareness21-Jun-2024
Complex Attack Types: Sample Scenarios 22https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-22-f720da3d9dc3?source=rss------bug_bounty-5Baris Dincerinformation-technology, penetration-testing, bug-bounty, cybersecurity, freedomofinternet21-Jun-2024
Broken Access Control on an E-commerce website allows attackers to lengthen trial planhttps://medium.com/@p00dl3/broken-access-control-on-an-e-commerce-website-allows-attackers-to-lengthen-trial-plan-e59f5976bca3?source=rss------bug_bounty-5p00dl3cybersecurity, bug-bounty21-Jun-2024
Say Goodbye to Pesky Bugs: Top Bug Zappers for Perfect Family Gatheringshttps://medium.com/@seng4k2/say-goodbye-to-pesky-bugs-top-bug-zappers-for-perfect-family-gatherings-b23f405ac0c5?source=rss------bug_bounty-5Kear Sengmosquito, insects, bugs, bug-bounty, pest-control21-Jun-2024
13.27 Lab: Reflected XSS into a JavaScript string with a single quote and backslash-escapedhttps://cyberw1ng.medium.com/13-27-lab-reflected-xss-into-a-javascript-string-with-a-single-quote-and-backslash-escaped-2fbc757feb1a?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, bug-bounty, careers, cybersecurity21-Jun-2024
Exploring Web Infrastructure: Tools and Techniques for Effective Reconhttps://medium.com/@Kaizen2977/exploring-web-infrastructure-tools-and-techniques-for-effective-recon-11907b7ec938?source=rss------bug_bounty-5kapil Chotaliabug-bounty, penetration-testing, dns, email, cybersecurity21-Jun-2024
Quick & Easy $100 Bug That You Can Find In 5 minuteshttps://levelup.gitconnected.com/quick-easy-100-bug-that-you-can-find-in-5-minutes-aeb4b16745d9?source=rss------bug_bounty-5Hamza Avvanethical-hacking, bug-bounty, cybersecurity, earn-money-online, api21-Jun-2024
Best Practices for Securing Your Decentralized Applicationhttps://securrtech.medium.com/best-practices-for-securing-your-decentralized-application-d049a9ec547d?source=rss------bug_bounty-5Securrblockchain, web3, security, securr, bug-bounty21-Jun-2024
Everything About EC-Council CEHhttps://medium.com/@mazharshadab292/everything-about-ec-council-ceh-fb47b0392104?source=rss------bug_bounty-5Shadab Mazharhacking, social-media, computer-science, cybersecurity, bug-bounty21-Jun-2024
If youre looking for thorough and professional penetration testing services, youve come to the…https://medium.com/@kafim3137/if-youre-looking-for-thorough-and-professional-penetration-testing-services-youve-come-to-the-ea3d1129b61f?source=rss------bug_bounty-5Farhadbug-bounty, penetration-test, vulnerability, vulnerability-assessment, penetration-testing21-Jun-2024
Part 1- Everything You Need to Know About Browser Security Policies — SOP, CORS.https://medium.com/@vikramroot/part-1-everything-you-need-to-know-about-browser-security-policies-sop-cors-3eb025fd3ab8?source=rss------bug_bounty-5vikram naidubugbounty-writeup, penetration-testing, application-security, cybersecurity, bug-bounty21-Jun-2024
Part 2- Everything You Need to Know About Browser Security Policies — CSP, Cookie Attributes, etc.https://medium.com/@vikramroot/part-2-everything-you-need-to-know-about-browser-security-policies-csp-cookie-attributes-etc-3ea98f737b3a?source=rss------bug_bounty-5vikram naidupenetration-testing, bug-bounty, product-security, cybersecurity, application-security21-Jun-2024
Microsoft Subdomain XSS Report — Publishedhttps://ibrahimxss.medium.com/microsoft-subdomain-xss-report-published-3e4f54eea93c?source=rss------bug_bounty-5#IbrahimXSSxss-attack, xss-bypass, bug-bounty, microsoft, xss-vulnerability21-Jun-2024
Discovering an XSS Vulnerability on Vue.js 2.6.10 WebApphttps://ibrahimxss.medium.com/discovering-an-xss-vulnerability-on-vue-js-2-6-10-webapp-e6c0cc88e840?source=rss------bug_bounty-5#IbrahimXSSxss-attack, bug-bounty, xss-bypass, hacking, xss-vulnerability21-Jun-2024
Being Better at Burphttps://medium.com/@fat_zombi/being-better-at-burp-b9585186aa08?source=rss------bug_bounty-5Fatzombiappsec, bug-bounty, proxy, burpsuite20-Jun-2024
OWASP Top 10 SQL Injection Vulnerabilityhttps://medium.com/@Joshua_sk/owasp-top-10-sql-injection-vulnerability-97168af8978e?source=rss------bug_bounty-5Joshua_skvulnerability, web-hacking, bug-bounty, sql-injection, owasp-top-1020-Jun-2024
Kraken Crypto Exchange Hit by $3 Million Theft Exploiting Zero-Day Flawhttps://medium.com/@malikijlal/kraken-crypto-exchange-hit-by-3-million-theft-exploiting-zero-day-flaw-6f218c3aef57?source=rss------bug_bounty-5Malik Ijlalbug-bounty, cryptocurrency, cybersecurity, hacking, kraken20-Jun-2024
Getting Into Cybersecurity: A Roadmaphttps://medium.com/@majix_de/getting-into-cybersecurity-a71cde8a57b3?source=rss------bug_bounty-5Majixcybersecurity-tips, bug-bounty, infoseccareer, ethical-hacking, hack-to-learn20-Jun-2024
Untold story of Zomato XSShttps://medium.com/@info_4040/untold-story-of-zomato-xss-148c91d2faec?source=rss------bug_bounty-5Bug Detector'sxss-vulnerability, bug-bounty, bug-bounty-tips, penetration-testing, xss-attack20-Jun-2024
TryHackMe SQLMap Roomhttps://medium.com/@Joshua_sk/tryhackme-sqlmap-room-06fd30f8a0b1?source=rss------bug_bounty-5Joshua_sktryhackme, cybersecurity, sqlmap, bug-bounty, sql-injection20-Jun-2024
Kraken Faces Extortion Attempt After $3M Bug Exploithttps://medium.com/@whalecrypto/kraken-faces-extortion-attempt-after-3m-bug-exploit-f086f479a4f1?source=rss------bug_bounty-5Crypto Whale Mediumkraken, crypto-hack, blockchain-security, cryptoextortion, bug-bounty20-Jun-2024
Complex Attack Types: Sample Scenarios 21https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-21-e65a13b96002?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, threat-intelligence, bug-bounty, penetration-testing, cybersecurity20-Jun-2024
OAuth Misconfiguration: Preemptive Account Registration Exploitationhttps://mmnahian.medium.com/oauth-misconfiguration-preemptive-account-registration-exploitation-407be50d6037?source=rss------bug_bounty-5mmnahianbug-bounty, information-security, bug-bounty-tips, sso, oauth20-Jun-2024
What is prototype pollution?https://cyberw1ng.medium.com/what-is-prototype-pollution-76694f0db76a?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing20-Jun-2024
Very damn vulnerable government site 2.0https://medium.com/@bl4cksku11/very-damn-vulnerable-government-site-2-0-cf9535cbdb4e?source=rss------bug_bounty-5Bl4cksku11vulnerability, bug-bounty, research, hacking, red-team20-Jun-2024
IF YOU DON.T HAVE money, SELL YOUR CROSS SITE SCRIPTINGhttps://medium.com/@1daytosee/if-you-don-t-have-money-sell-your-cross-site-scripting-dc4b6bdd046f?source=rss------bug_bounty-51day2seexss-attack, bug-bounty, pentesting, selling, hacking20-Jun-2024
Inside the Kraken $3M Hack: What Happened?https://medium.com/@cryptopiannews/inside-the-kraken-3m-hack-what-happened-4a0af98c498e?source=rss------bug_bounty-5Cryptopiannewsbug-bounty, kraken, kraken-3m-hack, cryptopiannews, crypto-hack20-Jun-2024
How Static Analysis Uncovers Hidden Malware Threats !https://medium.com/@paritoshblogs/how-static-analysis-uncovers-hidden-malware-threats-7c62d132f7f8?source=rss------bug_bounty-5Paritoshcybersecurity, malware, bug-bounty, static-malware-analysis, hacking19-Jun-2024
Analyzing a Major Web3 Vulnerability and Its Resolutionhttps://securrtech.medium.com/analyzing-a-major-web3-vulnerability-and-its-resolution-69955d55a0f6?source=rss------bug_bounty-5Securrblockchain, bug-bounty, web3, security, securr19-Jun-2024
29.9 Lab: Remote code execution via server-side prototype pollutionhttps://cyberw1ng.medium.com/29-9-lab-remote-code-execution-via-server-side-prototype-pollution-d5c98bfe3e73?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, cybersecurity, penetration-testing19-Jun-2024
Code Execution Vulnerability in Behave: A Deep Divehttps://medium.com/@piyushbhor22/code-execution-vulnerability-in-behave-a-deep-dive-b8c7431a71f9?source=rss------bug_bounty-5Pisecurity-research, bug-bounty, code-review, cybersecurity, vulnerability-research19-Jun-2024
Mastering Bug Bounty: Tips and Strategies for Successhttps://medium.com/@whitehatcyber404/mastering-bug-bounty-tips-and-strategies-for-success-df27b24f2009?source=rss------bug_bounty-5Cyber_catzbug-bounty-writeup, bugbounty-writeup, bug-bounty-tips, bug-bounty, bugbounty-tips19-Jun-2024
Complex Attack Types: Sample Scenarios 19https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-19-2a39b7806616?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, cybersecurity, bug-bounty, information-technology, penetration-testing19-Jun-2024
The Best Resources for Cybersecurity Pros and Bug Bounty Huntershttps://medium.com/@turvsec/the-best-resources-for-cybersecurity-pros-and-bug-bounty-hunters-f674c2abebb2?source=rss------bug_bounty-5TurvSecpentesting, infosec, bug-bounty, cybersecurity19-Jun-2024
Unlocking the Future of Web Security with the #IBRAHIMXSS Toolhttps://ibrahimxss.medium.com/unlocking-the-future-of-web-security-with-the-ibrahimxss-tool-a33843cdc259?source=rss------bug_bounty-5#IbrahimXSSxss-vulnerability, bug-bounty, xss-attack, hacking, xss-bypass19-Jun-2024
A Place for Cybersecurity and Bug Bounty Content Creators to Shinehttps://medium.com/@turvsec/a-place-for-cybersecurity-and-bug-bounty-content-creators-to-shine-fa0096ce2559?source=rss------bug_bounty-5TurvSecbug-bounty, cybersecurity, infosec19-Jun-2024
Complex Attack Types: Sample Scenarios 20https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-20-f2f9e8f6725e?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, cybersecurity, penetration-testing, bug-bounty, information-technology19-Jun-2024
Mastering Bug Bounty: Tips and Strategies for Successhttps://medium.com/@cyber_catz/mastering-bug-bounty-tips-and-strategies-for-success-df27b24f2009?source=rss------bug_bounty-5cyber_catzbug-bounty-writeup, bugbounty-writeup, bug-bounty-tips, bug-bounty, bugbounty-tips19-Jun-2024
Web App Sec RECON — Black Box Foundations and TTPshttps://medium.com/@meshcode/web-app-sec-recon-black-box-foundations-and-ttps-4bf095b7c004?source=rss------bug_bounty-5Mateusz (meshcode)recon, stealth, web-app-security, infosec, bug-bounty19-Jun-2024
IDOR on HackerOne Embedded Submission Formhttps://medium.com/pinoywhitehat/idor-on-hackerone-embedded-submission-form-9e59c6f044b3?source=rss------bug_bounty-5Japz Divinohacking, pinoywhitehat, infosec, bug-bounty19-Jun-2024
Kraken’s $3 Million Bug Bounty Breach: Ethical Dilemmas and Security Challengeshttps://medium.com/@MiamiCryptoCom/krakens-3-million-bug-bounty-breach-ethical-dilemmas-and-security-challenges-cc459b015fd8?source=rss------bug_bounty-5Miami Cryptocryptocurrency-security, kraken, ethical-hacking, bug-bounty19-Jun-2024
Web App Sec RECON — Black Box Foundations and TTPshttps://medium.com/cyberpower-telenoia/web-app-sec-recon-black-box-foundations-and-ttps-4bf095b7c004?source=rss------bug_bounty-5Mateusz (meshcode)recon, stealth, web-app-security, infosec, bug-bounty19-Jun-2024
Web App Sec RECON — Black Box Foundations and TTPshttps://medium.com/cyberpower-telenoia/web-app-sec-recon-black-box-foundations-and-ttps-4bf095b7c004?source=rss------bug_bounty-5Matty K.recon, stealth, web-app-security, infosec, bug-bounty19-Jun-2024
Unmasking the Invisible Threat: The Ultimate Guide to Malware Analysishttps://medium.com/@paritoshblogs/unmasking-the-invisible-threat-the-ultimate-guide-to-malware-analysis-d287c4d74e7d?source=rss------bug_bounty-5Paritoshmalware-analysis, cybersecurity, information-technology, malware, bug-bounty18-Jun-2024
A Comprehensive Guide to Android App Pentesting for Bug Bounty Hunterhttps://medium.com/@pankajkryadav1/a-comprehensive-guide-to-android-app-pentesting-for-bug-bounty-hunter-ada51e521814?source=rss------bug_bounty-5Pankaj kr Yadavmethodology, bug-bounty, android-pentesting, bug-bounty-tips18-Jun-2024
Exploring the DAO Hack: Lessons Learned for Web3 Securityhttps://securrtech.medium.com/exploring-the-dao-hack-lessons-learned-for-web3-security-08d23984af79?source=rss------bug_bounty-5Securrdao, securr, web3, bug-bounty, web3-security18-Jun-2024
Subdomains Enumeration: Tools, Techniques, and Tipshttps://medium.com/@Kaizen2977/subdomains-enumeration-tools-techniques-and-tips-4d43ea31dc0f?source=rss------bug_bounty-5kapil Chotaliainfosec, penetration-testing, bug-bounty, subdomain, enumeration18-Jun-2024
Intentions HackTheBox Walkthroughhttps://d3athcod3.medium.com/intentions-hackthebox-walkthrough-ad2eb053e224?source=rss------bug_bounty-5D3athCod3cybersecurity, ethical-hacking, development, bug-bounty, hackthebox18-Jun-2024
How I got started in Cyber Security | Getting my first job and How you can too..https://captain-pool.medium.com/how-i-got-started-in-cyber-security-getting-my-first-job-and-how-you-can-too-dc52da614d6d?source=rss------bug_bounty-5Captain Poolweb-app-security, hackthebox, cybersecurity, bug-bounty, hacking18-Jun-2024
Server Access: Admin Panel and RFU Bypasshttps://zvitox.medium.com/server-access-admin-panel-and-rfu-bypass-45af32057a2d?source=rss------bug_bounty-5Mohammad Sadra Naderireport, tips, security, bug-bounty, hacking18-Jun-2024
How ChatGPT Turned Me into a Hackerhttps://medium.com/@jonathanmondaut/how-chatgpt-turned-me-into-a-hacker-7469d5b43026?source=rss------bug_bounty-5Jonathan Mondautbug-bounty, openai, large-language-models, hacking, learning18-Jun-2024
Day 22 of our #CyberQuest1095 Day Challengehttps://d3athcod3.medium.com/day-22-of-our-cyberquest1095-day-challenge-c993ded22604?source=rss------bug_bounty-5D3athCod3bug-bounty, development, cybersecurity, hacking, challenge18-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-5)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-5-efb95db2210b?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-program, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-bounty-hunter18-Jun-2024
Bug Bounty Hunting — Complete Guide (Part -4)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-4-00e815fa8026?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-program, bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty18-Jun-2024
29.8 Lab: Bypassing flawed input filters for server-side prototype pollutionhttps://cyberw1ng.medium.com/29-8-lab-bypassing-flawed-input-filters-for-server-side-prototype-pollution-fa379f811a06?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, careers, bug-bounty, penetration-testing18-Jun-2024
Server Access: Admin Panel and RFU Bypasshttps://zvitox.medium.com/server-access-admin-panel-and-rfu-bypass-45af32057a2d?source=rss------bug_bounty-5Mohammad Sadra Naderi (ZVitoX)report, tips, security, bug-bounty, hacking18-Jun-2024
A Learning Journey: Attempting to Turn a WordPress Theme CVE into a PoChttps://medium.com/@motoko_ayanami/a-learning-journey-attempting-to-turn-a-wordpress-theme-cve-into-a-poc-225cde954493?source=rss------bug_bounty-5Motoko Ayanamiwordpress, wpscan, hacking, bug-bounty18-Jun-2024
Demystifying Bug Bounty Hunting: A Deep Dive into Cybersecurity's Hidden Gemhttps://medium.com/@biswalsandeep594/demystifying-bug-bounty-hunting-a-deep-dive-into-cybersecuritys-hidden-gem-d8ad2d2d7fcb?source=rss------bug_bounty-5Sandeep priyadarshi Biswalbug-bounty, hacking, cryptocurrency, software-engineering, cybersecurity18-Jun-2024
Guide to Using Nucleihttps://medium.com/@learntheshell/guide-to-using-nuclei-9c37869be30e?source=rss------bug_bounty-5LearnTheShellbug-bounty, linux, vulnerability-scanning, cybersecurity18-Jun-2024
Brand-new prototype pollution gadget in MongoDB leading to RCEhttps://medium.com/@vuusale/brand-new-prototype-pollution-gadget-in-mongodb-leading-to-rce-8c5e0087c15e?source=rss------bug_bounty-5Vuusalecybersecurity, vulnerability, bug-bounty, npm17-Jun-2024
Breaking into the VIP Club: A Tale of Parameter Tampering Exploitshttps://systemweakness.com/breaking-into-the-vip-club-a-tale-of-parameter-tampering-exploits-83df7b6b9691?source=rss------bug_bounty-5Jody ritongaweb, bug-bounty, hacking, bugs, bug-bounty-tips17-Jun-2024
Understanding Web3 Bug Bounties: How They Enhance Blockchain Securityhttps://securrtech.medium.com/understanding-web3-bug-bounties-how-they-enhance-blockchain-security-ac9e8361d7cf?source=rss------bug_bounty-5Securrweb3, bug-bounty, hacker, web3bugbounty, security17-Jun-2024
Hunting for Origin IP: A Beginner’s Guidehttps://medium.com/@pruthu.raut/hunting-for-origin-ip-a-beginners-guide-70235f3dd415?source=rss------bug_bounty-5PRUTHU RAUTcyber-security-awareness, bug-bounty, cybersecurity, bug-bounty-tips, bug-hunting17-Jun-2024
29.7 Lab: Detecting server-side prototype pollution without polluted property reflectionhttps://cyberw1ng.medium.com/29-7-lab-detecting-server-side-prototype-pollution-without-polluted-property-reflection-50e36dbe2629?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, bug-bounty, penetration-testing, careers17-Jun-2024
OSINT FOR BUG HUNTERhttps://medium.com/@Progsky/osint-for-bug-hunter-4ae5c700a13a?source=rss------bug_bounty-5Progskyosint, hacking, bug-bounty17-Jun-2024
Cross-Site Scripting via Web Cache Poisoning and WAF bypasshttps://ltsirkov.medium.com/cross-site-scripting-via-web-cache-poisoning-and-waf-bypass-6cb3412d9e11?source=rss------bug_bounty-5Lyubomir Tsirkovbug-bounty, bug-bounty-tips17-Jun-2024
Naabuhttps://medium.com/@roymemory2018/naabu-21c5438e05ae?source=rss------bug_bounty-5Audity Memory Roynaabu, port-scanner, kali-tools, bug-bounty, penetration-testing17-Jun-2024
0xhashimRESETriddle: Vulnerable Web Applicationhttps://medium.com/@hashimamin/0xhashimresetriddle-4f3270411800?source=rss------bug_bounty-5Hashim Aminvulnerability-management, bug-bounty, vulnerability, portswigger, cybersecurity17-Jun-2024
Brand-new prototype pollution gadget in MongoDB leading to RCEhttps://systemweakness.com/brand-new-prototype-pollution-gadget-in-mongodb-leading-to-rce-8c5e0087c15e?source=rss------bug_bounty-5Vuusalecybersecurity, vulnerability, bug-bounty, npm17-Jun-2024
29.6 Lab: Privilege escalation via server-side prototype pollutionhttps://cyberw1ng.medium.com/29-6-lab-privilege-escalation-via-server-side-prototype-pollution-4895762ce7d6?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, penetration-testing, careers, hacking16-Jun-2024
Broken Link Hijackinghttps://medium.com/@saeidmicro/broken-link-hijacking-8ff4808a6cd2?source=rss------bug_bounty-5Saeid Khaterbroken-link-hijacking, bug-bounty, cybersecurity16-Jun-2024
Bug Zero — This month in CyberSecurity (June 1–15)https://blog.bugzero.io/bug-zero-this-month-in-cybersecurity-june-1-15-51c4d918b5ae?source=rss------bug_bounty-5Akila Maithripalacybersecurity, bug-zero, newsletter, bug-bounty16-Jun-2024
Mastering Unauthenticated XSS Detection: Best Burp Suite Configurations for XSS Huntinghttps://medium.com/@mayank_prajapati/mastering-unauthenticated-xss-detection-best-burp-suite-configurations-for-xss-hunting-523d78ecfda8?source=rss------bug_bounty-5Mayank Kumar Prajapatibug-bounty, xss-attack, hunting, hacking, penetration-testing16-Jun-2024
Introducing r3conwhal3: Your Go-To Recon Automation Frameworkhttps://ibrahimtahaistikbal.medium.com/introducing-r3conwhal3-your-go-to-recon-automation-framework-c8840f3a4e0b?source=rss------bug_bounty-5İbrahim Taha İstikbalbug-bounty, security-tool, bug-bounty-tool, penetration-testing, reconnaissance16-Jun-2024
Direct access to admin dashboard via leaked credentialshttps://medium.com/@saeidmicro/direct-access-to-admin-dashboard-via-leaked-credentials-d1ed9bd18edb?source=rss------bug_bounty-5Saeid Khaterbug-bounty, cybersecurity16-Jun-2024
Complex Attack Types: Sample Scenarios 17https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-17-b73b1854ddbd?source=rss------bug_bounty-5Baris Dincercybersecurity, bug-bounty, threat-intelligence, freedomofinternet, penetration-testing16-Jun-2024
Hacking (not only) for Moneyhttps://medium.com/@guce/hacking-not-only-for-money-e71d72ab8c55?source=rss------bug_bounty-5gu cecybersecurity, bug-bounty, bug-bounty-program, vulnerability-assessment16-Jun-2024
Day 20 of Our #CyberQuest1095 Day Challengehttps://d3athcod3.medium.com/day-20-of-our-cyberquest1095-day-challenge-680fbd060cb5?source=rss------bug_bounty-5D3athCod3cybersecurity, challenge, penetration-testing, hacker, bug-bounty16-Jun-2024
Enumeração de subdomínios de diferentes fonteshttps://medium.com/@souzaw/enumera%C3%A7%C3%A3o-de-subdom%C3%ADnios-de-diferentes-fontes-9c67f5bc59e3?source=rss------bug_bounty-5Wagner Souzashell, bug-bounty, pentest, osint16-Jun-2024
Complex Attack Types: Sample Scenarios 18https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-18-efaf527942ba?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, bug-bounty, penetration-testing, information-technology, cybersecurity16-Jun-2024
Secrets in the Wild: Uncovering Hidden Threatshttps://medium.com/@dzianisskliar29/secrets-in-the-wild-uncovering-hidden-threats-9b26bf180d0c?source=rss------bug_bounty-5Dzianis Skliarbug-bounty, cybersecurity, threat-intelligence, penetration-testing16-Jun-2024
Top 10 Search Engines Every Cybersecurity Professional Should Knowhttps://ikhaleelkhan.medium.com/top-10-search-engines-every-cybersecurity-professional-should-know-ad92a80ce5e6?source=rss------bug_bounty-5Khaleel Khanbug-bounty, ethical-hacking, hacking, cybersecurity, infosec15-Jun-2024
[Bounty Weekend] View Any User Design With Simple Path Traversal IDORhttps://medium.com/@rifqihz/bounty-weekend-view-any-user-design-with-simple-path-traversal-idor-5fe0f59f56a6?source=rss------bug_bounty-5Rifqi Hilmy Zhafranthackerone, bug-bounty, broken-access-control15-Jun-2024
[Bounty Weekend] Possible Code Execution With Integration Script Tamperinghttps://medium.com/@rifqihz/bounty-weekend-possible-code-execution-with-integration-script-tampering-f38691e99d4b?source=rss------bug_bounty-5Rifqi Hilmy Zhafranthackerone, bug-bounty, cloud15-Jun-2024
Unveiling the Secret World of Google Dorks: How Hackers Use These Search Tricks to Access Your…https://systemweakness.com/unveiling-the-secret-world-of-google-dorks-how-hackers-use-these-search-tricks-to-access-your-117c53c05705?source=rss------bug_bounty-5Khaleel Khancybersecurity, bug-bounty, infosec, hacking, google15-Jun-2024
Top 10 Search Engines Every Cybersecurity Professional Should Knowhttps://medium.com/the-shaco/top-10-search-engines-every-cybersecurity-professional-should-know-ad92a80ce5e6?source=rss------bug_bounty-5Khaleel Khanbug-bounty, ethical-hacking, hacking, cybersecurity, infosec15-Jun-2024
29.5 Lab: Client-side prototype pollution in third-party librarieshttps://cyberw1ng.medium.com/29-5-lab-client-side-prototype-pollution-in-third-party-libraries-e767b8352862?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, careers, cybersecurity, bug-bounty15-Jun-2024
Intelligence HackTheBox Walkthrough | Active Directoryhttps://d3athcod3.medium.com/intelligence-hackthebox-walkthrough-active-directory-d9cb695201ce?source=rss------bug_bounty-5D3athCod3computer-science, bug-bounty, cybersecurity, hackthebox, hacking15-Jun-2024
Desvendando uma Vulnerabilidade no Single Sign-On do Facebook: Minha Jornada e Recompensa de $3.000https://medium.com/@patrick-mns/desvendando-uma-vulnerabilidade-no-single-sign-on-do-facebook-minha-jornada-e-recompensa-de-3-000-9c1bcd2a9f4d?source=rss------bug_bounty-5Patrick Manoelhackerone, meta, facebook, hacker, bug-bounty15-Jun-2024
Complex Attack Types: Sample Scenarios 16https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-16-2424fcc0af62?source=rss------bug_bounty-5Baris Dincerbug-bounty, information-technology, freedomofinternet, cybersecurity, penetration-testing15-Jun-2024
How I hacked a marriage database: tale of IDORhttps://medium.com/@alimuhammadsecured/how-i-hacked-a-marriage-database-tale-of-idor-b4f951d23aa6?source=rss------bug_bounty-5Alimuhammadsecuredweb-app-security, bug-bounty, penetration-testing, cybersecurity14-Jun-2024
Postmortem a HTTP Requesthttps://medium.com/@RaunakGupta1922/postmortem-a-http-request-9599bb9d994b?source=rss------bug_bounty-5Raunak Gupta Aka Biscuithacking, burpsuite, http-request, web, bug-bounty14-Jun-2024
Bug Bounty Hunting — Complete Guide (Part — 3)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-3-141b7bfa6ed6?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-bounty-hunter, bug-bounty-program14-Jun-2024
Complex Attack Types: Sample Scenarios 15https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-15-44899075e8fd?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, penetration-testing, information-technology, bug-bounty, cybersecurity14-Jun-2024
How I Discovered a Critical Vulnerability in a Message Tracking Systemhttps://adarshkrduaby.medium.com/how-i-discovered-a-critical-vulnerability-in-a-message-tracking-system-590b3518dcb8?source=rss------bug_bounty-5Adarsh Kumarhacking, bug-report, programming, bug-hunting, bug-bounty14-Jun-2024
29.4 Lab: DOM XSS via an alternative prototype pollution vectorhttps://cyberw1ng.medium.com/29-4-lab-dom-xss-via-an-alternative-prototype-pollution-vector-6ad80e62c8c8?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, hacking, cybersecurity, penetration-testing14-Jun-2024
Discovering Critical Security Vulnerabilities: My Journey into Microsoft’s Release Plans Subdomainhttps://ibrahimxss.medium.com/discovering-critical-security-vulnerabilities-my-journey-into-microsofts-release-plans-subdomain-c47621b2da2d?source=rss------bug_bounty-5#IbrahimXSShtml-injection, microsoft, xss-attack, bug-bounty, stored-xss14-Jun-2024
How i discovered my first CVEhttps://1-day.medium.com/how-i-discovered-my-first-cve-3692fab374ab?source=rss------bug_bounty-51daybug-bounty, bug-bounty-tips, cve, bug-hunting, ethical-hacking14-Jun-2024
Bug bounty: managing disappointment, avoiding burnout and consistent growthhttps://medium.com/@un1tycyb3r/bug-bounty-managing-disappointment-avoiding-burnout-and-consistent-growth-df1e6195ca4e?source=rss------bug_bounty-5Un1tycyb3rbug-bounty14-Jun-2024
Discovering a Reflected XSS Vulnerability: My Journey into Microsoft’s Xbox.comhttps://ibrahimxss.medium.com/discovering-a-reflected-xss-vulnerability-my-journey-into-microsofts-xbox-com-d607751be100?source=rss------bug_bounty-5#IbrahimXSSbug-bounty, xss-attack, microsoft, xss-vulnerability, xbox14-Jun-2024
Discovering 10 XSS Vulnerabilities: My Journey into Microsoft’s Support Platformshttps://ibrahimxss.medium.com/discovering-10-xss-vulnerabilities-my-journey-into-microsofts-support-platforms-b19c4e520c90?source=rss------bug_bounty-5#IbrahimXSSxss-attack, xss-filter-bypass, microsoft, bug-bounty, xss-vulnerability14-Jun-2024
Discovering Critical Security Vulnerabilities: My Journey into Microsoft’s Tech Community Portalhttps://ibrahimxss.medium.com/discovering-critical-security-vulnerabilities-my-journey-into-microsofts-tech-community-portal-068505cd4316?source=rss------bug_bounty-5#IbrahimXSSxss-attack, microsoft, bug-bounty, xss-bypass, xss-vulnerability14-Jun-2024
Discovering Critical Security Vulnerabilities: My Journey into Microsoft’s Power Apps Portalhttps://ibrahimxss.medium.com/discovering-critical-security-vulnerabilities-my-journey-into-microsofts-power-apps-portal-86e28311448e?source=rss------bug_bounty-5#IbrahimXSSxss-attack, xss-vulnerability, bug-bounty, microsoft, xss-filter-bypass14-Jun-2024
Discovering a Reflected XSS Filter Bypass: My Journey into Microsoft’s Support UAT Subdomainhttps://ibrahimxss.medium.com/discovering-a-reflected-xss-filter-bypass-my-journey-into-microsofts-support-uat-subdomain-f9be22d8d795?source=rss------bug_bounty-5#IbrahimXSSmicrosoft, xss-vulnerability, filter-bypass, xss-bypass, bug-bounty14-Jun-2024
Discovering a CRLF Injection Vulnerability: My Journey into the MSRC Blog Websitehttps://ibrahimxss.medium.com/discovering-a-crlf-injection-vulnerability-my-journey-into-the-msrc-blog-website-5285169adddb?source=rss------bug_bounty-5#IbrahimXSSbug-bounty, microsoft, xss-attack, crlf-injection14-Jun-2024
Discovering a Critical Security Vulnerability: My Journey into Microsoft’s Lists Subdomainhttps://ibrahimxss.medium.com/discovering-a-critical-security-vulnerability-my-journey-into-microsofts-lists-subdomain-f3e95ce68929?source=rss------bug_bounty-5#IbrahimXSSbug-bounty, xss-bypass, microsoft, xss-attack, xss-vulnerability14-Jun-2024
List of Easy P4 $$$$https://medium.com/@anonymoustriager/list-of-easy-p4-85ffb9d493ed?source=rss------bug_bounty-5Anonymous Triagerhacking, bugbounty-tips, easy-money, bugbounty-writeup, bug-bounty13-Jun-2024
ICMTC CTF 2023 — International Competition of the Military Technical Collegehttps://0xm4r5h4l.medium.com/icmtc-ctf-2023-international-competition-of-the-military-technical-college-65788f3c01a0?source=rss------bug_bounty-50xM4r5h4lctf-writeup, bug-bounty, ctf, ctf-walkthrough, cybersecurity13-Jun-2024
The Best Games for Practicing Game Hackinghttps://medium.com/@MrRipperoni/the-best-games-for-practicing-game-hacking-baba13493db8?source=rss------bug_bounty-5Mr.Ripperonibug-bounty, reverse-engineering, hacking, gamehacking, coding13-Jun-2024
Path Traversal and RCE in Online Compilershttps://medium.com/@amal_n47h/path-traversal-and-rce-in-online-compilers-454a446effca?source=rss------bug_bounty-5Amal Nathrce, online-compiler, bug-bounty, path-traversal, vulnerability13-Jun-2024
Hacking Using Shodanhttps://medium.com/@umarhere4u/hacking-using-shodan-3c4d46df81df?source=rss------bug_bounty-5Mohammad Umar Kachishodan, cybersecurity, bug-bounty, tips, search-engine-optimizati13-Jun-2024
Understanding and Mitigating Cross-Site Request Forgery (CSRF)https://medium.com/technology-hits/understanding-and-mitigating-cross-site-request-forgery-csrf-399d26627e60?source=rss------bug_bounty-5Yeu Lind Yeoweb-security, csrf, cybersecurity-awareness, bug-bounty, hacker13-Jun-2024
Stealing credentials using XSS (xss on login page) Your password my password .https://medium.com/@brutal_panda/stealing-credentials-using-xss-xss-on-login-page-your-password-my-password-059354240801?source=rss------bug_bounty-5Eliezer Binyambug-bounty13-Jun-2024
Interview with Georgi Krastenov: Diving Deep into Web3 Securityhttps://web3-bug-bounty-platform.medium.com/interview-with-georgi-krastenov-diving-deep-into-web3-security-f6fae1f290f1?source=rss------bug_bounty-5Bug Bounty Platformsecurity-audit, web3, bug-bounty, cybersecurity13-Jun-2024
Finding the newest and top-rated cybersecurity tools and content.https://medium.com/@turvsec/finding-the-newest-and-top-rated-cybersecurity-tools-and-content-a06c9cb54e41?source=rss------bug_bounty-5TurvSecpentesting, bug-bounty, cybersecurity, infosec13-Jun-2024
Direct SSRF Leads to Exposing GitHub Codespaces Sensitive Metadata Instance on Azure Cloudhttps://ph-hitachi.medium.com/direct-ssrf-leads-to-exposing-github-codespaces-sensitive-metadata-instance-on-azure-cloud-eb8ac4f076b1?source=rss------bug_bounty-5Ph.Hitachissrf, bug-bounty, tips-and-tricks, metadata13-Jun-2024
Hata Ödül Programları: Dış Kaynak Kullanımı Projenize Nasıl Yardımcı Olabilir?https://medium.com/@integriteetr/hata-%C3%B6d%C3%BCl-programlar%C4%B1-d%C4%B1%C5%9F-kaynak-kullan%C4%B1m%C4%B1-projenize-nas%C4%B1l-yard%C4%B1mc%C4%B1-olabilir-9e55995ec74a?source=rss------bug_bounty-5Integriteetrbug-bounty, immunefi, blockchain13-Jun-2024
29.3 Lab: Client-side prototype pollution via flawed sanitizationhttps://cyberw1ng.medium.com/29-3-lab-client-side-prototype-pollution-via-flawed-sanitization-ce78a48758fa?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, careers, bug-bounty, hacking13-Jun-2024
Breaking Business Logic — Part: 42–4= 2https://thehemdeep.medium.com/breaking-business-logic-part-42-4-2-d8509ef70436?source=rss------bug_bounty-5Hemdeep Gamitweb-penetration-testing, web-security-testing, web-security, bug-bounty13-Jun-2024
You Won’t Believe What We Found Using Shodan!https://medium.com/@paritoshblogs/you-wont-believe-what-we-found-using-shodan-e796e13417a3?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, information-security, hacking, shodan12-Jun-2024
Using Shodan to Find and Exploit FTP Servers with Anonymous Access: A Step-by-Step Guidehttps://systemweakness.com/using-shodan-to-find-and-exploit-ftp-servers-with-anonymous-access-a-step-by-step-guide-86a5b6e72f75?source=rss------bug_bounty-5Khaleel Khanethical-hacking, pentesting, hacking, bug-bounty, ctf-writeup12-Jun-2024
Bug Bounty Hunting — Complete Guide (Part-2)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-2-ef65d69de157?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-program, bug-bounty, bug-bounty-writeup, bug-bounty-hunter, bug-bounty-tips12-Jun-2024
Hacking the Imaginary: A Journey to Discovering a Blind SSRFhttps://medium.com/@kandar.souvik6/hacking-the-imaginary-a-journey-to-discovering-a-blind-ssrf-657aac60d8d0?source=rss------bug_bounty-5hacker_mightpenetration-testing, server-side-request, ssrf, bug-bounty, imaginaries12-Jun-2024
Securing 10,000+ Restaurants’ Customer PII Datahttps://infosecwriteups.com/securing-10-000-restaurants-customer-pii-data-60013c9b44dc?source=rss------bug_bounty-5Renganathanit-solutions, information-technology, bug-bounty, cybersecurity, bug-bounty-tips12-Jun-2024
29.2 Lab: DOM XSS via client-side prototype pollutionhttps://cyberw1ng.medium.com/29-2-lab-dom-xss-via-client-side-prototype-pollution-ebee89f58933?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, hacking, bug-bounty, penetration-testing12-Jun-2024
ExtPenPy: Accelerate Your Reconnaissance Phase with Easehttps://medium.com/@maliktawfiq12/extpenpy-accelerate-your-reconnaissance-phase-with-ease-e79a164d4f68?source=rss------bug_bounty-5Maliktawfiqcybersecurity, penetration-testing, bug-bounty-tips, bug-bounty, external-pentest12-Jun-2024
Securing 10,000+ Restaurants’ Customer PII Datahttps://renganathanofficial.medium.com/securing-10-000-restaurants-customer-pii-data-60013c9b44dc?source=rss------bug_bounty-5Renganathanit-solutions, information-technology, bug-bounty, cybersecurity, bug-bounty-tips12-Jun-2024
How I get an easy Blind SSRF by just reading writeupshttps://medium.com/@mohamed0xmuslim/how-i-get-an-easy-blind-ssrf-by-just-reading-writeups-a5459bbdf96d?source=rss------bug_bounty-5Muhammad_Mostafabug-bounty, bugbounty-writeup, bug-bounty-tips12-Jun-2024
HackerOne’s Double Standards: A Security Researcher’s Nightmarehttps://medium.com/@redworld/hackerones-double-standards-a-security-researcher-s-nightmare-642be91ca64b?source=rss------bug_bounty-5Redcybersecurity, bug-bounty, hackerone, scam-alert, scam11-Jun-2024
Account Takeover (ATO) Checklisthttps://medium.com/@anonymoustriager/account-takeover-ato-checklist-f67d2543b01f?source=rss------bug_bounty-5Anonymous Triagerbug-bounty-program, bug-bounty-writeup, bugbounty-tips, bugbounty-poc, bug-bounty11-Jun-2024
BBB #2 — Introducing Daneelhttps://medium.com/@JakobTheDev/bbb-2-introducing-daneel-69a391294654?source=rss------bug_bounty-5Jakob Penningtonsoftware-development, bug-bounty11-Jun-2024
How I found OpenHAB Automation Panels Accessible Without Authenticationhttps://medium.com/@jeetpal2007/how-i-found-openhab-automation-panels-accessible-without-authentication-d9edbb3280fd?source=rss------bug_bounty-5JEETPALbug-bounty-writeup, bug-bounty, authentication-bypass, bugbounty-tips, openhab-panel11-Jun-2024
How to exploit CVE-2024–24919 path traversalhttps://medium.com/@jeetpal2007/how-to-exploit-cve-2024-24919-path-traversal-5493c50d2581?source=rss------bug_bounty-5JEETPALbug-bounty, bug-bounty-writeup, bug-bounty-tips, path-traversal, cve-2024-2491911-Jun-2024
Forensic Investigation Operations — Basic Linux File System Analysishttps://medium.com/@brsdncr/forensic-investigation-operations-basic-linux-file-system-analysis-52025d7b2ec2?source=rss------bug_bounty-5Baris Dincerforensics, penetration-testing, bug-bounty, freedomofinternet, cybersecurity11-Jun-2024
1250 $ For 3 Stored XSS AND PII Disclosure , Let’s See How FIS Scammed Me AND Bugcrowd Covered It…https://medium.com/@0xAwali/1250-for-3-stored-xss-and-pii-disclosure-lets-see-how-fis-scammed-me-and-bugcrowd-covered-it-8561d9ce57b5?source=rss------bug_bounty-5Mahmoud M. Awalibug-bounty11-Jun-2024
Explaining the OWASP ZAP Proxy & Burp Suite tool in one video in just one hourhttps://gentilsecurity.medium.com/explaining-the-owasp-zap-proxy-burp-suite-tool-in-one-video-in-just-one-hour-537bd7801134?source=rss------bug_bounty-5GenTiLowaspzap, automation-testing, burpsuite, penetration-testing, bug-bounty11-Jun-2024
شرح اداة OWASP ZAP Proxy & Burp Suite في فيديو واحد في ساعة واحدة فقطhttps://gentilsecurity.medium.com/%D8%B4%D8%B1%D8%AD-%D8%A7%D8%AF%D8%A7%D8%A9-owasp-zap-proxy-burp-suite-%D9%81%D9%8A-%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%88%D8%A7%D8%AD%D8%AF-%D9%81%D9%8A-%D8%B3%D8%A7%D8%B9%D8%A9-%D9%88%D8%A7%D8%AD%D8%AF%D8%A9-%D9%81%D9%82%D8%B7-4e4c5e1142bf?source=rss------bug_bounty-5GenTiLowaspzap, automation-testing, bug-bounty, penetration-testing, burpsuite11-Jun-2024
29.1 Lab: Client-side prototype pollution via browser APIshttps://cyberw1ng.medium.com/29-1-lab-client-side-prototype-pollution-via-browser-apis-642e91b8159d?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, bug-bounty, penetration-testing, cybersecurity11-Jun-2024
Uncovering Hidden Web Content with ffufhttps://medium.com/@umang.gulati19/uncovering-hidden-web-content-with-ffuf-55d29b21e627?source=rss------bug_bounty-5Math and Codecybersecurity, bug-bounty, webfuzzing, web-security, infosec11-Jun-2024
OWASP Mobile Top 10 for Android Penetration Testing and Checklisthttps://medium.com/@phyowathone/owasp-mobile-top-10-52987725a12c?source=rss------bug_bounty-5Phyo WaThone Winbug-bounty, bug-bounty-tips, androidhacking, android-security, android-pentesting-series11-Jun-2024
Understand the world of Bug Bountyhttps://medium.com/@hydd3n.sec/understand-the-world-of-bug-bounty-595c99b6782d?source=rss------bug_bounty-5Hydd3nmindset, bug-bounty, infosec, goals10-Jun-2024
Automation Tool for Easy P4https://medium.com/@anonymoustriager/automation-tool-for-easy-p4-c159bcae0cf2?source=rss------bug_bounty-5Anonymous Triagerbugbounty-tips, bug-bounty-program, hacking, bug-bounty, bugbounty-writeup10-Jun-2024
28.5 Lab: Server-side template injection with information disclosure via user-supplied objectshttps://cyberw1ng.medium.com/28-5-lab-server-side-template-injection-with-information-disclosure-via-user-supplied-objects-bbb18def43e1?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, hacking, careers, penetration-testing10-Jun-2024
Communication and Network Securityhttps://medium.com/@paritoshblogs/communication-and-network-security-bb6c5558aa51?source=rss------bug_bounty-5Paritoshcybersecurity, communication, bug-bounty, network-security, hacking10-Jun-2024
Top 10 Cybersecurity Vulnerabilities and it’s Mitigation Methodshttps://securrtech.medium.com/top-10-cybersecurity-vulnerabilities-and-its-mitigation-methods-0a5d75aceb34?source=rss------bug_bounty-5Securrbug-bounty, cybersecurity, xss-attack, hacking, vulnerability10-Jun-2024
Become a White Hat: Your Guide to Learning Ethical Hackinghttps://medium.com/@itsamanyadav/become-a-white-hat-your-guide-to-learning-ethical-hacking-022842c49eec?source=rss------bug_bounty-5Its Aman Yadavhacker, cybersecurity, hacking, learn-ethical-hacking, bug-bounty10-Jun-2024
Why Bad Reviews Can Kill Your Softwarehttps://medium.com/@joseph_52850/why-bad-reviews-can-kill-your-software-928f4af30a53?source=rss------bug_bounty-5Joseph Lacsamanasoftware-testing, software-development, bug-bounty, software-company, software-engineering10-Jun-2024
I reported Zero-Day (CVE-2024–24919) … and got informative.https://systemweakness.com/i-reported-zero-day-cve-2024-24919-and-got-informative-25409fac9765?source=rss------bug_bounty-5Sumedh Dawadicve-2024-24919, recon, hacking, zero-day-vulnerability, bug-bounty10-Jun-2024
POC — CVE-2024–4956 -Unauthenticated Path Traversalhttps://medium.com/@verylazytech/poc-cve-2024-4956-unauthenticated-path-traversal-f24b1a595e0e?source=rss------bug_bounty-5Very Lazy Techhacking, bug-bounty, cve-2023-4966, vulnerability, cybersecurity10-Jun-2024
Bug Bounty Programs: How Outsourcing Can Help Your Projecthttps://medium.com/integritee/bug-bounty-programs-how-outsourcing-can-help-your-project-644539de575a?source=rss------bug_bounty-5Integritee Networkblockchain, bug-bounty, immunefi10-Jun-2024
How I Found My First Bug Through Simple Fuzzinghttps://medium.com/@hashimamin/how-i-found-my-first-bug-through-simple-fuzzing-c7d694a59a6b?source=rss------bug_bounty-5Hashim Aminbugbounty-writeup, bug-bounty-tips, bugcrowd, bug-bounty, infosec10-Jun-2024
Bug Bounty Hunting — Complete Guide (Part -1)https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-1-21a87e35fdfa?source=rss------bug_bounty-5Mehedi Hasan Rafidbug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter, bug-bounty, hacking09-Jun-2024
How to Identify Vulnerable Hikvision Devices (IoT) to CVE-2017–7921https://blog.bugzero.io/how-to-identify-vulnerable-hikvision-devices-iot-to-cve-2017-7921-88b294645687?source=rss------bug_bounty-5Kawya De Silvahikvison-cameras, security-alert, cybersecurity, bug-zero, bug-bounty09-Jun-2024
How to Become a Hacker in 2024: A Comprehensive Guidehttps://medium.com/@itsamanyadav/how-to-become-a-hacker-in-2024-a-comprehensive-guide-9bae6cfa6b15?source=rss------bug_bounty-5Its Aman Yadavbug-bounty, become-a-hacker, hacker-in-2024, how-to-be-a-hacker, hacking-courses09-Jun-2024
Discovering a vulnerability in HackerOnehttps://medium.com/@loaymorad11/discovering-a-vulnerability-in-hackerone-00bbfc438d90?source=rss------bug_bounty-5Loaymoradpenetration-testing, hackerone, bug-bounty, cybersecurity09-Jun-2024
Advanced Exploitation Techniques for Bug Bounty: Beyond the Basicshttps://medium.com/@verylazytech/advanced-exploitation-techniques-for-bug-bounty-beyond-the-basics-2ee9cbc12773?source=rss------bug_bounty-5Very Lazy Techcyber, hacking, cybersecurity, bug-bounty, exploit09-Jun-2024
28.4 Lab: Server-side template injection in an unknown language with a documented exploithttps://cyberw1ng.medium.com/28-4-lab-server-side-template-injection-in-an-unknown-language-with-a-documented-exploit-df988ccf6277?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, penetration-testing, cybersecurity, bug-bounty09-Jun-2024
Complex Attack Types: Sample Scenarios 13https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-13-8a5008c396db?source=rss------bug_bounty-5Baris Dincerfreedomofinternet, bug-bounty, cybersecurity, threat-intelligence, penetration-testing09-Jun-2024
STRIPE API-Key Disclosure to Bountyhttps://starlox.medium.com/stripe-api-key-disclosure-to-bounty-239d069f2455?source=rss------bug_bounty-5#$ubh@nk@rbug-bounty, hacking, infosec, bug-hunting, information-disclosure09-Jun-2024
HOW I HACKED NASA?https://infosecwriteups.com/how-i-hacked-nasa-0715b6b5d7b8?source=rss------bug_bounty-5Krishnadev P Melevilabug-bounty, hallof-fame, vdp, cybersecurity, nasa09-Jun-2024
Day 13 of Our #CyberQuest1095 Challenge — Rust, Hack The Box, and Active Directory Adventures!https://d3athcod3.medium.com/day-13-of-our-cyberquest1095-challenge-rust-hack-the-box-and-active-directory-adventures-442cd2c48f41?source=rss------bug_bounty-5D3athCod3bug-bounty, challenge, hacking, cybersecurity, cyberquest109509-Jun-2024
Walk-Through of Bepractical.tech lab #4https://medium.com/@ross.jubert/walk-through-of-bepractical-tech-lab-4-bd4a96dc56bd?source=rss------bug_bounty-5Ross Jubertbug-bounty, red-team, account-takeover, ethical-hacking, account-takeover-attacks09-Jun-2024
The Ultimate Guide to Chaining Bugs: How I Found a Reverse Shell in a Bug Bounty Programhttps://b0mk35h.medium.com/the-ultimate-guide-to-chaining-bugs-how-i-found-a-reverse-shell-in-a-bug-bounty-program-9dca54c20674?source=rss------bug_bounty-5Pronay Biswasethical-hacking, hunting, bug-bounty, cyberse, xss-attack09-Jun-2024
How to preform recon in Bug Bounty?https://systemweakness.com/how-to-preform-recon-in-bug-bounty-8d37a1fd262f?source=rss------bug_bounty-5Imad Husanovicprogramming, cybersecurity, hacking, bug-bounty-tips, bug-bounty09-Jun-2024
ʟᴀɴᴢᴀᴍɪᴇɴᴛᴏ ɪɴᴄᴇɴᴛɪᴠᴀᴅᴏ ᴅᴇ ᴛᴇsᴛɴᴇᴛhttps://medium.com/@Tallomania/%CA%9F%E1%B4%80%C9%B4%E1%B4%A2%E1%B4%80%E1%B4%8D%C9%AA%E1%B4%87%C9%B4%E1%B4%9B%E1%B4%8F-%C9%AA%C9%B4%E1%B4%84%E1%B4%87%C9%B4%E1%B4%9B%C9%AA%E1%B4%A0%E1%B4%80%E1%B4%85%E1%B4%8F-%E1%B4%85%E1%B4%87-%E1%B4%9B%E1%B4%87s%E1%B4%9B%C9%B4%E1%B4%87%E1%B4%9B-df0c7d1e77cd?source=rss------bug_bounty-5Ay Zedrewards, testnet, bug-bounty, ai09-Jun-2024
[Bounty Weekend] Disable Any Customer Ability To Create Service Account With Business Logic…https://medium.com/@rifqihz/bounty-weekend-disable-any-customer-ability-to-create-service-account-with-business-logic-b83baa893b4d?source=rss------bug_bounty-5Rifqi Hilmy Zhafrantbug-bounty-tips, penetration-testing, hackerone, bug-bounty08-Jun-2024
[Bounty Weekend] CTF Level XSS in a Real-World Applicationhttps://medium.com/@rifqihz/bounty-weekend-ctf-level-xss-in-a-real-world-application-7a9278bc7018?source=rss------bug_bounty-5Rifqi Hilmy Zhafranthackerone, penetration-testing, bug-bounty-tips, bug-bounty08-Jun-2024
How to Find Bugs and Get Bucks: 2024 Editionhttps://medium.com/@itsamanyadav/how-to-find-bugs-and-get-bucks-2024-edition-776c5b098b3e?source=rss------bug_bounty-5Its Aman Yadavbug-bounty, how-to-find-bug, 2024, how-to-be-a-hacker, hacking08-Jun-2024
Capturing Android App Traffic via Wireshark - Android Pentestinghttps://medium.com/@phyowathone/capturing-android-app-traffic-via-wireshark-android-pentesting-d0ee1539089f?source=rss------bug_bounty-5Phyo WaThone Wincybersecurity, android-pentesting, bug-bounty-hunting, pentesting, bug-bounty08-Jun-2024
28.3 Lab: Server-side template injection using documentationhttps://cyberw1ng.medium.com/28-3-lab-server-side-template-injection-using-documentation-3e8f761b0ca8?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, cybersecurity, penetration-testing08-Jun-2024
Day 12 of Our #CyberQuest1095 Day Challengehttps://d3athcod3.medium.com/day-12-of-our-cyberquest1095-day-challenge-977225c7ce97?source=rss------bug_bounty-5D3athCod3cyberquest1095, security, cybersecurity, hacking, bug-bounty08-Jun-2024
Abusing auto mail responders to access internal workplaceshttps://rikeshbaniya.medium.com/abusing-auto-mail-responders-to-access-internal-workplaces-04fcc8ba2c99?source=rss------bug_bounty-5Rikesh Baniyabounties, pentest, hackerone, bounty-reward, bug-bounty08-Jun-2024
POV HTB Writeuphttps://medium.com/@damaidec/pov-htb-writeup-becf386c6dc0?source=rss------bug_bounty-5Damaidechacking, ethical-hacking, bug-bounty, hackthebox, ctf-writeup08-Jun-2024
Super Blind SQL Injection- $20000 bounty | Thousands of targets still vulnerablehttps://medium.com/@pranshux0x/super-blind-sql-injection-20000-bounty-thousands-of-targets-still-vulnerable-f9b013765448?source=rss------bug_bounty-5priyanshu shakyabug-bounty08-Jun-2024
Create Your Own Public-Private Key Pair in Just 5 Minutes! (Cybersecurity)https://medium.com/@paritoshblogs/create-your-own-public-private-key-pair-in-just-5-minutes-cybersecurity-535038665ad9?source=rss------bug_bounty-5Paritoshhacking, keys, cryptography, cybersecurity, bug-bounty08-Jun-2024
Vulnerable WordPress May 2024 (Leylan)https://medium.com/@onhexgroup/vulnerable-wordpress-may-2024-leylan-bd429d56d300?source=rss------bug_bounty-5Onhexgroupwordpress-security, infosec, wordpress, bug-bounty, web-security08-Jun-2024
Cracking the Code: How Cryptography Safeguards Your Digital Worldhttps://medium.com/@paritoshblogs/cracking-the-code-how-cryptography-safeguards-your-digital-world-c1c1887c84ae?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, cryptography, hacking, cybersecurity07-Jun-2024
I got my First Bounty $$$ after three years of hard workhttps://medium.com/@mr_ayyan/i-got-my-first-bounty-after-three-years-of-hard-work-856c43bbb6c1?source=rss------bug_bounty-5Mrayyanirfanbounty-program, rewards-programs, vulnerability, bug-bounty, first-bounty07-Jun-2024
JS for Bug Bounties 2.0 Extreme Edition 2024https://kongsec.medium.com/js-for-bug-bounties-2-0-extreme-edition-2024-f167fa48276a?source=rss------bug_bounty-5Kongsecrecon, bugcrowd, hackerone, javascript, bug-bounty07-Jun-2024
28.2 Lab: Basic server-side template injection (code context)https://cyberw1ng.medium.com/28-2-lab-basic-server-side-template-injection-code-context-2a927ed117e6?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, bug-bounty, penetration-testing, hacking07-Jun-2024
Simulating a Ransomware Attack with Caldera.https://medium.com/@josh.beck2006/simulating-a-ransomware-attack-with-caldera-3d77d0cb95d2?source=rss------bug_bounty-5Josh Beckcybersecurity, penetration-testing, ctf, bug-bounty07-Jun-2024
Hacking Porn and Dating sites — a Theme Based Bugbounty Huntinghttps://medium.com/@nithissh/hacking-porn-and-dating-sites-a-theme-based-bugbounty-hunting-d024b8137bc7?source=rss------bug_bounty-5Nithisshbugbounty-writeup, research, bug-bounty07-Jun-2024
Complex Attack Types: Sample Scenarios 12https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-12-0d93a70ee8f4?source=rss------bug_bounty-5Baris Dincercybersecurity, freedomofinternet, bug-bounty, penetration-testing, threat-intelligence07-Jun-2024
Another Easy P4 you miss!!!https://medium.com/@anonymoustriager/another-easy-p4-you-miss-dcadf65adbcb?source=rss------bug_bounty-5Anonymous Triagerbugbounty-poc, bugs, bug-bounty, bug-bounty-tips, bug-bounty-hunter06-Jun-2024
Unlock Any PC Remotely with Just an Image: The Ultimate VNC Hack!https://medium.com/@paritoshblogs/unlock-any-pc-remotely-with-just-an-image-the-ultimate-vnc-hack-a92b22637094?source=rss------bug_bounty-5Paritoshcybersecurity, remote-working, hacking, vnc, bug-bounty06-Jun-2024
The only recon methodology you need.https://an0nbil.medium.com/the-only-recon-methodology-you-need-cf6c3aff1af1?source=rss------bug_bounty-5an0nbilethical-hacking, bug-bounty, bug-bounty-tips, reconnaissance, programming06-Jun-2024
Decimal x Securrhttps://decimalchain.medium.com/decimal-x-securr-96114c277d70?source=rss------bug_bounty-5DecimalChainbug-bounty, decimal, securr06-Jun-2024
Scope Sentry is a tool with functions such as asset mapping…https://medium.com/@Autumn52/scope-sentry-is-a-tool-with-functions-such-as-asset-mapping-fe0af70ace0a?source=rss------bug_bounty-5Autumnhacker, hackathons, bug-bounty, tools, bug-bounty-tips06-Jun-2024
Securing the Future: Understanding Vulnerabilities in Large Language Modelshttps://medium.com/@tusharsaini484/securing-the-future-understanding-vulnerabilities-in-large-language-models-13bbfeac95cf?source=rss------bug_bounty-5Tushar Sainiblog, artificial-intelligence, bug-bounty, large-language-models, cybersecurity06-Jun-2024
Bug bounty — Cybersecurity subcontractor exposes business data to other customershttps://theclemvp.medium.com/bug-bounty-cybersecurity-subcontractor-exposes-business-data-to-other-customers-d8e1a011ff4b?source=rss------bug_bounty-5Clémentcybersecurity, bug-bounty06-Jun-2024
28.1 Lab: Basic Server-side template injectionhttps://cyberw1ng.medium.com/28-1-lab-basic-server-side-template-injection-0744f96c74b8?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, hacking, careers, penetration-testing06-Jun-2024
Understanding Cybersecurity : Keeping Our Digital World Safehttps://adnancodestech.medium.com/understanding-cybersecurity-keeping-our-digital-world-safe-1abdd2876a7c?source=rss------bug_bounty-5Cryptifycybersecurity, penetration-testing, bug-bounty-tips, bug-bounty, pentesting06-Jun-2024
Getting started with Bug Bountyhttps://securrtech.medium.com/getting-started-with-bug-bounty-8fd72650184f?source=rss------bug_bounty-5Securrweb3, cybersecurity, ai, bug-bounty, learn06-Jun-2024
Discovering a Critical Vulnerability in application : The Journey of an Accidental Adminhttps://adarshkrduaby.medium.com/discovering-a-critical-vulnerability-in-application-the-journey-of-an-accidental-admin-1aebe9d31e09?source=rss------bug_bounty-5Adarsh Kumarbug-zero, cyber-security-research, critical-vulnerabilities, securityflaw, bug-bounty06-Jun-2024
Stored XSS to Account Takeover (AWS Cognito)https://medium.com/@majix_de/stored-xss-to-account-takeover-aws-cognito-c5f76f04befe?source=rss------bug_bounty-5Majixcybersecurity, account-takeover, pentest, bug-bounty, cognito06-Jun-2024
Easy Latest Critical Severity?https://medium.com/@anonymoustriager/easy-latest-critical-severity-fc9413d57d80?source=rss------bug_bounty-5Anonymous Triagerhacking, bug-bounty, bug-bounty-tips, bugbounty-writeup, bug-bounty-program05-Jun-2024
Active Directory Red Teaming: A Comprehensive Guidehttps://medium.com/@paritoshblogs/active-directory-red-teaming-a-comprehensive-guide-06b1f008d0d4?source=rss------bug_bounty-5Paritoshbug-bounty, cybersecurity, hacking, information-technology, active-directory05-Jun-2024
EMPIRE CTF: LUPINONE VulnHub Walkthrough | Writeuphttps://shamsulmehmood.medium.com/empire-ctf-lupinone-vulnhub-walkthrough-writeup-bea8558ea03b?source=rss------bug_bounty-5SHAMS UL MEHMOODbug-bounty, pentesting, cybersecurity, machine-learning, hacking05-Jun-2024
Master Bug Bounty Hunting: Your Comprehensive Bug Bounty Course in Hindihttps://medium.com/@marketing_94387/master-bug-bounty-hunting-your-comprehensive-bug-bounty-course-in-hindi-ab990527f9b0?source=rss------bug_bounty-5Skilcamponline-learning-platform, bug-bounty-tips, skilcamp, bug-bounty05-Jun-2024
27.5 Lab: DOM-based cookie manipulationhttps://cyberw1ng.medium.com/27-5-lab-dom-based-cookie-manipulation-b939af57ef06?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, careers, hacking05-Jun-2024
SmartAuditor.AI and new ChatGPT bot for auditshttps://medium.com/@bugbountydegen/smartauditor-ai-and-new-chatgpt-bot-for-audits-a8361ec7f52d?source=rss------bug_bounty-5Bug Bounty Degenopenai, smart-contracts, bug-bounty, cybersecurity, chatgpt05-Jun-2024
CVE-2024–4358 Critical Flaw Found in Progress Telerik Report Serverhttps://medium.com/@arafatx90n/cve-2024-4358-critical-flaw-found-in-progress-telerik-report-server-0f379f844819?source=rss------bug_bounty-5ARAFATethical-hacking, bug-bounty, cybersecurity05-Jun-2024
Insecure Firebase Unauthorized Write Access on Crypto Exchange Bug Bountyhttps://scr1pty.medium.com/insecure-firebase-unauthorized-write-access-on-crypto-exchange-bug-bounty-9e9187b627b1?source=rss------bug_bounty-5Scr1ptypenetration-testing, bug-bounty-tips, crypto, bug-bounty, security05-Jun-2024
Another Easy P4?https://medium.com/@anonymoustriager/another-easy-p4-ceaa67ef7e52?source=rss------bug_bounty-5Anonymous Triagerbugbounty-writeup, bug-bounty-tips, bug-bounty-program, cybersecurity, bug-bounty05-Jun-2024
CVE-2024–4956: UNAUTHENTICATED PATH TRAVERSAL IN NEXUS REPOSITORY MANAGER 3https://codewithvamp.medium.com/cve-2024-4956-unauthenticated-path-traversal-in-nexus-repository-manager-3-b4e811ad7e37?source=rss------bug_bounty-5Vaibhav Kumar Srivastavabug-bounty, cve, coding, hacking, cybersecurity05-Jun-2024
Easiest P4?https://medium.com/@anonymoustriager/easiest-p4-feb9e9302562?source=rss------bug_bounty-5Anonymous Triagerbug-bounty-tips, hacking, swag, bounty-program, bug-bounty04-Jun-2024
My report on using lubuntu 24.04https://ariedwikusuma9.medium.com/my-report-on-using-lubuntu-24-04-3040bbdb9bab?source=rss------bug_bounty-5Ariekusumabug-bounty, ubuntu, wireguard, lubuntu, linux04-Jun-2024
The Chronicle Protocol Bug Bounty is Livehttps://medium.com/@ChronicleProtocol/the-chronicle-protocol-bug-bounty-is-live-05b5332e6c76?source=rss------bug_bounty-5Chronicle Protocoloracle, bug-bounty, blockchain, cantina, chronicle-protocol04-Jun-2024
Hacking Android Apps: A Comprehensive Guidehttps://medium.com/@roguepayload/hacking-android-apps-a-comprehensive-guide-9905c075021f?source=rss------bug_bounty-5Rogue Payloadhacking, bug-bounty-tips, pentesting, android, bug-bounty04-Jun-2024
27.4 Lab: DOM-based open redirectionhttps://cyberw1ng.medium.com/27-4-lab-dom-based-open-redirection-e00e760c9046?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, hacking, penetration-testing, bug-bounty04-Jun-2024
How We Got $$$$$ For a Blind Stored XSS To ATOhttps://medium.com/@shari7a0x/how-we-got-for-a-blind-stored-xss-to-ato-2e9b939055ec?source=rss------bug_bounty-5Shari7a0xbugs, hackerone, bug-bounty-tips, bug-bounty, xss-attack04-Jun-2024
Exposing Login Page Vulnerabilities with Time-Based SQL Injectionhttps://medium.com/@sachinkewat809/exposing-login-page-vulnerabilities-with-time-based-sql-injection-694a04911e93?source=rss------bug_bounty-5Sachin kewatbug-bounty-tips, cybersecurity, penetration-testing, bug-bounty, security03-Jun-2024
How I Got My First €€€€ Bountyhttps://machiavellli.medium.com/how-i-got-my-first-bounty-65ad8a1763de?source=rss------bug_bounty-5Machiavellicybersecurity, bug-bounty, information-security03-Jun-2024
Earning Your First $1000 as a Cybersecurity Researcher, Hacker, or Hunterhttps://securrtech.medium.com/earning-your-first-1000-as-a-cybersecurity-researcher-hacker-or-hunter-8532bcaa48b6?source=rss------bug_bounty-5Securrdollar, cyber-security-awareness, earn, bug-bounty, web-development03-Jun-2024
My First Finding Bug on a Bugcrowd BBPhttps://medium.com/@bhuiyanaman71/my-first-bug-on-a-bbp-fdd512307284?source=rss------bug_bounty-5Aman Bhuiyanxss-vulnerability, bug-bounty, hacking, injection03-Jun-2024
27.2 Lab: DOM XSS using web messages and JSON.parsehttps://cyberw1ng.medium.com/27-2-lab-dom-xss-using-web-messages-and-json-parse-79dbe4290efb?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, hacking, bug-bounty, careers03-Jun-2024
Hack and Pay Later: Bypassing Online Payment Methodhttps://medium.com/@tirqwork1/hack-and-pay-later-bypassing-online-payment-method-8b366e0dc7ee?source=rss------bug_bounty-5ARoybug-bounty, cybersecurity, bugbounty-writeup, payment-gateway, infosec03-Jun-2024
27.3 Lab: DOM XSS using web messages and JSON.parsehttps://cyberw1ng.medium.com/27-2-lab-dom-xss-using-web-messages-and-json-parse-79dbe4290efb?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, hacking, bug-bounty, careers03-Jun-2024
UPI Recon | Scammed on Instagram /Telegram?https://medium.com/@anonymoustriager/upi-recon-scammed-on-instagram-telegram-3713f9dd77cd?source=rss------bug_bounty-5Anonymous Triagerhacker, telegram, recon, cybersecurity, bug-bounty02-Jun-2024
Bug Zero — 2 Weeks in Cybersecurity (May 15–31)https://blog.bugzero.io/bug-zero-2-weeks-in-cybersecurity-may-15-31-dbc07d60dfe5?source=rss------bug_bounty-5Akila Maithripalabug-zero, sri-lanka, cybersecurity, bug-bounty02-Jun-2024
BBB #1 — Back Hackinghttps://medium.com/@JakobTheDev/bbb-1-back-hacking-acafd03d7d4e?source=rss------bug_bounty-5Jakob Penningtonbug-bounty, application-security, hacking02-Jun-2024
27.2 Lab: DOM XSS using web messages and a JavaScript URLhttps://cyberw1ng.medium.com/27-2-lab-dom-xss-using-web-messages-and-a-javascript-url-3d29822c295d?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing02-Jun-2024
A simple IDOR worth $400.https://el-cezeri.medium.com/a-simple-idor-worth-400-65663937a5f4?source=rss------bug_bounty-5Samet Yiğitbugbounty-tips, bug-bounty, ödülavcılığı02-Jun-2024
Mastering Sway-Analyzerhttps://medium.com/@angelos404/mastering-sway-analyzer-27379d7903db?source=rss------bug_bounty-5angelos404smart-contracts, web3, blockchain, bug-bounty, sway02-Jun-2024
Easy $$$$ Bounty for leaked token in java script urlhttps://medium.com/@eslammonex/easy-bounty-for-leaked-token-in-java-script-url-5491cf567328?source=rss------bug_bounty-5EslamMonexbug-bounty02-Jun-2024
How To Escalate P5 Email HTML Injection to P4.https://medium.com/@Ajakcybersecurity/how-to-escalate-p5-email-html-injection-to-p4-19a61a85a76b?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, hacking, penetration-testing, cybersecurity, technology02-Jun-2024
شرح اللاب بطريقة سهلة ومبسطة لفهم نوع ال Reflected XSS into HTML context with nothing encodedhttps://gentilsecurity.medium.com/%D8%B4%D8%B1%D8%AD-%D8%A7%D9%84%D9%84%D8%A7%D8%A8-%D8%A8%D8%B7%D8%B1%D9%8A%D9%82%D8%A9-%D8%B3%D9%87%D9%84%D8%A9-%D9%88%D9%85%D8%A8%D8%B3%D8%B7%D8%A9-%D9%84%D9%81%D9%87%D9%85-%D9%86%D9%88%D8%B9-%D8%A7%D9%84-reflected-xss-into-html-context-with-nothing-encoded-9dde8cf2baa3?source=rss------bug_bounty-5GenTiLowasp, web-development, penetration-testing, cybersecurity, bug-bounty01-Jun-2024
ماذا تعرف عن ثغرة XSS? (Cross-Site Script)https://gentilsecurity.medium.com/%D9%85%D8%A7%D8%B0%D8%A7-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%86-%D8%AB%D8%BA%D8%B1%D8%A9-xss-cross-site-script-d45ecf75b0a6?source=rss------bug_bounty-5GenTiLxss-attack, bug-bounty, vulnerability, technology, hacking01-Jun-2024
كيفية استخدام أداة ParamSpider — لبرنامج الجوائز الأمنية (Bug Bounty)https://gentilsecurity.medium.com/%D9%83%D9%8A%D9%81%D9%8A%D8%A9-%D8%A7%D8%B3%D8%AA%D8%AE%D8%AF%D8%A7%D9%85-%D8%A3%D8%AF%D8%A7%D8%A9-paramspider-%D9%84%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC-%D8%A7%D9%84%D8%AC%D9%88%D8%A7%D8%A6%D8%B2-%D8%A7%D9%84%D8%A3%D9%85%D9%86%D9%8A%D8%A9-bug-bounty-c1361d476c4a?source=rss------bug_bounty-5GenTiLparamspider, penetration-testing, bug-bounty, web-development, penetration-testing-tools01-Jun-2024
هل مازلت محتار في الاختلاف بين Reflected XSS و DOM XSS؟ اليوم ستحسم المسألة بكل ثقةhttps://gentilsecurity.medium.com/%D9%87%D9%84-%D9%85%D8%A7%D8%B2%D9%84%D8%AA-%D9%85%D8%AD%D8%AA%D8%A7%D8%B1-%D9%81%D9%8A-%D8%A7%D9%84%D8%A7%D8%AE%D8%AA%D9%84%D8%A7%D9%81-%D8%A8%D9%8A%D9%86-reflected-xss-%D9%88-dom-xss-%D8%A7%D9%84%D9%8A%D9%88%D9%85-%D8%B3%D8%AA%D8%AD%D8%B3%D9%85-%D8%A7%D9%84%D9%85%D8%B3%D8%A3%D9%84%D8%A9-%D8%A8%D9%83%D9%84-%D8%AB%D9%82%D8%A9-c4224d126056?source=rss------bug_bounty-5GenTiLreflected-xss, hacking, dom-xss, web-penetration-testing, bug-bounty01-Jun-2024
MY FIRST BUG !https://medium.com/@amjadkhan_72632/my-first-bug-8d52edf256c7?source=rss------bug_bounty-5Amjad Khancybersecurity, bug-bounty01-Jun-2024
SQLi, SSRF And Code Secrets — All In Onehttps://medium.com/@red.whisperer/sqli-ssrf-and-code-secrets-all-in-one-a387c734c84f?source=rss------bug_bounty-5Chuxsecurity, hacking, cybersecurity, infosec, bug-bounty01-Jun-2024
Are you still confused about the difference between Reflected XSS and DOM XSS?https://gentilsecurity.medium.com/are-you-still-confused-about-the-difference-between-reflected-xss-and-dom-xss-45715d0fe37b?source=rss------bug_bounty-5GenTiLdom-xss, hacking, bug-bounty, web-penetration-testing, reflected-xss01-Jun-2024
Chaining NOSQLi and XSS to Take Over a Server — HackTheBox Stocker Walkthroughhttps://medium.com/@The_Hiker/chaining-nosqli-and-xss-to-take-over-a-server-hackthebox-stocker-walkthrough-e549bf3f8bbf?source=rss------bug_bounty-5TheHikerhackthebox, hackthebox-writeup, web-exploitation, hacking, bug-bounty01-Jun-2024
Unveiling the Sneaky CSV Injection: VDP vs. Objective-Based Offensive Tacticshttps://abawazeeer.medium.com/unveiling-the-sneaky-csv-injection-vdp-vs-objective-based-offensive-tactics-208b22b8bba1?source=rss------bug_bounty-5AliBawazeEervulnerability-disclosure, bug-bounty, vulnerability-assessment, owasp-top-10, application-security01-Jun-2024
cy27.1 Lab: DOM XSS using web messageshttps://cyberw1ng.medium.com/cy27-1-lab-dom-xss-using-web-messages-5c2346edc08b?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, hacking, careers, cybersecurity01-Jun-2024
Use FFUF to bypass Burp Suite’s Intruder attacks delay!!!https://hackermater.medium.com/use-ffuf-to-bypass-burp-suite-intruder-attacks-delay-c5087c912741?source=rss------bug_bounty-5hackermaterbug-bounty-writeup, burpsuite, hacking, bug-bounty-tips, bug-bounty01-Jun-2024
90 Days Cybersecurity Learning Challengehttps://medium.com/@unknow.com/90-days-cybersecurity-learning-challenge-81e1777b31f5?source=rss------bug_bounty-5Cyber_hunterbug-bounty, careers, cybersecurity01-Jun-2024
Attacking Web Applications with Ffuf | Skills Assessment — Walkthroughhttps://medium.com/@Mx0o14/attacking-web-applications-with-ffuf-skills-assessment-walkthrough-5af4160fe75b?source=rss------bug_bounty-5Mohamed Ashrafhackthebox, bug-bounty, cybersecurity, hacking31-May-2024
The Planets CTF | Earth CTF | Vulnhub | WriteUp | Walkthroughhttps://shamsulmehmood.medium.com/the-planets-ctf-earth-ctf-vulnhub-writeup-walkthrough-38d13c16643c?source=rss------bug_bounty-5SHAMS UL MEHMOODhacking, cybersecurity, bug-bounty, bugs, cybercrime31-May-2024
Pattern Scanning Intro (For Game Hacking)https://medium.com/@MrRipperoni/pattern-scanning-intro-for-game-hacking-b13401b562fb?source=rss------bug_bounty-5Mr.Ripperonicoding, reverse-engineering, games, bug-bounty, hacking31-May-2024
How i get XSS & HTMLi with FUFFhttps://kiraadx.medium.com/how-i-get-xss-htmli-with-fuff-0c8a4b094636?source=rss------bug_bounty-5KiRaaDxbug-bounty, cybersecurity, bug-bounty-tips31-May-2024
OSCP Reviewhttps://medium.com/@nosignalrightnow/oscp-review-3a9568bf9c5d?source=rss------bug_bounty-5cowabungabug-bounty, offensive-security, penetration-testing, oscp, cybersecurity31-May-2024
26.3 Lab: Indirect prompt injectionhttps://cyberw1ng.medium.com/26-3-lab-indirect-prompt-injection-27d35f2e0e90?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, careers, cybersecurity, bug-bounty31-May-2024
CVE-2024–24919: Zero-Day Vulnerability leads to unauthorized Information Disclosure in Checkpointhttps://codewithvamp.medium.com/cve-2024-24919-zero-day-vulnerability-leads-to-unauthorized-information-disclosure-in-checkpoint-97873b47d160?source=rss------bug_bounty-5Vaibhav Kumar Srivastavacomputer-science, hacking, bug-bounty, cybersecurity, cve31-May-2024
How I Found a Vulnerability in Apple: A Journey of Discovery and Impacthttps://medium.com/@husnainsuleman/how-i-found-a-vulnerability-in-apple-a-journey-of-discovery-and-impact-0e55f14eef75?source=rss------bug_bounty-5Husnain Sulemanbug-bounty, storytelling, security, cybersecurity, apple31-May-2024
IDOR Exploit: A Tale of Account Takeoverhttps://danial1337.medium.com/idor-exploit-a-tale-of-account-takeover-51ab2c47c246?source=rss------bug_bounty-5Muhammad Danialpenetration-testing, hacking, cybersecurity, web-security, bug-bounty31-May-2024
Advanced Web Cache Poisoninghttps://medium.com/@majix_de/advanced-web-cache-poisoning-e6e17d5290ce?source=rss------bug_bounty-5Majixweb-cache-poisoning, penetration-testing, hacking, bug-bounty, pentesting31-May-2024
Creative Steps | Reflected XSS into HTML context with nothing encodedhttps://gentilsecurity.medium.com/creative-steps-reflected-xss-into-html-context-with-nothing-encoded-0a30d4f2dc24?source=rss------bug_bounty-5GenTiLcybersecurity, bug-bounty, owasp, penetration-testing, web-development30-May-2024
Exported Activity In Android Application Allowing Access to Payments Informationhttps://medium.com/@mohanad.hussam23/exported-activity-in-android-application-allowing-access-to-payments-information-166dfee5008e?source=rss------bug_bounty-5Muhanad Israiwihacking, bugs, penetration-testing, bug-bounty, androidhacking30-May-2024
Static Testing of iOS Applicationshttps://sandeepvi.medium.com/static-testing-of-ios-applications-cb09bd8f2927?source=rss------bug_bounty-5Sandeep Vishwakarmahacking, bug-bounty, ios, static-code-analysis30-May-2024
Secrets of Data Security : Trendy Tools and Tips You Can’t Ignore!https://medium.com/@paritoshblogs/secrets-of-data-security-trendy-tools-and-tips-you-cant-ignore-a5d72eb7eedf?source=rss------bug_bounty-5Paritoshdata-security, hacking, cybersecurity, bug-bounty, security30-May-2024
Exciting Announcement: We’re Collaborating with Aptron to Boost Web3 Security!https://securrtech.medium.com/exciting-announcement-were-collaborating-with-aptron-to-boost-web3-security-4f58726c3ae0?source=rss------bug_bounty-5Securrweb3, ai, web3-security, bug-bounty, blockchain30-May-2024
Enhancing Cybersecurity: Lessons from a Critical XSS Vulnerability in DMRC’s Websitehttps://hackerhalt.medium.com/enhancing-cybersecurity-lessons-from-a-critical-xss-vulnerability-in-dmrcs-website-a0e39aeb0318?source=rss------bug_bounty-5Hacker Halt Livehacker, hacking, bug-bounty, security, cybersecurity30-May-2024
Application Level DoS - The Lagging Nightmarehttps://shahjerry33.medium.com/application-level-dos-the-lagging-nightmare-d3332f2ade86?source=rss------bug_bounty-5Jerry Shah (Jerry)pentesting, cybersecurity, bug-bounty, infosec, vulnerability30-May-2024
26.2 Lab: Exploiting vulnerabilities in LLM APIshttps://cyberw1ng.medium.com/26-2-lab-exploiting-vulnerabilities-in-llm-apis-83150b4cdf98?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, careers, hacking, bug-bounty30-May-2024
WAF as a weapon and DOS as a bullethttps://medium.com/@zhero_/waf-as-a-weapon-and-dos-as-a-bullet-46acad12a9b6?source=rss------bug_bounty-5Rachid.Ainfosec, bug-bounty, firewall, hacking, cybersecurity30-May-2024
Low hanging fruit in real website: Cookie invalidation.https://medium.com/@siyamhassan.main/low-hanging-fruit-in-real-website-cookie-invalidation-bd24556dc673?source=rss------bug_bounty-52004siyam_hassanauthentication, session-invalidation, bug-bounty30-May-2024
Buy Multiple Translink Travel Ticket for the Price of One.https://medium.com/@aswinmanikandan/buy-multiple-translink-travel-ticket-for-the-price-of-one-82014216c510?source=rss------bug_bounty-5Aswin Manikandanbug-bounty, bug-bounty-tips30-May-2024
(1)بالمصري Bug Bounty Bootcamp ملخصhttps://medium.com/@am3002297/1-%D8%A8%D8%A7%D9%84%D9%85%D8%B5%D8%B1%D9%8A-bug-bounty-bootcamp-%D9%85%D9%84%D8%AE%D8%B5-8cdf2bf4e108?source=rss------bug_bounty-530obdbug-bounty-hunter, tech-bootcamp, bug-bounty, infosec, information-security30-May-2024
Microsoft IIS Server Shortnames & Tilde Magichttps://retkoussa.medium.com/microsoft-iis-server-shortnames-tilde-magic-64df65d26450?source=rss------bug_bounty-5Firas Al-Koussahacking, bug-bounty, penetration-testing, cybersecurity, penetration-testing-tools30-May-2024
How I Found My First Bug in My Bug Bounty Journeyhttps://medium.com/@HuseyinAdgzl/how-i-found-my-first-bug-in-bug-bounty-journey-49a318874ed8?source=rss------bug_bounty-5Hüseyin Adiguzelbug-bounty-tips, bug-bounty, api, security, bugs30-May-2024
A Beautiful Bug: Interesting URL scheme bypass + Race Condition.https://medium.com/@Nightbloodz/a-beautiful-bug-interesting-url-scheme-bypass-race-condition-61109771a250?source=rss------bug_bounty-5Alvaro Baladacybersecurity, xss-attack, bug-bounty-tips, bug-bounty-writeup, bug-bounty30-May-2024
Understanding Fileless Malware: How It Works and Real-World Exampleshttps://medium.com/@paritoshblogs/understanding-fileless-malware-how-it-works-and-real-world-examples-76085c99543d?source=rss------bug_bounty-5Paritoshhacking, bug-bounty, fileless-malware, malware, cybersecurity29-May-2024
An interesting Bug that I found in Android Mobile Applicationhttps://medium.com/@jooelsaka/an-interesting-bug-that-i-found-in-android-mobile-application-becf25c8c4d8?source=rss------bug_bounty-5dnelsakasecurity, pentesting, mobile-security, android, bug-bounty29-May-2024
Subdomain takeover via AWS s3 buckethttps://infosecwriteups.com/subdomain-takeover-via-aws-s3-bucket-9c54b1b71c46?source=rss------bug_bounty-5Bikram kharalvulnerability, subdomain-takeover, bug-bounty, penetration-testing, hacking29-May-2024
Unauthenticated Cache Purge, Really a Bug?https://medium.com/@anonymoustriager/unauthenticated-cache-purge-really-a-bug-1da44d6fbfd9?source=rss------bug_bounty-5Anonymous Triagerhacker, bug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup29-May-2024
Bypassing Discord marked links filterhttps://nickguitar.medium.com/bypassing-discord-marked-links-filter-88bcd7946f2a?source=rss------bug_bounty-5Nickguitarhacking, bug-bounty, bypass, discord, pentest29-May-2024
Bug Bounty Automationshttps://medium.com/@michellepantelouris/bug-bounty-automations-65f4a4dd6121?source=rss------bug_bounty-5Michelle Pantelourisbug-bounty, cybersecurity, penetration-testing29-May-2024
Building tech profile of a companyhttps://netlas.medium.com/building-tech-profile-of-a-company-f2145dedad31?source=rss------bug_bounty-5Netlas.ioreconnaissance, cybersecurity, osint, penetration-testing, bug-bounty29-May-2024
Content Discovery: Directories, Files And Links Enumeration:https://hacktivistattacker.medium.com/content-discovery-directories-files-and-links-enumeration-38e407b8ff0a?source=rss------bug_bounty-5Hacktivist-Attackercontent-discovery, bug-bounty, web-penetration-testing, reconnaissance-bug-bounty, educação29-May-2024
Bug Bounty Tips and Tricks: Improve Your Success Ratehttps://medium.com/@verylazytech/bug-bounty-tips-and-tricks-improve-your-success-rate-37fa7941d05f?source=rss------bug_bounty-5Very Lazy Techbug-bounty, hacking, bug-bounty-program, cyber, cybersecurity29-May-2024
S3 bucket enumeration simplified.https://secureitmania.medium.com/s3-bucket-enumeration-simplified-80bdcdf581d7?source=rss------bug_bounty-5secureITmaniahacking, cloud-services, devops, bug-bounty, it-security29-May-2024
Agent Sudo Walkthroughhttps://medium.com/@anubhavbali2004/agent-sudo-walkthrough-0a2954d2bb7e?source=rss------bug_bounty-5Anubhav Balictf-walkthrough, ctf-writeup, bug-bounty, ctf, cybersecurity29-May-2024
Mastering Burp Suite for Web Application Security Testinghttps://medium.com/@zerodayfreak/mastering-burp-suite-for-web-application-security-testing-9ac8919f89a8?source=rss------bug_bounty-5ZeroDay Freakbug-bounty, infosec, burpsuite, web-hacking, penetration-testing29-May-2024
The Easiest Vulnerability to Find and How to bypass the WAFhttps://medium.com/@probza261/the-easiest-vulnerability-to-find-and-how-to-bypass-the-waf-3dbcc422aa7e?source=rss------bug_bounty-5OctaYusbug-bounty, infosec, web-security29-May-2024
[Low]Unintended Feature: Exploiting an “Invisible” Delete Function for Temporary Premium Accesshttps://r4v3n0r.medium.com/low-unintended-feature-exploiting-an-invisible-delete-function-for-temporary-premium-access-909812add8eb?source=rss------bug_bounty-5Fabian Cruzweb-application-security, cybersecurity, idor, bug-bounty, information-security29-May-2024
What do you know about XSS? (Cross-Site Script)https://gentilsecurity.medium.com/what-do-you-know-about-xss-cross-site-script-fa050d37be1c?source=rss------bug_bounty-5GenTiLbug-bounty, vulnerability, hacking, technology, xss-attack28-May-2024
Hacking NASA: Critical SSRF + Subdomain Takeover + XSShttps://nickguitar.medium.com/hacking-nasa-critical-ssrf-subdomain-takeover-xss-699be0ce3c06?source=rss------bug_bounty-5Nickguitarpentesting, bug-bounty, hacking, web-application-security, writeup28-May-2024
Bug Bounty In 2024https://medium.com/@Code_With_Ssn/bug-bounty-in-2024-54b1f0c3fe75?source=rss------bug_bounty-5Salik Seraj Naikcybersecurity, bug-bounty, software-development, blockchain, data-science28-May-2024
8 Different Ways to Bypass SSL Pinning in iOS Applicationshttps://medium.com/@vaishalinagori112/8-different-ways-to-bypass-ssl-pinning-in-ios-applications-427dfcbe8bf7?source=rss------bug_bounty-5Vaishali Nagoribug-bounty, vapt-services, hacking, ciso, ssl-pinning-bypass28-May-2024
Talkpal — vulnerability disclosurehttps://karol-mazurek.medium.com/talkpal-vulnerability-disclosure-70b18d14772f?source=rss------bug_bounty-5Karol Mazurekcybersecurity, bug-bounty, information-technology, penetration-testing, information-security28-May-2024
Cross-Site Script _XSS_ Extract Herehttps://gentilsecurity.medium.com/cross-site-script-xss-extract-here-d76053546fe3?source=rss------bug_bounty-5GenTiLtechnology, bug-bounty, ethical-hacking, cybersecurity, web-development28-May-2024
RCE Exploitation via Report Upload + Leveraging MachineKeys to Forge ASPXAUTH Cookies to privesc…https://medium.com/@ph4nt0mbyt3/rce-exploitation-via-report-upload-leveraging-machinekeys-to-forge-aspxauth-cookies-to-privesc-50d38991da2e?source=rss------bug_bounty-5ph4nt0mbyt3pentesting, hacking, bug-bounty, cookies, aspnetcore28-May-2024
PENTESTING DAY — 01https://medium.com/@workwithsane/pentesting-day-01-7eba23231870?source=rss------bug_bounty-5Saneoffensive-security, pentesting, bug-bounty, defensive-security, ethical-hacking28-May-2024
A Whistledown Exclusive: Netflix’s Journey to One Million in Bug Bounty and Beyondhttps://netflixtechblog.medium.com/a-whistledown-exclusive-netflixs-journey-to-one-million-in-bug-bounty-and-beyond-9087ffebc3e1?source=rss------bug_bounty-5Netflix Technology Blogvulnerability-management, application-security, cybersecurity, bug-bounty28-May-2024
25.8 Lab: Web cache poisoning via a fat GET requesthttps://cyberw1ng.medium.com/25-8-lab-web-cache-poisoning-via-a-fat-get-request-ee8a42d01868?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, penetration-testing, cybersecurity28-May-2024
Self-XSS via filename + CSRF on contact us ‘multipart/data’ formhttps://mchklt.medium.com/self-xss-via-filename-csrf-on-contact-us-multipart-data-form-f852dd539547?source=rss------bug_bounty-5ABDELKARIM MOUCHQUELITAcyberattack, tips, bug-bounty, cybersecurity, hacking28-May-2024
PENTESTING INTRODUCTIONhttps://medium.com/@workwithsane/pentesting-day-01-7eba23231870?source=rss------bug_bounty-5Saneoffensive-security, pentesting, bug-bounty, defensive-security, ethical-hacking28-May-2024
Best Packet Sniffers For Reverse Engineering Game Servershttps://medium.com/@MrRipperoni/best-packet-sniffers-for-reverse-engineering-game-servers-c09987c46b33?source=rss------bug_bounty-5Mr.Ripperonigames, bug-bounty, hacking, penetration-testing, reverse-engineering28-May-2024
25.9 Lab: URL normalization in Web Cache Poisioninghttps://cyberw1ng.medium.com/25-9-lab-url-normalization-in-web-cache-poisioning-9a4b72e10a5e?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, hacking, bug-bounty28-May-2024
شمارع خاله اردبیل شماره خاله رامسرشماره خاله یزدشماره خاله نورآباد09333709804https://medium.com/@xgxtccbj/%D8%B4%D9%85%D8%A7%D8%B1%D8%B9-%D8%AE%D8%A7%D9%84%D9%87-%D8%A7%D8%B1%D8%AF%D8%A8%DB%8C%D9%84-%D8%B4%D9%85%D8%A7%D8%B1%D9%87-%D8%AE%D8%A7%D9%84%D9%87-%D8%B1%D8%A7%D9%85%D8%B3%D8%B1%D8%B4%D9%85%D8%A7%D8%B1%D9%87-%D8%AE%D8%A7%D9%84%D9%87-%DB%8C%D8%B2%D8%AF%D8%B4%D9%85%D8%A7%D8%B1%D9%87-%D8%AE%D8%A7%D9%84%D9%87-%D9%86%D9%88%D8%B1%D8%A2%D8%A8%D8%A7%D8%AF09333709804-045d16786c2a?source=rss------bug_bounty-5فاطمهbug-bounty, vjosa, cj, cjng, bybit-event28-May-2024
25.7 Lab: Parameter cloaking in Web Cache Poisoninghttps://cyberw1ng.medium.com/25-7-lab-parameter-cloaking-in-web-cache-poisoning-ee64feeb01c1?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, bug-bounty, careers, penetration-testing27-May-2024
Earning with Exploits: The Bug Bounty Journeyhttps://deepseng.medium.com/earning-with-exploits-the-bug-bounty-journey-9d864743c011?source=rss------bug_bounty-5Deep SenGuptacybersecurity, appsec, information-security, careers, bug-bounty27-May-2024
How To Stay Ahead of 99% Of Bug Bounty Huntershttps://infosecwriteups.com/how-to-stay-ahead-of-99-of-bug-bounty-hunters-a51fb3fc2ecb?source=rss------bug_bounty-5Om Aroramethodology, infosec, hacking, bug-bounty-tips, bug-bounty27-May-2024
The bugs: List of weird vulnerabilitieshttps://noobsixt9.medium.com/the-bugs-list-of-weird-vulnerabilities-6bc98fc5c1cc?source=rss------bug_bounty-5Rajan Kshedalwriteup, bug-bounty, bug-bounty-writeup, bug-bounty-tips, information-security27-May-2024
How I got my first US Dollar bountyhttps://medium.com/@deepk007/how-i-got-my-first-us-dollar-bounty-4df50ee82fc6?source=rss------bug_bounty-5DEepcybersecurity, bug-bounty, red-team, ethical-hacking, vulnerability27-May-2024
25.6 Lab: Web cache poisoning via an unkeyed query parameterhttps://cyberw1ng.medium.com/25-6-lab-web-cache-poisoning-via-an-unkeyed-query-parameter-ca2544560b5e?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, cybersecurity, careers, bug-bounty, hacking26-May-2024
Embarking on the Bug Bounty Journeyhttps://medium.com/@verylazytech/embarking-on-the-bug-bounty-journey-e199897617a5?source=rss------bug_bounty-5Very Lazy Techbug-bounty, technology, programming, cybersecurity, cyber26-May-2024
Kokurate journey in Cyber Securityhttps://kokurate.medium.com/kokurate-journey-in-cyber-security-633e546eb175?source=rss------bug_bounty-5Kokuratebug-bounty, blue-team, journey, cybersecurity, red-team26-May-2024
Network Penetration Testing: A Comprehensive Guidehttps://medium.com/@paritoshblogs/network-penetration-testing-a-comprehensive-guide-1ba8fcb7c570?source=rss------bug_bounty-5Paritoshpentesting, networking, ai, cybersecurity, bug-bounty26-May-2024
Open Redirect via login pagehttps://medium.com/@saeidmicro/open-redirect-via-login-page-fe144f279da8?source=rss------bug_bounty-5Saeid Khaterbug-bounty, open-redirect, cybersecurity26-May-2024
My Journey in Cyber Securityhttps://kokurate.medium.com/kokurate-journey-in-cyber-security-633e546eb175?source=rss------bug_bounty-5Kokuratebug-bounty, blue-team, journey, cybersecurity, red-team26-May-2024
### Uncovering a Critical Security Bug: Email Duplication in Password Reset Mechanismhttps://medium.com/@siyamhassan.main/uncovering-a-critical-security-bug-email-duplication-in-password-reset-mechanism-44eed804203f?source=rss------bug_bounty-52004siyam_hassanbug-bounty, password-reset, authentication26-May-2024
### Discovering an OTP Reuse Vulnerability: My First Bug Reporthttps://medium.com/@siyamhassan.main/discovering-an-otp-reuse-vulnerability-my-first-bug-report-1a4c555113ab?source=rss------bug_bounty-52004siyam_hassanauthentication, otp-verification, bug-bounty26-May-2024
HTTP Headershttps://medium.com/@Zephyr_Night/http-headers-958a5d73ffd6?source=rss------bug_bounty-5Anshu(Zephyr_Night)bug-bounty, http-protocol, http-headers, http-authentication26-May-2024
WordPress application vulnerable to DoS attack via wp-cron.phphttps://medium.com/@saeidmicro/wordpress-application-vulnerable-to-dos-attack-via-wp-cron-php-da521e854fe5?source=rss------bug_bounty-5Saeid Khaterbug-bounty, dos-attack, cybersecurity26-May-2024
❇️ Web Hack Tool ❇️https://medium.com/@logicTech/%EF%B8%8F-web-hack-tool-%EF%B8%8F-0123843704ed?source=rss------bug_bounty-5LogicTechbug-bounty-tips, github, tools, hacking, bug-bounty26-May-2024
Insecure Account Removalhttps://medium.com/@saeidmicro/insecure-account-removal-867357ad9a08?source=rss------bug_bounty-5Saeid Khaterbug-bounty, cybersecurity26-May-2024
How I Got IDOR lead to PII In Login Pagehttps://medium.com/@shari7a0x/how-i-got-idor-lead-to-pii-in-login-page-12135f661c77?source=rss------bug_bounty-5Shari7a0xbugs, hacker, idor-vulnerability, bugcrowd, bug-bounty26-May-2024
How I Found 2 IDORS on My Phone and Made $1,500https://medium.com/@zack0x01_/how-i-found-2-idors-on-my-phone-and-made-1-500-8b088f5b28db?source=rss------bug_bounty-5zack0x01bug-bounty, cyber, idor, bug-bounty-tips, hacking26-May-2024
Session invalidation after updating e-mail.https://medium.com/@siyamhassan.main/session-invalidation-after-updating-e-mail-f03c8bb1fb0c?source=rss------bug_bounty-52004siyam_hassanbug-bounty, session-invalidation, help26-May-2024
All About API Security Pentestinghttps://infosecwriteups.com/all-about-api-security-pentesting-60dba50e2766?source=rss------bug_bounty-5Xcheaterapi-security, owasp-api-security-top-10, bug-bounty, pentesting, api-security-testing26-May-2024
JNDI Injection — Attack Flowhttps://medium.com/@prajeet67/jndi-injection-attack-flow-2061e792fef3?source=rss------bug_bounty-5Pradeep Kumarweb-penetration-testing, pentest, bug-bounty, java, jndi25-May-2024
CSRF Vulnerabilities: How to Exploit and Defend Against Attackshttps://xamiron.medium.com/csrf-vulnerabilities-how-to-exploit-and-defend-against-attacks-ca06e0fc0bf0?source=rss------bug_bounty-5Sabuj Kumar Modakpenetration-testing, burpsuite, csrf-attack, bug-bounty, web-app-pentesting25-May-2024
Outlook Hijacked: A Step-by-Step Recovery and Investigationhttps://raoshaab.medium.com/outlook-hijacked-a-step-by-step-recovery-and-investigation-02ea09136301?source=rss------bug_bounty-5Devender Raobug-bounty, phishing, hacking, cybersecurity, microsoft25-May-2024
Unauthenticated IDOR in Employee Login Exposes PII to more than 100K Usershttps://amrkadry7.medium.com/unauthenticated-idor-in-employee-login-exposes-pii-to-more-than-100k-users-830fa8121b33?source=rss------bug_bounty-5Amrcybersecurity, bug-bounty25-May-2024
How I Hacked India Today Subscription for 2 yearshttps://anudeep-vysyaraju.medium.com/how-i-hacked-india-today-subscription-for-2-years-4e49701fa7c8?source=rss------bug_bounty-5Anudeep Vysyarajucybersecurity, penetration-testing, ethical-hacking, hacking, bug-bounty25-May-2024
HOW HACKERS USE REVERSE ENGINEERINGhttps://medium.com/@Progsky/how-hackers-use-reverse-engineering-7f8940e2108a?source=rss------bug_bounty-5Progskybug-bounty, hacking, reverse-engineering25-May-2024
HTB PDFy Challengehttps://medium.com/@Pdaysec/htb-pdfy-challenge-490e678bd521?source=rss------bug_bounty-5Erfancybersecurity, htb, bug-bounty, challenge, htb-writeup25-May-2024
Uncovering the Hidden Vulnerability: How I Found an Authentication Bypass on Shopify’s Exchange…https://medium.com/@niraj1mahajan/uncovering-the-hidden-vulnerability-how-i-found-an-authentication-bypass-on-shopifys-exchange-cc2729ea31a9?source=rss------bug_bounty-5Niraj Mahajanbug-bounty, account-takeover, ato, authentication-bypass, bug-bounty-tips25-May-2024
Prototype Pollution: The Hidden Danger in JavaScripthttps://medium.com/@mayank_prajapati/prototype-pollution-the-hidden-danger-in-javascript-c8b17002e8da?source=rss------bug_bounty-5Mayank Kumar Prajapatihacking, bug-bounty, security, web, pentesting25-May-2024
Bypassing WAFs: The Art of Payload Obfuscationhttps://systemweakness.com/bypassing-wafs-the-art-of-payload-obfuscation-d4093c110713?source=rss------bug_bounty-5David Eduardo Karpinskiweb3, bug-bounty, firewall, cybersecurity, hacking25-May-2024
JavaScript Prototype Pollution Attack: A Simplified Guidehttps://medium.com/@dodir.sec/javascript-prototype-pollution-attack-a-simplified-guide-c3b4ba8a6441?source=rss------bug_bounty-5dodirbug-bounty, penetration-testing, web, javascript, cybersecurity25-May-2024
How i got xss in unusual wayhttps://medium.com/@cvjvqmmsm/how-i-got-xss-in-unusual-way-7c4f2d8dfaf6?source=rss------bug_bounty-5Barbarossaxss-attack, bug-bounty25-May-2024
HTB-PDFyhttps://medium.com/@Pdaysec/htb-pdfy-challenge-490e678bd521?source=rss------bug_bounty-5Erfancybersecurity, htb, bug-bounty, challenge, htb-writeup25-May-2024
Logic Bug | Forget password link not expiring after email changehttps://medium.com/@saeidmicro/logic-bug-forget-password-link-not-expiring-after-email-change-4edc6f2dce22?source=rss------bug_bounty-5Saeid Khatercybersecurity, bug-bounty24-May-2024
How to Use ParamSpider Tool — For Bug Bountyhttps://gentilsecurity.medium.com/how-to-use-paramspider-tool-for-bug-bounty-2cfb3e4c402c?source=rss------bug_bounty-5GenTiLpenetration-testing, automation-tools, parameter, paramspider, bug-bounty24-May-2024
Analyzing JavaScript Files To Find Bugshttps://medium.com/@hrofficial62/analyzing-javascript-files-to-find-bugs-7b277d1df435?source=rss------bug_bounty-5Mr Horbiohacking, bug-bounty-tips, cybersecurity, programming, bug-bounty24-May-2024
Bypassing 403 Protection To Get Admin Accesshttps://medium.com/@hrofficial62/bypassing-403-protection-to-get-admin-access-fe5b8888a935?source=rss------bug_bounty-5Mr Horbiobug-bounty, 403-forbidden, bug-bounty-tips, hacking24-May-2024
Bug Bounty Tutorial : Login Bypass Techniquehttps://medium.com/@hrofficial62/bug-bounty-tutorial-login-bypass-technique-ec4801b505c2?source=rss------bug_bounty-5Mr Horbiobugs, penetration-testing, hacking, bug-bounty, cybersecurity24-May-2024
How to Earn Bug Bounty as a Professional Bug hunterhttps://medium.com/@hrofficial62/how-to-earn-bug-bounty-as-a-professional-bug-hunter-cf11c1d16add?source=rss------bug_bounty-5Mr Horbioearn-money-online, cybersecurity, ethical-hacking, bugs, bug-bounty24-May-2024
How to Find First Bug (For Beginners)https://medium.com/@hrofficial62/how-to-find-first-bug-for-beginners-677ef726df2e?source=rss------bug_bounty-5Mr Horbiopython, cybersecurity, bug-bounty, hacking, programming24-May-2024
How to learn Hacking From 0 to Herohttps://medium.com/@hrofficial62/how-to-learn-hacking-from-0-to-hero-b7a13a72d035?source=rss------bug_bounty-5Mr Horbiohacking, horbio, programming, bug-bounty, cybersecurity24-May-2024
How to extract Google Chrome Saved Passwordhttps://medium.com/@hrofficial62/how-to-extract-google-chrome-saved-password-b6d6db825f36?source=rss------bug_bounty-5Mr Horbioethical-hacking, hacking, bug-bounty, passwords, cyber24-May-2024
Referrer-based access control Bug Bounty Tipshttps://medium.com/@hrofficial62/referrer-based-access-control-bug-bounty-tips-16112ae530cc?source=rss------bug_bounty-5Mr Horbiohacking, programming, hacker, cybersecurity, bug-bounty24-May-2024
Python Libraries for Hackershttps://medium.com/@hrofficial62/python-libraries-for-hackers-52a64f54131c?source=rss------bug_bounty-5Mr Horbiohacking, python-programming, python, bug-bounty, cybersecurity24-May-2024
Easy Bug | PHP info page disclosurehttps://medium.com/@saeidmicro/easy-bug-php-info-page-disclosure-d062dbc66a0e?source=rss------bug_bounty-5Saeid Khatercybersecurity, bug-bounty24-May-2024
Logic Bug: Easy Privilege Escalationhttps://medium.com/@saeidmicro/logic-bug-easy-privilege-escalation-7d3878816395?source=rss------bug_bounty-5Saeid Khatercybersecurity, bug-bounty, privilege-escalation24-May-2024
Logic Bug: Easy Privilege Escalationhttps://medium.com/@saeidmicro/logic-bug-easy-privilege-escalation-d12be8946e36?source=rss------bug_bounty-5Saeid Khaterbug-bounty, privilege-escalation, cybersecurity24-May-2024
Easy Bug | Email HTML Injectionhttps://medium.com/@saeidmicro/easy-bug-email-html-injection-8d15e1db69e0?source=rss------bug_bounty-5Saeid Khatercybersecurity, html-injection, bug-bounty24-May-2024
How to get your first $500 from an XSS vulnerabilityhttps://gentilsecurity.medium.com/how-to-get-your-first-500-from-an-xss-vulnerability-2c3800490e7a?source=rss------bug_bounty-5GenTiLmake-money-online, technology, xss-vulnerability, bug-bounty, xss-attack24-May-2024
[Bug Report] Medium Bug 3 dhttps://minerofideas.medium.com/bug-report-medium-bug-3-d-851c28f844cb?source=rss------bug_bounty-5Miner Of Ideaspython, medium, bug-bounty, medium-brasil, bugs24-May-2024
Using BBRF for tracking Javascript fileshttps://medium.com/@michal.lubicz/using-bbrf-for-tracking-javascript-files-76901a03939f?source=rss------bug_bounty-5Michał Lubiczbug-bounty-tips, bug-bounty, cybersecurity, pentesting24-May-2024
Busting CSRF: The Hidden Dangers of JSON Exploitedhttps://medium.com/@hack3dby0mar/busting-csrf-the-hidden-dangers-of-json-exploited-fd4aeb4cf47e?source=rss------bug_bounty-5Omar Essam (hack3dby0mar)web-security, bug-bounty, cybersecurity24-May-2024
25.4 Lab: Targeted web cache poisoning using an unknown headerhttps://cyberw1ng.medium.com/25-4-lab-targeted-web-cache-poisoning-using-an-unknown-header-18d261dcbf7a?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, hacking, bug-bounty, cybersecurity24-May-2024
Exciting Announcement: We’re Collaborating with DAOPeople to Boost Web3 Securityhttps://securrtech.medium.com/exciting-announcement-were-collaborating-with-daopeople-to-boost-web3-security-0e4b70699385?source=rss------bug_bounty-5Securrbug-bounty, web3, web3-security, dao, blockchain24-May-2024
Flipping a ‘False’ to ‘True’: The Google Bug That Paid Offhttps://medium.com/@hellother18/flipping-a-false-to-true-the-google-bug-that-paid-off-c9c3b11944fb?source=rss------bug_bounty-5Manthan_ mahalepenetration-testing, bugbounty-tips, bug-bounty, cybersecurity, hacker24-May-2024
Session fixation | Cookie injection leading to ATO Write-Uphttps://infosecwriteups.com/session-fixation-cookie-injection-leading-to-ato-write-up-98e29d2851b9?source=rss------bug_bounty-5rAmpancisthacking, account-takeover, cybersecurity, bugbounty-writeup, bug-bounty24-May-2024
Top Tools Every Bug Bounty Hunter Should Usehttps://medium.com/@verylazytech/top-tools-every-bug-bounty-hunter-should-use-7ebec61a0f76?source=rss------bug_bounty-5Very Lazy Techbug-bounty, bug-bounty-tips, cyber, cybersecurity24-May-2024
Tips & Tricks To Get Hall of Fame In NASAhttps://medium.com/@Ajakcybersecurity/tips-tricks-to-get-hall-of-fame-in-nasa-53819d8221d3?source=rss------bug_bounty-5AjakCybersecurityhacking, ethical-hacking, bug-bounty, cybersecurity, penetration-testing24-May-2024
25.5 Lab: Web cache poisoning via an unkeyed query stringhttps://cyberw1ng.medium.com/25-5-lab-web-cache-poisoning-via-an-unkeyed-query-string-c264fccb80d0?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, cybersecurity, careers24-May-2024
Always Test Default Credentials on Bug Bounty even if it’s 2024https://scr1pty.medium.com/always-test-default-credentials-on-bug-bounty-even-if-its-2024-75e511e4ad7c?source=rss------bug_bounty-5Scr1ptyethical-hacking, hacking, bug-bounty, security, bug-bounty-tips23-May-2024
HTML Injectionhttps://medium.com/@0xchoudhary/html-injection-cc6f8e3a09f8?source=rss------bug_bounty-5Sushil Choudharybug-bounty-tips, hackerone, cybersecurity, bug-hunting, bug-bounty23-May-2024
25.3 Lab: Web cache poisoning with multiple headershttps://cyberw1ng.medium.com/25-3-lab-web-cache-poisoning-with-multiple-headers-65e4e83ace3a?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing23-May-2024
Unlocked Secrets: How Leaked Credentials Fuel Bug Bountieshttps://medium.com/@cyberpro151/unlocked-secrets-how-leaked-credentials-fuel-bug-bounties-fe5032caf5f4?source=rss------bug_bounty-5cyberpro151admin-panel, infosec, breach, bug-bounty, hacking23-May-2024
Aleo Bug Bounty Programhttps://daonft.medium.com/aleo-bug-bounty-program-97a7fda9ceed?source=rss------bug_bounty-5Bogdanbug-bounty, web3, aleo23-May-2024
CSRF leading to Account Takeoverhttps://medium.com/@katmaca2014/csrf-leading-to-account-takeover-abb32bae0ba5?source=rss------bug_bounty-5Kaan Atmacabug-bounty, penetration-testing, pentesting, cybersecurity, hacking23-May-2024
Exploiting XML Injection to Establish Unauthorized SSH Connectionhttps://medium.com/@katmaca2014/exploiting-xml-injection-to-establish-unauthorized-ssh-connection-7c9bbc50a4d4?source=rss------bug_bounty-5Kaan Atmacahacking, coding, bug-bounty, penetration-testing, pentesting23-May-2024
How I Found Multiple XSS Vulnerabilities.https://medium.com/@helalmm71/how-i-found-multiple-xss-vulnerabilities-34bf8655f4e7?source=rss------bug_bounty-5MD Helalvulnerability, penetration-testing, cybersecurity, bug-bounty, ctf23-May-2024
How I use to find vulnerabilities like XSS,sqli using mixture of 3 simple toolshttps://medium.com/@sreejihkn43073/how-i-use-to-find-vulnerabilities-like-xss-sqli-using-mixture-of-3-simple-tools-5108068646d2?source=rss------bug_bounty-5Sreejihknxss-vulnerability, cybersecurity-training, bug-bounty, github, tools23-May-2024
Ink Finance Arbitrum Testnet Bug Bounty Hunthttps://inkfinance.medium.com/ink-finance-arbitrum-testnet-bug-bounty-hunt-85ca215118fa?source=rss------bug_bounty-5Ink Financedao, defi, testnet, arbitrum, bug-bounty23-May-2024
Chrome 125 Update Resolves High-Severities Bugs Reported by External Researchershttps://medium.com/@elnjasi/chrome-125-update-resolves-high-severities-bugs-reported-by-external-researchers-74be654feb3a?source=rss------bug_bounty-5eL Njas!™bug-bounty, vulnerbaility, google23-May-2024
Easy Bug: No Rate Limiting on Form which Triggers Emailshttps://medium.com/@saeidmicro/easy-bug-no-rate-limiting-on-form-which-triggers-emails-4cecb5dd80a8?source=rss------bug_bounty-5Saeid Khatercybersecurity, bug-bounty23-May-2024
First Swag from HackerRankhttps://codingninjablogs.tech/first-swag-from-hackerrank-df55cb2605b5?source=rss------bug_bounty-5#$ubh@nk@rhacking, swag, ethical-hacking, security, bug-bounty23-May-2024
Ink Finance Arbitrum Testnet User Experience & Bug Bounty Hunthttps://inkfinance.medium.com/ink-finance-arbitrum-testnet-bug-bounty-hunt-85ca215118fa?source=rss------bug_bounty-5Ink Financedao, defi, testnet, arbitrum, bug-bounty23-May-2024
Second Factor Authentication (2FA) Bypass in Private BBPhttps://medium.com/@saeidmicro/second-factor-authentication-2fa-bypass-in-private-bbp-325017cd187e?source=rss------bug_bounty-5Saeid Khaterbug-bounty, cybersecurity23-May-2024
Logic Bug | Old Session Does Not Expires After Password Changehttps://medium.com/@saeidmicro/logic-bug-old-session-does-not-expires-after-password-change-cd1fca05c33e?source=rss------bug_bounty-5Saeid Khaterbug-bounty, cybersecurity23-May-2024
Second bug on VDP programhttps://medium.com/@devMRT/second-bug-on-vdp-program-f1c4e67a3e42?source=rss------bug_bounty-5devMRTbugbounty-writeup, bug-bounty-tips, bug-bounty23-May-2024
Advanced Web Application Scanning Step-by-Step Guidehttps://0xm4r5h4l.medium.com/advanced-web-application-scanning-step-by-step-guide-4d59dff9c491?source=rss------bug_bounty-50xM4r5h4lhacking, web-penetration-testing, cybersecurity, bug-bounty, web-scanner22-May-2024
How I Found XSS in Swagger-UI Leading to Account Takeover on Bug Bountyhttps://scr1pty.medium.com/how-i-found-xss-in-swagger-ui-leading-to-account-takeover-on-bug-bounty-8d419c6b95d5?source=rss------bug_bounty-5Scr1ptybug-bounty, ethical-hacking, penetration-testing, bug-bounty-tips, it22-May-2024
Time-Based Google OAuth Account Takeover: Adventures in Bug Bountieshttps://medium.com/@iamrizwanvp/time-based-google-oauth-account-takeover-my-bug-bounty-journey-a0f534227bc6?source=rss------bug_bounty-5RIZWANbug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup, bugs22-May-2024
Silk Central : Bug Tracking Tutorialhttps://medium.com/@niranjanky14/silk-central-bug-tracking-tutorial-781e4a6550c6?source=rss------bug_bounty-5Nine Pages Of My Lifetesting, software-development, bug-bounty, silk, app-development22-May-2024
Open-Redirect Through HTTP Parameter Pollutionhttps://medium.com/@davidkarpinski1/open-redirect-through-http-parameter-pollution-ce5a3be7c78e?source=rss------bug_bounty-5David Eduardo Karpinskiweb3, bug-bounty, hacking, cybersecurity, pollution22-May-2024
Exciting Announcement: Our New Collaboration with jumboBlockchain to Enhance Web3 Security!https://securrtech.medium.com/exciting-announcement-our-new-collaboration-with-jumboblockchain-to-enhance-web3-security-fe0489ca2524?source=rss------bug_bounty-5Securrbug-bounty, layer-1, blockchain, web3-security, web322-May-2024
Swagger-UI XSS Leading to Account Takeover on Crypto Exchangehttps://scr1pty.medium.com/how-i-found-xss-in-swagger-ui-leading-to-account-takeover-on-bug-bounty-8d419c6b95d5?source=rss------bug_bounty-5Scr1ptybug-bounty, ethical-hacking, penetration-testing, bug-bounty-tips, it22-May-2024
25.2 Lab: Web cache poisoning with an unkeyed cookiehttps://cyberw1ng.medium.com/25-2-lab-web-cache-poisoning-with-an-unkeyed-cookie-3f4884ee1105?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, penetration-testing, careers, cybersecurity22-May-2024
SubActive: Cracking the Digital Codehttps://medium.com/@tamhacker1/subactive-cracking-the-digital-code-447769fdb6e2?source=rss------bug_bounty-5Tahir Mujawarbugbounty-writeup, hacker, hacking, cybersecurity, bug-bounty22-May-2024
Best tool to find subdomainshttps://medium.com/@sreejihkn43073/best-tool-to-find-subdomains-170ad5d6e034?source=rss------bug_bounty-5Sreejihknbug-bounty, subdomain, cybersecurity, cyber-security-awareness, pentesting22-May-2024
Top Network Hacking Techniques Familiar with Every Bug-Bounty Hunterhttps://medium.com/@logicTech/top-network-hacking-techniques-familiar-with-every-bug-bounty-hunter-a01d7319cadc?source=rss------bug_bounty-5LogicTechhacking, network-security, bug-bounty, bug-bounty-tips, bugs22-May-2024
Pentesting: AI: WEB 1 | Privilege Escalation Attack | Python Reverse Shell | Vulnerabilities | SQL…https://shamsulmehmood.medium.com/pentesting-ai-web-1-privilege-escalation-attack-python-reverse-shell-vulnerabilities-sql-7f9994a42ec1?source=rss------bug_bounty-5SHAMS UL MEHMOODai, cybersecurity, bugs, bug-bounty, ctf-writeup21-May-2024
Hackers Online Tools in 2024https://medium.com/@logicTech/hackers-online-tools-in-2024-da8f5aa232e5?source=rss------bug_bounty-5LogicTechosint, hackathons, bug-bounty, tools, hacking21-May-2024
Authentication Bypass due to Sensitive Data Exposure in Local Storagehttps://medium.com/@kritikasingh06/authentication-bypass-due-to-sensitive-data-exposure-in-local-storage-8a706c798800?source=rss------bug_bounty-5Kritika Singhvulnerability-assessment, webapplicationpentest, bug-bounty, penetration-testing, hacking21-May-2024
25.1 Lab: Web cache poisoning with an unkeyed headerhttps://cyberw1ng.medium.com/25-1-lab-web-cache-poisoning-with-an-unkeyed-header-177f24f0538e?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, penetration-testing, hacking, cybersecurity21-May-2024
Complex Attack Types: Sample Scenarios 7https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-7-9e7ad4454fe9?source=rss------bug_bounty-5Baris Dincerbug-bounty, cybersecurity, freedomofinternet, threat-intelligence, penetration-testing21-May-2024
Curiosity part #2 with $5000 bounty.https://medium.com/@nanwinata/curiosity-part-2-with-5000-bounty-025536feced7?source=rss------bug_bounty-5nanwncybersecurity, telnet, hackerone, bug-bounty, vulnerability21-May-2024
Next Generation Nuclei: Detecting SQLi with Logichttps://medium.com/@serhatcck/next-generation-nuclei-detecting-sqli-with-logic-05549c34885b?source=rss------bug_bounty-5Serhat ÇİÇEKhacking-tools, hacking, penetration-testing, application-security, bug-bounty21-May-2024
CSRF Leads to Delete Accounthttps://medium.com/@happyjester80/csrf-leads-to-delete-account-241f2cf8950b?source=rss------bug_bounty-5Happy Jesterandroid-pentesting, bug-bounty, android, hacking21-May-2024
How to find View Angles for Aimbots | Explainedhttps://medium.com/@yannik603/how-to-find-view-angles-for-aimbots-explained-f70c303a353c?source=rss------bug_bounty-5Yannik Castrogames, hacking-tools, bug-bounty, hacking, reverse-engineering21-May-2024
Working with a client, I came across a CSRF vulnerability in their existing web application.https://medium.com/@darkly_splendid/working-with-a-client-i-came-across-a-csrf-vulnerability-in-their-existing-web-application-6c256b74684d?source=rss------bug_bounty-5FF E4cybersecurity, csrf, bug-bounty20-May-2024
Bug Zero — This month in Cybersecurity [01–15 May]https://blog.bugzero.io/bug-zero-this-month-in-cybersecurity-01-15-may-354fd002d5e4?source=rss------bug_bounty-5Akila Maithripalabug-bounty, cybersecurity, sri-lanka, bug-zero20-May-2024
Open-Redirects Uncovered: Real-World Bypass Techniques Revealedhttps://systemweakness.com/open-redirects-uncovered-real-world-bypass-techniques-revealed-7b7422f02049?source=rss------bug_bounty-5David Eduardo Karpinskicybersecurity, hacking, web3, programming, bug-bounty20-May-2024
How I Hacked NASA Using Google Dork in Just 10 Minuteshttps://medium.com/@gaurish.main/how-i-hacked-nasa-using-google-dork-in-just-10-minutes-6ce3b3401512?source=rss------bug_bounty-5Gaurish Bahurupicybersecurity, penetration-testing, bug-bounty-tips, bug-bounty, bug-bounty-writeup20-May-2024
Bypassed the OTP verification process using “Turbo Intruder” Extension.https://xamiron.medium.com/bypassed-the-otp-verification-process-using-turbo-intruder-extension-2f56ac3d400d?source=rss------bug_bounty-5Sabuj Kumar Modakweb-app-pentesting, cybersecurity, bug-bounty, burpsuite-extension, penetration-testing20-May-2024
IDOR Explained: Discover It Through a Simple Story!https://medium.com/@1hehaq/idor-explained-discover-it-through-a-simple-story-ca4a018f6d4c?source=rss------bug_bounty-5haqidor, bug-bounty-tips, bug-bounty, idor-vulnerability20-May-2024
Your Account is Now Mine!https://medium.com/@karimelsayed0x1/your-account-is-now-mine-fd80ad56f868?source=rss------bug_bounty-5z3r0xkpentesting, bug-bounty, account-takeover, vulnerability20-May-2024
Reflected XSS Leading to Account Takeoverhttps://0onoproblem.medium.com/reflected-xss-leading-to-account-takeover-bea862cba885?source=rss------bug_bounty-50_oNoProblembug-bounty, xss-attack, cybersecurity, bug-bounty-writeup, vulnerability20-May-2024
Discovering a $5000 RCE via Dependency Confusion Vulnerabilityhttps://nvk0x.medium.com/discovering-a-5000-rce-via-dependency-confusion-vulnerability-6b0c08ecd5de?source=rss------bug_bounty-5Naveen kumawatbug-bounty, hacking, bug-bounty-tips, bug-bounty-writeup, supply-chain20-May-2024
Let’s Understand Price Oracle Manipulationhttps://securrtech.medium.com/lets-understand-price-oracle-manipulation-927ab725f131?source=rss------bug_bounty-5Securrbug-bounty, smart-contract-auditing, web3, blockchain, web3-security20-May-2024
How I Hacked NASA LDAP Serverhttps://medium.com/@maxcyber882/how-i-hacked-nasa-ldap-server-b7cbb8cd0eee?source=rss------bug_bounty-5Maxcyberbug-hunting, cybersecurity, penetration-testing, bug-bounty20-May-2024
How I found XSS from a medium articlehttps://medium.com/@jsamia/how-i-from-xss-from-a-medium-article-94d1b4e7e742?source=rss------bug_bounty-5Jaeden Samiainfosec, bug-bounty, ethical-hacking20-May-2024
How I got Hall of Fame in NASAhttps://medium.com/@Ajakcybersecurity/how-i-got-hall-of-fame-in-nasa-4d098c413f9e?source=rss------bug_bounty-5AjakCybersecurityhacking, penetration-testing, ethical-hacking, bug-bounty, cybersecurity20-May-2024
Walk-Through of Bepractical.tech lab #3https://medium.com/@ross.jubert/walk-through-of-bepractical-tech-lab-3-07079a7ad5c2?source=rss------bug_bounty-5Ross Jubertaccount-takeover, ethical-hacking, bug-bounty, bugbounty-writeup, account-takeover-attacks19-May-2024
Hacker101: Micro-CMS v1https://medium.com/@0xfxiii/hacker101-micro-cms-v1-982c61d24e3e?source=rss------bug_bounty-50xfhackerone, bug-bounty-tips, bug-bounty, hacking19-May-2024
Dependency Confusionhttps://deephunt3r.medium.com/dependency-confusion-4d675eb36e0f?source=rss------bug_bounty-5Rakeshbugbounty-writeup, bug-bounty19-May-2024
How I Found Multiple Vulnerabilities on Dutch Governmenthttps://medium.com/@neupanesindhu3/how-i-found-multiple-vulnerabilities-on-dutch-government-438059bcf88d?source=rss------bug_bounty-5sindhuneupanebug-bounty, swag, writeup, bug-hunting, infosec19-May-2024
How I Find Another Arbitrary File Upload Vulnerability and Bypass the Patch Twicehttps://medium.com/@zpbrent/how-i-find-another-arbitrary-file-upload-vulnerability-and-bypass-the-patch-twice-193eaaf0b8dc?source=rss------bug_bounty-5Peng Zhouwordpress-plugins, infosec, bug-bounty, wordpress, web-security19-May-2024
How I got an High IDOR + PII in few minutes. Bounty: €500https://medium.com/@ivoaabreu/how-i-got-an-high-idor-pii-in-few-minutes-bounty-500-88833b6e1807?source=rss------bug_bounty-5Ivoabreuidor, bug-bounty19-May-2024
JavaScript tools for BugBounty 2024https://medium.com/@logicTech/javascript-tools-for-bugbounty-2024-fc281111c7c0?source=rss------bug_bounty-5LogicTechtools-and-resources, osint, hacking, hacker, bug-bounty19-May-2024
VulnCon 2024 CTF — Internal Leakshttps://medium.com/@pphreak313/vulncon-2024-ctf-internal-leaks-0a7bf21bf96d?source=rss------bug_bounty-5Shlok Kctf-writeup, ctf, ctf-walkthrough, vulncon, bug-bounty19-May-2024
A basic Android Pentest Lab Setuphttps://medium.com/@majix_de/a-basic-android-pentest-lab-setup-e601c22c71ae?source=rss------bug_bounty-5Majixsetup-guide, android, pentest, bug-bounty, pentesting19-May-2024
22.5 Lab: JWT authentication bypass via jku header injectionhttps://cyberw1ng.medium.com/22-5-lab-jwt-authentication-bypass-via-jku-header-injection-1ec5032245b3?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, hacking, bug-bounty, careers19-May-2024
22.6 Lab: JWT authentication bypass via kid header path traversalhttps://cyberw1ng.medium.com/22-6-lab-jwt-authentication-bypass-via-kid-header-path-traversal-3f4392547f7d?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, hacking, careers19-May-2024
First bug on VDP programhttps://medium.com/@devMRT/first-bug-on-vdp-program-0f9e0baf43c7?source=rss------bug_bounty-5devMRTbug-bounty, bugbounty-writeup, bug-bounty-tips19-May-2024
HOW I HACKED INTO HARVARD UNIVERSITY’S DIGITAL INFRASTRUCTURE -Cycus Pectushttps://medium.com/@pectuscycus/how-i-hacked-into-harvard-universitys-digital-infrastructure-cycus-pectus-5d5e65e74a61?source=rss------bug_bounty-5Cycus Pectushacking, cybersecurity, bug-bounty-tips, ethical-hacking, bug-bounty18-May-2024
Mastering Network Scanning: Exploring Essential Nmap Commands (Part -2) :-https://medium.com/@shaikhwasim8120/mastering-network-scanning-exploring-essential-nmap-commands-part-2-9d24e2291fb6?source=rss------bug_bounty-5Wasim Shaikhcybersecurity, ethical-hacking, nmap-command, bug-bounty, penetration-testing18-May-2024
Mastering Network Scanning: Exploring Essential Nmap Commands :-https://medium.com/@shaikhwasim8120/mastering-network-scanning-exploring-essential-nmap-commands-3843f01e419e?source=rss------bug_bounty-5Wasim Shaikhcybersecurity, bug-bounty, nmap-command, penetration-testing, ethical-hacking18-May-2024
22.4 Lab: JWT authentication bypass via jwk header injectionhttps://cyberw1ng.medium.com/22-4-lab-jwt-authentication-bypass-via-jwk-header-injection-0bddcdbb2f31?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, hacking, cybersecurity, careers18-May-2024
Analyzing JavaScript Files To Find Bugshttps://rajput623929.medium.com/analyzing-javascript-files-to-find-bugs-2b7d67a52c4e?source=rss------bug_bounty-5Mr.Horbiobug-bounty, hacking, bug-bounty-tips, cybersecurity, ethical-hacking18-May-2024
Interesting .DS_Store finding worth $$$https://medium.com/@akrachliy/interesting-ds-store-finding-worth-6ee7cc46458d?source=rss------bug_bounty-5Yassine Akrachlibug-bounty, hacking, ethical-hacking, python, enumeration18-May-2024
Pay 0$, Get ∞ books!https://medium.com/@karimelsayed0x1/pay-0-get-books-0e093a5eb0de?source=rss------bug_bounty-5z3r0xkpenetration-testing, cybersecurity, bug-bounty, bussines-logic, vulnerability18-May-2024
Found Bug: Cross-Site Scripting (XSS) in Laravel Debug Mode !!https://medium.com/@p.ra.dee.p_0xx01/found-bug-cross-site-scripting-xss-in-laravel-debug-mode-a91939284541?source=rss------bug_bounty-5Professor0xx01bug-bounty, information-security, laravel-framework, xss-attack, web-security18-May-2024
My 6 Month bug hunting journey, what to expect.https://medium.com/@tom.sh/my-6-month-bug-hunting-journey-what-to-expect-be7532e187d4?source=rss------bug_bounty-5Tomopinion, bug-bounty, bpp, hacking18-May-2024
Top 50 Ports & Vulnerabilityhttps://medium.com/@logicTech/top-50-ports-vulnerability-572de4274305?source=rss------bug_bounty-5LogicTechbug-bounty, osint, networking, vulnerability, hacking18-May-2024
Broken Object Level Authorization — BOLA (ex crAPI)https://medium.com/@amaraltohami30/broken-object-level-authorization-bola-ex-crapi-e5a0d30eed2b?source=rss------bug_bounty-5Ammar Ahmedpentesting, api, cybersecurity, hacking, bug-bounty18-May-2024
How a Single Parameter Led to Two ATO Caseshttps://cametom006.medium.com/how-a-single-parameter-led-to-two-ato-cases-c3cf2f4d00c2?source=rss------bug_bounty-5Fahad Faisalbug-bounty, hackerone, bug-bounty-tips, twitter18-May-2024
CVE-2023–52424: The WiFi SSID Confusion Attack Explainedhttps://infosecwriteups.com/cve-2023-52424-the-wifi-ssid-confusion-attack-explained-26e43f5cff40?source=rss------bug_bounty-5ElNiakwifi, bug-bounty, technology, cybersecurity, penetration-testing17-May-2024
The Hacker’s Mind -Recon Mind maphttps://medium.com/@tamhacker1/the-hackers-mind-recon-mind-map-39d14e3750fb?source=rss------bug_bounty-5Tahir Mujawarbug-bounty-writeup, mindmap, ethical-hacking, bug-bounty, cybersecurity17-May-2024
Simple Tips for Bug Bounty Beginners: Finding PII Vulnerabilitieshttps://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-pii-vulnerabilities-3db5a7151dd4?source=rss------bug_bounty-5Anish Narayanbug-bounty-writeup, bug-bounty, bug-bounty-hunting, cybersecurity, bug-bounty-tips17-May-2024
How I found my first mistake Or why you shouldn’t overlook the obvious.https://medium.com/@nagavicyn2/how-i-found-my-first-mistake-or-why-you-shouldnt-overlook-the-obvious-1f1d443afa6b?source=rss------bug_bounty-5Jioninbug-bounty, wordpress, first-bug, pentesting, cve17-May-2024
22.3 Lab: JWT authentication bypass via weak signing keyhttps://cyberw1ng.medium.com/22-3-lab-jwt-authentication-bypass-via-weak-signing-key-f49138b16441?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, careers, cybersecurity17-May-2024
How to Know If Your Android Device Has Been Hacked and What to Do About Ithttps://rajput623929.medium.com/how-to-know-if-your-android-device-has-been-hacked-and-what-to-do-about-it-740ea5a18b9c?source=rss------bug_bounty-5Mr.Horbiohacking, phone-hacking, bug-bounty, cybersecurity, ethical-hacking17-May-2024
A Story of Zero-click complete Account Takeoverhttps://medium.com/@shravanisheshasai/a-story-of-zero-click-complete-account-takeover-650784c2d229?source=rss------bug_bounty-5Shravani_kbvulnerability, web-vulnerabilities, hacking, bug-bounty, ethical-hacking17-May-2024
Breaking Barriers: A Personal Journey Through the World of Bug Bounty Huntinghttps://medium.com/@un1tycyb3r/breaking-barriers-a-personal-journey-through-the-world-of-bug-bounty-hunting-a30331db12fa?source=rss------bug_bounty-5Un1tycyb3rbug-bounty16-May-2024
How to Create a Cloud Lab for Anonymous Bug Bounty Huntinghttps://medium.com/@paritoshblogs/how-to-create-a-cloud-lab-for-anonymous-bug-bounty-hunting-e80ed3a68d8c?source=rss------bug_bounty-5Paritoshcloud, hacking, ai, cybersecurity, bug-bounty16-May-2024
Discovery Worth $$$ in KYC Verification Feature : Bug Bountyhttps://medium.com/@srishavinkumar/unveiling-a-surprising-bug-in-kyc-verification-the-discovery-worth-a82f3282b033?source=rss------bug_bounty-5Sri Shavin Kumarbug-bounty-writeup, bug-bounty, infosec-write-ups, ethical-hacking, cybersecurity16-May-2024
Account takeover with a sad endinghttps://imwaiting18.medium.com/account-takeover-with-a-sad-ending-31ab82f09a5b?source=rss------bug_bounty-5imwaiting18bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips16-May-2024
Vulnerable WordPress April 2024 (Arasbaran)https://medium.com/@onhexgroup/vulnerable-wordpress-april-2024-arasbaran-e9ae2acb8898?source=rss------bug_bounty-5Onhexgroupwordpress, infosec, web-security, bug-bounty, nuclei-template16-May-2024
21.5 Lab: Stealing OAuth access tokens via an open redirect | 2024https://cyberw1ng.medium.com/21-5-lab-stealing-oauth-access-tokens-via-an-open-redirect-2024-88c3679cf0a3?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, penetration-testing, cybersecurity16-May-2024
Reflected XSS via Cache Poisoninghttps://medium.com/@majix_de/reflected-xss-via-cache-poisoning-5f57317b7c71?source=rss------bug_bounty-5Majixpenetration-testing, cache-poisoning, xs, bug-bounty, hacking16-May-2024
Reflected XSS to Account Takeoverhttps://medium.com/@majix_de/reflected-xss-to-account-takeover-0fc429be34e8?source=rss------bug_bounty-5Majixxs, account-takeover, bug-bounty, hacking, penetration-testing16-May-2024
How I got Critical IDOR in one of India’s Best Known Food Delivery Websitehttps://medium.com/@bajajkrrish11/how-i-got-critical-idor-in-one-of-indias-best-known-food-delivery-website-5349c521e44b?source=rss------bug_bounty-5Krrish Bajajbug-bounty-tips, bug-bounty-writeup, bug-bounty-program, bug-bounty, medium16-May-2024
How I Hacked One of These Big Companies (JS files analysis)https://l0da.medium.com/how-i-hacked-one-of-these-big-companies-js-files-analysis-7cf47372b642?source=rss------bug_bounty-5L0dabug-bounty, cybersecurity, hacking, penetration-testing, bug-bounty-tips16-May-2024
The Art of OSINT: Discovering Locations with Image Analysis and Aritifical Intelligence Toolshttps://medium.com/@enigma_/the-art-of-osint-discovering-locations-with-image-analysis-and-aritifical-intelligence-tools-820a4b74d426?source=rss------bug_bounty-5enigmahacking, osint, cybersecurity, bug-bounty, ai16-May-2024
How to execute a Proof of Concept (PoC) for any CVEshttps://medium.com/@CTRL2030/how-to-execute-a-proof-of-concept-poc-for-any-cves-e343cb528f2e?source=rss------bug_bounty-5CTRLsoc, penetration-testing, bug-bounty, cve, cybersecurity16-May-2024
Account takeover using Blind XSS?https://imwaiting18.medium.com/account-takeover-with-a-sad-ending-31ab82f09a5b?source=rss------bug_bounty-5imwaiting18bug-bounty, ethical-hacking, cybersecurity, bug-bounty-tips16-May-2024
Broken Access Control (IDOR) & Credential Leak at Legacy API Video Transcodehttps://medium.com/@blackarazi/broken-access-control-idor-credential-leak-at-legacy-api-video-transcode-9b5d729fb2d6?source=rss------bug_bounty-5Azhari Harahapbroken-access-control, api-security, application-security, bug-bounty, bug-bounty-writeup15-May-2024
CVE-2024–4761: Exploiting Chrome’s JavaScript Engine Highly Exploited (PoC presented)https://infosecwriteups.com/cve-2024-4761-exploiting-chromes-javascript-engine-highly-exploited-poc-presented-dcf9cab95c00?source=rss------bug_bounty-5ElNiakbug-bounty, google, penetration-testing, cybersecurity, javascript15-May-2024
How I Got My First Bounty: The Exciting Story of My Bug Bounty Breakthroughhttps://infosecwriteups.com/how-i-got-my-first-bounty-the-exciting-story-of-my-bug-bounty-breakthrough-d8391973ed41?source=rss------bug_bounty-5whit3ros3bug-bounty, graphql, bounty-program, hacking, bug-bounty-tips15-May-2024
Subdomain Takeover: What is It? How to Exploit? How to Find Them?https://medium.com/@dub-flow/subdomain-takeover-what-is-it-how-to-exploit-how-to-find-them-d2b6b82b155b?source=rss------bug_bounty-5Florian Walterbug-bounty, application-security, cybersecurity, penetration-testing, web-application-security15-May-2024
How I Was Able to Perform a Subdomain Takeover Attackhttps://medium.com/@karnrishabh25/subdomain-takeover-00d2c5599715?source=rss------bug_bounty-5Rishabh Karnbug-bounty, hacking, subdomain-takeover, bugs, attack15-May-2024
21.4 Lab: OAuth account hijacking via redirect_uri | 2024https://cyberw1ng.medium.com/21-4-lab-oauth-account-hijacking-via-redirect-uri-2024-4a8bfbb95d12?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, penetration-testing, bug-bounty, hacking15-May-2024
Multiple Business Logic Errors in APPLE music/TV allowing bypass of parental controlshttps://medium.com/@sam0-0/multiple-business-logic-errors-in-apple-music-tv-allowing-bypass-of-parental-controls-0d870d4870c5?source=rss------bug_bounty-5Samapple, infosec, bug-bounty15-May-2024
Gaining Control: How Response Manipulation Leads to Higher Privileges (PoC)https://medium.com/@mrmaulik191/gaining-control-how-response-manipulation-leads-to-higher-privileges-394bdf5f552b?source=rss------bug_bounty-5Mr.MGcybersecurity-research, cybersecurity, privilege-escalation, bug-hunting, bug-bounty15-May-2024
A Arte de Explorar SQL Injection: Uma abordagem profundahttps://medium.com/@davidkarpinski1/sql-injection-masterclass-d68f65cd71ae?source=rss------bug_bounty-5David Eduardo Karpinskibug-bounty, hacking, sql, mysql, sql-injection15-May-2024
5 bugs in one program $$$https://el-cezeri.medium.com/5-bugs-in-one-program-80b550c06a67?source=rss------bug_bounty-5Samet Yiğitödülavcılığı, bug-bounty-tips, bug-bounty15-May-2024
XSS via HTML Injection in Chatbothttps://medium.com/@nidishms1999/xss-via-html-injection-in-chatbot-a24c4f25dc92?source=rss------bug_bounty-5Nidish Nkvapt, cybersecurity, bug-bounty15-May-2024
Why I want to become a bug bounty hunterhttps://medium.com/@riccilovesdogs/why-i-want-to-become-a-bug-bounty-hunter-135e4f584af6?source=rss------bug_bounty-5Riccibug-bounty, coding, make-money-online15-May-2024
XSS via HTML Injection in Chatbothttps://medium.com/@nidishms1999/xss-via-html-injection-in-chatbot-a24c4f25dc92?source=rss------bug_bounty-5Nidish Nkvapt, cybersecurity, hacking, bug-bounty15-May-2024
Walk Through of Bepractical.tech lab #2https://medium.com/@ross.jubert/walk-through-of-bepractical-tech-lab-2-bef06b00ccfc?source=rss------bug_bounty-5Ross Jubertethical-hacking, cybersecurity, bug-bounty, red-team, ethical-hacking-training14-May-2024
XSS on TikTokhttps://19whoami19.medium.com/xss-on-tiktok-d2aa209c746d?source=rss------bug_bounty-5WHO AM I ?bug-bounty-tips, cross-site-scripting, cybersecurity, bug-bounty, xss-attack14-May-2024
An Email Authentication Bypass, But Marked as N/A in NASA domainhttps://medium.com/@Ajakcybersecurity/an-email-authentication-bypass-but-marked-as-n-a-in-nasa-domain-a47977aed8bd?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, penetration-testing, cybersecurity, hacking, bug-bounty14-May-2024
An easy way to find bugs: Enter wrong datahttps://systemweakness.com/an-easy-way-to-find-bugs-enter-wrong-data-0765ed4e9afd?source=rss------bug_bounty-5Nasrinaudit, web-app-security, pentesting, bug-bounty14-May-2024
21.3 Lab: SSRF via OpenID dynamic client registration | 2024https://cyberw1ng.medium.com/21-3-lab-ssrf-via-openid-dynamic-client-registration-2024-c9ffd445e438?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, careers, cybersecurity14-May-2024
JNDI Injection — The Complete Storyhttps://infosecwriteups.com/jndi-injection-the-complete-story-4c5bfbb3f6e1?source=rss------bug_bounty-5Pradeep Kumarjava, pentesting, bug-bounty, jndi, web-penetration-testing14-May-2024
Root user account takeover via SQL Injectionhttps://medium.com/@stopvvar/root-user-account-takeover-via-sql-injection-5c21a6091d4c?source=rss------bug_bounty-5SWsql-injection, hacking, bug-bounty, infose, sql-server13-May-2024
RCE Through Account Takeoverhttps://medium.com/@iamrajchavan/rce-through-account-takeover-10a938a241d9?source=rss------bug_bounty-5Rajdip Chavansecurity, vapt, bug-bounty, web-application-security13-May-2024
Root user account takeover via SQL Injectionhttps://infosecwriteups.com/root-user-account-takeover-via-sql-injection-5c21a6091d4c?source=rss------bug_bounty-5SWsql-injection, hacking, bug-bounty, infose, sql-server13-May-2024
Story of Hall of Fame in Red Hat Linuxhttps://medium.com/@hritombhattacharya029/story-of-hall-of-fame-in-red-hat-linux-e267b9f22d06?source=rss------bug_bounty-5Hritom Bhattacharyaredhat-linux, xss-vulnerability, bug-bounty, hall-of-fame, hacking13-May-2024
Unintended File Downloads in Remote Desktop Environments: A Security Vulnerabilityhttps://medium.com/@Wolverineisstillalive/unintended-file-downloads-in-remote-desktop-environments-a-security-vulnerability-04114297665a?source=rss------bug_bounty-5Sharkbug-bounty, cybersecurity, microsoft, red-team, pentesting13-May-2024
Week 1https://medium.com/@fulltimebughunter/week-1-bad3f3f9e214?source=rss------bug_bounty-5.bugs, bug-bounty-tips, infosec, bug-bounty, infosec-write-ups13-May-2024
21.2 Lab: Forced OAuth profile linking | 2024https://cyberw1ng.medium.com/21-2-lab-forced-oauth-profile-linking-2024-e625dcfc319b?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, penetration-testing, hacking, cybersecurity13-May-2024
$350 bounty: How I Got It | Broken linked Hijackedhttps://deepseng.medium.com/350-bounty-how-i-got-it-broken-linked-hijacked-3e72511e2571?source=rss------bug_bounty-5Deep SenGuptacybersecurity, bug-bounty, broken-link-hijacking13-May-2024
How To Find And Test S3 Buckets For Bug Bountyhttps://medium.com/@dante.falls/how-to-find-and-test-s3-buckets-for-bug-bounty-b91166f9b4e0?source=rss------bug_bounty-5Dante Fallsaws, amazon-web-services, bug-bounty, cybersecurity, cloud-services13-May-2024
Broken Access Control leads to Take Admin Rolehttps://0xebn-taimia.medium.com/broken-access-control-leads-to-take-admin-role-920e46d496b9?source=rss------bug_bounty-50xEbn-Taimiapenetration-testing, bug-bounty-tips, cybersecurity, bug-bounty, hunting13-May-2024
403 Jump: HTTP 403 Bypass toolhttps://medium.com/@anzeemashib/403-jump-http-403-bypass-tool-8b17204110d9?source=rss------bug_bounty-5Itsmeanzeemtools, bug-bounty, 403-forbidden, penetration-testing, cybersecurity13-May-2024
How I Found My First RCE !https://mchklt.medium.com/how-i-found-my-first-rce-f80073626fff?source=rss------bug_bounty-5ABDELKARIM MOUCHQUELITAapache, cyberattack, cybersecurity, bug-bounty, hacking13-May-2024
Hundreds of companies’ internal data exposed — Part 2: The FreshService misconfigurationhttps://infosecwriteups.com/hundreds-of-companies-internal-data-exposed-part-2-the-freshservice-misconfiguration-a9432c0b5dc8?source=rss------bug_bounty-5Mohammed Moiz Pashabug-bounty, security, hacking, vulnerability, ethical-hacking13-May-2024
$350 bounty: How I Got It | Broken linked Hijackedhttps://deepseng.medium.com/350-bounty-how-i-got-it-broken-linked-hijacked-31bfbc15ac0e?source=rss------bug_bounty-5Deep SenGuptabroken-link-hijacking, cybersecurity, bug-bounty, burpsuite13-May-2024
How I found a IDOR at Monitor Mozilla ?https://medium.com/@abnid312/how-i-found-a-idor-at-monitor-mozilla-313fc6c52f25?source=rss------bug_bounty-5ryujinxbug-bounty, bug-hunter, information-technology, info-sec-writeups, hackerone13-May-2024
ZoneTransfer — ./Hopehttps://ezecias.medium.com/zonetransfer-hope-6261d5c7ac0a?source=rss------bug_bounty-5Ezeciasbug-bounty-tips, tools, bug-bounty13-May-2024
How I Found My First RCE !https://mchklt.medium.com/how-i-found-my-first-rce-f80073626fff?source=rss------bug_bounty-5ABDELKARIM MOUCHQUELITAapache, cyberattack, cybersecurity, bug-bounty, hacking13-May-2024
A simple file upload bypass causing XSS attackhttps://medium.com/@xiaodongsec/a-simple-file-upload-bypass-causing-xss-attack-6cbbb4c42070?source=rss------bug_bounty-5Xiaodongxss-attack, bypass, vulnerability, bug-bounty, hacker12-May-2024
Read Code Like a Hacker With SASThttps://medium.com/@matejsmycka/read-code-like-a-hacker-with-sast-28dab6506e45?source=rss------bug_bounty-5Matejsmyckabug-bounty, static-code-analysis, testing, ethical-hacking, hacking12-May-2024
How I Found PII Disclosure of Users & PHPInfo() Page :: #NCIIPC #RVDPhttps://medium.com/@p.ra.dee.p_0xx01/how-i-found-pii-disclosure-of-users-phpinfo-page-nciipc-rvdp-58bec4ba27da?source=rss------bug_bounty-5Professor0xx01security, ethical-hacking, infosec, cybersecurity, bug-bounty12-May-2024
24.15 Lab: HTTP request smuggling, obfuscating the TE header | 2024https://cyberw1ng.medium.com/24-15-lab-http-request-smuggling-obfuscating-the-te-header-2024-efdbc0698848?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, cybersecurity, hacking, careers12-May-2024
Hacking more than 130 000 car worldwide in 5 minuteshttps://ahmadmansourr.medium.com/hacking-more-than-130-000-car-worldwide-in-5-minutes-766e76003c67?source=rss------bug_bounty-5Ahmad Mansourbug-bounty, bug-bounty-tips, cybersecurity, pentesting12-May-2024
16 Times Forced Browsing Leads to Authentication bypass [ 300$ Bounty ]https://medium.com/@jav333d/16-times-forced-browsing-leads-to-authentication-bypass-300-bounty-efc8bd52d310?source=rss------bug_bounty-5Javeed.skauthentication-bypass, bugs, ethical-hacking, bug-bounty-tips, bug-bounty12-May-2024
Breaking Down DOM-based XSS: A Practical Explorationhttps://medium.com/@osamaavvan/breaking-down-dom-based-xss-a-practical-exploration-929d44f10906?source=rss------bug_bounty-5Osama Avvanxss-attack, dom-xss, bug-bounty, cybersecurity, javascript11-May-2024
My LLM Bug Bounty Journey on Hugging Face Hub via Protect AIhttps://infosecwriteups.com/my-llm-bug-bounty-journey-on-hugging-face-hub-via-protect-ai-9f3a1bc72c2e?source=rss------bug_bounty-5Peng Zhouprotect-ai, hugging-face, bug-bounty, llm-security, ai-security11-May-2024
NMAP Command Optionshttps://medium.com/@sherlock297/nmap-command-options-114b7582b993?source=rss------bug_bounty-5Ravindra Dagalenmap, commands, information-security, bug-bounty, vulnerability11-May-2024
#2. Bug Bounty POC: Time-Based SQL Injection to Dump Databasehttps://cyb3rmind.medium.com/2-bug-bounty-poc-time-based-sql-injection-to-dump-database-f8cfa089f393?source=rss------bug_bounty-5Cyb3r M!ndssqli, hacking, pentesting, bug-bounty, sql-injection11-May-2024
24.14 Lab: HTTP request smuggling, basic TE.CL vulnerability | 2024https://cyberw1ng.medium.com/24-14-lab-http-request-smuggling-basic-te-cl-vulnerability-2024-f0159b2569d0?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, cybersecurity, bug-bounty11-May-2024
Exploiting Acunetix Vulnweb SQL Injectionhttps://medium.com/@davidkarpinski1/exploiting-acunetix-vulnweb-sql-injection-5fa5c24b2466?source=rss------bug_bounty-5David Eduardo Karpinskisql, hacking, mysql, bug-bounty, sql-injection11-May-2024
Unveiling an Account Takeover Vulnerability in a Leading Automobile Brandhttps://medium.com/@anekantsinghai/unveiling-an-account-takeover-vulnerability-in-a-leading-automobile-brand-aa41a4e94bfb?source=rss------bug_bounty-5Anekant Singhai Jaininfosec, hacking, bug-bounty, cybersecurity, bug-bounty-tips11-May-2024
دي روود ماب علشان تبدا web pentesthttps://medium.com/@akaramany3/%D8%AF%D9%8A-%D8%B1%D9%88%D9%88%D8%AF-%D9%85%D8%A7%D8%A8-%D8%B9%D9%84%D8%B4%D8%A7%D9%86-%D8%AA%D8%A8%D8%AF%D8%A7-web-pentest-91ea9560dbf6?source=rss------bug_bounty-509x99python, cybersecurity, bug-bounty, web-development, javascript11-May-2024
Mastering Subdomain Takeovershttps://tanishqshahsays.medium.com/mastering-subdomain-takeovers-c9a531fe5d3b?source=rss------bug_bounty-5Tanishq Sachin Shahbug-bounty, bugs, vulnerability, subdomain, cybersecurity11-May-2024
Linux Privilege Escalation — Capstone Challenge | TryHackMehttps://medium.com/@NoOne./linux-privilege-escalation-capstone-challenge-tryhackme-e69c798204bc?source=rss------bug_bounty-5Asim Anwarhacking, privilege-escalation, linux, bug-bounty, tryhackme11-May-2024
4 XSSs With A Simple & Optimized Payloadhttps://levelup.gitconnected.com/4-xsss-with-a-simple-optimized-payload-900753538e90?source=rss------bug_bounty-5Hamza Avvanethical-hacking, xss-uppercase-bypass, bug-bounty, xss-attack, cybersecurity11-May-2024
My Hunt: Discovering Microsoft Bugshttps://infosecwriteups.com/my-hunt-discovering-microsoft-bugs-f6a9c790bec0?source=rss------bug_bounty-5c0d3x27microsoft, hacking, bug-bounty, software-development, cybersecurity11-May-2024
Today I am going to walk through bepractical.techhttps://medium.com/@ross.jubert/today-i-am-going-to-walk-through-bepractical-tech-c15e1df8aa06?source=rss------bug_bounty-5Ross Jubertcybersecurity, bug-bounty, ethical-hacking, account-takeover, account-takeover-attacks11-May-2024
Exploiting Acunetix Vulnweb SQL Injectionhttps://systemweakness.com/exploiting-acunetix-vulnweb-sql-injection-5fa5c24b2466?source=rss------bug_bounty-5David Eduardo Karpinskisql, hacking, mysql, bug-bounty, sql-injection11-May-2024
IDOR and Missing Authorization leads to free contenthttps://medium.com/@enigma_/idor-and-missing-authorization-leads-to-free-content-b12037a887a0?source=rss------bug_bounty-5enigmacybersecurity, hacking, idor, oscp, bug-bounty10-May-2024
How I Discovered a CVE by Scanning Open Source Repositorieshttps://infosecwriteups.com/how-i-discovered-a-cve-by-scanning-open-source-repositories-a5922d21b797?source=rss------bug_bounty-5Scott Lindhbug-bounty, xss-attack, open-source, application-security, hacking10-May-2024
CSRF Bypass Combined with IDOR To Complete Account Takeover!https://medium.com/@ozomarzu/csrf-bypass-combined-with-idor-to-complete-account-takeover-f4995c5946d3?source=rss------bug_bounty-5CyberOzcybersecurity, idor, bug-bounty-writeup, bug-bounty-tips, bug-bounty10-May-2024
24.13 Lab: HTTP request smuggling, basic CL.TE vulnerability | 2024https://cyberw1ng.medium.com/24-13-lab-http-request-smuggling-basic-cl-te-vulnerability-2024-862e743cb078?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, bug-bounty, cybersecurity10-May-2024
A Strange Tale of Email Verification Bypasshttps://medium.com/@Arioex/a-strange-tale-of-email-verification-bypass-5eda231d14d8?source=rss------bug_bounty-5Huntsmanbug-bounty-writeup, cybersecurity, vulnerability, bug-bounty, hacking10-May-2024
Linux Privilege Escalation | TryHackMe — Part 2https://medium.com/@NoOne./linux-privilege-escalation-tryhackme-part-2-9a4cddba01ab?source=rss------bug_bounty-5Asim Anwarbug-bounty, tryhackme, linux, privilege-escalation, hacking10-May-2024
From Novice to Ninja: Unraveling Bug Bounty Beginnings through Cache Poisoninghttps://cametom006.medium.com/from-novice-to-ninja-unraveling-bug-bounty-beginnings-through-cache-poisoning-40de3f8fd211?source=rss------bug_bounty-5Fahad Faisalhackerone, bug-bounty, security, bug-bounty-tips10-May-2024
Database Info Disclose by Client-Side DOShttps://starlox.medium.com/database-info-disclose-by-client-side-dos-7fb25a26fae8?source=rss------bug_bounty-5#$ubh@nk@rdos-attack, infosec, hacking, bug-bounty10-May-2024
Inside the Life of a Full-Time Bug Hunter: Weekly Insights and Goalshttps://medium.com/@fulltimebughunter/inside-the-life-of-a-full-time-bug-hunter-weekly-insights-and-goals-6da07694fb0d?source=rss------bug_bounty-5.cybersecurity, bug-bounty, bug-bounty-tips, infosec, hacking09-May-2024
XSS | Here’s how I got my first bountyhttps://medium.com/@sM0ky4/xss-heres-how-i-got-my-first-bounty-4f64785fe6f8?source=rss------bug_bounty-5sM0ky4bug-bounty-writeup, bug-bounty, xss-vulnerability, xss-attack, first-post09-May-2024
idor affects all usershttps://medium.com/@mohamadfadelababede/how-are-you-my-friends-d60c44c29da0?source=rss------bug_bounty-5Mohamad Fade Lababedebug-bounty09-May-2024
24.12 Lab: CL.0 request smuggling | 2024https://cyberw1ng.medium.com/24-12-lab-cl-0-request-smuggling-2024-5b480979e285?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, cybersecurity, hacking09-May-2024
idor affects all usershttps://medium.com/@mohamadfadelababede/idor-affects-all-users-d3f3f12a11c2?source=rss------bug_bounty-5Mohamad Fade Lababedebug-bounty09-May-2024
HOW I FOUND MY FIRST BUGhttps://medium.com/@irenevenunye55/how-i-found-my-first-bug-7d66915a3fbb?source=rss------bug_bounty-5Irene Venunyebug-bounty, bug-bounty-hunting, bug-bounty-tips, bug-bounty-hunter, bug-bounty-program09-May-2024
Fingerprinting♨♨: Identifying Technologies Of Our Target.https://hacktivistattacker.medium.com/fingerprinting-identifying-technologies-of-our-target-d3b0c021da0f?source=rss------bug_bounty-5Hacktivist-Attackerfingerprinting, fingerprint-system, bug-bounty, penetration-test, reconnaissance09-May-2024
Linux Privilege Escalation | TryHackMe — Part 1https://medium.com/@NoOne./linux-privilege-escalation-tryhackme-part-1-f0ae442e6864?source=rss------bug_bounty-5Asim Anwarbug-bounty, hacking, tryhackme, privilege-escalation, linux09-May-2024
How I Found XSS In Another Govt. Site :: NCIIPC VDP !!https://medium.com/@p.ra.dee.p_0xx01/how-i-found-xss-in-another-govt-site-nciipc-vdp-84d78c0319c2?source=rss------bug_bounty-5Professor0xx01infosec, security, information-security, bug-bounty, security-research09-May-2024
An easy bounty using fuzzinghttps://medium.com/@xnum.1/an-easy-bounty-using-fuzzing-d602ad06f562?source=rss------bug_bounty-5Ahmed Tarekbug-bounty, hacking, penteration-testing, fuzzing, pentesting09-May-2024
Exploiting JWT Token Leads To IDORhttps://medium.com/@Ajakcybersecurity/exploiting-jwt-token-leads-to-idor-ec48cb8888bb?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, hacking, cybersecurity, ethical-hacking, bug-bounty09-May-2024
Simple bug on Indian government website | Govt. bug huntinghttps://medium.com/@sidharthpanda1/simple-bug-on-indian-government-website-govt-bug-hunting-0522af40a6ff?source=rss------bug_bounty-5SIDHARTH PANDAbug-bounty, government, indian, hacking, bug-bounty-tips08-May-2024
ETHICAL AND LEGAL ASPECTS OF BUG HUNTING: RESPONSIBLE DISCLOSURE, SCOPE, NDA AND OTHERShttps://medium.com/@Progsky/ethical-and-legal-aspects-of-bug-hunting-responsible-disclosure-scope-nda-and-others-4832b13a1622?source=rss------bug_bounty-5Progskydocumentation, bug-bounty, contracts, ethical-hacking08-May-2024
NCIIPC VDP Bug : Open Redirection Vulnerability In Govt. Site !!https://medium.com/@p.ra.dee.p_0xx01/nciipc-vdp-bug-open-redirection-vulnerability-in-govt-site-b048860f5d2d?source=rss------bug_bounty-5Professor0xx01bug-bounty, security, vulnerability, information-security, infosec08-May-2024
Revealing a Critical Vulnerability: The Price Manipulation Flawhttps://medium.com/@pawarpushpak36/revealing-a-critical-vulnerability-the-price-manipulation-flaw-cfd640cacf46?source=rss------bug_bounty-5Pawarpushpakpenetration-testing, info-sec-writeups, pentesting, bug-zero, bug-bounty08-May-2024
Unlocking Bug Bounties: Your Comprehensive Guide to Getting Startedhttps://medium.com/@sachin.hack/unlocking-bug-bounties-your-comprehensive-guide-to-getting-started-427a51d7e875?source=rss------bug_bounty-5Sachin Kumarfor-beginners, bug-bounty-tips, bug-bounty, cybersecurity, begineers08-May-2024
24.11 Lab: HTTP/2 request splitting via CRLF injection |2024https://cyberw1ng.medium.com/24-11-lab-http-2-request-splitting-via-crlf-injection-2024-ddb2adaf0cce?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, hacking, careers, penetration-testing08-May-2024
Hack Any Browser With One Linkhttps://medium.com/@vishalchaudharydevsec/hack-any-browser-with-one-link-8d890b804627?source=rss------bug_bounty-5Vishal Chaudharysecurity, hacking, cybersecurity, beef, bug-bounty08-May-2024
Exposed Key In Page Source Led To Bypass Captchahttps://medium.com/@mohanad.hussam23/exposed-key-in-page-source-led-to-bypass-captcha-add64f8d133b?source=rss------bug_bounty-5Muhanad Israiwihacking, captcha, bug-bounty, bugs, penetration-testing08-May-2024
Writing your First Nuclei Templatehttps://medium.com/@technolifts/writing-your-first-nuclei-template-f88575635ea8?source=rss------bug_bounty-5TechnoLiftsnucleus, nuclei-template, cybersecurity, offensive-security, bug-bounty08-May-2024
XSS vulnerability caused by modifying the Content-Typehttps://medium.com/@xiaodongsec/xss-vulnerability-caused-by-modifying-the-content-type-5118e2d02286?source=rss------bug_bounty-5Xiaodongvulnerability, xss-attack, money, bug-bounty, hacker08-May-2024
Modify the request path to bypass upload restrictions, leading to an XSS vulnerability.https://medium.com/@xiaodongsec/modify-the-request-path-to-bypass-upload-restrictions-leading-to-an-xss-vulnerability-0610a893ff1a?source=rss------bug_bounty-5Xiaodongmoney, hacker, vulnerability, bug-bounty, xss-attack08-May-2024
An easily accomplished account takeoverhttps://medium.com/@xiaodongsec/an-easily-accomplished-account-takeover-cc2fd1c287ec?source=rss------bug_bounty-5Xiaodongbug-bounty, hacker, china, money, vulnerability07-May-2024
Title: Understanding Vertical Privilege Escalation in Cybersecurityhttps://alvinbijo.medium.com/title-understanding-vertical-privilege-escalation-in-cybersecurity-2a12c42f8d83?source=rss------bug_bounty-5Alvin bijobug-bounty07-May-2024
24.10 Lab: HTTP/2 request smuggling via CRLF injection | 2024https://cyberw1ng.medium.com/24-10-lab-http-2-request-smuggling-via-crlf-injection-2024-8970aa222b46?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, bug-bounty, penetration-testing, careers07-May-2024
Securitydegen.com Feature Update!https://medium.com/@bugbountydegen/securitydegen-com-feature-update-d0bda8b236c0?source=rss------bug_bounty-5Bug Bounty Degenvulnerability, web3, blockchain-security-audit, bug-bounty, smart-contracts07-May-2024
A Thrilling Dive into Cloud Penetration Testinghttps://adipsharif.medium.com/a-thrilling-dive-into-cloud-penetration-testing-fc88855f7f15?source=rss------bug_bounty-5ADIPbug-bounty, information-security, cloud, info-sec-writeups, penetration-testing07-May-2024
Threat Modeling for OAuth 2.0 Authorization Frameworkhttps://medium.com/@jayeshkunwal/threat-modeling-for-oauth-2-0-authorization-framework-fcab66226fd7?source=rss------bug_bounty-5Jayesh kunwalthreat-modeling, bug-bounty, oauth, cybersecurity, vapt07-May-2024
How I got $250 for IDOR via Business Logic Errorhttps://medium.com/@aryamanav.028/how-i-got-250-for-idor-via-business-logic-error-f3ba502baa5e?source=rss------bug_bounty-5Manav Aryacybersecurity, information-security, vulnerability, bug-bounty, bugcrowd07-May-2024
Athena TryHackMe Walkthroughhttps://medium.com/@boogsta/athena-tryhackme-walkthrough-58eb432f0daa?source=rss------bug_bounty-5Boogstacybersecurity, bug-bounty, hacking, tryhackme, cyber07-May-2024
A Comprehensive Review of the Guided Hacking Forumhttps://medium.com/@yannik603/a-comprehensive-review-of-the-guided-hacking-forum-918231ab4f68?source=rss------bug_bounty-5Yannik Castroreverse-engineering, bug-bounty, games, ctf, hacking07-May-2024
IDN Bootcamp Bug Bounty : Langkah awal Menjadi Bug Hunterhttps://medium.com/@cornelius.yuli.r/idn-bootcamp-bug-bounty-langkah-awal-menjadi-bug-hunter-a1fce0850681?source=rss------bug_bounty-5Corneliusidn-bootcamp, bug-bounty06-May-2024
Crypto bounty program got me $500 — Rate Limit Bypasshttps://mo9khu93r.medium.com/crypto-bounty-program-got-me-500-rate-limit-bypass-d573f7b7d390?source=rss------bug_bounty-5mo9khu93rcryptocurrency, security, hacking, web3, bug-bounty06-May-2024
IDN Bootcamp Bug Bounty : Langkah awal Menjadi Bug Hunterhttps://cornelius-y.medium.com/idn-bootcamp-bug-bounty-langkah-awal-menjadi-bug-hunter-a1fce0850681?source=rss------bug_bounty-5Cornelius Yuliidn-bootcamp, bug-bounty06-May-2024
Bounty Beginnings: My First Bug Discoveryhttps://cyberojas.medium.com/bounty-beginnings-my-first-bug-discovery-c4fea0b0c5c3?source=rss------bug_bounty-5cyberOjasbug-bounty, vulnerability, bugcrowd06-May-2024
Web3 Bug Bounty V/S Smart Contract Auditinghttps://securrtech.medium.com/web3-bug-bounty-v-s-smart-contract-auditing-94207960469d?source=rss------bug_bounty-5Securrblockchain, smart-contract-auditing, bug-bounty, web3, web3-security06-May-2024
alasan ingin belajar bug bounty IDN bootcamphttps://medium.com/@ilhamsabana100/alasan-ingin-belajar-bug-bounty-idn-bootcamp-abf359e6a628?source=rss------bug_bounty-5Ilhamsabanabug-bounty06-May-2024
Blog mengenai saya sebagai syarat Bug Bounty IDN Bootcamphttps://medium.com/@081335097475a/blog-mengenai-saya-sebagai-syarat-bug-bounty-idn-bootcamp-ba3a6d8cdf36?source=rss------bug_bounty-5Mohamad Fachry Alicybersecurity, bug-bounty06-May-2024
Pengalaman saya dibidang CyberSecurityhttps://medium.com/@ahmadfauzyhafidz/pengalaman-saya-dibidang-cybersecurity-6919e17302d8?source=rss------bug_bounty-5Ahmad Fauzy Hafidzcoding, cybersecurity, bug-bounty, capture-the-flag06-May-2024
My Journey to Become a Bug Hunters | Bug Bounty IDN Bootcamphttps://wahyukiddies.medium.com/my-journey-to-become-a-bug-hunters-bug-bounty-idn-bootcamp-9cc04860c874?source=rss------bug_bounty-5Wahyu Priambodotechnology, bug-bounty, experience, cybersecurity, bootcamp06-May-2024
Bug bounty IDN Bootcamp: Perjalanan menjadi pentester dan bug hunterhttps://medium.com/@rizkiarifsaifudin/bug-bounty-idn-bootcamp-perjalanan-menjadi-pentester-dan-bug-hunter-bf4eee8b64f5?source=rss------bug_bounty-5Rizki Arif Saifudinprogramming, bug-bounty, linux, cybersecurity06-May-2024
Pengalaman Menemukan Celah Keamanan (Bug) Pada Sebuah Website (Prelude Bug Bounty IDN Bootcamp)https://medium.com/@nugrohoandyreza/pengalaman-menemukan-celah-keamanan-bug-pada-sebuah-website-prelude-bug-bounty-idn-bootcamp-7c4d6ad2af1f?source=rss------bug_bounty-5Andy R. Nugrohobug-bounty06-May-2024
Guide To Subdomain Takeovers: DNS Resolutions:-Vertical Recon.https://hacktivistattacker.medium.com/dns-resolutions-guide-to-subdomain-takeovers-vertical-recon-9da92433e973?source=rss------bug_bounty-5Hacktivist-Attackerreconnaissance, subdomain-takeover, penetration-testing, subdomain, bug-bounty06-May-2024
Network Infrastructure Reconhttps://medium.com/@davidkarpinski1/network-infrastructure-recon-3d5741eec73b?source=rss------bug_bounty-5David Eduardo Karpinskidns, hacking, networking, cybersecurity, bug-bounty06-May-2024
BugBountyTraining Lab: FastFoodHackings Part 1https://hoppp3r.medium.com/bugbountytraining-lab-fastfoodhackings-part-1-39a7b06fdef9?source=rss------bug_bounty-5Hoppp3rbug-bounty-writeup, bugbountytraining, fastfoodhackings, bug-bounty, bug-bounty-labs05-May-2024
Bug Bounty IDN Bootcamphttps://medium.com/@nurdin8/bug-bounty-idn-bootcamp-dffeeba84854?source=rss------bug_bounty-5Senudin Nurdinbug-bounty05-May-2024
‍ Hack Like a Pro: Precon’s Simple Subdomain Secretshttps://medium.com/@tamhacker1/hack-like-a-pro-precons-simple-subdomain-secrets-a87e5b741b0b?source=rss------bug_bounty-5Tamhackerethical-hacking, bug-bounty, hacker, hacking, cybersecurity05-May-2024
Exposing Information Of All Users “Email,Mobile Number ..etc”https://medium.com/@dr4040x00/exposing-information-of-all-users-email-mobile-number-etc-697c328e0584?source=rss------bug_bounty-5Dr404information-disclosure, web-pen-testing, bug-bounty, bug-bounty-tips05-May-2024
24.9 Lab: H2.CL request smuggling | 2024https://cyberw1ng.medium.com/24-9-lab-h2-cl-request-smuggling-2024-792b86db2c2a?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, penetration-testing, cybersecurity, hacking05-May-2024
An Impactful ‘No Rate Limiting’ Bughttps://medium.com/@duncanochieng682/an-impactful-no-rate-limiting-bug-29eb5158fd14?source=rss------bug_bounty-5JateloCybersecethical-hacking, web-app-security, bug-bounty, pentesting, bugs05-May-2024
Information gathering with OSINThttps://medium.com/@davidkarpinski1/information-gathering-with-osint-3b8af60a194d?source=rss------bug_bounty-5David Eduardo Karpinskihacking, osint, bug-bounty, cybersecurity, pentesting05-May-2024
JS-Snooper: Get More Bounty With Easy Bugshttps://aravind07.medium.com/js-snooper-get-more-bounty-with-easy-bugs-9d7b410f070e?source=rss------bug_bounty-5Gnana Aravind Kcybersecurity, infosec, bug-bounty, bug-bounty-tips, hacking05-May-2024
Proxying Web Traffic Via SSHhttps://medium.com/@mu.gl/proxying-web-traffic-via-ssh-f3cf09c35d46?source=rss------bug_bounty-5Mark El-Khourybug-bounty, ssh, pentesting, cybersecurity, infosec04-May-2024
LEARNING THE BUG BOUNTY PROGRAMhttps://medium.com/@basithrazaky/learning-the-bug-bounty-program-ffdfc54b3dee?source=rss------bug_bounty-5Ramadhani Basith Razakycapture-the-flag, bug-bounty, cybersecurity, linux, networking04-May-2024
24.8 Lab: Response queue poisoning via H2.TE request smuggling | 2024https://cyberw1ng.medium.com/24-8-lab-response-queue-poisoning-via-h2-te-request-smuggling-2024-33bdb4b56b0b?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, hacking, bug-bounty04-May-2024
# Certifcateshttps://medium.com/@scumdestroy/certifcates-f51eace48a7e?source=rss------bug_bounty-5penetration-testing, bug-bounty, recon, hacking, reconnaissance04-May-2024
Get Your First Award by Joining IDN Bootcamp Bug Bountyhttps://medium.com/@oktaa_/get-your-first-award-by-joining-idn-bootcamp-bug-bounty-7dd927ebe6b3?source=rss------bug_bounty-5oktabug-bounty, linux, network, penetration-testing, hacker04-May-2024
Alasan Kenapa Ingin Mengikuti “Bootcamp Bug Bounty IDN”https://medium.com/@naurayaffakamila/alasan-kenapa-ingin-mengikuti-bootcamp-bug-bounty-idn-2d4a5889518c?source=rss------bug_bounty-5Naursyy_bug-bounty, technology, cybersecurity04-May-2024
LEARNING BUG BOUNTY IDN BOOTCAMPhttps://medium.com/@basithrazaky/learning-the-bug-bounty-program-ffdfc54b3dee?source=rss------bug_bounty-5Ramadhani Basith Razakycapture-the-flag, bug-bounty, cybersecurity, linux, networking04-May-2024
24.7 Lab: Exploiting HTTP request smuggling to deliver reflected XSS | 2024https://cyberw1ng.medium.com/24-7-lab-exploiting-http-request-smuggling-to-deliver-reflected-xss-2024-334de5c0d400?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, cybersecurity, careers, hacking03-May-2024
Empire Breakout Vulnhub: WriteUp | Walkthrough | VulnHub CTF | Privilege Escalation Attack | Python…https://shamsulmehmood.medium.com/empire-breakout-vulnhub-writeup-walkthrough-vulnhub-ctf-privilege-escalation-attack-python-235087d3db54?source=rss------bug_bounty-5SHAMS UL MEHMOODcybersecurity, information-security, cyberattack, infosec, bug-bounty03-May-2024
Unleashing the Ethical Hacker Within: Cybersecurity Insights, Bug Bounty Tips, and the Art of…https://kd-200.medium.com/unleashing-the-ethical-hacker-within-cybersecurity-insights-bug-bounty-tips-and-the-art-of-2ebdb65a9ff3?source=rss------bug_bounty-5Nitin yadavtech, infosec, technology, bug-bounty, cybersecurity03-May-2024
3 easiest bugs that you can find right now [guarantied]https://medium.com/@deadoverflow/3-easiest-bugs-that-you-can-find-right-now-guarantied-71ef89efd1a7?source=rss------bug_bounty-5Imad Husanoviccybersecurity, hacking, bug-bounty-tips, programming, bug-bounty03-May-2024
Why and how to hide usernames on your WordPresss.https://medium.com/@izmir.suat/why-and-how-to-hide-usernames-on-your-wordpresss-b01320642838?source=rss------bug_bounty-5Izmir Suatwordpress, bug-bounty, information-security, pentest03-May-2024
XSS leads to HALL OF FAME on a French websitehttps://medium.com/@KaranMoudgil/xss-leads-to-hall-of-fame-on-a-french-website-95bd3a96ad24?source=rss------bug_bounty-5Karan Moudgilbug-bounty03-May-2024
Alasan saya ingin megikuti Bug Bounty IDN Bootcamphttps://wildan14ar.medium.com/alasan-saya-ingin-megikuti-bug-bounty-idn-bootcamp-339aa385b45b?source=rss------bug_bounty-5WILDAN ABDURRASYIDbootcamp, bug-bounty, idn, cybersecurity, sytem03-May-2024
How I bypassed OTP in unexpected wayhttps://medium.com/@ckachhadiya007/how-i-bypassed-otp-in-unexpected-way-2d4b478db512?source=rss------bug_bounty-5DEephacking, bug-bounty, red-team, cybersecurity, vulnerability03-May-2024
Real World GitLab Account Take Overhttps://medium.com/@red.whisperer/real-world-gitlab-account-take-over-b2e9896a1835?source=rss------bug_bounty-5Chuxhacking, cybersecurity, infosec, red-team, bug-bounty03-May-2024
IDOR lead to PII Disclosurehttps://medium.com/@karimelsayed0x1/idor-lead-to-pii-disclosure-121502394277?source=rss------bug_bounty-5z3r0xkidor, bug-bounty, web-security03-May-2024
How I Bypassed Rate limiting To Account Takeoverhttps://medium.com/@Ajakcybersecurity/how-i-bypassed-rate-limiting-to-account-takeover-1df722a527d5?source=rss------bug_bounty-5AjakCybersecurityhacking, cybersecurity, penetration-testing, bug-bounty, ethical-hacking03-May-2024
DNS Resolutions: Identifying Live Targets : Vertical RECON.https://hacktivistattacker.medium.com/dns-resolutions-identifying-live-targets-vertical-recon-2a2aed49bd6b?source=rss------bug_bounty-5Hacktivist-Attackerpenetration-testing, reconnaissance, bug-bounty, education, résolutions03-May-2024
what is RCE-[Remote code Execution]❓https://medium.com/@mmdesvand1386/what-is-rce-remote-code-execution-fee04264fe30?source=rss------bug_bounty-5mamadbug-bounty, website, security, cyber-security-website, social-security-website03-May-2024
Sql İnjection Nedir &Karşılaştığım Vakahttps://medium.com/@akostak/sql-i%CC%87njection-nedir-kar%C5%9F%C4%B1la%C5%9Ft%C4%B1%C4%9F%C4%B1m-vaka-708b17f5da9d?source=rss------bug_bounty-5Alibug-bounty-tips, bug-bounty, sql-injection, vulnerability, bugs03-May-2024
Bug Bounty IDhttps://medium.com/@nurdin8/bug-bounty-id-33c529b2cd1a?source=rss------bug_bounty-5Senudin Nurdinfree-course, linux, network, cyberse, bug-bounty02-May-2024
24.6 Lab: Exploiting HTTP request smuggling to capture other users requests | 2024https://cyberw1ng.medium.com/24-6-lab-exploiting-http-request-smuggling-to-capture-other-users-requests-2024-fd10d3b638bc?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, penetration-testing, careers02-May-2024
Langkah Awal Menuju Bug Bounty IDN BootCamphttps://medium.com/@caomaysss/langkah-awal-menuju-bug-bounty-idn-bootcamp-42bcc61ba7ef?source=rss------bug_bounty-5Caomaybug-bounty, xiaocaomay, idn, idn-network02-May-2024
Become a Bug Bounty hunter: Unveiling the Secrets to Success!https://adipsharif.medium.com/become-a-bug-bounty-hunter-unveiling-the-secrets-to-success-90dfab4c2832?source=rss------bug_bounty-5ADIPinfosec, bug-bounty-tips, info-sec-writeups, penetration-testing, bug-bounty02-May-2024
Google VRP Targets by Tierhttps://uprootsecurity.medium.com/google-vrp-targets-by-tier-c0679c27e545?source=rss------bug_bounty-5UprootSecurityinfosec, pentest, bug-bounty, cybersecurity, vapt02-May-2024
Alasan ingin belajar pada Bug Bounty IDN Bootcamphttps://medium.com/@putrantosurya38/alasan-ingin-belajar-bug-bounty-9f33d7d75161?source=rss------bug_bounty-5Putranto Suryacybersecurity, bug-bounty, bug-bounty-idn-bootcamp02-May-2024
How I Gained Account Access: Exploring the Risks of Password Reset Links in Cybersecurityhttps://kd-200.medium.com/how-i-gained-account-access-exploring-the-risks-of-password-reset-links-in-cybersecurity-5811e914c289?source=rss------bug_bounty-5Nitin yadavcybersecurity, bug-bounty, hacking, hackerone, technology02-May-2024
Mengapa bug bounty?https://medium.com/@rayyaramburambani11/mengapa-bug-bounty-0f77b824cc6c?source=rss------bug_bounty-5rayyanewbie, roboti̇k, bug-bounty-idn-bootcamp, bug-bounty02-May-2024
How i got admin panel without opening the targethttps://thesafdari.medium.com/how-i-got-admin-panel-without-opening-the-target-8ca4a2c219be?source=rss------bug_bounty-5Milad Safdari (TheSafdari)github, hacking, github-secret, bug-bounty, cybersecurity02-May-2024
Diving into the Depths: Unveiling Bug Bounty Adventures and Insights into Linux, Programming, and…https://medium.com/@mansorihack/diving-into-the-depths-unveiling-bug-bounty-adventures-and-insights-into-linux-programming-and-952cc8957dc0?source=rss------bug_bounty-5Mansorihacklinux, bug-bounty, pentesting02-May-2024
Bug Bounty IDN Bootcamp | By Ekyhttps://medium.com/@muhr6128/bug-bounty-idn-bootcamp-by-eky-7a65bc3f6844?source=rss------bug_bounty-5personcybersecurity, ethical-hacking, ctf, bug-bounty02-May-2024
Complex Attack Types: Sample Scenarios 3https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-3-bcd472d684cf?source=rss------bug_bounty-5Baris Dincercybersecurity, threat-intelligence, bug-bounty, penetration-testing, freedomofinternet02-May-2024
Real-World Example of Race Condition Exploits “adding Money”https://medium.com/@dr4040x00/real-world-example-of-race-condition-exploits-adding-money-c8fe62964067?source=rss------bug_bounty-5Dr404race-condition, web-penetration-testing, vulnerability, bug-bounty02-May-2024
#01: Path traversalhttps://medium.com/@karimelsayed0x1/01-path-traversal-0c52daffd26e?source=rss------bug_bounty-5z3r0xksource-code-review, path-traversal, web-security, nodejs, bug-bounty02-May-2024
My Journey to the Nokia Security Hall of Famehttps://mufazmi.medium.com/my-journey-to-the-nokia-security-hall-of-fame-4e9cf4d8b5e9?source=rss------bug_bounty-5Umair Farooquihof, bug-bounty, mufazmi, nokia-hall-of-fame, umair-farooqui01-May-2024
Harnessing the Power of Crowd-Sourced Securityhttps://medium.com/@paritoshblogs/harnessing-the-power-of-crowd-sourced-security-1326641d81b7?source=rss------bug_bounty-5Paritoshcybersecurity, information-technology, information-security, cloud-computing, bug-bounty01-May-2024
My First Verified Bug Bounty: Unmasking Flaws in University Web Appshttps://medium.com/@rafisyafrinaldi17/my-first-verified-bug-bounty-unmasking-flaws-in-university-web-apps-6c6b5fb1e8da?source=rss------bug_bounty-5Impeony | Rafivulnerability-assessment, cybersecurity, bug-bounty-writeup, bug-bounty01-May-2024
How I Bypass CSP that allow a iframe injection in a chat bot + HTML injection on emailshttps://medium.com/@jeetpal2007/how-i-bypass-csp-that-allow-a-iframe-injection-in-a-chat-bot-html-injection-on-emails-9d588aeef4c3?source=rss------bug_bounty-5JEETPALbug-bounty, htmli, bug-bounty-writeup, chatbotbugs, bug-bounty-tips01-May-2024
€150 Bounty: Chaining Vulns to fully Exploit CORS Misconfigurationhttps://r4v3n0r.medium.com/150-bounty-chaining-vulns-to-fully-exploit-cors-misconfiguration-521a0cd97316?source=rss------bug_bounty-5Fabian Cruzinformation-security, bug-bounty, infrastructure-security, cybersecurity, penetration-testing01-May-2024
How can I bypass the limit on the number of team membershttps://medium.com/@xiaodongsec/how-can-i-bypass-the-limit-on-the-number-of-team-members-c3dd56d265a0?source=rss------bug_bounty-5Xiaodongchina, vulnerability, money, bug-bounty, hacker01-May-2024
€400 Bounty: Unveiling a More Impactful CORS Misconfiguration Exploithttps://r4v3n0r.medium.com/400-bounty-unveiling-a-more-impactful-cors-misconfiguration-exploit-6db0a1b39bdc?source=rss------bug_bounty-5Fabian Cruzweb-security, bug-bounty, information-security, penetration-testing, cybersecurity01-May-2024
FortiClient Android Apphttps://medium.com/@3ed0x92/forticlient-android-app-958f942cb5b7?source=rss------bug_bounty-5Mohamed Eid Wahbybug-bounty, mobile-pentest, mobile-pentesting, penetration-testing, bug-bounty-tips01-May-2024
Partnering with fewerClicks- To Provide Robust Web3 Securityhttps://securrtech.medium.com/partnering-with-fewerclicks-to-provide-robust-web3-security-007328375783?source=rss------bug_bounty-5Securrsmart-contract-auditing, bug-bounty, pentesting, web301-May-2024
1500$ bounty: how unprotected directory leaked sensitive infohttps://medium.com/@aa.pietruczuk/1500-bounty-how-unprotected-directory-leaked-sensitive-info-929b55515232?source=rss------bug_bounty-5Agnieszka Pietruczukpentesting, bug-bounty01-May-2024
Exposed Secrets: The Peril of Broken Access Controlhttps://kd-200.medium.com/exposed-secrets-the-peril-of-broken-access-control-928223c62547?source=rss------bug_bounty-5Nitin yadavcybersecurity, bug-bounty, technology, hacking, penetration-testing01-May-2024
BBRADAR: A WEB TOOL TO FIND THE LATEST BUG BOUNTY PROGRAMShttps://medium.com/@Progsky/bbradar-a-web-tool-to-find-the-latest-bug-bounty-programs-833ba632f7a6?source=rss------bug_bounty-5Progskyweb-hacking, web-security, bug-bounty01-May-2024
I sent 1,000,000 Requests to a serverhttps://imwaiting18.medium.com/i-sent-1-000-000-requests-to-a-server-dcb6b41d5d7f?source=rss------bug_bounty-5imwaiting18 (Virang Rajyaguru)hacking, cybersecurity, bug-bounty, ethical-hacking01-May-2024
AWS S3 Bucket Misconfiguration Exposes PII and Documents of Job Seekershttps://infosecwriteups.com/aws-s3-bucket-misconfiguration-exposes-pii-and-documents-of-job-seekers-7b1332b0ecf1?source=rss------bug_bounty-5brutexploitercybersecurity, cloud, india, information-security, bug-bounty01-May-2024
Learning Offensive Cybersecurity — Day 2https://medium.com/@n4rkwh4l/learning-offensive-cybersecurity-day-2-73a682ba1e4d?source=rss------bug_bounty-5N4RKWH4Loffensive-security, cybersecurity, bug-bounty, learning, tech01-May-2024
Billions Bug Bounty Programhttps://billionsquest.medium.com/billions-bug-bounty-program-c86689b4fb29?source=rss------bug_bounty-5Billions Questbug-bounty-tips, bug-bounty, bug-bounty-hunter, bugs01-May-2024
Binary Exploitation: PicoCTF clutter-overflow challenge walk throughhttps://medium.com/@boogsta/binary-exploitation-picoctf-clutter-overflow-challenge-walk-through-80e2f775102c?source=rss------bug_bounty-5Boogstabug-bounty, hacking, hackathons, cyber, cybersecurity01-May-2024
1,000,000 requests 2FA bypasshttps://imwaiting18.medium.com/i-sent-1-000-000-requests-to-a-server-dcb6b41d5d7f?source=rss------bug_bounty-5imwaiting18 (Virang Rajyaguru)hacking, cybersecurity, bug-bounty, ethical-hacking01-May-2024
Javascript code inside HTMLhttps://medium.com/@thewhiteside2000/javascript-code-inside-html-389a71060bf0?source=rss------bug_bounty-5Thewhitesidebugs, bug-bounty-tips, bug-bounty01-May-2024
How OSINT Helped Me To Find User Credentials And Discover An OTP Bypasshttps://medium.com/@mohammed0x04/how-osint-helped-me-to-find-user-credentials-and-discover-an-otp-bypass-afb6b9e23b45?source=rss------bug_bounty-5Mohammed Waleedrecon, osint, bug-bounty-tips, cybersecurity, bug-bounty30-Apr-2024
Bypassing SSL Pinning with Frida and Objection in Mobile Applicationshttps://medium.com/@ria.banerjee005/bypassing-ssl-pinning-with-frida-and-objection-in-mobile-applications-0b42a778b0f2?source=rss------bug_bounty-5Ria Banerjeebug-bounty, cybersecurity, ssl-pinning, mobile-security, mobile-app-testing30-Apr-2024
Another ATO, will I get paid this time?https://imwaiting18.medium.com/another-ato-will-i-get-paid-this-time-ba86ed272f3e?source=rss------bug_bounty-5imwaiting18 (Virang Rajyaguru)hacking, ethical-hacking, security, bug-bounty, cyber-security-awareness30-Apr-2024
Useful GoogleDocks Tips — Bug Bounty Tuesdayhttps://medium.com/@kerstan/useful-googledocks-tips-bug-bounty-tuesday-45eddc06bf93?source=rss------bug_bounty-5kerstancybersecurity, bug-bounty, hacking30-Apr-2024
How I found three Critical Vulnerability in one site.https://medium.com/@ckachhadiya007/how-i-found-three-critical-vulnerability-in-one-site-70fc513669d8?source=rss------bug_bounty-5DEepvulnerability, hacking, cybersecurity, red-team, bug-bounty30-Apr-2024
O melhor curso de hacking etico do Brasilhttps://medium.com/@rafael.code77/o-melhor-curso-de-hacking-etico-do-brasil-cec8eec850bb?source=rss------bug_bounty-5Rafael Henriquetryhackme-writeup, hacking, bug-bounty, hacker, hackerone30-Apr-2024
24.4 Lab: Exploiting HTTP request smuggling to bypass front-end security controls, CL.TEhttps://cyberw1ng.medium.com/24-4-lab-exploiting-http-request-smuggling-to-bypass-front-end-security-controls-cl-te-458923cda52d?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, penetration-testing, bug-bounty, hacking30-Apr-2024
Learning OffensiveCybersecurity — Day 1https://medium.com/@n4rkwh4l/learning-offensivecybersecurity-day-1-b5c26c55522c?source=rss------bug_bounty-5N4RKWH4Lbug-bounty, cybersecurity, offensive-security, learning, tech30-Apr-2024
Adding Certificates to Postman & Burp Suite for API Testinghttps://medium.com/r3d-buck3t/adding-certificates-to-postman-burp-suite-for-api-testing-06339a6d072a?source=rss------bug_bounty-5Nairuz Abulhulsecurity, bug-bounty, penetration-testing, hacking, infosec30-Apr-2024
Bug Bounty Challenge (final): [CONCLUSION]https://wallotry.medium.com/bug-bounty-challenge-final-day-10-30-04-2024-75a6f93d2687?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-writeup30-Apr-2024
Finding a viper in the curved lawnhttps://medium.com/@kupiasec/finding-a-viper-in-the-curved-lawn-e43401997cce?source=rss------bug_bounty-5KupiaSeccurve-finance, bug-bounty, audit, blockchain, security30-Apr-2024
ineligible for bounty !!!https://medium.com/@thewhiteside2000/ineligible-for-bounty-d4b720bfb596?source=rss------bug_bounty-5Thewhitesidebug-bounty30-Apr-2024
postMessage() securityhttps://noobstain.medium.com/postmessage-security-e6c55ef1f1bd?source=rss------bug_bounty-5Sumeet darekarbug-bounty, xss-vulnerability, replit, postmessage, javascript30-Apr-2024
Learning Offensive Cybersecurity — Day 1https://medium.com/@n4rkwh4l/learning-offensivecybersecurity-day-1-b5c26c55522c?source=rss------bug_bounty-5N4RKWH4Lbug-bounty, cybersecurity, offensive-security, learning, tech30-Apr-2024
Bug Bounty Challenge (final): CONCLUSIONhttps://wallotry.medium.com/bug-bounty-challenge-final-day-10-30-04-2024-75a6f93d2687?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-writeup30-Apr-2024
do FUZZ well!https://medium.com/@ugs20b126_cic.rajesh/do-fuzz-well-07cb19bb0675?source=rss------bug_bounty-5Rajesh Sagarbug-bounty, fuzzing, bug-bounty-tips30-Apr-2024
E-Commerce Application Penetration Testing- My Favourite Business Logical Flawhttps://medium.com/@vaishalinagori112/e-commerce-application-penetration-testing-my-favourite-business-logical-flaw-bac0367ad60c?source=rss------bug_bounty-5Vaishali Nagoriapplication-security, ciso, bug-bounty, penetration-testing, vapt29-Apr-2024
The Silent Threat: Uncovering IDOR Vulnerabilities Before They’re Exploited (PoC)https://medium.com/@mrmaulik191/the-silent-threat-uncovering-idor-vulnerabilities-before-theyre-exploited-poc-f98d2b8aec8d?source=rss------bug_bounty-5Mr.MGidor, penetration-testing, blog, cybersecurity, bug-bounty29-Apr-2024
The Story of a Mass Account Takeover Though Stored XSS (Cross-Site Scripting).https://medium.com/@iamrajchavan/the-story-of-a-mass-account-takeover-though-stored-xss-cross-site-scripting-bd2e484a0bd1?source=rss------bug_bounty-5Rajdip Chavanvapt, cybersecurity, bug-hunting, web-app-pentesting, bug-bounty29-Apr-2024
The Fuzzy Wuzzy: Unveiling Hidden Parametershttps://medium.com/@mendurim.r/the-fuzzy-wuzzy-unveiling-hidden-parameters-24169dfc9371?source=rss------bug_bounty-5m3nd00bug-bounty, fuzzing, ffuf29-Apr-2024
Explorando Acunetix Vulneweb SQL Injectionhttps://medium.com/@davidkarpinski1/explorando-acunetix-vulneweb-sql-injection-23360cf2d5f3?source=rss------bug_bounty-5David Eduardo Karpinskisql-injection, sql, bug-bounty, mysql, vulnerability29-Apr-2024
24.3 Lab: Exploiting HTTP request smuggling to bypass front-end security controls, CL.TEhttps://cyberw1ng.medium.com/24-3-lab-exploiting-http-request-smuggling-to-bypass-front-end-security-controls-cl-te-3a5f92a939d2?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, penetration-testing, hacking, cybersecurity29-Apr-2024
Temu glitch - Temu system hacked and let me buy free items!https://medium.com/@verylazytech/temu-glitch-temu-system-hacked-and-let-me-buy-free-items-356fad19ae4a?source=rss------bug_bounty-5Very Lazy Techtemu, hacking, shopping, free, bug-bounty29-Apr-2024
The Fuzzy Wuzzy: Unveiling Hidden Parametershttps://medium.com/@mendurim.r/the-fuzzy-wuzzy-unveiling-hidden-parameters-24169dfc9371?source=rss------bug_bounty-5ScriptTeasebug-bounty, fuzzing, ffuf29-Apr-2024
Broken Link Hijacking: A Hidden Threat $350 Bountyhttps://medium.com/@chouhanhimanshu532/broken-link-hijacking-a-hidden-threat-350-bounty-bb5978177b1d?source=rss------bug_bounty-5Himanshu Chouhanbug-bounty, bugcrowd, bugs, broken-link-hijacking, bug-bounty-tips29-Apr-2024
Embracing Downtime: Why “Wasting Time” Can Be Beneficial for Bug Huntershttps://securitylit.medium.com/embracing-downtime-why-wasting-time-can-be-beneficial-for-bug-hunters-62d83da87a14?source=rss------bug_bounty-5Security Lit Limitedbug-bounty, cybersecurity, penetration-testing, bug-bounty-tips29-Apr-2024
Crypto Attacks Cheat-Sheethttps://medium.com/@davidkarpinski1/brute-forcing-cheat-sheet-30a9f58e024e?source=rss------bug_bounty-5David Eduardo Karpinskihacking, bug-bounty, dictionary, cheating, crack29-Apr-2024
Bug Bounty Challenge (final): Day 9–29/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-9-29-04-2024-9643d90e3ccf?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty29-Apr-2024
The Last Dance (HackTheBox Writeup)https://medium.com/@krishgera1/the-last-dance-hackthebox-writeup-ab0ffda6264f?source=rss------bug_bounty-5Krish Geractf, cybersecurity, hackthebox, hackerone, bug-bounty29-Apr-2024
Find PII Info Disclosure Bugs With this Simple GUI Tool-Easy P1https://medium.com/@Ajakcybersecurity/find-pii-info-disclosure-bugs-with-this-simple-gui-tool-easy-p1-7507a34ae172?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, cybersecurity, bug-bounty, hacking, penetration-testing29-Apr-2024
Bug Zero at a Glance [01–15 April]https://blog.bugzero.io/bug-zero-at-a-glance-01-15-april-1a761018d605?source=rss------bug_bounty-5Januka Dharmapriyacybersecurity, sri-lanka, bug-zero, newsletter, bug-bounty28-Apr-2024
2FA bypass that made me $______https://imwaiting18.medium.com/2fa-bypass-that-made-me-6d32d3b762b4?source=rss------bug_bounty-5imwaiting18 (Virang Rajyaguru)csrf, bug-bounty, cybersecurity, 2fa-bypass, hacking28-Apr-2024
How to choose less competitive Bug Bounty Programs ( No VDPs)https://medium.com/@h3mantsaini/how-to-choose-less-competitive-bug-bounty-programs-no-vdps-0acc3ddfe9b8?source=rss------bug_bounty-5H3mantbug-bounty-tips, bugbounty-writeup, bug-bounty, bug-bounty-writeup28-Apr-2024
Starting in Bug Bounty — First Master This Before Hunting.https://medium.com/@shuklaneel525/starting-in-bug-bounty-first-master-this-before-hunting-74d266a874a0?source=rss------bug_bounty-5NEEL SHUKLAbug-bounty, ethical-hacking, penetration-testing, bounty-program, bug-bounty-tips28-Apr-2024
Unveiling the Secrets of Internal Pentest Monitoring: A Game-Changer for Security Leadershttps://medium.com/@anirumble6776/unveiling-the-secrets-of-internal-pentest-monitoring-a-game-changer-for-security-leaders-09e57b46f9ef?source=rss------bug_bounty-5Aniniikethr12bug-bounty, pentesting, cybersecurity28-Apr-2024
Never use the GET method for Sensitive Actions in Web App: Ft. CSRFhttps://secureitmania.medium.com/never-use-the-get-method-for-sensitive-actions-in-web-app-ft-csrf-f106df3c228b?source=rss------bug_bounty-5secureITmaniabug-bounty, penetration-testing, information-security, hacking, web-development28-Apr-2024
Ability to Deny Subaccounts feature from all usershttps://medium.com/@mostafaaboelnour19/ability-to-deny-subaccounts-feature-from-all-users-e8fca424ffb9?source=rss------bug_bounty-50xAb031n0uRbugbounty-writeup, bug-bounty, cybersecurity28-Apr-2024
IDOR leads to Account Takeover of all users (ATO).https://medium.com/@xnum.1/idor-leads-to-account-takeover-of-all-users-ato-27af312c8481?source=rss------bug_bounty-5Ahmed Tarekpenteration-testing, account-takeover, bug-bounty, pentesting, hacking28-Apr-2024
Mi camino en el Bug Bounty comienza, pero antes..https://medium.com/@cyb3rbyt3/mi-camino-en-el-bug-bounty-comienza-pero-antes-e649661dddc0?source=rss------bug_bounty-5Cib3r Byt3bug-bounty28-Apr-2024
24.2 Lab: HTTP request smuggling, confirming a TE.CLhttps://cyberw1ng.medium.com/24-2-lab-http-request-smuggling-confirming-a-te-cl-1917e523470e?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, bug-bounty, hacking28-Apr-2024
How I Hacked an Indian Government Website and Accessed Their Database Serverhttps://medium.com/@kamilrahman32/how-i-hacked-an-indian-government-website-and-accessed-their-database-server-02a81842cce8?source=rss------bug_bounty-5Kamil Rahumanbug-hunting, cybersecurity, bug-bounty, hacking28-Apr-2024
Bug Bounty Challenge (final): Day 8–28/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-8-28-04-2024-67bac40e6a35?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter, bug-bounty28-Apr-2024
How We Hacked Voice Communication Solutions Company And Found BAC + Info Disclosure + IDOR 😀https://medium.com/@eslam.zayedw/how-we-hacked-voice-communication-solutions-company-and-found-bac-info-disclosure-idor-d-6884037064f0?source=rss------bug_bounty-5D0loresH4zebug-bounty, bug-bounty-tips, cybersecurity, hacking, penetration-testing28-Apr-2024
Flamingo Finance Bug Bounty Programhttps://medium.com/@kdmytro336/flamingo-finance-bug-bounty-program-e5736de7bfa0?source=rss------bug_bounty-5Dmytro Kovalenkoweb-security, bug-bounty, security, web3, flamingo-finance28-Apr-2024
VAPT: The Secret Weapon for Security Superheroeshttps://securitylit.medium.com/vapt-the-secret-weapon-for-security-superheroes-27fcdd79b16e?source=rss------bug_bounty-5Security Lit Limitedvapt, bug-bounty, cybersecurity, cyberattack28-Apr-2024
Security Testing Trends 2024https://innovateqa.medium.com/security-testing-trends-2024-38d9129fde4d?source=rss------bug_bounty-5InnovateQAsecurity-testing, devsecops, genai, bug-bounty, pentesting27-Apr-2024
Hidden parametershttps://medium.com/@thewhiteside2000/hidden-parameters-e818d572ea3e?source=rss------bug_bounty-5Thewhitesidebug-bounty, bug-bounty-tips27-Apr-2024
Top Ten Books for Bug Bountyhttps://medium.com/@verylazytech/top-ten-books-for-bug-bounty-95e8a42fb519?source=rss------bug_bounty-5Very Lazy Techpentesting, money, cybersecurity, bug-bounty, oscp27-Apr-2024
How to setup in 30 min your Web3 lab in Windowshttps://coinsbench.com/how-to-setup-in-30-min-your-web3-lab-in-windows-e0026185b64?source=rss------bug_bounty-5Bug Bounty Degenweb3, hacking-tools, ethereum, bug-bounty, blockchain27-Apr-2024
2:00 AM IDOR leads to some Adrenaline rushhttps://imwaiting18.medium.com/2-00-am-idor-leads-to-some-adrenaline-rush-996f710bd55a?source=rss------bug_bounty-5imwaiting18 (Virang Rajyaguru)bug-bounty27-Apr-2024
Logic Loopholes: The Fun Flawshttps://medium.com/@khode4li/logic-loopholes-the-fun-flaws-5a8e14b09dc7?source=rss------bug_bounty-5Khod4libusiness-logic, web-penetration, bug-bounty, pentest, xss-attack27-Apr-2024
How I Exploited an Auth0 Misconfiguration to Bypass Login Restrictionshttps://amjadali110.medium.com/how-i-exploited-an-auth0-misconfiguration-to-bypass-login-restrictions-c5d8c20d5505?source=rss------bug_bounty-5Amjad Alipenetration-testing, infosec, bug-bounty-tips, bug-bounty, cybersecurity27-Apr-2024
How A Blackbox Target Turned To Whitebox With Reconhttps://medium.com/@red.whisperer/how-a-blackbox-target-turned-to-whitebox-with-recon-e46536672702?source=rss------bug_bounty-5Chuxinfosec, cybersecurity, red-team, hacking, bug-bounty27-Apr-2024
Spotting Sensitive Data in iOS Applications A Penetration Tester’s Guidehttps://adipsharif.medium.com/spotting-sensitive-data-in-ios-applications-a-penetration-testers-guide-06f84af9cb0a?source=rss------bug_bounty-5ADIPpentesting, penetration-testing, infosec, information-security, bug-bounty27-Apr-2024
24.1 Lab: HTTP request smuggling, confirming a CL.TEhttps://cyberw1ng.medium.com/24-1-lab-http-request-smuggling-confirming-a-cl-te-c53051cf5875?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, careers, penetration-testing, cybersecurity27-Apr-2024
privilege escalation allow the app admin to add the user as organization admin (on Microsoft own…https://medium.com/@amitkhandebharad5/privilege-escalation-allow-the-app-admin-to-add-the-user-as-organization-admin-on-microsoft-own-e24352219a24?source=rss------bug_bounty-5Amitkhandebharadsecurity, bug-bounty, bugcrowd, privilege-escalation, bug-hunter27-Apr-2024
Exploring the Filliquid Testnet Launch Bug Bounty Program!https://medium.com/@dekachi17/exploring-the-filliquid-testnet-launch-bug-bounty-program-e67c76557cc5?source=rss------bug_bounty-5I. Tobias Darlingtonfilecoin, bug-bounty, testnet, defi, filliquid27-Apr-2024
How I Hacked NASA Website and find a Criticial Source Code leak BUG on their websitehttps://medium.com/@phantom9863/how-i-hacked-nasa-website-and-find-a-criticial-source-code-leak-bug-on-their-website-9be0c38299fd?source=rss------bug_bounty-5Phantombugs, bug-bounty-tips, bug-fixes, bug-bounty, bug-zero27-Apr-2024
Unveiling Strategies to Identify Potentially Sensitive Data Stored by iOS Applicationshttps://adipsharif.medium.com/spotting-sensitive-data-in-ios-applications-a-penetration-testers-guide-06f84af9cb0a?source=rss------bug_bounty-5ADIPpentesting, penetration-testing, infosec, information-security, bug-bounty27-Apr-2024
What is HTTP request smuggling?https://cyberw1ng.medium.com/what-is-http-request-smuggling-7ab91748c6db?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, careers, cybersecurity, bug-bounty26-Apr-2024
I found a simple but rare misconfiguration and got $200 on a hackerone programhttps://harish45.medium.com/i-found-a-simple-but-rare-misconfiguration-and-got-200-on-a-hackerone-program-5863b6c51538?source=rss------bug_bounty-5Harishhackerone, bug-bounty-writeup, bug-bounty, bug-bounty-tips26-Apr-2024
Private Interact.sh server setup with a web dashboardhttps://infosecwriteups.com/private-interact-sh-server-setup-with-a-web-dashboard-6b0320645536?source=rss------bug_bounty-5Serj Novoselovtutorial, hacking, tools, cybersecurity, bug-bounty26-Apr-2024
Found Multiple Bugs :: XSS, MITM, Sec-MisConf :: In an Educational Sitehttps://medium.com/@p.ra.dee.p_0xx01/found-multiple-bugs-xss-mitm-sec-misconf-in-an-educational-site-5a3804085da0?source=rss------bug_bounty-5Professor0xx01security, bugs, bug-bounty, information-security, xss-attack26-Apr-2024
The Ultimate Guide to CISSP’s Eight Security Territorieshttps://systemweakness.com/the-ultimate-guide-to-cissps-eight-security-territories-836ec7bec836?source=rss------bug_bounty-5Gagan Yalamuristartup, information-security, information-technology, cybersecurity, bug-bounty26-Apr-2024
Unraveling the Nuances of 403 Bypass: Strengthening Web Application Securityhttps://medium.com/@dasmanish6176/unraveling-the-nuances-of-403-bypass-strengthening-web-application-security-ac2e8e885c3f?source=rss------bug_bounty-5Dasmanish403-forbidden, ethical-hacking, bug-bounty26-Apr-2024
How to baypass scaping filter(\)https://medium.com/@thewhiteside2000/how-to-baypass-scaping-filter-14393a23af4f?source=rss------bug_bounty-5Thewhitesidebug-bounty-tips, bug-bounty26-Apr-2024
How We Prevented a Mass Breach On One OF The Biggest CryptoCurrency Gateways On A Web3 Platform.https://medium.com/@eslam.zayedw/how-we-prevented-a-mass-breach-on-one-of-the-biggest-cryptocurrency-gateways-on-a-web3-platform-2d8393070b10?source=rss------bug_bounty-5D0loresH4zecybersecurity, bugbounty-writeup, bug-bounty, bug-bounty-tips, penetration-testing26-Apr-2024
Found Multiple Bugs :: XSS, MITM, Sec-MisConf :: In a GOVT Educational Sitehttps://medium.com/@p.ra.dee.p_0xx01/found-multiple-bugs-xss-mitm-sec-misconf-in-an-educational-site-5a3804085da0?source=rss------bug_bounty-5Professor0xx01security, bugs, bug-bounty, information-security, xss-attack26-Apr-2024
Bug Bounty Toolshttps://medium.com/@malishakali2002/bug-bounty-tools-bedcf7b94f8d?source=rss------bug_bounty-5Malisha_kalictf, bug-bounty-writeup, reconnaissance, bug-bounty, bug-bounty-tool25-Apr-2024
this is how I Bypassed the 2FA page in a big site…https://medium.com/@hannorayousef/this-is-how-i-bypassed-the-2fa-page-in-a-big-site-77c6a3b7596d?source=rss------bug_bounty-5Bar_0_0_nbug-bounty, 2fa, pentesting, bug-bounty-tips, cybersecurity25-Apr-2024
Android Pentesting Lab Setup step to step . Part -1https://medium.com/@adityasingh4180/android-pentesting-lab-setup-step-to-step-part-1-c50d210d118d?source=rss------bug_bounty-5Security Empirebug-bounty-tips, cybersecurity, android-pentesting, bug-bounty, cyber-sec25-Apr-2024
Bug Bounty Champions: Real Stories of Cybersecurity Triumphshttps://medium.com/@paritoshblogs/bug-bounty-champions-real-stories-of-cybersecurity-triumphs-35c0c976469a?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, ai, hacking, information-security25-Apr-2024
Understanding 403 Bypass: A Critical Vulnerability in Web Application Securityhttps://infosecwriteups.com/understanding-403-bypass-a-critical-vulnerability-in-web-application-security-2b9f0318f3a4?source=rss------bug_bounty-5Abhishek Bhujangbug-bounty, 403-bypass, cybersecurity, vulnerability, web-app-security25-Apr-2024
Hacking one of the largest Legal tech in MENAhttps://ahmadmansourr.medium.com/hacking-one-of-the-largest-legal-tech-in-mena-92365c276654?source=rss------bug_bounty-5Ahmad Mansourpentest, hacking, securing, bug-bounty25-Apr-2024
Cyber Detectives Unite: Advanced Tools for Web Securityhttps://medium.com/@gaganak.yalamuri/cyber-detectives-unite-advanced-tools-for-web-security-bb675f46b46e?source=rss------bug_bounty-5Gagan Yalamuriethical-hacking, information-security, cybersecurity, bug-bounty, computer-science25-Apr-2024
How a ‘.git’ file Leads to Zendesk Panel Takeoverhttps://sl4x0.medium.com/how-a-git-file-leads-to-zendesk-panel-takeover-11e8d2812076?source=rss------bug_bounty-5Abdelrhman Allam (sl4x0)bug-bounty-tips, admin-panel, pentesting, bug-bounty, hacking25-Apr-2024
Privilege Escalation to Admin through an Import Featurehttps://cristivlad.medium.com/privilege-escalation-to-admin-through-an-import-feature-ac8ac6b6abad?source=rss------bug_bounty-5Cristi Vladbug-bounty, cybersecurity, penetration-testing, pentesting, infosec25-Apr-2024
Unexpected gain, arbitrary forgery of user tokens.https://medium.com/@xiaodongsec/unexpected-gain-arbitrary-forgery-of-user-tokens-cb0dc1c4bd9f?source=rss------bug_bounty-5Xiaodongchina, hacker, vulnerability, bug-bounty, money25-Apr-2024
How to monitor your internal pentesters?https://medium.com/@levente.b.molnar/how-to-monitor-your-internal-pentesters-6fe0e18f9fd0?source=rss------bug_bounty-5Hackratebug-bounty, cybersecurity, it-security, penetration-testing-tools, penetration-testing25-Apr-2024
Find This Easy CSRF in Every Website- A Sweet P4https://medium.com/@Ajakcybersecurity/find-this-easy-csrf-in-every-website-a-sweet-p4-372a3198bf47?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, technology, bug-bounty, hacking, cybersecurity25-Apr-2024
Bug Bounty Challenge (final): Day 5–25/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-5-25-04-2024-a8d33630fe73?source=rss------bug_bounty-5Wallotrybug-bounty-writeup, bug-bounty-hunter, bug-bounty, bug-bounty-tips25-Apr-2024
Cyber Detectives Unite: Advanced Tools for Web Securityhttps://systemweakness.com/cyber-detectives-unite-advanced-tools-for-web-security-bb675f46b46e?source=rss------bug_bounty-5Gagan Yalamuriethical-hacking, information-security, cybersecurity, bug-bounty, computer-science25-Apr-2024
20.6 Lab: Host validation bypass via connection state attack | 2024https://cyberw1ng.medium.com/20-6-lab-host-validation-bypass-via-connection-state-attack-2024-ba5ddd95edc4?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, hacking, cybersecurity, penetration-testing25-Apr-2024
Privilege escalation mediante Race Condition.https://medium.com/@duality084/privilege-escalation-mediante-race-condition-0254df6ffbd8?source=rss------bug_bounty-5Matias Ramirezbug-bounty, bug-bounty-tips, bugbounty-writeup, hacking25-Apr-2024
A very useful asset collection tool: Asset Reconnaissance Lighthouse.https://medium.com/@xiaodongsec/a-very-useful-asset-collection-tool-asset-reconnaissance-lighthouse-94204f093c92?source=rss------bug_bounty-5Xiaodonghacks, hunting, tools, bug-bounty, china24-Apr-2024
Hack Stories: Hacking Hackers EP:3https://infosecwriteups.com/hack-stories-hacking-hackers-ep-3-11b1f0e002e8?source=rss------bug_bounty-5c0d3x27software, programming, cybersecurity, hacking, bug-bounty24-Apr-2024
#1. Bug Bounty POC: IDOR leads to Account Takeoverhttps://cyb3rmind.medium.com/1-bug-bounty-poc-idor-leads-to-account-takeover-e500701a8004?source=rss------bug_bounty-5Cyb3r M!ndsidor, account-takeover, web-penetration-testing, bug-bounty, pentesting24-Apr-2024
BALMER PEAK AND BUG HUNTINGhttps://medium.com/@Progsky/balmer-peak-and-bug-hunting-8ea030eaa4a4?source=rss------bug_bounty-5Progskyhumor, bug-bounty24-Apr-2024
20.5 Lab: SSRF via flawed request parsing | 2024https://cyberw1ng.medium.com/20-5-lab-ssrf-via-flawed-request-parsing-2024-77a91ca47898?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, careers, cybersecurity, hacking24-Apr-2024
Unveiling the Hidden: A Guide to Passive Subdomain Enumerationhttps://medium.com/@gaganak.yalamuri/unveiling-the-hidden-a-guide-to-passive-subdomain-enumeration-6f1db9a8bb50?source=rss------bug_bounty-5Gagan Yalamuriweb-security, technology, security, bug-bounty, hacking24-Apr-2024
Bug Bounty Challenge (final): Day 4–24/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-4-24-04-2024-ad138e4d1357?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter24-Apr-2024
Embarking on My Bug Bounty Hunting Journeyhttps://medium.com/@nikhil-/embarking-on-my-bug-bounty-hunting-journey-d4064cd28905?source=rss------bug_bounty-5Nikhilmy-journey-in-tech, cybersecurity, bug-bounty24-Apr-2024
Unveiling the Hidden: A Guide to Passive Subdomain Enumerationhttps://systemweakness.com/unveiling-the-hidden-a-guide-to-passive-subdomain-enumeration-6f1db9a8bb50?source=rss------bug_bounty-5Gagan Yalamuriweb-security, technology, security, bug-bounty, hacking24-Apr-2024
How easy I made $$$$https://anasbetis023.medium.com/how-easy-i-made-24edb0fd1364?source=rss------bug_bounty-5Anas H Hmaidypenetration-testing, bug-bounty-tips, cybersecurity, bug-bounty23-Apr-2024
Bug :: CORS Misconfiguration ~ could lead to disclosure of sensitive info..!!!https://medium.com/@p.ra.dee.p_0xx01/bug-cors-misconfiguration-could-lead-to-disclosure-of-sensitive-info-ad95e35162fd?source=rss------bug_bounty-5Professor0xx01cors, bug-bounty, threat-hunting, information-security, vulnerability23-Apr-2024
What are Some Ethical Considerations for Bug Bounty Hunters When Negotiating Rewards or Disclosing…https://medium.com/mynextdeveloper/what-are-some-ethical-considerations-for-bug-bounty-hunters-when-negotiating-rewards-or-disclosing-3008e87a6173?source=rss------bug_bounty-5MyNextDeveloperbug-bounty, ethics, data-breach, ethical-hacking, cybersecurity23-Apr-2024
IOS Penetration Testing: Guide to Static Analysishttps://medium.com/@adityasawant00/ios-penetration-testing-guide-to-static-analysis-4a9dea5d672d?source=rss------bug_bounty-5Aditya Sawantcybersecurity, static-analysis, bug-bounty, i̇os, penetration-testing23-Apr-2024
How I found my First Valid bughttps://medium.com/@tanyago/how-i-found-my-first-valid-bug-2a9c87ce7a91?source=rss------bug_bounty-5Tanya Goyalbug-bounty, bug-hunting, bug-bounty-writeup, bug-bounty-tips23-Apr-2024
Bypassing CloudFlare Error 1015: You Are Being Rate Limitedhttps://medium.com/@mdnafeed3/bypassing-cloudflare-error-1015-you-are-being-rate-limited-f25f4e8f7bb2?source=rss------bug_bounty-5H4cker-Nafeedbug-bounty, vulnerability, cybersecurity, hacking23-Apr-2024
QUICK ROADMAP TO BUG BOUNTY(things you need to know)https://medium.com/@joybhavanadam/quick-roadmap-to-bug-bounty-things-you-need-to-know-0aa1b64b9cdf?source=rss------bug_bounty-5Adam Paulo Antonytips, bug-bounty-tips, roadmaps, bug-bounty23-Apr-2024
VERTICAL RECON : SUBDOMAINS ENUMERATION. THE ART OF RECONISM:https://hacktivistattacker.medium.com/vertical-recon-subdomains-enumeration-the-art-of-reconism-66d3be42d5d0?source=rss------bug_bounty-5Hacktivist-Attackersubdomain-enumeration, information-gathering, subdomains-enumeration, bug-bounty, reconnaissance23-Apr-2024
20.4 Lab: Routing-based SSRF Vulnerability | 2024https://cyberw1ng.medium.com/20-4-lab-routing-based-ssrf-vulnerability-2024-c34402e8b6dd?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, cybersecurity, bug-bounty, careers23-Apr-2024
Browser Extension Security Testing: Part 1https://codewithvamp.medium.com/browser-extension-security-testing-part-1-0178766d2252?source=rss------bug_bounty-5Vaibhav Kumar Srivastavabug-bounty, hacking, browser-extension, bug-bounty-tips, testing23-Apr-2024
Email Verification Bypass via Remember Mehttps://infosecwriteups.com/email-verification-bypass-via-remember-me-c6d34e6060e9?source=rss------bug_bounty-5mo9khu93rbug-bounty, cybersecurity, pentesting, red-team, hacking22-Apr-2024
(Insecure Dangerous Component) Developer Backdoor `DebugActivity` included in the Production Game…https://medium.com/@hazeemyasseer/insecure-dangerous-component-developer-backdoor-debugactivity-included-in-the-production-game-390dddea9363?source=rss------bug_bounty-5Hazeem' Yasseerandroid-pentesting, android-pentest, bug-bounty-tips, bug-bounty, cybersecurity22-Apr-2024
20.3 Lab: Web cache poisoning via ambiguous requests | 2024https://cyberw1ng.medium.com/20-3-lab-web-cache-poisoning-via-ambiguous-requests-2024-8ab074dec0e4?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, careers, penetration-testing, bug-bounty22-Apr-2024
How many months took you to find your first bug ?! Let s seehttps://medium.com/@aiz3nsk/how-many-months-took-you-to-find-your-first-bug-let-s-see-c48e4cce0c29?source=rss------bug_bounty-5Aiz3n Skbug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-bounty-program, bug-bounty-writeup22-Apr-2024
Don’t overlook any parameter, because the vulnerability lies within!https://medium.com/@xiaodongsec/dont-overlook-any-parameter-because-the-vulnerability-lies-within-d0107d0c4f3e?source=rss------bug_bounty-5Xiaodonghacker, vulnerability, china, money, bug-bounty22-Apr-2024
Exploiting PostMessage for cool XSS vulnerabilitieshttps://manasharsh.medium.com/exploiting-postmessage-for-cool-xss-vulnerabilities-cbea132398e1?source=rss------bug_bounty-5Manas Harshhacking, xss-vulnerability, bug-bounty, application-security22-Apr-2024
Google Map API Key Exposure: A Bug Bounty Journeyhttps://medium.com/@iamrizwanvp/google-map-api-key-exposure-a-bug-bounty-journey-6e0bb1560961?source=rss------bug_bounty-5RIZWANpentesting, bug-bounty, cybersecurity, bugbounty-writeup22-Apr-2024
Auto Bug Bounty Script — Unleash Your Hunting Potentialhttps://medium.com/@psychomong/auto-bug-bounty-script-unleash-your-hunting-potential-7ecd6ad417ea?source=rss------bug_bounty-5psychomongbug-bounty, vapt, hacker, bug-bounty-tips, automation22-Apr-2024
How i Find Database Credentials via Mass Recon & Recon Scoping on Gcashhttps://ph-hitachi.medium.com/how-i-find-database-credentials-via-mass-recon-recon-scoping-on-gcash-f43a0dae3ec1?source=rss------bug_bounty-5Ph.Hitachipentest, reconnaissance, recon, bug-bounty, gcash22-Apr-2024
What is SSRF and how to Detect them on Web Applicationhttps://alvinbijo.medium.com/what-is-ssrf-and-how-to-detect-them-on-web-application-687820c4d097?source=rss------bug_bounty-5Alvin bijobug-bounty-tips, bug-bounty, xs, ssrf22-Apr-2024
Bug Bounty Challenge (final): Day 3–22/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-3-22-04-2024-51adde52bf60?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-bounty-tips22-Apr-2024
Cross-Site Scripting Detectionhttps://medium.com/@b.c114303/cross-site-scripting-detection-b35e4bd744b3?source=rss------bug_bounty-5Anni0pbug-bounty, cybersecurity, xss-attack22-Apr-2024
Beware of Method Swapping: Unveiling a Potential Security Vulnerabilityhttps://infosecwriteups.com/beware-of-method-swapping-unveiling-a-potential-security-vulnerability-cc66c867e3b2?source=rss------bug_bounty-5HooSbug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips22-Apr-2024
How to avoid burnouts in bugbounty?https://medium.com/@mr_prey3r/how-to-avoid-burnouts-in-bugbounty-4d97e14f1ff1?source=rss------bug_bounty-5Rubayet Hasan aka MR_Prey3rbug-bounty-tips, bug-bounty, bug-bounty-writeup22-Apr-2024
Beware of Method Swapping: Unveiling a Potential Security Vulnerabilityhttps://medium.com/@hoosgamer/beware-of-method-swapping-unveiling-a-potential-security-vulnerability-cc66c867e3b2?source=rss------bug_bounty-5HooSbug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips22-Apr-2024
Beware of Method Swapping: Unveiling a Potential Security Vulnerabilityhttps://medium.com/@hohky_/beware-of-method-swapping-unveiling-a-potential-security-vulnerability-cc66c867e3b2?source=rss------bug_bounty-5Hohkybug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips22-Apr-2024
Project discovery`s Chaos: Subdomains Discovery for all Bug Bounty Programshttps://medium.com/@miladkeivanfar/project-discovery-s-chaos-subdomains-discovery-for-all-bug-bounty-programs-b9e39fe3589d?source=rss------bug_bounty-5Milad keivanfarsecurity, subdomains-enumeration, bug-bounty, penetration-testing21-Apr-2024
SQL Injection Vulnerability in WHERE Clause Allowing Retrieval of Hidden Datahttps://medium.com/@marduk.i.am/sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-96beb7f99d0c?source=rss------bug_bounty-5Marduk I Amportswigger-lab, sql-injection, information-security, bug-bounty, cybersecurity21-Apr-2024
Unraveling the Secrets of CWE and CVE in easily wayhttps://medium.com/@abdallahhendy15/unraveling-the-secrets-of-cwe-and-cve-in-easily-way-fc332b0294d6?source=rss------bug_bounty-5Abdallahhendypenetration-testing, cwe, cybersecurity, cve, bug-bounty21-Apr-2024
Such a simple zero-payment vulnerability.https://medium.com/@xiaodongsec/such-a-simple-zero-payment-vulnerability-8e29421cbf58?source=rss------bug_bounty-5Xiaodongmoney, vulnerability, bug-bounty, china, hacker21-Apr-2024
Linux Mastery, Practical Exercises for Effective Command Line Skillshttps://medium.com/@muhammadriva/linux-mastery-practical-exercises-for-effective-command-line-skills-e769d1010f73?source=rss------bug_bounty-5Muhammad Rivacyber-security-awareness, penetration-testing, cybersecurity, bug-bounty, kali-linux21-Apr-2024
What is server-side template injection?https://cyberw1ng.medium.com/what-is-server-side-template-injection-77b7e4d0cad2?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, penetration-testing, careers21-Apr-2024
How I could have hacked one LG website with a simple recon…https://medium.com/@rubixrub/how-i-could-have-hacked-one-lg-website-with-a-simple-recon-8306e6e4be54?source=rss------bug_bounty-5RubXhacking, bug-bounty, cybersecurity, bug-bounty-tips21-Apr-2024
HACKTHEBOX CBBH REVIEWhttps://medium.com/@admiralhr99/hackthebox-cbbh-review-76944984a573?source=rss------bug_bounty-5Admiralhrweb-application-security, bug-bounty, cybersecurity, cbbh, hackthebox21-Apr-2024
How do I get Started in Cyber Security? — My Perspective & Learning Path!https://medium.com/@aadhaarkoul2002/how-do-i-get-started-in-cyber-security-my-perspective-learning-path-cd45846dbe63?source=rss------bug_bounty-5Aadhaarkoulbug-bounty, infosec, technology, hacking, learning21-Apr-2024
Bug Bounty Challenge (final): Day 1–21/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-1-21-04-2024-f832f23f0464?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-writeup, bug-bounty-tips21-Apr-2024
Bug Bounty Challenge (final): Day 2–21/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-1-21-04-2024-f832f23f0464?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-writeup, bug-bounty-tips21-Apr-2024
Unsecured Content Provider leads to Account Takeoverhttps://medium.com/@ahmedelmorsy312/unsecure-content-provider-led-to-account-takeover-1e45d716bd7c?source=rss------bug_bounty-5Ahmed Elmorsihacker, bugbounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty20-Apr-2024
Best Bug Bounty Tipshttps://bevijaygupta.medium.com/best-bug-bounty-tips-af66fd076eb4?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bug-fixes, bugs, bug-bounty, bug-zero20-Apr-2024
Unraveling the Millennium Bug: A Digital Apocalypsehttps://medium.com/@ak123aryan/unraveling-the-millennium-bug-a-digital-apocalypse-39af9dbadc0b?source=rss------bug_bounty-5Akshay Aryanjava, bugs, software-development, bug-bounty20-Apr-2024
My methodology for hunting for open Redirect vulnerabilitieshttps://medium.com/@hozayfan782/my-methodology-for-hunting-for-open-redirect-vulnerabilities-fb79f2d24c22?source=rss------bug_bounty-5Hozayfa Nassertips, open-redirect, bug-bounty, tips-and-tricks20-Apr-2024
19.5 Lab: Finding a hidden GraphQL endpoint | 2024https://cyberw1ng.medium.com/19-5-lab-finding-a-hidden-graphql-endpoint-2024-aeb8cec440d1?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing20-Apr-2024
Paramspider Upgraded Versionhttps://medium.com/@pushkrajdhuri07/paramspider-upgraded-version-b14c1e8f9810?source=rss------bug_bounty-5PushkaraJhacking, bug-bounty, cybersecurity, redteam-tool, infosec20-Apr-2024
Bug Bounty Challenge (final): Day 1–20/04/2024https://wallotry.medium.com/bug-bounty-challenge-final-day-1-20-04-2024-2db4a6c86cc2?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup, bug-bounty20-Apr-2024
April 2024 Reading Listhttps://daytontp.medium.com/april-2024-reading-list-e570dd5143c9?source=rss------bug_bounty-5Dayton Pruetbug-bounty, network-security, cloud-computing, google-cloud-platform, linux19-Apr-2024
Race Condition on Change Email Leads to Arbitrary Email Forgeryhttps://medium.com/@blackarazi/race-condition-on-change-email-leads-to-arbitrary-email-forgery-741b720ac840?source=rss------bug_bounty-5Azhari Harahapbug-bounty, application-security, api-security, race-condition, bug-bounty-writeup19-Apr-2024
Blockchain Bug Bountyhttps://bevijaygupta.medium.com/blockchain-bug-bounty-a84c5f5ac684?source=rss------bug_bounty-5Vijay Guptabug-bounty, bug-bounty-tips, blockchain, blockchain-technology, bugs19-Apr-2024
OTP Bypass Security Issues and Remediationshttps://pratham-08.medium.com/otp-bypass-security-issues-and-remediations-f207eecebbea?source=rss------bug_bounty-5Pratham Mittalsecure-coding, software-development, otp-bypass, bug-bounty, security19-Apr-2024
Reconnaissance in Bug Bounty Programshttps://bevijaygupta.medium.com/reconnaissance-in-bug-bounty-programs-d46fadeb4508?source=rss------bug_bounty-5Vijay Guptabugs, bug-bounty-tips, footprinting, reconnaissance, bug-bounty19-Apr-2024
First valid critical vulnerability of minehttps://medium.com/@shalabhdevliyal/first-valid-critical-vulnerability-of-mine-1143ceaffefc?source=rss------bug_bounty-5Shalabhdevliyalvulnerability, hackerone, bug-bounty, cybersecurity19-Apr-2024
OOGWAY — Vulnerability Search Toolhttps://symbolexe.medium.com/oogway-vulnerability-search-tool-494587f0c00d?source=rss------bug_bounty-5Yasinbug-bounty, cybersecurity, vulnerability, cve19-Apr-2024
An Interesting Case of XSS Caused by File Uploadhttps://medium.com/@xiaodongsec/an-interesting-case-of-xss-caused-by-file-upload-86bdfb09408f?source=rss------bug_bounty-5Xiaodongchina, security, bug-bounty, money, hacks19-Apr-2024
How I Disclosed Employees PII | The mistake I made..|https://medium.com/@the.bugcrowd.testerpawan/how-i-disclosed-employees-pii-the-mistake-i-made-ca299a155440?source=rss------bug_bounty-5the_air_sharmabug-bounty-hunter, bug-bounty-program, bug-bounty-tips, bug-bounty-writeup, bug-bounty19-Apr-2024
19.4 Lab: Performing CSRF exploits over GraphQL | 2024https://cyberw1ng.medium.com/19-4-lab-performing-csrf-exploits-over-graphql-2024-8362148aee53?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, careers, penetration-testing, hacking19-Apr-2024
let’s Unlock Advanced Permissionshttps://rofes1337.medium.com/lets-unlock-advanced-permissions-d8529e9048e4?source=rss------bug_bounty-5Yousef Muhammedelkhirbug-bounty-tips, penteration-testing, bug-bounty, web-app-pentesting, privilege-escalation19-Apr-2024
Defence Methodologiehttps://medium.com/@haticezkmnl/defence-methodologie-bd3aa669d90e?source=rss------bug_bounty-5Hatice Zehra Kamanlıpentesting, bug-bounty, soc, prevention, cybersecurity19-Apr-2024
A CRASH COURSE ON NETWORK PROTOCOLS FOR BUG HUNTERShttps://medium.com/@binarymaster/a-crash-course-on-network-protocols-for-bug-hunters-d2648b79ab0e?source=rss------bug_bounty-5Binarymasterhacking, bug-bounty, network19-Apr-2024
Rest API Pentesting Resourceshttps://medium.com/@m14r41/rest-api-pentesting-resources-3155985b8c4d?source=rss------bug_bounty-5Madhurendra Kumarpentesting, checklist, bug-bounty, api, hacking19-Apr-2024
A CRASH COURSE ON NETWORK PROTOCOLS FOR BUG HUNTERShttps://medium.com/@Progsky/a-crash-course-on-network-protocols-for-bug-hunters-d2648b79ab0e?source=rss------bug_bounty-5Progskyhacking, bug-bounty, network19-Apr-2024
Stored XSS chain on NASA VDPhttps://medium.com/@ph4nt0mbyt3/stored-xss-chain-on-nasa-vdp-93814e2df863?source=rss------bug_bounty-5ph4nt0mbyt3bug-bounty, vulnerability, nasa18-Apr-2024
Introducing SHIFU: Your Comprehensive CVE Finder Toolkithttps://symbolexe.medium.com/introducing-shifu-your-comprehensive-cve-finder-toolkit-4b036cce55c6?source=rss------bug_bounty-5Yasincybersecurity, cve, bug-bounty18-Apr-2024
How Shodan Helps me to Find SMTP misconfigurationhttps://thesafdari.medium.com/how-shodan-helps-me-to-find-smtp-misconfiguration-56f63f1116a5?source=rss------bug_bounty-5Milad Safdaribug-bounty, finding-smtp-misconfig, finding-vulnerabilities18-Apr-2024
Jamtangan Bug Bountyhttps://bevijaygupta.medium.com/jamtangan-bug-bounty-7c49fc09881f?source=rss------bug_bounty-5Vijay Guptabugs, bug-zero, bug-bounty-tips, bug-bounty, jam-tangan18-Apr-2024
IDOR Bug Bountyhttps://bevijaygupta.medium.com/idor-bug-bounty-282d62d91691?source=rss------bug_bounty-5Vijay Guptaidor, bugs, bug-zero, bug-bounty, bug-bounty-tips18-Apr-2024
Yahoo Bug Bountyhttps://bevijaygupta.medium.com/yahoo-bug-bounty-a8a711e9ec3a?source=rss------bug_bounty-5Vijay Guptabug-bounty, yahoo-bug-bounty, bugs, yahoo, bug-bounty-tips18-Apr-2024
A Beginner’s Guide To Insecure Deserializationhttps://medium.com/@four0four/a-beginners-guide-to-insecure-deserialization-d359adffb207?source=rss------bug_bounty-5four0fourprogramming, cybersecurity, bug-bounty18-Apr-2024
How I found HTMLi on main domain of programhttps://medium.com/@jeetpal2007/how-i-found-htmli-on-main-domain-of-program-5c88a8e1af9a?source=rss------bug_bounty-5JEETPALbug-bounty-tips, html-injection, bug-bounty18-Apr-2024
IDOR Lead to Data Leakhttps://melguerdawi.medium.com/idor-lead-to-data-leak-c5107094f9ca?source=rss------bug_bounty-5Mostafa Elguerdawibug-bounty, cybersecurity, bug-bounty-tips18-Apr-2024
VulnersX Toolhttps://symbolexe.medium.com/vulnersx-tool-7a10b3090bbf?source=rss------bug_bounty-5Yasincybersecurity, cve, vulnerability, bug-bounty18-Apr-2024
How Shodan Helps me to Find SMTP misconfigurationhttps://thesafdari.medium.com/how-shodan-helps-me-to-find-smtp-misconfiguration-56f63f1116a5?source=rss------bug_bounty-5Milad Safdari (TheSafdari)bug-bounty, finding-smtp-misconfig, finding-vulnerabilities18-Apr-2024
How i Hacked Globe/Gcash services and manage to get access on multiple databases including ssh…https://ph-hitachi.medium.com/how-i-hacked-globe-gcash-services-and-manage-to-get-access-on-multiple-databases-including-ssh-9ca781348e8f?source=rss------bug_bounty-5Ph.Hitachibug-bounty, public-disclosure, pentesting, gcash18-Apr-2024
SSL Pinning Bypass Simplifiedhttps://medium.com/@evilprince007/ssl-pinning-bypass-simplified-48c0d5294a6c?source=rss------bug_bounty-5Prathamesh Khatavkarbug-bounty, cybersecurity, android18-Apr-2024
Unveiling Access Control Flaws: Taking over an entire organizationhttps://medium.com/@im0thmann/unveiling-access-control-flaws-taking-over-an-entire-organization-23505eb75d89?source=rss------bug_bounty-5mohamed othmancybersecurity, bug-bounty18-Apr-2024
19.3 Lab: Bypassing GraphQL brute force protections | 2024https://cyberw1ng.medium.com/19-3-lab-bypassing-graphql-brute-force-protections-2024-ae9df787c7c7?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, careers, bug-bounty, hacking18-Apr-2024
How I Used the ‘Everything’ Service to Uncover Two High-Risk Threats and Earn Over $700 in Rewardshttps://medium.com/@xiaodongsec/how-i-used-the-everything-service-to-uncover-two-high-risk-threats-and-earn-over-700-in-rewards-c42d002707ad?source=rss------bug_bounty-5Xiaodongchina, bug-bounty, money, hacker, vulnerability17-Apr-2024
Uber Bug Bounty Programhttps://bevijaygupta.medium.com/uber-bug-bounty-program-04cfe5050cd1?source=rss------bug_bounty-5Vijay Guptauber, bug-bounty, bug-bounty-tips, bug-zero, bugs17-Apr-2024
“Mastering Bug Bounty Hunting: Unveiling Secrets to Finding Hidden Vulnerabilities”https://medium.com/@faizalin5555/mastering-bug-bounty-hunting-unveiling-secrets-to-finding-hidden-vulnerabilities-0b5088e213d4?source=rss------bug_bounty-5Faizal Nbug-bounty-tips, bug-bounty, cybersecurity, penetration-testing, vulnerability17-Apr-2024
Bug Bounty POChttps://bevijaygupta.medium.com/bug-bounty-poc-e7fefda2fad0?source=rss------bug_bounty-5Vijay Guptabug-bounty, poc, bug-bounty-tips, bug-zero, bugs17-Apr-2024
Vulnerability Bounty Tool Recommendation: WIHhttps://medium.com/@xiaodongsec/vulnerability-bounty-tool-recommendation-wih-1e7b559b5fbc?source=rss------bug_bounty-5Xiaodongchina, tools, hacker, bug-bounty, money17-Apr-2024
Leveraging XSS to Execute CSRF Attackshttps://medium.com/@dodir.sec/leveraging-xss-to-execute-csrf-attacks-421edb662b40?source=rss------bug_bounty-5dodirbug-bounty, cybersecurity, penetration-testing, csrf, xss-attack17-Apr-2024
API Mis configuration: How Employee can change Manager’s review for him. (Part 2)https://interc3pt3r.medium.com/api-mis-configuration-how-employee-can-change-managers-review-for-him-part-2-28b242216b40?source=rss------bug_bounty-5Aneesha Dweb-development, bug-bounty, tips, cybersecurity, hacking17-Apr-2024
19.2 Lab: Accidental exposure of private GraphQL fields | 2024https://cyberw1ng.medium.com/19-2-lab-accidental-exposure-of-private-graphql-fields-2024-0d0836dc82ba?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, hacking, bug-bounty, careers17-Apr-2024
How I approach Account takeover due to no rate limit on OTPhttps://medium.com/@jeetpal2007/how-i-approach-account-takeover-due-to-no-rate-limit-on-otp-10a7fe056184?source=rss------bug_bounty-5JEETPALbug-bounty, bountytips, no-rate-limit, account-takeover17-Apr-2024
How I found a P1 bug in just 40 minuteshttps://medium.com/@jeetpal2007/how-i-found-a-p1-bug-in-just-40-minutes-4f3614abe974?source=rss------bug_bounty-5JEETPALapi-key, p1bugs, bug-bounty-tips, bug-bounty17-Apr-2024
OTP Bruteforce Chained with Response Manipulation Leads to Zero Click Account Takeoverhttps://medium.com/@cyberpro151/otp-bruteforce-chained-with-response-manipulation-leads-to-zero-click-account-takeover-7d1bee79a19f?source=rss------bug_bounty-5cyberpro151cybersecurity, account-takeover, bug-bounty, web-hacking, hacking17-Apr-2024
(Part 2) API Mis configuration: How Employee can change Manager’s review for him.https://interc3pt3r.medium.com/api-mis-configuration-how-employee-can-change-managers-review-for-him-part-2-28b242216b40?source=rss------bug_bounty-5Aneesha Dweb-development, bug-bounty, tips, cybersecurity, hacking17-Apr-2024
TCM Security — Practical Ethical Hacking Course — Find & Exploit Common Web Vulnerabilities — XSS…https://shibushivansh.medium.com/tcm-security-practical-ethical-hacking-course-find-exploit-common-web-vulnerabilities-xss-00dbb33d45e2?source=rss------bug_bounty-5Shivansh Sethcross-site-scripting, blog, command-injection, bug-bounty, cybersecurity16-Apr-2024
PayPal Bug Bountyhttps://bevijaygupta.medium.com/paypal-bug-bounty-7838f8bc5e4b?source=rss------bug_bounty-5Vijay Guptabugs, paypal, paypal-account, bug-bounty, bug-bounty-tips16-Apr-2024
Discord Bug Bountyhttps://bevijaygupta.medium.com/discord-bug-bounty-e2d0d3829c99?source=rss------bug_bounty-5Vijay Guptabugs, discord, bug-bounty-tips, bug-bounty, discord-bot16-Apr-2024
Top 5 books to learn bug hunting beginner to advancehttps://medium.com/@buglearners.com/top-5-books-to-learn-bug-hunting-beginner-to-advance-9006c34ea126?source=rss------bug_bounty-5Buglearners.combug-bounty, cybersecurity, bug-hunting, advance, books16-Apr-2024
18.4 Lab: Exploiting Ruby deserialization using a documented gadget chain | 2024https://cyberw1ng.medium.com/18-4-lab-exploiting-ruby-deserialization-using-a-documented-gadget-chain-2024-2e02be94c6f8?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, careers, bug-bounty, penetration-testing16-Apr-2024
Email Template Draft Feature Triggers SSRF, Earns ¥3000!https://medium.com/@xiaodongsec/email-template-draft-feature-triggers-ssrf-earns-3000-d59af1ffbae6?source=rss------bug_bounty-5Xiaodonghacker, vulnerability, china, money, bug-bounty16-Apr-2024
WhatWeb!?https://thehackersmeetup.medium.com/whatweb-c132eb13927c?source=rss------bug_bounty-5The Hackers Meetuptools, bug-bounty, whatweb, kali, web16-Apr-2024
XSS (Міжсайтовий скриптинг): детальний розбірhttps://medium.com/@max.pavlenko.dev/xss-%D0%BC%D1%96%D0%B6%D1%81%D0%B0%D0%B9%D1%82%D0%BE%D0%B2%D0%B8%D0%B9-%D1%81%D0%BA%D1%80%D0%B8%D0%BF%D1%82%D0%B8%D0%BD%D0%B3-%D0%B4%D0%B5%D1%82%D0%B0%D0%BB%D1%8C%D0%BD%D0%B8%D0%B9-%D1%80%D0%BE%D0%B7%D0%B1%D1%96%D1%80-23c36e5a7483?source=rss------bug_bounty-5Max Pavlenko (Certified Vue.js Developer)bug-bounty, security, front-end-development, xss-vulnerability16-Apr-2024
Reverse Engineering Sitecore Vulnerabilities-3https://medium.com/@nilayp799/reverse-engineering-sitecore-vulnerabilities-3-ba8a99563ca4?source=rss------bug_bounty-5Nilay Patelbug-bounty, vulnerability, automation, hacking, sitecore16-Apr-2024
Reverse Shell Scripting Concept.https://rahman0x01.medium.com/reverse-shell-scripting-concept-1bf1f60686a7?source=rss------bug_bounty-5rahman0x01netcat, bash-scripting, bug-bounty, reverse-shell, bash-script16-Apr-2024
I Found An IDOR Flaw where users' attached pictures and documents were leaked.https://medium.com/@Ajakcybersecurity/i-found-an-idor-flaw-where-users-attached-pictures-and-documents-were-leaked-961d564ce72f?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, cybersecurity, money, bug-bounty, penetration-testing16-Apr-2024
Bug Bounty Automationhttps://bevijaygupta.medium.com/bug-bounty-automation-f1fa68e3d903?source=rss------bug_bounty-5Vijay Guptaautomation-tools, automation-testing, bug-bounty-tips, automation, bug-bounty15-Apr-2024
Dell Bug Bountyhttps://bevijaygupta.medium.com/dell-bug-bounty-a578dc53d7bb?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, dell, dell-laptop, bugs, bug-bounty15-Apr-2024
CVE-2024–3400: A Critical Vulnerability in PAN-OS Firewallshttps://infosecwriteups.com/cve-2024-3400-a-critical-vulnerability-in-pan-os-firewalls-a7f8c66a10d2?source=rss------bug_bounty-5ElNiakbug-bounty, penetration-testing, command-injection, firewall, cybersecurity15-Apr-2024
Story of a strange IDOR without IDhttps://m7arm4n.medium.com/story-of-a-strange-idor-without-id-6735fd3dcd27?source=rss------bug_bounty-5M7arm4nhacking, bug-bounty, bug-bounty-tips, security, hacker15-Apr-2024
CSRF (1/3)https://medium.com/@karimelsayed0x1/csrf-1-3-22050bf9c92c?source=rss------bug_bounty-5z3r0xkbug-bounty, bug-bounty-tips, bug-bounty-writeup, csrf, web-attack15-Apr-2024
Advance XSS payload Listhttps://medium.com/@psychomong/advance-xss-payload-list-7b5d1a4df61c?source=rss------bug_bounty-5psychomonghacking, bug-bounty-tips, bugs, bug-bounty, xss-attack15-Apr-2024
18.3 Lab: Exploiting PHP deserialization with a pre-built gadget chain | 2024https://cyberw1ng.medium.com/18-3-lab-exploiting-php-deserialization-with-a-pre-built-gadget-chain-2024-64dcb875e23c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, hacking, penetration-testing, bug-bounty15-Apr-2024
How I got JS Execution (DOM XSS) Via CSTIhttps://medium.com/@amrkadry7/how-i-got-js-execution-dom-xss-via-csti-58a4171c2963?source=rss------bug_bounty-5Amrcybersecurity, bug-bounty15-Apr-2024
Acer Bug Bountyhttps://bevijaygupta.medium.com/acer-bug-bounty-9ce4d49c1051?source=rss------bug_bounty-5Vijay Guptaacer, bug-zero, bug-bounty, bug-bounty-tips, bugs14-Apr-2024
My Bug Bounty Journeyhttps://bevijaygupta.medium.com/my-bug-bounty-journey-b07f663c8ff8?source=rss------bug_bounty-5Vijay Guptabug-zero, bug-bounty-tips, my-journey, bugs, bug-bounty14-Apr-2024
Ten Tips You Have to Know for WordPress Bug Bountyhttps://medium.com/@zpbrent/ten-tips-you-have-to-know-for-wordpress-bug-bounty-b2b070f07add?source=rss------bug_bounty-5Peng Zhoubug-bounty, wordpress, infosec, hacker, bug-bounty-tips14-Apr-2024
How I Exploited the Account Cancellation Feature to Farm Rewardshttps://medium.com/@xiaodongsec/how-i-exploited-the-account-cancellation-feature-to-farm-rewards-19f6d6c0e181?source=rss------bug_bounty-5Xiaodonghacks, bug-bounty, skills, vulnerability, china14-Apr-2024
How I Hack Web Applications (Part 1)https://infosecwriteups.com/how-i-hack-web-applications-part-1-0833c002cc9a?source=rss------bug_bounty-5Rafin Rahman Chyethical-hacking, penetration-testing, bug-bounty, infosec, application-security14-Apr-2024
A unique SSRF hunt ( Invite user functionality vulnerable to blind SSRF attack )https://medium.com/@abhishek8602314652/a-unique-ssrf-hunt-invite-user-functionality-vulnerable-to-blind-ssrf-attack-c6804b2b398b?source=rss------bug_bounty-5Abhishek singh ( a6h1)bug-bounty, ssrf, bug-bounty-tips, bug-hunting, bug-bounty-writeup14-Apr-2024
A click can cause 1600$ | Auth0 misconfig .https://naumankh4n.medium.com/a-click-can-cause-1600-auth0-misconfig-9234aedad55c?source=rss------bug_bounty-5Nauman Khanpenetration-testing, bug-bounty, hacking, cybersecurity, money14-Apr-2024
18.2 Lab: Exploiting Java deserialization with Apache Commons | 2024https://cyberw1ng.medium.com/18-2-lab-exploiting-java-deserialization-with-apache-commons-2024-7ba379e97b52?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, careers, penetration-testing14-Apr-2024
Access to transparent security testing — Why we made HackGATE™ available to everyonehttps://medium.com/@levente.b.molnar/access-to-transparent-security-testing-why-we-made-hackgate-available-to-everyone-11c3e0efe44c?source=rss------bug_bounty-5Hackratebug-bounty, penetration-testing, pentesting, security, cybersecurity14-Apr-2024
THE ART OF RECONISM: HORIZONTAL RECON FOR PENETRATION TESTING:https://hacktivistattacker.medium.com/the-art-of-reconism-horizontal-recon-for-penetration-testing-fea5399af186?source=rss------bug_bounty-5Hacktivist-Attackerreconnaissance, horizonatl-reconaissance, scope-finding, bug-bounty, information-gathering13-Apr-2024
Power of CSRFhttps://medium.com/@hillrane24/power-of-csrf-43b736c74280?source=rss------bug_bounty-5NIKHIL RANEotp-bypass, bug-bounty, csrf, authentication-bypass13-Apr-2024
Unauthorized Admin Account Access via Google Authenticationhttps://nullr3x.medium.com/unauthorized-admin-account-access-via-google-authentication-a38d42577ac9?source=rss------bug_bounty-5Sahil Mehracybersecurity, web, bug-bounty, vulnerability, penetration-testing13-Apr-2024
Bancor Bug Bountyhttps://bevijaygupta.medium.com/bancor-bug-bounty-9c40e9389ab5?source=rss------bug_bounty-5Vijay Guptabug-zero, bug-bounty, bug-bounty-tips, bugs, bancor13-Apr-2024
Facebook Bug Bountyhttps://bevijaygupta.medium.com/facebook-bug-bounty-e9e73ce56f11?source=rss------bug_bounty-5Vijay Guptafacebook, bug-bounty-tips, bug-bounty, bugs, facebook-bug-bounty13-Apr-2024
Menggali Potensi Bug Bounty: Menghasilkan Uang atau Menemukan Keamanan?https://medium.com/@kaizen100801/menggali-potensi-bug-bounty-menghasilkan-uang-atau-menemukan-keamanan-170c44d2904e?source=rss------bug_bounty-5Zenbug-bounty, bug-bounty-tips, cybersecurity, hacking, cyber-security-awareness13-Apr-2024
Api Bug Bountyhttps://bevijaygupta.medium.com/api-bug-bounty-5f2aafced9a4?source=rss------bug_bounty-5Vijay Guptabugs, api, bug-bounty, api-development, bug-bounty-tips13-Apr-2024
How I saved over 200,000 job seekers’ data on staterecruit.in from a potential data breach.https://brutexploiter.medium.com/how-i-saved-over-200-000-job-seekers-data-on-staterecruit-in-from-a-potential-data-breach-7db5bad1c9e0?source=rss------bug_bounty-5brutexploitercybersecurity, web-development, web-security, sql-injection, bug-bounty13-Apr-2024
How do insecure deserialization vulnerabilities arise?https://cyberw1ng.medium.com/how-do-insecure-deserialization-vulnerabilities-arise-233c336b305b?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, careers, hacking, bug-bounty13-Apr-2024
How Did I Easily Find Stored XSS at Apple and earn $5000 ?https://medium.com/@xrypt0/how-did-i-easily-find-stored-xss-at-apple-and-earn-5000-3aadbae054b2?source=rss------bug_bounty-5Cryptosecurity, xss-attack, apple, bug-bounty, web-security13-Apr-2024
TryHackMe Creative Write-Uphttps://blog.devgenius.io/tryhackme-creative-write-up-f29e2cdbf7ae?source=rss------bug_bounty-5Joseph Alantryhackme-walkthrough, tryhackme, cybersecurity, tryhackme-writeup, bug-bounty13-Apr-2024
Broken Access Control (IDOR) on Forgot Password Could Lead to Attacker Change Password for Every…https://medium.com/@blackarazi/broken-access-control-idor-on-forgot-password-could-lead-to-attacker-change-password-for-every-e1b18e075b5a?source=rss------bug_bounty-5Azhari Harahapbug-bounty-writeup, bug-bounty, account-takeover, application-security, broken-access-control12-Apr-2024
How I managed to bypass 2FA on image linehttps://medium.com/@bishwajeetb1/how-i-managed-to-bypass-2fa-on-image-line-11f123fc32ea?source=rss------bug_bounty-5Bishwajeetcybersecurity, bug-bounty, application-security, web-application-testing, web-application-security12-Apr-2024
Using E-Notation to bypass Access Control restrictions to access arbitrary user PII-discussionshttps://medium.com/@keizobugbounty/using-e-notation-to-bypass-access-control-restrictions-to-access-arbitrary-user-pii-discussions-1fa014b544d4?source=rss------bug_bounty-5Keizobugbounty-writeup, cybersecurity, bug-bounty-writeup, bug-bounty, bug-bounty-tips12-Apr-2024
The Critical Role Of Bug Bounties in Ensuring Web3 Securityhttps://securrtech.medium.com/the-critical-role-of-bug-bounties-in-ensuring-web3-security-084cf518234b?source=rss------bug_bounty-5Securrweb3-security, bug-bounty, web312-Apr-2024
How I Find My First Internet Bug Bounty for Apache Airflowhttps://medium.com/@zpbrent/how-i-find-my-first-internet-bug-bounty-for-apache-airflow-9d3c1ec29b24?source=rss------bug_bounty-5Peng Zhoubug-bounty, open-source, airflow, python, infosec12-Apr-2024
Bug Zero at a Glance [16–31 March]https://blog.bugzero.io/bug-zero-at-a-glance-16-31-march-4f4cd6823a75?source=rss------bug_bounty-5Januka Dharmapriyacybersecurity, sri-lanka, bug-zero, bug-bounty, newsletter12-Apr-2024
How i Almost got 2K$ through a Race conditionhttps://medium.com/@0x3adly/how-i-almost-got-2k-through-a-race-condition-3b09232b3a25?source=rss------bug_bounty-5Anas Eladly ( 0x3adly )bug-bounty, bug-bounty-tips, race-condition, infosec, web-penetration-testing12-Apr-2024
A Comprehensive Guide to Static Analysis in Android Pentestinghttps://medium.com/@samireddisaimanikanta939/a-comprehensive-guide-to-static-analysis-in-android-pentesting-66023053ed18?source=rss------bug_bounty-5Intrud3rXpenetration-testing, ethical-hacking, android-static-analysis, android-pentesting, bug-bounty12-Apr-2024
Learn Bug Bountyhttps://bevijaygupta.medium.com/learn-bug-bounty-d67654f0c01f?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bugs, bug-bounty, learn, bug-zero12-Apr-2024
Microsoft Bug Bountyhttps://bevijaygupta.medium.com/microsoft-bug-bounty-1295263b135e?source=rss------bug_bounty-5Vijay Guptamicrosoft, microservices, bug-bounty-tips, bug-bounty-writeup, bug-bounty12-Apr-2024
How I Bypassed Offer Limits to Gain Multiple Membership Benefitshttps://medium.com/@xiaodongsec/how-i-bypassed-offer-limits-to-gain-multiple-membership-benefits-affea84c0844?source=rss------bug_bounty-5Xiaodongbug-bounty, hacker, china, vulnerability12-Apr-2024
Latest Bug Bounty And Web Hacking Tools Bug Bunty And Web Hacking Toolshttps://medium.com/@haidertallal786/latest-bug-bounty-and-web-hacking-tools-bug-bunty-and-web-hacking-tools-feff2224b200?source=rss------bug_bounty-5Muhammad haider Tallalbug-bounty, web-penetration-testing, hacking12-Apr-2024
Zoho Account Takeover: How a Single Click Can Lead to Full Control on your Zoho accounthttps://medium.com/@0xUsername/zoho-account-takeover-how-a-single-click-can-lead-to-full-control-on-your-zoho-account-04a5ea069382?source=rss------bug_bounty-5HackerWithOutHatsecurity, cybersecuirty, bug-bounty, infosec, information-security12-Apr-2024
Random account takeover via misconfigured OAuthhttps://medium.com/@Berserker1337/random-account-takeover-via-misconfigured-oauth-5dc2cbbbe905?source=rss------bug_bounty-5Berserkerbug-bounty, cybersecurity, information-security, infosec, vulnerability12-Apr-2024
16.5 Lab: Multistep clickjacking in Bug Bounty | 2024https://cyberw1ng.medium.com/16-5-lab-multistep-clickjacking-in-bug-bounty-2024-a5eb20de6900?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, cybersecurity, hacking12-Apr-2024
5 Methods I Use To Discover APIshttps://medium.com/@red.whisperer/5-methods-i-use-to-discover-apis-6d646baa3ffb?source=rss------bug_bounty-5Chuxapi, red-team, pentesting, hacking, bug-bounty12-Apr-2024
Token-Based Authentication vulnerabilityhttps://medium.com/@paulovitorcl/token-based-authentication-vulnerability-37d97efcca62?source=rss------bug_bounty-5Paulo Vitor Costa Limabug-bounty, cybersecurity12-Apr-2024
Hunting on Microsoft SharePoint: The art of manipulation.https://machiavellli.medium.com/hunting-on-microsoft-sharepoint-the-art-of-manipulation-25c96ee1de3a?source=rss------bug_bounty-5Machiavelliinfosec, bug-bounty12-Apr-2024
How I Discovered Vulnerabilities by Modifying App Memoryhttps://medium.com/@xiaodongsec/how-i-discovered-vulnerabilities-by-modifying-app-memory-5a87b685ed3d?source=rss------bug_bounty-5Xiaodonghacker, china, bug-bounty, vulnerability, money12-Apr-2024
How I Exposed a High-Risk SSRF Vulnerability in an AI Modelhttps://medium.com/@xiaodongsec/how-i-exposed-a-high-risk-ssrf-vulnerability-in-an-ai-model-e40d6f96a5e1?source=rss------bug_bounty-5Xiaodongsechacker, bug-bounty, ai11-Apr-2024
Building My Own Packet Sniffer for Game Security Testinghttps://medium.com/@yannik603/building-my-own-packet-sniffer-for-game-security-testing-8baf58a94d0c?source=rss------bug_bounty-5Yannik Castrogamehacking, bug-bounty, reverse-engineering, hacking, hacking-tools11-Apr-2024
Meta Bug Bountyhttps://bevijaygupta.medium.com/meta-bug-bounty-cc842ca0f614?source=rss------bug_bounty-5Vijay Guptabugs, bug-zero, bug-bounty, metaverse, bug-bounty-tips11-Apr-2024
How to Fuzz Prototype Pollution by Reusing Public CVEs for Fun and Researchhttps://medium.com/@zpbrent/how-to-fuzz-prototype-pollution-by-reusing-public-cves-for-fun-and-research-40891013bf0b?source=rss------bug_bounty-5Peng Zhouweb-security, nodejs, fuzzing, infosec, bug-bounty11-Apr-2024
How I Exposed a High-Risk SSRF Vulnerability in an AI Modelhttps://medium.com/@xiaodongsec/how-i-exposed-a-high-risk-ssrf-vulnerability-in-an-ai-model-e40d6f96a5e1?source=rss------bug_bounty-5Xiaodonghacker, bug-bounty, ai11-Apr-2024
How I Uncovered a Payment Vulnerabilityhttps://medium.com/@xiaodongsec/how-i-uncovered-a-payment-vulnerability-6355e15d1702?source=rss------bug_bounty-5Xiaodongvulnerability, china, bug-bounty, hacker11-Apr-2024
Indian software firms cheated me by failing to provide the promised bounty after I reported…https://medium.com/@mangbho28/indian-software-firms-cheated-me-by-failing-to-provide-the-promised-bounty-after-i-reported-ffc7fcc83993?source=rss------bug_bounty-5MB007bug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-program11-Apr-2024
Bypassed the Amazon CloudFront Logic and got XSS at the National Weather Agency of the U.S.https://royzsec.medium.com/bypassed-the-amazon-cloudfront-logic-and-got-xss-at-the-national-weather-agency-of-the-u-s-100af330430a?source=rss------bug_bounty-5Prince Roy(RoyzSec)web-development, hacking, bug-bounty, cybersecurity, penetration-testing11-Apr-2024
7 Essential Skills Every Bug Bounty Hunter Needs to Succeedhttps://medium.com/mynextdeveloper/7-essential-skills-every-bug-bounty-hunter-needs-to-succeed-0e6ac8afa483?source=rss------bug_bounty-5MyNextDeveloperpenetration-testing, cybersecurity, kali-linux, darkweb, bug-bounty11-Apr-2024
GitHub Bug Bountyhttps://bevijaygupta.medium.com/github-bug-bounty-afa61eb789f3?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bug-zero, bugs, github, bug-bounty11-Apr-2024
16.4 Lab: Exploiting clickjacking vulnerability to trigger DOM-based XSS | 2024https://cyberw1ng.medium.com/16-4-lab-exploiting-clickjacking-vulnerability-to-trigger-dom-based-xss-2024-71c5b567fb4b?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, cybersecurity, bug-bounty, careers11-Apr-2024
Secret BurpSuite Extension For BugBounty~ Part-2https://medium.com/@Ajakcybersecurity/secret-burpsuite-extension-for-bugbounty-part-2-58b644b9222c?source=rss------bug_bounty-5AjakCybersecurityblog, bug-bounty, penetration-testing, ethical-hacking, hacking11-Apr-2024
How to Fuzz Prototype Pollution by Reusing Public CVEs for Fun and Researchhttps://medium.com/@zpbrent/how-to-fuzz-prototype-pollution-by-reusing-public-cves-for-fun-and-research-40891013bf0b?source=rss------bug_bounty-5Peng Zhoujavascript, web-security, nodejs, infosec, bug-bounty11-Apr-2024
Bug Bounty Challenge: Day 16–11/04/2024https://wallotry.medium.com/bug-bounty-challenge-day-16-11-04-2024-effc5c820319?source=rss------bug_bounty-5Wallotrybug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty11-Apr-2024
CVE-2024–24576: A Critical Rust Vulnerability on Windowshttps://infosecwriteups.com/cve-2024-24576-a-critical-rust-vulnerability-on-windows-4f0bb1a332e9?source=rss------bug_bounty-5ElNiakcybersecurity, windows, rust, penetration-testing, bug-bounty10-Apr-2024
How I Find an Arbitrary File Upload Vulnerability with a Unique Bypasshttps://medium.com/@zpbrent/how-i-find-an-arbitrary-file-upload-vulnerability-with-a-unique-bypass-8d679f45a497?source=rss------bug_bounty-5Peng Zhouinfosec, wordpress-plugins, web-security, bug-bounty, wordpress10-Apr-2024
Bug Bounty Certificationhttps://bevijaygupta.medium.com/bug-bounty-certification-27c95b8a1b80?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, bugs, bug-bounty, bug-zero, bug-bounty-certification10-Apr-2024
Android Bug Bountyhttps://bevijaygupta.medium.com/android-bug-bounty-9a2daf0d2270?source=rss------bug_bounty-5Vijay Guptabug-bounty-tips, android-bug-bounty, android, bugs, bug-bounty10-Apr-2024
Apple Bug Bountyhttps://bevijaygupta.medium.com/apple-bug-bounty-88002b2c159d?source=rss------bug_bounty-5Vijay Guptaapple-bug-bounty, bug-zero, bug-bounty, bug-bounty-tips, bugs10-Apr-2024
SQL Injection: A Simple Beginner’s Guide.https://ishengoma.medium.com/sql-injection-a-simple-beginners-guide-58d237ff18da?source=rss------bug_bounty-5Ishengomavulnerability-assessment, sql-injection, hacking, vulnerability-management, bug-bounty10-Apr-2024
Privilege Escalation by manipulating endpointhttps://medium.com/@vijayrockstar.verma5/privilege-escalation-by-manipulating-endpoint-10feb974bab5?source=rss------bug_bounty-5Vijay Vermainfosec, hacking, bug-bounty, cybersecurity, pentesting10-Apr-2024
Vulnerable WordPress March 2024 (Kandovan)https://medium.com/@onhexgroup/vulnerable-wordpress-march-2024-kandovan-24103451060b?source=rss------bug_bounty-5Onhexgroupwordpress, bug-bounty, wordpress-security, infosec, exploitation10-Apr-2024
Clickjacking: A Comprehensive Guide to Finding Clickjacking Vulnerabilitieshttps://cyberw1ng.medium.com/clickjacking-a-comprehensive-guide-to-finding-clickjacking-vulnerabilities-3f51d8e63a41?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, security, bug-bounty, careers10-Apr-2024
Bug: No rate limiting on Email verification leads to huge Mass Mailing :: P4https://medium.com/@deypradip87jk/bug-no-rate-limiting-on-email-verification-leads-to-huge-mass-mailing-p4-b72c666d6e56?source=rss------bug_bounty-5Professor0xx01information-security, bug-bounty-tips, cybersecurity, bug-bounty, infosec-write-ups09-Apr-2024
How I Found Bug :: Reflected XSS (Cross-Site-Scripting) On a BBP.https://medium.com/@deypradip87jk/how-i-found-bug-reflected-xss-cross-site-scripting-on-a-bbp-9f57611eda91?source=rss------bug_bounty-5Professor0xx01bug-bounty, cyber-security-solutions, infosec-write-ups, offensive-security, bug-bounty-tips09-Apr-2024
Bug: No rate limiting on Email verification leads to huge Mass Mailing :: P4https://medium.com/@p.ra.dee.p_0xx01/bug-no-rate-limiting-on-email-verification-leads-to-huge-mass-mailing-p4-b72c666d6e56?source=rss------bug_bounty-5Professor0xx01information-security, bug-bounty-tips, cybersecurity, bug-bounty, infosec-write-ups09-Apr-2024
How I Found Bug :: Reflected XSS (Cross-Site-Scripting) On a BBP.https://medium.com/@p.ra.dee.p_0xx01/how-i-found-bug-reflected-xss-cross-site-scripting-on-a-bbp-9f57611eda91?source=rss------bug_bounty-5Professor0xx01bug-bounty, cyber-security-solutions, infosec-write-ups, offensive-security, bug-bounty-tips09-Apr-2024
Bug Bounty Reportshttps://bevijaygupta.medium.com/bug-bounty-reports-8a6480d06a80?source=rss------bug_bounty-5Vijay Guptabug-bounty, bug-bounty-tips, bugs, bug-bounty-reports, bug-zero09-Apr-2024
Bug Hunting Methodology for Beginnershttps://bevijaygupta.medium.com/bug-hunting-methodology-for-beginners-ce7ee1b11c25?source=rss------bug_bounty-5Vijay Guptabug-bounty-hunter, bug-hunting, bug-bounty, bug-bounty-tips, bug-bounty-writeup09-Apr-2024
Information Disclosure: Story of 500€ + 400$ Bountyhttps://v3d.medium.com/information-disclosure-story-of-500-400-bounty-97d3b343f9ad?source=rss------bug_bounty-5V3Dbug-bounty, penetration-testing, information-technology, cybersecurity, hacking09-Apr-2024
Card Payment Functionality Checklist — Bug Bounty Tuesdayhttps://medium.com/@kerstan/card-payment-functionality-checklist-bug-bounty-tuesday-6eab127d0126?source=rss------bug_bounty-5kerstantechnology, hacking, cybersecurity, bug-bounty, security09-Apr-2024
Mass automation for finding XSS vulnerabilities in large scope targetshttps://medium.com/@oumzarkar/mass-automation-for-finding-xss-vulnerabilities-in-large-scope-targets-019996b0515c?source=rss------bug_bounty-5dextrobug-bounty-tips, cybersecurity, walkthrough, automation, bug-bounty09-Apr-2024
How I Found My First Stored XSS || WAF & Characters Limitation Bypasshttps://kariiem.medium.com/how-i-found-my-first-stored-xss-waf-characters-limitation-bypass-cc414c4fadde?source=rss------bug_bounty-5Kariiem Gamalbug-bounty-tips, bug-hunting, bug-bounty, waf-bypass, bugbounty-writeup09-Apr-2024
My WordPress Bug Bounty Journey on Patchstackhttps://medium.com/@zpbrent/from-first-rejection-to-monthly-top-c0dedd4bbc7f?source=rss------bug_bounty-5Peng Zhoubug-bounty-program, bug-bounty-hunter, wordpress-security, ethical-hacking, bug-bounty09-Apr-2024
Simple Tips for Bug Bounty Beginners: Finding Blind XSS Vulnerabilitieshttps://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-blind-xss-vulnerabilities-ab67977ff756?source=rss------bug_bounty-5Anish Narayanbug-bounty-tips, bug-bounty, xss-attack, cross-site-scripting, cybersecurity09-Apr-2024
15.3 Lab: CORS vulnerability with trusted insecure protocols | 2024https://cyberw1ng.medium.com/15-3-lab-cors-vulnerability-with-trusted-insecure-protocols-2024-2ba1967daecc?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, penetration-testing, bug-bounty, cybersecurity, hacking09-Apr-2024
Hunting Bugs and Striking Gold: Forward Calls for Elite Hunters in the Bug Bounty Campaignhttps://forwardprotocol.medium.com/hunting-bugs-and-striking-gold-forward-calls-for-elite-hunters-in-the-bug-bounty-campaign-057e686c8577?source=rss------bug_bounty-5Forward Protocolblockchain-technology, bug-bounty, bug-bounty-hunter, web3, blockchain-developer09-Apr-2024
Is Your Business a Sitting Duck for Credit Card Hackers? Here’s How PCI DSS Can Save You!https://medium.com/@josuofficial327/is-your-business-a-sitting-duck-for-credit-card-hackers-heres-how-pci-dss-can-save-you-97d7b6562131?source=rss------bug_bounty-5Josekutty Kunnelthazhe Binucybersecurity, payment-gateway, bug-bounty, hacking, bug-bounty-tips08-Apr-2024
Google Bug Huntershttps://bevijaygupta.medium.com/google-bug-hunters-673e2f5c2600?source=rss------bug_bounty-5Vijay Guptabug-hunter, bug-bounty-writeup, google, bug-bounty, bug-bounty-tips08-Apr-2024
Unleashing the Power of Bug Bounty Dorks: A Comprehensive Guidehttps://bevijaygupta.medium.com/unleashing-the-power-of-bug-bounty-dorks-a-comprehensive-guide-b121fce9e5e4?source=rss------bug_bounty-5Vijay Guptagoogle, bug-bounty, bug-bounty-tips, google-dork, bug-zero08-Apr-2024
How I Got Multiple Privilege Escalations — The Easy Trick?https://medium.com/@Mdabdulrahman/how-i-got-multiple-privilege-escalations-the-easy-trick-e915110bc08a?source=rss------bug_bounty-5Md Abdul Rahmanwin-privilege-escalation, bug-bounty, penetration-testing, privilege-escalation08-Apr-2024
Hacking Swisscom’s End-to-End Encrypted Cloud Storage for $4,000https://medium.com/@thomashouhou/hacking-swisscoms-end-to-end-encrypted-cloud-storage-for-4-000-3660722196ec?source=rss------bug_bounty-5Thomas Houhouweb-security, hacking, bug-bounty-tips, bug-bounty, cybersecurity08-Apr-2024
XSS on out of scope domain? CORS is your secret weapon!https://c4rrilat0r.medium.com/xss-on-out-of-scope-domain-cors-is-your-secret-weapon-93e433278080?source=rss------bug_bounty-5c4rrilat0rbug-bounty, bug-bounty-tips, hackerone, xss-attack, cors08-Apr-2024
Breaking Free: 26 Advanced Techniques to Escape Docker Containershttps://infosecwriteups.com/breaking-free-26-advanced-techniques-to-escape-docker-containers-530049816b55?source=rss------bug_bounty-5ElNiakbug-bounty, cybersecurity, penetration-testing, kubernetes, docker08-Apr-2024
15.2 Lab: CORS vulnerability with trusted null origin | 2024https://cyberw1ng.medium.com/15-2-lab-cors-vulnerability-with-trusted-null-origin-2024-a84020e4e254?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, cybersecurity, careers, bug-bounty08-Apr-2024
Why You Should Attend Cybersecurity Conferences: Unlock Opportunitieshttps://medium.com/@a13h1/why-you-should-attend-cybersecurity-conferences-unlock-opportunities-2a16dfe4658e?source=rss------bug_bounty-5Abhi Sharmanetworking, information-security, cybersecurity, conference, bug-bounty07-Apr-2024
How to Start Your Journey into Cybersecurity in 2024 (or how I did)https://medium.com/@j0hnc0nn0r/how-to-start-your-journey-into-cybersecurity-in-2024-or-how-i-did-ebe4910acdc7?source=rss------bug_bounty-5John Connorcybersecurity, penetration-testing, bug-bounty, tryhackme, hackthebox07-Apr-2024
How to Start Your Journey into Cybersecurity in 2024 (or how I did)https://medium.com/@j0hnc0nn0r/how-to-start-your-journey-into-cybersecurity-in-2024-or-how-i-did-ebe4910acdc7?source=rss------bug_bounty-5J0hn C0nn0rcybersecurity, penetration-testing, bug-bounty, tryhackme, hackthebox07-Apr-2024
How Employee can change Manager’s review for him.https://interc3pt3r.medium.com/how-employee-can-change-managers-review-for-him-a903bd329111?source=rss------bug_bounty-5Aneesha Dbug-bounty, cybersecurity, hacking, security, bugs07-Apr-2024
Unofficial Guide to OWASP Top 10:2021https://medium.com/@rafinrahmanchy/unofficial-guide-to-owasp-top-10-2021-87eebd03b614?source=rss------bug_bounty-5Rafin Rahman Chypentesting, web-security, bug-bounty, hacking, infosec07-Apr-2024
TryHackMe CTF: Vulnversity — Walkthroughhttps://medium.com/@suyogpatil1810/tryhackme-ctf-vulnversity-walkthrough-2f375c5521a6?source=rss------bug_bounty-5Suyog Patilsoftware-development, computer-science, hacking, ethical-hacking, bug-bounty07-Apr-2024
Mastering CORS: A Comprehensive Guide to Finding Cross-origin resource sharing Vulnerabilities |…https://cyberw1ng.medium.com/mastering-cors-a-comprehensive-guide-to-finding-cross-origin-resource-sharing-vulnerabilities-c22a5659f95f?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, security, penetration-testing07-Apr-2024
How We Found a 25K$ Bug in a Blockchain Project by Mistake | Bounty Hunting Journeyhttps://0d.dwalletlabs.com/how-we-found-a-25k-bug-in-a-blockchain-project-by-mistake-bounty-hunting-journey-21c0c20440f6?source=rss------bug_bounty-5Elad Ernstblockchain, exploitation, web3, bug-bounty, icon-foundation07-Apr-2024
IDOR Leads To Account Takeoverhttps://medium.com/@adityasawant00/idor-leads-to-account-takeover-28fe6e300a49?source=rss------bug_bounty-5Aditya Sawantidor, account-takeover, bug-bounty, penetration-testing, web-application-security07-Apr-2024
How Did I Find Reflected XSS In Domino’s ?https://medium.com/@xrypt0/how-did-i-find-reflected-xss-in-dominos-d1d41b120598?source=rss------bug_bounty-5Cryptocloudflare, bug-bounty, penetration-testing, xss-attack, web-security07-Apr-2024
File Upload Vulnerability Checklisthttps://medium.com/@dasmanish6176/file-upload-vulnerability-checklist-254c4680aa74?source=rss------bug_bounty-5Dasmanishweb-application-security, bug-bounty, web-penetration-testing, vapt, file-upload-vulnerability07-Apr-2024
Bug Bounties in Web3: Investing in Security for Sustainable Growthhttps://medium.com/@charliekaru/bug-bounties-in-web3-investing-in-security-for-sustainable-growth-5b4092474d3d?source=rss------bug_bounty-5Charlie Karunaratneweb3, defi-security, bug-bounty, web3-security07-Apr-2024
Teaching Spotify a Cryptography Lessonhttps://medium.com/@Fanicia/teaching-spotify-a-cryptography-lesson-51f5ee0b0f5c?source=rss------bug_bounty-5Security Guyopenid-connect, blue-team, bug-bounty, cybersecurity, bug-bounty-tips07-Apr-2024
Finding CSRF on Graphql Applicationhttps://medium.com/@alpernae/finding-csrf-on-graphql-application-3ffa1105a30d?source=rss------bug_bounty-5Alperenbug-bounty-tips, graphql, cybersecurity, bug-bounty, csrf7-Apr-2024
The Fast and the Curious: Finding a Race Condition in Worldcoinhttps://medium.com/@gonzo-hacks/the-fast-and-the-curious-finding-a-race-condition-in-worldcoin-621c89bfbd61?source=rss------bug_bounty-5Dane Sherretsbug-bounty, bug-fixes, bug-bounty-tips, blockchain, hacking7-Apr-2024
“Fortify Your Cyber Space: Embark on the Dominant Cyber Boot Camp Journey”https://medium.com/@rizvi4600779/fortify-your-cyber-space-embark-on-the-dominant-cyber-boot-camp-journey-3071bd0b1ec7?source=rss------bug_bounty-5Syed Muhammad Minhal Rizvihacking, writeup, cyber, bug-bounty, cybersecurity7-Apr-2024
Host Header Manipulation Leading to Unauthorized Access to Apple’s Internal Slack bot (Bug Bounty)https://amineaboud.medium.com/unauthorized-access-to-an-internal-app-used-by-apple-to-protect-confidential-information-shared-on-c8835a80079b?source=rss------bug_bounty-5Amine Aboudbug-bounty-writeup, bug-bounty, bug-bounty-tips07-Apr-2024
This Cryptocurrency exchange paid me $200 for reporting vulnerability in their websitehttps://medium.com/@abhishek8602314652/this-cryptocurrency-exchange-paid-me-200-for-reporting-vulnerability-in-their-website-6755b38702a8?source=rss------bug_bounty-5Abhishek singh ( a6h1)cybersecurity, cryptocurrency, vulnerability, bug-hunting, bug-bounty07-Apr-2024
Wordfence otorga su mayor bounty hasta la fechahttps://casi-cincuenta-monos.medium.com/wordfence-otorga-su-mayor-bounty-hasta-la-fecha-f2d9aa561f05?source=rss------bug_bounty-5Casi Cincuenta Monoswordpress, cybersecurity, bug-bounty06-Apr-2024
Recon automation with Telegram Notificationhttps://medium.com/@tamhacker1/recon-automation-with-telegram-notification-d4c6b564ed58?source=rss------bug_bounty-5Tamhackercybersecurity, hacker, bug-bounty, reconnaissance, hacking06-Apr-2024
How To Fix bWAPP Unknown Database Error Windows/Linuxhttps://hamzaavvan.medium.com/how-to-fix-bwapp-unknown-database-error-windows-linux-acefd1a4568b?source=rss------bug_bounty-5Hamza Avvanbwapp, php, ethical-hacking, bug-fixes, bug-bounty06-Apr-2024
Easiest way to find Broken links in a websitehttps://medium.com/@jeetpal2007/easiest-way-to-find-broken-links-in-a-website-cccbc1f0b6d2?source=rss------bug_bounty-5JEETPALbroken-link, easy-bug-to-find, bug-bounty, bug-bounty-tips, broken-link-hijacking06-Apr-2024
Advanced XSS Discovery: Streamlining Your Attack Strategy with Cutting-Edge Automation Toolshttps://medium.com/@0xelkot/advanced-xss-discovery-streamlining-your-attack-strategy-with-cutting-edge-automation-tools-88cfd0f68c8e?source=rss------bug_bounty-50xElkothackerone, xss-attack, methodology, bug-bounty, hacking06-Apr-2024
14.6 Lab: SameSite Strict bypass via sibling domain | 2024https://infosecwriteups.com/14-6-lab-samesite-strict-bypass-via-sibling-domain-2024-f2ad5f0167d1?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, bug-bounty, penetration-testing, hacking06-Apr-2024
Bug Bounty: Secure Camino Network, Earn Rewardshttps://medium.com/@obobo/bug-bounty-secure-camino-network-earn-rewards-329a686da0b9?source=rss------bug_bounty-5O Boboweb3, hexen, travel, camino-network, bug-bounty06-Apr-2024
Step by Step Complete Beginners guide of iOS penetration testing with corelliumhttps://infosecwriteups.com/step-by-step-complete-beginners-guide-of-ios-penetration-testing-with-corellium-2b9e9c6382c2?source=rss------bug_bounty-5Sandeep Vishwakarmamobile-pentesting, bug-bounty, corellium, ios-penetration-testing, pentesting05-Apr-2024
Unmasking an Open Redirect on the India’s Government Websitehttps://medium.com/@nilkhant30/unmasking-an-open-redirect-on-the-indias-government-website-3f808b10bff9?source=rss------bug_bounty-5I AM Rajaopen-redirect, bug-bounty, hacking, bug-bounty-tips, security-research05-Apr-2024
IDOR To view other private users profile pictures in un.orghttps://medium.com/@Ajakcybersecurity/idor-to-view-other-private-users-profile-pictures-in-un-org-358e464335e8?source=rss------bug_bounty-5AjakCybersecurityhacking, bug-bounty, cybersecurity, ethical-hacking, penetration-testing05-Apr-2024
Apple’s Bug: From SQLi Suspicions to UI Bug Discoveryhttps://medium.com/@MohaseenK/apples-bug-from-sqli-suspicions-to-ui-bug-discovery-0e71e228b336?source=rss------bug_bounty-5Mohaseenapple, hof, bug-bounty, hackerone, bugcrowd05-Apr-2024
Race Condition Authentication Bypass Leads to Full Account Takeoverhttps://medium.com/@keizobugbounty/race-condition-authentication-bypass-leads-to-full-account-takeover-6b5c9bc0a54d?source=rss------bug_bounty-5Keizocybersecurity, bugbounty-writeup, bug-bounty, bug-bounty-writeup, bug-bounty-tips05-Apr-2024
Don’t Trust the Cache: Exposing Web Cache Poisoning and Deception vulnerabilitieshttps://anasbetis023.medium.com/dont-trust-the-cache-exposing-web-cache-poisoning-and-deception-vulnerabilities-3a829f221f52?source=rss------bug_bounty-5Anas H Hmaidybug-bounty-tips, penetration-testing, cybersecurity, web-security, bug-bounty05-Apr-2024
FB OAuth Misconfigurations to Account Takeoverhttps://medium.com/@hbenja47/fb-oauth-misconfigurations-to-account-takeover-e264a06ae4a0?source=rss------bug_bounty-5Benja (bronxi)hacking, bug-bounty, oauth, infosec05-Apr-2024
UUIDs Unmasked: Exploiting IDOR for User Data Accesshttps://medium.com/@cybersolution2172/uuids-unmasked-exploiting-idor-for-user-data-access-b199e3b08563?source=rss------bug_bounty-5Satyam Singhbug-bounty-tips, owasp, bug-bounty, idor-vulnerability, bug-bounty-writeup05-Apr-2024
14.5 Lab: CSRF with broken Referer validation | 2024https://cyberw1ng.medium.com/14-5-lab-csrf-with-broken-referer-validation-2024-9948aa660023?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, cybersecurity, careers, bug-bounty05-Apr-2024
Beetlebug Android Walkthrough & Basics Android application securityhttps://medium.com/@yousefneuer13/beetlebug-android-walkthrough-basics-android-application-security-c5e0fb9b284b?source=rss------bug_bounty-5Yousef Elsheikhcybersecurity, bug-bounty, android-security, ctf-writeup, ctf-walkthrough05-Apr-2024
One IP led to 4 bugs made the company delete the domainhttps://kalawy.medium.com/one-ip-led-to-4-bugs-made-the-company-delete-the-domain-f28a9e898a8a?source=rss------bug_bounty-5Kalawybug-bounty-tips, bug-bounty, hackerone04-Apr-2024
How to discovery vulnerabilities in your network?https://medium.com/@info_81845/how-to-discovery-vulnerabilities-in-your-network-a6fd140ad4d6?source=rss------bug_bounty-5BugFixingpenetration-testing, penetration-test-company, bug-bounty, hacking, vulnerability-assessment04-Apr-2024
Art of onscrollend | Demonstrating XSS through scroll events write-uphttps://medium.com/@rAmpancist/art-of-onscrollend-demonstrating-xss-through-scroll-events-write-up-d3b33afaaf64?source=rss------bug_bounty-5rAmpancistbug-bounty, bug-bounty-tips, xss-attack, cybersecurity, hacking04-Apr-2024
HTB Academy | CROSS_SITE SCRIPTING (XSS) -https://medium.com/@mazalwebdesign/htb-academy-cross-site-scripting-xss-7dc78e69b100?source=rss------bug_bounty-5Sara Mazal M. | maz4lethical-hacking, htb, htb-academy-writeup, htb-walkthrough, bug-bounty04-Apr-2024
FB OAuth Misconfiguration Leads to Takeover any Accounthttps://sl4x0.medium.com/fb-oauth-misconfiguration-leads-to-takeover-any-account-061316a5b31b?source=rss------bug_bounty-5Abdelrhman Allam (sl4x0)oauth2, account-takeover, bug-bounty, hacking, bug-bounty-tips04-Apr-2024
S3 Bucket Misconfigurationhttps://medium.com/@scorpiankapil/s3-bucket-misconfiguration-64d459abdb71?source=rss------bug_bounty-5Kapil Patelbug-bounty04-Apr-2024
14.4 Lab: CSRF where Referer validation depends on header being present | 2024https://cyberw1ng.medium.com/14-4-lab-csrf-where-referer-validation-depends-on-header-being-present-2024-2db1c7496091?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, cybersecurity, bug-bounty, penetration-testing04-Apr-2024
NFShttps://medium.com/@mirackucuk595/nfs-873d049131b8?source=rss------bug_bounty-5Miraç Küçükfootprinting, bug-bounty, information-gathering, hack-the-box-writeup, nfs-server04-Apr-2024
Escalation of Admin and Supervisor Privileges Enables Organization Takeover and Access to Any…https://medium.com/@elcapitano7x/escalation-of-admin-and-supervisor-privileges-enables-organization-takeover-and-access-to-any-6d1eb82bbe08?source=rss------bug_bounty-5Elcapitanobug-bounty, hacking, idor-vulnerability, bug-bounty-tips, account-takeover04-Apr-2024
Bug Bounty Challenge: Day 10–04/04/2024https://wallotry.medium.com/bug-bounty-challenge-day-10-04-04-2024-d7d40e226af2?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty, bug-bounty-hunter, bug-bounty-writeup04-Apr-2024
My methodology to bypass CSRFhttps://medium.com/@0x7irix/my-methodology-to-bypass-csrf-957b4e552ae7?source=rss------bug_bounty-50x7irixcsrf-attack, csrf-token, csrf-bypass, csrf, bug-bounty04-Apr-2024
How I hacked medium and they didn’t pay mehttps://medium.com/@super_burgundy_weasel_439/how-i-hacked-medium-and-they-didnt-pay-me-f6c89cca3af7?source=rss------bug_bounty-5YouGotItCominghacking, bug-bounty, medium, neglect, bugs04-Apr-2024
ShentuChain’s OpenBounty Hackers and Projects Referral Programhttps://shentuchain.medium.com/shentuchains-openbounty-hackers-and-projects-referral-program-29b4b73c20c0?source=rss------bug_bounty-5Shentu Chainbug-bounty, ethical-hacker, cybersecurity, referral-program, web303-Apr-2024
SQLI with extract Huge Data just Got N/Ahttps://medium.com/@nomad8061/sqli-with-extract-huge-data-just-got-n-a-5956c3b5297b?source=rss------bug_bounty-5Ahmed Badrybug-bounty, sqlite, infosec, information-technology, ctf03-Apr-2024
Cracking the Code: XSS Exploits and Their Power in Phishing Warfarehttps://hackerhalt.medium.com/cracking-the-code-xss-exploits-and-their-power-in-phishing-warfare-252d04e9792e?source=rss------bug_bounty-5Hacker Halt Livebugbounty-writeup, phishing, xs, bug-bounty, phishing-attacks03-Apr-2024
Hack ChatGPT, Make Moneyhttps://medium.com/@david.azad.merian/hack-chatgpt-make-money-644bb4a7a529?source=rss------bug_bounty-5David Merianbug-bounty, hacking, cybersecurity, fuzzing, ai03-Apr-2024
How I Secured 50+ Brand & Startups in Shopify Stores | XSS | Responsible Disclosurehttps://prathapilango.medium.com/how-i-secured-50-brand-startups-in-shopify-stores-xss-responsible-disclosure-e38a72cf4a47?source=rss------bug_bounty-5Prathapilangoinfosec, info-sec-writeups, cybersecurity, cross-site-scripting, bug-bounty03-Apr-2024
Bug Bounty Challenge: Day 9–03/04/2024https://wallotry.medium.com/bug-bounty-challenge-day-9-03-04-2024-f7a6303bb674?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-writeup, bug-bounty-hunter, bug-bounty-tips03-Apr-2024
I asked ChatGPT to improve Jason Haddix V4 methodology. Here’s the answer:https://medium.com/@uniicorniumx/i-asked-chatgpt-to-improve-jason-haddix-v4-methodology-heres-the-answer-09de258da623?source=rss------bug_bounty-5• CrazyUnicornhacking, bug-bounty, pentesting, cybersecurity, bug-bounty-tips03-Apr-2024
Smart Fuzzing — Finding bugs like no one else. By Gilson Oliveirahttps://medium.com/@gilsgil/smart-fuzzing-finding-bugs-like-no-one-else-by-gilson-oliveira-d6aa0dbc285b?source=rss------bug_bounty-5Gilson Oliveirabug-bounty-tips, bug-bounty, bug-bounty-writeup03-Apr-2024
Struggling RCE on Jenkins Instancehttps://medium.com/@imusabkhan/struggling-rce-on-jenkins-instance-8851af98b7e6?source=rss------bug_bounty-5Mohammad Musab Khanhacker, bugs, bug-bounty, bug-bounty-tips, remote-code-execution03-Apr-2024
DNShttps://medium.com/@mirackucuk595/dns-4e18aa90b7cf?source=rss------bug_bounty-5Miraç Küçükfootprinting, hack-the-box-writeup, dns, bug-bounty03-Apr-2024
Bir sorgu dizesinde sunucu tarafı parametre kirliliğinden yararlanmahttps://medium.com/@hhuseyinuyar17/bir-sorgu-dizesinde-sunucu-taraf%C4%B1-parametre-kirlili%C4%9Finden-yararlanma-567489eefd65?source=rss------bug_bounty-5Hhuseyinuyarapi, hacking, burpsuite, bug-bounty, parameter03-Apr-2024
14.3 Lab: SameSite Lax bypass via cookie refresh | 2024https://cyberw1ng.medium.com/14-3-lab-samesite-lax-bypass-via-cookie-refresh-2024-4f10021e6ce8?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, cybersecurity, hacking, careers03-Apr-2024
Issues related to privacy (Cybersecurity)https://medium.com/@paritoshblogs/issues-related-to-privacy-cybersecurity-99368bf0bc10?source=rss------bug_bounty-5Paritoshinformation-security, bug-bounty, cybersecurity, information-technology, hacking02-Apr-2024
Welcome pentesters to cooperate with our company!https://medium.com/@alfabit_group/welcome-pentesters-to-cooperate-with-our-company-9cdf42f233bb?source=rss------bug_bounty-5AlfaBit Ecosystemblockchain, alfabit, bug-bounty, ecosystem02-Apr-2024
Unpacking CVE-2024–3094: A Critical Vulnerability in XZ Utilshttps://infosecwriteups.com/unpacking-cve-2024-3094-a-critical-vulnerability-in-xz-utils-c6a8207d7b54?source=rss------bug_bounty-5ElNiakcve, linux, backdoor, cybersecurity, bug-bounty02-Apr-2024
4 Mistakes To Avoid When Doing Bug Bounty — Bug Bounty Tuesdayhttps://medium.com/@kerstan/4-mistakes-to-avoid-when-doing-bug-bounty-bug-bounty-tuesday-fd0df75ca05d?source=rss------bug_bounty-5kerstanhacking, cybersecurity, technology, bug-bounty, security02-Apr-2024
14.2 Lab: SameSite Strict bypass via client-side redirect | 2024https://cyberw1ng.medium.com/14-2-lab-samesite-strict-bypass-via-client-side-redirect-2024-2a5e9b68fc1e?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, penetration-testing, careers, cybersecurity02-Apr-2024
One-click Account Take Overhttps://dynnyd20.medium.com/one-click-account-take-over-e500929656ea?source=rss------bug_bounty-5dynnyd20pentesting, bug-bounty, cybersecurity, information-security, security02-Apr-2024
Bug Bounty Challenge: Day 8–02/04/2024https://wallotry.medium.com/bug-bounty-challenge-day-8-02-04-2024-604382e079ac?source=rss------bug_bounty-5Wallotrybug-bounty-writeup, bug-bounty-hunter, bug-bounty, bug-bounty-tips02-Apr-2024
The Difference Between TCP and HTTP Reverse Connection:https://medium.com/@Hackerinja/the-difference-between-tcp-and-http-reverse-connection-bf13ccd16941?source=rss------bug_bounty-5Hackerinjabug-bounty, penetration-testing, cybersecurity, ethical-hacking02-Apr-2024
How I was able to send emails from anyone to anyonehttps://medium.com/@zeesek/how-i-was-able-to-send-emails-from-anyone-to-anyone-a44c57fd015b?source=rss------bug_bounty-5Muhammad Zeeshanpenetration-testing, bugs, bug-bounty-tips, bug-bounty, pentesting02-Apr-2024
How I Found My First Bug | XSShttps://medium.com/@fariio/how-i-found-my-first-bug-xss-031df71aedbe?source=rss------bug_bounty-5Fariiocybersecurity, bug-bounty-tips, penetration-testing, xss-vulnerability, bug-bounty01-Apr-2024
Bug to fix: Mastering the Life Cycle of Software Defectshttps://medium.com/@hannahanulur/bug-to-fix-mastering-the-life-cycle-of-software-defects-b227292bdb16?source=rss------bug_bounty-5Gulhanim Anulurbug-fixes, defect-management, defect-detection, bug-bounty, bugs01-Apr-2024
How to start Bug Bounty Hunting $$$$ in 2024?? | A short RoadMaphttps://infosecwriteups.com/how-to-start-bug-bounty-hunting-in-2024-a-short-roadmap-9f9eeddd24ca?source=rss------bug_bounty-57h3h4ckv157money, hacking, bug-bounty, ethical-hacking, infosec01-Apr-2024
IOS Pentesting Lab Setuphttps://hackerassociate.medium.com/ios-pentesting-lab-setup-516ec567b424?source=rss------bug_bounty-5Harshad Shahcybersecurity, penetration-testing, infosec, hacking, bug-bounty01-Apr-2024
Certified Bug Bounty Hunter: Should you go for Broke, or take a Junior Level Certification Firsthttps://medium.com/@codewidthme/certified-bug-bounty-hunter-should-you-go-for-broke-or-take-a-junior-level-certification-first-a905c105f9a2?source=rss------bug_bounty-5codewidthmehacking, bug-bounty, penetration-testing, certification, hackthebox01-Apr-2024
I will alter and update your websitehttps://medium.com/@fiverrtopfreelancer/i-will-alter-and-update-your-website-438eeb9bcde8?source=rss------bug_bounty-5Fiverr Top Freelancerhtml, website-design, bug-fixes, bug-bounty, css01-Apr-2024
Broken Application Logic Bug Doesn’t Validate Email, leading to DOShttps://medium.com/@saitle74/broken-application-logic-bug-doesnt-validate-email-leading-to-dos-d5ff73e752b4?source=rss------bug_bounty-5Saitleopbug-bounty, infosec-write-ups, cybersecurity, python, infosec01-Apr-2024
“Configuring Apache Web Server on CentOS 7”https://medium.com/@shaikhalshifa210/configuring-apache-web-server-on-centos-7-ed10245f2a4d?source=rss------bug_bounty-5Alshifa Shaikhserver-configuration, bug-bounty, machine-learning, penetration-testing, cybersecurity01-Apr-2024
How to set up Caido for Bug Bounty or Web Application Penetration?https://medium.com/@bytescheck0/how-to-set-up-caido-for-bug-bounty-or-web-application-penetration-a74729d31dca?source=rss------bug_bounty-5Bytescheckcybersecurity, penetration-testing, bug-bounty, technology01-Apr-2024
XSS Vulnerability in a Technical Assessment Application: Lessons Learned and Security Measureshttps://interc3pt3r.medium.com/xss-vulnerability-in-a-technical-assessment-application-lessons-learned-and-security-measures-9321ee4c7639?source=rss------bug_bounty-5Aneesha Dbug-bounty, cybersecurity, hacker, hacking, penetration-testing01-Apr-2024
How I Was Able To Find My First VALID XSShttps://medium.com/@harshsolanki2810/how-i-was-able-to-find-my-first-valid-xss-b1b8bd727b6a?source=rss------bug_bounty-5Dart0xxbug-bounty, cybersecurity, bug-bounty-writeup, bug-hunting01-Apr-2024
Mastering CSRF: A Comprehensive Guide to Finding Cross-site Request Forgery Vulnerabilities | 2024https://cyberw1ng.medium.com/mastering-csrf-a-comprehensive-guide-to-finding-cross-site-request-forgery-vulnerabilities-2024-8d1d13d83547?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, penetration-testing, hacking, careers01-Apr-2024
Subdomain Takeovers (Subdomain Devralma)https://medium.com/@mirackucuk595/subdomain-takeovers-subdomain-devralma-2ffa999c123b?source=rss------bug_bounty-5Miraç Küçükbug-bounty, domain-names, subdomain, hackerone01-Apr-2024
Bug Bounty Challenge: Updatehttps://wallotry.medium.com/bug-bounty-challenge-update-ebd1fa31426c?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup01-Apr-2024
How I Was Able To Find My First VALID XSShttps://medium.com/@0xdartx/how-i-was-able-to-find-my-first-valid-xss-b1b8bd727b6a?source=rss------bug_bounty-5Dart0xxbug-bounty, cybersecurity, bug-bounty-writeup, bug-hunting01-Apr-2024
Can I learn bug bounty for free?https://bevijaygupta.medium.com/can-i-learn-bug-bounty-for-free-59d71024ee15?source=rss------bug_bounty-5Vijay Guptabugs, bug-zero, bug-bounty-tips, bug-bounty, bug-fixes31-Mar-2024
Fake Tinder Account Verified By Bypassing Face Authenticationhttps://medium.com/@Ajakcybersecurity/fake-tinder-account-verified-by-bypassing-face-authentication-4b7c14e35c29?source=rss------bug_bounty-5AjakCybersecurityhacking, ethical-hacking, bug-bounty, blog, tinder31-Mar-2024
Swaggerdə qarşılaşdığım hücum vektorları ($$$)https://memmedrehimzade.medium.com/swaggerd%C9%99-qar%C5%9F%C4%B1la%C5%9Fd%C4%B1%C4%9F%C4%B1m-h%C3%BCcum-vektorlar%C4%B1-f3659eeccac5?source=rss------bug_bounty-5memmed rehimzadeswagger, cybersecurity, kibertəhlükəsizlik, bug-bounty31-Mar-2024
Understanding and Mitigating CVE-2024–3094https://medium.com/@mrblackstar26/understanding-and-mitigating-cve-2024-3094-2b8572d9e921?source=rss------bug_bounty-5Uday Patelinfosec, hacking, bug-bounty, penetration-testing, cybersecurity31-Mar-2024
Installation DVWA In Windows 10 Using XAMPPhttps://bevijaygupta.medium.com/installation-dvwa-in-windows-10-using-xampp-d6246279a10e?source=rss------bug_bounty-5Vijay Guptaxampp, dvwa, hacking, install-dvwa, bug-bounty31-Mar-2024
What is the future of bug bounty?https://bevijaygupta.medium.com/what-is-the-future-of-bug-bounty-696f0a894130?source=rss------bug_bounty-5Vijay Guptabug-bounty, bug-zero, bugs, future-technology, future31-Mar-2024
13.26 Lab: Stored XSS into onclick event with angle brackets and double quotes HTML-encoded and…https://cyberw1ng.medium.com/13-26-lab-stored-xss-into-onclick-event-with-angle-brackets-and-double-quotes-html-encoded-and-4bde1cc39671?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-test, hacking, cybersecurity, careers31-Mar-2024
Shield your System — XZ Utils Backdoor (Linux Distribution)https://infosecwriteups.com/shield-your-system-xz-utils-backdoor-linux-distribution-54583b071ccc?source=rss------bug_bounty-5Ethical Kapslinux, cybersecurity, vulnerability, hacking, bug-bounty31-Mar-2024
“Unveiling a Stored XSS Vulnerability: Example.com Under the Spotlight”https://medium.com/@mdnafeed3/unveiling-a-stored-xss-vulnerability-example-com-under-the-spotlight-37d0895cebca?source=rss------bug_bounty-5H4cker-Nafeedbug-bounty, cybersecurity31-Mar-2024
#ERROR!https://medium.com/@mdnafeed3/unveiling-a-stored-xss-vulnerability-example-com-under-the-spotlight-37d0895cebca?source=rss------bug_bounty-5H4cker-Nafeedbug-bounty, cybersecurity31-Mar-2024
Best bug hunting methodology for EZ moneyhttps://medium.com/@tom.sh/best-bug-hunting-methodology-for-ez-money-58b7fe928e6f?source=rss------bug_bounty-5Tomhacking, money, bpp, methodology, bug-bounty30-Mar-2024
Advertisers able to identify individual consumers who visited their ads (Microsoft bug bounty)https://medium.com/@avig2009/advertisers-able-to-identify-individual-consumers-who-visited-their-ads-microsoft-bug-bounty-a8bcb2d727f2?source=rss------bug_bounty-5hatich_hackermicrosoft, privacy, bug-bounty30-Mar-2024
13.25 Lab: Reflected XSS in canonical link tag | 2024https://cyberw1ng.medium.com/13-25-lab-reflected-xss-in-canonical-link-tag-2024-c4478a82b466?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, hacking, careers30-Mar-2024
A Journey into Unusual Header Injectionhttps://medium.com/@imusabkhan/a-journey-into-unusual-header-injection-693cc0ddecc6?source=rss------bug_bounty-5Mohammad Musab Khanhackerone, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-hunting30-Mar-2024
Chain of Rate Limit Bypass and Weak Token Expiry Leads To Account Take Overhttps://medium.com/@ozomarzu/chain-of-rate-limit-bypass-and-weak-token-expiry-leads-to-account-take-over-d9cddf598c9c?source=rss------bug_bounty-5CyberOzbug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity, hackerone30-Mar-2024
Email verification Bypass from P4 TO P2https://medium.com/@akrachliy/email-verification-bypass-from-p4-to-p2-50fa3dde8e5f?source=rss------bug_bounty-5Yassine Akrachlihacking, cybersecurity, bug-bounty, ethical-hacking, bugcrowd30-Mar-2024
Web Requesthttps://medium.com/@mirackucuk595/web-request-ea237118e259?source=rss------bug_bounty-5Miraç Küçükhttp-request, curl, https, bug-bounty, webrequest30-Mar-2024
Kioptrix Level 1 Walkthroughhttps://erdemstar.medium.com/kioptrix-level-1-walkthrough-6e985fbd0dc7?source=rss------bug_bounty-5Erdemstaroscp, application-security, bug-bounty-tips, bug-bounty, penetration-testing30-Mar-2024
1200 $ Email verification Bypass from P4 TO P2https://medium.com/@akrachliy/email-verification-bypass-from-p4-to-p2-50fa3dde8e5f?source=rss------bug_bounty-5Yassine Akrachlihacking, cybersecurity, bug-bounty, ethical-hacking, bugcrowd30-Mar-2024
How i found Multiple IDORhttps://medium.com/@hillrane24/how-i-found-multiple-idor-ab52815b375a?source=rss------bug_bounty-5NIKHIL RANEidor-vulnerability, bug-bounty30-Mar-2024
YouTube Growth Hackinghttps://sanparatama.medium.com/youtube-growth-hacking-a94457f04789?source=rss------bug_bounty-5Sanjaya paratamaweb-development, bug-bounty, hacking, hacking-tools, cybersecurity29-Mar-2024
The Future of Internet Security and Artificial Intelligence and Cyber Security Jobshttps://python.plainenglish.io/the-future-of-internet-security-and-artificial-intelligence-and-cyber-security-jobs-528b4c340cf9?source=rss------bug_bounty-5Imran Niazxss-attack, hacking, programming, ai, bug-bounty29-Mar-2024
[Walkthrough] Mobile Hacking Lab — Secure Notehttps://medium.com/@karimul.sh/walkthrough-mobile-hacking-lab-secure-note-eeb4af20e01b?source=rss------bug_bounty-5Md.Karimul Islam Shezanwalkthrough, android-app-security, bug-bounty, reverse-engineering, ctf29-Mar-2024
AutoLayer Bug Bounty Program: Full Information Releasehttps://autolayer.medium.com/autolayer-bug-bounty-program-full-information-release-d5de0bab972e?source=rss------bug_bounty-5AutoLayerdefi, bug-bounty29-Mar-2024
Web Security Short Series — CSRF.https://medium.com/@frankyyano/web-security-short-series-csrf-4cdf6f936773?source=rss------bug_bounty-5Yano.csrf, appsec, owasp, bug-bounty, oscp29-Mar-2024
How to learn Game Hacking? Recourse Compilation!https://medium.com/@yannik603/how-to-learn-game-hacking-recourse-compilation-1c5d2807a7cb?source=rss------bug_bounty-5Yannikreverse-engineering, bug-bounty, malware-analysis, gamehacking, coding29-Mar-2024
Unhiding the hidden 401 Bypasshttps://medium.com/@Xt3sY/unhiding-the-hidden-401-bypass-10f48c67b50d?source=rss------bug_bounty-5Pushkar Bhagatbug-bounty, hacking, bug-bounty-tips29-Mar-2024
13.24 Lab: Reflected XSS with some SVG markup allowed | 2024https://cyberw1ng.medium.com/13-24-lab-reflected-xss-with-some-svg-markup-allowed-2024-78279b906ec2?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, cybersecurity, penetration-testing, careers29-Mar-2024
How to learn Game Hacking? Recourse Compilation!https://medium.com/@yannik603/how-to-learn-game-hacking-recourse-compilation-1c5d2807a7cb?source=rss------bug_bounty-5Yannik Castroreverse-engineering, bug-bounty, malware-analysis, gamehacking, coding29-Mar-2024
Yara Rules ✌︎ For Something ☠︎https://medium.com/@haticezkmnl/yara-rules-%EF%B8%8E-for-something-%EF%B8%8E-0164b38e3ddd?source=rss------bug_bounty-5Hatice Zehra Kamanlıcybersecurity, python, security, rules, bug-bounty29-Mar-2024
How to install drozer with dockerhttps://medium.com/@nomad8061/hello-geeks-e8d0f62b22a1?source=rss------bug_bounty-5Ahmed Badrybug-bounty29-Mar-2024
✌︎ Yara Rules ✌︎ For Something ☠︎https://medium.com/@haticezkmnl/yara-rules-%EF%B8%8E-for-something-%EF%B8%8E-0164b38e3ddd?source=rss------bug_bounty-5Hatice Zehra Kamanlıcybersecurity, python, security, rules, bug-bounty29-Mar-2024
13.23 Lab: Reflected XSS into HTML context with most tags and attributes blocked | 2024https://cyberw1ng.medium.com/13-23-lab-reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-2024-63d649c6cc2c?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, hacking, penetration-testing, cybersecurity28-Mar-2024
Bug Bounty Recon At Its Easiest with Netlas.iohttps://medium.com/@omarora1603/bug-bounty-recon-at-its-easiest-with-netlas-io-d313ae0f1c09?source=rss------bug_bounty-5Om Arorainfosec, cybersecurity, bug-bounty, bug-bounty-tips, hacking28-Mar-2024
Bypassing 403 Protection To Get Admin Accesshttps://rajput623929.medium.com/bypassing-403-protection-to-get-admin-access-d7c9d0560e5c?source=rss------bug_bounty-5Mr.Horbio403-forbidden, bug-bounty-tips, cybersecurity, ethical-hacking, bug-bounty28-Mar-2024
How to become a bug bounty hunterhttps://bevijaygupta.medium.com/how-to-become-a-bug-bounty-hunter-c607bb7de595?source=rss------bug_bounty-5Vijay Guptabug-zero, bug-bounty, bugs, bug-bounty-tips, bug-fixes28-Mar-2024
OAuth Hijacking leads to account takeoverhttps://medium.com/@iknowhatodo/oauth-hijacking-leads-to-account-takeover-a051bdb5e9f0?source=rss------bug_bounty-5Hossam Ahmedbug-bounty, oauth28-Mar-2024
How I Hacked Your Private Repository in GitHub (And Got JackShit)https://medium.com/@reuveinas/how-i-hacked-your-private-repository-in-github-and-got-jackshit-cb7c342570b2?source=rss------bug_bounty-5Reuvein Vinokurov (CTO:UNIXi) - https://unixi.io/microsoft, bug-bounty, github, security, cybersecurity28-Mar-2024
How to write a Walkthroughhttps://bevijaygupta.medium.com/how-to-write-a-walkthrough-23eee7f6777c?source=rss------bug_bounty-5Vijay Guptabug-bounty-writeup, bug-bounty-tips, bug-bounty, walkthroughwednesday, walkthrough28-Mar-2024
Unveiling all techniques to find IDOR’S in web applicationshttps://adipsharif.medium.com/unveiling-all-techniques-to-find-idors-in-web-applications-578d2b8aa28a?source=rss------bug_bounty-5ADIPbug-bounty-tips, bug-bounty, pentesting, penetration-testing, bug-bounty-writeup28-Mar-2024
IDOR’a Girişhttps://medium.com/@mirackucuk595/idora-giri%C5%9F-23c22a5ae24f?source=rss------bug_bounty-5Miraç Küçükhack-the-box-writeup, burpsuite, idor-vulnerability, bug-bounty28-Mar-2024
Risks of Software Dependencies AKA Toxic Dependencieshttps://bytebusterx.medium.com/risks-of-software-dependencies-aka-toxic-dependencies-0a38150cf5ce?source=rss------bug_bounty-5ByteBusterXbug-bounty, hacking, infosec, vulnerability, cybersecurity28-Mar-2024
Penetration Testing Toolshttps://bevijaygupta.medium.com/penetration-testing-tools-b4c8ad807114?source=rss------bug_bounty-5Vijay Guptapenetration-testing-tools, pentesting, hacking, bug-bounty, penetration-testing28-Mar-2024
Stargazing Risks: Exploring the Data Breach that Exposed NASA Employees’ PIIhttps://interc3pt3r.medium.com/stargazing-risks-exploring-the-data-breach-that-exposed-nasa-employees-pii-68692cf7a5e9?source=rss------bug_bounty-5Aneesha Dbug-bounty-writeup, cybersecurity, hacking, security, bug-bounty28-Mar-2024
Finding Bug DMRC Reflected Xss and HTML Injectionhttps://medium.com/@abhishekaswal777/finding-bug-dmrc-reflected-xss-and-html-injection-fe4361a1db60?source=rss------bug_bounty-5Abhishekaswalbugs, poc, bug-bounty, bug-bounty-tips, hackerone28-Mar-2024
Annonforce — Tryhackme Walkthrough Easy Self-madehttps://medium.com/@shaswata.ssaha/annonforce-tryhackme-walkthrough-easy-self-made-f45c3a6f3e96?source=rss------bug_bounty-5Shaswata Sahatryhackme, security, anonforce, bug-bounty, ctf28-Mar-2024
Polyglot Files: The Cybersecurity Chameleon Threathttps://infosecwriteups.com/polyglot-files-the-cybersecurity-chameleon-threat-29890e382b59?source=rss------bug_bounty-5ElNiakpolyglot, cybersecurity, obfuscation, bug-bounty, penetration-testing27-Mar-2024
Hackerone提现人民币https://medium.com/@dem0ns/hackerone%E6%8F%90%E7%8E%B0%E4%BA%BA%E6%B0%91%E5%B8%81-a3e907fefce1?source=rss------bug_bounty-5猫猫虫hackerone, bug-bounty, 外汇27-Mar-2024
Mistakes To Avoid in Your Bug Bounty Career- Part 2https://medium.com/@Ajakcybersecurity/mistakes-to-avoid-in-your-bug-bounty-career-part-2-9da1c77788ea?source=rss------bug_bounty-5AjakCybersecurityhacking, bug-bounty, penetration-testing, blog, cybersecurity27-Mar-2024
13.22 Lab: Stored DOM XSS | 2024https://cyberw1ng.medium.com/13-22-lab-stored-dom-xss-2024-344ec753599a?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, penetration-testing, hacking, careers27-Mar-2024
HACKING WORDPRESShttps://medium.com/@mirackucuk595/hacking-wordpress-ac9ee6447045?source=rss------bug_bounty-5Miraç Küçükwpscan, wordpress-hacked, hack-the-box-writeup, hacking, bug-bounty27-Mar-2024
SSLStrippinghttps://bytebusterx.medium.com/sslstripping-e81dc95d6fab?source=rss------bug_bounty-5ByteBusterXinfosec, cybersecurity, vulnerability, hacking, bug-bounty27-Mar-2024
HTTP Verb Tampering 101 in Web Applications (Identify Exploit Prevention)https://adipsharif.medium.com/http-verb-tampering-101-in-web-applications-identify-exploit-prevention-3389258b6b93?source=rss------bug_bounty-5ADIPinfosec, penetration-testing, bug-bounty, pentesting, information-security27-Mar-2024
Hacking the Giant: Got XSS on Google’s Producthttps://adipsharif.medium.com/got-xss-on-googles-product-a4c79be8adbb?source=rss------bug_bounty-5ADIPinfosec, information-security, pentesting, bug-bounty, penetration-testing27-Mar-2024
Bug Bounty Isn’t A Scam Here’s Whyhttps://medium.com/@benbencsik/bug-bounty-isnt-a-scam-here-s-why-751547bd8531?source=rss------bug_bounty-5Ben Bencsikbug-bounty, computers, infosec, cybersecurity, technology27-Mar-2024
Hacking the Giant: XSS on Googlehttps://adipsharif.medium.com/got-xss-on-googles-product-a4c79be8adbb?source=rss------bug_bounty-5ADIPinfosec, information-security, pentesting, bug-bounty, penetration-testing27-Mar-2024
Fristileaks 1.3 Walkthroughhttps://erdemstar.medium.com/fristileaks-1-3-walkthrough-a6b962385752?source=rss------bug_bounty-5Erdemstaroscp, vulnhub-walkthrough, penetration-testing, bug-bounty, oscp-preparation27-Mar-2024
Web Application Hacking Required Readinghttps://hogarth45.medium.com/web-application-hacking-required-reading-0d2f046db191?source=rss------bug_bounty-5Jessbug-bounty, web-development, security27-Mar-2024
Why am I starting to hate Bug Bounty?https://systemweakness.com/why-am-i-starting-to-hate-bug-bounty-1f075fc96978?source=rss------bug_bounty-5Imad Husanovichacking, cybersecurity, programming, bug-bounty, bug-bounty-tips27-Mar-2024
Bug Bounty Isn’t A Scam Here’s Whyhttps://medium.com/@detroiton421094/bug-bounty-isnt-a-scam-here-s-why-751547bd8531?source=rss------bug_bounty-5Ben Bencsikbug-bounty, computers, infosec, cybersecurity, technology27-Mar-2024
RXSS Vulnerability in Less Than 10 Minutes on India’s Premier Travel Sitehttps://medium.com/@nilkhant30/rxss-vulnerability-in-less-than-10-minutes-on-indias-premier-travel-site-5b15ebb91d17?source=rss------bug_bounty-5I AM Rajabug-bounty, cybersecurity, cyber-security-awareness, hacking, xss-vulnerability26-Mar-2024
This skill is called ‘Early…’ in Software Testinghttps://medium.com/software-testing-and-automation/this-skill-is-called-early-in-software-testing-75cd641bfa93?source=rss------bug_bounty-5Temitopesoftware-testing, quality-assurance, communication, bug-bounty, software-development26-Mar-2024
HackGATE: Bug Bounty Program on steroidshttps://medium.com/@levente.b.molnar/hackgate-bug-bounty-program-on-steroids-cef50ae2f759?source=rss------bug_bounty-5Hackratehacking, ethical-hacking, cybersecurity, bug-bounty, penetration-testing26-Mar-2024
Exploring Cybersecurity with ZoomEye: A Review of the Premium Lifetime Membershiphttps://medium.com/@kenilalexandra07/exploring-cybersecurity-with-zoomeye-a-review-of-the-premium-lifetime-membership-f301a474bf88?source=rss------bug_bounty-5Kenilalexandrabug-bounty, shodan, bugbounting, zoomeye, security26-Mar-2024
How To Use AI And Nuclei To Make Money While You Sleep — Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-to-use-ai-and-nuclei-to-make-money-while-you-sleep-bug-bounty-tuesday-4d9e584e6553?source=rss------bug_bounty-5kerstanhacking, security, cybersecurity, bug-bounty, technology26-Mar-2024
13.21 Lab: Reflected DOM XSS | 2024https://cyberw1ng.medium.com/13-21-lab-reflected-dom-xss-2024-78cacc8fa1e7?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, bug-bounty, penetration-testing, careers26-Mar-2024
Bug Bounty Programs for Beginnershttps://bevijaygupta.medium.com/bug-bounty-programs-for-beginners-fccc755957d9?source=rss------bug_bounty-5Vijay Guptacybersecurity, bug-bounty-hunter, bug-bounty, bugbounty-writeup, bug-bounty-tips26-Mar-2024
Account takeover through password reset functionalityhttps://rewscel.medium.com/account-takeover-through-password-reset-functionality-af07636db302?source=rss------bug_bounty-5rewscelbug-bounty26-Mar-2024
FFUF İLE WEB UYGULAMALARINA SALDIRMAKhttps://medium.com/@mirackucuk595/ffuf-i%CC%87le-web-uygulamalarina-saldirmak-89805e47e145?source=rss------bug_bounty-5Miraç Küçüksubdomain, bug-bounty, ffuf, brute-force, hack-the-box-writeup26-Mar-2024
What is Cross-Site Scripting (XSS)?https://medium.com/@bbhuntersa/cross-site-scripting-xss-b5d374fa6e43?source=rss------bug_bounty-5BBHUNTERxss-vulnerability, cross-site-scripting, bug-bounty, xss-attack26-Mar-2024
Exploiting Post Reflected XSS via CSRF : Real world bughttps://medium.com/@Rahulkrishnan_R_Panicker/exploiting-post-reflected-xss-via-csrf-real-world-bug-f374afeb081e?source=rss------bug_bounty-5Rahulkrishnan R Panickerxss-attack, hacking, bug-bounty, csrf, web-development25-Mar-2024
Zero Interaction Mass Account Password Reset Vulnerabilityhttps://medium.com/@manan_sanghvi/zero-interaction-mass-account-password-reset-vulnerability-86b87098e3ae?source=rss------bug_bounty-5Manan Sanghvipenetration-testing, ethical-hacking, bug-bounty, vulnerability, cybersecurity25-Mar-2024
XSS module HTB academy CBBH pathhttps://medium.com/@mohammed01550038865/xss-module-htb-academy-cbbh-path-dc3ac4810087?source=rss------bug_bounty-5Muhammed Mubarakbug-bounty, htb-academy-writeup, xss-vulnerability25-Mar-2024
Reverse Engineering Sitecore Vulnerabilities-2https://medium.com/@nilayp799/reverse-engineering-sitecore-vulnerabilities-2-dcf45a501894?source=rss------bug_bounty-5Nilay Patelsitecore, vulnerability, bug-bounty, automation, hacking25-Mar-2024
13.20 Lab: DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encoded |…https://cyberw1ng.medium.com/13-20-lab-dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-7966911c58f4?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, hacking, bug-bounty, penetration-testing25-Mar-2024
Burp Suite — ¿Confiar o no en Project Files?https://medium.com/@ArtsSEC/burp-suite-confiar-o-no-en-project-files-de5fa145f4a5?source=rss------bug_bounty-5ArtsSEChacking, burpsuite, infosec, pentesting, bug-bounty25-Mar-2024
COMMAND INJECTIONShttps://medium.com/@mirackucuk595/command-injections-9ef2aef0fa97?source=rss------bug_bounty-5Miraç Küçükcommand-injection, bug-bounty, hackthebox, burpsuite, injection25-Mar-2024
Unveiling Homoglyph: Silent Culprit of User-Level DOS Attackshttps://medium.com/@imusabkhan/unveiling-homoglyph-silent-culprit-of-user-level-dos-attacks-86a0576bca3a?source=rss------bug_bounty-5Mohammad Musab Khanbug-hunting, hackerone, bug-bounty, bugcrowd, bug-bounty-tips25-Mar-2024
[Account Take Over] through reset password token leaked in response, 2500 € Rewardhttps://infosecwriteups.com/account-take-over-through-reset-password-token-leaked-in-response-2500-reward-b643f97a7c67?source=rss------bug_bounty-5jedus0rbug-bounty-hunter, security-research, bug-bounty-tips, bug-bounty, bug-bounty-writeup25-Mar-2024
How I found Account Takeover by changing email addresshttps://medium.com/@mohddanish9536/how-i-found-account-takeover-by-changing-email-address-b0dc213e2df3?source=rss------bug_bounty-5Mohd Danishbug-bounty, cybersecurity, bugs24-Mar-2024
13.19 Lab: DOM XSS in document.writehttps://cyberw1ng.medium.com/13-19-lab-dom-xss-in-document-write-dddced06def8?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, penetration-testing, bug-bounty, careers, hacking24-Mar-2024
HTTP Verb Tamperinghttps://medium.com/@mirackucuk595/http-verb-tampering-4505d6491c95?source=rss------bug_bounty-5Miraç Küçükweb-attack, http-request, command-injection, bug-bounty, burpsuite24-Mar-2024
How to get started in Bug Bounty in 2024!https://medium.com/@FoxxCB/how-to-get-started-in-bug-bounty-in-2024-708754094de9?source=rss------bug_bounty-5Foxx C-Bhacking, infosec, bug-bounty, cybersecurity, ethical-hacking24-Mar-2024
Cloudflare WAF Huntinghttps://medium.com/@Device1306/cloudflare-waf-hunting-e878588488c8?source=rss------bug_bounty-5Device1306research, bug-bounty-tips, hacking, burpsuite, bug-bounty24-Mar-2024
Cookie Theft Deep Divehttps://cyberbull.medium.com/cookie-theft-deep-dive-3fe6d6be2d60?source=rss------bug_bounty-5Aditya Pandeybug-bounty, information-technology, ethical-hacking, security, cybersecurity23-Mar-2024
A list of Bug Bounty/Crowdsourced Security Platforms:https://medium.com/@mashunter/a-list-of-bug-bounty-crowdsourced-security-platforms-15ecd2ab6d4a?source=rss------bug_bounty-5MAS Hunterbug-bounty-program, bug-bounty, hacker, pentest23-Mar-2024
Hacking the Giant: How I Discovered Google’s Vulnerability and Hall of Fame Recognitionhttps://medium.com/@hncaga/hacking-the-giant-how-i-discovered-googles-vulnerability-and-hall-of-fame-recognition-694a9c18684a?source=rss------bug_bounty-5Henry N. Caga (hncaga)bug-bounty, vulnerability, google, xs, hacking23-Mar-2024
hellohttps://medium.com/@r.paulopereira123/hello-80ea07cbc757?source=rss------bug_bounty-5bretsadleahacking, ethical-hacking, bug-hunter, bug-bounty23-Mar-2024
Edge-Side Includes (ESI) Injection In Web Applicationshttps://adipsharif.medium.com/edge-side-includes-esi-injection-in-web-applications-2630139b6c19?source=rss------bug_bounty-5ADIPpentesting, bug-bounty-tips, infosec, information-security, bug-bounty23-Mar-2024
SSI Injection In web applications with a (exploitation example)https://adipsharif.medium.com/techniques-of-finding-ssi-injection-in-web-applications-with-a-exploitation-example-cad960f3d791?source=rss------bug_bounty-5ADIPbug-bounty-tips, penetration-testing, information-security, bug-bounty, infosec23-Mar-2024
Beyond RAM and ROM: IDOR Leads to Unauthenticated File Upload Vulnerability in Indian Government…https://systemweakness.com/beyond-ram-and-rom-idor-leads-to-unauthenticated-file-upload-vulnerability-in-indian-government-51efb80bcf50?source=rss------bug_bounty-5Vedavyasan S (@ved4vyasan)bug-bounty, bug-bounty-tips, hacking, cybersecurity, bugs23-Mar-2024
1500$: CR/LF Injectionhttps://medium.com/@a13h1/1500-cr-lf-injection-0d2a75f02ef3?source=rss------bug_bounty-5Abhi Sharmaprogramming, hacking, cybersecurity, bug-bounty, crlf-injection23-Mar-2024
Web Security Short Series — XXEhttps://medium.com/@frankyyano/web-security-short-series-xxe-64492ed1d893?source=rss------bug_bounty-5Yano.xxe, bug-bounty, xml, oscp, appsec23-Mar-2024
TEXAS BUG SWEEPS 65,000 BUGS DETECTEDhttps://medium.com/@siddiquiasad2299/texas-bug-sweeps-65-000-bugs-detected-a00ae73014b6?source=rss------bug_bounty-5Asad Siddiquitexas-bug-sweeps, bug-sweep, bug-bounty, bug-detection23-Mar-2024
How i get my bounty $$$ in YesWehack within 5mins?https://medium.com/@hacdoc/how-i-get-my-bounty-in-yeswehack-within-5mins-16706bb827e0?source=rss------bug_bounty-5ஜெய்hacking, cybersecurity, s3, bug-bounty, amazon23-Mar-2024
How we can check the Security Provider in Android applications during Pentesting (The Offensive…https://adipsharif.medium.com/how-we-can-check-the-security-provider-in-android-applications-during-pentesting-the-offensive-87c411c5d7ac?source=rss------bug_bounty-5ADIPpentesting, android-app-development, androiddev, android, bug-bounty23-Mar-2024
13.18 Lab: DOM XSS in jQuery selector sink using a hashchange event | 2024https://cyberw1ng.medium.com/13-18-lab-dom-xss-in-jquery-selector-sink-using-a-hashchange-event-2024-e990fc2ae28f?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, cybersecurity, penetration-testing, bug-bounty23-Mar-2024
How To Test Data Encryption on the Network During Android Pentestinghttps://adipsharif.medium.com/how-to-test-data-encryption-on-the-network-during-android-pentesting-0b9d3407068f?source=rss------bug_bounty-5ADIPinfosec-write-ups, info-sec-writeups, pentesting, information-security, bug-bounty23-Mar-2024
Attacking XSLT in Web Applicationshttps://adipsharif.medium.com/attacking-xslt-in-web-applications-ea538a8fb9d0?source=rss------bug_bounty-5ADIPpentesting, information-security, bug-bounty-writeup, bug-bounty, infosec23-Mar-2024
SSTI Exploitation Part III In Web Applications (with exploitation example)https://adipsharif.medium.com/ssti-exploitation-part-iii-in-web-applications-with-exploitation-example-6856b89b0efb?source=rss------bug_bounty-5ADIPpenetration-testing, infosec, bug-bounty-tips, information-security, bug-bounty23-Mar-2024
FILE UPLOAD ATTACKShttps://medium.com/@mirackucuk595/file-upload-attacks-e5175a653d32?source=rss------bug_bounty-5Miraç Küçükweb-attack, file-upload, bug-bounty, https, burpsuite23-Mar-2024
SSTI Exploitation Part II In Web Applications (with exploitation example)https://adipsharif.medium.com/ssti-exploitation-part-ii-in-web-applications-with-exploitation-example-490192e7e966?source=rss------bug_bounty-5ADIPinformation-security, pentesting, penetration-testing, bug-bounty, infosec23-Mar-2024
Bruteforce Website Login Form Using Hydra And Crunchhttps://medium.com/@OthmaneAitBouftass/bruteforce-attack-using-hydra-and-crunch-8b48ea9e36ce?source=rss------bug_bounty-5Othmane Ait Bouftasscybersecurity, bug-bounty, penetration-testing, hacking, ethical-hacking23-Mar-2024
Making money only using AI [Free Course]https://medium.com/@deadoverflow/making-money-only-using-ai-free-course-e7c51d33fee1?source=rss------bug_bounty-5Imad Husanovicweb-development, hacking, ai, bug-bounty, programming22-Mar-2024
Unveiling Admin Panels: A Bug Bounty Hunter’s Guidehttps://medium.com/@dasmanish6176/unveiling-admin-panels-a-bug-bounty-hunters-guide-6e713ae18b2c?source=rss------bug_bounty-5Dasmanishbug-bounty, infosec, ethical-hacking, cybersecurity22-Mar-2024
13.17 Lab: Stored XSS into anchor href attribute with double quotes HTML-encoded | 2024https://cyberw1ng.medium.com/13-17-lab-stored-xss-into-anchor-href-attribute-with-double-quotes-html-encoded-2024-ebbe53b33015?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, hacking, penetration-testing, cybersecurity22-Mar-2024
AutoLayer is Starting a Bug Bounty Programhttps://autolayer.medium.com/autolayer-is-starting-a-bug-bounty-program-dfb59584a0ee?source=rss------bug_bounty-5AutoLayercrypto, defi, bug-bounty22-Mar-2024
Unveiling The Techniques Of Finding Blind & Time based SSRF In Web Applications (with a…https://adipsharif.medium.com/unveiling-the-techniques-of-finding-blind-ssrf-in-web-applications-with-a-exploitation-example-9e36a78ccca6?source=rss------bug_bounty-5ADIPbug-bounty-tips, bug-bounty, information-security, pentesting, penetration-testing22-Mar-2024
5 Advanced Ways I Test For File Upload Vulnerabilitieshttps://medium.com/@red.whisperer/5-advanced-ways-i-test-for-file-upload-vulnerabilities-5b01358f87d1?source=rss------bug_bounty-5RedPandabug-bounty, infosec, red-team, hacking22-Mar-2024
Understanding Subdomain Squattinghttps://bytebusterx.medium.com/understanding-subdomain-squatting-9d61f8c432fc?source=rss------bug_bounty-5ByteBusterXhacking, infosec, cybersecurity, bug-bounty, cyberattack22-Mar-2024
How i found my first 318.39$ bugs!https://cyberbh.medium.com/how-i-found-my-first-318-39-bugs-10ccd2379320?source=rss------bug_bounty-5Msecurity BHbug-bounty, information-exposure, penetration-testing, security-misconfiguration, api22-Mar-2024
Unveiling The Techniques Of Testing Endpoint Identify Verification In Android Applicationshttps://adipsharif.medium.com/unveiling-the-techniques-of-testing-endpoint-identify-verification-in-android-applications-2a8186091296?source=rss------bug_bounty-5ADIPinformation-security, bug-bounty, android-app-development, penetration-testing, pentesting22-Mar-2024
ABUSING HTTP MISCONFIGURATIONS (HTTP YANLIŞ YAPILANDIRMALARININ KÖTÜYE KULLANILMASI)https://medium.com/@mirackucuk595/abusing-http-misconfigurations-http-yanli%C5%9F-yapilandirmalarinin-k%C3%B6t%C3%BCye-kullanilmasi-2ebbf38b2622?source=rss------bug_bounty-5Miraç Küçükhttps, burpsuite, bug-bounty, web-attack, http-request22-Mar-2024
Javascript deobfuscation the easy wayhttps://medium.com/@jad2121/javascript-deobfuscation-the-easy-way-637d7e9b2952?source=rss------bug_bounty-5JDbug-bounty, bug-bounty-tips, javascript-obfuscate22-Mar-2024
Unveiling the One-Click Account Takeover: It Started with an Innocent Open Redirecthttps://medium.com/@hmuhamm3d/unveiling-the-one-click-account-takeover-it-started-with-an-innocent-open-redirect-9f4942ddf03f?source=rss------bug_bounty-5Hassaan Mohamedbug-bounty, bug-bounty-hunter, account-takeover, bugbounty-writeup, bug-bounty-tips22-Mar-2024
Critical Vulnerability in PostgreSQL JDBC Driver — Understanding CVE-2024–1597https://shubhamrooter.medium.com/critical-vulnerability-in-postgresql-jdbc-driver-understanding-cve-2024-1597-81ac202c295e?source=rss------bug_bounty-5Shubham Tiwaribug-bounty, cybersecurity, jdbc-driver, postgresql, cve-2024-159721-Mar-2024
Digital Goldmine: Innovative Ways to Make Money Online in 2024https://medium.com/@thewriterdude/digital-goldmine-innovative-ways-to-make-money-online-in-2024-c7d33d655535?source=rss------bug_bounty-5Thewriterdudebusiness, bug-bounty, artificial-intelligence, 100-followers, blockchain21-Mar-2024
User information disclosure via message reactionshttps://melguerdawi.medium.com/user-information-disclosure-via-message-reactions-1576a6b0f236?source=rss------bug_bounty-5Mostafa Elguerdawibug-bounty, bug-bounty-tips21-Mar-2024
Major Update for Attack Surface Discovery toolhttps://netlas.medium.com/major-update-for-attack-surface-discovery-tool-4ed4f1bc80fb?source=rss------bug_bounty-5Netlas.iobug-bounty, penetration-testing, cybersecurity, reconnaissance, osint21-Mar-2024
Vulnerability Disclosure vs Bug Bounty: What’s the difference and why it mattershttps://medium.com/@levente.b.molnar/vulnerability-disclosure-vs-bug-bounty-whats-the-difference-and-why-it-matters-ce99be906b1c?source=rss------bug_bounty-5Hackratebug-bounty, security, vulnerability-disclosure, cybersecurity, penetration-testing21-Mar-2024
Best Practices for Web3 Bug Bounty Programshttps://medium.com/@auditone.io/best-practices-for-web3-bug-bounty-programs-e333992aee9f?source=rss------bug_bounty-5AuditOneauditing-services, web3, bug-bounty-tips, bug-bounty, audit21-Mar-2024
Unveiling The Techniques Of Finding Server-Side Request Forgery (SSRF) In Web Applications (with a…https://adipsharif.medium.com/unveiling-the-techniques-of-finding-server-side-request-forgery-ssrf-in-web-applications-with-a-2ac1dd20ef87?source=rss------bug_bounty-5ADIPpentesting, bug-bounty, information-security, bug-bounty-tips, cybersecurity21-Mar-2024
urit13.16 Lab: DOM XSS in jQuery anchor href attribute sink using location.search source | 2024https://cyberw1ng.medium.com/urit13-16-lab-dom-xss-in-jquery-anchor-href-attribute-sink-using-location-search-source-2024-8f8df8703aef?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, cybersecurity, hacking, penetration-testing21-Mar-2024
Buy Any Movie Tickets for Just Rs 10 (IDOR Vulnerability)https://medium.com/@sahilkushwaha275/buy-any-movie-tickets-for-just-rs-10-idor-vulnerability-670d03a45def?source=rss------bug_bounty-5S33NUbugs, idor-vulnerability, bug-bounty, technology, cybersecurity21-Mar-2024
How I found my first DOM based XSShttps://medium.com/@jsamia/how-i-found-my-first-dom-based-xss-a79f342d50d6?source=rss------bug_bounty-5Jaeden Samiabug-bounty, ethical-hacking, security, vulnerability21-Mar-2024
Automate XSS With These 3 Simple Toolshttps://medium.com/@Ajakcybersecurity/automate-xss-with-these-3-simple-tools-e0dcc89c06d0?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, cybersecurity, hacking, bug-bounty, xss-attack21-Mar-2024
Frida Use Cases and Exampleshttps://medium.com/@prinsharma1999/frida-use-cases-and-examples-984f9a2ddc69?source=rss------bug_bounty-5Prinsharmabug-bounty, bug-bounty-tips, hacking, pentest, infosec21-Mar-2024
403 Forbidden Bypass Exposing API Keyhttps://medium.com/@georgeppmc/403-forbidden-bypass-exposing-api-key-b5c9df9daeb3?source=rss------bug_bounty-5George Torrescybersecurity, bug-bounty21-Mar-2024
A Tester's Journey Through Test Automation and Practical Scenarios.https://medium.com/@tomiwaodufote/a-testers-journey-through-test-automation-and-practical-scenarios-dfb9f7074062?source=rss------bug_bounty-5Tomiwaremote-work, test-automation, bug-bounty, testing, software-engineering20-Mar-2024
Reflected XSS To Account Takeover Without Stealing Session Cookiehttps://medium.com/@rifqihz/reflected-xss-to-account-takeover-without-stealing-session-cookie-89c6ed62a3e4?source=rss------bug_bounty-5Rifqi Hilmy Zhafrantxs, hackerone, bug-bounty20-Mar-2024
ABUSING HTTP MISCONFIGURATIONS (HTTP YANLIŞ YAPILANDIRMALARININ KÖTÜYE KULLANILMASI)https://medium.com/@mirackucuk595/abusing-http-misconfigurations-http-yanli%C5%9F-yapilandirmalarinin-k%C3%B6t%C3%BCye-kullanilmasi-428333a3ddc6?source=rss------bug_bounty-5Miraç Küçükburpsuite, web-attack, https, bug-bounty, web-cache20-Mar-2024
The Art of Debugging: Tips and Tricks for Finding the Root Cause of Bugshttps://medium.com/@securelearn/the-art-of-debugging-tips-and-tricks-for-finding-the-root-cause-of-bugs-c1d9e4b9e04a?source=rss------bug_bounty-5Rohan Giridebugging, bug-finding, bug-bounty-tips, bug-bounty20-Mar-2024
H@ppy H@cking Psychomonghttps://medium.com/@psychomong/h-ppy-h-cking-psychomong-335f9049aca9?source=rss------bug_bounty-5psychomongcyber, cybersecurity, bug-bounty-tips, bug-bounty, bugs20-Mar-2024
Recon With AIhttps://medium.com/@patidarbhuwan44/recon-with-ai-c211623604e8?source=rss------bug_bounty-5Bhuwan Patidarbug-bounty, recon, reconnaissance, bug-bounty-tips20-Mar-2024
Reflected XSS with some SVG markup allowedhttps://medium.com/@ebrahimelsayed4457/reflected-xss-with-some-svg-markup-allowed-74851ff591d5?source=rss------bug_bounty-5Ebrahim El-Sayedcybersecurity, bug-bounty, portswigger, xss-attack, penetration-testing20-Mar-2024
$200 Business Logic Blunder In Sole Source Projecthttps://medium.com/@_0jatin0_/200-business-logic-blunder-in-sole-source-project-99a7bbe0d2f0?source=rss------bug_bounty-5Jatin_Chudasamabug-bounty-writeup, logic-flaw, bug-bounty20-Mar-2024
The Art Of Probing Memory for Sensitive Data In Android Applications (The Offensive Security Way)https://medium.com/@adipsharif/the-art-of-probing-memory-for-sensitive-data-in-android-applications-the-offensive-security-way-6aca19ce522f?source=rss------bug_bounty-5ADIPbug-bounty, penetration-testing, information-security, cybersecurity, infosec20-Mar-2024
Why Bug Bounty is Trending?https://medium.com/@shivyanshi.shukla/why-bug-bounty-is-trending-c981e7c28423?source=rss------bug_bounty-5Shivyanshi shuklabug-bounty, cybersecurity20-Mar-2024
IDOR to make comment in user’s private postshttps://medium.com/@youssifm.raghib/idor-to-make-comment-in-users-private-posts-47d13b843c32?source=rss------bug_bounty-5Youssif M Raghibbug-bounty-tips, bug-bounty, bug-hunter, bug-hunting20-Mar-2024
No rate limit in comments with IDORhttps://medium.com/@youssifm.raghib/no-rate-limit-in-comments-with-idor-d8904f3db588?source=rss------bug_bounty-5Youssif M Raghibbug-bounty, bugs, bug-hunting20-Mar-2024
Electrum-Dime Beta Launch: A New Era for Dimecoinhttps://dimecoinnetwork.medium.com/electrum-dime-beta-launch-a-new-era-for-dimecoin-72b5740598d4?source=rss------bug_bounty-5Dimecoin Networkdevelopment, dimecoin, blockchain, bug-bounty, cryptocurrency20-Mar-2024
Behind the Bug Report: From Overlooked to Overhauledhttps://interc3pt3r.medium.com/behind-the-bug-report-from-overlooked-to-overhauled-94a9e5595a8a?source=rss------bug_bounty-5Aneesha Dcybersecurity, security, web-applications, bug-bounty, hacking20-Mar-2024
Mantente al tanto de las actualizaciones. ¿Qué representan el punto azul y rojo en Burp Suite?https://medium.com/@ArtsSEC/mantente-al-tanto-de-las-actualizaciones-qu%C3%A9-representan-el-punto-azul-y-rojo-en-burp-suite-1da1a5c74f16?source=rss------bug_bounty-5ArtsSECburpsuite, bug-bounty, vulnerability, pentesting, hacking20-Mar-2024
13.15 Lab: Reflected XSS into HTML context with all tags blocked except custom ones | 2024https://cyberw1ng.medium.com/13-15-lab-reflected-xss-into-html-context-with-all-tags-blocked-except-custom-ones-2024-ca34eec89d88?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, hacking, penetration-testing, cybersecurity20-Mar-2024
The Art Of Testing Symmetric Cryptography During Pentesting Android Applicationshttps://medium.com/@adipsharif/the-art-of-testing-symmetric-cryptography-during-pentesting-android-applications-154dbab795d7?source=rss------bug_bounty-5ADIPbug-bounty, cybersecurity, android, bug-bounty-tips, penetration-testing20-Mar-2024
Checking Backups For Sensitive Data in Android Applications (The Offensive Security Way)https://medium.com/@adipsharif/checking-backups-for-sensitive-data-in-android-applications-the-offensive-security-way-95bd8820b84e?source=rss------bug_bounty-5ADIPpenetration-testing, bug-bounty, android, cybersecurity, android-app-development20-Mar-2024
Why Regular Security Sweeps Are Crucial for Business Successhttps://medium.com/@siddiquiasad2299/why-regular-security-sweeps-are-crucial-for-business-success-7de57c663ca7?source=rss------bug_bounty-5Asad Siddiquitscm-services-bug-sweeps, bug-bounty, bug-detection20-Mar-2024
Passlord: Your Ultimate Weapon for Creating Tailored Wordlistshttps://navnee1h.medium.com/passlord-your-ultimate-weapon-for-creating-tailored-wordlists-924a491e9a0f?source=rss------bug_bounty-5Navaneeth M Shacking, bug-bounty, passwords, cybersecurity, wordlist20-Mar-2024
Bypassing an IDOR A couple of times — $$$$https://medium.com/@bxrowski0x/bypassing-an-idor-a-couple-of-times-4d67555a1545?source=rss------bug_bounty-5Omar ElSayedbug-bounty-tips, idor, cybersecurity, bug-bounty-writeup, bug-bounty20-Mar-2024
Biometric Authentication Bypass In Android Applications (The Offensive Security Way)https://medium.com/@adipsharif/biometric-authentication-bypass-in-android-applications-the-offensive-security-way-c37d89b06db2?source=rss------bug_bounty-5ADIPandroid-app-development, bug-bounty, penetration-testing, android, androiddev20-Mar-2024
How We Can Check Configuration of Cryptographic Standard Algorithms & Random Number Generation…https://medium.com/@adipsharif/how-we-can-check-configuration-of-cryptographic-standard-algorithms-random-number-generation-000cf9bfdb64?source=rss------bug_bounty-5ADIPhacking, cybersecurity, bug-bounty, pentesting, bug-bounty-tips20-Mar-2024
Detecting Cyber Threats with Resemble.js: Safeguarding Digital Assets through Image Analysishttps://medium.com/@corymack34/detecting-cyber-threats-with-resemble-js-safeguarding-digital-assets-through-image-analysis-9e2f3427f8ed?source=rss------bug_bounty-5Cory Macksteganalysis, threat-detection, bug-bounty, cybersecurity, image-analysis20-Mar-2024
Biometric Authentication Bypass In Android Applications (The Offensive Security Way)https://adipsharif.medium.com/biometric-authentication-bypass-in-android-applications-the-offensive-security-way-c37d89b06db2?source=rss------bug_bounty-5ADIPandroid-app-development, bug-bounty, penetration-testing, android, androiddev20-Mar-2024
Evaluate, apply, and sustain security governance principles !https://infosecwriteups.com/evaluate-apply-and-sustain-security-governance-principles-1e038a02423a?source=rss------bug_bounty-5Paritoshsecurity-governance, information-technology, cissp, bug-bounty, cybersecurity19-Mar-2024
The Ultimate Guide to Red Teaming: Inside “A-poc/RedTeam-Tools”https://infosecwriteups.com/the-ultimate-guide-to-red-teaming-inside-a-poc-redteam-tools-69645572cf0f?source=rss------bug_bounty-5ElNiakred-team, bug-bounty, github, penetration-testing, cybersecurity19-Mar-2024
3 Step Find Critical Bug In Bug Bounty — Bug Bounty Tuesdayhttps://medium.com/@kerstan/3-step-find-critical-bug-in-bug-bounty-bug-bounty-tuesday-99011ec2cf27?source=rss------bug_bounty-5kerstansecurity, technology, cybersecurity, hacking, bug-bounty19-Mar-2024
Hunting JavaScript File for Bug Huntershttps://vivek-ghinaiya.medium.com/hunting-javascript-file-for-bug-hunters-e8b278a1306a?source=rss------bug_bounty-5Vivek Ghinaiyabug-hunting, bug-bounty, bug-bounty-writeup, javascript, bug-bounty-tips19-Mar-2024
Finding the hidden function led to a $300 IDORhttps://infosecwriteups.com/finding-the-hidden-function-led-to-a-300-idor-d37219c66d03?source=rss------bug_bounty-5M7arm4nbug-bounty-tips, bug-bounty, hacking, hacker, security19-Mar-2024
CVE-2024–28436 Cross-Site Scripting Vulnerability in D-Link DAP Productshttps://djallalakira.medium.com/cve-2024-28436-cross-site-scripting-vulnerability-in-d-link-dap-products-3596976cc99f?source=rss------bug_bounty-5Djallalakirabug-bounty, cybersecurity, bug-bounty-writeup19-Mar-2024
IDOR to read all user’s private route commentshttps://medium.com/@youssifm.raghib/idor-to-read-all-users-private-route-comments-e97120d43262?source=rss------bug_bounty-5Youssif M Raghibcybersecurity, bug-bounty, bug-bounty-tips19-Mar-2024
Get allmost all subdomainshttps://medium.com/@petrukhin.s.a/get-allmost-all-subdomains-5694dcc3cb60?source=rss------bug_bounty-5Sergei Petrukhinsubdomain, bug-bounty, subdomains-enumeration, bug-bounty-tips19-Mar-2024
13.14 Lab: Reflected XSS into HTML context with most tags and attributes blocked | 2024https://cyberw1ng.medium.com/13-14-lab-reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-2024-7e2106ef89b2?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, penetration-testing, cybersecurity, hacking19-Mar-2024
The Art Of Unveiling Logs for Sensitive Data In Android Applications (The Offensive Security Way)https://medium.com/@adipsharif/the-art-of-unveiling-logs-for-sensitive-data-in-android-applications-the-offensive-security-way-9c823532d004?source=rss------bug_bounty-5ADIPcybersecurity, bug-bounty, application-security, penetration-testing, bug-bounty-tips19-Mar-2024
HackTheBox — Information Gathering: Active Enumerationhttps://medium.com/@harry.hphu/hackthebox-information-gathering-active-enumeration-e43481ef85f9?source=rss------bug_bounty-5Huy Phusubdomains-enumeration, hackthebox, enumeration, bug-bounty, information-gathering19-Mar-2024
Unleashing Chaos: The Tale of the 0-Click Account Takeoverhttps://medium.com/@hmuhamm3d/unleashing-chaos-the-tale-of-the-0-click-account-takeover-21c2cedabc4b?source=rss------bug_bounty-5Hassaan Mohamedpenetration-testing, bug-bounty, account-takeover, bugswagger, infosec-write-ups19-Mar-2024
The Art Of Determining Whether Sensitive Data Is Shared with Third Parties via Embedded Services …https://medium.com/@adipsharif/the-art-of-determining-whether-sensitive-data-is-shared-with-third-parties-via-embedded-services-beba2856ef96?source=rss------bug_bounty-5ADIPbug-bounty-tips, cybersecurity, penetration-testing, bug-bounty, hacking19-Mar-2024
Medium Member Friend Links bughttps://karol-mazurek.medium.com/medium-member-friend-links-bug-b1d0020fbe39?source=rss------bug_bounty-5Karol Mazurekmedium, information-technology, penetration-testing, cybersecurity, bug-bounty18-Mar-2024
[Bug Bounty]xlsx 上传导致 XXE 漏洞https://medium.com/@_thorns/bug-bounty-xlsx-%E4%B8%8A%E4%BC%A0%E5%AF%BC%E8%87%B4-xxe-%E6%BC%8F%E6%B4%9E-e0615bee6af6?source=rss------bug_bounty-5_thornsbug-bounty18-Mar-2024
Burpsuite Beginners Guidehttps://medium.com/@OthmaneAitBouftass/burpsuite-beginners-guide-6bc7a08ca8f7?source=rss------bug_bounty-5Othmane Ait Bouftassweb-security, penetration-testing, bug-bounty, cybersecurity, ethical-hacking18-Mar-2024
LAMPSecurity CTF5 Walkthroughhttps://erdemstar.medium.com/lampsecurity-ctf5-walkthrough-d24f67a5fd63?source=rss------bug_bounty-5Erdemstaroscp-preparation, penetration-testing, bug-bounty, vulnhub-walkthrough, vulnhub18-Mar-2024
Subdomain Fuzzing worth 35k bounty!https://medium.com/@HX007/subdomain-fuzzing-worth-35k-bounty-daebcb56d9bc?source=rss------bug_bounty-5HX007cybersecurity, bug-bounty18-Mar-2024
Happy H@cking Psychomonghttps://medium.com/@psychomong/trhappy-h-cking-psychomong-bfa566350a01?source=rss------bug_bounty-5Psychomonghacking-tools, hacking, research, bug-bounty, bounty-program18-Mar-2024
13.13 Lab: Stored DOM XSS Cross Site Scripting | 2024https://cyberw1ng.medium.com/13-13-lab-stored-dom-xss-cross-site-scripting-2024-f4c9a21ea262?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, penetration-testing, hacking, cybersecurity18-Mar-2024
Security.txt Nedir ?https://medium.com/@ozanbozkurt1974/security-txt-nedir-d7d38a069cd8?source=rss------bug_bounty-5ozan bozkurtsecurity, bug-bounty, cybersecurity, red-team18-Mar-2024
Orderly Network: Unleashing Creativity in the DeFi Ecosystem through the Scaling Web3 Hackathonhttps://medium.com/@orderlynetwork/orderly-network-unleashing-creativity-in-the-defi-ecosystem-through-the-scaling-web3-hackathon-5cd75096ecba?source=rss------bug_bounty-5Orderly Network (,)encode-club, orderly-network, bug-bounty, defi, blockchain-development18-Mar-2024
Web Security Short Series — SQLi.https://medium.com/@frankyyano/web-security-short-series-sqli-f222f04431a6?source=rss------bug_bounty-5Yano.oscp, appsec, bug-bounty, sqli, sql18-Mar-2024
XML External Entity (XXE) attackhttps://bytebusterx.medium.com/xml-external-entity-xxe-attack-69f7b268be01?source=rss------bug_bounty-5ByteBusterXvulnerability, bug-bounty, infosec, web-security18-Mar-2024
Happy H@cking Psychomonghttps://medium.com/@psychomong123/trhappy-h-cking-psychomong-bfa566350a01?source=rss------bug_bounty-5Psychomong123hacking-tools, hacking, research, bug-bounty, bounty-program18-Mar-2024
Understanding Injection Attacks: A Deep Dive into OWASP’s Top Vulnerabilityhttps://osintteam.blog/understanding-injection-attacks-a-deep-dive-into-owasps-top-vulnerability-7d59e3535187?source=rss------bug_bounty-5Paritoshbug-bounty, cybersecurity, hacking, owasp, injection-attacks17-Mar-2024
Bug Zero at a Glance [01–15 March]https://blog.bugzero.io/bug-zero-at-a-glance-01-15-march-ba1ba88870ee?source=rss------bug_bounty-5Januka Dharmapriyasri-lanka, newsletter, cybersecurity, bug-zero, bug-bounty17-Mar-2024
Bug Bounty Platforms are a Scam [Mostly]https://medium.com/@hacktheplanet/bug-bounty-platforms-are-a-scam-mostly-ea53fe54c53d?source=rss------bug_bounty-5HackthePlanet - A Hacker's Blog.cybersecurity, scams-to-avoid, bug-bounty, hacking, bug-hunting17-Mar-2024
My Journey into Bug Bounty: Revealing My First Successful Discoveryhttps://medium.com/@kajol_singh/my-journey-into-bug-bounty-revealing-my-first-successful-discovery-81b5d2efcbde?source=rss------bug_bounty-5Kajol Kumaribug-bounty-tips, bounty-program, bug-bounty, developer, cybersecurity17-Mar-2024
Skipping the email verification is Good (or) Bad?https://medium.com/@Alex_crypto/skipping-the-email-verification-is-good-or-bad-ef045dc8d3ed?source=rss------bug_bounty-5Alex_Cryptobug-bounty, security-analytics, hacking17-Mar-2024
Mastering XSS: A Comprehensive Guide to Finding Cross-Site Scripting Vulnerabilitieshttps://cyberw1ng.medium.com/mastering-xss-a-comprehensive-guide-to-finding-cross-site-scripting-vulnerabilities-3891ab930274?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing17-Mar-2024
How I found my first ever bug.https://osintteam.blog/how-i-found-my-first-ever-bug-89fedb5a9b3c?source=rss------bug_bounty-5an0nbilcybersecurity, technology, programming, javascript, bug-bounty17-Mar-2024
Application Level DoS - Smoking with ‘null’ Againhttps://shahjerry33.medium.com/application-level-dos-smoking-with-null-again-364ce16dad74?source=rss------bug_bounty-5Jerry Shah (Jerry)pentesting, cybersecurity, bug-bounty, vulnerability, infosec17-Mar-2024
Redirecting a webpage from HTTP to HTTPS is safe and how to identify whether the webpage is safe or…https://medium.com/@Alex_crypto/if-the-forgot-password-link-is-copied-and-pasted-into-the-new-tab-it-opens-in-http-and-directs-to-8e8f80c4a9f6?source=rss------bug_bounty-5Alex_Cryptobug-bounty, security17-Mar-2024
Bug Bounty Learning Pathhttps://bevijaygupta.medium.com/bug-bounty-learning-path-0c0015d6a71d?source=rss------bug_bounty-5Vijay Guptabugs, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-zero17-Mar-2024
Bug Bounty Platformshttps://bevijaygupta.medium.com/bug-bounty-platforms-499275d1d9b4?source=rss------bug_bounty-5Vijay Guptabug-bounty-platforms, bugs, bug-bounty, bug-bounty-tips17-Mar-2024
Bug Bounty Tutorial : Login Bypass Techniquehttps://rajput623929.medium.com/bug-bounty-tutorial-login-bypass-technique-d7508856b2a1?source=rss------bug_bounty-5Mr.Horbiopoc, bug-bounty, cybersecurity, ethical-hacking, pentesting17-Mar-2024
I earned $1000 with IDOR’s vulnerability to PII leaks outside the platform.https://aryasec.medium.com/i-earned-1000-with-idors-vulnerability-to-pii-leaks-outside-the-platform-65b1cbcfa26e?source=rss------bug_bounty-5Tengku Arya Saputraidor, bugbounty-writeup, bug-bounty, idor-vulnerability17-Mar-2024
How to make a living as a Hacker!https://medium.com/@rafael.code77/how-to-make-a-living-as-a-hacker-ff8fafa98b0b?source=rss------bug_bounty-5Rafael Henriquescience, money, programming, bug-bounty, hacking16-Mar-2024
https://medium.com/@morganbinbash/-25027f11f71e?source=rss------bug_bounty-5Morgan Bin Bashpentesting, cybersecurity, bug-bounty, cyber-threat-intelligence16-Mar-2024
Types of Cyber Attacks on Each OSI Layerhttps://medium.com/@kumarsachin1642001/types-of-cyber-attacks-on-each-osi-layer-56e746dfa3b8?source=rss------bug_bounty-5sachin kumarcybersecurity, hackerone, hacker, cyberattack, bug-bounty16-Mar-2024
Tips to get your first bug/bountyhttps://medium.com/@mr_prey3r/tips-to-get-your-first-bug-bounty-c5a862ad8567?source=rss------bug_bounty-5Rubayet Hasan aka MR_Prey3rfirst-bug, bug-bounty, bug-bounty-tips, first-bounty, find-your-first-bug16-Mar-2024
Bug Bounty Challenge: Day 7–16/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-7-16-03-2024-5c48ff96f9d0?source=rss------bug_bounty-5Wallotrybug-bounty-writeup, bug-bounty, bug-bounty-tips, bug-bounty-hunter16-Mar-2024
IDOR + Content Injection Penetration Testing Lesson 5https://medium.com/@or0to/idor-content-injection-penetration-testing-lesson-5-fe3bdce12f8f?source=rss------bug_bounty-5Ali Essamsecurity, penetration-testing, bug-bounty, cybersecurity, ali16-Mar-2024
13.12 Lab: Reflected DOM XSS — Cross Site Scripting | 2024https://infosecwriteups.com/13-12-lab-reflected-dom-xss-cross-site-scripting-2024-0dc98e91ae42?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, bug-bounty, careers, penetration-testing16-Mar-2024
How Secure is Java’s SecureProcessing?https://medium.com/@dub-flow/how-secure-is-javas-secureprocessing-ec49544a59ad?source=rss------bug_bounty-5Florian Waltercybersecurity, application-security, java, code-review, bug-bounty16-Mar-2024
How I was able to disclose the Users’ chats with AI chat Bot?https://medium.com/@who1am1i999/how-i-was-able-to-disclose-the-users-chats-with-ai-chat-bot-c7d8b13ca713?source=rss------bug_bounty-5WHO AM I ?information-security, fuzzing, bug-bounty, cybersecurity, information-disclosure15-Mar-2024
Understanding Path Traversal Vulnerabilities: Risks and Mitigationhttps://medium.com/@paritoshblogs/understanding-path-traversal-vulnerabilities-risks-and-mitigation-6149a506a65b?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, hacking, cybersecurity, path-traversal15-Mar-2024
Account takeover via Password resethttps://medium.com/@Rahulkrishnan_R_Panicker/account-takeover-via-password-reset-c2658e1f58eb?source=rss------bug_bounty-5Rahulkrishnan R Panickerbug-bounty, cybersecurity, bugbounty-writeup, programming, bug-bounty-writeup15-Mar-2024
I discovered a new way to bypass CSRF protection to achieve Account Takeoverhttps://medium.com/@vflexo/i-discovered-a-new-way-to-bypass-csrf-protection-to-achieve-account-takeover-73d1dff3c67a?source=rss------bug_bounty-5vFlexoinformation-technology, bug-bounty, penetration-testing, vapt, ethical-hacking15-Mar-2024
BugRap Ecosystem Panorama: Empowering Web3 Security Developmenthttps://medium.com/@BugRap_Team/bugrap-ecosystem-panorama-empowering-web3-security-development-6cbe2f7adb24?source=rss------bug_bounty-5BugRap Teamweb-development, bug-bounty, security, btc15-Mar-2024
Exploring Bug Bounty Hunting as a Promising Career Choice for Cybersecurity Professionalshttps://medium.com/mynextdeveloper/exploring-bug-bounty-hunting-as-a-promising-career-choice-for-cybersecurity-professionals-2015563daac8?source=rss------bug_bounty-5MyNextDeveloperhacking, bug-bounty, cybersecurity, client-security, cyber15-Mar-2024
13.11 Lab: DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encoded |…https://cyberw1ng.medium.com/13-11-lab-dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-d7188a250ad8?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, hacking, careers, penetration-testing15-Mar-2024
Reconnaissance: How GitDorks can power up your recon!https://medium.com/@kieran.w/reconnaissance-how-gitdorks-can-power-up-your-recon-da3c5e412925?source=rss------bug_bounty-5Kieran Wgitdorking, reconnaissance, penetration-testing, bug-bounty, security-testing15-Mar-2024
Bug Bounty Challenge: Day 6–15/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-6-15-03-2024-a5c6c1a67647?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty, bug-bounty-writeup15-Mar-2024
BChecks en Burp Suite Professionalhttps://medium.com/@ArtsSEC/bchecks-en-burp-suite-professional-5d8c4754349e?source=rss------bug_bounty-5ArtsSECburpsuite, development, penetration-testing, web-development, bug-bounty15-Mar-2024
13.10 Lab: DOM XSS in document.writehttps://cyberw1ng.medium.com/13-10-lab-dom-xss-in-document-write-c702cd0bd743?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, careers, penetration-testing, hacking14-Mar-2024
MRS #2: Bypassing premium features by checking “premium validation” parameters (€€€)https://infosecwriteups.com/mrs-2-bypassing-premium-features-by-checking-premium-validation-parameters-f2e211fad160?source=rss------bug_bounty-5can1337infosec, business-logic, bug-bounty-tips, bug-bounty, cybersecurity14-Mar-2024
Unleash the Power of the Crypto Drainer: Your Ultimate Weapon in Crypto Wallet Draining!https://medium.com/@colbe.judge/unleash-the-power-of-the-crypto-drainer-your-ultimate-weapon-in-crypto-wallet-draining-bd4ece99cc24?source=rss------bug_bounty-5CryptoDrainXbug-bounty, hacking, bug-bounty-tips, hacking-tools, money14-Mar-2024
Unleash the Ultimate Multichain Wallet Drainer — Crypto Drainer: Drain ’Em all with Just One Click!https://medium.com/@colbe.judge/unleash-the-ultimate-multichain-wallet-drainer-crypto-drainer-drain-em-all-with-just-one-click-0afa35f9b736?source=rss------bug_bounty-5CryptoDrainXbug-bounty, cryptocurrency, bug-bounty-tips, nft, bitcoin14-Mar-2024
Insane Crypto-Drainer Exposed: The Ultimate Wallet Drainer You Can’t Ignore!https://medium.com/@colbe.judge/insane-crypto-drainer-exposed-the-ultimate-wallet-drainer-you-cant-ignore-7545f4c9c86d?source=rss------bug_bounty-5CryptoDrainXbug-bounty, crypto, nft, defi, money14-Mar-2024
How To Get $100k in 2024 With Crypto [Unrevealed]https://medium.com/@colbe.judge/how-to-get-100k-in-2024-with-crypto-unrevealed-b40081b8fb41?source=rss------bug_bounty-5CryptoDrainXblockchain, cryptocurrency, hacking-tools, hacking, bug-bounty14-Mar-2024
5 Websites to Learn Bug Hunting: A Beginner’s Guidehttps://medium.com/@aayushdhakal005/5-websites-to-learn-bug-hunting-a-beginners-guide-4399c2f94917?source=rss------bug_bounty-5Creepyshitwebsite, bug-bounty, cybersecurity, resources14-Mar-2024
Bug Bounty Challenge: Day 5–14/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-5-14-03-2024-b8fe8dae8cb5?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter14-Mar-2024
GRWM for WebApp PenTest | Command Injectionhttps://redsock1337.medium.com/grwm-for-webapp-pentest-command-injection-e205906573e2?source=rss------bug_bounty-5Jbros, command-line, bug-bounty-tips, cybersecurity, bug-bounty14-Mar-2024
Uncovering Host Header Injection Vulnerabilities in 5 Apex Domain Hosts Part Two how to chainhttps://javroot.medium.com/uncovering-host-header-injection-vulnerabilities-in-5-apex-domain-hosts-part-two-how-to-chain-0abe308a4807?source=rss------bug_bounty-5Javrootweb, hacking, penetration-testing, bug-bounty-tips, bug-bounty14-Mar-2024
API Security: Essential Tools for Endpoint Analysishttps://iaraoz.medium.com/api-security-essential-tools-for-endpoint-analysis-efb1c72675c0?source=rss------bug_bounty-5Israel Aráoz Severichebug-bounty, owasp, appsec, cybersecurity, api-security14-Mar-2024
Exploiting Cross-Site Scripting XSS vulnerabilities for Bug Bounty — Portswigger | 2024https://cyberw1ng.medium.com/exploiting-cross-site-scripting-xss-vulnerabilities-for-bug-bounty-portswigger-2024-88d6e1df4658?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, penetration-testing, cybersecurity, bug-bounty13-Mar-2024
How To Do Malware Analysishttps://medium.com/@paritoshblogs/how-to-do-malware-analysis-62bd1f8052bb?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, information-technology, security, malware-analysis13-Mar-2024
Easiest way to find hidden api from js fileshttps://medium.com/@jeetpal2007/easiest-way-to-find-hidden-api-from-js-files-ce115a4ad1af?source=rss------bug_bounty-5JEETPALcybersecurity, bounties, api-key, easiest-way, bug-bounty13-Mar-2024
Enhancing Your Bug Hunting Skills: 5 Must-Read Bookshttps://medium.com/@aayushdhakal005/enhancing-your-bug-hunting-skills-5-must-read-books-edb6029c19a6?source=rss------bug_bounty-5Creepyshitbug-bounty, cybersecurity, books, web13-Mar-2024
Lets Talk Pentest Strategyhttps://medium.com/@hackstack/lets-talk-pentest-strategy-adea4d3b085e?source=rss------bug_bounty-5HackStackpentest, pentesting, how-to, bug-bounty13-Mar-2024
Email based IDOR makes me update Other User Profilehttps://rohmadhidayah.medium.com/email-based-idor-makes-me-update-other-user-profile-8e6e289f4391?source=rss------bug_bounty-5Rohmad Hidayahidor, info-sec-writeups, infosec-write-ups, bug-bounty, bug-bounty-tips13-Mar-2024
Bug-Bounty/How I Found My FIRST Vulnerability and How could I Access the Admin Panel using it +…https://medium.com/@rogxoorsafe/bug-bounty-how-i-found-my-first-vulnerability-and-how-could-i-access-the-admin-panel-using-it-899d75da2f37?source=rss------bug_bounty-5Alireza Rogxoorcyberattack, bug-bounty, cybersecurity, hacking, security13-Mar-2024
Fuzzing to Kubernetes to IDOR to PII leakhttps://nityanandjha18.medium.com/fuzzing-to-kubernetes-to-idor-to-pii-leak-dae0dda70090?source=rss------bug_bounty-5NITYA NAND JHAvapt, ethical-hacking, bug-bounty13-Mar-2024
Researcher Q&A: Friends Who Work Together, Hack Better Togetherhttps://blog.developer.adobe.com/researcher-q-a-friends-who-work-together-hack-better-together-c698ff0be732?source=rss------bug_bounty-5Renae Kangsecurity, bug-bounty-program, security-researchers, bug-bounty, ethical-hacker13-Mar-2024
PROXY FUZZINGhttps://karol-mazurek.medium.com/proxy-fuzzing-4dc77968cfd8?source=rss------bug_bounty-5Karol Mazurekprogramming, information-technology, bug-bounty, python, cybersecurity13-Mar-2024
Reconnaissance?https://mrrobotstxt.medium.com/reconnaissance-ca2fa7bf821d?source=rss------bug_bounty-5Mr. Robots.txthackathons, bug-bounty, hacking, penetration-testing, cybersecurity13-Mar-2024
How much money did I make from doing Bug Bounty?https://systemweakness.com/how-much-money-did-i-make-from-doing-bug-bounty-707438b71f47?source=rss------bug_bounty-5Imad Husanovicbug-bounty, programming, hacking, cybersecurity, bug-bounty-tips13-Mar-2024
Cross-site scripting contexts for Bug Bounty — Portswigger | 2024https://cyberw1ng.medium.com/cross-site-scripting-contexts-for-bug-bounty-portswigger-2024-b927cfa70de3?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, penetration-testing, bug-bounty, cybersecurity12-Mar-2024
Business Logic Errors allow me to buy Products at Low Prices on Farmaku.comhttps://rohmadhidayah.medium.com/business-logic-errors-allow-me-to-buy-products-at-low-prices-on-farmaku-com-b8c9c0bcf5cc?source=rss------bug_bounty-5Rohmad Hidayahinfo-sec-writeups, bug-bounty-tips, business-logic, bug-bounty, infosec-write-ups12-Mar-2024
ShentuChain Unveils a Constellation of High-profile Investorshttps://shentuchain.medium.com/shentuchain-unveils-a-constellation-of-high-profile-investors-54b612b8dc30?source=rss------bug_bounty-5Shentu Chainbinance, cybersecurity, investors, bug-bounty, announcements12-Mar-2024
How I Discovered My First Critical Vulnerability in My Bug Bounty Careerhttps://snip3rgg.medium.com/how-i-discovered-my-first-critical-vulnerability-in-my-bug-bounty-career-cf0e048d14cb?source=rss------bug_bounty-5Sahil Bugade (snip3rgg)infosec, bug-bounty, vulnerability, bug-bounty-tips, cybersecurity12-Mar-2024
Account Takeover Through Rate-Limit Bypass — Bug Bounty Tuesdayhttps://medium.com/@kerstan/account-takeover-through-rate-limit-bypass-bug-bounty-tuesday-01229168dd89?source=rss------bug_bounty-5kerstanbug-bounty, security, programming, cybersecurity, technology12-Mar-2024
How I found my first ever valid bug on Hackeronehttps://medium.com/@rubaethasanariyan/how-i-found-my-first-ever-valid-bug-on-hackerone-da30015aa08d?source=rss------bug_bounty-5Rubayet Hasan aka MR_Prey3rbug-bounty-tips, bugbounty-poc, first-bug, hackerone, bug-bounty12-Mar-2024
Guvenkaya Security Insights Series — Sweat Economyhttps://medium.com/@guvenkaya-sec/guvenkaya-security-insights-series-sweat-economy-dbe681a79e7a?source=rss------bug_bounty-5Guvenkayanear-protocol, bug-bounty, smart-contracts, rust, web312-Mar-2024
BYPASSING PARENTAL CONTROL ON WHOLE APPLE ECO-SYSTEMhttps://medium.com/@sam0-0/bypassing-parental-control-on-whole-apple-eco-system-1c6975c24105?source=rss------bug_bounty-5Sambug-bounty, apple, infosec, bugbounty-writeup12-Mar-2024
Bug Bounty Challenge: Day 4/15–12/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-4-15-12-03-2024-412bf44f8b83?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-hunting12-Mar-2024
Minha Experiência ao Obter a Certificação CBBHhttps://tiredandsick.medium.com/cbbh-experience-prbt-bc2b376c4124?source=rss------bug_bounty-5SickAndTiredbug-bounty, hacking, pentesting, cbbh, hackthebox-academy12-Mar-2024
Utilizing Log Poisoning: Elevating from LFI to RCEhttps://medium.com/@YNS21/utilizing-log-poisoning-elevating-from-lfi-to-rce-5dca90d0a2ac?source=rss------bug_bounty-5Youness Abbidabug-bounty, hackthebox, local-file-inclusion, hackthebox-writeup, cybersecurity12-Mar-2024
Bug Bounty — Improper Authentication using Google Authhttps://medium.com/@nourrisson.julien3/bug-bounty-improper-authentication-using-google-auth-b45fbddab9be?source=rss------bug_bounty-5Nourrisson Julienbug-bounty, cybersecurity11-Mar-2024
HTML INJECTION (Payload List)https://medium.com/@psychomong/html-injection-payload-list-735e69f522ca?source=rss------bug_bounty-5psychomongbug-bounty, bugs, html, injection, htmlinput11-Mar-2024
Race Conditions + IDOR Leads to Bypass Email Verification & Phone Verificationhttps://medium.com/@ozomarzu/race-conditions-idor-leads-to-bypass-email-verification-phone-verification-f62c7d7b97e5?source=rss------bug_bounty-5CyberOzbugs, writeup, bug-bounty, hacking, bug-bounty-tips11-Mar-2024
Exploring AI Penetration Testinghttps://medium.com/@adityasawant00/exploring-ai-penetration-testing-38891e861acd?source=rss------bug_bounty-5Aditya Sawanthacking, bug-bounty, penetration-testing, ai, large-language-models11-Mar-2024
Bug Bounty Challenge: Day 3/15–11/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-3-15-11-03-2024-38993610e657?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-writeup11-Mar-2024
HTML Injection on NASA.govhttps://medium.com/@boogsta/html-injection-on-nasa-gov-91b1d3602ea0?source=rss------bug_bounty-5Boogstahacking, cybersecurity, hacker, cyber, bug-bounty11-Mar-2024
3 Information Disclosure in Bug Bounty Programhttps://medium.com/@jm7.zx/3-information-disclosure-in-bug-bounty-program-e0c12f6e25d5?source=rss------bug_bounty-5Jm7.szbug-bounty, cybersecurity, programming, data-science11-Mar-2024
GRWM for WebApp PenTest | XPATH Injectionhttps://whyjbr.medium.com/grwm-for-webapp-pentest-xpath-injection-0906154bbe91?source=rss------bug_bounty-5Jbrxpath, bug-bounty, cybersecurity, hacking, ethical-hacking11-Mar-2024
Exfiltrating Sensitive Information via Reflected XSS Bypassing Cloudflarehttps://medium.com/@mayankchoubey507/exfiltrating-sensitive-information-via-reflected-xss-bypassing-cloudfare-d82d9ccc24d6?source=rss------bug_bounty-5Mayankchoubeycybersecurity, xss-bypass, cloudflare, bug-bounty, xss-attack11-Mar-2024
24.4 Lab: Exploiting server-side parameter pollution in a query string | 2024https://infosecwriteups.com/24-4-lab-exploiting-server-side-parameter-pollution-in-a-query-string-2024-ac0e23db9c02?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, penetration-testing, cybersecurity, bug-bounty, careers11-Mar-2024
Top 7 BurpSuite Extensions for BugBounty- Part-1https://medium.com/@Ajakcybersecurity/top-7-burpsuite-extensions-for-bugbounty-part-1-4e9639649601?source=rss------bug_bounty-5AjakCybersecurityhacking, ethical-hacking, penetration-testing, burpsuite, bug-bounty11-Mar-2024
HackTheBox — Information Gatheringhttps://medium.com/@harry.hphu/hackthebox-information-gathering-a2d78c901dd0?source=rss------bug_bounty-5Huy Phuhackthebox, enumeration, bug-bounty, information-gathering11-Mar-2024
HackTheBox — Information Gathering: Passive Enumerationhttps://medium.com/@harry.hphu/hackthebox-information-gathering-passive-enumeration-85e45503683d?source=rss------bug_bounty-5Huy Phupassive-reconnaissance, hackthebox, information-gathering, bug-bounty11-Mar-2024
Vulnerability Vault: Breaking Down SSRF — Server Side Request Forgery (Part 2)https://psychovik.medium.com/vulnerability-vault-breaking-down-ssrf-server-side-request-forgery-part-2-a08d4a2b3d96?source=rss------bug_bounty-5Vikas Sharmahacking, cybersecurity, ssrf, bug-bounty, vulnerability10-Mar-2024
The Reset Password Attack Vectorhttps://balook.medium.com/the-reset-password-attack-vector-833e1291bb15?source=rss------bug_bounty-5baluzbug-bounty10-Mar-2024
How I get My First $$$$ Bounty?https://medium.com/@hacdoc/how-i-get-my-first-bounty-ec4d83eb5fbf?source=rss------bug_bounty-5Jaikumarbug-bounty-tips, hacking, bug-bounty10-Mar-2024
GRWM for WebApp PenTest | Insecure Deserializationhttps://whyjbr.medium.com/grwm-for-webapp-pentest-insecure-deserialization-adfa4f8cf53f?source=rss------bug_bounty-5Jbrphp, bug-bounty, inspiration, cybersecurity, hacking10-Mar-2024
How I get My First $$$$ Bounty?https://medium.com/@hacdoc/how-i-get-my-first-bounty-ec4d83eb5fbf?source=rss------bug_bounty-5ஜெய்bug-bounty-tips, hacking, bug-bounty10-Mar-2024
24.3 Lab: Exploiting a mass assignment vulnerability | 2024https://infosecwriteups.com/24-3-lab-exploiting-a-mass-assignment-vulnerability-2024-cc97a296d5fc?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, bug-bounty, hacking10-Mar-2024
Information Gathering #1https://medium.com/@mxfx1989/information-gathering-1-192f58c49f2e?source=rss------bug_bounty-5z4z4_h1red-team, cybersecurity, bug-bounty, hacking, infosec10-Mar-2024
Easiest bugs to starthttps://medium.com/@petrukhin.s.a/easiest-bugs-to-start-9f92d87f6e36?source=rss------bug_bounty-5Sergei Petrukhinopen-redirect, bug-bounty10-Mar-2024
Subdomains Enumerationhttps://d4t4s3c.medium.com/subdomains-enumeration-a23f44ba4687?source=rss------bug_bounty-5d4t4s3cbug-bounty, vhost, red-team, pentesting, subdomains-enumeration10-Mar-2024
Bug Bounty Challenge: Day 2/15–10/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-1-15-10-03-2024-b946472d71c8?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup, bug-bounty10-Mar-2024
Cross-origin resource sharing (CORS) | Web application Vulnerabilityhttps://abineshm.medium.com/cross-origin-resource-sharing-cors-web-application-vulnerability-afc0d3d35063?source=rss------bug_bounty-5Abinesh Mvulnerability, web-application-security, security, bug-bounty, bugs09-Mar-2024
Untangling Dependency Confusion: Exploring Threats and Protectionshttps://jareddouville.medium.com/untangling-dependency-confusion-exploring-threats-and-protections-7dd7f58de127?source=rss------bug_bounty-5Jared Douvillenpm, bug-bounty, hacking, hackerone09-Mar-2024
24.2 Lab: Finding and exploiting an unused API endpoint | 2024https://cyberw1ng.medium.com/24-2-lab-finding-and-exploiting-an-unused-api-endpoint-2024-81f3451df1a1?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, careers, bug-bounty, penetration-testing09-Mar-2024
Bug Bounty Challenge: Day 1/15–09/03/2024https://wallotry.medium.com/bug-bounty-challenge-day-1-15-09-03-2024-f7b1824f2262?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty, bug-bounty-writeup09-Mar-2024
24.1 Lab: Exploiting an API endpoint using documentation | 2024https://cyberw1ng.medium.com/24-1-lab-exploiting-an-api-endpoint-using-documentation-2024-5e7de5aaf53e?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, security, careers, hacking, bug-bounty08-Mar-2024
Vulnerability Vault: Breaking Down SSRF — Server Side Request Forgery (Part 1)https://psychovik.medium.com/vulnerability-vault-breaking-down-ssrf-server-side-request-forgery-part-1-b7e658589dd9?source=rss------bug_bounty-5Vikas Sharmacybersecurity, hacking, vulnerability, bug-bounty, ssrf08-Mar-2024
1K Followers Giveaway-https://medium.com/@Ajakcybersecurity/1k-followers-giveaway-892488a38a48?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, giveaway, free, bug-bounty, ethical-hacking08-Mar-2024
Sensitive Data Exposed when placing an Orderhttps://rohmadhidayah.medium.com/sensitive-data-exposed-when-placing-an-order-5549baed9186?source=rss------bug_bounty-5Rohmad Hidayahinfosec-write-ups, bug-bounty-tips, info-sec-writeups, bug-bounty08-Mar-2024
BSides Transylvania Is Not A Simple Conference, Is a Training Ground For Your Security Teamhttps://corneacristian.medium.com/bsides-transylvania-is-not-a-simple-conference-is-a-training-ground-for-your-security-team-c41cdf30778f?source=rss------bug_bounty-5Cristian Cornearomania, ethical-hacking, tech, cybersecurity, bug-bounty08-Mar-2024
Server-Side Template Injection (SSTI) ☠️ Deep Divehttps://cyberbull.medium.com/server-side-template-injection-ssti-%EF%B8%8F-deep-dive-512904b8a8ae?source=rss------bug_bounty-5Aditya Pandeyweb-security, security, cybersecurity, bug-bounty, ethical-hacking08-Mar-2024
Bug Bounty Challenge: Day 0/15https://wallotry.medium.com/bug-bounty-challenge-day-0-15-8e88c5b4cc6b?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty08-Mar-2024
0 Click Account Takeover Via reset password weird behaviorhttps://medium.com/@0xSnowmn/0-click-account-takeover-via-reset-password-weird-behavior-026846e5f850?source=rss------bug_bounty-5Snow Marsbug-bounty, bug-bounty-tips, cybersecurity08-Mar-2024
WinRAR 7.0 DLL Hijacking -> Local RCE [0-day]https://medium.com/@boogsta/winrar-7-0-dll-hijacking-local-rce-0-day-6d90765c6601?source=rss------bug_bounty-5Boogstacybersecurity, bug-bounty, hacks, hacking, cyber08-Mar-2024
Usb data recovery — Digital forensics introhttps://medium.com/@Rahulkrishnan_R_Panicker/usb-data-recovery-digital-forensics-intro-0c57337425b5?source=rss------bug_bounty-5Rahulkrishnan R Panickerdigital-forensics, tech, bug-bounty, pentesting, hacking07-Mar-2024
Increasing IMPACT of No Rate Limit on Email Endpoints.https://shubham-srt.medium.com/increasing-impact-of-no-rate-limit-on-email-endpoints-d66cf08dafaf?source=rss------bug_bounty-5Shubham SRTweb-app-security, hacking, cybersecurity, bug-bounty, vapt07-Mar-2024
API Testing for Bug Bounty — Portswigger | 2024https://cyberw1ng.medium.com/api-testing-for-bug-bounty-portswigger-2024-bd8343cc2c10?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, careers, hacking, security07-Mar-2024
Verileri Çıkarmak için NoSQL Enjeksiyonundan Yararlanmahttps://medium.com/@hhuseyinuyar17/verileri-%C3%A7%C4%B1karmak-i%C3%A7in-nosql-enjeksiyonundan-yararlanma-ace89e11bc69?source=rss------bug_bounty-5Hhuseyinuyarbug-bounty, nosql, injection, burpsuite, mongodb07-Mar-2024
Exploring Bug Bounty Programs: An overview and Varietieshttps://medium.com/@lovepatel3223/exploring-bug-bounty-programs-an-overview-and-varieties-6f8539279704?source=rss------bug_bounty-5Prem Patelbug-bounty, bug-bounty-types07-Mar-2024
API Testing for Bug Bounty — Portswigger | 2024https://infosecwriteups.com/api-testing-for-bug-bounty-portswigger-2024-bd8343cc2c10?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, careers, hacking, security07-Mar-2024
How I found Reflected XSS which leads to Account Takeover on an E-commerce websitehttps://medium.com/@npthin1804/how-i-found-reflected-xss-which-leads-to-account-takeover-on-an-e-commerce-website-47200dd631b6?source=rss------bug_bounty-5Npthinbug-bounty, infosec-write-ups, reflected-xss07-Mar-2024
Click, Intercept, Hack: Checkmate on Access Control Vulnerabilityhttps://anasbetis023.medium.com/click-intercept-hack-checkmate-on-access-control-vulnerability-20152a7149e2?source=rss------bug_bounty-5Anas H Hmaidycybersecurity, web-security, ethical-hacking, penetration-testing, bug-bounty07-Mar-2024
XSLeak de-anonymize Facebook user visiting websitehttps://mustafa0x2021.medium.com/xsleak-de-anonymize-facebook-user-visiting-website-8f6c725235e8?source=rss------bug_bounty-5Mustafabug-bounty, meta07-Mar-2024
echo “Hello, World”https://projectpolarbear.com/echo-hello-world-4233c914b944?source=rss------bug_bounty-5Mr. Robots.txtsoc, blue-team, cybersecurity, red-team, bug-bounty07-Mar-2024
Fixing Facebook: A Privacy Issue Ignored?https://medium.com/@mynkpdr/fixing-facebook-a-privacy-issue-ignored-6c048dacc824?source=rss------bug_bounty-5mynkpdrmessenger, bug-bounty-writeup, facebook, bug-bounty, facebook-bug-bounty07-Mar-2024
How to find server security misconfiguration leak data usershttps://medium.com/@sam_0x0/how-to-find-server-security-misconfiguration-leak-data-users-f7a43c008e33?source=rss------bug_bounty-5Eslam Omarbug-bounty, bug-bounty-tips, bugcrowd, bugs, web-pen-testing07-Mar-2024
How to find server security misconfiguration leak data usershttps://systemweakness.com/how-to-find-server-security-misconfiguration-leak-data-users-f7a43c008e33?source=rss------bug_bounty-5Eslam Omarbug-bounty, bug-bounty-tips, bugcrowd, bugs, web-pen-testing07-Mar-2024
How I found Reflected XSS which leads to Account Takeover on an E-commerce websitehttps://medium.com/@npthin1804/how-i-found-reflected-xss-which-leads-to-account-takeover-on-an-e-commerce-website-47200dd631b6?source=rss------bug_bounty-5p00dl3bug-bounty, infosec-write-ups, reflected-xss07-Mar-2024
Bug Bounty - Insecure Deserialization to Reverse Shellhttps://medium.com/@jobaa23/insecure-deserialization-to-reverse-shell-9f007b440d6f?source=rss------bug_bounty-50x4141bug-bounty, remote-code-execution, hacking, bug-hunting, insecure-deserialization07-Mar-2024
Host Header Poison lead to account takeoverhttps://medium.com/@masterhackor22/host-header-poison-lead-to-account-takeover-8c432fb54b29?source=rss------bug_bounty-5master hackorbounty-program, bugs, penetration-testing, cybersecurity, bug-bounty06-Mar-2024
[letsdefend.io] SOC164 — Suspicious Mshta Behaviorhttps://medium.com/@yasminramadini/letsdefend-io-soc164-suspicious-mshta-behavior-36dfa3d74843?source=rss------bug_bounty-5Yasmin Ramadinitryhackme, bug-bounty, indonesia, letsdefendio, ctf-writeup06-Mar-2024
[letsdefend.io] SOC169 — Possible IDOR Attack Detectedhttps://medium.com/@yasminramadini/letsdefend-io-soc169-possible-idor-attack-detected-dda468ceab28?source=rss------bug_bounty-5Yasmin Ramadinictf-writeup, bug-bounty, tryhackme, letsdefendio, indonesia06-Mar-2024
[letsdefend.io] SOC168 — Whoami Command Detected in Request Bodyhttps://medium.com/@yasminramadini/letsdefend-io-soc168-whoami-command-detected-in-request-body-c4813fab47e4?source=rss------bug_bounty-5Yasmin Ramadinibug-bounty, tryhackme, indonesia, letsdefendio, ctf-writeup06-Mar-2024
[Letsdefend.io] SOC170 — Passwd Found in Requested URL — Possible LFI Attackhttps://medium.com/@yasminramadini/letsdefend-io-soc170-passwd-found-in-requested-url-possible-lfi-attack-1828c436e703?source=rss------bug_bounty-5Yasmin Ramadiniletsdefendio, bug-bounty, tryhackme, ctf-writeup, indonesia06-Mar-2024
Apa Itu Kriptografi? Enkripsi, Encoding, Dan Hashinghttps://medium.com/@yasminramadini/apa-itu-kriptografi-enkripsi-encoding-dan-hashing-ddb39d69eb93?source=rss------bug_bounty-5Yasmin Ramadinipentesting, tryhackme, indonesia, cybersecurity, bug-bounty06-Mar-2024
How i bypassed input limitations to get Admin ATOhttps://medium.com/@0x3adly/how-i-bypassed-input-limit-to-get-admin-ato-f2d56f40f505?source=rss------bug_bounty-5Anas Eladly ( 0x3adly )cybersecurity, web-penetration-testing, xss-attack, bug-bounty, bug-bounty-tips06-Mar-2024
Microsoft Exchange Server Remote Code Execution Vulnerabilityhttps://medium.com/@ryuzakiryuga31/microsoft-exchange-server-remote-code-execution-vulnerability-89354c6e6586?source=rss------bug_bounty-5R09shbug-bounty, blackhat, rce-vulnerability, cybersecurity, cyberattack06-Mar-2024
At age of 18, How I got first “Future” Job Offer from Korean MNC through bug bountieshttps://medium.com/@manan_sanghvi/at-age-of-18-how-i-got-first-future-job-offer-from-korean-mnc-through-bug-bounties-2cfb7d4a9e8c?source=rss------bug_bounty-5Manan Sanghviethical-hacking, cybersecurity, bug-bounty, penetration-testing, job-offer06-Mar-2024
Vulnerable WordPress February 2024 (Jushin Castle)https://medium.com/@onhexgroup/vulnerable-wordpress-february-2024-jushin-castle-340990bdb9fb?source=rss------bug_bounty-5Onhexgroupbug-bounty, cybersecurity, security, infosec, wordpress06-Mar-2024
Data Lake introduces the second bug bounty campaign of its patients recruitment Applicationhttps://datalaketoken.medium.com/data-lake-introduces-the-second-bug-bounty-campaign-of-its-patients-recruitment-application-88be6e0399a4?source=rss------bug_bounty-5Data Lakebug-bounty, medical-data, research, data-lake, desci06-Mar-2024
How I Passed eWPTX v2 Exam Without Coursewarehttps://medium.com/@adityasawant00/how-i-passed-ewptx-v2-exam-without-courseware-1711edd7fb32?source=rss------bug_bounty-5Aditya Sawanthacking, penetration-testing, certification, bug-bounty, security06-Mar-2024
12.4 Lab: Exploiting NoSQL operator injection to extract unknown fields | 2024https://infosecwriteups.com/12-4-lab-exploiting-nosql-operator-injection-to-extract-unknown-fields-2024-866996b9fff2?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, hacking, careers, penetration-testing06-Mar-2024
Upload Backdoor in profile picture and OTP Bypasshttps://medium.com/@sahilkushwaha275/upload-backdoor-in-profile-picture-and-otp-bypass-3c2e2e18fbbb?source=rss------bug_bounty-5S33NUbug-bounty, technology, bug-hunting, bounty-program, programming06-Mar-2024
Story of Lock up users’ account by DOS attack cost $1,100https://m7arm4n.medium.com/story-of-lock-up-users-account-by-dos-attack-cost-1-100-87b47d06a7c1?source=rss------bug_bounty-5M7arm4nhacker, hacking, bug-bounty, security, bug-bounty-tips06-Mar-2024
Uncovering Host Header Injection Vulnerabilities in 5 Apex Domain Hostshttps://javroot.medium.com/uncovering-host-header-injection-vulnerabilities-in-5-apex-domain-hosts-c45f79e82862?source=rss------bug_bounty-5Javroothosting, bug-hunting, hacking, white-hat-hacker, bug-bounty05-Mar-2024
Bug-Bounty Beginning (Day-1)https://medium.com/@bv1459/bug-bounty-beginning-day-1-bc5fa649ff45?source=rss------bug_bounty-5Bala Prasanna Gopal Volisettybug-bounty, kali-linux, hacking-tools, hacking05-Mar-2024
XXEs are lurking in unexpected places and you'll find these vulnerabilities almost everywherehttps://medium.com/@securelearn/xxes-are-lurking-in-unexpected-places-and-youll-find-these-vulnerabilities-almost-everywhere-aefeef9d7cbb?source=rss------bug_bounty-5Rohan Giribug-bounty-tips, web-vulnerabilities, bug-bounty05-Mar-2024
How I Found Multiple XSS Vulnerabilities Using Unknown Techniqueshttps://infosecwriteups.com/how-i-found-multiple-xss-vulnerabilities-using-unknown-techniques-74f8e705ea0d?source=rss------bug_bounty-5Khaledyassenxss-attack, hacking, bug-bounty, bug-bounty-tips, cybersecurity05-Mar-2024
Tips Melakukan Analisa Email Phishinghttps://medium.com/@yasminramadini/tips-melakukan-analisa-email-phishing-e4d8f5b4bed6?source=rss------bug_bounty-5Yasmin Ramadinicybersecurity, indonesia, soc-analyst, tryhackme, bug-bounty05-Mar-2024
12.3 Lab: Exploiting NoSQL injection to extract data | 2024https://infosecwriteups.com/12-3-lab-exploiting-nosql-injection-to-extract-data-2024-ca9896a3c964?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, cybersecurity, security05-Mar-2024
Apa Itu OSI Model? Protokol Dan Enkapsulasi Tiap Layernyahttps://medium.com/@yasminramadini/apa-itu-osi-model-protokol-dan-enkapsulasi-tiap-layernya-6faa7a0e8bbb?source=rss------bug_bounty-5Yasmin Ramadinisoc-analyst, tryhackme, cybersecurity, indonesia, bug-bounty05-Mar-2024
Apa Itu TCP, UDP, Dan Three-way Handshhttps://medium.com/@yasminramadini/apa-itu-tcp-udp-dan-three-way-handsh-03edaf55c42d?source=rss------bug_bounty-5Yasmin Ramadinisoc-analyst, bug-bounty, cybersecurity, indonesia, tryhackme05-Mar-2024
Road Map to Bug Bounty: A Beginner’s Guidehttps://bjamali.medium.com/road-map-to-bug-bounty-a-beginners-guide-bd14b44e174b?source=rss------bug_bounty-5Babar Ali Jamaliinformation-security, cyber, hacking, cybersecurity, bug-bounty05-Mar-2024
5 Tips GoogleDocks you should know — Bug Bounty Tuesdayhttps://medium.com/@kerstan/5-tips-googledocks-you-should-know-bug-bounty-tuesday-49007026903f?source=rss------bug_bounty-5kerstantechnology, cybersecurity, bug-bounty, programming, security5-Mar-2024
#9.TryHackMe Series writeups-LazyAdminhttps://cyb3rmind.medium.com/9-tryhackme-series-writeups-lazyadmin-7712917a2333?source=rss------bug_bounty-5Cyb3r M!ndwalkthrough, lazy-admin, tryhackme-writeup, tryhackme, bug-bounty05-Mar-2024
Unauthorized access to Facebook creator’s professional dashboardhttps://gtm0x01.medium.com/unauthorized-access-to-facebook-creators-professional-dashboard-e35d98644258?source=rss------bug_bounty-5Gtm Mänôzfacebook, medium, graphql, bug-bounty, writeup05-Mar-2024
My Recon Methodology (ep 1)https://realm3ter.medium.com/my-recon-methodology-ep-1-bc9e6fd660ad?source=rss------bug_bounty-5Muhammad Materbug-bounty, recon, osint05-Mar-2024
Knock, Knock. Who’s there? SSRF! SSRF who? Redirect SSRF!https://atemporalzen.medium.com/knock-knock-whos-there-ssrf-ssrf-who-redirect-ssrf-449f5d18c5a7?source=rss------bug_bounty-5atemporalzenbug-bounty, cybersecurity, hacking, ssrf05-Mar-2024
Payload will after youhttps://medium.com/@isuk4/payload-will-after-you-3e16eaa17517?source=rss------bug_bounty-5Isuka sanujsql-injection, second-order-attack, pentesting, web-app-exploits, bug-bounty05-Mar-2024
HTTP Request Smuggling: WWWWWH?https://medium.com/@rcxsecurity/http-request-smuggling-wwwwwh-85be9c46a38e?source=rss------bug_bounty-5RCXSecuritycybersecurity, pentesting, bug-bounty-tips, bug-bounty, application-security05-Mar-2024
The Danger of PHP Eval():https://medium.com/@pkhuyar/the-danger-of-php-eval-a23410187ca2?source=rss------bug_bounty-5Prashant Roybug-bounty, php, cybersecurity, penetration-testing, ctf05-Mar-2024
Hacking the UK government ( FULL database access )https://ahmadmansourr.medium.com/hacking-the-uk-government-full-database-access-496a94e6cc9c?source=rss------bug_bounty-5Ahmad Mansourcomputer-science, bug-bounty, hacking, pentesting, cybersecurity05-Mar-2024
BAC Leads To Full Takeover Of Any Organisationhttps://medium.com/@ismailsaid1603/bac-leads-to-full-takeover-of-any-organisation-0fc21cf4cb5e?source=rss------bug_bounty-5Esmail Saiedbug-bounty, broken-access-control, idor, bugcrowd, cybersecurity05-Mar-2024
Information Disclosure — Instructor’s Email Address leaked in Responsehttps://rohmadhidayah.medium.com/information-disclosure-instructors-email-address-leaked-in-response-1737551d5a8b?source=rss------bug_bounty-5Rohmad Hidayahinfo-sec-writeups, bug-bounty-tips, bug-bounty, information-disclosure, infosec-write-ups04-Mar-2024
OTP Bypass Via Response Manipulationhttps://medium.com/@maratherao93/otp-bypass-via-response-manipulation-e55352c5c419?source=rss------bug_bounty-5Marathe Raobug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup04-Mar-2024
the Intricacies of WiFi Hackinghttps://medium.com/@paritoshblogs/the-intricacies-of-wifi-hacking-76c404240111?source=rss------bug_bounty-5Paritoshbug-bounty, cybersecurity, hacking, wifi, programming04-Mar-2024
Apa Itu Cyber Kill Chain Dalam Cyber Securityhttps://medium.com/@yasminramadini/apa-itu-cyber-kill-chain-dalam-cyber-security-5e993233615c?source=rss------bug_bounty-5Yasmin Ramadinitryhackme, soc-analyst, indonesia, bug-bounty, cybersecurity04-Mar-2024
Apa Itu Pyramid Of Pain Dalam Cyber Securityhttps://medium.com/@yasminramadini/apa-itu-pyramid-of-pain-dalam-cyber-security-7e08932e8ed9?source=rss------bug_bounty-5Yasmin Ramadinitryhackme, indonesia, bug-bounty, cybersecurity, soc-analyst04-Mar-2024
It assignment helper https://www.fiverr.com/s/QAR93yhttps://medium.com/@drugdirectory96/it-assignment-helper-https-www-fiverr-com-s-qar93y-30e688ba78e9?source=rss------bug_bounty-5Masud Ranajavascript, money, bug-bounty, software-development, bug-bounty-tips04-Mar-2024
My Report Summaries #1: Project manager can see & download all users’ login history at redacted app…https://infosecwriteups.com/my-report-summaries-1-project-manager-can-see-download-all-users-login-history-at-redacted-app-6a41597b5d11?source=rss------bug_bounty-5can1337infosec, bug-bounty, idor, cybersecurity04-Mar-2024
Come diventare un hacker nel 2024https://medium.com/@d0lf1_/come-diventare-un-hacker-nel-2024-493c8c0ced9a?source=rss------bug_bounty-5d0lf1italiano, penetration-testing, google, bug-bounty, hacking04-Mar-2024
11.8 Lab: Exploiting XXE via image file upload | 2024https://cyberw1ng.medium.com/11-8-lab-exploiting-xxe-via-image-file-upload-2024-e2840c3b85f3?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, penetration-testing04-Mar-2024
Simple vulnerability in a Cyber Security conferencehttps://medium.com/@jsamia/simple-vulnerability-in-a-cyber-security-conference-c06a53c6e4b7?source=rss------bug_bounty-5Jaeden Samiasecurity, ethical-hacking, bugs, bug-bounty04-Mar-2024
The Ethics of Bug Bounties: Balancing Incentives and Securityhttps://medium.com/@securelearn/the-ethics-of-bug-bounties-balancing-incentives-and-security-7501a4aaa246?source=rss------bug_bounty-5Rohan Giribug-fixes, bug-bounty-tips, ethical-hacking, cybersecurity, bug-bounty03-Mar-2024
Recently Discovered Several Bugs in a Private Programhttps://zapstiko.medium.com/recently-discovered-several-bugs-in-a-private-program-8dc900bf6fe9?source=rss------bug_bounty-5Raihan Biswasbug-bounty, bugs, idor-vulnerability, information-disclosure, bug-bounty-tips03-Mar-2024
Google Dorking aka “Google Hacking”https://medium.com/@dasmanish6176/google-dorking-aka-google-hacking-49fb5a511345?source=rss------bug_bounty-5Dasmanishgoogle-dork, google-hacking, penetration-testing, bug-bounty03-Mar-2024
PHP Session Poisoning using LFI.https://medium.com/@YNS21/php-session-poisoning-using-lfi-36d7df012777?source=rss------bug_bounty-5Youness Abbidahackerone, bug-bounty, bugcrowd, php, vulnerability03-Mar-2024
Discovered potential SQL injection through parameter testinghttps://medium.com/@pankajnandkar/discovered-potential-sql-injection-through-parameter-testing-0be4364d9b7a?source=rss------bug_bounty-5Pankaj Nandkarbug-bounty-tips, ethical-hacking, sql-injection, bug-bounty, cybersecurity03-Mar-2024
11.7 Lab: Exploiting XInclude to retrieve files | 2024https://cyberw1ng.medium.com/11-7-lab-exploiting-xinclude-to-retrieve-files-2024-2f7751d777fa?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, hacking, cybersecurity03-Mar-2024
Sneak Peek: Mastering Blind SQL Injection with SQLMap and Manual Techniques (CVE-2023–6063)https://medium.com/@josh.beck2006/sneak-peek-mastering-blind-sql-injection-with-sqlmap-and-manual-techniques-cve-2023-6063-af904f61f822?source=rss------bug_bounty-5Josh Beckpenetration-testing, cybersecurity, bug-bounty, oscp03-Mar-2024
Magic Links as Gateways Account Takeovershttps://sl4x0.medium.com/magic-links-as-gateways-account-takeovers-e9c911ceb6f9?source=rss------bug_bounty-5Abdelrhman Allam (sl4x0)magic-link, account-takeover, bug-bounty, web-security, pentesting03-Mar-2024
HBO BUB in production. Can’t UNsubscribehttps://medium.com/@shanlogauthier/hbo-bub-in-production-cant-unsubscribe-b0b3982d2292?source=rss------bug_bounty-5Shanlogauthierbug-bounty, max, hbo-max, hbo, bugs03-Mar-2024
Exploiting Grafana To achieve Remote Command Executionhttps://medium.com/@konqi/exploiting-grafana-to-achieve-remote-command-execution-5eb0f99cb107?source=rss------bug_bounty-5Vahagn Israelianhacking, bug-bounty, vulnerability, penetration-testing, grafana02-Mar-2024
the Power of Twitter OSINThttps://medium.com/@paritoshblogs/the-power-of-twitter-osint-059cfaa3b0e2?source=rss------bug_bounty-5Paritoshtwitter, cybersecurity, bug-bounty, threat-intelligence, hacking02-Mar-2024
https://medium.com/@morganbinbash/-46d5d16114c8?source=rss------bug_bounty-5Morgan Bin Bashfrontend, cybersecurity, bug-bounty, pentesting02-Mar-2024
the Power of Twitter OSINThttps://infosecwriteups.com/the-power-of-twitter-osint-059cfaa3b0e2?source=rss------bug_bounty-5Paritoshtwitter, cybersecurity, bug-bounty, threat-intelligence, hacking02-Mar-2024
My first IDOR hunting storyhttps://medium.com/@loverslandgandhi/my-first-idor-hunting-story-42c71fbe06dc?source=rss------bug_bounty-5Loverslandgandhiethical-hacking, bug-bounty-hunter, bug-bounty-tips, cybersecurity, bug-bounty02-Mar-2024
How I Got Highly Sensetive Api Keys On A Private Hackerone Programhttps://medium.com/@mrraghavop12/how-i-got-highly-sensetive-api-keys-on-a-private-hackerone-program-b40c6de80708?source=rss------bug_bounty-5Ethical Raghavcybersecurity, data-science, bug-bounty, technology, web-development02-Mar-2024
Unveiling the Secrets: SSRF Adventures in Microsoft’s AI Playgroundhttps://medium.com/@soufianehabti/unveiling-the-secrets-ssrf-adventures-in-microsofts-ai-playground-26c7872b32fc?source=rss------bug_bounty-5Soufiane Habtibug-bounty, microsoft, security, ai, artificial-intelligence02-Mar-2024
Bypassing the Bluecoat Unified Agenthttps://medium.com/@0xSphinx/bypassing-the-bluecoat-unified-agent-36ada54fe789?source=rss------bug_bounty-50xSphinxhacking, penetration-testing, security, bug-bounty, cybersecurity02-Mar-2024
What is RedTeaming ?https://aboutjbr.medium.com/what-is-redteaming-8699650f4265?source=rss------bug_bounty-5Jbrethical-hacking, bug-bounty, red-team, cybersecurity, hacking02-Mar-2024
bersecurity11.6 Lab: Exploiting blind XXE to retrieve data via error messages | 2024https://cyberw1ng.medium.com/bersecurity11-6-lab-exploiting-blind-xxe-to-retrieve-data-via-error-messages-2024-4b7f1340195a?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, cybersecurity, careers02-Mar-2024
How to hack a LTE Router? Just text it!https://medium.com/@mateusz-msl-lach/how-to-hack-a-lte-router-just-text-it-847f526c0a7f?source=rss------bug_bounty-5Mateusz Lachxss-attack, cybersecurity, cve, bug-bounty, zte02-Mar-2024
My first IDOR hunting storyhttps://hackergandhi.medium.com/my-first-idor-hunting-story-42c71fbe06dc?source=rss------bug_bounty-5hackergandhiethical-hacking, bug-bounty-hunter, bug-bounty-tips, cybersecurity, bug-bounty02-Mar-2024
XML Injection: Deep Divehttps://cyberbull.medium.com/xml-injection-deep-dive-2e6e7132732d?source=rss------bug_bounty-5Aditya Pandeyxml, bug-fixes, injection, bug-bounty, cybersecurity01-Mar-2024
$600 Simple MFA Bypass — Graphqlhttps://securitycipher.medium.com/600-simple-mfa-bypass-graphql-b46c6a4c5b82?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)security, cybersecurity, bug-bounty, technology, hacking01-Mar-2024
XSS : A Fight With The WAFhttps://medium.com/@itsmeliodas/xss-a-fight-with-the-waf-a08a4fc6012c?source=rss------bug_bounty-5Meliodascybersecurity, xss-attack, bug-bounty01-Mar-2024
Understanding Cybersecurity: Safeguarding the Digital Realmhttps://medium.com/@thirdeye1910/understanding-cybersecurity-safeguarding-the-digital-realm-8b36c55bec61?source=rss------bug_bounty-5Rajib Hassenbug-bounty, ethereum, cyberattack, cybersecurity01-Mar-2024
11.5 Lab: Exploiting blind XXE to exfiltrate data using a malicious external DTD | 2024https://infosecwriteups.com/11-5-lab-exploiting-blind-xxe-to-exfiltrate-data-using-a-malicious-external-dtd-2024-a0cc2615cd5e?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, cybersecurity, hacking, security01-Mar-2024
Retrieving SUI Wallet Passphrase and Private Key without Passwordhttps://medium.com/@mgthuramoemyint/retrieving-sui-wallet-passphrase-and-private-key-without-password-8c7ae9d30033?source=rss------bug_bounty-5Thura Moe Myintbug-bounty, security01-Mar-2024
Medium Bug Bounty on Hacker One — Broken Linkhttps://medium.com/bugs-that-bite/medium-bug-bounty-on-hacker-one-broken-link-b121c8896843?source=rss------bug_bounty-5Teri Radichelsecurity, bug-bounty, bugs, medium, hackerone29-Feb-2024
Critical vulnerability in Flask AppBuilder — CVE-2024–25128https://systemweakness.com/critical-vulnerability-in-flask-appbuilder-cve-2024-25128-a8693fb31d86?source=rss------bug_bounty-5ElNiakvulnerability, cybersecurity, flask, bug-bounty, python29-Feb-2024
Version disclosure in headers and response : Security threathttps://medium.com/@zakeeandroid/version-disclosure-in-headers-and-response-security-threat-0b4e86272018?source=rss------bug_bounty-5Mohamed Zakeeapplication-security, bug-bounty, cybersecurity29-Feb-2024
Stored XSS on Bug Bounty Programhttps://medium.com/@bry4nzheng/stored-xss-on-bug-bounty-program-092d6c262c1b?source=rss------bug_bounty-5Bryan Zhengpenetration-testing, cybersecurity, bug-bounty29-Feb-2024
Simple Tips for Bug Bounty Beginners: Finding API Key Leakage Vulnerabilitieshttps://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-api-key-leakage-vulnerabilities-eddc416216ce?source=rss------bug_bounty-5Anish Narayanbug-bounty-writeup, secure-api-key, bug-bounty-tips, bug-bounty-hunting, bug-bounty29-Feb-2024
How to Excel at CTF Games with Linux Command Line Toolshttps://dpericich.medium.com/how-to-excel-at-ctf-games-with-linux-command-line-tools-a68fba09cbfa?source=rss------bug_bounty-5Daniel Pericichcybersecurity, linux, terminal, bug-bounty, software-engineering29-Feb-2024
How do I found Blind SSRF on a Hackerone Programhttps://codingninjablogs.tech/how-do-i-found-blind-ssrf-on-a-hackerone-program-3f7c315c20c9?source=rss------bug_bounty-5#!/Subhankarcve, hacking, bug-bounty, ssrf, hackerone29-Feb-2024
Horizontal Privilege Escalation Leads to Bountyhttps://medium.com/@hellother18/horizontal-privilege-escalation-leads-to-bounty-f87aebbed8ab?source=rss------bug_bounty-5Manthan_ mahalebugbounty-tips, hackerone, bounty-program, privilege-escalation, bug-bounty29-Feb-2024
11.4 Lab: Blind XXE with out-of-band interaction via XML parameter entities | 2024https://infosecwriteups.com/11-4-lab-blind-xxe-with-out-of-band-interaction-via-xml-parameter-entities-2024-14fbb40ba2f0?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, penetration-testing, cybersecurity, hacking29-Feb-2024
SQL Injection: Beyond ‘OR 1=1’. An iCSI CTFhttps://medium.com/@josh.beck2006/sql-injection-beyond-or-1-1-an-icsi-ctf-b468b1dfa851?source=rss------bug_bounty-5Josh Beckcybersecurity, oscp, bug-bounty, ctf-writeup29-Feb-2024
Authentication Bypass Using Response Manipulationhttps://medium.com/@kundanp70559361/authentication-bypass-using-response-manipulation-c95969e787a8?source=rss------bug_bounty-5kundan prasadscience, cyber-security-awareness, hacking, bug-bounty, cybersecurity29-Feb-2024
Maximizing Bug Bounty Earnings with Burp Suite: Essential Tools and Plugins.https://medium.com/@montymahapatra79/maximizing-bug-bounty-earnings-with-burp-suite-essential-tools-and-plugins-84468c5d969d?source=rss------bug_bounty-5Montymahapatraburpsuite-profissional, burpsuite, bug-bounty, burpsuite-extension, bug-bounty-tips29-Feb-2024
First Bug Bountyhttps://medium.com/@tom.sh/first-bug-bounty-ba6088fc2615?source=rss------bug_bounty-5Tomcybersecurity, bugcrowd, hackerone, bug-bounty, hacking29-Feb-2024
How to find your first XSS vulnerability!!!https://medium.com/@basti_Sec/how-to-find-your-first-xss-vulnerability-a35cb69b2f56?source=rss------bug_bounty-5Basti_Secbug-bounty-hunter, xss-vulnerability, hacking, bug-bounty, xss-attack29-Feb-2024
The Reality of Cloud Hackinghttps://medium.com/@paritoshblogs/the-reality-of-cloud-hacking-8a061059dfcc?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, cloud-computing, cloud-hacking, hacking28-Feb-2024
Email verification bypass leads to create unlimited user accounts with what ever email idhttps://medium.com/@Rahulkrishnan_R_Panicker/email-verification-bypass-leads-to-create-unlimited-user-accounts-with-what-ever-email-id-68a2069185e4?source=rss------bug_bounty-5Rahulkrishnan R Panickertechnology, cybersecurity, hacking, bug-bounty, programming28-Feb-2024
symfony profiler kritik təhlükəsizlik açığı $$$https://memmedrehimzade.medium.com/symfony-profiler-kritik-t%C9%99hl%C3%BCk%C9%99sizlik-a%C3%A7%C4%B1%C4%9F%C4%B1-622ae6495fef?source=rss------bug_bounty-5memmed rehimzadekibertəhlükəsizlik, bug-bounty, cybertime28-Feb-2024
Microsoft Azure Cloud Service’s uAMQP Library Flaw and Its Potential for RCE — CVE-2024–27099…https://medium.com/@elniak/microsoft-azure-cloud-services-uamqp-library-flaw-and-its-potential-for-rce-cve-2024-27099-3d717cdb45f3?source=rss------bug_bounty-5ElNiakvulnerability, bug-bounty, cloud, azure, cybersecurity28-Feb-2024
https://medium.com/@morganbinbash/-af057d8d6788?source=rss------bug_bounty-5Morgan Bin Bashcybersecurity, pentesting, bug-bounty28-Feb-2024
Revolutionize Your Bug Hunting: Jam.dev Turbocharges Bug Reportinghttps://medium.com/@merisstupar11/revolutionize-your-bug-hunting-jam-dev-turbocharges-bug-reporting-2df14351766f?source=rss------bug_bounty-5Meris Stuparbug-bounty, programming, testing, software-engineering, github28-Feb-2024
How do I automate my recon — Part Twohttps://medium.com/@aliraah/how-do-i-automate-my-recon-part-two-b39a66b4c23d?source=rss------bug_bounty-5Aliraahpython, bug-bounty, automation, infosec, reconnaissance28-Feb-2024
Pre-Account Takeover Leading To Broken Access Controlhttps://medium.com/@bcarikci-dev/pre-account-takeover-leading-to-broken-access-control-13916ca02483?source=rss------bug_bounty-5Berkay Çarıkçıoğlubroken-access-control, bug-bounty, cybersecurity, hacking, penetration-testing28-Feb-2024
cybers11.3 Lab: Blind XXE with out-of-band interaction | 2024https://infosecwriteups.com/cybers11-3-lab-blind-xxe-with-out-of-band-interaction-2024-9f2f5caf98ad?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, cybersecurity, penetration-testing, hacking28-Feb-2024
[TOOL GUIDE] Bypass-http a python tool to find 403 & 401 bypasshttps://medium.com/@reinhardt.pwn/tool-guide-bypass-http-a-python-tool-to-find-403-401-bypass-b46ff0bd6978?source=rss------bug_bounty-5|Reinhardt|cybersecurity-tools, cybersecurity, pentest, bug-bounty28-Feb-2024
Yerel bir DTD’yi yeniden kullanarak kör XXE’den yararlanmahttps://medium.com/@hhuseyinuyar17/yerel-bir-dtdyi-yeniden-kullanarak-k%C3%B6r-xxe-den-yararlanma-f999fbbfdd0a?source=rss------bug_bounty-5Hhuseyinuyarxml, burpsuite, injection, bug-bounty, xxe28-Feb-2024
how i make 6,000$ with jwt manipulation on web3 crypto application ?https://medium.com/@zack0x01_/how-i-make-6-000-with-jwt-manipulation-on-web3-crypto-application-1e659c927647?source=rss------bug_bounty-5zack0x01bug-bounty-program, bug-bounty, bug-bounty-tips, bug-bounty-writeup28-Feb-2024
Hack Stories: Hacking Hackers EP:2https://infosecwriteups.com/hack-stories-hacking-hackers-ep-2-b4d2e628781e?source=rss------bug_bounty-5c0d3x27cybersecurity, threat-intelligence, hacking, software-development, bug-bounty28-Feb-2024
First bug and bountyhttps://medium.com/@Rahulkrishnan_R_Panicker/first-bug-and-bounty-5612ba5d455e?source=rss------bug_bounty-5Rahulkrishnan R Panickerinfo-sec-writeups, bug-bounty, programming, technology, infosec27-Feb-2024
Jenkins Arbitrary File Reading Vulnerability (CVE-2024–23897) — Bug Bounty Tuesdayhttps://medium.com/@kerstan/jenkins-arbitrary-file-reading-vulnerability-cve-2024-23897-bug-bounty-tuesday-8e3a69443d9b?source=rss------bug_bounty-5kerstantechnology, bug-bounty, security, cybersecurity, programming27-Feb-2024
Bug Bounty should be a goto solution for your web3 security needshttps://securrtech.medium.com/bug-bounty-should-be-a-goto-solution-for-your-web3-security-needs-46b0f07b1a96?source=rss------bug_bounty-5Securrweb3-security, bug-bounty, web327-Feb-2024
Leak JWT Private Key leads to Bypass Authenticationhttps://sonnguy3n.medium.com/leak-jwt-private-key-leads-to-bypass-authentication-e0bd984f55ad?source=rss------bug_bounty-5Son Nguyensecurity, bypass, bug-bounty, jwt-token27-Feb-2024
Finding and exploiting blind XXE vulnerabilitieshttps://cyberw1ng.medium.com/finding-and-exploiting-blind-xxe-vulnerabilities-446f1f41eab9?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, penetration-testing, careers, bug-bounty27-Feb-2024
Reconnaissance: A Google-Dorking Affairhttps://medium.com/@kieran.x.willey/reconnaissance-a-google-dorking-affair-21edfb4e3b0f?source=rss------bug_bounty-5Kieran Wpenetration-testing, bug-bounty, reconnaissance, hacking, google-dorking27-Feb-2024
How do you know if someone has opened your email or not?https://medium.com/@deadoverflow/how-do-you-know-if-someone-has-opened-your-email-or-not-c5bcefda3a89?source=rss------bug_bounty-5Imad Husanovicbug-bounty, chrome-extension, hacking, programming, cybersecurity27-Feb-2024
Read This If You Still Watch Porn in Google Incognito Mode ⚫https://medium.com/@Ajakcybersecurity/read-this-if-you-still-watch-porn-in-google-incognito-mode-ab4a5faa1dcc?source=rss------bug_bounty-5AjakCybersecuritygoogle, history, ethical-hacking, bug-bounty, cybersecurity27-Feb-2024
CVE-2023–40000: How Safe Is Your Internet Box? ️https://medium.com/coded-tech-talk/cve-2023-40000-how-safe-is-your-internet-box-%EF%B8%8F-06ff1f872f7b?source=rss------bug_bounty-5Coded Conversationscyber-security-awareness, cve, vulnerability, cybersecurity, bug-bounty27-Feb-2024
The Exploitation of Massive Slack Workspaces Registration Vulnerabilityhttps://medium.com/@siratsami71/the-exploitation-of-massive-slack-workspaces-registration-vulnerability-0c0e76e5cd3e?source=rss------bug_bounty-5Sirat Sami (analyz3r)bug-bounty, cybersecurity, hackerone27-Feb-2024
Major Security Flaw in ConnectWise ScreenConnect — CVE-2024–1709https://medium.com/@elniak/major-security-flaw-in-connectwise-screenconnect-cve-2024-1709-633015ba2b9f?source=rss------bug_bounty-5ElNiakcve, cybersecurity, ransomware, bug-bounty, penetration-testing26-Feb-2024
Pwn College — Talking to Web Walkthrough by Karthikeyan Nagarajhttps://infosecwriteups.com/pwn-college-talking-to-web-walkthrough-by-karthikeyan-nagaraj-48d13b3a1216?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, hacking, security, careers26-Feb-2024
This is How I Received My Acknowledgement from Microsofthttps://medium.com/@kamilrahman32/this-is-how-i-received-my-acknowledgement-from-microsoft-2366b58cbd98?source=rss------bug_bounty-5Kamil Rahumanmicrosoft, cybersecurity, hall-of-fame, bug-bounty, bug-bounty-tips26-Feb-2024
Hunting for Hidden Parameters in Burp Suitehttps://medium.com/mii-cybersec/hunting-for-hidden-parameters-in-burp-suite-98b54616f863?source=rss------bug_bounty-5Bryan Matthewhidden-parameters, bug-bounty, burpsuite, red-team, owasp26-Feb-2024
Lakshya CTF 2k24 by pict cyber cellhttps://medium.com/@suyogpatil1810/lakshya-ctf-2k24-by-pict-cyber-cell-6ec37ec0b954?source=rss------bug_bounty-5Suyog Patilctf-writeup, bug-bounty, ctf, engineering, hacking26-Feb-2024
How I Found Xss In A Inactive Hackerone Program With My Mobilehttps://medium.com/@mrraghavop12/how-i-found-xss-in-a-inactive-hackerone-program-34464552256e?source=rss------bug_bounty-5Ethical Raghavbug-bounty-tips, technology, blockchain, bug-bounty, cybersecurity26-Feb-2024
Glider: Revolutionizing Web3 Auditing and Security Analysishttps://medium.com/coinmonks/glider-revolutionizing-web3-auditing-and-security-analysis-3a3ad6add87d?source=rss------bug_bounty-5Officer's Notesbug-bounty, solidity, smart-contracts, dapps, blockchain26-Feb-2024
Hacking Android Apps With Fridahttps://blog.prodefense.io/hacking-android-apps-with-frida-f4b9121228b6?source=rss------bug_bounty-5Matthew Keeleysecurity, pentesting, bug-bounty, android, hacking26-Feb-2024
Html-Injection [ Bug Bounty ]https://medium.com/@rhashibur75/html-injection-bug-bounty-a41f87217118?source=rss------bug_bounty-5Kazi Hashibur Rahmanbug-bounty25-Feb-2024
Create Your Own File Extensionhttps://medium.com/@paritoshblogs/create-your-own-file-extension-fa484c677590?source=rss------bug_bounty-5Paritoshcoding, file-extension, bug-bounty, programming, information-technology25-Feb-2024
Business Logic Error in the Comment Section of a Porn sitehttps://medium.com/@vflexo/business-logic-error-in-the-comment-section-of-a-porn-site-42643f66dfee?source=rss------bug_bounty-5vFlexovapt, cybersecurity, ethical-hacking, bug-bounty, penetration-testing25-Feb-2024
CRLF injectionhttps://medium.com/@R00tendo/crlf-injection-ae26521c5e4c?source=rss------bug_bounty-5R00tendoweb-application-security, bug-bounty, web-security, crlf-injection25-Feb-2024
The Story of How I Hacked a Website with a Simple Stored XSS Payload (And How Bugcrowd Turned Me…https://medium.com/@iamrizwanvp/the-story-of-how-i-hacked-a-website-with-a-simple-stored-xss-payload-and-how-bugcrowd-turned-me-63773d5906ff?source=rss------bug_bounty-5RIZWANbug-bounty-tips, cybersecurity, bug-bounty, penetration-testing, vulnerability25-Feb-2024
I took over 10 Million Accounts, Easy API Hackinghttps://infosecwriteups.com/i-took-over-10-million-accounts-easy-api-hacking-89a7092abe40?source=rss------bug_bounty-5Ravaanbug-bounty, bug-bounty-writeup, api, hacking, cybersecurity25-Feb-2024
Beyond the Wall: Bypassing OTP, WAF, and 403 for exploiting a SQL Injectionhttps://medium.com/@remmy9/beyond-the-wall-bypassing-otp-waf-and-403-for-exploiting-a-sql-injection-97f06a3527c0?source=rss------bug_bounty-5Remmyhacking, 403-bypass, bug-bounty, waf-bypass, sql-injection25-Feb-2024
10.5 Lab: Blind SSRF with out-of-band detection | 2024https://cyberw1ng.medium.com/10-5-lab-blind-ssrf-with-out-of-band-detection-2024-2497bcf7859c?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, bug-bounty, security, careers25-Feb-2024
The Aspida Bug Bounty Programhttps://medium.com/@aspidabd/the-aspida-bug-bounty-program-84e4495955c1?source=rss------bug_bounty-5Aspidalsd, lsdfi, blockchain, staking, bug-bounty24-Feb-2024
Best Approach to active Directory: 2https://medium.com/@anekantsinghai/best-approach-to-active-directory-2-b32a8bb2be7e?source=rss------bug_bounty-5Anekant Singhai Jainpenetration-testing, windows, bug-bounty, cybersecurity, active-directory24-Feb-2024
Explaining and exploiting open redirect vulnerabilitieshttps://medium.com/@R00tendo/explaining-and-exploiting-open-redirect-vulnerabilities-67dd825e2c49?source=rss------bug_bounty-5R00tendoopen-redirect, web-security, bug-bounty, web-application-security, web-hacking24-Feb-2024
How I Got $5,000 for Out-of-Scope XSShttps://7odamoo.medium.com/how-i-got-5-000-for-out-of-scope-xss-f96938a8c561?source=rss------bug_bounty-5Mahmoud Hamed (7odamoo)bug-bounty-tips, bug-bounty, pentesting24-Feb-2024
Ethernaut Challenge Level 16: Solution (Preservation)https://shubhamnagar1.medium.com/ethernaut-challenge-level-16-solution-preservation-4403230b469c?source=rss------bug_bounty-5Shubham Nagarsolidity, blockchain, cybersecurity, bug-bounty, ethernaut24-Feb-2024
Bypass Rate Limits on authentication endpoints like a pro………!https://medium.com/@a13h1/bypass-rate-limits-on-authentication-endpoints-like-a-pro-2054460a43c0?source=rss------bug_bounty-5Abhi Sharmaprogramming, rate-limiting, api, cybersecurity, bug-bounty24-Feb-2024
10.4 Lab: SSRF with filter bypass via open redirection vulnerability | 2024https://cyberw1ng.medium.com/10-4-lab-ssrf-with-filter-bypass-via-open-redirection-vulnerability-2024-fa36d8f10968?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, security, bug-bounty, hacking24-Feb-2024
How i was able to hack over 10 million websites using BAC : broken access controle .https://medium.com/@zack0x01_/how-i-was-able-to-hack-over-10-million-websites-using-bac-broken-access-controle-ce6b704e3dcb?source=rss------bug_bounty-5zack0x01hacking-training, bug-bounty-tips, bug-bounty, bug-bounty-writeup, hacking23-Feb-2024
How Automation Detected Default Admin Credential Worth $500https://vijetareigns.medium.com/how-automation-detected-default-admin-credential-worth-500-d6c09719d307?source=rss------bug_bounty-5the_unlucky_guybug-bounty-tips, bug-bounty-writeup, bug-bounty, bugbounty-writeup, cybersecurity23-Feb-2024
Shodan - “Unauthorized access to setup panel”https://medium.com/@bug.hun3r/shodan-power-unauthorized-access-to-setup-panel-c64bd63f9b3e?source=rss------bug_bounty-5mo9kHu93rhacking, web-application-security, bug-hunting, cybersecurity, bug-bounty23-Feb-2024
10.3 Lab: SSRF with blacklist-based input filter | 2024https://cyberw1ng.medium.com/10-3-lab-ssrf-with-blacklist-based-input-filter-2024-9a7972ab7e8f?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, security, careers, hacking, bug-bounty23-Feb-2024
From CRLF Injection to XSS: Elevating the Stakes in Apple iTunes Securityhttps://xelkomy.medium.com/from-crlf-injection-to-xss-elevating-the-stakes-in-apple-itunes-security-597dc435fd82?source=rss------bug_bounty-5Khaled Mohamedcrlf, infosec, bug-bounty, penetration-testing, xs23-Feb-2024
Unveiling Bug Bounties: Balancing the Scale of Application Securityhttps://sushantkatare.medium.com/unveiling-bug-bounties-balancing-the-scale-of-application-security-be5645395101?source=rss------bug_bounty-5Sushant Katare, CISSPbug-bounty, vulnerability, bugs23-Feb-2024
Hacking Web Meeting/Webinar Apphttps://ronak-9889.medium.com/hacking-web-meeting-webinar-app-1cb31c648752?source=rss------bug_bounty-5Ronak Patelinformation-security, ethical-hacking, cybersecurity, bug-bounty23-Feb-2024
A Pen worth 80K (BBP#2)https://infosecwriteups.com/a-pen-worth-80k-bbp-2-dceb0db18366?source=rss------bug_bounty-5Devender Raopenetration-testing, cybersecurity, bug-bounty, application-security, linux23-Feb-2024
How I Got 1-Click ATO through self-XSShttps://medium.com/@0x3adly/how-i-was-able-to-get-1-click-ato-through-self-xss-6a6f59b3a6da?source=rss------bug_bounty-5Anas Eladly ( 0x3adly )bug-bounty, csrf, penetration-testing, cross-site-scripting, bug-bounty-tips22-Feb-2024
Disclose assigned apps of any facebook userhttps://gtm0x01.medium.com/disclose-assigned-apps-of-any-facebook-user-e78bcff1de71?source=rss------bug_bounty-5Gtm Mänôzbug-bounty, graphql, facebook-bug-bounty, bug-bounty-writeup, infosec22-Feb-2024
IDOR: The Simple Switchhttps://medium.com/@ganga_/idor-the-simple-switch-19d881358552?source=rss------bug_bounty-5Gangaethical-hacking, bug-bounty-writeup, bug-bounty, web-application-security, penetration-testing22-Feb-2024
How To Report a Vulnerability which is not a part of the VDP Program?https://medium.com/@Ajakcybersecurity/how-to-report-a-vulnerability-which-is-not-a-part-of-the-vdp-program-b7b951795c45?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, penetration-testing, bug-bounty, hacking, blog22-Feb-2024
HTTP-Only Sessions: No Problem? ATO Still Lurks via XSS!https://kokomagedd.medium.com/http-only-sessions-no-problem-ato-still-lurks-via-xss-d415dec701d0?source=rss------bug_bounty-5Kyrillos Magedbug-bounty, bug-bounty-tips, xss-attack, cybersecurity, infosec22-Feb-2024
Mastering BetterCap: A Beginner’s Guide to Network Attacks and Monitoringhttps://infosecwriteups.com/mastering-bettercap-a-beginners-guide-to-network-attacks-and-monitoring-b313c1f85489?source=rss------bug_bounty-5ElNiakbug-bounty, cybersecurity, reconnaissance, network-security, bettercap22-Feb-2024
Exploiting XSS to Perform CSRFhttps://medium.com/@marduk.i.am/exploiting-xss-to-perform-csrf-275288910459?source=rss------bug_bounty-5Marduk I Amstored-xss, cybersecurity, bug-bounty, portswigger-lab, cross-site-scripting22-Feb-2024
How I logged into user accounts with no informationhttps://medium.com/@jsamia/how-i-logged-into-user-accounts-with-no-information-629f50e8885d?source=rss------bug_bounty-5Jaeden Samiasecurity, ethical-hacking, bug-bounty22-Feb-2024
Using Wayback And DNS rebinding For SSRFhttps://medium.com/@amnotacat/using-wayback-and-dns-rebinding-for-ssrf-a5a16f611acc?source=rss------bug_bounty-5amnotacatbug-bounty22-Feb-2024
Exploit Development: Classic Buffer Overflowshttps://medium.com/@boogsta/exploit-development-classic-buffer-overflows-0416a7ed1d9a?source=rss------bug_bounty-5Boogstacyber, hacking, bug-bounty, tryhackme, cybersecurity22-Feb-2024
Hack The Box Certified Bug Bounty Hunter (CBBH) Reviewhttps://medium.com/@josselin_poupeney/hack-the-box-certified-bug-bounty-hunter-cbbh-review-f25796cb22ee?source=rss------bug_bounty-5Josselin Poupeneybug-bounty, pentesting, hackin, cbbh, hackthebox22-Feb-2024
How Bug Bounties Are Incentivising Ethical Hackinghttps://medium.com/@cybertec/how-bug-bounties-are-incentivising-ethical-hacking-1fa49410e0aa?source=rss------bug_bounty-5Jonathan Paulsonbug-bounty, hacking, cybercrime, cybersecurity, quantum-computing22-Feb-2024
Absolute Beginners Guide For Finding P4 Bugs (With Real Example!)-Part 2https://medium.com/@avbhijitdutta99/absolute-beginners-guide-for-finding-p4-bugs-with-real-example-part-2-c4a9d9c7af43?source=rss------bug_bounty-5Cyberbeatbugs, cybersecurity, cyberattack, bug-bounty, bug-bounty-tips21-Feb-2024
10 Kesalahan Coding Yang Membuat Aplikasi Kurang Amanhttps://medium.com/@yasminramadini/10-kesalahan-coding-yang-membuat-aplikasi-kurang-aman-77da9d768594?source=rss------bug_bounty-5Yasmin Ramadiniprogramming, cybersecurity, cyber-security-awareness, coding, bug-bounty21-Feb-2024
Understanding Wazuhhttps://medium.com/@paritoshblogs/understanding-wazuh-b4748d21c6ba?source=rss------bug_bounty-5Paritoshthreat-detection, siem, cybersecurity, bug-bounty, wazuh21-Feb-2024
Bug bounty writeup : 2F/OTP Bypass on Registeration via Response manipulationhttps://noorhomaid.medium.com/bug-bounty-writeup-2f-otp-bypass-on-registeration-via-response-manipulation-2e53573ffa4c?source=rss------bug_bounty-5NoorHomaidbug-bounty, ethical-hacking, bugbounty-writeup, cybersecurity21-Feb-2024
9.5 Lab: Exploiting time-sensitive vulnerabilities | 2024https://infosecwriteups.com/9-5-lab-exploiting-time-sensitive-vulnerabilities-2024-d5bf94cdcf59?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, security, hacking, cybersecurity21-Feb-2024
Critical Vulnerabilities in VMware EAP Uncovered — Unraveling CVE-2024–22245https://medium.com/@elniak/critical-vulnerabilities-in-vmware-eap-uncovered-unraveling-cve-2024-22245-08746ff09907?source=rss------bug_bounty-5ElNiakvulnerability, programming, bug-bounty, vmware, cybersecurity21-Feb-2024
This is the easiest bug you can find right now.https://medium.com/@an0nbil/this-is-the-easiest-bug-you-can-find-right-now-eb324861c238?source=rss------bug_bounty-5an0nbilethical-hacking, bug-bounty, programming, bug-bounty-tips, cybersecurity21-Feb-2024
Critical Vulnerabilities in VMware EAP Uncovered — Unraveling CVE-2024–22245https://systemweakness.com/critical-vulnerabilities-in-vmware-eap-uncovered-unraveling-cve-2024-22245-08746ff09907?source=rss------bug_bounty-5ElNiakvulnerability, programming, bug-bounty, vmware, cybersecurity21-Feb-2024
9.4 Lab: Single-endpoint race conditions | 2024https://cyberw1ng.medium.com/9-4-lab-single-endpoint-race-conditions-2024-40b12d1ae4be?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, security, careers, cybersecurity, hacking20-Feb-2024
Apa Itu Cross Site Scripting? Jenis, Dampak, Dan Pencegahannyahttps://medium.com/@yasminramadini/apa-itu-cross-site-scripting-jenis-dampak-dan-pencegahannya-e507eedb43f8?source=rss------bug_bounty-5Yasmin Ramadinicybersecurity, xss-attack, pentesting, cyber-security-awareness, bug-bounty20-Feb-2024
My Unbelievable Hack into HR Admin — A Bug Bounty Tale!!!https://medium.com/@ratnadip1998/my-unbelievable-hack-into-hr-admin-a-bug-bounty-tale-853338770d8c?source=rss------bug_bounty-5Ratnadip Gajbhiyebugcrowd, ethical-hacking, bug-bounty, bug-bounty-tips, hackerone20-Feb-2024
Hou I Discovering the Origin IP In Bug Bounty — Bug Bounty Tuesdayhttps://medium.com/@kerstan/hou-i-discovering-the-origin-ip-in-bug-bounty-bug-bounty-tuesday-47fa16c4ef34?source=rss------bug_bounty-5kerstansecurity, technology, bug-bounty, cybersecurity, programming20-Feb-2024
How I Discovering the Origin IP In Bug Bounty — Bug Bounty Tuesdayhttps://medium.com/@kerstan/hou-i-discovering-the-origin-ip-in-bug-bounty-bug-bounty-tuesday-47fa16c4ef34?source=rss------bug_bounty-5kerstansecurity, technology, bug-bounty, cybersecurity, programming20-Feb-2024
Breach the Build: Exploiting Jenkins (CVE-2024–23897)https://medium.com/@josh.beck2006/breach-the-build-exploiting-jenkins-cve-2024-23897-f2ecc415f9bf?source=rss------bug_bounty-5Josh Beckoscp, cybersecurity, ctf-writeup, bug-bounty20-Feb-2024
How easy it is to find Private Info on Googlehttps://medium.com/@lochana8723/mastering-osint-gold-mines-a-guide-to-google-dorking-for-bug-bounty-success-e1f2acbbf4f2?source=rss------bug_bounty-5Lochana Dissanayakecybersecurity, ethical-hacking, bug-bounty, osint20-Feb-2024
Response Manipulation leads to Bypassing the OTP email verificationhttps://kiraadx.medium.com/response-manipulation-leads-to-bypassing-the-otp-email-verification-3107d558e8a5?source=rss------bug_bounty-5KiRaaDxbug-bounty-tips, bug-bounty20-Feb-2024
Day 14 Bug Bounty Challenge — Found $1000 Stored XSShttps://medium.com/@avbhijitdutta99/day-14-bug-bounty-challenge-found-1000-stored-xss-c0c9813bbe5a?source=rss------bug_bounty-5Abhijit Duttabug-bounty, bugbountychallenge, bug-bounty-tips, bug-bounty-writeup19-Feb-2024
9.3 Lab: Multi-endpoint race conditions | 2024https://cyberw1ng.medium.com/9-3-lab-multi-endpoint-race-conditions-2024-5617e806a0fc?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, security, bug-bounty, careers, hacking19-Feb-2024
HackTheBox — Monitoredhttps://medium.com/@mxzartxbyte/hackthebox-monitored-6cd7bc16f080?source=rss------bug_bounty-5mxz4rtbug-bounty, penetration-testing, network-penetration, hackthebox-writeup, hack-the-box-writeup19-Feb-2024
The Ultimate Guide to Top Bug Bounty Platforms in 2024https://medium.com/@crawsecurity/the-ultimate-guide-to-top-bug-bounty-platforms-in-2024-6934a3db42d2?source=rss------bug_bounty-5crawsecuritybugs, bug-fixes, bug-bounty-tips, bug-zero, bug-bounty19-Feb-2024
Unlocking Creativity: TCS HackQuest S8 Unveiled — Round 2https://medium.com/@Dark_D3v1l/unlocking-creativity-tcs-hackquest-s8-unveiled-round-2-a311e68becd4?source=rss------bug_bounty-5Ravitejaweb-security, ctf-writeup, bug-bounty, reverse-engineering, tcs-hackquest19-Feb-2024
How to Find First Bug (For Beginners)https://hackerhq.medium.com/how-to-find-first-bug-for-beginners-22a9177e94a0?source=rss------bug_bounty-5HackerHQcyber-security-awareness, bug-bounty-tips, cybersecurity, hackerone, bug-bounty19-Feb-2024
Android Architecture Components: Android Pentestinghttps://bot2root.medium.com/android-architecture-components-android-pentesting-1279e35c2d32?source=rss------bug_bounty-5Raghuveer Singh Chouhanpentesting, bug-bounty, hacking, cybersecurity, android19-Feb-2024
Searching industrial infrastructure with Netlas.iohttps://netlas.medium.com/searching-industrial-infrastructure-with-netlas-io-49c08ca519a2?source=rss------bug_bounty-5Netlas.iobug-bounty, critical-infrastructure, penetration-testing, cybersecurity, information-security19-Feb-2024
Absolute Beginners Guide For Finding P4 Bugs -Part 1https://medium.com/@avbhijitdutta99/absolute-beginners-guide-for-finding-p4-bugs-part-1-5585cc94ac8b?source=rss------bug_bounty-5Cyberbeatbug-bounty-hunter, bug-bounty-tips, bug-bounty-program, bug-bounty19-Feb-2024
Dorking-Pentesting: Create Your Own Automated Pentesting Toolshttps://medium.com/@elniak/dorking-pentesting-create-your-own-automated-pentesting-tools-11134114c2b7?source=rss------bug_bounty-5ElNiaktools, bug-bounty, python, penetration-testing, google19-Feb-2024
Web Cache Poisoing leads to ATO (Account takeover)https://medium.com/@hoosgamer/web-cache-poisoing-leads-to-ato-account-takeover-2522b4583a97?source=rss------bug_bounty-5HooShacking, bug-bounty-tips, bug-bounty, bug-bounty-writeup, web-security19-Feb-2024
Apa Itu Security Operation Center (SOC)https://medium.com/@yasminramadini/apa-itu-security-operation-center-soc-345f56cd85f3?source=rss------bug_bounty-5Yasmin Ramadinipentesting, bug-bounty, cybersecurity, soc-analyst, ethical-hacking18-Feb-2024
HackTheBox — SQLMap Essentialshttps://medium.com/@harry.hphu/hackthebox-sqlmap-essentials-72eaa7a13596?source=rss------bug_bounty-5Huy Phuweb-application-security, bug-bounty, sql, hackthebox18-Feb-2024
Introduction to API Testing — API Discovery and Interactionhttps://medium.com/@harry.hphu/introduction-to-api-testing-api-discovery-and-interaction-705248fc089e?source=rss------bug_bounty-5Huy Phuapi, bug-bounty, web-application-security, api-testing18-Feb-2024
Introduction to API Testing — Reconnaissancehttps://medium.com/@harry.hphu/introduction-to-api-testing-reconnaissance-7b471f4f4e73?source=rss------bug_bounty-5Huy Phuweb-application-security, api-testing, api, bug-bounty18-Feb-2024
Easy automation of bug bounty using Ethredhttps://medium.com/@eyaalgabay/automate-bug-bounty-using-ethred-de042fb19926?source=rss------bug_bounty-5Eyaalgabaypenetration-testing, bug-bounty, web-security, bugbounty-tips, hacking18-Feb-2024
My New Tool For Information Findinghttps://medium.com/@mrraghavop12/my-new-tool-for-information-finding-92a205a6e305?source=rss------bug_bounty-5Ethical Raghavdata-science, bug-bounty-tips, programming, bug-bounty, technology18-Feb-2024
Introduction to API Testing — Server-Side Parameter Pollutionhttps://medium.com/@harry.hphu/introduction-to-api-testing-server-side-parameter-pollution-52dc5c170d19?source=rss------bug_bounty-5Huy Phuweb-application-security, api, api-testing, bug-bounty18-Feb-2024
Introduction to API Testing — Mass Assignment vulnerabilitieshttps://medium.com/@harry.hphu/introduction-to-api-testing-mass-assignment-vulnerabilities-1643f75d1d20?source=rss------bug_bounty-5Huy Phuweb-application-security, api-testing, api, bug-bounty18-Feb-2024
Exploiting Cross-Site Scripting to Capture Passwordshttps://medium.com/@marduk.i.am/exploiting-cross-site-scripting-to-capture-passwords-b2cda84698b0?source=rss------bug_bounty-5Marduk I Amcybersecurity, cross-site-scripting, portswigger-lab, bug-bounty, stored-xss18-Feb-2024
9.2 Lab: Bypassing rate limits via race conditions | 2024https://cyberw1ng.medium.com/9-2-lab-bypassing-rate-limits-via-race-conditions-2024-533185d6d94e?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, secuity, hacking18-Feb-2024
PortSwigger — LAB-6 Remote code execution via polyglot web shell upload (Bug Bounty Prep)[by…https://infosecwriteups.com/portswigger-lab-6-remote-code-execution-via-polyglot-web-shell-upload-bug-bounty-prep-by-b426b0d50d39?source=rss------bug_bounty-5dollarboysushilcybersecurity, ethical-hacking, portswigger, web-app-security, bug-bounty18-Feb-2024
Open a link, and your Wi-Fi password is changed.https://medium.com/@deadoverflow/open-a-link-and-your-wi-fi-password-is-changed-7c47ccb4d095?source=rss------bug_bounty-5Imad Husanovichacking, cybersecurity, programming, bug-bounty, bug-bounty-tips18-Feb-2024
Detecting and exploiting limit overrun race conditions with Turbo Intruderhttps://cyberw1ng.medium.com/detecting-and-exploiting-limit-overrun-race-conditions-with-turbo-intruder-424bed12f2cf?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, hacking, security, bug-bounty17-Feb-2024
0Day SQLi Discovered during internal PenTestinghttps://medium.com/@SentinelXTeam/0day-sqli-discovered-during-internal-pentesting-0d00db3147c5?source=rss------bug_bounty-5SentinelX Researchbug-bounty, exploitation, cybersecurity, bug-bounty-tips, 0day17-Feb-2024
Mengintip database Website Bimbel di Indonesiahttps://uzet.medium.com/mengintip-database-website-bimbel-di-indonesia-1d3620ce438d?source=rss------bug_bounty-5Timotius Benhurpentesting, web-security, bug-bounty-tips, bug-bounty17-Feb-2024
How much longer must we dwell, with W-S-D-L?https://medium.com/illumination/how-much-longer-must-we-dwell-with-w-s-d-l-789eb659b77a?source=rss------bug_bounty-5Quintius Walkerbug-bounty, poetry, web-development, creative-writing, hacking17-Feb-2024
PortSwigger — LAB -4 Web shell upload via extension blacklist bypass (Bug Bounty Prep)[by…https://infosecwriteups.com/portswigger-lab-4-web-shell-upload-via-extension-blacklist-bypass-bug-bounty-prep-by-7c6233320f81?source=rss------bug_bounty-5dollarboysushilweb-app-security, portswigger, cybersecurity, bug-bounty, file-upload-vulnerability17-Feb-2024
weird bug using fake id via photoshop worth $***https://hamzadzworm.medium.com/weird-bug-using-fake-id-via-photoshop-worth-1fe5dbd04497?source=rss------bug_bounty-5Hamzadzwormbugbounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips, infosec17-Feb-2024
PortSwigger — LAB-5 Web shell upload via obfuscated file extension (Bug Bounty Prep)[by…https://dollarboysushil.medium.com/portswigger-lab-5-web-shell-upload-via-obfuscated-file-extension-bug-bounty-prep-by-5232dd3fb8fa?source=rss------bug_bounty-5dollarboysushilportswigger, cybersecurity, bug-bounty, ethical-hacking, web-app-security17-Feb-2024
Harnessing Microsoft Copilot as a Cybersecurity Advisorhttps://infosecwriteups.com/harnessing-microsoft-copilot-as-a-cybersecurity-advisor-518c46f697b3?source=rss------bug_bounty-5Paritoshmicrosoft, cybersecurity, bug-bounty, information-security, microsoft-copilot17-Feb-2024
Demystifying HTTP Request Smuggling: Detection to Exploitationhttps://roadtooscp.medium.com/demystifying-http-request-smuggling-detection-to-exploitation-d6bc7beed73e?source=rss------bug_bounty-5RoadToOSCPbug-bounty, owasp, bug-bounty-tips, pentesting, ethical-hacking17-Feb-2024
GitHub Recon- For Finding Sensitive Informationhttps://medium.com/@pawan_rawat/github-recon-for-finding-sensitive-information-aecdeb9c9dce?source=rss------bug_bounty-5Pawanrawatgithub-recon, bug-bounty-writeup, sensitive-data-exposure, bug-bounty-tips, bug-bounty17-Feb-2024
How do I automate my recon — Part Onehttps://medium.com/@aliraah/how-do-i-automate-my-recon-part-one-fd17dc8717c8?source=rss------bug_bounty-5Alipython, reconnaissance, automation, bash, bug-bounty17-Feb-2024
The Unseen 0-Click Threat Lurking in Your Inbox: CVE-2024–21413 Explainedhttps://systemweakness.com/the-unseen-0-click-threat-lurking-in-your-inbox-cve-2024-21413-explained-a8bd9ec0c46d?source=rss------bug_bounty-5ElNiakvulnerability, cybersecurity, microsoft-outlook, bug-bounty, rce17-Feb-2024
Hacking the Dutch Governmenthttps://medium.com/@jackson_80133/hacking-the-dutch-government-153678a191c0?source=rss------bug_bounty-5Jacksoncybersecurity, hacking, bug-bounty17-Feb-2024
MonikerLink Meltdown: Demystifying CVE-2024–21413 and Dodging Outlook’s Booby Traphttps://medium.com/@chinamayjoshi/monikerlink-meltdown-demystifying-cve-2024-21413-and-dodging-outlooks-booby-trap-43ba52c4b458?source=rss------bug_bounty-5The Cyber Tornadoinformation-security, microsoft, vapt, cybersecurity, bug-bounty17-Feb-2024
The Importance of Sharing Cybersecurity Knowledge on Reading Platformshttps://medium.com/@paritoshblogs/the-importance-of-sharing-cybersecurity-knowledge-on-reading-platforms-34a474a51522?source=rss------bug_bounty-5Paritoshinformation-security, infosec, hacking, cybersecurity, bug-bounty16-Feb-2024
Researcher’s Experience — Bug Bounty Programhttps://medium.com/@_crac/researchers-experience-bug-bounty-program-7d588c363fa6?source=rss------bug_bounty-5CRAC Learningbug-bounty, security, research, cybersecurity16-Feb-2024
GitHub Enterprise Server vulnshttps://irsl.medium.com/github-enterprise-server-vulns-26889987919c?source=rss------bug_bounty-5Imre Radsecurity, github, bug-bounty16-Feb-2024
Windows Defender SmartScreen Vulnerability: CVE-2024–21412 Exposes Financial Traders to…https://systemweakness.com/windows-defender-smartscreen-vulnerability-cve-2024-21412-exposes-financial-traders-to-a03ff476a293?source=rss------bug_bounty-5ElNiakwindows, bug-bounty, cybersecurity, vulnerability, malware16-Feb-2024
Mastering Cross-Site Scripting (XSS): Risks, Detection, and Preventionhttps://medium.com/@elniak/mastering-cross-site-scripting-xss-risks-detection-and-prevention-3cee199d2fff?source=rss------bug_bounty-5ElNiakcybersecurity, xss-attack, bug-bounty, programming, xss-vulnerability16-Feb-2024
Mastering SQLMap: A Comprehensive Guide for Cybersecurity Enthusiastshttps://medium.com/@elniak/mastering-sqlmap-a-comprehensive-guide-for-cybersecurity-enthusiasts-4e224b42396a?source=rss------bug_bounty-5ElNiaksqlmap, programming, cybersecurity, sql-injection, bug-bounty16-Feb-2024
Guide: ProjectDiscovery’s cvemap to nuclei template mapping.https://medium.com/@matejsmycka/guide-projectdiscoverys-cvemap-to-nuclei-template-mapping-5535c2934811?source=rss------bug_bounty-5Matejsmyckacybersecurity, bug-bounty, bash, penetration-testing16-Feb-2024
My First Account Takeover Via Password Reset Poisoninghttps://medium.com/@cyberpro151/my-first-account-takeover-via-password-reset-poisoning-7c35baadfbe3?source=rss------bug_bounty-5cyberpro151web-hacking, bug-bounty, pentesting, account-takeover, offensive-security16-Feb-2024
Mastering Manual SQL Injection: A Comprehensive Guide for Cybersecurity Enthusiastshttps://systemweakness.com/mastering-manual-sql-injection-a-comprehensive-guide-for-cybersecurity-enthusiasts-4541d46b42a7?source=rss------bug_bounty-5ElNiaksql-injection, cybersecurity, sql, programming, bug-bounty16-Feb-2024
The Posemesh Avalanche C-Chain Bug Bounty Programhttps://medium.com/posemesh/the-posemesh-avalanche-c-chain-bug-bounty-program-b34c01da1277?source=rss------bug_bounty-5Auki Labsbug-bounty, auki-labs, avalanche, posemesh, blockchain16-Feb-2024
Mastering CSRF: A Comprehensive Guide to Cross-Site Request Forgeryhttps://medium.com/@elniak/mastering-csrf-a-comprehensive-guide-to-cross-site-request-forgery-a380aca0eab0?source=rss------bug_bounty-5ElNiakweb-development, programming, csrf, cybersecurity, bug-bounty16-Feb-2024
8.6 Lab: Remote code execution via polyglot web shell upload | 2024https://cyberw1ng.medium.com/8-6-lab-remote-code-execution-via-polyglot-web-shell-upload-2024-5646ef951c0b?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, security, careers, bug-bounty16-Feb-2024
how i made easy information disclosure bugs in graphqlhttps://medium.com/@eyaalgabay/how-i-made-easy-information-disclosure-bugs-in-graphql-82284b05d7b4?source=rss------bug_bounty-5Eyaalgabaypenetration-testing, bug-bounty, bug-bounty-tips, web-security, hacking16-Feb-2024
Bypassing Captchahttps://medium.com/@eyaalgabay/bypassing-captcha-29a77c768469?source=rss------bug_bounty-5Eyaalgabaybug-bounty, web-security, penetration-testing, hacking, bug-bounty-tips15-Feb-2024
The Rise of Large Language Models and the Evolution of Programming: A Thesis on Prompt…https://analystlevy.medium.com/the-rise-of-large-language-models-and-the-evolution-of-programming-a-thesis-on-prompt-3ab81578408a?source=rss------bug_bounty-5Asuquo Levy Eyo Jrcybercrime, cryptography, bug-bounty, cyber-security-awareness, black-hat-202115-Feb-2024
The Game-Changing Magic of RCE [Cybersecurity]https://medium.com/@paritoshblogs/the-game-changing-magic-of-rce-cybersecurity-6e1468425e06?source=rss------bug_bounty-5Paritoshbug-bounty, hacking, cybersecurity, information-security, rce15-Feb-2024
Account Takeover [It Looked Secure at First]https://cristivlad.medium.com/account-takeover-it-looked-secure-at-first-f14a31cb7f5c?source=rss------bug_bounty-5Cristi Vladcybersecurity, bug-bounty, penetration-testing, infosec, pentesting15-Feb-2024
Github Dorking: A Beginner’s Guide to Finding Secrets in Repositorieshttps://medium.com/@elniak/github-dorking-a-beginners-guide-to-finding-secrets-in-repositories-2d4d36287913?source=rss------bug_bounty-5ElNiakthreat-intelligence, github, cybersecurity, github-dorking, bug-bounty15-Feb-2024
8.5 Lab: Web shell upload via obfuscated file extension | 2024https://cyberw1ng.medium.com/8-5-lab-web-shell-upload-via-obfuscated-file-extension-2024-0cb8b3e1e537?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, security, bug-bounty, cybersecurity15-Feb-2024
Portswigger — Command Injection All Labs Walkthrough(Bug Bounty Prep)[by dollarboysushil]https://infosecwriteups.com/portswigger-command-injection-all-labs-walkthrough-bug-bounty-prep-by-dollarboysushil-e836421212cf?source=rss------bug_bounty-5dollarboysushilcybersecurity, command-injection, bug-bounty, ethical-hacking, portswigger15-Feb-2024
HTML Injection in Mail BOXhttps://codingninjablogs.tech/html-injection-in-mail-box-c963a8c66d69?source=rss------bug_bounty-5#!/Subhankarhtml-injection, hackerone, hacking, bug-bounty15-Feb-2024
Edu-Hack: How a Simple Request Compromised Entire Classrooms Usershttps://uchihamrx.medium.com/edu-hack-how-a-simple-request-compromised-entire-classrooms-users-7cefc1225654?source=rss------bug_bounty-5Abdelrhman Aminbug-bounty-tips, cybersecurity, web-security, bug-bounty, penetration-testing15-Feb-2024
Behind the Screen: The Forgotten Password Feature That Almost Failed Ushttps://medium.com/@elcapitano7x/behind-the-screen-the-forgotten-password-feature-that-almost-failed-us-a3e67e103cc5?source=rss------bug_bounty-5Elcapitanobugswagger, bugsbounty, penetration-testing, information-security, bug-bounty15-Feb-2024
The effectiveness of employing BChecks to uncover significant secretshttps://xelkomy.medium.com/the-effectiveness-of-employing-bchecks-to-uncover-significant-secrets-788e15a8a952?source=rss------bug_bounty-5Khaled Mohamedsecrets, bug-bounty, bugswagger, cybersecurity, penetration-testing15-Feb-2024
Magic No More: Exposing Flaws in Magic Link Authenticationhttps://medium.com/@elcapitano7x/magic-no-more-exposing-flaws-in-magic-link-authentication-7cede724382f?source=rss------bug_bounty-5Elcapitanobug-bounty, penetration-testing, cybersecurity, bugswagger, information-security15-Feb-2024
Stored XSS with HTTP only Session Cookieshttps://medium.com/techiepedia/stored-xss-with-http-only-session-cookies-32e5eb121384?source=rss------bug_bounty-5Jessprogramming, website, security, web-development, bug-bounty15-Feb-2024
CVE-2024–24142 Exploitation & PoChttps://medium.com/@SentinelXTeam/cve-2024-24142-exploitation-poc-045021596804?source=rss------bug_bounty-5SentinelX Researchpenetration-testing, cybersecurity, hacking, bug-bounty, bug-bounty-tips15-Feb-2024
open redirect using homographshttps://medium.com/@eyaalgabay/open-redirect-using-homographs-ab2c21513b45?source=rss------bug_bounty-5Eyaalgabaybug-bounty-tips, penetration-testing, bug-bounty, open-redirect, web-hacking14-Feb-2024
Exploiting Cross-Site Scripting to Steal Cookieshttps://medium.com/@marduk.i.am/exploiting-cross-site-scripting-to-steal-cookies-3d14c8b42fae?source=rss------bug_bounty-5Marduk I Amcross-site-scripting, cybersecurity, portswigger-lab, xss-attack, bug-bounty14-Feb-2024
THIS IS HOW I FOUND FOUR VULNERABLILITY IN 45 MINUTEShttps://medium.com/@mrraghavop12/this-is-how-i-found-four-vulnerablility-in-45-minutes-050144a58161?source=rss------bug_bounty-5Ethical Raghavbug-bounty, blockchain, technology, bug-bounty-tips, cybersecurity14-Feb-2024
Portswigger — Path Traversal All Labs Walkthrough(Bug Bounty Prep)[by dollarboysushil]https://infosecwriteups.com/portswigger-path-traversal-all-labs-walkthrough-bug-bounty-prep-by-dollarboysushil-85ab64d6106a?source=rss------bug_bounty-5dollarboysushilbug-bounty, web-security, path-traversal, ethical-hacking, portswigger14-Feb-2024
How I was able to hack my college’s website with number of IDORs and CORS Misconfigurationshttps://medium.com/@cyberpro151/how-i-was-able-to-hack-my-colleges-website-with-number-of-idors-and-cors-misconfigurations-0f880d308b79?source=rss------bug_bounty-5cyberpro151hacking, web-hacking, bug-bounty, idor14-Feb-2024
GMX V1 Bug Disclosure.https://morphex.medium.com/gmx-v1-bug-disclosure-71e4ad9a918e?source=rss------bug_bounty-5Morphexdefi, bug-bounty, cryptocurrency14-Feb-2024
8.4 Lab: Web shell upload via extension blacklist bypass | 2024https://cyberw1ng.medium.com/8-4-lab-web-shell-upload-via-extension-blacklist-bypass-2024-2010bcaa283c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, security, hacking, bug-bounty, cybersecurity14-Feb-2024
A Journey through Reconnaissance to MySQL Server Access in the Gaming Realmhttps://medium.com/@daniel1895/a-journey-through-reconnaissance-to-mysql-server-access-in-the-gaming-realm-ce6a6f4eb21c?source=rss------bug_bounty-5Daniel1895fuzzing, bug-bounty, reconnaissance, bug-bounty-tips, hacking14-Feb-2024
The Hidden Dangers Lurking in NTLM Authentication (Cybersecurity)https://medium.com/@paritoshblogs/the-hidden-dangers-lurking-in-ntlm-authentication-cybersecurity-17fc4a02dbf9?source=rss------bug_bounty-5Paritoshntlm, hacking, cybersecurity, authentication, bug-bounty13-Feb-2024
Introducing M:N Hybrid Threading in Go: Unveiling the Power of Goroutineshttps://medium.com/@rezauditore/introducing-m-n-hybrid-threading-in-go-unveiling-the-power-of-goroutines-8f2bd31abc84?source=rss------bug_bounty-5rezauditoreprogramming, tutorial, multithreading, bug-bounty, golang13-Feb-2024
Best tools you must have to look at for penetration testing.https://medium.com/@coderjack0/best-tools-you-must-have-to-look-at-for-penetration-testing-5780ad9e7ddf?source=rss------bug_bounty-5Bugz_Bunnepentesting, hacking, cybersecurity, cybe, bug-bounty13-Feb-2024
Memory vulnerabilities: Buffer and integer overflows, memory leak, and pointer dereferencinghttps://medium.com/@forensics.000/memory-vulnerabilities-buffer-and-integer-overflows-memory-leak-and-pointer-dereferencing-b0e7cbbc0cd3?source=rss------bug_bounty-5forensicsbuffer-overflow, bug-bounty, null-pointer-dereference, memory-improvement13-Feb-2024
Cross-site and server-side request forgeries (CSRF and SSRF)https://medium.com/@forensics.000/cross-site-and-server-side-request-forgeries-csrf-and-ssrf-b91911e42e44?source=rss------bug_bounty-5forensicspenetration-testing, ssrf, csrf, bug-bounty, hackerone13-Feb-2024
Cross-site scriptinghttps://medium.com/@forensics.000/cross-site-scripting-706293b1ad8d?source=rss------bug_bounty-5forensicsweb-penetration-testing, ctf-writeup, hackerone, xss-attack, bug-bounty13-Feb-2024
Program Misuse and Privilege Escalation — PWN COLLEGEhttps://medium.com/illumination/program-misuse-and-privilege-escalation-pwn-college-9d5dbfd9cb3c?source=rss------bug_bounty-5B A T M A Npwn, pentesting, challenge, hacking, bug-bounty13-Feb-2024
Unauthenticated Jira CVEs Check List — Bug Tuesdayhttps://medium.com/@kerstan/unauthenticated-jira-cves-check-list-bug-tuesday-465b16266349?source=rss------bug_bounty-5kerstansecurity, cybersecurity, technology, information-security, bug-bounty13-Feb-2024
Email Triggering Leads to Rs1000 Amazon voucherhttps://medium.com/@bug.hun3r/email-triggering-leads-to-rs1000-amazon-voucher-7b9447a0b820?source=rss------bug_bounty-5mo9kHu93rbug-hunting, web-application-security, cybersecurity, bug-bounty, hacking13-Feb-2024
curity8.3 Lab: Web shell upload via path traversal | 2024https://cyberw1ng.medium.com/curity8-3-lab-web-shell-upload-via-path-traversal-2024-0c38695963a7?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, hacking, cybersecurity, careers, bug-bounty13-Feb-2024
Program Misuse and Privilege Escalation — PWN COLLEGEhttps://batm4n.medium.com/program-misuse-and-privilege-escalation-pwn-college-9d5dbfd9cb3c?source=rss------bug_bounty-5B A T M A Npwn, pentesting, challenge, hacking, bug-bounty13-Feb-2024
Comprehensive Guide to Pentesting Methodology: From Zero to Herohttps://medium.com/@elniak/comprehensive-guide-to-pentesting-methodology-from-zero-to-hero-78c94711d130?source=rss------bug_bounty-5ElNiakbug-bounty, technology, cybersecurity, penetration-testing, pentesting13-Feb-2024
Mastering Nmap: A Comprehensive Guide for Network Discovery and Security Auditinghttps://medium.com/@elniak/mastering-nmap-a-comprehensive-guide-for-network-discovery-and-security-auditing-29fa0c669ef7?source=rss------bug_bounty-5ElNiakcybersecurity, penetration-testing, bug-bounty, networking, nmap13-Feb-2024
Program Misuse and Privilege Escalation — PWN COLLEGEhttps://medium.com/illuminations-mirror/program-misuse-and-privilege-escalation-pwn-college-9d5dbfd9cb3c?source=rss------bug_bounty-5B A T M A Npwn, pentesting, challenge, hacking, bug-bounty13-Feb-2024
How I Found a Reflected XSS at NASAhttps://medium.com/@Jh0n_0x/how-i-found-a-reflected-xss-at-nasa-cc8b7584dee7?source=rss------bug_bounty-5Jh0n_0xpenetration-testing, securit, bugbounty-tips, bug-bounty, security-services12-Feb-2024
Most easiest bug in login page : Session Fixationhttps://medium.com/@mrraghavop12/most-easiest-bug-in-login-page-session-fixation-3b07eb396aab?source=rss------bug_bounty-5Ethical Raghavcybersecurity, blockchain, ethical-hacking, bug-bounty, technology12-Feb-2024
IDOR (Insecure direct object reference) pada Website Jual Beli Indonesiahttps://uzet.medium.com/idor-insecure-direct-object-reference-pada-website-jual-beli-indonesia-350e2f58755c?source=rss------bug_bounty-5Timotius Benhurwriteup, bug-bounty, idor12-Feb-2024
Webpages Have these Bugs, and can be EXPLOITED!!https://batm4n.medium.com/webpages-have-these-bugs-and-can-be-exploited-59e10dd94931?source=rss------bug_bounty-5B A T M A Nxss-vulnerability, hacking, penetration-testing, xss-attack, bug-bounty12-Feb-2024
Unraveling Three Critical Vulnerabilities in Atlassian Confluence: CVE-2023–22515, CVE-2023–22518…https://systemweakness.com/unraveling-three-critical-vulnerabilities-in-atlassian-confluence-cve-2023-22515-cve-2023-22518-071f58539142?source=rss------bug_bounty-5ElNiakvulnerability, exploitation, cybersecurity, atlassian, bug-bounty12-Feb-2024
Super Bowl and Cybersecurityhttps://medium.com/@paritoshblogs/super-bowl-and-cybersecurity-5a8c0097f1f7?source=rss------bug_bounty-5Paritoshbug-bounty, super-bowl, hacking, information-security, cybersecurity12-Feb-2024
Tow Senario To Pre Account TakeOverhttps://medium.com/@Hackoura001/tow-senario-to-pre-account-takeover-e437b772b0e2?source=rss------bug_bounty-5Ahmed Elhenybug-bounty-hunter, bug-bounty, hacking, bug-bounty-writeup, bugbounty-tips12-Feb-2024
7 Tingkatan IOC Dalam Investigasi Serangan Siberhttps://medium.com/@yasminramadini/7-tingkatan-ioc-dalam-investigasi-serangan-siber-107826a59a37?source=rss------bug_bounty-5Yasmin Ramadinibug-bounty, pyramid-of-pain, cybersecurity, cyber-security-awareness12-Feb-2024
Hack Stories: Hacking Hackers EP:1https://infosecwriteups.com/hack-stories-hacking-hackers-ep-1-ff4c3cfc09cc?source=rss------bug_bounty-5c0d3x27bug-bounty, hacking, cybersecurity, penetration-testing, software-development12-Feb-2024
Practical Guide to End-to-End Bug Reporting in Software Developmenthttps://medium.com/@niarsdet/practical-guide-to-end-to-end-bug-reporting-in-software-development-9d3e3e4ae8f2?source=rss------bug_bounty-5Niarbugs, issues, qa, bug-fixes, bug-bounty12-Feb-2024
How I Hacked the Dutch Government: Exploiting an Innocent Image for Remote Code Executionhttps://medium.com/@mukundbhuva/how-i-hacked-the-dutch-government-exploiting-an-innocent-image-for-remote-code-execution-df1fa936e46a?source=rss------bug_bounty-5Mukund Bhuvahacking, security, bug-bounty, information-security, cybersecurity12-Feb-2024
Understanding web applicationshttps://medium.com/@pentajbr/understanding-web-applications-ec5952eb1903?source=rss------bug_bounty-5Jbr AL-Otaibihacking, cybersecurity, bug-bounty, website, web-development12-Feb-2024
How I found a bug in Microsofthttps://nityanandjha18.medium.com/how-i-found-a-bug-in-microsoft-3b8524877a3c?source=rss------bug_bounty-5NITYA NAND JHAbug-bounty, cybersecurity, vulnerability12-Feb-2024
: Unveiling the Art of Breaching SSH Servers in Bug Bounties: A Dive into Cybersecurity Exploitshttps://medium.com/@bugspiderlee/unveiling-the-art-of-breaching-ssh-servers-in-bug-bounties-a-dive-into-cybersecurity-exploits-1b60c95c9075?source=rss------bug_bounty-5Pardon Mukoyibugbounty-tips, bug-bounty, bugbounty-writeup, cybersecurity12-Feb-2024
Extract & Scan SSL Certs for HeartBleed via CertGuard toolhttps://medium.com/@SentinelXTeam/extract-scan-ssl-certs-for-heartbleed-via-certguard-tool-06dfd891788a?source=rss------bug_bounty-5SentinelX Researchweb-development, bug-bounty-tips, ssl-certificate, cybersecurity, bug-bounty12-Feb-2024
Mastering Samba Exploitation: A Comprehensive Pentesting Guidehttps://medium.com/@elniak/mastering-samba-exploitation-a-comprehensive-pentesting-guide-016ae61c1031?source=rss------bug_bounty-5ElNiakcybersecurity, threat-intelligence, penetration-testing, samba, bug-bounty12-Feb-2024
Unveiling the World of Ethical Hacking: How Ethical Hackers Earn Moneyhttps://medium.com/@crawsecurity/unveiling-the-world-of-ethical-hacking-how-ethical-hackers-earn-money-939b7816debb?source=rss------bug_bounty-5crawsecurityethical-hacking, ways-to-earn-money-online, freelancing, bug-bounty, ethical-hacker11-Feb-2024
Online Password Cracking with THC-Hydra and Burp Suitehttps://medium.com/@0xalpraz/online-password-cracking-with-thc-hydra-and-burp-suite-31ec3019cead?source=rss------bug_bounty-50xClonazhacks, hacking, bug-bounty, cybersecurity11-Feb-2024
Getting Facebook Credentails Without Hackinghttps://medium.com/@0xalpraz/getting-facebook-credentails-without-hacking-e9c778e9e4ca?source=rss------bug_bounty-50xClonazbug-bounty, hacks, cybersecurity, hacking11-Feb-2024
Open Source Intelligence(OSINT), Part 4: Google Hacking to Find Unsecured Web Camshttps://medium.com/@0xalpraz/open-source-intelligence-osint-part-4-google-hacking-to-find-unsecured-web-cams-4493b08dd08f?source=rss------bug_bounty-50xClonazcybersecurity, hacks, hacker, hacking, bug-bounty11-Feb-2024
Open Source Intelligence (OSINT), Part 1: Mining Intelligence from Twitter (@mattgaetz)https://medium.com/@0xalpraz/open-source-intelligence-osint-part-1-mining-intelligence-from-twitter-mattgaetz-6bb71c3dae9b?source=rss------bug_bounty-50xClonazbug-bounty, cybersecurity, hacking, hacker, hacks11-Feb-2024
OSINT: Finding Email Passwords in Dumps with h8mailhttps://medium.com/@0xalpraz/osint-finding-email-passwords-in-dumps-with-h8mail-4fb8b80298d8?source=rss------bug_bounty-50xClonazbug-bounty, hacker, hacking, hacks, cybersecurity11-Feb-2024
Password Cracking: Creating Custom Password List with cupphttps://medium.com/master-hackers/password-cracking-creating-custom-password-list-with-cupp-167b7448b6c9?source=rss------bug_bounty-50xClonazcybersecurity, hacking, bug-bounty, hacker, hacks11-Feb-2024
Android Hacking: The libwebp Vulnerability (zero-day/zero-click)https://medium.com/master-hackers/android-hacking-the-libwebp-vulnerability-zero-day-zero-click-843279e0bb85?source=rss------bug_bounty-50xClonazhacks, hacking, hacker, cybersecurity, bug-bounty11-Feb-2024
Bug Bounty Hunting, Part 1: Getting Startedhttps://medium.com/master-hackers/bug-bounty-hunting-part-1-getting-started-f8c60e759738?source=rss------bug_bounty-50xClonazhacker, bug-bounty, hacking, cybersecurity11-Feb-2024
Preventing file execution in user-accessible directories by Portswigger | 2024https://cyberw1ng.medium.com/preventing-file-execution-in-user-accessible-directories-by-portswigger-2024-c30f1ef726b9?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, cybersecurity, bug-bounty, security11-Feb-2024
IDOR(Insecure Direct Object Referece) Price Manipulation Through Encoded Url Parameterhttps://medium.com/@bry4nzheng/idor-insecure-direct-object-referece-price-manipulation-through-encoded-url-parameter-4232fa4758b0?source=rss------bug_bounty-5Bryan Zhengbug-bounty-writeup, bug-bounty, cybersecurity, penetration-testing11-Feb-2024
Signing up with Government and Military emailshttps://medium.com/@boogsta/signing-up-with-government-and-military-emails-4ebed8da5135?source=rss------bug_bounty-5Boogstabug-bounty-tips, cyber, cybersecurity, bug-bounty, hacking11-Feb-2024
IDOR(Insecure Direct Object Reference) Price Manipulation on Private Bug Bounty Programhttps://medium.com/@bry4nzheng/idor-insecure-direct-object-reference-price-manipulation-on-private-bug-bounty-program-2527431ffcfd?source=rss------bug_bounty-5Bryan Zhengbug-bounty-writeup, penetration-testing, bug-bounty, cybersecurity11-Feb-2024
Bug Bounty Programs: Unleashing the Force of Ethical Hackers to Strengthen Your Security Defenseshttps://medium.com/@pascal.o.anene/bug-bounty-programs-unleashing-the-force-of-ethical-hackers-to-strengthen-your-security-defenses-08506824e975?source=rss------bug_bounty-5Pascal Onyekachukwu Anenecybersecurity, security-engineering, bug-bounty11-Feb-2024
Almost 50% of web pages have this bug. Learn How it is exploited in the wildhttps://medium.com/@sreedeep200/almost-50-of-web-pages-have-this-bug-learn-how-it-is-exploited-in-the-wild-bfc591abdf8f?source=rss------bug_bounty-5Sreedeep cvjs, bug-bounty, xss-attack, hacking, dom11-Feb-2024
XSS in CMS / Blog sites bypassing HTML encoding and escaping.https://medium.com/@kannnannmk/xss-in-cms-blog-sites-bypassing-html-encoding-and-escaping-f61a720e6a02?source=rss------bug_bounty-5Neelamegha Kannan Spenetration-testing, cybersecurity, information-security, cyberattack, bug-bounty11-Feb-2024
From a customer to a ‘system owner’https://medium.com/@mmaulanaabdullah/from-a-customer-to-a-system-owner-ce4da3f6d56c?source=rss------bug_bounty-5M Maulana Abdullahapi-development, writeup, privilege-escalation, api, bug-bounty10-Feb-2024
Unlocking Creativity: TCS HackQuest S8 Unveiled - Round 1https://medium.com/@Dark_D3v1l/unlocking-creativity-tcs-hackquest-s8-unveiled-round-1-ffc02c753aaf?source=rss------bug_bounty-5Ravitejareverse-engineering, ctf, bug-bounty, hacking-tools, web-security10-Feb-2024
7.8 Lab: Referer-based access control | 2024https://cyberw1ng.medium.com/7-8-lab-referer-based-access-control-2024-ef0fa2eefbe0?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, security, bug-bounty, cybersecurity10-Feb-2024
Google Dorking: A Beginner’s Guide to Finding Vulnerabilitieshttps://medium.com/@elniak/google-dorking-a-beginners-guide-to-finding-vulnerabilities-815afedcaaec?source=rss------bug_bounty-5ElNiakthreat-intelligence, bug-bounty, google-dorking, cybersecurity, google10-Feb-2024
Web Security 101 : Cross-Site Scripting (XSS) Attackshttps://iaraoz.medium.com/web-security-101-cross-site-scripting-xss-attacks-5b6c6e8020c7?source=rss------bug_bounty-5Israel Aráoz Severichexss-attack, bug-bounty, cybersecurity, appsec09-Feb-2024
Securing Biggest Electronic Brand Worth Me My 2nd 4 fig. $2259 Bounty!https://medium.com/@manan_sanghvi/securing-biggest-electronic-brand-worth-me-my-2nd-4-fig-2259-bounty-a053d2053655?source=rss------bug_bounty-5Manan Sanghvibug-bounty, penetration-testing, web-application-security, ethical-hacking, idor-vulnerability09-Feb-2024
JSON CSRF in Microsoft Bing Maps Collectionshttps://infosecwriteups.com/json-csrf-in-microsoft-bing-maps-collections-74afc2b197d5?source=rss------bug_bounty-5Jayateertha Guruprasadbug-bounty-tips, microsoft, bug-bounty, infosec, cybersecurity09-Feb-2024
CVE-2024–24830: A Critical OpenObserve Vulnerability Exposedhttps://systemweakness.com/cve-2024-24830-a-critical-openobserve-vulnerability-exposed-7110ff223e49?source=rss------bug_bounty-5ElNiakbug-bounty, logs, vulnerability, cybersecurity, technology09-Feb-2024
Cyber Espionage Unveiled: The Dutch Defense Under Siege by Chinese Hackershttps://medium.com/@elniak/cyber-espionage-unveiled-the-dutch-defense-under-siege-by-chinese-hackers-2a7a5ffe99b6?source=rss------bug_bounty-5ElNiakmalware, chinese, bug-bounty, cyberattack, cybersecurity09-Feb-2024
CVE-2024–1207: A Deep Dive into WordPress Plugin Vulnerabilityhttps://systemweakness.com/cve-2024-1207-a-deep-dive-into-wordpress-plugin-vulnerability-3b12891813e6?source=rss------bug_bounty-5ElNiakbug-bounty, vulnerability, cybersecurity, wordpress, sql-injection09-Feb-2024
Cyber Espionage Unveiled: The Dutch Defense Under Siege by Chinese Hackershttps://systemweakness.com/cyber-espionage-unveiled-the-dutch-defense-under-siege-by-chinese-hackers-2a7a5ffe99b6?source=rss------bug_bounty-5ElNiakmalware, chinese, bug-bounty, cyberattack, cybersecurity09-Feb-2024
Creating a recon database with Flask, MongoDB, REST Api and ChatGPT — Part Threehttps://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-three-cee1633de873?source=rss------bug_bounty-5Alipython, flask, bug-bounty, mongodb, reconnaissance09-Feb-2024
E: Package ‘libgtkglext1’ has no installation candidate | anydesk : Depends: libgtkglext1 but it is…https://medium.com/@sherlock297/e-package-libgtkglext1-has-no-installation-candidate-anydesk-depends-libgtkglext1-but-it-is-7eef2877f78d?source=rss------bug_bounty-5Ravindra Dagaleinformation-technology, bug-bounty, kali-linux, information-security, programming09-Feb-2024
7.7 Lab: Multi-step process with no access control on one step | 2024https://cyberw1ng.medium.com/7-7-lab-multi-step-process-with-no-access-control-on-one-step-2024-2b338dfd36ea?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, cybersecurity, bug-bounty, security09-Feb-2024
Beyond the Firewall: Finding a Stored XSS in Hacker101 CTFhttps://medium.com/@crashwire1/beyond-the-firewall-finding-a-stored-xss-in-hacker101-ctf-9b90df12e42e?source=rss------bug_bounty-5Crashwirexss-attack, cybersecurity, capture-the-flag, bug-bounty, hacking09-Feb-2024
Unlocking Your Potential: Elevating Your Bug Bounty Game**https://medium.com/@mrraghavop12/unlocking-your-potential-elevating-your-bug-bounty-game-5cbf22c4de00?source=rss------bug_bounty-5Ethical Raghavblockchain, bug-bounty, bug-bounty-tips, javascript, cybersecurity08-Feb-2024
Lenfi V2 to Begin Community-Driven Bug Bounty Program Nowhttps://medium.com/@lenfi/lenfi-v2-to-begin-community-driven-bug-bounty-program-now-c2d312203df2?source=rss------bug_bounty-5Lenfilending, cardano, defi, audit, bug-bounty08-Feb-2024
Chaining Subprober + Subfinder To Your Bug Bounty Recon.https://medium.com/@Ajakcybersecurity/chaining-subprober-subfinder-to-your-bug-bounty-recon-017151d1ffce?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, ethical-hacking, penetration-testing, hacking, cybersecurity08-Feb-2024
7.6 Lab: Method-based access control can be circumvented | 2024https://cyberw1ng.medium.com/7-6-lab-method-based-access-control-can-be-circumvented-2024-edb5df550a66?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hacking, portswigger, cybersecurity, careers08-Feb-2024
Easy way to get privilege escalationhttps://medium.com/@Rzizah/easy-way-to-get-privilege-escalation-2c0a96862301?source=rss------bug_bounty-5Rzizahbug-bounty-tips, bug-bounty, bug-bounty-writeup, privilege-escalation08-Feb-2024
How I Find Open Redirect Bug — Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-i-find-open-redirect-bug-bug-bounty-tuesday-40cc560c9cec?source=rss------bug_bounty-5kerstancybersecurity, bug-bounty, technology, security, information-security07-Feb-2024
Web3 Security: In-Depthhttps://medium.com/coinmonks/web3-security-in-depth-e102fb262a3a?source=rss------bug_bounty-5Officer's Notesbug-bounty, blockchain, smart-contracts, solidity, web307-Feb-2024
My first bug | Html injection|https://medium.com/@pandeyrishu621/my-first-bug-html-injection-82bbad239934?source=rss------bug_bounty-5Pandeyrishucybersecurity, bug-bounty, penetration-testing, technology, bug-bounty-tips07-Feb-2024
Revealing a Security Snag: Uncovering Sensitive Data Exposure in an Apple Applicationhttps://medium.com/@jazdprince/revealing-a-security-snag-uncovering-sensitive-data-exposure-in-an-apple-application-c93da97cae0d?source=rss------bug_bounty-5JzeeRxbug-bounty, bug-hunting, cybersecurity, apple-security, apple07-Feb-2024
7.5 Lab: URL-based access control can be circumvented | 2024https://cyberw1ng.medium.com/7-5-lab-url-based-access-control-can-be-circumvented-2024-f101542e9402?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, hacking, cybersecurity, careers, bug-bounty07-Feb-2024
I have hacked around 300 website in 1 Monthhttps://systemweakness.com/i-have-hacked-around-300-website-in-1-month-30417030560b?source=rss------bug_bounty-5Imran Niazbug-bounty, hacking, web-development, python-programming, cybersecurity07-Feb-2024
Rate Limiting: What It Is And Why It Matters in Bug Bountyhttps://infosecwriteups.com/rate-limiting-what-it-is-and-why-it-matters-in-bug-bounty-b0d2ce574049?source=rss------bug_bounty-5Alpbug-bounty-tips, bug-bounty, hackerone07-Feb-2024
How To Get Started With LLM Hacking? — A Beginner’s Guidehttps://medium.com/@hetisdemerckx/how-to-get-started-with-llm-hacking-a-beginners-guide-273af158b4b0?source=rss------bug_bounty-5Yannick Merckxbug-bounty, ai, hacking, llm-hacking, llm07-Feb-2024
My first bug | Html injection|https://systemweakness.com/my-first-bug-html-injection-82bbad239934?source=rss------bug_bounty-5Pandeyrishucybersecurity, bug-bounty, penetration-testing, technology, bug-bounty-tips07-Feb-2024
Enhancing Network Security: Best Practices and Strategieshttps://medium.com/@paritoshblogs/enhancing-network-security-best-practices-and-strategies-6fec2ef3f397?source=rss------bug_bounty-5Paritoshhacking, programming, bug-bounty, information-security, cybersecurity06-Feb-2024
Tumblr Subdomain Takeoverhttps://infosecwriteups.com/tumblr-subdomain-takeover-55f9cb494d65?source=rss------bug_bounty-5Scott Lindhwhite-hat-hacker, bug-bounty, hacker, subdomain-takeover, subdomains-enumeration06-Feb-2024
Harnessing Concurrency in Go: Exploring Asynchronous Executionhttps://medium.com/@rezauditore/harnessing-concurrency-in-go-exploring-asynchronous-execution-4134897d66a6?source=rss------bug_bounty-5rezauditoregolang, programming, bug-bounty, tutorial, hunting06-Feb-2024
A Deep Dive into FastAPI’s Security Vulnerability: CVE-2024–24762https://systemweakness.com/a-deep-dive-into-fastapis-security-vulnerability-cve-2024-24762-4ab6bb64644c?source=rss------bug_bounty-5ElNiakcybersecurity, programming, bug-bounty, fastapi, vulnerability06-Feb-2024
ALWAYS test 404 Not Found in Bug Bounties!https://medium.com/@mares.viktor/always-test-404-not-found-in-bug-bounties-2be47801b4c0?source=rss------bug_bounty-5Viktor Marescybersecurity, web-development, bug-bounty, penetration-testing, hacking06-Feb-2024
CVE-2024-23222: Apple WebKit’s Zero-Day Vulnerabilityhttps://medium.com/@elniak/cve-2024-23222-apple-webkits-zero-day-vulnerability-83109de9ddee?source=rss------bug_bounty-5ElNiakcybersecurity, vulnerability, apple, technology, bug-bounty06-Feb-2024
Symlink Sabotage: ZIPping Through Web Security. (LFI Lab)https://medium.com/@josh.beck2006/symlink-sabotage-zipping-through-web-security-lfi-lab-ca20e2d30c8d?source=rss------bug_bounty-5Josh Beckpenetration-testing, cybersecurity, ctf-writeup, bug-bounty06-Feb-2024
Unveiling CVE-2024–0953: Firefox iOS Open Redirect Vulnerabilityhttps://lohigowda.medium.com/unveiling-cve-2024-0953-firefox-ios-open-redirect-vulnerability-57533efb4cf4?source=rss------bug_bounty-5Lohith Gowda Mapplication-security, bug-bounty, firefox, ios, infosec06-Feb-2024
Understanding Ransomwarehttps://medium.com/@paritoshblogs/understanding-ransomware-aa45e2c43bbb?source=rss------bug_bounty-5Paritoshransomware, bug-bounty, cybersecurity, hacking, information-security05-Feb-2024
Urgent Security Alert: Microsoft Edge Vulnerabilities Exposed — Protect Your Data Now!https://medium.com/@elniak/urgent-security-alert-microsoft-edge-vulnerabilities-exposed-protect-your-data-now-bd7cd8b616dd?source=rss------bug_bounty-5ElNiakprivilege-escalation, cybersecurity, microsoft, bug-bounty, vulnerability05-Feb-2024
SSRF on a Headless Browser Becomes Critical!https://medium.com/@Nightbloodz/ssrf-on-a-headless-browser-becomes-critical-c08daaa1017e?source=rss------bug_bounty-5Alvaro Baladacybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty, cyber-security-awareness05-Feb-2024
IoT Devices Vulnerabilities Disclosed: BugStrike’s IoT Security Suitehttps://blog.bugstrike.io/iot-devices-vulnerabilities-disclosed-bugstrikes-iot-security-suite-4f3b7d907829?source=rss------bug_bounty-5BugStrike Teambugstrike, iot-security, bug-bounty, cybersecurity, iot05-Feb-2024
Unveiling the XSS Threats: Understanding and Defending Against Cross-Site Scriptinghttps://blog.bugstrike.io/unveiling-the-xss-threats-understanding-and-defending-against-cross-site-scripting-508e914367f4?source=rss------bug_bounty-5BugStrike Teambugsbounty, cybersecurity, bugstrike, xss-attack, bug-bounty05-Feb-2024
Broken access control resulting from platform misconfiguration | 2024https://cyberw1ng.medium.com/broken-access-control-resulting-from-platform-misconfiguration-2024-bc330363278c?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, bug-bounty, hacking, security05-Feb-2024
Euler Is So Back: Prizewinners and Educate Series Summaryhttps://www.blog.encode.club/euler-is-so-back-bounty-winners-and-educate-series-summary-6ea3de46b569?source=rss------bug_bounty-5Vanessa Losiceuler, euler-finance, bug-bounty, euler-educate, encode-club05-Feb-2024
How I got RCE in one of Bugcrowd's Public Programshttps://medium.com/@yousefmoh15/how-i-got-rce-in-one-of-bugcrowds-public-programs-5725c8dc46ce?source=rss------bug_bounty-5Yousef Mohamed Elsaidcybersecurity, bugcrowd, bug-bounty, rce, remote-code-execution05-Feb-2024
Every Cybersecurity Beginner’s Nightmare — You need to Read thishttps://medium.com/@majameeljameey/every-cybersecurity-beginners-nightmare-you-need-to-read-this-fc1b69e5dded?source=rss------bug_bounty-5MOHD ABDUL JAMEELpenetration-testing, bug-bounty, roadmaps, ethical-hacking, cybersecurity05-Feb-2024
Reflected XSS into a Template Literal with Angle Brackets, Single, Double Quotes, Backslash, and…https://medium.com/@marduk.i.am/reflected-xss-into-a-template-literal-with-angle-brackets-single-double-quotes-backslash-and-d5cf41f25b02?source=rss------bug_bounty-5Marduk I Ambug-bounty, portswigger-lab, reflected-xss, cross-site-scripting, cybersecurity05-Feb-2024
Skyfall — HackTheBox Seasonal Machine Simple Writeup by Karthikeyan Nagaraj | 2024https://infosecwriteups.com/skyfall-hackthebox-seasonal-machine-simple-writeup-by-karthikeyan-nagaraj-2024-d76fdaaba116?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, hackthebox-writeup, hackthebox, bug-bounty05-Feb-2024
This will change the way you hunt for bugs forever.https://medium.com/@deadoverflow/this-will-change-the-way-you-hunt-for-bugs-forever-6111f59b4e8b?source=rss------bug_bounty-5Imad Husanovichacking, cybersecurity, bug-bounty, programming, bug-bounty-tips04-Feb-2024
the Dark Art of NTLM Relay Attackshttps://medium.com/@paritoshblogs/the-dark-art-of-ntlm-relay-attacks-5a55cfb95b37?source=rss------bug_bounty-5Paritoshcybersecurity, hacking, ntlm-relay, active-directory, bug-bounty04-Feb-2024
The UI Slip I Hit 750$: UI Manipulation Leading to Unauthorized Permission Changeshttps://medium.com/@a13h1/the-ui-slip-i-hit-750-ui-manipulation-leading-to-unauthorized-permission-changes-d65621d8dd96?source=rss------bug_bounty-5Abhi Sharmauser-interface, hacking, programming, bug-bounty, cybersecurity04-Feb-2024
How I Hacked My College’s Sitehttps://infosecwriteups.com/how-i-hacked-my-colleges-site-26ae1ab872e4?source=rss------bug_bounty-5Rajneesh Kumar Aryabug-bounty, web-application-security, ethical-hacking, hacked, cybersecurity04-Feb-2024
Running a MITM on a Google Play App | Fintech Bug Bounty — Part 3https://0x4kd.medium.com/running-a-mitm-on-a-google-play-app-fintech-bug-bounty-part-3-82ebdd852d07?source=rss------bug_bounty-50x4KDbug-bounty, infosec, bounty-hunter, bug-bounty-tips, security04-Feb-2024
Certifications for bug bounty huntershttps://medium.com/@notahades/certifications-for-bug-bounty-hunters-4200c6a58c3c?source=rss------bug_bounty-5Deshahacking, certification, penetration-testing, bug-bounty04-Feb-2024
Hacking tools to use in 2024https://medium.com/@notahades/hacking-tools-to-use-in-2024-9dd47c126ef4?source=rss------bug_bounty-5Deshait-security, bug-bounty, hacking, penetration-testing, security04-Feb-2024
Tutorial: Shellcode Injection when the buffer is smallhttps://medium.com/@elniak/tutorial-shellcode-injection-when-the-buffer-is-small-ee3a29dcb955?source=rss------bug_bounty-5ElNiakbug-bounty, tutorial, hacking, shellcode, cybersecurity04-Feb-2024
TryHackMe | Bounty Hacker Walkthroughhttps://medium.com/@utsavadhikari99/tryhackme-bounty-hacker-walkthrough-eb7d9de074e3?source=rss------bug_bounty-5Utsavadhikaribug-bounty, bugs, linux, cybersecurity, computer-science04-Feb-2024
Stored XSS into ‘onclick’ Event with Angle Brackets and Double Quotes HTML-Encoded and Single…https://medium.com/@marduk.i.am/stored-xss-into-onclick-event-with-angle-brackets-and-double-quotes-html-encoded-and-single-002848f8deb1?source=rss------bug_bounty-5Marduk I Amportswigger-lab, cybersecurity, stored-xss, bug-bounty, cross-site-scripting04-Feb-2024
Creating a recon database with Flask, MongoDB, REST Api and ChatGPT — Part Twohttps://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-two-468405eb3520?source=rss------bug_bounty-5Alidatabse, reconnaissance, bug-bounty, python, chatgpt04-Feb-2024
6.5 Lab: Information disclosure in version control history | 2024https://cyberw1ng.medium.com/6-5-lab-information-disclosure-in-version-control-history-2024-f886c7337cb7?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, careers, cybersecurity, bug-bounty, hacking04-Feb-2024
How to send WhatsApp Message automatically using python for impress someonehttps://rajput623929.medium.com/how-to-send-whatsapp-message-automatically-using-python-for-impress-someone-9c577664faaa?source=rss------bug_bounty-5Mr.Horbiohacking, automation, bug-bounty, cybersecurity, python03-Feb-2024
IDOR Pada Website Jual Beli Indonesiahttps://uzet.medium.com/idor-pada-website-jual-beli-indonesia-e4842bad515a?source=rss------bug_bounty-5Timotius Benhurbug-bounty, writeup, cyber-security-awareness, bugs03-Feb-2024
Zero-Day: Navigating the Storm of CVE-2024–21893 in Ivanti Productshttps://systemweakness.com/zero-day-navigating-the-storm-of-cve-2024-21893-in-ivanti-products-3b27078377e2?source=rss------bug_bounty-5ElNiakbug-bounty, penetration-testing, ivanti, cybersecurity, ssrf03-Feb-2024
Vulnerable WordPress January 2024 (Imadaddin Nasimi)https://medium.com/@onhexgroup/vulnerable-wordpress-january-2024-imadaddin-nasimi-09f163d473db?source=rss------bug_bounty-5Onhexgroupinfosec, bug-bounty, exploit, cybersecurity, wordpress03-Feb-2024
Title: Unveiling the Trio: Idor,Account,Takeover And Account Enumerationhttps://medium.com/@mrraghavop12/title-unveiling-the-trio-idor-account-takeover-and-account-enumeration-cad7f7ca671f?source=rss------bug_bounty-5Ethical Raghavbug-bounty, blockchain, technology, cybersecurity, data-science03-Feb-2024
Building a Robust Security Architecturehttps://medium.com/@paritoshblogs/building-a-robust-security-architecture-10d01b22380d?source=rss------bug_bounty-5Paritosharchitecture, bug-bounty, information-security, cybersecurity, security-architecture03-Feb-2024
A Story of an IDOR bug I found on a SaaS applicationhttps://medium.com/@duncanochieng682/a-story-of-an-idor-bug-i-found-on-a-saas-application-28fa65907bfd?source=rss------bug_bounty-5JateloCybersecaccess-control, web-application-security, bug-bounty-tips, idor-vulnerability, bug-bounty03-Feb-2024
Version Control History and Information Disclosure Vulnerabilities | 2024https://cyberw1ng.medium.com/version-control-history-and-information-disclosure-vulnerabilities-2024-3649060333bb?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, cybersecurity, careers, bug-bounty, hacking03-Feb-2024
Offensive Mobile Penetration Testinghttps://hackerassociate.medium.com/offensive-mobile-penetration-testing-ce87cc06fb46?source=rss------bug_bounty-5Harshad Shahbug-bounty, infosec, penetration-testing, cybersecurity, hacking02-Feb-2024
5.11 Lab: Authentication bypass via flawed state machine | 2024https://cyberw1ng.medium.com/5-11-lab-authentication-bypass-via-flawed-state-machine-2024-2226d33fba6d?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, cybersecurity, bug-bounty, security2-Feb-2024
CVE-2021–4434: A Critical WordPress Vulnerability Exposedhttps://medium.com/@elniak/cve-2021-4434-a-critical-wordpress-vulnerability-exposed-202b7d75dda5?source=rss------bug_bounty-5ElNiakvulnerability, bug-bounty, threat-intelligence, wordpress, cybersecurity2-Feb-2024
Join the Pay Protocol Bug Bounty Program and Earn Rewardshttps://cryptoanalyz.medium.com/join-the-pay-protocol-bug-bounty-program-and-earn-rewards-159d24608282?source=rss------bug_bounty-5Crypto Analystpayments, defi, bug-bounty-program, cryptocurrency, bug-bounty2-Feb-2024
Unveiling the Elite: Cyber Matrix Tech’s USD 7 Million Bug Bounty Coursehttps://medium.com/@African-Technology-Research/unveiling-the-elite-cyber-matrix-techs-usd-7-million-bug-bounty-course-4e648fb003d1?source=rss------bug_bounty-5African Technology Researchpenetration-testing, cybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup2-Feb-2024
Mastering Fuzzing: A Comprehensive Tutorialhttps://medium.com/@elniak/mastering-fuzzing-a-comprehensive-tutorial-ba9431c8ff0f?source=rss------bug_bounty-5ElNiakfuzzing, bug-bounty, tutorial, cybersecurity, bugs02-Feb-2024
Unlocking Privacy: A Dive into Octopii, the Open-Source PII Scannerhttps://medium.com/@elniak/unlocking-privacy-a-dive-into-octopii-the-open-source-pii-scanner-8a8bdcc0b8be?source=rss------bug_bounty-5ElNiakprivacy, osint, cybersecurity, bug-bounty, pii02-Feb-2024
How to start in Bug Bounty Hunting: my personal experiencehttps://seeu-inspace.medium.com/how-to-start-in-bug-bounty-hunting-my-personal-experience-61fb2bc6bcee?source=rss------bug_bounty-5Riccardo Malatestabug-bounty-tips, bug-bounty02-Feb-2024
How to Pass eWPTv1 examhttps://medium.com/@pentajbr/how-to-pass-ewptv1-exam-3aab3d7d9fa5?source=rss------bug_bounty-5Jbr AL-Otaibipreparation, bug-bounty, bug-bounty-tips, cybersecurity, hacking02-Feb-2024
CVE-2021–4434: A Critical WordPress Vulnerability Exposedhttps://systemweakness.com/cve-2021-4434-a-critical-wordpress-vulnerability-exposed-202b7d75dda5?source=rss------bug_bounty-5ElNiakvulnerability, bug-bounty, threat-intelligence, wordpress, cybersecurity02-Feb-2024
How I was able to find PII of more than 15,000 People using the Directory Enumeration Tool…https://medium.com/@neelmunot2003/how-i-was-able-to-find-pii-of-more-than-15-000-people-using-the-directory-enumeration-tool-7ac3e9a37983?source=rss------bug_bounty-5Neel Munotinformation-disclosure, dirsearch, bug-bounty, cybersecurity, ethical-hacking02-Feb-2024
How I secured the United Nations Hall of Famehttps://medium.com/@kamilrahman32/how-i-secured-the-united-nations-hall-of-fame-67b036ff2620?source=rss------bug_bounty-5Kamil Rahumanbug-bounty, bug-bounty-tips, vulnerability, hall-of-fame, united-nations02-Feb-2024
Full Account Takeover via Password Reset Link Manipulationhttps://ikhaleelkhan.medium.com/full-account-takeover-via-password-reset-link-manipulation-840fb9402967?source=rss------bug_bounty-5Khaleel Khaninfosec, bug-bounty, cybersecurity, hacking, ethical-hacking01-Feb-2024
Docker and runC Vulnerabilities: A Deep Dive into CVE-2024–21626 and Its Counterpartshttps://medium.com/@elniak/docker-and-runc-vulnerabilities-a-deep-dive-into-cve-2024-21626-and-its-counterparts-4ca24e7d7aa1?source=rss------bug_bounty-5ElNiakcybersecurity, vulnerability, docker, penetration-testing, bug-bounty01-Feb-2024
5.10 Lab: Authentication bypass via encryption Oracle | 2024https://cyberw1ng.medium.com/5-10-lab-authentication-bypass-via-encryption-oracle-2024-b15f1879a30b?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, bug-bounty, careers, hacking, cybersecurity01-Feb-2024
1.4M PII data leakage (IDOR)https://medium.com/@tusharaj98355/1-4m-pii-data-leakage-idor-aee596aef4d9?source=rss------bug_bounty-5tushar_reconbug-bounty, bug-bounty-tips01-Feb-2024
How i was able to hack a Company via watching a YouTube videohttps://ahmadmansourr.medium.com/how-i-was-able-to-hack-a-company-via-watching-a-youtube-video-without-any-technical-pentesting-4941753a150a?source=rss------bug_bounty-5Ahmad Mansourcyber-security-awareness, bug-bounty, penetration-testing01-Feb-2024
Reflected XSS into a JavaScript String with Angle Brackets and Double Quotes HTML-Encoded and…https://medium.com/@marduk.i.am/reflected-xss-into-a-javascript-string-with-angle-brackets-and-double-quotes-html-encoded-and-3e43059d901b?source=rss------bug_bounty-5Marduk I Amcybersecurity, portswigger-lab, reflected-xss, cross-site-scripting, bug-bounty01-Feb-2024
Bypass Arbitary File Upload With .pharhttps://medium.com/@mzrismuarf/bypass-arbitary-file-upload-with-phar-6a07627f5e2e?source=rss------bug_bounty-5Mizar Ismu Ariefexploitation, bug-bounty, pentesting, bypass01-Feb-2024
From No to Go — Uninvited Access To Invited Projectshttps://medium.com/@_0jatin0_/from-no-to-go-uninvited-access-to-invited-projects-c8a94feb7cf3?source=rss------bug_bounty-5Jatin_Chudasamabroken-access-control, writeup, bug-bounty, graphql, unauthorized-access01-Feb-2024
This is arguably the dumbest bug I’ve ever found.https://medium.com/@deadoverflow/this-is-arguably-the-dumbest-bug-ive-ever-found-3e451951d727?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, bug-bounty, hacking, programming, cybersecurity01-Feb-2024
Misconfiguration lead to company identity theft via bypass email verification.https://hamzadzworm.medium.com/misconfiguration-lead-to-company-identity-theft-via-bypass-email-verification-0dd60b61d943?source=rss------bug_bounty-5Hamzadzwormbugbounty-writeup, bug-bounty-writeup, bugbounty-tips, bug-bounty, infosec01-Feb-2024
Best Recon methodology (Shubham Rooter)https://shubhamrooter.medium.com/best-recon-methodology-shubham-rooter-dcdca8d4caa4?source=rss------bug_bounty-5Shubham Tiwarihackerone, recon, bug-bounty, bug-bounty-tips, bug-hunting01-Feb-2024
How to send WhatsApp Message automatically using python for impress someonehttps://rajput623929.medium.com/how-to-send-whatsapp-message-automatically-using-python-for-impress-someone-0a9f488a4b54?source=rss------bug_bounty-5Mr.Horbiohacking, cybersecurity, technology, python, bug-bounty01-Feb-2024
Understanding and Mitigating Active Directory Attackshttps://medium.com/@paritoshblogs/understanding-and-mitigating-active-directory-attacks-51b7b5737ecc?source=rss------bug_bounty-5Paritoshbug-bounty, azure, hacking, active-directory, cybersecurity31-Jan-2024
Uncovering a Parameter Tampering Vulnerability in Event Expo Ticketing Systemhttps://medium.com/@sulmanfarooq531/uncovering-a-parameter-tampering-vulnerability-in-event-expo-ticketing-system-89fc52e26414?source=rss------bug_bounty-5Sulman Farooq Sburpsuite, tampering, http-parameter-pollution, parameter-tampering, bug-bounty31-Jan-2024
Hunt, Hack, Reward — Hacking For Good with Bountieshttps://thethreatcops.medium.com/hunt-hack-reward-hacking-for-good-with-bounties-6a57d12c82a0?source=rss------bug_bounty-5the threat copsthethreatcops, cybersecurity, bug-bounty, hacking, infosec31-Jan-2024
Navigating the Storm: Understanding CVE-2023–34048’s Impact on VMware vCenter Serverhttps://medium.com/@elniak/navigating-the-storm-understanding-cve-2023-34048s-impact-on-vmware-vcenter-server-6004e6531e5b?source=rss------bug_bounty-5ElNiakthreat-intelligence, cybersecurity, bug-bounty, penetration-testing, vmware31-Jan-2024
Json Tokens (JWT) Token Checkshttps://akash-venky091.medium.com/json-tokens-jwt-token-checks-f23d5107e370?source=rss------bug_bounty-5Akash Venkycybersecurity, ethical-hacking, bug-bounty, security, jwt31-Jan-2024
What to expect from BSides Transylvania 2024https://corneacristian.medium.com/what-to-expect-from-bsides-transylvania-2024-38f62ffb1ebd?source=rss------bug_bounty-5Cristian Corneacybersecurity, technology, bug-bounty, software-development, tech31-Jan-2024
Tackling IDOR on UUID based objectshttps://medium.com/pentesternepal/tackling-idor-on-uuid-based-objects-71e8cb2dc265?source=rss------bug_bounty-5Veshraj Ghimireidor-vulnerability, bug-bounty31-Jan-2024
5.9 Lab: Infinite money logic flaw | 2024https://cyberw1ng.medium.com/5-9-lab-infinite-money-logic-flaw-2024-9aec41bc9ca0?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, cybersecurity, security, bug-bounty31-Jan-2024
Creating a recon database with Flask, MongoDB, REST Api and ChatGPT — Part Onehttps://medium.com/@aliraah/creating-a-recon-database-with-flask-mongodb-rest-api-and-chatgpt-part-one-77ec3fd3b914?source=rss------bug_bounty-5Alibug-bounty, database, reconnaissance, python31-Jan-2024
How to use Virtual Boxhttps://medium.com/@joshdesharnais1/how-to-use-virtual-box-f3b66be0d9d7?source=rss------bug_bounty-5Joshua Desharnaisbug-bounty, virtual, operating-systems, oracle31-Jan-2024
Bug Bounty Hunting, Part 1: Stealthy Parameter Detection with ParamSpiderhttps://medium.com/master-hackers/bug-bounty-hunting-part-1-stealthy-parameter-detection-with-paramspider-28e8ae3af5d4?source=rss------bug_bounty-50xClonazbug-bounty, hacker, bug-bounty-tips, cybersecurity, hacking31-Jan-2024
Ransomware: Build Your Own Ransomwarehttps://medium.com/master-hackers/ransomware-build-your-own-ransomware-b8002b355300?source=rss------bug_bounty-50xClonazhacking, cybersecurity, hacker, programming, bug-bounty31-Jan-2024
Recon Methodologyhttps://medium.com/@alanvv03/recon-methodology-6626fea2e6ed?source=rss------bug_bounty-5Alanvvcybersecurity, bug-bounty, reconnaissance31-Jan-2024
Une erreur fatalehttps://mr0me.medium.com/salut-a2c0cf7cfb4c?source=rss------bug_bounty-5Jephte Mangendamistakes, wordpress-development, wordpress, bug-bounty, bugs31-Jan-2024
Web Cache Poisoninghttps://k4gur4.medium.com/web-cache-poisoning-04fea694708e?source=rss------bug_bounty-5Kaguracybersecurity, web-security, bug-bounty31-Jan-2024
Decoding the OWASP Top 10https://medium.com/@paritoshblogs/decoding-the-owasp-top-10-e193b715cb37?source=rss------bug_bounty-5Paritoshbug-bounty, owasp, cybersecurity, pentesting, hacking30-Jan-2024
Critical Jenkins RCE Vulnerability (CVE-2024–23897)https://medium.com/@elniak/critical-jenkins-rce-vulnerability-cve-2024-23897-402061a2b187?source=rss------bug_bounty-5ElNiakjenkins, bug-bounty, penetration-testing, vulnerability, cybersecurity30-Jan-2024
Simplifying Issue Traceability with Links Explorer in the monday Platformhttps://medium.com/optimizory-apps/simplifying-issue-traceability-with-links-explorer-in-the-monday-platform-c8cfbee37668?source=rss------bug_bounty-5Divyansh Vatsproject-management, marketplaces, issues, bug-bounty, traceability30-Jan-2024
Title: Exploiting Path Traversal Vulnerability in User Profile URLshttps://medium.com/@kataeriidubstep/title-exploiting-path-traversal-vulnerability-in-user-profile-urls-82c0e8ba1a3e?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, cybersecurity, appsec30-Jan-2024
Reflected XSS into a JavaScript String with Single Quote and Backslash Escapedhttps://medium.com/@marduk.i.am/reflected-xss-into-a-javascript-string-with-single-quote-and-backslash-escaped-ba435167b43f?source=rss------bug_bounty-5Marduk I Amreflected-xss, cross-site-scripting, portswigger-lab, bug-bounty, cybersecurity30-Jan-2024
My SSRF Tricks — Bug Bounty Tuesdayhttps://medium.com/@kerstan/my-ssrf-tricks-bug-bounty-tuesday-f0d7e53c8d88?source=rss------bug_bounty-5kerstanbug-bounty, security, hacking, cybersecurity, technology30-Jan-2024
Rekomendasi Platform Bug Bounty Nasional Maupun Internasionalhttps://medium.com/@artiacode/rekomendasi-platform-bug-bounty-nasional-maupun-internasional-7406d388de08?source=rss------bug_bounty-5ArtiaCodecybersecurity, cyber-security-awareness, bug-bounty, bug-bounty-hunter, bug-bounty-program30-Jan-2024
Navigating the World of Bug Bounties in 2024: Opportunities and Platforms for Ethical Hackershttps://hacksheets.medium.com/navigating-the-world-of-bug-bounties-in-2024-opportunities-and-platforms-for-ethical-hackers-99ff20231e3e?source=rss------bug_bounty-5Hacksheets | Learn Cybersecuritybug-bounty, artificial-intelligence, chatgpt, cybersecurity, penetration-testing30-Jan-2024
Pov — HackTheBox Seasonal Machine Simple Writeup by Karthikeyan Nagaraj | 2024https://infosecwriteups.com/pov-hackthebox-seasonal-machine-simple-writeup-by-karthikeyan-nagaraj-2024-7516c938c688?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, hackthebox, hackthebox-writeup, careers, cybersecurity30-Jan-2024
Attacking Session Management | Part 06 | What To Do After Choosing a Targethttps://medium.com/@omarora1603/attacking-session-management-part-06-what-to-do-after-choosing-a-target-b551ab0455c5?source=rss------bug_bounty-5Om Arorainfosec, information-security, hacking, bug-bounty, cybersecurity30-Jan-2024
Best Approach to RCEhttps://medium.com/@anekantsinghai/best-approach-to-rce-630187d4ad03?source=rss------bug_bounty-5Anekant Singhai Jainred-team, ethical-hacking, rce, penetration-testing, bug-bounty30-Jan-2024
An introductory guide to HTTP request smugglinghttps://medium.com/@mayank_prajapati/an-introductory-guide-to-http-request-smuggling-0defb95e87ce?source=rss------bug_bounty-5Mayank Kumar Prajapatiwebsite, web, bug-bounty, hacking, vulnerability30-Jan-2024
How to replicate Jenkins CVE-2024–23897: Arbitrary File Read Vulnerabilityhttps://medium.com/@red_darkin/how-to-replicate-jenkins-cve-2024-23897-arbitrary-file-read-vulnerability-260c8174dd94?source=rss------bug_bounty-5Red Darkinbug-bounty, cybersecurity, cve-2024-23897, jenkins, offsec30-Jan-2024
Behind the Scenes of DLLs : How Attackers Exploit Legitimate Programs for Mischief!https://osintteam.blog/behind-the-scenes-of-dlls-how-attackers-exploit-legitimate-programs-for-mischief-395a7540af1f?source=rss------bug_bounty-5Paritoshdll-hijacking, information-security, cybersecurity, hacking, bug-bounty29-Jan-2024
Fundamentals of .NET Decompilation With dnSpyhttps://infosecwriteups.com/fundamentals-of-net-decompilation-with-dnspy-e7456707b1d2?source=rss------bug_bounty-5Jowardpentesting, hacking, bug-bounty, dotnet29-Jan-2024
How to Earn Bug Bounty as a Professional Bug hunterhttps://rajput623929.medium.com/how-to-earn-bug-bounty-as-a-professional-bug-hunter-ef7de858f94b?source=rss------bug_bounty-5Mr.Horbiobug-bounty, bugs, earn-money-online, ethical-hacking, cybersecurity29-Jan-2024
Port Scanning: Pengertian, Teknik, Dan Pencegahannyahttps://medium.com/@talaskosec/port-scanning-pengertian-teknik-dan-pencegahannya-38dece0adf2e?source=rss------bug_bounty-5TalaskoSecbug-bounty-indonesia, coding, cyber-security-indonesia, cybersecurity, bug-bounty29-Jan-2024
XML External Entity injection with error-based data exfiltrationhttps://infosecwriteups.com/xml-external-entity-injection-with-error-based-data-exfiltration-985b063ec820?source=rss------bug_bounty-5Serj Novoselovpenetration-testing, hacking, bug-bounty, xml, writeup29-Jan-2024
OWASP Top 10 API Security Risks — 2023https://medium.com/@aayushdhakal005/owasp-top-10-api-security-risks-2023-0e1cd92214cf?source=rss------bug_bounty-5Creepydoomerbug-bounty, cybersecurity, owasp, api29-Jan-2024
Kenalan Sama Bug Bountyhttps://medium.com/@artiacode/kenalan-sama-bug-bounty-a9d72927a349?source=rss------bug_bounty-5ArtiaCodebug-bounty, cybersecurity, bug-bounty-tips, cyber-security-awareness, ethical-hacking29-Jan-2024
CheckList for Bug Bounty Huntinghttps://medium.com/@kalidaskamaraj/checklist-for-bug-bounty-hunting-ffcaf4841242?source=rss------bug_bounty-5Kalidaskamarajbug-bounty, cybersecurity, ethical-hacking, penetration-testing, web-application-testing29-Jan-2024
Meteor Subdomain Takeoverhttps://medium.com/@youngvanda/meteor-subdomain-takeover-b33034a44aa7?source=rss------bug_bounty-5YoungVandacybersecurity, technology, bug-bounty, javascript, programming29-Jan-2024
CVE-2024–0519: Chrome’s Gateway to Memory Accesshttps://medium.com/@elniak/cve-2024-0519-chromes-gateway-to-memory-access-8cfd6cbbd168?source=rss------bug_bounty-5ElNiakgoogle, cybersecurity, penetration-testing, bug-bounty, threat-intelligence29-Jan-2024
OWASP Top 10 API Security Risks — 2023https://medium.com/@aayushdhakal005/owasp-top-10-api-security-risks-2023-0e1cd92214cf?source=rss------bug_bounty-5Creepyshitbug-bounty, cybersecurity, owasp, api29-Jan-2024
Discord’s preview bot redirection vulnerabilityhttps://medium.com/@lenoctambule/discords-preview-bot-redirection-vulnerability-c8b08fe3721b?source=rss------bug_bounty-5Le Noctambulebug-bounty, bugs, software-development, cybersecurity29-Jan-2024
Simple Tips for Bug Bounty Beginners: Finding OTP Bypass Bughttps://medium.com/@anishnarayan/simple-tips-for-bug-bounty-beginners-finding-otp-bypass-bug-22323a8ff49b?source=rss------bug_bounty-5Anish Narayanbug-bounty, cybersecurity, bug-bounty-tips, technology, programming29-Jan-2024
Huge Bug Bounty Resourcehttps://medium.com/@joshdesharnais1/huge-bug-bounty-resource-d25ee48d81cc?source=rss------bug_bounty-5Joshua Desharnaishacking, bug-bounty, bugs, bug-bounty-tips29-Jan-2024
Techniques in Exploiting Business Logic Vulnerabilities for Bug Bounty | 2024https://cyberw1ng.medium.com/techniques-in-exploiting-business-logic-vulnerabilities-for-bug-bounty-2024-93293353e99f?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, cybersecurity, security29-Jan-2024
Automation Hacks: Unearthing a Critical RCE the Easy Wayhttps://asbawy.medium.com/automation-hacks-unearthing-a-critical-rce-the-easy-way-ad64f01a06a3?source=rss------bug_bounty-5Asbawybug-bounty-tips, hacking, bug-bounty, cybersecurity, automation-testing29-Jan-2024
Reflected XSS in canonical link taghttps://medium.com/@marduk.i.am/reflected-xss-in-canonical-link-tag-64c9719fc6ad?source=rss------bug_bounty-5Marduk I Amreflected-xss, cybersecurity, portswigger-lab, bug-bounty, cross-site-scripting29-Jan-2024
Bug Zero at a Glance [01–15 January]https://blog.bugzero.io/bug-zero-at-a-glance-01-15-january-70f2e0b58c59?source=rss------bug_bounty-5Januka Dharmapriyasri-lanka, newsletter, bug-zero, bug-bounty, cybersecurity28-Jan-2024
How I Learned To Exploit Buffer Overflows: An Introduction to Stack-Based Buffer Overflowshttps://medium.com/@shcyber/how-i-learned-to-exploit-buffer-overflows-an-introduction-to-stack-based-buffer-overflows-5b27e339a1a6?source=rss------bug_bounty-5SHCybercybersecurity, buffer-overflow-attack, bug-bounty, binary-exploitation, buffer-overflow28-Jan-2024
Explorasi Platform Bug Bounty untuk Cyber Security Enthusiastshttps://medium.com/@faisalhanafi112/explorasi-platform-bug-bounty-untuk-cyber-security-enthusiasts-5d3bde391f69?source=rss------bug_bounty-5Faisal Hanafired-team, linuxhacking, pentesting, bug-bounty, cybersecurity28-Jan-2024
Useful HTTP method every bug hunter must knowhttps://medium.com/@aayushdhakal005/useful-http-method-every-bug-hunter-must-know-02f57f59812a?source=rss------bug_bounty-5Creepydoomercybersecurity, web, https, bug-bounty28-Jan-2024
Thorough Review Bug Bounty Hunter Certification [CBBH]https://medium.com/@ozomarzu/thorough-review-bug-bounty-hunter-certification-cbbh-f39765da27bc?source=rss------bug_bounty-5CyberOzpentesting, hackthebox, bug-bounty-hunter, bug-bounty, web-vulnerabilities28-Jan-2024
I will be giving away my book for free!https://medium.com/@deadoverflow/i-will-be-giving-away-my-book-for-free-924191fdea84?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, hacking, cybersecurity, bug-hunting, bug-bounty28-Jan-2024
Get IDOR In No Permission To Access Page — Bug Bounty Tuesdayhttps://medium.com/@kerstan/get-idor-in-no-permission-to-access-page-bug-bounty-tuesday-a04fbb7e7821?source=rss------bug_bounty-5kerstancybersecurity, technology, hacking, security, bug-bounty28-Jan-2024
Reflected XSS with some SVG markup allowedhttps://medium.com/@marduk.i.am/reflected-xss-with-some-svg-markup-allowed-10d198692208?source=rss------bug_bounty-5Marduk I Amreflected-xss, cross-site-scripting, portswigger-lab, cybersecurity, bug-bounty28-Jan-2024
Roadmap Belajar SOC Analyst Dan Toolsnyahttps://medium.com/@yasminramadini/roadmap-belajar-soc-analyst-dan-toolsnya-5ce314f0b0ff?source=rss------bug_bounty-5Yeaszecbug-bounty, ethical-hacking, programmer, blue-team, cybersecurity28-Jan-2024
CVE-2023–45866: 0-Click Bluetooth vulnerabilityhttps://medium.com/@elniak/understanding-and-mitigating-cve-2023-45866-0-click-vulnerability-2576ec17c38f?source=rss------bug_bounty-5ElNiakbluetooth, cybersecurity, bug-bounty, penetration-testing, threat-intelligence28-Jan-2024
MIME Sniffing Explained: How Browsers Can Misinterpret Content Typeshttps://medium.com/@ab3lsec/mime-sniffing-explained-how-browsers-can-misinterpret-content-types-68c22d300345?source=rss------bug_bounty-5Abel Vsniffing, web-browser, cybersecurity, web-application-security, bug-bounty28-Jan-2024
Hunting for Vulnerabilities that are ignored by most of the Bug Bounty Hunters — Part 1https://medium.com/@vflexo/hunting-for-vulnerabilities-that-are-ignored-by-most-of-the-bug-bounty-hunters-part-1-187b35508e56?source=rss------bug_bounty-5vFlexoethical-hacking, bug-bounty, penetration-testing, vapt, information-security28-Jan-2024
How do you actually find bugs? (Part 2)https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-part-2-5d6930edeee7?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, bug-hunting, bug-bounty, hacking, cybersecurity28-Jan-2024
Clicker — HackTheBox Machine Simple Writeup by Karthikeyan Nagaraj | 2024https://infosecwriteups.com/clicker-hackthebox-machine-simple-writeup-by-karthikeyan-nagaraj-2024-313b383236bd?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, cybersecurity, bug-bounty, hackthebox-writeup, hackthebox28-Jan-2024
How do you actually find bugs? (My 2 years experience) | Part 2https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-part-2-5d6930edeee7?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, bug-hunting, bug-bounty, hacking, cybersecurity28-Jan-2024
This is the easiest bug you can find.https://medium.com/@deadoverflow/this-is-the-easiest-bug-you-can-find-90573d0053e1?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, cybersecurity, programming, bug-bounty, hacking28-Jan-2024
How to Get CVEs Online (Fast)https://fh4ntke.medium.com/how-to-get-cves-online-fast-c0d6d897c04d?source=rss------bug_bounty-5FHantkebug-bounty, information-technology, web-development, cybersecurity, hacking28-Jan-2024
XSS is hard to find… or is it? (How to you find bugs)https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-part-2-5d6930edeee7?source=rss------bug_bounty-5Imad Husanovicbug-bounty-tips, bug-hunting, bug-bounty, hacking, cybersecurity28-Jan-2024
ARPA Monthly Report | December Progress Reviewhttps://arpa.medium.com/arpa-monthly-report-december-progress-review-d49a5a44b79c?source=rss------bug_bounty-5ARPA Officialstaking, cryptography, arpa, bug-bounty, rng27-Jan-2024
5.8 Lab: Insufficient workflow validation | 2024https://cyberw1ng.medium.com/5-8-lab-insufficient-workflow-validation-2024-ce57b036d908?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, cybersecurity, bug-bounty, hacking, careers27-Jan-2024
Essential Encoding Schemes for Bug Bounty Huntershttps://medium.com/@aayushdhakal005/essential-encoding-schemes-for-bug-bounty-hunters-2cccd3dcb124?source=rss------bug_bounty-5Creepydoomerbug-bounty, cybersecurity, ethical-hacking, security, encoding27-Jan-2024
Your Life in the Crosshairs of Cybersecurity Threats!https://medium.com/@paritoshblogs/your-life-in-the-crosshairs-of-cybersecurity-threats-526f4a122e14?source=rss------bug_bounty-5Paritoshsecurity, cybersecurity, programming, bug-bounty, information-security27-Jan-2024
500$: MFA bypass By Race Conditionhttps://medium.com/@a13h1/500-mfa-bypass-by-race-condition-176421462902?source=rss------bug_bounty-5Abhi Sharmarace-condition, bug-bounty, programming, 2fa, cybersecurity27-Jan-2024
Як працює програма винагороди за виправлення помилок від Aleo?https://medium.com/@prekrasnazasmin/%D1%8F%D0%BA-%D0%BF%D1%80%D0%B0%D1%86%D1%8E%D1%94-%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%B0-%D0%B2%D0%B8%D0%BD%D0%B0%D0%B3%D0%BE%D1%80%D0%BE%D0%B4%D0%B8-%D0%B7%D0%B0-%D0%B2%D0%B8%D0%BF%D1%80%D0%B0%D0%B2%D0%BB%D0%B5%D0%BD%D0%BD%D1%8F-%D0%BF%D0%BE%D0%BC%D0%B8%D0%BB%D0%BE%D0%BA-%D0%B2%D1%96%D0%B4-aleo-edafe6e7dce0?source=rss------bug_bounty-5Marlin_2_2_0aleo, bug-bounty27-Jan-2024
Schneier’s Law In Bug Bountyhttps://wallotry.medium.com/schneiers-law-in-bug-bounty-df04bebfdf2f?source=rss------bug_bounty-5Wallotrybug-bounty-hunting, bug-bounty-tips, bug-bounty27-Jan-2024
SIEM Home Lab: Detecting Web Attackhttps://medium.com/@yasminramadini/siem-home-lab-detecting-web-attack-b08c0d575498?source=rss------bug_bounty-5Yeaszecsoc-analyst, pentester, cybersecurity, bug-bounty, ethical-hacking26-Jan-2024
Detecting Server-Side Technologies for Bug Hunting:https://medium.com/@aayushdhakal005/detecting-server-side-technologies-for-bug-hunting-9f894bd87da2?source=rss------bug_bounty-5Creepydoomerphp, python, servers, bug-bounty, microsoft26-Jan-2024
Evolution of Critical Log Sources in SIEM: A 5-Year Retrospectivehttps://infosecwriteups.com/evolution-of-critical-log-sources-in-siem-a-5-year-retrospective-841bae2b6a6c?source=rss------bug_bounty-5Paritoshsecurity, cybersecurity, siem, hacking, bug-bounty26-Jan-2024
Zero Click Account Takeoverhttps://medium.com/@bhavin87859/zero-click-account-takeover-404bb73121c9?source=rss------bug_bounty-5Sunny Sharmabug-bounty-writeup, bug-bounty26-Jan-2024
Bug Bounty For Beginners 2024 Part (3).https://medium.com/@lukwagoasuman236/bug-bounty-for-beginners-2024-part-3-3f8a70f8652e?source=rss------bug_bounty-5Asuman Lukwagobug-bounty-tips, vulnerability-assessment, bug-bounty, cybersecurity, beginners-guide26-Jan-2024
Unveiling the Odyssey: A Riveting Tale of PII Disclosure Vulnerability Discoveryhttps://medium.com/@mrraghavop12/unveiling-the-odyssey-a-riveting-tale-of-pii-disclosure-vulnerability-discovery-615f04432654?source=rss------bug_bounty-5Ethical Raghavblockchain, data-science, cybersecurity, technology, bug-bounty26-Jan-2024
Reflected XSS into HTML context with all tags blocked except custom oneshttps://medium.com/@marduk.i.am/reflected-xss-into-html-context-with-all-tags-blocked-except-custom-ones-7eec0b6b146f?source=rss------bug_bounty-5Marduk I Ambug-bounty, cross-site-scripting, cybersecurity, portswigger-lab, dom-xss26-Jan-2024
Strategies for Success in Audit Contests and Bug Bounty Huntinghttps://medium.com/@JohnnyTime/strategies-for-success-in-audit-contests-and-bug-bounty-hunting-082cef9b4021?source=rss------bug_bounty-5Johnny Timesmart-contract-auditing, audit-contest, bug-bounty, code4rena, bug-bounty-tips26-Jan-2024
Ensuro Partners with Immunefi to Launch Bug Bounty Programhttps://medium.com/@zorely/ensuro-partners-with-immunefi-to-launch-bug-bounty-program-e63368cdc0b0?source=rss------bug_bounty-5Ensuro ZEbug-bounty26-Jan-2024
How I Discovered a Sneaky Account Takeover Vulnerabilityhttps://sumedhgharpande.medium.com/how-i-discovered-a-sneaky-account-takeover-vulnerability-530c3a080a20?source=rss------bug_bounty-5Sumedh Gharpandebug-bounty, ethical-hacking, cyber-security-awareness, hacking, broken-access-control26-Jan-2024
General Questions Asked in Telephonic Interview (Q&A)for Cybersecurity Role-My Personal Experience…https://medium.com/@Ajakcybersecurity/general-questions-asked-in-telephonic-interview-q-a-for-cybersecurity-role-my-personal-experience-ae6298e5b8f0?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, ethical-hacking, interview, cybersecurity, jobs26-Jan-2024
5.7 Lab: Weak isolation on dual-use endpoint | 2024https://cyberw1ng.medium.com/5-7-lab-weak-isolation-on-dual-use-endpoint-2024-cd80519184b4?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, security, bug-bounty, careers26-Jan-2024
Bug Bounty 101: Unveiling the Crucial Role in Cybersecurity for Beginnershttps://systemweakness.com/bug-bounty-101-unveiling-the-crucial-role-in-cybersecurity-for-beginners-0d8611e6f315?source=rss------bug_bounty-5Fahri Yeşilcyber-threat-intelligence, bug-bounty, ethical-hacking, cybersecurity, vulnerability-research26-Jan-2024
Web Cache Poisoning: WWWWWH?https://medium.com/@rcxsecurity/web-cache-poisoning-wwwwwh-ee2b47d6bacc?source=rss------bug_bounty-5RCXSecuritycybersecurity, pentesting, bug-bounty-tips, penetration-testing, bug-bounty26-Jan-2024
How to get your email from different bug bounty platform to start hacking :https://medium.com/@aayushdhakal005/how-to-get-your-email-from-different-bug-bounty-platform-to-start-hacking-ce01dd45f7ca?source=rss------bug_bounty-5Creepydoomercybersecurity, bug-bounty, ethical-hacking, hackerone, hacker25-Jan-2024
Tool: SCRIPTKIDDI3: A Comprehensive Guide to Efficient Bug Bounty Reconnaissancehttps://nixiebytes.medium.com/tool-scriptkiddi3-a-comprehensive-guide-to-efficient-bug-bounty-reconnaissance-dc91c3517a5e?source=rss------bug_bounty-5Nixie_Bytes Security Teambug-bounty, hacking-tools, tools, cybersecurity, hacking25-Jan-2024
A Comprehensive Guide to Bug Bounty Hunting Masteryhttps://medium.com/@mrraghavop12/a-comprehensive-guide-to-bug-bounty-hunting-mastery-706934490626?source=rss------bug_bounty-5Ethical Raghavbug-bounty, cybersecurity, artificial-intelligence, blockchain, data-science25-Jan-2024
eJPT all you need to knowhttps://medium.com/@boogsta/ejpt-all-you-need-to-know-7c62fef04cf3?source=rss------bug_bounty-5Boogstacyber, bug-bounty, bug-bounty-tips, hacking, cybersecurity25-Jan-2024
5.6 Lab: Inconsistent handling of exceptional input | 2024https://cyberw1ng.medium.com/5-6-lab-inconsistent-handling-of-exceptional-input-2024-d02e2bb522f4?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, security, bug-bounty, cybersecurity25-Jan-2024
OWASP TOP 10 2021:https://medium.com/@aayushdhakal005/owasp-top-10-2021-cfb610db7dd4?source=rss------bug_bounty-5Creepydoomercybersecurity, ethical-hacking, bug-bounty, sql-injection, owasp24-Jan-2024
Git Directory Exposed Leads to Credentials Disclosurehttps://medium.com/@blackarazi/git-directory-exposed-leads-to-credentials-disclosure-1d1737638279?source=rss------bug_bounty-5Azhari Harahapbug-bounty-writeup, supply-chain-security, bug-bounty, application-security, git-exposed24-Jan-2024
Avedia Player r9300 Vulnerabilitieshttps://medium.com/@x41x41x41/avedia-player-r9300-vulnerabilities-1c71b4d8efa0?source=rss------bug_bounty-5John Mweb-development, cve, bug-bounty, hacking, exploit24-Jan-2024
5.5 Low-level logic flaw in Business logic vulnerabilities | 2024https://cyberw1ng.medium.com/5-5-low-level-logic-flaw-in-business-logic-vulnerabilities-2024-cf9a90e2e762?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, hacking, security24-Jan-2024
The Immunefi bug bounty campaign is livehttps://dexenetwork.medium.com/the-immunefi-bug-bounty-campaign-is-live-5782b93f823e?source=rss------bug_bounty-5DeXe Protocoldao, dexe, defi, bug-bounty24-Jan-2024
The art of learning bug bounty.https://medium.com/@siratsami71/the-art-of-learning-bug-bounty-9c2a48aee53b?source=rss------bug_bounty-5Sirat Sami (analyz3r)bugbounty-writeup, bug-bounty24-Jan-2024
IDOR Allowing to Place Other Students in Exam Sessionshttps://medium.com/@mr_payload_injector/idor-allowing-to-place-other-students-in-exam-sessions-1bbefd14ac8d?source=rss------bug_bounty-5Mr_Payload_Injectorbug-bounty, cybersecurity, idor, bug-bounty-writeup, ethical-hacking24-Jan-2024
Response Manipulation Lead To Premium Feature By Normal User Reward of $500https://medium.com/@zikola1/response-manipulation-lead-to-premium-feature-by-normal-user-reward-of-500-43381f769ab1?source=rss------bug_bounty-5Abdulrahman badawiweb-application-security, bug-bounty-tips, penetration-testing, bug-bounty, bug-bounty-writeup24-Jan-2024
OWASP TOP 10 2017:https://medium.com/@aayushdhakal005/owasp-top-10-2017-9daabe8c44bf?source=rss------bug_bounty-5Aayushdhakalbug-bounty, ethical-hacking, sql, owasp, cybersecurity23-Jan-2024
Get IDOR In No Permission To Access Page— Bug Bounty Tuesdayhttps://medium.com/@kerstan/get-idor-in-no-permission-to-access-page-bug-bounty-tuesday-68aa82402171?source=rss------bug_bounty-5kerstanhacking, cybersecurity, technology, bug-bounty, security23-Jan-2024
Dosya yükleme ile XSShttps://enesozlekk.medium.com/dosya-y%C3%BCkleme-ile-xss-8f2dd8d093c4?source=rss------bug_bounty-5Enes Özlekbug-bounty23-Jan-2024
How to Exploit Business Logic Vulnerabilities for Bug Bounty | 2024https://cyberw1ng.medium.com/how-to-exploit-business-logic-vulnerabilities-for-bug-bounty-2024-5c9f14420d50?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, security, cybersecurity, bug-bounty23-Jan-2024
SQL Injection on PostgreSQLhttps://medium.com/@yagizkocer/sql-injection-on-postgresql-8c8f823e44aa?source=rss------bug_bounty-5Yağız Koçersql-injection, penetration-testing, bug-bounty, hacking, cybersecurity23-Jan-2024
Leaked SQL error leading to XSS, and another BSQLi...https://medium.com/@zatikyan.sevada/leaked-sql-error-leading-to-xss-and-another-bsqli-cdadde032687?source=rss------bug_bounty-5Zatikyan Sevadabug-bounty, sql-injection, sql, xss-attack, cybersecurity22-Jan-2024
Hacking behind the WAFhttps://noorhomaid.medium.com/hacking-behind-the-waf-60c6c1a48411?source=rss------bug_bounty-5NoorHomaidinfosec, bug-bounty-tips, penetration-testing, bug-bounty, cybersecurity22-Jan-2024
Better understanding of User-Directed Spidering vs Automated Spideringhttps://medium.com/@aayushdhakal005/better-understanding-of-user-directed-spidering-vs-automated-spidering-a18342c42a25?source=rss------bug_bounty-5Aayushdhakalhacking, penetration-testing, spidering, web, bug-bounty22-Jan-2024
How to find unprotected databases with Netlas.io: Chapter 2https://netlas.medium.com/how-to-find-unprotected-databases-with-netlas-io-chapter-2-ba71b07c9630?source=rss------bug_bounty-5Netlas.iocybersecurity, information-security, bug-bounty, penetration-testing, osint22-Jan-2024
This Tool Helps Me To Find The Origin IP Addresshttps://medium.com/@Ajakcybersecurity/this-tool-helps-me-to-find-the-origin-ip-address-75b1444da57e?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, bug-bounty, hacking, cybersecurity, ethical-hacking22-Jan-2024
Is It Worth Quitting 9–5 Job For a Full-Time Bug Bounty In 2024?https://medium.com/@Ajakcybersecurity/is-it-worth-quitting-9-5-job-for-a-full-time-bug-bounty-in-2024-a408389d914e?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, medium, bug-bounty, jobs, penetration-testing22-Jan-2024
4.5 Lab: Blind OS command injection with out-of-band data exfiltration | 2024https://cyberw1ng.medium.com/4-5-lab-blind-os-command-injection-with-out-of-band-data-exfiltration-2024-7bb26c2473e7?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, security, hacking, cybersecurity22-Jan-2024
Bug Bounty For Beginners 2024.https://medium.com/@lukwagoasuman236/bug-bounty-for-beginners-2024-df4a38ed3ad2?source=rss------bug_bounty-5Asuman Lukwagoplanning, finance, cybersecurity, bug-bounty, info22-Jan-2024
Reflected XSS into HTML context with most tags and attributes blockedhttps://medium.com/@marduk.i.am/reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-4266c6c473ad?source=rss------bug_bounty-5Marduk I Ambug-bounty, portswigger-lab, cybersecurity, cross-site-scripting, dom-xss22-Jan-2024
How do you actually find bugs? (My 2 year experience)https://medium.com/@deadoverflow/how-do-you-actually-find-bugs-my-2-year-experience-2d77d78994a0?source=rss------bug_bounty-5Imad Husanovicbug-bounty, hacking, programming, cybersecurity, bug-bounty-tips22-Jan-2024
HackTheBox Saturn: Explaining SSRFhttps://medium.com/@leomsec/hackthebox-saturn-explaining-ssrf-072234ab5ce3?source=rss------bug_bounty-5Leonardobug-bounty, hacker, pentesting, ctf, hackthebox22-Jan-2024
How I Discovered a Critical Vulnerability in a Leading UK Retail Giant’s Systemhttps://medium.com/@cathreat/how-i-discovered-a-critical-vulnerability-in-a-leading-uk-retail-giants-system-bc4211c159a7?source=rss------bug_bounty-5cathreatunited-kingdom, pentesting, bug-bounty, hacking, ssrf22-Jan-2024
Unveiling the Digital Tapestry: A Penetration Tester's Odyssey into the Heart of Cyber…https://medium.com/@mrraghavop12/title-unveiling-the-digital-tapestry-a-penetration-testers-odyssey-into-the-heart-of-cyber-2ac009e54e2f?source=rss------bug_bounty-5Ethical Raghavbug-bounty, cybersecurity, web-development, technology, artificial-intelligence21-Jan-2024
Gelios Testnet Bug Bounty Program: Earn Up to $5,000https://geliosofficial.medium.com/gelios-testnet-bug-bounty-program-earn-up-to-5-000-10e2d78124f8?source=rss------bug_bounty-5Geliosbitcoin-l2, gelios, blockchain, crypto, bug-bounty21-Jan-2024
Bug bounty platforms for 2024https://medium.com/@notahades/bug-bounty-platforms-for-2024-ab289e5c74a9?source=rss------bug_bounty-5Not_A_Hadesbug-bounty, cybersecurity, hacking, security21-Jan-2024
4.4 Lab: Blind OS command injection with out-of-band interaction | 2024https://cyberw1ng.medium.com/4-4-lab-blind-os-command-injection-with-out-of-band-interaction-2024-f9d0e7a1c7ac?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, hacking, cybersecurity, careers, bug-bounty21-Jan-2024
Making My First 10K by Hacking Open Source Targetshttps://infosecwriteups.com/making-my-first-10k-by-hacking-open-source-targets-14ee1e9eeb70?source=rss------bug_bounty-5SynapticSpacebug-bounty, foss, cybersecurity, hacking21-Jan-2024
Path traversalhttps://medium.com/@codersqs/path-traversal-78cce0994e2d?source=rss------bug_bounty-5Codersqsethical-hacking, server-side-rendering, bug-bounty, ssrf-bug, directory-traversal21-Jan-2024
Exploiting SSRF in PDF HTML Injection: Basic and Blindhttps://medium.com/@jbince/exploiting-ssrf-in-pdf-html-injection-basic-and-blind-047fec5317ae?source=rss------bug_bounty-5Jowardbug-bounty, ssrf, hacking, web-app-security, pentesting21-Jan-2024
Exploiting SSRF in PDF HTML Injection: Basic and Blindhttps://infosecwriteups.com/exploiting-ssrf-in-pdf-html-injection-basic-and-blind-047fec5317ae?source=rss------bug_bounty-5Jowardbug-bounty, ssrf, hacking, web-app-security, pentesting21-Jan-2024
China Implements Stringent Cybersecurity Regulations: Makers Urged to Swiftly Report…https://jareddouville.medium.com/china-implements-stringent-cybersecurity-regulations-makers-urged-to-swiftly-report-673f99696750?source=rss------bug_bounty-5Jared Douvillechina-hackers, cyber-security-awareness, bug-bounty, zero-day, china20-Jan-2024
How I Bypassed CSRF Token — 2 Wayshttps://medium.com/mii-cybersec/how-i-bypassed-csrf-token-2-ways-b87ac04969a8?source=rss------bug_bounty-5Bryan Matthewcsrf-bypass, red-team, bug-bounty, penetration-testing, csrf20-Jan-2024
Stored DOM XSShttps://medium.com/@marduk.i.am/stored-dom-xss-c7c9c972d086?source=rss------bug_bounty-5Marduk I Amportswigger-lab, dom-xss, bug-bounty, cybersecurity, cross-site-scripting20-Jan-2024
The art of account takeoverhttps://medium.com/@iknowhatodo/the-art-of-account-takeover-ec5f9a29c436?source=rss------bug_bounty-5Hossam Ahmedaccount-takeover, information-security, bug-bounty20-Jan-2024
Securing AWS: Understanding EC2 IMDS Vulnerabilities and Learning from the Capital One Breachhttps://kishoreramk.medium.com/securing-aws-understanding-ec2-imds-vulnerabilities-and-learning-from-the-capital-one-breach-6f753e06cd66?source=rss------bug_bounty-5KISHORERAMaws-ec2, aws-s3, cybersecurity, aws, bug-bounty20-Jan-2024
Login DoS — That requires simply sending a lot of specially crafted requestshttps://infosecwriteups.com/login-dos-that-requires-simply-sending-a-lot-of-specially-crafted-requests-2ca927c628dd?source=rss------bug_bounty-5Shriyans Sudhibug-bounty, hackerone, penetration-testing, cybersecurity, web-hacking20-Jan-2024
921$ Privilege Escalation: Unauthorized User Addition to Shared APP Connectionshttps://infosecwriteups.com/921-privilege-escalation-unauthorized-user-addition-to-shared-app-connections-0780134d6cf1?source=rss------bug_bounty-5Abhi Sharmaprivilege-escalation, hacking, cybersecurity, programming, bug-bounty20-Jan-2024
4.3 Lab: Blind OS command injection with output redirection | 2024https://cyberw1ng.medium.com/4-3-lab-blind-os-command-injection-with-output-redirection-2024-d92f52f139b4?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, bug-bounty, cybersecurity, security20-Jan-2024
Boosting Your Income: My Journey with Side Hustles in Cybersecurityhttps://medium.com/@himanshu_mahajan/boosting-your-income-my-journey-with-side-hustles-in-cybersecurity-8cc088c92469?source=rss------bug_bounty-5Himanshu Mahajanside-hustle, security, technology, bug-bounty, cybersecurity20-Jan-2024
How To Hide Any Payload: Day 3/100 Of Gaining Hacking Knowledgehttps://medium.com/@ssg30devil/how-to-hide-any-payload-day-3-100-of-gaining-hacking-knowledge-002c4adb328b?source=rss------bug_bounty-5rootzsbug-bounty-tool, bug-bounty, bug-bounty-tips, hacking19-Jan-2024
Dangling CNAME/Orphaned CNAME leads P2 on Google VRPhttps://medium.com/@jerryhackgather/dangling-cname-orphaned-cname-leads-p2-on-google-vrp-fca8964d983c?source=rss------bug_bounty-5Jerry1319bug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity19-Jan-2024
Penetration Testing Techniqueshttps://anticitizenone.medium.com/penetration-testing-techniques-5eaf254fc5e6?source=rss------bug_bounty-5Rodolfo Santos Flaboreablue-team, purple-team, red-team, pentesting, bug-bounty19-Jan-2024
Best Recon Website For BugBounty in 2024, I came across! Completely Free 🙂https://medium.com/@Ajakcybersecurity/best-recon-website-for-bugbounty-in-2024-i-came-across-completely-free-303d67187400?source=rss------bug_bounty-5AjakCybersecurityblogging, cybersecurity, penetration-testing, ethical-hacking, bug-bounty19-Jan-2024
Authentication Bypass | Part 05 | What To Do After Choosing a Targethttps://medium.com/@omarora1603/authentication-bypass-part-05-what-to-do-after-choosing-a-target-31eddc38029c?source=rss------bug_bounty-5Om Arorahacking, cybersecurity, bug-bounty, technology, infosec19-Jan-2024
4.2 Lab: Lab: Blind OS command injection with time delays | 2024https://cyberw1ng.medium.com/4-2-lab-lab-blind-os-command-injection-with-time-delays-2024-042ad98c27e6?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, careers, bug-bounty, security19-Jan-2024
IDOR To Massive Government Data Leakhttps://bishal0x01.medium.com/idor-to-massive-government-data-leak-e8ad510d7e5?source=rss------bug_bounty-5Bishal Shresthabug-bounty, information-security, writeup, data-leak19-Jan-2024
Authentication Bypass | Part 05 | What To Do After Choosing a Targethttps://infosecwriteups.com/authentication-bypass-part-05-what-to-do-after-choosing-a-target-31eddc38029c?source=rss------bug_bounty-5Om Arorahacking, cybersecurity, bug-bounty, technology, infosec19-Jan-2024
IDOR Vulnerability Allowing Unauthorized Access to Colleagues’ Bachelor Theseshttps://medium.com/@mr_payload_injector/idor-vulnerability-allowing-unauthorized-access-to-colleagues-bachelor-theses-8c76c4ec4480?source=rss------bug_bounty-5Mr_Payload_Injectorcybersecurity, ethical-hacking, bug-bounty-writeup, bug-bounty, bug-bounty-tips19-Jan-2024
#ERROR!https://medium.com/@Xt3sY/500-internal-server-bypass-everything-will-be-200-okay-bcd149397736?source=rss------bug_bounty-5Pushkar Bhagathackerone, hacking, bugcrowd, exploitation, bug-bounty19-Jan-2024
How I Bypassed CSRF Token — 2Wayshttps://medium.com/@bmatth21/how-i-bypassed-csrf-token-2ways-5662b4191188?source=rss------bug_bounty-5Bryan Matthewpenetration-testing, csrf-protection, csrf, bug-bounty, csrf-token19-Jan-2024
Roadmap to Cybersecurity Mastery: A Guide for Aspiring IT Professionalshttps://ikhaleelkhan.medium.com/roadmap-to-cybersecurity-mastery-a-guide-for-aspiring-it-professionals-b2f2e6cc9641?source=rss------bug_bounty-5Khaleel Khanhacking, infosec, cybersecurity, ethical-hacking, bug-bounty18-Jan-2024
AWS/S3 Subdomain Takeoverhttps://medium.com/@scottlindh/aws-s3-subdomain-takeover-79d705cc3553?source=rss------bug_bounty-5Scott Lindhpentesting, hacking, hacking-tools, bug-bounty, bug-bounty-tips18-Jan-2024
Exploiting vulnerabilities in LLM APIs [OS injection]https://medium.com/@s_novoselov/exploiting-vulnerabilities-in-llm-apis-os-injection-b7d31c803d1d?source=rss------bug_bounty-5Serj Novoselovllm, penetration-testing, bug-bounty, ai, hacking18-Jan-2024
Brutal Bug Bounty methodologyhttps://medium.com/@pentajbr/brutal-bug-bounty-methodology-f872d0c1b8da?source=rss------bug_bounty-5Major Jbrbug-bounty-tips, bug-bounty18-Jan-2024
Secret Input Header leads to Password Reset Poisoninghttps://medium.com/@mares.viktor/secret-input-header-leads-to-password-reset-poisoning-ad3081fd8488?source=rss------bug_bounty-5Viktor Maresbug-bounty, penetration-testing, hacking, web-development, cybersecurity18-Jan-2024
Business Logic: Bypass 2FA to ATOhttps://giongfnef.medium.com/business-logic-bypass-2fa-to-ato-e0dc7131b10e?source=rss------bug_bounty-5Giongnefsecurity, bug-bounty, cybersecurity, information-security, pentesting18-Jan-2024
Finding Secret Key Inside React Native Appshttps://aminudin.medium.com/finding-secret-key-inside-react-native-apps-9eb6beac02f8?source=rss------bug_bounty-5Aminudinbug-bounty, bugs, bug-bounty-tips18-Jan-2024
Blind OS command injection vulnerabilities in Portswigger | 2024https://cyberw1ng.medium.com/blind-os-command-injection-vulnerabilities-in-portswigger-2024-cdc10f62d0be?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, security, careers, hacking, bug-bounty18-Jan-2024
Master Bug Bounty Hunting Coursehttps://medium.com/@teamhydrashop/master-bug-bounty-hunting-course-ea3615f1160b?source=rss------bug_bounty-5Team Hydra Shoptool-hack-xổ-số, bug-fixes, bug-bounty, penetration-testing, hacking-tools18-Jan-2024
What is Cyberkill Chain (My first Interview Question of my carrier)https://akash-venky091.medium.com/what-is-cyberkill-chain-my-first-interview-question-of-my-carrier-e1cc6351a24b?source=rss------bug_bounty-5Akash Venkysecurity, bug-bounty, cybersecurity, information-technology, pentesting18-Jan-2024
How I Automatically Generate XSS Payload & Automate Reflected XSShttps://medium.com/@Ajakcybersecurity/how-i-automatically-generate-xss-payload-automate-reflected-xss-91f4a232cd78?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, ethical-hacking, xss-attack, bug-bounty, penetration-testing18-Jan-2024
Is PNPT Certification Worth It for a Cybersecurity Job? Exploring PNPT!https://medium.com/@Ajakcybersecurity/is-pnpt-certification-worth-it-for-a-cybersecurity-job-exploring-pnpt-8fa13a194fe4?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, ethical-hacking, hacking, certification, cybersecurity18-Jan-2024
A Best $5 Spent in My Entire Cybersecurity Journeyhttps://medium.com/@Ajakcybersecurity/a-best-5-spent-in-my-entire-cybersecurity-journey-baf09ae710d0?source=rss------bug_bounty-5AjakCybersecurityhacking, tryhackme, bug-bounty, cybersecurity, ethical-hacking18-Jan-2024
CSRF vulnerabilityhttps://medium.com/@os1764934/csrf-vulnerability-ebfbbe6dd81c?source=rss------bug_bounty-5Omar Samybug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips18-Jan-2024
Hydra Tryhackme: Walkthrough/Writeuphttps://proviesec.medium.com/hydra-tryhackme-walkthrough-writeup-784db55ab9a9?source=rss------bug_bounty-5Proviesechydra, tryhackme-walkthrough, cybersecurity, bug-bounty, tryhackme18-Jan-2024
Things should do after sublister(sublist3r)https://medium.com/@canonminibeast/things-should-do-after-sublister-sublist3r-90176a020409?source=rss------bug_bounty-5Canonminibeastbug-bounty, cybersecurity, sublist3r, web-development, web-pen-testing18-Jan-2024
Exploiting LLM APIs with excessive agencyhttps://jareddouville.medium.com/exploiting-llm-apis-with-excessive-agency-979d87a9937e?source=rss------bug_bounty-5Jared Douvilleportswigger-lab, bug-bounty, cyber-security-awareness, hackerone, llm18-Jan-2024
easy bug = big bounty | easy and small bug can give you a big bounty and Reputationhttps://medium.com/@no_oneee/easy-bug-big-bounty-easy-and-small-bug-can-give-you-a-big-bounty-and-reputation-08534a90d2e6?source=rss------bug_bounty-5no|onebug-bounty, hacking, bug-bounty-tips, information-security, bugs18-Jan-2024
Accessing deleted comment for $$: A Bug Bounty Writeuphttps://vijetareigns.medium.com/accessing-deleted-comment-for-a-bug-bounty-writeup-95d56662d209?source=rss------bug_bounty-5the_unlucky_guybug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips, writeup17-Jan-2024
Understanding and Mitigating Authentication Bypass Techniques in Web Applicationshttps://ikhaleelkhan.medium.com/understanding-and-mitigating-authentication-bypass-techniques-in-web-applications-d72795f469be?source=rss------bug_bounty-5Khaleel Khanhacking, bug-bounty, infosec, infosecurity, ethical-hacking17-Jan-2024
Best Hacking OSINT Site list in 2024https://medium.com/@logicTech/best-hacking-osint-site-list-in-2024-768db84c55e3?source=rss------bug_bounty-5LogicTechhacking-tools, bug-bounty, hacking, osint-investigation, journalism17-Jan-2024
Why Web2 Vulnerabilities Need Addressing Before Embracing Web3 — Part 1https://medium.com/@resonance.security/why-web2-vulnerabilities-need-addressing-before-embracing-web3-part-1-e881424e216c?source=rss------bug_bounty-5Resonancebug-bounty, web3, blockchain17-Jan-2024
Phishing using Google Sheets for Red Team Engagementshttps://infosecwriteups.com/phishing-using-google-sheets-for-red-team-engagements-ac79298ddb90?source=rss------bug_bounty-5Supun Halangoda (Suppa)cybersecurity, phishing-attacks, phishing, information-security, bug-bounty17-Jan-2024
Privilege escalation via response manipulationhttps://seek-er.medium.com/privilege-escalation-via-response-manipulation-e2ed5076b023?source=rss------bug_bounty-5Vikybug-bounty-writeup, hacking, web-application-security, bug-bounty, security17-Jan-2024
1 Program, 4 Business Logic Bugs and Cashing in 2300$.https://infosecwriteups.com/1-program-4-business-logic-bugs-and-cashing-in-2300-299b42236993?source=rss------bug_bounty-5Manav Bankatwalabounty-hunter, information-security, bug-bounty, appreciation, cybersecurity17-Jan-2024
3.6 Lab: File path traversal, validation of file extension with null byte bypass | 2024https://cyberw1ng.medium.com/3-6-lab-file-path-traversal-validation-of-file-extension-with-null-byte-bypass-2024-ccf8005b5379?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, careers, bug-bounty, hacking, cybersecurity17-Jan-2024
Shall I Start Bug Bounty Without Cybersecurity Basics in 2024?https://medium.com/@Ajakcybersecurity/shall-i-start-bug-bounty-without-cybersecurity-basics-in-2024-f62fa3ab1991?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, ethical-hacking, cybersecurity, hacking, bug-bounty17-Jan-2024
API_Security RoadMaphttps://akash-venky091.medium.com/api-security-roadmap-edb59a420b04?source=rss------bug_bounty-5Akash Venkycybersecurity, bug-bounty, vulnerability, information-technology, ethical-hacking16-Jan-2024
Extracting iOS IPA files Without Jailbreaking…!https://medium.com/@dhanush1895/extracting-ios-ipa-files-without-jailbreaking-6e7ee8e57ad7?source=rss------bug_bounty-5Daniel1895methodology, ios, bug-bounty-tips, bug-bounty, pentesting16-Jan-2024
Unleashing the Power of AutoRepeater: Automating Blind SQL Injection Detectionhttps://medium.com/@atikqur007/unleashing-the-power-of-autorepeater-automating-blind-sql-injection-detection-1b159ee81158?source=rss------bug_bounty-5Atik Rahmansql-injection, bug-bounty, blind-sql-injection, burpsuite-extension, cybersecurity16-Jan-2024
3.5 Lab: File path traversal, validation of start of path | 2024https://cyberw1ng.medium.com/3-5-lab-file-path-traversal-validation-of-start-of-path-2024-9b2b9b4f15d7?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, bug-bounty, cybersecurity, hacking, careers16-Jan-2024
How to Discovered IDOR from a Blank Page — Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-to-discovered-idor-from-a-blank-page-bug-bounty-tuesday-5af784533d1a?source=rss------bug_bounty-5kerstantechnology, programming, bug-bounty, cybersecurity16-Jan-2024
GUI Bug Bounty Tool To Find Easy P1s in 2024https://medium.com/@Ajakcybersecurity/gui-bug-bounty-tool-to-find-easy-p1s-in-2024-24d05dceba72?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, ethical-hacking, github, penetration-testing, bug-bounty16-Jan-2024
Secret Bug bounty Extension all Hackers Forget To Add. Part-2 (Not Common!)‍https://medium.com/@Ajakcybersecurity/secret-bug-bounty-extension-all-hackers-forget-to-add-part-2-not-common-e29d857f90e0?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, extension, cybersecurity, hacking, bug-bounty16-Jan-2024
Extensions I Use For My Bug Bounty Hunting in 2024, Part-1. ‍https://medium.com/@Ajakcybersecurity/extensions-i-use-for-my-bug-bounty-hunting-in-2024-part-1-5b8ba7501408?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, blog, hacking, bug-bounty, ethical-hacking16-Jan-2024
A Digital Date with a Hacker: A Café WiFi Adventure!https://medium.com/@Ajakcybersecurity/a-digital-date-with-a-hacker-a-caf%C3%A9-wifi-adventure-db7ae98bbd90?source=rss------bug_bounty-5AjakCybersecuritydigital-forensics, cybersecurity, bug-bounty, hacking, blog16-Jan-2024
What can a Hacker do with your IP Address? Track Your Location?https://medium.com/@Ajakcybersecurity/what-can-a-hacker-do-with-your-ip-address-track-your-location-f7854cd5c32f?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, cybersecurity, blog, digital-forensics, bug-bounty16-Jan-2024
Top 5 Sites to Improve Your Hacking Skill IN 2024https://medium.com/@Ajakcybersecurity/top-5-sites-to-improve-your-hacking-skill-in-2024-b9e786eb7adb?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, blog, cybersecurity, bug-bounty, hacking16-Jan-2024
Day 2/100 Of Gaining Hacking Knowledge — Easily change IP, Mac, DNS, Log killer, and more…….https://medium.com/@ssg30devil/day-2-100-of-gaining-hacking-knowledge-easily-change-ip-mac-dns-log-killer-and-more-7d286c7b7647?source=rss------bug_bounty-5rootzsbug-bounty, ethical-hacking, 100daychallenge, cybersecurity, git-tool16-Jan-2024
Web Security Academy — Business Logic Vulnerabilities Walkthroughhttps://iaraoz.medium.com/web-security-academy-business-logic-vulnerabilities-walkthrough-536f756cda9b?source=rss------bug_bounty-5Israel Aráoz Severichecybersecurity, owasp, vulnerability, appsec, bug-bounty16-Jan-2024
Demystifying Reflected XSS: Understanding and Mitigating This Common Web Security Vulnerabilityhttps://medium.com/@j0hnw1ck/demystifying-reflected-xss-understanding-and-mitigating-this-common-web-security-vulnerability-beaa3bb058c5?source=rss------bug_bounty-5J0hn W1ckbug-bounty, cybersecurity, web-development, pentesting, hacking16-Jan-2024
Bug Zero at a Glance [16–31 December]https://blog.bugzero.io/bug-zero-at-a-glance-16-31-december-d722a2b76ed4?source=rss------bug_bounty-5Januka Dharmapriyanewsletter, bug-bounty, bug-zero, sri-lanka, cybersecurity15-Jan-2024
How Apple Scammed Me Out Of $50,000 in their Bug Bounty Program (Silent Patching & Ignoring Me)https://medium.com/@just4g3nt/how-apple-scammed-me-out-of-50-000-in-their-bug-bounty-program-silent-patching-ignoring-me-18455a47a1f6?source=rss------bug_bounty-5Random Userbug-bounty, infosec, apple, scam, cybersecurity15-Jan-2024
Unrestricted File Upload Lead to Stored XSS at Microsoft main domainhttps://medium.com/@cavdarbashas/unrestricted-file-upload-lead-to-stored-xss-at-microsoft-main-domain-baa9cadac6bd?source=rss------bug_bounty-5Sokol Çavdarbashabug-bounty, penetration-testing, technology, web-security, ethical-hacking15-Jan-2024
HackenProof bug bounty campaign is now livehttps://dexenetwork.medium.com/hackenproof-bug-bounty-campaign-is-now-live-bf9bc5ddd6d1?source=rss------bug_bounty-5DeXe Protocolsecurity, dao, bug-bounty, defi15-Jan-2024
100-day Challenge Day 1/100 Ethical Hacking Knowledgehttps://medium.com/@ssg30devil/100-day-challenge-day-1-100-ethical-hacking-knowledge-9b0625a8e835?source=rss------bug_bounty-5rootzs100daychallenge, ethical-hacking, useful-websites, bug-bounty, most-useful-websites15-Jan-2024
Reflected DOM XSShttps://medium.com/@marduk.i.am/reflected-dom-xss-fdf60de841cb?source=rss------bug_bounty-5Marduk I Amportswigger-lab, bug-bounty, cybersecurity, cross-site-scripting, dom-xss15-Jan-2024
SMTP Server (JAMES SMTP Server 2.3.2)https://medium.com/@akshadjoshi/smtp-server-james-smtp-server-2-3-2-ad934435f021?source=rss------bug_bounty-5Akshad Joshismtp, bug-bounty, pentesting, hackthebox15-Jan-2024
Streamlining Vulnerability Hunting for Bug Bounty and pentestershttps://medium.com/@k-binsaeed/streamlining-vulnerability-hunting-for-bug-bounty-and-pentesters-81e77b3ab7d9?source=rss------bug_bounty-5NumLocK15bug-bounty, vulnerability, cybersecurity, pentesting15-Jan-2024
How I Used A Simple Python Script to Exploit a Vulnerable Google API Key.https://medium.com/@gradillagustavo87/how-i-used-a-simple-python-script-to-exploit-a-vulnerable-google-api-key-475b4fcaf895?source=rss------bug_bounty-5Gustavo Gradillahacking-tools, bug-bounty-writeup, bug-bounty, google15-Jan-2024
How I Automate Finding Amazon S3 Buckets Using A Simple Python Scripthttps://medium.com/@gradillagustavo87/how-i-automate-finding-amazon-s3-buckets-using-a-simple-python-script-c1a7c11a8b52?source=rss------bug_bounty-5Gustavo Gradillacybersecurity, hacking-tools, ethical-hacking, bug-bounty, hacking15-Jan-2024
S3 Bucket takeover with simple technique lead to $$$https://medium.com/@adhaamsayed3/s3-bucket-takeover-with-simple-technique-lead-to-0fc0b89eeecb?source=rss------bug_bounty-5Adham sayed (doosec101)web-app-pentesting, bug-bounty, hacker, hackerone, mobile-app-testing15-Jan-2024
3.3 Lab: File path traversal, traversal sequences stripped non-recursively | 2024https://cyberw1ng.medium.com/3-3-lab-file-path-traversal-traversal-sequences-stripped-non-recursively-2024-5dd6b7d227e6?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, security, hacking, careers14-Jan-2024
Logical Error leads to DOS for victimhttps://medium.com/@tanyago/logical-error-leads-to-dos-for-victim-8e4f6d18ae90?source=rss------bug_bounty-5Tanya Goyalbug-bounty-tips, bug-bounty-writeup, bug-hunting, bug-bounty14-Jan-2024
How to Nail a Perfect Bug Reporthttps://medium.com/@nambiarjishnu1210/how-to-nail-a-perfect-bug-report-b619690779a7?source=rss------bug_bounty-5Jishnu Nambiarsoftware-testing, automation, bug-bounty, testing, quality-assurance14-Jan-2024
Bug Bounty: The Ultimate Guide For Beginnershttps://medium.com/@securelearn/bug-bounty-the-ultimate-guide-for-beginners-92bd470b5c02?source=rss------bug_bounty-5RGsecure-learn, bug-bounty-tips, cybersecurity, hacking, bug-bounty14-Jan-2024
Elevate your Expertise: Key Cybersec Certifications 2k24https://thethreatcops.medium.com/elevate-your-expertise-key-cybersec-certifications-2k24-7a025f5566f4?source=rss------bug_bounty-5the threat copsinformation-security, hacking, career-development, bug-bounty, cybersecurity14-Jan-2024
Exploring the Web’s Hidden Corners with DorkDive: A Google Dorking Tool for Tech Enthusiastshttps://infosecwriteups.com/exploring-the-webs-hidden-corners-with-dorkdive-a-google-dorking-tool-for-tech-enthusiasts-c66816493c76?source=rss------bug_bounty-5Incoggeekpython, cybersecurity, bug-bounty, tools, hacking14-Jan-2024
Mastering Cybersecurity: A Deep Dive into Optimal Attack Surface Management for Public Bug Bounty…https://cyberarafat.medium.com/mastering-cybersecurity-a-deep-dive-into-optimal-attack-surface-management-for-public-bug-bounty-0eb182577c4c?source=rss------bug_bounty-5Arafat Ashrafi Talhaethical-hacking, bug-bounty-tips, bug-bounty, penetration-testing, cybersecurity14-Jan-2024
Layer 5: Bug Bountieshttps://medium.com/@triweisec/layer-5-bug-bounties-f67b2cbdf413?source=rss------bug_bounty-5TriWei.iobug-bounty, web3, blockchain-security, ethical-hacking, vulnerability-assessment14-Jan-2024
ExamSys — Multiple SQL Injectionshttps://fh4ntke.medium.com/examsys-multiple-sql-injections-ef94d84e440c?source=rss------bug_bounty-5FHantkeweb-development, technology, hacking, open-source, bug-bounty14-Jan-2024
How to set up a new Kali Linux virtual machine for Studying | Practicing | Bug Bounty ?https://medium.com/@recepbalibey/how-to-set-up-a-new-kali-linux-virtual-machine-for-studying-practicing-bug-bounty-6ec16222c294?source=rss------bug_bounty-5Recep Balıbeyvirtual-machine, kali-linux, ctf, bug-bounty, cybersecurity14-Jan-2024
Vulnerable Web Applications For Training and Testing Your New Toolshttps://medium.com/@eclectic-security/vulnerable-web-applications-for-training-and-testing-your-new-tools-e2411942edb2?source=rss------bug_bounty-5Eclectic Securitybug-bounty, software-development, cybersecurity, training, penetration-testing14-Jan-2024
Mass Hunting Blind XSS — Practical Techniqueshttps://infosecwriteups.com/mass-hunting-blind-xss-practical-techniques-182c422d773e?source=rss------bug_bounty-5Ott3rlybug-bounty-writeup, xss-vulnerability, cross-site-scripting, bug-bounty, cybersecurity14-Jan-2024
What is Bug Bounty Huntinghttps://medium.com/@chaudharyrohit644/what-is-bug-bounty-hunting-d2571271d612?source=rss------bug_bounty-5Rohit Chaudharybug-bounty14-Jan-2024
PII Data Leakage via Directory Listinghttps://medium.com/@fixthis1000time/pii-data-leakage-via-directory-listing-2a5ff7554cdc?source=rss------bug_bounty-5fixthi$infosec, cybersecurity, ethical-hacking, bug-bounty, hacking14-Jan-2024
User Enumeration in the login processhttps://medium.com/@majix_de/user-enumeration-in-the-login-process-a43a248ac70d?source=rss------bug_bounty-5Majixctf, bug-bounty, pentesting, hacking, penetration-testing14-Jan-2024
HackTheBox — Server-side Request Forgery (SSRF) Overviewhttps://medium.com/@harry.hphu/hackthebox-server-side-request-forgery-ssrf-overview-e55ef94ac435?source=rss------bug_bounty-5Huy Phubug-bounty, web-security, hackthebox, owasp-top-10, ssrf13-Jan-2024
What is SQL Injection and how SQL queries work in databasehttps://mrunknown124154.medium.com/what-is-sql-injection-and-how-sql-queries-work-in-database-6971f1729aed?source=rss------bug_bounty-5Mr Abdullahhacking, cyber-security-awareness, bug-bounty, sql-injection, web-hacking13-Jan-2024
Easy way to find RCE via SSTI(server side template injection)https://medium.com/@jeetpal2007/easy-way-to-find-rce-via-ssti-server-side-template-injection-b5f664ddf427?source=rss------bug_bounty-5JEETPALrce, bug-bounty, easy, bugs, ssti13-Jan-2024
DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encodedhttps://medium.com/@marduk.i.am/dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-62bc9a167c8e?source=rss------bug_bounty-5Marduk I Amcross-site-scripting, angularjs, dom-xss, bug-bounty, portswigger-lab13-Jan-2024
mistakes bug bounty hunters fall on it | the key of bug bounty |best advice for 2024https://medium.com/@no_oneee/hello-48e0488f6fa4?source=rss------bug_bounty-5no|oneinformation-security, bugs, bug-bounty-tips, cybersecurity, bug-bounty13-Jan-2024
3.2 Lab: File path traversal, traversal sequences blocked with absolute path bypass | 2024https://cyberw1ng.medium.com/3-2-lab-file-path-traversal-traversal-sequences-blocked-with-absolute-path-bypass-2024-b1eb44cf3151?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, security, hacking, cybersecurity13-Jan-2024
Regeneration of API key by low level user: 500$ Access Control bughttps://medium.com/@a13h1/regeneration-of-api-key-by-low-level-user-500-access-control-bug-87c76b9b5842?source=rss------bug_bounty-5Abhi Sharmabug-bounty, cybersecurity, hacking, api, programming13-Jan-2024
3.2 Lab: File path traversal, traversal sequences blocked with absolute path bypass | 2024https://systemweakness.com/3-2-lab-file-path-traversal-traversal-sequences-blocked-with-absolute-path-bypass-2024-b1eb44cf3151?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, security, hacking, cybersecurity13-Jan-2024
Burp Suite — Download, Set up and Get Going!https://medium.com/@eclectic-security/burp-suite-download-set-up-and-get-going-a58ba7daf678?source=rss------bug_bounty-5Eclectic Securitybug-bounty, tools, cyber-security-training, penetration-testing, burpsuite13-Jan-2024
DOM-Based XSS: Understanding and Mitigating a Stealthy Attack Vectorhttps://medium.com/@ravensec93/dom-based-xss-understanding-and-mitigating-a-stealthy-attack-vector-71ebc56806aa?source=rss------bug_bounty-5Raven Securitybug-bounty, web-security, cybersecurity, xss-attack, hacking13-Jan-2024
Weird bug to steal users credentialshttps://medium.com/@fuadahmad062/weird-bug-to-steal-users-credentials-5e80c5d4565f?source=rss------bug_bounty-5von001bug-bounty-tips, bug-bounty, content-spoofing12-Jan-2024
Forget Blockers, Own Your Freedom: SquareXhttps://tanishqshahsays.medium.com/forget-blockers-own-your-freedom-squarex-4e4d6a845fe8?source=rss------bug_bounty-5Tanishq Sachin Shahbug-bounty, squarex, security, cybersecurity, privacy12-Jan-2024
Mass Hunting Blind XSS — Initial Setuphttps://ott3rly.medium.com/mass-hunting-blind-xss-initial-setup-7fc5c1898999?source=rss------bug_bounty-5Ott3rlyxs, info-sec-writeups, blind-xss, bug-bounty, cross-site-scripting12-Jan-2024
The DeXe Protocol’s Bug Bounty Campaignhttps://dexenetwork.medium.com/the-dexe-protocols-bug-bounty-campaign-a68e960c36cd?source=rss------bug_bounty-5DeXe Protocoldefi, bug-bounty, smart-contracts, dao, security12-Jan-2024
tRPC Security Research: Hunting for Vulnerabilities in Modern APIshttps://medium.com/@LogicalHunter/trpc-security-research-hunting-for-vulnerabilities-in-modern-apis-b0d38e06fa71?source=rss------bug_bounty-5Borna Nematzadehbug-bounty-writeup, bug-bounty, web-security, security-research, api-security12-Jan-2024
Mass Hunting Blind XSS — Initial Setuphttps://infosecwriteups.com/mass-hunting-blind-xss-initial-setup-7fc5c1898999?source=rss------bug_bounty-5Ott3rlyxs, info-sec-writeups, blind-xss, bug-bounty, cross-site-scripting12-Jan-2024
The DeXe Protocol’s Bug Bounty Campaign announcementhttps://dexenetwork.medium.com/the-dexe-protocols-bug-bounty-campaign-a68e960c36cd?source=rss------bug_bounty-5DeXe Protocoldefi, bug-bounty, smart-contracts, dao, security12-Jan-2024
Unraveling the Mysteries of Zoo Services: Feign magic uncoveredhttps://medium.com/@boltaevt/unraveling-the-mysteries-of-zoo-services-feign-magic-uncovered-3d45d211fdec?source=rss------bug_bounty-5@boltaevtbug-bounty, spring-boot, java, microservices, feign12-Jan-2024
Unveiling Vulnerabilities: Loose Permissions in Salesforce Lightning Pose Data Security Threatshttps://samshadow.medium.com/unveiling-vulnerabilities-loose-permissions-in-salesforce-lightning-pose-data-security-threats-41eaba372937?source=rss------bug_bounty-5Sam Shadowbug-bounty-writeup, infosec, salesforce-lightning, bug-bounty, bug-bounty-tips12-Jan-2024
Common obstacles to exploiting path traversal vulnerabilities | 2024https://cyberw1ng.medium.com/common-obstacles-to-exploiting-path-traversal-vulnerabilities-2024-204fd57566f5?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, security, hacking, cybersecurity, careers12-Jan-2024
Holy Ffuf Unleashing Rapid Wealth with a 15-Minute $$$ Twisthttps://medium.com/@Xt3sY/holy-ffuf-unleashing-rapid-wealth-with-a-15-minute-twist-8fada0cc72ba?source=rss------bug_bounty-5Pushkar Bhagathacker101, bug-bounty, hackerone, hacker12-Jan-2024
SQL INJECTION FUNDAMENTALS_HACK THE BOXhttps://medium.com/@romimkhan5588/sql-injection-fundamentals-hack-the-box-d22cde7a7198?source=rss------bug_bounty-5root 28hacking, bug-bounty, cybersecurity, hackthebox, sql-injection12-Jan-2024
Account Takeover via password reset without user interactions (CVE-2023–7028)https://0xweb01.medium.com/account-takeover-via-password-reset-without-user-interactions-cve-2023-7028-cbd2e675992e?source=rss------bug_bounty-50xweb01cve, zero-day, bug-bounty, security12-Jan-2024
Holy Ffuf easy Bounty in 15 minshttps://medium.com/@Xt3sY/holy-ffuf-unleashing-rapid-wealth-with-a-15-minute-twist-8fada0cc72ba?source=rss------bug_bounty-5Pushkar Bhagathacker101, bug-bounty, hackerone, hacker12-Jan-2024
Bug Bountyhttps://medium.com/@pdinukanth/bug-bounty-b1843c8676b3?source=rss------bug_bounty-5Pdinukanthbug-bounty11-Jan-2024
IDN Homograph Attack - Reborn of the Rare Casehttps://shahjerry33.medium.com/idn-homograph-attack-reborn-of-the-rare-case-99fa1e342352?source=rss------bug_bounty-5Jerry Shah (Jerry)pentesting, bug-bounty, infosec, cybersecurity, vulnerability11-Jan-2024
Art of External Network Penetration Testing – Phase First: Preparationhttps://medium.com/@pentesterman/introduction-with-the-rapidly-developing-technologies-in-the-digital-world-the-security-measures-c21d0f62c48f?source=rss------bug_bounty-5Sevban Dönmezcybersecurity, external-pentest, bug-bounty, web-application-security, pentest-preparation11-Jan-2024
2.12 Lab: Password brute-force via password change | 2024https://cyberw1ng.medium.com/2-12-lab-password-brute-force-via-password-change-2024-94a39239f98e?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, bug-bounty, cybersecurity, hacking, careers11-Jan-2024
How I discovered a Critical Vulnerability during a Pentest : IDOR to Privilege Escalationhttps://medium.com/@ravindu.lakmina1/how-i-discovered-a-critical-vulnerability-during-a-pentest-idor-to-privilege-escalation-937230b06e62?source=rss------bug_bounty-5Ravindu Lakminaethical-hacking, hacking, bug-bounty, penetration-testing, cybersecurity11-Jan-2024
Windows Exploitation Learning Path in TryHackMehttps://mrshan.medium.com/windows-exploitation-learning-path-in-tryhackme-8fa680daa775?source=rss------bug_bounty-5MR SHANtryhackme-writeup, cybersecurity, tryhackme-walkthrough, bug-bounty, tryhackme11-Jan-2024
How I got my first bug bountyhttps://medium.com/@b1ayn/how-i-got-my-first-bug-bounty-8772d41bccba?source=rss------bug_bounty-5B1aynbugcrowd, pentesting, hackerone, bug-bounty11-Jan-2024
How I Earned My First Bug Bounty Reward of $600https://medium.com/@zikola1/how-i-earned-my-first-bug-bounty-reward-of-600-14c268f94bbd?source=rss------bug_bounty-5Abdulrahman badawipenetration-testing, bug-bounty-writeup, bug-bounty, bug-bounty-tips, web-application-security11-Jan-2024
Skills Needed For Bug Bounty Part 2https://medium.com/@joshdesharnais1/skills-needed-for-bug-bounty-part-2-2f6897aa3390?source=rss------bug_bounty-5Joshua Desharnaisexploitation, bug-bounty-tips, bug-bounty11-Jan-2024
Hacking my college intranet (Bug Bounty)https://medium.com/@boogsta/hacking-my-college-intranet-8f77f5d8fe60?source=rss------bug_bounty-5Boogstacybersecurity, bug-bounty, hacking, cyber, bug-bounty-tips10-Jan-2024
How I Helped Indonesian Startup Company to Prevent Millions of PII Data Leakshttps://medium.com/@blackarazi/how-i-helped-indonesian-startup-company-to-prevent-millions-of-pii-data-leaks-55ef3edbd35d?source=rss------bug_bounty-5Azhari Harahapbug-bounty-writeup, pii, application-security, api-security, bug-bounty10-Jan-2024
Everything About Launching and Managing Your Bug Bounty Program (From a Former Triager)https://utkusen.medium.com/everything-about-launching-and-managing-your-bug-bounty-program-from-a-former-triager-e244105a31c6?source=rss------bug_bounty-5Utku Şencybersecurity, bug-bounty-tips, hackerone, bug-bounty10-Jan-2024
Businesses That Still Are Accepting Brute Force Vulnerabilities as Low Impact Need to Reconsiderhttps://malwarexhunt.medium.com/businesses-that-still-are-accepting-brute-force-vulnerabilities-as-low-impact-need-to-reconsider-c877f8b17ad3?source=rss------bug_bounty-5MalwareHuntertechnology, cybersecurity, bug-bounty, programming, penetration-testing10-Jan-2024
Bugs & JS :A Closer Look at JavaScript for Successful Bug Huntinghttps://anasbetis023.medium.com/bugs-js-a-closer-look-at-javascript-for-successful-bug-hunting-fddb0d796498?source=rss------bug_bounty-5Anas H Hmaidycybersecurity, bug-bounty, javascript, penetration-testing10-Jan-2024
A Beginner’s Guide to Bug Hunting: Your Passport to the World of Cybersecurityhttps://medium.com/@matsecurity/a-beginners-guide-to-bug-hunting-your-passport-to-the-world-of-cybersecurity-798cc4a1e76d?source=rss------bug_bounty-5MatSecbug-bounty, bug-bounty-tips, hackerone, cybersecurity, ethical-hacking10-Jan-2024
Daily Bug Bounty Writeupshttps://securitycipher.medium.com/daily-bug-bounty-writeups-2d754b87a546?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)hacking, technology, ai, security, bug-bounty09-Jan-2024
BYPASSING PAYMENTS IN APPLE FOR FREE TRAILS FOR LIFETIMEhttps://medium.com/@sam0-0/bypassing-payments-in-apple-for-free-trails-for-lifetime-8e3019dfe57b?source=rss------bug_bounty-5Sambug-bounty-writeup, bug-bounty, apple, apple-security09-Jan-2024
Bug Bounty prompt that can help you to find IDOR vulnerabilitieshttps://blog.gopenai.com/bug-bounty-prompt-that-can-help-you-to-find-idor-vulnerabilities-5a47fa5de44f?source=rss------bug_bounty-5aimasteridor, bug-bounty, bugbountyprompts, cybersecurity, chatgpt09-Jan-2024
Understanding Sherlock’s Smart Contract Coveragehttps://medium.com/@JohnnyTime/understanding-sherlocks-smart-contract-coverage-3eca7d9033bc?source=rss------bug_bounty-5Johnny Timesherlock, web3-security, audit-contest, bug-bounty, smart-contracts09-Jan-2024
How To Get A XSSI Bug In Bug Bounty— Bug Bounty Tuesdayhttps://medium.com/@kerstan/how-to-get-a-xssi-bug-in-bug-bounty-bug-bounty-tuesday-7440b0caf32c?source=rss------bug_bounty-5kerstanbug-bounty, security, technology, programming, cybersecurity09-Jan-2024
Developed a Bug Bounty Calculatorhttps://medium.com/@chander.romesh/developed-a-bug-bounty-calculator-b8370e04b15a?source=rss------bug_bounty-5Romesh chanderinformation-security, infosec, pentesting, hacking, bug-bounty09-Jan-2024
Recon Nedir ve Kullanılan Araçlarhttps://medium.com/@eren.klai2/recon-nedir-ve-kullan%C4%B1lan-ara%C3%A7lar-bac6b28479e4?source=rss------bug_bounty-5ErenCataksubdomain, pentesting, subdomains-enumeration, bug-bounty, recon09-Jan-2024
Subdomain Bruteforce Toolhttps://0xshaheen.medium.com/subdomain-bruteforce-tool-9dd3cd673df6?source=rss------bug_bounty-5Shaheen Sikdersubdomains-enumeration, subdomain, bug-bounty, subdomain-bruteforce09-Jan-2024
Get All your Clickjacking Vulnerability Triaged with this Exploitation!https://medium.com/@Ajakcybersecurity/get-all-your-clickjacking-vulnerability-triaged-with-this-exploitation-95de8291e285?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, bug-bounty, cybersecurity, blog, clickjacking09-Jan-2024
A Straight 5-hour Escalation! Exploiting Boolean-Based SQL Injection.https://medium.com/@Ajakcybersecurity/a-straight-5-hour-escalation-exploiting-boolean-based-sql-injection-5d828fd3dacf?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, bug-bounty, cybersecurity, red-team, sql09-Jan-2024
How to Write A Bug Bounty Report Like a Pro!https://medium.com/@Ajakcybersecurity/how-to-write-a-bug-bounty-report-like-a-pro-a703034d095f?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, ethical-hacking, ethcial-hacking, hacking, cybersecurity09-Jan-2024
How To Report Bug In Indian Government Site?https://medium.com/@Ajakcybersecurity/how-to-report-bug-in-indian-government-site-3f104eb5c40b?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, bug-bounty, blog, india, cybersecurity09-Jan-2024
How To Check Whether Your Photo is Leaked In Online or Not?https://medium.com/@Ajakcybersecurity/how-to-check-whether-your-photo-is-leaked-in-online-or-not-286a9feeadbd?source=rss------bug_bounty-5AjakCybersecurityinvestigation, digital-forensics, blog, cybersecurity, bug-bounty09-Jan-2024
2.11 Lab: Password reset poisoning via middleware | 2024https://cyberw1ng.medium.com/2-11-lab-password-reset-poisoning-via-middleware-2024-862897c7fc77?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, careers, security, bug-bounty09-Jan-2024
Tricks I Do To Get Easy HOF and Bounty!https://medium.com/@Ajakcybersecurity/tricks-i-do-to-get-easy-hof-and-bounty-99d6158eb53e?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, penetration-testing, blog, cybersecurity, bug-bounty09-Jan-2024
How Much Was My First Bounty?https://medium.com/@Ajakcybersecurity/how-much-was-my-first-bounty-9c02df4b1958?source=rss------bug_bounty-5AjakCybersecurityhacking, ethical-hacking, cybersecurity, penetration-testing, bug-bounty09-Jan-2024
The Art and Science Behind Password Managershttps://medium.com/@paritoshblogs/the-art-and-science-behind-password-managers-fbf5fb9c7f99?source=rss------bug_bounty-5Paritoshinformation-security, cybersecurity, password-manager, hacking, bug-bounty08-Jan-2024
Top 13 Vulnerable Web Applications and Websites for Ethical Hacking Practicehttps://bytebusterx.medium.com/top-13-vulnerable-web-applications-and-websites-for-ethical-hacking-practice-1850c6163e89?source=rss------bug_bounty-5ByteBusterXbug-bounty, hacking, cybersecurity08-Jan-2024
Rapid Scan (Web Vulnerability Scanner)https://medium.com/@psychomong/rapid-scan-web-vulnerability-scanner-d164cefc3c9a?source=rss------bug_bounty-5psychomonghacking, bug-bounty, scanner, hackerone, python08-Jan-2024
2.10 Lab: Offline password cracking | 2024https://cyberw1ng.medium.com/2-10-lab-offline-password-cracking-2024-e730fb915f73?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, security, cybersecurity, hacking08-Jan-2024
Blind boolean-based SQLi, by manipulating urlhttps://medium.com/@zatikyan.sevada/blind-boolean-based-sqli-by-manipulating-url-96e1e086378c?source=rss------bug_bounty-5Zatikyan Sevadacybersecurity, sqlmap, bug-bounty, owasp, sql-injection08-Jan-2024
HTTP PARAMTER POLLUTION [TR]https://medium.com/@eren.klai2/http-paramter-pollution-tr-700e254be60e?source=rss------bug_bounty-5ErenCatakpentesting, bug-bounty, turkey, http-parameter-pollution, parameter-tampering08-Jan-2024
2.9 Lab: Brute-forcing a stay-logged-in cookie | 2024https://cyberw1ng.medium.com/2-9-lab-brute-forcing-a-stay-logged-in-cookie-2024-065110f81d48?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, security, cybersecurity, hacking, careers07-Jan-2024
Digital Forensics Investigation Report PDF- A Court Manner.https://medium.com/@Ajakcybersecurity/digital-forensics-investigation-report-pdf-a-court-manner-daaa24c60458?source=rss------bug_bounty-5AjakCybersecuritywireshark, bug-bounty, networking, digital-forensics, blog07-Jan-2024
Top Programming Languages You Need to Know In 2024https://medium.com/@Ajakcybersecurity/top-programming-languages-you-need-to-know-in-2024-372db341015f?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, cybersecurity, python, medium, programming07-Jan-2024
XSS (Cross-Site Scripting) Reports on codechef.comhttps://medium.com/@mr_sopyan/xss-cross-site-scripting-reports-on-codechef-com-1a674f9ba9d8?source=rss------bug_bounty-5Mr_Sopyancybersecurity, xss-attack, bug-bounty, it-security07-Jan-2024
How to match IOCs against SIEM logs ?https://medium.com/@paritoshblogs/how-to-match-iocs-against-siem-logs-9d61079d16c6?source=rss------bug_bounty-5Paritoshsiem, hacking, bug-bounty, cybersecurity, ioc07-Jan-2024
Paid Subscriptions Resources which will be useful for Ethical Hacking/Bug Bounty (No Promotion)…https://medium.com/@Ajakcybersecurity/paid-subscriptions-resources-which-will-be-useful-for-ethical-hacking-bug-bounty-no-promotion-94b2aad97b18?source=rss------bug_bounty-5AjakCybersecuritymedium, udemy, ethical-hacking, bug-bounty, cybersecurity07-Jan-2024
Learn Cybersecurity By Doing Simple Projects at Homehttps://medium.com/@Ajakcybersecurity/learn-cybersecurity-by-doing-simple-projects-at-home-81fe4a512a65?source=rss------bug_bounty-5AjakCybersecuritycybersecurity, bug-bounty, projects, ethical-hacking, hacking07-Jan-2024
Top 5 Best Laptops for Bug Bounty and Ethical Hackinghttps://medium.com/@Ajakcybersecurity/top-5-best-laptops-for-bug-bounty-and-ethical-hacking-c0ce6fe4917c?source=rss------bug_bounty-5AjakCybersecurityhacking, blog, laptop, programming, bug-bounty07-Jan-2024
Os Command Injectionhttps://medium.com/@eren.klai2/os-command-injection-536087488e87?source=rss------bug_bounty-5ErenCatakbug-bounty, pentesting, os-command-injection, operating-systems, bash-script07-Jan-2024
Top 5 Best Books for Bug Bounty Hunting- My Personal Favouriteshttps://medium.com/@Ajakcybersecurity/top-5-best-books-for-bug-bounty-hunting-my-personal-favourites-ec416ab4ea25?source=rss------bug_bounty-5AjakCybersecurityethical-hacking, hacking, money, bug-bounty, blog06-Jan-2024
HackerOne or BugCrowd or VDP? How To Choose your Bug Bounty Program?https://medium.com/@Ajakcybersecurity/hackerone-or-bugcrowd-or-vdp-how-to-choose-your-bug-bounty-program-c4a4d202397c?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, hackerone, blog, penetration-testing, ethical-hacking06-Jan-2024
How I Cracked CEH Within 6 Months Only With Free Resources.https://medium.com/@Ajakcybersecurity/how-i-cracked-ceh-within-6-months-only-with-free-resources-c362d122ee01?source=rss------bug_bounty-5AjakCybersecurityhacking, bug-bounty, blog, ethical-hacking, certification06-Jan-2024
Bug Bounty Mistakes I Made in 2023, So that You Can Avoid in 2024https://medium.com/@Ajakcybersecurity/bug-bounty-mistakes-i-made-in-2023-so-that-you-can-avoid-in-2024-3737663807fc?source=rss------bug_bounty-5AjakCybersecuritypenetration-testing, hacking, ethical-hacking, cybersecurity, bug-bounty06-Jan-2024
Unveiling the Dangers of CWE-319: Clear Text Transmission of Sensitive Informationhttps://medium.com/@georgeppmc/unveiling-the-dangers-of-cwe-319-clear-text-transmission-of-sensitive-information-1ada2d1f4ca5?source=rss------bug_bounty-5George Torresbug-bounty06-Jan-2024
Gi7w0rm’s personal year review — 2023https://gi7w0rm.medium.com/gi7w0rms-personal-year-review-2023-f4726b46b604?source=rss------bug_bounty-5Gi7w0rmioc, bug-bounty, cybersecurity, infosec, 202306-Jan-2024
500$ Access Control Bug: Performed Restricted Actions in Developer Settings by low level user.https://medium.com/@a13h1/500-access-control-bug-performed-restricted-actions-in-developer-settings-by-low-level-user-b4ecaa6d1aa1?source=rss------bug_bounty-5Abhi Sharmaprogramming, bug-bounty, pentesting, access-control, cybersecurity06-Jan-2024
Best AI Tools For Cybersecurity in 2024https://medium.com/@paritoshblogs/best-ai-tools-for-cybersecurity-in-2024-9f9972919f1d?source=rss------bug_bounty-5Paritoshbug-bounty, hacking, networking, information-security, cybersecurity06-Jan-2024
The Art of Shodanhttps://astro0x00.medium.com/the-art-of-shodan-ee83bfa96105?source=rss------bug_bounty-5Mo2men Elmadybug-bounty, shodan, penetration-testing, cve, hacking06-Jan-2024
2.8 Lab: 2FA broken logic | 2024https://cyberw1ng.medium.com/2-8-lab-2fa-broken-logic-2024-30a843da98ca?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, hacking, careers, bug-bounty, security06-Jan-2024
The History Behind My First Bughttps://dropn0w.medium.com/the-history-behind-my-first-bug-539b913b9667?source=rss------bug_bounty-5dropbug-bounty-tips, hacking, bug-bounty, cybersecurity06-Jan-2024
The Story Behind My First Bughttps://dropn0w.medium.com/the-history-behind-my-first-bug-539b913b9667?source=rss------bug_bounty-5dropbug-bounty-tips, hacking, bug-bounty, cybersecurity06-Jan-2024
Ethical Hacking RoadMap 2024. A Complete Guide.https://medium.com/@testproxy027/ethical-hacking-roadmap-2024-a-complete-guide-74a7a09668af?source=rss------bug_bounty-5Ankit Hackercybersecurity, bug-bounty, hacking, ethical-hacking, medium05-Jan-2024
I received a Bank offer in my mailbox and discovered an IDOR vulnerability - $5,000 bounty - @bxmbnhttps://bxmbn.medium.com/i-received-a-bank-offer-in-my-mailbox-and-discovered-an-idor-vulnerability-5-000-bounty-bxmbn-5209cab1fba8?source=rss------bug_bounty-5bomboncybersecurity, idor, bug-bounty05-Jan-2024
How I Prevented a Mass Data Breach - $15,000 bounty - @bxmbnhttps://bxmbn.medium.com/how-i-prevented-a-mass-data-breach-15-000-bounty-bxmbn-1096e6400e3d?source=rss------bug_bounty-5bombonbug-bounty, data-breach, idor, cybersecurity05-Jan-2024
Cybersecurity Roadmap: 2024https://hackerassociate.medium.com/cybersecurity-roadmap-2024-ea3586fea603?source=rss------bug_bounty-5Harshad Shahinfosec, cybersecurity, penetration-testing, bug-bounty, hacking05-Jan-2024
How to Earn Money as a Digital Forensics Investigatorhttps://medium.com/@moneyiseasybro/how-to-earn-money-as-a-digital-forensics-investigator-dae9723ebb10?source=rss------bug_bounty-5How to Earnethical-hacking, cybersecurity, finance, money, bug-bounty05-Jan-2024
How Celebrities Social media accounts get hacked in real time?https://medium.com/@Ajakcybersecurity/how-celebrities-social-media-accounts-get-hacked-in-real-time-4ccb37ac0763?source=rss------bug_bounty-5AjakCybersecurityphishing, ethical-hacking, cybersecurity, digital-forensics, bug-bounty05-Jan-2024
How to Become a Successful Bug Bounty Hunter in 2024?https://medium.com/@Ajakcybersecurity/how-to-become-a-successful-bug-bounty-hunter-in-2024-3171b782b585?source=rss------bug_bounty-5AjakCybersecuritybug-bounty, ethical-hacking, blog, cybersecurity, hacking05-Jan-2024
Listed in Top 15 Researchers in NCIIPC Indiahttps://devanshchauhan4565.medium.com/listed-in-top-15-researchers-in-nciipc-india-4143da2d75e9?source=rss------bug_bounty-5Devansh chauhantop-10, bug-bounty, internet, vulnerability, india05-Jan-2024
Privilege Escalation Using SCIM Provisioninghttps://ronak-9889.medium.com/privilege-escalation-using-scim-provisioning-ca61ed9606bd?source=rss------bug_bounty-5Ronak Patelbug-bounty, information-security, privilege-escalation, access-control, cybersecurity05-Jan-2024
Website Hacking, Penetration Testing & Bug Bounty Hunting Resources full coursehttps://thehackertools9.medium.com/website-hacking-penetration-testing-bug-bounty-hunting-resources-full-course-0010c0603bd9?source=rss------bug_bounty-5TheHackerLifebug-bounty-tips, bug-bounty, website-hacking, hacking-tools, ethical-hacking-tools05-Jan-2024
2.7 Lab: Username enumeration via account lock | 2024https://cyberw1ng.medium.com/2-7-lab-username-enumeration-via-account-lock-2024-9ae1d7eef4a6?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, hacking, bug-bounty, cybersecurity, careers05-Jan-2024
My first bugs in 2024https://medium.com/@el-cezeri/my-first-bugs-in-2024-82ea4e9de718?source=rss------bug_bounty-5Samet Yiğitödülavcılığı, bug-bounty, bug-bounty-tips05-Jan-2024
Vulnerable WordPress December 2023 (Shahriar)https://medium.com/@onhexgroup/vulnerable-wordpress-december-2023-shahriar-16277c1cd3b8?source=rss------bug_bounty-5Onhexgroupwordpress-security, wordpress-plugins, infosec, bug-bounty, wordpress05-Jan-2024
Exploring “Jok3r”: A Powerful Network/Host Reconnaissance and Enumeration Tool.https://sh1vv1.medium.com/exploring-jok3r-a-powerful-network-host-reconnaissance-and-enumeration-tool-43b524c580f0?source=rss------bug_bounty-5Hesham Ahmedtips-and-tricks, tools, penetration-testing, bug-bounty, bug-hunting05-Jan-2024
Web Security Academy — API Security Testing Walkthroughhttps://iaraoz.medium.com/web-security-academy-api-security-testing-walkthrough-11019ed93eae?source=rss------bug_bounty-5Israel Aráoz Severicheapi, bug-bounty, web, hacking, portswigger-lab05-Jan-2024
9 Subtle Tricks To Make Your Cybersecurity Skills Much Betterhttps://medium.com/@paritoshblogs/9-subtle-tricks-to-make-your-cybersecurity-skills-much-better-4f7e48b3fd57?source=rss------bug_bounty-5Paritoshbug-bounty, ai, cybersecurity, programming, hacking04-Jan-2024
Exploring Application Security with SAST, DAST, SCA, and IASThttps://securitycipher.medium.com/exploring-application-security-with-sast-dast-sca-and-iast-95b27043d9fd?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)security, bug-bounty, hacking, technology, cybersecurity04-Jan-2024
How do i bypass waf for xss in input tag?https://medium.com/@lyltvip/how-do-i-bypass-waf-for-xss-in-input-tag-2adcdc1b7e25?source=rss------bug_bounty-5lanyibug-bounty-tips, hacking, xss-vulnerability, xss-attack, bug-bounty04-Jan-2024
CORS Crossfire: An iCSI CTFhttps://medium.com/@josh.beck2006/cors-crossfire-an-icsi-ctf-35a73f700207?source=rss------bug_bounty-5Josh Beckcybersecurity, penetration-testing, ctf-writeup, bug-bounty04-Jan-2024
2.6 Lab: Broken brute-force protection, IP block | 2024https://cyberw1ng.medium.com/2-6-lab-broken-brute-force-protection-ip-block-2024-8057a53b999a?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, bug-bounty, careers, cybersecurity, hacking04-Jan-2024
Account Takeover? $4 and a click, please.https://swehtpantz.medium.com/account-takeover-4-and-a-click-please-454c035aa3b6?source=rss------bug_bounty-5Swehtpantzhacking, pentesting, ethical-hacking, bug-bounty, bug-bounty-tips04-Jan-2024
Bug Bountyhttps://medium.com/@montymahapatra79/bug-bounty-02310f6d39f9?source=rss------bug_bounty-5Montymahapatrabug-bounty-tips, bug-bounty-hunter, bug-bounty04-Jan-2024
Ethical Hacking RoadMap 2024. A Complete Guide.https://ajaksecurities.medium.com/ethical-hacking-roadmap-2024-a-complete-guide-23b23262b1b8?source=rss------bug_bounty-5Ajak Cyber Securityethical-hacking, hacking, bug-bounty, medium, cybersecurity04-Jan-2024
How to Become a Successful Bug Bounty Hunter in 2024?https://ajaksecurities.medium.com/how-to-become-a-successful-bug-bounty-hunter-in-2024-106f576b03e2?source=rss------bug_bounty-5Ajak Cyber Securityethical-hacking, hacking, bug-bounty, cybersecurity, medium04-Jan-2024
Essential Gadgets for Bug Bounty Hunters: Enhancing Your Cybersecurity Arsenalhttps://securitylit.medium.com/essential-gadgets-for-bug-bounty-hunters-enhancing-your-cybersecurity-arsenal-40173ec2945f?source=rss------bug_bounty-5Security Lit Limitedgadgets, cybersecurity, bug-bounty, vulnerability04-Jan-2024
OpenBounty, phương pháp tiếp cận mới của Shentu trong Hệ sinh thái bảo mậthttps://shentuchain.medium.com/openbounty-ph%C6%B0%C6%A1ng-ph%C3%A1p-ti%E1%BA%BFp-c%E1%BA%ADn-m%E1%BB%9Bi-c%E1%BB%A7a-shentu-trong-h%E1%BB%87-sinh-th%C3%A1i-b%E1%BA%A3o-m%E1%BA%ADt-bc52f8fd13ff?source=rss------bug_bounty-5Shentu Chainbug-bounty, bounty-program, web3, bounty-hunter, cybersecurity03-Jan-2024
GooFuzz: A Fuzzing Tool with an OSINT Approachhttps://medium.com/@cuncis/goofuzz-a-fuzzing-tool-with-an-osint-approach-306fe481824f?source=rss------bug_bounty-5Cuncisbug-bounty, penetration-test, google-dork, penetration-testing, osint03-Jan-2024
How to Correctly setup Android Penetration Testing on a MacBookhttps://infosecwriteups.com/how-to-correctly-setup-android-penetration-testing-on-a-macbook-659f244f84c8?source=rss------bug_bounty-5Supun Halangoda (Suppa)bug-bounty, penetration-testing, mobile-penetration-test, macbook-pro, android-pentesting03-Jan-2024
LoveTok | HackTheBox web challenge Writeuphttps://gxbnt.medium.com/lovetok-hackthebox-web-challenge-writeup-e3b99967c3b7?source=rss------bug_bounty-5Bishal - #GxbNthackthebox-writeup, oscp, web, offensive-security, bug-bounty03-Jan-2024
A Guide on Crafting Robust Invariants with Echidnahttps://medium.com/coinmonks/a-guide-on-crafting-robust-invariants-with-echidna-fc980d8e2c0c?source=rss------bug_bounty-5Chirag Agrawalbug-bounty, smart-contracts, cybersecurity, cryptocurrency, security03-Jan-2024
Found reflected xss on a real targethttps://medium.com/@jeetpal2007/found-reflected-xss-on-a-real-target-30b80b2f53e4?source=rss------bug_bounty-5JEETPALrxss, xs, bugs, bug-bounty03-Jan-2024
My Bug Bounty Write Ups (Part-1)https://karthikeyamade.medium.com/my-bug-bounty-write-ups-part-1-63ed3e788873?source=rss------bug_bounty-5Karthikeya Saibug-bounty-tips, bug-bounty03-Jan-2024
My First Bug Bounty: Lessons Learned and Money Earnedhttps://medium.com/@georgeppmc/my-first-bug-bounty-lessons-learned-and-money-earned-d6fc31744621?source=rss------bug_bounty-5George Torresbug-bounty-tips, bug-hunting, bug-bounty-writeup, bug-bounty, hackerone03-Jan-2024
Comparing CVE & CWE : Understanding Security Vulnerabilitieshttps://medium.com/@zouhairelgarouni/comparing-cve-cwe-understanding-security-vulnerabilities-84442ab1e0e7?source=rss------bug_bounty-5ZOUHAIR EL GAROUNIvulnerability, vulnerability-management, cyber-security-awareness, cybersecurity, bug-bounty03-Jan-2024
you need to learn linux RIGHT NOW!!https://medium.com/@paritoshblogs/you-need-to-learn-linux-right-now-7239f4dcc1c6?source=rss------bug_bounty-5Paritoshhacking, cybersecurity, linux, programming, bug-bounty02-Jan-2024
Bug Bounty Hunting | Reconnaissance | Subdomain Enumerationhttps://me-ankeet.medium.com/bug-bounty-hunting-reconnaissance-subdomain-enumeration-854d880c3406?source=rss------bug_bounty-5Ankeetbug-bounty, hacking, information-security, cybersecurity, bug-bounty-tips02-Jan-2024
How .git folder can be exploited to access sensitive datahttps://satyasai1460.medium.com/how-git-folder-can-be-exploited-to-access-sensitive-data-eb805c38fd6c?source=rss------bug_bounty-5Bala Naga Satya sai Devarapalliinformation-technology, cybersecurity, bug-bounty, bugs, bug-bounty-tips02-Jan-2024
From P5 to Payday $$$: Escalating Reflected XSS to Account Takeoverhttps://hasanka-amarasinghe.medium.com/from-p5-to-payday-escalating-reflected-xss-to-account-takeover-bc25a171a3d5?source=rss------bug_bounty-5Hasanka Amarasinghexss-attack, bug-bounty, cross-site-scripting, account-takeover, cybersecurity02-Jan-2024
Account Takeover on International Exchange — Bug Bounty Tuesdayhttps://medium.com/@kerstan/account-takeover-on-international-exchange-bug-bounty-tuesday-cf41a54bc4b7?source=rss------bug_bounty-5kerstancybersecurity, bug-bounty, technology, programming02-Jan-2024
The Lexer Markets security review storyhttps://medium.com/@mweiss.eth/the-lexer-markets-security-review-story-a812539d62db?source=rss------bug_bounty-50xWeisssecurity, audit, bug-bounty, smart-contracts02-Jan-2024
DOM XSS in document.write sink using source location.search inside a select elementhttps://medium.com/@marduk.i.am/dom-xss-in-document-write-sink-using-source-location-search-inside-a-select-element-0c47fc033bcf?source=rss------bug_bounty-5Marduk I Amportswigger-lab, dom-xss, cross-site-scripting, cybersecurity, bug-bounty02-Jan-2024
2.4 Lab: Username enumeration via subtly different responses | 2024https://cyberw1ng.medium.com/2-4-lab-username-enumeration-via-subtly-different-responses-2024-eb37130d41a8?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, careers, hacking, cybersecurity, security02-Jan-2024
Stealing private messages using XSS on subdomainhttps://medium.com/@shcyber/stealing-private-messages-using-xss-on-subdomain-97f0304b132f?source=rss------bug_bounty-5SHCyberwebsocket, csrf, bug-bounty, xss-attack, hacking02-Jan-2024
From Disclosure to High Severity: Leveraging Dyte API Key for Maximum Impacthttps://padsalatushal.medium.com/from-disclosure-to-high-severity-leveraging-dyte-api-key-for-maximum-impact-468c444963c6?source=rss------bug_bounty-5Padsala Tushalapi-security, cybersecurity, bug-bounty-tips, infosec, bug-bounty02-Jan-2024
SQL Injection (SQLi): WWWWWH?https://medium.com/@rcxsecurity/sql-injection-sqli-wwwwwh-d847972b3e45?source=rss------bug_bounty-5RCXSecuritysql-injection, bug-bounty, information-security, penetration-testing, cybersecurity01-Jan-2024
How Do I Get Root Access on a Linux Serverhttps://systemweakness.com/how-do-i-get-root-access-on-a-linux-server-874d29015305?source=rss------bug_bounty-5RyuuKhagetsubug-bounty, infosec, web-application-security, pentesting, bug-bounty-writeup01-Jan-2024
Understanding the MITRE ATT&CK Framework: A Comprehensive Overviewhttps://medium.com/@paritoshblogs/understanding-the-mitre-att-ck-framework-a-comprehensive-overview-c1499d195da0?source=rss------bug_bounty-5Paritoshmitre-attack, ai, hacking, bug-bounty, cybersecurity01-Jan-2024
Reflected XSS into a JavaScript string with angle brackets HTML encodedhttps://medium.com/@marduk.i.am/reflected-xss-into-a-javascript-string-with-angle-brackets-html-encoded-c9e2ed86f489?source=rss------bug_bounty-5Marduk I Ambug-bounty, reflected-xss, portswigger-lab, cross-site-scripting, cybersecurity01-Jan-2024
Automating GitHub Recon for Sensitive Information Discoveryhttps://medium.com/@paxnull/automating-github-recon-for-sensitive-information-discovery-c96b677857cf?source=rss------bug_bounty-5paxnullbug-bounty, bug-bounty-writeup, automation-tools, reconnaissance, bug-bounty-tips01-Jan-2024
The power of Client-Side Path Traversal: How I found and escalated 2 bugs through “../”https://medium.com/@Nightbloodz/the-power-of-client-side-path-traversal-how-i-found-and-escalated-2-bugs-through-670338afc90f?source=rss------bug_bounty-5Alvaro Baladabug-bounty-tips, info-sec-writeups, bug-bounty-writeup, cybersecurity, bug-bounty01-Jan-2024
1.18 Lab: SQL injection attack, listing the database contents on Oracle | 2024https://cyberw1ng.medium.com/1-18-lab-sql-injection-attack-listing-the-database-contents-on-oracle-2024-cec2a796740f?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, security, bug-bounty, careers, hacking01-Jan-2024
Another 4 Digit Bounty Story on Hackeronehttps://medium.com/@jai.lani9001/another-4-digit-bounty-story-on-hackerone-58dba8c19818?source=rss------bug_bounty-5Jai Lanibug-bounty01-Jan-2024
CVE-2023–34635: UNIBOX 3.0/3.1 SQL Injection login bypasshttps://medium.com/@davidkarpinski1/cve-2023-34635-unibox-3-0-3-1-sql-injection-login-bypass-fc33004e70c0?source=rss------bug_bounty-5David Eduardo Karpinskibug-bounty, sql-login, unibox, sqli, login-bypass01-Jan-2024
Exploring the Depths: DNS Wildcard and Subdomain Takhttps://alvinbijo.medium.com/exploring-the-depths-dns-wildcard-and-subdomain-tak-6deed7aebcb1?source=rss------bug_bounty-5Alvin bijobug-bounty, bugbounty-writeup01-Jan-2024
Bug Zero at a Glance [01–15 December]https://blog.bugzero.io/bug-zero-at-a-glance-01-15-december-cdb358653f8e?source=rss------bug_bounty-5Januka Dharmapriyacybersecurity, sri-lanka, bug-bounty, bug-zero, newsletter31-Dec-2023
Uncovering LFI Attack ‍https://medium.com/@cyberkarthi/uncovering-ssrf-attack-12064069205f?source=rss------bug_bounty-5Karthikeyan Cethical-hacking, pentesting, bug-bounty, bugbounty-writeup31-Dec-2023
I hate Hackerone / X Website Vulnerability — Bug Bounty Hunterhttps://medium.com/@batuhanaydinn/i-hate-hackerone-x-website-vulnerability-bug-bounty-hunter-3e43a7e0bc80?source=rss------bug_bounty-5Batuhan Aydınhacking, hackerone, bug-bounty, penetration-testing, hacker31-Dec-2023
1.17 Lab: SQL injection attack, listing the database contents on non-Oracle databases | 2023https://systemweakness.com/1-17-lab-sql-injection-attack-listing-the-database-contents-on-non-oracle-databases-2023-2026162bf6ef?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, bug-bounty, hacking, security, careers31-Dec-2023
DNS-Related Attacks and Exampleshttps://medium.com/@paritoshblogs/dns-related-attacks-and-examples-fee4da0cc2d6?source=rss------bug_bounty-5Paritoshdns, cybersecurity, bug-bounty, hacking, programming31-Dec-2023
How I hacked India’s top company database.https://medium.com/@sritharcyber/how-i-hacked-indias-top-company-database-d66b9fc49cb0?source=rss------bug_bounty-5Srithar Cybersqli, pentest, recent, hacked, bug-bounty31-Dec-2023
Simple Subdomain Takeoverhttps://infosecwriteups.com/simple-subdomain-takeover-15129e19bbb4?source=rss------bug_bounty-5hackerdevilvulnerability-assessment, bug-bounty, bug-bounty-writeup, bug-bounty-tips, web-app-security31-Dec-2023
Master Subdomain HUNTING | Art of finding Hidden Assetshttps://yashh2.medium.com/master-subdomain-hunting-art-of-finding-hidden-assets-3351b3c8467a?source=rss------bug_bounty-5ʏᴀꜱʜʜcybersecurity, infosec, bug-bounty, bug-bounty-tips, hacking30-Dec-2023
Woowow Bug Bounty Campaignhttps://medium.com/@woowow/woowow-bug-bounty-campaign-569e7b7868f3?source=rss------bug_bounty-5Woowowqitmeerecosystem, bounty-campaign, marketplaces, woowow, bug-bounty30-Dec-2023
How i Hacked My First Target using GooGle Dorkinghttps://mrunknown124154.medium.com/how-i-hacked-my-first-target-using-google-dorking-43cb999ad8db?source=rss------bug_bounty-5Mr Abdullahsql-injection, google-dorking, bug-bounty, hacking, sql-injection-attack30-Dec-2023
417$ Simple IDOR: Unauthorized Contact Details Modificationhttps://medium.com/@a13h1/417-simple-idor-unauthorized-contact-details-modification-92e8211439e4?source=rss------bug_bounty-5Abhi Sharmaprogramming, cybersecurity, hacking, bug-bounty, idor30-Dec-2023
Sudomain Takeover via Shopify(Easy Bounty $$$$)https://medium.com/@paxnull/sudomain-takeover-via-shopify-easy-bounty-300f839aa15d?source=rss------bug_bounty-5paxnullbug-bounty, tips, bug-bounty-tips, subdomain-takeover, bug-bounty-writeup30-Dec-2023
XSS deep dive P1 (theory)(publish early,please waiting for 2 days to read)https://medium.com/@nguhuynh.148/xss-deep-dive-p1-theory-637af86f335d?source=rss------bug_bounty-5Nguhuynhxss-vulnerability, xss-attack, xss-bypass, bug-bounty30-Dec-2023
Stored XSS into anchor href attribute with double quotes HTML-encodedhttps://medium.com/@marduk.i.am/stored-xss-into-anchor-href-attribute-with-double-quotes-html-encoded-1f88ba0b990f?source=rss------bug_bounty-5Marduk I Amstored-xss, bug-bounty, cybersecurity, cross-site-scripting, portswigger-lab30-Dec-2023
1.16 Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft |…https://cyberw1ng.medium.com/1-16-lab-sql-injection-attack-querying-the-database-type-and-version-on-mysql-and-microsoft-5f2785ebb06f?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, cybersecurity, bug-bounty, hacking, careers30-Dec-2023
HTTPX Troubleshooting Issuehttps://infosecwriteups.com/httpx-troubleshooting-issue-38b61549126b?source=rss------bug_bounty-5Jarred Longoriabug-bounty, linux, troubleshooting, help, httpx30-Dec-2023
From Google Dorking to Unauthorized AWS Account Access and Account Takeoverhttps://medium.com/@ar_hawk/from-google-dorking-to-unauthorized-aws-account-access-and-account-takeover-89eb2b9d284f?source=rss------bug_bounty-5Aayush Vishnoissrf, bug-bounty-tips, bug-bounty30-Dec-2023
Reflected XSS into attribute with angle brackets HTML-encodedhttps://medium.com/@marduk.i.am/reflected-xss-into-attribute-with-angle-brackets-html-encoded-986d943b3fd2?source=rss------bug_bounty-5Marduk I Amportswigger-lab, cybersecurity, bug-bounty, cross-site-scripting, xss-vulnerability29-Dec-2023
Beyond Search Queries: Bug Bounty Hunting with Dorkzhttps://medium.com/@paxnull/beyond-search-queries-bug-bounty-hunting-with-dorkz-850cfa8c3ddc?source=rss------bug_bounty-5paxnulltips, dorking, recon, bug-bounty-tips, bug-bounty29-Dec-2023
Behind the Firewall: My First Valid Bug — Exposing Security Flaw in a multi-dollar Financial and…https://medium.com/@MohaseenK/behind-the-firewall-my-first-valid-bug-exposing-security-flaw-in-a-multi-dollar-financial-and-ff56e7bc4589?source=rss------bug_bounty-5Mohaseenpentesting, bug-bounty, rate-limiting, hackerone, bugcrowd29-Dec-2023
How to find unprotected databases with Netlas.io?https://netlas.medium.com/how-to-find-unprotected-databases-with-netlas-io-2bf186e9fc2d?source=rss------bug_bounty-5Netlas.ioosint, penetration-testing, bug-bounty, osint-investigation, cybersecurity29-Dec-2023
1.15 Lab: SQL injection attack, querying the database type and version on Oracle | 2023https://cyberw1ng.medium.com/1-15-lab-sql-injection-attack-querying-the-database-type-and-version-on-oracle-2023-cd4118eb604d?source=rss------bug_bounty-5Karthikeyan Nagarajsecurity, bug-bounty, careers, hacking, cybersecurity29-Dec-2023
KisMAC is a free, open source wireless stumbling and security tool for Mac OS Xhttps://medium.com/@dineshpathro593/kismac-is-a-free-open-source-wireless-stumbling-and-security-tool-for-mac-os-x-03746fdea831?source=rss------bug_bounty-5Dineshpathrobugs, bug-bounty, bug-bounty-tips, hacking, hackin29-Dec-2023
OTP-Bot Tool CLICK HEREhttps://medium.com/@dineshpathro593/otp-bot-tool-click-here-7f3ee559ca21?source=rss------bug_bounty-5Dineshpathrobug-bounty-tips, hacking-tools, bug-bounty, hacking, bugs29-Dec-2023
Recon Tools For Web Applicationhttps://medium.com/@dineshpathro593/recon-tools-for-web-application-714af64e7d07?source=rss------bug_bounty-5Dineshpathrohacking, hacker, bug-bounty, bug-bounty-tips, hackathons29-Dec-2023
200 Materials of CyberSecurity in PDFshttps://medium.com/@dineshpathro593/200-materials-of-cybersecurity-in-pdfs-e7a942123be5?source=rss------bug_bounty-5Dineshpathrocybersecurity, hackathons, bug-bounty, hacking, bug-bounty-tips29-Dec-2023
Bug Bounty: The road to my first $1000 through hacking public websiteshttps://swehtpantz.medium.com/bug-bounty-the-road-to-my-first-1000-through-hacking-public-websites-a0e2aa1b7271?source=rss------bug_bounty-5Swehtpantzethical-hacking, bug-bounty, bug-bounty-tips, hacking, bugbounty-writeup28-Dec-2023
HackTheBox(HTB) Writeup — Nodehttps://medium.com/@harman.preet.singh3738/hackthebox-htb-writeup-node-5600a442e393?source=rss------bug_bounty-5Harmanpreet Singhpenetration-testing, bug-bounty, tryhackme, ethical-hacking, hackthebox28-Dec-2023
️ Protect Yourself: The Power of OPSEChttps://medium.com/@teckgamer07/%EF%B8%8F-protect-yourself-the-power-of-opsec-17a7ec256427?source=rss------bug_bounty-5Macmelterbugsbounty, hacking, bug-bounty, cybersecurity28-Dec-2023
Multiple RXSShttps://medium.com/@0xchoudhary/multiple-rxss-f3f796287f34?source=rss------bug_bounty-5Sushil Choudharybounty-hunter, xss-attack, bug-bounty-tips, bug-bounty, hackerone28-Dec-2023
Stored XSS via File upload(using svg file)https://medium.com/@paxnull/stored-xss-via-file-upload-using-svg-file-c1e2a33ed8a8?source=rss------bug_bounty-5paxnullbug-bounty, tips, bugbounty-tips, xss-vulnerability, hacking28-Dec-2023
Authorization problemhttps://medium.com/@nguhuynh.148/authorization-problem-2bb053c215cd?source=rss------bug_bounty-5Nguhuynhbroken-access-control, hacking, bug-bounty, hacks, bug-bounty-tips28-Dec-2023
CVE-2023–51356: ARMember <= 4.0.10 — Authenticated Privilege Escalationhttps://revan-ar.medium.com/cve-2023-51356-armember-4-0-10-authenticated-privilege-escalation-7e0c7fbe5a79?source=rss------bug_bounty-5Revan Abug-bounty, privilege-escalation, wordpress-plugins, penetration-testing28-Dec-2023
1.14 Lab: SQL injection with filter bypass via XML encoding | 2023https://cyberw1ng.medium.com/1-14-lab-sql-injection-with-filter-bypass-via-xml-encoding-2023-9794dc7bf9f4?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, bug-bounty, penetration-testing, hacking28-Dec-2023
How I made 7K on Epic Games Bug Bountyhttps://medium.com/@synapticspace/how-i-made-7k-on-epic-games-bug-bounty-8529728b9fcf?source=rss------bug_bounty-5SynapticSpacebug-bounty-writeup, hacking, bug-bounty, bug-bounty-tips28-Dec-2023
How I made 7K on Epic Games Bug Bountyhttps://infosecwriteups.com/how-i-made-7k-on-epic-games-bug-bounty-8529728b9fcf?source=rss------bug_bounty-5SynapticSpacebug-bounty-writeup, hacking, bug-bounty, bug-bounty-tips28-Dec-2023
DOM XSS in jQuery selector sink using a hashchange eventhttps://medium.com/@marduk.i.am/dom-xss-in-jquery-selector-sink-using-a-hashchange-event-bb3c355b3633?source=rss------bug_bounty-5Marduk I Amportswigger-lab, bug-bounty, dom-xss, cybersecurity, cross-site-scripting27-Dec-2023
Amass: New Config File Updatehttps://hackerassociate.medium.com/amass-new-config-file-update-e95d09b6eb70?source=rss------bug_bounty-5Harshad Shahpenetration-testing, cybersecurity, infosec, hacking, bug-bounty27-Dec-2023
DOM XSS on Hackerone Programs — Bug Bounty Tuesdayhttps://medium.com/@kerstan/dom-xss-on-hackerone-programs-bug-bounty-tuesday-8973ecf6af95?source=rss------bug_bounty-5kerstanxss-attack, security, cybersecurity, technology, bug-bounty27-Dec-2023
1.13 Lab: Blind SQL injection with out-of-band data exfiltration | 2023https://cyberw1ng.medium.com/1-13-lab-blind-sql-injection-with-out-of-band-data-exfiltration-2023-f83a1448b685?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, cybersecurity, hacking, careers27-Dec-2023
“Crucial Bug Bounty Hacks: Habits with Enduring Benefits”https://medium.com/@paxnull/secrets-of-the-hunter-pro-tips-for-effective-bug-bounty-hunting-1a261df4444d?source=rss------bug_bounty-5paxnulltips, learning, programming, bugbounty-tips, bug-bounty27-Dec-2023
Inside the Digital Vault: How I Unearthed PII Goldmine — Exposing 15K GST Users’ Information in a…https://medium.com/@MohaseenK/inside-the-digital-vault-how-i-unearthed-pii-goldmine-exposing-15k-gst-users-information-in-a-38c3105889ea?source=rss------bug_bounty-5Mohaseenbug-bounty, hackerone, bugcrowd, information-disclosure, indian-government27-Dec-2023
How Does DNS Work and What is DNS Poisoning?https://medium.com/@bcanote/how-does-dns-work-and-what-is-dns-poisoning-4c187fb3f2b0?source=rss------bug_bounty-5bcanotecybersecurity, hacking, dns, dns-poisoning, bug-bounty27-Dec-2023
URL Redirection To DOM XSS on Hackerone Programs -Bug Bounty Tuesdayhttps://medium.com/@kerstan/dom-xss-on-hackerone-programs-bug-bounty-tuesday-8973ecf6af95?source=rss------bug_bounty-5kerstanxss-attack, security, cybersecurity, technology, bug-bounty27-Dec-2023
Mastering Bug Bounty: Your Ultimate Guide to Cybersecurity Successhttps://medium.com/@umidcyber.s/mastering-bug-bounty-your-ultimate-guide-to-cybersecurity-success-82dc9b30fc02?source=rss------bug_bounty-5Umid Mammadovbug-bounty-tips, tools, bug-bounty, information-technology, bugs26-Dec-2023
Deep Dive Into XSShttps://medium.com/@kavish2002ev3/deep-dive-into-xss-8420ddccc73b?source=rss------bug_bounty-5kavish shahxss-vulnerability, web-application-security, bug-bounty26-Dec-2023
The Tale Of Insecure Deserialization: A Journey From Serialization To Exploitationhttps://medium.com/@kavish2002ev3/the-tale-of-insecure-deserialization-a-journey-from-serialization-to-exploitation-47400a4c9093?source=rss------bug_bounty-5kavish shahctf-writeup, web-application-security, insecure-deserialization, bug-bounty26-Dec-2023
Portswigger Labs — CSRFhttps://medium.com/@rynnnn617/portswigger-labs-csrf-10b496d6580c?source=rss------bug_bounty-5Ry4nnnnbug-bounty, portswigger-lab, csrf, burpsuite26-Dec-2023
1.12 Lab: Blind SQL injection with out-of-band interaction | 2023https://infosecwriteups.com/1-12-lab-blind-sql-injection-with-out-of-band-interaction-2023-db12e3b10118?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, cybersecurity, hacking26-Dec-2023
Navigating Tree-Sitter Queries with jsluice for JavaScript File Analysishttps://lopseg.medium.com/navigating-tree-sitter-queries-with-jsluice-for-javascript-file-analysis-061b7cb4ea9d?source=rss------bug_bounty-5Lopsegbug-bounty-tips, bug-bounty, cybersecurity, bug-bounty-writeup, javascript26-Dec-2023
Portswigger Labs — CSRFhttps://medium.com/@ry4nnnn/portswigger-labs-csrf-10b496d6580c?source=rss------bug_bounty-5Ry4nnnnbug-bounty, portswigger-lab, csrf, burpsuite26-Dec-2023
Account takeover vulnerability that resulted in $2500 bounty!https://medium.com/@deadoverflow/account-takeover-vulnerability-that-resulted-in-2500-bounty-e1618363878d?source=rss------bug_bounty-5Imad Husanovicbug-bounty, hacking, bug-bounty-tips, cybersecurity, bug-hunting25-Dec-2023
Content Spoofing & Parameter Injectionhttps://codingninjablogs.tech/content-spoofing-parameter-injection-0861bfd146d4?source=rss------bug_bounty-5#!/Subhankarinjection-attacks, web-pen-testing, bug-bounty, spoofing25-Dec-2023
Top 3 Password Cracking Toolshttps://medium.com/@UsmanAtif/top-3-password-cracking-tools-18801fbdcdae?source=rss------bug_bounty-5Muhammad Usman Atifhacking, cybersecurity, passwords, bug-bounty, penetration-testing25-Dec-2023
Hackers Target Bug Bounty Hunters with Blackmail Emailshttps://rishikadesai.medium.com/hackers-target-bug-bounty-hunters-with-blackmail-emails-421cf57fe4a7?source=rss------bug_bounty-5Rishika Desaithreat-intelligence, threat-research, bug-bounty, cyber-security-awareness, cybersecurity25-Dec-2023
What is LFI (Local File Inclusion) Vulnerability ?https://medium.com/@errorfiathck/what-is-lfi-local-file-inclusion-vulnerability-c9372e25e389?source=rss------bug_bounty-5Errorfiathckpentesting, lfi, vulnerability, bug-bounty, pentest25-Dec-2023
Legacy of EternalBluehttps://medium.com/@akshadjoshi/legacy-of-eternalblue-de4d643e8f36?source=rss------bug_bounty-5Akshad Joshieternalblue, hackthebox, pentesting, bug-bounty, hacking24-Dec-2023
Hackeando GraphQL: Introducciónhttps://medium.com/@soyelmago/hackeando-graphql-introducci%C3%B3n-1537af763d0c?source=rss------bug_bounty-5Alan Brian @soyelmagographql, bug-bounty, information-security, pentesting, hacking24-Dec-2023
Ceklis Web Pentesting Untuk Pemula — Registration Feature Testinghttps://riodrwn.medium.com/ceklis-web-pentesting-untuk-pemula-registration-feature-testing-aceb545b587c?source=rss------bug_bounty-5Rio Darmawanbug-bounty-writeup, bug-bounty, pentesting, bugbounty-writeup, web-penetration-testing23-Dec-2023
The Crucial Role of Threat Intelligence Sharing in Cybersecurityhttps://medium.com/@paritoshblogs/the-crucial-role-of-threat-intelligence-sharing-in-cybersecurity-cd4be0b53a86?source=rss------bug_bounty-5Paritoshprogramming, hacking, threat-intelligence, cybersecurity, bug-bounty23-Dec-2023
The Evolving Role of a SOC Analysthttps://medium.com/@paritoshblogs/the-evolving-role-of-a-soc-analyst-c82e3e515558?source=rss------bug_bounty-5Paritoshinformation-security, cybersecurity, hacking, bug-bounty, soc-analyst23-Dec-2023
Out-of-Scope, Not Out-of-Impact: Unveiling Significant Sensitive Information Disclosurehttps://padsalatushal.medium.com/out-of-scope-not-out-of-impact-unveiling-significant-sensitive-information-disclosure-c8e76c1806e8?source=rss------bug_bounty-5Padsala Tushalcybersecurity, bug-bounty, bug-bounty-tips, infosec, information-disclosure23-Dec-2023
Hack Story: Unveiling Security Flaws in a Government Portalhttps://medium.com/@sahadmk/hack-story-unveiling-security-flaws-in-a-government-portal-995217f877c3?source=rss------bug_bounty-5Sahad Mkbug-bounty, javascript, pentesting, vulnerability, hacking23-Dec-2023
The ART of Chaining Vulnerabilitieshttps://ahmdhalabi.medium.com/the-art-of-chaining-vulnerabilities-e65382b7c627?source=rss------bug_bounty-5Ahmad Halabiethical-hacking, hacking, intelligence, hacker, bug-bounty23-Dec-2023
Hacking Communityhttps://medium.com/@mrunknown124154/hacking-community-ab774827006d?source=rss------bug_bounty-5Mrunknownbug-bounty, ethical-hacking, hacking23-Dec-2023
DoS’ing Zsecurityhttps://medium.com/@24bkdoor/dosing-zsecurity-a4cb99396935?source=rss------bug_bounty-524BkDoorbug-bounty, ethical-hacking, hacking, web-development, cybersecurity22-Dec-2023
Securing the Future: Enhancing the Safety of Compound Protocolhttps://medium.com/@topcrypto00/securing-the-future-enhancing-the-safety-of-compound-protocol-940498c78d68?source=rss------bug_bounty-5Top Cryptobug-bounty, bug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, compound-protocol22-Dec-2023
He stored your password in Cookiehttps://medium.com/@fixthis1000time/he-stored-your-password-in-cookie-5a6d0478e570?source=rss------bug_bounty-5fixthi$hacking, bug-bounty, ethical-hacking22-Dec-2023
How I was able to buy 2500 Rs product for 18rs in E-Commerce Website?https://medium.com/@shubhamsonani/how-i-was-able-to-buy-2500-rs-product-for-18rs-in-e-commerce-website-ada4e91b5b91?source=rss------bug_bounty-5Shubham Sonanibug-bounty, hacking, bug-bounty-tips, vulnerability, cybersecurity22-Dec-2023
PJWT Certificationhttps://medium.com/@OmarAlkhowaiter/pjwt-certification-f4f7995d35f6?source=rss------bug_bounty-5Omar Alkhowaitercertification, bug-bounty, penetration-testing, cybersecurity, web-exploitation22-Dec-2023
Consentify hits Beta Test phase boosted by a Bug Bounty program!https://datalaketoken.medium.com/consentify-hits-beta-test-phase-boosted-by-a-bug-bounty-program-6b621eadd02b?source=rss------bug_bounty-5Data Lakehealthcare, desci, bug-bounty, data-lake, research22-Dec-2023
Ideas for Testing Checkouthttps://lopseg.medium.com/ideas-for-testing-checkout-eebe6148729d?source=rss------bug_bounty-5Lopsegbug-bounty-tips, infosec, hacking, bug-bounty22-Dec-2023
Beyond Simple Alerts: Techniques for Evading WAF and Achieving XSS Successhttps://lopseg.medium.com/beyond-simple-alerts-techniques-for-evading-waf-and-achieving-xss-success-4409a5bd2ee0?source=rss------bug_bounty-5Lopsegbug-bounty-tips, hacking, xss-attack, bug-bounty22-Dec-2023
He stored your password in Cookiehttps://medium.com/@fixthis1000time/he-stored-your-password-in-cookie-5a6d0478e570?source=rss------bug_bounty-5fixthi$hacking, bug-bounty, cybersecurity, infosec, ethical-hacking22-Dec-2023
5 Tips Web Fuzz You Should Knowhttps://medium.com/@kerstan/5-tips-web-fuzz-you-should-know-00ef6c59407d?source=rss------bug_bounty-5kerstanbug-bounty, hacking, bug-bounty-tips, security, cybersecurity21-Dec-2023
TryHackMe AoC 2023 Side Quest final thoughtshttps://medium.com/@boogsta/tryhackme-aoc-2023-side-quest-final-thoughts-afcb5880be33?source=rss------bug_bounty-5Boogstahacking, cyber, tryhackme, cybersecurity, bug-bounty21-Dec-2023
88MPH Vulnerability Exploit and Get Free Crypt0S $$$$$$https://medium.com/@vinaysati/88mph-vulnerability-exploit-and-get-free-crypt0s-a4d4a8328dc7?source=rss------bug_bounty-5Vinaysatibug-bounty, hacking, web3bug, bug-bounty-tips, web321-Dec-2023
The art of subdomain monitoringhttps://medium.com/@muhannadahmed042/the-art-of-subdomain-monitoring-da610a0f8031?source=rss------bug_bounty-5muhannad hazaacybersecurity, penetration-testing, bug-bounty, recon21-Dec-2023
A Business logic error in Google Dialogflow enables a developer to delete the agent directly from…https://medium.com/@krityamkarma858041/a-business-logic-error-in-google-dialogflow-enables-a-developer-to-delete-the-agent-directly-from-3a5bf2a07706?source=rss------bug_bounty-5Krityamkarmagoogle-vrp, bug-bounty, ethical-hacking, google, hacking21-Dec-2023
Privacy at Risk: EXIF Metadata Exposure in User-Uploaded Imageshttps://samshadow.medium.com/privacy-at-risk-exif-metadata-exposure-in-user-uploaded-images-c2481f876d03?source=rss------bug_bounty-5Sam Shadowbug-bounty, bug-bounty-tips, bug-bounty-writeup, infosec, vulnerability21-Dec-2023
Aspiring Bug Bounty Hunters’ New Year Goals Toolkithttps://sl4x0.medium.com/aspiring-bug-bounty-hunters-new-year-goals-toolkit-a156c96e9de7?source=rss------bug_bounty-5Abdelrhman Allam (sl4x0)bug-bounty, new-year, goals, mindset, success21-Dec-2023
How Can Artificial Intelligence Revolutionize Bug Bounty?https://medium.com/@zouhairelgarouni/how-can-artificial-intelligence-revolutionize-bug-bounty-664e7f5ed3dd?source=rss------bug_bounty-5ZOUHAIR EL GAROUNItechnology, cybersecurity, bug-bounty, artificial-intelligence, cyberattack21-Dec-2023
I made online store to pay for my orders and get me free refunds.https://medium.com/@shubhamsonani/i-made-online-store-to-pay-for-my-orders-and-get-me-free-refunds-6f4db5893c13?source=rss------bug_bounty-5Shubham Sonanibug-bounty-tips, cybersecurity, vulnerability, hacking, bug-bounty21-Dec-2023
5 Tips Web Fuzz You Should Knowhttps://medium.com/@kerstan/5-tips-web-fuzz-you-should-know-00ef6c59407d?source=rss------bug_bounty-5kerstantechnology, bug-bounty, hacking, security, cybersecurity21-Dec-2023
A list of 50 tools every hacker should knowhttps://thexssrat.medium.com/a-list-of-50-tools-every-hacker-should-know-df8d87cf4b58?source=rss------bug_bounty-5Thexssrathacking-tools, hacking, bug-bounty, ethical-hacking21-Dec-2023
Open Redirect Validation Bypass Leads To Account Take Over (ATO)https://medium.com/@ozomarzu/open-redirect-validation-bypass-leads-to-account-take-over-ato-5166b3416e3f?source=rss------bug_bounty-5CyberOzbug-hunting, bug-bounty, bug-bounty-tips, hacker, web-security21-Dec-2023
Code4rena Blue vs. Traditional Bug Bountieshttps://medium.com/code4rena/code4rena-blue-vs-traditional-bug-bounties-478f469057c9?source=rss------bug_bounty-5aramasbug-bounty, smart-contract-security, code4rena, code4rena-blue21-Dec-2023
A Very Basic Beginner Bug Bounty Methodologyhttps://thexssrat.medium.com/a-very-basic-beginner-bug-bounty-methodology-15eca16ca787?source=rss------bug_bounty-5Thexssrathacking, bug-bounty, ethical-hacking21-Dec-2023
Bug Bounty: Tips for Finding Your First Bug as a Beginnerhttps://graph33.medium.com/bug-bounty-tips-for-finding-your-first-bug-as-a-beginner-120f71c709cd?source=rss------bug_bounty-5GHS08bug-bounty, hacking, cracking, coding21-Dec-2023
How My 9-Month-Old Daughter Earned Over $1,000 in a Bug Bounty Programhttps://maxilect-company.medium.com/how-my-9-month-old-daughter-earned-over-1-000-in-a-bug-bounty-program-be9ba1d77cad?source=rss------bug_bounty-5Maxilectsamsun, bug-bounty-program, bug-bounty20-Dec-2023
This is how much I made in my first year as a Bug Bounty Hunter in 2023 — Graduation Bonus!https://medium.com/@avbhijitdutta99/this-is-how-much-i-made-in-my-first-year-as-a-bug-bounty-hunter-in-2023-graduation-bonus-b45875225c88?source=rss------bug_bounty-5Abhijit Duttabug-bounty-tips, bug-bounty-program, bug-bounty, bugbountychallenge, bug-bounty-writeup20-Dec-2023
DOM XSS in jQuery anchor href attribute sink using location.search sourcehttps://medium.com/@marduk.i.am/dom-xss-in-jquery-anchor-href-attribute-sink-using-location-search-source-b1000b4b16b3?source=rss------bug_bounty-5Marduk I Amcross-site-scripting, portswigger-lab, cybersecurity, bug-bounty, dom-xss20-Dec-2023
How I doubled the store wallet amount for free?https://medium.com/@shubhamsonani/how-i-doubled-the-store-wallet-amount-for-free-d7396c05a304?source=rss------bug_bounty-5Shubham Sonanibug-bounty-tips, hacking, bug-bounty, cybersecurity, web-application-testing20-Dec-2023
Top Burp Suite Extensions Used by Penetration Testershttps://medium.com/@bharatvarshney567/top-burp-suite-extensions-used-by-penetration-testers-fa90fe26816c?source=rss------bug_bounty-5Bharat Varshneyowasp, bug-bounty, security-testing, security-services, penetration-testing20-Dec-2023
How to earn with earn bug boutny part-2?https://medium.com/@ashutoshgiri133/how-to-earn-with-earn-bug-boutny-part-2-1dcfe1922a33?source=rss------bug_bounty-5Tech Blaze ごじょcoding, money, bug-bounty, business20-Dec-2023
“CVE-2023–43837: Two-Factor Authentication (x2FA) Bypass Vulnerability in Roundcube Webmail Plugin”https://medium.com/@ChandSingh/cve-2023-43837-two-factor-authentication-x2fa-bypass-vulnerability-in-roundcube-webmail-plugin-f2fef177187e?source=rss------bug_bounty-5Chand Singhcve, vulnerability, cybersecurity, bug-bounty, security20-Dec-2023
Web Security Diaryhttps://medium.com/@muratkabakk1/web-security-diary-4b2148326abe?source=rss------bug_bounty-5Murat Kbug-bounty, web-security20-Dec-2023
Introducing Code4rena Blue: More than just bug bountieshttps://medium.com/code4rena/introducing-code4rena-blue-more-than-just-bug-bounties-f2a9949c6b9c?source=rss------bug_bounty-5aramassmart-contract-security, code4rena, bug-bounty20-Dec-2023
Learn Command Injection Vulnerabilitieshttps://bicodev.medium.com/learn-command-injection-vulnerabilities-2a8ed26eb47a?source=rss------bug_bounty-5BICODEVlinux, python-programming, cybersecurity, bug-bounty, penetration-testing19-Dec-2023
Hack the Web like a Pirate: Identifying Vulnerabilities with Stylehttps://bicodev.medium.com/hack-the-web-like-a-pirate-identifying-vulnerabilities-with-style-171246a302a5?source=rss------bug_bounty-5BICODEVpython, bug-bounty, cybersecurity, hacker, penetration-testing19-Dec-2023
3 Steps Discovered XXE You should Knowhttps://medium.com/@kerstan/3-steps-discovered-xxe-you-should-know-d779ab5eb056?source=rss------bug_bounty-5kerstansecurity, pentesting, hacking, cybersecurity, bug-bounty19-Dec-2023
DOM XSS in innerHTML sink using source location.searchhttps://medium.com/@marduk.i.am/dom-xss-in-innerhtml-sink-using-source-location-search-a3ac4546ca5c?source=rss------bug_bounty-5Marduk I Ambug-bounty, cybersecurity, dom-xss, cross-site-scripting, portswigger-lab19-Dec-2023
Zero Trust Architecturehttps://medium.com/@khan.ghufran.0000/zero-trust-architecture-f47e9da3eaec?source=rss------bug_bounty-5Khan Ghufranarchitecture, bug-bounty, cybersecurity, cyber-security-solutions, infosec19-Dec-2023
Rekomendasi Buku Bug Bounty Untuk Pemulahttps://medium.com/@arenaldyp/rekomendasi-buku-bug-bounty-untuk-pemula-5aadd03f434f?source=rss------bug_bounty-5K1ngP1ngbug-bounty, indonesia, web-security, recommendations, hacking19-Dec-2023
Is It Worth Quitting 9–5 Job For a Full-Time Bug Bounty?https://ajaksecurity.medium.com/is-it-worth-quitting-9-5-job-for-a-full-time-bug-bounty-8274f6808aab?source=rss------bug_bounty-5Ajak Cyber securityethical-hacking, cybersecurity, blog, jobs, bug-bounty19-Dec-2023
Directory Listing Vulnerabilityhttps://medium.com/@digant_15/directory-listing-vulnerability-b2e1583d8a7e?source=rss------bug_bounty-5Digant Prajapaticybersecurity, directory-listing, bug-bounty19-Dec-2023
How One Bug Scored Me Double Rewards!https://anasbetis023.medium.com/how-one-bug-scored-me-double-rewards-355b8d02cdbf?source=rss------bug_bounty-5Anas H Hmaidycybersecurity, bug-bounty, penetration-testing, ethical-hacking, web-security19-Dec-2023
Join Any Facebook Group As Deactivated Additional Profilehttps://zerocode-ph.medium.com/join-any-facebook-group-as-deactivated-additional-profile-f63a31db7797?source=rss------bug_bounty-5Syd Ricafortfacebook, bug-bounty, facebook-bug-bounty19-Dec-2023
How I Found SQL Injection worth of $4,000 bountyhttps://roberto99.medium.com/how-i-found-sql-injection-worth-of-4-000-bounty-16ca09cbf8ec?source=rss------bug_bounty-5Roberto Nunesbug-bounty, sql-injection, bug-bounty-writeup, bug-bounty-tips, reconnaissance19-Dec-2023
#6.TryHackMe Series writeups: Brooklyn Nine Ninehttps://cyb3rmind.medium.com/6-tryhackme-series-writeups-brooklyn-nine-nine-a0f7f074cbab?source=rss------bug_bounty-5Cyb3r M!ndthm-writeup, tryhackme, ctf-writeup, brooklyn-nine-nine, bug-bounty19-Dec-2023
The Ultimate Guide to Uncovering XSS Vulnerabilities at Scalehttps://medium.com/@cyndybruce1967/the-ultimate-guide-to-uncovering-xss-vulnerabilities-at-scale-1f35ecb765b7?source=rss------bug_bounty-5Cyndybrucecybersecurity, penetration-testing, automation, bug-bounty, xs19-Dec-2023
The Ultimate Guide to Hunting for XSS Vulnerabilities at Scalehttps://medium.com/@elitumbleson1978/the-ultimate-guide-to-hunting-for-xss-vulnerabilities-at-scale-bfde4a9beae6?source=rss------bug_bounty-5Elitumblesoncybersecurity, penetration-testing, bug-bounty, xs, automation19-Dec-2023
Understanding Cross-Site Scripting (XSS) Attacks: Risks, Prevention, and Impacthttps://securitylit.medium.com/understanding-cross-site-scripting-xss-attacks-risks-prevention-and-impact-ce002e5fbb1a?source=rss------bug_bounty-5Security Lit Limitedxss-attack, technology, bug-bounty, cybersecurity, vulnerability18-Dec-2023
why you need to filter the input and the output —  stored xsshttps://medium.com/@Mr3Moe/why-you-need-to-filter-the-input-and-the-output-stored-xss-66f67c663703?source=rss------bug_bounty-5Mr3Moeweb-penetration-testing, appsec, bug-bounty18-Dec-2023
Lets Dive into the Intense World of Malware Analysis!https://medium.com/@paritoshblogs/lets-dive-into-the-intense-world-of-malware-analysis-3c9e242d8c16?source=rss------bug_bounty-5Paritoshinformation-security, malware-analysis, cybersecurity, programming, bug-bounty18-Dec-2023
Burp Suite Bambdahttps://medium.com/offensive-black-hat-hacking-security/burp-suite-bambda-b9b8f57d6b46?source=rss------bug_bounty-5Harshad Shahbug-bounty, hacking, cybersecurity, infosec, penetration-testing18-Dec-2023
Top Burp Suite Extensions Used by Penetration Testershttps://securitycipher.medium.com/top-burp-suite-extensions-used-by-penetration-testers-ee971a73256a?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)bug-bounty-tips, security, cybersecurity, bug-bounty, technology18-Dec-2023
How to write a perfect pentest reporthttps://arex-godofwar.medium.com/how-to-write-a-perfect-pentest-report-edb63cc68b36?source=rss------bug_bounty-5Ahmadreza Parsizadehpentesting, bug-bounty, reporting, offensive-security18-Dec-2023
Mastering Web Application Security: Defending Against Injections and Broken Access Controlhttps://medium.com/@moldovanzsombor/mastering-web-application-security-defending-against-injections-and-broken-access-control-34161cbefc8f?source=rss------bug_bounty-5Moldovan Zsomborhacking, cybersecurity, web-applications, bug-bounty18-Dec-2023
CyberSecurity Day 01 to 100: DAY 08 |A Comprehensive Guide for Novices and Expertshttps://medium.com/@acs_society/cybersecurity-day-01-to-100-day-08-a-comprehensive-guide-for-novices-and-experts-55d3ef86abbf?source=rss------bug_bounty-5Association For Cyber Securityacsociety, ethical-hacking, cybersecurity, bug-bounty, security-engineer18-Dec-2023
This Tool Helps Me To Find The Origin IP Addresshttps://ajaksecurity.medium.com/this-tool-helps-me-to-find-the-origin-ip-address-d9c2abceafb2?source=rss------bug_bounty-5Ajak Cyber securityhacking, ethical-hacking, blog, bug-bounty, penetration-testing18-Dec-2023
ParagonsDAO’s Bug Bounty Programhttps://medium.com/paragonsdao/paragonsdaos-bug-bounty-program-8cfb82f786c0?source=rss------bug_bounty-5ParagonsDAOweb3, immunefi, bug-bounty, paragonsdao18-Dec-2023
Go Witness Install Guide…https://medium.com/@psychomong/go-witness-install-guide-a62d96be30b0?source=rss------bug_bounty-5psychomonghacking-tools, bug-bounty, golang, hacking, osint18-Dec-2023
CyberSecurity Day 01 to 100: DAY 08 | A Comprehensive Guide for Novices and Expertshttps://medium.com/@acs_society/cybersecurity-day-01-to-100-day-08-a-comprehensive-guide-for-novices-and-experts-55d3ef86abbf?source=rss------bug_bounty-5Association For Cyber Securityacsociety, ethical-hacking, cybersecurity, bug-bounty, security-engineer18-Dec-2023
How I Could Leak Phone Numbers and Emails of Indian Voters and Applicantshttps://medium.com/@Mr.Equinox/how-i-could-leak-phone-numbers-and-emails-of-indian-voters-and-applicants-dd1fc699d81e?source=rss------bug_bounty-5Sahil Mhatrebug-bounty, mybugs, bug-hunting, api-security, vapt18-Dec-2023
Horizon Protocol V2 — Hacken Bug Bounty Program Now Live On Testnethttps://horizonprotocol.medium.com/horizon-protocol-v2-hacken-bug-bounty-program-now-live-on-testnet-4617205c7184?source=rss------bug_bounty-5Horizon Protocolbug-bounty, defi, hacken, derivatives, synthetic-asset18-Dec-2023
Getting Started with Recon Automation using ReNgine on Windows (WSL): Installation Guidehttps://mxmd.medium.com/getting-started-with-recon-automation-using-rengine-on-windows-wsl-installation-guide-50ad95b8a7a9?source=rss------bug_bounty-5Max Klosereconnaissance, bug-bounty-hunting, automation, bug-bounty, guides-and-tutorials18-Dec-2023
Bug Zero at a Glance [19–30 November]https://blog.bugzero.io/bug-zero-at-a-glance-19-30-november-8470a11d3015?source=rss------bug_bounty-5Januka Dharmapriyabug-zero, newsletter, cybersecurity, sri-lanka, bug-bounty17-Dec-2023
Mitel MiCollab AWV Directory Traversal Vulnerability (CVE-2020–11798)https://samshadow.medium.com/mitel-micollab-awv-directory-traversal-vulnerability-cve-2020-11798-ec1408cd35b9?source=rss------bug_bounty-5Sam Shadowbug-bounty, bug-bounty-writeup, bug-bounty-tips, vulnerability, directory-traversal17-Dec-2023
Unveiling a Security Flaw: The Divergence of OTP and Link Password Authentication in redacted.comhttps://medium.com/@MohaseenK/unveiling-a-security-flaw-the-divergence-of-otp-and-link-password-authentication-in-redacted-com-27e0cc2dc73c?source=rss------bug_bounty-5Mohaseenbug-hunting, password-reset, bug-bounty, hackerone17-Dec-2023
XSSRF : The Unholy Matrimony of XSS and SSRFhttps://naumankh4n.medium.com/xssrf-the-unholy-matrimony-of-xss-and-ssrf-89f7abfca5b3?source=rss------bug_bounty-5Nauman Khancybersecurity, hacking, bug-bounty, penetration-testing, money17-Dec-2023
Bug Bounty programmes give people the fear (they shouldn’t)https://medium.com/@ethanrom/bug-bounty-programmes-give-people-the-fear-they-shouldnt-755466351140?source=rss------bug_bounty-5Leo Chacking, cybersecurity, ciso, culture, bug-bounty17-Dec-2023
V3 Testnet Bug Bountyhttps://tribeone.medium.com/v3-testnet-bug-bounty-8281b8775843?source=rss------bug_bounty-5TribeOnenft, smart-contract-security, bug-bounty17-Dec-2023
DOM XSS in document.write sink using source location.searchhttps://medium.com/@marduk.i.am/dom-xss-in-document-write-sink-using-source-location-search-ae458bc5c85f?source=rss------bug_bounty-5Marduk I Amdom-xss, cross-site-scripting, cybersecurity, bug-bounty, portswigger-lab17-Dec-2023
Reflected XSS in BGMIhttps://medium.com/@patil97/reflected-xss-in-bgmi-38ed48773981?source=rss------bug_bounty-5Patil97bug-bounty, xs, bugs, security17-Dec-2023
Main Methodology 1 | Part 04 | What To Do After Choosing a Targethttps://infosecwriteups.com/main-methodology-1-part-04-what-to-do-after-choosing-a-target-f9cea586d6af?source=rss------bug_bounty-5Om Arorabug-bounty, bug-bounty-tips, hacking, infosec, methodology17-Dec-2023
When not to rely on Automated Toolshttps://medium.com/@rodriguezjorgex/when-not-to-rely-on-automated-tools-429b331e0613?source=rss------bug_bounty-5Rodriguezjorgexcybersecurity, bug-bounty, xss-attack, prototype-pollution, bug-bounty-tips16-Dec-2023
Escalating DOM XSS to Stored XSShttps://medium.com/@rodriguezjorgex/escalating-dom-xss-to-stored-xss-eb6f3a669af3?source=rss------bug_bounty-5Rodriguezjorgexcross-site-scripting, bug-bounty, hacking, cybersecurity, xss-attack16-Dec-2023
Mitigating Risks: Securing Symfony Profiler from Unwanted Exposurehttps://samshadow.medium.com/mitigating-risks-securing-symfony-profiler-from-unwanted-exposure-14e90a53dd65?source=rss------bug_bounty-5Sam Shadowbug-bounty-writeup, bug-bounty, bug-bounty-tips, vulnerability16-Dec-2023
Unveiling Vulnerabilities: PHP Debug Bar Exposes Sensitive Informationhttps://samshadow.medium.com/unveiling-vulnerabilities-php-debug-bar-exposes-sensitive-information-ca341267fe33?source=rss------bug_bounty-5Sam Shadowvulnerability, bug-bounty, bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter16-Dec-2023
Self-XSS to Stored XSShttps://medium.com/@rodriguezjorgex/self-xss-to-stored-xss-b4b999610c5b?source=rss------bug_bounty-5Rodriguezjorgexhacking, cybersecurity, bug-bounty, xss-attack, bug-bounty-tips16-Dec-2023
Unveiling CVE-2019-11248: A Vulnerability in Kuberneteshttps://samshadow.medium.com/unveiling-cve-2019-11248-a-vulnerability-in-kubernetes-83a831afaccd?source=rss------bug_bounty-5Sam Shadowbug-bounty, bug-bounty-hunter, bug-bounty-tips, vulnerability, bug-bounty-writeup16-Dec-2023
DOM-based vulnerabilitieshttps://ayonthakur101.medium.com/dom-based-vulnerabilities-db02d7437b26?source=rss------bug_bounty-5Ayon Thakurpenetration-testing, bug-bounty, hacker, portswigger, burp-suit16-Dec-2023
SSTI gave me T-Shirt + € 50https://medium.com/@bug.hun3r/ssti-got-me-t-shirt-50-a8672ca766c9?source=rss------bug_bounty-5mo9kHu93rinformation-security, bug-bounty, bug-hunting, info-sec-writeups, cybersecurity16-Dec-2023
Kakar Securityhttps://medium.com/@walikhankakar313/kakar-security-cf15f39baede?source=rss------bug_bounty-5Wali Khan Kakarwebsite-scanning, penetration, security, hacking-world, bug-bounty16-Dec-2023
Headline: Indian Government Issues High-Risk Warning for Samsung Galaxy S23 and Other Modelshttps://riglabscollective.medium.com/headline-indian-government-issues-high-risk-warning-for-samsung-galaxy-s23-and-other-models-2c153d5bcc62?source=rss------bug_bounty-5Riglabs Collectivesamsung-galaxy, india, s23ultra, mobile, bug-bounty15-Dec-2023
6 Quick Discover Bug Search Syntax In Code-basehttps://medium.com/@kerstan/6-quick-discover-bug-search-syntax-in-code-base-eb3d6fb6e929?source=rss------bug_bounty-5kerstanhacker, cybersecurity, bug-bounty, security, bug-bounty-tips15-Dec-2023
Easy Money from the Most Trivially Easy Broken Access Controlhttps://abd11atarek.medium.com/easy-money-from-the-most-trivially-easy-broken-access-control-4d810af327f7?source=rss------bug_bounty-5abda11atarekbugcrowd, bug-bounty-tips, bug-hunter, bug-bounty, broken-access-control15-Dec-2023
HTTP/2 Request Smugglinghttps://medium.com/@kerstan/http-2-request-smuggling-b6ef5ae351fb?source=rss------bug_bounty-5kerstanhacking, https, bug-bounty-tips, bug-bounty, cybersecurity15-Dec-2023
3 Cases of DOM XSS in Bug Bountyhttps://medium.com/@kerstan/3-cases-of-dom-xss-in-bug-bounty-0744003f0b2b?source=rss------bug_bounty-5kerstanbug-bounty, xss-attack, hacking, cybersecurity, bug-bounty-tips15-Dec-2023
How I Automatically Discovered SSRF in Hackerone Programhttps://medium.com/@kerstan/how-i-automatically-discovered-ssrf-in-hackerone-program-2ae0b7a6ef1b?source=rss------bug_bounty-5kerstanbug-bounty-tips, cybersecurity, hacking, ssrf, bug-bounty15-Dec-2023
How I Discovered SSRF on Hackerone Programhttps://medium.com/@kerstan/how-i-discovered-ssrf-on-hackerone-program-7bbe72334f74?source=rss------bug_bounty-5kerstanbug-bounty-tips, bug-bounty, ssrf, hacker, graphql15-Dec-2023
From CloudSec to Application Security, Bug Bounties to Cybersecurity tooling, and Morehttps://infosecwriteups.com/from-cloudsec-to-application-security-bug-bounties-to-cybersecurity-tooling-and-more-9f4a1819620c?source=rss------bug_bounty-5InfoSec Write-upshacking, conference, bug-bounty, security, information-security15-Dec-2023
One port can be a costly mistake | Attack The Rsync Service in a Private Programhttps://medium.com/@sword0x00/one-port-can-be-a-costly-mistake-attack-the-rsync-service-in-a-private-program-cdbf9ecc650d?source=rss------bug_bounty-5Mohanad Heshamrsync, bug-bounty, fingerprinting, port-scan, hacking15-Dec-2023
How To Explore and Exploit GraphQL [Indonesia]https://revan-ar.medium.com/how-to-explore-and-exploit-graphql-indonesia-562c560f46c6?source=rss------bug_bounty-5Revan Abug-bounty, web-security, api, penetration-testing, graphql15-Dec-2023
Subdomain Takeover in Azure Trafficmanager for Fun & Profithttps://padsalatushal.medium.com/subdomain-takeover-in-azure-trafficmanager-for-fun-profit-09c858ca3d0e?source=rss------bug_bounty-5Padsala Tushalbug-bounty, cybersecurity, infosec, subdomain-takeover, bug-bounty-tips15-Dec-2023
Cookie Quest: XSS Admin Assaulthttps://medium.com/@josh.beck2006/cookie-quest-xss-admin-assault-694769f84796?source=rss------bug_bounty-5Josh Beckcybersecurity, programming, penetration-testing, bug-bounty, ctf-writeup14-Dec-2023
How did I find open redirect on LinkedInhttps://medium.com/@neverl0gbughunt/how-did-i-find-open-redirect-on-linkedin-e35918b3b129?source=rss------bug_bounty-5neverl0gbug-bounty-tips, bug-bounty-writeup, bug-bounty14-Dec-2023
All about Ethical Hackinghttps://securitycipher.medium.com/all-about-ethical-hacking-277b9c3e4b36?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)technology, security, cybersecurity, bug-bounty, hacking14-Dec-2023
Uncovering an Account Takeover Vulnerability: Auth Bypass via Response Manipulation.https://medium.com/@kataeriidubstep/uncovering-an-account-takeover-vulnerability-auth-bypass-via-response-manipulation-ba8257f917d2?source=rss------bug_bounty-5Pavan kumar.Gcybersecurity, appsec, bug-bounty14-Dec-2023
Remote Code execution at ws1.aholdusa.com — Compromising logins of Ahold Delhaize USA employeeshttps://medium.com/@jonathanbouman/remote-code-execution-at-ws1-aholdusa-com-compromising-logins-of-ahold-delhaize-usa-employees-c7c9aca7e05d?source=rss------bug_bounty-5Jonathan Boumancybersecurity, bug-bounty, rce, hacking, security14-Dec-2023
How I Quickly Discover Bug In Codebasehttps://medium.com/@kerstan/how-i-quickly-discover-bug-in-code-6a3bfa7e6e82?source=rss------bug_bounty-5kerstanbug-bounty, programming, technology, code-review, cybersecurity14-Dec-2023
How i found a Permanent Denial of Service via Account Lockout:https://medium.com/@kataeriidubstep/how-i-found-a-permanent-denial-of-service-via-account-lockout-ac1bc33c3c0a?source=rss------bug_bounty-5Pavan kumar.Gappsec, cybersecurity, bug-bounty14-Dec-2023
How i found a Misconfigured CORS Vulnerability — Unauthorized Cross-Origin Resource Sharing :https://medium.com/@kataeriidubstep/how-i-found-a-misconfigured-cors-vulnerability-unauthorized-cross-origin-resource-sharing-16effea37e78?source=rss------bug_bounty-5Pavan kumar.Gappsec, cybersecurity, bug-bounty14-Dec-2023
How i found a Password Reset Token Leak via Referer Header:https://medium.com/@kataeriidubstep/how-i-found-a-password-reset-token-leak-via-referer-header-7d71d35b0ea8?source=rss------bug_bounty-5Pavan kumar.Gappsec, cybersecurity, bug-bounty14-Dec-2023
Adobe Recap: 2023 Ambassador World Cup Final Fourhttps://blog.developer.adobe.com/adobe-recap-2023-ambassador-world-cup-final-four-df701e1a1b12?source=rss------bug_bounty-5Chris Parkersonhacking, security, bug-bounty, hackathons, security-research14-Dec-2023
Starlink Router Gen 2 is vulnerable to XSS.https://medium.com/@hackintoanetwork/starlink-router-gen-2-is-vulnerable-to-xss-48cfcadd0b13?source=rss------bug_bounty-5hackintoanetworkbug-bounty, starlink, exploit, dishy, router14-Dec-2023
VulnLab — SQL Injection series — Bypass Login part 2(Database Collect)https://medium.com/@kurobe09/vulnlab-sql-injection-series-bypass-login-part-2-database-collect-1e6aa36a1308?source=rss------bug_bounty-5kurobe09cybersecurity, cyberattack, pentest-learnings, sql-injection, bug-bounty13-Dec-2023
Cross-Site Scripting (XSS)https://medium.com/@savanghori1203/cross-site-scripting-xss-c288793349a9?source=rss------bug_bounty-5SavanGhoribug-bounty, xss-attack, xss-vulnerability, bug-bounty-tips, vulnerability13-Dec-2023
phpinfo() — My First Resolved Bug in HackerOnehttps://medium.com/@ft.eagle.eye.1/phpinfo-my-first-resolved-bug-in-hackerone-a22fea1adb9b?source=rss------bug_bounty-5Muhammad Farhad Ansarybug-bounty, bug-bounty-tips13-Dec-2023
AppSec Tales XXIV | Deserializationhttps://karol-mazurek95.medium.com/appsec-tales-xxiv-deserialization-841d6bfaa710?source=rss------bug_bounty-5Karol Mazurekpenetration-testing, bug-bounty, information-technology, information-security, cybersecurity13-Dec-2023
Only 3 Days Left For IWCON 2023https://infosecwriteups.com/only-3-days-left-for-iwcon-2023-bab915df5ae8?source=rss------bug_bounty-5InfoSec Write-upshacking, bug-bounty, conference, information-security, programming13-Dec-2023
A misconfiguration in the password reset process can lead to an account takeover.https://medium.com/@Mr3Moe/a-misconfiguration-in-the-password-reset-process-can-lead-to-an-account-takeover-30c43e17d744?source=rss------bug_bounty-5Mr3Moeweb-application-security, web-app-pentesting, bug-bounty, web-app-security13-Dec-2023
I found out what my neighbour was looking at on the internet, This is how ?https://navnee1h.medium.com/i-found-out-what-my-neighbour-was-looking-at-on-the-internet-this-is-how-050c4dfef8b4?source=rss------bug_bounty-5Navaneeth M Sbug-bounty, monitoring, dns, hacking, wifi13-Dec-2023
Day 13 Bug Bounty — 60 days 60 bugs challenge (Found P1!!! Hope it gets accepted)https://medium.com/@avbhijitdutta99/day-13-bug-bounty-60-days-60-bugs-challenge-found-p1-hope-it-gets-accepted-670f0dcc25f3?source=rss------bug_bounty-5Abhijit Duttabug-bounty-writeup, bug-bounty, bug-bounty-program, bug-bounty-tips, bugbountychallenge13-Dec-2023
OpenBounty, Shentu’s New Approach in Security Ecosystemhttps://shentuchain.medium.com/openbounty-shentus-new-approach-in-security-ecosystem-fbae6506d956?source=rss------bug_bounty-5Shentu Chainbounty-program, bounty-hunter, bug-bounty, web3, cybersecurity12-Dec-2023
Mobile Application Security Testing: Navigating the Digital Landscape Safelyhttps://medium.com/geekculture/mobile-application-security-testing-navigating-the-digital-landscape-safely-3aead90a5455?source=rss------bug_bounty-5Security Lit Limitedmobile-security, cybersecurity, programming, vapt, bug-bounty12-Dec-2023
I will do Vulnerability Assessment and penetration testing on your websitehttps://securitycipher.medium.com/i-will-do-vulnerability-assessment-and-penetration-testing-on-your-website-5cd4fb147a33?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)services, bug-bounty, security, cybersecurity, technology12-Dec-2023
Skills Needed For Bug Bountyhttps://medium.com/@joshdesharnais1/skills-needed-for-bug-bounty-23e289ef0853?source=rss------bug_bounty-5Joshua Desharnaisxss-attack, idor, bug-bounty, account-takeover12-Dec-2023
Duplicate CSRF… Leads to $$$$https://shellbreaker.medium.com/duplicate-csrf-leads-to-26c1ddc71dc5?source=rss------bug_bounty-5Bhavesh aka Shellbreakerhacking, info-sec-writeups, bug-bounty, cybersecurity, bug-bounty-tips12-Dec-2023
Server-Side Request Forgery (SSRF)https://medium.com/@savanghori1203/server-side-request-forgery-ssrf-ca04465ac41a?source=rss------bug_bounty-5SavanGhoribug-bounty, vulnerability, bug-bounty-tips, ssrf, bugs12-Dec-2023
Remote Code Execution (RCE)https://medium.com/@savanghori1203/remote-code-execution-rce-e8628b1432de?source=rss------bug_bounty-5SavanGhoribug-bounty-tips, bugs, vulnerability, rce, bug-bounty12-Dec-2023
Join ARPA’s Bug Bounty Program with Immunefi — Up to $50,000 in Rewards!https://arpa.medium.com/join-arpas-bug-bounty-program-with-immunefi-up-to-50-000-in-rewards-18d9fbd7b193?source=rss------bug_bounty-5ARPA Officialblockchain, developer, bug-bounty, debugging12-Dec-2023
Easy Admin Access — RVDP (2)https://infosecwriteups.com/easy-admin-access-rvdp-2-bf2ec8349ebf?source=rss------bug_bounty-5hackerdevilpenetration-testing, hacking, bug-bounty-tips, bug-bounty, bug-bounty-writeup12-Dec-2023
One Scheme to Rule Them All: OAuth Account Takeoverhttps://medium.com/@ostorlab/one-scheme-to-rule-them-all-oauth-account-takeover-26ac4cb5e898?source=rss------bug_bounty-5Ostorlabmobile-security, bug-bounty, oauth, bug-bounty-tips, account-takeover12-Dec-2023
The launch of incentivized testnet for TribeOne V3https://tribeone.medium.com/the-launch-of-incentivized-testnet-for-tribeone-v3-6e12a1eb6d0f?source=rss------bug_bounty-5TribeOnebug-bounty, perpetual-contracts, testnet, nft, trading-competition12-Dec-2023
Hacking NASA and Got Hall of Famehttps://medium.com/@bug.hun3r/hacking-nasa-and-got-hall-of-fame-71f9a344d1d0?source=rss------bug_bounty-5mo9kHu93rpenetration-testing, cybersecurity, nasa, ethical-hacking, bug-bounty12-Dec-2023
Build3rs Bug Bounty Programhttps://medium.com/@Lay3rsXR/build3rs-bug-bounty-program-8b874bdfee0e?source=rss------bug_bounty-5Lay3rsbuild3rs, bug-bounty, blockchain, refis12-Dec-2023
Bug Bounty and Hacking Books You Should Read (Must Read)https://rajkaran359.medium.com/bug-bounty-and-hacking-books-you-should-read-must-read-57ca722ad51d?source=rss------bug_bounty-5Rajkaranbug-bounty, hacking-books, hacking, cybersecurity, bug-bounty-tips12-Dec-2023
How I got $300 for Default Credential Login at Bugcrowdhttps://medium.com/@avbhijitdutta99/how-i-got-300-for-default-credential-login-at-bugcrowd-30368eb698f7?source=rss------bug_bounty-5Abhijit Duttabug-bounty-tips, bug-bounty-program, bug-bounty, bug-bounty-writeup12-Dec-2023
missing session scopes lead to authentication bypasshttps://medium.com/@Mr3Moe/missing-session-scopes-lead-to-authentication-bypass-2e1cdaebda7b?source=rss------bug_bounty-5Mr3Moeweb, bug-bounty, appsec, web-penetration-testing12-Dec-2023
Exploiting Django Debug Mode for Unrestricted Access to the Internal Dashboard?https://rokkamvamsi18.medium.com/exploiting-django-debug-mode-for-unrestricted-access-to-the-internal-dashboard-b725783714ae?source=rss------bug_bounty-5Rokkam_Vamshi1_8bug-bounty-tips, django, bug-bounty, hackerone, infosec12-Dec-2023
Portswigger Labs — Api-testinghttps://medium.com/@rynnnn617/portswigger-labs-api-testing-86a8827ddfdc?source=rss------bug_bounty-5Ry4nnnnportswigger, appsec, bug-bounty, burp11-Dec-2023
How to learn Hacking From 0 to Herohttps://rajput623929.medium.com/how-to-learn-hacking-from-0-to-hero-4a5f288c003d?source=rss------bug_bounty-5Mr.Horbiobug-bounty, cryptography, ethical-hacking, cybersecurity, hacking11-Dec-2023
How i found a Host Header Injection in Password Reset Function:https://medium.com/@kataeriidubstep/how-i-found-a-host-header-injection-in-password-reset-function-5c2ba8d209e6?source=rss------bug_bounty-5Pavan kumar.Gcybersecurity, appsec, bug-bounty11-Dec-2023
How I Automatically Discovered SSRF in Hackerone Programshttps://medium.com/@kerstan/how-i-automatically-discovered-ssrf-in-hackerone-programs-39e27a1554b5?source=rss------bug_bounty-5kerstansecurity, ssrf, bug-bounty-tips, bug-bounty, hacker11-Dec-2023
Next js and Antd Desing css demora milesimos de segundos para carregar na página.https://medium.com/@yurioliveiragochi/next-js-and-antd-desing-css-demora-milesimos-de-segundos-para-carregar-na-p%C3%A1gina-77f3b203dac8?source=rss------bug_bounty-5Yuri Oliveira Gochibug-bounty, antd, next, react11-Dec-2023
Unveiling the World of Bug Bounty Programs: Enhancing Cybersecurity Through Collaborationhttps://medium.com/@bahadur4630105/unveiling-the-world-of-bug-bounty-programs-enhancing-cybersecurity-through-collaboration-bde9831b6882?source=rss------bug_bounty-5Syed Dawoodcyber-security-awareness, bug-bounty, bugbounty-writeup, bug-bounty-tips, bug-bounty-hunter11-Dec-2023
Dollars and Detectives: An Unique way to XSS Mysteries ( Not a Simp one ) for a $150 Rewardhttps://naumankh4n.medium.com/dollars-and-detectives-an-unique-way-to-xss-mysteries-not-a-simp-one-for-a-150-reward-f5d2d80d5022?source=rss------bug_bounty-5Nauman Khanmoney, ai, cybersecurity, hacking, bug-bounty11-Dec-2023
Say Goodbye to Password Hassles with These Cutting-Edge Security Trends!https://medium.com/@paritoshblogs/say-goodbye-to-password-hassles-with-these-cutting-edge-security-trends-8b8f6ad8f6d4?source=rss------bug_bounty-5Paritoshbug-bounty, information-security, cybersecurity, passwordless, passwords11-Dec-2023
HackTheBox — Session Security: Obtain Session Identifier via XSShttps://medium.com/@harry.hphu/hackthebox-session-security-obtain-session-identifier-via-xss-c151160c03b0?source=rss------bug_bounty-5Huy Phuhackthebox, web-security, session-security, bug-bounty, xss-attack11-Dec-2023
So you found Auth0 secrets, now what?https://blog.prodefense.io/so-you-found-auth0-secrets-now-what-0945642ac09b?source=rss------bug_bounty-5Nightbanepentesting, security, red-team, bug-bounty, auth011-Dec-2023
Kubernetes CR injection techniquehttps://medium.com/@esonhugh/kubernetes-cr-injection-technique-b4506500b8e9?source=rss------bug_bounty-5Esonhughhacking, custom-resource, bug-bounty, kubernetes-security10-Dec-2023
Bug bounty training from scratch(part2->lesson10):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson10-57551e079751?source=rss------bug_bounty-5Pavan kumar.Gcomputer-science, appsec, bug-bounty, networking10-Dec-2023
Bug bounty training from scratch(part2->lesson9):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson9-4802a25a2570?source=rss------bug_bounty-5Pavan kumar.Gcomputer-science, bug-bounty, appsec, networking10-Dec-2023
Bug bounty training from scratch(part2->lesson8):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson8-e8a2b87c3ac2?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, networking, appsec, computer-science10-Dec-2023
Bug bounty training from scratch(part2->lesson7):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson7-152c167dbc0f?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, appsec, computer-science, networking10-Dec-2023
Bug bounty training from scratch(part2->lesson6):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson6-43abf1f342ec?source=rss------bug_bounty-5Pavan kumar.Gnetworking, computer-science, appsec, bug-bounty10-Dec-2023
Bug bounty training from scratch(part2->lesson5):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson5-f0042df50fca?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, networking, computer-science, appsec10-Dec-2023
Bug bounty training from scratch(part2->lesson4):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson4-29d491577d8c?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, networking, computer-science, appsec10-Dec-2023
Bug bounty training from scratch(part2->lesson3):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson3-80794013cf99?source=rss------bug_bounty-5Pavan kumar.Gnetworking, bug-bounty, computer-science, appsec10-Dec-2023
Bug bounty training from scratch(part2->lesson2):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson2-177e4a21e8d3?source=rss------bug_bounty-5Pavan kumar.Gcomputer-science, appsec, networking, bug-bounty10-Dec-2023
Bug bounty training from scratch(part2->lesson1) :https://medium.com/@kataeriidubstep/understanding-ip-addressing-a-comprehensive-overview-95bf12e05cae?source=rss------bug_bounty-5Pavan kumar.Gnetwork-engineering, computer-science, appsec, bug-bounty10-Dec-2023
Bug bounty training from scratch(part2->lessonhttps://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part2-lesson-7a58ad73a31d?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, appsec, networking, computer-science10-Dec-2023
How to not implement payment features - Insights from Bugbountyhttps://medium.com/@sivakrishnasamireddi/how-to-not-implement-payment-features-insights-from-bugbounty-e3d375566ad0?source=rss------bug_bounty-5Siva Krishna Samireddihacking, payments, bug-bounty, security, bugbounty-writeup10-Dec-2023
5 Tips for the Beginners Who Want to Start Bug Bountyhttps://medium.com/@bhuiyanaman71/5-tips-for-the-beginners-who-want-to-start-bug-bounty-c1a1a952e605?source=rss------bug_bounty-5Aman Bhuiyanweb-hacking, bug-bounty, bug-bounty-tips, hacking, ethical-hacking10-Dec-2023
In under age (<18), How I Hacked Multi- Billion-Dollar-Corp and got first 4 fig. $2600 Bounty!https://medium.com/@manan_sanghvi/in-under-age-18-how-i-hacked-multi-billion-dollar-corp-and-got-first-4-fig-2600-bounty-d9ce97b3652e?source=rss------bug_bounty-5Manan Sanghviidor, bug-bounty, first-bounty, web-application-security, hacking10-Dec-2023
Bug Bounty Testing: Test Ideashttps://medium.com/@lopseg/bug-bounty-testing-test-ideas-cf6e8ec5aed1?source=rss------bug_bounty-5Lopsegbug-bounty-writeup, bug-bounty, hacking-training, bug-bounty-tips, info-sec-writeups10-Dec-2023
CORS Misconfiguration -> PII Leakhttps://medium.com/@boogsta/cors-misconfiguration-pii-leak-2765ff5b7115?source=rss------bug_bounty-5Boogstacybersecurity, cyber, hacking, bug-bounty-tips, bug-bounty10-Dec-2023
Awesome Bug Bounty Tools Exploring Subdomain Enumeration and Reconnaissance Toolshttps://cyberconqueror.medium.com/awesome-bug-bounty-tools-exploring-subdomain-enumeration-and-reconnaissance-tools-7bffb25210e6?source=rss------bug_bounty-5NEWenumeration, mentoring, bug-bounty, cybersecurity, medium09-Dec-2023
Is it safe to expose your Firebase API key?https://infosecwriteups.com/is-it-safe-to-expose-your-firebase-api-key-bf2a318c0f29?source=rss------bug_bounty-5Suprajabaskarancybersecurity, keys, firebase, bug-bounty, ethical-hacking09-Dec-2023
2FA & MFA Bypass, Bug Bounty Easy Wins ! ! Ultimate Guidehttps://medium.com/@Kalki2121/2fa-mfa-bypass-bug-bounty-easy-wins-ultimate-guide-3722de0ad26c?source=rss------bug_bounty-5ʏᴀꜱʜʜinformation-security, bug-bounty-tips, bug-bounty, infosec, cybersecurity09-Dec-2023
3 Symfony (RCE): A Peek Behind the Curtainhttps://medium.com/@bxrowski0x/3-symfony-rce-a-peek-behind-the-curtain-83da5433e149?source=rss------bug_bounty-5Omar ElSayedbug-bounty-tips, cybersecurity, bug-bounty, symfony, remote-code-execution09-Dec-2023
How I passed my CRTP Examhttps://medium.com/@damaidec/how-i-passed-my-crtp-exam-c1dadd4d9ec1?source=rss------bug_bounty-5Damaidecexam, active-directory, cybersecurity, hacking, bug-bounty09-Dec-2023
Introduction to Burpsuite Bambda Featurehttps://medium.com/@gguzelkokar.mdbf15/introduction-to-burpsuite-bambda-feature-4c6b5fbc168d?source=rss------bug_bounty-5Gökhan Güzelkokarhacking, burpsuite, bug-bounty09-Dec-2023
TryHackMe | Advent of Cyber 2023 | Day 5https://axoloth.medium.com/tryhackme-advent-of-cyber-2023-day-5-60a464ac8d07?source=rss------bug_bounty-5Axolothbug-bounty, tryhackme, hacking, cybersecurity, penetration-testing09-Dec-2023
TryHackMe | Advent of Cyber 2023 | Day 4https://axoloth.medium.com/tryhackme-advent-of-cyber-2023-day-4-efa5f90ccfc1?source=rss------bug_bounty-5Axolothtryhackme, hacking, cybersecurity, bug-bounty, penetration-testing09-Dec-2023
My first Bugs: Persistence and mentality (Not a Writeup).https://medium.com/@Nightbloodz/my-first-bugs-persistence-and-mentality-not-a-writeup-1017714abc8c?source=rss------bug_bounty-5Alvaro Baladabug-bounty-hunter, bug-bounty, bug-bounty-tips, cybersecurity09-Dec-2023
Introduction to Burpsuite Bambdas Featurehttps://medium.com/@gguzelkokar.mdbf15/introduction-to-burpsuite-bambda-feature-4c6b5fbc168d?source=rss------bug_bounty-5Gökhan Güzelkokarhacking, burpsuite, bug-bounty09-Dec-2023
My first dork on GHBDhttps://noorhomaid.medium.com/my-first-dork-on-ghbd-988c21b45869?source=rss------bug_bounty-5NoorHomaidcybersecurity, bug-bounty, google-dork, ethical-hacking, penetration-testing09-Dec-2023
HTTP Noir: The Dark Art of Smuggling Byteshttps://chayandatta.medium.com/http-noir-the-dark-art-of-smuggling-bytes-a471a0f990f5?source=rss------bug_bounty-5CHAYAN DATTAsecurity, http-request-smuggling, hacking, bug-bounty, network09-Dec-2023
Broken Link Hijackinghttps://0xtomcat.medium.com/broken-link-hijacking-e0afc5986ea6?source=rss------bug_bounty-5Tomcatbug-bounty, bug-bounty-writeup, bug-bounty-tips, bugbounty-writeup08-Dec-2023
Testing vulnerabilities beyond traditional cases — around login/signup featureshttps://infosecwriteups.com/testing-vulnerabilities-beyond-traditional-cases-around-login-signup-features-9d496bd283d4?source=rss------bug_bounty-5Suprajabaskaranethical-hacking, bug-bounty-tips, penetration-testing, pentesting, bug-bounty08-Dec-2023
#4 Install Burp’s CA Certificate in Firefox — Guide for Burp Suitehttps://securitycipher.medium.com/4-install-burps-ca-certificate-in-firefox-guide-for-burp-suite-75a555ed7225?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)technology, security, bug-bounty-tips, bug-bounty, cybersecurity08-Dec-2023
Enum is the key — Automatizado + Manual = Full shell.https://aleeeeex264.medium.com/enum-is-the-key-automatizado-manual-full-shell-4eead6c37dc4?source=rss------bug_bounty-5Alejandro Olivares 0x4lexkali-linux, bug-bounty, bug-bounty-tips, hacking, pentesting08-Dec-2023
PEARfection: From LFI to RCI: An iCSI CTF Challenge.https://medium.com/@josh.beck2006/pearfection-from-lfi-to-rci-an-icsi-ctf-challenge-4ecfb77a60c4?source=rss------bug_bounty-5Josh Beckbug-bounty, penetration-testing, ctf-writeup, cybersecurity08-Dec-2023
Unraveling The Story of Multiple Admin Panel Compromiseshttps://vedanttekale20.medium.com/unraveling-the-story-of-multiple-admin-panel-compromises-baac4444285f?source=rss------bug_bounty-5Vedant Tekaleinformation-security, recon, bug-bounty, hacking, cybersecurity08-Dec-2023
Blind XSS on Registration Systemhttps://medium.com/@aurelioyudistira/blind-xss-on-registration-system-410eb0b98109?source=rss------bug_bounty-5MxShinzupentesting, bug-bounty, cybersecurity08-Dec-2023
Bug bounty training from scratch:https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-f62cc13fbe64?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Bug bounty training from scratch for beginners:https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-for-beginners-1f17e609fbf0?source=rss------bug_bounty-5Pavan kumar.Gcybersecurity, appsec, computer-science, bug-bounty, linux07-Dec-2023
Bug bounty training from scratch(part1->lesson12):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson12-206baedf6747?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, appsec, computer-science07-Dec-2023
Bug bounty training from scratch(part1->lesson11):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson11-6f2c71aa8135?source=rss------bug_bounty-5Pavan kumar.Gcomputer-science, appsec, bug-bounty07-Dec-2023
Bug bounty training from scratch(part1->lesson10):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson10-b2af2898a6b1?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Bug bounty training from scratch(part1->lesson9):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson9-44b004fe5550?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Bug bounty training from scratch(part1-> lesson8):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson8-98680d93e4bf?source=rss------bug_bounty-5Pavan kumar.Gbug-bounty, appsec, computer-science07-Dec-2023
Bug bounty training from scratch(part1->lesson7):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson7-d04def4b4ef3?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Bug bounty training from scratch (part1->lesson6):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson6-1b4b8742a1ec?source=rss------bug_bounty-5Pavan kumar.Gcomputer-science, bug-bounty, appsec07-Dec-2023
Bug bounty training from scratch(part1->lesson5):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson5-15d8c1f2cc5e?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Bug bounty training from scratch (part1->lesson4):https://medium.com/@kataeriidubstep/bug-bounty-training-from-scratch-part1-lesson4-653699a21284?source=rss------bug_bounty-5Pavan kumar.Gappsec, computer-science, bug-bounty07-Dec-2023
Using reNgine with Netlas.io modulehttps://netlas.medium.com/using-rengine-with-netlas-io-module-436e764a5495?source=rss------bug_bounty-5Netlas.iopenetration-testing, reconnaissance, information-security, cybersecurity, bug-bounty07-Dec-2023
Automation for Target Surface Information Gathering — XCOODE + AI Prompting for Bug Bounty Giantshttps://medium.com/@xcoode/automation-for-target-surface-information-gathering-xcoode-ai-prompting-for-bug-bounty-giants-a545dadc87dc?source=rss------bug_bounty-5XCOODEai, hacking, hackerone, bug-bounty, openai07-Dec-2023
Markdown XSS tipshttps://medium.com/@lopseg/markdown-xss-tips-e166905b1f5e?source=rss------bug_bounty-5Rafael Silvabug-bounty-tips, info-sec-writeups, xss-attack, bug-bounty, bug-bounty-writeup07-Dec-2023
Hacking Indian Government, Finding XSS & SQL Injectionhttps://medium.com/@Kalki2121/hacking-indian-government-finding-xss-sql-injection-9f83e5e60c6f?source=rss------bug_bounty-5Yashhbugs, bug-bounty-tips, bug-bounty, hacking, sql-injection07-Dec-2023
Unveiling Critical Vulnerability: Account Hijacking — Art of play on tokenshttps://medium.com/@xcoode/unveiling-critical-vulnerability-account-hijacking-art-of-play-on-tokens-dd270140cd25?source=rss------bug_bounty-5XCOODEfintech, bug-bounty, security, hacking, cloud07-Dec-2023
Advent of Cyber 2023 -Day 6 Walkthrough.. By Manoj Mudabagil.https://medium.com/@manojmudabagil/advent-of-cyber-2023-day-6-walkthrough-by-manoj-mudabagil-cd7062261d33?source=rss------bug_bounty-5Manoj Mudabagiltryhackme, hacking, advent-of-cyber-2023, cybersecurity, bug-bounty07-Dec-2023
Exploring New Vulnerability Vectors: A Systematic Approach to Manual Google Dorkinghttps://medium.com/@mxmd/exploring-new-vulnerability-vectors-a-systematic-approach-to-manual-google-dorking-fdfc79e9825d?source=rss------bug_bounty-5Max Klosecybersecurity, bug-bounty-tips, bug-bounty, google-dorking, osint07-Dec-2023
Markdown XSS tipshttps://medium.com/@lopseg/markdown-xss-tips-e166905b1f5e?source=rss------bug_bounty-5Lopsegbug-bounty-tips, info-sec-writeups, xss-attack, bug-bounty, bug-bounty-writeup07-Dec-2023
Hunt for GitHub leaks with LOPSEG DORK HELPERhttps://medium.com/@lopseg/hunt-for-github-leaks-with-lopseg-dork-helper-c3ce96cb4177?source=rss------bug_bounty-5Lopsegbug-bounty-writeup, hacking-tools, bug-bounty, bug-bounty-tips, bug-bounty-hunter07-Dec-2023
Enhancing Bug Bounty Hunting with Lopseg OSINThttps://medium.com/@lopseg/enhancing-bug-bounty-hunting-with-lopseg-osint-4f2fd075621a?source=rss------bug_bounty-5Lopsegbug-bounty, ctf, bug-bounty-writeup, cybersecurity, bug-bounty-tips07-Dec-2023
Enhancing Bug Bounty Hunting with Lopseg OSINThttps://medium.com/@lopseg/enhancing-bug-bounty-hunting-with-lopseg-osint-4f2fd075621a?source=rss------bug_bounty-5Lopsegbug-bounty, ctf, bug-bounty-writeup, bug-bounty-tips, hacking-tools07-Dec-2023
Markdown XSS polyglothttps://medium.com/@lopseg/markdown-xss-tips-e166905b1f5e?source=rss------bug_bounty-5Lopsegbug-bounty-tips, info-sec-writeups, xss-attack, bug-bounty, bug-bounty-writeup07-Dec-2023
20 Days Of Hacking: Bug Bounty Challenge —Conclusionhttps://wallotry.medium.com/20-days-of-hacking-bug-bounty-challenge-conclusion-0ac57a737883?source=rss------bug_bounty-5Wallotrybug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-hunting06-Dec-2023
The Secret World of Malicious Strings and Hidden Threats – Are You at Risk?https://medium.com/@paritoshblogs/the-secret-world-of-malicious-strings-and-hidden-threats-are-you-at-risk-cb25535d4718?source=rss------bug_bounty-5Paritoshinformation-security, hacking, http-headers, bug-bounty, cybersecurity06-Dec-2023
Python Program to find GCD (Greatest Common Divisor) for Cryptographyhttps://rajput623929.medium.com/python-program-to-find-gcd-greatest-common-divisor-for-cryptography-816075bba2fa?source=rss------bug_bounty-5Mr.Horbiocybersecurity, hacking, crytocurrency, cryptography, bug-bounty06-Dec-2023
API Security — Web Security Academyhttps://mrshan.medium.com/api-security-web-security-academy-3578589fc3fa?source=rss------bug_bounty-5MR SHANweb-security-academy, bug-bounty06-Dec-2023
Spool Unveils Comprehensive Bug Bounty Programme to Fortify DeFi Securityhttps://medium.com/spoolfi/spool-unveils-comprehensive-bug-bounty-programme-to-fortify-defi-security-673559c463dd?source=rss------bug_bounty-5Spoolbug-bounty, security, blockchain, defi, smart-contracts06-Dec-2023
Cheat code for file upload vulnerability by kidnapshadowhttps://medium.com/@kidnapshadow/cheat-code-for-file-upload-vulnerability-by-kidnapshadow-ebb0794581f2?source=rss------bug_bounty-5Kidnapshadowkidnapshadow, owasp, vulnerability, file-upload-vulnerability, bug-bounty06-Dec-2023
API Documentation Tipshttps://medium.com/@lopseg/api-documentation-tips-e36e63f47589?source=rss------bug_bounty-5Rafael Silvabug-bounty-tips, bug-hunting, bug-bounty06-Dec-2023
From Bug Bounty Prodigy to Leadership Luminary: Aditya Shende Ascends at XCOODEhttps://medium.com/@xcoode/from-bug-bounty-prodigy-to-leadership-luminary-aditya-shende-ascends-at-xcoode-18a6aaab1471?source=rss------bug_bounty-5XCOODEcybersecurity, bug-bounty, leadership, cyber05-Dec-2023
Empowering the Next Generation: XCOODE Unveils Hacckers Bug Bounty Platform for Cyber Enthusiastshttps://medium.com/@xcoode/empowering-the-next-generation-xcoode-unveils-hacckers-bug-bounty-platform-for-cyber-enthusiasts-bc6dc31c27b9?source=rss------bug_bounty-5XCOODEcybersecurity, hacker, cyber, bug-bounty05-Dec-2023
PDF Upload Leading to Stored XSShttps://medium.com/@katmaca2014/pdf-upload-leading-to-stored-xss-f712326705ee?source=rss------bug_bounty-5Kaan Atmacacybersecurity, penetration-testing, bug-bounty, hacking, pentesting05-Dec-2023
LFI via SMTP log poisoninghttps://medium.com/@akshadjoshi/lfi-via-smtp-log-poisoning-65e02dd21068?source=rss------bug_bounty-5Akshad Joshilog-poisoning, local-file-inclusion, smtp, bug-bounty, rce05-Dec-2023
Bypassing 2FA Authentication in TeamPass Systemhttps://medium.com/@developer_1991/bypassing-2fa-authentication-in-teampass-system-f3184fe8589d?source=rss------bug_bounty-5HamidReza Faghanibug-bounty, account-takeover, security, 0day, exploitation05-Dec-2023
Admin Panel Accesshttps://medium.com/@omdubey170/admin-panel-access-5dd2fd4938a0?source=rss------bug_bounty-5Omdubeybug-bounty, bugs, bug-bounty-tips, ethical-hacking, pentesting05-Dec-2023
LFI on Microsofthttps://medium.com/@sushilgill08/lfi-on-microsoft-2d30c9283534?source=rss------bug_bounty-5Sushil Choudharyhackerone, bug-hunting, microsoft, bug-bounty, bugbounty-writeup04-Dec-2023
How I Found A Website Vulnerability In Under 10 Minuteshttps://medium.com/@abidmafahim7/how-i-found-a-website-vulnerability-in-under-10-minutes-2b2ff934545d?source=rss------bug_bounty-5Abidmafahimgit-exposed, web-vulnerabilities, bug-bounty04-Dec-2023
Elevating Security: Whatfix Transition to a Custom Vulnerability Disclosure Program (VDP)https://medium.com/whatfix-techblog/elevating-security-whatfix-transition-to-a-custom-vulnerability-disclosure-program-vdp-e6d5a7e11c9d?source=rss------bug_bounty-5Kamlesh Tukaralvulnerability-disclosure, whatfix, vdp, bug-bounty, infosec04-Dec-2023
The Hidden Dangers Lurking in Your Active Directory Certificate Services – What You Need to Know…https://medium.com/@paritoshblogs/the-hidden-dangers-lurking-in-your-active-directory-certificate-services-what-you-need-to-know-7c735c09e0fd?source=rss------bug_bounty-5Paritoshcybersecurity, active-directory, bug-bounty, information-security, adc04-Dec-2023
Bug Hunter journal day #3 and #4https://medium.com/@joaomaia171820/bug-hunter-journal-day-3-and-4-37b4c653abd9?source=rss------bug_bounty-5Jhonny_The_Kidbug-bounty-writeup, bug-bounty-program, bug-bounty, cybersecurity04-Dec-2023
Javascript Analysis to SQL injectionhttps://melguerdawi.medium.com/javascript-analysis-to-sql-injection-ca763f9c4c4e?source=rss------bug_bounty-5Mostafa Elguerdawibug-bounty, bug-bounty-tips, hackerone, sql-injection04-Dec-2023
Web Enumeration With Gobusterhttps://medium.com/@ronak.d.sharma111/web-enumeration-with-gobuster-ca4ac46da90b?source=rss------bug_bounty-5Ronak Sharmacybersecurity, hacking, bug-bounty04-Dec-2023
20 Days Of Hacking: Bug Bounty Challenge — Day 2https://wallotry.medium.com/20-days-of-hacking-bug-bounty-challenge-day-2-51b02ca865ea?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-writeup, bug-bounty-tips03-Dec-2023
How I Found My First Website Vulnerability as a Web Pentesterhttps://medium.com/@abidmafahim7/how-i-found-my-first-website-vulnerability-as-a-web-pentester-2dee809e0eea?source=rss------bug_bounty-5Abidmafahimsql-injection-attack, bug-bounty, web-vulnerabilities, xss-vulnerability03-Dec-2023
My first and simple ATO in a private programhttps://medium.com/@pabs2141/my-first-and-simple-ato-in-a-private-program-212c6b17b245?source=rss------bug_bounty-5PanSabug-bounty, bug-bounty-writeup, hacking, account-takeover03-Dec-2023
My Confusion Over Local File Inclusionhttps://medium.com/illuminations-mirror/my-confusion-over-local-file-inclusion-11f3d7c43b23?source=rss------bug_bounty-5Quintius Walkerpoetry, bug-bounty, writeup, cybersecurity, poetry-on-medium03-Dec-2023
The Shocking Secrets Behind Foolproof Vulnerability Response!https://medium.com/@paritoshblogs/the-shocking-secrets-behind-foolproof-vulnerability-response-fc6fe8b91d47?source=rss------bug_bounty-5Paritoshvulnerability, cybersecurity, bug-bounty, hacking, information-security03-Dec-2023
The ONE Vulnerability Every Website Owner Fears — Learn How YOU Can Expose It!https://medium.com/@paritoshblogs/the-one-vulnerability-every-website-owner-fears-learn-how-you-can-expose-it-71fef31b0ece?source=rss------bug_bounty-5Paritoshprogramming, bug-bounty, hacking, information-security, cybersecurity03-Dec-2023
My First Valid Bug!!!https://medium.com/@sushilgill08/my-first-valid-bug-444f26e1f8be?source=rss------bug_bounty-5Sushil Choudharycybersecurity, bug-bounty-writeup, bugbounty-tips, bug-hunting, bug-bounty03-Dec-2023
Everything I know on Reconhttps://medium.com/@joshdesharnais1/everything-i-know-on-recon-689f6a535757?source=rss------bug_bounty-5Joshua Desharnaisrecon, tools-and-resources, tools, bug-bounty, bug-bounty-tips03-Dec-2023
Streamable Finance Bug Bounty Campaign is live!https://streamablefinance.medium.com/streamable-finance-bug-bounty-campaign-is-live-2ced6e4c68d5?source=rss------bug_bounty-5Streamable Financebug-bounty, product-launch03-Dec-2023
Business Logic Vulnerability: Payment bypasshttps://vrushabhd.medium.com/business-logic-vulnerability-payment-bypass-9335bdbdbdf6?source=rss------bug_bounty-5Mr. Vrushabhpentesting, bug-bounty, vulnerability, bug-bounty-tips, hackerone03-Dec-2023
How I Created an Advanced Web Code Analyzer Using ChatGPThttps://infosecwriteups.com/how-i-created-an-advanced-web-code-analyzer-using-chatgpt-6b32a7d42f88?source=rss------bug_bounty-5Jarred Longoriacybersecurity, chatgpt, infosec, bug-bounty03-Dec-2023
Azure Log Analysis: Real-Life Incidents and Practical Tips to Safeguardhttps://medium.com/@paritoshblogs/azure-log-analysis-real-life-incidents-and-practical-tips-to-safeguard-077faf28919b?source=rss------bug_bounty-5Paritoshcybersecurity, incident-response, azure, bug-bounty, information-security03-Dec-2023
How to debug android native libraries using JEB decompiler?https://medium.com/@shubhamsonani/how-to-debug-android-native-libraries-using-jeb-decompiler-eec681a22cf3?source=rss------bug_bounty-5Shubham Sonanibug-bounty, hacking, android, cybersecurity, penetration-testing03-Dec-2023
How to bypass debugger detection in Android/iOS native libraries using IDA Pro?https://medium.com/@shubhamsonani/how-to-bypass-debugger-detection-in-android-ios-native-libraries-using-ida-pro-3e289c2127d6?source=rss------bug_bounty-5Shubham Sonanibug-bounty, cybersecurity, android, hacking, penetration-testing03-Dec-2023
How to debug Android/iOS native library using GDB debugger?https://medium.com/@shubhamsonani/how-to-debug-android-ios-native-library-using-gdb-debugger-d02c0e0341eb?source=rss------bug_bounty-5Shubham Sonanihacking, penetration-testing, cybersecurity, technology, bug-bounty03-Dec-2023
20 Days Of Hacking: Bug Bounty Challenge — Day 1https://wallotry.medium.com/20-days-of-hacking-bug-bounty-challenge-day-1-38a1735644ab?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty02-Dec-2023
Vulnerability Discovery in SRC — Concurrencyhttps://medium.com/@rynnnn617/vulnerability-discovery-in-src-concurrency-baa9ffdfa9d9?source=rss------bug_bounty-5Ry4nnnnconcurrency, bug-bounty-tips, bug-bounty02-Dec-2023
Lateral Movement Techniques Through File Share Exploitationhttps://medium.com/@paritoshblogs/lateral-movement-techniques-through-file-share-exploitation-a50d1ffdb8e7?source=rss------bug_bounty-5Paritoshlateral-movement, hacking, information-security, cybersecurity, bug-bounty02-Dec-2023
The Rising Threat of Cookie Theft and RMM Takeoverhttps://medium.com/@paritoshblogs/the-rising-threat-of-cookie-theft-and-rmm-takeover-bafe0013ffc0?source=rss------bug_bounty-5Paritoshrealtime-monitoring, cookies, cybersecurity, hacking, bug-bounty02-Dec-2023
Bug Hunter journal day(week) #1https://medium.com/@joaomaia171820/bug-hunter-journal-day-week-1-699926bf1a70?source=rss------bug_bounty-5Jhonny_The_Kidbug-bounty-writeup, bug-bounty-program, bug-bounty, pentest02-Dec-2023
Mastering Bug Bounty: A Comprehensive Guide to Earning Money Ethically and Safely in Cybersecurity.https://medium.com/@thecyberxcompany/mastering-bug-bounty-a-comprehensive-guide-to-earning-money-ethically-and-safely-in-cybersecurity-46c1b44f52fd?source=rss------bug_bounty-5The CyberX Companyethical-hacking, hacking, cybersecurity, bug-bounty, earn-money-online02-Dec-2023
Mastering Bug Bounty Hunting: A Comprehensive Guide to Launch Your Cybersecurity Career.https://medium.com/@thecyberxcompany/mastering-bug-bounty-hunting-a-comprehensive-guide-to-launch-your-cybersecurity-career-5553ddcced30?source=rss------bug_bounty-5The CyberX Companybug-bounty-tips, bugs, ethical-hacking, cybersecurity, bug-bounty02-Dec-2023
How MAC Spoofing works and How attackers do that!!https://medium.com/@hackerdom_devil/how-mac-spoofing-works-and-how-attackers-do-that-57797179430f?source=rss------bug_bounty-5Gokuleswaran Bethical-hacking, mac-spoofing, penetration-testing, bug-bounty, bug-bounty-tips02-Dec-2023
Top 25 Advanced Google Dorks for OSINT and Bug Bounty Huntinghttps://osintteam.blog/top-25-advanced-google-dorks-for-osint-and-bug-bounty-hunting-f2d9dceed068?source=rss------bug_bounty-5as-squirrelbug-bounty, osint, cybersecurity, google-dorks-list, hacking02-Dec-2023
Day 12 Bug Bounty — 60 days 60 bugs challenge (Didn’t found anything, but could be something…https://medium.com/@avbhijitdutta99/day-12-bug-bounty-60-days-60-bugs-challenge-didnt-found-anything-but-could-be-something-ba0324d96ce7?source=rss------bug_bounty-5Abhijit Duttabug-bounty, bug-bounty-hunter, bugbountychallenge, bug-bounty-writeup01-Dec-2023
Writing High-Quality Bug Reports: Best Practices for Effective Bug Bounty Huntinghttps://medium.com/@prathameshbagul/writing-high-quality-bug-reports-best-practices-for-effective-bug-bounty-hunting-74542dff9793?source=rss------bug_bounty-5Prathcybersecurity, pentesting, report, bug-bounty-tips, bug-bounty01-Dec-2023
What is this httpx thing? Using it in your adventure with Bugbounty?https://systemweakness.com/what-is-this-httpx-thing-using-it-in-your-adventure-with-bugbounty-f91f1ef31d49?source=rss------bug_bounty-5Vicky Aryanrecon, bug-bounty, cybersecurity, hacking, httpx01-Dec-2023
Verification Bypass via “Mass Assignment”https://larebsec.medium.com/verification-bypass-via-mass-assignment-25707e210a42?source=rss------bug_bounty-5Larebbug-bounty, cybersecurity, bugbounty-writeup, hacking, vulnerability01-Dec-2023
How attackers use ARP Spoofing / Poisoning to takeover a complete Network!!https://medium.com/@hackerdom_devil/how-attackers-use-arp-spoofing-poisoning-to-takeover-a-complete-network-8477cea362c4?source=rss------bug_bounty-5Gokuleswaran Bpenetration-testing, bug-bounty, ethical-hacking, network-security, arp-spoofing01-Dec-2023
Building Kubernetes Detections: Strengthening Security with Real-world Exampleshttps://medium.com/@paritoshblogs/building-kubernetes-detections-strengthening-security-with-real-world-examples-8268cddd852f?source=rss------bug_bounty-5Paritoshbug-bounty, cybersecurity, programming, information-security, hacking01-Dec-2023
Part 03 | What To Do After Choosing a Target? | Post Recon |Bug Bountyhttps://infosecwriteups.com/part-03-what-to-do-after-choosing-a-target-post-recon-bug-bounty-1a7f431b4d79?source=rss------bug_bounty-5Om Arorabug-bounty, hacking, bug-bounty-tips, methodology, infosec01-Dec-2023
Navigating the Bug Bounty Arena: Earn $605,000 Reward, Learn Morehttps://medium.com/coded-tech-talk/navigating-the-bug-bounty-arena-earn-605-000-reward-learn-more-e754e077a81c?source=rss------bug_bounty-5Coded Conversationsbug-bounty-tips, cybersecurity, security, hacking, bug-bounty01-Dec-2023
Project 2510: Bug Bounty Challenge — The End?https://wallotry.medium.com/project-2510-bug-bounty-challenge-the-end-afb67ea2abd1?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunting, bug-bounty30-Nov-2023
Exploring the Logic of XSS Attacks and Bypassing Techniques through Browser Decodinghttps://medium.com/@test_90648/considering-xss-attacks-and-bypass-logic-from-the-perspective-of-browser-decoding-logic-can-provide-b4579d3c458b?source=rss------bug_bounty-5JessicaSecurityxs, bug-bounty, web, security, browsers30-Nov-2023
What is SQL injectionhttps://medium.com/@savanghori1203/what-is-sql-injection-a3907c6967a5?source=rss------bug_bounty-5Savanghorivulnerability, bug-bounty-tips, bug-bounty, sql-injection, sql30-Nov-2023
Cross-Site Scripting (XSS)https://medium.com/@savanghori1203/cross-site-scripting-xss-b6139b38fa2b?source=rss------bug_bounty-5Savanghoribug-bounty, xss-vulnerability, bug-bounty-tips, bugs, xss-attack30-Nov-2023
The Shocking Truth Behind Indicators of Compromise (IOCs) — You Won’t Believe What We Found!https://medium.com/@paritoshblogs/the-shocking-truth-behind-indicators-of-compromise-iocs-you-wont-believe-what-we-found-5255d54b98d9?source=rss------bug_bounty-5Paritoshbug-bounty, malware-analysis, cybersecurity, ioc, information-security30-Nov-2023
Subdomain Enumeration Techniqueshttps://medium.com/@savanghori1203/subdomain-enumeration-00f487d6b829?source=rss------bug_bounty-5Savanghoribug-bounty-tips, bug-bounty, recon, subdomains-enumeration, subdomain30-Nov-2023
Day 11 Bug Bounty — 60 days 60 bugs challengehttps://medium.com/@avbhijitdutta99/day-11-bug-bounty-60-days-60-bugs-challenge-530119a74c90?source=rss------bug_bounty-5Abhijit Duttabugbountychallenge, bug-bounty-tips, bug-bounty, bug-bounty-writeup30-Nov-2023
Network Managed Detection and Response (NMDR): Strengthening Cybersecurity Defenseshttps://medium.com/@paritoshblogs/network-managed-detection-and-response-nmdr-strengthening-cybersecurity-defenses-a8a5e989b310?source=rss------bug_bounty-5Paritoshinformation-security, managed-detection, bug-bounty, nmdr, cybersecurity30-Nov-2023
Server-Side Request Forgery (SSRF)https://medium.com/@savanghori1203/server-side-request-forgery-ssrf-1e9755b38c59?source=rss------bug_bounty-5SavanGhorissrf, vulnerability, bug-bounty, ssrf-bug, bug-bounty-tips30-Nov-2023
Ödeme sayfasında Business Logichttps://medium.com/@el-cezeri/%C3%B6deme-sayfas%C4%B1nda-business-logic-cba493d9f6b8?source=rss------bug_bounty-5Samet Yiğitbugbounty-writeup, ödülavcılığı, bug-bounty30-Nov-2023
Remote Code Execution (RCE)https://medium.com/@savanghori1203/remote-code-execution-rce-9f078b98316a?source=rss------bug_bounty-5SavanGhoribugs, bug-bounty-tips, bug-bounty, rce, vulnerability30-Nov-2023
Insecure Direct Object Reference(IDOR)https://medium.com/@savanghori1203/idor-insecure-direct-object-reference-88576225e265?source=rss------bug_bounty-5SavanGhorivulnerability, idor, bugs, bug-bounty, bug-bounty-tips30-Nov-2023
Simple Recon Di Android Menggunakan Tools TheTimeMachine dan Dirsearchhttps://alpinnnnnn13.medium.com/simple-recon-di-android-menggunakan-tools-thetimemachine-dan-dirsearch-3384aad17c15?source=rss------bug_bounty-5Mohammad Alfin Hidayatullahbug-bounty, bug-bounty-tips, recon, scanning30-Nov-2023
Race Condition - A cURL Chaoshttps://shahjerry33.medium.com/race-condition-a-curl-chaos-820cb289cbf1?source=rss------bug_bounty-5Jerry Shah (Jerry)cybersecurity, infosec, bug-bounty, vulnerability, pentesting30-Nov-2023
Easy Bug Hunting: HTML Injection Explained Step by Step”https://medium.com/@faizankhaliq26/easy-bug-hunting-html-injection-explained-step-by-step-011901f183d9?source=rss------bug_bounty-5MUHAMMAD FAIZAN KHANbwapp, bug-bounty, web-application-security, penetration-testing, html-injection30-Nov-2023
Top Free Resources for Ethical Hacking and Bug Bounty Beginners & Expertshttps://infosecwriteups.com/top-free-resources-for-ethical-hacking-and-bug-bounty-beginners-experts-9556ef045db4?source=rss------bug_bounty-5Jarred Longoriacybersecurity, ethical-hacking, bug-bounty, free-resources30-Nov-2023
1.11 Lab: Blind SQL injection with time delays and information retrieval | 2023https://cyberw1ng.medium.com/1-11-lab-blind-sql-injection-with-time-delays-and-information-retrieval-2023-e8123405e87d?source=rss------bug_bounty-5Karthikeyan Nagarajcybersecurity, careers, penetration-testing, hacking, bug-bounty30-Nov-2023
Easy Bug Hunting: HTML Injection Explained Step by Stephttps://medium.com/@faizankhaliq26/easy-bug-hunting-html-injection-explained-step-by-step-011901f183d9?source=rss------bug_bounty-5MUHAMMAD FAIZAN KHANbwapp, bug-bounty, web-application-security, penetration-testing, html-injection30-Nov-2023
Rise of Broken Access Controlhttps://medium.com/@rafinrahmanchy/rise-of-broken-access-control-51356916235f?source=rss------bug_bounty-5Rafin Rahman Chybug-bounty, appsec, application-security, infosec, web-security30-Nov-2023
Easy Bug Hunting: HTML Injection Explained Step by Stephttps://medium.com/@faizankhaliq26/easy-bug-hunting-html-injection-explained-step-by-step-011901f183d9?source=rss------bug_bounty-5bwapp, bug-bounty, web-application-security, penetration-testing, html-injection30-Nov-2023
Day 10 Bug Bounty — 60 days 60bugs challenge — New Start!https://medium.com/@avbhijitdutta99/day-10-bug-bounty-60-days-60bugs-challenge-new-start-832988aeb569?source=rss------bug_bounty-5Abhijit Duttabug-bounty, bug-bounty-tips, bugbountychallenge, bug-bounty-writeup29-Nov-2023
Windows Login Bypasshttps://infosecwriteups.com/windows-login-bypass-eab148bc9dd5?source=rss------bug_bounty-5c0d3x27software-development, bug-bounty, cybersecurity, windows, hacking29-Nov-2023
Cybersecurity Risk of Opening Up to the Internethttps://medium.com/@paritoshblogs/cybersecurity-risk-of-opening-up-to-the-internet-c624c9a018ba?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, programming, hacking, internet-of-things29-Nov-2023
OSINT: How to find information on anyonehttps://medium.com/@sakthi172000/osint-how-to-find-information-on-anyone-14514216cec1?source=rss------bug_bounty-5SAKTHIVEL Pbug-bounty, infosec, cybersecurity, osint, osint-tool29-Nov-2023
Mastering API Penetration Testing: A Comprehensive Guide for Security Pentestershttps://infosecwriteups.com/mastering-api-penetration-testing-a-comprehensive-guide-for-security-pentesters-bf62f65b5b21?source=rss------bug_bounty-5Suprajabaskaranethical-hacking, bug-bounty, pentesting, cybersecurity, api29-Nov-2023
Useful tools for bug hunterhttps://medium.com/@cyberhansu/useful-tools-for-bug-hunter-f493866fa1bc?source=rss------bug_bounty-5cyberhansuhunter-s-thompson, bug-hunting, bug-bounty, hacker, bug-hunter29-Nov-2023
How to make money legally as a Hackerhttps://medium.com/@cyberhansu/how-to-make-money-legally-as-a-hacker-c27037b143a9?source=rss------bug_bounty-5cyberhansubug-bounty, make-money, web-application-security, mobileapplicationsecurity29-Nov-2023
PII Disclosure Worth $750https://vijetareigns.medium.com/pii-disclosure-worth-750-758b72e7e8ca?source=rss------bug_bounty-5the_unlucky_guybug-bounty-tips, bugbounty-writeup, bug-bounty, bug-bounty-writeup, cybersecurity29-Nov-2023
R.xyz: Web3 Bug Bounty Platformhttps://medium.com/coinmonks/r-xyz-web3-bug-bounty-platform-95d48c911989?source=rss------bug_bounty-5Officer's Notessmart-contract-security, bug-bounty-tips, bug-bounty, hacking, web329-Nov-2023
CRLF to XSShttps://medium.com/@a7med.ctf/crlf-to-xss-8059ceefd349?source=rss------bug_bounty-5Ahmed Mahmouedsnapchat, bug-bounty-tips, hacker, bug-bounty29-Nov-2023
Aztec Multiple-Spend Error Bugfix Reviewhttps://medium.com/immunefi/aztec-multiple-spend-error-bugfix-review-20074581d224?source=rss------bug_bounty-5Immunefi Editorcryptocurrency, security, bug-bounty, web3, multiple-spend-error29-Nov-2023
1.10 Lab: Blind SQL injection with time delays | 2023https://cyberw1ng.medium.com/1-10-lab-blind-sql-injection-with-time-delays-2023-a95a3b8557ec?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, hacking, cybersecurity, careers29-Nov-2023
IWCON 2023 CTF Registrations Now Openhttps://infosecwriteups.com/iwcon-2023-ctf-registrations-now-open-46c2611714f0?source=rss------bug_bounty-5InfoSec Write-upsctf, conference, infosec, hacking, bug-bounty29-Nov-2023
Top 25 Advanced Google Dorks for Uncovering Sensitive Documentshttps://osintteam.blog/top-25-advanced-google-dorks-for-uncovering-sensitive-documents-a9705e05353d?source=rss------bug_bounty-5as-squirrelosint, cybersecurity, hacking, google-dork, bug-bounty29-Nov-2023
Fat GET Authorization Bypasshttps://medium.com/techiepedia/fat-get-authorization-bypass-521a1ca37b6e?source=rss------bug_bounty-5Jessprogramming, hackerone, security, bug-bounty, bug-bounty-tips29-Nov-2023
HackTheBox — Web Attacks: Error Based XXE to exfiltrate datahttps://medium.com/@harry.hphu/hackthebox-web-attacks-error-based-xxe-to-exfiltrate-data-3f577eef18c7?source=rss------bug_bounty-5Huy Phuowasp-top-10, web-security, hackthebox, xxe-attack, bug-bounty28-Nov-2023
HackTheBox — Web Attacks: XXE with Blind Exfiltration Datahttps://medium.com/@harry.hphu/hackthebox-web-attacks-xxe-with-blind-exfiltration-data-123d4be1245e?source=rss------bug_bounty-5Huy Phubug-bounty, owasp-top-10, web-security, xxe-attack, hackthebox28-Nov-2023
Catching C2s with Regex Signatures, TLS Certificates, and OSINThttps://medium.com/@paritoshblogs/catching-c2s-with-regex-signatures-tls-certificates-and-osint-8871d9a46602?source=rss------bug_bounty-5Paritoshbug-bounty, information-security, cybersecurity, command-and-control, hacking28-Nov-2023
Apple security research.https://medium.com/@abhay2432455/apple-security-research-8780372757be?source=rss------bug_bounty-5Abhay Kailasiagoogle, apple, cybersecurity, bug-bounty, bug-bounty-writeup28-Nov-2023
XSS - Weaponization ATOhttps://p4n7h3rx.medium.com/xss-weaponization-ato-1de0ee30526b?source=rss------bug_bounty-5p4n7h3rxpenetration-testing, cybersecurity, infosec, bug-bounty-tips, bug-bounty28-Nov-2023
1.9 Lab: Visible error-based SQL injection | 2023https://cyberw1ng.medium.com/1-9-lab-visible-error-based-sql-injection-2023-771157e90ad8?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, bug-bounty, careers, penetration-testing28-Nov-2023
VulnLab — SQLi Injection series — Bypass Loginhttps://medium.com/@deandradarra05/vulnlab-sqli-injection-series-bypass-login-0d6af43a395d?source=rss------bug_bounty-5Deandradarrapenetration-testing, cybersecurity, bug-bounty, sqli28-Nov-2023
The Bug Hunter’s Methodology Live Course Reviewhttps://medium.com/@cybersekler/the-bug-hunters-methodology-live-course-review-4261a7a9121e?source=rss------bug_bounty-5Cyber Seklerhacking, red-team, reconnaissance, bug-bounty, application-security28-Nov-2023
Hall of Fame at NASAhttps://medium.com/@bijoy.redteamacademy/hall-of-fame-at-nasa-91539af7826c?source=rss------bug_bounty-5BIJOY Bgoogle-ads, hacker-news, google, nasa, bug-bounty28-Nov-2023
Understanding and Mitigating Insecure Direct Object References (IDOR) Vulnerabilitieshttps://medium.com/@harry.hphu/understanding-and-mitigating-insecure-direct-object-references-idor-vulnerabilities-b27047015e15?source=rss------bug_bounty-5Huy Phuidor-vulnerability, bug-bounty, web-security, owasp-top-10, hackthebox27-Nov-2023
Burpsuite Custom Scan Profileshttps://mrrootsec.medium.com/burpsuite-custom-scan-profiles-12a9df9e36bd?source=rss------bug_bounty-5mrrootsecowasp-top-10, bug-bounty, application-security-test27-Nov-2023
Understanding XML External Entity (XXE) Vulnerabilitieshttps://medium.com/@harry.hphu/understanding-xml-external-entity-xxe-vulnerabilities-e8b64c2c2b3c?source=rss------bug_bounty-5Huy Phubug-bounty, owasp-top-10, xml-injection, hackthebox, web-security27-Nov-2023
Confounding Adversaries Through the Art of Illusionhttps://medium.com/@paritoshblogs/confounding-adversaries-through-the-art-of-illusion-5cc56090d93a?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, information-security, cybersecurity, hacking27-Nov-2023
Unveiling Critical Bug Using Directory Search — Bug Bounty Tip!https://medium.com/@learningstuff110/unveiling-critical-bug-using-directory-search-bug-bounty-tip-330d4d9900ee?source=rss------bug_bounty-5Fahad Hasanweb-app-development, vulnerability, bug-bounty, cybersecurity, penetration-testing27-Nov-2023
Confounding Adversaries Through the Art of Illusionhttps://osintteam.blog/confounding-adversaries-through-the-art-of-illusion-5cc56090d93a?source=rss------bug_bounty-5Paritoshbug-bounty, information-technology, information-security, cybersecurity, hacking27-Nov-2023
Ruby One — Bug Bounty Program & Claim Your $RUBYhttps://rubyprotocol.medium.com/ruby-one-bug-bounty-program-claim-your-ruby-848c81c4b164?source=rss------bug_bounty-5Ruby Protocolblockchain, cryptocurrency, bug-bounty, crypto, ethereum27-Nov-2023
HTTP/2 Request Smugglinghttps://medium.com/@kerstanhgnhzhw/http-2-request-smuggling-eb56cfd84a37?source=rss------bug_bounty-5kerstanweb-security, bug-bounty, security, request-smuggling, pentesting27-Nov-2023
Kaynak kodu ile XSS’i nasıl buldum ?https://medium.com/@el-cezeri/kaynak-kodu-ile-xssi-nas%C4%B1l-buldum-9cf2632f4717?source=rss------bug_bounty-5Samet Yiğitxss-attack, bug-bounty-tips, ödülavcılığı, bug-bounty27-Nov-2023
Website Scanner…https://medium.com/@psychomong/website-scanner-4856d77bc600?source=rss------bug_bounty-5psychomonghacking, gui, scanner, bug-bounty, web27-Nov-2023
@pdiscoveryio’s Katana for Bug Bounty.https://medium.com/@BrownBearSec/pdiscoveryios-katana-for-bug-bounty-1aee11cfae14?source=rss------bug_bounty-5BrownBearSecbug-bounty, cybersecurity, bug-bounty-tips, red-team, infosec27-Nov-2023
1.8 Lab: Blind SQL injection with conditional errors | 2023https://cyberw1ng.medium.com/1-8-lab-blind-sql-injection-with-conditional-errors-2023-da84a7836bcd?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, cybersecurity, bug-bounty27-Nov-2023
My bug bounty journey: #1 Linuxhttps://medium.com/@VDMoscar/my-bug-bounty-journey-1-linux-176d3b4f4065?source=rss------bug_bounty-5Oscar Vandermeulenbug-bounty, hacking27-Nov-2023
Code4rena Audithttps://medium.com/@panoptic_xyz/code4rena-audit-96902468eece?source=rss------bug_bounty-5Panopticpanoptic, audit, bug-bounty, perpetual-options27-Nov-2023
“Navigating Risks: Vulnerability Stemming from a Third-Party Integration”https://shubhdeepp.medium.com/navigating-risks-vulnerability-stemming-from-a-third-party-integration-c877d15977d8?source=rss------bug_bounty-5shubhdeepvulnerability-assessment, vulnerability, cybersecurity, bug-bounty, supply-chain-management27-Nov-2023
HackTheBox — Web Attacks: From XXE Injection to Advanced Local File Disclosurehttps://medium.com/@harry.hphu/hackthebox-web-attacks-from-xxe-injection-to-advanced-local-file-disclosure-64d1bf5acdca?source=rss------bug_bounty-5Huy Phuweb-security, owasp-top-10, bug-bounty, xxe-attack, hackthebox27-Nov-2023
HackTheBox — Web Attacks: Mass IDOR enumerationhttps://medium.com/@harry.hphu/hackthebox-web-attacks-mass-idor-enumeration-dc12da1f6333?source=rss------bug_bounty-5Huy Phuhackthebox, owasp-top-10, bug-bounty, web-attack, mass-idor-enumeration26-Nov-2023
Bug Zero at a Glance [01–18 November]https://blog.bugzero.io/bug-zero-at-a-glance-01-18-november-1cfce20b881c?source=rss------bug_bounty-5Januka Dharmapriyabug-zero, cybersecurity, bug-bounty, sri-lanka, newsletter26-Nov-2023
HackTheBox — Web Attacks — IDOR: Bypassing Encoded Referenceshttps://medium.com/@harry.hphu/hackthebox-web-attacks-idor-bypassing-encoded-references-4e28008120fc?source=rss------bug_bounty-5Huy Phuidor-vulnerability, web-security, bug-bounty, hackthebox-writeup, owasp-top-1026-Nov-2023
Waybackurls leads to pwned Admin Panelhttps://medium.com/@cybersolution2172/waybackurls-leads-to-pwned-admin-panel-ac3f728b87ac?source=rss------bug_bounty-5Satyam Singhinfosec, bug-bounty, bug-bounty-tips, hacking, vulnerability26-Nov-2023
A Thrilling Expedition into AWS Securityhttps://medium.com/@paritoshblogs/a-thrilling-expedition-into-aws-security-bbce85cd1eed?source=rss------bug_bounty-5Paritoshaws-security, aws, bug-bounty, information-security, cybersecurity26-Nov-2023
Story of Http password reset link for $$$https://devanshchauhan4565.medium.com/story-of-http-password-reset-link-for-15b583519e03?source=rss------bug_bounty-5Devansh chauhanwriting-tips, bug-bounty, bug-bounty-tips26-Nov-2023
HackTheBox — Web Attacks: IDOR in Insecure APIs Write uphttps://medium.com/@harry.hphu/hackthebox-web-attacks-idor-in-insecure-apis-write-up-7adcf4e68968?source=rss------bug_bounty-5Huy Phuhackthebox, owasp-top-10, idor-vulnerability, bug-bounty, api-security26-Nov-2023
CSRF Bug Hunting Methodology: Intermediatehttps://medium.com/@drthkol478/csrf-bug-hunting-methodology-intermediate-4d0df3b63b59?source=rss------bug_bounty-5Mikołaj Prus ( nullorx )network, web-app-security, bug-bounty, csrf, application-security26-Nov-2023
Explorando redes com ESP32 WIFI.https://higordiego.medium.com/explorando-redes-com-esp32-wifi-5b15d48d0880?source=rss------bug_bounty-5Higor Diegobug-bounty, pentesting, wifi, tutorial, iot26-Nov-2023
1.7 Lab: Blind SQL injection with conditional responses | 2023https://cyberw1ng.medium.com/1-7-lab-blind-sql-injection-with-conditional-responses-2023-db2102f1ce44?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, bug-bounty, hacking, cybersecurity26-Nov-2023
Exploring Networks with ESP32 WIFI.https://higordiego.medium.com/exploring-networks-with-esp32-wifi-778a8d42b7f1?source=rss------bug_bounty-5Higor Diegonetwork-security, pentesting, iot-security, osint, bug-bounty26-Nov-2023
Mastering the Art of Bug Bounty Reconnaissancehttps://medium.com/@faizankhaliq26/mastering-the-art-of-bug-bounty-reconnaissance-5e1ec42fc405?source=rss------bug_bounty-5MUHAMMAD FAIZAN KHANweb-application-testing, recon, information-gathering, web-application-security, bug-bounty26-Nov-2023
Writeup Bugcrowd — Private program — QR codeshttps://medium.com/@embossdotar/writeup-bugcrowd-private-program-qr-codes-fa338161175a?source=rss------bug_bounty-5embossdotarbugcrowd, writeup, bug-bounty, it-security, cybersecurity26-Nov-2023
How I Made $$$ Using Open-Redirecthttps://medium.com/@rahulnakum/how-i-made-using-open-redirect-799f9ab14bda?source=rss------bug_bounty-5Rahul Nakumbug-bounty25-Nov-2023
What Happens When Hackers Gain Local Account Access !!https://medium.com/@paritoshblogs/what-happens-when-hackers-gain-local-account-access-64fc39ed25f5?source=rss------bug_bounty-5Paritoshpentesting, bug-bounty, programming, cybersecurity, hacking25-Nov-2023
First massive bug: Noise’s AWS Bucket Misconfigurationhttps://anshjain-napster.medium.com/first-massive-bug-noises-aws-bucket-misconfiguration-802821ed98b6?source=rss------bug_bounty-5Napster_Anshvulnerability, bug-bounty, aws-s3, cybersecurity, security25-Nov-2023
how to install waybackurls on parrot OS in 3 simple stepshttps://medium.com/@diy_tech_genuis/how-to-install-waybackurls-on-parrot-os-in-3-simple-steps-fb4746302647?source=rss------bug_bounty-5diy_tech_genuishacking, diytechgenius, waybackurls, bug-bounty, parrotos25-Nov-2023
1.6 Lab: SQL injection UNION attack, retrieving multiple values in a single column | 2023https://cyberw1ng.medium.com/1-6-lab-sql-injection-union-attack-retrieving-multiple-values-in-a-single-column-2023-6fb957198939?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, penetration-testing, cybersecurity, bug-bounty, hacking25-Nov-2023
Detecting and Confirming Exfiltration Activity Through Endpoint Detection and Response (EDR)https://medium.com/@paritoshblogs/detecting-and-confirming-exfiltration-activity-through-endpoint-detection-and-response-edr-6ff4c89e9847?source=rss------bug_bounty-5Paritoshhacking, cybersecurity, bug-bounty, information-security, edr25-Nov-2023
5 thing most new bug bounty hunters do wronghttps://medium.com/@diy_tech_genuis/5-thing-most-new-bug-bounty-hunters-do-wrong-321cb152363c?source=rss------bug_bounty-5diy_tech_genuisdiytechgenius, hacking, help, tips, bug-bounty25-Nov-2023
$20,000 Paid For A Bug That No One Has Ever Expectedhttps://siddardajagabathina.medium.com/20-000-paid-for-a-bug-that-no-one-has-ever-expected-5a4778620999?source=rss------bug_bounty-5SIDDARDA GOWTHAM JAGABATHINAhackerone, bug-bounty, bugs, cybersecurity, cybersecurity-awareness25-Nov-2023
Critical misconfiguration in Firebase-Bug bountyhttps://medium.com/@facu.tha/critical-misconfiguration-in-firebase-e682ec4239d6?source=rss------bug_bounty-5Facundo Fernandezhacking, bug-bounty, penetration-testing, cybersecurity, bug-bounty-tips25-Nov-2023
Introduction to Cybersecurity for Beginners: Understanding the Digital Security Worldhttps://medium.com/@fiqrifirdaus/introduction-to-cybersecurity-for-beginners-understanding-the-digital-security-world-f136896cda85?source=rss------bug_bounty-5Aditya Fiqri Firdausbug-bounty, cyber, cybersecurity, malware25-Nov-2023
How i get my first Logic Bug and how to find themhttps://medium.com/@zomasec/how-i-get-my-first-logic-bug-and-how-to-find-them-dd5fdf6478ee?source=rss------bug_bounty-5Hazem El-Sayedcybersecurity, web-security, bug-bounty-tips, bug-bounty, bugs25-Nov-2023
How to Find First Bug (For Beginners)https://medium.com/@rajput623929/how-to-find-first-bug-for-beginners-f594230f9e36?source=rss------bug_bounty-5Mr.Horbiocybersecurity, penetration-testing, bug-bounty, hacking, tricks24-Nov-2023
Bash Scripting Logic Section Part 01https://medium.com/@Rat_Attack72/bash-scripting-logic-section-part-01-a7424f4dd6c2?source=rss------bug_bounty-5Rat_Attack72cybersecurity, bash, shell-script, bug-bounty, automation24-Nov-2023
1.5 Lab: SQL injection UNION attack, retrieving data from other tables | 2023https://cyberw1ng.medium.com/1-5-lab-sql-injection-union-attack-retrieving-data-from-other-tables-2023-3e13076915fa?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, careers, cybersecurity24-Nov-2023
Breaking the HTTPS Barrier: A Hacker’s Guide to Sneaky Link Exploits!https://medium.com/@mohammedthoufeeq_25137/breaking-the-https-barrier-a-hackers-guide-to-sneaky-link-exploits-622b07710a1c?source=rss------bug_bounty-5Mohamed Thoufeeqcybersecurity, hackthebox, bug-bounty, hacking, programming24-Nov-2023
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 5https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-5-c1343b0f0ef9?source=rss------bug_bounty-5Hacker's Dumphacking, bug-bounty, android, pentesting, penetration-testing24-Nov-2023
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 4https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-4-9bba2880b8cb?source=rss------bug_bounty-5Hacker's Dumpbug-bounty, android, hacking, penetration-testing, hacker24-Nov-2023
Bug Hunter GPT: A Game-Changer in Cybersecurityhttps://medium.com/@multiplatform.ai/bug-hunter-gpt-a-game-changer-in-cybersecurity-b25ccbab2f93?source=rss------bug_bounty-5Multiplatform.AIbug-bounty, ai, bughuntergpt, ai-assistant, artificial-intelligence24-Nov-2023
Cybersecurity Challenges with TryHackMe: A Hands-On Approachhttps://medium.com/@paritoshblogs/cybersecurity-challenges-with-tryhackme-a-hands-on-approach-e62f76a50446?source=rss------bug_bounty-5Paritoshtryhackme, programming, hacking, bug-bounty, cybersecurity23-Nov-2023
Project 2510: Bug Bounty Challenge — Day 17/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-17-25-f1337a6f4e66?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-hunting23-Nov-2023
Yet Another Rate Limit.https://allenlopes23.medium.com/yet-another-rate-limit-71257e7b33a2?source=rss------bug_bounty-5Allen Lopesvulnerability, rate-limiting, bug-bounty23-Nov-2023
1.4 Lab: SQL injection UNION attack, finding a column containing text | 2023https://cyberw1ng.medium.com/1-4-lab-sql-injection-union-attack-finding-a-column-containing-text-2023-94f3ee243db8?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, hacking, cybersecurity, careers23-Nov-2023
bWAPP iFrame Injectionhttps://medium.com/@yusufbaris/bwapp-iframe-injection-22bee548c30a?source=rss------bug_bounty-5Yusuf Barışcybersecurity, penetration-testing, bug-bounty, web-security, hacking23-Nov-2023
Project 2510: Bug Bounty Challenge — Day 18/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-18-25-924740430094?source=rss------bug_bounty-5Wallotrybug-bounty-hunting, bug-bounty-hunter, bug-bounty-tips, bug-bounty23-Nov-2023
Powershell/JS Payloads: A Closer Look at Malicious Code Deliveryhttps://medium.com/@paritoshblogs/powershell-js-payloads-a-closer-look-at-malicious-code-delivery-818b0ee743a3?source=rss------bug_bounty-5Paritoshprogramming, hacking, bug-bounty, information-security, cybersecurity22-Nov-2023
7 Sneaky Hacks Cybercriminals Use to Outsmart Your Antivirus!https://medium.com/@paritoshblogs/7-sneaky-hacks-cybercriminals-use-to-outsmart-your-antivirus-66953a606a53?source=rss------bug_bounty-5Paritoshantivirus, cybersecurity, hacking, bug-bounty, darkweb22-Nov-2023
Apple webserver vulnerable for HTTP request Sumggling attackhttps://medium.com/@abdulriyaz1200/apple-webserver-vulnerable-for-http-request-sumggling-attack-cabe1d53dab1?source=rss------bug_bounty-5Abdulriyazbug-bounty-tips, bug-bounty, bug-bounty-writeup, apple, hall-of-fame22-Nov-2023
200$ bounty for CRLF injection Attackhttps://medium.com/@abdulriyaz1200/200-bounty-for-crlf-injection-attack-39c482bad796?source=rss------bug_bounty-5Abdulriyazbug-bounty, bug-bounty-tips, hall-of-fame, bugbounty-writeup22-Nov-2023
Mass Hunting XSS vulnerabilitieshttps://ott3rly.medium.com/mass-hunting-xss-vulnerabilities-5b53363dd3db?source=rss------bug_bounty-5Ott3rlybug-bounty-tips, bug-bounty, cross-site-scripting, bug-bounty-hunter, xss-vulnerability22-Nov-2023
Google dorking is one of the best method | Hall of fame from XXX.govhttps://medium.com/@abdulriyaz1200/google-dorking-is-one-of-the-best-method-hall-of-fame-from-xxx-gov-8db6aa3c69f3?source=rss------bug_bounty-5Abdulriyazbug-bounty, government, bug-bounty-tips22-Nov-2023
1.3 Lab: SQL injection UNION attack, determining the number of columns returned by the query | 2023https://cyberw1ng.medium.com/1-3-lab-sql-injection-union-attack-determining-the-number-of-columns-returned-by-the-query-2023-441930bf38b7?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, penetration-testing, hacking, careers, cybersecurity22-Nov-2023
Exploiting Exposed .git File to Access Webmail Credentialshttps://medium.com/@tanyago/exploiting-exposed-git-file-to-access-webmail-credentials-4b47a3afff38?source=rss------bug_bounty-5Tanya Goyalbug-bounty, bug-bounty-writeup, bug-bounty-tips, bug-hunting22-Nov-2023
Mass Hunting XSS vulnerabilitieshttps://infosecwriteups.com/mass-hunting-xss-vulnerabilities-5b53363dd3db?source=rss------bug_bounty-5Ott3rlybug-bounty-tips, bug-bounty, cross-site-scripting, bug-bounty-hunter, xss-vulnerability22-Nov-2023
Hoping for a Bug Bounty This Year at AWS re:Invent :^)https://medium.com/cloud-security/hoping-for-a-bug-bounty-this-year-at-aws-re-invent-5c8a76d09514?source=rss------bug_bounty-5Teri Radichelawswishlist, cloud, aws, bug-bounty, security22-Nov-2023
Bug Hunter jornal Day #0https://medium.com/@joaomaia171820/bug-hunter-jornal-day-0-7a451f0292aa?source=rss------bug_bounty-5Jhonny_The_Kidcybersecurity, bug-bounty-writeup, bug-bounty-program, bug-bounty, hacking22-Nov-2023
SAML authentication bypass leads to account takeoverhttps://medium.com/@Xt3sY/saml-authentication-bypass-leads-to-account-takeover-f9aaa37a34fe?source=rss------bug_bounty-5Pushkar Bhagatbugs, bug-bounty, hacking, hackerone22-Nov-2023
How to earn $DCT on DecentraCredit Testnet V1 on Arbitrumhttps://decentracredit.medium.com/how-to-earn-dct-on-decentracredit-testnet-v1-on-arbitrum-915d9995c2e4?source=rss------bug_bounty-5Decentra Creditarbitrum, testnet-airdrop, bug-bounty, ethereum, airdrop22-Nov-2023
Semi-Automating IDORs: A Practical Approach to Working Smarter, Not Harderhttps://mux0xx.medium.com/semi-automating-idors-a-practical-approach-to-working-smarter-not-harder-5b7f1f47b55a?source=rss------bug_bounty-5Muhammed K. Sayedbug-bounty, cybersecurity, hacker, idor, hacking22-Nov-2023
Embracing the Future: Bug Bounty Hunting as a Lucrative Full-Time Careerhttps://infosecwriteups.com/embracing-the-future-bug-bounty-hunting-as-a-lucrative-full-time-career-3e4b147923f7?source=rss------bug_bounty-5Security Lit Limitedpenetration-testing, vulnerability, bug-bounty-tips, bug-bounty, cybersecurity22-Nov-2023
How i hacked a router (embedded system)https://medium.com/@Threat_Intelligence/how-i-hacked-a-router-embedded-system-9a5b8139e83e?source=rss------bug_bounty-5127.0.0.1 is safe.⚠️cybersecurity, tecnologia, hacking, bug-bounty, red-team22-Nov-2023
My First IDOR - Hiding in the Header Requesthttps://medium.com/@hbenja47/my-first-idor-hiding-in-the-header-request-8a03dddc23b5?source=rss------bug_bounty-5Benja (bronxi)hacker, bug-bounty, idor, hacking21-Nov-2023
Chaining CORS by Reflected XSS to Steal Sensitive Datahttps://infosecwriteups.com/chaining-cors-by-reflected-xss-to-steal-sensitive-data-c456e133c10d?source=rss------bug_bounty-5Mohammad reza Omranicybersecurity, infosec, steal-sensitive-data, cors-misconfiguration, bug-bounty21-Nov-2023
What is Next-Generation Antivirus (NGAV) ?https://medium.com/@paritoshblogs/what-is-next-generation-antivirus-ngav-f05267dd2613?source=rss------bug_bounty-5Paritoshbug-bounty, information-security, cybersecurity, hacking, antivirus21-Nov-2023
Top Recon Tools for Bug Bounty Huntershttps://securitycipher.medium.com/top-recon-tools-for-bug-bounty-hunters-fa655b8caf2e?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)bug-bounty, bug-bounty-tips, programming, cybersecurity, technology21-Nov-2023
Epic Bug Hunting Failures-2https://infosecwriteups.com/epic-bug-hunting-failures-2-fafb2af9b844?source=rss------bug_bounty-5Varshini Rameshdevelopment, hackerone, bug-bounty, cybersecurity, info-sec-writeups21-Nov-2023
The Crossroads of Code Crafting: A Personal Journey Between Rewriting and Quick Fixeshttps://blursdaywtf.medium.com/the-crossroads-of-code-crafting-a-personal-journey-between-rewriting-and-quick-fixes-8ab18e5a9a60?source=rss------bug_bounty-5Blursdaycoding, tech, bug-bounty, founders, apps21-Nov-2023
How I Gain $2,000-$3,000 a Month From Bug Bounties With No Code Experiencehttps://medium.com/@13032765d/how-i-gain-2-000-3-000-a-month-from-bug-bounties-with-no-code-experience-df2e89348fbb?source=rss------bug_bounty-5DataPsyLifemoney, hacking, side-hustle, bug-bounty, freelancing21-Nov-2023
Cybersecurity Toolshttps://bineshmadharapu.medium.com/cybersecurity-tools-02e85cb3c4ed?source=rss------bug_bounty-5Binesh Madharapucybersecurity, bug-bounty, network-security, nmap, ethical-hacking21-Nov-2023
CVE-2023–47837: ARMember ≤= 4.0.10 — Bypass Membership Planhttps://revan-ar.medium.com/cve-2023-47837-armember-4-0-10-bypass-membership-plan-4bc1e63f044c?source=rss------bug_bounty-5Revan Abug-bounty, wordpress, cve, bypass, privilege-escalation21-Nov-2023
SQL Injection UNION Attacks in Web App Pentesting | 2023https://cyberw1ng.medium.com/sql-injection-union-attacks-in-web-app-pentesting-2023-fbd072299b77?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, hacking, careers, bug-bounty, cybersecurity21-Nov-2023
How to find sensitive information in an organization | (Como encontrar información sensible en una…https://medium.com/@l0calh0st/how-to-find-sensitive-information-in-an-organization-como-encontrar-informaci%C3%B3n-sensible-en-una-cb08c5128ab5?source=rss------bug_bounty-5127.0.0.1 is safe.⚠️tech, hacking, red-team, bug-bounty, cybersecurity21-Nov-2023
How I hacked Google’s bug tracking system itself for $15,600 in bountieshttps://jamilahmad-dev.medium.com/how-i-hacked-googles-bug-tracking-system-itself-for-15-600-in-bounties-0e9e36b772b9?source=rss------bug_bounty-5Jamil Ur Rehmanstartup, bug-bounty, security, google, technology21-Nov-2023
CRITICAL BUG Alert: How I HACKED into a company’s DATABASEhttps://jamilahmad-dev.medium.com/critical-bug-alert-how-i-hacked-into-a-companys-database-fc61179f5d5d?source=rss------bug_bounty-5Jamil Ur Rehmanhacking, bug-bounty-writeup, bug-bounty-tips, bug-bounty, ethical-hacking21-Nov-2023
Project 2510: Bug Bounty Challenge — Day 16/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-16-25-f881c177b749?source=rss------bug_bounty-5Wallotrybug-bounty-hunting, bug-bounty-tips, bug-bounty, bug-bounty-hunter21-Nov-2023
Detecting and Understanding Cookies in Web Developmenthttps://medium.com/@nirvana.elahi/detecting-and-understanding-cookies-in-web-development-a520b279988b?source=rss------bug_bounty-5Nirvana Elowasp-top-10, cybersecurity, bug-bounty, penetration-testing21-Nov-2023
How to find sensitive information in an organization .https://medium.com/@Threat_Intelligence/how-to-find-sensitive-information-in-an-organization-como-encontrar-informaci%C3%B3n-sensible-en-una-cb08c5128ab5?source=rss------bug_bounty-5127.0.0.1 is safe.⚠️tech, hacking, red-team, bug-bounty, cybersecurity21-Nov-2023
Step-by-Step guide to writing a Metasploit Scripthttps://higordiego.medium.com/step-by-step-guide-to-writing-a-metasploit-script-6bacb96363e5?source=rss------bug_bounty-5Higor Diegovulnerability, exploit, bug-bounty, security, osint21-Nov-2023
Legal and Ethical Dimensions in Malware Analysis (Cybersecurity)https://medium.com/@paritoshblogs/legal-and-ethical-dimensions-in-malware-analysis-cybersecurity-86accca12049?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, legal, programming, hacking20-Nov-2023
Improper Input Sanitization Error in Web3https://medium.com/@vinaysati/improper-input-sanitization-error-in-web3-f4bd0f6d88cc?source=rss------bug_bounty-5Vinaysatihacking, cryptocurrency, bug-bounty, web3, web3bug20-Nov-2023
#3 Set-up FoxyProxy in Firefox — Guide for Burp Suitehttps://securitycipher.medium.com/3-set-up-foxyproxy-in-firefox-guide-for-burp-suite-ee9627b6f513?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)security, bug-bounty-tips, bug-bounty, penetration-testing, technology20-Nov-2023
Event Driven Bug Bounty on AWShttps://medium.com/@husein.ayoub/event-driven-bug-bounty-on-aws-d39f75d962a3?source=rss------bug_bounty-5Hussein Ayoubaws, bug-bounty, security20-Nov-2023
The Story of How I Hacked one of the online payment system website twicehttps://christmex.medium.com/the-story-of-how-i-hacked-one-of-the-online-payment-system-website-twice-b0ba48ed13db?source=rss------bug_bounty-5Jonathan Christianbug-bounty-writeup, programming, technology, cybersecurity, bug-bounty20-Nov-2023
ESSENTIAL HTML FOR HACKERShttps://medium.com/@agapehearts/essential-html-for-hackers-12d329927c9b?source=rss------bug_bounty-5Agape HearTsxss-attack, bug-bounty, html, hacker, pentesting20-Nov-2023
Writeups of All Apprentice Labs in Portswigger — All Lab’s Solution| Karthikeyan Nagarajhttps://cyberw1ng.medium.com/writeups-of-all-apprentice-labs-in-portswigger-all-labs-solution-karthikeyan-nagaraj-a5f23fd0c87b?source=rss------bug_bounty-5Karthikeyan Nagarajbug-bounty, cybersecurity, careers, penetration-testing, hacking20-Nov-2023
Go Beyond with Gretirehttps://systemweakness.com/go-beyond-with-gretire-313b7fbe3f47?source=rss------bug_bounty-5Whalebonecybersecurity, bug-bounty, open-source, information-security, hacking20-Nov-2023
Email address: The Online IDhttps://medium.com/@duncanochieng682/email-address-the-online-id-dd0061bf7828?source=rss------bug_bounty-5JateloCybersecinfosec, hacking, bug-bounty, ethical-hacking, blackhat20-Nov-2023
Understanding CVE-2023–46604: A Threat to Apache ActiveMQhttps://infosecwriteups.com/understanding-cve-2023-46604-a-threat-to-apache-activemq-d771eb408eba?source=rss------bug_bounty-5Security Lit Limitedbug-bounty, vulnerability, cybersecurity, programming, penetration-testing20-Nov-2023
Project 2510: Bug Bounty Challenge — Day 15/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-15-25-27d085f4bf95?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-hunting, bug-bounty-hunter, bug-bounty20-Nov-2023
Understanding CVE-2023–46604: A Threat to Apache ActiveMQhttps://securitylit.medium.com/understanding-cve-2023-46604-a-threat-to-apache-activemq-d771eb408eba?source=rss------bug_bounty-5Security Lit Limitedbug-bounty, vulnerability, cybersecurity, programming, penetration-testing20-Nov-2023
The Story of How I Hacked one of the online payment system websitehttps://christmex.medium.com/the-story-of-how-i-hacked-one-of-the-online-payment-system-website-twice-b0ba48ed13db?source=rss------bug_bounty-5Jonathan Christianbug-bounty-writeup, programming, technology, cybersecurity, bug-bounty20-Nov-2023
GraphQL Misconfiguration Leads to Unlimited Money Transfer (Intigriti CTF — Bug Bank)https://medium.com/@thewolfsec/graphql-misconfiguration-leads-to-unlimited-money-transfer-intigriti-ctf-bug-bank-48cdeb9c9aec?source=rss------bug_bounty-5TheWolf Secgraphql, intigriti, bug-bounty, ctf19-Nov-2023
#2 Different Burp Suite Tools — Guide for Burp Suitehttps://securitycipher.medium.com/2-different-burp-suite-tools-guide-for-burp-suite-7c5aa2ad05ed?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)penetration-testing, bug-bounty, security, cybersecurity, news19-Nov-2023
Find Vulnerabilities before other Hackers Exploitinghttps://medium.com/@salmanul060/find-vulnerabilities-before-other-hackers-exploiting-a86fe4c3d5eb?source=rss------bug_bounty-5Salmanul Farisweb-applications, cybersecurity, bug-bounty, penetrationtestingcompany, penetration-testing19-Nov-2023
SSTI bypass using CRLF (1337 UP CTF — Smarty Pants)https://medium.com/@thewolfsec/ssti-bypass-using-crlf-1337-up-ctf-smarty-pants-4ee8e1a72f98?source=rss------bug_bounty-5TheWolf Secintigriti, ssti, bug-bounty, ctf, php-developers19-Nov-2023
Privilege Escalation: Unauthorized Low-Privilege Users Creating Feature Bundleshttps://medium.com/@a13h1/privilege-escalation-unauthorized-low-privilege-users-creating-feature-bundles-75f6125eec78?source=rss------bug_bounty-5Abhi Sharmabug-bounty, programming, cybersecurity, hacking, api19-Nov-2023
#2 Different Burp Suite Tools — Guide for Burp Suitehttps://infosecwriteups.com/2-different-burp-suite-tools-guide-for-burp-suite-7c5aa2ad05ed?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)penetration-testing, bug-bounty, security, cybersecurity, news19-Nov-2023
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 3https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-3-99e86d021190?source=rss------bug_bounty-5Hacker's Dumpandroid, android-pentesting, penetration-testing, hacking, bug-bounty19-Nov-2023
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 4https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-4-c942fbd9cae5?source=rss------bug_bounty-5Hacker's Dumpbug-bounty, hacking, android, penetration-test, penetration-testing19-Nov-2023
23.6 Lab: Insecure direct object references | 2023https://cyberw1ng.medium.com/23-6-lab-insecure-direct-object-references-2023-dfd4a9f3eeb3?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, penetration-testing, hacking19-Nov-2023
A Guide to Indicators of Compromise (IoC) Analysishttps://medium.com/@paritoshblogs/a-guide-to-indicators-of-compromise-ioc-analysis-925708cbf8aa?source=rss------bug_bounty-5Paritoshprogramming, bug-bounty, ioc, hacking, cybersecurity19-Nov-2023
ByteGuard: Mastering the Art of Data Securityhttps://medium.com/@paritoshblogs/byteguard-mastering-the-art-of-data-security-5719be0d1c7c?source=rss------bug_bounty-5Paritoshinformation-security, data-security, cybersecurity, data, bug-bounty18-Nov-2023
Securing the Backbone: Supply Chain Securityhttps://medium.com/@paritoshblogs/securing-the-backbone-supply-chain-security-34282b6b505f?source=rss------bug_bounty-5Paritoshsupply-chain, information-security, cybersecurity, supply-chain-attack, bug-bounty18-Nov-2023
eWPTX Prepare Resourceshttps://medium.com/@0UN390/ewptx-prepare-resources-a741220cf145?source=rss------bug_bounty-50UN390bug-bounty, cybersecurity, web-security, penetration-testing18-Nov-2023
AppSec Tales XXIII | XPathIhttps://karol-mazurek95.medium.com/appsec-tales-xxiii-xpathi-ca6171826d2a?source=rss------bug_bounty-5Karol Mazurekinformation-technology, cybersecurity, application-security, bug-bounty, penetration-testing18-Nov-2023
#Day6 Bug Bounty Recon Part 2: ( Subdomains and S3 buckets )https://medium.com/codingninjablogs/day6-bug-bounty-recon-part-2-subdomains-and-s3-buckets-1a01780e6908?source=rss------bug_bounty-5OBSIDIANprogramming, technology, bug-bounty, ethical-hacking, cybersecurity18-Nov-2023
23.5 Lab: User ID controlled by request parameter with password disclosure | 2023https://cyberw1ng.medium.com/23-5-lab-user-id-controlled-by-request-parameter-with-password-disclosure-2023-ad748d1daa9e?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, bug-bounty, cybersecurity, hacking, penetration-testing18-Nov-2023
Hacking Microsoft IIS : Enumerating IIS for Vhttps://medium.com/@mudasserhussain1111/hacking-microsoft-iis-enumerating-iis-for-v-39de5a27f101?source=rss------bug_bounty-5Mudasser Hussaininfosec-write-ups, cybersecurity, hacking, microsoft, bug-bounty18-Nov-2023
OAuth Misconfiguration Leads To Pre-Account Takeover(snapchat)https://medium.com/@a7med.ctf/oauth-misconfiguration-leads-to-pre-account-takeover-snapchat-129b118661f6?source=rss------bug_bounty-5Ahmed Mahmouedhacking, bug-bounty-tips, bug-bounty18-Nov-2023
CVE-2023–36025: An In-Depth Analysis of Circumventing Windows SmartScreen Securityhttps://infosecwriteups.com/cve-2023-36025-an-in-depth-analysis-of-circumventing-windows-smartscreen-security-6ff05c8b69d0?source=rss------bug_bounty-5Security Lit Limitedpenetration-testing, threat-intelligence, cybersecurity, microsoft, bug-bounty18-Nov-2023
Default Credentials, P1 with $$$$ Reward in a Bug Bounty Programhttps://medium.com/@jedus0r/default-credentials-p1-with-reward-in-a-bug-bounty-program-1aad9c008619?source=rss------bug_bounty-5jedus0rsecurity-research, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter18-Nov-2023
CVE-2023–35078 Unveiled: Ethical Vulnerability Discovery and Reporting By Me and My Hunting Buddy…https://medium.com/@jaini.rutvik/cve-2023-35078-unveiled-ethical-vulnerability-discovery-and-reporting-by-me-and-my-hunting-buddy-507582baf5c3?source=rss------bug_bounty-5Rj07responsible-disclosure, information-technology, zero-day, bug-bounty, information-security18-Nov-2023
Project 2510: Bug Bounty Challenge — Day 13/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-13-25-f6e21379749b?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-hunter, bug-bounty-hunting, bug-bounty-tips18-Nov-2023
Default Credentials, P1 with $$$$ Reward in a Bug Bounty Programhttps://systemweakness.com/default-credentials-p1-with-reward-in-a-bug-bounty-program-1aad9c008619?source=rss------bug_bounty-5jedus0rsecurity-research, bug-bounty, bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter18-Nov-2023
The Future of Cybersecurity: The Power of AI-Powered SIEMhttps://medium.com/@paritoshblogs/the-future-of-cybersecurity-the-power-of-ai-powered-siem-ae43921e9bce?source=rss------bug_bounty-5Paritoshbug-bounty, information-security, siem, hacking, cybersecurity17-Nov-2023
3 Command Line Games Which You Must Tryhttps://medium.com/@rushi.padhiyar098/3-command-line-games-which-you-must-try-fa77c2ff7127?source=rss------bug_bounty-5Cyph3r Ryxgames, cybersecurity, hacking, command-line, bug-bounty17-Nov-2023
Dastardly — Web Application Security Scanner — CI/CDhttps://securitycipher.medium.com/dastardly-web-application-security-scanner-ci-cd-3a4eea08719a?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)technology, security, bug-bounty, cybersecurity, penetration-testing17-Nov-2023
How I Automatically Generate XSS Payload & Automate Reflected XSShttps://ajaksecurity.medium.com/how-i-automatically-generate-xss-payload-automate-reflected-xss-be7c993f90d4?source=rss------bug_bounty-5Ajak Cyber securityhacking, cybersecurity, bug-bounty, ethical-hacking, penetration-testing17-Nov-2023
23.4 Lab: User ID controlled by request parameter with data leakage in redirect | 2023https://cyberw1ng.medium.com/23-4-lab-user-id-controlled-by-request-parameter-with-data-leakage-in-redirect-2023-5fa1b18bced1?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, careers, bug-bounty, cybersecurity, security17-Nov-2023
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 2https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-2-9c33c319a696?source=rss------bug_bounty-5Hacker's Dumpandroid-pentesting, android, penetration-testing, hacking, bug-bounty17-Nov-2023
How to find vulnerabilities in a web page in 10 minuteshttps://medium.com/@l0calh0st/how-to-find-vulnerabilities-in-a-web-page-in-10-minutes-66cd052b4fbc?source=rss------bug_bounty-5127.0.0.1 is safe.⚠️red-team, bug-bounty, error-message, cybersecurity, hacking17-Nov-2023
Access control vulnerabilitieshttps://medium.com/@abdullahwarsama28/access-control-vulnerabilities-02fe3ea2e17f?source=rss------bug_bounty-5Abdullah Warsamabug-bounty, web-security17-Nov-2023
JWT Intrigue: Hidden Keys within Web Applicationshttps://medium.com/@josh.beck2006/jwt-intrigue-hidden-keys-within-web-applications-4b042c80f427?source=rss------bug_bounty-5Josh Beckpenetration-testing, bug-bounty, cybersecurity, ctf-writeup, ctf16-Nov-2023
AuditOne Roundtable with Alexey from Aurora and Guido Vrankenhttps://medium.com/@auditone.io/auditone-roundtable-with-alexey-from-aurora-and-guido-vranken-3d7c709289c0?source=rss------bug_bounty-5AuditOnebug-bounty, defi, web3, aurora, fuzzing16-Nov-2023
#1 Introduction to Burp Suite — Guide for Burp Suitehttps://securitycipher.medium.com/1-introduction-to-burp-suite-guide-for-burp-suite-4054b64f10a0?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)penetration-testing, bug-bounty, cybersecurity, technology, security16-Nov-2023
Easy Admin Access — RVDPhttps://infosecwriteups.com/easy-admin-access-rvdp-d1eb2c97cb3e?source=rss------bug_bounty-5hackerdevilbug-bounty-tips, web-app-security, bug-bounty, bug-bounty-writeup, vulnerability-assessment16-Nov-2023
Bug Bounty Programs: Unleashing the Power of Ethical Hackinghttps://medium.com/@crawsecurity/bug-bounty-programs-unleashing-the-power-of-ethical-hacking-5da98f820ebb?source=rss------bug_bounty-5crawsecuritybug-bounty-program, bug-bounty, bug-bounty-tips, bugs, bug-bounty-writeup16-Nov-2023
Exploiting Blind XXE: Going Out of Bandhttps://medium.com/@mohamedtaha_42562/exploiting-blind-xxe-going-out-of-band-f04e3c1ea7ef?source=rss------bug_bounty-5Mohamed Tahasecurity, penetration-testing, bug-bounty16-Nov-2023
Introducing Bug Bounty Boosts: Supercharging Security With Timebound Eventshttps://medium.com/immunefi/introducing-bug-bounty-boosts-supercharging-security-with-timebound-events-51e3a1f208c3?source=rss------bug_bounty-5Immunefi Editorbug-bounty, web3, immunefi, cybersecurity, degate16-Nov-2023
Diving Deep: A Comprehensive Guide to Android Penetration Testing — Part 1https://medium.com/@hackersdump0/diving-deep-a-comprehensive-guide-to-android-penetration-testing-part-1-392cf9abf93f?source=rss------bug_bounty-5Hacker's Dumpandroid-pentesting, hacking, android, penetration-testing, bug-bounty16-Nov-2023
Malware Analysis: Understanding and Combatting Cyber Threatshttps://medium.com/@paritoshblogs/malware-analysis-understanding-and-combatting-cyber-threats-d0db1d56760c?source=rss------bug_bounty-5Paritoshmalware-analysis, hacking, bug-bounty, cybersecurity, information-security16-Nov-2023
How I got a $500 reward for finding an unacclaimed bucket on GitHubhttps://medium.com/@andre.pontes7/how-i-got-a-500-reward-for-finding-an-unacclaimed-bucket-on-github-57623c386515?source=rss------bug_bounty-5André Pontesaws-s3, hackerone, bug-bounty, aws16-Nov-2023
23.3 Lab: User ID controlled by request parameter, with unpredictable user IDs | 2023https://cyberw1ng.medium.com/23-3-lab-user-id-controlled-by-request-parameter-with-unpredictable-user-ids-2023-5827f93eca1d?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, cybersecurity, hacking16-Nov-2023
$1000 Bounty: How I scaled a Self-Redirect to an XSS in a web 3.0 system at Hackenproofhttps://erickfernandox.medium.com/1000-bounty-how-i-scaled-a-self-redirect-to-an-xss-in-a-web-3-0-system-at-hackenproof-37380f701892?source=rss------bug_bounty-5Erick Fernandobug-bounty, hackenproof, open-redirect, xss-bypass16-Nov-2023
DNS C2 — When Malware Goes Incognito!https://medium.com/@paritoshblogs/dns-c2-when-malware-goes-incognito-03fdc2e82057?source=rss------bug_bounty-5Paritoshcybersecurity, bug-bounty, information-security, dns, hacking15-Nov-2023
HackerOne Surpasses $300 Million in Rewards for Ethical Hackershttps://medium.com/@zerosecurity/hackerone-surpasses-300-million-in-rewards-for-ethical-hackers-eba7be4f106c?source=rss------bug_bounty-5ZeroSecuritybug-bounty15-Nov-2023
LandRocker Bug Bounty Programhttps://landrocker.medium.com/landrocker-bug-bounty-program-aa2f55f47297?source=rss------bug_bounty-5LandRockerbug-bounty, bitcoin, cryptocurrency-investment, token-sale, web315-Nov-2023
23.2 Lab: User ID controlled by request parameter | 2023https://cyberw1ng.medium.com/23-2-lab-user-id-controlled-by-request-parameter-2023-74764905c72c?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, hacking, cybersecurity15-Nov-2023
Understanding Post-Exploitation: Cybersecurityhttps://medium.com/@paritoshblogs/understanding-post-exploitation-cybersecurity-5c8d11b75812?source=rss------bug_bounty-5Paritoshcybersecurity, programming, information-security, bug-bounty, post-exploitation15-Nov-2023
Idor That allowed me to get access to sensitive users files and share them -.-https://hamzadzworm.medium.com/idor-that-allowed-me-to-get-access-to-sensitive-users-files-and-share-them-f7da741e9f63?source=rss------bug_bounty-5Hamzadzwormbugbounty-writeup, bug-bounty-tips, hackerone, bug-bounty, cybersecurity15-Nov-2023
Unveiling Sensitive Information Exposure: IIS Tilde Enumeration Vulnerabilityhttps://medium.com/@mohammed0anas/unveiling-sensitive-information-exposure-iis-tilde-enumeration-vulnerability-ffe034073288?source=rss------bug_bounty-5Nasbug-bounty, hacking, cybersecurity, bug-bounty-writeup15-Nov-2023
How I hacked Google’s bug tracking system itself for $15,600 in bountieshttps://homosapienimo.medium.com/how-i-hacked-googles-bug-tracking-system-itself-for-15-600-in-bounties-65c5aacaacdf?source=rss------bug_bounty-5Homo Sapiensbug-bounty, startup, google, technology, security15-Nov-2023
Project 2510: Bug Bounty Challenge — Day 10/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-10-25-7b9651fb1b26?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty-hunting, bug-bounty, bug-bounty-tips15-Nov-2023
Exploiting Parallels Plesk Panels With Shodanhttps://blog.meese.enterprises/exploiting-parallels-plesk-panels-with-shodan-282248855af2?source=rss------bug_bounty-5Aaron Meesecybersecurity, shodan, osint-investigation, osint, bug-bounty15-Nov-2023
Detection Engineering: Strengthening Cybersecurity Defensehttps://medium.com/@paritoshblogs/detection-engineering-strengthening-cybersecurity-defense-8d31ab7a2d46?source=rss------bug_bounty-5Paritoshbug-bounty, information-security, detection-engineering, hacking, cybersecurity14-Nov-2023
Hackathon : KPU.GO.IDhttps://medium.com/@angryovalegg/hackathon-kpu-go-id-8fb6f3ce0d61?source=rss------bug_bounty-5Angry Oval Egghackathons, indo-hacker, bug-bounty, kpu, pemilu14-Nov-2023
How to find probably vulnerable objects in your own surface with Netlas.io?https://systemweakness.com/how-to-find-probably-vulnerable-objects-in-your-own-surface-with-netlas-io-7f3448363892?source=rss------bug_bounty-5Netlas.ioscript, automation, bug-bounty, attack-surface, reconnaissance14-Nov-2023
#4 Session Fixation — Secure Code Explainhttps://securitycipher.medium.com/4-session-fixation-secure-code-explain-7d9567f25f38?source=rss------bug_bounty-5Piyush Kumawat (securitycipher)cybersecurity, technology, bug-bounty, vulnerability, coding14-Nov-2023
Escalating Blind SSRF to a Remote Code Executionhttps://mukibas37.medium.com/escalating-blind-ssrf-to-a-remote-code-execution-be65ed9a7d0f?source=rss------bug_bounty-5Mukilan Baskaraninfosec, ssrf, cybersecurity, bug-bounty, hacking14-Nov-2023
23.1 Lab: CORS vulnerability with trusted null origin | 2023https://cyberw1ng.medium.com/23-1-lab-cors-vulnerability-with-trusted-null-origin-2023-53d2de3b8e28?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, bug-bounty, careers, cybersecurity, penetration-testing14-Nov-2023
Har Har Hijack: The Okta Plunderhttps://medium.com/@josh.beck2006/har-har-hijack-the-okta-plunder-8fb36f5c9d45?source=rss------bug_bounty-5Josh Beckpenetration-testing, cybersecurity, bug-bounty14-Nov-2023
bWAPP PHP Code Injectionhttps://medium.com/@yusufbaris/bwapp-php-code-injection-2b326b831924?source=rss------bug_bounty-5Yusuf Barışcybersecurity, web-security, hacking, bug-bounty, penetration-testing14-Nov-2023
Project 2510: Bug Bounty Challenge — Day 9/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-9-25-14cbedbecee2?source=rss------bug_bounty-5Wallotrybug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-hunting14-Nov-2023
Introduction to AI in Cybersecurityhttps://imran-niaz.medium.com/introduction-to-ai-in-cybersecurity-6d80460d9e37?source=rss------bug_bounty-5Imran Niazprogramming, cybersecurity, learning, penetration-testing, bug-bounty13-Nov-2023
Let's together dive deep into information disclosurehttps://medium.com/@parthnarulatech/lets-together-dive-deep-into-information-disclosure-8bdb0b5db728?source=rss------bug_bounty-5scriptjackerbug-bounty-tips, penetration-testing, bug-bounty, cybersecurity, owasp13-Nov-2023
SSL Search — A tool to identify infrastructure and discover attack surfaces.https://medium.com/@harsh8v/ssl-search-a-tool-to-identify-infrastructure-and-discover-attack-surfaces-449c83269574?source=rss------bug_bounty-5Harsh Varagiyabug-bounty, gcp, ssl-certificate, aws, internet13-Nov-2023
Google VRP -[IDOR] Deleted Victim Data & Leakedhttps://medium.com/@ggilang1135/google-vrp-idor-deleted-victim-data-leaked-0b3cba8e3f7a?source=rss------bug_bounty-5Gilang Romadonbug-bounty, idor-vulnerability, bug-bounty-tips, ggilangromadon, google-vrp13-Nov-2023
Announcing IWCON 2023 Speakers Second Batchhttps://infosecwriteups.com/announcing-iwcon-2023-speakers-second-batch-26762dc93491?source=rss------bug_bounty-5InfoSec Write-upsinfosec, security, bug-bounty, conference, hacking13-Nov-2023
Cracking the Code, Cobalt Strike — More Than Just a Fancy Pen Test Tool (And Why Cyber Baddies…https://medium.com/@paritoshblogs/cracking-the-code-cobalt-strike-more-than-just-a-fancy-pen-test-tool-and-why-cyber-baddies-8b5c56ece92c?source=rss------bug_bounty-5Paritoshbug-bounty, pentesting, cybersecurity, hacking, cobalt-strike13-Nov-2023
22.2 Lab: JWT authentication bypass via flawed signature verification | 2023https://cyberw1ng.medium.com/22-2-lab-jwt-authentication-bypass-via-flawed-signature-verification-2023-2a1d63d18ab2?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, careers, bug-bounty, cybersecurity, penetration-testing13-Nov-2023
Weirdest API that has been ever foundhttps://medium.com/@mmaulanaabdullah/weirdest-api-that-has-been-ever-found-9270720d6f02?source=rss------bug_bounty-5M Maulana Abdullahwriteup, api, bug-bounty, api-development13-Nov-2023
Authentication Vulnerabilities- Lab #9 Brute-forcing a stay-logged-in cookiehttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-9-brute-forcing-a-stay-logged-in-cookie-dda91125f5f2?source=rss------bug_bounty-5dollarboysushilcookie-hacking, web-security, cybersecurity, portswigger, bug-bounty13-Nov-2023
Project 2510: Bug Bounty Challenge — Day 8/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-8-25-ea9bc1addd63?source=rss------bug_bounty-5Wallotrybug-bounty-hunting, bug-bounty, bug-bounty-hunter, bug-bounty-tips13-Nov-2023
I created posts on the newsletter page dedicated to the program administratorhttps://medium.com/@hossam_hamada/i-created-posts-on-the-newsletter-page-dedicated-to-the-program-administrator-aa271980aa53?source=rss------bug_bounty-5Hossam Hamadabug-bounty, penetration-testing, idor, idor-vulnerability, bug-hunting12-Nov-2023
1200$ IDOR Flaw: Allow Attacker To Approve Project Time Trackinghttps://medium.com/@a13h1/1200-idor-flaw-allow-attacker-to-approve-project-time-tracking-a9f64c06732a?source=rss------bug_bounty-5Abhi Sharmabug-bounty, programming, hacking, information-security, cybersecurity12-Nov-2023
Crafting XSS (Cross-Site Scripting) payloadshttps://infosecwriteups.com/crafting-xss-cross-site-scripting-payloads-919f62171bd0?source=rss------bug_bounty-5Security Lit Limitedxss-vulnerability, bug-bounty, xss-attack, technology, cybersecurity12-Nov-2023
Authentication Vulnerabilities- Lab #8 2FA (Two Factor Authentication) broken logichttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-8-2fa-two-factor-authentication-broken-logic-b3c6cd8923b9?source=rss------bug_bounty-5dollarboysushilportswigger, cybersecurity, 2fa-hacking, web-security, bug-bounty12-Nov-2023
22.1 Lab: JWT authentication bypass via unverified signature | 2023https://cyberw1ng.medium.com/22-1-lab-jwt-authentication-bypass-via-unverified-signature-2023-4401628467d9?source=rss------bug_bounty-5Karthikeyan Nagarajhacking, cybersecurity, bug-bounty, penetration-testing, careers12-Nov-2023
Finding Sneaky Hackers, The Ultimate Way of Stalking Cyber Intruders (Without a Trench Coat)https://medium.com/@paritoshblogs/finding-sneaky-hackers-the-ultimate-way-of-stalking-cyber-intruders-without-a-trench-coat-8db574697fe7?source=rss------bug_bounty-5Paritoshprogramming, cybersecurity, lateral-movement, bug-bounty, hacking12-Nov-2023
Project 2510: Bug Bounty Challenge — Day 7/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-7-25-a9367edc5864?source=rss------bug_bounty-5Wallotrybug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-hunting12-Nov-2023
Introduction to API Hacking: A Free Course to Level Up Your Skillshttps://medium.com/@maisamnoyan/introduction-to-api-hacking-a-free-course-to-level-up-your-skills-537bfc70180d?source=rss------bug_bounty-5 Maisam Noyanhacking, bug-bounty, free-course, api, course11-Nov-2023
Authentication Vulnerabilities- Lab #4 Username enumeration via subtly different responseshttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-4-username-enumeration-via-subtly-different-responses-5eb512d899fa?source=rss------bug_bounty-5dollarboysushilweb-security, portswigger, bug-bounty, cybersecurity11-Nov-2023
Attention Cyber Enthusiasts! Exciting News Ahead! ️https://cyberconqueror.medium.com/attention-cyber-enthusiasts-exciting-news-ahead-%EF%B8%8F-26399c20b71a?source=rss------bug_bounty-5Cyber Conquerorfree-course, information-security, cybersecurity, bug-bounty, free11-Nov-2023
Authentication Vulnerabilities- Lab #5 Username enumeration via response timinghttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-5-username-enumeration-via-response-timing-16b07552275a?source=rss------bug_bounty-5dollarboysushilportswigger, bug-bounty, cybersecurity, hacking-passwords11-Nov-2023
AppSec Tales XXII | LDAPIhttps://karol-mazurek95.medium.com/appsec-tales-xxii-ldapi-fcef1f40e9b2?source=rss------bug_bounty-5Karol Mazurekinformation-technology, bug-bounty, cybersecurity, information-security, penetration-testing11-Nov-2023
JWT attack vulnerabilities in Web App Penetration Testing | 2023https://cyberw1ng.medium.com/jwt-attack-vulnerabilities-in-web-app-penetration-testing-2023-4eb8916133dc?source=rss------bug_bounty-5Karthikeyan Nagarajcareers, hacking, penetration-testing, bug-bounty, cybersecurity11-Nov-2023
Downloading files using POST request (unorthodox method)https://medium.com/@paritoshblogs/downloading-files-using-post-request-unorthodox-method-d042bb06c1ce?source=rss------bug_bounty-5Paritoshcybersecurity, programming, bug-bounty, hacking, html11-Nov-2023
Authentication Vulnerabilities- Lab #6 Broken brute-force protection, IP blockhttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-6-broken-brute-force-protection-ip-block-b3afca0a2ea7?source=rss------bug_bounty-5dollarboysushilbrute-force, web-security, cybersecurity, bug-bounty, portswigger11-Nov-2023
Reconnaissance Is The Key — Bug Bounty Tip!https://medium.com/@learningstuff110/reconnaissance-is-the-key-bug-bounty-tip-527f24e56cc5?source=rss------bug_bounty-5Fahad Hasandirectory-enumeration, penetration-testing, bug-bounty, waybackurls, reconnaissance11-Nov-2023
Pentesting: I wanna be a hackerrr…https://areen-agrawal.medium.com/pentesting-i-wanna-be-a-hackerrr-4dcf9379a6fc?source=rss------bug_bounty-5Me, Just a Techie.bug-bounty, computer-security, red-teaming, technology, pentesting11-Nov-2023
Project 2510: Bug Bounty Challenge — Day 6/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-6-25-fe340a54386c?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-hunter, bug-bounty-tips, bug-bounty-hunting11-Nov-2023
Project 2510: Bug Bounty Challenge — Day 5/25https://wallotry.medium.com/project-2510-bug-bounty-challenge-day-5-25-205300a2a65c?source=rss------bug_bounty-5Wallotrybug-bounty, bug-bounty-hunting, bug-bounty-hunter, bug-bounty-tips10-Nov-2023
Unlocking Cash: Easy P1 Bug in Grafana Dashboard with Default Credentials = €€€€https://infosecwriteups.com/unlocking-cash-easy-p1-bug-in-grafana-dashboard-with-default-credentials-fa36ddf271da?source=rss------bug_bounty-5Pratik Dabhihackerone, bug-bounty, bugcrowd10-Nov-2023
Authentication Vulnerabilities- Lab #3 Password reset broken logichttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-3-password-reset-broken-logic-95bc62a7b92a?source=rss------bug_bounty-5dollarboysushilbug-bounty, cybersecurity, portswigger, web-security, password-reset10-Nov-2023
21.1 Lab: Authentication bypass via OAuth implicit flow | 2023https://cyberw1ng.medium.com/21-1-lab-authentication-bypass-via-oauth-implicit-flow-2023-15f819305f73?source=rss------bug_bounty-5Karthikeyan Nagarajpenetration-testing, bug-bounty, careers, cybersecurity, hacking10-Nov-2023
Authentication Vulnerabilities- Lab #2 2FA simple bypasshttps://dollarboysushil.medium.com/authentication-vulnerabilities-lab-2-2fa-simple-bypass-6bd390cf92bc?source=rss------bug_bounty-5dollarboysushilweb-security, cybersecurity, bug-bounty, portswigger, two-factor-authentication10-Nov-2023
Revealing True Industry Potential Through the Ultimate Web3 Security Ecosystem: R.xyzhttps://medium.com/coinmonks/revealing-true-industry-potential-through-the-ultimate-web3-security-ecosystem-r-xyz-007acfd25b62?source=rss------bug_bounty-5Officer's Notesblockchain-security, bug-bounty, web3, smart-contract-security, hacking10-Nov-2023
How I stopped a Wallet Hack and Got Almost Nothing.https://medium.com/@mahitman1/how-i-stopped-a-wallet-hack-and-got-almost-nothing-68babd824854?source=rss------bug_bounty-5Muhammad Abdullahweb3, blockchain, bug-bounty, security10-Nov-2023