Security Cipher
Additional Resources
Compilation of Resources Featuring Daily Bug Bounty Writeups
xss
sql injection
xxe
bug-bounty
recon
wordpress
ai
red-team
ctf
graphql
Lab
Title | Link | Author | Tags | Publication date |
---|---|---|---|---|
Well, now that you’ve put your mind in the right direction and started testing a website, the first… | https://medium.com/@shaikhminhaz1975/well-now-that-youve-put-your-mind-in-the-right-direction-and-started-testing-a-website-the-first-c900776d6f89?source=rss------bug_bounty-5 | Shaikh Minhaz | brute-force, bug-bounty, ethical-hacking, cybersecurity, penetration-testing | 04-Oct-2024 |
Guarding the Gateway: Understanding and Preventing File Upload Attacks | https://medium.com/@wintersoldiers/guarding-the-gateway-understanding-and-preventing-file-upload-attacks-b116abd5eef0?source=rss------bug_bounty-5 | Winter_Soldiers | file-upload-vulnerability, web-security, hacking, bug-bounty, rce-vulnerability | 04-Oct-2024 |
Directory Brute-Forcing: All Methods You Need to Know — File Extension, Status Filter, and… | https://medium.com/@shaikhminhaz1975/well-now-that-youve-put-your-mind-in-the-right-direction-and-started-testing-a-website-the-first-c900776d6f89?source=rss------bug_bounty-5 | Shaikh Minhaz | brute-force, bug-bounty, ethical-hacking, cybersecurity, penetration-testing | 04-Oct-2024 |
SQL injection with filter bypass via XML encoding | https://medium.com/@codingbolt.in/sql-injection-with-filter-bypass-via-xml-encoding-754808d7d29a?source=rss------bug_bounty-5 | codingbolt | bug-bounty, sql-injection-attack, sql-injection, bug-bounty-tips, cybersecurity | 04-Oct-2024 |
Identifying the LLM Attack Surface: A Beginner’s Guide | https://medium.com/@360Security/identifying-the-llm-attack-surface-a-beginners-guide-190b6e1c0aba?source=rss------bug_bounty-5 | Anand | llm, bug-bounty, vapt, penetration-testing, cybersecurity | 04-Oct-2024 |
GraphQL vs REST: Comparison and exploit | https://medium.com/@kabi_777/graphql-vs-rest-comparison-and-security-insights-f481f3389e43?source=rss------bug_bounty-5 | Kabi_777 | bug-bounty, bug-bounty-writeup, bug-bounty-hunter, cybersecurity, bug-bounty-tips | 04-Oct-2024 |
Unlocking Cybersecurity: The Power of Bug Bounty Programs in 2024 | https://medium.com/@eyowas1994/unlocking-cybersecurity-the-power-of-bug-bounty-programs-in-2024-d77d33137e64?source=rss------bug_bounty-5 | CyberSec Tactics | ethical-hacking, bug-bounty, cybersecurity, hacking, web-security | 04-Oct-2024 |
From File Upload to Remote Code Execution (RCE) | https://medium.com/@lukasz.wierzbicki/from-file-upload-to-remote-code-execution-rce-d8f210b22a8c?source=rss------bug_bounty-5 | Lukasz Wierzbicki | security-testing, security-research, bug-bounty, pentesting, pentest | 04-Oct-2024 |
Broken Access Control — Unprotected admin functionality | https://medium.com/@codingbolt.in/broken-access-control-unprotected-admin-functionality-9905f57fa88a?source=rss------bug_bounty-5 | codingbolt | access-control, privilege-escalation, cybersecurity, bug-bounty, broken-access-control | 04-Oct-2024 |
A Methodology Guide to Bypassing RASP and Root Detection in Mobile Apps with Frida | https://medium.com/@abhijithknamboothiri96/a-methodology-guide-to-bypassing-rasp-and-root-detection-in-mobile-apps-with-frida-17e4f97b88bc?source=rss------bug_bounty-5 | Abhijith Namboothiry | cybersecurity, mobile-pentesting, penetration-testing, bug-bounty, security | 04-Oct-2024 |
Understanding Cryptographic Failures: A Key Vulnerability in Web Security | https://medium.com/@mrutunjayasenapati0/understanding-cryptographic-failures-a-key-vulnerability-in-web-security-bb024a4c41ca?source=rss------bug_bounty-5 | Mrutunjaya Senapati | owasp-top-10, bug-bounty, web-penetration-testing, cyrptography, hacking | 04-Oct-2024 |
How to choose the Correct Severity or CVSS Score for a Bug: A Practical Guide | https://medium.com/@a13h1/how-to-choose-the-correct-severity-or-cvss-score-for-a-bug-a-practical-guide-7a83be0096f3?source=rss------bug_bounty-5 | Abhi Sharma | cybersecurity, bug-bounty, bug-bounty-tips, hacking, infosec | 04-Oct-2024 |
Are you ready to take over entire infrastructure? | https://medium.com/@alex122303q/are-you-ready-to-take-over-entire-infrastructure-a93d2a0f902c?source=rss------bug_bounty-5 | Nebty | ctf, malicious-document, standoff365, bug-bounty, penetration-testing | 04-Oct-2024 |
US Trading Account Fund Exploit: An IDOR Vulnerability Walkthrough | https://medium.com/@360Security/us-trading-account-fund-exploit-an-idor-vulnerability-walkthrough-a61ba5186874?source=rss------bug_bounty-5 | 360 Security | vapt, web-security, bug-bounty, cybersecurity, penetration-testing | 04-Oct-2024 |
Identifying the LLM Attack Surface: A Beginner’s Guide | https://medium.com/@360Security/identifying-the-llm-attack-surface-a-beginners-guide-190b6e1c0aba?source=rss------bug_bounty-5 | 360 Security | llm, bug-bounty, vapt, penetration-testing, cybersecurity | 04-Oct-2024 |
Command Injection: How Exploiting User Input Can Lead to Full System Compromise | https://systemweakness.com/command-injection-how-exploiting-user-input-can-lead-to-full-system-compromise-6becf5b981a1?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, careers, hacking, technology, bug-bounty | 04-Oct-2024 |
one of the best tool for subdomains finding. | https://osintteam.blog/one-of-the-best-tool-for-subdomains-finding-0769dff261f4?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips, hacking | 04-Oct-2024 |
easy bug bounty as a beginner part 1 | https://medium.com/@canonminibeast/easy-bug-bounty-as-a-beginner-part-1-38833747da8d?source=rss------bug_bounty-5 | Canonminibeast | hacking-tools, hacking, web-penetration-testing, bug-bounty, bugbounty-poc | 04-Oct-2024 |
Are you ready to take over entire infrastructure? | https://medium.com/@nebty/are-you-ready-to-take-over-entire-infrastructure-a93d2a0f902c?source=rss------bug_bounty-5 | Nebty | ctf, malicious-document, standoff365, bug-bounty, penetration-testing | 04-Oct-2024 |
Some XSS Situation | https://medium.com/@haticezkmnl/some-xss-situation-31fa64e113fe?source=rss------bug_bounty-5 | Hatice Zehra Kamanlı | cyber, xss-attack, bug-bounty, exploitation, cybersecurity | 03-Oct-2024 |
OTP Bypass Methods | Bug Bounty | https://medium.com/@arrheniuspaelongan09/otp-bypass-methods-bug-bounty-4a988573c12a?source=rss------bug_bounty-5 | Qchad | programming, bug-bounty, penetration-testing, technology, hacking | 03-Oct-2024 |
Understanding Broken Access Control: A Critical Vulnerability in Web Security | https://medium.com/@mrutunjayasenapati0/understanding-broken-access-control-a-critical-vulnerability-in-web-security-6ebd33ad4d35?source=rss------bug_bounty-5 | Mrutunjaya Senapati | bug-bounty, web-penetration-testing, owasp, hacking, broken-access-control | 03-Oct-2024 |
Hacker Kali Toolkit Zero-Hero | Primary Hacking School #4 | https://medium.com/@nnface/hacker-kali-toolkit-zero-hero-primary-hacking-school-4-a489aafb7f75?source=rss------bug_bounty-5 | NnFace | linux, cybersecurity, hacking, bug-bounty, kali-linux | 03-Oct-2024 |
Visible error-based SQL injection | https://medium.com/@codingbolt.in/visible-error-based-sql-injection-46b8bafe9059?source=rss------bug_bounty-5 | codingbolt | bug-bounty-tips, sql-injection, bug-bounty, sql-injection-attack, cybersecurity | 03-Oct-2024 |
Blind SQL injection with conditional errors | https://medium.com/@codingbolt.in/blind-sql-injection-with-conditional-errors-f7c05ef531ad?source=rss------bug_bounty-5 | codingbolt | sql-injection, cybersecurity, sql-injection-attack, bug-bounty-tips, bug-bounty | 03-Oct-2024 |
Blind SQL injection with conditional responses | https://medium.com/@codingbolt.in/blind-sql-injection-with-conditional-responses-7ffa3a1ac84d?source=rss------bug_bounty-5 | codingbolt | bug-bounty-tips, sql-injection, bug-bounty, sql-injection-attack, cybersecurity | 03-Oct-2024 |
SQL injection UNION attack, retrieving multiple values in a single column | https://medium.com/@codingbolt.in/sql-injection-union-attack-retrieving-multiple-values-in-a-single-column-ed5ce734abf2?source=rss------bug_bounty-5 | codingbolt | sql-injection-attack, cybersecurity, bug-bounty-tips, bug-bounty, sql-injection | 03-Oct-2024 |
SQL injection UNION attack, retrieving data from other tables | https://medium.com/@codingbolt.in/sql-injection-union-attack-retrieving-data-from-other-tables-11cc211f5ad3?source=rss------bug_bounty-5 | codingbolt | sql-injection-attack, sql-injection, bug-bounty, cybersecurity, bug-bounty-tips | 03-Oct-2024 |
DNS — Port 53 — Pentesting | https://medium.com/@verylazytech/dns-port-53-pentesting-7b8ca6307d54?source=rss------bug_bounty-5 | Very Lazy Tech | cybersecurity, bug-bounty, hacking, dns-exploit, dns | 03-Oct-2024 |
VDP: Broken Session Management Allows Unlimited Free Scans on Pentesting Website | https://medium.com/@enigma_/vdp-broken-session-management-allows-unlimited-free-scans-on-pentesting-website-99467dce1d3c?source=rss------bug_bounty-5 | enigma | penetration-testing, hacking, owasp, bug-bounty, bug-bounty-writeup | 03-Oct-2024 |
Subdomain Enumeration & Takeovers | ||||
(Part-2: Active Enumeration)" | https://medium.com/@bitthr3at/subdomain-enumeration-takeovers-part-2-active-enumeration-304cb3381813?source=rss------bug_bounty-5 | Naman Gupta (Bitthr3at) | recon, subdomain-enumeration, web, bug-bounty, attack-surface | 03-Oct-2024 |
How I hacked RD Sharma’s Publisher Website? | https://abhayvis.medium.com/how-i-hacked-rd-sharmas-publisher-website-7a76b3cb12ae?source=rss------bug_bounty-5 | Abhay Vishwakarma | sql-injection, hacking, bug-bounty | 03-Oct-2024 |
Blind SQL injection with out-of-band data exfiltration | https://medium.com/@codingbolt.in/blind-sql-injection-with-out-of-band-data-exfiltration-0a08129bfad5?source=rss------bug_bounty-5 | codingbolt | sql-injection, cybersecurity, bug-bounty-tips, sql-injection-attack, bug-bounty | 03-Oct-2024 |
Blind SQL injection with out-of-band interaction | https://medium.com/@codingbolt.in/blind-sql-injection-with-out-of-band-interaction-e44f6f75bc47?source=rss------bug_bounty-5 | codingbolt | bug-bounty-tips, sql-injection-attack, cybersecurity, sql-injection, bug-bounty | 03-Oct-2024 |
Blind SQL injection with time delays and information retrieval | https://medium.com/@codingbolt.in/blind-sql-injection-with-time-delays-and-information-retrieval-fa38f3618a99?source=rss------bug_bounty-5 | codingbolt | sql-injection-attack, cybersecurity, sql-injection, bug-bounty, bug-bounty-tips | 03-Oct-2024 |
Blind SQL injection with time delays | https://medium.com/@codingbolt.in/blind-sql-injection-with-time-delays-94cc5d962902?source=rss------bug_bounty-5 | codingbolt | cybersecurity, sql-injection-attack, bug-bounty, sql-injection, bug-bounty-tips | 03-Oct-2024 |
Pre-Account Takeover via Facebook OAuth Misconfiguration | https://nyein-chan-aung.medium.com/pre-account-takeover-via-facebook-oauth-misconfiguration-e16b984b7953?source=rss------bug_bounty-5 | Nyein Chan Aung | bug-bounty-tips, takeovers, bug-bounty | 03-Oct-2024 |
XML External Entity (XXE) Injection: How Malicious XML Payloads Can Breach Your Application | https://systemweakness.com/xml-external-entity-xxe-injection-how-malicious-xml-payloads-can-breach-your-application-4837f732781e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | technology, cybersecurity, hacking, bug-bounty, careers | 03-Oct-2024 |
How ChatGPT Made Me a Hacker. | https://medium.com/@wajeehakhan9797/how-chatgpt-made-me-a-hacker-b89b1cce992b?source=rss------bug_bounty-5 | Wajeeha Khan | learning, openai, large-language-models, hacking, bug-bounty | 03-Oct-2024 |
Critical Vulnerabilities in DrayTek Vigor Routers: Over 700,000 Devices Exposed to Remote Exploits… | https://infosecwriteups.com/critical-vulnerabilities-in-draytek-vigor-routers-over-700-000-devices-exposed-to-remote-exploits-2f3f731b50d9?source=rss------bug_bounty-5 | Ajay Naik | cybersecurity, penetration-testing, bug-bounty, rewards, hacking | 03-Oct-2024 |
Blind SQL injection with out-of-band data exfiltration | https://systemweakness.com/blind-sql-injection-with-out-of-band-data-exfiltration-0a08129bfad5?source=rss------bug_bounty-5 | codingbolt | sql-injection, cybersecurity, bug-bounty-tips, sql-injection-attack, bug-bounty | 03-Oct-2024 |
Critical Information Disclosure Vulnerability via CNAME (AUTOMATED SCAN) | https://offsec01.medium.com/critical-information-disclosure-vulnerability-via-cname-automated-scan-be0f6597ac5e?source=rss------bug_bounty-5 | Facundo Fernandez | bug-bounty, penetration-testing, ethical-hacking, hacking, cybersecurity | 03-Oct-2024 |
https://forms.gle/bHE9FbPTuzYzREAz7 | https://medium.com/@a1il7j99h/https-forms-gle-bhe9fbptuzyzreaz7-5f9f5d561a4b?source=rss------bug_bounty-5 | Re$@T!l< | cyber, bug-bounty, hacker | 02-Oct-2024 |
How I Earned $4000+ from a Simple Information Disclosure Bug | https://medium.com/@rajauzairabdullah/how-i-earned-4000-from-a-simple-information-disclosure-bug-d644c47803c1?source=rss------bug_bounty-5 | Raja Uzair Abdullah | information-disclosure, bug-bounty-tips, bug-bounty, penetration-testing | 02-Oct-2024 |
Seri Belajar APT (Advanced Persistent Threat) Secara Sederhana Pada Target OS Linux — Pengumpulan… | https://medium.com/@mrp.bpp/seri-belajar-apt-advanced-persistent-threat-secara-sederhana-pada-target-os-linux-pengumpulan-967c3c2f46cc?source=rss------bug_bounty-5 | Mada Perdhana | hacking, apt, linux-hacking, bug-bounty, ethical-hacking-tips | 02-Oct-2024 |
Seri Belajar APT (Advanced Persistent Threat) Secara Sederhana Pada Target OS Linux — Pengumpulan… | https://medium.com/@mrp.bpp/seri-belajar-apt-advanced-persistent-threat-secara-sederhana-pada-target-os-linux-pengumpulan-4cbd83db98af?source=rss------bug_bounty-5 | Mada Perdhana | apt, nmap, hacking, bug-bounty, ethical-hacking-tips | 02-Oct-2024 |
How i got my first bounty of $$$ | https://rivudon.medium.com/how-i-got-my-first-bounty-of-e163f970d1e0?source=rss------bug_bounty-5 | Rivek Raj Tamang ( RivuDon ) | infosec, hackerone, bug-bounty-tips, bug-bounty | 02-Oct-2024 |
Mastering Code Quality | https://python.plainenglish.io/mastering-code-quality-2f595404d547?source=rss------bug_bounty-5 | rahul bhatia | coverage, python, code-quality, bug-bounty, bug-detection | 02-Oct-2024 |
$175 Prototype Pollution Vulnerability — My first bounty | https://1-day.medium.com/175-prototype-pollution-vulnerability-my-first-bounty-197738a32330?source=rss------bug_bounty-5 | 1day | writeup, penetration-testing, bug-bounty, hacking, bug-bounty-writeup | 02-Oct-2024 |
Boost Your Code Quality with Python Coverage | https://python.plainenglish.io/mastering-code-quality-2f595404d547?source=rss------bug_bounty-5 | rahul bhatia | coverage, python, code-quality, bug-bounty, bug-detection | 02-Oct-2024 |
Comment j’ai découvert une vulnérabilité d’Information Disclosure sur un site que j’utilise | https://medium.com/@Itachi0xf/comment-jai-d%C3%A9couvert-une-vuln%C3%A9rabilit%C3%A9-d-information-disclosure-sur-un-site-que-j-utilise-3a9fed9daa02?source=rss------bug_bounty-5 | Itachix0f | information-disclosure, hacking, apihacking, bug-bounty | 02-Oct-2024 |
How to Find Bugs and Vulnerabilities Using ChatGPT: Guaranteed Results | https://bevijaygupta.medium.com/how-to-find-bugs-and-vulnerabilities-using-chatgpt-guaranteed-results-288ff81dfe40?source=rss------bug_bounty-5 | Vijay Gupta | bugs, bug-bounty, vulnerability, bug-bounty-tips, chatgpt | 02-Oct-2024 |
SQL injection attack, listing the database contents on non-Oracle databases | https://medium.com/@codingbolt.in/sql-injection-attack-listing-the-database-contents-on-non-oracle-databases-718de8ba755a?source=rss------bug_bounty-5 | codingbolt | bugs, bug-bounty, cybersecurity, sql-injection, bug-bounty-tips | 02-Oct-2024 |
SQL injection UNION attack, determining the number of columns returned by the query | https://medium.com/@codingbolt.in/sql-injection-union-attack-determining-the-number-of-columns-returned-by-the-query-f04154bd5b3c?source=rss------bug_bounty-5 | codingbolt | sql-injection-attack, sql-injection, bug-bounty, bug-bounty-tips, cybersecurity | 02-Oct-2024 |
Exfiltration of Data from a Standalone PC | https://roadtooscp.medium.com/exfiltration-of-data-from-a-standalone-pc-00a538f0f773?source=rss------bug_bounty-5 | RoadToOSCP | bug-bounty, hacking, red-teaming, malware, data-security | 02-Oct-2024 |
Découverte d’une vulnérabilité XSS avec contournement de la CSP via unpkg.com | https://medium.com/@Itachi0xf/d%C3%A9couverte-dune-vuln%C3%A9rabilit%C3%A9-xss-avec-contournement-de-la-csp-via-unpkg-com-02437e0eac34?source=rss------bug_bounty-5 | Itachix0f | hacking, xss-attack, csp-bypass, bug-bounty, xss-bypass | 02-Oct-2024 |
“A Vulnerability, A Treasure: Go on a Fun Treasure Hunt with OWASP Top 10!” | https://medium.com/@rootspaghetti/a-vulnerability-a-treasure-go-on-a-fun-treasure-hunt-with-owasp-top-10-d9fe21911856?source=rss------bug_bounty-5 | Root@Spaghetti | hacking, bug-bounty, bug-bounty-tips | 02-Oct-2024 |
SQL injection attack, listing the database contents on Oracle | https://medium.com/@codingbolt.in/sql-injection-attack-listing-the-database-contents-on-oracle-ceb843466f32?source=rss------bug_bounty-5 | codingbolt | sql-injection, bug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty | 02-Oct-2024 |
Exploiting Blind XSS to Access Admin Dashboard for Bounty Rewards | https://medium.com/@arrheniuspaelongan09/exploiting-blind-xss-to-access-admin-dashboard-for-bounty-rewards-fcdd54ddea7c?source=rss------bug_bounty-5 | Qchad | technology, hacking, bug-bounty, penetration-testing, hacker | 02-Oct-2024 |
Which path to choose in cybersecurity? | https://medium.com/@mr_prey3r/which-path-to-choose-in-cybersecurity-ca048e621ba0?source=rss------bug_bounty-5 | Rubayet Hasan aka MR_Prey3r | cybersecurity, hacking, bug-bounty, ethical-hacking | 02-Oct-2024 |
OWASP Top 10: 2021 vs. 2017 — A Comparative Analysis | https://medium.com/@mrutunjayasenapati0/owasp-top-10-2021-vs-2017-a-comparative-analysis-70990e5570f8?source=rss------bug_bounty-5 | Mrutunjaya Senapati | bug-bounty, bugs, vulnerability, owasp, hacking | 02-Oct-2024 |
Deep Dive in Reconnaissance | https://medium.com/@bitthr3at/deep-dive-in-reconnaissance-a1e88cfdebf5?source=rss------bug_bounty-5 | Naman Gupta (Bitthr3at) | recon, subdomains-enumeration, bug-bounty, web, attack-surface | 02-Oct-2024 |
Bug Bounty Proqramlarına Giriş: Zəifliklərin Aşkar Edilməsi və Etik Hakerlik (Bölüm 1) | https://zeynalxan.medium.com/bug-bounty-proqramlar%C4%B1na-giri%C5%9F-z%C9%99iflikl%C9%99rin-a%C5%9Fkar-edilm%C9%99si-v%C9%99-etik-hakerlik-b%C3%B6l%C3%BCm-1-8caa7eb90dd8?source=rss------bug_bounty-5 | Zeynalxan Quliyev | etik-xaker, bug-bounty, whitehat, bug-bounty-nədir, hakerlik | 2-Oct-2024 |
A Comprehensive Bug Bounty Checklist for Beginners. | https://medium.com/@anandrishav2228/a-comprehensive-bug-bounty-checklist-for-beginners-f96ba591cf3d?source=rss------bug_bounty-5 | Rishav anand | computer-science, security, cybersecurity, engineering, bug-bounty | 2-Oct-2024 |
Cross-Origin Resource Sharing (CORS) Misconfiguration: How Attackers Exploit Weak Policies to Steal… | https://cyberw1ng.medium.com/cross-origin-resource-sharing-cors-misconfiguration-how-attackers-exploit-weak-policies-to-steal-5902af92d71f?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, technology, bug-bounty, cybersecurity | 2-Oct-2024 |
SQL injection UNION attack, finding a column containing text | https://medium.com/@codingbolt.in/sql-injection-union-attack-finding-a-column-containing-text-09d913162e0f?source=rss------bug_bounty-5 | codingbolt | sql-injection, sql-injection-attack, bug-bounty, cybersecurity, bug-bounty-tips | 2-Oct-2024 |
Reverse Shells: A Practical Guide | https://medium.com/@learntheshell/reverse-shells-a-practical-guide-af1815bc3127?source=rss------bug_bounty-5 | LearnTheShell | bug-bounty, bug-bounty-tips, reverse-shell, cybersecurity, pentesting | 02-Oct-2024 |
Secrets Manager exposed (HasiCorp Vault) | https://medium.com/@manumanram2/secrets-manager-exposed-hasicorp-vault-7075539a9e1e?source=rss------bug_bounty-5 | SrPatoMan | information-disclosure, hacking, bug-bounty | 02-Oct-2024 |
Cross-Origin Resource Sharing (CORS) Misconfiguration: How Attackers Exploit Weak Policies to Steal… | https://systemweakness.com/cross-origin-resource-sharing-cors-misconfiguration-how-attackers-exploit-weak-policies-to-steal-5902af92d71f?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, technology, bug-bounty, cybersecurity | 02-Oct-2024 |
Utilizing AI Model for Hacking: Bypassing CAPTCHAs using AI leads to Account Takeover | Bug Bounty | https://ph-hitachi.medium.com/utilizing-ai-model-for-hacking-bypassing-captchas-using-ai-leads-to-account-takeover-bug-bounty-028804b779a0?source=rss------bug_bounty-5 | Ph.Hitachi | vulnerability, bug-bounty, captcha, security, ai | 01-Oct-2024 |
Chaining Application-Level DoS with CSRF: A Sneaky Exploit to Block User Logins | https://medium.com/@dsmodi484/chaining-application-level-dos-with-csrf-a-sneaky-exploit-to-block-user-logins-4caaac781883?source=rss------bug_bounty-5 | Dishant Modi | hackerone, bug-bounty, csrf, python, vulnerability | 01-Oct-2024 |
Top 10 Documentation Every Hacker Should Know | https://medium.com/@RaunakGupta1922/top-10-documentation-every-hacker-should-know-f28e73f7c207?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | ethical-hacking, cybersecurity, bug-bounty, programming, infosec | 01-Oct-2024 |
Mastering XSS (Cross-Site Scripting) Attacks: A Comprehensive Guide to become Professional Bug… | https://medium.com/@kumawatabhijeet2002/mastering-xss-cross-site-scripting-attacks-a-comprehensive-guide-to-become-professional-bug-6251058c576e?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, xss-vulnerability, bug-bounty-tips, dom-based-xss, xss-attack | 01-Oct-2024 |
Don’t Miss Out! The Best Platforms to Report Vulnerabilities and Earn Big! | https://medium.com/@paritoshblogs/dont-miss-out-the-best-platforms-to-report-vulnerabilities-and-earn-big-787bbb03607a?source=rss------bug_bounty-5 | Paritosh | how-to, vulnerability, hacking, bug-bounty, cybersecurity | 01-Oct-2024 |
Why can’t Bug Bounty Hunter find a bug? | https://m0hitrawat.medium.com/why-cant-bug-bounty-hunter-find-a-bug-b5c9bc72a30d?source=rss------bug_bounty-5 | Mohit Rawat | pentesting-checklist, bug-bounty, bug-bounty-writeup, pentesting-guide, bug-bounty-tips | 01-Oct-2024 |
Android Application Pentesting Part 2 | Android Platform Architecture | https://dkcyberz.medium.com/android-application-pentesting-part-2-android-platform-architecture-0db5e27f209a?source=rss------bug_bounty-5 | Harpy Hunter | android-pentesting, bug-bounty, bugbounty-writeup, pentesting, ethical-hacking | 01-Oct-2024 |
Understanding the OWASP Top 10: Your Guide to Web Application Security | https://medium.com/@mrutunjayasenapati0/understanding-the-owasp-top-10-your-guide-to-web-application-security-fab59537db8b?source=rss------bug_bounty-5 | Mrutunjaya Senapati | hacking, bug-bounty, owasp-top-10, hunting, bounty-program | 01-Oct-2024 |
Why Web3Projects Should Start with Smaller Bug Bounties | https://medium.com/@rangashree.rangaraja/why-web3projects-should-start-with-smaller-bug-bounties-a391777bc559?source=rss------bug_bounty-5 | Rangashree Rangaraja | bug-bounty, web3-security, web3, blockchain, blockchain-technology | 01-Oct-2024 |
Exploiting the Unprotected: How I Gained Unauthorized Access to Redis | https://medium.com/@impratikdabhi/exploiting-the-unprotected-how-i-gained-unauthorized-access-to-redis-5070eea7da35?source=rss------bug_bounty-5 | Pratik Dabhi | hacking, hacking-tools, bugcrowd, hackerone, bug-bounty | 01-Oct-2024 |
Taming Post Claps | https://medium.engineering/taming-post-claps-273d97ce1ced?source=rss------bug_bounty-5 | Ryan Lattanzi | dynamodb, software-development, programming, bug-bounty | 01-Oct-2024 |
4 Burpsuite Intruder Attack Types You Should Know —Bug Tuesday | https://medium.com/@kerstan/4-burpsuite-intruder-attack-types-you-should-know-bug-tuesday-5c7a0900cb56?source=rss------bug_bounty-5 | kerstan | bug-bounty, hacking, cybersecurity | 01-Oct-2024 |
Escalating stored XSS to Account Takeover | https://nyein-chan-aung.medium.com/escalating-stored-xss-to-account-takeover-28c549cd5f6b?source=rss------bug_bounty-5 | Nyein Chan Aung | bug-bounty, bug-bounty-writeup, bug-bounty-tips | 01-Oct-2024 |
Unauthenticated PHP Object Injection in GiveWP Plugin for WordPress | https://infosecwriteups.com/unauthenticated-php-object-injection-in-givewp-plugin-for-wordpress-5fffa8df79c8?source=rss------bug_bounty-5 | Ajay Naik | rewards, hacking, bug-bounty, vulnerability, cybersecurity | 01-Oct-2024 |
File Upload (RCE) to Bounty | HackerOne | https://starlox.medium.com/file-upload-rce-to-bounty-hackerone-928e8e5b375e?source=rss------bug_bounty-5 | #$ubh@nk@r | infosec, hacking, pentesting, bug-bounty, cybersecurity | 01-Oct-2024 |
Sneaking into your documents: How I hacked DigiLocker? | https://medium.com/codechef-vit/sneaking-into-your-documents-how-i-hacked-digilocker-ae6dc44267fb?source=rss------bug_bounty-5 | Prateek Srivastava | bug-bounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips, penetration-testing | 01-Oct-2024 |
Cross-Site Request Forgery (CSRF): How Attackers Exploit Trust to Hijack User Actions | https://systemweakness.com/cross-site-request-forgery-csrf-how-attackers-exploit-trust-to-hijack-user-actions-94d29d787e47?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, careers, bug-bounty, technology, hacking | 01-Oct-2024 |
How I Manipulated A User’s Email: A CSRF PoC Walkthrough from TCM Academy | https://medium.com/@trixiahorner/csrf-walkthrough-5876cdf437ea?source=rss------bug_bounty-5 | Trixia Horner | cybersecurity, hacking, bug-bounty, vulnerability, website | 01-Oct-2024 |
Nmap: A Comprehensive Guide for Web Application Bug Hunting | https://medium.com/@anandrishav2228/nmap-a-comprehensive-guide-for-web-application-bug-hunting-d8c2a0ef360a?source=rss------bug_bounty-5 | Rishav anand | cybersecurity, nmap, bug-bounty, engineering, hacking | 01-Oct-2024 |
Bug in a Mailing List Exposed Hundreds of American Universities: How I Found and Exploited the… | https://medium.com/@sarvagnpathak/bug-in-a-mailing-list-exposed-hundreds-of-american-universities-how-i-found-and-exploited-the-cf5df54baf37?source=rss------bug_bounty-5 | Sarvagn Pathak | cybersecurity, bug-bounty, awareness, hacking | 01-Oct-2024 |
AllSafe Challenges | https://medium.com/@soliman_almansor/all-safe-challenges-599a09cce447?source=rss------bug_bounty-5 | Soliman Almansor | hacking, bug-bounty, information-security, android-pentesting, infosec | 01-Oct-2024 |
Excited to announce our Industrial Security Training Program at @security_lit! | https://securitylit.medium.com/excited-to-announce-our-industrial-security-training-program-at-security-lit-82a21753634e?source=rss------bug_bounty-5 | Security Lit Limited | it-security, cybersecurity, penetration-testing, bug-bounty, traning | 01-Oct-2024 |
Open Redirect Bug | wedohacks | https://wedohack.medium.com/open-redirect-bug-wedohacks-26012e51d50c?source=rss------bug_bounty-5 | WE DO HACKS | open-redirect, bug-bounty, bugs, bug-hunting, hacking | 01-Oct-2024 |
CORS Vulnerability with Trusted Insecure Protocols | https://medium.com/@rcxsecurity/cors-vulnerability-with-trusted-insecure-protocols-09df3304e3d8?source=rss------bug_bounty-5 | Ryan G. Cox - The Cybersec Cafe | bug-bounty, information-security, penetration-testing, cybersecurity, hacking | 01-Oct-2024 |
Remote code Execution | https://medium.com/@roshiniyathakula/remote-code-execution-9b2e9f26963d?source=rss------bug_bounty-5 | Roshiniyathakula | rce-vulnerability, penetration-testing, bug-bounty, reverse-shell, hacking | 30-Sep-2024 |
Uncovering Hidden Subdomains with Favicons: Advanced Enumeration Techniques | https://systemweakness.com/uncovering-hidden-subdomains-with-favicons-advanced-enumeration-techniques-e92cb30cbcc3?source=rss------bug_bounty-5 | Khaleel Khan | bug-bounty-tips, hacking, cybersecurity, infosec, bug-bounty | 30-Sep-2024 |
Discovering Facebook OAuth Misconfigurations: A Journey into Pre-Account Takeover | https://medium.com/@cybershree/discovering-facebook-oauth-misconfigurations-a-journey-into-pre-account-takeover-92a38254cbec?source=rss------bug_bounty-5 | cybershree | bug-bounty, bug-bounty-tips, writing, cybersecurity, bugcrowd | 30-Sep-2024 |
Android Application Penetration Testing Part 1 | Introduction | https://dkcyberz.medium.com/android-application-penetration-testing-part-1-introduction-738351fe8806?source=rss------bug_bounty-5 | Harpy Hunter | bug-bounty, pentesting, mobile-pentesting, android-pentesting, bugbounty-writeup | 30-Sep-2024 |
How to use AI for Bug Bounty in 2024 | https://medium.com/@anandrishav2228/how-to-use-ai-for-bug-bounty-in-2024-39ef4d2a518a?source=rss------bug_bounty-5 | Rishav anand | ai, networking, security, cybersecurity, bug-bounty | 30-Sep-2024 |
SQL Injection vulnerability in CRMEB v.5.2.2 — $$$$ Bounty | https://osintteam.blog/sql-injection-vulnerability-in-crmeb-v-5-2-2-bounty-7bc056a19cce?source=rss------bug_bounty-5 | Ajay Naik | vulnerability, sql, rewards, bug-bounty, sql-injection | 30-Sep-2024 |
Easy P2 — Pre account takeover via Facebook OAuth misconfiguration | https://sudosuraj.medium.com/easy-p2-pre-account-takeover-via-facebook-oauth-misconfiguration-23c681ba8f07?source=rss------bug_bounty-5 | sudosuraj | cybersecurity, bug-bounty, bug-bounty-tips, bug-bounty-writeup, penetration-testing | 30-Sep-2024 |
SQL Injection Vulnerability on Login Page Allows Unauthorized Database Dump | https://medium.com/@harshitha431/sql-injection-sqli-9675e21cc54a?source=rss------bug_bounty-5 | Harshitha | bug-bounty, vulnerability, hacking, penetration-testing, sql-injection | 30-Sep-2024 |
Prototype Pollution: How a JavaScript Quirk Can Lead to Complete Application Takeover | https://cyberw1ng.medium.com/prototype-pollution-how-a-javascript-quirk-can-lead-to-complete-application-takeover-9adb5e4f6b6b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, hacking, cybersecurity, technology | 30-Sep-2024 |
CVE-2024–23897 — Jenkins File Read Vulnerability — POC | https://medium.com/@verylazytech/cve-2024-23897-jenkins-file-read-vulnerability-poc-6a1dfdbfd6f2?source=rss------bug_bounty-5 | Very Lazy Tech | cve-2024-23897, jenkins, cybersecurity, bug-bounty, pentesting | 30-Sep-2024 |
XSS + OAuth Misconfigs = Token Theft and ATO | https://7odamoo.medium.com/xss-oauth-misconfigs-token-theft-and-ato-d0837c44cd31?source=rss------bug_bounty-5 | Mahmoud Hamed | penetration-testing, bug-bounty, cybersecurity | 30-Sep-2024 |
How to Use Medusa for Fast, Multi-Protocol Brute-Force Attacks | https://medium.com/@stealthsecurity/how-to-use-medusa-for-fast-multi-protocol-brute-force-attacks-0627997c5686?source=rss------bug_bounty-5 | Stealth Security | ethical-hacking, penetration-testing, cybersecurity, bug-bounty, hacking | 30-Sep-2024 |
Prototype Pollution: How a JavaScript Quirk Can Lead to Complete Application Takeover | https://infosecwriteups.com/prototype-pollution-how-a-javascript-quirk-can-lead-to-complete-application-takeover-9adb5e4f6b6b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, hacking, cybersecurity, technology | 30-Sep-2024 |
OWASP juice shop -How I get account takeover from XSS | https://medium.com/@abdo-eg/owasp-juice-shop-how-i-get-account-takeover-from-xss-ae3cfc978381?source=rss------bug_bounty-5 | Abdullah Ahmed | xss-attack, owasp, hashing, bug-bounty, ato | 29-Sep-2024 |
Hacking with Linux: Your Ultimate Guide to Cyber Security Mastery | https://medium.com/@RaunakGupta1922/hacking-with-linux-your-ultimate-guide-to-cyber-security-mastery-e8f8bb38510c?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | cybersecurity, linux, ethical-hacking, bug-bounty, hacking | 29-Sep-2024 |
OWASP juice-shop login as an admin using SQLi and OSINT | https://medium.com/@abdo-eg/owasp-juice-shop-login-as-an-admin-using-sqli-and-osint-90c4abc4322b?source=rss------bug_bounty-5 | Abdullah Ahmed | web-security, ethical-hacking, owasp, bug-bounty, penetration-testing | 29-Sep-2024 |
H7CTF — WEB CHALLENGES | https://medium.com/@josangeorge27/h7ctf-web-challenges-db1883775dfd?source=rss------bug_bounty-5 | Josan George | ctf, ctf-walkthrough, cybersecurity, bug-bounty, web-application-security | 29-Sep-2024 |
Essential Port Scanning Skills for Bug Bounty Hunters | https://bevijaygupta.medium.com/essential-port-scanning-skills-for-bug-bounty-hunters-f0e09f3612ce?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty, port-scanning, bug-zero, bugs, bug-bounty-tips | 29-Sep-2024 |
Bypassing Filters: SSRF Exploitation via DNS Rebinding with Just 1 in 30 Successful Requests | https://mokhansec.medium.com/bypassing-filters-ssrf-exploitation-via-dns-rebinding-with-just-1-in-30-successful-requests-2fdc3a9cfd7d?source=rss------bug_bounty-5 | Mohsin khan | bug-bounty-writeup, bug-bounty-tips, bug-bounty, ssrf, bugs | 29-Sep-2024 |
Privacy concern bug | https://osintteam.blog/privacy-concern-bug-72b30aead215?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty-tips, tips, bug-bounty, cybersecurity, hacking | 29-Sep-2024 |
How to Find Bugs and Vulnerabilities Using ChatGPT: Guaranteed Results | https://medium.com/@shaikhminhaz1975/how-to-find-bugs-and-vulnerabilities-using-chatgpt-guaranteed-results-3b630fae4691?source=rss------bug_bounty-5 | Shaikh Minhaz | bug-bounty, chatgpt, penetration-testing, cybersecurity, how-to | 29-Sep-2024 |
Find Vulnerabilities With This Single Nmap Command | https://medium.com/@josuofficial327/find-vulnerabilities-with-this-single-nmap-command-a4476c16c82c?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | ethical-hacking, cybersecurity, vulnerability, bug-bounty-tips, bug-bounty | 29-Sep-2024 |
Performing a Dependency Confusion Attack with Remote Code Execution (RCE): A Step-by-Step Guide | https://medium.com/@360Security/performing-a-dependency-confusion-attack-with-remote-code-execution-rce-a-step-by-step-guide-8d6055aa53e4?source=rss------bug_bounty-5 | Anand | vapt, cybersecurity, sdlc, rce, bug-bounty | 29-Sep-2024 |
Critical bug in MediaTek Chips:CVE-2024–20017 | https://medium.com/@dudleydaniel.raj2005/critical-bug-in-mediatek-chips-cve-2024-20017-6e955ad56923?source=rss------bug_bounty-5 | Hydra_101 | mediatek, chips, cybersecurity, bug-bounty, wifi | 29-Sep-2024 |
Mastering Advanced Google Dorks for Ethical Hacking and Vulnerability Discovery | https://osintteam.blog/mastering-advanced-google-dorks-for-ethical-hacking-and-vulnerability-discovery-6d9e3dde0433?source=rss------bug_bounty-5 | Ajay Naik | bug-bounty, cybersecurity, rewards, medium, google-dork | 29-Sep-2024 |
SMTP/s — Port 25,465,587 For pentesters | https://medium.com/@verylazytech/smtp-s-port-25-465-587-3e5706e081e9?source=rss------bug_bounty-5 | Very Lazy Tech | bug-bounty, cybersecurity, smtp, penetration-testing, hacking | 29-Sep-2024 |
how i found union based sql injection in hackerone public vdp program? | https://doordiefordream.medium.com/how-i-found-union-based-sql-injection-in-hackerone-public-vdp-program-7c76d61f6c77?source=rss------bug_bounty-5 | cybersecurity researcher | ethical-hacking, cyber-security-awareness, bug-bounty-writeup, bug-bounty, cybersecurity | 29-Sep-2024 |
KidRecon: The Ultimate Automated Subdomain Reconnaissance Tool for Ethical Hackers | https://angixblack.medium.com/kidrecon-the-ultimate-automated-subdomain-reconnaissance-tool-for-ethical-hackers-afb8ed8ea883?source=rss------bug_bounty-5 | Angix black | infosec, bug-bounty, recon, automation, bug-bounty-tips | 29-Sep-2024 |
Server-Side Request Forgery (SSRF): How Attackers Can Exploit Internal Networks | https://systemweakness.com/server-side-request-forgery-ssrf-how-attackers-can-exploit-internal-networks-417ed78ae69b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, careers, technology, cybersecurity | 29-Sep-2024 |
Best Bug Bounty and VA/PT Tools in 2024: Use Cases & Commands | https://medium.com/@anandrishav2228/best-bug-bounty-and-va-pt-tools-in-2024-use-cases-commands-42986d594190?source=rss------bug_bounty-5 | Rishav anand | cybersecurity, bug-bounty, company, pentesting, computer-science | 29-Sep-2024 |
Why is Bug Triage Important in Software Testing? | https://medium.com/@divyarajsinhdev/why-is-bug-triage-important-in-software-testing-678decfb727f?source=rss------bug_bounty-5 | Divyarajsinh Dodia | automation, qa, bug-bounty, testing | 29-Sep-2024 |
Understanding Bug Triage: A Crucial Process for Efficient Software Testing | https://medium.com/@divyarajsinhdev/understanding-bug-triage-a-crucial-process-for-efficient-software-testing-790b9b353177?source=rss------bug_bounty-5 | Divyarajsinh Dodia | test, qa, automation, bug-bounty, testing | 29-Sep-2024 |
DVWA : Cross Site Scripting (XSS) Vulnerability Solution (Low Security Level) | https://medium.com/@Kamal_S/dvwa-cross-site-scripting-xss-vulnerability-solution-low-security-level-452396997b5a?source=rss------bug_bounty-5 | Kamal S | security-testing, xs, bug-bounty, dvwa, owasp | 29-Sep-2024 |
Mac Spoofing | https://bob218.medium.com/mac-spoofing-ad0b180f3fad?source=rss------bug_bounty-5 | bob218 | cybersecurity, network-security, cyberattack, osint, bug-bounty | 29-Sep-2024 |
Life Sucks P-1 | https://medium.com/@janpreet9697/life-sucks-p-1-182d702bab02?source=rss------bug_bounty-5 | Janpreet | cybersecurity, life, engineering, bug-bounty, motivation | 29-Sep-2024 |
How Bug Bounty Programs can enable widespread fraud | https://medium.com/@hacktheplanet/how-bug-bounty-programs-can-enable-widespread-fraud-b027f36a49ef?source=rss------bug_bounty-5 | SirHaxAlot | bug-bounty, hacking, fraud, cybersecurity | 28-Sep-2024 |
Stories of a sporadic bug bounty hunter | https://jayaye15.medium.com/stories-of-a-sporadic-bug-bounty-hunter-a09cd32cf0a2?source=rss------bug_bounty-5 | jb00gie | cybersecurity, sql-injection, bug-bounty | 28-Sep-2024 |
My First Bounty Report Experience | https://medium.com/@sreedeepcs.gurukripa/my-first-bounty-report-experience-71095e5c34cd?source=rss------bug_bounty-5 | ambuhecker | bug-bounty, cybersecurity, bug-hunting, hacking | 28-Sep-2024 |
Account Takeover and DoS: Weaponizing Enumeration, IDOR, and Registration Flooding | https://medium.com/@tusharpuri6/account-takeover-and-dos-weaponizing-enumeration-idor-and-registration-flooding-4b88fce20f4b?source=rss------bug_bounty-5 | Tusharpuri | penetration-testing, bug-bounty, offensive-security, application-security, infosec | 28-Sep-2024 |
Exploiting a Logic Bug in Discounts Code Generation | https://medium.com/@sam_0x0/exploiting-a-logic-bug-in-discount-code-generation-a7f624bb396f?source=rss------bug_bounty-5 | Eslam Omar | bug-bounty, logic-bug, hackerone, bug-bounty-tips, bug-bounty-writeup | 28-Sep-2024 |
Exploring the Role of Port Scanning in Bug Bounty Hunting | https://bevijaygupta.medium.com/exploring-the-role-of-port-scanning-in-bug-bounty-hunting-a365e9006b6e?source=rss------bug_bounty-5 | Vijay Gupta | port-scanning, bug-bounty-hunter, scanning, bug-bounty, bugs | 28-Sep-2024 |
Essential Tools for Bug Bounty Hunters | https://medium.com/@jatniwalafizza786/essential-tools-for-bug-bounty-hunters-3c2788cf64ae?source=rss------bug_bounty-5 | Jatniwalafizza | cybersecurity, cybersecurity-course, bug-bounty-courses, bug-bounty | 28-Sep-2024 |
500$ Email Verification Token Leaks in Request | https://medium.com/@0xchoudhary/500-email-verification-token-leaks-in-request-4f0b5ff4b121?source=rss------bug_bounty-5 | Sushil Choudhary | hackerone, bug-bounty, hacking, bounty-program, bugbounty-writeup | 28-Sep-2024 |
Top 20 Must-Have Hacking Gadgets for Cybersecurity Professionals | https://medium.com/@ajaynaikhack/top-20-must-have-hacking-gadgets-for-cybersecurity-professionals-bec4dfe896cf?source=rss------bug_bounty-5 | Ajay Naik | cybersecurity, bug-bounty, gadgets, hacking, information-security | 28-Sep-2024 |
Security Misconfiguration: Identifying and Preventing This Common Vulnerability | https://medium.com/@mrutunjayasenapati0/security-misconfiguration-identifying-and-preventing-this-common-vulnerability-14ab1c4989ac?source=rss------bug_bounty-5 | Mrutunjaya Senapati | vulnerability, hacking, security-misconfiguration, bug-bounty, penetration-testing | 28-Sep-2024 |
Insecure Direct Object References (IDOR): Understanding and Preventing This Vulnerability | https://medium.com/@mrutunjayasenapati0/insecure-direct-object-references-idor-understanding-and-preventing-this-vulnerability-4c8e831f17b4?source=rss------bug_bounty-5 | Mrutunjaya Senapati | bug-bounty, idor, idor-vulnerability, vulnerability, hacking | 28-Sep-2024 |
Exploiting a Logic Bug in Discount Codes Generation | https://medium.com/@sam_0x0/exploiting-a-logic-bug-in-discount-code-generation-a7f624bb396f?source=rss------bug_bounty-5 | Eslam Omar | bug-bounty, logic-bug, hackerone, bug-bounty-tips, bug-bounty-writeup | 28-Sep-2024 |
Why Go is the Perfect Choice for CLIs | https://medium.com/@rezauditore/why-go-is-the-perfect-choice-for-clis-477281989ace?source=rss------bug_bounty-5 | rezauditore | peace, lgbtq, golang, bug-bounty, programming | 28-Sep-2024 |
Exposed private key leads to Google cloud service account takeover — Privilege Escalation | https://vettrivel007.medium.com/exposed-private-key-leads-to-google-cloud-service-account-takeover-privilege-escalation-6f031e20c819?source=rss------bug_bounty-5 | VETTRIVEL | bug-bounty-tips, bounty-program, pentesting, bug-bounty, cybersecurity | 28-Sep-2024 |
Broken Authentication: A Common Vulnerability Exposing User Accounts | https://cyberw1ng.medium.com/broken-authentication-a-common-vulnerability-exposing-user-accounts-2b48b6f9b644?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, careers, cybersecurity, technology | 28-Sep-2024 |
Nuclei ile Zafiyet Tespiti | https://medium.com/@alperenkeskk/nuclei-ile-zafiyet-tespiti-ec94aa180aab?source=rss------bug_bounty-5 | Alperen Keskin | cyber-security-awareness, bug-bounty-tips, security, tools, bug-bounty | 28-Sep-2024 |
HackTheBox Broken Authentication (Skills Assessment) | https://medium.com/@N0UR0X01/hackthebox-broken-authentication-skills-assessment-c43feaab1a52?source=rss------bug_bounty-5 | N0UR0x01 | htb-writeup, htb-academy, bug-bounty, htb-academy-writeup, broken-authentication | 28-Sep-2024 |
How to google dork effectively for private and other bug bounty programs | https://medium.com/@malikirtizameg/how-to-google-dork-effectively-for-private-and-other-bug-bounty-program-d54f9e7b4d57?source=rss------bug_bounty-5 | bug bounty | penetration-testing, python, bug-bounty, cybersecurity, hacking | 28-Sep-2024 |
Full Account Takeover via Facebook OAuth Misconfiguration | https://medium.com/@0x_xnum/full-account-takeover-via-facebook-oauth-misconfiguration-9e30fe1c1da1?source=rss------bug_bounty-5 | Ahmed Tarek | bug-bounty, oauth, bugbounty-writeup, bugcrowd, account-takeover | 28-Sep-2024 |
SQL injection attack, querying the database type and version on MySQL and Microsoft | https://medium.com/@codingbolt.in/sql-injection-attack-querying-the-database-type-and-version-on-mysql-and-microsoft-162715c6cd0e?source=rss------bug_bounty-5 | codingbolt | sql-injection-attack, sql-injection, bug-bounty-writeup, bug-bounty, bug-bounty-tips | 28-Sep-2024 |
SQL injection attack, querying the database type and version on Oracle | https://medium.com/@codingbolt.in/sql-injection-attack-querying-the-database-type-and-version-on-oracle-f78a035c654d?source=rss------bug_bounty-5 | codingbolt | bug-bounty-tips, sql-injection, bug-bounty-writeup, bug-bounty, sql-injection-attack | 28-Sep-2024 |
ORM HQL Injection | https://medium.com/@oscuridad1010/orm-hql-injection-e072207e8942?source=rss------bug_bounty-5 | Gamiel Manbiotan | infosec, hackerone, bugcrowd, developer, bug-bounty | 28-Sep-2024 |
How to use built with for bugbounty | https://osintteam.blog/how-to-use-built-with-for-bugbounty-9f58ba501f5a?source=rss------bug_bounty-5 | loyalonlytoday | hacking, bug-bounty-tips, cybersecurity, bug-bounty, recon | 28-Sep-2024 |
P4 bug’s and their POC steps | Part 5 | https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-5-242eddd02fd0?source=rss------bug_bounty-5 | socalledhacker | infosec, hacking, bug-bounty, web-security, bug-bounty-tips | 28-Sep-2024 |
Level Up your Bug Bounty Game — to P1s and P2s Series : PART 1 | https://medium.com/@nireshpandian19/level-up-your-bug-bounty-game-to-p1s-and-p2s-series-part-1-edaa702c8499?source=rss------bug_bounty-5 | JAI NIRESH J | bug-bounty-writeup, bug-bounty, cybersecurity, ethical-hacking, bug-hunting | 27-Sep-2024 |
Web App Hacking Tips & Trick—Celah File Upload — Bagian 1 | https://medium.com/@mrp.bpp/web-app-hacking-tips-trick-celah-file-upload-bagian-1-1df16a844279?source=rss------bug_bounty-5 | Mada Perdhana | file-upload-vulnerability, hacking, bug-bounty-tips, bug-bounty, web-hacking | 27-Sep-2024 |
Sedikit Tips & Trick Saat Testing API — Bagian 2 | https://medium.com/@mrp.bpp/sedikit-tips-trick-saat-testing-api-bagian-2-a548a85bcea6?source=rss------bug_bounty-5 | Mada Perdhana | web-hacking, api-hacing, bug-bounty, bug-hunting, bug-bounty-tips | 27-Sep-2024 |
Sedikit Tips & Trick Saat Testing API — Bagian 1 | https://medium.com/@mrp.bpp/sedikit-tips-trick-saat-testing-api-bagian-1-3983017fec4d?source=rss------bug_bounty-5 | Mada Perdhana | hacking-apis, web-hacking, bug-bounty, bug-bounty-tips, bug-hunting | 27-Sep-2024 |
Deep Dive in Reconnaissance (Chapter 1 [part-2] — Root Domain Enumeration) | https://medium.com/@bitthr3at/deep-dive-in-reconnaissance-chapter-1-part-2-root-domain-enumeration-87765a50d125?source=rss------bug_bounty-5 | Naman Gupta (Bitthr3at) | appsec, recon, osint, attack-surface-discovery, bug-bounty | 27-Sep-2024 |
How to Become a Bug Bounty Hunter: A Complete Guide for Beginners | https://medium.com/@anandrishav2228/how-to-become-a-bug-bounty-hunter-a-complete-guide-for-beginners-316c27bb2c8c?source=rss------bug_bounty-5 | Rishav anand | bug-bounty, hackerspaces, hacking, website, cybersecurity | 27-Sep-2024 |
SQL injection vulnerability allowing login bypass | https://medium.com/@codingbolt.in/sql-injection-vulnerability-allowing-login-bypass-7f1de7d77a6a?source=rss------bug_bounty-5 | codingbolt | bug-bounty, sql-injection, bug-bounty-tips, bug-bounty-writeup, cybersecurity | 27-Sep-2024 |
SQL injection vulnerability in WHERE clause allowing retrieval of hidden data | https://medium.com/@codingbolt.in/sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-8ea2be5f13df?source=rss------bug_bounty-5 | codingbolt | bug-bounty-tips, bug-bounty-writeup, sql-injection, bugs, bug-bounty | 27-Sep-2024 |
NMAP Usage | https://medium.com/@mohanmecktro/nmap-usage-780a7f4ccdcc?source=rss------bug_bounty-5 | Mohan Mecktro | hacking-tools, nmap, bug-bounty, penetration-testing, kali | 27-Sep-2024 |
Web App Hacking Tips & Trick — Celah File Upload — Bagian 2 | https://medium.com/@mrp.bpp/web-app-hacking-tips-trick-celah-file-upload-bagian-2-fdc536d3045e?source=rss------bug_bounty-5 | Mada Perdhana | file-upload-vulnerability, bug-bounty, web-hacking, bug-bounty-tips, hacking | 27-Sep-2024 |
Cross-Site Request Forgery (CSRF): Understanding the Threat and How to Mitigate It | https://medium.com/@mrutunjayasenapati0/cross-site-request-forgery-csrf-understanding-the-threat-and-how-to-mitigate-it-fb5db007f13b?source=rss------bug_bounty-5 | Mrutunjaya Senapati | hunting, hacking, vulnerability, csrf, bug-bounty | 27-Sep-2024 |
5 Key Factors to Help You Choose the Best Bug Bounty Program on HackerOne | https://medium.com/@blackarazi/5-key-factors-to-help-you-choose-the-best-bug-bounty-program-on-hackerone-b27bb2159d07?source=rss------bug_bounty-5 | Azhari Harahap | bug-bounty-tips, hackerone, bug-bounty-program, bug-bounty | 27-Sep-2024 |
I Spent a Month on a Private Program and Earned $$$$$ | https://mokhansec.medium.com/i-spent-a-month-on-a-private-program-and-earned-c57b4c3d7dba?source=rss------bug_bounty-5 | Mohsin khan | bug-bounty-tips, bugs, bug-bounty | 27-Sep-2024 |
What is Bug Bounty | https://medium.com/@iabhipathak/what-is-bug-bounty-fc9fe6a73e16?source=rss------bug_bounty-5 | Abhinav Pathak | information-security, hacking, bug-bounty, security, cybersecurity | 27-Sep-2024 |
Unlocking Success: My Journey to Bypassing 2FA and Winning My First Bounty $800 | https://medium.com/@mihad0x1/unlocking-success-my-journey-to-bypassing-2fa-and-winning-my-first-bounty-800-c6e7654feea4?source=rss------bug_bounty-5 | mihad0x1 | hacking, security-research, bugbounty-writeup, bug-bounty, hacker | 27-Sep-2024 |
High vs. Low Severity Bugs: A Complete Guide to Bug Classification in Software and Cybersecurity | https://medium.com/@shoaibjamal663/classification-of-bugs-high-vs-low-severity-bugs-62ce16630ddf?source=rss------bug_bounty-5 | Muhammad Shoaib Jamal | software-development, bugs, risk-management, cybersecurity, bug-bounty | 27-Sep-2024 |
NoSQL Injection Attacks | https://medium.com/@majix_de/nosql-injection-attacks-1397fd366c28?source=rss------bug_bounty-5 | Majix | hacking, bug-bounty, penetration-testing, nosql, bug-bounty-tips | 27-Sep-2024 |
️ Information Disclosure Vulnerability: Exposing API Keys and Tokens in a Private Program | https://medium.com/@kumawatabhijeet2002/%EF%B8%8F-information-disclosure-vulnerability-exposing-api-keys-and-tokens-in-a-private-program-e06c4d110552?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, information-disclosure, vulnerability, bug-bounty-tips, pii-data | 27-Sep-2024 |
From Enumeration to Takeover: Crack the Code of Subdomain Vulnerabilities! | https://enigma96.medium.com/from-enumeration-to-takeover-crack-the-code-of-subdomain-vulnerabilities-4fea92cd0374?source=rss------bug_bounty-5 | enigma | bug-bounty-tips, pentesting, bug-bounty, bugs, hacking | 27-Sep-2024 |
How a Simple Exploit Can Lead to a $500 Bounty — Cache Deception | https://infosecwriteups.com/how-a-simple-exploit-can-lead-to-a-500-bounty-cache-deception-8da0583f6013?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, technology, bug-bounty, cybersecurity, careers | 27-Sep-2024 |
How I Found an Authentication Flaw in a Chat Feature | https://medium.com/@krishnast545/my-first-high-severity-bug-how-i-found-an-authentication-flaw-in-a-chat-feature-58fb0f939a4a?source=rss------bug_bounty-5 | Krishna | bugs, bug-bounty | 27-Sep-2024 |
Privilege Escalation on Amazon Linux (SageMaker) | https://medium.com/@rickconsole/privilege-escalation-on-amazon-linux-sagemaker-cf115042ea5f?source=rss------bug_bounty-5 | Rick Console | bug-bounty, cloud-computing, cybersecurity, aws, penetration-testing | 27-Sep-2024 |
Web App Hacking Tips & Trick — Celah File Upload — Bagian 3 | https://medium.com/@mrp.bpp/web-app-hacking-tips-trick-celah-file-upload-bagian-3-8ec192d1633b?source=rss------bug_bounty-5 | Mada Perdhana | hacking, bug-hunting, bug-bounty-tips, bug-bounty, file-upload-vulnerability | 27-Sep-2024 |
Web Cache Poisoning with Multiple Headers | https://medium.com/@rcxsecurity/web-cache-poisoning-with-multiple-headers-d4e27497288e?source=rss------bug_bounty-5 | Ryan G. Cox - The Cybersec Cafe | information-security, information-technology, penetration-testing, cybersecurity, bug-bounty | 27-Sep-2024 |
It’s not a bug. It really is a feature. | https://medium.com/@info_11548/its-not-a-bug-it-really-is-a-feature-b758f1454970?source=rss------bug_bounty-5 | Cloette Zager with FranGuardian Corporation | bug-bounty, features, featured, featured-stories, bugs | 27-Sep-2024 |
Vulnerability: Multiple Vulnerabilities in Linux CUPS (CVSS 9.9) | https://infosecwriteups.com/vulnerability-multiple-vulnerabilities-in-linux-cups-cvss-9-9-49dbdcd73cb0?source=rss------bug_bounty-5 | Ajay Naik | bug-bounty, vulnerability, rewards, information-security, cybersecurity | 27-Sep-2024 |
my first easy IDOR in a big company | https://medium.com/@malikirtizameg/my-first-easy-idor-in-a-big-company-104ee6c4a7ff?source=rss------bug_bounty-5 | bug bounty | bug-bounty-tips, cybersecurity, bug-bounty, hacking, ethical-hacking | 27-Sep-2024 |
Shodan Revealed: How to Discover Vulnerabilities Across the Web | https://medium.com/@RejuKole.com/shodan-revealed-how-to-discover-vulnerabilities-across-the-web-925a382bb9bd?source=rss------bug_bounty-5 | Reju Kole | bug-bounty, ethical-hacking, shodan, bug-bounty-tips, web | 27-Sep-2024 |
The Art of the Phantom Deposit: a study on vulnerabilities in crypto exchanges | https://medium.com/@silviosaturnowk/the-art-of-the-phantom-deposit-a-study-on-vulnerabilities-in-crypto-exchanges-3a356153bfe2?source=rss------bug_bounty-5 | Silvio Saturno | exploit, cybersecurity, bug-bounty, smart-contracts, solidity | 27-Sep-2024 |
How to install Subdominator & how to find subdomains using Subdominator !! | https://medium.com/@sherlock297/how-to-install-subdominator-how-to-find-subdomains-using-subdominator-fe9b48be2aea?source=rss------bug_bounty-5 | Ravindra Dagale | windows, tools, tutorial, bug-bounty, subdominator | 26-Sep-2024 |
10 Essential Blog Sites For Bug Bounty Hunters | https://medium.com/@RaunakGupta1922/10-essential-blog-sites-for-bug-bounty-hunters-8309cbbe3756?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | knowledge, learning, articles, hacking, bug-bounty | 26-Sep-2024 |
Deep Dive in Reconnaissance (Chapter 1 [part-1] — Root Domain Enumeration) | https://medium.com/@bitthr3at/deep-dive-in-reconnaissance-chapter-1-part-1-root-domain-enumeration-7ddfda1283fd?source=rss------bug_bounty-5 | Naman Gupta (Bitthr3at) | osint, appsec, recon, attack-surface-discovery, bug-bounty | 26-Sep-2024 |
Exploiting SMTP on Metasploitable 2: Unveiling the Power of Port 25 | https://medium.com/@thefellowhacker/exploiting-smtp-on-metasploitable-2-unveiling-the-power-of-port-25-4fab583855f8?source=rss------bug_bounty-5 | Taahir Mujawarr | hacker, hacking, cybersecurity, technology, bug-bounty | 26-Sep-2024 |
Cross-Site Scripting (XSS): Understanding and Mitigating a Common Web Vulnerability | https://medium.com/@mrutunjayasenapati0/cross-site-scripting-xss-understanding-and-mitigating-a-common-web-vulnerability-fe82824c24f5?source=rss------bug_bounty-5 | Mrutunjaya Senapati | hacking, hunting, xss-attack, vulnerability, bug-bounty | 26-Sep-2024 |
Story of Time Machines: Where Archived URLs and Juicy Information Handshake Each Other | https://medium.com/@security.tecno/story-of-time-machines-where-archived-urls-and-juicy-information-handshake-each-other-11efd831da46?source=rss------bug_bounty-5 | TECNO Security | security, bug-bounty, research, hacking | 26-Sep-2024 |
Vulnerable WordPress August 2024 (Museum of Ostad Bohtouni) | https://medium.com/@onhexgroup/vulnerable-wordpress-august-2024-museum-of-ostad-bohtouni-dad683a3ef15?source=rss------bug_bounty-5 | Onhexgroup | wordpress-security, wordpress, bug-bounty, info, cybersecurity | 26-Sep-2024 |
Top 7 Free Cybersecurity Tools Every Beginner Must Try Today! | https://medium.com/@paritoshblogs/top-7-free-cybersecurity-tools-every-beginner-must-try-today-44eea1aa91b8?source=rss------bug_bounty-5 | Paritosh | bug-bounty, hacking, projects, cybersecurity, free | 26-Sep-2024 |
Analyzing a Real HTTP Request Smuggling Attack. What Happened here? | https://medium.com/@rezauditore/analyzing-a-real-http-request-smuggling-attack-what-happened-here-19dbc6edf9a4?source=rss------bug_bounty-5 | rezauditore | pentesting, bug-bounty, ctf-writeup, lgbtq, tips | 26-Sep-2024 |
CVE-2024–45519 in Zimbra — Bounty 1000 USD | https://infosecwriteups.com/cve-2024-45519-in-zimbra-bounty-1000-usd-0304b2a813f3?source=rss------bug_bounty-5 | Ajay Naik | hacking, vulnerability, bug-bounty, rewards, cybersecurity | 26-Sep-2024 |
Mastering IDS: A Comprehensive Guide with Snort Implementation | https://medium.com/@hackeraakash2002/mastering-ids-a-comprehensive-guide-with-snort-implementation-4ccc8192a0cf?source=rss------bug_bounty-5 | HackwithAJ | network-security, bug-bounty, hacking, cyber-security-awareness, ids-ips | 26-Sep-2024 |
SSH Hacking: How to Exploit Port 22 Vulnerabilities for Penetration Testing | https://medium.com/@verylazytech/ssh-hacking-how-to-exploit-port-22-vulnerabilities-for-penetration-testing-601d257ee491?source=rss------bug_bounty-5 | Very Lazy Tech | cybersecurity, hacking, penetration-testing, bug-bounty, exploit | 26-Sep-2024 |
Bug bounty – Recon Tips for subdomain enumeration | https://medium.com/@tharunteja725_8686/bug-bounty-recon-tips-for-subdomain-enumeration-0b3d51ad1cc8?source=rss------bug_bounty-5 | Chidurala Tharun teja | bug-bounty-tips, bug-bounty-writeup, bug-bounty, cybersecurity, oscp | 26-Sep-2024 |
Akamai WAF Bypass Lead To Discover 30 XSS bugs | https://medium.com/@nagashygaballah/akamai-waf-bypass-lead-to-discover-30-xss-bugs-bea0f8be1dd4?source=rss------bug_bounty-5 | 111xNagashy | tips-and-tricks, cybersecurity, xss-attack, penetration-testing, bug-bounty | 26-Sep-2024 |
SUBDOMAIN ENUMERATION — BUGBOUNTY | https://medium.com/@tharunteja725_8686/subdomain-enumeration-bugbounty-2831b70ee735?source=rss------bug_bounty-5 | Chidurala Tharun teja | penetration-testing, bug-bounty, cybersecurity, oscp, bug-bounty-tips | 26-Sep-2024 |
Reflected XSS with event handlers and href attributes blocked | https://medium.com/@codingbolt.in/reflected-xss-with-event-handlers-and-href-attributes-blocked-b333eb18942e?source=rss------bug_bounty-5 | codingbolt | xss-attack, xss-vulnerability, cyberattack, cybersecurity, bug-bounty | 26-Sep-2024 |
Reflected XSS with AngularJS sandbox escape and CSP | https://medium.com/@codingbolt.in/reflected-xss-with-angularjs-sandbox-escape-and-csp-e68867138b6f?source=rss------bug_bounty-5 | codingbolt | xss-attack, cybersecurity, bug-bounty, cybercrime, bug-bounty-tips | 26-Sep-2024 |
Reflected XSS with AngularJS sandbox escape without strings | https://medium.com/@codingbolt.in/reflected-xss-with-angularjs-sandbox-escape-without-strings-e434c669ac56?source=rss------bug_bounty-5 | codingbolt | bug-bounty, xss-attack, cyberattack, cybersecurity, bug-bounty-tips | 26-Sep-2024 |
Exploiting XSS to perform CSRF | https://medium.com/@codingbolt.in/exploiting-xss-to-perform-csrf-1aac291690bd?source=rss------bug_bounty-5 | codingbolt | xss-attack, bug-bounty-writeup, bug-bounty-tips, bug-bounty, cybersecurity | 26-Sep-2024 |
How To Configure Metasploitable Machine To Hack? | Primary Hacking School #3 | https://medium.com/@nnface/how-to-configure-metasploitable-machine-to-hack-primary-hacking-school-3-083cd63c47cf?source=rss------bug_bounty-5 | NnFace | hacking-tools, hacking, bug-bounty, cybersecurity, kali-linux | 26-Sep-2024 |
White Hat vs Black Hat Hackers: What’s the Real Difference & Which One Are You? | https://codingrasi.medium.com/white-hat-vs-black-hat-hackers-whats-the-real-difference-which-one-are-you-f2c7327d77a7?source=rss------bug_bounty-5 | CodingRasi | youtube-creators, hacking, bug-bounty, ethical-hacking, hacker | 26-Sep-2024 |
Reflected XSS protected by CSP, with CSP bypass | https://medium.com/@codingbolt.in/reflected-xss-protected-by-csp-with-csp-bypass-58d46ec1fc71?source=rss------bug_bounty-5 | codingbolt | xss-attack, xss-vulnerability, bug-bounty, bug-bounty-tips, cybersecurity | 26-Sep-2024 |
Reflected XSS protected by very strict CSP, with dangling markup attack | https://medium.com/@codingbolt.in/reflected-xss-protected-by-very-strict-csp-with-dangling-markup-attack-029d16b86163?source=rss------bug_bounty-5 | codingbolt | xss-vulnerability, xss-attack, bug-bounty-tips, bug-bounty, cybersecurity | 26-Sep-2024 |
SSRF Simplified (OWASP 2021-A10) | https://medium.com/@kannnannmk/ssrf-simplified-owasp-2021-a10-62586a3468f4?source=rss------bug_bounty-5 | Neelamegha Kannan S | penetration-testing, vulnerability, cybersecurity, bug-bounty, information-security | 26-Sep-2024 |
Reflected XSS in a JavaScript URL with some characters blocked | https://medium.com/@codingbolt.in/reflected-xss-in-a-javascript-url-with-some-characters-blocked-7decfa413c79?source=rss------bug_bounty-5 | codingbolt | bug-bounty-tips, cybersecurity, bugs, xss-attack, bug-bounty | 26-Sep-2024 |
Finding subdomains using security trails api key | https://osintteam.blog/finding-subdomains-using-security-trails-api-key-8b45d5a4629e?source=rss------bug_bounty-5 | loyalonlytoday | penetration-testing, hacking, bug-bounty-tips, cybersecurity, bug-bounty | 26-Sep-2024 |
IDORS — leaking 1.5 crore user details | https://medium.com/@nireshpandian19/idors-leaking-1-5-crore-user-details-5bbc3b9368e2?source=rss------bug_bounty-5 | JAI NIRESH J | bug-bounty, idor-vulnerability, ethical-hacking, idor, cybersecurity | 25-Sep-2024 |
Exploring the Role of Port Scanning in Bug Bounty Hunting | https://bevijaygupta.medium.com/exploring-the-role-of-port-scanning-in-bug-bounty-hunting-169a1d723bb0?source=rss------bug_bounty-5 | Vijay Gupta | port-scanning, bug-bounty, bugs, bug-bounty-writeup, bug-bounty-tips | 25-Sep-2024 |
My First Easy IDOR: A Simple Guide to Understanding Insecure Direct Object References | https://medium.com/@Alireza.salmani/my-first-easy-idor-a-simple-guide-to-understanding-insecure-direct-object-references-8b48aa1da8ea?source=rss------bug_bounty-5 | Alireza Salmani | bug-bounty, access-control, ethical-hacking, web-application-security, cybersecurity | 25-Sep-2024 |
Golang edge case: when “defer” will never work out in your code | https://waclawthedev.medium.com/golang-edge-case-when-defer-will-never-work-out-in-your-code-f783518679e9?source=rss------bug_bounty-5 | Wacław The Developer | golang, bug-bounty, defer, go, backend | 25-Sep-2024 |
Finding a p4 as per bugcrowd vrt | https://medium.com/@loyalonlytoday/finding-a-p4-as-per-bugcrowd-vrt-9f08278a75ae?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, penetration-testing, web-hacking, bugbounty-writeup, bugs | 25-Sep-2024 |
How I Discovered DOM XSS by Analyzing Javascript Code | https://medium.com/@fajarsylvana/how-i-discovered-dom-xss-by-analyzing-javascript-code-6fa57c680a0e?source=rss------bug_bounty-5 | Fajar Sylvana | pentesting, bug-bounty-tips, hacking, penetration-testing, bug-bounty | 25-Sep-2024 |
FTP Hacking: How to Exploit Port 21 Vulnerabilities for Penetration Testing | https://medium.com/@verylazytech/ftp-hacking-how-to-exploit-port-21-vulnerabilities-for-penetration-testing-bbd65e2238da?source=rss------bug_bounty-5 | Very Lazy Tech | network-security, ethical-hacking, bug-bounty, cybersecurity, penetration-testing | 25-Sep-2024 |
Cracking the Code: How I Took Over Admin Accounts Across Organizations | https://medium.com/@ismailsaid1603/cracking-the-code-how-i-took-over-admin-accounts-across-organizations-5d135ba152b4?source=rss------bug_bounty-5 | Esmail Saied (0xSp1DeR) | tips-and-tricks, hackerone, bugcrowd, bugbounty-writeup, bug-bounty | 25-Sep-2024 |
How I proved impact with Google Map API Key | https://r0b0ts.medium.com/how-i-proved-impact-with-google-map-api-key-7aa801616abb?source=rss------bug_bounty-5 | r0b0ts | bug-bounty-writeup, bug-bounty-tips, bugbounty-writeup, bug-bounty, bug-bounty-hunter | 25-Sep-2024 |
website leaking otp in inspect elemet | https://osintteam.blog/website-leaking-otp-in-inspect-elemet-8da71ae4004d?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, hacking, bugbounty-writeup, bug-bounty-tips, penetration-testing | 25-Sep-2024 |
Reflected XSS into a JavaScript string with single quote and backslash escaped | https://medium.com/@codingbolt.in/reflected-xss-into-a-javascript-string-with-single-quote-and-backslash-escaped-621b6a187f04?source=rss------bug_bounty-5 | codingbolt | bugs, bug-bounty-tips, xss-attack, bug-bounty, xss-vulnerability | 25-Sep-2024 |
Reflected XSS in canonical link tag | https://medium.com/@codingbolt.in/reflected-xss-in-canonical-link-tag-c4902808a6e7?source=rss------bug_bounty-5 | codingbolt | xss-attack, bug-hunting, bug-bounty, bug-bounty-tips, bugs | 25-Sep-2024 |
Kerentanan Kritis : Bypass Autentikasi (CVE-2024–7593) pada Ivanti vTM: Penjelasan dan Tindakan… | https://medium.com/@mrp.bpp/kerentanan-bypass-autentikasi-kritis-cve-2024-7593-pada-ivanti-vtm-penjelasan-dan-tindakan-77d159f53199?source=rss------bug_bounty-5 | Mada Perdhana | bug-bounty, hacking, ivanti-service-manager, exploit, 0-day-attacks | 25-Sep-2024 |
Eksfiltrasi Data Menggunakan Komunikasi DNS (Out-of-Band) | https://medium.com/@mrp.bpp/eksfiltrasi-data-menggunakan-komunikas-idns-out-of-band-7932a1ab335f?source=rss------bug_bounty-5 | Mada Perdhana | oob, bug-bounty, bug-bounty-tips, hacking | 25-Sep-2024 |
Exploiting cross-site scripting to steal cookies | https://medium.com/@codingbolt.in/exploiting-cross-site-scripting-to-steal-cookies-8f57e316e8d3?source=rss------bug_bounty-5 | codingbolt | bug-bounty-tips, xss-attack, xss-vulnerability, cookies, bug-bounty | 25-Sep-2024 |
Understanding Common Web Vulnerabilities: A Guide for Beginners | https://medium.com/@mrutunjayasenapati0/understanding-common-web-vulnerabilities-a-guide-for-beginners-398e8987cc4f?source=rss------bug_bounty-5 | Mrutunjaya Senapati | beginner, bug-bounty, vulnerability, beginners-guide, guides-and-tutorials | 25-Sep-2024 |
Reflected XSS into a template literal with angle brackets, single, double quotes, backslash and… | https://medium.com/@codingbolt.in/reflected-xss-into-a-template-literal-with-angle-brackets-single-double-quotes-backslash-and-5acbbd9f2631?source=rss------bug_bounty-5 | codingbolt | bug-bounty, bug-bounty-writeup, bug-bounty-tips, xss-attack | 25-Sep-2024 |
Stored XSS into onclick event with angle brackets and double quotes HTML-encoded and single quotes… | https://medium.com/@codingbolt.in/stored-xss-into-onclick-event-with-angle-brackets-and-double-quotes-html-encoded-and-single-quotes-9af43308602b?source=rss------bug_bounty-5 | codingbolt | bug-bounty-tips, bug-bounty, xss-vulnerability, bugs, xss-attack | 25-Sep-2024 |
Reflected XSS into a JavaScript string with angle brackets and double quotes HTML-encoded and… | https://medium.com/@codingbolt.in/reflected-xss-into-a-javascript-string-with-angle-brackets-and-double-quotes-html-encoded-and-e1ad9b482189?source=rss------bug_bounty-5 | codingbolt | bug-bounty-tips, xss-attack, xss-vulnerability, bugs, bug-bounty | 25-Sep-2024 |
Skrip Otomatisasi XSS (Cross-Site Scripting) | https://medium.com/@mrp.bpp/skrip-otomatisasi-xss-cross-site-scripting-6b6064da0408?source=rss------bug_bounty-5 | Mada Perdhana | bug-bounty, xss-attack, tools, hacking, bug-bounty-tips | 25-Sep-2024 |
How to Create a Fun, Engaging, and Long-Lasting Bug Bounty Program for Your Community | https://medium.com/@GrowthKingdom/how-to-create-a-fun-engaging-and-long-lasting-bug-bounty-program-for-your-community-f67da7fb230a?source=rss------bug_bounty-5 | Growth Kingdom | dapps, blockchain, web3, crypto, bug-bounty | 25-Sep-2024 |
Understanding SQL Injection: A Deep Dive into One of the Most Common Web Vulnerabilities | https://medium.com/@mrutunjayasenapati0/understanding-sql-injection-a-deep-dive-into-one-of-the-most-common-web-vulnerabilities-2c5d031180c6?source=rss------bug_bounty-5 | Mrutunjaya Senapati | sql-injection, hacking, injection, bug-bounty, sql | 25-Sep-2024 |
How Bug Bounties Strengthen Defenses -InITScienceAI | https://medium.com/@initscienceaiandlooklivenews/how-bug-bounties-strengthen-defenses-initscienceai-c727d3b8a2d3?source=rss------bug_bounty-5 | InITScienceAi | bug-bounty-tips, bugs, bugbounting, bug-bounty, bug-bounty-hunter | 24-Sep-2024 |
Advanced Port Scanning Techniques for Bug Bounty Programs | https://bevijaygupta.medium.com/advanced-port-scanning-techniques-for-bug-bounty-programs-fd22a049ed37?source=rss------bug_bounty-5 | Vijay Gupta | bugs, bug-bounty, bug-bounty-tips, port-scanning, bug-zero | 24-Sep-2024 |
test:test not Part 2 | https://medium.com/@bxrowski0x/test-test-not-part-2-492fb030c8c2?source=rss------bug_bounty-5 | Omar ElSayed | bug-bounty, keycloak, bug-bounty-tips, bug-bounty-writeup, cybersecurity | 24-Sep-2024 |
Unlocking Web3 Success: Why Code4rena & Codehawk Are the Ultimate Bug Bounty Platforms for Newbies | https://medium.com/@firmanregar/unlocking-web3-success-why-code4rena-codehawk-are-the-ultimate-bug-bounty-platforms-for-newbies-c1c041117934?source=rss------bug_bounty-5 | Firman Siregar | bug-bounty, smart-contract-security | 24-Sep-2024 |
Mastering Subdomain Takeover | https://medium.com/@verylazytech/mastering-subdomain-takeover-48d9b9d593a9?source=rss------bug_bounty-5 | Very Lazy Tech | subdomain-takeover, cybersecurity, bug-bounty, subdomain, hacking | 24-Sep-2024 |
DOM XSS in AngularJS expression with angle brackets and double quotes HTML-encoded | https://medium.com/@codingbolt.in/dom-xss-in-angularjs-expression-with-angle-brackets-and-double-quotes-html-encoded-51f3b873d180?source=rss------bug_bounty-5 | codingbolt | hacking, web-hacking, bug-bounty, xss-attack, xss-vulnerability | 24-Sep-2024 |
DOM XSS in document.write sink using source location.search inside a select element | https://medium.com/@codingbolt.in/dom-xss-in-document-write-sink-using-source-location-search-inside-a-select-element-80223838d4af?source=rss------bug_bounty-5 | codingbolt | xss-attack, xss-vulnerability, bug-bounty, hacking, bugs | 24-Sep-2024 |
What Are Bugs in Cybersecurity? Understanding the Basics | https://medium.com/@shoaibjamal663/what-are-bugs-in-cybersecurity-understanding-the-basics-84f2f9ef7304?source=rss------bug_bounty-5 | Muhammad Shoaib Jamal | bugs, cybersecurity, vulnerability, bug-bounty, bug-bounty-tips | 24-Sep-2024 |
Price Tampering | Buying course at ₹1! | https://medium.com/@anchalrajawat009/price-tampering-buying-course-at-1-09759112e9a4?source=rss------bug_bounty-5 | Aanchal Singh Rajawat | bug-bounty, business-logic-flaw, hacking | 24-Sep-2024 |
$1500-P1-Business logic/Failed Defense Vulnerability | https://itsravikiran25.medium.com/1500-p1-business-logic-failed-defense-vulnerability-0b1915aca994?source=rss------bug_bounty-5 | ravikiraN | infosec, cybersecurity, bug-bounty, hacking, bugbounty-tips | 24-Sep-2024 |
Panduan Bagi Pemula untuk Memasuki Dunia Bug Bounty | https://medium.com/@mrp.bpp/panduan-bagi-pemula-untuk-memasuki-dunia-bug-bounty-bba812d0f680?source=rss------bug_bounty-5 | Mada Perdhana | bug-bounty-writeup, bug-bounty, bug-bounty-tips, bug-bounty-hunter, panduan-pemula | 24-Sep-2024 |
Going Crazy with Farming VDPs: Extplorer Admin Panel Bypass & Remote Code Execution (RCE) | https://infosecwriteups.com/going-crazy-with-farming-vdps-extplorer-admin-panel-bypass-remote-code-execution-rce-ed6ae27bbce9?source=rss------bug_bounty-5 | YoungVanda | infosec, technology, cybersecurity, hacking, bug-bounty | 24-Sep-2024 |
Unlock the Hidden Doors of the Android World: Legendary Recon Tools for Bug Bounty! | https://medium.com/@rootspaghetti/unlock-the-hidden-doors-of-the-android-world-legendary-recon-tools-for-bug-bounty-9065e3aa6268?source=rss------bug_bounty-5 | Root@Spaghetti | bug-bounty, bug-bounty-tips | 24-Sep-2024 |
An IDOR leads to leak users details | https://medium.com/@mohameddiv77/an-idor-leads-to-leak-users-details-b54a2280e0f9?source=rss------bug_bounty-5 | Mohamed Ibrahim | bug-bounty-tips, bug-bounty | 24-Sep-2024 |
diffrent types of burpsuite extenstions for bughunting | https://medium.com/@loyalonlytoday/diffrent-types-of-burpsuite-extenstions-for-bughunting-d411b3d002e1?source=rss------bug_bounty-5 | loyalonlytoday | hacking, bugs, bug-bounty-tips, bug-bounty, burpsuite | 24-Sep-2024 |
Reflected XSS with some SVG markup allowed | https://medium.com/@codingbolt.in/reflected-xss-with-some-svg-markup-allowed-e7aafbf02378?source=rss------bug_bounty-5 | codingbolt | xss-attack, xss-vulnerability, ethical-hacking, bug-bounty, cybersecurity | 24-Sep-2024 |
Reflected XSS into HTML context with most tags and attributes blocked | https://medium.com/@codingbolt.in/reflected-xss-into-html-context-with-most-tags-and-attributes-blocked-0bb80ac37064?source=rss------bug_bounty-5 | codingbolt | bug-bounty, xss-attack, bug-bounty-tips, xss-vulnerability, bug-bounty-writeup | 24-Sep-2024 |
$1500-P1-Business logic/Failed Defense Vulnerability | https://itsravikiran25.medium.com/1500-p1-business-logic-failed-defense-vulnerability-0b1915aca994?source=rss------bug_bounty-5 | r@v!k!r@n | cybersecurity, bug-bounty, hacking, infosec-write-ups, bugbounty-tips | 24-Sep-2024 |
Mendapatkan Akses SMTP Melalui Celah SQL Injection | https://rdnzx.medium.com/mendapatkan-akses-smtp-melalui-celah-sql-injection-f6d593fcad5e?source=rss------bug_bounty-5 | Radian ID | cybersecurity, bug-bounty, sql-injection, bug-bounty-writeup, bug-bounty-tips | 24-Sep-2024 |
You Won’t Find Any Vulnerabilities Without This Technique: Get Your First Bug Bounty | https://medium.com/@shaikhminhaz1975/you-wont-find-any-vulnerabilities-without-this-technique-get-your-first-bug-bounty-dee2af93e607?source=rss------bug_bounty-5 | Shaikh Minhaz | cybersecurity, red-team, penetration-testing, vulnerability, bug-bounty | 23-Sep-2024 |
Master the subdomain hunting Part 2 | https://infosecwriteups.com/master-the-subdomain-hunting-part-2-dea0ee035019?source=rss------bug_bounty-5 | ʏᴀꜱʜʜ | 2fa, subdomain, bug-bounty-tips, bugs, bug-bounty | 23-Sep-2024 |
Automate Bug Hunting With This Tool | https://medium.com/@josuofficial327/automate-bug-hunting-with-this-tool-68dfbbaaa0b1?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | cybersecurity, info-sec-writeups, ethical-hacking, bug-bounty, bug-bounty-hunter | 23-Sep-2024 |
From Developer to Hacker: Breaking into GraphQL | https://medium.com/@jonathanmondaut/from-developer-to-hacker-breaking-into-graphql-6083c80b4588?source=rss------bug_bounty-5 | Jonathan Mondaut | bug-bounty, graphql, hacker, hacking, technology | 23-Sep-2024 |
Unlocking Bug Bounties: The Power of Port Scanning | https://bevijaygupta.medium.com/unlocking-bug-bounties-the-power-of-port-scanning-ebca71c898a7?source=rss------bug_bounty-5 | Vijay Gupta | port-scanning, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bugs | 23-Sep-2024 |
Best Platforms to Learn for Becoming a Pentester or Bug Bounty Hunter | https://rendiero.medium.com/best-platforms-to-learn-for-becoming-a-pentester-or-bug-bounty-hunter-6c6aa8cbdd64?source=rss------bug_bounty-5 | Rendiero | bug-bounty, penetration-testing, hacker, learning, resources | 23-Sep-2024 |
RXSS with My Approach | https://medium.com/@nomad8061/rxss-with-my-approach-c9a989d3ba0b?source=rss------bug_bounty-5 | Ahmed Badry | bug-bounty-tips, bug-bounty-writeup, bug-zero, bugs, bug-bounty | 23-Sep-2024 |
From CORS Misconfiguration to Account Takeover | https://medium.com/@majix_de/from-cors-misconfiguration-to-account-takeover-1231f263a90e?source=rss------bug_bounty-5 | Majix | bug-bounty-tips, bug-bounty, hacking, penetration-testing, programming | 23-Sep-2024 |
Unauthenticated API Endpoint to Create Support Ticket Worth $500 | https://vijetareigns.medium.com/unauthenticated-api-endpoint-to-create-support-ticket-worth-500-789e91ad9a00?source=rss------bug_bounty-5 | the_unlucky_guy | bug-bounty, cybersecurity, bug-bounty-tips, bugbounty-writeup, bug-bounty-writeup | 23-Sep-2024 |
DOM XSS using Web Messages and a JavaScript URL | https://medium.com/@rcxsecurity/dom-xss-using-web-messages-and-a-javascript-url-dcced7fa4195?source=rss------bug_bounty-5 | Ryan G. Cox - The Cybersec Cafe | information-technology, information-security, cybersecurity, penetration-testing, bug-bounty | 23-Sep-2024 |
Uncovering a Stored XSS Vulnerability on Drugs.com | https://medium.com/@regan_temudo/uncovering-a-stored-xss-vulnerability-on-drugs-com-1748ccbecc16?source=rss------bug_bounty-5 | Regan Temudo | cross-site-scripting, bug-bounty, xx, cybersecurity, stored-xxs | 23-Sep-2024 |
How to Guide to SQL Injection Testing: Manual Testing Techniques and SQLMap Usage | https://medium.com/@mustafa_kamal/how-to-guide-to-sql-injection-testing-manual-testing-techniques-and-sqlmap-usage-5e45046b07bf?source=rss------bug_bounty-5 | Mustafa Khan | sql, hacking, bug-bounty, sql-injection, sqlmap | 23-Sep-2024 |
finding a easy p4 | https://medium.com/@loyalonlytoday/finding-a-easy-p4-08272e48f778?source=rss------bug_bounty-5 | loyalonlytoday | bugs, penetration-testing, bug-bounty, bugbounty-writeup, bug-bounty-tips | 23-Sep-2024 |
Bypassing restrictions using special characters | https://medium.com/@youssefmoner2022/bypassing-restrictions-using-special-characters-8f11af75d278?source=rss------bug_bounty-5 | Youssefmoner | bug-bounty, hacking, vulnerability | 23-Sep-2024 |
Turning a Closed Bug Report into $650: The Art of Demonstrating Impact! | https://hasanka-amarasinghe.medium.com/turning-a-closed-bug-report-into-650-the-art-of-demonstrating-impact-730a3df78df8?source=rss------bug_bounty-5 | Hasanka Amarasinghe | bugbounty-writeup, salesforce, bug-bounty, infosec, cybersecurity | 23-Sep-2024 |
Cross-Site-Scripting (XSS): Understanding and Mitigating Web Vulnerabilities | https://medium.com/@RejuKole.com/cross-site-scripting-xss-understanding-and-mitigating-web-vulnerabilities-b2b5a2c606fc?source=rss------bug_bounty-5 | Reju Kole | bug-bounty-tips, bug-bounty, web, xss-attack, xss-vulnerability | 23-Sep-2024 |
Reflected XSS into a JavaScript string with angle brackets HTML encoded | https://medium.com/@codingbolt.in/reflected-xss-into-a-javascript-string-with-angle-brackets-html-encoded-b9b60f4b2823?source=rss------bug_bounty-5 | codingbolt | xss-attack, bug-bounty, bugs, xss-vulnerability, bug-bounty-tips | 23-Sep-2024 |
Stored XSS into anchor href attribute with double quotes HTML-encoded | https://medium.com/@codingbolt.in/stored-xss-into-anchor-href-attribute-with-double-quotes-html-encoded-9f384d27aa95?source=rss------bug_bounty-5 | codingbolt | bug-bounty-tips, bugs, bug-bounty, xss-attack, xss-vulnerability | 23-Sep-2024 |
750$ in 5 Minutes - XXE to LFI | https://skramthu.medium.com/750-in-5-minutes-xxe-to-lfi-897bca9c304c?source=rss------bug_bounty-5 | Ram | hackerone, money, security, bug-bounty, infosec | 23-Sep-2024 |
How to Guide SQL Injection: Manual Testing Techniques and SQLMap Usage | https://medium.com/@mustafa_kamal/how-to-guide-to-sql-injection-testing-manual-testing-techniques-and-sqlmap-usage-5e45046b07bf?source=rss------bug_bounty-5 | Mustafa Khan | sql, hacking, bug-bounty, sql-injection, sqlmap | 23-Sep-2024 |
When a Session Token Isn’t Enough, A Full Account Takeover Story | https://medium.com/@ahmedramadan.ar16148/when-a-session-token-isnt-enough-a-full-account-takeover-story-cf99421bb1e3?source=rss------bug_bounty-5 | Ahmed Ramadan | oauth2, oauth, penetration-testing, authentication, bug-bounty | 23-Sep-2024 |
Hacking The butler — Jenkins hacking 101 | https://thexssrat.medium.com/hacking-the-butler-jenkins-hacking-101-e437ed557460?source=rss------bug_bounty-5 | Thexssrat | hacks, bug-bounty, hacking, jenkins | 23-Sep-2024 |
P4 bug’s and their POC steps | Part 4 | https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-4-fd81b91fd368?source=rss------bug_bounty-5 | socalledhacker | bugs, web-security, infosec, bug-bounty, cybersecurity | 23-Sep-2024 |
TECNO Security Response Center 3rd Anniversary | Safeguarding Product Security, Grateful for Our… | https://medium.com/@security.tecno/tecno-security-response-center-3rd-anniversary-safeguarding-product-security-grateful-for-our-550016adce10?source=rss------bug_bounty-5 | TECNO Security | birthday, security, hacking, bug-bounty | 22-Sep-2024 |
Practical Incident Response: A Step-by-Step Guide | https://medium.com/@paritoshblogs/practical-incident-response-a-step-by-step-guide-290dadca6e2d?source=rss------bug_bounty-5 | Paritosh | information-technology, incident-response, cybersecurity, bug-bounty, ai | 22-Sep-2024 |
5 unique Lesser-known methods to find vulnerabilities for bug bounty hunters | https://harish45.medium.com/5-unique-lesser-known-methods-to-find-vulnerabilities-for-bug-bounty-hunters-03799e73c153?source=rss------bug_bounty-5 | Harish | cybersecurity, bug-bounty, bug-bounty-tips, ethical-hacking, hackerrank | 22-Sep-2024 |
Port Scanning Tactics to Boost Your Bug Bounty Success | https://bevijaygupta.medium.com/port-scanning-tactics-to-boost-your-bug-bounty-success-5d46191fa92e?source=rss------bug_bounty-5 | Vijay Gupta | bugs, bug-bounty-tips, bug-bounty, tactics, port-scanning | 22-Sep-2024 |
How I Leveraged Open Redirect to Account Takeover | https://medium.com/@abdelrahman0x01/how-i-leveraged-open-redirect-to-account-takeover-b0ff213d23dc?source=rss------bug_bounty-5 | Abdelrahman0x01 | cyberattack, account-takeover, penetration-testing, cybersecurity, bug-bounty | 22-Sep-2024 |
Finding emails for this issue. Finding a easy bug to get a easy $$$ | https://medium.com/@loyalonlytoday/finding-emails-for-this-issue-finding-a-easy-bug-to-get-a-easy-5bc4cd00d112?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, penetration-testing, bugbounty-writeup, hacking, bug-bounty-tips | 22-Sep-2024 |
How i got 250 euro bounty | https://doordiefordream.medium.com/how-i-got-250-euro-bounty-9e523fdf807d?source=rss------bug_bounty-5 | cybersecurity researcher | bug-bounty, bugs, cybersecurity, ethical-hacking | 22-Sep-2024 |
How I Discovered an Account Takeover from a Reset Password Vulnerability | https://medium.com/@bountyget/how-i-discovered-an-account-takeover-from-a-reset-password-vulnerability-aa39fe0896b5?source=rss------bug_bounty-5 | Dhiren Kumar Pradhan | cybersecurity, infosec, bug-bounty-writeup, bug-bounty-tips, bug-bounty | 22-Sep-2024 |
From Simple File Import to Full Server Exposure: The Power of SSRF Exploitation | https://medium.com/@tusharpuri6/from-simple-file-import-to-full-server-exposure-the-power-of-ssrf-exploitation-64ee925e54dc?source=rss------bug_bounty-5 | Tusharpuri | infosec, bug-bounty, penetration-testing, offensive-security, application-security | 22-Sep-2024 |
5 unique Lesser-known methods to find vulnerabilities for bug bounty hunters | https://osintteam.blog/5-unique-lesser-known-methods-to-find-vulnerabilities-for-bug-bounty-hunters-03799e73c153?source=rss------bug_bounty-5 | Harish | cybersecurity, bug-bounty, bug-bounty-tips, ethical-hacking, hackerrank | 22-Sep-2024 |
How I was decrypting the traffic and getting from low privilege user to full admin access | https://sadc0d3r.medium.com/how-i-was-decrypting-the-traffic-and-getting-from-low-privilege-user-to-full-admin-access-6a2f3b743ac5?source=rss------bug_bounty-5 | Ahmed Rabeaa Mosaa (SadC0d3r) | penetration-test, penetration-testing, cybersecurity, web-attack, bug-bounty | 22-Sep-2024 |
How I Hacked Into a Nationwide University Database System Exposing Thousands of Student Records | https://1-day.medium.com/how-i-hacked-into-a-nationwide-university-database-system-exposing-thousands-of-student-records-65dce4e4ee23?source=rss------bug_bounty-5 | 1day | bug-bounty-writeup, penetration-testing, writeup, hacking, bug-bounty | 22-Sep-2024 |
Join any project = Critical | https://medium.com/@etfchg18/join-any-project-critical-b3625d09876e?source=rss------bug_bounty-5 | iiiwaleed | bug-bounty, web-security, bug-bounty-tips | 22-Sep-2024 |
Top 3 subdomain takeovers | https://infosecwriteups.com/top-3-subdomain-takeovers-ea51ecd911fd?source=rss------bug_bounty-5 | Hicham Almakroudi | ethical-hacking, hackerone, subdomain-takeover, bug-report, bug-bounty | 22-Sep-2024 |
#1 Bug Hunting: Subdomain Enumeration — Explained | https://infosecwriteups.com/1-bug-hunting-subdomain-enumeration-explained-389e6fcb3f62?source=rss------bug_bounty-5 | Om Maniya | cybersecurity, enumeration, bug-bounty, programming, bug-bounty-tips | 21-Sep-2024 |
Understanding Insecure Deserialization | https://medium.com/@kannnannmk/understanding-insecure-deserialization-faea7bc5ff5e?source=rss------bug_bounty-5 | Neelamegha Kannan S | bug-bounty, insecure-deserialization, bug-bounty-tips, cybersecurity, penetration-testing | 21-Sep-2024 |
Mastering Port Scanning for Bug Bounty Hunters | https://bevijaygupta.medium.com/mastering-port-scanning-for-bug-bounty-hunters-226c8d007023?source=rss------bug_bounty-5 | Vijay Gupta | port-scanning, bug-bounty-tips, bug-bounty, bugs, port-scan | 21-Sep-2024 |
Email Injection | Unseen Threat | https://medium.com/@abolfazl.vaziri/email-injection-unseen-threat-6db7e32ab656?source=rss------bug_bounty-5 | Abolfazl Vaziri | email, email-attack, bug-bounty, hacking, email-injection | 21-Sep-2024 |
My First CVE: A Dream Realized | https://medium.com/@mAd13/my-first-cve-a-dream-realized-8bad3ede900a?source=rss------bug_bounty-5 | Makwana Abhik | hacking, cve, cybersecurity, cve-2024-8042, bug-bounty | 21-Sep-2024 |
DOM-based XSS: Exploiting `document.write` with `location.search` | https://medium.com/@codingbolt.in/dom-based-xss-exploiting-document-write-with-location-search-b5276b34b51b?source=rss------bug_bounty-5 | Coding Bolt | xss-attack, bug-bounty, xss-vulnerability, bug-hunting, bugs | 21-Sep-2024 |
Some Token Leak Can Lead to Disclose a Lot of Users’ Personal Data | https://r0b0ts.medium.com/some-token-leak-can-lead-to-disclose-a-lot-of-users-personal-data-6b5b7748ccec?source=rss------bug_bounty-5 | r0b0ts | bug-bounty-writeup, pentesting, bug-bounty, web-security, bug-bounty-tips | 21-Sep-2024 |
500$: Open Redirect Vulnerability | https://medium.com/@a13h1/500-open-redirect-vulnerability-9cc9fd4d9b7b?source=rss------bug_bounty-5 | Abhi Sharma | programming, cybersecurity, open-redirect, infosec, bug-bounty | 21-Sep-2024 |
My First CVE: A Dream Realized | https://medium.com/@mAd13/my-first-cve-a-dream-realized-8bad3ede900a?source=rss------bug_bounty-5 | Abhik Makwana | hacking, cve, cybersecurity, cve-2024-8042, bug-bounty | 21-Sep-2024 |
Simple IDOR vulnerability can lead to leak Email address of all users | https://r0b0ts.medium.com/simple-idor-vulnerability-can-lead-to-leak-email-address-of-all-users-055ada3ba3fc?source=rss------bug_bounty-5 | r0b0ts | bug-bounty, bug-bounty-tips, bug-bounty-writeup, web-security, pentesting | 21-Sep-2024 |
How Hackers Crack Active Directory Passwords and Exploit MFA : Are You Next? | https://medium.com/@paritoshblogs/how-hackers-crack-active-directory-passwords-and-exploit-mfa-are-you-next-11cfdd0feb20?source=rss------bug_bounty-5 | Paritosh | chatgpt, active-directory, hacking, bug-bounty, cybersecurity | 21-Sep-2024 |
Welcome to My Cybersecurity Journey | https://medium.com/@mrutunjayasenapati0/welcome-to-my-cybersecurity-journey-e795aebd096d?source=rss------bug_bounty-5 | Mrutunjaya Senapati | ethical-hacking, bugs, bug-bounty, bug-bounty-tips, cybersecurity | 21-Sep-2024 |
DOM-based XSS: Exploiting `document.write` with `location.search` | https://medium.com/@codingbolt.in/dom-based-xss-exploiting-document-write-with-location-search-b5276b34b51b?source=rss------bug_bounty-5 | codingbolt | xss-attack, bug-bounty, xss-vulnerability, bug-hunting, bugs | 21-Sep-2024 |
Reflected XSS into Attribute with HTML-Encoded | https://medium.com/@codingbolt.in/reflected-xss-into-attribute-with-html-encoded-ffe97e2c1439?source=rss------bug_bounty-5 | codingbolt | bugs, xss-vulnerability, xss-attack, bug-bounty, cybersecurity | 21-Sep-2024 |
Taking ffuf Fuzzing Further | https://medium.com/@learntheshell/taking-ffuf-fuzzing-further-016be44d0b07?source=rss------bug_bounty-5 | LearnTheShell | bug-bounty, hacking, ffuf, bug-bounty-tips, fuzzing | 21-Sep-2024 |
Finding a easy Bug | https://medium.com/@loyalonlytoday/finding-a-easy-bug-caed2e199b1d?source=rss------bug_bounty-5 | loyalonlytoday | penetration-testing, hacking, bug-bounty, bug-bounty-tips, bugbounty-writeup | 21-Sep-2024 |
DOM XSS in jQuery: The Danger of `href` Attribute with `location.search` Source | https://medium.com/@codingbolt.in/dom-xss-in-jquery-the-danger-of-href-attribute-with-location-search-source-b2d883cbec59?source=rss------bug_bounty-5 | codingbolt | bug-hunting, bug-bounty, xss-attack, bug-bounty-tips, bugs | 21-Sep-2024 |
DOM-based XSS: The Case of `innerHTML` and `location.search` | https://medium.com/@codingbolt.in/dom-based-xss-the-case-of-innerhtml-and-location-search-373c47866c56?source=rss------bug_bounty-5 | codingbolt | bug-bounty, bug-bounty-writeup, xss-vulnerability, xss-attack, bug-bounty-tips | 21-Sep-2024 |
Accessing full history of Firepad users. | https://medium.com/@adityaahuja.work/accessing-full-history-of-firepad-users-ddc889e73936?source=rss------bug_bounty-5 | Aditya Ahuja | owasp-top-10, cybersecurity, bug-bounty, information-disclosure, cyber-awareness | 21-Sep-2024 |
test:test type of bug | https://medium.com/@bxrowski0x/test-test-type-of-bug-cfb352d9bf85?source=rss------bug_bounty-5 | Omar ElSayed | bug-bounty, cybersecurity, keycloak, bug-bounty-writeup, bug-bounty-tips | 21-Sep-2024 |
XSS via Cookie Injection: A Deep Dive into the Discovery | https://medium.com/@ayushkr99732/xss-via-cookie-injection-a-deep-dive-into-the-discovery-9ef70e22eceb?source=rss------bug_bounty-5 | Ayushkr | pentesting, cross-site-scripting, bug-bounty, cookie-injection | 21-Sep-2024 |
Persistent XSS via Cookie Injection: A Deep Dive into the Discovery | https://medium.com/@ayushkr99732/xss-via-cookie-injection-a-deep-dive-into-the-discovery-9ef70e22eceb?source=rss------bug_bounty-5 | Ayushkr | pentesting, cross-site-scripting, bug-bounty, cookie-injection | 21-Sep-2024 |
Safety above all else! MoreLogin joins Bugrap Bug Bounty Platform | https://medium.com/@moreloginbrowser/safety-above-all-else-morelogin-joins-bugrap-bug-bounty-platform-b92a99d7e4d7?source=rss------bug_bounty-5 | MoreLogin Browser | security, bug-bounty, antidetect-browser, white-hat-hacker, cybersecurity | 20-Sep-2024 |
Common Job Roles in Cyber Security | https://medium.com/@RaunakGupta1922/common-job-roles-in-cyber-security-e792d367af67?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | cyber-security-awareness, bug-bounty, diversity, jobs, hacking | 20-Sep-2024 |
A Perfect Story Which help to Understand Bug Bounty | https://medium.com/@Butcher_hell/a-perfect-story-which-help-to-understand-bug-bounty-c0a699239629?source=rss------bug_bounty-5 | W H I Z H A W K | cybersecurity, storytelling, hacking, bug-bounty, technology | 20-Sep-2024 |
How to Learn and Participate in Bug Bounties | https://rendiero.medium.com/how-to-learn-and-participate-in-bug-bounties-1a2e71dd190b?source=rss------bug_bounty-5 | Rendiero | cybersecurity, beginners-guide, learning, bug-bounty, hacking | 20-Sep-2024 |
Bypassing Rate Limits: All Known Techniques | https://medium.com/@raxomara/bypassing-rate-limits-all-known-techniques-25891bb5ca59?source=rss------bug_bounty-5 | Raxomara | rate-limit-bypass, bug-bounty-tips, security-research, cybersecurity, bug-bounty | 20-Sep-2024 |
Finding a easy p4 | https://medium.com/@loyalonlytoday/finding-a-easy-p4-e32c47c8b54a?source=rss------bug_bounty-5 | loyalonlytoday | penetration-testing, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bugs | 20-Sep-2024 |
The Ultimate Guide to Forgot Password Test Cases | https://medium.com/@chinmaya_ramana/the-ultimate-guide-to-forgot-password-test-cases-059e483fdc40?source=rss------bug_bounty-5 | Chinmaya Ramana | security, hacking, bug-bounty, web-application-security, application-security | 20-Sep-2024 |
Clickjacking Vulnerability to trigger Reflacted XSS | https://medium.com/@g52238317/clickjacking-vulnerability-to-trigger-reflacted-xss-9029cc5fd676?source=rss------bug_bounty-5 | Abdelrhman Yasser | cybersecurity, clickjacking, xss-attack, bug-bounty | 20-Sep-2024 |
Bypassing Date Restrictions in an Educational Platform: A Logic Flaw Exploit | https://medium.com/@ahmed_ashraf/bypassing-date-restrictions-in-an-educational-platform-a-logic-flaw-exploit-fdd3d0e3a1cb?source=rss------bug_bounty-5 | Ahmedashraf | business-logic-flaw, privilege-escalation, cybersecurity, bug-bounty, penetration-testing | 20-Sep-2024 |
Bug Bounty Dark Reality: The Hidden Truth of Successful Bug Hunting | https://medium.com/@yashpawar1199/bug-bounty-dark-reality-the-hidden-truth-of-successful-bug-hunting-0b9ed547802d?source=rss------bug_bounty-5 | Yash Pawar @HackersParadise | bug-bounty-dark-reality, bug-bounty, howu-hnters-find-bugs, bounty-efforts-fail, successful-bug-hunting | 20-Sep-2024 |
Unlocking Restricted Features: A Vulnerability Analysis of Organization’s Role Management | https://0xmatrix.medium.com/unlocking-restricted-features-a-vulnerability-analysis-of-organizations-role-management-aa6a4f7bd0d3?source=rss------bug_bounty-5 | Mo2men Elmady | hacking, penetration-testing, bug-bounty-tips, bug-bounty, cybersecurity | 20-Sep-2024 |
Exploiting GraphQL API Suggestions | https://nir-choubey-2011.medium.com/exploiting-graphql-api-suggestions-7695e5b8c3ef?source=rss------bug_bounty-5 | niraj choubey | api-security, bug-bounty, security, graphql-security | 20-Sep-2024 |
Safety above all else! MoreLogin joins Bugrap Bug Bounty Platform | https://medium.com/@moreloginbrowser/safety-above-all-else-morelogin-joins-bugrap-bug-bounty-platform-cdc178fd6e7e?source=rss------bug_bounty-5 | MoreLogin Browser | bug-bounty, cybersecurity, morelogin, antidetect-browser, security | 19-Sep-2024 |
Best Bug Bounty and Pentesting Methodology for Beginners: A Step-by-Step Guide | https://bevijaygupta.medium.com/best-bug-bounty-and-pentesting-methodology-for-beginners-a-step-by-step-guide-a68170d3acc8?source=rss------bug_bounty-5 | Vijay Gupta | bugs, penetration-testing, bug-bounty, bug-bounty-tips, pentesting | 19-Sep-2024 |
How to get shodan membership upgrade for free | https://medium.com/@hichamalmakroudi/how-to-get-shodan-membership-upgrade-for-free-4f21122d2d73?source=rss------bug_bounty-5 | Hicham Almakroudi | shodan, hacking-tools, ethical-hacking, bug-bounty, free | 19-Sep-2024 |
Nikto A Powerful Web Server Scanner for Vulnerability Assessment | https://medium.com/@yashpawar1199/nikto-a-powerful-web-server-scanner-for-vulnerability-assessment-1bd257204f41?source=rss------bug_bounty-5 | Yash Pawar @HackersParadise | bug-bounty, hacking, penetration-testing, cybersecurity, nikto | 19-Sep-2024 |
How a 403 bypass got me a bounty | https://medium.com/@ehsameer/how-a-403-bypass-got-me-a-bounty-7b2d58c0fd88?source=rss------bug_bounty-5 | ehsameer | bug-bounty-tips, bugbounty-writeup, bug-bounty, hackerone | 19-Sep-2024 |
How Hackers Trick You Into Actions You Never Meant to Do ! | https://medium.com/@yassentaalab51/how-hackers-trick-you-into-actions-you-never-meant-to-do-c0993c8f1bbe?source=rss------bug_bounty-5 | Yassen Taalab | owasp, penetration-testing, bug-bounty, cybersecurity, clickjacking | 19-Sep-2024 |
How to install Bug Bounty Hunting Tools on Linux and Windows by using Golang(Go)[ProjectDiscovery] | https://medium.com/@abdulrahman.muhammad.qarni52/getting-started-with-projectdiscovery-tools-on-linux-and-windows-70e644f1198c?source=rss------bug_bounty-5 | OxLegacy52 | hacking, tools-for-hacking, bug-bounty-writeup, bug-bounty-tips, bug-bounty | 19-Sep-2024 |
Finding a easy bug to get a easy $$$ | https://medium.com/@loyalonlytoday/finding-a-easy-bug-to-get-a-easy-f008b2b25f73?source=rss------bug_bounty-5 | loyalonlytoday | hacking, bug-bounty-tips, penetration-testing, bugbounty-writeup, bug-bounty | 19-Sep-2024 |
Primary Hacking School #2 After Installing Kali | https://medium.com/@nnface/primary-hacking-school-2-after-installing-kali-6a226c68e7de?source=rss------bug_bounty-5 | NnFace | kali-linux, linux, bug-bounty, cybersecurity, hacking | 19-Sep-2024 |
Understanding File Permissions and Ownership | https://cyberw1ng.medium.com/understanding-file-permissions-and-ownership-d73c07f373e2?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, technology, bug-bounty, careers, cybersecurity | 19-Sep-2024 |
How I hacked multiple Indian universities (AGAIN). | https://medium.com/@alimuhammadsecured/how-i-hacked-multiple-indian-universities-again-d1b9c2a0e01d?source=rss------bug_bounty-5 | Alimuhammadsecured | ctf, cybersecurity, hacking, bug-bounty, malware | 19-Sep-2024 |
How Hackers Trick You Into Actions You Never Meant to Do ! | https://medium.com/@yassentaalab51/how-hackers-trick-you-into-actions-you-never-meant-to-do-c0993c8f1bbe?source=rss------bug_bounty-5 | Killua | owasp, penetration-testing, bug-bounty, cybersecurity, clickjacking | 19-Sep-2024 |
Understanding File Permissions and Ownership | https://systemweakness.com/understanding-file-permissions-and-ownership-d73c07f373e2?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, technology, bug-bounty, careers, cybersecurity | 19-Sep-2024 |
[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package | https://medium.com/@p0lyxena/2-500-bug-bounty-write-up-remote-code-execution-rce-via-unclaimed-node-package-6b9108d10643?source=rss------bug_bounty-5 | Fuleki Ioan | bugcrowd, bug-bounty, writeup, cybersecurity, remote-code-execution | 18-Sep-2024 |
Write up : Business Logic Flaw in Payment Discount Calculation Allows Excessive Discount… | https://medium.com/@jakboubmostefa/write-up-business-logic-flaw-in-payment-discount-calculation-allows-excessive-discount-19d567f5da18?source=rss------bug_bounty-5 | Mostefa Jakboub | vulnerability, bug-bounty, cybersecurity | 18-Sep-2024 |
10 Essential Browser Extensions for Bug Bounty Hunters | https://medium.com/@firdansp/10-essential-browser-extensions-for-bug-bounty-hunters-f17f8b001bcc?source=rss------bug_bounty-5 | 0verRida | bug-bounty-tips, writeup, bug-hunting, extension, bug-bounty | 18-Sep-2024 |
How to Perform a Cybersecurity Risk Assessment: The Simple Guide | https://medium.com/@paritoshblogs/how-to-perform-a-cybersecurity-risk-assessment-the-simple-guide-b37d1b986682?source=rss------bug_bounty-5 | Paritosh | bug-bounty, risk, hacking, chatgpt, cybersecurity | 18-Sep-2024 |
Leveling Up the Wrong Way: Exploiting API Vulnerabilities in Game Progression | https://aminudin.medium.com/leveling-up-the-wrong-way-exploiting-api-vulnerabilities-in-game-progression-19f883f48da8?source=rss------bug_bounty-5 | Aminudin | hacker, bug-bounty, bug-bounty-tips | 18-Sep-2024 |
Scanning ip’s got from virustotal | https://medium.com/@loyalonlytoday/scanning-ips-got-from-virustotal-7baa7398ba83?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty-tips, bug-bounty, penetration-testing, hacking, bug-bounty-writeup | 18-Sep-2024 |
Mastering Cybersecurity “A Guide to Effective Learning” | https://rendiero.medium.com/mastering-cybersecurity-a-guide-to-effective-learning-9e32bd8c5926?source=rss------bug_bounty-5 | Rendiero | cybersecurity, bug-bounty, penetration-testing, hacking, learning | 18-Sep-2024 |
Scanning ip’s got from virustotal to find a bug | https://medium.com/@loyalonlytoday/scanning-ips-got-from-virustotal-7baa7398ba83?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty-tips, bug-bounty, penetration-testing, hacking, bug-bounty-writeup | 18-Sep-2024 |
The Reality of Cybersecurity Jobs: Why Freshers Should Focus on Defense✨ Over Hacking | https://medium.com/@mohammedthoufeeq_25137/the-reality-of-cybersecurity-jobs-why-freshers-should-focus-on-defense-over-hacking-002cd641a453?source=rss------bug_bounty-5 | Mohamed Thoufeeq | cybersecurity, hacking, cyberattack, programming, bug-bounty | 18-Sep-2024 |
#ERROR! | https://medium.com/@shari7a0x/protect-your-account-zero-click-account-takeover-for-admin-support-through-password-update-d155c7966b6e?source=rss------bug_bounty-5 | Shari7a0x | bug-bounty-tips, bug-bounty, ato, bugs | 18-Sep-2024 |
Real Bug Bounty & Penetration Testing on Live Websites: Step-by-Step Guide (Part 2) | https://medium.com/@shaikhminhaz1975/real-bug-bounty-penetration-testing-on-live-websites-step-by-step-guide-part-2-19ca30b17b93?source=rss------bug_bounty-5 | Shaikh Minhaz | ethical-hacking, bug-bounty, cybersecurity, penetration-testing, chatgpt | 18-Sep-2024 |
How Black Hat Hackers Hack into your Telegram Groups !!! | https://medium.com/@josuofficial327/how-black-hat-hackers-hack-into-your-telegram-groups-6970a93a20e1?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | penetration-testing, ethical-hacking, bug-bounty, hacking, cybersecurity | 18-Sep-2024 |
Missing Rate Limit Vulnerability: How to Test and Identify It | https://medium.com/@octayus/missing-rate-limit-vulnerability-how-to-test-and-identify-it-2f3937e903e6?source=rss------bug_bounty-5 | OctaYus | cybersecurity, infosec, hacking, bug-bounty, twitter | 18-Sep-2024 |
How I Utilized AI to Discover an Amazon S3 Bucket Takeover Vulnerability in Red Bull’s Bug Bounty… | https://medium.com/@mohamedsaqibc/how-i-utilized-ai-to-discover-an-amazon-s3-bucket-takeover-vulnerability-in-red-bulls-bug-bounty-503d3c4d995f?source=rss------bug_bounty-5 | Mohamed Saqib C | hacking, artificial-intelligence, cybersecurity, bug-bounty | 18-Sep-2024 |
Hunting APIs for Bounties: How to Hack and Win Big in Bug Bounties! | https://medium.com/@rootspaghetti/hunting-apis-for-bounties-how-to-hack-and-win-big-in-bug-bounties-942d0f4e0885?source=rss------bug_bounty-5 | Root@Spaghetti | hacking, bug-bounty, bug-bounty-tips | 18-Sep-2024 |
P4 bug’s and their POC steps | Part 3 | https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-3-298087630cac?source=rss------bug_bounty-5 | socalledhacker | web, web-security, p4-bugs, bug-bounty, vulnerability | 18-Sep-2024 |
Live Bug Bounty Walkthrough: How to Hunt & Report Bugs Effectively (Part 2) | https://medium.com/cyberscribers-exploring-cybersecurity/real-bug-bounty-penetration-testing-on-live-websites-step-by-step-guide-part-2-19ca30b17b93?source=rss------bug_bounty-5 | Shaikh Minhaz | ethical-hacking, bug-bounty, cybersecurity, penetration-testing, chatgpt | 18-Sep-2024 |
Using Application Functionality to Exploit Insecure Deserialization | https://medium.com/@rcxsecurity/using-application-functionality-to-exploit-insecure-deserialization-b4e7c6abdae1?source=rss------bug_bounty-5 | Ryan G. Cox - The Cybersec Cafe | information-security, penetration-testing, bug-bounty, information-technology, cybersecurity | 17-Sep-2024 |
First-Time Penetration Testing: How to Uncovered Critical Flaws at a Company (Interactive Guide) | https://medium.com/@paritoshblogs/first-time-penetration-testing-how-to-uncovered-critical-flaws-at-a-company-interactive-guide-4275f79c02ce?source=rss------bug_bounty-5 | Paritosh | hacking, bug-bounty, ai, penetration-testing, cybersecurity | 17-Sep-2024 |
From GitHub Recon to Hotstar Admin Access: A Deep Dive into Security Flaws | https://infosecwriteups.com/from-github-recon-to-hotstar-admin-access-a-deep-dive-into-security-flaws-2e4ae0ec937e?source=rss------bug_bounty-5 | Vishal Vishwakarma | hacking, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 17-Sep-2024 |
“ part 2 Beginner’s Bug Bounty Methodology: A Journey from Writeups to Real-World Application” | https://medium.com/@mahdisalhi0500/part-2-beginners-bug-bounty-methodology-a-journey-from-writeups-to-real-world-application-5d62f79e039f?source=rss------bug_bounty-5 | CaptinSHArky(Mahdi) | cybersecurity, bug-bounty-tips, bug-bounty, ethical-hacking, infose | 17-Sep-2024 |
How To Find Clickjacking Easily… | https://medium.com/@josuofficial327/how-to-find-clickjacking-under-a-minute-751089be3f74?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | penetration-testing, bug-bounty, cybersecurity, info-sec-writeups, bug-bounty-tips | 17-Sep-2024 |
#5. Bug Bounty Series: $$$ by AWS S3 Bucket misconfigurations | https://cyb3rmind.medium.com/5-bug-bounty-series-by-aws-s3-bucket-misconfigurations-fb645057d03e?source=rss------bug_bounty-5 | Cyb3r M!nds | penetration-testing, takeovers, bug-bounty, subdomain-takeover, s3-bucket | 17-Sep-2024 |
How I got my first $$$ bounty? | https://medium.com/@yashsomalkar/how-i-got-my-first-bounty-098d75ae650d?source=rss------bug_bounty-5 | Rudrakshacker | bug-bounty, cybersecurity, bug-bounty-writeup, bug-bounty-tips, idor-vulnerability | 17-Sep-2024 |
Platforms and vulnerable webapps for practing and learning webpentesting | https://medium.com/@loyalonlytoday/platforms-and-vulnerable-webapps-for-practing-and-learning-webpentesting-b76df42e3ec4?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, penetration-testing, hacking, bugbounty-writeup, web-penetration-testing | 17-Sep-2024 |
Direct Volume Access Attack | https://medium.com/@reemmoslem34/direct-volume-access-attack-dfbb2d73e406?source=rss------bug_bounty-5 | Rem Khalid | bug-bounty, cryptocurrency, malware, hacking, cybersecurity | 17-Sep-2024 |
Dll Side Loading Attack | https://medium.com/@reemmoslem34/dll-side-loading-attack-80ea716fd588?source=rss------bug_bounty-5 | Rem Khalid | python, malware, cybersecurity, hacking, bug-bounty | 17-Sep-2024 |
A bypass on GitLab’s Login Email Verification via OAuth ROPC flow. | https://cybxis.medium.com/a-bypass-on-gitlabs-login-email-verification-via-oauth-ropc-flow-e194242cad96?source=rss------bug_bounty-5 | cybxis | hackerone, gitlab, oauth2, bug-bounty | 17-Sep-2024 |
Type of Cyber Security | https://medium.com/@RaunakGupta1922/type-of-cyber-security-c43047a34fe7?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | hacking, bug-bounty, social-media, cybersecurity, basics | 16-Sep-2024 |
Menguasai Reconnaissance: Metode lengkap untuk mengumpulkan informasi | https://hack4funacademy.medium.com/menguasai-reconnaissance-metode-lengkap-untuk-mengumpulkan-informasi-acdeba7dc054?source=rss------bug_bounty-5 | Hack4Fun Academy | programming, bug-bounty, hacking, cybersecurity, networking | 16-Sep-2024 |
How to Set Up Proxychains in Kali Linux | https://medium.com/@vignesh6872610/how-to-set-up-proxychains-in-kali-linux-ddd44c3502af?source=rss------bug_bounty-5 | Vignesh P | bug-bounty, bug-bounty-writeup, proxychains, linux-tutorial, bug-bounty-tips | 16-Sep-2024 |
Three Months of Full-Time Bug Bounty Hunting as a Newbie in 2024 | https://medium.com/@nchaitreddyutilities/three-months-of-full-time-bug-bounty-hunting-as-a-newbie-in-2024-a941977b61f1?source=rss------bug_bounty-5 | Chaitanya Reddy | bug-bounty-tips, cybersecurity, bug-bounty, writeup | 16-Sep-2024 |
WhatsApp View Once Privacy Issue Initial Fix Assessment: The Good, the Bad and The Ugly | https://medium.com/@TalBeerySec/whatsapp-view-once-privacy-issue-initial-fix-assessment-the-good-the-bad-and-the-ugly-be97ec1cc2e5?source=rss------bug_bounty-5 | Tal Be'ery | security, web-development, bug-bounty, privacy, whatsapp | 16-Sep-2024 |
Guide to Finding and Exploiting Web Cache Poisoning | https://systemweakness.com/guide-to-finding-and-exploiting-web-cache-poisoning-f32d0962d28d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, careers, technology, bug-bounty | 16-Sep-2024 |
The Curious Case Of MutantBedrog’s Trusted-Types CSP Bypass | https://blog.confiant.com/the-curious-case-of-mutantbedrogs-trusted-types-csp-bypass-950b19a38b4f?source=rss------bug_bounty-5 | Eliya Stein | bug-bounty, malvertising, hacking, cybersecurity, threat-intelligence | 16-Sep-2024 |
How I Found Live Traffic Exposure on a Public Server: One of my interesting findings | https://medium.com/@josuofficial327/how-i-found-live-traffic-exposure-on-a-public-server-one-of-my-interesting-findings-0ecde16813a8?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | bug-bounty, cybersecurity, penetration-testing, bugbounty-writeup, bug-bounty-hunter | 16-Sep-2024 |
Using Full potential of Virustotal for Bugbounty | https://medium.com/@loyalonlytoday/using-full-potential-of-virustotal-for-bugbounty-8d80221ab2e4?source=rss------bug_bounty-5 | loyalonlytoday | bugbounty-tips, penetration-testing, hacking, bug-bounty, bugbounty-writeup | 16-Sep-2024 |
How i accidently found a server side template injection | https://medium.com/@malikirtizameg/how-i-accidently-found-a-server-side-template-injection-f5e7aec0b64d?source=rss------bug_bounty-5 | Insbat Arshad | cybersecurity, bug-bounty, programming, devops, python | 16-Sep-2024 |
CloudSek CTF 2024 Writeup | https://naumankh4n.medium.com/cloudsek-ctf-aug-2024-writeup-6b4409675f88?source=rss------bug_bounty-5 | Nauman Khan | hacking, bug-bounty, ctf, penetration-testing, ctf-writeup | 16-Sep-2024 |
Subdomain takeover amazon S3 | https://medium.com/@hichamalmakroudi/subdomain-takeover-amazon-s3-21de0af8a1d3?source=rss------bug_bounty-5 | Hicham Almakroudi | bug-bounty, aws, hacking, s3, subdomain-takeover | 16-Sep-2024 |
How To Get Easy critical 0 click account takeover on public bug bounty program at hackerone ! | https://medium.com/@kaforybory/how-to-get-easy-critical-0-click-account-takeover-on-public-bug-bounty-program-at-hackerone-8b1859cc7738?source=rss------bug_bounty-5 | Hassan Makki | infosec, bug-bounty-tips, cybersecurity, bug-bounty, bug-hunting | 16-Sep-2024 |
Structure your recon files before they structure you | https://medium.com/@paractmol/structure-your-recon-files-before-they-structure-you-ba3509a182f0?source=rss------bug_bounty-5 | paractmol | golang, recon, tools, bug-bounty, automation-tools | 16-Sep-2024 |
How to Kick Off Your Journey into Bug Hunting: A Beginner's Guide | https://medium.com/@justluke5691/how-to-kick-off-your-journey-into-bug-hunting-a-beginners-guide-eb5a551f4edb?source=rss------bug_bounty-5 | K. Niraj Chandra Singha | bug-bounty, technology, cybersecurity | 16-Sep-2024 |
very easy and helpfull for new hunters, how i accidently found a server side template injection | https://medium.com/@malikirtizameg/how-i-accidently-found-a-server-side-template-injection-f5e7aec0b64d?source=rss------bug_bounty-5 | Insbat Arshad | cybersecurity, bug-bounty, programming, devops, python | 16-Sep-2024 |
Structure your recon files before they become unstructured | https://medium.com/@paractmol/structure-your-recon-files-before-they-structure-you-ba3509a182f0?source=rss------bug_bounty-5 | paractmol | golang, recon, tools, bug-bounty, automation-tools | 16-Sep-2024 |
#3 HOW TO FIND OPEN REDIRECT EASILY ??? | https://medium.com/@josuofficial327/3-how-to-find-open-redirect-easily-fd8a7ea6e12b?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | threat-intelligence, bug-bounty, bug-bounty-tips, threat-hunting, cybersecurity | 15-Sep-2024 |
Subdomain Takeovers for Beginners | https://medium.com/@hichamalmakroudi/subdomain-takeovers-for-beginners-a51ed74db543?source=rss------bug_bounty-5 | Hicham Almakroudi | subdomain-takeover, bug-bounty, bug-bounty-tips, ethical-hacking, hacking | 15-Sep-2024 |
XSS — Cross Site Scripting | https://medium.com/@codingboltacademy/xss-cross-site-scripting-65e1981817df?source=rss------bug_bounty-5 | Coding Bolt Academy | xss-vulnerability, xss-attack, bug-bounty, cross-site-scripting, ethical-hacking | 15-Sep-2024 |
IDOR — Broken Access Control | https://medium.com/@codingboltacademy/idor-broken-access-control-efeb6698919f?source=rss------bug_bounty-5 | Coding Bolt Academy | ethical-hacking, penetration-testing, cybersecurity, bug-bounty, idor | 15-Sep-2024 |
How i got 100$ bounty | https://medium.com/@mukkumukku110/how-i-got-100-bounty-b3dd58e82e00?source=rss------bug_bounty-5 | bughunter | bug-bounty, bugs, bug-bounty-writeup, bug-bounty-tips | 15-Sep-2024 |
Hunting for Corporate Accounts: Exploiting IDOR and Parameter Pollution in Web Applications | https://medium.com/@tusharpuri6/hunting-for-corporate-accounts-exploiting-idor-and-parameter-pollution-in-web-applications-1792294e0c48?source=rss------bug_bounty-5 | Tusharpuri | bug-bounty, application-security, penetration-testing, offensive-security, infosec | 15-Sep-2024 |
Live Bug Bounty & Penetration Testing on Real Websites: Step-by-Step Guide (Part 1) | https://medium.com/@shaikhminhaz1975/live-bug-bounty-penetration-testing-on-real-websites-step-by-step-guide-part-1-971ccc9b9587?source=rss------bug_bounty-5 | Shaikh Minhaz | bug-bounty, bug-bounty-tips, penetration-testing, cybersecurity, information-gathering | 15-Sep-2024 |
SQL Injetion | https://medium.com/@adhikarisudip869/sql-injetion-f6f5f4291cbc?source=rss------bug_bounty-5 | Sudip Adhikari | sql, sql-injection, bug-bounty | 15-Sep-2024 |
How to Find IDOR Vulnerabilities: A Guide for Bug Bounty Hunters and Developers | https://cyberw1ng.medium.com/how-to-find-idor-vulnerabilities-a-guide-for-bug-bounty-hunters-and-developers-3d2ba2a766f5?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, cybersecurity, technology, careers | 15-Sep-2024 |
BugBounty platforms List | https://medium.com/@loyalonlytoday/bugbounty-platforms-list-ed3a5af3a8a2?source=rss------bug_bounty-5 | loyalonlytoday | bugbounty-writeup, bug-bounty-tips, hacking, bug-bounty, penetration-testing | 15-Sep-2024 |
Automating the CORS Vulnerability Scan | https://angixblack.medium.com/automating-the-cors-vulnerability-scan-66d57752cc36?source=rss------bug_bounty-5 | Angix black | cors, infosec, pentesting, bug-bounty, corsan | 15-Sep-2024 |
A very easy bug anyone can find | https://medium.com/@malikirtizameg/a-very-easy-bug-anyone-can-find-8d2b11a768c7?source=rss------bug_bounty-5 | Insbat Arshad | programming, cybersecurity, bug-bounty, software-engineering, devops | 15-Sep-2024 |
How to Find IDOR Vulnerabilities: A Guide for Bug Bounty Hunters and Developers | https://systemweakness.com/how-to-find-idor-vulnerabilities-a-guide-for-bug-bounty-hunters-and-developers-3d2ba2a766f5?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, cybersecurity, technology, careers | 15-Sep-2024 |
Mastering WordPress Pentesting: The Ultimate Resource Guide | https://medium.com/@RaunakGupta1922/mastering-wordpress-pentesting-the-ultimate-resource-guide-423bc1e1ddef?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | hacking, cybersecurity, wordpress, bug-bounty, wordpress-plugins | 14-Sep-2024 |
Telnet Takedown: The Port 23 Exploit on Metasploitable 2, Part III | https://medium.com/@thefellowhacker/telnet-takedown-the-port-23-exploit-on-metasploitable-2-part-iii-a10a6e15b468?source=rss------bug_bounty-5 | Taahir Mujawarr | cybersecurity, bug-bounty, metasploitable, hacking, penetration-testing | 14-Sep-2024 |
Open Redirect via Image Upload | https://medium.com/@osamamohamed21212121/open-redirect-via-image-upload-bf6f87f8d447?source=rss------bug_bounty-5 | Osamamohamed | bug-bounty-tips, bug-bounty, bugs, bug-zero, bug-bounty-writeup | 14-Sep-2024 |
SSRF Via Image Upload | https://medium.com/@osamamohamed21212121/ssrf-via-image-upload-f046e2d0e692?source=rss------bug_bounty-5 | Osamamohamed | bug-bounty, bug-zero, bug-bounty-writeup, bugs, bug-bounty-tips | 14-Sep-2024 |
Critical Data Breach Exposed: A Deep Dive into a Government Agency’s Security Flaw | https://medium.com/@contact.adnanks/critical-data-breach-exposed-a-deep-dive-into-a-government-agencys-security-flaw-3c4a9b431de6?source=rss------bug_bounty-5 | Adnan K S | bug-bounty-tips, security, cybersecurity, bug-bounty-writeup, bug-bounty | 14-Sep-2024 |
Unlocking Admin Privileges: How I Exploited an IDOR Vulnerability | https://medium.com/@cybsersec/unlocking-admin-privileges-how-i-exploited-an-idor-vulnerability-6829b595889a?source=rss------bug_bounty-5 | Cybsersec | cybersecurity, security-research, bug-bounty | 14-Sep-2024 |
Unlocking Admin Privileges: How I Exploited an IDOR Vulnerability | https://medium.com/@Krypton09/unlocking-admin-privileges-how-i-exploited-an-idor-vulnerability-6829b595889a?source=rss------bug_bounty-5 | Krypton | cybersecurity, security-research, bug-bounty | 14-Sep-2024 |
How I Discovered a Major Security Flaw in Keltron’s Server Using Google Dorking | https://medium.com/@contact.adnanks/how-i-discovered-a-major-security-flaw-in-keltrons-server-using-google-dorking-f8bb3c784803?source=rss------bug_bounty-5 | Adnan K S | cybersecurity, security, owncloud, bug-bounty-tips, bug-bounty | 14-Sep-2024 |
how to install kali linux on windows using wsl(windows subsystem linux) | https://medium.com/@loyalonlytoday/how-to-install-kali-linux-on-windows-using-wsl-windows-subsystem-linux-92019022ac57?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, penetration-testing, wsl-2, hacking, wsl | 14-Sep-2024 |
fisher: Cybertalents Cybersecurity Bootcamp Cohort 8 | https://medium.com/@bridget4/fisher-cybertalents-cybersecurity-bootcamp-cohort-8-cfb9aa6b7a6c?source=rss------bug_bounty-5 | Bridget | careers, bug-bounty, cybersecurity, learning, cyber-talents | 14-Sep-2024 |
What is Prototype Pollution? | https://systemweakness.com/what-is-prototype-pollution-4e2049f68fca?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, technology, careers, hacking, cybersecurity | 14-Sep-2024 |
How I Discovered a Major Security Flaw in Keltron’s Server Using Google Dorking | https://medium.com/@contact.adnanks/how-i-discovered-a-major-security-flaw-in-keltrons-server-using-google-dorking-e8a8c1dae09b?source=rss------bug_bounty-5 | Adnan K S | hacking, bug-bounty, cybersecurity, ethical-hacking, bug-bounty-tips | 14-Sep-2024 |
How I Gained Access to a Corporate CCTV Surveillance System Using Shodan | https://medium.com/@contact.adnanks/how-i-gained-access-to-a-corporate-cctv-surveillance-system-using-shodan-daac1fa3b37a?source=rss------bug_bounty-5 | Adnan K S | bug-bounty, surveillance, cctv, cybersecurity, hacking | 14-Sep-2024 |
How I Discovered a Critical Vulnerability and Took Over an Organization Using Burp Suite | https://medium.com/@contact.adnanks/how-i-discovered-a-critical-vulnerability-and-took-over-an-organization-using-burp-suite-fb2d52adc944?source=rss------bug_bounty-5 | Adnan K S | research, bug-bounty-tips, cybersecurity, bug-bounty, ethical-hacking | 14-Sep-2024 |
Critical Data Breach Exposed: A Deep Dive into a Government Agency’s Security Flaw (Part 2) | https://medium.com/@contact.adnanks/critical-data-breach-exposed-a-deep-dive-into-a-government-agencys-security-flaw-part-2-ba190920e945?source=rss------bug_bounty-5 | Adnan K S | bug-bounty, grafana, research-reports, cybersecurity, bug-bounty-tips | 14-Sep-2024 |
Let the Hunt Begin with Nuclei: The Secret Weapon of the Bug Bounty World! | https://medium.com/@rootspaghetti/let-the-hunt-begin-with-nuclei-the-secret-weapon-of-the-bug-bounty-world-9b2491d3a9cb?source=rss------bug_bounty-5 | Root@Spaghetti | bug-bounty-tips, hacking, bug-bounty | 14-Sep-2024 |
Mastering GraphQL API Pentesting: The Ultimate Resource Guide | https://medium.com/@RaunakGupta1922/mastering-graphql-api-pentesting-the-ultimate-resource-guide-7755c08bddd2?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | vulnerability, cybersecurity, graphql, bug-bounty, hacking | 13-Sep-2024 |
Deleting a folder led to the deactivation of the company’s accounts. | https://medium.com/@hossam_hamada/deleting-a-folder-led-to-the-deactivation-of-the-companys-accounts-3759b6b92927?source=rss------bug_bounty-5 | Hossam Hamada | bug-bounty-tips, hackerone, bug-bounty, penetration-testing, bugcrowd | 13-Sep-2024 |
#2 ANOTHER EASY BUG- HTML INJECTION | https://medium.com/@josuofficial327/2-another-easy-bug-html-injection-0447a79b6c66?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | bug-bounty-hunter, bug-bounty, linux, vulnerability, cybersecurity | 13-Sep-2024 |
How Unguessable IDOR Worth me €1000 On Intigriti | https://medium.com/@manan_sanghvi/how-unguessable-idor-worth-me-1000-on-intigriti-7ab6f928b3d9?source=rss------bug_bounty-5 | Manan Sanghvi | bounty-program, bug-bounty, intigriti, idor, hacking | 13-Sep-2024 |
Logic Flaw: I Can Block You from Accessing Your Own Account | https://medium.com/@hashimamin/logic-flaw-i-can-block-you-from-accessing-your-own-account-63fc2a88bb72?source=rss------bug_bounty-5 | Hashim Amin | bug-bounty-tips, bug-bounty, bugs, ethical-hacking, infosec | 13-Sep-2024 |
What is an Open Redirect Vulnerability? And How to Find It | https://systemweakness.com/what-is-an-open-redirect-vulnerability-and-how-to-find-it-7d94a3b9d0ef?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, careers, technology, bug-bounty, hacking | 13-Sep-2024 |
Log4j Exploit Lab: Reverse Shell with JNDI Exploit Kit | https://medium.com/@josh.beck2006/log4j-exploit-lab-reverse-shell-with-jndi-exploit-kit-21f015204e29?source=rss------bug_bounty-5 | Josh Beck | bug-bounty, cybersecurity, ctf | 13-Sep-2024 |
How to find and exploit bugsnag API Key | https://medium.com/@socalledhacker/how-to-find-and-exploit-bugsnag-api-key-312e0f216735?source=rss------bug_bounty-5 | socalledhacker | cybersecurity, bug-bounty, web-security, bug-bounty-tips, infosec | 13-Sep-2024 |
How to Write an Effective Bug Bounty Report: Tips, Structure, and Examples | https://infosecwriteups.com/how-to-write-an-effective-bug-bounty-report-tips-structure-and-examples-3248d81dd759?source=rss------bug_bounty-5 | Abhi Sharma | bug-bounty, hacking, bug-bounty-tips, cybersecurity, infosec | 13-Sep-2024 |
Finding a easy p4 it can be worth 200$ | https://medium.com/@loyalonlytoday/finding-a-easy-p4-it-can-be-worth-200-10d6682f6923?source=rss------bug_bounty-5 | loyalonlytoday | penetration-testing, bug-bounty, bugbounty-writeup, website-hacking, hacking | 13-Sep-2024 |
Subdomain Enumeration Part 2 (Manual & Automation) | https://osintteam.blog/subdomain-enumeration-part-2-manual-automation-77a46d93e2ed?source=rss------bug_bounty-5 | Mr Abdullah | ethical-hacking, hacking, web-hacking, bug-bounty, bug-bounty-tips | 13-Sep-2024 |
Unleashing GitHub Dorks: The Ultimate Hack for Finding Hidden Secrets in Bug Bounties! | https://enigma96.medium.com/unleashing-github-dorks-the-ultimate-hack-for-finding-hidden-secrets-in-bug-bounties-125b83fd9c93?source=rss------bug_bounty-5 | enigma | github-dorking, penetration-testing, bug-bounty, hackin, bug-bounty-tips | 13-Sep-2024 |
Stored XSS via Image Upload | https://medium.com/@osamamohamed21212121/stored-xss-via-image-upload-b75edecf1e54?source=rss------bug_bounty-5 | Osamamohamed | bug-bounty-tips, bugs, bug-bounty, bug-zero, bug-bounty-writeup | 13-Sep-2024 |
IDOR in Bug Bounty Program | https://medium.com/@osamamohamed21212121/idor-in-bug-bounty-program-8fbbffe32f6e?source=rss------bug_bounty-5 | Osamamohamed | bug-bounty, bugs, bug-bounty-writeup, bug-zero, bug-bounty-tips | 13-Sep-2024 |
Mastering Dirsearch: Finding Hidden Web Directories | https://medium.com/@bootstrapsecurity/mastering-dirsearch-finding-hidden-web-directories-f57327c06fed?source=rss------bug_bounty-5 | BootstrapSecurity | ethical-hacking, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-hunter | 12-Sep-2024 |
Computer Security: How Bureaucracies Ignore Unexploded Ordinance | https://kf106.medium.com/computer-security-how-bureaucracies-ignore-unexploded-ordinance-319e8e931ad5?source=rss------bug_bounty-5 | Keir Finlow-Bates | bureaucracy, bug-bounty, security, cybersecurity, hacker | 12-Sep-2024 |
The Secrets to Writing Threat Intelligence Reports That Actually Stop Cyber Attacks! | https://medium.com/@paritoshblogs/the-secrets-to-writing-threat-intelligence-reports-that-actually-stop-cyber-attacks-330fd6fc37a5?source=rss------bug_bounty-5 | Paritosh | ai, hacking, threat-intelligence, bug-bounty, cybersecurity | 12-Sep-2024 |
Password Reset Flaws: Key Methods for Finding Vulnerabilities | https://medium.com/@dsmodi484/password-reset-flaws-key-methods-for-finding-vulnerabilities-eb843440e06c?source=rss------bug_bounty-5 | Dishant Modi | bug-bounty, vulnerability, bug-bounty-tips, account-takeover, testing | 12-Sep-2024 |
Leveraging GreyNoise for Enhanced Threat Detection and Intelligence | https://medium.com/@ajaynaikhack/leveraging-greynoise-for-enhanced-threat-detection-and-intelligence-437aac815d38?source=rss------bug_bounty-5 | Ajay Naik | rewards, vulnerability, cybersecurity, bug-bounty, threat-detection | 12-Sep-2024 |
Insecure Direct Object Reference (IDOR) | https://medium.com/@security.tecno/insecure-direct-object-reference-idor-ffecf6cbc211?source=rss------bug_bounty-5 | TECNO Security | bug-bounty, security, research, hacking | 12-Sep-2024 |
Mastering IDOR: The Ultimate Resource Guide | https://medium.com/@RaunakGupta1922/mastering-idor-the-ultimate-resource-guide-84e44052f70c?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | bug-bounty, hacking, cybersecurity, college, idor | 12-Sep-2024 |
[IDOR] View other users’ transaction details | https://rhidayah.medium.com/idor-view-other-users-transaction-details-73c0c80aada6?source=rss------bug_bounty-5 | Rohmad Hidayah | broken-access-control, idor, bug-bounty, idor-vulnerability, information-disclosure | 12-Sep-2024 |
Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS | https://mikko-kenttala.medium.com/zero-click-calendar-invite-critical-zero-click-vulnerability-chain-in-macos-a7a434fc887b?source=rss------bug_bounty-5 | Mikko Kenttälä | vulnerability, macos, information-security, bug-bounty | 12-Sep-2024 |
Hide & Seek - Hidden Open Redirect | Bug Hunting | https://mo9khu93r.medium.com/hide-seek-hidden-open-redirect-bug-hunting-88499f5e0e99?source=rss------bug_bounty-5 | mo9khu93r | hacking, pentesting, bug-bounty, cybersecurity, kali-linux | 12-Sep-2024 |
Hydra for bruteforcing | https://medium.com/@tharunteja725_8686/hydra-for-bruteforcing-3784a98bab6a?source=rss------bug_bounty-5 | Chidurala Tharun teja | hacking, oscp, bug-bounty, bug-bounty-tips, cybersecurity | 12-Sep-2024 |
How an Open Redirect Vulnerability Got a Bug Bounty of $500 | https://cyberw1ng.medium.com/how-an-open-redirect-vulnerability-got-a-bug-bounty-of-500-13ece7a987d8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, technology, bug-bounty, careers, cybersecurity | 12-Sep-2024 |
My first Account-take-over | https://medium.com/@osamamohamed21212121/my-first-account-take-over-f6590c4a3a54?source=rss------bug_bounty-5 | Osamamohamed | bugs, bug-bounty, bug-zero, bug-bounty-writeup, bug-bounty-tips | 12-Sep-2024 |
My journey to find CSRF (Cross-Site Request Forgery ) | https://medium.com/@osamamohamed21212121/my-journey-to-find-csrf-cross-site-request-forgery-ddf1e1bd579d?source=rss------bug_bounty-5 | Osamamohamed | bug-bounty-writeup, bug-bounty-tips, bug-bounty, bugs, bug-zero | 12-Sep-2024 |
Stored XSS via File upload(using .svg file Extension ) | https://ch4ndan.medium.com/stored-xss-via-file-upload-using-svg-file-extension-515e23536d4d?source=rss------bug_bounty-5 | Ch4ndan das | cybersecurity, xss-attack, bug-bounty, bugs, bug-bounty-tips | 12-Sep-2024 |
My first XSS: Reflected XSS | https://medium.com/@osamamohamed21212121/my-first-xss-reflected-xss-0949992b94ab?source=rss------bug_bounty-5 | Osamamohamed | bugs, bug-bounty-tips, bug-bounty, bug-zero, bug-bounty-writeup | 12-Sep-2024 |
Hack Google Like a Pro: Automate Google Dorks with Bash for Bug Bounties! | https://enigma96.medium.com/hack-google-like-a-pro-automate-google-dorks-with-bash-for-bug-bounties-7611818a4bf0?source=rss------bug_bounty-5 | enigma | hacker, bug-bounty, pentesting, bug-bounty-tips, dorks | 12-Sep-2024 |
How to learn Game Hacking in 6 minutes | Part 1 | https://medium.com/@deadoverflow/how-to-learn-game-hacking-in-10-minutes-part-1-19991004fd99?source=rss------bug_bounty-5 | Imad Husanovic | games, hacking, bug-bounty-tips, bug-bounty, cybersecurity | 12-Sep-2024 |
How to learn Game Hacking in 6 minutes | Part 1 | https://systemweakness.com/how-to-learn-game-hacking-in-10-minutes-part-1-19991004fd99?source=rss------bug_bounty-5 | Imad Husanovic | games, hacking, bug-bounty-tips, bug-bounty, cybersecurity | 12-Sep-2024 |
Introduction to Bug Bounty Hunting | https://medium.com/@kanishkar22052004/introduction-to-bug-bounty-hunting-183f133c7d0d?source=rss------bug_bounty-5 | Kanishkar | bug-bounty, ethical-hacking, cybersecurity | 11-Sep-2024 |
Understanding the OWASP Top 10 in 2024 | https://bootstrapsecurity.medium.com/understanding-the-owasp-top-10-in-2024-245b600737f9?source=rss------bug_bounty-5 | BootstrapSecurity | bug-bounty-tips, bug-bounty, ethical-hacking, cybersecurity, infosec-write-ups | 11-Sep-2024 |
Understanding the OWASP Top 10 in 2024 | https://medium.com/@bootstrapsecurity/understanding-the-owasp-top-10-in-2024-245b600737f9?source=rss------bug_bounty-5 | BootstrapSecurity | bug-bounty-tips, bug-bounty, ethical-hacking, cybersecurity, infosec-write-ups | 11-Sep-2024 |
HTB Academy: Information Gathering — Web Edition (Updated). | https://medium.com/@mazalwebdesign/htb-academy-information-gathering-web-edition-updated-50058fdec55e?source=rss------bug_bounty-5 | maz4l | htb-walkthrough, htb-writeup, penetration-testing, bug-bounty, ethical-hacking | 11-Sep-2024 |
API Bug Bounty Hunting: Reconnaissance and Reverse Engineering an API | https://towardsdev.com/api-bug-bounty-hunting-reconnaissance-and-reverse-engineering-an-api-1d61f82b5d72?source=rss------bug_bounty-5 | Adithyakrishna V | cybersecurity, bug-bounty, hacking, api | 11-Sep-2024 |
NGINX HTTP/3 QUIC Module Vulnerability -CVE-2024–35200 | https://infosecwriteups.com/nginx-http-3-quic-module-vulnerability-cve-2024-35200-e2f6aaea2a68?source=rss------bug_bounty-5 | Ajay Naik | bug-bounty, security, cve, vulnerability, rewards | 11-Sep-2024 |
BIG-IP HSB vulnerability CVE-2024–39778 | https://medium.com/@ajaynaikhack/big-ip-hsb-vulnerability-cve-2024-39778-9fd33cc4d5e5?source=rss------bug_bounty-5 | Ajay Naik | rewards-and-recognition, vulnerability, bug-bounty, security | 11-Sep-2024 |
Why Django’s [DEBUG=True] is a Goldmine for Hackers | https://medium.com/@verylazytech/why-djangos-debug-true-is-a-goldmine-for-hackers-01486289607d?source=rss------bug_bounty-5 | Very Lazy Tech | hacking, cybersecurity, django, bug-bounty, misconfiguration | 11-Sep-2024 |
Best Bug Bounty and Pentesting Methodology for Beginners(Step By Step) | https://medium.com/@shaikhminhaz1975/best-bug-bounty-and-pentesting-methodology-for-beginners-step-by-step-b6167128156a?source=rss------bug_bounty-5 | Shaikh Minhaz | cybersecurity, methodology, penetration-testing, bug-bounty, ethical-hacking | 11-Sep-2024 |
MY First Bug Hunt: A Beginner’s Guide to Cybersecurity with Google Dorks | https://medium.com/@KpCyberInfo/my-first-bug-hunt-a-beginners-guide-to-cybersecurity-with-google-dorks-b62a28214d38?source=rss------bug_bounty-5 | Krunal Patel | bug-bounty, cybersecurity, google-dork, beginner, security | 11-Sep-2024 |
How Finding an SQL Injection Vulnerability Earned a $1000 Bug Bounty | https://systemweakness.com/how-finding-an-sql-injection-vulnerability-earned-a-1000-bug-bounty-af2ee0b62f6c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, technology, bug-bounty, hacking | 11-Sep-2024 |
Interesting Story of an Account Takeover Vulnerability | https://medium.com/@deepanshudev369/interesting-story-of-an-account-takeover-vulnerability-140a45a058a3?source=rss------bug_bounty-5 | Deepanshu(golu369) | cybersecurity, ethical-hacking, vulnerability-assessment, bug-bounty, research | 11-Sep-2024 |
P4 bug’s and their POC steps | Part 2 | https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-2-17b6583c57d9?source=rss------bug_bounty-5 | socalledhacker | web-security, hacking, bug-bounty-tips, vulnerability, bug-bounty | 11-Sep-2024 |
Pemburuan Hacker Penpie: Menyediakan Hingga 10% dari Dana yang Dikembalikan sebagai Hadiah | https://blog.penpiexyz.io/pemburuan-hacker-penpie-menyediakan-hingga-10-dari-dana-yang-dikembalikan-sebagai-hadiah-6e81cc0f610b?source=rss------bug_bounty-5 | 0xJultoshi | defi, bahasa, bug-bounty, investasi, crypto | 11-Sep-2024 |
Primary Hacking School #1 Installing Kali | https://medium.com/@nnface/primary-hacking-school-1-installing-kali-a3e249c41730?source=rss------bug_bounty-5 | NnFace | bug-bounty, cybersecurity, hacking, linux, kali-linux | 11-Sep-2024 |
How I Stole a Player Spot with Simple XSS | https://medium.com/@ali_guell/how-i-stole-a-player-spot-with-simple-xss-6a8fa2776a84?source=rss------bug_bounty-5 | black_wheatear | writeup, bug-bounty, hacking, web-development, cybersecurity | 11-Sep-2024 |
Securing Your Applications Against CSRF Attacks: Best Practices for Cybersecurity Experts | https://medium.com/@kpishear/securing-your-applications-against-csrf-attacks-best-practices-for-cybersecurity-experts-4e572b9fc032?source=rss------bug_bounty-5 | kpishear | bug-bounty, tech, cybersecurity, trading, technology | 10-Sep-2024 |
Free Bug Bounty Course For Beginners ️ | https://medium.com/@amanktec12/free-bug-bounty-course-for-beginners-%EF%B8%8F-f126b9907c96?source=rss------bug_bounty-5 | Cyberxeal | free-bug-hunting-course, free, course, bug-bounty, bug-hunting | 10-Sep-2024 |
Would you mind to tell me what your bank balance is? No? Okay, I’ll hack it. | https://infosecwriteups.com/would-you-mind-to-tell-me-what-your-bank-balance-is-no-okay-ill-hack-it-b3f49810cfe2?source=rss------bug_bounty-5 | Manav Bankatwala | bank-hack, cybersecurity, information-security, idor, bug-bounty | 10-Sep-2024 |
My first Hall of Fame (HoF) | Bug Bounty Journey. | https://rivudon.medium.com/my-first-hall-of-fame-hof-bug-bounty-journey-59a56b1e96c2?source=rss------bug_bounty-5 | Rivek Raj Tamang ( RivuDon ) | bug-bounty, bug-bounty-writeup, cybersecurity, bug-bounty-tips, infosec-writeup | 10-Sep-2024 |
The “Who Needs Secure Attachments Anyway?” Saga | https://medium.com/@shobitsharma/the-who-needs-secure-attachments-anyway-saga-6026dc61a371?source=rss------bug_bounty-5 | Shobit Sharma | bug-bounty, cybersecurity, bug-bounty-tips, infosec-write-ups, bug-bounty-writeup | 10-Sep-2024 |
How Hackers Can Steal Your Data in 15 Seconds | https://medium.com/@kerstan/how-hackers-can-steal-your-data-in-15-seconds-798bbed9cbac?source=rss------bug_bounty-5 | kerstan | hacking, cybersecurity, bug-bounty | 10-Sep-2024 |
Basic Challenge Level 11 | https://aftab700.medium.com/basic-challenge-level-11-eaa689246c31?source=rss------bug_bounty-5 | Aftab Sama | ctf, cybersecurity, information-security, bug-bounty, ethical-hacking | 10-Sep-2024 |
Basic Challenge Level 10 | https://aftab700.medium.com/basic-challenge-level-10-afaac3919778?source=rss------bug_bounty-5 | Aftab Sama | cybersecurity, bug-bounty, ctf-writeup, ctf, information-security | 10-Sep-2024 |
Basic Challenge Level 9 | https://aftab700.medium.com/basic-challenge-level-9-588ab110cc2d?source=rss------bug_bounty-5 | Aftab Sama | ctf-writeup, ctf, bug-bounty, information-security, cybersecurity | 10-Sep-2024 |
OWASP top 10 A09:Security Logging and Monitoring failures | https://medium.com/@shivamsharma.ss484/owasp-top-10-a09-security-logging-and-monitoring-failures-e2f4bdc50fbe?source=rss------bug_bounty-5 | Shivamsharma | owasp, hacking, cybersecurity, owasp-top-10, bug-bounty | 10-Sep-2024 |
‘find’ command for Recon | https://medium.com/@DatBoyBlu3/find-command-for-recon-4f3cf296c5d5?source=rss------bug_bounty-5 | Daniel Edwards | cybersecurity, linux, bug-bounty, unix, penetration-testing | 10-Sep-2024 |
Top Reconnaissance Tools for Ethical Security Testing | https://medium.com/@ajaynaikhack/top-reconnaissance-tools-for-ethical-security-testing-2b4088106b81?source=rss------bug_bounty-5 | Ajay Naik | reconnaissance, ethical-hacking, bug-bounty, rewards, vulnerability | 10-Sep-2024 |
Introducing FavFreak: Unlock the Power of Favicon Hashing for Bug Bounty Hunting | https://medium.com/@unreal_umber_hyena_37/introducing-favfreak-unlock-the-power-of-favicon-hashing-for-bug-bounty-hunting-0361dbb629c3?source=rss------bug_bounty-5 | Cyber Sentinel X | security, cybersecurity, penetration-testing, bug-bounty, ethical-hacking | 10-Sep-2024 |
How I got RCE on an Indian university without admin credentials Tale of directory listing, SQL… | https://medium.com/@alimuhammadsecured/how-i-got-rce-on-an-indian-university-without-admin-credentials-tale-of-directory-listing-sql-1f77e2933011?source=rss------bug_bounty-5 | Alimuhammadsecured | bug-bounty, bug-bounty-writeup, ctf, rce, hacking | 10-Sep-2024 |
TryHackMe | Simple CTF | Walkthrough | By HexaHunter | https://hexahunter.medium.com/tryhackme-simple-ctf-walkthrough-by-hexahunter-b9457e4d7d16?source=rss------bug_bounty-5 | Momal Naz | web-security, penetration-testing, tryhackme-walkthrough, ctf-writeup, bug-bounty | 09-Sep-2024 |
Mastering Reconnaissance with Nmap: Unveiling Your Target’s Secrets | https://infosecwriteups.com/mastering-reconnaissance-with-nmap-unveiling-your-targets-secrets-ec940d05a140?source=rss------bug_bounty-5 | Ajay Naik | cybersecurity, information-security, nmap, bug-bounty, infosec-write-ups | 09-Sep-2024 |
Self-XSS to ATO via Quick Login feature | https://thecatfather.medium.com/self-xss-to-ato-via-quick-login-feature-532df12d1c08?source=rss------bug_bounty-5 | The CatFather | bug-bounty-writeup, bug-bounty, bug-bounty-tips | 09-Sep-2024 |
Exploiting Firestore Database Rules: A Pathway to Data Breaches | https://medium.com/@S3THU/exploiting-firestore-database-rules-a-pathway-to-data-breaches-aa945476cc16?source=rss------bug_bounty-5 | Sethu Satheesh | firebase, hacking, cybersecurity, bug-bounty, pentesting | 09-Sep-2024 |
Google Dorks for Bug Bounty Part 3: Exposing Hidden Admin Panels & Login Portals | https://enigma96.medium.com/google-dorks-for-bug-bounty-part-3-exposing-hidden-admin-panels-login-portals-52b600e3f10b?source=rss------bug_bounty-5 | enigma | bug-bounty, bug-bounty-tips, pentesting, hacking, penetration-testing | 09-Sep-2024 |
2nd Order SQL Injection | https://medium.com/@bountyget/2nd-order-sql-injection-e2ac60e792a4?source=rss------bug_bounty-5 | Dhiren Kumar Pradhan | bug-bounty-tips, sql-injection, cybersecurity, penetration-testing, bug-bounty | 09-Sep-2024 |
{إِنَّ اللَّهَ وَمَلائِكَتَهُ يُصَلُّونَ عَلَى النَّبِيِّ يَا أَيُّهَا الَّذِينَ آمَنُوا صَلُّوا… | https://medium.com/@mahdisalhi0500/%D8%A5%D9%90%D9%86%D9%8E%D9%91-%D8%A7%D9%84%D9%84%D9%8E%D9%91%D9%87%D9%8E-%D9%88%D9%8E%D9%85%D9%8E%D9%84%D8%A7%D8%A6%D9%90%D9%83%D9%8E%D8%AA%D9%8E%D9%87%D9%8F-%D9%8A%D9%8F%D8%B5%D9%8E%D9%84%D9%8F%D9%91%D9%88%D9%86%D9%8E-%D8%B9%D9%8E%D9%84%D9%8E%D9%89-%D8%A7%D9%84%D9%86%D9%8E%D9%91%D8%A8%D9%90%D9%8A%D9%90%D9%91-%D9%8A%D9%8E%D8%A7-%D8%A3%D9%8E%D9%8A%D9%8F%D9%91%D9%87%D9%8E%D8%A7-%D8%A7%D9%84%D9%8E%D9%91%D8%B0%D9%90%D9%8A%D9%86%D9%8E-%D8%A2%D9%85%D9%8E%D9%86%D9%8F%D9%88%D8%A7-%D8%B5%D9%8E%D9%84%D9%8F%D9%91%D9%88%D8%A7-4cdb13f5ff52?source=rss------bug_bounty-5 | CaptinSHArky(Mahdi) | hacking, information-security, ethical-hacking, bug-bounty, information-technology | 09-Sep-2024 |
SQL Injection Attack, Listing the Database Contents on Non-Oracle Databases | https://medium.com/@marduk.i.am/sql-injection-attack-listing-the-database-contents-on-non-oracle-databases-825485566585?source=rss------bug_bounty-5 | Marduk I Am | bug-bounty, portswigger-lab, sqli, information-security, sql-injection | 09-Sep-2024 |
Hunting for Hidden API Endpoints Using Katana and Hakraler | https://anasbetis023.medium.com/hunting-for-hidden-api-endpoints-using-katana-and-hakraler-ba0bd6b9611f?source=rss------bug_bounty-5 | Anas H Hmaidy | bug-bounty, penetration-testing, bug-bounty-tips, cybersecurity | 09-Sep-2024 |
Optimal Ethical Hacker Setup for Penetration Testing | https://infosecwriteups.com/optimal-ethical-hacker-setup-for-penetration-testing-4847a8afbe45?source=rss------bug_bounty-5 | Ajay Naik | security, bug-bounty, vulnerability, desktop | 09-Sep-2024 |
Unveiling Hidden Threats: Advanced Recon Techniques and the Path to Automation | https://medium.com/@rootspaghetti/unveiling-hidden-threats-advanced-recon-techniques-and-the-path-to-automation-4c1b3dd885a3?source=rss------bug_bounty-5 | Root@Spaghetti | bug-bounty-tips, bug-bounty, hacking | 09-Sep-2024 |
P4 bug’s and their POC steps | Part 1 | https://medium.com/@socalledhacker/p4-bugs-and-their-poc-steps-part-1-1cef0152d1a5?source=rss------bug_bounty-5 | socalledhacker | vulnerability, p4-bugs, hacking, web-app-security, bug-bounty | 09-Sep-2024 |
How HTTP Request Smuggling Vulnerability Gets You a $750 Bug Bounty | https://cyberw1ng.medium.com/how-http-request-smuggling-vulnerability-gets-you-a-750-bug-bounty-3dfe9063fd8d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, careers, cybersecurity, technology | 09-Sep-2024 |
Introducing CorScan: A Comprehensive Tool for CORS Vulnerability Detection | https://angixblack.medium.com/introducing-corscan-a-comprehensive-tool-for-cors-vulnerability-detection-4ce83be6870e?source=rss------bug_bounty-5 | Angix black | penetration-testing, bug-bounty, cors, bugbounty-automation, corscan | 09-Sep-2024 |
Lap 1: JWT authentication bypass via unverified signature | https://abdelrahmansalaheldeen.medium.com/lap-1-jwt-authentication-bypass-via-unverified-signature-8e450a7b2f59?source=rss------bug_bounty-5 | Abdelrahman Salaheldeen | cybersecurity, web-application-security, web-app-pentesting, jwt, bug-bounty | 08-Sep-2024 |
The Only Oscp Tip You Need | https://medium.com/@issam.qsous/the-only-oscp-tip-you-need-cfac65948f68?source=rss------bug_bounty-5 | Essam Qsous | oscp, bug-bounty, cybersecurity, pentesting, hacking | 08-Sep-2024 |
JSON Web Token attacks (JWT) | https://abdelrahmansalaheldeen.medium.com/json-web-token-attacks-jwt-c082d76f3e4c?source=rss------bug_bounty-5 | Abdelrahman Salaheldeen | jwt, web-penetration-testing, web-application-security, bug-bounty, cybersecurity | 08-Sep-2024 |
0-Click Mass Account Takeover via Password Reset Functionality | https://0d-samii.medium.com/0-click-mass-account-takeover-via-password-reset-functionality-68cdf27e028d?source=rss------bug_bounty-5 | 0d_samii | bugs, bug-bounty-tips, bug-bounty, cybersecurity | 08-Sep-2024 |
How To Stay Ahead of 99% of Bug Bounty Hunters | https://bevijaygupta.medium.com/how-to-stay-ahead-of-99-of-bug-bounty-hunters-d77030705ed5?source=rss------bug_bounty-5 | Vijay Gupta | bug-bounty-tips, bugs, hackthebox, bug-bounty, bounty-hunter | 08-Sep-2024 |
Discovering a Stored XSS Vulnerability on a Bug Bounty Program | https://anmolvishwakarma7466.medium.com/discovering-a-stored-xss-vulnerability-on-a-bug-bounty-program-8dad1b475695?source=rss------bug_bounty-5 | Anmolvishwakarma | xss-attack, appsec, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 08-Sep-2024 |
Found Bugs, Got Paid, Stayed Poor: Making a Living with Bug Bounties | https://bevijaygupta.medium.com/found-bugs-got-paid-stayed-poor-making-a-living-with-bug-bounties-a30355564d32?source=rss------bug_bounty-5 | Vijay Gupta | money-making-ideas, bug-bounty-tips, bug-bounty, money-management, bugs | 08-Sep-2024 |
Nmap: The Best Network Scanning Utility for Security Expert | https://medium.com/@mohanmecktro/nmap-the-best-network-scanning-utility-for-security-expert-ea7a6fd01efb?source=rss------bug_bounty-5 | Mohan Mecktro | bug-bounty-hunter, penetration-testing, bug-bounty, nmap, kali-linux-tools | 08-Sep-2024 |
How I Become Google HOF | https://medium.com/@lijoparappur/how-i-become-google-hof-ef697b8b5963?source=rss------bug_bounty-5 | Lijoparappur | bug-bounty, google-hacking | 08-Sep-2024 |
How i found xss in goverment website with one tools. | https://medium.com/@sulthanyluthfi/how-i-found-xss-in-goverment-website-with-one-tools-5dd5d431ed03?source=rss------bug_bounty-5 | Luthfi Sulthany | xss-attack, bug-bounty, linux, penetration-testing, cybersecurity | 08-Sep-2024 |
Day 30of 30 Day — 30 Vulnerabilities | Cross-Site Request Forgery (CSRF) | https://medium.com/@kumawatabhijeet2002/day-30of-30-day-30-vulnerabilities-cross-site-request-forgery-csrf-062ff53c5efd?source=rss------bug_bounty-5 | Abhijeet kumawat | 30dayswritingchallenge, bug-bounty, bug-bounty-tips, csrf | 08-Sep-2024 |
My recon methodology for hunting CVE-2021–42063 led to discovering an RXSS vulnerability in the… | https://medium.com/@karthithehacker/my-recon-methodology-for-hunting-cve-2021-42063-led-to-discovering-an-rxss-vulnerability-in-the-27a7aa435fd3?source=rss------bug_bounty-5 | Karthikeyan.V | bug-bounty, infosec, bugbounty-writeup, ethical-hacking, cybersecurity | 08-Sep-2024 |
The Weak Link in Two-Factor Authentication: Exploiting Reusable OTPs | https://medium.com/@tusharpuri6/the-weak-link-in-two-factor-authentication-exploiting-reusable-otps-ed30bd8bf4da?source=rss------bug_bounty-5 | Tusharpuri | offensive-security, bug-bounty, penetration-testing, vulnerability, application-security | 08-Sep-2024 |
OWASP top 10 A08:Software and Data Integrity Failures | https://medium.com/@shivamsharma.ss484/owasp-top-10-a08-software-and-data-integrity-failures-bd41b5f9db2c?source=rss------bug_bounty-5 | Shivamsharma | owasp-top-10, bug-bounty, cybersecurity, hacking, owasp | 08-Sep-2024 |
Post-Exploitation Techniques: What Happens After a Hack? | https://cyberw1ng.medium.com/post-exploitation-techniques-what-happens-after-a-hack-961ddc068fb6?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, technology, hacking, cybersecurity, careers | 08-Sep-2024 |
Post-Exploitation Techniques: What Happens After a Hack? | https://systemweakness.com/post-exploitation-techniques-what-happens-after-a-hack-961ddc068fb6?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, technology, hacking, cybersecurity, careers | 08-Sep-2024 |
Bug Bounty Road ️ Map ️ | https://osintteam.blog/bug-bounty-road-%EF%B8%8F-map-%EF%B8%8F-b42c14750a6a?source=rss------bug_bounty-5 | Mr Abdullah | bug-bounty-roadmap, bug-bounty, bug-bounty-writeup, ethical-hacking, cybersecurity | 07-Sep-2024 |
Users without roles are able to find out whether the “Invite other people” feature on a Pinterest… | https://rhidayah.medium.com/users-without-roles-are-able-to-find-out-whether-the-invite-other-people-feature-on-a-pinterest-b1cf86305337?source=rss------bug_bounty-5 | Rohmad Hidayah | pinterest, bug-bounty, privacy, business-logic-flaw | 07-Sep-2024 |
Exploiting the Silent Threat: Time-Based Blind SQL Injection via the Object_ID Parameter | https://harshit3.medium.com/exploring-time-based-blind-sql-injection-vulnerability-via-the-object-id-parameter-7cd377c6e00d?source=rss------bug_bounty-5 | Harshit | owasp, vulnerability, cybersecurity, bug-bounty, information-security | 07-Sep-2024 |
Account takeover through no rate limits | https://rhidayah.medium.com/account-takeover-through-no-rate-limits-3d7a82a69779?source=rss------bug_bounty-5 | Rohmad Hidayah | account-takeover, no-rate-limit, bug-bounty, broken-authentication | 07-Sep-2024 |
The Rise of AI in Cybersecurity: Opportunities and Threats | https://bootstrapsecurity.medium.com/the-rise-of-ai-in-cybersecurity-opportunities-and-threats-531b42f9bef9?source=rss------bug_bounty-5 | BootstrapSecurity | bug-bounty-tips, bug-bounty, cybersecurity, ethical-hacking, ai-in-cybersecurity | 07-Sep-2024 |
how i finded a google map it’s worths 300$ | https://systemweakness.com/how-i-finded-a-google-map-its-worths-300-9fe5fe32e6de?source=rss------bug_bounty-5 | loyalonlytoday | bugs, penetration-testing, hacking, bug-bounty, bug-bounty-tips | 07-Sep-2024 |
Subdomain Takeover : The Hacker’s Jackpot (And How You Can Hit It Too!) | https://medium.com/@Kaizen2977/subdomain-takeover-the-hackers-jackpot-and-how-you-can-hit-it-too-76d49b916bc1?source=rss------bug_bounty-5 | Kapil Chotalia | bug-bounty, subdomain-takeover, subdomains-enumeration, hacking, penetration-testing | 07-Sep-2024 |
Users without roles are able to find out whether the “Invite other people” feature on a Pinterest… | https://rhidayah.medium.com/users-without-roles-are-able-to-find-out-whether-the-invite-other-people-feature-on-a-pinterest-b1cf86305337?source=rss------bug_bounty-5 | Rohmad Hidayah | pinterest, bug-bounty, privacy, bugcrowd, business-logic-flaw | 07-Sep-2024 |
Day 29 of 30 Day — 30 Vulnerabilities | Remote Code Execution (RCE) | https://medium.com/@kumawatabhijeet2002/day-29-of-30-day-30-vulnerabilities-remote-code-execution-rce-eb3f8f7ccf62?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty-tips, rce, bug-bounty, 30dayswritingchallenge, remote-code-execution | 07-Sep-2024 |
Vulnerability Scanner | https://medium.com/@hydra_/vulnerability-scanner-1ad628218979?source=rss------bug_bounty-5 | hydra | bug-bounty, vulnerability-scanner, infosec | 07-Sep-2024 |
Understanding window.postMessage() and Its XSS Risks | https://medium.com/@spideyyy/understanding-window-postmessage-and-its-xss-risks-5a96bcd90428?source=rss------bug_bounty-5 | spidey | cybersecurity, bug-bounty, web-security, hacking, xss-attack | 07-Sep-2024 |
Find Your First 5 Bug Bounties in Easy Ways | https://infosecwriteups.com/find-your-first-5-bug-bounties-in-easy-ways-3aaca5c57a2d?source=rss------bug_bounty-5 | Subh Dhungana | hackerone, infosec, cybersecurity, bug-bounty, hacking | 07-Sep-2024 |
My recon methodology for hunting CVE-2021–42063 led to discovering an RXSS vulnerability in the… | https://medium.com/@karthithehacker/my-recon-methodology-for-hunting-cve-2021-42063-led-to-discovering-an-rxss-vulnerability-in-the-80bd4ca0f623?source=rss------bug_bounty-5 | Karthikeyan.V | bug-bounty, infosec, cybersecurity | 07-Sep-2024 |
Hunting in the Cyber World: Effective Recon Strategies for a Successful Bug Bounty | https://medium.com/@rootspaghetti/hunting-in-the-cyber-world-effective-recon-strategies-for-a-successful-bug-bounty-8ec5f27bd9ae?source=rss------bug_bounty-5 | Root@Spaghetti | bug-bounty, cybersecurity, hacking, bug-bounty-tips | 07-Sep-2024 |
850$ IDOR:Unauthorized Session Revokation of any user | https://infosecwriteups.com/850-idor-unauthorized-session-revokation-of-any-user-93f9cb92fdfe?source=rss------bug_bounty-5 | Abhi Sharma | cybersecurity, infosec, idor, bug-bounty, programming | 07-Sep-2024 |
Google Dorks Secrets: Discover Hidden Endpoints & Parameters with Google Dorks | https://enigma96.medium.com/google-dorks-secrets-discover-hidden-endpoints-parameters-with-google-dorks-7c3bb3257ef9?source=rss------bug_bounty-5 | enigma | web-security-testing, hacking, bug-bounty-tips, bug-bounty, penetration-testing | 07-Sep-2024 |
cyberExploring Client-Side Desync: Understanding the Risk and Mitigating the Threat | https://cyberw1ng.medium.com/cyberexploring-client-side-desync-understanding-the-risk-and-mitigating-the-threat-b375dec78f21?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, technology, cybersecurity, careers | 07-Sep-2024 |
Day 28 of 30 Day — 30 Vulnerabilities | DOM-based XSS | https://medium.com/@kumawatabhijeet2002/day-28-of-30-day-30-vulnerabilities-dom-based-xss-e7bfadc56b2f?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, 30dayswritingchallenge, bug-bounty-tips, dom-based-xss | 06-Sep-2024 |
Bounty Hunter’s Handbook: Practical Tips for Bug Hunting | https://medium.com/@security.tecno/bounty-hunters-handbook-practical-tips-for-bug-hunting-b3a8b03d1101?source=rss------bug_bounty-5 | TECNO Security | hacking, hunting, tips, bug-bounty | 06-Sep-2024 |
[$12000] 3 Critical 0-click TikTok Account Takeover Vulnerabilities, 2FA bypass & more security… | https://vojtechcekal.medium.com/12000-3-critical-0-click-tiktok-account-takeover-vulnerabilities-2fa-bypass-more-security-78554827cfc3?source=rss------bug_bounty-5 | Vojtech Cekal | vulnerability, bug-bounty-writeup, bug-bounty-tips, cybersecurity, bug-bounty | 06-Sep-2024 |
OAuth Based CSRF: Exploiting The Flaw In Implementation Of State Parameter | https://medium.com/@cyberpro151/oaauth-based-csrf-exploiting-the-flaw-in-implementation-of-state-parameter-36bfae68aa65?source=rss------bug_bounty-5 | cyberpro151 | bug-bounty, cybersecurity, appsec, hacking, pentest | 06-Sep-2024 |
Google Map API Key Exposure $$$ | Just 2 Minutes | Don’t Miss Your Bounty | https://dkcyberz.medium.com/google-map-api-key-exposure-just-2-minutes-dont-miss-your-bounty-380eac7b9dd9?source=rss------bug_bounty-5 | Harpy Hunter | bug-bounty-tips, bugbounty-writeup, google-map-api, bug-bounty, owasp-top-10 | 06-Sep-2024 |
Google Dork Mastery Part 1 : Finding Hidden Critical Files with Google Dorks Like a Pro | https://enigma96.medium.com/google-dork-mastery-part-1-finding-hidden-critical-files-with-google-dorks-like-a-pro-d28ad159e9ae?source=rss------bug_bounty-5 | enigma | penetration-testing, hacking, bug-bounty-tips, web-security, bug-bounty | 06-Sep-2024 |
Master Mobile Traffic Hacking: Intercept Android App Data with Burp Suite | https://medium.com/@WillFromSwiss/master-mobile-traffic-hacking-intercept-android-app-data-with-burp-suite-9278163310ad?source=rss------bug_bounty-5 | WillFromSwiss | cybersecurity, application-security, hacking, android, bug-bounty | 06-Sep-2024 |
As Luck Would Have It — tales of good fortune in bug bounty | https://medium.com/@l_s_/as-luck-would-have-it-tales-of-good-fortune-in-bug-bounty-9c56d31b3ef5?source=rss------bug_bounty-5 | LS | infosec, information-security, bug-bounty-writeup, hacking, bug-bounty | 06-Sep-2024 |
How I Explored Further and Chained HTTP Request Smuggling with Other Vulnerabilities | https://cyberw1ng.medium.com/how-i-explored-further-and-chained-http-request-smuggling-with-other-vulnerabilities-cfb974e1e8aa?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, technology, hacking, bug-bounty, cybersecurity | 06-Sep-2024 |
How 100% Manual Hacking (Without Even Kali And Burp) Led To 2 Medium Vulnerabilities On YesWeHack | https://medium.com/@manan_sanghvi/how-100-manual-hacking-without-even-kali-and-burp-led-to-2-medium-vulnerabilities-on-yeswehack-bbda00fcd84e?source=rss------bug_bounty-5 | Manan Sanghvi | vulnerability, bug-bounty, xss-attack, cybersecurity, ethical-hacking | 05-Sep-2024 |
Day 27 of 30 Day — 30 Vulnerabilities | Server-Side Template Injection (SSTI) | https://medium.com/@kumawatabhijeet2002/day-27-of-30-day-30-vulnerabilities-server-side-template-injection-ssti-f12c851d7e08?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, server-side-technology, 30dayswritingchallenge, ssti, bug-bounty-tips | 05-Sep-2024 |
Exploiting Salesforce Lightning Permissions Issues | https://medium.com/@theodorejackson.us/exploiting-salesforce-lightning-permissions-issues-5c04f202c887?source=rss------bug_bounty-5 | Ted Jackson | pentesting, bug-bounty, security, salesforce, cybersecurity | 05-Sep-2024 |
RCE Exploits Explained: Techniques & Tools in 2024 | https://bootstrapsecurity.medium.com/rce-exploits-explained-techniques-tools-in-2024-79dbbbc67ba6?source=rss------bug_bounty-5 | BootstrapSecurity | ethical-hacking, vulnerability-assessment, cybersecurity, bug-bounty-tips, bug-bounty | 05-Sep-2024 |
What is WAF? & Secret Techniques to Bypass It | https://medium.com/huntersec-security/what-is-waf-secret-techniques-to-bypass-it-2a4de4768131?source=rss------bug_bounty-5 | Ajay Naik | bug-bounty, firewall-security, infosec | 05-Sep-2024 |
SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuff | https://medium.com/@ali.zamini/ssti-in-bug-bounty-program-the-time-i-played-with-handlebars-and-broke-stuff-7dc1f9834a3d?source=rss------bug_bounty-5 | Ali Zamini | bug-hunting, bug-bounty, hacking, web-app-pentesting, ssti | 05-Sep-2024 |
Blocking Users from Registration | https://medium.com/@patidarbhuwan44/blocking-users-from-registration-e3a584f25e4b?source=rss------bug_bounty-5 | Bhuwan Patidar | bug-bounty, hacking, bug-bounty-tips, web, cybersecurity | 05-Sep-2024 |
Uncover Hidden Subdomains with Sublist3r and curl: Boost Your Bug Hunting Success | https://enigma96.medium.com/uncover-hidden-subdomains-with-sublist3r-and-curl-boost-your-bug-hunting-success-a80b180a9377?source=rss------bug_bounty-5 | enigma | bug-bounty, bug-bounty-tips, penetration-testing, hacking, web-security | 05-Sep-2024 |
Find SSRF , LFI , XSS using httpx , waybackurls , gf , gau , qsreplace | https://medium.com/@SatyamPathania/find-ssrf-lfi-xss-using-httpx-waybackurls-gf-gau-qsreplace-96c4794e404c?source=rss------bug_bounty-5 | Satyam Pathania | earn-money-online, cybersecurity, bug-bounty, hacking, money | 05-Sep-2024 |
Cybersecurity 101 : Subdomain Scanner ทำงานยังไง ? | https://medium.com/@nengapi/cybersecurity-101-subdomain-scanner-%E0%B8%97%E0%B8%B3%E0%B8%87%E0%B8%B2%E0%B8%99%E0%B8%A2%E0%B8%B1%E0%B8%87%E0%B9%84%E0%B8%87-04c9993620ed?source=rss------bug_bounty-5 | Neng Apichet | subdomain, bug-bounty, subdomain-enumeration, cybersecurity | 05-Sep-2024 |
Practical Bug Bounty — TCM Academy | Automated Tools | https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-automated-tools-ed177aab16f6?source=rss------bug_bounty-5 | Mohammad Awab Hassan Nizami | web-penetration-testing, bug-bounty, penetration-testing, ethical-hacking, cybersecurity | 05-Sep-2024 |
Dependency Confusion: A Namespace Takeover Story | https://medium.com/@sakshirathore3478/dependency-confusion-a-namespace-takeover-story-fa334533bd50?source=rss------bug_bounty-5 | Sakshi Rathore | bug-bounty-tips, webapplicationpentest, bug-bounty, cybersecurity, bug-bounty-hunter | 05-Sep-2024 |
Reflected XSS | US Department of Education Recognition | https://codingninjablogs.tech/reflected-xss-us-department-of-education-recognition-270ec27e7f5f?source=rss------bug_bounty-5 | #$ubh@nk@r | vulnerability, bug-bounty, cybersecurity, infosec, hacking | 05-Sep-2024 |
My first Bug : Uncovering a Reflected XSS with a Simple Payload | https://medium.com/@firdansp/my-first-bug-uncovering-a-reflected-xss-with-a-simple-payload-270b5e3742bb?source=rss------bug_bounty-5 | Firda Nurelia | xs, bug-bounty, bug-bounty-tips, xss-vulnerability, writeup | 05-Sep-2024 |
How I Discovered an HTTP Request Smuggling Vulnerability in a Major Web Console | https://cyberw1ng.medium.com/how-i-discovered-an-http-request-smuggling-vulnerability-in-a-major-web-console-5188b2b4c539?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, technology, bug-bounty, cybersecurity | 05-Sep-2024 |
Hidden Reflected XSS on 403 Page. | https://medium.com/@Hacker_Yogi/hidden-reflected-xss-on-403-page-0cbb46683138?source=rss------bug_bounty-5 | Ruben (Hacker_Yogi) | pentesting, bug-bounty-tips, information-security, xss-attack, bug-bounty | 05-Sep-2024 |
Broken Authentication Leads to the Ability to Unsubscribe Other Users' Payment Reminders | https://medium.com/@blackarazi/broken-authentication-leads-to-the-ability-to-unsubscribe-other-users-payment-reminders-0fdb1a63edec?source=rss------bug_bounty-5 | Azhari Harahap | bug-bounty, broken-authentication, api-security, application-security, bug-bounty-writeup | 04-Sep-2024 |
Ultimate FFUF Cheatsheet: Advanced Fuzzing Tactics for Pro Bug Hunters! | https://medium.com/h7w/ultimate-ffuf-cheatsheet-advanced-fuzzing-tactics-for-pro-bug-hunters-492598750150?source=rss------bug_bounty-5 | Khaleel Khan | hacking-tools, bug-bounty, hacking, cybersecurity, infosec | 04-Sep-2024 |
dirsearch: Panduan Lengkap untuk Pengumpulan Informasi Web yang Efektif! | https://medium.com/@adriansyah1230/dirsearch-panduan-lengkap-untuk-pengumpulan-informasi-web-yang-efektif-c7fdee43b2d4?source=rss------bug_bounty-5 | Adrian Syah Abidin | bug-bounty, cybersecurity, infosec, dirsearch, pentesting | 04-Sep-2024 |
Aquatone: Solusi Cerdas untuk Inspeksi Visual Website yang Mendalam! | https://medium.com/@adriansyah1230/aquatone-solusi-cerdas-untuk-inspeksi-visual-website-yang-mendalam-68811f0735c7?source=rss------bug_bounty-5 | Adrian Syah Abidin | cybersecurity, aquatone, keamanan-informasi, bug-bounty, infosec | 04-Sep-2024 |
A Comprehensive Guide to FFUF for Bug Hunters | https://maelstromenigma.medium.com/a-comprehensive-guide-to-ffuf-for-bug-hunters-76942e90f92b?source=rss------bug_bounty-5 | enigma | webservices-testing, bug-bounty-tips, bug-bounty, bug-hunting, recon | 04-Sep-2024 |
Nmap: Pemindai Keamanan Jaringan yang Kuat dan Alat Unggulan untuk Pengumpulan Informasi! | https://medium.com/@adriansyah1230/nmap-pemindai-keamanan-jaringan-yang-kuat-dan-alat-unggulan-untuk-pengumpulan-informasi-ce2186eda0d1?source=rss------bug_bounty-5 | Adrian Syah Abidin | nmap-command, cybersecurity, infosec, bug-bounty, nmap | 04-Sep-2024 |
Subdomain Enumeration | BBOT ✅>= Subfinder + Sublist3r + Assetfinder + Amass | https://dkcyberz.medium.com/bbot-subfinder-sublist3r-assetfinder-amass-subdomain-enumeration-c42bbbf76052?source=rss------bug_bounty-5 | Harpy Hunter | bug-bounty, subdomain-takeover, bugbounty-tips, subdomains-enumeration, bugbounty-writeup | 04-Sep-2024 |
OWASP Amass: Alat Canggih untuk Pengumpulan Informasi dan Strategi Pemetaan Serangan yang Efektif! | https://medium.com/@adriansyah1230/owasp-amass-alat-canggih-untuk-pengumpulan-informasi-dan-strategi-pemetaan-serangan-yang-efektif-7859ad0515ad?source=rss------bug_bounty-5 | Adrian Syah Abidin | massa, owasp, bug-bounty, pentest, cybersecurity | 04-Sep-2024 |
Day 26 of 30 Day — 30 Vulnerabilities | Race Conditions | https://medium.com/@kumawatabhijeet2002/day-26-of-30-day-30-vulnerabilities-race-conditions-e6b761e006b1?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty-tips, bug-bounty, 30dayswritingchallenge, race-condition | 04-Sep-2024 |
reNgine: Framework Otomatisasi Terbaik untuk Pengumpulan Informasi dan Pengujian Penetrasi Web! | https://medium.com/@adriansyah1230/rengine-framework-otomatisasi-terbaik-untuk-pengumpulan-informasi-dan-pengujian-penetrasi-web-13e338edff02?source=rss------bug_bounty-5 | Adrian Syah Abidin | infosec, bug-bounty, keamanan-informasi, rengine, cybersecurity | 04-Sep-2024 |
Exploring the World of `magicRecon`: A Fun Guide to Target Information Gathering | https://medium.com/@rootspaghetti/exploring-the-world-of-magicrecon-a-fun-guide-to-target-information-gathering-03a9e2bb7e39?source=rss------bug_bounty-5 | Root@Spaghetti | cybersecurity, bug-bounty-tips, hacking, bug-bounty | 04-Sep-2024 |
Zomatoooo! IDOR in Saved Payments | https://prateeksrivastavaa.medium.com/zomatoooo-idor-in-saved-payments-f8c014879741?source=rss------bug_bounty-5 | Prateek Srivastava | bug-bounty-writeup, bug-bounty, cybersecurity, penetration-testing, bug-bounty-tips | 04-Sep-2024 |
Openredirect CSRF SSRF XSS And Sqli vulnerability | https://medium.com/@shadowhackr_87285/openredirect-csrf-ssrf-xss-and-sqli-vulnerability-6a9f3a5662e2?source=rss------bug_bounty-5 | Shadowhackr | xss-attack, cybersecurity, bug-bounty, vulnerability, sql | 04-Sep-2024 |
Zero-Day Exploits: An Inconspicuous Danger | https://medium.com/@mohanmecktro/zero-day-exploits-an-inconspicuous-danger-7e3ca32c164e?source=rss------bug_bounty-5 | Mohan Mecktro | bug-bounty-tips, cyber, cybersecurity, bug-bounty, hacking | 04-Sep-2024 |
Decoding the Enigma: A Deep Dive into the /home/000~ROOT~000/ Directory | https://soltanali0.medium.com/decoding-the-enigma-a-deep-dive-into-the-home-000-root-000-directory-3be592f05525?source=rss------bug_bounty-5 | soltanali0 | information-security, bug-bounty, directory-listing, security-research, lfi | 04-Sep-2024 |
TeamCity Takedown: Breach, Backup, and Break-in. | https://medium.com/@josh.beck2006/teamcity-takedown-breach-backup-and-break-in-3ce333b63788?source=rss------bug_bounty-5 | Josh Beck | cybersecurity, bug-bounty, ctf-writeup | 04-Sep-2024 |
Advanced Strategies to Defend Against HTTP Request Smuggling: A Deep Dive | https://cyberw1ng.medium.com/advanced-strategies-to-defend-against-http-request-smuggling-a-deep-dive-ba7c0abe911a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, bug-bounty, technology, penetration-testing | 04-Sep-2024 |
Shodan: Senjata Rahasia Wajib Bagi Peretas dan Peneliti Keamanan untuk Pengumpulan Informasi yang… | https://medium.com/@adriansyah1230/shodan-senjata-rahasia-wajib-bagi-peretas-dan-peneliti-keamanan-untuk-pengumpulan-informasi-yang-a3f86dd47eed?source=rss------bug_bounty-5 | Adrian Syah Abidin | infosec, shodan, bug-bounty, hacking, cybersecurity | 03-Sep-2024 |
Bug Bounty: Your Guide to Ethical Hacking, Rewards, and the Best Learning Resources | https://medium.com/@akatrigger53/bug-bounty-your-guide-to-ethical-hacking-rewards-and-the-best-learning-resources-071c6eb14a27?source=rss------bug_bounty-5 | Akansh Panday | bug-bounty, hacking, darkweb, cybersecurity | 03-Sep-2024 |
How to overcome the pause point in BugBounty | https://anonysm.medium.com/how-to-overcome-the-pause-point-in-bugbounty-02b849cfcff8?source=rss------bug_bounty-5 | Muthu D | cybersecurity, bug-bounty, penetration-testing, motivation, hacking | 03-Sep-2024 |
DNSDumpster: Eksplorasi Informasi Domain Mendalam | https://medium.com/@adriansyah1230/dnsdumpster-eksplorasi-informasi-domain-mendalam-d20fa2635596?source=rss------bug_bounty-5 | Adrian Syah Abidin | keamanan-informasi, cybersecurity, infosec, bug-bounty, dnsdumpster | 03-Sep-2024 |
Day 25 of 30 Day — 30 Vulnerabilities | HTTP Request Smuggling | https://medium.com/@kumawatabhijeet2002/day-25-of-30-day-30-vulnerabilities-http-request-smuggling-722c3f01dbc4?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, http-request-smuggling, bug-bounty-tips, 30dayswritingchallenge | 03-Sep-2024 |
How to Bypass Web Application Firewalls (WAFs) | https://bootstrapsecurity.medium.com/how-to-bypass-web-application-firewalls-10cec76e8276?source=rss------bug_bounty-5 | BootstrapSecurity | bugbounty-tips, cybersecurity, ethical-hacking, bug-bounty | 03-Sep-2024 |
The removed employee can see whether the users he invited to the victim’s Pinterest business… | https://rhidayah.medium.com/the-removed-employee-can-see-whether-the-users-he-invited-to-the-victims-pinterest-business-085d2ee8e14e?source=rss------bug_bounty-5 | Rohmad Hidayah | bugcrowd, bug-bounty, pinterest, business-logic-flaw | 03-Sep-2024 |
[IDOR] Update another user’s profile | https://rhidayah.medium.com/idor-update-another-users-profile-79d0158ae60c?source=rss------bug_bounty-5 | Rohmad Hidayah | idor, bug-bounty | 03-Sep-2024 |
Pre account takeover via google sign in | https://rhidayah.medium.com/pre-account-takeover-via-google-sign-in-bb442f4c32a2?source=rss------bug_bounty-5 | Rohmad Hidayah | bug-bounty, account-takeover | 03-Sep-2024 |
P3 (Medium) : How I Gain Access To NASA's Internal Workspace?! | https://medium.com/@srishavinkumar/p3-medium-how-i-gain-access-to-nasas-internal-workspace-d0896fee563c?source=rss------bug_bounty-5 | Sri Shavin Kumar | bug-bounty, bug-bounty-tips, cybersecurity, technology, programming | 03-Sep-2024 |
Improper Authorization via Mass Assignment of Membership Parameters | https://ahmedtamer0.medium.com/improper-authorization-via-mass-assignment-of-membership-parameters-7245925b09f5?source=rss------bug_bounty-5 | Ahmed Tamer | bug-hunting, api, mass-assignment, writeup, bug-bounty | 03-Sep-2024 |
How Bypassed KonyLab Code Protection | https://medium.com/@xmosb7/how-bypassed-konylab-code-protection-cac53da01ad1?source=rss------bug_bounty-5 | Mahmoud Mosbah | mobilesec, infosec, cybersecurity, cyberattack, bug-bounty | 03-Sep-2024 |
Subdomain Enumeration part 1 (Manual & Automation) | https://mrunknown124154.medium.com/subdomain-enumeration-part-1-manual-automation-45108388bdb2?source=rss------bug_bounty-5 | Mr Abdullah | subdomains-enumeration, hacking, bug-bounty, web-hacking, web-penetration-testing | 03-Sep-2024 |
API VULNERABILITIES | https://medium.com/@adithyakrishnav001/api-vulnerabilities-9b68a0bd87a8?source=rss------bug_bounty-5 | Adithyakrishna V | cybersecurity, hacking, aad1, api-security, bug-bounty | 03-Sep-2024 |
HTTP Request Smuggling: The Hidden Web Threat You Need to Know About | https://cyberw1ng.medium.com/http-request-smuggling-the-hidden-web-threat-you-need-to-know-about-71ff45c7f94a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | technology, cybersecurity, bug-bounty, hacking, careers | 03-Sep-2024 |
My First Bounty: How I Exploited a CORS Misconfiguration | https://anas0x1.medium.com/my-first-bounty-how-i-exploited-a-cors-misconfiguration-bc1f9137b272?source=rss------bug_bounty-5 | Anas Ibrahim | cors, bug-bounty, bug-hunting, hackerone, cybersecurity | 03-Sep-2024 |
How I Discovered a Hidden XSS and What I Learned | https://medium.com/@issam.qsous/how-i-discovered-a-hidden-xss-and-what-i-learned-9a34995ebbd2?source=rss------bug_bounty-5 | Essam Qsous | web-development, hacking, penetration-testing, security, bug-bounty | 03-Sep-2024 |
The Accidental Discovery | https://medium.com/@Kinqdathacker/the-accidental-discovery-8ed6f9622b0c?source=rss------bug_bounty-5 | Kinqdathacker | cybersecurity, hacking, technology, web-hacking, bug-bounty | 02-Sep-2024 |
Day 23 of 30 Days — 30 Vulnerabilities | JSON Web Token (JWT) Attacks | https://medium.com/@kumawatabhijeet2002/day-23-of-30-days-30-vulnerabilities-json-web-token-jwt-attacks-e77c719fe22d?source=rss------bug_bounty-5 | Abhijeet kumawat | web, bug-bounty, bug-bounty-tips, 30dayswritingchallenge | 02-Sep-2024 |
Advanced Web Application Security Checklist | https://securitycipher.medium.com/advanced-web-application-security-checklist-6f7ed5917c72?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | cybersecurity, bug-bounty-tips, bug-bounty, technology, security | 02-Sep-2024 |
How I Hacked into Yamaha using CVE 2017-5487 | https://medium.com/@josuofficial327/how-i-found-an-easy-cve-in-yamaha-964366a34b59?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | cybersecurity, bug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-bounty-tips | 02-Sep-2024 |
[Specially Customized] TECNO Security 3rd Anniversary Bug Hunting Competition! | https://medium.com/@security.tecno/specially-customized-tecno-security-3rd-anniversary-bug-hunting-competition-8a4e6501e91e?source=rss------bug_bounty-5 | TECNO Security | bug-bounty, bounty-program, hacking, hunting | 02-Sep-2024 |
Hunting JavaScript Files for Bug Hunters | https://bevijaygupta.medium.com/hunting-javascript-files-for-bug-hunters-7355df2215ec?source=rss------bug_bounty-5 | Vijay Gupta | hunting, javascript, bugs, bug-bounty, bug-hunting | 02-Sep-2024 |
A Story About How i Found CVE-2020–27838 in TVH responsible disclosure | https://medium.com/@karthithehacker/a-story-about-how-i-found-cve-2020-27838-in-tvh-responsible-disclosure-16946f8f8faf?source=rss------bug_bounty-5 | Karthikeyan.V | bug-bounty, cybersecurity, infosec, web-security | 02-Sep-2024 |
Advanced Web Application Security Checklist | https://infosecwriteups.com/advanced-web-application-security-checklist-6f7ed5917c72?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | cybersecurity, bug-bounty-tips, bug-bounty, technology, security | 02-Sep-2024 |
Business logic / Failed defense Vulnerability in bug bounty | https://itsravikiran25.medium.com/business-logic-failed-defense-vulnerability-in-bug-bounty-4ab932a1a200?source=rss------bug_bounty-5 | Ravikiran | bug-bounty-writeup, cybersecurity, penetration-testing, bug-bounty, hacking | 02-Sep-2024 |
A Story About How i Found CVE-2020–27838 in TVH responsible disclosure | https://infosecwriteups.com/a-story-about-how-i-found-cve-2020-27838-in-tvh-responsible-disclosure-16946f8f8faf?source=rss------bug_bounty-5 | Karthikeyan.V | bug-bounty, cybersecurity, infosec, web-security | 02-Sep-2024 |
HTML Form Injection Vulnerability in Gmail | https://medium.com/@h4x0r_dz/html-form-injection-vulnerability-in-gmail-152a01f6d423?source=rss------bug_bounty-5 | h4x0r_dz | google, web, bug-bounty, vulnerability, security | 02-Sep-2024 |
Easy 500$ Bounty with Host Header Injection By Ramthulla | https://skramthu.medium.com/easy-500-bounty-with-host-header-injection-by-ramthulla-bb556ebd4c46?source=rss------bug_bounty-5 | Ram | infosec-write-ups, bounty-program, hackerone, bug-bounty, bugbounty-writeup | 02-Sep-2024 |
Pentesting vs Bug Bounty: Apa Perbedaannya dan Bagaimana Tahapannya? | https://medium.com/@adriansyah1230/pentesting-vs-bug-bounty-apa-perbedaannya-dan-bagaimana-tahapannya-182cc05a2721?source=rss------bug_bounty-5 | Adrian Syah Abidin | hacking, bug-bounty, pentesting, cybersecurity | 02-Sep-2024 |
How to Automate Subdomain Takeover Finding: Low Hang Fruit… | https://dkcyberz.medium.com/how-to-automate-subdomain-takeover-finding-low-hang-fruit-5733f2794df1?source=rss------bug_bounty-5 | Harpy Hunter | bug-bounty-tips, how-to-takeover-s3-bucket, bug-bounty, bug-bounty-writeup, subdomain-takeover | 02-Sep-2024 |
Secure your Instagram Account Today, Or be a victim. | https://mayur-jadhav.medium.com/secure-your-instagram-account-today-or-be-a-victim-9f476937a5e2?source=rss------bug_bounty-5 | Mayur Jadhav | bug-bounty, social-media, hacking, cybersecurity | 02-Sep-2024 |
26.18 Lab: Web cache poisoning via HTTP/2 request tunnelling | https://cyberw1ng.medium.com/26-18-lab-web-cache-poisoning-via-http-2-request-tunnelling-72abd219dc68?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, technology, careers, hacking, bug-bounty | 02-Sep-2024 |
SSRF via DNS Rebinding That Leads to Several Clouds Access (Arabic) | https://medium.com/@Berserker1337/ssrf-via-dns-rebinding-that-leads-to-several-clouds-access-arabic-db9f9a9c530c?source=rss------bug_bounty-5 | Berserker | bug-bounty, infosec | 02-Sep-2024 |
Lessons Learned #1: One line of code can make your application vulnerable (Pre-Auth RCE in Metabase… | https://medium.com/appsec-untangled/lessons-learned-1-one-line-of-code-can-make-your-application-vulnerable-pre-auth-rce-in-metabase-a8579ca0102d?source=rss------bug_bounty-5 | Mohamed AboElKheir | threat-modeling, vulnerability, bug-bounty, application-security, cybersecurity | 02-Sep-2024 |
Insider Secrets to Earning $100 to $250 in Bug Bounties | https://medium.com/@ajaynaikhack/insider-secrets-to-earning-100-to-250-in-bug-bounties-9dd6adb2a304?source=rss------bug_bounty-5 | Ajay Naik | cybersecurity, bug-bounty | 02-Sep-2024 |
The Wild World of Path Traversal: Sneaking Around the Web’s Dark Corners | https://cluelesszay.medium.com/the-wild-world-of-path-traversal-sneaking-around-the-webs-dark-corners-088f5522e371?source=rss------bug_bounty-5 | zaythecluelessdev | path-traversal, web-security, cybersecurity, bug-bounty, ethical-hacking | 01-Sep-2024 |
Race condition to bypass email verify, part #2 | https://siratsami71.medium.com/race-condition-to-bypass-email-verify-part-2-5efca002cf24?source=rss------bug_bounty-5 | Sirat Sami (analyz3r) | bug-bounty-tips, cybersecurity, bugbounty-writeup, bug-bounty | 01-Sep-2024 |
How I found exif metdata leak and earned small bounty | https://medium.com/@deepk007/how-i-found-exif-metdata-leak-and-earned-small-bounty-34c93de2fa2e?source=rss------bug_bounty-5 | DEep | bug-bounty, ethical-hacking, hacking, bug-bounty-tips, cybersecurity | 01-Sep-2024 |
Advanced Techniques for Exploiting SSRF Vulnerabilities | https://bootstrapsecurity.medium.com/advanced-techniques-for-exploiting-ssrf-vulnerabilities-9996cade3a64?source=rss------bug_bounty-5 | BootstrapSecurity | bug-bounty-tips, bug-bounty-hunter, cybersecurity, ethical-hacking, bug-bounty | 01-Sep-2024 |
Port Scanning for Bug Bounties | https://bevijaygupta.medium.com/port-scanning-for-bug-bounties-1b660ea41483?source=rss------bug_bounty-5 | Vijay Gupta | bug-fixes, port-scanning, bugs, bug-bounty, bug-bounty-tips | 01-Sep-2024 |
Subdomain Discovery Tool | https://medium.com/@World-Breaker/subdomain-discovery-tool-7403e38a760f?source=rss------bug_bounty-5 | usu@rioZ3r0 | python, enum, enumeration, subdomain, bug-bounty | 01-Sep-2024 |
OWASP A05 :Security Misconfiguration | https://medium.com/@shivamsharma.ss484/owasp-a05-security-misconfiguration-10518396c757?source=rss------bug_bounty-5 | Shivamsharma | owasp, owasp-top-10, cybersecurity, bug-bounty, oscp | 01-Sep-2024 |
A Story About How I Found XSS in ASUS | https://infosecwriteups.com/a-story-about-how-i-found-xss-in-asus-cb233ce3bb9c?source=rss------bug_bounty-5 | Karthikeyan.V | bugbounty-tips, infosec, bugbounty-writeup, bug-bounty, bugbounty-poc | 01-Sep-2024 |
# 5 Install OWASP Juice Shop on Kali Linux — Guide for Burp Suite | https://securitycipher.medium.com/5-install-owasp-juice-shop-on-kali-linux-guide-for-burp-suite-6b31c1ece398?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | bug-bounty-tips, security, technology, cybersecurity, bug-bounty | 01-Sep-2024 |
How I found My first P1 Bug which ended up ….$? | https://medium.com/@yashsomalkar/how-i-found-my-first-p1-bug-which-ended-up-5e6cffdbb066?source=rss------bug_bounty-5 | Yashsomalkar | bugbounty-writeup, bugbounty-poc, aws, bug-bounty, cybersecurity | 01-Sep-2024 |
How I Got $250 For My Second Bug In HackerOne | https://medium.com/@likithteki76/how-i-got-250-for-my-second-bug-in-hackerone-35c75cbd84bd?source=rss------bug_bounty-5 | Likith Teki | hackerone, bug-bounty, bug-bounty-tips, bug-hunting, bugbounty-writeup | 01-Sep-2024 |
26.18 Lab: Bypassing access controls via HTTP/2 request tunneling | https://cyberw1ng.medium.com/26-18-lab-bypassing-access-controls-via-http-2-request-tunneling-f92ae50661bc?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, penetration-testing, bug-bounty, cybersecurity, careers | 01-Sep-2024 |
How I found My first P1 Bug which ended up ….$? | https://medium.com/@yashsomalkar/how-i-found-my-first-p1-bug-which-ended-up-5e6cffdbb066?source=rss------bug_bounty-5 | Rudrakshacker | bugbounty-writeup, bugbounty-poc, aws, bug-bounty, cybersecurity | 01-Sep-2024 |
How I Got $250 For My Second Bug on HackerOne | https://medium.com/@likithteki76/how-i-got-250-for-my-second-bug-in-hackerone-35c75cbd84bd?source=rss------bug_bounty-5 | Likith Teki | hackerone, bug-bounty, bug-bounty-tips, bug-hunting, bugbounty-writeup | 01-Sep-2024 |
26.17 Lab: Exploiting HTTP request smuggling to perform web cache deception | https://cyberw1ng.medium.com/26-17-lab-exploiting-http-request-smuggling-to-perform-web-cache-deception-69a6e9654b7e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, penetration-testing, careers, bug-bounty, cybersecurity | 31-Aug-2024 |
All You Need to know About Broken Authentication and Session Management | https://medium.com/@ahmed.hilal/all-you-need-to-know-about-broken-authentication-and-session-management-26920f100714?source=rss------bug_bounty-5 | X0_AhMeD_0X | bug-bounty, pentesting, cybersecurity, bugs, vulnerability | 31-Aug-2024 |
DEPENDENCY CONFUSION CAN LEAD TO P5 OR P2 BASED ON LUCK | https://medium.com/@anonymousshetty2003/dependency-confusion-can-lead-to-p5-or-p2-based-on-luck-64a5b94b80c1?source=rss------bug_bounty-5 | Anonymousshetty | hacking, dependency-confusion, cybersecurity, bug-bounty | 31-Aug-2024 |
“Boost Your Productivity: Essential Tips for Organizing Your Work as a Bug Bounty Hunter” | https://medium.com/@mahdisalhi0500/boost-your-productivity-essential-tips-for-organizing-your-work-as-a-bug-bounty-hunter-8de1517dc6a4?source=rss------bug_bounty-5 | Mahdisalhi | bug-bounty, bug-bounty-tips, ethical-hacking, infosec, hacking | 31-Aug-2024 |
HOW I GOT ACCESS TO ACCOUNT BY OTP BYPASS | https://medium.com/@anonymousshetty2003/how-i-got-access-to-account-by-otp-bypass-c49eb0490744?source=rss------bug_bounty-5 | Anonymousshetty | cybersecurity, hacking, bug-bounty, otp-bypass | 31-Aug-2024 |
Bug bounty Hunting 101 | https://medium.com/@sys_br3ach3r/bug-bounty-hunting-101-7d2258a3b21d?source=rss------bug_bounty-5 | sys_br3ach3r | bug-bounty-tips, bug-bounty | 31-Aug-2024 |
OTP bypass through the Response manipulation | https://itsravikiran25.medium.com/otp-bypass-through-the-response-manipulation-4f25ab36f60b?source=rss------bug_bounty-5 | Ravikiran | cybersecurity, bugbounty-writeup, bug-bounty, hacking, otp-bypass | 31-Aug-2024 |
The Discovery of CVE-2024–5947: Authentication Bypass in Deep Sea Electronics DSE855 | https://medium.com/@karthithehacker/the-discovery-of-cve-2024-5947-authentication-bypass-in-deep-sea-electronics-dse855-5fa2e89cbdfb?source=rss------bug_bounty-5 | Karthikeyan.V | bug-bounty, infosec, information-security, bugbounty-tips, bugbounty-writeup | 31-Aug-2024 |
Using Default Credential to Admin Account Takeover | https://ch4ndan.medium.com/using-default-credential-to-admin-account-takeover-04c557e67969?source=rss------bug_bounty-5 | Ch4ndan das | bugs, bug-bounty-tips, hacking, bug-bounty, cybersecurity | 31-Aug-2024 |
How to Take Over a Subdomain Through S3 Bucket Takeover… | https://dkcyberz.medium.com/how-to-take-over-a-subdomain-through-s3-bucket-takeover-a53238499b81?source=rss------bug_bounty-5 | Harpy Hunter | bug-bounty, bug-hunting, hackerone, s3-bucket, subdomain-takeover | 31-Aug-2024 |
How to Get Started in Bug Bounty Hunting: A Comprehensive Beginner’s Guide | https://shubhdhungana.medium.com/how-to-get-started-in-bug-bounty-hunting-a-comprehensive-beginners-guide-4cdaf3dcd910?source=rss------bug_bounty-5 | Subh Dhungana | bug-bounty, cybersecurity, hacking, hackerone, infosec | 31-Aug-2024 |
Most Asked Questions from Cybersecurity Beginners with Answers | https://medium.com/@cham3leon/most-asked-questions-from-cybersecurity-beginners-with-answers-91b7c680e967?source=rss------bug_bounty-5 | cham3leon | faq, cybersecurity, guides-and-tutorials, pentesting, bug-bounty | 31-Aug-2024 |
The Discovery of CVE-2024–5947: Authentication Bypass in Deep Sea Electronics DSE855 | https://infosecwriteups.com/the-discovery-of-cve-2024-5947-authentication-bypass-in-deep-sea-electronics-dse855-5fa2e89cbdfb?source=rss------bug_bounty-5 | Karthikeyan.V | bug-bounty, infosec, information-security, bugbounty-tips, bugbounty-writeup | 31-Aug-2024 |
Bypassing CSP via URL Parser Confusions : XSS on Netlify’s Image CDN | https://sudhanshur705.medium.com/bypassing-csp-via-url-parser-confusions-xss-on-netlifys-image-cdn-755a27065fd9?source=rss------bug_bounty-5 | Sudhanshu Rajbhar | bug-bounty, csp, xss-attack | 31-Aug-2024 |
Parameter tampering result in product price manipulation | https://medium.com/@RaunakGupta1922/parameter-tampering-result-in-product-price-manipulation-356c07a571e5?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | business, cybersecurity, hacking, college, bug-bounty | 31-Aug-2024 |
IIS welcome page to source code review to LFI! | https://medium.com/@omarahmed_13016/iis-welcome-page-to-source-code-review-to-lfi-23ec581049f5?source=rss------bug_bounty-5 | Omar Ahmed | bug-bounty, hackerone, application-security, bug-bounty-tips | 31-Aug-2024 |
How to Get Started in Bug Bounty Hunting: A Comprehensive Beginner’s Guide | https://infosecwriteups.com/how-to-get-started-in-bug-bounty-hunting-a-comprehensive-beginners-guide-4cdaf3dcd910?source=rss------bug_bounty-5 | Subh Dhungana | bug-bounty, cybersecurity, hacking, hackerone, infosec | 31-Aug-2024 |
From Reset to Takeover: The Exploitation Potential of IDOR in Password Recovery Systems | https://medium.com/@tusharpuri6/from-reset-to-takeover-the-exploitation-potential-of-idor-in-password-recovery-systems-5d1b6f53530a?source=rss------bug_bounty-5 | Tusharpuri | bug-bounty, application-security, penetration-testing, offensive-security, authentication | 31-Aug-2024 |
How to find webcams using the Google Dorking. | https://bob218.medium.com/how-to-find-webcams-using-the-google-dorking-4c7b491fa856?source=rss------bug_bounty-5 | bob218 | hacking, bug-bounty, osint, cybersecurity, google-dork | 31-Aug-2024 |
How Attackers Sneak in Hidden Requests and What You Can Do About It | https://cyberw1ng.medium.com/how-attackers-sneak-in-hidden-requests-and-what-you-can-do-about-it-cc085f245b4e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, careers, hacking, penetration-testing | 31-Aug-2024 |
Day 23 of 30 Days — 30 Vulnerabilities | JSON Web Token (JWT) Attacks | https://medium.com/@kumawatabhijeet2002/day-23-of-30-days-30-vulnerabilities-json-web-token-jwt-attacks-d9509595ebd8?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty-tips, bug-bounty, jwt-token, jwt-authentication, 30dayswritingchallenge | 30-Aug-2024 |
New trick to make self xss impactful | https://medium.com/@Rahulkrishnan_R_Panicker/new-trick-to-make-self-xss-impactful-073d52a07d4f?source=rss------bug_bounty-5 | Rahulkrishnan R Panicker | bug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty, xss-attack | 30-Aug-2024 |
How to install dnsReaper and use of dnsReaper | https://medium.com/@sherlock297/how-to-install-dnsreaper-and-use-of-dnsreaper-bc69d66d8c08?source=rss------bug_bounty-5 | Ravindra Dagale | dnsreaper, tools, bug-bounty, how-to, subdomain-takeover | 30-Aug-2024 |
Google Dorks | https://medium.com/@twinkspap/google-dorks-c83abf0918ef?source=rss------bug_bounty-5 | twinks | bug-bounty, google-dork, learning, skills, cybersecurity | 30-Aug-2024 |
Top 100Vulnerabilities: Identifying and Addressing Security Risks | https://medium.com/@0xvan/top-100vulnerabilities-identifying-and-addressing-security-risks-bce861b5fa31?source=rss------bug_bounty-5 | 0xvan | bug-bounty-tips, security, cybersecurity, bug-bounty, web-security | 30-Aug-2024 |
./Fingerprinting Web Technologies | https://gauravdavre.medium.com/fingerprinting-web-technologies-fde6631f9ef7?source=rss------bug_bounty-5 | Gaurav Davre | bug-bounty, cybersecurity, open-source-intelligence, reconnaissance, web-technology | 30-Aug-2024 |
26.16 Lab: Exploiting HTTP request smuggling to perform web cache poisoning | https://cyberw1ng.medium.com/26-16-lab-exploiting-http-request-smuggling-to-perform-web-cache-poisoning-fa35ac4fdf4c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, penetration-testing, bug-bounty, careers, cybersecurity | 30-Aug-2024 |
Unlock Hidden Web Vulnerabilities: Advanced ParamSpider Tactics Every Hacker Must Know! | https://systemweakness.com/unlock-hidden-web-vulnerabilities-advanced-paramspider-tactics-every-hacker-must-know-62487db3e8c8?source=rss------bug_bounty-5 | Khaleel Khan | penetration-testing, bug-bounty, hacking, infosec, cybersecurity | 30-Aug-2024 |
The Easiest Bug For Beginners | https://medium.com/@josuofficial327/the-easiest-bug-for-beginners-491986cbc53c?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | bug-bounty-hunter, cybersecurity, ethical-hacking, hacking, bug-bounty | 30-Aug-2024 |
The Hunt for XXE to LFI: How I Uncovered CVE-2019–9670 in a Bug Bounty Program | https://medium.com/@karthithehacker/the-hunt-for-xxe-to-lfi-how-i-uncovered-cve-2019-9670-in-a-bug-bounty-program-5668e4afa806?source=rss------bug_bounty-5 | Karthikeyan.V | bug-bounty, information-security, infosec, bugbounty-writeup, bug-bounty-tips | 30-Aug-2024 |
When Giving Out Cheap Hotel Deals Go Wrong: | https://medium.com/@ralph.andalis92/when-giving-out-cheap-hotel-deals-go-wrong-bfea34fa3cde?source=rss------bug_bounty-5 | Ralph Andalis | bug-bounty-tips, pentesting, bug-bounty, web-application-security, web-security | 30-Aug-2024 |
My Five Minute Critical Vulnerability Discovery on Hackerone | https://medium.com/@0xvan/my-five-minute-critical-vulnerability-discovery-on-hackerone-067258333c80?source=rss------bug_bounty-5 | 0xvan | bug-bounty-writeup, bug-bounty-tips, ethical-hacking, pentesting, bug-bounty | 30-Aug-2024 |
DVWA Cheat Sheet (Low & Medium) | https://medium.com/@loaysalah276/dvwa-cheat-sheet-low-medium-c7490e76f1b5?source=rss------bug_bounty-5 | Loay Salah | bug-bounty, cybersecurity, penetration-testing, owasp-top-10, dvwa | 30-Aug-2024 |
Understanding Bugcrowd’s Vulnerability Rating Taxonomy (VRT): | https://medium.com/@js8971105/understanding-bugcrowds-vulnerability-rating-taxonomy-vrt-d5bc946443b5?source=rss------bug_bounty-5 | jatin singh | bug-bounty, web-security, hacking, vrt, web | 30-Aug-2024 |
Top 100 Vulnerabilities: Identifying and Addressing Security Risks | https://medium.com/@0xvan/top-100vulnerabilities-identifying-and-addressing-security-risks-bce861b5fa31?source=rss------bug_bounty-5 | 0xvan | bug-bounty-tips, security, cybersecurity, bug-bounty, web-security | 30-Aug-2024 |
Subdomain Analysis for Bug Bounty Hunting: A Comprehensive Guide | https://bughunteralltime.medium.com/subdomain-analysis-for-bug-bounty-hunting-a-comprehensive-guide-920e33a59a91?source=rss------bug_bounty-5 | Bug_Hunter_All_Time | bug-bounty | 30-Aug-2024 |
How to Hunt for Sensitive Directories in Bug Bounty Hunting | https://bughunteralltime.medium.com/how-to-hunt-for-sensitive-directories-in-bug-bounty-hunting-f61a7f61d8fb?source=rss------bug_bounty-5 | Bug_Hunter_All_Time | bug-bounty-tips, bug-bounty, hacking | 30-Aug-2024 |
How to Map Out a Target for Bug Bounty Hunting | https://bughunteralltime.medium.com/how-to-map-out-a-target-for-bug-bounty-hunting-acea0ed59783?source=rss------bug_bounty-5 | Bug_Hunter_All_Time | bug-bounty-tips, bug-bounty, hacking, bugs | 30-Aug-2024 |
How To FindWeb Technology Identification for Effective Bug Bounty Hunting | https://bughunteralltime.medium.com/how-to-findweb-technology-identification-for-effective-bug-bounty-hunting-a0f57c80b67b?source=rss------bug_bounty-5 | Bug_Hunter_All_Time | hacking, bug-bounty-tips, bug-bounty, bug-fixes, web-development | 30-Aug-2024 |
Interview joke 2: Application Security (Prod. | https://medium.com/@kannnannmk/interview-joke-2-application-security-prod-7a0c4c6cdd1a?source=rss------bug_bounty-5 | Neelamegha Kannan S | bug-bounty, application-security, code-review, pentesting, bug-bounty-tips | 30-Aug-2024 |
Easy Subdomain Enumeration Tools & Commands | https://medium.com/@josuofficial327/easy-subdomain-enumeration-tools-commands-5f8a8fe0f3a0?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | cybersecurity, ethical-hacking, bug-bounty-tips, bug-hunting, bug-bounty | 30-Aug-2024 |
Interview joke 1: Application Security (Prod. | https://medium.com/@kannnannmk/application-security-prod-3868c0b8cb64?source=rss------bug_bounty-5 | Neelamegha Kannan S | bug-bounty-tips, interview, bug-bounty, web-security, application-security | 30-Aug-2024 |
OWASP A04:2021 INSECURE DESIGN | https://medium.com/@shivamsharma.ss484/owasp-a04-2021-insecure-design-34ef11e83e6f?source=rss------bug_bounty-5 | Shivamsharma | owasp, owasp-top-10, bug-bounty, hacking, cybersecurity | 30-Aug-2024 |
A Comprehensive AI Security Model for Penetration Testing leverages advanced AI techniques to… | https://medium.com/@ajaynaik_16635/a-comprehensive-ai-security-model-for-penetration-testing-leverages-advanced-ai-techniques-to-9caa4febfc21?source=rss------bug_bounty-5 | Ajay Naik | bug-bounty-tips, bug-bounty, ai-security, ethical-hacking | 30-Aug-2024 |
Bad Effect Of Bug In Domain. | https://medium.com/@nazmulhasan017191/bad-effect-of-bug-in-domain-e0cfd62cb3bc?source=rss------bug_bounty-5 | Nazmul Hasan | technical-analysis, information-security, cybersecurity, bug-hunting, bug-bounty | 30-Aug-2024 |
How to Find Clickjacking Vulnerabilities Using the Command Line in Kali Linux | https://bughunteralltime.medium.com/how-to-find-clickjacking-vulnerabilities-using-the-command-line-in-kali-linux-a07cc64437f3?source=rss------bug_bounty-5 | Bug_Hunter_All_Time | bug-bounty-tips, hacking, bugs, bug-bounty | 30-Aug-2024 |
Understanding Log Stealer and Its Role in Security Testing — Part 1 | https://medium.com/haktrak-cybersecurity-squad/understanding-log-stealer-and-its-role-in-security-testing-part-1-5f2223b47847?source=rss------bug_bounty-5 | YoKo Kho | security-testing, stealer-logs, stealer-malware, broken-access-control, bug-bounty | 30-Aug-2024 |
Understanding Stealer Logs and Its Role in Security Testing — Part 1 | https://medium.com/haktrak-cybersecurity-squad/understanding-log-stealer-and-its-role-in-security-testing-part-1-5f2223b47847?source=rss------bug_bounty-5 | YoKo Kho | stealer-logs, stealer-malware, red-team, broken-access-control, bug-bounty | 30-Aug-2024 |
A Comprehensive AI Security Model for Penetration Testing leverages advanced AI techniques to… | https://medium.com/@ajaynaikhack/a-comprehensive-ai-security-model-for-penetration-testing-leverages-advanced-ai-techniques-to-9caa4febfc21?source=rss------bug_bounty-5 | Ajay Naik | bug-bounty-tips, bug-bounty, ai-security, ethical-hacking | 30-Aug-2024 |
Overview CVE-2024–38063 is a critical zero-click remote code execution (RCE) vulnerability… | https://medium.com/@ajaynaikhack/overview-cve-2024-38063-is-a-critical-zero-click-remote-code-execution-rce-vulnerability-9be862382548?source=rss------bug_bounty-5 | Ajay Naik | hacking, bug-bounty, cve, network-security, windows | 30-Aug-2024 |
Day 22 of 30 Days — 30 Vulnerabilities | Business Logic Flaws | https://medium.com/@kumawatabhijeet2002/day-22-of-30-days-30-vulnerabilities-business-logic-flaws-734c2f4b0575?source=rss------bug_bounty-5 | Abhijeet kumawat | business-logic, bug-bounty-tips, business-logic-flaw, 30dayswritingchallenge, bug-bounty | 29-Aug-2024 |
Part -2: Uncovering a Critical Parameter Tampering Vulnerability on a Major OTT Platform | https://medium.com/@sulmanfarooq531/uncovering-a-critical-parameter-tampering-vulnerability-on-a-major-ott-platform-e3342cd3437c?source=rss------bug_bounty-5 | Sulman Farooq S | cybersecurity, bug-bounty, http-parameter-pollution, ethical-hacking, ott | 29-Aug-2024 |
How Hackers Use Cross-Site Scripting to Break Through Web Application Firewalls! | https://theshaco.com/how-hackers-use-cross-site-scripting-to-break-through-web-application-firewalls-ab101f1778a1?source=rss------bug_bounty-5 | Khaleel Khan | web-development, cybersecurity, infosec, hacking, bug-bounty | 29-Aug-2024 |
Practical Bug Bounty — TCM Academy | Module 8 pt.3 (SSTI, XXE, Insecure File Uploads) | https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-8-pt-3-ssti-xxe-insecure-file-uploads-1ed7056ea0c7?source=rss------bug_bounty-5 | Mohammad Awab Hassan Nizami | bug-bounty, web-penetration-testing, cybersecurity, ethical-hacking, tcm-academy | 29-Aug-2024 |
Part 2 — How I Found Vulnerabilities in NASA and Got into the Hall of Fame — 4 Bugs | Karthikeyan… | https://systemweakness.com/part-2-how-i-found-vulnerabilities-in-nasa-and-got-into-the-hall-of-fame-4-bugs-karthikeyan-79c3ec17a336?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, careers, cybersecurity, hacking, bug-bounty | 29-Aug-2024 |
Disable Any Customer Ability To Create Service Account With Business Logic Vulnerability | https://medium.com/@bilalresearcher/disable-any-customer-ability-to-create-service-account-with-business-logic-vulnerability-05ab37901a4a?source=rss------bug_bounty-5 | Bilal Researcher | hacking, bug-bounty-writeup, cybersecurity, bug-bounty, bugbounty-writeup | 29-Aug-2024 |
Reflected XSS To Account Takeover Without Stealing Session Cookie | https://medium.com/@bilalresearcher/reflected-xss-to-account-takeover-without-stealing-session-cookie-413e522aac40?source=rss------bug_bounty-5 | Bilal Researcher | hacking, bug-bounty-writeup, bug-bounty, bugbounty-writeup, cybersecurity | 29-Aug-2024 |
Detecting Blind Injection Attacks with Discord Webhooks | https://medium.com/@bilalresearcher/detecting-blind-injection-attacks-with-discord-webhooks-9a9d3b566bf1?source=rss------bug_bounty-5 | Bilal Researcher | hacking, cybersecurity, bugbounty-writeup, bug-bounty, bug-bounty-writeup | 29-Aug-2024 |
A Beautiful Bug: Interesting URL scheme bypass + Race Condition | https://medium.com/@bilalresearcher/a-beautiful-bug-interesting-url-scheme-bypass-race-condition-e8ff79361740?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, bugbounty-writeup, hacking, cybersecurity, bug-bounty-writeup | 29-Aug-2024 |
Stored XSS to Account Takeover (AWS Cognito) | https://medium.com/@bilalresearcher/stored-xss-to-account-takeover-aws-cognito-bd29d241e5d1?source=rss------bug_bounty-5 | Bilal Researcher | xss-vulnerability, bug-bounty-tips, bugbounty-writeup, cybersecurity, bug-bounty | 29-Aug-2024 |
My Journey to the United Nations Hall of Fame: A Story of Lucky Me | https://medium.com/@siddharth_1/my-journey-to-the-united-nations-hall-of-fame-a-story-of-lucky-me-d489d93bd363?source=rss------bug_bounty-5 | Siddharth | cybersecurity, united-nations, vulnerability, bug-bounty, bug-bounty-writeup | 29-Aug-2024 |
XSS Web Application Firewall Bypass Techniques | https://medium.com/@bilalresearcher/xss-web-application-firewall-bypass-techniques-e10476b5fa72?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, bug-bounty-writeup, hacking, bugbounty-writeup, cybersecurity | 29-Aug-2024 |
OAuth CSRF: Exploiting the Authorization Code Flow for Account Takeover | https://medium.com/@bilalresearcher/oauth-csrf-exploiting-the-authorization-code-flow-for-account-takeover-b1e3790416b7?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, bugbounty-writeup, cybersecurity, hacking, bug-bounty-writeup | 29-Aug-2024 |
Two Factor Authentication Bypass via using Victim’s DeviceID | https://medium.com/@bilalresearcher/two-factor-authentication-bypass-via-using-victims-deviceid-1fc10bfe95c9?source=rss------bug_bounty-5 | Bilal Researcher | hacking, bugbounty-writeup, bug-bounty-writeup, bug-bounty, cybersecurity | 29-Aug-2024 |
Bypassed an Admin Panel Using SQL Payloads | https://medium.com/@bilalresearcher/bypassed-an-admin-panel-using-sql-payloads-572574b41d1c?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, hacking, cybersecurity, bug-bounty-writeup, bugbounty-writeup | 29-Aug-2024 |
Hunting JavaScript File for Bug Hunters | https://medium.com/@bilalresearcher/hunting-javascript-file-for-bug-hunters-ae4af0479a9c?source=rss------bug_bounty-5 | Bilal Researcher | cybersecurity, bugbounty-writeup, hacking, bug-bounty, bug-bounty-writeup | 29-Aug-2024 |
Common 403 Bypasses Part 2 | https://medium.com/@bilalresearcher/common-403-bypasses-part-2-80fd094a86fe?source=rss------bug_bounty-5 | Bilal Researcher | bugbounty-writeup, hacking, bug-bounty, cybersecurity, bug-bounty-writeup | 29-Aug-2024 |
Common 403 Bypasses Part 1 | https://medium.com/@bilalresearcher/common-403-bypasses-part-1-a693a8413108?source=rss------bug_bounty-5 | Bilal Researcher | cybersecurity, bugbounty-writeup, bug-bounty-writeup, bug-bounty, hacking | 29-Aug-2024 |
Advanced SQLMap Customization | https://medium.com/@bilalresearcher/advanced-sqlmap-customization-34d04b6c0984?source=rss------bug_bounty-5 | Bilal Researcher | cybersecurity, hacking, bug-bounty, bug-bounty-writeup, bugbounty-writeup | 29-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-91) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-91-bcac49fd0f29?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, cybersecurity, money, bug-bounty, hacking | 28-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-90) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-90-0f7e5ae09f8c?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, cybersecurity, hacking, ethical-hacking, money | 28-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-89) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-89-f7771af9355f?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | money, bug-bounty, hacking, cybersecurity, ethical-hacking | 28-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-88) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-88-5fba54f61fd0?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, money, hacking, cybersecurity, ethical-hacking | 28-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-87) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-87-d78ff97837fd?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | money, hacking, cybersecurity, ethical-hacking, bug-bounty | 28-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-86) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-86-dfcf154a34d3?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, cybersecurity, money, bug-bounty, ethical-hacking | 28-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-85) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-85-46305e104b6f?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, ethical-hacking, cybersecurity, bug-bounty, money | 28-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-84) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-84-d3a454db9673?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, ethical-hacking, money, cybersecurity, hacking | 28-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-83) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-83-45728838a32c?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, hacking, bug-bounty, cybersecurity, money | 28-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-82) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-82-8c89ec5c5ef7?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | money, bug-bounty, hacking, cybersecurity, ethical-hacking | 28-Aug-2024 |
Day 21 of 30 Days — 30 Vulnerabilities | OAuth Misconfigurations | https://medium.com/@kumawatabhijeet2002/day-21-of-30-days-30-vulnerabilities-oauth-misconfigurations-693c16cf5476?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, web-security-testing, bug-bounty-tips, 30dayswritingchallenge, oauth | 28-Aug-2024 |
How to Scan a Range of IP Addresses with Nmap | https://medium.com/@sherlock297/how-to-scan-a-range-of-ip-addresses-with-nmap-d802dc168846?source=rss------bug_bounty-5 | Ravindra Dagale | tools, nmap, information-technology, bug-bounty, security | 28-Aug-2024 |
The Secret to Finding Anyone’s Digital Footprint: Master OSINT in 7 Easy Steps! | https://medium.com/@paritoshblogs/the-secret-to-finding-anyones-digital-footprint-master-osint-in-7-easy-steps-bd278a058c73?source=rss------bug_bounty-5 | Paritosh | information-technology, cybersecurity, osint, hacking, bug-bounty | 28-Aug-2024 |
Exploiting Second-Order IDOR Vulnerabilities | https://medium.com/@bountyget/exploiting-second-order-idor-vulnerabilities-6d2554eb1319?source=rss------bug_bounty-5 | Dhiren Kumar Pradhan | bug-bounty, infosec, information-security, bug-bounty-tips, bug-bounty-writeup | 28-Aug-2024 |
Exploiting IDORs in APIs That Use Static Keywords | https://medium.com/@bountyget/exploiting-idors-in-apis-that-use-static-keywords-f94b7797634a?source=rss------bug_bounty-5 | Dhiren Kumar Pradhan | information-security, bug-bounty-writeup, bug-bounty-tips, infosec, bug-bounty | 28-Aug-2024 |
IDOR : Deleting Comments Like a Boss! | https://medium.com/@tanyago/idor-deleting-comments-like-a-boss-0413a375024f?source=rss------bug_bounty-5 | Tanya Goyal | bug-bounty, bug-bounty-tips, bug-bounty-writeup, idor, bug-hunting | 28-Aug-2024 |
25.7 Lab: Password reset poisoning via dangling markup | https://cyberw1ng.medium.com/25-7-lab-password-reset-poisoning-via-dangling-markup-cee4cc5a20f3?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, cybersecurity, hacking, penetration-testing | 28-Aug-2024 |
The Ultimate List of Browser Extensions for Bug Bounty Hunters | https://medium.com/@k4r7hx/the-ultimate-list-of-browser-extensions-for-bug-bounty-hunters-5e349437e063?source=rss------bug_bounty-5 | Karthikeyan | extension, ethical-hacking, bug-bounty, penetration-testing, web | 28-Aug-2024 |
How important Cookies can be? | https://medium.com/@alireza.razaghzadegan1999/how-important-cookies-can-be-86c7a3fdd790?source=rss------bug_bounty-5 | Alireza Razaghzadegan | technology, website, bug-bounty, security | 28-Aug-2024 |
Blind Command Injection Leads to Nothing!! | https://medium.com/@kush.kira/blind-command-injection-leads-to-nothing-ea56f6662a58?source=rss------bug_bounty-5 | Kira | os-command-injection, command-injection, ssrf, bug-bounty, hacking | 28-Aug-2024 |
OTP Bypassing with Response Manipulation | https://medium.com/@sahilkushwaha275/otp-bypassing-with-response-manipulation-238498b02737?source=rss------bug_bounty-5 | S33NU | bug-hunting, cybersecurity, hacking, pentesting, bug-bounty | 28-Aug-2024 |
Dramatic Surge in Password-Stealing Attacks Targeting Amazon, Facebook, and Google Users | https://medium.com/@realahmedmoses/dramatic-surge-in-password-stealing-attacks-targeting-amazon-facebook-and-google-users-011f6bd3315a?source=rss------bug_bounty-5 | Moses Ahmed | technology, coding, bug-bounty, cybersecurity, programming | 28-Aug-2024 |
How To Get Stored Xss & RCE Using Bypass Signature & Extension Via File Upload |_| | https://medium.com/@bilalresearcher/how-to-get-stored-xss-rce-using-bypass-signature-extension-via-file-upload-9b3e8d9348cd?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-writeup, bugbounty-writeup, cybersecurity, bug-bounty, bug-bounty-tips | 27-Aug-2024 |
Find Blind XSS like a pro. | https://medium.com/@bilalresearcher/find-blind-xss-like-a-pro-ddc9ef8d5e89?source=rss------bug_bounty-5 | Bilal Researcher | bugbounty-writeup, bug-bounty, bug-bounty-writeup, hacking, bug-bounty-tips | 27-Aug-2024 |
The only recon methodology you need to know. | https://medium.com/@bilalresearcher/the-only-recon-methodology-you-need-to-know-9feb257ca4a2?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, idor, bug-bounty-writeup, cybersecurity, bugbounty-writeup | 27-Aug-2024 |
Advanced Web Cache Poisoning Techniques (Part 2): Tools, Methods, and Exploits | https://medium.com/@bilalresearcher/advanced-web-cache-poisoning-techniques-part-2-tools-methods-and-exploits-b379aeb7ab36?source=rss------bug_bounty-5 | Bilal Researcher | idor, hacking, bug-bounty-writeup, bug-bounty, bugbounty-writeup | 27-Aug-2024 |
Unraveling Web Cache Poisoning: A Deep Dive (Part 1) | https://medium.com/@bilalresearcher/unraveling-web-cache-poisoning-a-deep-dive-part-1-49fa00e81d1a?source=rss------bug_bounty-5 | Bilal Researcher | bugbounty-writeup, cybersecurity, idor, bug-bounty, bug-bounty-writeup | 27-Aug-2024 |
Finding IDOR Vulnerabilities: Key Endpoints and Resources | https://medium.com/@bilalresearcher/finding-idor-vulnerabilities-key-endpoints-and-resources-e4c2457aa231?source=rss------bug_bounty-5 | Bilal Researcher | idor, bug-bounty-writeup, bugbounty-writeup, bug-bounty, hacking | 27-Aug-2024 |
How I was able to discover ATO Via IDOR vulnerability | https://medium.com/@bilalresearcher/how-i-was-able-to-discover-ato-via-idor-vulnerability-c31d074a62e8?source=rss------bug_bounty-5 | Bilal Researcher | cybersecurity, hacking, bug-bounty, bug-bounty-writeup, bugbounty-writeup | 27-Aug-2024 |
SAML Authentication Bypass Leading to Admin Panel Access | https://medium.com/@bilalresearcher/saml-authentication-bypass-leading-to-admin-panel-access-751380db249e?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, bugbounty-writeup, cybersecurity, bug-bounty-writeup, hacking | 27-Aug-2024 |
Critical Security Vulnerability Discovered on Reserve Bank of India’s Website: A Wake-Up Call… | https://medium.com/@psychomong/critical-security-vulnerability-discovered-on-reserve-bank-of-indias-website-a-wake-up-call-06fd08db0559?source=rss------bug_bounty-5 | psychomong | bugs, hacker, bug-bounty, no-rate-limit, hacking | 27-Aug-2024 |
Day 20 0f 30 Days — 30 Vulnerabilities | Host Header Injection | https://medium.com/@kumawatabhijeet2002/day-20-0f-30-days-30-vulnerabilities-host-header-injection-9bc006b4734c?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty-writeup, bug-bounty, host-header-injection, bug-bounty-tips, hostattack | 27-Aug-2024 |
Day 19 of 30 Days — 30 Vulnerabilities | Rate Limiting Bypass | https://medium.com/@kumawatabhijeet2002/day-19-of-30-days-30-vulnerabilities-rate-limiting-bypass-896c8e2bdfc1?source=rss------bug_bounty-5 | Abhijeet kumawat | 30dayswritingchallenge, bug-bounty-tips, bug-bounty, rate-limit-bypass | 27-Aug-2024 |
24.13 Lab: Internal cache poisoning | https://cyberw1ng.medium.com/24-13-lab-internal-cache-poisoning-2c328e4d4a6d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, careers, hacking, penetration-testing | 27-Aug-2024 |
Practical Bug Bounty — TCM Academy | Module 8 pt. 2 (XSS, CMDI) | https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-8-pt-2-xss-cmdi-b8728aa5261d?source=rss------bug_bounty-5 | Mohammad Awab Hassan Nizami | bug-bounty, xss-attack, web-penetration-testing, ethical-hacking, cybersecutiy | 27-Aug-2024 |
$15k RCE Through Monitoring Debug Mode | https://medium.com/@0xold/15k-rce-through-monitoring-debug-mode-4f474d8549d5?source=rss------bug_bounty-5 | 0xold | local-file-inclusion, pentesting, hacking, bug-bounty, rce | 27-Aug-2024 |
Exploiting IDORs via JSON Globbing | https://medium.com/@bountyget/exploiting-idors-via-json-globbing-e4c6e2c0535c?source=rss------bug_bounty-5 | Dhiren Kumar Pradhan | penetration-testing, idor, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 27-Aug-2024 |
How i get OTP bypass leads to ATO | https://kiraadx.medium.com/how-i-get-otp-bypass-leads-to-ato-a7645ade3a90?source=rss------bug_bounty-5 | KiRaaDx | bug-bounty-tips, bug-bounty, bug-bounty-writeup | 27-Aug-2024 |
Discovering Two Out-of-Scope Blind/Stored XSS Vulnerabilities in an Admin Panel on a Public Bug… | https://medium.com/@octayus/discovering-two-out-of-scope-blind-stored-xss-vulnerabilities-in-an-admin-panel-on-a-public-bug-c0262fa35238?source=rss------bug_bounty-5 | OctaYus | bug-bounty, python, xss-attack, penetration-testing, cybersecurity | 27-Aug-2024 |
CSRF Bypass Using Domain Confusion Leads To ATO | https://infosecwriteups.com/csrf-bypass-using-domain-confusion-leads-to-ato-ac682dd17722?source=rss------bug_bounty-5 | Osama Aly | bug-bounty, cybersecurity, hackerone | 27-Aug-2024 |
How did I manage to get my first p2 vulnerability using only ffuf | https://medium.com/@loayahmed686/how-did-i-manage-to-get-my-first-p2-vulnerability-using-only-ffuf-a8a70d965d33?source=rss------bug_bounty-5 | r00t | bug-bounty, cybersecurity | 27-Aug-2024 |
Fundora on Testnet Bounty Hunt: Spotting Bugs and Reaping Rewards | https://gingerjoygames.medium.com/fundora-on-testnet-bounty-hunt-spotting-bugs-and-reaping-rewards-7529ec61b1cc?source=rss------bug_bounty-5 | Ginger Joy Games | games, testnet, mobile-games, web3, bug-bounty | 27-Aug-2024 |
Monitoring Gitlab Snippets for secrets with TruffleHog | https://medium.com/@learntheshell/monitoring-gitlab-snippets-for-secrets-with-trufflehog-5c77281ff5b7?source=rss------bug_bounty-5 | LearnTheShell | trufflehog, bug-bounty, git, bug-bounty-tips, gitlab | 27-Aug-2024 |
How I Got Sensitive Directory Using Shodan | https://ch4ndan.medium.com/how-i-got-sensitive-directory-using-shodan-10e5b91cda86?source=rss------bug_bounty-5 | Ch4ndan das | bug-bounty, cybersecurity, bug-bounty-tips, bugs, information-disclosure | 27-Aug-2024 |
Unveiling the Secrets of Malware Traffic: Analyzing Malware Infected pcap with Wireshark | https://medium.com/@dsksatheesh35/unveiling-the-secrets-of-malware-traffic-analyzing-malware-infected-pcap-with-wireshark-5989a9b013fd?source=rss------bug_bounty-5 | D Satheesh Kumar | malware-analysis, bug-bounty, cybersecurity, wireshark, network-security | 27-Aug-2024 |
HTML Injection in email via fname field | https://medium.com/@hossam_hamada/html-injection-in-email-via-fname-field-564c3657e8ad?source=rss------bug_bounty-5 | Hossam Hamada | penetration-testing, bug-bounty, hackerone, bugcrowd, html-injection | 27-Aug-2024 |
How I Took Over Two Subdomains: A Step-by-Step Guide | https://medium.com/@0xSphinx/how-i-took-over-two-subdomains-a-step-by-step-guide-df5d9eecbb2e?source=rss------bug_bounty-5 | 0xSphinx | cybersecurity, security, aws, hacking, bug-bounty | 27-Aug-2024 |
Day 17 of 30 Days — 30 Vulnerabilities | Path/Directory Traversal | https://medium.com/@kumawatabhijeet2002/day-17-of-30-days-30-vulnerabilities-path-directory-traversal-008e92c07f23?source=rss------bug_bounty-5 | Abhijeet kumawat | 30dayswritingchallenge, bug-bounty-tips, path-traversal, bug-bounty | 26-Aug-2024 |
Thief Raccoon — Login Phishing Tool | https://medium.com/@bountyget/thief-raccoon-login-phishing-tool-59c574687aae?source=rss------bug_bounty-5 | Bountyget | python3, infosec, info-sec-writeups, bug-bounty, penetration-testing | 26-Aug-2024 |
From Developer to Hacker — Entering the Red team | https://medium.com/@jonathanmondaut/from-developer-to-hacker-entering-the-red-team-8b50989b9464?source=rss------bug_bounty-5 | Jonathan Mondaut | bug-bounty, youtube, networking, twitter, cybersecurity | 26-Aug-2024 |
New Malware Uses PHP Exploit to Backdoor Windows Systems - Stay Informed! | https://medium.com/@realahmedmoses/new-malware-uses-php-exploit-to-backdoor-windows-systems-stay-informed-8df12e89391a?source=rss------bug_bounty-5 | Moses Ahmed | technology, bug-bounty, data-science, cybersecurity, programming | 26-Aug-2024 |
Password Reset Glitch Leads to Instant Account Takeover | https://bevijaygupta.medium.com/password-reset-glitch-leads-to-instant-account-takeover-a4e67b667eaf?source=rss------bug_bounty-5 | Vijay Gupta | vulnerability, reset, bug-bounty, passwords, glitch | 26-Aug-2024 |
DNS enumeration methodology and techniques | https://systemweakness.com/dns-enumeration-methodology-and-techniques-1945fa4164fd?source=rss------bug_bounty-5 | Harsh Hatej | kali-linux, cybersecurity, linux, subdomains-enumeration, bug-bounty | 26-Aug-2024 |
Account Take Over | P1 — Critical | https://irsyadsec.medium.com/account-take-over-p1-critical-5468ce8218b9?source=rss------bug_bounty-5 | Irsyad Muhammad Fawwaz | writeup, bugcrowd, bug-bounty, cybersecurity, bug-bounty-tips | 26-Aug-2024 |
Understanding Robots.txt: The Key to Managing Web Crawlers | https://medium.com/@kanishk.k1410/understanding-robots-txt-the-key-to-managing-web-crawlers-04eda892ec92?source=rss------bug_bounty-5 | Kanishk Kumar | information-technology, investigation, cybersecurity, osint, bug-bounty | 26-Aug-2024 |
Hacking My College panel using University Website Like a Pro | https://medium.com/@RaunakGupta1922/hacking-my-college-panel-using-university-website-like-a-pro-9dd075133dce?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | hacking, bugbounty-writeup, college, cybersecurity, bug-bounty | 26-Aug-2024 |
Exposing Hidden Risks: Uncovering Sensitive Data on a Government Website using Google Dorks | https://medium.com/@sulmanfarooq531/exposing-hidden-risks-uncovering-sensitive-data-on-a-government-website-using-google-dorks-51748e4f3695?source=rss------bug_bounty-5 | Sulman Farooq S | cybersecurity, government, google-dork, google, bug-bounty | 26-Aug-2024 |
“Like” Bypass on Customer Reviews — €500 bounty | https://medium.com/@asharm.khan7/like-bypass-on-customer-reviews-500-bounty-b8d45a98c096?source=rss------bug_bounty-5 | Ashar Mahmood | hacking-for-defense, ethical-hacking, bug-bounty, bug-bounty-tips, hacking | 26-Aug-2024 |
Best Attack Surface Visualization Tools | https://netlas.medium.com/best-attack-surface-visualization-tools-8034e681807d?source=rss------bug_bounty-5 | Netlas.io | bug-bounty, penetration-testing, attack-surface, cybersecurity, attack-surface-management | 26-Aug-2024 |
Meet Dobby: Your New Bug Bounty Assistant | https://medium.com/@h3llbl4ckk/meet-dobby-your-new-bug-bounty-assistant-f5bebfeb7607?source=rss------bug_bounty-5 | Mehmet Kaya | cybersecurity, github, open-source, hacking, bug-bounty | 26-Aug-2024 |
Account Takeover (Same OTP) | https://medium.com/@raxomara/account-takeover-same-otp-81bfba35d9b3?source=rss------bug_bounty-5 | Raxomara | account-takeover, bug-bounty-tips, cybersecurity, bug-bounty, race-condition | 26-Aug-2024 |
WebSec — CSRF/XSRF (Cross-Site Request Forgery) | https://medium.com/@meryemddalgali/websec-csrf-xsrf-cross-site-request-forgery-6c048c6323d1?source=rss------bug_bounty-5 | Meryem Dalgalı | bug-bounty, web-security, xsrf, csrf-attack, vulnerability | 26-Aug-2024 |
24.12 Lab: Cache key injection vulnerabilities | https://cyberw1ng.medium.com/24-12-lab-cache-key-injection-vulnerabilities-22429a13eebf?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, careers, cybersecurity, penetration-testing | 26-Aug-2024 |
Day 18 of 30 Days — 30 Vulnerabilities | Insecure Deserialization | https://medium.com/@kumawatabhijeet2002/day-18-of-30-days-30-vulnerabilities-insecure-deserialization-29656c0d212a?source=rss------bug_bounty-5 | Abhijeet kumawat | serialization, insecure-design, 30dayswritingchallenge, bug-bounty-tips, bug-bounty | 26-Aug-2024 |
How I was able to give verification badge to any YouTube channel and bypass needed requirements | https://xtt0k.medium.com/how-i-was-able-to-give-verification-badge-to-any-youtube-channel-and-bypass-needed-requirements-b88855afe4b7?source=rss------bug_bounty-5 | Vojtech Cekal | youtube, bug-bounty, bounty-hunter, bugs, vulnerability | 26-Aug-2024 |
OSINT, ChatGPT, and Password Spraying to Takeover System Administrator Account | https://medium.com/@mmaulanaabdullah/osint-chatgpt-and-password-spraying-to-takeover-system-administrator-account-b0a6295edbbc?source=rss------bug_bounty-5 | M Maulana Abdullah | cybersecurity, infosec, chatgpt, ai, bug-bounty | 26-Aug-2024 |
How I found XSS and open redirect in Kamiapp.com accidentally | https://medium.com/@alimuhammadsecured/how-i-found-xss-and-open-redirect-in-kamiapp-com-accidentally-2ff0d3c2b61b?source=rss------bug_bounty-5 | Alimuhammadsecured | bbp, ctf, bug-bounty, hacking | 26-Aug-2024 |
How do I chain multiple Nuclei templates together in a single scan? | https://medium.com/@sherlock297/how-do-i-chain-multiple-nuclei-templates-together-in-a-single-scan-621a3fb8787f?source=rss------bug_bounty-5 | Ravindra Dagale | linux, bug-bounty, how-to, cybersecurity, tips | 25-Aug-2024 |
How to get your first valid bug by reading disclosed reports | https://anonysm.medium.com/how-to-get-your-first-valid-bug-by-reading-disclosed-reports-2663c9987bf3?source=rss------bug_bounty-5 | Muthu D | cybersecurity, ethical-hacking, bug-bounty, hacking, penetration-testing | 25-Aug-2024 |
Bypass Brute-force IP Block | https://icecream23.medium.com/bypass-brute-force-ip-block-870a4329c3be?source=rss------bug_bounty-5 | Aman Bhuiyan | ethical-hacking, bypassing, ip, bug-bounty | 25-Aug-2024 |
The Evolution of Phishing Attacks: A Growing Cybersecurity Challenge | https://medium.com/@paritoshblogs/the-evolution-of-phishing-attacks-a-growing-cybersecurity-challenge-800b0eeacf00?source=rss------bug_bounty-5 | Paritosh | phishing, hacking, social-media, cybersecurity, bug-bounty | 25-Aug-2024 |
Vulnerable WordPress July 2024 (Ash-e_doogh) | https://medium.com/@onhexgroup/vulnerable-wordpress-july-2024-ash-e-doogh-c7e71d7d94d5?source=rss------bug_bounty-5 | Onhexgroup | wordpress-security, wordpress, bug-bounty, cybersecurity, infosec | 25-Aug-2024 |
Finding origin ip address | https://systemweakness.com/finding-origin-ip-address-672ca2e2967b?source=rss------bug_bounty-5 | loyalonlytoday | bugbounty-writeup, bug-bounty, bug-bounty-tips, hacking, penetration-testing | 25-Aug-2024 |
Explore Koii Network’s DEPIN world with a $10,000 Bug Bounty reward | https://medium.com/coinmonks/explore-koii-networks-depin-world-with-a-10-000-bug-bounty-reward-6a57a5450a44?source=rss------bug_bounty-5 | xeefox | ai, koii, depin, koii-network, bug-bounty | 25-Aug-2024 |
Defensive Strategies and Best Practices to Protect Against Web Cache Poisoning | https://cyberw1ng.medium.com/defensive-strategies-and-best-practices-to-protect-against-web-cache-poisoning-7d9b855658c7?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, bug-bounty, penetration-testing, careers | 25-Aug-2024 |
HOW TO START IN BUG BOUNTY HUNTING | https://medium.com/@gouravrathod8788/how-to-start-in-bug-bounty-hunting-848f5c74807f?source=rss------bug_bounty-5 | Gourav Singh Rajput | cybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty | 25-Aug-2024 |
TOP USEFUL CYBR SECURITY & BUG HUNTING TOOL | https://medium.com/@gouravrathod8788/top-useful-cybr-security-bug-hunting-tool-de9ae281e12f?source=rss------bug_bounty-5 | Gourav Singh Rajput | cybersecurity, hacking-tools, bug-bounty, ethical-hacking, hacking | 25-Aug-2024 |
Solving the Prompt Airlines CTF | https://infosecwriteups.com/solving-the-prompt-airlines-ctf-2235c725050b?source=rss------bug_bounty-5 | hackerdevil | bug-bounty, ctf, ctf-writeup, promptairlines, cybersecurity | 25-Aug-2024 |
Hitting the jackpot with RCE! | https://medium.com/@gokulsspace/hitting-the-jackpot-with-rce-43755cac1415?source=rss------bug_bounty-5 | Gokulsspace | pentesting, cybersecurity, kerala, ethical-hacking, bug-bounty | 25-Aug-2024 |
How I was able to Edit/Read Users Workspaces/Data without any access to it | https://medium.com/@octayus/how-i-was-able-to-edit-read-users-workspaces-data-without-any-access-to-it-aed616dbde8e?source=rss------bug_bounty-5 | OctaYus | information-technology, cybersecurity, infosec, bug-bounty, bounty-program | 25-Aug-2024 |
How I got $24000 Bounty from a Log4j RCE in Apple App Store. | https://medium.com/@meharhuzaifa777/exploiting-log4j-rce-in-apple-app-store-ca99a549de1f?source=rss------bug_bounty-5 | Meharhuzaifa | cybersecurity, bug-bounty-writeup, ethical-hacking, bug-bounty | 25-Aug-2024 |
Intruder + Frida to Account Takeover | https://medium.com/@bilalresearcher/intruder-frida-to-account-takeover-548d4dd785ef?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, bug-bounty-writeup, cybersecurity, bugbounty-writeup, hacking | 25-Aug-2024 |
Using E-Notation to bypass Access Control restrictions to access arbitrary user PII-discussions | https://medium.com/@bilalresearcher/using-e-notation-to-bypass-access-control-restrictions-to-access-arbitrary-user-pii-discussions-d16bbad42394?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-writeup, idor, hacking, cybersecurity, bug-bounty | 25-Aug-2024 |
PwnOS-1 Walkthrough | https://erdemstar.medium.com/pwnos-1-walkthrough-fec01bd0e8d4?source=rss------bug_bounty-5 | Erdemstar | bug-bounty, oscp-preparation, oscp, cybersecurity, security | 25-Aug-2024 |
Kioptrix Level 4 Walkthrough | https://erdemstar.medium.com/kioptrix-level-4-walkthrough-96d46095c789?source=rss------bug_bounty-5 | Erdemstar | oscp-preparation, bug-bounty-tips, oscp, cybersecurity, bug-bounty | 25-Aug-2024 |
LOLbins / LOLBAS Attack ! | https://medium.com/@reemmoslem34/lolbins-lolbas-attack-006aad1ac364?source=rss------bug_bounty-5 | Rem Khalid | bug-bounty, cybersecurity, malware, python, cryptocurrency | 25-Aug-2024 |
What Really Provides Security in the Cloud? | https://medium.com/@paritoshblogs/what-really-provides-security-in-the-cloud-2f0cc83d113a?source=rss------bug_bounty-5 | Paritosh | information-technology, bug-bounty, information-security, cybersecurity, infosec | 24-Aug-2024 |
Practical Bug Bounty — TCM Academy | Module 8 | https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-8-44663b4f87e3?source=rss------bug_bounty-5 | Mohammad Awab Hassan Nizami | sqli, bug-bounty, sql-injection, tcm-academy, web-penetration-testing | 24-Aug-2024 |
Cross-Site Origin Policy (CORS) | https://itsravikiran25.medium.com/cross-site-origin-policy-cors-c82e4b0208f8?source=rss------bug_bounty-5 | Ravikiran | infosec-write-ups, vulnerability-assessment, cybersecurity, bug-bounty, cors | 24-Aug-2024 |
Exploiting Privilege Escalation via Role Parameter Manipulation | https://medium.com/@tusharpuri6/exploiting-privilege-escalation-via-role-parameter-manipulation-5f8df062eb71?source=rss------bug_bounty-5 | Tusharpuri | penetration-testing, offensive-security, privilege-escalation, application-security, bug-bounty | 24-Aug-2024 |
MASS HUNTING TO FIND XSS(CROSS SITE SCRIPTING) | https://systemweakness.com/mass-hunting-to-find-xss-cross-site-scripting-27cc687e58e0?source=rss------bug_bounty-5 | loyalonlytoday | penetration-testing, xss-vulnerability, bugbounty-automation, bug-bounty, bug-bounty-tips | 24-Aug-2024 |
Unleash Your Inner Hacker with Koii’s $10,000 Bug Bounty Challenge | https://medium.com/nest-of-rin/unleash-your-inner-hacker-with-koiis-10-000-bug-bounty-challenge-d37c23969df1?source=rss------bug_bounty-5 | Rin | koii-network, koii, developer, hackathons, bug-bounty | 24-Aug-2024 |
Top 5 Vulnerabilities That Can Earn You Big in Bug Bounties | https://medium.com/@verylazytech/top-5-vulnerabilities-that-can-earn-you-big-in-bug-bounties-4541878d7e19?source=rss------bug_bounty-5 | Very Lazy Tech | ethical-hacking, cybersecurity, hacking, bug-bounty, cyber | 24-Aug-2024 |
What I Learned from Reading 217* Subdomain Takeover Bug Reports | https://bevijaygupta.medium.com/what-i-learned-from-reading-217-subdomain-takeover-bug-reports-5c6caae2b5da?source=rss------bug_bounty-5 | Vijay Gupta | subdomain, bugs, bug-report, subdomain-takeover, bug-bounty | 24-Aug-2024 |
Reset password Checklist | https://medium.com/@hozayfan782/reset-password-checklist-1ebabdd6c0f3?source=rss------bug_bounty-5 | Hozayfa Nasser | bug-bounty, bug-bounty-writeup, bug-bounty-tips, cybersecurity, research | 24-Aug-2024 |
How do I run Nuclei in silent mode to avoid unnecessary output? | https://medium.com/@sherlock297/how-do-i-run-nuclei-in-silent-mode-to-avoid-unnecessary-output-25fbb9d2e26d?source=rss------bug_bounty-5 | Ravindra Dagale | nucleus, information-security, bug-bounty, output, how-to | 24-Aug-2024 |
Unauthorized Deletion of Forms by Low-Level Unlicensed Users: A 500$ Access Control Bug | https://medium.com/@a13h1/unauthorized-deletion-of-forms-by-low-level-unlicensed-users-a-500-access-control-bug-98dc50c8c193?source=rss------bug_bounty-5 | Abhi Sharma | programming, bug-bounty, infosec, cybersecurity, access-control | 24-Aug-2024 |
Essential Resources for Exploiting Web Cache Poisoning: Tools, Techniques, and Learning Materials | https://cyberw1ng.medium.com/essential-resources-for-exploiting-web-cache-poisoning-tools-techniques-and-learning-materials-cbbef5221392?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, penetration-testing, cybersecurity, bug-bounty | 24-Aug-2024 |
Beware of fake bug bounty programs, my real life experience | https://harish45.medium.com/beware-of-fake-bug-bounty-programs-my-real-life-experience-ce009d435ed8?source=rss------bug_bounty-5 | Harish | bug-bounty, cybersecurity-awareness, cybersecurity, ethical-hacking, bug-bounty-tips | 24-Aug-2024 |
Find Bugs From Google Dorks | https://ch44nd.medium.com/find-bugs-from-google-dorks-ec574c01471b?source=rss------bug_bounty-5 | Chandan das | bug-bounty, information-disclosure, bugs, hacking, google-dork | 24-Aug-2024 |
One-click Account Take Over | https://medium.com/@bilalresearcher/one-click-account-take-over-50e4128c990d?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-writeup, hacking, bug-bounty-tips, bugbounty-writeup, bug-bounty | 24-Aug-2024 |
0-click Full Account Takeover | https://medium.com/@bilalresearcher/0-click-full-account-takeover-0ddc951e14ae?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-writeup, bug-bounty, hacking, bug-bounty-tips, bugbounty-writeup | 24-Aug-2024 |
Drupal Website Takeover | Admin Dashboard | https://medium.com/@bilalresearcher/drupal-website-takeover-admin-dashboard-6ae4a34d0689?source=rss------bug_bounty-5 | Bilal Researcher | hacking, bug-bounty-writeup, bug-bounty-tips, bugbounty-writeup, bug-bounty | 24-Aug-2024 |
STRIPE Live Key Exposed:: Bounty: $1000 | https://medium.com/@bilalresearcher/stripe-live-key-exposed-bounty-1000-57018f1d4520?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, bug-bounty-writeup, bug-bounty-program, hacking, bug-bounty-tips | 24-Aug-2024 |
[GraphQL IDOR]Leaking credit card information of 1000s of users [External Audit] | https://medium.com/@bilalresearcher/graphql-idor-leaking-credit-card-information-of-1000s-of-users-external-audit-1404256b761f?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-writeup, hacking, bugbounty-writeup, bug-bounty-tips, bug-bounty | 24-Aug-2024 |
Exposing Database Creds via SVN: A $400 Discovery | https://medium.com/@bilalresearcher/exposing-database-creds-via-svn-a-400-discovery-fa7c2de288bf?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-tips, bug-bounty-writeup, bug-bounty, hacking, bugbounty-writeup | 24-Aug-2024 |
SQL Injections for bug bounty | https://medium.com/@boogsta/sql-injections-for-bug-bounty-3a608babd9b1?source=rss------bug_bounty-5 | Boogsta | hacking, bug-bounty, cybersecurity, programming, cyber | 24-Aug-2024 |
Chain of Rate Limit Bypass and Weak Token Expiry Leads To Account Take Over | https://medium.com/@bilalresearcher/chain-of-rate-limit-bypass-and-weak-token-expiry-leads-to-account-take-over-0cf794fef31c?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, bug-bounty-writeup, bugbounty-writeup, bug-bounty-tips, hacking | 24-Aug-2024 |
CSRF Bypass Combined with IDOR To Complete Account Takeover! | https://medium.com/@bilalresearcher/csrf-bypass-combined-with-idor-to-complete-account-takeover-588b34b9cf60?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-writeup, bug-bounty-tips, bug-bounty, hacking, bugbounty-writeup | 24-Aug-2024 |
User information disclosure via message reactions | https://medium.com/@bilalresearcher/user-information-disclosure-via-message-reactions-affc72cfd8de?source=rss------bug_bounty-5 | Bilal Researcher | bugbounty-writeup, hacking, bug-bounty-writeup, bug-bounty-tips, bug-bounty | 24-Aug-2024 |
IDOR Lead to Data Leak | https://medium.com/@bilalresearcher/idor-lead-to-data-leak-6943ade0a3d6?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, bug-bounty-tips, bugbounty-writeup, bug-bounty-writeup, hacking | 24-Aug-2024 |
XSS & IDOR & CSRF to ATO | https://medium.com/@bilalresearcher/xss-idor-csrf-to-ato-0e898876789d?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-tips, bug-bounty-writeup, hacking, bugbounty-writeup, bug-bounty | 24-Aug-2024 |
How I Turned a Rate-Limit Bypass into an Account Takeover | https://medium.com/@bilalresearcher/how-i-turned-a-rate-limit-bypass-into-an-account-takeover-5a50b0f4dc6a?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-tips, bugbounty-writeup, bug-bounty-writeup, hacking, bug-bounty | 24-Aug-2024 |
$$$ Bypassing SSRF Restrictions on a Google Product: A Journey Through DNS Rebinding | https://medium.com/@bilalresearcher/bypassing-ssrf-restrictions-on-a-google-product-a-journey-through-dns-rebinding-caaf00ebe479?source=rss------bug_bounty-5 | Bilal Researcher | bugbounty-writeup, bug-bounty-writeup, bug-bounty-tips, bug-bounty, hacking | 24-Aug-2024 |
Discovering a Session Persistence Vulnerability That Led to a $$$$ Bounty | https://medium.com/@bilalresearcher/discovering-a-session-persistence-vulnerability-that-led-to-a-bounty-bbf3dd526f01?source=rss------bug_bounty-5 | Bilal Researcher | bugbounty-writeup, bug-bounty-tips, hacking, bug-bounty-writeup, bug-bounty | 24-Aug-2024 |
Bypassing methods that I used to find CSRF vulnerabilities | https://medium.com/@bilalresearcher/bypassing-methods-that-i-used-to-find-csrf-vulnerabilities-0709cc8a3c4d?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-writeup, bugbounty-writeup, bug-bounty, bug-bounty-tips, hacking | 24-Aug-2024 |
Mobile Pentesting: A Walkthrough of the First 10 Challenges on Injured Android App-Part1 | https://medium.com/@mly57003/mobile-pentesting-a-walkthrough-of-the-first-10-challenges-on-injured-android-app-part1-0e85c600494f?source=rss------bug_bounty-5 | mohamed ali | bug-bounty-writeup, cybersecurity, bug-bounty-tips, bug-bounty, bug-bounty-hunter | 24-Aug-2024 |
Can AI and ML Stop Cyber Attacks? | https://medium.com/@paritoshblogs/can-ai-and-ml-stop-cyber-attacks-291c6425d0e8?source=rss------bug_bounty-5 | Paritosh | ai, cybersecurity, machine-learning, bug-bounty, chatgpt | 23-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-81) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-81-833084004f21?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, ethical-hacking, money, cybersecurity, hacking | 23-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-80) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-80-ae2ad3c7f971?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, ethical-hacking, bug-bounty, hacking, money | 23-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-79) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-79-415c1bd4f7c3?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, hacking, money, ethical-hacking, cybersecurity | 23-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-78) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-78-85e87ffc94f9?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, ethical-hacking, money, cybersecurity, hacking | 23-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-77) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-77-b9b1354812cc?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, bug-bounty, cybersecurity, money, hacking | 23-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-76) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-76-07a4d8f583c0?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, bug-bounty, cybersecurity, skills, hacking | 23-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-75) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-75-8d5930bd46dc?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, skills, hacking, ethical-hacking, bug-bounty | 23-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-74) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-74-778fd4767e52?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, bug-bounty, ethical-hacking, hacking, skills | 23-Aug-2024 |
Elevate Your Cybersecurity Skills with Expert Training and Penetration Testing! | https://imranthe3rd3ye.medium.com/elevate-your-cybersecurity-skills-with-expert-training-and-penetration-testing-b16e8b122642?source=rss------bug_bounty-5 | Md. Imran Chowdhury | learn-hacking, ethical-hacking, penetration-testing, kali-linux, bug-bounty | 23-Aug-2024 |
Monitoring Gists for secrets with Trufflehog | https://medium.com/@learntheshell/monitoring-gists-with-trufflehog-612b7d9dbab5?source=rss------bug_bounty-5 | LearnTheShell | github, git, bug-bounty, trufflehog, bug-bounty-tips | 23-Aug-2024 |
Hidden in Plain Sight: Uncovering RCE on a Forgotten Axis2 Instance | https://medium.com/@domenicoveneziano/hidden-in-plain-sight-uncovering-rce-on-a-forgotten-axis2-instance-86ddc91f1415?source=rss------bug_bounty-5 | Domenico Veneziano | bug-bounty-tips, bug-bounty-writeup, bug-bounty | 23-Aug-2024 |
Finally, SSL Pinning for Flutter Bypassed After Frustration.. | https://wahaz.medium.com/finally-ssl-pinning-for-flutter-bypassed-after-frustration-4573e15ed18e?source=rss------bug_bounty-5 | Rizaldi Wahaz | bug-bounty, cybersecurity, hacking, flutter, penetration-testing | 23-Aug-2024 |
How I Got an Appreciation Letter from NASA for Finding a Simple Bug | https://infosecwriteups.com/how-i-got-an-appreciation-letter-from-nasa-for-finding-a-simple-bug-8812852d0337?source=rss------bug_bounty-5 | Om Arora | bug-bounty, programming, technology, cybersecurity, infosec | 23-Aug-2024 |
Web Cache Poisoning: Understanding the Threat and How to Protect Your Website | https://cyberw1ng.medium.com/web-cache-poisoning-understanding-the-threat-and-how-to-protect-your-website-82ebaba2f0e8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, cybersecurity, hacking, careers, bug-bounty | 23-Aug-2024 |
Day 16 of 30 Days — 30 Vulnerabilities | Subdomain Takeover | https://medium.com/@kumawatabhijeet2002/day-16-of-30-days-30-vulnerabilities-subdomain-takeover-01088ad1d525?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty-tips, subdomain-takeover, bug-bounty, 30dayswritingchallenge | 23-Aug-2024 |
how i got into the server of our university. | https://medium.com/@mesterx54/how-i-got-into-the-server-of-our-university-aae2782bcc64?source=rss------bug_bounty-5 | Abdeladime Mk (mesterx54) | bug-bounty, rce, bug-bounty-tips, sqli, pentesting | 23-Aug-2024 |
Stealing Admin Cookies: An XSS Challenge from TCM Security’s Practical Bug Bounty Course | https://medium.com/@trixiahorner/stealing-admin-cookies-an-xss-challenge-from-tcm-securitys-practical-bug-bounty-course-b08a990cca84?source=rss------bug_bounty-5 | Trixia Horner | penetration-testing, ethical-hacking, hacking, cybersecurity, bug-bounty | 23-Aug-2024 |
Boost Subdomain Discovery with Subfinder and API Integrations | https://saurabh-jain.medium.com/integrating-shodan-and-censys-api-keys-into-subfinder-c28452af2efb?source=rss------bug_bounty-5 | Saurabh Jain | bug-bounty-writeup, bug-bounty, subdomains-enumeration, subfinder, hacking | 23-Aug-2024 |
Response Manipulation FTW: Understanding and Exploiting Response Manipulation | https://medium.com/@security.tecno/response-manipulation-ftw-understanding-and-exploiting-response-manipulation-6ad2d81f2eb4?source=rss------bug_bounty-5 | TECNO Security | security, reserach, hacking, bug-bounty | 22-Aug-2024 |
10 Secrets Ethical Hackers Don’t Want You to Know (But We’re Revealing Them Anyway!) | https://medium.com/@paritoshblogs/10-secrets-ethical-hackers-dont-want-you-to-know-but-we-re-revealing-them-anyway-094ca920c3d8?source=rss------bug_bounty-5 | Paritosh | cybersecurity, bug-bounty, hacking, information-technology, ethical-hacking | 22-Aug-2024 |
CORRUPT SEBI INDIA JEOPARDIZING DIRECTOES FINANCIAL INFO, ZOMATO BUG BOUNTY HACKERONE FRAUD | https://medium.com/@krivadna_87390/corrupt-sebi-india-jeopardizing-directoes-financial-info-zomato-bug-bounty-hackerone-fraud-f27145ccfad8?source=rss------bug_bounty-5 | Krivadna | android, social-media, bug-bounty, cybersecurity, bugbounty-writeup | 22-Aug-2024 |
Grep tips for Javascript Analysis | Bug Bounty | https://0xmaruf.medium.com/grep-tips-for-javascript-analysis-bug-bounty-7dce88266121?source=rss------bug_bounty-5 | Md Maruf Hosan (0xMaruf) | cybersecurity, bug-bounty-tips, bug-bounty | 22-Aug-2024 |
TESLA MOTORS VIN NUMBER LEAK THROUGH IT’S API ENDPOINT, THEY CALL IT NO SECURITY IMPACT.. | https://medium.com/@krivadna_87390/tesla-motors-vin-number-leak-through-its-api-endpoint-they-call-it-no-security-impact-bb30fb5f1314?source=rss------bug_bounty-5 | Krivadna | android, bug-bounty, penetration-testing, bugbounty-writeup, cybersecurity | 22-Aug-2024 |
CORRUPT SEBI INDIA JEOPARDIZING DIRECTOR'S FINANCIAL INFO • PAN NUMBER LEAK ZOMATO BUG BOUNTY… | https://medium.com/@krivadna_87390/corrupt-sebi-india-jeopardizing-directoes-financial-info-zomato-bug-bounty-hackerone-fraud-f27145ccfad8?source=rss------bug_bounty-5 | Krivadna | android, social-media, bug-bounty, cybersecurity, bugbounty-writeup | 22-Aug-2024 |
Exposing Source Code via SVN: A $400 Discovery | https://infosecwriteups.com/exposing-source-code-via-svn-a-400-discovery-9fc54b3f3f31?source=rss------bug_bounty-5 | Vipul Sahu | bug-bounty-tips, bug-bounty, information-security, cybersecurity | 22-Aug-2024 |
安全賞金計劃來了,獎金最高達¥6000! | https://medium.com/@AdsPowerHK/%E5%AE%89%E5%85%A8%E8%B3%9E%E9%87%91%E8%A8%88%E5%8A%83%E4%BE%86%E4%BA%86-%E7%8D%8E%E9%87%91%E6%9C%80%E9%AB%98%E9%81%94-6000-672c3dcf1483?source=rss------bug_bounty-5 | AdsPower 指紋瀏覽器 | adspower, 指纹浏览器, 漏洞, bug-bounty, 指纹浏览器ip | 22-Aug-2024 |
Automating the Hunt for Reflected XSS: Essential One-Liners for Web Security | https://medium.com/@garvsanwariya60/automating-the-hunt-for-reflected-xss-essential-one-liners-for-web-security-025bbd82f95d?source=rss------bug_bounty-5 | Garvsanwariya | xss-attack, cybersecurity, hacking, web-security, bug-bounty | 22-Aug-2024 |
Instagram and Meta 2FA Bypass by Unprotected Backup Code Retrieval in Accounts Center | https://medium.com/@scriptshuva/instagram-and-meta-2fa-bypass-by-unprotected-backup-code-retrieval-in-accounts-center-c735ff650f10?source=rss------bug_bounty-5 | Shuva Saha | bug-bounty-writeup, bug-bounty, facebook-bug-bounty, 2fa-bypass, meta-bug-bounty | 22-Aug-2024 |
Exposing Database Creds via SVN: A $400 Discovery | https://infosecwriteups.com/exposing-source-code-via-svn-a-400-discovery-9fc54b3f3f31?source=rss------bug_bounty-5 | Vipul Sahu | bug-bounty-tips, bug-bounty, information-security, cybersecurity | 22-Aug-2024 |
How I can easily get four P1 at NASA using Simple Google Dorking. | https://k4tedu.medium.com/how-i-can-easily-get-four-p1-at-nasa-using-simple-google-dorking-d4457bec1971?source=rss------bug_bounty-5 | k4tedu | bug-bounty, dorking, penetration-testing, nasa-vdp, pentest-web | 22-Aug-2024 |
WebSec — SSTI (Server Site Template Injection) | https://medium.com/@meryemddalgali/websec-ssti-server-site-template-injection-1a9603caa51e?source=rss------bug_bounty-5 | Meryem Dalgalı | vulnerability, application-security, bug-bounty, pentest-learnings, web-security | 22-Aug-2024 |
Bypassing methods that I used to find CSRF vulnerabilities | https://anonysm.medium.com/bypassing-methods-that-i-used-to-find-csrf-vulnerabilities-b7dbf88cdb0a?source=rss------bug_bounty-5 | Muthu D | cybersecurity, ethical-hacking, hacking, bug-bounty, penetration-testing | 22-Aug-2024 |
How I Found Vulnerabilities in NASA and Got into the Hall of Fame — 4 Bugs | https://infosecwriteups.com/how-i-found-vulnerabilities-in-nasa-and-got-into-the-hall-of-fame-4-bugs-78e0fc4cc5cc?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hall-of-fame, careers, cybersecurity, bug-bounty, hacking | 22-Aug-2024 |
Easy Bug | Email Spoofing | https://saeidmicro.medium.com/easy-bug-email-spoofing-5d1bfc1a885e?source=rss------bug_bounty-5 | Saeid Khater | bug-bounty | 22-Aug-2024 |
Blind SSRF | https://saeidmicro.medium.com/blind-ssrf-ee5f0e6ed86f?source=rss------bug_bounty-5 | Saeid Khater | bug-bounty | 22-Aug-2024 |
Battle of the Web Security Titans: Burp Suite vs. OWASP ZAP | https://shaifsec.medium.com/battle-of-the-web-security-titans-burp-suite-vs-owasp-zap-e3da58d36203?source=rss------bug_bounty-5 | Shaif Ali | penetration-testing, bug-bounty, web-security, cybersecurity, shaifsec | 22-Aug-2024 |
Advanced Web Cache Poisoning Techniques (Part 2): Tools, Methods, and Exploits | https://medium.com/@dsmodi484/advanced-web-cache-poisoning-techniques-part-2-tools-methods-and-exploits-d35619d4bd75?source=rss------bug_bounty-5 | Dishant Modi | resources, vulnerability, web-cache-poisoning, bug-bounty, methodology | 21-Aug-2024 |
Secrets of Red Teaming: Must-Know Tips and Tricks for Beginners! | https://medium.com/@paritoshblogs/secrets-of-red-teaming-must-know-tips-and-tricks-for-beginners-7a0dbf8eb021?source=rss------bug_bounty-5 | Paritosh | red-teaming, hacking, bug-bounty, pentesting, cybersecurity | 21-Aug-2024 |
Beyond the Login The Path Traversal Attack | https://medium.com/@rajqureshi07/beyond-the-login-the-path-traversal-attack-30c1cfc09b3a?source=rss------bug_bounty-5 | Raj Qureshi | bug-bounty, information-technology, infosec, bug-bounty-tips, information-security | 21-Aug-2024 |
Deploying Rust Smart Contracts | https://medium.com/@bugbountydegen/deploying-rust-smart-contracts-7a22e04c4cd9?source=rss------bug_bounty-5 | bugbountydegen | rust, bug-bounty, smart-contract-security, blockchain | 21-Aug-2024 |
Forging a Path to Account Takeover: Copy Password Reset Link Vulnerability worth $$$$. | https://medium.com/@bilalresearcher/forging-a-path-to-account-takeover-copy-password-reset-link-vulnerability-worth-3135c3df60d6?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-tips, bug-bounty-writeup, bug-bounty, hacking, cybersecurity | 21-Aug-2024 |
[Account Take Over] through reset password token leaked in response, 2500 € Reward | https://medium.com/@bilalresearcher/account-take-over-through-reset-password-token-leaked-in-response-2500-reward-97cc22d0b65d?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, bug-bounty-writeup, cybersecur, hacking, bugbounty-writeup | 21-Aug-2024 |
Discovering a $5000 RCE via Dependency Confusion Vulnerability | https://medium.com/@bilalresearcher/discovering-a-5000-rce-via-dependency-confusion-vulnerability-9a1cd88ddb0c?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, cybersecurity, hacking, bug-bounty-tips, bug-bounty-writeup | 21-Aug-2024 |
A Simple 2FA Bypass | https://medium.com/@bilalresearcher/a-simple-2fa-bypass-368a2861c6df?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-writeup, bug-bounty, hacking, bug-bounty-tips, cybersecurity | 21-Aug-2024 |
Account Takeover using IDOR in Password reset Functionality | https://medium.com/@bilalresearcher/account-takeover-using-idor-in-password-reset-functionality-b736a85f4f02?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, bugbounty-writeup, cybersecurity, info-sec-writeups, bug-bounty-writeup | 21-Aug-2024 |
How I got my first $13500 bounty through Parameter Polluting (HPP) | https://medium.com/@bilalresearcher/how-i-got-my-first-13500-bounty-through-parameter-polluting-hpp-237bd8cdfeff?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-tips, bug-bounty-writeup, hacking, bug-bounty, cybersecurity | 21-Aug-2024 |
Authorization bypass due to cache misconfiguration | https://rikeshbaniya.medium.com/authorization-bypass-due-to-cache-misconfiguration-fde8b2332d2d?source=rss------bug_bounty-5 | Rikesh Baniya | security-research, bug-bounty-writeup, hackerone, bug-bounty-tips, bug-bounty | 21-Aug-2024 |
The Future of Web Cache Poisoning Defense: Anticipating New Threats and Adopting Next-Generation… | https://cyberw1ng.medium.com/the-future-of-web-cache-poisoning-defense-anticipating-new-threats-and-adopting-next-generation-56a62d115bcd?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, penetration-testing, bug-bounty, hacking | 21-Aug-2024 |
Race Condition on Likes of Product Leads to Products can appear more popular | https://medium.com/@omdubey170/race-condition-on-likes-of-product-leads-to-products-can-appear-more-popular-a39038d16203?source=rss------bug_bounty-5 | Omdubey | cache, bug-bounty-tips, security, bug-bounty, race-condition | 21-Aug-2024 |
Authorization bypass due to cache misconfiguration | https://medium.com/@bilalresearcher/authorization-bypass-due-to-cache-misconfiguration-7407aa1c6374?source=rss------bug_bounty-5 | Bilal Researcher | bugbounty-writeup, bug-bounty-writeup, bug-bounty, hacking, cybersecurity | 21-Aug-2024 |
Day 15 of 30 Days — 30 Vulnerabilities | ClickJacking | https://medium.com/@kumawatabhijeet2002/day-15-of-30-days-30-vulnerabilities-clickjacking-33e38c25d528?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, 30-day-challenge, bug-bounty-tips, 30dayswritingchallenge, clickjacking | 20-Aug-2024 |
Information Disclosure : 80+ Emails and LongID Disclosed !! | https://pushkarhax.medium.com/information-disclosure-80-emails-and-longid-disclosed-8952e2c6978b?source=rss------bug_bounty-5 | Pushkar Nandwalkar | bugbounty-tips, offensive-security, bug-bounty, cybersecurity, hacking | 20-Aug-2024 |
Unveiling a Critical Vulnerability: Exposing AWS Credentials in a Penetration Test | https://notifybugme.medium.com/unveiling-a-critical-vulnerability-exposing-aws-credentials-in-a-penetration-test-2f7119a7c816?source=rss------bug_bounty-5 | Santosh Kumar Sha (@killmongar1996) | penetration-testing, bug-bounty, ethical-hacking, security, aws | 20-Aug-2024 |
How a Lazy Bug Bounty Hunter got a place on NASA HOF ( An XSS Story). | https://medium.com/@trffnsec/how-a-lazy-bug-bounty-hunter-got-a-place-on-nasa-hof-an-xss-story-e14fccc326e2?source=rss------bug_bounty-5 | Augustinetriffin | xss-attack, bug-bounty, cybersecurity, hacking, nasa | 20-Aug-2024 |
How a Lazy Bug Bounty Hunter got a place on NASA HOF ( An XSS Story). | https://medium.com/@trffnsec/how-a-lazy-bug-bounty-hunter-got-a-place-on-nasa-hof-an-xss-story-e14fccc326e2?source=rss------bug_bounty-5 | TrffnSec | xss-attack, bug-bounty, cybersecurity, hacking, nasa | 20-Aug-2024 |
My first XSS: Reflected XSS in hidden parameter | https://anonysm.medium.com/my-first-xss-reflected-xss-in-hidden-parameter-4142a02edfb1?source=rss------bug_bounty-5 | Muthu D | cybersecurity, hacking, penetration-testing, ethical-hacking, bug-bounty | 20-Aug-2024 |
cyberseReal-World Applications and Case Studies: Combating Web Cache Poisoning in Complex… | https://cyberw1ng.medium.com/cybersereal-world-applications-and-case-studies-combating-web-cache-poisoning-in-complex-5bf41b0073c1?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, penetration-testing, hacking, bug-bounty | 20-Aug-2024 |
Invitation link hijacking on a bug bounty program | https://harish45.medium.com/invitation-link-hijacking-on-a-bug-bounty-program-50d3b92d5532?source=rss------bug_bounty-5 | Harish | hackerone, bugcrowd, bug-bounty, bug-bounty-tips, ethical-hacking | 20-Aug-2024 |
Best Directory Brute-forcing Tools for Beginner Bug Hunters | https://medium.com/@josuofficial327/best-directory-brute-forcing-tools-for-beginner-bug-hunters-3388dd97c055?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | ethical-hacking, bug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup | 19-Aug-2024 |
0-click Full Account Takeover | https://dynnyd20.medium.com/0-click-full-account-takeover-9bb6b4d692a9?source=rss------bug_bounty-5 | dynnyd20 | cybersecurity, pentest, ato, bug-bounty, pentesting | 19-Aug-2024 |
Beyond Web Caching Vulnerabilities | https://medium.com/@0xAwali/beyond-web-caching-vulnerabilities-c617d8cdbb85?source=rss------bug_bounty-5 | Mahmoud M. Awali | web-security, bug-bounty | 19-Aug-2024 |
Discovering a Session Persistence Vulnerability That Led to a $$$$ Bounty | https://anonysm.medium.com/discovering-a-session-persistence-vulnerability-225e4b38e605?source=rss------bug_bounty-5 | Muthu D | cybersecurity, penetration-testing, infosec, bug-bounty, ethical-hacking | 19-Aug-2024 |
Advanced Techniques for Mitigating Web Cache Poisoning Attacks | https://cyberw1ng.medium.com/advanced-techniques-for-mitigating-web-cache-poisoning-attacks-8f818fd7eb00?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, cybersecurity, bug-bounty, penetration-testing | 19-Aug-2024 |
How to Bypass Company Email Feature While Creating an Account | https://medium.com/@josuofficial327/how-to-bypass-company-email-feature-while-creating-an-account-f792b37a231f?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | bug-bounty-hunter, cybersecurity, bug-bounty-tips, vulnerability, bug-bounty | 18-Aug-2024 |
BugBounty WriteUp — Creative thinking is our everything (Race Condition + Business Logic Error) | https://medium.com/@bilalresearcher/bugbounty-writeup-creative-thinking-is-our-everything-race-condition-business-logic-error-c7cfcc6d9125?source=rss------bug_bounty-5 | Bilal Researcher | hacking, writeup, bug-bounty, penetration-testing, programming | 18-Aug-2024 |
Bug Bounty Writeup: $2500 Reward for Session Hijack via Chained Attack | https://medium.com/@bilalresearcher/bug-bounty-writeup-2500-reward-for-session-hijack-via-chained-attack-b5ad443bc9b9?source=rss------bug_bounty-5 | Bilal Researcher | ethical-hacking, cybersecurity, xss-attack, bug-bounty-tips, bug-bounty | 18-Aug-2024 |
How Automation Detected Default Admin Credential Worth $500 | https://medium.com/@bilalresearcher/how-automation-detected-default-admin-credential-worth-500-9f2c3ed460c4?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty-writeup, bug-bounty, bug-bounty-tips, cybersecurity | 18-Aug-2024 |
Accessing deleted comment for $$: A Bug Bounty Writeup | https://medium.com/@bilalresearcher/accessing-deleted-comment-for-a-bug-bounty-writeup-085e836660c1?source=rss------bug_bounty-5 | Bilal Researcher | cybersecurity, bug-bounty, writeup, bug-bounty-tips, bug-bounty-writeup | 18-Aug-2024 |
PII Disclosure Worth $750 | https://medium.com/@bilalresearcher/pii-disclosure-worth-750-1f9caeac484f?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, bug-bounty-tips, bugbounty-writeup, cybersecurity, bug-bounty-writeup | 18-Aug-2024 |
Burp Suite Filtering Trick — Reducing Log Noise with TLS Pass-Through | https://systemweakness.com/burp-suite-filtering-trick-reducing-log-noise-with-tls-pass-through-468d00fbc7dc?source=rss------bug_bounty-5 | Khaleel Khan | ethical-hacking, infosec, bug-bounty-tips, cybersecurity, bug-bounty | 18-Aug-2024 |
Day 15 of 30 Days — 30 Vulnerabilities | ClickJacking | https://it4chis3c.medium.com/day-15-of-30-days-30-vulnerabilities-clickjacking-592505aff54d?source=rss------bug_bounty-5 | It4chis3c | web-security, bug-bounty, clickjacking, 30dayswritingchallenge, bug-bounty-tips | 18-Aug-2024 |
How I Bypassed 2FA and Earned My First Bounty $$$ | https://anonysm.medium.com/how-i-bypassed-2fa-and-earned-my-first-bounty-3fdc58938347?source=rss------bug_bounty-5 | Muthu D | cybersecurity, bug-bounty, ethical-hacking, hacking, penetration-testing | 18-Aug-2024 |
SQL Vulnerability in WordPress Automatic Plugin (CVE-2024–27956) | https://roadtooscp.medium.com/sql-vulnerability-in-wordpress-automatic-plugin-cve-2024-27956-3635f1d32b4e?source=rss------bug_bounty-5 | RoadToOSCP | bug-bounty, penetration-testing, wordpress-plugins, ethical-hacking, wordpress-security | 18-Aug-2024 |
HTML Injection in Mobile App Support Ticket Form on target.tech | https://medium.com/@shobitsharma/html-injection-in-mobile-app-support-ticket-form-on-target-tech-f45d2de510af?source=rss------bug_bounty-5 | Shobit Sharma | html-injection, owasp, bug-bounty, vulnerability, bug-bounty-tips | 18-Aug-2024 |
Advanced Techniques and Emerging Trends in Web Cache Poisoning | https://cyberw1ng.medium.com/advanced-techniques-and-emerging-trends-in-web-cache-poisoning-d2c8d3807d46?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, cybersecurity, hacking, penetration-testing | 18-Aug-2024 |
Title: Mastering CSRF Exploits with Port Swigger Academy Lab: How to Bypass SameSite Strict via… | https://medium.com/@dsksatheesh35/title-mastering-csrf-exploits-with-port-swigger-academy-lab-how-to-bypass-samesite-strict-via-7976c3f42d12?source=rss------bug_bounty-5 | D Satheesh Kumar | penetration-testing, bug-bounty, csrf-attack, csrf-bypass, ctf-walkthrough | 18-Aug-2024 |
Day 14 of 30 Days — 30 Vulnerabilities | HTTP Parameter Pollution (HPP) Vulnerability | https://medium.com/@kumawatabhijeet2002/day-14-of-30-days-30-vulnerabilities-http-parameter-pollution-hpp-vulnerability-6c767a9227d8?source=rss------bug_bounty-5 | Abhijeet kumawat | http-parameter-pollution, bug-bounty-tips, 30dayswritingchallenge, bug-bounty | 18-Aug-2024 |
XSS CHECKLIST | https://medium.com/@mehmetfarisacar/xss-checklist-a2bf18ed6992?source=rss------bug_bounty-5 | Mehmet Faris Acar | bug-bounty, xss-vulnerability, cybersecurity, xss-attack | 18-Aug-2024 |
Day 13 of 30 Days — 30 Vulnerabilities | XML External Entity (XXE) | https://medium.com/@kumawatabhijeet2002/day-13-of-30-days-30-vulnerabilities-xml-external-entity-xxe-93118ac3a167?source=rss------bug_bounty-5 | Abhijeet kumawat | xxe-attack, 30dayswritingchallenge, xxe, bug-bounty, bug-bounty-tips | 17-Aug-2024 |
Everything about CSP (Content Security Policy)and bypassing it Like a PRO!! | https://shauryasharma05.medium.com/everything-about-csp-content-security-policy-and-bypassing-it-like-a-pro-290d3b06b721?source=rss------bug_bounty-5 | Shaurya Sharma | bugbounty-writeup, cybersecurity, bug-bounty, hacking, bug-bounty-tips | 17-Aug-2024 |
A Step-by-Step Guide to Installing and Using dirsearch | https://medium.com/@sherlock297/a-step-by-step-guide-to-installing-and-using-dirsearch-7833d9dbe6c3?source=rss------bug_bounty-5 | Ravindra Dagale | tools, dirsearch, bug-bounty, tips, information-technology | 17-Aug-2024 |
Targeting Hidden API Endpoints in IDOR Exploits | https://systemweakness.com/targeting-hidden-api-endpoints-in-idor-exploits-269b6ae0f16e?source=rss------bug_bounty-5 | Khaleel Khan | infosec, bug-bounty, cybersecurity, hacking, bug-bounty-tips | 17-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-73) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-73-210a9520bff3?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, ethical-hacking, money, hacking, bug-bounty | 17-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-72) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-72-a2bf155d3162?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, ethical-hacking, cybersecurity, money, bug-bounty | 17-Aug-2024 |
Broken Access Control in a Crypto Trading Platform | Auth Bypass worth $$$$ | https://medium.com/@midnight-mihir/how-i-found-broken-access-control-in-a-crypto-trading-platform-auth-bypass-worth-b0048eb87e09?source=rss------bug_bounty-5 | Mihir | ethical-hacking, bug-bounty-tips, bug-bounty, cybersecurity | 17-Aug-2024 |
Another 1500$: CR/LF Injection | https://infosecwriteups.com/1500-cr-lf-injection-59152daaf413?source=rss------bug_bounty-5 | Abhi Sharma | crlf-injection, infosec, bug-bounty, programming, cybersecurity | 17-Aug-2024 |
Security Flaws in Privilege Downgrades: How Users Can Exploit API Keys and Privilege escalation | https://medium.com/@Az3m/security-flaws-in-privilege-downgrades-how-users-can-exploit-api-keys-and-privilege-escalation-886b37c2344d?source=rss------bug_bounty-5 | Az3m | bug-bounty-tips, privilege-escalation, bugs, bug-bounty | 17-Aug-2024 |
Sub-finder tool methodology | https://medium.com/@tharunteja725_8686/sub-finder-tool-methodology-1dcb2622b0d5?source=rss------bug_bounty-5 | Chidurala Tharun teja | bug-bounty, bug-bounty-tips, bug-bounty-writeup, cybersecurity, bug-bounty-hunter | 17-Aug-2024 |
IDOR Vulnerabilities Between Admin Privilege Users in the Same Organization | https://medium.com/@Az3m/idor-vulnerabilities-between-admin-privilege-users-in-the-same-organization-7718192bba0e?source=rss------bug_bounty-5 | Az3m | bug-bounty-tips, idor, bug-bounty, idor-vulnerability | 17-Aug-2024 |
How Find Multi open redirect Bugs with Bing search engine | https://medium.com/@Az3m/how-find-multi-open-redirect-bugs-with-bing-search-engine-14d953b707ec?source=rss------bug_bounty-5 | Az3m | bugs, open-redirect, bug-bounty-tips, bug-bounty | 17-Aug-2024 |
Boost Your Bug Bounty Game: Get Started with Free VPS on Krutrim Cloud | https://infosecwriteups.com/boost-your-bug-bounty-game-get-started-with-free-vps-on-krutrim-cloud-6a37444a9ce0?source=rss------bug_bounty-5 | Vicky Aryan | krutrim-cloud, bug-bounty, vps, cloud, hacking | 17-Aug-2024 |
Understanding Web Cache Poisoning: How It Works and How to Prevent It | https://cyberw1ng.medium.com/understanding-web-cache-poisoning-how-it-works-and-how-to-prevent-it-55af897e1eb5?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, penetration-testing, bug-bounty, cybersecurity, hacking | 17-Aug-2024 |
$$$ Bypassing SSRF Restrictions on a Google Product: A Journey Through DNS Rebinding | https://anonysm.medium.com/bypassing-ssrf-restrictions-on-a-google-product-a-journey-through-dns-rebinding-a4e9d18213af?source=rss------bug_bounty-5 | Muthu D | bug-bounty, cybersecurity, ethical-hacking, penetration-testing, hacking | 17-Aug-2024 |
Understanding Open Redirect Vulnerabilities: A Simple Discovery | https://shaifsec.medium.com/understanding-open-redirect-vulnerabilities-a-simple-discovery-476a675839f7?source=rss------bug_bounty-5 | Shaif Ali | web-security, cybersecurity, shaifsec, penetration-testing, bug-bounty | 17-Aug-2024 |
Top 20 Open Redirect Bug Bounty Reports | https://medium.com/@thenumberof9/top-20-open-redirect-bug-bounty-reports-610c57fb006f?source=rss------bug_bounty-5 | TheNumberOf-9 | host-redirect, bug-bounty, open-redirect, hacking, ethical-hacking | 16-Aug-2024 |
How to find a easy bug it worth $100 | https://medium.com/@sangamahesh650/how-to-find-a-easy-bug-it-worth-100-7485f9bf638f?source=rss------bug_bounty-5 | loyalonlytoday | bugbounty-writeup, hacking, bug-bounty-tips, penetration-testing, bug-bounty | 16-Aug-2024 |
The Bug Bounty Billionaire | https://medium.com/@shwetapapnai783/the-bug-bounty-billionaire-acaa5e64959e?source=rss------bug_bounty-5 | Shweta Papnai | security, cybersecurity, billionaires, bug-bounty, technology | 16-Aug-2024 |
️ Reconnaissance and Vulnerability Scanning Script️ | https://securitycipher.medium.com/%EF%B8%8F-reconnaissance-and-vulnerability-scanning-script-%EF%B8%8F-086f4051eeba?source=rss------bug_bounty-5 | Piyush Kumawat (securitycipher) | cybersecurity, coding, technology, bug-bounty, hacking | 16-Aug-2024 |
Complete Guide on Attack Surface Discovery | https://osintteam.blog/complete-guide-on-attack-surface-discovery-d684710d6a3e?source=rss------bug_bounty-5 | Netlas.io | bug-bounty, attack-surface, attack-surface-discovery, cybersecurity, penetration-testing | 16-Aug-2024 |
Easy Critical Bugs: Uncovering Treasure Troves in Adobe Experience Manager (AEM) | https://anonysm.medium.com/easy-critical-bugs-uncovering-treasure-troves-in-adobe-experience-manager-aem-59ce8656ef9b?source=rss------bug_bounty-5 | Muthu D | penetration-testing, bug-bounty, cybersecurity, pentesting, hacking | 16-Aug-2024 |
Two Factor Authentication Bypass via using Victim’s DeviceID | https://medium.com/@cyberpro151/two-factor-authentication-bypass-via-using-victims-deviceid-b46afb4fe7a5?source=rss------bug_bounty-5 | cyberpro151 | application-security, hacking, bug-bounty, cybersecurity, hackerone | 16-Aug-2024 |
BlackhatOps #1: A Syndicate Of Hackers | https://medium.com/@red.whisperer/blackhatops-1-a-syndicate-of-hackers-3f599f6f9c63?source=rss------bug_bounty-5 | Chux | cybersecurity, pentesting, red-team, bug-bounty, hacking | 16-Aug-2024 |
Forced SSO Session Fixation | https://infosecwriteups.com/forced-sso-session-fixation-5d3b457b79cb?source=rss------bug_bounty-5 | Serj Novoselov | bug-bounty, vulnerability, penetration-testing, information-security, writeup | 16-Aug-2024 |
24.10 Lab: Web cache poisoning to exploit a DOM vulnerability via a cache with strict cacheability… | https://cyberw1ng.medium.com/24-10-lab-web-cache-poisoning-to-exploit-a-dom-vulnerability-via-a-cache-with-strict-cacheability-78d30bb559e4?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, hacking, careers, bug-bounty, cybersecurity | 16-Aug-2024 |
500$ From Meta by reporting a HTMLi(Accidental Bug) | https://armx64.medium.com/500-from-meta-by-reporting-a-htmli-accidental-bug-fef2e5a0f4c4?source=rss------bug_bounty-5 | A.R Maheer | bug-bounty, accidental-bug | 16-Aug-2024 |
NewLine Character Cause DoS: Folder & File Deletion Flaw | https://medium.com/@bilalresearcher/newline-character-cause-dos-folder-file-deletion-flaw-2b128252720b?source=rss------bug_bounty-5 | Bilal Researcher | infosec, denial-of-service, programming, cybersecurity, bug-bounty | 16-Aug-2024 |
1000$ IDOR : Unauthorized Project Inclusion in Expense | https://medium.com/@bilalresearcher/1000-idor-unauthorized-project-inclusion-in-expense-da9176a96015?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, cybersecurity, idor, information-security, broken-access-control | 16-Aug-2024 |
Bypass Plan Restriction & Get 350$ Bounty | https://medium.com/@bilalresearcher/bypass-plan-restriction-get-350-bounty-105790e994cb?source=rss------bug_bounty-5 | Bilal Researcher | privilege-escalation, bug-bounty, cybersecurity, programming, access-control | 16-Aug-2024 |
How I Earned $469 Bounty: Bypassing Plan Restriction | https://medium.com/@bilalresearcher/how-i-earned-469-bounty-bypassing-plan-restriction-6c215221b6f6?source=rss------bug_bounty-5 | Bilal Researcher | access-control, infosec, bug-bounty, cybersecurity, programming | 16-Aug-2024 |
$800 Improper Authorization Flaw: Unauthorized Project Reclaiming Post Transfer | https://medium.com/@bilalresearcher/800-improper-authorization-flaw-unauthorized-project-reclaiming-post-transfer-d99ee6b2708c?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, bug-bounty-tips, idor, idor-vulnerability, cybersecurity | 16-Aug-2024 |
921$ Privilege Escalation: Unauthorized User Addition to Shared APP Connections | https://medium.com/@bilalresearcher/921-privilege-escalation-unauthorized-user-addition-to-shared-app-connections-681d807ccd1e?source=rss------bug_bounty-5 | Bilal Researcher | programming, bug-bounty, privilege-escalation, cybersecurity, hacking | 16-Aug-2024 |
500$: MFA bypass By Race Condition | https://medium.com/@bilalresearcher/500-mfa-bypass-by-race-condition-8952b6718b89?source=rss------bug_bounty-5 | Bilal Researcher | cybersecurity, 2fa, programming, bug-bounty, race-condition | 16-Aug-2024 |
The UI Slip I Hit 750$: UI Manipulation Leading to Unauthorized Permission Changes | https://medium.com/@bilalresearcher/the-ui-slip-i-hit-750-ui-manipulation-leading-to-unauthorized-permission-changes-23c544918111?source=rss------bug_bounty-5 | Bilal Researcher | cybersecurity, user-interface, programming, bug-bounty, hacking | 16-Aug-2024 |
1500$: CR/LF Injection | https://medium.com/@bilalresearcher/1500-cr-lf-injection-09b7ae3cfaef?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, crlf-injection, cybersecurity, hacking, programming | 16-Aug-2024 |
$500 for Cracking Invitation Code For Unauthorized Access & Account Takeover | https://medium.com/@bilalresearcher/500-for-cracking-invitation-code-for-unauthorized-access-account-takeover-b0b693b2ae47?source=rss------bug_bounty-5 | Bilal Researcher | bug-bounty, cybersecurity, account-takeover | 16-Aug-2024 |
Exploiting phar stream wrapper | https://rudrasarkar.medium.com/exploiting-phar-stream-wrapper-d2140592c6e7?source=rss------bug_bounty-5 | Rudra Sarkar | source-code-analysis, php, bug-bounty, hackthebox | 15-Aug-2024 |
Unauthorized Deletion of Reports via Folder Manipulation | https://medium.com/@hossam_hamada/unauthorized-deletion-of-reports-via-folder-manipulation-d0760582e168?source=rss------bug_bounty-5 | Hossam Hamada | idor, hackerone, idor-vulnerability, bug-bounty, bugcrowd | 15-Aug-2024 |
Day 12: Mastering Server Side Request Forgery Vulnerability — Essential Tricks & Techniques Based… | https://medium.com/@kumawatabhijeet2002/day-12-mastering-server-side-request-forgery-vulnerability-essential-tricks-techniques-based-21dc8b576e37?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, ssrf-bug, ssrf, ssrf-attack, bug-bounty-tips | 15-Aug-2024 |
Hacking Large Corporations: The Art and Science of Reconnaissance | https://harshit3.medium.com/hacking-large-corporations-the-art-and-science-of-reconnaissance-1a6fc8f90616?source=rss------bug_bounty-5 | Harshit | bug-bounty, information-technology, corporations, cybersecurity, ethical-hacking | 15-Aug-2024 |
23.7 Lab: Server-side template injection with a custom exploit | https://cyberw1ng.medium.com/23-7-lab-server-side-template-injection-with-a-custom-exploit-263dcc38653e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, hacking, careers, bug-bounty, cybersecurity | 15-Aug-2024 |
Fourth Layer And Attacks ! | https://medium.com/@reemmoslem34/fourth-layer-and-attacks-7bcdbbf6b53c?source=rss------bug_bounty-5 | Rem Khalid | cybersecurity, security, bug-bounty | 15-Aug-2024 |
2FA Bypass - IDN Mischief | https://shahjerry33.medium.com/2fa-bypass-idn-mischief-157f06cb6904?source=rss------bug_bounty-5 | Jerry Shah (Jerry) | vulnerability, bug-bounty, infosec, cybersecurity, 2fa | 15-Aug-2024 |
Cracking the Armour: Bypassed WAF using Ibrahimxss Tool for easy | https://medium.com/@jitinyaduvanshi/cracking-the-armour-bypassed-waf-using-ibrahimxss-tool-for-easy-6867cfcd850b?source=rss------bug_bounty-5 | Jitinyaduvanshi | cybersecurity, xss-attack, bug-bounty | 15-Aug-2024 |
Swisstronik: A Blockchain Solution for Privacy and Compliance. | https://medium.com/@danishkhatri023/swisstronik-a-blockchain-solution-for-privacy-and-compliance-73c662eadf7a?source=rss------bug_bounty-5 | Danish Khatri | testnet, blockchain, gui̇de, bug-bounty, swisstronik | 15-Aug-2024 |
Protecting against multi-step SQL injections: A shield for your data | https://medium.com/@Progsky/protecting-against-multi-step-sql-injections-a-shield-for-your-data-bf14e41dc412?source=rss------bug_bounty-5 | Progsky | bug-bounty, web-security, hacking | 15-Aug-2024 |
Passenger Information Disclosure Vulnerability Over the MQTT Protocol | https://medium.com/@moradloo1779/passenger-information-disclosure-vulnerability-over-the-mqtt-protocol-667402289583?source=rss------bug_bounty-5 | Moradloo | bugbounty-writeup, bug-bounty, pentest | 15-Aug-2024 |
Account takeover on 8 years old public program | https://medium.com/@pranshux0x/account-takeover-on-8-years-old-public-program-c0c0a30cfdd2?source=rss------bug_bounty-5 | priyanshu shakya | account-takeover, bug-bounty, bug-bounty-tips, hacking, vulnerability | 14-Aug-2024 |
New Bug Bounty Alert | https://medium.com/@vic-thor/new-bug-bounty-alert-874fefd2ea6b?source=rss------bug_bounty-5 | vic | tech, online, technology, cybersecurity, bug-bounty | 14-Aug-2024 |
XSS Tipleri için Test Caseler | https://medium.com/@NadirSensoy/xss-tipleri-i%C3%A7in-test-caseler-ce006d2cd57f?source=rss------bug_bounty-5 | Nadir Sensoy | xss-attack, bug-bounty, xss-vulnerability, cybersecurity | 14-Aug-2024 |
My journey towards Bug Bounty and Ambassador World Cup 2023 Recap | https://bhattaraiprashant98.medium.com/my-journey-towards-bug-bounty-and-ambassador-world-cup-2023-recap-bc5fc1d00e72?source=rss------bug_bounty-5 | Prashant Bhattarai | bug-bounty, hacking, hackerone, cybersecurity | 14-Aug-2024 |
Server-side template injection in Web App Penetration Testing | 2024 | https://cyberw1ng.medium.com/server-side-template-injection-in-web-app-penetration-testing-2024-67961a32cadd?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, penetration-testing, bug-bounty, hacking | 14-Aug-2024 |
Automate your Google Dorking to Find Bugs | https://mrunknown124154.medium.com/automate-your-google-dorking-to-find-bugs-f7d86dc2d279?source=rss------bug_bounty-5 | Mr Abdullah | bug-bounty, cybersecurity, google-dorking, cyber-security-awareness, dorking | 14-Aug-2024 |
Authentication Bypass -MFA , Account Takeover… | https://medium.com/@prakashchand72/authentication-bypass-mfa-account-takeover-32166aedb3b9?source=rss------bug_bounty-5 | ASTUTE | bypass, hacking, bug-bounty, authentication-bypass, account-takeover | 14-Aug-2024 |
My journey towards Bug Bounty and Ambassador World Cup 2023 Recap | https://g0ndaar.medium.com/my-journey-towards-bug-bounty-and-ambassador-world-cup-2023-recap-bc5fc1d00e72?source=rss------bug_bounty-5 | Prashant Bhattarai | bug-bounty, hacking, hackerone, cybersecurity | 14-Aug-2024 |
Open S3 Buckets Through Reconnaissance | https://offsec01.medium.com/open-s3-buckets-through-reconnaissance-920f8b35be47?source=rss------bug_bounty-5 | Facundo Fernandez | bug-bounty-tips, bug-bounty, penetration-testing, hacking, offensive-security | 14-Aug-2024 |
A Critical 403 Bypass Vulnerability Lead to a Staging Environment with User Enumeration | https://ay0ub-n0uri.medium.com/a-critical-403-bypass-vulnerability-lead-to-a-staging-environment-with-user-enumeration-25b94ebadcfa?source=rss------bug_bounty-5 | Ay0ub N0uri | offensive-security, bug-bounty-tips, penetration-testing, cybersecurity, bug-bounty | 14-Aug-2024 |
How I Prevented a Data Breach by Reporting an IDOR in a System Exposing over 500,000 US Passports | https://offsec01.medium.com/how-i-prevented-a-data-breach-by-reporting-an-idor-in-a-system-exposing-over-500-000-us-passports-bc6bec99aa3d?source=rss------bug_bounty-5 | Facundo Fernandez | passport, bug-bounty, penetration-testing, data-breach, hacking | 14-Aug-2024 |
Identifying and Exploiting SQL Injection Vulnerabilities | https://im4x.medium.com/identifying-and-exploiting-sql-injection-vulnerabilities-cdfaa90b7b04?source=rss------bug_bounty-5 | Ahmed Najeh | bug-bounty, bugs, sqlmap | 14-Aug-2024 |
Finding a easy p3 bug | https://medium.com/@sangamahesh650/finding-a-easy-p3-bug-05b54f70e14c?source=rss------bug_bounty-5 | loyalonlytoday | bugbounty-writeup, bug-bounty-tips, penetration-testing, bug-bounty, hacking | 13-Aug-2024 |
Hidden Form Fields Reveal Test Answers for Easy Perfect Score | https://osintteam.blog/hidden-form-fields-reveal-test-answers-for-easy-perfect-score-c4d202416ad7?source=rss------bug_bounty-5 | enigma | bug-bounty, ethical-hacking, penetration-testing, cybersecurity, misconfiguration | 13-Aug-2024 |
NoSQL Injection | Try Hack Me | https://ahmed-makawi.medium.com/nosql-injection-try-hack-me-e624fa71743f?source=rss------bug_bounty-5 | Ahmed Makawi | cybersecurity, bug-bounty, it, penetration-testing, sql-injection | 13-Aug-2024 |
Role-based Privilege Escalation Worth $2000 in a bug bounty program | https://medium.com/@_K3rnel/role-based-privilege-escalation-worth-2000-in-a-bug-bounty-program-0ca40a4cecb9?source=rss------bug_bounty-5 | _K3rnel | bugbounting, bug-bounty, bugs, bug-bounty-tips, bugbounty-writeup | 13-Aug-2024 |
Threat Modeling 101: Mapping OWASP Top 10 to STRIDE | https://justm0rph3u5.medium.com/threat-modeling-101-mapping-owasp-top-10-to-stride-cb8e8613e396?source=rss------bug_bounty-5 | Divyanshu | stride, bug-bounty, owasp, threat-model, pasta | 13-Aug-2024 |
23.6 Lab: Server-side template injection in a sandboxed environment | https://cyberw1ng.medium.com/23-6-lab-server-side-template-injection-in-a-sandboxed-environment-f731eacf2530?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, penetration-testing, cybersecurity, careers | 13-Aug-2024 |
Logic Flaw: User Account Lockout | https://medium.com/@raxomara/logic-flaw-user-account-lockout-8865c622cef0?source=rss------bug_bounty-5 | Raxomara | penetration-testing, bug-bounty, cybersecurity, bug-bounty-tips, bug-hunting | 13-Aug-2024 |
NoSQL Injection | Try Hack Me | https://systemweakness.com/nosql-injection-try-hack-me-e624fa71743f?source=rss------bug_bounty-5 | Ahmed Makawi | cybersecurity, bug-bounty, it, penetration-testing, sql-injection | 13-Aug-2024 |
My first bounty report was a duplicate | https://medium.com/@World-Breaker/my-first-bounty-report-was-a-duplicate-ad2ba4ec595e?source=rss------bug_bounty-5 | usu@rioZ3r0 | bug-bounty | 13-Aug-2024 |
Effortless Go Language Setup: Installing Go Lang Like a Pro! | https://imran407704.medium.com/effortless-go-language-setup-installing-go-lang-like-a-pro-e668c51454c3?source=rss------bug_bounty-5 | Imran | bug-bounty, go-language, go-language-tutorial | 13-Aug-2024 |
How I Discovered a Directory Listing Vulnerability on a NASA Subdomain | https://medium.com/@shubhammpawar7438/how-i-discovered-a-directory-listing-vulnerability-on-a-nasa-subdomain-979883e47874?source=rss------bug_bounty-5 | Shubham pawar | vulnerability-disclosure, bug-bounty, cybersecurity, web-security, nasa-security | 13-Aug-2024 |
How To Get free burpsuite professional | https://medium.com/@sangamahesh650/how-to-get-free-burpsuite-professional-b6ebca7a60a3?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, pentesting, bug-bounty-tips, hacking, bugbounty-writeup | 13-Aug-2024 |
Breaking the Barrier: Admin Panel Takeover Worth $3500 | https://medium.com/@noob.assassin/breaking-the-barrier-admin-panel-takeover-worth-3500-78da79089ca3?source=rss------bug_bounty-5 | Aditya Sharma | bug-bounty-tips, bug-bounty, hacker, hacking, vulnerability | 13-Aug-2024 |
Simple but Elegant DOM XSS on Hidden Parameter— Bypassing Filter | https://medium.com/@YourFinalSin/simple-but-elegant-dom-xss-on-hidden-parameter-bypassing-filter-ab58ca1e6135?source=rss------bug_bounty-5 | SIN | xss-vulnerability, bug-bounty, xss-attack, bug-bounty-tips, bug-bounty-writeup | 13-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-71) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-71-3232e47be803?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, cybersecurity, bug-bounty, skills, ethical-hacking | 13-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-70) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-70-f603b2fde234?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, bug-bounty, hacking, cybersecurity, skills | 13-Aug-2024 |
Insecure Direct Object Reference | https://medium.com/@yassentaalab51/insecure-direct-object-reference-6bddf9be8dcd?source=rss------bug_bounty-5 | Yassen Taalab | idor, bug-bounty, owasp, cybersecurity, broken-access-control | 13-Aug-2024 |
CloudBrute — Awesome Cloud Enumerator | https://medium.com/@pentesterclubpvtltd/cloudbrute-awesome-cloud-enumerator-b6d86e168b2c?source=rss------bug_bounty-5 | Pentester Club | bug-bounty, hacking, ethical-hacking, cybersecurity, cloud-computing | 13-Aug-2024 |
Embedding Beacon Payloads in PDF Files | https://medium.com/@pentesterclubpvtltd/embedding-beacon-payloads-in-pdf-files-e789820f340b?source=rss------bug_bounty-5 | Pentester Club | hacking, cobalt-strike, bug-bounty, cybersecurity, pdf | 13-Aug-2024 |
DOM XSS — Simple but Elegant on Hidden Parameter— Bypassing Filter | https://medium.com/@YourFinalSin/simple-but-elegant-dom-xss-on-hidden-parameter-bypassing-filter-ab58ca1e6135?source=rss------bug_bounty-5 | SIN | xss-vulnerability, bug-bounty, xss-attack, bug-bounty-tips, bug-bounty-writeup | 13-Aug-2024 |
Common Types of Bugs in Software Testing | https://medium.com/optimizory-apps/common-types-of-bugs-in-software-testing-aea2ff2138bd?source=rss------bug_bounty-5 | Divyansh Vats | bug-bounty, bugs, software-testing | 12-Aug-2024 |
How to balance bug fix costs with software performance? | https://medium.com/@harleyrose981/how-to-balance-bug-fix-costs-with-software-performance-92e9df481c36?source=rss------bug_bounty-5 | Harley Rose | web3, technology, bug-bounty, web-development, seo | 12-Aug-2024 |
3rd Anniversary Fun Activity: TECNO Security Bug Bounty Rules Challenging Test | https://medium.com/@security.tecno/3rd-anniversary-fun-activity-tecno-security-bug-bounty-rules-challenging-test-d6dac9f552e7?source=rss------bug_bounty-5 | TECNO Security | testing, bug-bounty, activity, security | 12-Aug-2024 |
5 Minutes to Take Over the System Administrator Account of a GPS Tracker Solution Provider | https://medium.com/@mmaulanaabdullah/5-minutes-for-taking-over-system-administrator-account-of-gps-tracker-solution-provider-system-24bd083f1559?source=rss------bug_bounty-5 | M Maulana Abdullah | api, disruption, bug-bounty, information-security, infosec | 12-Aug-2024 |
Maintaining Software Excellence: The Importance of Bug Fixes and Maintenance | https://medium.com/@harleyrose981/maintaining-software-excellence-the-importance-of-bug-fixes-and-maintenance-87db9a864a5f?source=rss------bug_bounty-5 | Harley Rose | technology, software-development, web-development, tech, bug-bounty | 12-Aug-2024 |
From Fries to Flaws : My Journey into Web App Security (Part V) | https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-v-f0ea86e55845?source=rss------bug_bounty-5 | OiQ | penetration-testing, vulnerability, bug-bounty-tips, cybersecurity, bug-bounty | 12-Aug-2024 |
The Importance of Functionality and Usability in Web Applications | https://medium.com/@owaisbagali2/the-importance-of-functionality-and-usability-in-web-applications-65f5cf44374d?source=rss------bug_bounty-5 | OwaisB | self-awareness, bug-bounty, audi, software-testing, basics | 12-Aug-2024 |
Earned $188 in bug bounty simply through the invitation feature. | https://medium.com/@Mu1berry/earned-188-in-bug-bounty-simply-through-the-invitation-feature-534486d6ec1c?source=rss------bug_bounty-5 | Mu1berry | bugcrowd, vulnerability, money, bug-bounty, hacker | 12-Aug-2024 |
Detecting Blind Injection Attacks with Discord Webhooks | https://osintteam.blog/detecting-injection-attacks-with-discord-webhooks-5df22a5679c5?source=rss------bug_bounty-5 | mrunoriginal | web-application-security, cybersecurity, bug-bounty, information-security, ethical-hacking | 12-Aug-2024 |
New Reconnaissance Methodologies/Tools for Bug Bounty Hunting & Ethical Hacking | https://medium.com/@retr0x/new-reconnaissance-methodologies-tools-for-bug-bounty-hunting-ethical-hacking-be7ca14a7ae2?source=rss------bug_bounty-5 | R3tr0x | Vinay Kumar | cyber, ethical-hacking, cyber-security-awareness, cybersecurity, bug-bounty | 12-Aug-2024 |
“My Journey to Earning the First Bounty” | https://medium.com/@asharm.khan7/my-journey-to-earning-the-first-bounty-5314d1780f84?source=rss------bug_bounty-5 | Ashar Mahmood | bug-bounty, hacking, cyber-security-awareness, ethical-hacking, find-your-first-bug | 12-Aug-2024 |
21.4 Lab: Exploiting insecure output handling in LLMs | https://cyberw1ng.medium.com/21-4-lab-exploiting-insecure-output-handling-in-llms-4b17d8401fe6?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, hacking, cybersecurity, bug-bounty, careers | 12-Aug-2024 |
Getting all ips from Shodan easy | https://medium.com/@sangamahesh650/getting-all-ips-from-shodan-easy-400706799e53?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty-tips, hacking, bugbounty-writeup, penetration-testing, bug-bounty | 12-Aug-2024 |
Cross-Site Scripting Explained: Protect Your Website from Modern Threats | https://7hecoder.medium.com/secure-your-site-xss-guide-d780dd2ad098?source=rss------bug_bounty-5 | Aamir Khan | xss-vulnerability, web-development, secure-coding, bug-bounty, cybersecurity | 12-Aug-2024 |
The Hidden Threat: How Reverse Shells Packaged as .pyz Files Evade Detection | https://medium.com/@psychomong/the-hidden-threat-how-reverse-shells-packaged-as-pyz-files-evade-detection-e82d1f234187?source=rss------bug_bounty-5 | psychomong | hacker, hacking, meta, bug-bounty, whatsapp | 12-Aug-2024 |
How Much Did I Make in My First Year of Bug Bounty Work? | https://medium.com/@bountyget/how-much-did-i-make-in-my-first-year-of-bug-bounty-work-2f0583002db6?source=rss------bug_bounty-5 | Bountyget | infosec-write-ups, bug-bounty, earn-money-online, bug-bounty-tips, hacking | 12-Aug-2024 |
How I Hacked Into the World’s Top Universities Including MIT Cambridge & University of Oxford | https://medium.com/@josuofficial327/how-i-hacked-into-the-worlds-top-universities-including-mit-cambridge-university-of-oxford-a2e209d8abf7?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | cybersecurity, bug-bounty, vulnerability, ethical-hacking, hacking | 12-Aug-2024 |
Stored XSS in LibreOffice | https://bunny0417.medium.com/stored-xss-in-libreoffice-ed4ad22e0f56?source=rss------bug_bounty-5 | Aayush kumar | bug-bounty-tips, xs, libreoffice, stored-xss, bug-bounty | 11-Aug-2024 |
From Fries to Flaws : My Journey into Web App Security (Part IV) | https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-iv-956c3fcbec68?source=rss------bug_bounty-5 | OiQ | bug-bounty, web-app-security, vulnerability, bug-bounty-tips, penetration-testing | 11-Aug-2024 |
Internal and External Network penetration Testing | https://gaya3-r.medium.com/internal-and-external-network-penetration-testing-6a9421394618?source=rss------bug_bounty-5 | gayatri r | tools, bug-bounty, penetration-testing, owasp | 11-Aug-2024 |
How I found my first P3 bug (disclosure of PII/Privilege Escalation) | https://medium.com/@the.bugcrowd.testerpawan/how-i-found-my-first-p3-bug-disclosure-of-pii-privilege-escalation-148dbf610334?source=rss------bug_bounty-5 | the_air_cyborg | bug-bounty-tips, bugbounty-writeup, bug-bounty | 11-Aug-2024 |
Introduction to JWT | https://medium.com/@chanpreetkaur2005/introduction-to-jwt-f69162b59c24?source=rss------bug_bounty-5 | Chanpreet Kaur | web-exploitation, cybersecurity, bug-bounty, jwt, web-development | 11-Aug-2024 |
20.10 Lab: Using PHAR deserialization to deploy a custom gadget chain | https://cyberw1ng.medium.com/20-10-lab-using-phar-deserialization-to-deploy-a-custom-gadget-chain-39270975163f?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, hacking, careers, cybersecurity | 11-Aug-2024 |
Udemy Course off 50% CYBER082024 | https://cyberbruharmy.medium.com/udemy-course-off-50-cyber082024-c61d755d2714?source=rss------bug_bounty-5 | CyberBruhArmy | bug-bounty, firewall, bug-bounty-tips, security, cybersecurity | 11-Aug-2024 |
Hacking the System: How I Beat Subscription Restrictions in Admin Controls | https://0xmatrix.medium.com/hacking-the-system-how-i-beat-subscription-restrictions-in-admin-controls-5684fd90279a?source=rss------bug_bounty-5 | Mo2men Elmady | hacking, bugs, penetration-testing, red-team, bug-bounty | 11-Aug-2024 |
How I Got $150 on HackerOne for My First Bug | https://medium.com/@likithteki76/how-i-got-150-on-hackerone-for-my-first-bug-8af0ed515e79?source=rss------bug_bounty-5 | Likith Teki | bug-bounty-tips, 2fa-bypass, vulnerability, bug-bounty, ethical-hacking | 11-Aug-2024 |
IDOR — How I Leaked Data of 50k+ Users | https://medium.com/@YourFinalSin/idor-how-i-leaked-data-of-50k-users-bc44201e777a?source=rss------bug_bounty-5 | SIN | idor, bug-bounty-hunter, bug-bounty-writeup, bug-bounty, bug-bounty-tips | 10-Aug-2024 |
How I got my first $13500 bounty through Parameter Polluting (HPP) | https://infosecwriteups.com/how-i-got-my-first-13500-bounty-through-parameter-polluting-hpp-179666b8e8bb?source=rss------bug_bounty-5 | rAmpancist | hacking, bug-bounty-writeup, bug-bounty, cybersecurity, bug-bounty-tips | 10-Aug-2024 |
IDOR — Exposing private forms $$$ | https://medium.com/@hellother18/idor-exposing-private-forms-0204c1ed560a?source=rss------bug_bounty-5 | Manthan_ mahale | hacking, cybersecurity, ethical-hacking, bug-bounty, bugbounty-writeup | 10-Aug-2024 |
Day 8 of 30 Days — 30 Vulnerabilities | Security Misconfiguration | https://medium.com/@kumawatabhijeet2002/day-8-of-30-days-30-vulnerabilities-security-misconfiguration-5d8ee574e7e3?source=rss------bug_bounty-5 | Abhijeet kumawat | security-misconfiguration, bug-bounty, bug-bounty-tips | 10-Aug-2024 |
What is a Bug Bounty Program? | https://medium.com/@pasan62nanayakkara/what-is-a-bug-bounty-program-f64c90197229?source=rss------bug_bounty-5 | Ravindu Nanayakkara | bug-bounty, cybersecurity, security | 10-Aug-2024 |
$800 Improper Authorization Flaw: Unauthorized Project Reclaiming Post Transfer | https://medium.com/@a13h1/800-improper-authorization-flaw-unauthorized-project-reclaiming-post-transfer-15fe36976604?source=rss------bug_bounty-5 | Abhi Sharma | improper-authorization, cybersecurity, bug-bounty, idor, programming | 10-Aug-2024 |
Practice Lab Setup for Application Security Testing | https://medium.com/@Kamal_S/practice-lab-setup-for-application-security-testing-9fa2c9b45917?source=rss------bug_bounty-5 | Kamal S | bug-bounty, vapt, security-testing, appsec, owasp | 10-Aug-2024 |
The Evolution of Deserialization Attacks: Understanding the Risks and Future Trends | https://cyberw1ng.medium.com/the-evolution-of-deserialization-attacks-understanding-the-risks-and-future-trends-0e485ec7e833?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, careers, cybersecurity, hacking, bug-bounty | 10-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-69) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-69-fa42b90989a1?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, bug-bounty, skills, hacking, cybersecurity | 10-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-68) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-68-8e3af48d1c65?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, ethical-hacking, cybersecurity, bug-bounty, skills | 10-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-67) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-67-01756817b60c?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, skills, ethical-hacking, bug-bounty, hacking | 10-Aug-2024 |
How to Mitigate SQL Injection | https://medium.com/@dhiren.pradhan263/how-to-mitigate-sql-injection-20a26cfa96f5?source=rss------bug_bounty-5 | Dhiren Pradhan | security, bug-bounty, information-security | 09-Aug-2024 |
How to find P1 SQL injection in indian website. | https://medium.com/@padhyepushkar/how-to-find-p1-sql-injection-in-indian-website-59ad091a9e1b?source=rss------bug_bounty-5 | Pushkar Padhye | bug-bounty | 09-Aug-2024 |
How to Mitigate SQL Injection | https://medium.com/@bountyget/how-to-mitigate-sql-injection-20a26cfa96f5?source=rss------bug_bounty-5 | Bountyget | security, bug-bounty, information-security | 09-Aug-2024 |
Bug Bounty Programs Launched in August 2024 | https://medium.com/@vic-thor/bug-bounty-programs-launched-in-august-2024-ab698f18b7c5?source=rss------bug_bounty-5 | vic | bug-bounty, technology, tech, money, cybersecurity | 09-Aug-2024 |
Part 3: Enhancing Database Items in Angular using the Decorator Design Pattern: Bug Prevention… | https://medium.com/@nemanjablagojevic/part-3-enhancing-database-items-in-angular-using-the-decorator-design-pattern-bug-prevention-e965373a6219?source=rss------bug_bounty-5 | Nemanja Blagojevic | singleton, programming, angular, bug-bounty, ecommerce-web-development | 09-Aug-2024 |
From Developer to Hacker: Putting on the White Hat | https://medium.com/@jonathanmondaut/from-developer-to-hacker-putting-on-the-white-hat-b4292af8c1d4?source=rss------bug_bounty-5 | Jonathan Mondaut | cybersecurity, technology, bug-bounty, ethical-hacking, programming | 09-Aug-2024 |
How I Turned a Rate-Limit Bypass into an Account Takeover | https://anonysm.medium.com/how-i-turned-a-rate-limit-bypass-into-an-account-takeover-4588541c2d29?source=rss------bug_bounty-5 | Muthu D | ethical-hacking, hacking, pentesting, bug-bounty, penetration-testing | 09-Aug-2024 |
Enriching Nuclei results with Vulnerability Intel | https://medium.com/@nvi_90805/enriching-nuclei-results-with-vulnerability-intel-d760b756b066?source=rss------bug_bounty-5 | NVI - North Vulnerability Intelligence | vulnerability, cve, bug-bounty, nuclei-template, exploit | 09-Aug-2024 |
Mastering Subfinder for Subdomain Enumeration: A Quick Guide for Bug Bounty Hunters | https://medium.com/@k4r7hx/mastering-subfinder-for-subdomain-enumeration-a-quick-guide-for-bug-bounty-hunters-5d6c3d471896?source=rss------bug_bounty-5 | Karthikeyan | subdomain-enumeration, subdomains-enumeration, subdomain, bug-bounty, subdomain-takeover | 09-Aug-2024 |
Bug Bounty Methodology — Step By Step Guide To Find Subdomains And Vulnerable URLs | https://medium.com/@shaikhminhaz1975/bug-bounty-methodology-step-by-step-guide-to-find-subdomains-and-vulnerable-urls-18bdd76e979f?source=rss------bug_bounty-5 | Shaikh Minhaz | cybersecurity, reconnaissance, subdomains-enumeration, bug-bounty, methodology | 09-Aug-2024 |
20 Essential Google Dorking Queries to find vulnerable targets | https://offsec01.medium.com/20-essential-google-dorking-queries-to-find-vulnerable-targets-a98b657dc66d?source=rss------bug_bounty-5 | Facundo Fernandez | offensive-security, google-dorking, hacking-training, bug-bounty, hacking | 09-Aug-2024 |
Day 7 of 30 Days — 30 Vulnerability | IDOR (Insecure Direct Object Reference) | https://medium.com/@kumawatabhijeet2002/day-7-of-30-days-30-vulnerability-idor-insecure-direct-object-reference-79b8051d67e2?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, 30dayswritingchallenge, idor-vulnerability, idor, bug-bounty-tips | 09-Aug-2024 |
How dirsearch Uncovered a $750 Bounty | https://medium.com/@bountyget/how-dirsearch-uncovered-a-750-bounty-fd215c925eb7?source=rss------bug_bounty-5 | Bountyget | infosec, dirsearch, wordlist, bug-bounty, hackerone | 09-Aug-2024 |
What After Recon ? Part 01 Bug Bounty Methodology | https://omarora1603.medium.com/what-after-recon-part-01-bug-bounty-methodology-25ff3705a738?source=rss------bug_bounty-5 | Om Arora | infosec, bug-bounty, bug-bounty-writeup, methodology, hacking | 09-Aug-2024 |
Embracing Proactive Security Measures: Future-Proofing Against PHAR Deserialization and Beyond | https://cyberw1ng.medium.com/embracing-proactive-security-measures-future-proofing-against-phar-deserialization-and-beyond-49e1dec9000d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, hacking, penetration-testing, bug-bounty | 09-Aug-2024 |
How i hacked NASA? NASA VDP. | https://medium.com/@momos1337/how-i-hacked-nasa-bug-bounty-6975b833eb45?source=rss------bug_bounty-5 | Fadhli Almunawar | cybersecurity, bug-bounty | 09-Aug-2024 |
How dirsearch Uncovered a $750 Bounty | https://medium.com/@bountyget/how-dirsearch-uncovered-a-750-bounty-fd215c925eb7?source=rss------bug_bounty-5 | Bountyget | infosec, dirsearch, wordlist, info-sec-writeups, bug-bounty | 09-Aug-2024 |
L6 — Postbook | https://scissor07.medium.com/l6-postbook-8d5b322a0801?source=rss------bug_bounty-5 | scissor_seven | writeup, cybersecurity, bug-bounty, hackerone, ctf | 08-Aug-2024 |
Web App Security Scanner- Vex Scanner | https://medium.com/@pentesterclubpvtltd/web-app-security-scanner-vex-scanner-e150e9a03ffc?source=rss------bug_bounty-5 | Pentester Club | cybersecurity, scalability, bug-bounty, hacking, security | 08-Aug-2024 |
OAuth Impersonation Attack: Misconfiguration of Facebook and Google OAuth Leading to Account… | https://medium.com/@security.tecno/oauth-impersonation-attack-misconfiguration-of-facebook-and-google-oauth-leading-to-account-9f838439de31?source=rss------bug_bounty-5 | TECNO Security | bug-bounty, security, hacker | 08-Aug-2024 |
Hijacking User Privileges: The Story of a Patched Vulnerability in Open Bug Bounty | https://take0verx0.medium.com/hijacking-user-privileges-the-story-of-a-patched-vulnerability-in-open-bug-bounty-4db81fa0fd1f?source=rss------bug_bounty-5 | Shahariar Amin | bug-bounty, bug-bounty-tips, web-security, openbugbounty | 08-Aug-2024 |
Last Week in tech — 5th edition | https://medium.com/@azefox/last-week-in-tech-5th-edition-0f559055dcf6?source=rss------bug_bounty-5 | Azefox | cloud-computing, ai, bug-bounty, infosec, news | 08-Aug-2024 |
O manual do Hacker Moderno | https://medium.com/@espectrx/o-manual-do-hacker-moderno-2a715e35184c?source=rss------bug_bounty-5 | Rafael Henrique | hackingrévolution, hackerone, hacker-ético, bug-bounty, hacking | 08-Aug-2024 |
Building a Resilient Security Framework: Long-Term Strategies for Combating PHAR Deserialization… | https://cyberw1ng.medium.com/building-a-resilient-security-framework-long-term-strategies-for-combating-phar-deserialization-de5b38c6aff2?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, hacking, penetration-testing, careers | 08-Aug-2024 |
Easiest P3 You May Not Know | https://muneebalamkhan.medium.com/easiest-p3-you-may-not-know-54ae73cd3361?source=rss------bug_bounty-5 | Muneeb Alam Khan | bug-bounty-tips, penetration-testing, bug-bounty, bounty-hunter, penetration-test | 07-Aug-2024 |
SSRF: Blacklist and Whitelist-Based Input Filters | https://infosecwriteups.com/ssrf-blacklist-and-whitelist-based-input-filters-1c602b872731?source=rss------bug_bounty-5 | Neetrox | cybersecurity, cyber-security-awareness, bug-bounty, cyberattack, technology | 07-Aug-2024 |
Client-Side Desync in HTTP: Understanding the Vulnerabilities and How to Mitigate Them | https://medium.com/@miladkeivanfar/client-side-desync-in-http-understanding-the-vulnerabilities-and-how-to-mitigate-them-f3552164a6c9?source=rss------bug_bounty-5 | Milad keivanfar | security, pentesting, desync, bug-bounty, smuggling | 07-Aug-2024 |
Nahamsec’s Intro to Bug Bounty Labs: Your Setup Guide | https://medium.com/@k4r7hx/nahamsecs-intro-to-bug-bounty-labs-your-setup-guide-145199ee948a?source=rss------bug_bounty-5 | Karthikeyan | bug-bounty, ethical-hacking, penetration-testing, nahamstore, hacking | 07-Aug-2024 |
ALL ABOUT TRAVA BUG BOUNTY — FINDING THE FAULTS IN TRAVA.FINANCE | https://blog.trava.finance/all-about-trava-bug-bounty-finding-the-faults-in-trava-finance-ebdcf476c1d6?source=rss------bug_bounty-5 | Trava.Finance | dapps, web3, bug-bounty, blockchain | 07-Aug-2024 |
Easiest P3/P4 security misconfiguration to make $$ as a beginner. | https://medium.com/@sugamdangal52/easiest-p3-p4-security-misconfiguration-to-make-as-a-beginner-d4f019ad4b85?source=rss------bug_bounty-5 | Sugam Dangal | bug-bounty-program, bug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-bounty-tips | 07-Aug-2024 |
Real-World Applications and Case Studies of PHAR Deserialization Defense | https://cyberw1ng.medium.com/real-world-applications-and-case-studies-of-phar-deserialization-defense-f65b67c503aa?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, penetration-testing, cybersecurity, bug-bounty, hacking | 07-Aug-2024 |
Day 5 of 30 Days — 30 Vulnerabilities | Open Redirects | https://medium.com/@kumawatabhijeet2002/day-5-of-30-days-30-vulnerabilities-open-redirects-386ea2fa1a66?source=rss------bug_bounty-5 | Abhijeet kumawat | bug-bounty, bug-bounty-tips, open-redirect, 30dayschallenge, 30dayswritingchallenge | 07-Aug-2024 |
Mastering Dirsearch for Bug Hunting | https://medium.com/@josuofficial327/mastering-dirsearch-for-bug-hunting-f34272c0ba28?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | bug-bounty, bug-bounty-tips, ethical-hacking, cybersecurity, hacking | 06-Aug-2024 |
SSRF to Server Takeover PoC (Bug Bounty Writeup) | https://medium.com/@malvinval/ssrf-to-server-takeover-poc-bug-bounty-writeup-82d6715e333d?source=rss------bug_bounty-5 | Malvin Valerian | cybersecurity, ethical-hacking, bug-bounty-tips, hacking, bug-bounty | 06-Aug-2024 |
From Fries to Flaws : My Journey into Web App Security (Part III) | https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-iii-ce91eb384da7?source=rss------bug_bounty-5 | OiQ | penetration-testing, broken-access-control, web-app-security, bug-bounty, bug-bounty-tips | 06-Aug-2024 |
My First Bug Bounty: CORS Misconfiguration | https://r0b0ts.medium.com/my-first-bug-bounty-cors-misconfiguration-3e6f38835c4e?source=rss------bug_bounty-5 | r0b0ts | bug-bounty-writeup, bug-bounty, secu, bug-bounty-tips, bug-bounty-hunter | 06-Aug-2024 |
Reflected HTML injection leads to redirection and what’s not! | https://medium.com/@shahariarwalid/reflected-html-injection-leads-to-redirection-and-whats-not-3de256b16c30?source=rss------bug_bounty-5 | Shahariar Amin | bug-bounty, web-hacking, poc | 06-Aug-2024 |
Race Condition About The User Version and Ignored | https://r0b0ts.medium.com/race-condition-about-the-user-version-and-ignored-c98fec642d1b?source=rss------bug_bounty-5 | r0b0ts | bug-bounty-tips, bug-bounty-writeup, bug-bounty, security, bug-bounty-hunter | 06-Aug-2024 |
Mastering Network Reconnaissance with Nmap: A Comprehensive Guide | https://medium.com/@WillFromSwiss/mastering-network-reconnaissance-with-nmap-a-comprehensive-guide-e37fe3cdf8ff?source=rss------bug_bounty-5 | WillFromSwiss | pentesting, hacking, bug-bounty, recon, nmap | 06-Aug-2024 |
Bypass Admin Panel Access Steps — Bug Tuesday | https://medium.com/@kerstan/bypass-admin-panel-access-steps-bug-tuesday-36e7be470dae?source=rss------bug_bounty-5 | kerstan | cybersecurity, bug-bounty, hacking | 06-Aug-2024 |
Discovering and Exploiting an XSS Vulnerability in an Admin Panel | https://soltanali0.medium.com/discovering-and-exploiting-an-xss-vulnerability-in-an-admin-panel-8abbc97931fd?source=rss------bug_bounty-5 | soltanali0 | admin-panel, xss-attack, hackerone, bug-bounty-tips, bug-bounty | 06-Aug-2024 |
Reflected HTML injection leads to redirection and what’s not! | https://take0verx0.medium.com/reflected-html-injection-leads-to-redirection-and-whats-not-3de256b16c30?source=rss------bug_bounty-5 | Shahariar Amin | bug-bounty, web-hacking, poc | 06-Aug-2024 |
Advanced Defense Mechanisms and Continuous Monitoring Against PHAR Deserialization | https://cyberw1ng.medium.com/advanced-defense-mechanisms-and-continuous-monitoring-against-phar-deserialization-00512489faf1?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, penetration-testing, bug-bounty, careers, hacking | 06-Aug-2024 |
Hacking OWASP Juice Shop: Part 5- Privilege Escalation via Manipulated User Registration | https://infosecwriteups.com/hacking-owasp-juice-shop-part-5-privilege-escalation-via-manipulated-user-registration-4b1c5227aa81?source=rss------bug_bounty-5 | callgh0st | hacking, manipulation, logic, privilege-escalation, bug-bounty | 06-Aug-2024 |
From Secure to Breached: The Journey from Confidence to Compromise | https://medium.com/@armandjasharaj/from-secure-to-breached-the-journey-from-confidence-to-compromise-38fcb7e9ef7c?source=rss------bug_bounty-5 | Armand Jasharaj | penetration-testing, bug-bounty, cybersecurity, information-security | 06-Aug-2024 |
Understanding and Mitigating Open Redirection Vulnerability (CVE-2021–36580) in Webmail/Basic… | https://medium.com/@anonymousshetty2003/understanding-and-mitigating-open-redirection-vulnerability-cve-2021-36580-in-webmail-basic-24b12c3df17d?source=rss------bug_bounty-5 | Anonymousshetty | open-redirection, ethical-hacking, cybersecurity, bug-bounty | 06-Aug-2024 |
How to Use Netcat as a Persistent Backdoor Utility? | https://medium.com/@pentesterclubpvtltd/how-to-use-netcat-as-a-persistent-backdoor-utility-57bb01cbf9cc?source=rss------bug_bounty-5 | Pentester Club | hacking, bug-bounty-tips, bug-bounty, metasploit, cybersecurity | 06-Aug-2024 |
Ping a site to find out information about it. | https://medium.com/@pentesterclubpvtltd/ping-a-site-to-find-out-information-about-it-43efdb62b4a0?source=rss------bug_bounty-5 | Pentester Club | cyber-security-awareness, bug-bounty, cybersecurity, ping, cybercrime | 05-Aug-2024 |
Maltego — The Automated OSINT Tool for Ethical Hackers | https://medium.com/@pentesterclubpvtltd/maltego-the-automated-osint-tool-for-ethical-hackers-d6bc5737812e?source=rss------bug_bounty-5 | Pentester Club | bug-bounty, ethical-hacking, maltego, cybersecurity, osint | 05-Aug-2024 |
Recon-ng — Complete Scan — Emails, Sub Domains & Hidden Files | https://medium.com/@pentesterclubpvtltd/recon-ng-complete-scan-emails-sub-domains-hidden-files-b357cffd1e0b?source=rss------bug_bounty-5 | Pentester Club | scan, recon, enumeration, cybersecurity, bug-bounty | 05-Aug-2024 |
Perform Network Tracerouting in Linux Machines | https://medium.com/@pentesterclubpvtltd/perform-network-tracerouting-in-linux-machines-28b6bf57bf71?source=rss------bug_bounty-5 | Pentester Club | bug-bounty, machine-learning, linux, networking, cybersecurity | 05-Aug-2024 |
Gather Information About a Target Website Using Photon | https://medium.com/@pentesterclubpvtltd/gather-information-about-a-target-website-using-photon-839612a85319?source=rss------bug_bounty-5 | Pentester Club | web-design, cybersecurity, bug-bounty, web-development, web3 | 05-Aug-2024 |
Mirror a Target Website Using HTTrack website Copier | https://medium.com/@pentesterclubpvtltd/mirror-a-target-website-using-httrack-website-copier-0489c23d66b3?source=rss------bug_bounty-5 | Pentester Club | web3, website-design, web-development, cybersecurity, bug-bounty | 05-Aug-2024 |
Extract Companys Website Data Using Web Data Extractor | https://medium.com/@pentesterclubpvtltd/extract-companys-website-data-using-web-data-extractor-a2957c56fd3f?source=rss------bug_bounty-5 | Pentester Club | data, website, bug-bounty, web3, cybersecurity | 05-Aug-2024 |
Gather Personal Information Using PeekYou online People Search Service | https://medium.com/@pentesterclubpvtltd/gather-personal-information-using-peekyou-online-people-search-service-8a523a180f0d?source=rss------bug_bounty-5 | Pentester Club | data, bug-bounty, cybersecurity, people, search-engine-optimizati | 05-Aug-2024 |
Mastering Angry IP Scanner: Unleashing the Power of Network Diagnostics | https://medium.com/@pentesterclubpvtltd/mastering-angry-ip-scanner-unleashing-the-power-of-network-diagnostics-43388a593650?source=rss------bug_bounty-5 | Pentester Club | networking, bug-zero, cybersecurity, bug-bounty, angry | 05-Aug-2024 |
Uncover the Shocking Truth Behind HTTP Header Injection Attacks: Protect Yourself Now! | https://systemweakness.com/the-hidden-danger-lurking-in-your-http-headers-3f93474933cb?source=rss------bug_bounty-5 | Khaleel Khan | hacking, bug-bounty, cybersecurity, infosec, web-development | 05-Aug-2024 |
Exploit Public-Facing Application concepts | https://medium.com/@alimostafaeiorg/exploit-public-facing-application-concepts-95c9d9efe76b?source=rss------bug_bounty-5 | Ali Mostafaei | pentest, exploit, xs, exploit-public-facing, bug-bounty | 05-Aug-2024 |
You might have never understood the OSI Model this way. | https://medium.com/@rohillachhavi12/you-might-have-never-understood-the-osi-model-this-way-2b3d234c5bac?source=rss------bug_bounty-5 | Chhavi Rohilla | networking, technology, bug-bounty, learning, cybersecurity | 05-Aug-2024 |
SQL Injection Part 1️⃣ | https://infosecwriteups.com/sql-injection-part-1%EF%B8%8F%E2%83%A3-eead93a673a2?source=rss------bug_bounty-5 | Neetrox | cybersecurity, sql, data, bug-bounty, cyber-security-awareness | 05-Aug-2024 |
Discovering and Exploiting an XSS Vulnerability in a Bug Bounty Program Scope | https://medium.com/@anonymousshetty2003/discovering-and-exploiting-an-xss-vulnerability-in-a-bug-bounty-program-scope-383327e7f290?source=rss------bug_bounty-5 | Anonymousshetty | cybersecurity, bug-bounty, xss-vulnerability, ethical-hacking | 05-Aug-2024 |
From Detection to Notification: Security Automation to Earn $$$$ | https://vijetareigns.medium.com/from-detection-to-notification-security-automation-to-earn-4ea1a13576bc?source=rss------bug_bounty-5 | the_unlucky_guy | bugbounty-writeup, cybersecurity, technology, bug-bounty, automation | 05-Aug-2024 |
How i found Host Header Injection on SpaceX | https://medium.com/@gitlime71/how-i-found-host-header-injection-on-spacex-3a9b45db70e8?source=rss------bug_bounty-5 | Raccoon | penetration-testing, bug-bounty, pentesting, hacking, bug-bounty-tips | 05-Aug-2024 |
Zero-Click account Take-over | https://0xebn-taimia.medium.com/zero-click-account-take-over-deb0fae7a6c1?source=rss------bug_bounty-5 | 0xEbn-Taimia | bug-bounty, cybersecurity, bugs, ato | 05-Aug-2024 |
Advanced Techniques and Defenses Against PHAR Deserialization Exploits | https://cyberw1ng.medium.com/advanced-techniques-and-defenses-against-phar-deserialization-exploits-c65074fa5035?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, penetration-testing, bug-bounty, hacking, careers | 05-Aug-2024 |
Day 3 of 30 Days — 30 Vulnerability | CSRF | https://medium.com/@kumawatabhijeet2002/day-3-of-30-days-30-vulnerability-csrf-3958560fb941?source=rss------bug_bounty-5 | Abhijeet kumawat | vulnerability, bug-bounty, cybersecurity, csrf-attack | 05-Aug-2024 |
Unveiling Remote Code Execution in AI chatbot workflows | https://infosecwriteups.com/unveiling-remote-code-execution-in-ai-chatbot-workflows-3c7f633f63c3?source=rss------bug_bounty-5 | Anurag__Verma | ethical-hacking, infosec, penetration-testing, bugs, bug-bounty | 05-Aug-2024 |
How I Got Critical P2 Bug on Google VRP | https://medium.com/@rhashibur75/how-i-got-critical-p2-bug-on-google-vrp-165017145af8?source=rss------bug_bounty-5 | Kazi Hashibur Rahman | google-bug, bugs, bug-bounty-tips, bug-bounty, google | 04-Aug-2024 |
Insecure Deserialization — Why it is a vulnerability | https://medium.com/@nanak.singh/insecure-deserialization-why-it-is-a-vulnerability-74e22e878cf4?source=rss------bug_bounty-5 | Nanak Singh Khurana | web-security, insecure-deserialization, hacking, bug-bounty | 04-Aug-2024 |
Simple Authentication Bypass By Response Manipulation. | https://medium.com/@test123cybertest/simple-authentication-bypass-by-response-manipulation-44ba530e803b?source=rss------bug_bounty-5 | praveenarsh0xx0 | hacking, tips-and-tricks, cybersecurity, pentest, bug-bounty | 04-Aug-2024 |
Hacking OWASP Juice Shop: Part 3- Exploiting Insufficient Server-Side Checks:::Bypassing Input… | https://infosecwriteups.com/hacking-owasp-juice-shop-part-3-exploiting-insufficient-server-side-checks-bypassing-input-6b4368449c2f?source=rss------bug_bounty-5 | callgh0st | hacking, input-validation, burpsuite, consistency, bug-bounty | 04-Aug-2024 |
SQL Injection Attack, Querying the Database Type and Version on MySQL and Microsoft | https://medium.com/@marduk.i.am/sql-injection-attack-querying-the-database-type-and-version-on-mysql-and-microsoft-caf947d0208a?source=rss------bug_bounty-5 | Marduk I Am | sqli, sql-injection, bug-bounty, information-security, portswigger-lab | 04-Aug-2024 |
Hacking OWASP Juice Shop: Part4 — Exploiting Payment and Input Validation Loopholes | https://infosecwriteups.com/hacking-owasp-juice-shop-part4-exploiting-payment-and-input-validation-loopholes-59f6b8485c3e?source=rss------bug_bounty-5 | callgh0st | prompt, bypass, consistency, hacking, bug-bounty | 04-Aug-2024 |
Simple logic flaw lead to P3 bug in public BBP | https://medium.com/@mohamed0xmuslim/simple-logic-flaw-lead-to-p3-bug-in-public-bbp-7cf21a4fb7c6?source=rss------bug_bounty-5 | Muhammad_Mostafa | bug-bounty, bugcrowd, bugbounty-writeup, bug-bounty-tips, hackerone | 04-Aug-2024 |
curityPHAR Deserialization: Exploiting Hidden Vulnerabilities in PHP | https://cyberw1ng.medium.com/curityphar-deserialization-exploiting-hidden-vulnerabilities-in-php-c68891254c13?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, cybersecurity, penetration-testing, hacking | 04-Aug-2024 |
Kioptrix Level 3 Walkthrough | https://erdemstar.medium.com/kioptrix-level-3-walkthrough-25dce894e7e3?source=rss------bug_bounty-5 | Erdemstar | oscp-preparation, bug-bounty, pentesting, oscp, bug-bounty-tips | 04-Aug-2024 |
Exploiting Negative Quantity Manipulation for Total Price Reduction | https://medium.com/@adhammedhat101/s-e615c50a1798?source=rss------bug_bounty-5 | SemZ | cybersecurity, bug-bounty, bugbounty-writeup, penetration-testing, web-app-security | 04-Aug-2024 |
Don’t Know Where to Look for Bugs? A Beginner’s Guide to Bug Hunting | https://medium.com/@paritoshblogs/dont-know-where-to-look-for-bugs-a-beginner-s-guide-to-bug-hunting-780780eec09b?source=rss------bug_bounty-5 | Paritosh | bug-bounty-tips, bug-bounty, information-technology, information-security, cybersecurity | 03-Aug-2024 |
How I prevented a mass leak of user data at one of the largest Tech companies | https://medium.com/@syarifsajjad07/how-i-prevented-a-mass-leak-of-user-data-at-one-of-the-largest-tech-companies-caea05474af8?source=rss------bug_bounty-5 | Syarifsajjad | hackerone, bug-bounty-tips, cybersecurity, bug-bounty, bugbounty-writeup | 03-Aug-2024 |
30 Days — 30 Vulnerability Challenge | https://it4chis3c.medium.com/30-days-30-vulnerability-challenge-28edae3b25d4?source=rss------bug_bounty-5 | It4chis3c | bug-bounty-tips, bug-bounty, 30dayswritingchallenge | 03-Aug-2024 |
Day 1 of 30 Days — 30 Vulnerabilities Tips & Tricks | https://it4chis3c.medium.com/day-1-of-30-days-30-vulnerabilities-tips-tricks-4cff7b2756a2?source=rss------bug_bounty-5 | It4chis3c | 30dayswritingchallenge, xss-attack, xss-vulnerability, bug-bounty-tips, bug-bounty | 03-Aug-2024 |
How I Hacked and Secured a Croatian Government Website: A White Hat Journey | https://harshit3.medium.com/how-i-hacked-and-secured-a-croatian-government-website-a-white-hat-journey-d452fbb8e711?source=rss------bug_bounty-5 | Harshit | ethical-hacking, bug-bounty, security, vulnerability, cybersecurity | 03-Aug-2024 |
How a Host Header Injection Bug Earned Me My Fourth Hall of Fame Spot at Apple | https://medium.com/@MohaseenK/how-a-host-header-injection-bug-earned-me-my-fourth-hall-of-fame-spot-at-apple-b5d880acbba2?source=rss------bug_bounty-5 | Mohaseen | infosec, hall-of-fame, hackerone, bug-bounty, apple | 03-Aug-2024 |
Your AI Conversations Aren’t Safe: How We Stole Them | https://h0tak88r.medium.com/your-ai-conversations-arent-safe-how-we-stole-them-02c17db2ed72?source=rss------bug_bounty-5 | sallam | bug-bounty-tips, prompt-injection-attack, ai-hacking, bug-bounty, oauth | 03-Aug-2024 |
How I Earned $469 Bounty: Bypassing Plan Restriction | https://medium.com/@a13h1/how-i-earned-469-bounty-bypassing-plan-restriction-58f6d3120b6e?source=rss------bug_bounty-5 | Abhi Sharma | access-control, programming, infosec, cybersecurity, bug-bounty | 03-Aug-2024 |
How to Find Vulnerabilities and Bugs with the Help of ChatGPT and Get Bounty | https://medium.com/@shaikhminhaz1975/how-to-find-vulnerabilities-and-bugs-with-the-help-of-chatgpt-and-get-bounty-f1ee5b6b0dd0?source=rss------bug_bounty-5 | Shaikh Minhaz | bug-bounty-with-ai, bug-bounty, chatgpt, cybersecurity, find-bug-with-chatgpt | 03-Aug-2024 |
how I found a critical bug using response manipulation | https://matrixm0x1.medium.com/how-i-found-a-critical-bug-using-response-manipulation-4403a562db12?source=rss------bug_bounty-5 | matrixm0x1 | security, vulnerability, cybersecurity, bugs, bug-bounty | 03-Aug-2024 |
20.9 Lab: Developing a custom gadget chain for PHP deserialization | https://cyberw1ng.medium.com/20-9-lab-developing-a-custom-gadget-chain-for-php-deserialization-c173ff462156?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, cybersecurity, hacking, penetration-testing | 03-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-66) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-66-9a60c229db5e?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, skills, hacking, bug-bounty, cybersecurity | 03-Aug-2024 |
How could privilege escalation vulnerability lead to full account takeover? | https://medium.com/@moxallam/how-could-privilege-escalation-vulnerability-lead-to-full-account-takeover-0d49d3d5fbee?source=rss------bug_bounty-5 | 3llam | pentesting, web-application-security, bug-bounty, cyber-security-services, bug-bounty-writeup | 03-Aug-2024 |
Uncovering a Reflected XSS Vulnerability in an Insurance Company’s Website | https://medium.com/@anonymousshetty2003/uncovering-a-reflected-xss-vulnerability-in-an-insurance-companys-website-ee56c3492381?source=rss------bug_bounty-5 | Anonymousshetty | bug-bounty, cybersecurity, ethical-hacking | 03-Aug-2024 |
Discovering a Reflected XSS Vulnerability in an Shopping Website | https://medium.com/@anonymousshetty2003/discovering-a-reflected-xss-vulnerability-in-an-shopping-website-d9ea72be73ef?source=rss------bug_bounty-5 | Anonymousshetty | bug-bounty, xss-vulnerability, ethical-hacking, cybersecurity | 03-Aug-2024 |
The first $100 from Bug Hunter | https://medium.com/@osamamohamed21212121/the-first-100-from-bug-hunter-aaee9a0ac547?source=rss------bug_bounty-5 | Osamamohamed | cybersecurity, security, vulnerability, bug-bounty, bus | 03-Aug-2024 |
How I Escalated N/A to High and Got Rewarded £££: Bug Hunting Journey | https://medium.com/@iamrizwanvp/how-i-escalated-n-a-to-medium-and-got-rewarded-bug-hunting-journey-c6e6097fe93c?source=rss------bug_bounty-5 | iamrizwanvp | bug-bounty, penetration-testing, cybersecurity, bugbounty-writeup | 03-Aug-2024 |
From Fries to Flaws : My Journey into Web App Security (Part II) | https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-ii-6127ecc7d93f?source=rss------bug_bounty-5 | OiQ | bug-bounty, web-application-security, cybersecurity, xss-vulnerability, bug-bounty-tips | 03-Aug-2024 |
Tips about bug bounty for complete begginers | https://medium.com/@mrkimia097/tips-about-bug-bounty-for-complete-begginers-0fa1c85594ad?source=rss------bug_bounty-5 | Mrkimia | bug-bounty, hacker, bugbounty-tips | 03-Aug-2024 |
How I Escalated N/A to High and Got Rewarded $$$: Bug Hunting Journey | https://medium.com/@iamrizwanvp/how-i-escalated-n-a-to-medium-and-got-rewarded-bug-hunting-journey-c6e6097fe93c?source=rss------bug_bounty-5 | iamrizwanvp | bug-bounty-tips, bug-bounty, penetration-testing, cybersecurity, bugbounty-writeup | 03-Aug-2024 |
#4. Bug Bounty Series: Exploiting Boolean-based SQL Injection | https://cyb3rmind.medium.com/4-bug-bounty-series-exploiting-boolean-based-sql-injection-3455d800892e?source=rss------bug_bounty-5 | Cyb3r M!nds | pentesting, hacking, bug-bounty, sql-injection | 02-Aug-2024 |
Bounty Hunting — Complete Guide (Part-65) | https://medium.com/@rafid19/bounty-hunting-complete-guide-part-65-885040ada45a?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | skills, hacking, cybersecurity, ethical-hacking, bug-bounty | 02-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-64) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-64-aa6bc5c45197?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, ethical-hacking, hacking, skills, bug-bounty | 02-Aug-2024 |
Bug Bounty Hunting — Complete Guide (Part-63) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-63-fdea83c2c38f?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, cybersecurity, ethical-hacking, skills, hacking | 02-Aug-2024 |
Best youtube channels to learn bughunting and penetration testing | https://medium.com/@sangamahesh650/best-youtube-channels-to-learn-bughunting-and-penetration-testing-eea2e78a202a?source=rss------bug_bounty-5 | loyalonlytoday | penetration-testing, bug-bounty-writeup, bugbounty-tips, bug-bounty-tips, bug-bounty | 02-Aug-2024 |
Finding subdomains from google | https://medium.com/@sangamahesh650/finding-subdomains-from-google-7f370fe60ad1?source=rss------bug_bounty-5 | loyalonlytoday | penetration-testing, bugbounting, bug-bounty, bug-bounty-tips, bug-bounty-writeup | 02-Aug-2024 |
Search engines for hackers and bughunters | https://medium.com/@sangamahesh650/search-engines-for-hackers-and-bughunters-16139aa60752?source=rss------bug_bounty-5 | loyalonlytoday | bugbounty-writeup, bug-bounty-tips, bug-bounty, hacking, penetration-testing | 02-Aug-2024 |
Finding more subdomains | https://medium.com/@sangamahesh650/finding-more-subdomains-1f5221e79310?source=rss------bug_bounty-5 | loyalonlytoday | bug-bounty, bugbounty-tips, bug-bounty-tips | 02-Aug-2024 |
Overview of API Penetration Testing | https://medium.com/@aakashgupthagwapt/overview-of-api-penetration-testing-2065f6722f4e?source=rss------bug_bounty-5 | Aakashguptha | penetration-testing, api-penetration-testing, bug-bounty, cybersecurity, api | 02-Aug-2024 |
20.8 Lab: Developing a custom gadget chain for Java deserialization | https://cyberw1ng.medium.com/20-8-lab-developing-a-custom-gadget-chain-for-java-deserialization-01b85e1e998a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, careers, hacking, bug-bounty, cybersecurity | 02-Aug-2024 |
I found RCE on Viber. | https://medium.com/@deadoverflow/i-found-rce-on-viber-432cf9e17eb0?source=rss------bug_bounty-5 | Imad Husanovic | cyber-security-awareness, programming, hacking, rce, bug-bounty | 02-Aug-2024 |
Email Verification Bypass Easy-P4 | https://medium.com/@Ajakcybersecurity/email-verification-bypass-easy-p4-70039d0b8fd9?source=rss------bug_bounty-5 | AjakCybersecurity | technology, penetration-testing, bug-bounty, hacking, ethical-hacking | 02-Aug-2024 |
Client-Side XSS: The DOM-based Debacle (Cross Site Scripting) | https://medium.com/@godsxfinger/client-side-xss-the-dom-based-debacle-cross-site-scripting-7a14904934d9?source=rss------bug_bounty-5 | Aadi (godsxfinger) | xs, web-app-security, bug-bounty, cybersecurity, bug-bounty-tips | 01-Aug-2024 |
Serialization and Deserialization: Advanced Concepts and Best Practices | https://cyberw1ng.medium.com/serialization-and-deserialization-advanced-concepts-and-best-practices-c6562fce9e4b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, careers, penetration-testing, cybersecurity | 01-Aug-2024 |
Understanding Cross-Site Scripting (XSS) | https://medium.com/@soheilvanaee.net/understanding-cross-site-scripting-xss-5610d02cc5c4?source=rss------bug_bounty-5 | Soheilvanaee Net | bug-bounty, cybersecurity, web-hacking | 01-Aug-2024 |
First Bug Report: HTML Injection Vulnerability ️♂️ | https://medium.com/@youseftamereg/first-bug-report-html-injection-vulnerability-%EF%B8%8F-%EF%B8%8F-7a5e042d6548?source=rss------bug_bounty-5 | yousef tamer | html-injection, writeup, bug-bounty | 01-Aug-2024 |
Wasabi Bucket Takeover | Bug Bounty | https://mo9khu93r.medium.com/wasabi-bucket-takeover-bug-bounty-7520e8decde7?source=rss------bug_bounty-5 | mo9khu93r | ethical-hacking, cybersecurity, subdomain-takeover, bug-bounty | 31-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-62) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-62-4ff0fce045ca?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, ethical-hacking, skills, bug-bounty, hacking | 31-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-61) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-61-1c6514a2067b?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, cybersecurity, bug-bounty, skills, hacking | 31-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-60) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-60-76ea9ba1551c?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | skills, bug-bounty, hacking, cybersecurity, ethical-hacking | 31-Jul-2024 |
Step-by-Step Guide On How to Find Your First Bug in Web Applications | https://medium.com/@shaikhminhaz1975/step-by-step-guide-on-how-to-find-your-first-bug-in-web-applications-0080f6a7f945?source=rss------bug_bounty-5 | Shaikh Minhaz | cybersecurity, bug-bounty, vulnerability, information-disclosure, ethical-hacking | 31-Jul-2024 |
How To Find Your 1st Bug For Bug Bounty Hunters (Step by Step Guide) Guarantee Result | https://medium.com/@shaikhminhaz1975/step-by-step-guide-on-how-to-find-your-first-bug-in-web-applications-0080f6a7f945?source=rss------bug_bounty-5 | Shaikh Minhaz | cybersecurity, bug-bounty, vulnerability, information-disclosure, ethical-hacking | 31-Jul-2024 |
SAML Authentication Bypass Leading to Admin Panel Access | https://medium.com/@0x_xnum/saml-authentication-bypass-leading-to-admin-panel-access-24f23812ed76?source=rss------bug_bounty-5 | Ahmed Tarek | bug-bounty, saml, privilege-escalation, broken-access-control, authentication-bypass | 31-Jul-2024 |
Don’t know where to look for bugs ?? In Depth Recon Bug Bounty — Part 02 | https://omarora1603.medium.com/dont-know-where-to-look-for-bugs-in-depth-recon-bug-bounty-part-02-9d7c55e045aa?source=rss------bug_bounty-5 | Om Arora | bug-bounty-writeup, hacking, bug-bounty, methodology, infosec | 31-Jul-2024 |
My Journey into Cybersecurity: Learning Bug Bounty from Scratch | https://medium.com/@akashathare411/my-journey-into-cybersecurity-learning-bug-bounty-from-scratch-abc2b45f04c5?source=rss------bug_bounty-5 | Akash Athare | learning, cybersecurity, bug-bounty, iit, masters-degree | 31-Jul-2024 |
Serialization and Deserialization: An Essential Guide | https://cyberw1ng.medium.com/serialization-and-deserialization-an-essential-guide-30552a9cf379?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, careers, cybersecurity, penetration-testing | 31-Jul-2024 |
Hack and make money — Bug Bounty | https://medium.com/@victoras.croitoru/hack-and-make-money-bug-bounty-d9db818eb33e?source=rss------bug_bounty-5 | vic | online, ethical-hacking, hacking, money, bug-bounty | 31-Jul-2024 |
NgeSec Bebas #3 — How to Avoid N/A on Submissions | https://muh-hidayat7799.medium.com/ngesec-bebas-3-how-to-avoid-n-a-on-submissions-9acf14ef7ba1?source=rss------bug_bounty-5 | Muhamad Hidayat | methodology, risk-management, bug-bounty, app-security, penetration-testing | 31-Jul-2024 |
Don’t know where to look for bugs ?? In Depth Recon Bug Bounty — Part 02 | https://infosecwriteups.com/dont-know-where-to-look-for-bugs-in-depth-recon-bug-bounty-part-02-9d7c55e045aa?source=rss------bug_bounty-5 | Om Arora | bug-bounty-writeup, hacking, bug-bounty, methodology, infosec | 31-Jul-2024 |
Why bug bounty program should be a part of your security strategy — ET CISO | https://nowitsanurag.medium.com/why-bug-bounty-program-should-be-a-part-of-your-security-strategy-et-ciso-ad5abf991292?source=rss------bug_bounty-5 | Anurag | cybersecurity, bug-bounty, ransomware, vulnerability | 31-Jul-2024 |
Uncovering Sensitive Information: A Case Study on a Government Website | https://medium.com/@anonymousshetty2003/uncovering-sensitive-information-a-case-study-on-a-government-website-1f5ad0e158ec?source=rss------bug_bounty-5 | Anonymousshetty | hacking, ethical-hacking, bug-bounty, wpscan, cybersecurity | 31-Jul-2024 |
Stored XSS: When Bad Code Happens to Good Websites (Cross Site Scripting) | https://medium.com/@godsxfinger/stored-xss-when-bad-code-happens-to-good-websites-a5d6b4e629ca?source=rss------bug_bounty-5 | Aadi (godsxfinger) | bug-bounty, cross-site-scripting, xs, web-app-security, cybersecurity | 31-Jul-2024 |
Reflected XSS: Navigating the Web’s Wild West (Cross-Site Scripting) | https://medium.com/@godsxfinger/reflected-xss-navigating-the-webs-wild-west-cross-site-scripting-a1e092e58b73?source=rss------bug_bounty-5 | Aadi (godsxfinger) | cybersecurity, cross-site-scripting, xs, bug-bounty, web-app-security | 31-Jul-2024 |
From Fries to Flaws : My Journey into Web App Security (Part I) | https://infosecwriteups.com/from-fries-to-flaws-my-journey-into-web-app-security-part-i-958c67c20771?source=rss------bug_bounty-5 | OiQ | web-application-security, web-vulnerabilities, bug-bounty, bug-bounty-tips, cybersecurity | 31-Jul-2024 |
ICMTC Final CTF 2024 Web Hackig Challenges | https://medium.com/@medohythem2019/icmtc-final-ctf-2024-web-hackig-challenges-5135cccf09ba?source=rss------bug_bounty-5 | 0xdragon | bug-bounty, hacking, pentesting, ctf | 30-Jul-2024 |
LFI WITH PHPINFO TO RCE | https://infosecwriteups.com/lfi-with-phpinfo-to-rce-78318f0dc9ce?source=rss------bug_bounty-5 | c0d3x27 | bug-bounty, hacking-tools, hacking, web-development, cybersecurity | 30-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-59) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-59-a0a4a25d7f97?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, cybersecurity, ethical-hacking, bug-bounty, skills | 30-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-58) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-58-f4102848b19d?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, bug-bounty, ethical-hacking, cybersecurity, skills | 30-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-57) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-57-1c470cccf094?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, ethical-hacking, bug-bounty, skills, hacking | 30-Jul-2024 |
Triple XSS in a Private Bug Bounty Program via a Hidden Parameter | https://infosecwriteups.com/triple-xss-in-a-private-bug-bounty-program-via-a-hidden-parameter-b42d0263f56d?source=rss------bug_bounty-5 | Andrea | hacking, bug-bounty, xss-attack | 30-Jul-2024 |
Interesting Business Logic Error leads to Pre-Account Takeover via Verification bypass on GoogleVRP | https://medium.com/@jerryhackgather/interesting-business-logic-error-leads-to-pre-account-takeover-via-verification-bypass-on-googlevrp-d362f9469e3d?source=rss------bug_bounty-5 | Jerry1319 | cybersecurity, bug-bounty-tips, bug-bounty, bugbounty-writeup | 30-Jul-2024 |
Cross-Site Scripting (XSS) Vulnerabilities: | https://medium.com/@yassentaalab51/cross-site-scripting-xss-vulnerabilities-1397653cef7d?source=rss------bug_bounty-5 | Yassen Taalab | owasp, web-vulnerabilities, bug-bounty, web-security, xss-attack | 30-Jul-2024 |
6 tips for finding security vulnerabilities with GitHub Code Search — Bug Bounty Tuesday | https://medium.com/@kerstan/6-tips-for-finding-security-vulnerabilities-with-github-code-search-bug-bounty-tuesday-d4035bc7e302?source=rss------bug_bounty-5 | kerstan | hacking, bug-bounty, cybersecurity | 30-Jul-2024 |
Stealing First Party Access Token of Facebook Users: Meta Bug Bounty | https://iamsaugat.medium.com/stealing-first-party-access-token-of-facebook-users-meta-bug-bounty-44b3b2e87d07?source=rss------bug_bounty-5 | Saugat Pokharel | meta, cybersecurity, facebook-bug-bounty, bug-bounty, hacking | 30-Jul-2024 |
第一次课程笔记整理 | https://medium.com/@starkxun5215/%E7%AC%AC%E4%B8%80%E6%AC%A1%E8%AF%BE%E7%A8%8B%E7%AC%94%E8%AE%B0%E6%95%B4%E7%90%86-52d34c91f3fc?source=rss------bug_bounty-5 | xun stark | bug-bounty | 30-Jul-2024 |
Race Conditions Uncovered: A Practical Guide | https://yaseenzubair.medium.com/race-conditions-uncovered-a-practical-guide-3cb69d73c946?source=rss------bug_bounty-5 | Yaseen Zubair | web-security, penetration-testing, bug-bounty, bug-bounty-tips, race-condition | 30-Jul-2024 |
Navigating the Dangers of Insecure Deserialization | https://cyberw1ng.medium.com/navigating-the-dangers-of-insecure-deserialization-73254b5ed415?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, cybersecurity, bug-bounty, hacking, careers | 30-Jul-2024 |
How I got my first valid bug on nasa | https://medium.com/@mrkimia097/how-i-got-my-first-valid-bug-on-nasa-bf5e95531f00?source=rss------bug_bounty-5 | Mrkimia | bug-bounty | 30-Jul-2024 |
Top Google Dorks Explained | https://infosecwriteups.com/top-google-dorks-explained-ee6cac1673da?source=rss------bug_bounty-5 | Mike Takahashi (TakSec) | information-security, seo, hacking, cybersecurity, bug-bounty | 30-Jul-2024 |
Exposing OTP Bypass Vulnerabilities: Step-by-Step Bug Bounty Case Study | https://b0mk35h.medium.com/exposing-otp-bypass-vulnerabilities-step-by-step-bug-bounty-case-study-0dc39dc543bd?source=rss------bug_bounty-5 | Pronay Biswas | penetration-testing, hacking, bug-bounty, vulnerability, cybersecurity | 29-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-56) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-56-5d2efa89b759?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, bug-bounty, ethical-hacking, cybersecurity, skills | 29-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-55) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-55-1032e6222b41?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, ethical-hacking, skills, bug-bounty, hacking | 29-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-54) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-54-8e83629a6942?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, hacking, ethical-hacking, skills, bug-bounty | 29-Jul-2024 |
Exploiting Open Redirection $1000 | https://medium.com/@mdnafeed3/how-about-exploiting-open-redirection-how-base64-encoding-can-uncover-hidden-vulnerabilities-cb5beb11b763?source=rss------bug_bounty-5 | H4cker-Nafeed | cybersecurity, web3, infosec, hacking, bug-bounty | 29-Jul-2024 |
Insecure Deserialization Vulnerabilities: A Deep Dive into Risks and Mitigations | https://cyberw1ng.medium.com/insecure-deserialization-vulnerabilities-a-deep-dive-into-risks-and-mitigations-5c37f297c763?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, careers, bug-bounty, penetration-testing, hacking | 29-Jul-2024 |
Discovering and Exploiting an XSS Vulnerability in a Large Finance Website | https://medium.com/@anonymousshetty2003/discovering-and-exploiting-an-xss-vulnerability-in-a-large-finance-website-f125dbd6d984?source=rss------bug_bounty-5 | Anonymousshetty | xss-vulnerability, cybersecurity, ethical-hacking, hacking, bug-bounty | 29-Jul-2024 |
Advanced scan with Bash | https://mosec0.medium.com/advanced-scan-with-bash-52005537a63c?source=rss------bug_bounty-5 | Mohamed Ali | pentester, bug-bounty, new-security-tool | 29-Jul-2024 |
Uncovering Sensitive File Information: A Case Study in Web Security | https://medium.com/@anonymousshetty2003/uncovering-sensitive-file-information-a-case-study-in-web-security-f5d03f2c5cd4?source=rss------bug_bounty-5 | Anonymousshetty | sensitive-data, cybersecurity, ethical-hacking, bug-bounty, dorking | 29-Jul-2024 |
Kioptrix Level 2 Walkthrough | https://erdemstar.medium.com/kioptrix-level-2-walkthrough-439c56f87c?source=rss------bug_bounty-5 | Erdemstar | vulnerability, oscp-preparation, bug-bounty-tips, bug-bounty, oscp | 29-Jul-2024 |
JS Link Finder Burp Suite Extension Guide | https://infosecwriteups.com/js-link-finder-burp-suite-extension-guide-e4809a6da268?source=rss------bug_bounty-5 | Mike Takahashi (TakSec) | information-security, cybersecurity, hacking, bug-bounty, appsec | 29-Jul-2024 |
New Plans | https://medium.com/@nnface/new-plans-0b11cfa5495d?source=rss------bug_bounty-5 | NnFace | bugs, bug-bounty, bug-bounty-writeup, hacker, hacking | 29-Jul-2024 |
Chain Reaction On Big Player | https://medium.com/@nnface/chain-reaction-on-big-player-4e331faf57b9?source=rss------bug_bounty-5 | NnFace | bug-bounty, bug-bounty-tips, bugs, bugs-bunny, hacking | 29-Jul-2024 |
JavaScript: Hunting And Analyzing for Bug Bounty.. | https://hacktivistattacker.medium.com/javascript-hunting-and-analyzing-for-bug-bounty-a15416de32cd?source=rss------bug_bounty-5 | Hacktivist-Attacker | bug-bounty, ethical-hacking, code-analysis, education, javascript | 28-Jul-2024 |
Hunting for Vulnerabilities that are ignored by most of the Bug Bounty Hunters — Part 2 | https://medium.com/@kshunya/hunting-for-vulnerabilities-that-are-ignored-by-most-of-the-bug-bounty-hunters-part-2-d2a51edaa8e8?source=rss------bug_bounty-5 | Vishal Barot | pentesting, infosec, bug-bounty, penetration-testing, vapt | 28-Jul-2024 |
Hacking OWASP Juice Shop: Part 2 — Exposing Critical Vulnerabilities in the Payment Flow | https://callgh0st.medium.com/hacking-owasp-juice-shop-part-2-exposing-critical-vulnerabilities-in-the-payment-flow-45630ed1633e?source=rss------bug_bounty-5 | callgh0st | vulnerability, hacking, bug-bounty, payments, logic | 28-Jul-2024 |
Unveiling Hidden Git Repositories: A Deep Dive into the Git Source Code Disclosure Scanner | https://maordayanofficial.medium.com/unveiling-hidden-git-repositories-a-deep-dive-into-the-git-source-code-disclosure-scanner-f704470de59a?source=rss------bug_bounty-5 | Maor Dayan | threat-hunting, vulnerability, white-hat-hacker, bug-bounty | 28-Jul-2024 |
How I bypass Safegurads of meta AI (Llama) | https://medium.com/@jeetpal2007/how-i-bypass-safegurads-of-meta-ai-llama-d735b521da2b?source=rss------bug_bounty-5 | JEETPAL | llamas, bug-bounty, llm, bugbounty-tips, bugbounty-writeup | 28-Jul-2024 |
How to Fight Procrastination as a Bug Hunter | https://medium.com/@Progsky/how-to-fight-procrastination-as-a-bug-hunter-48d0d280e572?source=rss------bug_bounty-5 | Progsky | bug-bounty, hacking, pentesting, penetration-testing, procrastination | 28-Jul-2024 |
Exploiting Insecure Deserialization Vulnerabilities | https://cyberw1ng.medium.com/exploiting-insecure-deserialization-vulnerabilities-cb9c586cd146?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, careers, penetration-testing, hacking | 28-Jul-2024 |
Subdomain Takeover | https://medium.com/@mukkagopi50/subdomain-takeover-1de38466fdcc?source=rss------bug_bounty-5 | Gopi Mukka | bug-bounty | 28-Jul-2024 |
Bypass Plan Restriction & Get 350$ Bounty | https://infosecwriteups.com/bypass-plan-restriction-get-350-bounty-2df24f406462?source=rss------bug_bounty-5 | Abhi Sharma | privilege-escalation, bug-bounty, programming, cybersecurity, access-control | 28-Jul-2024 |
Here are some common parameters to test for XSS (Cross-Site Scripting) vulnerabilities: | https://medium.com/@BugHunterMan/here-are-some-common-parameters-to-test-for-xss-cross-site-scripting-vulnerabilities-fbe25f1968cc?source=rss------bug_bounty-5 | BugHUnterMan | bug-bounty, vulnerability | 28-Jul-2024 |
Hacking OWASP Juice Shop: Part 2 — Exposing Critical Vulnerabilities in the Payment Flow | https://infosecwriteups.com/hacking-owasp-juice-shop-part-2-exposing-critical-vulnerabilities-in-the-payment-flow-45630ed1633e?source=rss------bug_bounty-5 | callgh0st | vulnerability, hacking, bug-bounty, payments, logic | 28-Jul-2024 |
0-Click ATO Due to Weak Reset Password Tokens and Lack of Rate Limiting | https://h0tak88r.medium.com/0-click-ato-due-to-weak-reset-password-tokens-and-lack-of-rate-limiting-b7fe20487a45?source=rss------bug_bounty-5 | sallam | cybersecurity, ato, bug-bounty, account-takeover, bug-bounty-tips | 28-Jul-2024 |
how did i find leakage of information just by fuzzing? | https://medium.com/@onader104/how-did-i-find-leakage-of-information-just-by-fuzzing-888d6ce6d8f7?source=rss------bug_bounty-5 | Omar Nader | infosec, bug-bounty, cybersecurity, bug-bounty-tips, info-sec-writeups | 28-Jul-2024 |
The Looming Threat: How an IDOR Vulnerability Could Have Exposed Millions of Merchants Details. | https://medium.com/@cy3erbeast/the-looming-threat-how-an-idor-vulnerability-could-have-exposed-millions-of-merchants-details-f488725489a0?source=rss------bug_bounty-5 | Rahul | bug-bounty-writeup, bug-bounty, idor-vulnerability, bug-bounty-tips, data-breach | 28-Jul-2024 |
Discovered Sensitive Data Exposure on Wati.com: A Case Study Using Sublist3r and DirBuster | https://medium.com/@anonymousshetty2003/discovered-sensitive-data-exposure-on-wati-com-a-case-study-using-sublist3r-and-dirbuster-409a03f8f75d?source=rss------bug_bounty-5 | Anonymousshetty | bug-bounty, hacking, cybersecurity, ethical-hacking | 27-Jul-2024 |
Open Redirect Vulnerability in Microsoft Create Portal | https://zeynalxan.medium.com/open-redirect-vulnerability-in-microsoft-create-portal-6654eb3e6b7a?source=rss------bug_bounty-5 | Zeynalxan Quliyev | bug-bounty, microsoft-hack, open-redirect, bug-bounty-writeup, microsoft-open-redirect | 27-Jul-2024 |
How I found a Privilege Escalation bug in bug bounty. | https://medium.com/@gitlime71/how-i-found-a-privilege-escalation-bug-in-bug-bounty-eff018f19020?source=rss------bug_bounty-5 | Raccoon | hacking, bug-bounty, penetration-testing, pentesting, bug-bounty-tips | 27-Jul-2024 |
Jailbreak of Meta AI (Llama -3.1) revealing configuration details | https://medium.com/@kiranmaraju/jailbreak-of-meta-ai-llama-3-1-revealing-configuration-details-9f0759f5006a?source=rss------bug_bounty-5 | Kiran Maraju | llm, nlp, cybersecurity, bug-bounty, chatbots | 27-Jul-2024 |
Subdomain Takeover | https://medium.com/@ibnibrahim/subdomain-takeover-34bd662b5a7a?source=rss------bug_bounty-5 | TestUser | cybersecurity, hacking, ethical-hacking, bug-bounty, information-security | 27-Jul-2024 |
Exploiting insecure deserialization vulnerabilities | https://cyberw1ng.medium.com/exploiting-insecure-deserialization-vulnerabilities-3595e4c24e2d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, penetration-testing, cybersecurity, careers | 27-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-48) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-48-241d35293a81?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, cybersecurity, hacking, skills, bug-bounty | 26-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-47) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-47-8d21d898cc97?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, skills, cybersecurity, ethical-hacking, hacking | 26-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-46) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-46-e851213880f4?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | skills, bug-bounty, ethical-hacking, hacking, cybersecurity | 26-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-45) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-45-7a90d1667a7a?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, skills, ethical-hacking, bug-bounty, hacking | 26-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-44) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-44-e4649fab9a0c?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, ethical-hacking | 26-Jul-2024 |
30-day Time Limit: Swagshop Credit-Giving Activity | https://medium.com/@security.tecno/30-day-time-limit-swagshop-credit-giving-activity-61454ef3757b?source=rss------bug_bounty-5 | TECNO Security | bug-bounty, security, bonus, hacker | 26-Jul-2024 |
SIMPLE IDEA IN 2FA BYPASS LEADS TO $$$$ & CRITICAL IMPACT ! | https://medium.com/@alderson.philip/simple-idea-in-2fa-bypass-leads-to-critical-impact-a98e7c6a4190?source=rss------bug_bounty-5 | Philip Alderson | hacker, bugs, bug-bounty, 2fa-bypass | 26-Jul-2024 |
Inside the Bug Bounty World: Challenges, Rewards, and Tips for Success | https://medium.com/codex/inside-the-bug-bounty-world-challenges-rewards-and-tips-for-success-74ea37cbfd9c?source=rss------bug_bounty-5 | Security Lit Limited | bug-bounty, vulnerability, bug-bounty-tips, cybersecurity, penetration-testing | 26-Jul-2024 |
Quick Guide: API Penetration Testing | https://medium.com/@miladkeivanfar/quick-guide-api-penetration-testing-496c2e356a2e?source=rss------bug_bounty-5 | Milad keivanfar | pentesting, api-penetration-testing, bug-bounty, bug-bounty-tips, api-security | 26-Jul-2024 |
Solving an extremely difficult cryptography CTF pack: Level 1 | https://medium.com/@f3tch/day-1-of-solving-an-extremely-difficulty-level-cryptography-ctf-pack-level-1-b8b3d89a531c?source=rss------bug_bounty-5 | f3tch | hacking, ctf-writeup, ctf, bug-bounty, cryptography | 26-Jul-2024 |
ElasticSearch Smash & Grab | https://hogarth45.medium.com/elasticsearch-smash-grab-99cf36cdefbb?source=rss------bug_bounty-5 | Jess | elasticsearch, hacking, bug-bounty | 26-Jul-2024 |
Pentesting vs. Bug Bounty: Understanding the Differences and Choosing the Right Approach | https://ip-specialist.medium.com/pentesting-vs-bug-bounty-understanding-the-differences-and-choosing-the-right-approach-0af4e0569193?source=rss------bug_bounty-5 | IPSpecialist | difference, pentester, pentesting, bug-bounty, security | 26-Jul-2024 |
18.7 Lab: Clobbering DOM attributes to bypass HTML filters | https://cyberw1ng.medium.com/18-7-lab-clobbering-dom-attributes-to-bypass-html-filters-d1af9a33ae41?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, penetration-testing, careers, hacking | 26-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-49) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-49-2ef3a8eb3b4b?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, bug-bounty, cybersecurity, ethical-hacking, skills | 26-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-53) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-53-bea2f5cf6a14?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | skills, cybersecurity, hacking, ethical-hacking, bug-bounty | 26-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-52) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-52-26b5cc12f0c2?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, bug-bounty | 26-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-51) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-51-379ea39fb723?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, skills, cybersecurity, ethical-hacking, hacking | 26-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-50) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-50-4a59a3c4f97b?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, cybersecurity, skills, ethical-hacking, hacking | 26-Jul-2024 |
IDOR : Payment Fraud on GYM Membership website | https://uzet.medium.com/idor-payment-fraud-on-gym-membership-website-d4e67f07db57?source=rss------bug_bounty-5 | Timotius Benhur | bug-bounty, pentesting, bug-bounty-writeup, bug-bounty-tips, cybersecurity | 25-Jul-2024 |
SQL Injection in 5 mins //Just because of CURIOSITY // | https://larebsec.medium.com/sql-injection-in-5-mins-just-because-of-curiosity-56e186f6296d?source=rss------bug_bounty-5 | Lareb | sql-injection, hacking, cybersecurity, security, bug-bounty | 25-Jul-2024 |
Useful JavaScript functions & API’s to exploit XSS (Cross-Site Scripting) | https://medium.com/@godsxfinger/useful-javascript-functions-apis-to-exploit-xss-cross-site-scripting-5d99a93d9899?source=rss------bug_bounty-5 | Aadi (godsxfinger) | cross-site-scripting, xs, bug-bounty, cybersecurity | 25-Jul-2024 |
Bypassing OTP Verification in a Signup Page | https://medium.com/@rat010/bypassing-otp-verification-in-a-signup-page-13976f724017?source=rss------bug_bounty-5 | Kanhaiya Kumar Singh | bug-bounty, web-application-security, web-app-testing, bug-hunting, bug-bounty-tips | 25-Jul-2024 |
18.6 Lab: Exploiting DOM clobbering to enable XSS | https://cyberw1ng.medium.com/18-6-lab-exploiting-dom-clobbering-to-enable-xss-640dd7c5fcf8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, cybersecurity, hacking, penetration-testing | 25-Jul-2024 |
The Importance of Cybersecurity in Today’s Digital Age | https://medium.com/@erkankavas/the-importance-of-cybersecurity-in-todays-digital-age-8d5a61d47416?source=rss------bug_bounty-5 | Erkan Kavas | cybersecurity, bug-bounty, threat-intelligence | 25-Jul-2024 |
Automatiser la découverte des XSS | https://medium.com/@hazeprojecte/automatiser-la-d%C3%A9couverte-des-xss-9810f89172a4?source=rss------bug_bounty-5 | Itachix0f | xss-attack, automatisation, bug-bounty-tips, bug-bounty | 25-Jul-2024 |
Automatiser la découverte des XSS | https://medium.com/@Itachi0xf/automatiser-la-d%C3%A9couverte-des-xss-9810f89172a4?source=rss------bug_bounty-5 | Itachix0f | xss-attack, automatisation, bug-bounty-tips, bug-bounty | 25-Jul-2024 |
The Basic SQLmap Tutorial and SQLInjection | PortswiggerLab with SQLMap | https://medium.com/@barsavak/the-basic-sqlmap-tutorial-and-sqlinjection-portswiggerlab-with-sqlmap-1bb0cdf086fb?source=rss------bug_bounty-5 | bariss30 | bug-bounty, test, sql-injection, web-vulnerabilities, tools | 24-Jul-2024 |
Bug Bounty basic for beginners & Types of bug bounty programs | https://systemweakness.com/bug-bounty-basic-for-beginners-types-of-bug-bounty-programs-e4a8dab68fcd?source=rss------bug_bounty-5 | Harsh Hatej | bug-bounty, bug-bounty-program, kali-linux, bug-bounty-tips, bounty-program | 24-Jul-2024 |
14.30 Lab: Reflected XSS protected by CSP, with CSP bypass | https://cyberw1ng.medium.com/14-30-lab-reflected-xss-protected-by-csp-with-csp-bypass-779c76173f7a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, cybersecurity, careers, hacking | 24-Jul-2024 |
Android PenTesting Tools | https://medium.com/@evilprince007/android-pentesting-tools-efd0685ffeb7?source=rss------bug_bounty-5 | Prathamesh Khatavkar | android, bug-bounty, hacking, cybersecurity, mobile | 24-Jul-2024 |
Hacking Moodle Apps Via External Functions | https://medium.com/@dub-flow/hacking-moodle-apps-via-external-functions-1fc88a6d697c?source=rss------bug_bounty-5 | Florian Walter | penetration-testing, moodle, ethical-hacking, cybersecurity, bug-bounty | 24-Jul-2024 |
Accelerating Cybersecurity Learning with Speed Reading and Memory Training | https://medium.com/@enigma_/accelerating-cybersecurity-learning-with-speed-reading-and-memory-training-97305b666660?source=rss------bug_bounty-5 | enigma | bug-bounty, memory-improvement, ethical-hacking, speed-reading, cybersecurity | 24-Jul-2024 |
How Almost Sacrificing a University Group Project led to a Microsoft Bug Bounty | https://medium.com/@pyrus369/how-almost-sacrificing-a-university-group-project-led-to-a-microsoft-bug-bounty-9801e0f8f006?source=rss------bug_bounty-5 | Pyrus | microsoft, cybersecurity, web-security, bug-bounty, infosec | 23-Jul-2024 |
How Almost Sacrificing a University Group Project led to a Microsoft Bug Bounty | https://medium.com/@ericdesquivel3/how-almost-sacrificing-a-university-group-project-led-to-a-microsoft-bug-bounty-7e1b4eaabe22?source=rss------bug_bounty-5 | Eric Esquivel | bug-bounty, web-app-security | 23-Jul-2024 |
Unmasking Keystroke Secrets: How Hackers Exploit Your Keyboard — A Deep Dive into… | https://systemweakness.com/unmasking-keystroke-secrets-how-hackers-exploit-your-keyboard-a-deep-dive-into-5bdb1bbabb25?source=rss------bug_bounty-5 | Khaleel Khan | infosec, bug-bounty, python, hacking, cybersecurity | 23-Jul-2024 |
Preparing Your VPS for Bug Bounty Operations: A Complete Guide | https://medium.com/@adityasingh4180/preparing-your-vps-for-bug-bounty-operations-a-complete-guide-f55c30331df0?source=rss------bug_bounty-5 | Security Empire | cybersecurity, vps, bugcrowd, automation-testing, bug-bounty | 23-Jul-2024 |
5 Tips For Writing Bug Bounty Reports — Bug Bounty Tuesday | https://medium.com/@kerstan/5-tips-for-writing-bug-bounty-reports-bug-bounty-tuesday-0c5ed937a657?source=rss------bug_bounty-5 | kerstan | hacking, bug-bounty, cybersecurity | 23-Jul-2024 |
Complex Attack Types: Sample Scenarios 48 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-48-410ddcb3010e?source=rss------bug_bounty-5 | Baris Dincer | freedomofinternet, bug-bounty, cyberattack, cybersecurity, penetration-testing | 23-Jul-2024 |
Top 10 XSS Payloads | https://rodoassis.medium.com/top-10-xss-payloads-e4774a43e285?source=rss------bug_bounty-5 | Rodolfo Assis (Brute) | xss-vulnerability, xss-attack, web-security, bug-bounty, web-hacking | 23-Jul-2024 |
How i created my first XSS tool:-XSS-Pro #BugBounty | https://medium.com/@mithun_/how-i-created-my-first-xss-tool-xss-pro-bugbounty-982a16079baf?source=rss------bug_bounty-5 | Mithun | xss-vulnerability, xss-attack, pentesting, bug-bounty, automation | 23-Jul-2024 |
I made a big mistake… | https://medium.com/@deadoverflow/i-made-a-big-mistake-a3e2dac4138c?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty, cybsersecurity, bug-bounty-tips, hacking, programming | 23-Jul-2024 |
How to start Bug Hunting | https://medium.com/@hackerhyaato/how-to-start-bug-hunting-73ce283db5ac?source=rss------bug_bounty-5 | Hackerhyaato | how-to-start-bug-hunting, bug-bounty, bug-hunting, bugbounty-tips, how-to-start-bug-bounty | 23-Jul-2024 |
What is CSP (content security policy)? | https://cyberw1ng.medium.com/what-is-csp-content-security-policy-cb3580832442?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, penetration-testing, bug-bounty, hacking | 23-Jul-2024 |
How to Install websocat on linux (Debian / Ubuntu) | https://medium.com/@brianokinyi/how-to-install-websocat-on-linux-debian-ubuntu-85893655355e?source=rss------bug_bounty-5 | Brian Okinyi | websocket, bug-bounty, linux, pentesting | 22-Jul-2024 |
Case Studies: High-Profile Vulnerabilities Discovered Through Bug Bounty Programs | https://medium.com/@paritoshblogs/case-studies-high-profile-vulnerabilities-discovered-through-bug-bounty-programs-2a063561f733?source=rss------bug_bounty-5 | Paritosh | information-technology, hacking, bug-bounty, cybersecurity, information-security | 22-Jul-2024 |
OverTheWire — Bandit27 | https://medium.com/@evilprince007/overthewire-bandit27-465df4274d80?source=rss------bug_bounty-5 | Prathamesh Khatavkar | hacking, cybersecurity, bug-bounty | 22-Jul-2024 |
TapSwap Clone Script Your Gateway to a Lucrative Tap-to-Earn Game !!! | https://medium.com/@peterkester96/tapswap-clone-script-your-gateway-to-a-lucrative-tap-to-earn-game-68a589821305?source=rss------bug_bounty-5 | Peterkester | players, bug-bounty, telegram, profit, reflections | 22-Jul-2024 |
Burp Suite Made Easy: A Step-By-Step Tutorial (Part 1 of 2) | https://medium.com/@trixiahorner/burp-suite-made-easy-a-step-by-step-tutorial-part-1-of-2-451695ce84b1?source=rss------bug_bounty-5 | Trixia Horner | tryhackme, ethical-hacking, cybersecurity, penetration-testing, bug-bounty | 22-Jul-2024 |
14.28 Lab: Reflected XSS in a JavaScript URL with some characters blocked | https://cyberw1ng.medium.com/14-28-lab-reflected-xss-in-a-javascript-url-with-some-characters-blocked-db67819d5aa6?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, careers, cybersecurity, penetration-testing | 22-Jul-2024 |
What is IDOR (along with IDOR Attack Method) | https://medium.com/@errorfiathck/what-is-idor-along-with-idor-attack-method-e183b28e8546?source=rss------bug_bounty-5 | Errorfiathck | vulnerability, hacking, bug-bounty, idor, idor-vulnerability | 22-Jul-2024 |
The First Bug bounty forum ! | https://elb4rt0.medium.com/the-first-bug-bounty-forum-ba0399fb70c0?source=rss------bug_bounty-5 | Elb4rt0 | bug-bounty-hunter, bug-bounty-tips, bugs, bug-bounty, bug-bounty-writeup | 22-Jul-2024 |
First €200 bug that started my Bug Bounty Career | https://medium.com/@sugamdangal52/first-200-bug-that-started-my-bug-bounty-career-c11a871e116f?source=rss------bug_bounty-5 | Sugam Dangal | bug-bounty-hunter, bug-bounty, bug-bounty-tips, bugs, bug-bounty-writeup | 22-Jul-2024 |
My Encounter with an Admin Panel in a Gas Agency Website | https://medium.com/@parthh_rana/my-encounter-with-an-admin-panel-in-a-gas-agency-website-72ded4fa4345?source=rss------bug_bounty-5 | Parth Rana | laravel, admin-panel, cybersecurity, bug-bounty, directory-listing | 22-Jul-2024 |
HACKERONE IS A SCAM | https://medium.com/@proseizala/hackerone-is-a-scam-1623a5030284?source=rss------bug_bounty-5 | Proseizala | cybersecurity, hackerone, hacker, bug-bounty | 22-Jul-2024 |
Complex Attack Types: Sample Scenarios 47 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-47-c0314c0e0b02?source=rss------bug_bounty-5 | Baris Dincer | penetration-testing, freedomofinternet, bug-bounty, cyberattack, cybersecurity | 22-Jul-2024 |
Discovering Account Takeover Vulnerability Through Source Map Analysis | https://medium.com/@eduardinholuiz691/discovering-account-takeover-vulnerability-through-source-map-analysis-0cd4038cbc04?source=rss------bug_bounty-5 | Daniel Silva | vulnerability, bug-bounty, bug-bounty-writeup, reconnaissance | 22-Jul-2024 |
Discovering Account Takeover Vulnerability Through Source Map Analysis | https://medium.com/@danielsilva691/discovering-account-takeover-vulnerability-through-source-map-analysis-0cd4038cbc04?source=rss------bug_bounty-5 | Daniel Silva | vulnerability, bug-bounty, bug-bounty-writeup, reconnaissance | 22-Jul-2024 |
CVE-2024–40725 and CVE-2024–40898: Critical Vulnerabilities in Apache HTTP Server | https://infosecwriteups.com/cve-2024-40725-and-cve-2024-40898-critical-vulnerabilities-in-apache-http-server-d292084255dc?source=rss------bug_bounty-5 | ElNiak | apache, cybersecurity, https, bug-bounty, vulnerability | 21-Jul-2024 |
TryHackMe — NahamStore — Walkthrough | https://medium.com/@nayanjyoti16/tryhackme-nahamstore-walkthrough-d4ecfe586c96?source=rss------bug_bounty-5 | Nayanjyoti Kumar | tryhackme, hacking, web, nahamstore, bug-bounty | 21-Jul-2024 |
How I bypassed payment in one of the popular mobile apk and got free subsciption | https://medium.com/@deepk007/how-i-bypassed-payment-in-one-of-the-popular-mobile-apk-and-got-free-subsciption-46e94f61c089?source=rss------bug_bounty-5 | DEep | bug-bounty, bug-bounty-tips, ethical-hacking, red-team, cybersecurity | 21-Jul-2024 |
Community Building in Bug Bounties: The Power of Networking and Collaboration | https://sarthakbhingare15.medium.com/community-building-in-bug-bounties-the-power-of-networking-and-collaboration-6adcdea4435b?source=rss------bug_bounty-5 | Sarthak Bhingare | community, improve, bug-bounty-tips, bug-bounty, tips | 21-Jul-2024 |
14.27 Lab: Reflected XSS with event handlers and href attributes blocked | https://cyberw1ng.medium.com/14-27-lab-reflected-xss-with-event-handlers-and-href-attributes-blocked-d2f9871fc8a8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, penetration-testing, careers, bug-bounty | 21-Jul-2024 |
How To Setup Private Interactsh Server | https://medium.com/@learntheshell/how-to-setup-private-interactsh-server-016c344a10b3?source=rss------bug_bounty-5 | LearnTheShell | bug-bounty, bug-bounty-tips, cybersecurity, linux | 21-Jul-2024 |
Advanced XXE Injection | https://medium.com/illumination/advanced-xxe-injection-fb269f281a40?source=rss------bug_bounty-5 | Quintius Walker | poetry, poetry-writing, poetry-on-medium, illumination, bug-bounty | 21-Jul-2024 |
BSOD error due to crowdstrike. | https://gaya3-r.medium.com/bsod-error-due-to-crowdstrike-d675c348d09e?source=rss------bug_bounty-5 | gayatri r | bug-bounty, crowdstrike, crowdstrike-outage, bsod-error, information-security | 21-Jul-2024 |
Email verification bypass due to race condition. | https://medium.com/@mohamed.yasser442200/email-verification-bypass-due-to-race-condition-8e4492313208?source=rss------bug_bounty-5 | Spider4 | race-condition, red-team, bug-bounty, security, pentesting | 21-Jul-2024 |
Community Building in Bug Bounties: The Power of Networking and Collaboration | https://sarthakbhingare15.medium.com/community-building-in-bug-bounties-the-power-of-networking-and-collaboration-6adcdea4435b?source=rss------bug_bounty-5 | Sarthak Raju Bhingare | community, improve, bug-bounty-tips, bug-bounty, tips | 21-Jul-2024 |
Uncovering a Critical Vulnerability: Unauthorized Access to Sensitive Data | https://medium.com/@anonymousshetty2003/uncovering-a-critical-vulnerability-unauthorized-access-to-sensitive-data-024182daa127?source=rss------bug_bounty-5 | Anonymousshetty | penetration-testing, bug-bounty, dorking, cybersecurity, ethical-hacking | 20-Jul-2024 |
Discovering a High-Severity Bug in a Major Mobile Distribution Company | https://medium.com/@anonymousshetty2003/discovering-a-high-severity-bug-in-a-major-mobile-distribution-company-3fdb2a0f1987?source=rss------bug_bounty-5 | Anonymousshetty | cybersecurity, ethical-hacking, bug-bounty | 20-Jul-2024 |
How I was able to escalate my privileges and Bypass 403 Forbidden | https://medium.com/@momen_besher/how-i-was-able-to-escalate-my-privileges-and-bypass-403-forbidden-17b8aea4cba6?source=rss------bug_bounty-5 | steve55555 | cybersecurity, bug-bounty, bug-bounty-tips | 20-Jul-2024 |
Kali Linux: Starting Out with Bug Bounty Hunting | https://medium.com/@nimrashahidktk3/kali-linux-starting-out-with-bug-bounty-hunting-d7a0150645bd?source=rss------bug_bounty-5 | Nimra Shahid | penetration-testing, cybersecurity, kali-linux, bug-bounty | 20-Jul-2024 |
14.26 Lab: Reflected XSS with AngularJS sandbox escape and CSP | https://cyberw1ng.medium.com/14-26-lab-reflected-xss-with-angularjs-sandbox-escape-and-csp-b98791b2a5a6?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, careers, penetration-testing, bug-bounty, hacking | 20-Jul-2024 |
Complex Attack Types: Sample Scenarios 46 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-46-a6707ef9e910?source=rss------bug_bounty-5 | Baris Dincer | penetration-testing, cyberattack, bug-bounty, freedomofinternet, cybersecurity | 20-Jul-2024 |
The Type of Bug That We Can’t See | https://medium.com/illumination/the-type-of-bug-that-we-cant-see-82ff07cdcd71?source=rss------bug_bounty-5 | Quintius Walker | creative-writing, poetry-on-medium, poetry, bug-bounty, illumination | 20-Jul-2024 |
This is how i escalated self XSS with CSRF | https://medium.com/@pvnk24/this-is-how-i-escalated-self-xss-with-csrf-80113ab3080e?source=rss------bug_bounty-5 | Pavan K | cybersecurity, bug-bounty, penetration-testing, security, pentesting | 20-Jul-2024 |
Basic Pentesting 1 Walkthrough | https://erdemstar.medium.com/basic-pentesting-1-walkthrough-4e447a2ac35d?source=rss------bug_bounty-5 | Erdemstar | oscp-preparation, oscp, bug-bounty, application-security, penetration-testing | 20-Jul-2024 |
Discovering an XML File Upload Vulnerability Lead to SSRF: My Bug Hunting Journey | https://javroot.medium.com/discovering-an-xml-file-upload-vulnerability-lead-to-ssrf-my-bug-hunting-journey-8e1bac89f60f?source=rss------bug_bounty-5 | Javroot | xml, bug-bounty, vulnerability, cybersecurity, bug-bounty-tips | 20-Jul-2024 |
The Type of Bug That We Can’t See | https://medium.com/@The_StarHack3r/the-type-of-bug-that-we-cant-see-82ff07cdcd71?source=rss------bug_bounty-5 | Quintius Walker | creative-writing, poetry-on-medium, poetry, bug-bounty, illumination | 20-Jul-2024 |
14.25 Lab: Reflected XSS with AngularJS sandbox escape without strings | https://cyberw1ng.medium.com/14-25-lab-reflected-xss-with-angularjs-sandbox-escape-without-strings-6ffac9f6bdf4?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, hacking, cybersecurity, careers | 19-Jul-2024 |
Subdomain Takeover on hatenablog.com (はてなブログ) | https://medium.com/@daichiharada/subdomain-takeover-hatenablog-2cb3576bf881?source=rss------bug_bounty-5 | Daichi Harada | subdomain-takeover, security, bug-bounty | 19-Jul-2024 |
1000$ IDOR : Unauthorized Project Inclusion in Expense | https://medium.com/@a13h1/1000-idor-unauthorized-project-inclusion-in-expense-b9ce08b28c71?source=rss------bug_bounty-5 | Abhi Sharma | cybersecurity, idor, bug-bounty, broken-access-control, information-security | 19-Jul-2024 |
Information Disclosure that made me $2000 in under 5 minutes | https://medium.com/@sugamdangal52/information-disclosure-that-made-me-2000-in-under-5-minutes-63e1ce00ca07?source=rss------bug_bounty-5 | Sugam Dangal | information-disclosure, bug-bounty-writeup, bug-bounty, bug-bounty-tips | 19-Jul-2024 |
Common Technique To Exploit File Upload Vulnerability | https://medium.com/@p00dl3/common-technique-to-exploit-file-upload-vulnerability-bf84beed7207?source=rss------bug_bounty-5 | p00dl3 | cybersecurity, bug-bounty, file-upload | 19-Jul-2024 |
Complete Cybersecurity Roadmap 2024 (Part-1) | https://osintteam.blog/complete-cybersecurity-roadmap-2024-part-1-c69986288f16?source=rss------bug_bounty-5 | LogicTech | cybersecurity, osint, bug-bounty, hacking, roadmaps | 19-Jul-2024 |
Hello ….. | https://medium.com/@rutujasoundale693/hello-4a42a834d006?source=rss------bug_bounty-5 | Rutujasoundale | cybersecurity, bug-bounty | 19-Jul-2024 |
Complex Attack Types: Sample Scenarios 45 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-45-17057d9de6dd?source=rss------bug_bounty-5 | Baris Dincer | cybersecurity, bug-bounty, penetration-testing, freedomofinternet, cyberattack | 19-Jul-2024 |
Não Experimente a Tela Azul da Microsoft(BUG?) | https://medium.com/@liviaxavier200317/n%C3%A3o-experimente-a-tela-azul-da-microsoft-bug-9f631ea24c8d?source=rss------bug_bounty-5 | Livia Xavier | crowdstrike, cibernéticos, bug-bounty, microsoft, bugs | 19-Jul-2024 |
Specialized Bug Sweeps for Unique Environments | https://medium.com/@siddiquiasad2299/specialized-bug-sweeps-for-unique-environments-43a1ea56930c?source=rss------bug_bounty-5 | Asad Siddiqui | bug-detection, tscm, bug-bounty, bug-sweep | 19-Jul-2024 |
Kursus Cyber Security Di Linuxhackingid | https://medium.com/@linuxhackingid_official/kursus-cyber-security-di-linuxhackingid-dc4e52760661?source=rss------bug_bounty-5 | Linuxhackingid | hacker, bug-bounty, cybersecurity, linuxhackingid, hacking | 18-Jul-2024 |
Top 50+ XSS Bug Bounty Writeups | Cross-Site Scripting(XSS) Attacks Reports | https://medium.com/@proseizala/top-50-xss-bug-bounty-writeups-cross-site-scripting-xss-attacks-reports-700332ed6c87?source=rss------bug_bounty-5 | Proseizala | hacker, hacking, bug-bounty, cybersecurity | 18-Jul-2024 |
Sub Domains Finder Tools | https://medium.com/@proseizala/sub-domains-finder-tools-fefa2b44bb34?source=rss------bug_bounty-5 | Proseizala | bug-bounty, cybersecurity, hacker | 18-Jul-2024 |
13.5 Lab: Exploiting server-side parameter pollution in a REST URL | https://cyberw1ng.medium.com/13-5-lab-exploiting-server-side-parameter-pollution-in-a-rest-url-a1876056a5f6?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, penetration-testing, bug-bounty, hacking, cybersecurity | 18-Jul-2024 |
Critical Logic Flaw Allows Overwrite of Any User Account | https://medium.com/@elcapitano7x/critical-logic-flaw-allows-overwrite-of-any-user-account-015b102e1da7?source=rss------bug_bounty-5 | Elcapitano | bug-bounty, bug-bounty-tips, hackerone, bugbounty-writeup, hacking | 18-Jul-2024 |
How I Found and Bypassed a Spring Boot Actuator Information Disclosure Bug | https://cametom006.medium.com/how-i-found-and-bypassed-a-spring-boot-actuator-information-disclosure-bug-c4930b740a50?source=rss------bug_bounty-5 | Fahad Faisal | bug-bounty | 18-Jul-2024 |
Summary Of The Basics of Web Hacking, PRT 2 | https://medium.com/@zghzwbcn/summary-of-the-basics-of-web-hacking-prt-2-e3d7bdbf902d?source=rss------bug_bounty-5 | Henrietta Awosoberekon | bug-bounty, technology, cybersecurity, web-development, web-vulnerabilities | 18-Jul-2024 |
IDOR at the Get Payment Data Endpoint Leads to Personal Identifiable Information (PII) Disclosure | https://medium.com/@blackarazi/idor-at-the-get-payment-data-endpoint-leads-to-personal-identifiable-information-pii-disclosure-7956c57058af?source=rss------bug_bounty-5 | Azhari Harahap | api-security, broken-access-control, application-security, bug-bounty-writeup, bug-bounty | 17-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-43) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-43-0699b919a514?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, hacking, cybersecurity, skills, bug-bounty | 17-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-42) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-42-4cb955de4cc7?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, bug-bounty, skills, hacking, cybersecurity | 17-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-41) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-41-7b2b5aed416c?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, cybersecurity, skills, bug-bounty, ethical-hacking | 17-Jul-2024 |
Why does you all guys think that you really need Python for hacking | https://systemweakness.com/why-does-you-all-guys-think-that-you-really-need-python-for-hacking-b50b65238401?source=rss------bug_bounty-5 | Imran Niaz | programming-languages, penetration-testing, cybersecurity, data-science, bug-bounty | 17-Jul-2024 |
Temenos Transact Vulnerable to Reflected XSS (CVE-2022–38322) | https://qotoz.medium.com/temenos-transact-vulnerable-to-reflected-xss-cve-2022-38322-7b1e2f681db1?source=rss------bug_bounty-5 | ِAshraf Harb | cve, bug-bounty, penetration-testing, temenos | 17-Jul-2024 |
Bypassing Account Suspension Using Anonymous Posting | Facebook Bug Bounty | https://ph-hitachi.medium.com/bypassing-account-suspension-using-anonymous-posting-facebook-bug-bounty-b204433c98d1?source=rss------bug_bounty-5 | Ph.Hitachi | bug-bounty, facebook-bug-bounty, bypass-restriction | 17-Jul-2024 |
Practical Bug Bounty — TCM Academy | Module 6 | https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-6-9cab8d004034?source=rss------bug_bounty-5 | Mohammad Awab Hassan Nizami | ethical-hacking, bug-bounty, cybersecurity, appsec, fuzzing | 17-Jul-2024 |
Default Credentials Leads to $1200 Bounty Reward (Quest NetVault CVE-2017–17417) | https://medium.com/@tester333/default-credentials-leads-to-1200-bounty-reward-quest-netvault-cve-2017-17417-b34c6e0e7a86?source=rss------bug_bounty-5 | Tester | cybersecurity, bug-bounty-tips, bug-bounty, penetration-testing, ethical-hacking | 17-Jul-2024 |
The WordPress bug very few know about. | https://osintteam.blog/the-wordpress-bug-very-few-know-about-1bf16ee4a2a6?source=rss------bug_bounty-5 | an0nbil | wordpress, programming, vulnerability, web-development, bug-bounty | 17-Jul-2024 |
Exploiting Server-Side Parameter Pollution in a REST URL | https://cyberw1ng.medium.com/exploiting-server-side-parameter-pollution-in-a-rest-url-0d52d4261c86?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, penetration-testing, hacking, cybersecurity, bug-bounty | 17-Jul-2024 |
How Easily I Found My First P2 on Bugcrowd | https://medium.com/@hashimamin/how-easily-i-found-my-first-p2-on-bugcrowd-ed827a79a50c?source=rss------bug_bounty-5 | Hashim Amin | csrf, recon, csrf-bypass, bug-bounty-tips, bug-bounty | 17-Jul-2024 |
OS CTF | https://medium.com/@Shaybaa/os-ctf-27cc9a8ab0cc?source=rss------bug_bounty-5 | Shaybaa | bug-bounty, web-security, idor-vulnerability | 17-Jul-2024 |
Hacker Himself | https://medium.com/@nnface/hacker-himself-01d4978e189c?source=rss------bug_bounty-5 | NnFace | bugbounty-writeup, bug-bounty, hacking, cybersecurity, bug-bounty-tips | 17-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-40) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-40-f1b43fb596ae?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, cybersecurity, skills, ethical-hacking, bug-bounty | 16-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-39) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-39-740c7ada54ea?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | hacking, bug-bounty, cybersecurity, ethical-hacking, skills | 16-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-38) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-38-fa2ceb6f8bbd?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, ethical-hacking, cybersecurity, hacking, skills | 16-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-37) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-37-20111980eaa5?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | skills, ethical-hacking, hacking, bug-bounty, cybersecurity | 16-Jul-2024 |
Exploiting CVE-2024–22274: A Deep Dive into VMware vCenter Server Vulnerabilities and Defense… | https://systemweakness.com/exploiting-cve-2024-22274-a-deep-dive-into-vmware-vcenter-server-vulnerabilities-and-defense-5d79b44ed215?source=rss------bug_bounty-5 | Khaleel Khan | infosec, cybersecurity, ethical-hacking, hacking, bug-bounty | 16-Jul-2024 |
Complex Attack Types: Sample Scenarios 44 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-44-83d2bc9b2d7d?source=rss------bug_bounty-5 | Baris Dincer | freedomofinternet, information-technology, cybersecurity, bug-bounty, cyberattack | 16-Jul-2024 |
How Use 6 Step To Find Ssrf — Bug Bounty Tuesday | https://medium.com/@kerstan/how-use-6-step-to-find-ssrf-bug-bounty-tuesday-acc44d806c08?source=rss------bug_bounty-5 | kerstan | cybersecurity, hacking, bug-bounty | 16-Jul-2024 |
API Recon and Testing for Bug Bounty | https://cyberw1ng.medium.com/api-recon-and-testing-for-bug-bounty-3969d1f90f5c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, bug-bounty, penetration-testing, cybersecurity | 16-Jul-2024 |
Intro to Debugging Java Web Servers Without Source Code For Security Researchers | https://infosecwriteups.com/intro-to-debugging-java-web-servers-without-source-code-for-security-researchers-80ff00de4753?source=rss------bug_bounty-5 | Jayateertha Guruprasad | bug-bounty, pentesting, cybersecurity, java, infosec | 16-Jul-2024 |
Reflected XSS via Base64-encoded on My college website. | https://uzet.medium.com/reflected-xss-via-base64-encoded-on-my-college-website-2df9755b1856?source=rss------bug_bounty-5 | Timotius Benhur | penetration-testing, pentesting, bug-bounty, bug-hunting, bug-bounty-tips | 15-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-36) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-36-a8fd178e9b07?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, cybersecurity, hacking, bug-bounty, skills | 15-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-35) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-35-adbfa228814a?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, cybersecurity, ethical-hacking, skills, hacking | 15-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-34) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-34-73069fab6ff6?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, ethical-hacking, bug-bounty, hacking, skills | 15-Jul-2024 |
My First Bounty: A story of a Blind SQL Injection | https://medium.com/@adebayosec/my-first-bounty-a-story-of-a-blind-sql-injection-69d9ad6716b6?source=rss------bug_bounty-5 | Victorious | sql-injection, penetration-testing, cybersecurity, bug-bounty, burpsuite | 15-Jul-2024 |
CVE-2024–23692: A Critical Vulnerability in Rejetto HTTP File Server | https://infosecwriteups.com/cve-2024-23692-a-critical-vulnerability-in-rejetto-http-file-server-1df322a2e688?source=rss------bug_bounty-5 | ElNiak | bug-bounty, python, cybersecurity, system, ssti | 15-Jul-2024 |
My First Bounty: A story of a Blind SQL Injection | https://medium.com/@adebayosec/my-first-bounty-a-story-of-a-blind-sql-injection-69d9ad6716b6?source=rss------bug_bounty-5 | Torious | sql-injection, penetration-testing, cybersecurity, bug-bounty, burpsuite | 15-Jul-2024 |
Echidna | https://medium.com/@Progsky/echidna-b9e454de096b?source=rss------bug_bounty-5 | Progsky | hacking-tools, pentesting, penetration-testing, bug-bounty, blockchain | 15-Jul-2024 |
Complex Attack Types: Sample Scenarios 43 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-43-39deed779c6c?source=rss------bug_bounty-5 | Baris Dincer | penetration-testing, cyberattack, freedomofinternet, bug-bounty, cybersecurity | 15-Jul-2024 |
Understanding White Hat Hacking: The Guardians of Cybersecurity | https://medium.com/@cosmiczoomies/understanding-white-hat-hacking-the-guardians-of-cybersecurity-87200caf5820?source=rss------bug_bounty-5 | GalaxyGoose | cybersecurity, hacking, white-hat-hacker, bug-bounty, penetration-testing | 15-Jul-2024 |
11.9 Lab: Exploiting XXE to retrieve data by repurposing a local DTD | https://cyberw1ng.medium.com/11-9-lab-exploiting-xxe-to-retrieve-data-by-repurposing-a-local-dtd-30f4098a7789?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, careers, hacking, cybersecurity, bug-bounty | 15-Jul-2024 |
XSS Türleri için Test Case Yazma | https://medium.com/@tugbaglsn/xss-t%C3%BCrleri-i%C3%A7in-test-case-yazma-1832eb0a27f9?source=rss------bug_bounty-5 | Tuğba Gülşen | cybersecurity, xss-attack, xss-vulnerability, bug-bounty | 15-Jul-2024 |
How to Easily Earn a $200 Bounty | https://medium.com/@xiaodongsec/how-to-easily-earn-a-200-bounty-6e27eaaec13f?source=rss------bug_bounty-5 | Mu1berry | bugcrowd, hacker, bug-bounty, money, vulnerability | 14-Jul-2024 |
Review: AppSec Pentesting eXpert (CAPenX) from The SecOps Group | https://medium.com/@p0lyxena/review-appsec-pentesting-expert-capenx-from-the-secops-group-eb5674e4bf8d?source=rss------bug_bounty-5 | Fuleki Ioan | bug-bounty, penetration-testing, certification, cybersecurity, capenx | 14-Jul-2024 |
Detection Engineering: A Comprehensive Overview | https://medium.com/@paritoshblogs/detection-engineering-a-comprehensive-overview-92fc01973ce7?source=rss------bug_bounty-5 | Paritosh | detection-engineering, information-technology, cybersecurity, hacking, bug-bounty | 14-Jul-2024 |
Hunting for Firebase Enums in Android Application | https://medium.com/@tanish.saxena26/hunting-for-firebase-enums-in-android-application-42b79e9b76f8?source=rss------bug_bounty-5 | Tanish Saxena | cloud, bug-bounty, firebase, android, gcp | 14-Jul-2024 |
My First Critical Vulnerability | https://medium.com/@0xchoudhary/my-first-critical-vulnerability-fd83a81f70b3?source=rss------bug_bounty-5 | Sushil Choudhary | bugbounty-writeup, bug-hunting, bug-bounty-tips, hackerone, bug-bounty | 14-Jul-2024 |
How I Can Get P1 Nasa easily — Dorking | https://0xc4thack.medium.com/how-i-can-get-p1-nasa-easily-dorking-c9c4a4cee251?source=rss------bug_bounty-5 | 0xc4t | pentesting, nasa-vdp, pentest-web, bug-bounty, dorking | 14-Jul-2024 |
New York Flankees Room TryHackMe Walkthrough | https://matsecurity.medium.com/new-york-flankees-room-tryhackme-walkthrough-ef6862c781f1?source=rss------bug_bounty-5 | MatSec | ctf-writeup, tryhackme-writeup, bug-bounty, tryhackme, tryhackme-walkthrough | 14-Jul-2024 |
The easiest admin panel bypass | https://medium.com/@paraskhorwal9/the-easiest-admin-panel-bypass-4b6fb4d7d1ea?source=rss------bug_bounty-5 | Paraskhorwal | bug-bounty, penetration-testing, admin-panel | 14-Jul-2024 |
Complex Attack Types: Sample Scenarios 42 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-42-d0a11c84cc73?source=rss------bug_bounty-5 | Baris Dincer | cyberattack, freedomofinternet, bug-bounty, penetration-testing, cybersecurity | 14-Jul-2024 |
New York Flankees TryHackMe Room Walkthrough: Step-by-Step Youtube Guide | https://matsecurity.medium.com/new-york-flankees-room-tryhackme-walkthrough-ef6862c781f1?source=rss------bug_bounty-5 | MatSec | ctf-writeup, tryhackme-writeup, bug-bounty, tryhackme, tryhackme-walkthrough | 14-Jul-2024 |
Automate Subdomain Monitoring | https://medium.com/@Aftab700/automate-subdomain-monitoring-171338c66dd5?source=rss------bug_bounty-5 | Aftab Sama | bug-bounty, monitoring, infosec, automation, hacking | 14-Jul-2024 |
What is XML external entity (XXE) injection | https://cyberw1ng.medium.com/what-is-xml-external-entity-xxe-injection-8914620c2d24?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, cybersecurity, penetration-testing, careers | 14-Jul-2024 |
Escaping the Citrix Sandbox — Understanding Citrix Breakout | https://medium.com/@suprajabaskaran8/escaping-the-citrix-sandbox-understanding-citrix-breakout-80320a3d44af?source=rss------bug_bounty-5 | Suprajabaskaran | bug-bounty-tips, hacking, bug-bounty, pentesting, penetration-testing | 14-Jul-2024 |
Vulnerable WordPress June 2024 (Turkish delight) | https://medium.com/@onhexgroup/vulnerable-wordpress-june-2024-turkish-delight-96cae8ef8161?source=rss------bug_bounty-5 | Onhexgroup | bug-bounty, infosec, web-security, information-security, wordpress | 14-Jul-2024 |
Escaping the Citrix Sandbox — Understanding Citrix Breakout | https://infosecwriteups.com/escaping-the-citrix-sandbox-understanding-citrix-breakout-80320a3d44af?source=rss------bug_bounty-5 | Suprajabaskaran | bug-bounty-tips, hacking, bug-bounty, pentesting, penetration-testing | 14-Jul-2024 |
Airplane TryHackMe Room Walkthrough | MatSec Youtube | https://matsecurity.medium.com/airplane-tryhackme-room-walkthrough-matsec-youtube-7fca40406a20?source=rss------bug_bounty-5 | MatSec | tryhackme-walkthrough, bug-bounty, tryhackme-writeup, tryhackme, ctf-writeup | 13-Jul-2024 |
10.7 Lab: SSRF with whitelist-based input filter | https://cyberw1ng.medium.com/10-7-lab-ssrf-with-whitelist-based-input-filter-36db84b1a13d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, penetration-testing, hacking, cybersecurity, bug-bounty | 13-Jul-2024 |
Securing Crypto Company: Addressing Web 2.0 Vulnerabilities | https://metanetwebhostingsecurity.medium.com/securing-crypto-company-addressing-web-2-0-vulnerabilities-209bd7fc3d85?source=rss------bug_bounty-5 | metanetwebhosting security | cryptocurrency, cybersecurity, bug-bounty-writeup, bug-bounty-tips, bug-bounty | 13-Jul-2024 |
Linux Exploitation: Stack Smashing | https://medium.com/@boogsta/linux-exploitation-stack-smashing-70c1bf6c13d2?source=rss------bug_bounty-5 | Boogsta | hacking, cybersecurity, bug-bounty, cyber, hacker | 13-Jul-2024 |
My First Bug: Gitingore exposure combined with 403 bypass | https://medium.com/@nnface/my-first-bug-gitingore-exposure-combined-with-403-bypass-5db750e211ff?source=rss------bug_bounty-5 | NnFace | bug-bounty, bug-bounty-tips, cybersecurity, hacking, low-hanging-fruit | 13-Jul-2024 |
Here is the story of how i found Stored XSS on a target | https://medium.com/@pvnk24/here-is-the-story-of-how-i-found-stored-xss-on-a-target-7baaeed76765?source=rss------bug_bounty-5 | Pavan K | penetration-testing, bug-bounty, pentesting, hacking, ethical-hacking | 13-Jul-2024 |
Complex Attack Types: Sample Scenarios 41 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-41-48e4f10a07ef?source=rss------bug_bounty-5 | Baris Dincer | penetration-testing, freedomofinternet, information-security, bug-bounty, cybersecurity | 13-Jul-2024 |
Email Update Restricted Bypass | https://medium.com/@mahfujwhh/email-update-restricted-bypass-f6af935da67e?source=rss------bug_bounty-5 | mahfujwhh | cybersecurity, bug-bounty | 13-Jul-2024 |
Credential stuffing in bug bounties | https://bunny0417.medium.com/credential-stuffing-in-bug-bounties-d51b8e321135?source=rss------bug_bounty-5 | Aayush kumar | credential-stuffing, leaked-passwords, bug-bounty, darkweb, bugbounty-writeup | 12-Jul-2024 |
Can bug bounty be a full time career? | https://medium.com/@shwetapapnai783/can-bug-bounty-be-a-full-time-career-5606f1ddd440?source=rss------bug_bounty-5 | Shweta Papnai | security, cybersecurity, technology, money, bug-bounty | 12-Jul-2024 |
The Hidden Pitfalls of Bug Bounties on Indian Government Sites: My First Experience | https://medium.com/@rolextital/the-hidden-pitfalls-of-bug-bounties-on-indian-government-sites-my-first-experience-9204312a8325?source=rss------bug_bounty-5 | Rolextital | hacking, bug-bounty, govt, idor | 12-Jul-2024 |
Firmware Analysis: Hands-on Guide | https://hackerassociate.medium.com/firmware-analysis-hands-on-guide-19913a5166ca?source=rss------bug_bounty-5 | Harshad Shah | bug-bounty, infosec, cybersecurity, hacking, iot | 12-Jul-2024 |
DΞX Points Fest | https://d3xxyz.medium.com/d%CE%BEx-points-fest-e39019566b3f?source=rss------bug_bounty-5 | DΞX | airdrop, bounty-program, bug-bounty | 12-Jul-2024 |
Windows privilege escalation: Abusing npm’s design patterns to escalate your permissions | https://medium.com/@demonia/windows-privilege-escalation-abusing-npms-design-patterns-to-escalate-your-permissions-da0ac6c96d72?source=rss------bug_bounty-5 | Mohammed Dief | cybersecurity, npm, bug-bounty, windows, privilege-escalation | 12-Jul-2024 |
VULNERABILITY RESEARCH | https://medium.com/@workwithsane/vulnerability-research-896c0ba07a57?source=rss------bug_bounty-5 | Sane | bug-bounty, cybersecurity, bug-bounty-tips | 12-Jul-2024 |
My First Bug!!!Stored Cross Site Scripting(XSS) | https://medium.com/@shahariarwalid/my-first-bug-stored-cross-site-scripting-xss-d84051ee4e86?source=rss------bug_bounty-5 | Shahariar Amin | bug-bounty, xss-vulnerability, stored-xss | 12-Jul-2024 |
File Upload se kuch hatke : File Inclusion aur Path Traversal Vulnerabilites | https://medium.com/@yashprajapati791/file-upload-se-kuch-hatke-file-inclusion-aur-path-traversal-vulnerabilites-d10e16be0d7a?source=rss------bug_bounty-5 | Yash Virendra Prajapati | penetration-testing, bug-bounty, file-inclusion, vulnerability, file-upload | 12-Jul-2024 |
How i got Bug -XSS | https://medium.com/@basxth/how-i-got-bug-xss-8eec781ab58b?source=rss------bug_bounty-5 | Mohammed Basith K B | bug-bounty, xss-attack, google-dorking, xss-bypass, cybersecurity | 12-Jul-2024 |
Master Bug Bounty Hunting with Top Recon Tools | https://medium.com/@labcodetech/master-bug-bounty-hunting-with-top-recon-tools-83516a4bcc54?source=rss------bug_bounty-5 | Codetech Lab | vulnerability, recon, bug-bounty, penetration-testing | 12-Jul-2024 |
NewLine Character Cause DoS: Folder & File Deletion Flaw | https://medium.com/@a13h1/newline-character-cause-dos-folder-file-deletion-flaw-8bec3079ed85?source=rss------bug_bounty-5 | Abhi Sharma | cybersecurity, bug-bounty, programming, denial-of-service, infosec | 12-Jul-2024 |
10.6 Lab: Blind SSRF with Shellshock Exploitation | https://cyberw1ng.medium.com/10-6-lab-blind-ssrf-with-shellshock-exploitation-a13e25b27dbc?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, cybersecurity, bug-bounty, penetration-testing | 12-Jul-2024 |
Setting up a private Burp Collaborator Server | https://medium.com/@AstroKrypTech/setting-up-a-private-burp-collaborator-server-71c55ff85815?source=rss------bug_bounty-5 | AstroKrypTech | web-application-security, bug-bounty-tips, bug-bounty | 12-Jul-2024 |
Git Gone Wrong: Application Compromise via Exposed .git Directory | https://medium.com/@cybersekler/git-gone-wrong-application-compromise-via-exposed-git-directory-392806b23435?source=rss------bug_bounty-5 | Cyber Sekler | penetration-testing, hacking, application-security, bug-bounty | 12-Jul-2024 |
RECON IS IMPORTANT !!! In Depth Recon Methodology Bug Bounty Part 01 | https://omarora1603.medium.com/recon-is-important-in-depth-recon-methodology-bug-bounty-part-01-2b69c3b168fe?source=rss------bug_bounty-5 | Om Arora | methodology, infosec, hacking, bug-bounty, bug-bounty-tips | 12-Jul-2024 |
NewLine Character Cause DoS: Folder & File Deletion Flaw | https://infosecwriteups.com/newline-character-cause-dos-folder-file-deletion-flaw-8bec3079ed85?source=rss------bug_bounty-5 | Abhi Sharma | cybersecurity, bug-bounty, programming, denial-of-service, infosec | 12-Jul-2024 |
RECON IS IMPORTANT !!! In Depth Recon Methodology Bug Bounty Part 01 | https://infosecwriteups.com/recon-is-important-in-depth-recon-methodology-bug-bounty-part-01-2b69c3b168fe?source=rss------bug_bounty-5 | Om Arora | methodology, infosec, hacking, bug-bounty, bug-bounty-tips | 12-Jul-2024 |
How I Make Two SQL Injections Exploitable under the Magic Restricts in WordPress | https://medium.com/@zpbrent/how-i-make-two-sql-injections-exploitable-under-the-magic-restricts-in-wordpress-817cd60dc80a?source=rss------bug_bounty-5 | Peng Zhou | wordpress-plugins, wordpress, infosec, bug-bounty, web-security | 12-Jul-2024 |
آسیب پذیری های Jira را برطرف کنید | https://medium.com/@pardis.cloud/%D8%A2%D8%B3%DB%8C%D8%A8-%D9%BE%D8%B0%DB%8C%D8%B1%DB%8C-%D9%87%D8%A7%DB%8C-jira-%D8%B1%D8%A7-%D8%A8%D8%B1%D8%B7%D8%B1%D9%81-%DA%A9%D9%86%DB%8C%D8%AF-b28879e65c2e?source=rss------bug_bounty-5 | PardisCo Professional Tech Team | آسیبپذیری, bug-bounty, سرور, jira | 11-Jul-2024 |
How I Can Still See Your Image on Facebook After You Deleted It | Meta | BugBounty | 2024 | https://prathapilango.medium.com/how-i-can-still-see-your-image-on-facebook-after-you-deleted-it-meta-bugbounty-2024-3fa63022c4fc?source=rss------bug_bounty-5 | Prathapilango | cybersecurity, meta, bug-bounty, bugbounty-writeup | 11-Jul-2024 |
Host Header Injection | https://medium.com/@nareshkumar76191/host-header-injection-bd6ffdafe1c0?source=rss------bug_bounty-5 | Nareshkumar | red-team, hacker, bounty-program, bug-bounty, bug-bounty-tips | 11-Jul-2024 |
Admin panel Bypassed Just by reading “support team quotes” | https://medium.com/@Ajakcybersecurity/admin-panel-bypassed-just-by-reading-support-team-quotes-5462538ea3a4?source=rss------bug_bounty-5 | AjakCybersecurity | bug-bounty, hacking, penetration-testing, ethical-hacking, cybersecurity | 11-Jul-2024 |
Cross-Account Profile Picture Deletion via CSRF Token Bypass paid me 500$. | https://mustafa2.medium.com/cross-account-profile-picture-deletion-via-csrf-token-bypass-paid-me-500-60d5f4529a7b?source=rss------bug_bounty-5 | Hajus | bug-bounty-tips, csrf-bypass, bug-bounty | 11-Jul-2024 |
A Revolutionary Bug Bounty Platform: Zero-Knowledge Proofs in Web3 | https://medium.com/@JohnnyTime/a-revolutionary-bug-bounty-platform-zero-knowledge-proofs-in-web3-5e9aaa536084?source=rss------bug_bounty-5 | Johnny Time | bug-bounty, web3, bug-hunting, rewards, smart-contracts | 11-Jul-2024 |
Building an Ethical Hacking Playground at Home | https://l00pinfinity.medium.com/building-an-ethical-hacking-playground-at-home-98439af54a78?source=rss------bug_bounty-5 | Collins K. Boit | network, hacking, security-analysts, ethical-hacking, bug-bounty | 11-Jul-2024 |
9.6 Lab: Partial construction race conditions | https://cyberw1ng.medium.com/9-6-lab-partial-construction-race-conditions-303bfc70b5f8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, cybersecurity, penetration-testing, bug-bounty, careers | 11-Jul-2024 |
Practical Bug Bounty — TCM Academy | Module 5 | https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-5-508b7fad93f1?source=rss------bug_bounty-5 | Mohammad Awab Hassan Nizami | information-security, appsec, cybersecurity, bug-bounty, penetration-testing | 11-Jul-2024 |
Disclose the email address and phone number of chinese business reseller | https://gtm0x01.medium.com/disclose-the-email-address-and-phone-number-of-chinese-business-reseller-f882978b8733?source=rss------bug_bounty-5 | Gtm Mänôz | bug-bounty-writeup, facebook, hacking, bug-bounty, facebook-bug-bounty | 11-Jul-2024 |
XSS Zafiyetleri Test Case | https://medium.com/@beyzatekinli/xss-t%C3%BCrleri-test-case-18f91987fb63?source=rss------bug_bounty-5 | Beyzanur Tekinli | gallipoli, xss-vulnerability, bug-bounty, xss-attack, xss-challenge | 11-Jul-2024 |
Abusing CORS for an XSS on Flickr | https://medium.com/@proseizala/abusing-cors-for-an-xss-on-flickr-a820e3f28083?source=rss------bug_bounty-5 | Proseizala | bug-bounty, hacker, cybersecurity, bug-bounty-tips | 11-Jul-2024 |
No Way Out: Enforced and Inescapable Organizational Membership | https://0xmatrix.medium.com/no-way-out-enforced-and-inescapable-organizational-membership-a2247caa1790?source=rss------bug_bounty-5 | Mo2men Elmady | hacking, bug-bounty, cybersecurity, penetration-testing | 11-Jul-2024 |
Complex Attack Types: Sample Scenarios 40 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-40-117efeaeaf61?source=rss------bug_bounty-5 | Baris Dincer | cybersecurity, penetration-testing, bug-bounty, information-technology, freedomofinternet | 11-Jul-2024 |
No Way Out: Enforced and Inescapable Organizational Membership | https://0xmatrix.medium.com/no-way-out-enforced-and-inescapable-organizational-membership-125ae7f52d61?source=rss------bug_bounty-5 | Mo2men Elmady | bug-bounty, hacking, penetration-testing, cybersecurity | 11-Jul-2024 |
Reconnaissance Basic | https://medium.com/@ronyhassan091101/reconnaissance-basic-bf292dc3b705?source=rss------bug_bounty-5 | M. Mahmudul Hassan | bug-bounty | 11-Jul-2024 |
Cracking the Code: A Walkthrough of the W1seGuy Room on TryHackMe | https://matsecurity.medium.com/cracking-the-code-a-walkthrough-of-the-w1seguy-room-on-tryhackme-678673298429?source=rss------bug_bounty-5 | MatSec | cybersecurity, bug-bounty, tryhackme-walkthrough, ethical-hacking, cryptography | 11-Jul-2024 |
Bypass CSRF Protection | https://medium.com/@dr4040x00/bypass-csrf-protection-707b81c04149?source=rss------bug_bounty-5 | Ahmed Mohamed | csrf-attack, xss-vulnerability, bug-bounty, csrf, xss-attack | 11-Jul-2024 |
Tryhackme W1seGuy Room Walkthrough | MatSec Youtube | https://matsecurity.medium.com/cracking-the-code-a-walkthrough-of-the-w1seguy-room-on-tryhackme-678673298429?source=rss------bug_bounty-5 | MatSec | cybersecurity, bug-bounty, tryhackme-walkthrough, ethical-hacking, cryptography | 11-Jul-2024 |
Bug Bounty Hunting 101: A Comprehensive Guide for Beginners | https://cyberw1ng.medium.com/bug-bounty-hunting-101-a-comprehensive-guide-for-beginners-41fa78ff0bbd?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, hacking, cybersecurity, careers | 10-Jul-2024 |
Magix Bug Bounty: magix.com (RCE, SQLi) and xara.com (LFI, XSS) | https://medium.com/@proseizala/magix-bug-bounty-magix-com-rce-sqli-and-xara-com-lfi-xss-c4e8492bbf3e?source=rss------bug_bounty-5 | Proseizala | bug-bounty-tips, hackerone, cybersecurity, bug-bounty, hacking | 10-Jul-2024 |
Rate Limit Bypass $150 | https://medium.com/@mr_ayyan/rate-limit-bypass-150-d4fecc05d31b?source=rss------bug_bounty-5 | Mrayyanirfan | rewards, rate-limit, bug-bounty, bugs, hunting | 10-Jul-2024 |
The most important HTTP security headers | https://medium.com/@ronyhassan091101/the-most-important-http-security-headers-be4238f181d7?source=rss------bug_bounty-5 | M. Mahmudul Hassan | bug-bounty | 10-Jul-2024 |
Complex Attack Types: Sample Scenarios 39 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-39-5ed408a9075d?source=rss------bug_bounty-5 | Baris Dincer | bug-bounty, information-security, penetration-testing, cybersecurity, freedomofinternet | 10-Jul-2024 |
Bug Bounty Program for Gluon on Ergo | https://news.stability.nexus/bug-bounty-program-for-gluon-on-ergo-0ca233ce2d9a?source=rss------bug_bounty-5 | Zahnentferner | crypto, cryptocurrency, stable-coin, blockchain, bug-bounty | 10-Jul-2024 |
Host Header Poisoning Vulnerability: A Critical Web Security Flaw | https://zierax.medium.com/host-header-poisoning-vulnerability-a-critical-web-security-flaw-1c2991177e8c?source=rss------bug_bounty-5 | Zierax | penetration-testing, cybersecurity, bug-bounty, hacking, vulnerability | 10-Jul-2024 |
The Ultimate Guide to Finding and Escalating XSS Bugs | https://medium.com/@proseizala/the-ultimate-guide-to-finding-and-escalating-xss-bugs-22894ef03fc4?source=rss------bug_bounty-5 | Proseizala | bug-bounty-tips, hacker, cybersecurity, bug-bounty, hacking | 10-Jul-2024 |
My First Bug Bounty | https://vikasrai11.medium.com/my-first-bug-bounty-975c47b3f5b5?source=rss------bug_bounty-5 | Vikas Rai | ethical-hacking, security, vulnerability, hacking, bug-bounty | 10-Jul-2024 |
Exploiting IDOR Vulnerability in PostgREST | https://aminudin.medium.com/exploiting-idor-vulnerability-in-postgrest-ba0e980032b7?source=rss------bug_bounty-5 | Aminudin | bugs, bug-bounty-tips, writeup, bug-bounty | 10-Jul-2024 |
HackerOne 2FA Bypass Vulnerability Exposed! | https://medium.com/@lucas.verdan/hackerone-2fa-bypass-vulnerability-exposed-f41f61d6e7be?source=rss------bug_bounty-5 | Lucas Verdan | cybersecurity, cyber-attack-prevention, hackerone, bug-bounty-tips, bug-bounty | 09-Jul-2024 |
Detecting and exploiting limit overrun race conditions with Burp Repeater | https://cyberw1ng.medium.com/detecting-and-exploiting-limit-overrun-race-conditions-with-burp-repeater-43c26128642d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, careers, bug-bounty, cybersecurity, hacking | 09-Jul-2024 |
Airbnb — When Bypassing JSON Encoding, XSS Filter, WAF, CSP, and Auditor turns into Eight… | https://medium.com/@proseizala/airbnb-when-bypassing-json-encoding-xss-filter-waf-csp-and-auditor-turns-into-eight-92a004f1cbe8?source=rss------bug_bounty-5 | Proseizala | hacker, bug-bounty-tips, cybersecurity, bug-bounty | 09-Jul-2024 |
XSS TÜRLERİ TEST CASE | https://medium.com/@aarda418/xss-t%C3%BCrleri%CC%87-test-case-a4ab5849100f?source=rss------bug_bounty-5 | Arda Aslan | xss-attack, bug-bounty, xss-vulnerability | 09-Jul-2024 |
Become a Digital Detective: Earn Dollars by Testing Apps and Websites | https://medium.com/@wnaim11/become-a-digital-detective-earn-dollars-by-testing-apps-and-websites-00a45433d3e8?source=rss------bug_bounty-5 | The EmpowHERtech Collective | testing, software-testing, bugs, crowdtesting, bug-bounty | 09-Jul-2024 |
Complex Attack Types: Sample Scenarios 38 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-38-10e2ee4d4316?source=rss------bug_bounty-5 | Baris Dincer | freedomofinternet, threat-intelligence, cybersecurity, penetration-testing, bug-bounty | 09-Jul-2024 |
Nmap Cheat Sheet For Penetration Testing. | https://medium.com/@umarhere4u/nmap-cheat-sheet-for-penetration-testing-70b555b91285?source=rss------bug_bounty-5 | Mohammad Umar Kachi | ethical-hacking, penetration-testing, nmap, hacking, bug-bounty | 09-Jul-2024 |
Account Takeover via Weak Reset Token Entropy | https://medium.com/@majix_de/account-takeover-via-weak-reset-token-entropy-c475268daae6?source=rss------bug_bounty-5 | Majix | programming, penetration-testing, bugbounty-writeup, bug-bounty, python | 09-Jul-2024 |
Subdomain Enumeration | https://medium.com/@ronyhassan091101/subdomain-enumeration-4370bac688e1?source=rss------bug_bounty-5 | M. Mahmudul Hassan | bug-bounty | 09-Jul-2024 |
10 tips and questions to help you find secondary context bugs — Bug Bounty Tuesday | https://medium.com/@kerstan/10-tips-and-questions-to-help-you-find-secondary-context-bugs-bug-bounty-tuesday-b8b3f9173522?source=rss------bug_bounty-5 | kerstan | hacking, bug-bounty, cybersecurity | 09-Jul-2024 |
What Is The Attacks On Session Layer! | https://medium.com/@reemmoslem34/what-is-the-attacks-on-session-layer-d3ac90d9c4cb?source=rss------bug_bounty-5 | Rem Khalid | cybersecurity, malware, bug-bounty, programming, security | 09-Jul-2024 |
What Is The Attacks On Presentation Layer ! | https://medium.com/@reemmoslem34/what-is-the-attacks-on-presentation-layer-d98cbde4005b?source=rss------bug_bounty-5 | Rem Khalid | programming, security, cybersecurity, malware, bug-bounty | 09-Jul-2024 |
What Is The Attacks On Application Layer! | https://medium.com/@reemmoslem34/%D8%B7%D9%8A%D8%A8-%D8%AA%D8%B9%D8%A7%D9%84%D9%88%D8%A7-%D8%A3%D8%AE%D8%AA%D8%B5%D8%B1-%D8%A7%D9%84%D8%AD%D9%88%D8%A7%D8%B1-6e6617528bba?source=rss------bug_bounty-5 | Rem Khalid | security, bug-bounty, cybersecurity, malware, programming | 09-Jul-2024 |
Unearthing Hidden Assets: The Power of Active DNS Brute Forcing in Subdomain Discovery | https://bunny0417.medium.com/unearthing-hidden-assets-the-power-of-active-dns-brute-forcing-in-subdomain-discovery-44ec7f1250d4?source=rss------bug_bounty-5 | Aayush kumar | subdomains-enumeration, infosec, dns-brute-forcing, bug-bounty-tips, bug-bounty | 09-Jul-2024 |
Bypassing Admin Authentication Website Kampus | https://uzet.medium.com/bypassing-admin-authentication-website-kampus-b59bc43b6c98?source=rss------bug_bounty-5 | Timotius Benhur | bug-bounty-tips, penetration-testing, bug-hunting, programming, bug-bounty | 08-Jul-2024 |
Revolutionizing Content Issue Detection with CiBI: A Game-Changer in Automation | https://argotriwidodo.medium.com/revolutionizing-content-issue-detection-with-cibi-a-game-changer-in-automation-1e0f0b6e8ce9?source=rss------bug_bounty-5 | Argo triwidodo | qa, bug-bounty, ai, automation | 08-Jul-2024 |
Web3 Development: Key Security Considerations | https://securrtech.medium.com/web3-development-key-security-considerations-5358015e767a?source=rss------bug_bounty-5 | Securr | blockchain, security, securr, web3, bug-bounty | 08-Jul-2024 |
Discovering a Sigma SQLi Vulnerability in Explore CMS 1.0 | https://soltanali0.medium.com/discovering-a-sigma-sqli-vulnerability-in-explore-cms-1-0-f68599f0e5dd?source=rss------bug_bounty-5 | soltanali0 | sqli, programming, bug-bounty-tips, bug-bounty, hackerone | 08-Jul-2024 |
PII Disclosure on NASA | https://medium.com/@psychomong/pii-disclosure-on-nasa-667a96d3c31c?source=rss------bug_bounty-5 | psychomong | bugs, sensitive, hacker, bug-bounty, pii | 08-Jul-2024 |
Last week in tech 4th edition | https://medium.com/@azefox/last-week-in-tech-4th-edition-ec091e853fd3?source=rss------bug_bounty-5 | Azefox | tech, cybersecurity, infosec, cloud, bug-bounty | 08-Jul-2024 |
Ctrl + U to Bounty: How I Found Sensitive Info in the Source Code | https://rofes1337.medium.com/ctrl-u-to-bounty-how-i-found-sensitive-info-in-the-source-code-e583528ee2fe?source=rss------bug_bounty-5 | Yousef Muhammedelkhir | bug-bounty-writeup, hackerone, bug-bounty, information-disclosure, bugbounty-poc | 08-Jul-2024 |
Complex Attack Types: Sample Scenarios 37 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-37-2cd4d68b23f6?source=rss------bug_bounty-5 | Baris Dincer | bug-bounty, freedomofinternet, penetration-testing, information-security, cybersecurity | 08-Jul-2024 |
Burpsuite SQL Injection Lab 4(U | https://medium.com/@paradoxicalThief/burpsuite-sql-injection-lab-4-u-065f1592531f?source=rss------bug_bounty-5 | The Cyber Guy | bug-bounty, ctf, web-security, infosec, ethical-hacking | 08-Jul-2024 |
Partial construction race conditions | https://cyberw1ng.medium.com/partial-construction-race-conditions-007c478c53af?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, cybersecurity, bug-bounty, hacking, careers | 08-Jul-2024 |
Disguising Malicious Files to Look Like Normal EXE or PDFs | https://osintteam.blog/disguising-malicious-files-to-look-like-normal-exe-or-pdfs-d785e116e989?source=rss------bug_bounty-5 | Meerabell | hacking, osint-tool, bug-bounty, cybersecurity, microsoft | 08-Jul-2024 |
IDOR in Multinational Retail Company Leading to Unauthorized Access and Modifications | https://medium.com/@kamalinux/idor-in-multinational-retail-company-leading-to-unauthorized-access-and-modifications-e36f8ea9e859?source=rss------bug_bounty-5 | Kamal | bug-bounty, application-security, cybersecurity, penetration-testing, web-security | 08-Jul-2024 |
Zero to OSWE: Navigating the Journey with HTB | https://adipsharif.medium.com/zero-to-oswe-navigating-the-journey-with-htb-b1972b99a646?source=rss------bug_bounty-5 | ADIP | bug-bounty, penetration-testing, bug-bounty-tips, infosec-write-ups, infosec | 08-Jul-2024 |
The world’s most expensive insect… weighs 5 grams and costs 75 lakhs, know why people are crazy… | https://medium.com/@blogy.bub/the-worlds-most-expensive-insect-weighs-5-grams-and-costs-75-lakhs-know-why-people-are-crazy-ce77bc2d8204?source=rss------bug_bounty-5 | Blogy Hub | bug-bounty, health, news, news-articles, bugs | 08-Jul-2024 |
Find XSS on the Fly ( Full guide ) | https://medium.com/@zack0x01_/find-xss-on-the-fly-full-guide-300f07fb86ae?source=rss------bug_bounty-5 | zack0x01 | hacking, bug-bounty-writeup, bug-bounty-tips, bug-bounty, bugbounty-poc | 08-Jul-2024 |
Escalating XSS in PhantomJS Image Rendering to SSRF/Local-File Read | https://medium.com/@proseizala/escalating-xss-in-phantomjs-image-rendering-to-ssrf-local-file-read-9e11e94c480a?source=rss------bug_bounty-5 | Proseizala | bug-bounty, bug-bounty-tips, hacking, cybersecurity | 08-Jul-2024 |
CVE-2024–34750 Apache Tomcat DoS vulnerability in HTTP/2 connector | https://medium.com/@proseizala/cve-2024-34750-apache-tomcat-dos-vulnerability-in-http-2-connector-54033187cd4b?source=rss------bug_bounty-5 | Proseizala | cybersecurity, bugs, hacking, bug-bounty | 08-Jul-2024 |
I found an email verification bypass | https://medium.com/@pvnk24/i-found-an-email-verification-bypass-982b00864366?source=rss------bug_bounty-5 | Pavan K | ethical-hacking, security, web-security, penetration-testing, bug-bounty | 07-Jul-2024 |
Demystifying HTTP Parameters for beginners | https://medium.com/@mrunoriginal/demystifying-http-parameters-for-beginners-219d5c65499e?source=rss------bug_bounty-5 | mrunoriginal | information-security, web-application-security, web-application-hacking, bug-bounty, cybersecurity | 07-Jul-2024 |
Everything About CISM: Your Comprehensive Guide to the Certified Information Security Manager… | https://medium.com/@mazharshadab292/everything-about-cism-your-comprehensive-guide-to-the-certified-information-security-manager-3d57969a066d?source=rss------bug_bounty-5 | Shadab Mazhar | certification, cybersecurity, hacking, bug-bounty | 07-Jul-2024 |
Practical Bug Bounty — TCM Academy | Module 1 | https://medium.com/@awabhassan/practical-bug-bounty-tcm-academy-module-1-17dadeda56a0?source=rss------bug_bounty-5 | Mohammad Awab Hassan Nizami | information-security, tcm-security, bug-bounty, cybersecurity, ethical-hacking | 07-Jul-2024 |
Exposing Sensitive Data: A Journey into CDN Path Traversal Vulnerabilities | https://medium.com/@sulmanfarooq531/exposing-sensitive-data-a-journey-into-cdn-path-traversal-vulnerabilities-fec1c7917a86?source=rss------bug_bounty-5 | Sulman Farooq S | bug-bounty, cybersecurity, hacking, path-traversal, cdn | 07-Jul-2024 |
Hunting the Hunters: Exposing the Fake SBI YONO APK | https://medium.com/@tirqwork1/hunting-the-hunters-exposing-the-fake-sbi-yono-apk-0dd979aad23f?source=rss------bug_bounty-5 | ARoy | information-security, cybersecurity, bug-bounty, scammer-exposed, info-sec-writeups | 07-Jul-2024 |
Using ChatGPT for Bug Bounty and finding vulnerabilities | https://medium.com/@siratsami71/using-chatgpt-for-bug-bounty-and-finding-vulnerabilities-4a04de771a68?source=rss------bug_bounty-5 | Sirat Sami (analyz3r) | hacker, chatgpt, bug-bounty, cybersecurity | 07-Jul-2024 |
Cracking the Runner: A Step-by-Step Guide to Hacking a Medium-Level Machine on Hack The Box | https://medium.com/@niranjanshinde2325/cracking-the-runner-a-step-by-step-guide-to-hacking-a-medium-level-machine-on-hack-the-box-ae6f55ca01bd?source=rss------bug_bounty-5 | Niranjan | ethical-hacking, hack-the-box-writeup, bug-bounty, penetration-testing, cybersecurity | 07-Jul-2024 |
8.6 Lab: Web shell upload via race condition | https://cyberw1ng.medium.com/8-6-lab-web-shell-upload-via-race-condition-1870707752d3?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, bug-bounty, penetration-testing, cybersecurity | 07-Jul-2024 |
Avoid ‘OR 1=1’ while doing SQL Injection, Why? | https://medium.com/@aaftaba.k47/avoid-or-1-1-while-doing-sql-injection-why-5e7cc0716ef3?source=rss------bug_bounty-5 | Aaftab A. Kadavaikar | cybersecurity-awareness, bug-bounty, sql-injection, web-penetration-testing | 07-Jul-2024 |
How i got Cross-site Scripting (XSS)Reflected Using an unknown technique | https://medium.com/@0xmekky/how-i-got-cross-site-scripting-xss-reflected-using-an-unknown-technique-ca4984827465?source=rss------bug_bounty-5 | abdelrahem mekky | xss-vulnerability, xss-attack, bug-bounty | 07-Jul-2024 |
Race Conditions Attacks To limit bypass | https://sharmajijvs.medium.com/race-conditions-attacks-to-limit-bypass-c9dee647145b?source=rss------bug_bounty-5 | Jay Sharma | bug-report, bug-bounty-hunter, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 07-Jul-2024 |
Complex Attack Types: Sample Scenarios 36 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-36-c648fd8d55bd?source=rss------bug_bounty-5 | Baris Dincer | threat-intelligence, penetration-testing, freedomofinternet, cybersecurity, bug-bounty | 07-Jul-2024 |
404 Not Found to Google cloud service account credentials disclosure! | https://kumarmohank889.medium.com/404-not-found-to-google-cloud-service-account-credentials-disclosure-3b5f64e80fd5?source=rss------bug_bounty-5 | Mohan Kumar N | bug-bounty-tips, bug-bounty, infosec-write-ups, hacking, security-research | 07-Jul-2024 |
Bug Hunter? If only… | https://medium.com/@ded3y3/bug-hunter-if-only-5fabca6cffb7?source=rss------bug_bounty-5 | cr00k3d3y3 | cybersecurity, bug-bounty, life | 07-Jul-2024 |
Stored XSS in PDF Viewer | https://medium.com/@osamaavvan/stored-xss-in-pdf-viewer-9cc5b955de2b?source=rss------bug_bounty-5 | Osama Avvan | bug-bounty, cybersecurity, pdf, xss-attack | 06-Jul-2024 |
Understanding and Preventing Server-Side Request Forgery (SSRF) | https://medium.com/@ashhadali2019/understanding-and-preventing-server-side-request-forgery-ssrf-15d939dc9529?source=rss------bug_bounty-5 | Ashhadali | ssrf, bug-bounty, web, cybersecurity | 06-Jul-2024 |
MerlinChain Partners with BugRap, Launches $200,000 Bug Bounty to Enhance BTC Ecosystem Security | https://medium.com/@BugRap_Team/merlinchain-partners-with-bugrap-launches-200-000-bug-bounty-to-enhance-btc-ecosystem-security-17ef71444914?source=rss------bug_bounty-5 | BugRap Team | crypto, security, web3, btc, bug-bounty | 06-Jul-2024 |
A Simple 2FA Bypass | https://infosecwriteups.com/a-simple-2fa-bypass-43c8af9006ec?source=rss------bug_bounty-5 | hackerdevil | bug-bounty, hacking, bug-bounty-tips, bug-bounty-writeup, penetration-testing | 06-Jul-2024 |
Complex Attack Types: Sample Scenarios 35 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-35-bc24cffb5f95?source=rss------bug_bounty-5 | Baris Dincer | freedomofinternet, cybersecurity, information-technology, bug-bounty, penetration-testing | 06-Jul-2024 |
From Long-Term Hacking to Instant Rewards: Finding SQLi in 3 Minutes Worth $3125 | https://medium.com/@gguzelkokar.mdbf15/from-long-term-hacking-to-instant-rewards-finding-sqli-in-3-minutes-worth-3125-ac36c6e950bf?source=rss------bug_bounty-5 | Gökhan Güzelkokar | sql, hacking, bug-bounty, hackerone, sql-injection | 06-Jul-2024 |
$500 for Cracking Invitation Code For Unauthorized Access & Account Takeover | https://medium.com/@a13h1/500-for-cracking-invitation-code-for-unauthorized-access-account-takeover-558c663fb947?source=rss------bug_bounty-5 | Abhi Sharma | rate-limiting, bug-bounty, account-takeover, base64, cybersecurity | 06-Jul-2024 |
Rate Limit Bypass Due to Cryptographic Weakness | https://javroot.medium.com/rate-limit-bypass-due-to-cryptographic-weakness-2cdb3a112bba?source=rss------bug_bounty-5 | Javroot | security-token, bug-bounty, web, cryptography, research | 06-Jul-2024 |
Exploiting flawed validation of file uploads | https://cyberw1ng.medium.com/exploiting-flawed-validation-of-file-uploads-8a089992e3a1?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, careers, cybersecurity, penetration-testing | 06-Jul-2024 |
Identifying, ChronosCodeFail, a Critical Bug in the Dayforce Clock System | https://medium.com/@quantumsquint/identifying-chronoscodefail-a-critical-bug-in-the-dayforce-clock-system-58cb98c00d32?source=rss------bug_bounty-5 | Quantum Squint Research Dept. | developer-tools, penetration-testing, bug-bounty, regression-analysis, cybersecurity | 06-Jul-2024 |
Penjelasan Wifi Deauth Attack dan Demonstrasinya | https://hack4funacademy.medium.com/penjelasan-wifi-deauth-attack-dan-demonstrasinya-1cecaca53915?source=rss------bug_bounty-5 | Hack4Fun Academy | ethical-hacking, wifi, cybersecurity, hacking, bug-bounty | 05-Jul-2024 |
BountyDork: Your Ultimate Automatic Dorking Testing Companion For Bug Bounty | https://infosecwriteups.com/bountydork-your-ultimate-automatic-dorking-testing-companion-for-bug-bounty-b2bd41cb7344?source=rss------bug_bounty-5 | ElNiak | google-dork, python, bug-bounty, cybersecurity, technology | 05-Jul-2024 |
How to Install Bwapp in Virtualbox | https://medium.com/@bhardwajshekhar/how-to-install-bwapp-in-virtualbox-6bf7f1ba9a0f?source=rss------bug_bounty-5 | Shekhar Bhardwaj | owasp-top-10, bwapp, pentesting, bug-bounty | 05-Jul-2024 |
How I Found Critical Bugs :: SQL Injection → Compromised 10+ Govt. website’s Whole Databases !! | https://medium.com/@p.ra.dee.p_0xx01/how-i-found-critical-bugs-sql-injection-compromised-10-govt-websites-whole-databases-ad55899ff5db?source=rss------bug_bounty-5 | Professor0xx01 | cybersecurity, bug-bounty, offensive-security, penetration-testing, vdp | 05-Jul-2024 |
How to Find Subdomains Using Various Tools and Methods | https://medium.com/@j0k3r01/how-to-find-subdomains-using-various-tools-and-methods-583a7311c897?source=rss------bug_bounty-5 | J0k3R | subdomains-enumeration, recon, penetration-testing, bug-bounty, osint | 05-Jul-2024 |
Complex Attack Types: Sample Scenarios 34 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-34-48d60e2bb0fb?source=rss------bug_bounty-5 | Baris Dincer | threat-intelligence, penetration-testing, bug-bounty, cybersecurity, freedomofinternet | 05-Jul-2024 |
Everything About OSCP: A Comprehensive Guide | https://medium.com/@mazharshadab292/everything-about-oscp-a-comprehensive-guide-36794d325e67?source=rss------bug_bounty-5 | Shadab Mazhar | hacking, bug-bounty, certification, programming | 05-Jul-2024 |
Penggunaan Tools Steghide, ExifTool dan Uji Coba Automation Scanner Bug Bounty (Dalfox) | https://medium.com/@anggitaniaaurien/penggunaan-tools-steghide-exiftool-dan-uji-coba-automation-scanner-bug-bounty-dalfox-4fbe93e83eb3?source=rss------bug_bounty-5 | Anggitania Aurien | bug-bounty, exiftool, xs, steghide, kxss | 05-Jul-2024 |
The PDF Trojan Horse: Leveraging HTML Injection for SSRF and Internal Resource Access | https://uchihamrx.medium.com/the-pdf-trojan-horse-leveraging-html-injection-for-ssrf-and-internal-resource-access-fbf69efcb33d?source=rss------bug_bounty-5 | Abdelrhman Amin | cybersecurity, web-penetration-testing, penetration-testing, bug-bounty, bug-bounty-tips | 05-Jul-2024 |
Unlocking the Power of Nmap: Your Ultimate Guide to Network Scanning | https://medium.com/@josuofficial327/unlocking-the-power-of-nmap-your-ultimate-guide-to-network-scanning-3cb66fe66d75?source=rss------bug_bounty-5 | Josekutty Kunnelthazhe Binu | hacking, cybersecurity, bug-bounty, penetration-testing, linux | 05-Jul-2024 |
2.14 Lab: 2FA bypass using a brute-force attack | https://cyberw1ng.medium.com/2-14-lab-2fa-bypass-using-a-brute-force-attack-ad74afd23fcd?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, careers, penetration-testing, hacking | 05-Jul-2024 |
A Big Gmail Flaw: Sending Hidden Viruses in Gmail. | https://medium.com/@azanulrana/a-big-gmail-flaw-sending-hidden-viruses-in-gmail-09b52dd891e9?source=rss------bug_bounty-5 | 0xazanul | infosec-write-ups, infosec, hackerone, bug-bounty | 05-Jul-2024 |
How I Found Critical Bugs :: SQL Injection → Compromised 10+ Govt. website’s Whole Databases !! | https://medium.com/@p.ra.dee.p_0xx01/how-i-found-critical-bugs-sql-injection-compromised-10-govt-websites-whole-databases-ad55899ff5db?source=rss------bug_bounty-5 | Professor.0xx01 | cybersecurity, bug-bounty, offensive-security, penetration-testing, vdp | 05-Jul-2024 |
How to Use Google Dorks to Access Online Cameras | https://medium.com/@mirabelle.dib/how-to-use-google-dorks-to-access-online-cameras-251e83106f6b?source=rss------bug_bounty-5 | Meerabell | information-security, cybersecurity, bug-bounty, hacking, google-dork | 05-Jul-2024 |
Nuclei Kullanımı | https://medium.com/@sabriacun552/nuclei-kullan%C4%B1m%C4%B1-7038742dc53e?source=rss------bug_bounty-5 | Sabriacun | vulnerability-scanning, cybersecurity, bug-bounty, penetration-testing | 05-Jul-2024 |
SSRF Vulnerability in HiTranslate: A Technical Breakdown | https://medium.com/@security.tecno/ssrf-vulnerability-in-hitranslate-a-technical-breakdown-a5f517467a5b?source=rss------bug_bounty-5 | TECNO Security | hacking, security, bug-bounty, apps | 04-Jul-2024 |
Mastering Bug Bounty with Professor: Strategies for Success | https://bughuntar.medium.com/mastering-bug-bounty-with-professor-strategies-for-success-436fac3c7e28?source=rss------bug_bounty-5 | Professor the Hunter | cybersecurity, professorthehunter, bug-bounty, bug-bounty-tips, bughuntar | 04-Jul-2024 |
Google launches $250,000 bug bounty, this time targeting KVM, a virtual machine element | https://medium.com/@tothe21century/google-launches-250-000-bug-bounty-this-time-targeting-kvm-a-virtual-machine-element-d73cfbd63243?source=rss------bug_bounty-5 | RICH CHOI | bug-bounty | 04-Jul-2024 |
How I Found an IDOR Vulnerability in a Public Program on HackerOne | https://medium.com/@muhammadfurqanoffical/how-i-found-an-idor-vulnerability-in-a-public-program-on-hackerone-44c6724b0292?source=rss------bug_bounty-5 | Muhammad Furqan | bug-bounty-writeup, infosec-write-ups, bug-bounty, idor, hackerone | 04-Jul-2024 |
Apa itu XSS dan Bagaimana cara saya menemukan puluhan XSS Vulnerability | https://hack4funacademy.medium.com/apa-itu-xss-dan-bagaimana-cara-saya-menemukan-puluhan-xss-vulnerability-46fba9491bba?source=rss------bug_bounty-5 | Hack4Fun Academy | vulnerability, xss-attack, hacking, cybersecurity, bug-bounty | 04-Jul-2024 |
Understanding Request Smuggling: A Hidden Web Vulnerability (K-Edition) | https://medium.com/@friendly_/understanding-request-smuggling-a-hidden-web-vulnerability-k-edition-6ffab38d5aa1?source=rss------bug_bounty-5 | Friendly | hacking, bug-bounty, bugbounty-writeup, bug-bounty-tips | 04-Jul-2024 |
How I Used Keylogger XSS to Capture Credentials Leading to ATO | https://medium.com/@yyaminn/how-i-used-keylogger-xss-to-capture-credentials-leading-to-ato-06593e7a0798?source=rss------bug_bounty-5 | yyaminn | cybersecurity, bug-bounty, xss-attack, bugbounty-writeup, infosec | 04-Jul-2024 |
HACKBAR: A BROWSER EXTENSION FOR WEB SECURITY TESTING | https://medium.com/@Progsky/hackbar-a-browser-extension-for-web-security-testing-461b97d1a9e9?source=rss------bug_bounty-5 | Progsky | hacking, bug-bounty, pentesting, penetration-testing, web-security | 04-Jul-2024 |
How I earned $500 bounty for privilege escalation vulnerability !! | https://kumarmohank889.medium.com/how-i-earned-500-bounty-for-privilege-escalation-vulnerability-c42977abcc52?source=rss------bug_bounty-5 | Mohan Kumar N | hacking, bug-bounty, security, bug-bounty-tips, security-research | 04-Jul-2024 |
2.13 Lab: Broken brute-force protection, multiple credentials per request | https://cyberw1ng.medium.com/2-13-lab-broken-brute-force-protection-multiple-credentials-per-request-1beb6a85b12c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, hacking, bug-bounty, penetration-testing | 04-Jul-2024 |
Tools For Beginner Bug Hunter, Penetration Tester or Web Security Engineer | https://medium.com/@a5adujjaman/tools-for-beginner-bug-hunter-penetration-tester-or-web-security-engineer-a5510748fc5a?source=rss------bug_bounty-5 | Asadujjaman Asif | web-security, penetration-testing, security, bug-bounty, hacking | 04-Jul-2024 |
0 star rating got me 40 EUR. MY first bug I got paid for. | https://medium.com/@siyamhassan.main/0-star-rating-got-me-40-eur-my-first-bug-i-got-paid-for-18417f76a707?source=rss------bug_bounty-5 | 2004siyam_hassan | bug-bounty, bunty | 04-Jul-2024 |
IDOR to change other’s Account Name | https://codingninjablogs.tech/idor-to-change-others-account-name-43ddf7cfe429?source=rss------bug_bounty-5 | #$ubh@nk@r | idor, hacking, bug-bounty, infosec, web-security | 04-Jul-2024 |
The Problem With Bug Bounties | https://kf106.medium.com/the-problem-with-bug-bounties-0c5d956411d8?source=rss------bug_bounty-5 | Keir Finlow-Bates | bug-bounty, bug-bounty-program, hacking, computer-security, cryptocurrency | 04-Jul-2024 |
Mass Hunting XSS vulnerabilities | https://systemweakness.com/mass-hunting-xss-vulnerabilities-8d4785968727?source=rss------bug_bounty-5 | Imran Niaz | cross-site-scripting, bug-bounty-hunter, bug-bounty, bug-bounty-tips, xss-vulnerability | 04-Jul-2024 |
0 star rating got me 40 EUR. MY first bug I got paid for. | https://medium.com/@siyamhassan.main/0-star-rating-got-me-40-eur-my-first-bug-i-got-paid-for-18417f76a707?source=rss------bug_bounty-5 | Clasher | bug-bounty, bunty | 04-Jul-2024 |
IDOR vulnerability allow attacker to make a checkout order on behalf of other users | https://medium.com/@omarataallah98/idor-vulnerability-allow-attacker-to-make-an-order-checkout-on-behalf-other-users-accounts-2bdc4c7b8eca?source=rss------bug_bounty-5 | Omarataallah | security-testing, hacking, bug-bounty, hacks, idor-vulnerability | 03-Jul-2024 |
How to find wildcard bug bounty assets owned by a company. | https://medium.com/@tom.sh/how-to-find-wildcard-bug-bounty-assets-owned-by-a-company-991db585a554?source=rss------bug_bounty-5 | Tom | bug-bounty, recon, reconnaissance, cybersecurity, hacking | 03-Jul-2024 |
26.1 Lab: Exploiting LLM APIs with excessive agency | https://cyberw1ng.medium.com/26-1-lab-exploiting-llm-apis-with-excessive-agency-bb94aa506893?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, hacking, cybersecurity, penetration-testing | 03-Jul-2024 |
Complex Attack Types: Sample Scenarios 32 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-32-7c47b8e5d139?source=rss------bug_bounty-5 | Baris Dincer | cybersecurity, bug-bounty, threat-intelligence, penetration-testing, freedomofinternet | 03-Jul-2024 |
Mobile App Testing with Android Studio & Frida | https://medium.com/@jaylinscorner/mobile-app-testing-with-android-studio-frida-b65484121ba6?source=rss------bug_bounty-5 | Jaylin Nelson | bug-bounty, penetration-testing, cybersecurity, mobile-app-testing, frida | 03-Jul-2024 |
Blind OS Command Injection with time delays from Theory to Practical POC | https://medium.com/@dhruvsingh0203/hola-hackers-im-dhruv-singh-a-cybersecurity-enthusiast-passionate-about-exploring-the-depths-834a9d140115?source=rss------bug_bounty-5 | Dhruv Singh | ethical-hacking, command-injection, bug-bounty, hacking | 03-Jul-2024 |
IDOR vulnerability allow attacker to make a checkout order on behalf of other users | https://medium.com/@Bug_Bounty/idor-vulnerability-allow-attacker-to-make-a-checkout-order-on-behalf-of-other-users-397b16ece8fc?source=rss------bug_bounty-5 | Bug Bounty | bug-bounty, bountytips, togetherwehitharder, idor | 03-Jul-2024 |
Meta MFA bypass security bug was turned down, calling it a feature! What do you think? | https://medium.com/@kannnannmk/meta-mfa-bypass-security-bug-was-turned-down-calling-it-a-feature-what-do-you-think-9663e7c5a65e?source=rss------bug_bounty-5 | Neelamegha Kannan S | bug-bounty-tips, bug-bounty, cybersecurity, penetration-testing, meta | 03-Jul-2024 |
Aylık Özet Haziran 2024: Incognitee Hata Ödülü Lansmanı, Polkadot Hazine Teklifi ve Daha Fazlası | https://medium.com/@integriteetr/ayl%C4%B1k-%C3%B6zet-haziran-2024-incognitee-hata-%C3%B6d%C3%BCl%C3%BC-lansman%C4%B1-polkadot-hazine-teklifi-ve-daha-fazlas%C4%B1-22beabdf77aa?source=rss------bug_bounty-5 | Integriteetr | integritee, bug-bounty, blockchain, polkadot, wrap-up | 03-Jul-2024 |
PortSwigger LABs- SQL Injection | https://medium.com/@1dnz/lab-sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-ec0d03f83574?source=rss------bug_bounty-5 | H-ACK-ing | hacks, portswigger-lab, bug-bounty, hacking | 03-Jul-2024 |
A story of a nice SSRF vulnerability. | https://medium.com/@oXnoOneXo/a-story-of-a-nice-ssrf-vulnerability-51e16ff6a33f?source=rss------bug_bounty-5 | oXnoOneXo | hackerone, bug-bounty, ssrf | 03-Jul-2024 |
#IBRAHIMXSS TOOL RELEASE | https://ibrahimxss.medium.com/ibrahimxss-tool-release-97ba90fc3419?source=rss------bug_bounty-5 | #IbrahimXSS | xss-challenge, xss-bypass, xss-attack, xss-vulnerability, bug-bounty | 03-Jul-2024 |
How I Discovered Authentication Bypass That Blocks Users from Accessing the Website ? | https://sayedv2.medium.com/how-i-discovered-authentication-bypass-that-blocks-users-from-accessing-the-website-93140fa180ac?source=rss------bug_bounty-5 | Mohamed Sayed | bug-bounty-writeup, bug-bounty-tips, hackerone, authentication, bug-bounty | 03-Jul-2024 |
Bypassing Input Validation $0 - $1000 | https://medium.com/@mdnafeed3/bypassing-input-validation-0-1000-799682d547ba?source=rss------bug_bounty-5 | H4cker-Nafeed | technology, infosec, cybersecurity, bug-bounty | 02-Jul-2024 |
Understanding Admin Login Bypass: A Critical Security Discussion | https://farrosfr.medium.com/understanding-admin-login-bypass-a-critical-security-discussion-2641e54e60fd?source=rss------bug_bounty-5 | Mochammad Farros Fatchur Roji | php, programming, bug-bounty, web, cybersecurity | 02-Jul-2024 |
Do Hackers Really Need Coding Skills? Let’s Understand . . . | https://d3athcod3.medium.com/do-hackers-really-need-coding-skills-lets-understand-51e60e16c978?source=rss------bug_bounty-5 | D3athCod3 | technology, hacking, cybersecurity, bug-bounty, computer-science | 02-Jul-2024 |
18.4 Lab: Arbitrary object injection in PHP | https://cyberw1ng.medium.com/18-4-lab-arbitrary-object-injection-in-php-30a164de4595?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, careers, hacking, cybersecurity | 02-Jul-2024 |
Secret phishing bug google dont want you to know | https://medium.com/@eyaalgabay/secret-phishing-bug-google-dont-want-you-to-know-4d6d7616fa3f?source=rss------bug_bounty-5 | Eyaalgabay | web-hacking, bug-bounty, hacking, cybersecurity, unicode | 02-Jul-2024 |
LendingOwl introduces Bug Bounty Program. | https://medium.com/@valeriecameron70/lendingowl-introduces-bug-bounty-program-739910791826?source=rss------bug_bounty-5 | Valerie Cameron | lending, fintech, p2p, bug-bounty, news-articles | 02-Jul-2024 |
How I found IDOR in NASA | https://infosecwriteups.com/how-i-found-idor-in-nasa-4186a03455b4?source=rss------bug_bounty-5 | Eslam Omar | hacking, bug-bounty, bug-bounty-tips, nasa | 02-Jul-2024 |
AT&T Bug Bounty Program Scope | https://medium.com/@imusabkhan/at-t-bug-bounty-program-scope-ae256fbf1bf9?source=rss------bug_bounty-5 | Mohammad Musab Khan | bug-bounty, ethical-hacking, att, writeup, hackerone | 02-Jul-2024 |
Monthly Wrap-Up June 2024: Incognitee Bug Bounty Launch, Polkadot Treasury Proposal & More | https://medium.com/integritee/monthly-wrap-up-june-2024-incognitee-bug-bounty-launch-polkadot-treasury-proposal-more-c3623df413d4?source=rss------bug_bounty-5 | Integritee Network | bug-bounty, integritee, polkadot, wrap-up, blockchain | 02-Jul-2024 |
How to Find Your First CVE: A Guide for Aspiring Security Researchers | https://medium.com/@khammassilouay21/how-to-find-your-first-cve-a-guide-for-aspiring-security-researchers-c1e5eb9e819a?source=rss------bug_bounty-5 | Khammassilouay | cve, web-security, bug-bounty, cybersecurity | 02-Jul-2024 |
Self XSS + Login CSRF + OAuth = Account Takeover | https://medium.com/@l_s_/self-xss-login-csrf-oauth-account-takeover-6357f3395b49?source=rss------bug_bounty-5 | LS | bug-bounty, xss-attack, oauth, csrf, hacking | 02-Jul-2024 |
INFORMATION DISCLOSURE THROUGH AN ORGANIZATION’S NETWORK | https://hackhive.medium.com/information-disclosure-through-an-organizations-network-1f4e0bac1c55?source=rss------bug_bounty-5 | HackHive | bug-bounty, pentesting, vulnerability-assessment, information-security, information-disclosure | 02-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-33) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-33-31e20416b7aa?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | skills, cybersecurity, hacking, ethical-hacking, bug-bounty | 02-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-32) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-32-044ea32fd931?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, hacking, skills, cybersecurity, bug-bounty | 02-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-31) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-31-401155afb539?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | cybersecurity, skills, hacking, bug-bounty, ethical-hacking | 02-Jul-2024 |
File upload to RCE — Bug Bounty Tuesday | https://medium.com/@kerstan/file-upload-to-rce-bug-bounty-tuesday-f8dda0ed4077?source=rss------bug_bounty-5 | kerstan | hacking, cybersecurity, bug-bounty | 02-Jul-2024 |
The Dark Side of Contact Forms: How I Identified 7 CVEs in WordPress Plugins | https://dropn0w.medium.com/the-dark-side-of-contact-forms-how-i-identified-7-cves-in-wordpress-plugins-30f6111dfebf?source=rss------bug_bounty-5 | drop | bug-bounty, hacking, information-security, wordpress, cybersecurity | 02-Jul-2024 |
How to Find Your First CVE: A Guide for Aspiring Security Researchers | https://systemweakness.com/how-to-find-your-first-cve-a-guide-for-aspiring-security-researchers-c1e5eb9e819a?source=rss------bug_bounty-5 | Khammassilouay | cve, web-security, bug-bounty, cybersecurity | 02-Jul-2024 |
How to Use Google Dorks to Find Vulnerabilities | https://medium.com/@meerabell/how-to-use-google-dorks-to-find-vulnerabilities-da782f05826e?source=rss------bug_bounty-5 | Meerabell | hacking, information-security, bug-bounty, google-dork, cybersecurity | 02-Jul-2024 |
Exploiting Response Manipulation for Account Takeover | https://medium.com/@sdarmwal17/exploiting-response-manipulation-for-account-takeover-b19ce1494109?source=rss------bug_bounty-5 | Shubham Darmwal | otp-bypass, cybersecurity, account-takeover, bug-bounty, response-manipulation | 02-Jul-2024 |
Complex Attack Types: Sample Scenarios 31 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-31-b4f0ee2f90ac?source=rss------bug_bounty-5 | Baris Dincer | bug-bounty, cybersecurity, active-directory, penetration-testing, freedomofinternet | 02-Jul-2024 |
How to Use Google Dorks to Find Vulnerabilities | https://medium.com/@mirabelle.dib/how-to-use-google-dorks-to-find-vulnerabilities-da782f05826e?source=rss------bug_bounty-5 | Meerabell | hacking, information-security, bug-bounty, google-dork, cybersecurity | 02-Jul-2024 |
Effective XSS methodology : The true way to hunt XSS | https://xdead4f.medium.com/effective-xss-methodology-the-true-way-to-hunt-xss-4f4d740035cc?source=rss------bug_bounty-5 | 0xdead4f | xss-attack, bug-hunting, bug-bounty, cybersecurity | 01-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-29) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-29-d5e656812d96?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, cybersecurity, bug-bounty, hacking, skills | 01-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-28) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-28-ae3cb3e93960?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | skills, bug-bounty, cyber-security-awareness, ethical-hacking, hacking | 01-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-27) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-27-f5c03938d8fb?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, cyber-security-awareness, ethical-hacking, hacking, bug-bounty-tips | 01-Jul-2024 |
Understanding and Mitigating Smart Contract Vulnerabilities | https://securrtech.medium.com/understanding-and-mitigating-smart-contract-vulnerabilities-291b7fe168f2?source=rss------bug_bounty-5 | Securr | vulnerability, bug-bounty, cybersecurity, securr, smart-contracts | 01-Jul-2024 |
18.3 Using application functionality to exploit insecure deserialization | https://cyberw1ng.medium.com/18-3-using-application-functionality-to-exploit-insecure-deserialization-d6f18fe4811c?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, hacking, penetration-testing, bug-bounty, careers | 01-Jul-2024 |
Phishing or What?? How I Got Access to the Internal Email of a Company | https://infosecwriteups.com/phishing-or-what-how-i-got-access-to-the-internal-email-of-a-company-a098fb08728?source=rss------bug_bounty-5 | whit3ros3 | infosec, ethical-hacking, hacking, bug-bounty, bug-bounty-tips | 01-Jul-2024 |
Bug Bounty Hunting — Complete Guide (Part-30) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-30-e3519045da6d?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | ethical-hacking, skills, cybersecurity, bug-bounty, hacking | 01-Jul-2024 |
Unmasking the Danger: Open Redirection via Referer Header | https://medium.com/@sulmanfarooq531/unmasking-the-danger-open-redirection-via-referer-header-a527ab4e7be1?source=rss------bug_bounty-5 | Sulman Farooq S | cybersecurity, bug-bounty, hacking, open-redirect | 01-Jul-2024 |
How I Found CVE-2019-9826 on one of famous crypto company. $$$$ | https://medium.com/@a7madhacck/how-i-found-cve-2019-9826-on-one-of-famous-crypto-company-f23d9ba69861?source=rss------bug_bounty-5 | Ahmad Yussef | bug-bounty-writeup, cybersecurity, bug-bounty-tips, hacking, bug-bounty | 01-Jul-2024 |
3 Easy cash via cache | https://medium.com/@mohamed0xmuslim/3-easy-cash-via-cache-99d600565ac5?source=rss------bug_bounty-5 | Muhammad_Mostafa | bug-bounty | 01-Jul-2024 |
Story of a 1000$ Open Redirect | https://infosecwriteups.com/story-of-a-1000-open-redirect-1405fb8a0e7a?source=rss------bug_bounty-5 | Debangshu Kundu | cybersecurity, medium, bug-bounty, hacking, technology | 01-Jul-2024 |
Hacking Hidden Gems: Content Discovery with Webseek | https://medium.com/@hackertam1/hacking-hidden-gems-content-discovery-with-webseek-cf5a00c97d72?source=rss------bug_bounty-5 | Tahir Mujawar | cybersecurity, bug-bounty, recon, ethical-hacking, penetration-testing | 01-Jul-2024 |
How I found Bug on NASA | https://medium.com/@psychomong/how-i-found-bug-on-nasa-b2408e14aa17?source=rss------bug_bounty-5 | psychomong | bug-bounty, real-world-bug-hunting, nasa, hacking, hacker | 01-Jul-2024 |
My 60 Days Journey To Find My First Bug | https://medium.com/@binarysleuth247/my-60-days-journey-to-find-my-first-bug-59a2e676fda8?source=rss------bug_bounty-5 | binarysleuth247 | bug-bounty | 01-Jul-2024 |
VPS -Virtual Private Server- | https://medium.com/@haticezkmnl/vps-virtual-private-server-f37ffab2f3f1?source=rss------bug_bounty-5 | Hatice Zehra Kamanlı | servers, website, bug-bounty, public, vps | 01-Jul-2024 |
THM — Blog walkthrough | https://medium.com/@riickyrick/thm-blog-walkthrough-21f2844eafda?source=rss------bug_bounty-5 | Riicky | thm, bug-bounty, metasploit, wordpress, writeup | 01-Jul-2024 |
Mengumpulkan javascript file pada suatu websites untuk menemukan information disclosure | https://hack4funacademy.medium.com/mengumpulkan-javascript-file-pada-suatu-websites-untuk-menemukan-information-disclosure-8126fcccd77d?source=rss------bug_bounty-5 | Hack4Fun Academy | pentesting, cybersecurity, bug-bounty, bug-bounty-tips, hacking | 30-Jun-2024 |
XSS Deep Learning and Test Case Preparation | https://medium.com/@barsavak/xss-deep-learning-and-test-case-preparation-3f796a7ad5ed?source=rss------bug_bounty-5 | bariss30 | bug-bounty-tips, bug-bounty, xss-vulnerability | 30-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-26) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-26-49760a380496?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty-program, bug-bounty | 30-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-25) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-25-25328dcc629f?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-hunter, bug-bounty-writeup, bug-bounty-program, bug-bounty, bug-bounty-tips | 30-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-24) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-24-17e137c514ed?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-hunter, bug-bounty-program, bug-bounty-tips, bug-bounty, bug-bounty-writeup | 30-Jun-2024 |
The Only Methodology you need to Know to earn $$$$ in Bug Bounty in your First Day | https://xdead4f.medium.com/the-only-methodology-you-need-to-know-to-earn-in-bug-bounty-in-your-first-day-e8a361c89eb5?source=rss------bug_bounty-5 | 0xdead4f | bug-bounty, side-hustle, bug-bounty-methodology | 30-Jun-2024 |
Guide to Using ffuf | https://medium.com/@learntheshell/guide-to-using-ffuf-74824770076b?source=rss------bug_bounty-5 | LearnTheShell | bug-bounty, cybersecurity, fuzzing, hacking, linux | 30-Jun-2024 |
Bug Report from Product Testing https://hng.tech/ | https://medium.com/@teslimahsalahudeen/bug-report-from-product-testing-https-hng-tech-98e290fe3c0e?source=rss------bug_bounty-5 | CyberGoodness^ | product-testing, bug-bounty, security | 30-Jun-2024 |
XSS TEST CASE TASK | https://medium.com/@avar.talha08/xss-test-case-task-7a4bfd5b223a?source=rss------bug_bounty-5 | Talha Acar | bug-bounty-writeup, bug-bounty, php | 30-Jun-2024 |
Cisco Finesse Remote File Inclusion (CVE-2024–20405) | https://0x3zzat.medium.com/cisco-finesse-remote-file-inclusion-cve-2024-20405-7947c3327e0c?source=rss------bug_bounty-5 | Abd El Rahman Ezzat | cve, penetration-testing, bug-bounty, cve-2024-20405, cisco | 30-Jun-2024 |
Cisco Finesse Server Side Request Forgery (CVE-2024–20404) | https://0x3zzat.medium.com/cisco-finesse-server-side-request-forgery-cve-2024-20404-5d74b449a4a2?source=rss------bug_bounty-5 | Abd El Rahman Ezzat | cve-2024-20404, penetration-testing, cve, cisco, bug-bounty | 30-Jun-2024 |
18.2 Modifying Serialized Data Types | https://cyberw1ng.medium.com/18-2-modifying-serialized-data-types-726426fb3350?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, cybersecurity, bug-bounty, penetration-testing | 30-Jun-2024 |
XSS 101: XSS Nedir ? | https://medium.com/@kormorphus/xss-101-xss-nedir-15b04f7e4269?source=rss------bug_bounty-5 | Kormorphus | bug-bounty, cybersecurity, xss-attack | 30-Jun-2024 |
How to use Cheat Engine on Opera Gx | https://medium.com/@MrRipperoni/how-to-use-cheat-engine-on-opera-gx-ea6b121f0301?source=rss------bug_bounty-5 | Mr.Ripperoni | programming, bug-bounty, hacking, gamehacking, hacking-tools | 30-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-23) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-23-9f3497d279f1?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter, bug-bounty-program, bug-bounty | 29-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-22) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-22-8edd54306b83?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-tips, bug-bounty-program, bug-bounty-hunter, bug-bounty-writeup, bug-bounty | 29-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-21) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-21-e008298773da?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-writeup, bug-bounty-hunter, bug-bounty, bug-bounty-tips, bug-bounty-program | 29-Jun-2024 |
XSS TEST CASE | https://medium.com/@aarda418/xss-test-case-6158aad30604?source=rss------bug_bounty-5 | Arda Aslan | bug-bounty-tips, xss-vulnerability, bug-bounty | 29-Jun-2024 |
14.9 Lab: CSRF where token is tied to non-session cookie | https://cyberw1ng.medium.com/14-9-lab-csrf-where-token-is-tied-to-non-session-cookie-926338db4ba7?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, careers, hacking, cybersecurity, bug-bounty | 29-Jun-2024 |
Using AI to hunt for XSS. | https://medium.com/@deadoverflow/using-ai-to-hunt-for-xss-e04ba8d32ba8?source=rss------bug_bounty-5 | Imad Husanovic | cybersecurity, ethical-hacking, bug-bounty-tips, bug-bounty, hacking | 29-Jun-2024 |
XSS TEST CASE | https://medium.com/@mehmetfarisacar/xss-test-case-199e0bec59a6?source=rss------bug_bounty-5 | Mehmet Faris Acar | bug-bounty, xss-vulnerability, bug-bounty-tips | 29-Jun-2024 |
LEARNING PROCESS module from HTB بالعربي | https://medium.com/@am3002297/learning-process-module-from-htb-%D8%A8%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A-37675b8144b0?source=rss------bug_bounty-5 | 30obd | cybersecurity, bug-bounty | 29-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-19) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-19-7dfd1bd2d1ba?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty, bug-bounty-program | 28-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-18) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-18-5179747f60c3?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-tips, bug-bounty, bug-bounty-writeup, bug-bounty-hunter, bug-bounty-program | 28-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-20) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-20-a60e30106e0c?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-program, bug-bounty-writeup, bug-bounty-hunter, bug-bounty, bug-bounty-tips | 28-Jun-2024 |
Race Condition Vulnerability to bypass email confirmation | https://medium.com/@siratsami71/race-condition-vulnerability-to-bypass-email-confirmation-2af8d916fe61?source=rss------bug_bounty-5 | Sirat Sami (analyz3r) | hacking, bug-bounty, cybersecurity | 28-Jun-2024 |
XSS Zafiyeti Hakkında: | https://medium.com/@hhuseyinuyar17/xss-zafiyeti-hakk%C4%B1nda-98b5849d4700?source=rss------bug_bounty-5 | Hhuseyinuyar | reflected-xss, xss-attack, dom-xss, stored-xss, bug-bounty | 28-Jun-2024 |
An Easy RACE CONDITION Bug That Made Me Fame | https://medium.com/@hashimamin/an-easy-race-condition-bug-that-made-me-fame-97d6921ae7f4?source=rss------bug_bounty-5 | Hashim Amin | vulnerability, race-condition, infosec, bugbounty-writeup, bug-bounty | 28-Jun-2024 |
Why is programming so important in bug bounty? | https://medium.com/@deadoverflow/why-is-programming-so-important-in-bug-bounty-b7d7889ae026?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty-tips, cybersecurity, programming, bug-bounty, hacking | 28-Jun-2024 |
HTML Injection — HTB lab | https://zhunter12.medium.com/html-injection-htb-lab-cd7bdcd8fd93?source=rss------bug_bounty-5 | Oscar Romero | htb-academy, htb, html-injection, cybersecurity, bug-bounty | 28-Jun-2024 |
14.8 Lab: CSRF where token is duplicated in cookie | https://cyberw1ng.medium.com/14-8-lab-csrf-where-token-is-duplicated-in-cookie-d688fd0ac2ac?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, penetration-testing, cybersecurity, bug-bounty, careers | 28-Jun-2024 |
0-click Account Takeover (ATO) via Google Authentication | https://medium.com/@elcapitano7x/0-click-account-takeover-ato-via-google-authentication-b63a01a80a03?source=rss------bug_bounty-5 | Elcapitano | bug-bounty-tips, hackerone, bug-bounty-writeup, account-takeover, bug-bounty | 28-Jun-2024 |
[Bounty Weekend] Phone Verification Bypass With Business Logic Vulnerability | https://medium.com/@rifqihz/bounty-weekend-phone-verification-bypass-with-business-logic-vulnerability-1b2844b93d5a?source=rss------bug_bounty-5 | Rifqi Hilmy Zhafrant | hackerone, writeup, bug-bounty | 28-Jun-2024 |
Writeup: Discovering and Exploiting XSS Vulnerabilities — My First Bug Hunting Reward | https://medium.com/@heyrm/writeup-discovering-and-exploiting-xss-vulnerabilities-my-first-bug-hunting-reward-0dfb0ebfd6aa?source=rss------bug_bounty-5 | heyrm | bug-bounty-writeup, cybersecurity, bug-bounty, xss-attack, bug-hunting | 27-Jun-2024 |
Writeup: Menemukan dan Mengeksploitasi Kerentanan XSS — Reward Bug Hunting Pertamaku | https://medium.com/@heyrm/writeup-menemukan-dan-mengeksploitasi-kerentanan-xss-reward-bug-hunting-pertamaku-cbf76c9eaf65?source=rss------bug_bounty-5 | heyrm | xss-vulnerability, bug-bounty, cybersecurity, xss-attack, bug-hunting | 27-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-17) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-17-8d38292448cf?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-hunter, bug-bounty-program, bug-bounty-writeup, bug-bounty-tips, bug-bounty | 27-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-16) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-16-aacc2aab0f71?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-tips, bug-bounty, bug-bounty-program, bug-bounty-hunter, bug-bounty-writeup | 27-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-15) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-15-2cd3a0188386?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, bug-bounty-writeup, bug-bounty-program, bug-bounty-tips, bug-bounty-hunter | 27-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-14) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-14-985969cf2f17?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, bug-bounty-hunter, bug-bounty-writeup, bug-bounty-program, bug-bounty-tips | 27-Jun-2024 |
Hunting Bugs for RE Hunter 350 | https://vijetareigns.medium.com/hunting-bugs-for-re-hunter-350-81338c4ebf20?source=rss------bug_bounty-5 | the_unlucky_guy | bug-bounty, bug-bounty-tips, bug-bounty-writeup, bugbounty-writeup, cybersecurity | 27-Jun-2024 |
Malicious Document Analysis: Emotet Case I | https://medium.com/@brsdncr/malicious-document-analysis-emotet-case-i-4a5f1ca8c565?source=rss------bug_bounty-5 | Baris Dincer | cybersecurity, threat-intelligence, penetration-testing, bug-bounty, freedomofinternet | 27-Jun-2024 |
IDORs Never Disappoint Me— Hacking Into Online Bookings ($$$$) | https://aravind07.medium.com/idors-never-disappoint-me-hacking-into-online-bookings-5b2f34e1af25?source=rss------bug_bounty-5 | Gnana Aravind K | cybersecurity, penetration-testing, infosec, hacking, bug-bounty | 27-Jun-2024 |
How I was able to steal cookies via stored XSS | https://medium.com/@xnum.1/how-i-was-able-to-steal-cookies-via-stored-xss-c7f172fe114c?source=rss------bug_bounty-5 | Ahmed Tarek | stored-xss, xss-attack, bug-bounty, cookies, javascript | 27-Jun-2024 |
14.7 Lab: CSRF where token is not tied to user session | https://cyberw1ng.medium.com/14-7-lab-csrf-where-token-is-not-tied-to-user-session-841faddd036a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, cybersecurity, bug-bounty, careers, hacking | 27-Jun-2024 |
XSS Test Cases Preperation | https://medium.com/@NadirSensoy/xss-test-cases-preperation-566e34ff94fb?source=rss------bug_bounty-5 | Nadir Sensoy | bug-bounty-tips, bug-bounty, xss-vulnerability | 27-Jun-2024 |
Front End y Back End: Lab HTB Exposición de Datos Sensibles | https://zhunter12.medium.com/front-end-y-back-end-lab-htb-exposici%C3%B3n-de-datos-sensibles-a21431c08d9d?source=rss------bug_bounty-5 | Oscar Romero | cybersecurity, frontend, sensitive-data-exposure, htb-academy, bug-bounty | 27-Jun-2024 |
How I was able to steal cookies via stored XSS | https://medium.com/@0x_xnum/how-i-was-able-to-steal-cookies-via-stored-xss-c7f172fe114c?source=rss------bug_bounty-5 | Ahmed Tarek | stored-xss, xss-attack, bug-bounty, cookies, javascript | 27-Jun-2024 |
How long did it take me to find my first bug? | https://medium.com/@deadoverflow/how-long-did-it-take-me-to-find-my-first-bug-969699fa9080?source=rss------bug_bounty-5 | Imad Husanovic | bug-bounty-tips, hacking, cybersecurity, bug-bounty, programming | 27-Jun-2024 |
ICMTC CTF 2024 (Web Exploitation) | https://0x0anas.medium.com/icmtc-ctf-2024-web-exploitation-57998a15107b?source=rss------bug_bounty-5 | Anas Ibrahim | ctf, icmtc-ctf, pentesting, bug-bounty | 27-Jun-2024 |
IDORs Never Disappoint Me — Hacking Into Online Bookings ($$$$) | https://aravind07.medium.com/idors-never-disappoint-me-hacking-into-online-bookings-5b2f34e1af25?source=rss------bug_bounty-5 | Gnana Aravind K | cybersecurity, penetration-testing, infosec, hacking, bug-bounty | 27-Jun-2024 |
Checklist for Forgot Password functionality | https://infosecwriteups.com/checklist-for-forgot-password-functionality-3f61c34a15eb?source=rss------bug_bounty-5 | Suprajabaskaran | penetration-testing, passwords, bug-bounty, bug-bounty-tips, pentesting | 26-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-13) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-13-b7bc7fa2123b?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-hunter, bug-bounty-program, bug-bounty, bug-bounty-tips, bug-bounty-writeup | 26-Jun-2024 |
Basic Cyber Security Course First Day | https://mrunknown124154.medium.com/basic-cyber-security-course-first-day-c6ad0cb7d907?source=rss------bug_bounty-5 | Mr Abdullah | cyber-security-awareness, ethical-hacking, bug-bounty, cybersecurity | 26-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-12) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-12-4b892dc13d9f?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-hunter, bug-bounty-program, bug-bounty-tips, bug-bounty-writeup, bug-bounty | 26-Jun-2024 |
XSS: Demonstrating Impact Without Credentials | https://infosecwriteups.com/xss-demonstrating-impact-without-credentials-db7fff38792a?source=rss------bug_bounty-5 | Shlok K | xss-attack, vulnerability, infosec, bug-bounty, cross-site-scripting | 26-Jun-2024 |
Penetration Testing with Termux: A Newbie’s Success Story | https://medium.com/@yp400215/penetration-testing-with-termux-a-newbies-success-story-649e3393a311?source=rss------bug_bounty-5 | Yash Pawar | bug-bounty, penetration-testing, idor-vulnerability | 26-Jun-2024 |
Come back | https://medium.com/@anonymous19999/come-back-802e211927f6?source=rss------bug_bounty-5 | Anonymous | life, love, bug-bounty, comeback | 26-Jun-2024 |
Learn Android Penetration Testing Skill with This Vulnerable APK | https://medium.com/@phyowathone/learn-android-penetration-testing-skill-with-this-vulnerable-apk-94d9300a11c4?source=rss------bug_bounty-5 | Phyo WaThone Win | android-pentesting, android-security, application-security, android-bug-bounty, bug-bounty | 26-Jun-2024 |
How I found XSS and open redirect in Kamiapp.com accidentally | https://medium.com/@alimuhammadsecured/how-i-found-xss-and-open-redirect-in-kamiapp-com-accidentally-364ef7db939d?source=rss------bug_bounty-5 | Alimuhammadsecured | xss-attack, cybersecurity, hacking, bug-bounty | 26-Jun-2024 |
Complex Attack Types: Sample Scenarios 26 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-26-9b05b2b26815?source=rss------bug_bounty-5 | Baris Dincer | bug-bounty, penetration-testing, freedomofinternet, cybersecurity, information-security | 26-Jun-2024 |
Unveiling the Secrets of Server-Side Template Injection (SSTI) in Flask and Jinja2 | https://medium.com/@baraiprince0111/unveiling-the-secrets-of-server-side-template-injection-ssti-in-flask-and-jinja2-25c57ab3199f?source=rss------bug_bounty-5 | Baraiprince | ctf, hacking, cybersecurity, trends, bug-bounty | 26-Jun-2024 |
Unveiling OAuth Vulnerabilities: Exploring Account Access Without Email Verification | https://medium.com/@sulmanfarooq531/unveiling-oauth-vulnerabilities-exploring-account-access-without-email-verification-d36762361df7?source=rss------bug_bounty-5 | Sulman Farooq S | bug-bounty, cybersecurity, oauth, hacking, oauth2 | 26-Jun-2024 |
How i’ve found : ( IDOR + XSS ) = all USERS account takeover 🙂 ? | https://medium.com/@zack0x01_/how-ive-found-idor-xss-all-users-account-takeover-a49d59cf5108?source=rss------bug_bounty-5 | zack0x01 | bugbounty-tips, bug-bounty, bugbounty-poc, hacking, bugbounty-writeup | 26-Jun-2024 |
VRP [IDOR] Menghapus dan Melihat Data Korban | https://medium.com/@anvilleofficial/vrp-idor-menghapus-dan-melihat-data-korban-a9e1f8978798?source=rss------bug_bounty-5 | barr | idor, bug-bounty | 26-Jun-2024 |
How I compromised 1500 accounts/month with no technical skill | https://theclemvp.medium.com/how-i-compromised-1500-accounts-month-with-no-technical-skill-6a83ecd5c8eb?source=rss------bug_bounty-5 | Clément | cybersecurity, pentesting, penetration-testing, hacking, bug-bounty | 26-Jun-2024 |
14.6 Lab: CSRF Vulnerability where token validation depends on request method | https://cyberw1ng.medium.com/14-6-lab-csrf-vulnerability-where-token-validation-depends-on-request-method-78f2a2c33173?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, hacking, careers, cybersecurity | 26-Jun-2024 |
OTP Bypass through Response Manipulation | https://medium.com/@xnum.1/otp-bypass-through-response-manipulation-905bc70e5ff4?source=rss------bug_bounty-5 | Ahmed Tarek | authentication-bypass, authentication, bug-bounty, otp-verification, otp-bypass | 26-Jun-2024 |
Explotando Vulnerabilidades de Validación de Entrada en un Workflow de Compras — Web Sec Academy | https://zhunter12.medium.com/explotando-vulnerabilidades-de-validaci%C3%B3n-de-entrada-en-un-workflow-de-compras-web-sec-academy-a1e3265c46b8?source=rss------bug_bounty-5 | Oscar Romero | ciberseguridad, portswigger-lab, bug-bounty, business-logic-flaw, burpsuite | 26-Jun-2024 |
Understanding Web Security Concepts: A Comprehensive Guide | https://medium.com/@cybe3king/understanding-web-security-concepts-a-comprehensive-guide-61ced70c3337?source=rss------bug_bounty-5 | Cybe3king | bug-bounty, cybersecurity, penetration-testing, web-security, ethical-hacking | 26-Jun-2024 |
Securing Your Home Network: Final Steps | https://medium.com/@jessemridley/securing-your-home-network-final-steps-676b1d7c3787?source=rss------bug_bounty-5 | Jesse Ridley | bug-bounty, network-security, hackathons, freelancing, cybersecurity | 25-Jun-2024 |
13.31 Lab: Exploiting XSS to perform CSRF | https://cyberw1ng.medium.com/13-31-lab-exploiting-xss-to-perform-csrf-0fffd6243312?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, penetration-testing, bug-bounty, hacking, cybersecurity | 25-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-10) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-10-466f0806866b?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty, bug-bounty-writeup, bug-bounty-program, bug-bounty-tips, bug-bounty-hunter | 25-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-9) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-9-f76dc4218c1c?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-hunter, bug-bounty, bug-bounty-program, bug-bounty-writeup, bug-bounty-tips | 25-Jun-2024 |
#3. Bug Bounty Series: OTP Verification Bypass | https://cyb3rmind.medium.com/3-bug-bounty-series-otp-verification-bypass-468526b76720?source=rss------bug_bounty-5 | Cyb3r M!nds | bug-bounty, otp-bypass, hacking, bug-bounty-tips, pentesting | 25-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-11) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-11-f5009818fb39?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-program, bug-bounty, bug-bounty-start-up, bug-bounty-tips, bug-bounty-hunting | 25-Jun-2024 |
The Role of Ethical Hackers in Web3 Security | https://securrtech.medium.com/the-role-of-ethical-hackers-in-web3-security-e858b516b43d?source=rss------bug_bounty-5 | Securr | blockchain, bug-bounty, web3bugbounty, web3-security, web3 | 25-Jun-2024 |
“Onerror” Ne Demek ? | https://medium.com/@beratkolay37/onerror-ne-demek-bb751f8e6a1b?source=rss------bug_bounty-5 | Berat K. | kali-linux, html, bug-bounty, onerror, javascript | 25-Jun-2024 |
#3. Bug Bounty Series: OTP Verification bypass leads to unauthorized booking appointment | https://cyb3rmind.medium.com/3-bug-bounty-series-otp-verification-bypass-468526b76720?source=rss------bug_bounty-5 | Cyb3r M!nds | bug-bounty, otp-bypass, hacking, bug-bounty-tips, pentesting | 25-Jun-2024 |
ZDay Olarak Bulduğum PostMessage XSS Zafiyetinin Analizi | https://grolar.medium.com/zday-olarak-buldu%C4%9Fum-postmessage-xss-zafiyetinin-analizi-4c81471e32e5?source=rss------bug_bounty-5 | Grolar | bug-bounty-writeup, dom-xss, bug-bounty, xss-vulnerability, web-security | 25-Jun-2024 |
Testing SolarWinds Serv-U Path Directory Transversal Vulnerability (CVE-2024–28995) | https://noorhomaid.medium.com/testing-solarwinds-serv-u-path-directory-transversal-vulnerability-cve-2024-28995-d80e60d31a8d?source=rss------bug_bounty-5 | NoorHomaid | cybersecurity, cve, penetration-testing, bug-bounty, solarwinds-hack | 25-Jun-2024 |
The one where I owned a customer service platform | https://medium.com/@un1tycyb3r/the-one-where-i-owned-a-customer-service-platform-2fd4cff11b28?source=rss------bug_bounty-5 | Un1tycyb3r | bug-bounty | 25-Jun-2024 |
Find Sensitive Data’s using via network analysis make me 250$ | https://medium.com/@test123cybertest/find-sensitive-datas-using-via-network-analysis-make-me-250-a0b23b0cb03b?source=rss------bug_bounty-5 | praveenarsh0xx0 | pentesting, bug-bounty, cybersecurity, bug-bounty-tips | 25-Jun-2024 |
How I Found a Vulnerability in Paytm and Received a Bounty | https://mufazmi.medium.com/how-i-found-a-vulnerability-in-paytm-and-received-a-bounty-d580ea14e9a8?source=rss------bug_bounty-5 | Umair Farooqui ✪ | paytm-bug-bounty, mufazmi, bug-bounty, umair-farooqui, paytm-bug | 25-Jun-2024 |
Hackathon CTF VulnHub | Writeup | Walkthrough | https://shamsulmehmood.medium.com/hackathon-ctf-vulnhub-writeup-walkthrough-aa36adedc49e?source=rss------bug_bounty-5 | SHAMS UL MEHMOOD | vulnerability, cybersecurity, ai, hacker, bug-bounty | 25-Jun-2024 |
My First Bug Hunting Experience: A Journey from Disappointment to Success | https://b0mk35h.medium.com/my-first-bug-hunting-experience-a-journey-from-disappointment-to-success-ae92c222a0d0?source=rss------bug_bounty-5 | Pronay Biswas | bug-bounty, ethical-hacking, cybersecurity, web-security, cyberattack | 24-Jun-2024 |
Unseen Dangers: How Cloud Misconfigurations Could Be Your Company’s Biggest Threat | https://medium.com/@paritoshblogs/unseen-dangers-how-cloud-misconfigurations-could-be-your-companys-biggest-threat-c1ed86b10093?source=rss------bug_bounty-5 | Paritosh | cloud-computing, cybersecurity, hacking, bug-bounty, cloud | 24-Jun-2024 |
Roadmap to Becoming a Professional Penetration Tester with Estimated Learning Time | https://medium.com/@cuncis/roadmap-to-becoming-a-professional-penetration-tester-with-estimated-learning-time-d352bdd43fbe?source=rss------bug_bounty-5 | Cuncis | cybersecurity, penetration-test, bug-bounty, penetration-testing, hacker | 24-Jun-2024 |
Understanding Cybersecurity: Exploits, CVEs, and More | https://systemweakness.com/understanding-cybersecurity-exploits-cves-and-more-59b41bf679dc?source=rss------bug_bounty-5 | Khaleel Khan | cybersecurity, bug-bounty, hacking, infosec, ethical-hacking | 24-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-6) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-6-2ad674553fa0?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-writeup, bug-bounty-tips, bug-bounty, bug-bounty-program, bug-bounty-hunter | 24-Jun-2024 |
CVE Seeker — Unveiling Cyber Threats: From Assets to Vulnerability Insights | https://anmolksachan.medium.com/cve-seeker-unveiling-cyber-threats-from-assets-to-vulnerability-insights-b4b485a7aefb?source=rss------bug_bounty-5 | Anmol K Sachan | recon, shodan, asm, bug-bounty, attack-surface-management | 24-Jun-2024 |
13.30 Lab: Exploiting cross-site scripting to capture passwords | https://cyberw1ng.medium.com/13-30-lab-exploiting-cross-site-scripting-to-capture-passwords-bd3714035b4a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, penetration-testing, careers, cybersecurity | 24-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-8) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-8-3d5a833a4842?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-tips, bug-bounty, bug-bounty-program, bug-bounty-hunter, bug-bounty-writeup | 24-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-7) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-7-6a8786ecb6f4?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-program, bug-bounty, bug-bounty-tips, bug-bounty-hunter, bug-bounty-writeup | 24-Jun-2024 |
OTP Bypass through Session Manipulation | https://medium.com/@n4if/otp-bypass-through-session-manipulation-d73deceaa42f?source=rss------bug_bounty-5 | 0xNAiF | penetration-testing, bug-bounty, computer-science, cybersecurity | 24-Jun-2024 |
Insecure Direct Object Reference (IDOR) Walkthrough — VulnLab by Yavuzlar | https://medium.com/@muhammadriva/insecure-direct-object-reference-idor-walkthrough-vulnlab-by-yavuzlar-3d16ce3f5345?source=rss------bug_bounty-5 | Muhammad Riva Fanzury S | cybersecurity, bug-bounty, ethical-hacking, penetration-testing, idor-vulnerability | 24-Jun-2024 |
Cross Site Scripting (XSS) Walkthrough — VulnLab XSS by Yavuzlar | https://medium.com/@muhammadriva/cross-site-scripting-xss-walkthrough-vulnlab-xss-by-yavuzlar-149d14ab2d6b?source=rss------bug_bounty-5 | Muhammad Riva Fanzury S | cross-site-scripting, bug-bounty, cybersecurity, penetration-testing, ethical-hacking | 24-Jun-2024 |
OAuth CSRF: Exploiting the Authorization Code Flow for Account Takeover | https://medium.com/@cyberpro151/oauth-csrf-exploiting-the-authorization-code-flow-for-account-takeover-f67cee914d39?source=rss------bug_bounty-5 | cyberpro151 | web-security, account-takeover, bug-bounty, appsec, hacking | 24-Jun-2024 |
Bypassing Reset Password ATO (Account takeover) through JavaScript Breakpoints | https://medium.com/@asaad0x/bypassing-reset-password-ato-account-takeover-through-javascript-breakpoints-e71187ad7171?source=rss------bug_bounty-5 | Ahmad Asaad | account-takeover, bug-bounty, penetration-testing, cybersecurity, infosec | 24-Jun-2024 |
Poodle Haney Bug Bounty | https://medium.com/@haneypoodle/poodle-haney-bug-bounty-1b0a10a03689?source=rss------bug_bounty-5 | Poodle Haney | memecoins, haney, bug-bounty, poodle-haney | 24-Jun-2024 |
Tutorial Install Burpsuite Beginner | https://medium.com/@muhammadriva/tutorial-install-burpsuite-beginner-927375c22f94?source=rss------bug_bounty-5 | Muhammad Riva Fanzury S | bug-bounty, penetration-testing, cybersecurity, junior-pentester, burpsuite | 24-Jun-2024 |
Unrestricted File Upload Walkthrough — VulnLab by Yavuzlar | https://medium.com/@muhammadriva/unrestricted-file-upload-walkthrough-vulnlab-by-yavuzlar-76854ebafe84?source=rss------bug_bounty-5 | Muhammad Riva Fanzury S | penetration-testing, bug-bounty, remote-code-execution, cybersecurity, backdoor | 24-Jun-2024 |
Bypassing Reset Password ATO (Account takeover) through JavaScript Breakpoints | https://read.martiandefense.llc/bypassing-reset-password-ato-account-takeover-through-javascript-breakpoints-e71187ad7171?source=rss------bug_bounty-5 | Ahmad Asaad | account-takeover, bug-bounty, penetration-testing, cybersecurity, infosec | 24-Jun-2024 |
Next.js and cache poisoning: a quest for the black hole | https://medium.com/@zhero_/next-js-and-cache-poisoning-a-quest-for-the-black-hole-1ae634170a1e?source=rss------bug_bounty-5 | Rachid.A | hacking, bug-bounty, nextjs, web-security, javascript | 24-Jun-2024 |
Bug Bounty Programs: How Outsourcing Can Help Your Project — Sinhala Translation | https://medium.com/@integriteesrilanka/bug-bounty-programs-how-outsourcing-can-help-your-project-sinhala-translation-0a40a97e58c7?source=rss------bug_bounty-5 | Integritee Sri Lanka | bug-bounty, immunefi, blockchain | 24-Jun-2024 |
OTP Bypass through Session Manipulation | https://medium.com/@n4if/otp-bypass-through-session-manipulation-d73deceaa42f?source=rss------bug_bounty-5 | 0xn4if | penetration-testing, bug-bounty, computer-science, cybersecurity | 24-Jun-2024 |
How i got easy multiple RXSS | https://medium.com/@0xmekky/how-i-got-easy-multiple-rxss-dd3a6bc521dd?source=rss------bug_bounty-5 | abdelrahem mekky | xss-attack, penetration-testing, reflected-xss, web-app-security, bug-bounty | 23-Jun-2024 |
Complex Attack Types: Sample Scenarios 23 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-23-c0079166f4d9?source=rss------bug_bounty-5 | Baris Dincer | freedomofinternet, threat-intelligence, cybersecurity, penetration-testing, bug-bounty | 23-Jun-2024 |
13.29 Exploiting cross-site scripting to steal cookies | https://cyberw1ng.medium.com/13-29-exploiting-cross-site-scripting-to-steal-cookies-21c7d5851ea3?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, penetration-testing, cybersecurity, bug-bounty | 23-Jun-2024 |
Duplicate P1 in public program | https://medium.com/@mohamed.yasser442200/duplicate-p1-in-public-program-aa9ade8f61c3?source=rss------bug_bounty-5 | Spider4 | pentesting, bug-bounty-tips, authentication, hacking, bug-bounty | 23-Jun-2024 |
New 100$ Bug in My Methodology! | https://medium.com/@rewmcode/new-100-bug-in-my-methodology-60d99f0dafe2?source=rss------bug_bounty-5 | Ali Rem | bug-bounty-tips, hacking, hacker, bug-bounty | 23-Jun-2024 |
Chaining bugs for Account Takeover | https://medium.com/@hbenja47/chaining-bugs-for-account-takeover-0b90a2d952af?source=rss------bug_bounty-5 | Benja (bronxi) | hacking, bug-bounty | 23-Jun-2024 |
Guide to Using httpx | https://medium.com/@learntheshell/guide-to-using-httpx-a542cbdc4ed4?source=rss------bug_bounty-5 | LearnTheShell | cybersecurity, httpx, bug-bounty, linux, hacking | 22-Jun-2024 |
The Ultimate Shodan Search Guide for Cybersecurity Analysts | https://systemweakness.com/the-ultimate-shodan-search-guide-for-cybersecurity-analysts-283f17f56182?source=rss------bug_bounty-5 | Khaleel Khan | hacking, cybersecurity, infosec, bug-bounty, cheatsheet | 22-Jun-2024 |
How I Found a Simple IDOR Bug That Exposed Sensitive Data | https://medium.com/@dra0x0/how-i-found-a-simple-idor-bug-that-exposed-sensitive-data-36e6e9b508db?source=rss------bug_bounty-5 | dra0x0 | application-security, ethical-hacking, cybersecurity, software-testing, bug-bounty | 22-Jun-2024 |
How I found a .env file and can access the whole server of mysql | https://medium.com/@jeetpal2007/how-i-found-a-env-file-and-can-access-the-whole-server-of-mysql-a21af69cbd12?source=rss------bug_bounty-5 | JEETPAL | bug-bounty-tips, bug-bounty, cybersecurity, bugbounty-writeup, env-file | 22-Jun-2024 |
Practical Threat Hunting Using Known IOC IPs | https://medium.com/@paritoshblogs/practical-threat-hunting-using-known-ioc-ips-26a4eab0b616?source=rss------bug_bounty-5 | Paritosh | cybersecurity, incident-response, bug-bounty, ransomware, threat-hunting | 22-Jun-2024 |
CVE-2024–28999 SolarWinds Race Condition | https://medium.com/@0xSphinx/cve-2024-28999-solarwinds-race-condition-62e175339b46?source=rss------bug_bounty-5 | 0xSphinx | cybersecurity, bug-bounty, hacking, cyber-security-awareness, security | 22-Jun-2024 |
13.28 Lab: Reflected XSS into a template literal with angle brackets, single, double quotes… | https://cyberw1ng.medium.com/13-28-lab-reflected-xss-into-a-template-literal-with-angle-brackets-single-double-quotes-45602869f45f?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, bug-bounty, penetration-testing, cybersecurity | 22-Jun-2024 |
Found Bugs, Got paid, Stayed poor: Making a Living with Bug Bounties | https://slava-moskvin.medium.com/found-bugs-got-paid-stayed-poor-making-a-living-with-bug-bounties-04ba1fbbab73?source=rss------bug_bounty-5 | Path Cybersec [Slava Moskvin] | pentesting, reverse-engineering, cybersecurity, bug-bounty, offensive-security | 22-Jun-2024 |
Update on DNS problem with Lubuntu 24.04 | https://ariedwikusuma9.medium.com/update-on-dns-problem-with-lubuntu-24-04-5c48a903026f?source=rss------bug_bounty-5 | Ariekusuma | linux, lubuntu, ubuntu, wireguard, bug-bounty | 21-Jun-2024 |
Bypassing iCloud Web Access Restriction | https://ltsirkov.medium.com/bypassing-icloud-web-access-restriction-30cdf12b979c?source=rss------bug_bounty-5 | Lyubomir Tsirkov | bug-bounty, bug-bounty-tips, bugbounty-writeup, cybersecurity | 21-Jun-2024 |
How I Found 3 Bugs in a Single Day | https://medium.com/@dsmodi484/how-i-found-3-bugs-in-a-single-day-a690e2abd4fb?source=rss------bug_bounty-5 | Dishant Modi | offensive-security, vapt, idor, bugs, bug-bounty | 21-Jun-2024 |
Dork Like a Pro: Exploiting Google for Bug Bounty Wins | https://medium.com/@RaunakGupta1922/dork-like-a-pro-exploiting-google-for-bug-bounty-wins-fd2612d7fde3?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | google-dork, bug-bounty, vulnerability, hacking, cyber-security-awareness | 21-Jun-2024 |
Complex Attack Types: Sample Scenarios 22 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-22-f720da3d9dc3?source=rss------bug_bounty-5 | Baris Dincer | information-technology, penetration-testing, bug-bounty, cybersecurity, freedomofinternet | 21-Jun-2024 |
Broken Access Control on an E-commerce website allows attackers to lengthen trial plan | https://medium.com/@p00dl3/broken-access-control-on-an-e-commerce-website-allows-attackers-to-lengthen-trial-plan-e59f5976bca3?source=rss------bug_bounty-5 | p00dl3 | cybersecurity, bug-bounty | 21-Jun-2024 |
Say Goodbye to Pesky Bugs: Top Bug Zappers for Perfect Family Gatherings | https://medium.com/@seng4k2/say-goodbye-to-pesky-bugs-top-bug-zappers-for-perfect-family-gatherings-b23f405ac0c5?source=rss------bug_bounty-5 | Kear Seng | mosquito, insects, bugs, bug-bounty, pest-control | 21-Jun-2024 |
13.27 Lab: Reflected XSS into a JavaScript string with a single quote and backslash-escaped | https://cyberw1ng.medium.com/13-27-lab-reflected-xss-into-a-javascript-string-with-a-single-quote-and-backslash-escaped-2fbc757feb1a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, penetration-testing, bug-bounty, careers, cybersecurity | 21-Jun-2024 |
Exploring Web Infrastructure: Tools and Techniques for Effective Recon | https://medium.com/@Kaizen2977/exploring-web-infrastructure-tools-and-techniques-for-effective-recon-11907b7ec938?source=rss------bug_bounty-5 | kapil Chotalia | bug-bounty, penetration-testing, dns, email, cybersecurity | 21-Jun-2024 |
Quick & Easy $100 Bug That You Can Find In 5 minutes | https://levelup.gitconnected.com/quick-easy-100-bug-that-you-can-find-in-5-minutes-aeb4b16745d9?source=rss------bug_bounty-5 | Hamza Avvan | ethical-hacking, bug-bounty, cybersecurity, earn-money-online, api | 21-Jun-2024 |
Best Practices for Securing Your Decentralized Application | https://securrtech.medium.com/best-practices-for-securing-your-decentralized-application-d049a9ec547d?source=rss------bug_bounty-5 | Securr | blockchain, web3, security, securr, bug-bounty | 21-Jun-2024 |
Everything About EC-Council CEH | https://medium.com/@mazharshadab292/everything-about-ec-council-ceh-fb47b0392104?source=rss------bug_bounty-5 | Shadab Mazhar | hacking, social-media, computer-science, cybersecurity, bug-bounty | 21-Jun-2024 |
If youre looking for thorough and professional penetration testing services, youve come to the… | https://medium.com/@kafim3137/if-youre-looking-for-thorough-and-professional-penetration-testing-services-youve-come-to-the-ea3d1129b61f?source=rss------bug_bounty-5 | Farhad | bug-bounty, penetration-test, vulnerability, vulnerability-assessment, penetration-testing | 21-Jun-2024 |
Part 1- Everything You Need to Know About Browser Security Policies — SOP, CORS. | https://medium.com/@vikramroot/part-1-everything-you-need-to-know-about-browser-security-policies-sop-cors-3eb025fd3ab8?source=rss------bug_bounty-5 | vikram naidu | bugbounty-writeup, penetration-testing, application-security, cybersecurity, bug-bounty | 21-Jun-2024 |
Part 2- Everything You Need to Know About Browser Security Policies — CSP, Cookie Attributes, etc. | https://medium.com/@vikramroot/part-2-everything-you-need-to-know-about-browser-security-policies-csp-cookie-attributes-etc-3ea98f737b3a?source=rss------bug_bounty-5 | vikram naidu | penetration-testing, bug-bounty, product-security, cybersecurity, application-security | 21-Jun-2024 |
Microsoft Subdomain XSS Report — Published | https://ibrahimxss.medium.com/microsoft-subdomain-xss-report-published-3e4f54eea93c?source=rss------bug_bounty-5 | #IbrahimXSS | xss-attack, xss-bypass, bug-bounty, microsoft, xss-vulnerability | 21-Jun-2024 |
Discovering an XSS Vulnerability on Vue.js 2.6.10 WebApp | https://ibrahimxss.medium.com/discovering-an-xss-vulnerability-on-vue-js-2-6-10-webapp-e6c0cc88e840?source=rss------bug_bounty-5 | #IbrahimXSS | xss-attack, bug-bounty, xss-bypass, hacking, xss-vulnerability | 21-Jun-2024 |
Being Better at Burp | https://medium.com/@fat_zombi/being-better-at-burp-b9585186aa08?source=rss------bug_bounty-5 | Fatzombi | appsec, bug-bounty, proxy, burpsuite | 20-Jun-2024 |
OWASP Top 10 SQL Injection Vulnerability | https://medium.com/@Joshua_sk/owasp-top-10-sql-injection-vulnerability-97168af8978e?source=rss------bug_bounty-5 | Joshua_sk | vulnerability, web-hacking, bug-bounty, sql-injection, owasp-top-10 | 20-Jun-2024 |
Kraken Crypto Exchange Hit by $3 Million Theft Exploiting Zero-Day Flaw | https://medium.com/@malikijlal/kraken-crypto-exchange-hit-by-3-million-theft-exploiting-zero-day-flaw-6f218c3aef57?source=rss------bug_bounty-5 | Malik Ijlal | bug-bounty, cryptocurrency, cybersecurity, hacking, kraken | 20-Jun-2024 |
Getting Into Cybersecurity: A Roadmap | https://medium.com/@majix_de/getting-into-cybersecurity-a71cde8a57b3?source=rss------bug_bounty-5 | Majix | cybersecurity-tips, bug-bounty, infoseccareer, ethical-hacking, hack-to-learn | 20-Jun-2024 |
Untold story of Zomato XSS | https://medium.com/@info_4040/untold-story-of-zomato-xss-148c91d2faec?source=rss------bug_bounty-5 | Bug Detector's | xss-vulnerability, bug-bounty, bug-bounty-tips, penetration-testing, xss-attack | 20-Jun-2024 |
TryHackMe SQLMap Room | https://medium.com/@Joshua_sk/tryhackme-sqlmap-room-06fd30f8a0b1?source=rss------bug_bounty-5 | Joshua_sk | tryhackme, cybersecurity, sqlmap, bug-bounty, sql-injection | 20-Jun-2024 |
Kraken Faces Extortion Attempt After $3M Bug Exploit | https://medium.com/@whalecrypto/kraken-faces-extortion-attempt-after-3m-bug-exploit-f086f479a4f1?source=rss------bug_bounty-5 | Crypto Whale Medium | kraken, crypto-hack, blockchain-security, cryptoextortion, bug-bounty | 20-Jun-2024 |
Complex Attack Types: Sample Scenarios 21 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-21-e65a13b96002?source=rss------bug_bounty-5 | Baris Dincer | freedomofinternet, threat-intelligence, bug-bounty, penetration-testing, cybersecurity | 20-Jun-2024 |
OAuth Misconfiguration: Preemptive Account Registration Exploitation | https://mmnahian.medium.com/oauth-misconfiguration-preemptive-account-registration-exploitation-407be50d6037?source=rss------bug_bounty-5 | mmnahian | bug-bounty, information-security, bug-bounty-tips, sso, oauth | 20-Jun-2024 |
What is prototype pollution? | https://cyberw1ng.medium.com/what-is-prototype-pollution-76694f0db76a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, cybersecurity, hacking, penetration-testing | 20-Jun-2024 |
Very damn vulnerable government site 2.0 | https://medium.com/@bl4cksku11/very-damn-vulnerable-government-site-2-0-cf9535cbdb4e?source=rss------bug_bounty-5 | Bl4cksku11 | vulnerability, bug-bounty, research, hacking, red-team | 20-Jun-2024 |
IF YOU DON.T HAVE money, SELL YOUR CROSS SITE SCRIPTING | https://medium.com/@1daytosee/if-you-don-t-have-money-sell-your-cross-site-scripting-dc4b6bdd046f?source=rss------bug_bounty-5 | 1day2see | xss-attack, bug-bounty, pentesting, selling, hacking | 20-Jun-2024 |
Inside the Kraken $3M Hack: What Happened? | https://medium.com/@cryptopiannews/inside-the-kraken-3m-hack-what-happened-4a0af98c498e?source=rss------bug_bounty-5 | Cryptopiannews | bug-bounty, kraken, kraken-3m-hack, cryptopiannews, crypto-hack | 20-Jun-2024 |
How Static Analysis Uncovers Hidden Malware Threats ! | https://medium.com/@paritoshblogs/how-static-analysis-uncovers-hidden-malware-threats-7c62d132f7f8?source=rss------bug_bounty-5 | Paritosh | cybersecurity, malware, bug-bounty, static-malware-analysis, hacking | 19-Jun-2024 |
Analyzing a Major Web3 Vulnerability and Its Resolution | https://securrtech.medium.com/analyzing-a-major-web3-vulnerability-and-its-resolution-69955d55a0f6?source=rss------bug_bounty-5 | Securr | blockchain, bug-bounty, web3, security, securr | 19-Jun-2024 |
29.9 Lab: Remote code execution via server-side prototype pollution | https://cyberw1ng.medium.com/29-9-lab-remote-code-execution-via-server-side-prototype-pollution-d5c98bfe3e73?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, bug-bounty, cybersecurity, penetration-testing | 19-Jun-2024 |
Code Execution Vulnerability in Behave: A Deep Dive | https://medium.com/@piyushbhor22/code-execution-vulnerability-in-behave-a-deep-dive-b8c7431a71f9?source=rss------bug_bounty-5 | Pi | security-research, bug-bounty, code-review, cybersecurity, vulnerability-research | 19-Jun-2024 |
Mastering Bug Bounty: Tips and Strategies for Success | https://medium.com/@whitehatcyber404/mastering-bug-bounty-tips-and-strategies-for-success-df27b24f2009?source=rss------bug_bounty-5 | Cyber_catz | bug-bounty-writeup, bugbounty-writeup, bug-bounty-tips, bug-bounty, bugbounty-tips | 19-Jun-2024 |
Complex Attack Types: Sample Scenarios 19 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-19-2a39b7806616?source=rss------bug_bounty-5 | Baris Dincer | freedomofinternet, cybersecurity, bug-bounty, information-technology, penetration-testing | 19-Jun-2024 |
The Best Resources for Cybersecurity Pros and Bug Bounty Hunters | https://medium.com/@turvsec/the-best-resources-for-cybersecurity-pros-and-bug-bounty-hunters-f674c2abebb2?source=rss------bug_bounty-5 | TurvSec | pentesting, infosec, bug-bounty, cybersecurity | 19-Jun-2024 |
Unlocking the Future of Web Security with the #IBRAHIMXSS Tool | https://ibrahimxss.medium.com/unlocking-the-future-of-web-security-with-the-ibrahimxss-tool-a33843cdc259?source=rss------bug_bounty-5 | #IbrahimXSS | xss-vulnerability, bug-bounty, xss-attack, hacking, xss-bypass | 19-Jun-2024 |
A Place for Cybersecurity and Bug Bounty Content Creators to Shine | https://medium.com/@turvsec/a-place-for-cybersecurity-and-bug-bounty-content-creators-to-shine-fa0096ce2559?source=rss------bug_bounty-5 | TurvSec | bug-bounty, cybersecurity, infosec | 19-Jun-2024 |
Complex Attack Types: Sample Scenarios 20 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-20-f2f9e8f6725e?source=rss------bug_bounty-5 | Baris Dincer | freedomofinternet, cybersecurity, penetration-testing, bug-bounty, information-technology | 19-Jun-2024 |
Mastering Bug Bounty: Tips and Strategies for Success | https://medium.com/@cyber_catz/mastering-bug-bounty-tips-and-strategies-for-success-df27b24f2009?source=rss------bug_bounty-5 | cyber_catz | bug-bounty-writeup, bugbounty-writeup, bug-bounty-tips, bug-bounty, bugbounty-tips | 19-Jun-2024 |
Web App Sec RECON — Black Box Foundations and TTPs | https://medium.com/@meshcode/web-app-sec-recon-black-box-foundations-and-ttps-4bf095b7c004?source=rss------bug_bounty-5 | Mateusz (meshcode) | recon, stealth, web-app-security, infosec, bug-bounty | 19-Jun-2024 |
IDOR on HackerOne Embedded Submission Form | https://medium.com/pinoywhitehat/idor-on-hackerone-embedded-submission-form-9e59c6f044b3?source=rss------bug_bounty-5 | Japz Divino | hacking, pinoywhitehat, infosec, bug-bounty | 19-Jun-2024 |
Kraken’s $3 Million Bug Bounty Breach: Ethical Dilemmas and Security Challenges | https://medium.com/@MiamiCryptoCom/krakens-3-million-bug-bounty-breach-ethical-dilemmas-and-security-challenges-cc459b015fd8?source=rss------bug_bounty-5 | Miami Crypto | cryptocurrency-security, kraken, ethical-hacking, bug-bounty | 19-Jun-2024 |
Web App Sec RECON — Black Box Foundations and TTPs | https://medium.com/cyberpower-telenoia/web-app-sec-recon-black-box-foundations-and-ttps-4bf095b7c004?source=rss------bug_bounty-5 | Mateusz (meshcode) | recon, stealth, web-app-security, infosec, bug-bounty | 19-Jun-2024 |
Web App Sec RECON — Black Box Foundations and TTPs | https://medium.com/cyberpower-telenoia/web-app-sec-recon-black-box-foundations-and-ttps-4bf095b7c004?source=rss------bug_bounty-5 | Matty K. | recon, stealth, web-app-security, infosec, bug-bounty | 19-Jun-2024 |
Unmasking the Invisible Threat: The Ultimate Guide to Malware Analysis | https://medium.com/@paritoshblogs/unmasking-the-invisible-threat-the-ultimate-guide-to-malware-analysis-d287c4d74e7d?source=rss------bug_bounty-5 | Paritosh | malware-analysis, cybersecurity, information-technology, malware, bug-bounty | 18-Jun-2024 |
A Comprehensive Guide to Android App Pentesting for Bug Bounty Hunter | https://medium.com/@pankajkryadav1/a-comprehensive-guide-to-android-app-pentesting-for-bug-bounty-hunter-ada51e521814?source=rss------bug_bounty-5 | Pankaj kr Yadav | methodology, bug-bounty, android-pentesting, bug-bounty-tips | 18-Jun-2024 |
Exploring the DAO Hack: Lessons Learned for Web3 Security | https://securrtech.medium.com/exploring-the-dao-hack-lessons-learned-for-web3-security-08d23984af79?source=rss------bug_bounty-5 | Securr | dao, securr, web3, bug-bounty, web3-security | 18-Jun-2024 |
Subdomains Enumeration: Tools, Techniques, and Tips | https://medium.com/@Kaizen2977/subdomains-enumeration-tools-techniques-and-tips-4d43ea31dc0f?source=rss------bug_bounty-5 | kapil Chotalia | infosec, penetration-testing, bug-bounty, subdomain, enumeration | 18-Jun-2024 |
Intentions HackTheBox Walkthrough | https://d3athcod3.medium.com/intentions-hackthebox-walkthrough-ad2eb053e224?source=rss------bug_bounty-5 | D3athCod3 | cybersecurity, ethical-hacking, development, bug-bounty, hackthebox | 18-Jun-2024 |
How I got started in Cyber Security | Getting my first job and How you can too.. | https://captain-pool.medium.com/how-i-got-started-in-cyber-security-getting-my-first-job-and-how-you-can-too-dc52da614d6d?source=rss------bug_bounty-5 | Captain Pool | web-app-security, hackthebox, cybersecurity, bug-bounty, hacking | 18-Jun-2024 |
Server Access: Admin Panel and RFU Bypass | https://zvitox.medium.com/server-access-admin-panel-and-rfu-bypass-45af32057a2d?source=rss------bug_bounty-5 | Mohammad Sadra Naderi | report, tips, security, bug-bounty, hacking | 18-Jun-2024 |
How ChatGPT Turned Me into a Hacker | https://medium.com/@jonathanmondaut/how-chatgpt-turned-me-into-a-hacker-7469d5b43026?source=rss------bug_bounty-5 | Jonathan Mondaut | bug-bounty, openai, large-language-models, hacking, learning | 18-Jun-2024 |
Day 22 of our #CyberQuest1095 Day Challenge | https://d3athcod3.medium.com/day-22-of-our-cyberquest1095-day-challenge-c993ded22604?source=rss------bug_bounty-5 | D3athCod3 | bug-bounty, development, cybersecurity, hacking, challenge | 18-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-5) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-5-efb95db2210b?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-program, bug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-bounty-hunter | 18-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part -4) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-4-00e815fa8026?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-program, bug-bounty-writeup, bug-bounty-tips, bug-bounty-hunter, bug-bounty | 18-Jun-2024 |
29.8 Lab: Bypassing flawed input filters for server-side prototype pollution | https://cyberw1ng.medium.com/29-8-lab-bypassing-flawed-input-filters-for-server-side-prototype-pollution-fa379f811a06?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, hacking, careers, bug-bounty, penetration-testing | 18-Jun-2024 |
Server Access: Admin Panel and RFU Bypass | https://zvitox.medium.com/server-access-admin-panel-and-rfu-bypass-45af32057a2d?source=rss------bug_bounty-5 | Mohammad Sadra Naderi (ZVitoX) | report, tips, security, bug-bounty, hacking | 18-Jun-2024 |
A Learning Journey: Attempting to Turn a WordPress Theme CVE into a PoC | https://medium.com/@motoko_ayanami/a-learning-journey-attempting-to-turn-a-wordpress-theme-cve-into-a-poc-225cde954493?source=rss------bug_bounty-5 | Motoko Ayanami | wordpress, wpscan, hacking, bug-bounty | 18-Jun-2024 |
Demystifying Bug Bounty Hunting: A Deep Dive into Cybersecurity's Hidden Gem | https://medium.com/@biswalsandeep594/demystifying-bug-bounty-hunting-a-deep-dive-into-cybersecuritys-hidden-gem-d8ad2d2d7fcb?source=rss------bug_bounty-5 | Sandeep priyadarshi Biswal | bug-bounty, hacking, cryptocurrency, software-engineering, cybersecurity | 18-Jun-2024 |
Guide to Using Nuclei | https://medium.com/@learntheshell/guide-to-using-nuclei-9c37869be30e?source=rss------bug_bounty-5 | LearnTheShell | bug-bounty, linux, vulnerability-scanning, cybersecurity | 18-Jun-2024 |
Brand-new prototype pollution gadget in MongoDB leading to RCE | https://medium.com/@vuusale/brand-new-prototype-pollution-gadget-in-mongodb-leading-to-rce-8c5e0087c15e?source=rss------bug_bounty-5 | Vuusale | cybersecurity, vulnerability, bug-bounty, npm | 17-Jun-2024 |
Breaking into the VIP Club: A Tale of Parameter Tampering Exploits | https://systemweakness.com/breaking-into-the-vip-club-a-tale-of-parameter-tampering-exploits-83df7b6b9691?source=rss------bug_bounty-5 | Jody ritonga | web, bug-bounty, hacking, bugs, bug-bounty-tips | 17-Jun-2024 |
Understanding Web3 Bug Bounties: How They Enhance Blockchain Security | https://securrtech.medium.com/understanding-web3-bug-bounties-how-they-enhance-blockchain-security-ac9e8361d7cf?source=rss------bug_bounty-5 | Securr | web3, bug-bounty, hacker, web3bugbounty, security | 17-Jun-2024 |
Hunting for Origin IP: A Beginner’s Guide | https://medium.com/@pruthu.raut/hunting-for-origin-ip-a-beginners-guide-70235f3dd415?source=rss------bug_bounty-5 | PRUTHU RAUT | cyber-security-awareness, bug-bounty, cybersecurity, bug-bounty-tips, bug-hunting | 17-Jun-2024 |
29.7 Lab: Detecting server-side prototype pollution without polluted property reflection | https://cyberw1ng.medium.com/29-7-lab-detecting-server-side-prototype-pollution-without-polluted-property-reflection-50e36dbe2629?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, hacking, bug-bounty, penetration-testing, careers | 17-Jun-2024 |
OSINT FOR BUG HUNTER | https://medium.com/@Progsky/osint-for-bug-hunter-4ae5c700a13a?source=rss------bug_bounty-5 | Progsky | osint, hacking, bug-bounty | 17-Jun-2024 |
Cross-Site Scripting via Web Cache Poisoning and WAF bypass | https://ltsirkov.medium.com/cross-site-scripting-via-web-cache-poisoning-and-waf-bypass-6cb3412d9e11?source=rss------bug_bounty-5 | Lyubomir Tsirkov | bug-bounty, bug-bounty-tips | 17-Jun-2024 |
Naabu | https://medium.com/@roymemory2018/naabu-21c5438e05ae?source=rss------bug_bounty-5 | Audity Memory Roy | naabu, port-scanner, kali-tools, bug-bounty, penetration-testing | 17-Jun-2024 |
0xhashimRESETriddle: Vulnerable Web Application | https://medium.com/@hashimamin/0xhashimresetriddle-4f3270411800?source=rss------bug_bounty-5 | Hashim Amin | vulnerability-management, bug-bounty, vulnerability, portswigger, cybersecurity | 17-Jun-2024 |
Brand-new prototype pollution gadget in MongoDB leading to RCE | https://systemweakness.com/brand-new-prototype-pollution-gadget-in-mongodb-leading-to-rce-8c5e0087c15e?source=rss------bug_bounty-5 | Vuusale | cybersecurity, vulnerability, bug-bounty, npm | 17-Jun-2024 |
29.6 Lab: Privilege escalation via server-side prototype pollution | https://cyberw1ng.medium.com/29-6-lab-privilege-escalation-via-server-side-prototype-pollution-4895762ce7d6?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, penetration-testing, careers, hacking | 16-Jun-2024 |
Broken Link Hijacking | https://medium.com/@saeidmicro/broken-link-hijacking-8ff4808a6cd2?source=rss------bug_bounty-5 | Saeid Khater | broken-link-hijacking, bug-bounty, cybersecurity | 16-Jun-2024 |
Bug Zero — This month in CyberSecurity (June 1–15) | https://blog.bugzero.io/bug-zero-this-month-in-cybersecurity-june-1-15-51c4d918b5ae?source=rss------bug_bounty-5 | Akila Maithripala | cybersecurity, bug-zero, newsletter, bug-bounty | 16-Jun-2024 |
Mastering Unauthenticated XSS Detection: Best Burp Suite Configurations for XSS Hunting | https://medium.com/@mayank_prajapati/mastering-unauthenticated-xss-detection-best-burp-suite-configurations-for-xss-hunting-523d78ecfda8?source=rss------bug_bounty-5 | Mayank Kumar Prajapati | bug-bounty, xss-attack, hunting, hacking, penetration-testing | 16-Jun-2024 |
Introducing r3conwhal3: Your Go-To Recon Automation Framework | https://ibrahimtahaistikbal.medium.com/introducing-r3conwhal3-your-go-to-recon-automation-framework-c8840f3a4e0b?source=rss------bug_bounty-5 | İbrahim Taha İstikbal | bug-bounty, security-tool, bug-bounty-tool, penetration-testing, reconnaissance | 16-Jun-2024 |
Direct access to admin dashboard via leaked credentials | https://medium.com/@saeidmicro/direct-access-to-admin-dashboard-via-leaked-credentials-d1ed9bd18edb?source=rss------bug_bounty-5 | Saeid Khater | bug-bounty, cybersecurity | 16-Jun-2024 |
Complex Attack Types: Sample Scenarios 17 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-17-b73b1854ddbd?source=rss------bug_bounty-5 | Baris Dincer | cybersecurity, bug-bounty, threat-intelligence, freedomofinternet, penetration-testing | 16-Jun-2024 |
Hacking (not only) for Money | https://medium.com/@guce/hacking-not-only-for-money-e71d72ab8c55?source=rss------bug_bounty-5 | gu ce | cybersecurity, bug-bounty, bug-bounty-program, vulnerability-assessment | 16-Jun-2024 |
Day 20 of Our #CyberQuest1095 Day Challenge | https://d3athcod3.medium.com/day-20-of-our-cyberquest1095-day-challenge-680fbd060cb5?source=rss------bug_bounty-5 | D3athCod3 | cybersecurity, challenge, penetration-testing, hacker, bug-bounty | 16-Jun-2024 |
Enumeração de subdomínios de diferentes fontes | https://medium.com/@souzaw/enumera%C3%A7%C3%A3o-de-subdom%C3%ADnios-de-diferentes-fontes-9c67f5bc59e3?source=rss------bug_bounty-5 | Wagner Souza | shell, bug-bounty, pentest, osint | 16-Jun-2024 |
Complex Attack Types: Sample Scenarios 18 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-18-efaf527942ba?source=rss------bug_bounty-5 | Baris Dincer | freedomofinternet, bug-bounty, penetration-testing, information-technology, cybersecurity | 16-Jun-2024 |
Secrets in the Wild: Uncovering Hidden Threats | https://medium.com/@dzianisskliar29/secrets-in-the-wild-uncovering-hidden-threats-9b26bf180d0c?source=rss------bug_bounty-5 | Dzianis Skliar | bug-bounty, cybersecurity, threat-intelligence, penetration-testing | 16-Jun-2024 |
Top 10 Search Engines Every Cybersecurity Professional Should Know | https://ikhaleelkhan.medium.com/top-10-search-engines-every-cybersecurity-professional-should-know-ad92a80ce5e6?source=rss------bug_bounty-5 | Khaleel Khan | bug-bounty, ethical-hacking, hacking, cybersecurity, infosec | 15-Jun-2024 |
[Bounty Weekend] View Any User Design With Simple Path Traversal IDOR | https://medium.com/@rifqihz/bounty-weekend-view-any-user-design-with-simple-path-traversal-idor-5fe0f59f56a6?source=rss------bug_bounty-5 | Rifqi Hilmy Zhafrant | hackerone, bug-bounty, broken-access-control | 15-Jun-2024 |
[Bounty Weekend] Possible Code Execution With Integration Script Tampering | https://medium.com/@rifqihz/bounty-weekend-possible-code-execution-with-integration-script-tampering-f38691e99d4b?source=rss------bug_bounty-5 | Rifqi Hilmy Zhafrant | hackerone, bug-bounty, cloud | 15-Jun-2024 |
Unveiling the Secret World of Google Dorks: How Hackers Use These Search Tricks to Access Your… | https://systemweakness.com/unveiling-the-secret-world-of-google-dorks-how-hackers-use-these-search-tricks-to-access-your-117c53c05705?source=rss------bug_bounty-5 | Khaleel Khan | cybersecurity, bug-bounty, infosec, hacking, google | 15-Jun-2024 |
Top 10 Search Engines Every Cybersecurity Professional Should Know | https://medium.com/the-shaco/top-10-search-engines-every-cybersecurity-professional-should-know-ad92a80ce5e6?source=rss------bug_bounty-5 | Khaleel Khan | bug-bounty, ethical-hacking, hacking, cybersecurity, infosec | 15-Jun-2024 |
29.5 Lab: Client-side prototype pollution in third-party libraries | https://cyberw1ng.medium.com/29-5-lab-client-side-prototype-pollution-in-third-party-libraries-e767b8352862?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, penetration-testing, careers, cybersecurity, bug-bounty | 15-Jun-2024 |
Intelligence HackTheBox Walkthrough | Active Directory | https://d3athcod3.medium.com/intelligence-hackthebox-walkthrough-active-directory-d9cb695201ce?source=rss------bug_bounty-5 | D3athCod3 | computer-science, bug-bounty, cybersecurity, hackthebox, hacking | 15-Jun-2024 |
Desvendando uma Vulnerabilidade no Single Sign-On do Facebook: Minha Jornada e Recompensa de $3.000 | https://medium.com/@patrick-mns/desvendando-uma-vulnerabilidade-no-single-sign-on-do-facebook-minha-jornada-e-recompensa-de-3-000-9c1bcd2a9f4d?source=rss------bug_bounty-5 | Patrick Manoel | hackerone, meta, facebook, hacker, bug-bounty | 15-Jun-2024 |
Complex Attack Types: Sample Scenarios 16 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-16-2424fcc0af62?source=rss------bug_bounty-5 | Baris Dincer | bug-bounty, information-technology, freedomofinternet, cybersecurity, penetration-testing | 15-Jun-2024 |
How I hacked a marriage database: tale of IDOR | https://medium.com/@alimuhammadsecured/how-i-hacked-a-marriage-database-tale-of-idor-b4f951d23aa6?source=rss------bug_bounty-5 | Alimuhammadsecured | web-app-security, bug-bounty, penetration-testing, cybersecurity | 14-Jun-2024 |
Postmortem a HTTP Request | https://medium.com/@RaunakGupta1922/postmortem-a-http-request-9599bb9d994b?source=rss------bug_bounty-5 | Raunak Gupta Aka Biscuit | hacking, burpsuite, http-request, web, bug-bounty | 14-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part — 3) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-3-141b7bfa6ed6?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-tips, bug-bounty-writeup, bug-bounty, bug-bounty-hunter, bug-bounty-program | 14-Jun-2024 |
Complex Attack Types: Sample Scenarios 15 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-15-44899075e8fd?source=rss------bug_bounty-5 | Baris Dincer | freedomofinternet, penetration-testing, information-technology, bug-bounty, cybersecurity | 14-Jun-2024 |
How I Discovered a Critical Vulnerability in a Message Tracking System | https://adarshkrduaby.medium.com/how-i-discovered-a-critical-vulnerability-in-a-message-tracking-system-590b3518dcb8?source=rss------bug_bounty-5 | Adarsh Kumar | hacking, bug-report, programming, bug-hunting, bug-bounty | 14-Jun-2024 |
29.4 Lab: DOM XSS via an alternative prototype pollution vector | https://cyberw1ng.medium.com/29-4-lab-dom-xss-via-an-alternative-prototype-pollution-vector-6ad80e62c8c8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, careers, hacking, cybersecurity, penetration-testing | 14-Jun-2024 |
Discovering Critical Security Vulnerabilities: My Journey into Microsoft’s Release Plans Subdomain | https://ibrahimxss.medium.com/discovering-critical-security-vulnerabilities-my-journey-into-microsofts-release-plans-subdomain-c47621b2da2d?source=rss------bug_bounty-5 | #IbrahimXSS | html-injection, microsoft, xss-attack, bug-bounty, stored-xss | 14-Jun-2024 |
How i discovered my first CVE | https://1-day.medium.com/how-i-discovered-my-first-cve-3692fab374ab?source=rss------bug_bounty-5 | 1day | bug-bounty, bug-bounty-tips, cve, bug-hunting, ethical-hacking | 14-Jun-2024 |
Bug bounty: managing disappointment, avoiding burnout and consistent growth | https://medium.com/@un1tycyb3r/bug-bounty-managing-disappointment-avoiding-burnout-and-consistent-growth-df1e6195ca4e?source=rss------bug_bounty-5 | Un1tycyb3r | bug-bounty | 14-Jun-2024 |
Discovering a Reflected XSS Vulnerability: My Journey into Microsoft’s Xbox.com | https://ibrahimxss.medium.com/discovering-a-reflected-xss-vulnerability-my-journey-into-microsofts-xbox-com-d607751be100?source=rss------bug_bounty-5 | #IbrahimXSS | bug-bounty, xss-attack, microsoft, xss-vulnerability, xbox | 14-Jun-2024 |
Discovering 10 XSS Vulnerabilities: My Journey into Microsoft’s Support Platforms | https://ibrahimxss.medium.com/discovering-10-xss-vulnerabilities-my-journey-into-microsofts-support-platforms-b19c4e520c90?source=rss------bug_bounty-5 | #IbrahimXSS | xss-attack, xss-filter-bypass, microsoft, bug-bounty, xss-vulnerability | 14-Jun-2024 |
Discovering Critical Security Vulnerabilities: My Journey into Microsoft’s Tech Community Portal | https://ibrahimxss.medium.com/discovering-critical-security-vulnerabilities-my-journey-into-microsofts-tech-community-portal-068505cd4316?source=rss------bug_bounty-5 | #IbrahimXSS | xss-attack, microsoft, bug-bounty, xss-bypass, xss-vulnerability | 14-Jun-2024 |
Discovering Critical Security Vulnerabilities: My Journey into Microsoft’s Power Apps Portal | https://ibrahimxss.medium.com/discovering-critical-security-vulnerabilities-my-journey-into-microsofts-power-apps-portal-86e28311448e?source=rss------bug_bounty-5 | #IbrahimXSS | xss-attack, xss-vulnerability, bug-bounty, microsoft, xss-filter-bypass | 14-Jun-2024 |
Discovering a Reflected XSS Filter Bypass: My Journey into Microsoft’s Support UAT Subdomain | https://ibrahimxss.medium.com/discovering-a-reflected-xss-filter-bypass-my-journey-into-microsofts-support-uat-subdomain-f9be22d8d795?source=rss------bug_bounty-5 | #IbrahimXSS | microsoft, xss-vulnerability, filter-bypass, xss-bypass, bug-bounty | 14-Jun-2024 |
Discovering a CRLF Injection Vulnerability: My Journey into the MSRC Blog Website | https://ibrahimxss.medium.com/discovering-a-crlf-injection-vulnerability-my-journey-into-the-msrc-blog-website-5285169adddb?source=rss------bug_bounty-5 | #IbrahimXSS | bug-bounty, microsoft, xss-attack, crlf-injection | 14-Jun-2024 |
Discovering a Critical Security Vulnerability: My Journey into Microsoft’s Lists Subdomain | https://ibrahimxss.medium.com/discovering-a-critical-security-vulnerability-my-journey-into-microsofts-lists-subdomain-f3e95ce68929?source=rss------bug_bounty-5 | #IbrahimXSS | bug-bounty, xss-bypass, microsoft, xss-attack, xss-vulnerability | 14-Jun-2024 |
List of Easy P4 $$$$ | https://medium.com/@anonymoustriager/list-of-easy-p4-85ffb9d493ed?source=rss------bug_bounty-5 | Anonymous Triager | hacking, bugbounty-tips, easy-money, bugbounty-writeup, bug-bounty | 13-Jun-2024 |
ICMTC CTF 2023 — International Competition of the Military Technical College | https://0xm4r5h4l.medium.com/icmtc-ctf-2023-international-competition-of-the-military-technical-college-65788f3c01a0?source=rss------bug_bounty-5 | 0xM4r5h4l | ctf-writeup, bug-bounty, ctf, ctf-walkthrough, cybersecurity | 13-Jun-2024 |
The Best Games for Practicing Game Hacking | https://medium.com/@MrRipperoni/the-best-games-for-practicing-game-hacking-baba13493db8?source=rss------bug_bounty-5 | Mr.Ripperoni | bug-bounty, reverse-engineering, hacking, gamehacking, coding | 13-Jun-2024 |
Path Traversal and RCE in Online Compilers | https://medium.com/@amal_n47h/path-traversal-and-rce-in-online-compilers-454a446effca?source=rss------bug_bounty-5 | Amal Nath | rce, online-compiler, bug-bounty, path-traversal, vulnerability | 13-Jun-2024 |
Hacking Using Shodan | https://medium.com/@umarhere4u/hacking-using-shodan-3c4d46df81df?source=rss------bug_bounty-5 | Mohammad Umar Kachi | shodan, cybersecurity, bug-bounty, tips, search-engine-optimizati | 13-Jun-2024 |
Understanding and Mitigating Cross-Site Request Forgery (CSRF) | https://medium.com/technology-hits/understanding-and-mitigating-cross-site-request-forgery-csrf-399d26627e60?source=rss------bug_bounty-5 | Yeu Lind Yeo | web-security, csrf, cybersecurity-awareness, bug-bounty, hacker | 13-Jun-2024 |
Stealing credentials using XSS (xss on login page) Your password my password . | https://medium.com/@brutal_panda/stealing-credentials-using-xss-xss-on-login-page-your-password-my-password-059354240801?source=rss------bug_bounty-5 | Eliezer Binyam | bug-bounty | 13-Jun-2024 |
Interview with Georgi Krastenov: Diving Deep into Web3 Security | https://web3-bug-bounty-platform.medium.com/interview-with-georgi-krastenov-diving-deep-into-web3-security-f6fae1f290f1?source=rss------bug_bounty-5 | Bug Bounty Platform | security-audit, web3, bug-bounty, cybersecurity | 13-Jun-2024 |
Finding the newest and top-rated cybersecurity tools and content. | https://medium.com/@turvsec/finding-the-newest-and-top-rated-cybersecurity-tools-and-content-a06c9cb54e41?source=rss------bug_bounty-5 | TurvSec | pentesting, bug-bounty, cybersecurity, infosec | 13-Jun-2024 |
Direct SSRF Leads to Exposing GitHub Codespaces Sensitive Metadata Instance on Azure Cloud | https://ph-hitachi.medium.com/direct-ssrf-leads-to-exposing-github-codespaces-sensitive-metadata-instance-on-azure-cloud-eb8ac4f076b1?source=rss------bug_bounty-5 | Ph.Hitachi | ssrf, bug-bounty, tips-and-tricks, metadata | 13-Jun-2024 |
Hata Ödül Programları: Dış Kaynak Kullanımı Projenize Nasıl Yardımcı Olabilir? | https://medium.com/@integriteetr/hata-%C3%B6d%C3%BCl-programlar%C4%B1-d%C4%B1%C5%9F-kaynak-kullan%C4%B1m%C4%B1-projenize-nas%C4%B1l-yard%C4%B1mc%C4%B1-olabilir-9e55995ec74a?source=rss------bug_bounty-5 | Integriteetr | bug-bounty, immunefi, blockchain | 13-Jun-2024 |
29.3 Lab: Client-side prototype pollution via flawed sanitization | https://cyberw1ng.medium.com/29-3-lab-client-side-prototype-pollution-via-flawed-sanitization-ce78a48758fa?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, penetration-testing, careers, bug-bounty, hacking | 13-Jun-2024 |
Breaking Business Logic — Part: 42–4= 2 | https://thehemdeep.medium.com/breaking-business-logic-part-42-4-2-d8509ef70436?source=rss------bug_bounty-5 | Hemdeep Gamit | web-penetration-testing, web-security-testing, web-security, bug-bounty | 13-Jun-2024 |
You Won’t Believe What We Found Using Shodan! | https://medium.com/@paritoshblogs/you-wont-believe-what-we-found-using-shodan-e796e13417a3?source=rss------bug_bounty-5 | Paritosh | cybersecurity, bug-bounty, information-security, hacking, shodan | 12-Jun-2024 |
Using Shodan to Find and Exploit FTP Servers with Anonymous Access: A Step-by-Step Guide | https://systemweakness.com/using-shodan-to-find-and-exploit-ftp-servers-with-anonymous-access-a-step-by-step-guide-86a5b6e72f75?source=rss------bug_bounty-5 | Khaleel Khan | ethical-hacking, pentesting, hacking, bug-bounty, ctf-writeup | 12-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part-2) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-2-ef65d69de157?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-program, bug-bounty, bug-bounty-writeup, bug-bounty-hunter, bug-bounty-tips | 12-Jun-2024 |
Hacking the Imaginary: A Journey to Discovering a Blind SSRF | https://medium.com/@kandar.souvik6/hacking-the-imaginary-a-journey-to-discovering-a-blind-ssrf-657aac60d8d0?source=rss------bug_bounty-5 | hacker_might | penetration-testing, server-side-request, ssrf, bug-bounty, imaginaries | 12-Jun-2024 |
Securing 10,000+ Restaurants’ Customer PII Data | https://infosecwriteups.com/securing-10-000-restaurants-customer-pii-data-60013c9b44dc?source=rss------bug_bounty-5 | Renganathan | it-solutions, information-technology, bug-bounty, cybersecurity, bug-bounty-tips | 12-Jun-2024 |
29.2 Lab: DOM XSS via client-side prototype pollution | https://cyberw1ng.medium.com/29-2-lab-dom-xss-via-client-side-prototype-pollution-ebee89f58933?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, careers, hacking, bug-bounty, penetration-testing | 12-Jun-2024 |
ExtPenPy: Accelerate Your Reconnaissance Phase with Ease | https://medium.com/@maliktawfiq12/extpenpy-accelerate-your-reconnaissance-phase-with-ease-e79a164d4f68?source=rss------bug_bounty-5 | Maliktawfiq | cybersecurity, penetration-testing, bug-bounty-tips, bug-bounty, external-pentest | 12-Jun-2024 |
Securing 10,000+ Restaurants’ Customer PII Data | https://renganathanofficial.medium.com/securing-10-000-restaurants-customer-pii-data-60013c9b44dc?source=rss------bug_bounty-5 | Renganathan | it-solutions, information-technology, bug-bounty, cybersecurity, bug-bounty-tips | 12-Jun-2024 |
How I get an easy Blind SSRF by just reading writeups | https://medium.com/@mohamed0xmuslim/how-i-get-an-easy-blind-ssrf-by-just-reading-writeups-a5459bbdf96d?source=rss------bug_bounty-5 | Muhammad_Mostafa | bug-bounty, bugbounty-writeup, bug-bounty-tips | 12-Jun-2024 |
HackerOne’s Double Standards: A Security Researcher’s Nightmare | https://medium.com/@redworld/hackerones-double-standards-a-security-researcher-s-nightmare-642be91ca64b?source=rss------bug_bounty-5 | Red | cybersecurity, bug-bounty, hackerone, scam-alert, scam | 11-Jun-2024 |
Account Takeover (ATO) Checklist | https://medium.com/@anonymoustriager/account-takeover-ato-checklist-f67d2543b01f?source=rss------bug_bounty-5 | Anonymous Triager | bug-bounty-program, bug-bounty-writeup, bugbounty-tips, bugbounty-poc, bug-bounty | 11-Jun-2024 |
BBB #2 — Introducing Daneel | https://medium.com/@JakobTheDev/bbb-2-introducing-daneel-69a391294654?source=rss------bug_bounty-5 | Jakob Pennington | software-development, bug-bounty | 11-Jun-2024 |
How I found OpenHAB Automation Panels Accessible Without Authentication | https://medium.com/@jeetpal2007/how-i-found-openhab-automation-panels-accessible-without-authentication-d9edbb3280fd?source=rss------bug_bounty-5 | JEETPAL | bug-bounty-writeup, bug-bounty, authentication-bypass, bugbounty-tips, openhab-panel | 11-Jun-2024 |
How to exploit CVE-2024–24919 path traversal | https://medium.com/@jeetpal2007/how-to-exploit-cve-2024-24919-path-traversal-5493c50d2581?source=rss------bug_bounty-5 | JEETPAL | bug-bounty, bug-bounty-writeup, bug-bounty-tips, path-traversal, cve-2024-24919 | 11-Jun-2024 |
Forensic Investigation Operations — Basic Linux File System Analysis | https://medium.com/@brsdncr/forensic-investigation-operations-basic-linux-file-system-analysis-52025d7b2ec2?source=rss------bug_bounty-5 | Baris Dincer | forensics, penetration-testing, bug-bounty, freedomofinternet, cybersecurity | 11-Jun-2024 |
1250 $ For 3 Stored XSS AND PII Disclosure , Let’s See How FIS Scammed Me AND Bugcrowd Covered It… | https://medium.com/@0xAwali/1250-for-3-stored-xss-and-pii-disclosure-lets-see-how-fis-scammed-me-and-bugcrowd-covered-it-8561d9ce57b5?source=rss------bug_bounty-5 | Mahmoud M. Awali | bug-bounty | 11-Jun-2024 |
Explaining the OWASP ZAP Proxy & Burp Suite tool in one video in just one hour | https://gentilsecurity.medium.com/explaining-the-owasp-zap-proxy-burp-suite-tool-in-one-video-in-just-one-hour-537bd7801134?source=rss------bug_bounty-5 | GenTiL | owaspzap, automation-testing, burpsuite, penetration-testing, bug-bounty | 11-Jun-2024 |
شرح اداة OWASP ZAP Proxy & Burp Suite في فيديو واحد في ساعة واحدة فقط | https://gentilsecurity.medium.com/%D8%B4%D8%B1%D8%AD-%D8%A7%D8%AF%D8%A7%D8%A9-owasp-zap-proxy-burp-suite-%D9%81%D9%8A-%D9%81%D9%8A%D8%AF%D9%8A%D9%88-%D9%88%D8%A7%D8%AD%D8%AF-%D9%81%D9%8A-%D8%B3%D8%A7%D8%B9%D8%A9-%D9%88%D8%A7%D8%AD%D8%AF%D8%A9-%D9%81%D9%82%D8%B7-4e4c5e1142bf?source=rss------bug_bounty-5 | GenTiL | owaspzap, automation-testing, bug-bounty, penetration-testing, burpsuite | 11-Jun-2024 |
29.1 Lab: Client-side prototype pollution via browser APIs | https://cyberw1ng.medium.com/29-1-lab-client-side-prototype-pollution-via-browser-apis-642e91b8159d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, hacking, bug-bounty, penetration-testing, cybersecurity | 11-Jun-2024 |
Uncovering Hidden Web Content with ffuf | https://medium.com/@umang.gulati19/uncovering-hidden-web-content-with-ffuf-55d29b21e627?source=rss------bug_bounty-5 | Math and Code | cybersecurity, bug-bounty, webfuzzing, web-security, infosec | 11-Jun-2024 |
OWASP Mobile Top 10 for Android Penetration Testing and Checklist | https://medium.com/@phyowathone/owasp-mobile-top-10-52987725a12c?source=rss------bug_bounty-5 | Phyo WaThone Win | bug-bounty, bug-bounty-tips, androidhacking, android-security, android-pentesting-series | 11-Jun-2024 |
Understand the world of Bug Bounty | https://medium.com/@hydd3n.sec/understand-the-world-of-bug-bounty-595c99b6782d?source=rss------bug_bounty-5 | Hydd3n | mindset, bug-bounty, infosec, goals | 10-Jun-2024 |
Automation Tool for Easy P4 | https://medium.com/@anonymoustriager/automation-tool-for-easy-p4-c159bcae0cf2?source=rss------bug_bounty-5 | Anonymous Triager | bugbounty-tips, bug-bounty-program, hacking, bug-bounty, bugbounty-writeup | 10-Jun-2024 |
28.5 Lab: Server-side template injection with information disclosure via user-supplied objects | https://cyberw1ng.medium.com/28-5-lab-server-side-template-injection-with-information-disclosure-via-user-supplied-objects-bbb18def43e1?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, hacking, careers, penetration-testing | 10-Jun-2024 |
Communication and Network Security | https://medium.com/@paritoshblogs/communication-and-network-security-bb6c5558aa51?source=rss------bug_bounty-5 | Paritosh | cybersecurity, communication, bug-bounty, network-security, hacking | 10-Jun-2024 |
Top 10 Cybersecurity Vulnerabilities and it’s Mitigation Methods | https://securrtech.medium.com/top-10-cybersecurity-vulnerabilities-and-its-mitigation-methods-0a5d75aceb34?source=rss------bug_bounty-5 | Securr | bug-bounty, cybersecurity, xss-attack, hacking, vulnerability | 10-Jun-2024 |
Become a White Hat: Your Guide to Learning Ethical Hacking | https://medium.com/@itsamanyadav/become-a-white-hat-your-guide-to-learning-ethical-hacking-022842c49eec?source=rss------bug_bounty-5 | Its Aman Yadav | hacker, cybersecurity, hacking, learn-ethical-hacking, bug-bounty | 10-Jun-2024 |
Why Bad Reviews Can Kill Your Software | https://medium.com/@joseph_52850/why-bad-reviews-can-kill-your-software-928f4af30a53?source=rss------bug_bounty-5 | Joseph Lacsamana | software-testing, software-development, bug-bounty, software-company, software-engineering | 10-Jun-2024 |
I reported Zero-Day (CVE-2024–24919) … and got informative. | https://systemweakness.com/i-reported-zero-day-cve-2024-24919-and-got-informative-25409fac9765?source=rss------bug_bounty-5 | Sumedh Dawadi | cve-2024-24919, recon, hacking, zero-day-vulnerability, bug-bounty | 10-Jun-2024 |
POC — CVE-2024–4956 -Unauthenticated Path Traversal | https://medium.com/@verylazytech/poc-cve-2024-4956-unauthenticated-path-traversal-f24b1a595e0e?source=rss------bug_bounty-5 | Very Lazy Tech | hacking, bug-bounty, cve-2023-4966, vulnerability, cybersecurity | 10-Jun-2024 |
Bug Bounty Programs: How Outsourcing Can Help Your Project | https://medium.com/integritee/bug-bounty-programs-how-outsourcing-can-help-your-project-644539de575a?source=rss------bug_bounty-5 | Integritee Network | blockchain, bug-bounty, immunefi | 10-Jun-2024 |
How I Found My First Bug Through Simple Fuzzing | https://medium.com/@hashimamin/how-i-found-my-first-bug-through-simple-fuzzing-c7d694a59a6b?source=rss------bug_bounty-5 | Hashim Amin | bugbounty-writeup, bug-bounty-tips, bugcrowd, bug-bounty, infosec | 10-Jun-2024 |
Bug Bounty Hunting — Complete Guide (Part -1) | https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-1-21a87e35fdfa?source=rss------bug_bounty-5 | Mehedi Hasan Rafid | bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter, bug-bounty, hacking | 09-Jun-2024 |
How to Identify Vulnerable Hikvision Devices (IoT) to CVE-2017–7921 | https://blog.bugzero.io/how-to-identify-vulnerable-hikvision-devices-iot-to-cve-2017-7921-88b294645687?source=rss------bug_bounty-5 | Kawya De Silva | hikvison-cameras, security-alert, cybersecurity, bug-zero, bug-bounty | 09-Jun-2024 |
How to Become a Hacker in 2024: A Comprehensive Guide | https://medium.com/@itsamanyadav/how-to-become-a-hacker-in-2024-a-comprehensive-guide-9bae6cfa6b15?source=rss------bug_bounty-5 | Its Aman Yadav | bug-bounty, become-a-hacker, hacker-in-2024, how-to-be-a-hacker, hacking-courses | 09-Jun-2024 |
Discovering a vulnerability in HackerOne | https://medium.com/@loaymorad11/discovering-a-vulnerability-in-hackerone-00bbfc438d90?source=rss------bug_bounty-5 | Loaymorad | penetration-testing, hackerone, bug-bounty, cybersecurity | 09-Jun-2024 |
Advanced Exploitation Techniques for Bug Bounty: Beyond the Basics | https://medium.com/@verylazytech/advanced-exploitation-techniques-for-bug-bounty-beyond-the-basics-2ee9cbc12773?source=rss------bug_bounty-5 | Very Lazy Tech | cyber, hacking, cybersecurity, bug-bounty, exploit | 09-Jun-2024 |
28.4 Lab: Server-side template injection in an unknown language with a documented exploit | https://cyberw1ng.medium.com/28-4-lab-server-side-template-injection-in-an-unknown-language-with-a-documented-exploit-df988ccf6277?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, careers, penetration-testing, cybersecurity, bug-bounty | 09-Jun-2024 |
Complex Attack Types: Sample Scenarios 13 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-13-8a5008c396db?source=rss------bug_bounty-5 | Baris Dincer | freedomofinternet, bug-bounty, cybersecurity, threat-intelligence, penetration-testing | 09-Jun-2024 |
STRIPE API-Key Disclosure to Bounty | https://starlox.medium.com/stripe-api-key-disclosure-to-bounty-239d069f2455?source=rss------bug_bounty-5 | #$ubh@nk@r | bug-bounty, hacking, infosec, bug-hunting, information-disclosure | 09-Jun-2024 |
HOW I HACKED NASA? | https://infosecwriteups.com/how-i-hacked-nasa-0715b6b5d7b8?source=rss------bug_bounty-5 | Krishnadev P Melevila | bug-bounty, hallof-fame, vdp, cybersecurity, nasa | 09-Jun-2024 |
Day 13 of Our #CyberQuest1095 Challenge — Rust, Hack The Box, and Active Directory Adventures! | https://d3athcod3.medium.com/day-13-of-our-cyberquest1095-challenge-rust-hack-the-box-and-active-directory-adventures-442cd2c48f41?source=rss------bug_bounty-5 | D3athCod3 | bug-bounty, challenge, hacking, cybersecurity, cyberquest1095 | 09-Jun-2024 |
Walk-Through of Bepractical.tech lab #4 | https://medium.com/@ross.jubert/walk-through-of-bepractical-tech-lab-4-bd4a96dc56bd?source=rss------bug_bounty-5 | Ross Jubert | bug-bounty, red-team, account-takeover, ethical-hacking, account-takeover-attacks | 09-Jun-2024 |
The Ultimate Guide to Chaining Bugs: How I Found a Reverse Shell in a Bug Bounty Program | https://b0mk35h.medium.com/the-ultimate-guide-to-chaining-bugs-how-i-found-a-reverse-shell-in-a-bug-bounty-program-9dca54c20674?source=rss------bug_bounty-5 | Pronay Biswas | ethical-hacking, hunting, bug-bounty, cyberse, xss-attack | 09-Jun-2024 |
How to preform recon in Bug Bounty? | https://systemweakness.com/how-to-preform-recon-in-bug-bounty-8d37a1fd262f?source=rss------bug_bounty-5 | Imad Husanovic | programming, cybersecurity, hacking, bug-bounty-tips, bug-bounty | 09-Jun-2024 |
ʟᴀɴᴢᴀᴍɪᴇɴᴛᴏ ɪɴᴄᴇɴᴛɪᴠᴀᴅᴏ ᴅᴇ ᴛᴇsᴛɴᴇᴛ | https://medium.com/@Tallomania/%CA%9F%E1%B4%80%C9%B4%E1%B4%A2%E1%B4%80%E1%B4%8D%C9%AA%E1%B4%87%C9%B4%E1%B4%9B%E1%B4%8F-%C9%AA%C9%B4%E1%B4%84%E1%B4%87%C9%B4%E1%B4%9B%C9%AA%E1%B4%A0%E1%B4%80%E1%B4%85%E1%B4%8F-%E1%B4%85%E1%B4%87-%E1%B4%9B%E1%B4%87s%E1%B4%9B%C9%B4%E1%B4%87%E1%B4%9B-df0c7d1e77cd?source=rss------bug_bounty-5 | Ay Zed | rewards, testnet, bug-bounty, ai | 09-Jun-2024 |
[Bounty Weekend] Disable Any Customer Ability To Create Service Account With Business Logic… | https://medium.com/@rifqihz/bounty-weekend-disable-any-customer-ability-to-create-service-account-with-business-logic-b83baa893b4d?source=rss------bug_bounty-5 | Rifqi Hilmy Zhafrant | bug-bounty-tips, penetration-testing, hackerone, bug-bounty | 08-Jun-2024 |
[Bounty Weekend] CTF Level XSS in a Real-World Application | https://medium.com/@rifqihz/bounty-weekend-ctf-level-xss-in-a-real-world-application-7a9278bc7018?source=rss------bug_bounty-5 | Rifqi Hilmy Zhafrant | hackerone, penetration-testing, bug-bounty-tips, bug-bounty | 08-Jun-2024 |
How to Find Bugs and Get Bucks: 2024 Edition | https://medium.com/@itsamanyadav/how-to-find-bugs-and-get-bucks-2024-edition-776c5b098b3e?source=rss------bug_bounty-5 | Its Aman Yadav | bug-bounty, how-to-find-bug, 2024, how-to-be-a-hacker, hacking | 08-Jun-2024 |
Capturing Android App Traffic via Wireshark - Android Pentesting | https://medium.com/@phyowathone/capturing-android-app-traffic-via-wireshark-android-pentesting-d0ee1539089f?source=rss------bug_bounty-5 | Phyo WaThone Win | cybersecurity, android-pentesting, bug-bounty-hunting, pentesting, bug-bounty | 08-Jun-2024 |
28.3 Lab: Server-side template injection using documentation | https://cyberw1ng.medium.com/28-3-lab-server-side-template-injection-using-documentation-3e8f761b0ca8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, careers, cybersecurity, penetration-testing | 08-Jun-2024 |
Day 12 of Our #CyberQuest1095 Day Challenge | https://d3athcod3.medium.com/day-12-of-our-cyberquest1095-day-challenge-977225c7ce97?source=rss------bug_bounty-5 | D3athCod3 | cyberquest1095, security, cybersecurity, hacking, bug-bounty | 08-Jun-2024 |
Abusing auto mail responders to access internal workplaces | https://rikeshbaniya.medium.com/abusing-auto-mail-responders-to-access-internal-workplaces-04fcc8ba2c99?source=rss------bug_bounty-5 | Rikesh Baniya | bounties, pentest, hackerone, bounty-reward, bug-bounty | 08-Jun-2024 |
POV HTB Writeup | https://medium.com/@damaidec/pov-htb-writeup-becf386c6dc0?source=rss------bug_bounty-5 | Damaidec | hacking, ethical-hacking, bug-bounty, hackthebox, ctf-writeup | 08-Jun-2024 |
Super Blind SQL Injection- $20000 bounty | Thousands of targets still vulnerable | https://medium.com/@pranshux0x/super-blind-sql-injection-20000-bounty-thousands-of-targets-still-vulnerable-f9b013765448?source=rss------bug_bounty-5 | priyanshu shakya | bug-bounty | 08-Jun-2024 |
Create Your Own Public-Private Key Pair in Just 5 Minutes! (Cybersecurity) | https://medium.com/@paritoshblogs/create-your-own-public-private-key-pair-in-just-5-minutes-cybersecurity-535038665ad9?source=rss------bug_bounty-5 | Paritosh | hacking, keys, cryptography, cybersecurity, bug-bounty | 08-Jun-2024 |
Vulnerable WordPress May 2024 (Leylan) | https://medium.com/@onhexgroup/vulnerable-wordpress-may-2024-leylan-bd429d56d300?source=rss------bug_bounty-5 | Onhexgroup | wordpress-security, infosec, wordpress, bug-bounty, web-security | 08-Jun-2024 |
Cracking the Code: How Cryptography Safeguards Your Digital World | https://medium.com/@paritoshblogs/cracking-the-code-how-cryptography-safeguards-your-digital-world-c1c1887c84ae?source=rss------bug_bounty-5 | Paritosh | bug-bounty, information-technology, cryptography, hacking, cybersecurity | 07-Jun-2024 |
I got my First Bounty $$$ after three years of hard work | https://medium.com/@mr_ayyan/i-got-my-first-bounty-after-three-years-of-hard-work-856c43bbb6c1?source=rss------bug_bounty-5 | Mrayyanirfan | bounty-program, rewards-programs, vulnerability, bug-bounty, first-bounty | 07-Jun-2024 |
JS for Bug Bounties 2.0 Extreme Edition 2024 | https://kongsec.medium.com/js-for-bug-bounties-2-0-extreme-edition-2024-f167fa48276a?source=rss------bug_bounty-5 | Kongsec | recon, bugcrowd, hackerone, javascript, bug-bounty | 07-Jun-2024 |
28.2 Lab: Basic server-side template injection (code context) | https://cyberw1ng.medium.com/28-2-lab-basic-server-side-template-injection-code-context-2a927ed117e6?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, bug-bounty, penetration-testing, hacking | 07-Jun-2024 |
Simulating a Ransomware Attack with Caldera. | https://medium.com/@josh.beck2006/simulating-a-ransomware-attack-with-caldera-3d77d0cb95d2?source=rss------bug_bounty-5 | Josh Beck | cybersecurity, penetration-testing, ctf, bug-bounty | 07-Jun-2024 |
Hacking Porn and Dating sites — a Theme Based Bugbounty Hunting | https://medium.com/@nithissh/hacking-porn-and-dating-sites-a-theme-based-bugbounty-hunting-d024b8137bc7?source=rss------bug_bounty-5 | Nithissh | bugbounty-writeup, research, bug-bounty | 07-Jun-2024 |
Complex Attack Types: Sample Scenarios 12 | https://medium.com/@brsdncr/complex-attack-types-sample-scenarios-12-0d93a70ee8f4?source=rss------bug_bounty-5 | Baris Dincer | cybersecurity, freedomofinternet, bug-bounty, penetration-testing, threat-intelligence | 07-Jun-2024 |
Another Easy P4 you miss!!! | https://medium.com/@anonymoustriager/another-easy-p4-you-miss-dcadf65adbcb?source=rss------bug_bounty-5 | Anonymous Triager | bugbounty-poc, bugs, bug-bounty, bug-bounty-tips, bug-bounty-hunter | 06-Jun-2024 |
Unlock Any PC Remotely with Just an Image: The Ultimate VNC Hack! | https://medium.com/@paritoshblogs/unlock-any-pc-remotely-with-just-an-image-the-ultimate-vnc-hack-a92b22637094?source=rss------bug_bounty-5 | Paritosh | cybersecurity, remote-working, hacking, vnc, bug-bounty | 06-Jun-2024 |
The only recon methodology you need. | https://an0nbil.medium.com/the-only-recon-methodology-you-need-cf6c3aff1af1?source=rss------bug_bounty-5 | an0nbil | ethical-hacking, bug-bounty, bug-bounty-tips, reconnaissance, programming | 06-Jun-2024 |
Decimal x Securr | https://decimalchain.medium.com/decimal-x-securr-96114c277d70?source=rss------bug_bounty-5 | DecimalChain | bug-bounty, decimal, securr | 06-Jun-2024 |
Scope Sentry is a tool with functions such as asset mapping… | https://medium.com/@Autumn52/scope-sentry-is-a-tool-with-functions-such-as-asset-mapping-fe0af70ace0a?source=rss------bug_bounty-5 | Autumn | hacker, hackathons, bug-bounty, tools, bug-bounty-tips | 06-Jun-2024 |
Securing the Future: Understanding Vulnerabilities in Large Language Models | https://medium.com/@tusharsaini484/securing-the-future-understanding-vulnerabilities-in-large-language-models-13bbfeac95cf?source=rss------bug_bounty-5 | Tushar Saini | blog, artificial-intelligence, bug-bounty, large-language-models, cybersecurity | 06-Jun-2024 |
Bug bounty — Cybersecurity subcontractor exposes business data to other customers | https://theclemvp.medium.com/bug-bounty-cybersecurity-subcontractor-exposes-business-data-to-other-customers-d8e1a011ff4b?source=rss------bug_bounty-5 | Clément | cybersecurity, bug-bounty | 06-Jun-2024 |
28.1 Lab: Basic Server-side template injection | https://cyberw1ng.medium.com/28-1-lab-basic-server-side-template-injection-0744f96c74b8?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, bug-bounty, hacking, careers, penetration-testing | 06-Jun-2024 |
Understanding Cybersecurity : Keeping Our Digital World Safe | https://adnancodestech.medium.com/understanding-cybersecurity-keeping-our-digital-world-safe-1abdd2876a7c?source=rss------bug_bounty-5 | Cryptify | cybersecurity, penetration-testing, bug-bounty-tips, bug-bounty, pentesting | 06-Jun-2024 |
Getting started with Bug Bounty | https://securrtech.medium.com/getting-started-with-bug-bounty-8fd72650184f?source=rss------bug_bounty-5 | Securr | web3, cybersecurity, ai, bug-bounty, learn | 06-Jun-2024 |
Discovering a Critical Vulnerability in application : The Journey of an Accidental Admin | https://adarshkrduaby.medium.com/discovering-a-critical-vulnerability-in-application-the-journey-of-an-accidental-admin-1aebe9d31e09?source=rss------bug_bounty-5 | Adarsh Kumar | bug-zero, cyber-security-research, critical-vulnerabilities, securityflaw, bug-bounty | 06-Jun-2024 |
Stored XSS to Account Takeover (AWS Cognito) | https://medium.com/@majix_de/stored-xss-to-account-takeover-aws-cognito-c5f76f04befe?source=rss------bug_bounty-5 | Majix | cybersecurity, account-takeover, pentest, bug-bounty, cognito | 06-Jun-2024 |
Easy Latest Critical Severity? | https://medium.com/@anonymoustriager/easy-latest-critical-severity-fc9413d57d80?source=rss------bug_bounty-5 | Anonymous Triager | hacking, bug-bounty, bug-bounty-tips, bugbounty-writeup, bug-bounty-program | 05-Jun-2024 |
Active Directory Red Teaming: A Comprehensive Guide | https://medium.com/@paritoshblogs/active-directory-red-teaming-a-comprehensive-guide-06b1f008d0d4?source=rss------bug_bounty-5 | Paritosh | bug-bounty, cybersecurity, hacking, information-technology, active-directory | 05-Jun-2024 |
EMPIRE CTF: LUPINONE VulnHub Walkthrough | Writeup | https://shamsulmehmood.medium.com/empire-ctf-lupinone-vulnhub-walkthrough-writeup-bea8558ea03b?source=rss------bug_bounty-5 | SHAMS UL MEHMOOD | bug-bounty, pentesting, cybersecurity, machine-learning, hacking | 05-Jun-2024 |
Master Bug Bounty Hunting: Your Comprehensive Bug Bounty Course in Hindi | https://medium.com/@marketing_94387/master-bug-bounty-hunting-your-comprehensive-bug-bounty-course-in-hindi-ab990527f9b0?source=rss------bug_bounty-5 | Skilcamp | online-learning-platform, bug-bounty-tips, skilcamp, bug-bounty | 05-Jun-2024 |
27.5 Lab: DOM-based cookie manipulation | https://cyberw1ng.medium.com/27-5-lab-dom-based-cookie-manipulation-b939af57ef06?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, penetration-testing, bug-bounty, careers, hacking | 05-Jun-2024 |
SmartAuditor.AI and new ChatGPT bot for audits | https://medium.com/@bugbountydegen/smartauditor-ai-and-new-chatgpt-bot-for-audits-a8361ec7f52d?source=rss------bug_bounty-5 | Bug Bounty Degen | openai, smart-contracts, bug-bounty, cybersecurity, chatgpt | 05-Jun-2024 |
CVE-2024–4358 Critical Flaw Found in Progress Telerik Report Server | https://medium.com/@arafatx90n/cve-2024-4358-critical-flaw-found-in-progress-telerik-report-server-0f379f844819?source=rss------bug_bounty-5 | ARAFAT | ethical-hacking, bug-bounty, cybersecurity | 05-Jun-2024 |
Insecure Firebase Unauthorized Write Access on Crypto Exchange Bug Bounty | https://scr1pty.medium.com/insecure-firebase-unauthorized-write-access-on-crypto-exchange-bug-bounty-9e9187b627b1?source=rss------bug_bounty-5 | Scr1pty | penetration-testing, bug-bounty-tips, crypto, bug-bounty, security | 05-Jun-2024 |
Another Easy P4? | https://medium.com/@anonymoustriager/another-easy-p4-ceaa67ef7e52?source=rss------bug_bounty-5 | Anonymous Triager | bugbounty-writeup, bug-bounty-tips, bug-bounty-program, cybersecurity, bug-bounty | 05-Jun-2024 |
CVE-2024–4956: UNAUTHENTICATED PATH TRAVERSAL IN NEXUS REPOSITORY MANAGER 3 | https://codewithvamp.medium.com/cve-2024-4956-unauthenticated-path-traversal-in-nexus-repository-manager-3-b4e811ad7e37?source=rss------bug_bounty-5 | Vaibhav Kumar Srivastava | bug-bounty, cve, coding, hacking, cybersecurity | 05-Jun-2024 |
Easiest P4? | https://medium.com/@anonymoustriager/easiest-p4-feb9e9302562?source=rss------bug_bounty-5 | Anonymous Triager | bug-bounty-tips, hacking, swag, bounty-program, bug-bounty | 04-Jun-2024 |
My report on using lubuntu 24.04 | https://ariedwikusuma9.medium.com/my-report-on-using-lubuntu-24-04-3040bbdb9bab?source=rss------bug_bounty-5 | Ariekusuma | bug-bounty, ubuntu, wireguard, lubuntu, linux | 04-Jun-2024 |
The Chronicle Protocol Bug Bounty is Live | https://medium.com/@ChronicleProtocol/the-chronicle-protocol-bug-bounty-is-live-05b5332e6c76?source=rss------bug_bounty-5 | Chronicle Protocol | oracle, bug-bounty, blockchain, cantina, chronicle-protocol | 04-Jun-2024 |
Hacking Android Apps: A Comprehensive Guide | https://medium.com/@roguepayload/hacking-android-apps-a-comprehensive-guide-9905c075021f?source=rss------bug_bounty-5 | Rogue Payload | hacking, bug-bounty-tips, pentesting, android, bug-bounty | 04-Jun-2024 |
27.4 Lab: DOM-based open redirection | https://cyberw1ng.medium.com/27-4-lab-dom-based-open-redirection-e00e760c9046?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, cybersecurity, hacking, penetration-testing, bug-bounty | 04-Jun-2024 |
How We Got $$$$$ For a Blind Stored XSS To ATO | https://medium.com/@shari7a0x/how-we-got-for-a-blind-stored-xss-to-ato-2e9b939055ec?source=rss------bug_bounty-5 | Shari7a0x | bugs, hackerone, bug-bounty-tips, bug-bounty, xss-attack | 04-Jun-2024 |
Exposing Login Page Vulnerabilities with Time-Based SQL Injection | https://medium.com/@sachinkewat809/exposing-login-page-vulnerabilities-with-time-based-sql-injection-694a04911e93?source=rss------bug_bounty-5 | Sachin kewat | bug-bounty-tips, cybersecurity, penetration-testing, bug-bounty, security | 03-Jun-2024 |
How I Got My First €€€€ Bounty | https://machiavellli.medium.com/how-i-got-my-first-bounty-65ad8a1763de?source=rss------bug_bounty-5 | Machiavelli | cybersecurity, bug-bounty, information-security | 03-Jun-2024 |
Earning Your First $1000 as a Cybersecurity Researcher, Hacker, or Hunter | https://securrtech.medium.com/earning-your-first-1000-as-a-cybersecurity-researcher-hacker-or-hunter-8532bcaa48b6?source=rss------bug_bounty-5 | Securr | dollar, cyber-security-awareness, earn, bug-bounty, web-development | 03-Jun-2024 |
My First Finding Bug on a Bugcrowd BBP | https://medium.com/@bhuiyanaman71/my-first-bug-on-a-bbp-fdd512307284?source=rss------bug_bounty-5 | Aman Bhuiyan | xss-vulnerability, bug-bounty, hacking, injection | 03-Jun-2024 |
27.2 Lab: DOM XSS using web messages and JSON.parse | https://cyberw1ng.medium.com/27-2-lab-dom-xss-using-web-messages-and-json-parse-79dbe4290efb?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, cybersecurity, hacking, bug-bounty, careers | 03-Jun-2024 |
Hack and Pay Later: Bypassing Online Payment Method | https://medium.com/@tirqwork1/hack-and-pay-later-bypassing-online-payment-method-8b366e0dc7ee?source=rss------bug_bounty-5 | ARoy | bug-bounty, cybersecurity, bugbounty-writeup, payment-gateway, infosec | 03-Jun-2024 |
27.3 Lab: DOM XSS using web messages and JSON.parse | https://cyberw1ng.medium.com/27-2-lab-dom-xss-using-web-messages-and-json-parse-79dbe4290efb?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, cybersecurity, hacking, bug-bounty, careers | 03-Jun-2024 |
UPI Recon | Scammed on Instagram /Telegram? | https://medium.com/@anonymoustriager/upi-recon-scammed-on-instagram-telegram-3713f9dd77cd?source=rss------bug_bounty-5 | Anonymous Triager | hacker, telegram, recon, cybersecurity, bug-bounty | 02-Jun-2024 |
Bug Zero — 2 Weeks in Cybersecurity (May 15–31) | https://blog.bugzero.io/bug-zero-2-weeks-in-cybersecurity-may-15-31-dbc07d60dfe5?source=rss------bug_bounty-5 | Akila Maithripala | bug-zero, sri-lanka, cybersecurity, bug-bounty | 02-Jun-2024 |
BBB #1 — Back Hacking | https://medium.com/@JakobTheDev/bbb-1-back-hacking-acafd03d7d4e?source=rss------bug_bounty-5 | Jakob Pennington | bug-bounty, application-security, hacking | 02-Jun-2024 |
27.2 Lab: DOM XSS using web messages and a JavaScript URL | https://cyberw1ng.medium.com/27-2-lab-dom-xss-using-web-messages-and-a-javascript-url-3d29822c295d?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, cybersecurity, careers, hacking, penetration-testing | 02-Jun-2024 |
A simple IDOR worth $400. | https://el-cezeri.medium.com/a-simple-idor-worth-400-65663937a5f4?source=rss------bug_bounty-5 | Samet Yiğit | bugbounty-tips, bug-bounty, ödülavcılığı | 02-Jun-2024 |
Mastering Sway-Analyzer | https://medium.com/@angelos404/mastering-sway-analyzer-27379d7903db?source=rss------bug_bounty-5 | angelos404 | smart-contracts, web3, blockchain, bug-bounty, sway | 02-Jun-2024 |
Easy $$$$ Bounty for leaked token in java script url | https://medium.com/@eslammonex/easy-bounty-for-leaked-token-in-java-script-url-5491cf567328?source=rss------bug_bounty-5 | EslamMonex | bug-bounty | 02-Jun-2024 |
How To Escalate P5 Email HTML Injection to P4. | https://medium.com/@Ajakcybersecurity/how-to-escalate-p5-email-html-injection-to-p4-19a61a85a76b?source=rss------bug_bounty-5 | AjakCybersecurity | bug-bounty, hacking, penetration-testing, cybersecurity, technology | 02-Jun-2024 |
شرح اللاب بطريقة سهلة ومبسطة لفهم نوع ال Reflected XSS into HTML context with nothing encoded | https://gentilsecurity.medium.com/%D8%B4%D8%B1%D8%AD-%D8%A7%D9%84%D9%84%D8%A7%D8%A8-%D8%A8%D8%B7%D8%B1%D9%8A%D9%82%D8%A9-%D8%B3%D9%87%D9%84%D8%A9-%D9%88%D9%85%D8%A8%D8%B3%D8%B7%D8%A9-%D9%84%D9%81%D9%87%D9%85-%D9%86%D9%88%D8%B9-%D8%A7%D9%84-reflected-xss-into-html-context-with-nothing-encoded-9dde8cf2baa3?source=rss------bug_bounty-5 | GenTiL | owasp, web-development, penetration-testing, cybersecurity, bug-bounty | 01-Jun-2024 |
ماذا تعرف عن ثغرة XSS? (Cross-Site Script) | https://gentilsecurity.medium.com/%D9%85%D8%A7%D8%B0%D8%A7-%D8%AA%D8%B9%D8%B1%D9%81-%D8%B9%D9%86-%D8%AB%D8%BA%D8%B1%D8%A9-xss-cross-site-script-d45ecf75b0a6?source=rss------bug_bounty-5 | GenTiL | xss-attack, bug-bounty, vulnerability, technology, hacking | 01-Jun-2024 |
كيفية استخدام أداة ParamSpider — لبرنامج الجوائز الأمنية (Bug Bounty) | https://gentilsecurity.medium.com/%D9%83%D9%8A%D9%81%D9%8A%D8%A9-%D8%A7%D8%B3%D8%AA%D8%AE%D8%AF%D8%A7%D9%85-%D8%A3%D8%AF%D8%A7%D8%A9-paramspider-%D9%84%D8%A8%D8%B1%D9%86%D8%A7%D9%85%D8%AC-%D8%A7%D9%84%D8%AC%D9%88%D8%A7%D8%A6%D8%B2-%D8%A7%D9%84%D8%A3%D9%85%D9%86%D9%8A%D8%A9-bug-bounty-c1361d476c4a?source=rss------bug_bounty-5 | GenTiL | paramspider, penetration-testing, bug-bounty, web-development, penetration-testing-tools | 01-Jun-2024 |
هل مازلت محتار في الاختلاف بين Reflected XSS و DOM XSS؟ اليوم ستحسم المسألة بكل ثقة | https://gentilsecurity.medium.com/%D9%87%D9%84-%D9%85%D8%A7%D8%B2%D9%84%D8%AA-%D9%85%D8%AD%D8%AA%D8%A7%D8%B1-%D9%81%D9%8A-%D8%A7%D9%84%D8%A7%D8%AE%D8%AA%D9%84%D8%A7%D9%81-%D8%A8%D9%8A%D9%86-reflected-xss-%D9%88-dom-xss-%D8%A7%D9%84%D9%8A%D9%88%D9%85-%D8%B3%D8%AA%D8%AD%D8%B3%D9%85-%D8%A7%D9%84%D9%85%D8%B3%D8%A3%D9%84%D8%A9-%D8%A8%D9%83%D9%84-%D8%AB%D9%82%D8%A9-c4224d126056?source=rss------bug_bounty-5 | GenTiL | reflected-xss, hacking, dom-xss, web-penetration-testing, bug-bounty | 01-Jun-2024 |
MY FIRST BUG ! | https://medium.com/@amjadkhan_72632/my-first-bug-8d52edf256c7?source=rss------bug_bounty-5 | Amjad Khan | cybersecurity, bug-bounty | 01-Jun-2024 |
SQLi, SSRF And Code Secrets — All In One | https://medium.com/@red.whisperer/sqli-ssrf-and-code-secrets-all-in-one-a387c734c84f?source=rss------bug_bounty-5 | Chux | security, hacking, cybersecurity, infosec, bug-bounty | 01-Jun-2024 |
Are you still confused about the difference between Reflected XSS and DOM XSS? | https://gentilsecurity.medium.com/are-you-still-confused-about-the-difference-between-reflected-xss-and-dom-xss-45715d0fe37b?source=rss------bug_bounty-5 | GenTiL | dom-xss, hacking, bug-bounty, web-penetration-testing, reflected-xss | 01-Jun-2024 |
Chaining NOSQLi and XSS to Take Over a Server — HackTheBox Stocker Walkthrough | https://medium.com/@The_Hiker/chaining-nosqli-and-xss-to-take-over-a-server-hackthebox-stocker-walkthrough-e549bf3f8bbf?source=rss------bug_bounty-5 | TheHiker | hackthebox, hackthebox-writeup, web-exploitation, hacking, bug-bounty | 01-Jun-2024 |
Unveiling the Sneaky CSV Injection: VDP vs. Objective-Based Offensive Tactics | https://abawazeeer.medium.com/unveiling-the-sneaky-csv-injection-vdp-vs-objective-based-offensive-tactics-208b22b8bba1?source=rss------bug_bounty-5 | AliBawazeEer | vulnerability-disclosure, bug-bounty, vulnerability-assessment, owasp-top-10, application-security | 01-Jun-2024 |
cy27.1 Lab: DOM XSS using web messages | https://cyberw1ng.medium.com/cy27-1-lab-dom-xss-using-web-messages-5c2346edc08b?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, bug-bounty, hacking, careers, cybersecurity | 01-Jun-2024 |
Use FFUF to bypass Burp Suite’s Intruder attacks delay!!! | https://hackermater.medium.com/use-ffuf-to-bypass-burp-suite-intruder-attacks-delay-c5087c912741?source=rss------bug_bounty-5 | hackermater | bug-bounty-writeup, burpsuite, hacking, bug-bounty-tips, bug-bounty | 01-Jun-2024 |
90 Days Cybersecurity Learning Challenge | https://medium.com/@unknow.com/90-days-cybersecurity-learning-challenge-81e1777b31f5?source=rss------bug_bounty-5 | Cyber_hunter | bug-bounty, careers, cybersecurity | 01-Jun-2024 |
Attacking Web Applications with Ffuf | Skills Assessment — Walkthrough | https://medium.com/@Mx0o14/attacking-web-applications-with-ffuf-skills-assessment-walkthrough-5af4160fe75b?source=rss------bug_bounty-5 | Mohamed Ashraf | hackthebox, bug-bounty, cybersecurity, hacking | 31-May-2024 |
The Planets CTF | Earth CTF | Vulnhub | WriteUp | Walkthrough | https://shamsulmehmood.medium.com/the-planets-ctf-earth-ctf-vulnhub-writeup-walkthrough-38d13c16643c?source=rss------bug_bounty-5 | SHAMS UL MEHMOOD | hacking, cybersecurity, bug-bounty, bugs, cybercrime | 31-May-2024 |
Pattern Scanning Intro (For Game Hacking) | https://medium.com/@MrRipperoni/pattern-scanning-intro-for-game-hacking-b13401b562fb?source=rss------bug_bounty-5 | Mr.Ripperoni | coding, reverse-engineering, games, bug-bounty, hacking | 31-May-2024 |
How i get XSS & HTMLi with FUFF | https://kiraadx.medium.com/how-i-get-xss-htmli-with-fuff-0c8a4b094636?source=rss------bug_bounty-5 | KiRaaDx | bug-bounty, cybersecurity, bug-bounty-tips | 31-May-2024 |
OSCP Review | https://medium.com/@nosignalrightnow/oscp-review-3a9568bf9c5d?source=rss------bug_bounty-5 | cowabunga | bug-bounty, offensive-security, penetration-testing, oscp, cybersecurity | 31-May-2024 |
26.3 Lab: Indirect prompt injection | https://cyberw1ng.medium.com/26-3-lab-indirect-prompt-injection-27d35f2e0e90?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, penetration-testing, careers, cybersecurity, bug-bounty | 31-May-2024 |
CVE-2024–24919: Zero-Day Vulnerability leads to unauthorized Information Disclosure in Checkpoint | https://codewithvamp.medium.com/cve-2024-24919-zero-day-vulnerability-leads-to-unauthorized-information-disclosure-in-checkpoint-97873b47d160?source=rss------bug_bounty-5 | Vaibhav Kumar Srivastava | computer-science, hacking, bug-bounty, cybersecurity, cve | 31-May-2024 |
How I Found a Vulnerability in Apple: A Journey of Discovery and Impact | https://medium.com/@husnainsuleman/how-i-found-a-vulnerability-in-apple-a-journey-of-discovery-and-impact-0e55f14eef75?source=rss------bug_bounty-5 | Husnain Suleman | bug-bounty, storytelling, security, cybersecurity, apple | 31-May-2024 |
IDOR Exploit: A Tale of Account Takeover | https://danial1337.medium.com/idor-exploit-a-tale-of-account-takeover-51ab2c47c246?source=rss------bug_bounty-5 | Muhammad Danial | penetration-testing, hacking, cybersecurity, web-security, bug-bounty | 31-May-2024 |
Advanced Web Cache Poisoning | https://medium.com/@majix_de/advanced-web-cache-poisoning-e6e17d5290ce?source=rss------bug_bounty-5 | Majix | web-cache-poisoning, penetration-testing, hacking, bug-bounty, pentesting | 31-May-2024 |
Creative Steps | Reflected XSS into HTML context with nothing encoded | https://gentilsecurity.medium.com/creative-steps-reflected-xss-into-html-context-with-nothing-encoded-0a30d4f2dc24?source=rss------bug_bounty-5 | GenTiL | cybersecurity, bug-bounty, owasp, penetration-testing, web-development | 30-May-2024 |
Exported Activity In Android Application Allowing Access to Payments Information | https://medium.com/@mohanad.hussam23/exported-activity-in-android-application-allowing-access-to-payments-information-166dfee5008e?source=rss------bug_bounty-5 | Muhanad Israiwi | hacking, bugs, penetration-testing, bug-bounty, androidhacking | 30-May-2024 |
Static Testing of iOS Applications | https://sandeepvi.medium.com/static-testing-of-ios-applications-cb09bd8f2927?source=rss------bug_bounty-5 | Sandeep Vishwakarma | hacking, bug-bounty, ios, static-code-analysis | 30-May-2024 |
Secrets of Data Security : Trendy Tools and Tips You Can’t Ignore! | https://medium.com/@paritoshblogs/secrets-of-data-security-trendy-tools-and-tips-you-cant-ignore-a5d72eb7eedf?source=rss------bug_bounty-5 | Paritosh | data-security, hacking, cybersecurity, bug-bounty, security | 30-May-2024 |
Exciting Announcement: We’re Collaborating with Aptron to Boost Web3 Security! | https://securrtech.medium.com/exciting-announcement-were-collaborating-with-aptron-to-boost-web3-security-4f58726c3ae0?source=rss------bug_bounty-5 | Securr | web3, ai, web3-security, bug-bounty, blockchain | 30-May-2024 |
Enhancing Cybersecurity: Lessons from a Critical XSS Vulnerability in DMRC’s Website | https://hackerhalt.medium.com/enhancing-cybersecurity-lessons-from-a-critical-xss-vulnerability-in-dmrcs-website-a0e39aeb0318?source=rss------bug_bounty-5 | Hacker Halt Live | hacker, hacking, bug-bounty, security, cybersecurity | 30-May-2024 |
Application Level DoS - The Lagging Nightmare | https://shahjerry33.medium.com/application-level-dos-the-lagging-nightmare-d3332f2ade86?source=rss------bug_bounty-5 | Jerry Shah (Jerry) | pentesting, cybersecurity, bug-bounty, infosec, vulnerability | 30-May-2024 |
26.2 Lab: Exploiting vulnerabilities in LLM APIs | https://cyberw1ng.medium.com/26-2-lab-exploiting-vulnerabilities-in-llm-apis-83150b4cdf98?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, cybersecurity, careers, hacking, bug-bounty | 30-May-2024 |
WAF as a weapon and DOS as a bullet | https://medium.com/@zhero_/waf-as-a-weapon-and-dos-as-a-bullet-46acad12a9b6?source=rss------bug_bounty-5 | Rachid.A | infosec, bug-bounty, firewall, hacking, cybersecurity | 30-May-2024 |
Low hanging fruit in real website: Cookie invalidation. | https://medium.com/@siyamhassan.main/low-hanging-fruit-in-real-website-cookie-invalidation-bd24556dc673?source=rss------bug_bounty-5 | 2004siyam_hassan | authentication, session-invalidation, bug-bounty | 30-May-2024 |
Buy Multiple Translink Travel Ticket for the Price of One. | https://medium.com/@aswinmanikandan/buy-multiple-translink-travel-ticket-for-the-price-of-one-82014216c510?source=rss------bug_bounty-5 | Aswin Manikandan | bug-bounty, bug-bounty-tips | 30-May-2024 |
(1)بالمصري Bug Bounty Bootcamp ملخص | https://medium.com/@am3002297/1-%D8%A8%D8%A7%D9%84%D9%85%D8%B5%D8%B1%D9%8A-bug-bounty-bootcamp-%D9%85%D9%84%D8%AE%D8%B5-8cdf2bf4e108?source=rss------bug_bounty-5 | 30obd | bug-bounty-hunter, tech-bootcamp, bug-bounty, infosec, information-security | 30-May-2024 |
Microsoft IIS Server Shortnames & Tilde Magic | https://retkoussa.medium.com/microsoft-iis-server-shortnames-tilde-magic-64df65d26450?source=rss------bug_bounty-5 | Firas Al-Koussa | hacking, bug-bounty, penetration-testing, cybersecurity, penetration-testing-tools | 30-May-2024 |
How I Found My First Bug in My Bug Bounty Journey | https://medium.com/@HuseyinAdgzl/how-i-found-my-first-bug-in-bug-bounty-journey-49a318874ed8?source=rss------bug_bounty-5 | Hüseyin Adiguzel | bug-bounty-tips, bug-bounty, api, security, bugs | 30-May-2024 |
A Beautiful Bug: Interesting URL scheme bypass + Race Condition. | https://medium.com/@Nightbloodz/a-beautiful-bug-interesting-url-scheme-bypass-race-condition-61109771a250?source=rss------bug_bounty-5 | Alvaro Balada | cybersecurity, xss-attack, bug-bounty-tips, bug-bounty-writeup, bug-bounty | 30-May-2024 |
Understanding Fileless Malware: How It Works and Real-World Examples | https://medium.com/@paritoshblogs/understanding-fileless-malware-how-it-works-and-real-world-examples-76085c99543d?source=rss------bug_bounty-5 | Paritosh | hacking, bug-bounty, fileless-malware, malware, cybersecurity | 29-May-2024 |
An interesting Bug that I found in Android Mobile Application | https://medium.com/@jooelsaka/an-interesting-bug-that-i-found-in-android-mobile-application-becf25c8c4d8?source=rss------bug_bounty-5 | dnelsaka | security, pentesting, mobile-security, android, bug-bounty | 29-May-2024 |
Subdomain takeover via AWS s3 bucket | https://infosecwriteups.com/subdomain-takeover-via-aws-s3-bucket-9c54b1b71c46?source=rss------bug_bounty-5 | Bikram kharal | vulnerability, subdomain-takeover, bug-bounty, penetration-testing, hacking | 29-May-2024 |
Unauthenticated Cache Purge, Really a Bug? | https://medium.com/@anonymoustriager/unauthenticated-cache-purge-really-a-bug-1da44d6fbfd9?source=rss------bug_bounty-5 | Anonymous Triager | hacker, bug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup | 29-May-2024 |
Bypassing Discord marked links filter | https://nickguitar.medium.com/bypassing-discord-marked-links-filter-88bcd7946f2a?source=rss------bug_bounty-5 | Nickguitar | hacking, bug-bounty, bypass, discord, pentest | 29-May-2024 |
Bug Bounty Automations | https://medium.com/@michellepantelouris/bug-bounty-automations-65f4a4dd6121?source=rss------bug_bounty-5 | Michelle Pantelouris | bug-bounty, cybersecurity, penetration-testing | 29-May-2024 |
Building tech profile of a company | https://netlas.medium.com/building-tech-profile-of-a-company-f2145dedad31?source=rss------bug_bounty-5 | Netlas.io | reconnaissance, cybersecurity, osint, penetration-testing, bug-bounty | 29-May-2024 |
Content Discovery: Directories, Files And Links Enumeration: | https://hacktivistattacker.medium.com/content-discovery-directories-files-and-links-enumeration-38e407b8ff0a?source=rss------bug_bounty-5 | Hacktivist-Attacker | content-discovery, bug-bounty, web-penetration-testing, reconnaissance-bug-bounty, educação | 29-May-2024 |
Bug Bounty Tips and Tricks: Improve Your Success Rate | https://medium.com/@verylazytech/bug-bounty-tips-and-tricks-improve-your-success-rate-37fa7941d05f?source=rss------bug_bounty-5 | Very Lazy Tech | bug-bounty, hacking, bug-bounty-program, cyber, cybersecurity | 29-May-2024 |
S3 bucket enumeration simplified. | https://secureitmania.medium.com/s3-bucket-enumeration-simplified-80bdcdf581d7?source=rss------bug_bounty-5 | secureITmania | hacking, cloud-services, devops, bug-bounty, it-security | 29-May-2024 |
Agent Sudo Walkthrough | https://medium.com/@anubhavbali2004/agent-sudo-walkthrough-0a2954d2bb7e?source=rss------bug_bounty-5 | Anubhav Bali | ctf-walkthrough, ctf-writeup, bug-bounty, ctf, cybersecurity | 29-May-2024 |
Mastering Burp Suite for Web Application Security Testing | https://medium.com/@zerodayfreak/mastering-burp-suite-for-web-application-security-testing-9ac8919f89a8?source=rss------bug_bounty-5 | ZeroDay Freak | bug-bounty, infosec, burpsuite, web-hacking, penetration-testing | 29-May-2024 |
The Easiest Vulnerability to Find and How to bypass the WAF | https://medium.com/@probza261/the-easiest-vulnerability-to-find-and-how-to-bypass-the-waf-3dbcc422aa7e?source=rss------bug_bounty-5 | OctaYus | bug-bounty, infosec, web-security | 29-May-2024 |
[Low]Unintended Feature: Exploiting an “Invisible” Delete Function for Temporary Premium Access | https://r4v3n0r.medium.com/low-unintended-feature-exploiting-an-invisible-delete-function-for-temporary-premium-access-909812add8eb?source=rss------bug_bounty-5 | Fabian Cruz | web-application-security, cybersecurity, idor, bug-bounty, information-security | 29-May-2024 |
What do you know about XSS? (Cross-Site Script) | https://gentilsecurity.medium.com/what-do-you-know-about-xss-cross-site-script-fa050d37be1c?source=rss------bug_bounty-5 | GenTiL | bug-bounty, vulnerability, hacking, technology, xss-attack | 28-May-2024 |
Hacking NASA: Critical SSRF + Subdomain Takeover + XSS | https://nickguitar.medium.com/hacking-nasa-critical-ssrf-subdomain-takeover-xss-699be0ce3c06?source=rss------bug_bounty-5 | Nickguitar | pentesting, bug-bounty, hacking, web-application-security, writeup | 28-May-2024 |
Bug Bounty In 2024 | https://medium.com/@Code_With_Ssn/bug-bounty-in-2024-54b1f0c3fe75?source=rss------bug_bounty-5 | Salik Seraj Naik | cybersecurity, bug-bounty, software-development, blockchain, data-science | 28-May-2024 |
8 Different Ways to Bypass SSL Pinning in iOS Applications | https://medium.com/@vaishalinagori112/8-different-ways-to-bypass-ssl-pinning-in-ios-applications-427dfcbe8bf7?source=rss------bug_bounty-5 | Vaishali Nagori | bug-bounty, vapt-services, hacking, ciso, ssl-pinning-bypass | 28-May-2024 |
Talkpal — vulnerability disclosure | https://karol-mazurek.medium.com/talkpal-vulnerability-disclosure-70b18d14772f?source=rss------bug_bounty-5 | Karol Mazurek | cybersecurity, bug-bounty, information-technology, penetration-testing, information-security | 28-May-2024 |
Cross-Site Script _XSS_ Extract Here | https://gentilsecurity.medium.com/cross-site-script-xss-extract-here-d76053546fe3?source=rss------bug_bounty-5 | GenTiL | technology, bug-bounty, ethical-hacking, cybersecurity, web-development | 28-May-2024 |
RCE Exploitation via Report Upload + Leveraging MachineKeys to Forge ASPXAUTH Cookies to privesc… | https://medium.com/@ph4nt0mbyt3/rce-exploitation-via-report-upload-leveraging-machinekeys-to-forge-aspxauth-cookies-to-privesc-50d38991da2e?source=rss------bug_bounty-5 | ph4nt0mbyt3 | pentesting, hacking, bug-bounty, cookies, aspnetcore | 28-May-2024 |
PENTESTING DAY — 01 | https://medium.com/@workwithsane/pentesting-day-01-7eba23231870?source=rss------bug_bounty-5 | Sane | offensive-security, pentesting, bug-bounty, defensive-security, ethical-hacking | 28-May-2024 |
A Whistledown Exclusive: Netflix’s Journey to One Million in Bug Bounty and Beyond | https://netflixtechblog.medium.com/a-whistledown-exclusive-netflixs-journey-to-one-million-in-bug-bounty-and-beyond-9087ffebc3e1?source=rss------bug_bounty-5 | Netflix Technology Blog | vulnerability-management, application-security, cybersecurity, bug-bounty | 28-May-2024 |
25.8 Lab: Web cache poisoning via a fat GET request | https://cyberw1ng.medium.com/25-8-lab-web-cache-poisoning-via-a-fat-get-request-ee8a42d01868?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, hacking, careers, penetration-testing, cybersecurity | 28-May-2024 |
Self-XSS via filename + CSRF on contact us ‘multipart/data’ form | https://mchklt.medium.com/self-xss-via-filename-csrf-on-contact-us-multipart-data-form-f852dd539547?source=rss------bug_bounty-5 | ABDELKARIM MOUCHQUELITA | cyberattack, tips, bug-bounty, cybersecurity, hacking | 28-May-2024 |
PENTESTING INTRODUCTION | https://medium.com/@workwithsane/pentesting-day-01-7eba23231870?source=rss------bug_bounty-5 | Sane | offensive-security, pentesting, bug-bounty, defensive-security, ethical-hacking | 28-May-2024 |
Best Packet Sniffers For Reverse Engineering Game Servers | https://medium.com/@MrRipperoni/best-packet-sniffers-for-reverse-engineering-game-servers-c09987c46b33?source=rss------bug_bounty-5 | Mr.Ripperoni | games, bug-bounty, hacking, penetration-testing, reverse-engineering | 28-May-2024 |
25.9 Lab: URL normalization in Web Cache Poisioning | https://cyberw1ng.medium.com/25-9-lab-url-normalization-in-web-cache-poisioning-9a4b72e10a5e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, penetration-testing, cybersecurity, hacking, bug-bounty | 28-May-2024 |
شمارع خاله اردبیل شماره خاله رامسرشماره خاله یزدشماره خاله نورآباد09333709804 | https://medium.com/@xgxtccbj/%D8%B4%D9%85%D8%A7%D8%B1%D8%B9-%D8%AE%D8%A7%D9%84%D9%87-%D8%A7%D8%B1%D8%AF%D8%A8%DB%8C%D9%84-%D8%B4%D9%85%D8%A7%D8%B1%D9%87-%D8%AE%D8%A7%D9%84%D9%87-%D8%B1%D8%A7%D9%85%D8%B3%D8%B1%D8%B4%D9%85%D8%A7%D8%B1%D9%87-%D8%AE%D8%A7%D9%84%D9%87-%DB%8C%D8%B2%D8%AF%D8%B4%D9%85%D8%A7%D8%B1%D9%87-%D8%AE%D8%A7%D9%84%D9%87-%D9%86%D9%88%D8%B1%D8%A2%D8%A8%D8%A7%D8%AF09333709804-045d16786c2a?source=rss------bug_bounty-5 | فاطمه | bug-bounty, vjosa, cj, cjng, bybit-event | 28-May-2024 |
25.7 Lab: Parameter cloaking in Web Cache Poisoning | https://cyberw1ng.medium.com/25-7-lab-parameter-cloaking-in-web-cache-poisoning-ee64feeb01c1?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | cybersecurity, hacking, bug-bounty, careers, penetration-testing | 27-May-2024 |
Earning with Exploits: The Bug Bounty Journey | https://deepseng.medium.com/earning-with-exploits-the-bug-bounty-journey-9d864743c011?source=rss------bug_bounty-5 | Deep SenGupta | cybersecurity, appsec, information-security, careers, bug-bounty | 27-May-2024 |
How To Stay Ahead of 99% Of Bug Bounty Hunters | https://infosecwriteups.com/how-to-stay-ahead-of-99-of-bug-bounty-hunters-a51fb3fc2ecb?source=rss------bug_bounty-5 | Om Arora | methodology, infosec, hacking, bug-bounty-tips, bug-bounty | 27-May-2024 |
The bugs: List of weird vulnerabilities | https://noobsixt9.medium.com/the-bugs-list-of-weird-vulnerabilities-6bc98fc5c1cc?source=rss------bug_bounty-5 | Rajan Kshedal | writeup, bug-bounty, bug-bounty-writeup, bug-bounty-tips, information-security | 27-May-2024 |
How I got my first US Dollar bounty | https://medium.com/@deepk007/how-i-got-my-first-us-dollar-bounty-4df50ee82fc6?source=rss------bug_bounty-5 | DEep | cybersecurity, bug-bounty, red-team, ethical-hacking, vulnerability | 27-May-2024 |
25.6 Lab: Web cache poisoning via an unkeyed query parameter | https://cyberw1ng.medium.com/25-6-lab-web-cache-poisoning-via-an-unkeyed-query-parameter-ca2544560b5e?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | penetration-testing, cybersecurity, careers, bug-bounty, hacking | 26-May-2024 |
Embarking on the Bug Bounty Journey | https://medium.com/@verylazytech/embarking-on-the-bug-bounty-journey-e199897617a5?source=rss------bug_bounty-5 | Very Lazy Tech | bug-bounty, technology, programming, cybersecurity, cyber | 26-May-2024 |
Kokurate journey in Cyber Security | https://kokurate.medium.com/kokurate-journey-in-cyber-security-633e546eb175?source=rss------bug_bounty-5 | Kokurate | bug-bounty, blue-team, journey, cybersecurity, red-team | 26-May-2024 |
Network Penetration Testing: A Comprehensive Guide | https://medium.com/@paritoshblogs/network-penetration-testing-a-comprehensive-guide-1ba8fcb7c570?source=rss------bug_bounty-5 | Paritosh | pentesting, networking, ai, cybersecurity, bug-bounty | 26-May-2024 |
Open Redirect via login page | https://medium.com/@saeidmicro/open-redirect-via-login-page-fe144f279da8?source=rss------bug_bounty-5 | Saeid Khater | bug-bounty, open-redirect, cybersecurity | 26-May-2024 |
My Journey in Cyber Security | https://kokurate.medium.com/kokurate-journey-in-cyber-security-633e546eb175?source=rss------bug_bounty-5 | Kokurate | bug-bounty, blue-team, journey, cybersecurity, red-team | 26-May-2024 |
### Uncovering a Critical Security Bug: Email Duplication in Password Reset Mechanism | https://medium.com/@siyamhassan.main/uncovering-a-critical-security-bug-email-duplication-in-password-reset-mechanism-44eed804203f?source=rss------bug_bounty-5 | 2004siyam_hassan | bug-bounty, password-reset, authentication | 26-May-2024 |
### Discovering an OTP Reuse Vulnerability: My First Bug Report | https://medium.com/@siyamhassan.main/discovering-an-otp-reuse-vulnerability-my-first-bug-report-1a4c555113ab?source=rss------bug_bounty-5 | 2004siyam_hassan | authentication, otp-verification, bug-bounty | 26-May-2024 |
HTTP Headers | https://medium.com/@Zephyr_Night/http-headers-958a5d73ffd6?source=rss------bug_bounty-5 | Anshu(Zephyr_Night) | bug-bounty, http-protocol, http-headers, http-authentication | 26-May-2024 |
WordPress application vulnerable to DoS attack via wp-cron.php | https://medium.com/@saeidmicro/wordpress-application-vulnerable-to-dos-attack-via-wp-cron-php-da521e854fe5?source=rss------bug_bounty-5 | Saeid Khater | bug-bounty, dos-attack, cybersecurity | 26-May-2024 |
❇️ Web Hack Tool ❇️ | https://medium.com/@logicTech/%EF%B8%8F-web-hack-tool-%EF%B8%8F-0123843704ed?source=rss------bug_bounty-5 | LogicTech | bug-bounty-tips, github, tools, hacking, bug-bounty | 26-May-2024 |
Insecure Account Removal | https://medium.com/@saeidmicro/insecure-account-removal-867357ad9a08?source=rss------bug_bounty-5 | Saeid Khater | bug-bounty, cybersecurity | 26-May-2024 |
How I Got IDOR lead to PII In Login Page | https://medium.com/@shari7a0x/how-i-got-idor-lead-to-pii-in-login-page-12135f661c77?source=rss------bug_bounty-5 | Shari7a0x | bugs, hacker, idor-vulnerability, bugcrowd, bug-bounty | 26-May-2024 |
How I Found 2 IDORS on My Phone and Made $1,500 | https://medium.com/@zack0x01_/how-i-found-2-idors-on-my-phone-and-made-1-500-8b088f5b28db?source=rss------bug_bounty-5 | zack0x01 | bug-bounty, cyber, idor, bug-bounty-tips, hacking | 26-May-2024 |
Session invalidation after updating e-mail. | https://medium.com/@siyamhassan.main/session-invalidation-after-updating-e-mail-f03c8bb1fb0c?source=rss------bug_bounty-5 | 2004siyam_hassan | bug-bounty, session-invalidation, help | 26-May-2024 |
All About API Security Pentesting | https://infosecwriteups.com/all-about-api-security-pentesting-60dba50e2766?source=rss------bug_bounty-5 | Xcheater | api-security, owasp-api-security-top-10, bug-bounty, pentesting, api-security-testing | 26-May-2024 |
JNDI Injection — Attack Flow | https://medium.com/@prajeet67/jndi-injection-attack-flow-2061e792fef3?source=rss------bug_bounty-5 | Pradeep Kumar | web-penetration-testing, pentest, bug-bounty, java, jndi | 25-May-2024 |
CSRF Vulnerabilities: How to Exploit and Defend Against Attacks | https://xamiron.medium.com/csrf-vulnerabilities-how-to-exploit-and-defend-against-attacks-ca06e0fc0bf0?source=rss------bug_bounty-5 | Sabuj Kumar Modak | penetration-testing, burpsuite, csrf-attack, bug-bounty, web-app-pentesting | 25-May-2024 |
Outlook Hijacked: A Step-by-Step Recovery and Investigation | https://raoshaab.medium.com/outlook-hijacked-a-step-by-step-recovery-and-investigation-02ea09136301?source=rss------bug_bounty-5 | Devender Rao | bug-bounty, phishing, hacking, cybersecurity, microsoft | 25-May-2024 |
Unauthenticated IDOR in Employee Login Exposes PII to more than 100K Users | https://amrkadry7.medium.com/unauthenticated-idor-in-employee-login-exposes-pii-to-more-than-100k-users-830fa8121b33?source=rss------bug_bounty-5 | Amr | cybersecurity, bug-bounty | 25-May-2024 |
How I Hacked India Today Subscription for 2 years | https://anudeep-vysyaraju.medium.com/how-i-hacked-india-today-subscription-for-2-years-4e49701fa7c8?source=rss------bug_bounty-5 | Anudeep Vysyaraju | cybersecurity, penetration-testing, ethical-hacking, hacking, bug-bounty | 25-May-2024 |
HOW HACKERS USE REVERSE ENGINEERING | https://medium.com/@Progsky/how-hackers-use-reverse-engineering-7f8940e2108a?source=rss------bug_bounty-5 | Progsky | bug-bounty, hacking, reverse-engineering | 25-May-2024 |
HTB PDFy Challenge | https://medium.com/@Pdaysec/htb-pdfy-challenge-490e678bd521?source=rss------bug_bounty-5 | Erfan | cybersecurity, htb, bug-bounty, challenge, htb-writeup | 25-May-2024 |
Uncovering the Hidden Vulnerability: How I Found an Authentication Bypass on Shopify’s Exchange… | https://medium.com/@niraj1mahajan/uncovering-the-hidden-vulnerability-how-i-found-an-authentication-bypass-on-shopifys-exchange-cc2729ea31a9?source=rss------bug_bounty-5 | Niraj Mahajan | bug-bounty, account-takeover, ato, authentication-bypass, bug-bounty-tips | 25-May-2024 |
Prototype Pollution: The Hidden Danger in JavaScript | https://medium.com/@mayank_prajapati/prototype-pollution-the-hidden-danger-in-javascript-c8b17002e8da?source=rss------bug_bounty-5 | Mayank Kumar Prajapati | hacking, bug-bounty, security, web, pentesting | 25-May-2024 |
Bypassing WAFs: The Art of Payload Obfuscation | https://systemweakness.com/bypassing-wafs-the-art-of-payload-obfuscation-d4093c110713?source=rss------bug_bounty-5 | David Eduardo Karpinski | web3, bug-bounty, firewall, cybersecurity, hacking | 25-May-2024 |
JavaScript Prototype Pollution Attack: A Simplified Guide | https://medium.com/@dodir.sec/javascript-prototype-pollution-attack-a-simplified-guide-c3b4ba8a6441?source=rss------bug_bounty-5 | dodir | bug-bounty, penetration-testing, web, javascript, cybersecurity | 25-May-2024 |
How i got xss in unusual way | https://medium.com/@cvjvqmmsm/how-i-got-xss-in-unusual-way-7c4f2d8dfaf6?source=rss------bug_bounty-5 | Barbarossa | xss-attack, bug-bounty | 25-May-2024 |
HTB-PDFy | https://medium.com/@Pdaysec/htb-pdfy-challenge-490e678bd521?source=rss------bug_bounty-5 | Erfan | cybersecurity, htb, bug-bounty, challenge, htb-writeup | 25-May-2024 |
Logic Bug | Forget password link not expiring after email change | https://medium.com/@saeidmicro/logic-bug-forget-password-link-not-expiring-after-email-change-4edc6f2dce22?source=rss------bug_bounty-5 | Saeid Khater | cybersecurity, bug-bounty | 24-May-2024 |
How to Use ParamSpider Tool — For Bug Bounty | https://gentilsecurity.medium.com/how-to-use-paramspider-tool-for-bug-bounty-2cfb3e4c402c?source=rss------bug_bounty-5 | GenTiL | penetration-testing, automation-tools, parameter, paramspider, bug-bounty | 24-May-2024 |
Analyzing JavaScript Files To Find Bugs | https://medium.com/@hrofficial62/analyzing-javascript-files-to-find-bugs-7b277d1df435?source=rss------bug_bounty-5 | Mr Horbio | hacking, bug-bounty-tips, cybersecurity, programming, bug-bounty | 24-May-2024 |
Bypassing 403 Protection To Get Admin Access | https://medium.com/@hrofficial62/bypassing-403-protection-to-get-admin-access-fe5b8888a935?source=rss------bug_bounty-5 | Mr Horbio | bug-bounty, 403-forbidden, bug-bounty-tips, hacking | 24-May-2024 |
Bug Bounty Tutorial : Login Bypass Technique | https://medium.com/@hrofficial62/bug-bounty-tutorial-login-bypass-technique-ec4801b505c2?source=rss------bug_bounty-5 | Mr Horbio | bugs, penetration-testing, hacking, bug-bounty, cybersecurity | 24-May-2024 |
How to Earn Bug Bounty as a Professional Bug hunter | https://medium.com/@hrofficial62/how-to-earn-bug-bounty-as-a-professional-bug-hunter-cf11c1d16add?source=rss------bug_bounty-5 | Mr Horbio | earn-money-online, cybersecurity, ethical-hacking, bugs, bug-bounty | 24-May-2024 |
How to Find First Bug (For Beginners) | https://medium.com/@hrofficial62/how-to-find-first-bug-for-beginners-677ef726df2e?source=rss------bug_bounty-5 | Mr Horbio | python, cybersecurity, bug-bounty, hacking, programming | 24-May-2024 |
How to learn Hacking From 0 to Hero | https://medium.com/@hrofficial62/how-to-learn-hacking-from-0-to-hero-b7a13a72d035?source=rss------bug_bounty-5 | Mr Horbio | hacking, horbio, programming, bug-bounty, cybersecurity | 24-May-2024 |
How to extract Google Chrome Saved Password | https://medium.com/@hrofficial62/how-to-extract-google-chrome-saved-password-b6d6db825f36?source=rss------bug_bounty-5 | Mr Horbio | ethical-hacking, hacking, bug-bounty, passwords, cyber | 24-May-2024 |
Referrer-based access control Bug Bounty Tips | https://medium.com/@hrofficial62/referrer-based-access-control-bug-bounty-tips-16112ae530cc?source=rss------bug_bounty-5 | Mr Horbio | hacking, programming, hacker, cybersecurity, bug-bounty | 24-May-2024 |
Python Libraries for Hackers | https://medium.com/@hrofficial62/python-libraries-for-hackers-52a64f54131c?source=rss------bug_bounty-5 | Mr Horbio | hacking, python-programming, python, bug-bounty, cybersecurity | 24-May-2024 |
Easy Bug | PHP info page disclosure | https://medium.com/@saeidmicro/easy-bug-php-info-page-disclosure-d062dbc66a0e?source=rss------bug_bounty-5 | Saeid Khater | cybersecurity, bug-bounty | 24-May-2024 |
Logic Bug: Easy Privilege Escalation | https://medium.com/@saeidmicro/logic-bug-easy-privilege-escalation-7d3878816395?source=rss------bug_bounty-5 | Saeid Khater | cybersecurity, bug-bounty, privilege-escalation | 24-May-2024 |
Logic Bug: Easy Privilege Escalation | https://medium.com/@saeidmicro/logic-bug-easy-privilege-escalation-d12be8946e36?source=rss------bug_bounty-5 | Saeid Khater | bug-bounty, privilege-escalation, cybersecurity | 24-May-2024 |
Easy Bug | Email HTML Injection | https://medium.com/@saeidmicro/easy-bug-email-html-injection-8d15e1db69e0?source=rss------bug_bounty-5 | Saeid Khater | cybersecurity, html-injection, bug-bounty | 24-May-2024 |
How to get your first $500 from an XSS vulnerability | https://gentilsecurity.medium.com/how-to-get-your-first-500-from-an-xss-vulnerability-2c3800490e7a?source=rss------bug_bounty-5 | GenTiL | make-money-online, technology, xss-vulnerability, bug-bounty, xss-attack | 24-May-2024 |
[Bug Report] Medium Bug 3 d | https://minerofideas.medium.com/bug-report-medium-bug-3-d-851c28f844cb?source=rss------bug_bounty-5 | Miner Of Ideas | python, medium, bug-bounty, medium-brasil, bugs | 24-May-2024 |
Using BBRF for tracking Javascript files | https://medium.com/@michal.lubicz/using-bbrf-for-tracking-javascript-files-76901a03939f?source=rss------bug_bounty-5 | Michał Lubicz | bug-bounty-tips, bug-bounty, cybersecurity, pentesting | 24-May-2024 |
Busting CSRF: The Hidden Dangers of JSON Exploited | https://medium.com/@hack3dby0mar/busting-csrf-the-hidden-dangers-of-json-exploited-fd4aeb4cf47e?source=rss------bug_bounty-5 | Omar Essam (hack3dby0mar) | web-security, bug-bounty, cybersecurity | 24-May-2024 |
25.4 Lab: Targeted web cache poisoning using an unknown header | https://cyberw1ng.medium.com/25-4-lab-targeted-web-cache-poisoning-using-an-unknown-header-18d261dcbf7a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, penetration-testing, hacking, bug-bounty, cybersecurity | 24-May-2024 |
Exciting Announcement: We’re Collaborating with DAOPeople to Boost Web3 Security | https://securrtech.medium.com/exciting-announcement-were-collaborating-with-daopeople-to-boost-web3-security-0e4b70699385?source=rss------bug_bounty-5 | Securr | bug-bounty, web3, web3-security, dao, blockchain | 24-May-2024 |
Flipping a ‘False’ to ‘True’: The Google Bug That Paid Off | https://medium.com/@hellother18/flipping-a-false-to-true-the-google-bug-that-paid-off-c9c3b11944fb?source=rss------bug_bounty-5 | Manthan_ mahale | penetration-testing, bugbounty-tips, bug-bounty, cybersecurity, hacker | 24-May-2024 |
Session fixation | Cookie injection leading to ATO Write-Up | https://infosecwriteups.com/session-fixation-cookie-injection-leading-to-ato-write-up-98e29d2851b9?source=rss------bug_bounty-5 | rAmpancist | hacking, account-takeover, cybersecurity, bugbounty-writeup, bug-bounty | 24-May-2024 |
Top Tools Every Bug Bounty Hunter Should Use | https://medium.com/@verylazytech/top-tools-every-bug-bounty-hunter-should-use-7ebec61a0f76?source=rss------bug_bounty-5 | Very Lazy Tech | bug-bounty, bug-bounty-tips, cyber, cybersecurity | 24-May-2024 |
Tips & Tricks To Get Hall of Fame In NASA | https://medium.com/@Ajakcybersecurity/tips-tricks-to-get-hall-of-fame-in-nasa-53819d8221d3?source=rss------bug_bounty-5 | AjakCybersecurity | hacking, ethical-hacking, bug-bounty, cybersecurity, penetration-testing | 24-May-2024 |
25.5 Lab: Web cache poisoning via an unkeyed query string | https://cyberw1ng.medium.com/25-5-lab-web-cache-poisoning-via-an-unkeyed-query-string-c264fccb80d0?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | bug-bounty, penetration-testing, hacking, cybersecurity, careers | 24-May-2024 |
Always Test Default Credentials on Bug Bounty even if it’s 2024 | https://scr1pty.medium.com/always-test-default-credentials-on-bug-bounty-even-if-its-2024-75e511e4ad7c?source=rss------bug_bounty-5 | Scr1pty | ethical-hacking, hacking, bug-bounty, security, bug-bounty-tips | 23-May-2024 |
HTML Injection | https://medium.com/@0xchoudhary/html-injection-cc6f8e3a09f8?source=rss------bug_bounty-5 | Sushil Choudhary | bug-bounty-tips, hackerone, cybersecurity, bug-hunting, bug-bounty | 23-May-2024 |
25.3 Lab: Web cache poisoning with multiple headers | https://cyberw1ng.medium.com/25-3-lab-web-cache-poisoning-with-multiple-headers-65e4e83ace3a?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | careers, bug-bounty, cybersecurity, hacking, penetration-testing | 23-May-2024 |
Unlocked Secrets: How Leaked Credentials Fuel Bug Bounties | https://medium.com/@cyberpro151/unlocked-secrets-how-leaked-credentials-fuel-bug-bounties-fe5032caf5f4?source=rss------bug_bounty-5 | cyberpro151 | admin-panel, infosec, breach, bug-bounty, hacking | 23-May-2024 |
Aleo Bug Bounty Program | https://daonft.medium.com/aleo-bug-bounty-program-97a7fda9ceed?source=rss------bug_bounty-5 | Bogdan | bug-bounty, web3, aleo | 23-May-2024 |
CSRF leading to Account Takeover | https://medium.com/@katmaca2014/csrf-leading-to-account-takeover-abb32bae0ba5?source=rss------bug_bounty-5 | Kaan Atmaca | bug-bounty, penetration-testing, pentesting, cybersecurity, hacking | 23-May-2024 |
Exploiting XML Injection to Establish Unauthorized SSH Connection | https://medium.com/@katmaca2014/exploiting-xml-injection-to-establish-unauthorized-ssh-connection-7c9bbc50a4d4?source=rss------bug_bounty-5 | Kaan Atmaca | hacking, coding, bug-bounty, penetration-testing, pentesting | 23-May-2024 |
How I Found Multiple XSS Vulnerabilities. | https://medium.com/@helalmm71/how-i-found-multiple-xss-vulnerabilities-34bf8655f4e7?source=rss------bug_bounty-5 | MD Helal | vulnerability, penetration-testing, cybersecurity, bug-bounty, ctf | 23-May-2024 |
How I use to find vulnerabilities like XSS,sqli using mixture of 3 simple tools | https://medium.com/@sreejihkn43073/how-i-use-to-find-vulnerabilities-like-xss-sqli-using-mixture-of-3-simple-tools-5108068646d2?source=rss------bug_bounty-5 | Sreejihkn | xss-vulnerability, cybersecurity-training, bug-bounty, github, tools | 23-May-2024 |
Ink Finance Arbitrum Testnet Bug Bounty Hunt | https://inkfinance.medium.com/ink-finance-arbitrum-testnet-bug-bounty-hunt-85ca215118fa?source=rss------bug_bounty-5 | Ink Finance | dao, defi, testnet, arbitrum, bug-bounty | 23-May-2024 |
Chrome 125 Update Resolves High-Severities Bugs Reported by External Researchers | https://medium.com/@elnjasi/chrome-125-update-resolves-high-severities-bugs-reported-by-external-researchers-74be654feb3a?source=rss------bug_bounty-5 | eL Njas!™ | bug-bounty, vulnerbaility, google | 23-May-2024 |
Easy Bug: No Rate Limiting on Form which Triggers Emails | https://medium.com/@saeidmicro/easy-bug-no-rate-limiting-on-form-which-triggers-emails-4cecb5dd80a8?source=rss------bug_bounty-5 | Saeid Khater | cybersecurity, bug-bounty | 23-May-2024 |
First Swag from HackerRank | https://codingninjablogs.tech/first-swag-from-hackerrank-df55cb2605b5?source=rss------bug_bounty-5 | #$ubh@nk@r | hacking, swag, ethical-hacking, security, bug-bounty | 23-May-2024 |
Ink Finance Arbitrum Testnet User Experience & Bug Bounty Hunt | https://inkfinance.medium.com/ink-finance-arbitrum-testnet-bug-bounty-hunt-85ca215118fa?source=rss------bug_bounty-5 | Ink Finance | dao, defi, testnet, arbitrum, bug-bounty | 23-May-2024 |
Second Factor Authentication (2FA) Bypass in Private BBP | https://medium.com/@saeidmicro/second-factor-authentication-2fa-bypass-in-private-bbp-325017cd187e?source=rss------bug_bounty-5 | Saeid Khater | bug-bounty, cybersecurity | 23-May-2024 |
Logic Bug | Old Session Does Not Expires After Password Change | https://medium.com/@saeidmicro/logic-bug-old-session-does-not-expires-after-password-change-cd1fca05c33e?source=rss------bug_bounty-5 | Saeid Khater | bug-bounty, cybersecurity | 23-May-2024 |
Second bug on VDP program | https://medium.com/@devMRT/second-bug-on-vdp-program-f1c4e67a3e42?source=rss------bug_bounty-5 | devMRT | bugbounty-writeup, bug-bounty-tips, bug-bounty | 23-May-2024 |
Advanced Web Application Scanning Step-by-Step Guide | https://0xm4r5h4l.medium.com/advanced-web-application-scanning-step-by-step-guide-4d59dff9c491?source=rss------bug_bounty-5 | 0xM4r5h4l | hacking, web-penetration-testing, cybersecurity, bug-bounty, web-scanner | 22-May-2024 |
How I Found XSS in Swagger-UI Leading to Account Takeover on Bug Bounty | https://scr1pty.medium.com/how-i-found-xss-in-swagger-ui-leading-to-account-takeover-on-bug-bounty-8d419c6b95d5?source=rss------bug_bounty-5 | Scr1pty | bug-bounty, ethical-hacking, penetration-testing, bug-bounty-tips, it | 22-May-2024 |
Time-Based Google OAuth Account Takeover: Adventures in Bug Bounties | https://medium.com/@iamrizwanvp/time-based-google-oauth-account-takeover-my-bug-bounty-journey-a0f534227bc6?source=rss------bug_bounty-5 | RIZWAN | bug-bounty-tips, cybersecurity, bug-bounty, bug-bounty-writeup, bugs | 22-May-2024 |
Silk Central : Bug Tracking Tutorial | https://medium.com/@niranjanky14/silk-central-bug-tracking-tutorial-781e4a6550c6?source=rss------bug_bounty-5 | Nine Pages Of My Life | testing, software-development, bug-bounty, silk, app-development | 22-May-2024 |
Open-Redirect Through HTTP Parameter Pollution | https://medium.com/@davidkarpinski1/open-redirect-through-http-parameter-pollution-ce5a3be7c78e?source=rss------bug_bounty-5 | David Eduardo Karpinski | web3, bug-bounty, hacking, cybersecurity, pollution | 22-May-2024 |
Exciting Announcement: Our New Collaboration with jumboBlockchain to Enhance Web3 Security! | https://securrtech.medium.com/exciting-announcement-our-new-collaboration-with-jumboblockchain-to-enhance-web3-security-fe0489ca2524?source=rss------bug_bounty-5 | Securr | bug-bounty, layer-1, blockchain, web3-security, web3 | 22-May-2024 |
Swagger-UI XSS Leading to Account Takeover on Crypto Exchange | https://scr1pty.medium.com/how-i-found-xss-in-swagger-ui-leading-to-account-takeover-on-bug-bounty-8d419c6b95d5?source=rss------bug_bounty-5 | Scr1pty | bug-bounty, ethical-hacking, penetration-testing, bug-bounty-tips, it | 22-May-2024 |
25.2 Lab: Web cache poisoning with an unkeyed cookie | https://cyberw1ng.medium.com/25-2-lab-web-cache-poisoning-with-an-unkeyed-cookie-3f4884ee1105?source=rss------bug_bounty-5 | Karthikeyan Nagaraj | hacking, bug-bounty, penetration-testing, careers, cybersecurity | 22-May-2024 |
SubActive: Cracking the Digital Code | https://medium.com/@tamhacker1/subactive-cracking-the-digital-code-447769fdb6e2?source=rss------bug_bounty-5 | Tahir Mujawar | bugbounty-writeup, hacker, hacking, cybersecurity, bug-bounty | 22-May-2024 |
Best tool to find subdomains | https://medium.com/@sreejihkn43073/best-tool-to-find-subdomains-170ad5d6e034?source=rss------bug_bounty-5 | Sreejihkn | bug-bounty, subdomain, cybersecurity, cyber-security-awareness, pentesting | 22-May-2024 |
Top Network Hacking Techniques Familiar with Every Bug-Bounty Hunter | https://medium.com/@logicTech/top-network-hacking-techniques-familiar-with-every-bug-bounty-hunter-a01d7319cadc?source=rss------bug_bounty-5 | LogicTech | hacking, network-security, bug-bounty, bug-bounty-tips, bugs | 22-May-2024 |
Pentesting: AI: WEB 1 | Privilege Escalation Attack | Python Reverse Shell | Vulnerabilities | SQL… | https://shamsulmehmood.medium.com/pentesting-ai-web-1-privilege-escalation-attack-python-reverse-shell-vulnerabilities-sql-7f9994a42ec1?source=rss------bug_bounty-5 | SHAMS UL MEHMOOD | ai, cybersecurity, bugs, bug-bounty, ctf-writeup | 21-May-2024 |
Hackers Online Tools in 2024 |