Write-ups & Bug Bounty
6 writeupsMedium
Popular blogging platform with extensive cybersecurity & bug bounty write-ups
Bugcrowd
Crowdsourced cybersecurity platform connecting researchers with bug bounty programs
HackerOne Bug Bounty Programs
Discover and join bug bounty programs from leading companies worldwide
Intigriti Bug Bytes
Weekly digest of the best bug bounty write-ups, tools & resources
Pentester Land
Curated collection of real-world bug bounty write-ups & pentesting resources
HackerOne Hacktivity
Browse publicly disclosed vulnerability reports from HackerOne programs
General Writeups
196 writeupsMiracle One Vulnerability To Rule Them All
Security research and bug bounty writeup
400$ Bounty again using Google Dorks
Security research and bug bounty writeup
Top 10 web hacking techniques of 2020
Security research and bug bounty writeup
How Gopher works in escalating SSRFs
Server-Side Request Forgery (SSRF)
GCP CloudSQL Vulnerability Leads to Internal Container Access and Data Exposure
Security research and bug bounty writeup
How to Hack APIs in 2021
Security research and bug bounty writeup
Burp Macros: What, Why & How?
Security research and bug bounty writeup
Setup Your Private Burp Collaborator for SSRF/XXE
Server-Side Request Forgery (SSRF)
Experience Burp Suite Enterprise Edition in a new live demo
Security research and bug bounty writeup
DLL Hijacking using Spartacus, outside of DllMain
Security research and bug bounty writeup
Broken Access Control
49 writeupsHx01 Abusing Data Protection Laws For D0xing & Account Takeovers
Account Takeover (ATO) vulnerability
Access employees files in internal CDNs/ Access users modified/deleted content.($12500)
Security research and bug bounty writeup
Forced Browsing to Access Admin Panel
Remote Code Execution (RCE) vulnerability
I found IDOR Vulnerability at Microsoft Subdomain
Insecure Direct Object Reference (IDOR)
How I found an IDOR that led to sensitive information leak?
Insecure Direct Object Reference (IDOR)
Fuzzing + IDOR = Admin TakeOver
Insecure Direct Object Reference (IDOR)
Post Account Takeover? Account Takeover of Internal Tesla Accounts
Account Takeover (ATO) vulnerability
Account Takeover Inside The Tenanth
Account Takeover (ATO) vulnerability
Helping secure BNB Chain through responsible disclosure
Security research and bug bounty writeup
How I was able to take over accounts in websites deal with Github as an SSO provider
Security research and bug bounty writeup
Cryptographic Issues / Bugs
4 writeupsMaking HTTP header injection critical via response queue poisoning
Security research and bug bounty writeup
SHA3 Buffer Overflow
Security research and bug bounty writeup
TCP/IP Vulnerability CVE2022–34718 PoC Restoration and Analysis
Security research and bug bounty writeup
The OpenSSL punycode vulnerability (CVE20223602): Overview, detection, exploitation, and remediation
Security research and bug bounty writeup
Injection Issues / Bugs
83 writeupsHost Header Injection Lead To Account Takeover
Account Takeover (ATO) vulnerability
Regular Expression Injection
Security research and bug bounty writeup
Exploring the World of ESI Injection
Security research and bug bounty writeup
Tale of XSS in Angular
Cross-Site Scripting (XSS) vulnerability
XSS Vulnerability Found in ConnectWise Remote Access Platform With Great Potential For Misuse by Scammers
Cross-Site Scripting (XSS) vulnerability
SQL Injection Vulnerability Found in LifterLMS Plugin Affecting 10K+ Sites - Patchstack
SQL Injection (SQLi) vulnerability
Vue JS Reflected XSS
Cross-Site Scripting (XSS) vulnerability
SQL injection vulnerabilities in Owncloud Android app CVE202324804, CVE202323948
SQL Injection (SQLi) vulnerability
Exploiting an Nday vBulletin PHP Object Injection Vulnerability
Security research and bug bounty writeup
Finding DOM Polyglot XSS in PayPal the Easy Way
Cross-Site Scripting (XSS) vulnerability
Insecure Design
46 writeupsFile Upload to RCE
Remote Code Execution (RCE) vulnerability
Hunting for Bugs in File Upload Feature
Security research and bug bounty writeup
HTTP request smuggling bug patched in mitmproxy
HTTP Request Smuggling
Able to steal bearer token from deep link
Security research and bug bounty writeup
Backdooring Electron Applications
Security research and bug bounty writeup
Unsafe content loading [Electron JS]
Security research and bug bounty writeup
Account Takeover in KAYAK
Account Takeover (ATO) vulnerability
PHP FILTER CHAINS: FILE READ FROM ERRORBASED ORACLE
Security research and bug bounty writeup
SAML is insecure by design
Security research and bug bounty writeup
Escaping misconfigured VSCode extensions
Security research and bug bounty writeup
Security Misconfiguration
87 writeupsAll about Password Reset vulnerabilities
Security research and bug bounty writeup
Nothing new under the Sun – Discovering and exploiting a CDE bug chain
Security research and bug bounty writeup
How I hacked thousand of subdomains
Security research and bug bounty writeup
S3 Account Search
Security research and bug bounty writeup
Old RCE worth $3362
Remote Code Execution (RCE) vulnerability
WebCache Poisoning $$$? Worth it?
Web Cache Poisoning
How I Scored 1K Bounty Using Waybackurls
Security research and bug bounty writeup
All About CSRF Flaw
Cross-Site Request Forgery (CSRF)
Leaked Secrets and Unlimited Miles: Hacking the Largest Airline and Hotel Rewards Platform
Information Disclosure / Data Leak
System misconfiguration is the number one vulnerability, at least for Mastodon
Security research and bug bounty writeup
Vulnerable and Outdated Components
5 writeupsFuzzing Golang msgpack for fun and panic
Security research and bug bounty writeup
Zabbix A Case Study of Unsafe Session Storage
Security research and bug bounty writeup
WSO2 RCE (CVE202229464) exploit and writeup
Remote Code Execution (RCE) vulnerability
Vulnerabilities in Tenda's W15Ev2 AC1200 Router
Security research and bug bounty writeup
How to join the desync endgame: Practical tips from pentester Tom Stacey
Security research and bug bounty writeup
Identification & Authentication Failures
21 writeupsImproper Authentication any user can login as other user with otp/logout & otp/login
Security research and bug bounty writeup
How to test for JWT attacks
Security research and bug bounty writeup
Bypassed the subscription and got the certification
Security or Authentication Bypass
Broken Authentication Login With Google
Security research and bug bounty writeup
OAUTH2 bearer notchecked for connection reuse
Security research and bug bounty writeup
2fa Bypass Using Response Manipulation
Security or Authentication Bypass
OTP bruteforce via rate limit bypass
Remote Code Execution (RCE) vulnerability
10 Password Reset Flaws
Security research and bug bounty writeup
Account Takeover via SMS Authentication Flow
Account Takeover (ATO) vulnerability
Bypassing Login Page in 2 Mins
Security or Authentication Bypass
Software & Data Integrity Failures
17 writeupsPwning a Server using Markdown
Security research and bug bounty writeup
Admin can create a hidden admin account which even the owner can not detect and remove and do administrative actions on the application.
Security research and bug bounty writeup
How I found a bug in Apple within just in 5min
Security research and bug bounty writeup
Huawei Security Hypervisor Vulnerability
Security research and bug bounty writeup
A Brief Introduction to SAML Security Vector
Security research and bug bounty writeup
Hacking Google Drive Integrations
Security research and bug bounty writeup
Dependency Confusion
Security research and bug bounty writeup
Race Condition — Resulted in using the feature which was supposed to be obtained after subscription.
Security research and bug bounty writeup
1click RCE in Electron Applications
Remote Code Execution (RCE) vulnerability
Airborne: Wormable Zero-Click RCE in Apple AirPlay Puts Billions of Devices at Risk | Oligo Security | Oligo Security
Remote Code Execution (RCE) vulnerability
Security Logging & Monitoring
2 writeupsSSD Advisory – Cisco Secure Manager Appliance jwt_api_impl Hardcoded JWT Secret Elevation of Privilege
Security research and bug bounty writeup
Harvesting Logs for Fun and Profit
Security research and bug bounty writeup
Server-Side Request Forgery (SSRF)
22 writeupsStory of a Google Cloud SSRF
Server-Side Request Forgery (SSRF)
SSRF: Bypassing hostname restrictions with fuzzing
Server-Side Request Forgery (SSRF)
Just Gopher It: Escalating a Blind SSRF to RCE for $15k
Server-Side Request Forgery (SSRF)
FogBugz import attachment full SSRF requiring vulnerability
Server-Side Request Forgery (SSRF)
A Glossary of Blind SSRF Chains
Server-Side Request Forgery (SSRF)
SSRF vulnerabilities and where to find them
Server-Side Request Forgery (SSRF)
Stealing administrative JWT's through post auth SSRF (CVE-2021-22056)
Server-Side Request Forgery (SSRF)
Turning bad SSRF to good SSRF: Websphere Portal
Server-Side Request Forgery (SSRF)
SSRF for kubeapiserver cloudprovider scene
Server-Side Request Forgery (SSRF)
When a SSRF is enough: Full Docker Escape on Windows Docker Desktop (CVE-2025-9074)
Server-Side Request Forgery (SSRF)
Chained Exploits
53 writeupsA Tale of Open Redirection to Stored XSS
Cross-Site Scripting (XSS) vulnerability
Story of a $1k bounty — SSRF to leaking access token and other sensitive information
Server-Side Request Forgery (SSRF)
CRLF to Account takeover (chaining bugs)
Account Takeover (ATO) vulnerability
Internet Bug Bounty: High severity vulnerability in Apache HTTP Server could lead to RCE
Remote Code Execution (RCE) vulnerability
SSRF vulnerabilities caused by SNI proxy misconfigurations
Server-Side Request Forgery (SSRF)
Checkmk: Remote Code Execution by Chaining Multiple Bugs (3/3)
Remote Code Execution (RCE) vulnerability
Exploiting Static Site Generators: When Static Is Not Actually Static
Account Takeover (ATO) vulnerability
CVE-2022–42710: A journey through XXE to StoredXSS
Cross-Site Scripting (XSS) vulnerability
SSD Advisory – Galaxy Store Applications Installation/Launching without User Interaction
Security research and bug bounty writeup
RCE via SSTI on Spring Boot Error Page with Akamai WAF Bypass
Remote Code Execution (RCE) vulnerability
Android App Security
32 writeupsGetting started with Android Application Security
Mobile Application Security
Using an Android emulator for API hacking
Account Takeover (ATO) vulnerability
Android Penetration Testing Cheat Sheet
Mobile Application Security
Android Penetration Testing: Frida
Mobile Application Security
APKHunt static code analysis tool for Android apps that is based on the OWASP MASVS framework
Mobile Application Security
Frida script to bypass common methods of sslpining Android
Security or Authentication Bypass
ByPass SSL Pinning with IP Forwarding | iptables
Security or Authentication Bypass
It's all about Bypassing Android SSL Pinning and Intercepting Proxy Unaware applications.
Remote Code Execution (RCE) vulnerability
SameSite cookie bypass on Android by redirecting to to intentpicker with PoC code ($5,000 bounty)
Security or Authentication Bypass
Insecure deeplink leads to sensitive information disclosure
Information Disclosure / Data Leak
iOS App Security
11 writeupsiOS Penetration Testing Cheat Sheet
Mobile Application Security
Revealing Hidden iOS Apps: Exploring System Applications on Jailbroken Devices
Mobile Application Security
iOS Hacking A Beginner's Guide to Hacking iOS Apps [2022 Edition]
Mobile Application Security
iOS jailbreak dev wins $2M bounty for finding critical Optimism bug
Mobile Application Security
Exploring iOS Applications with Frida and Objection: Basic Commands for Pentesting
Mobile Application Security
How to Reverse Engineer and Patch an iOS Application for Beginners:
Mobile Application Security
Reverse Engineering the Apple MultiPeer Connectivity Framework
Mobile Application Security
CVE202232929 Bypass iOS backup's TCC protection
Security or Authentication Bypass
Hyperpom: An Apple Silicon Fuzzer for 64bit ARM Binarie
Mobile Application Security
CVE-2022-41622 and CVE-2022-41800 (FIXED): F5 BIGIP and iControl REST Vulnerabilities and Exposures
Mobile Application Security
Penetration Testing Tools & Guides
15 writeupsTop 10 Tips for Burp Suite
Security research and bug bounty writeup
Burp Suite Extensions: Rarely Utilized but Quite Useful
Security research and bug bounty writeup
Burp Suite solving Email and SMS TAN multifactor authentication with Hackvertor custom tags
Security research and bug bounty writeup
Finding CSRF Vulnerabilities with BurpSuite
Cross-Site Request Forgery (CSRF)
HTTP Signatures: A Burp Suite Extension Implementing HTTP Signatures
Security research and bug bounty writeup
Burp Suite roadmap for 2021
Security research and bug bounty writeup
Browser powered scanning in Burp Suite
Security research and bug bounty writeup
Learn how to write a Burp Suite extension in Kotlin – Setting up
Security research and bug bounty writeup
Using Intruder to Brute Force Authorization Header
Remote Code Execution (RCE) vulnerability
CaA BurpSuite Collector and Analyzer
Security research and bug bounty writeup
Jenkins Vulnerabilities
1 writeupNotes about attacking Jenkins servers
Security research and bug bounty writeup
API Security
6 writeupsWhat is BOLA? 3digit bounty from Topcoder ($$$)
API Security vulnerability
Using an Undocumented Amplify API to Leak AWS Account IDs
Information Disclosure / Data Leak
How to Exploit Public Firebase Realtime Database using REST API
API Security vulnerability
Microsoft Dynamics Container Sandbox RCE via Unauthenticated Docker Remote API 20,000$ Bounty
Remote Code Execution (RCE) vulnerability
Compromising Plesk via its REST API
API Security vulnerability
Missing Bricks: Finding Security Holes in LEGO APIs
API Security vulnerability
Web3 Security
3 writeupsExploiting Web3’s Hidden Attack Surface: Universal XSS on Netlify’s Next.js Library
Cross-Site Scripting (XSS) vulnerability
The Rise of Web 3.0 Security
Blockchain / Smart Contract vulnerability
RCE on admin panel of web3 website
Remote Code Execution (RCE) vulnerability
Blockchain Security
3 writeupsChainWalker is a smart contract scraper which uses RCP/IPC calls to extract the information
Blockchain / Smart Contract vulnerability
Hunting For Mass Assignment Vulnerabilities Using GitHub CodeSearch and grep.app
Blockchain / Smart Contract vulnerability
Velas Infinite Mint Vulnerability Writeup
Blockchain / Smart Contract vulnerability
IoT Security
2 writeupsXiongmai IoT Exploitation
IoT Security vulnerability
Turning Google smart speakers into wiretaps for $100k
IoT Security vulnerability
Security Cheatsheets
1 writeupBigQuery SQL Injection Cheat Sheet
SQL Injection (SQLi) vulnerability
Security Checklists
1 writeupGalaxy Bug Bounty : Tips and Tutorials for Bug Bounty and also Penetration Tests
Security research and bug bounty writeup
Practice Labs
2 writeupsSpring RCE vulnerability reproduction environment
Remote Code Execution (RCE) vulnerability
Lab - Prototype Pollution
Prototype Pollution vulnerability
Car Hacking
7 writeupsHow I hacked my car (2021 Hyundai Ioniq SEL) : Part 1
Security research and bug bounty writeup
How I hacked my car (2021 Hyundai Ioniq SEL) : Part 2
Security research and bug bounty writeup
How I hacked my car (2021 Hyundai Ioniq SEL) : Part 3
Security research and bug bounty writeup
Reverse engineering an EV charger
Security research and bug bounty writeup
We recently found a vulnerability affecting Hyundai and Genesis vehicles where we could remotely control the locks, engine, horn, headlights, and trunk of vehicles made after 2012.
Security research and bug bounty writeup
Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More
Security research and bug bounty writeup
More Car Hacking
Security research and bug bounty writeup
AI Security Research
3 writeupsChatGPT — Bug Bounty Recon Automation
Security research and bug bounty writeup
Deceiving users with ANSI terminal codes in MCP
Security research and bug bounty writeup
Weaponizing image scaling against production AI systems
Security research and bug bounty writeup
Security Podcasts
1 writeupExploiting VMware Workstation and the Return of CSG0Days
Security research and bug bounty writeup
Cross Site Scripting (XSS)
292 writeupsFrom P5 to P2 to 100 BXSS
Cross-Site Scripting (XSS) vulnerability
Google Acquisition XSS (Apigee)
Cross-Site Scripting (XSS) vulnerability
XSS on Microsoft.com via Angular Js template injection
Cross-Site Scripting (XSS) vulnerability
Researching Polymorphic Images for XSS on Google Scholar
Cross-Site Scripting (XSS) vulnerability
Netflix Party Simple XSS
Cross-Site Scripting (XSS) vulnerability
Stored XSS in google nest
Cross-Site Scripting (XSS) vulnerability
Self XSS to persistent XSS on login portal
Cross-Site Scripting (XSS) vulnerability
Universal XSS affecting Firefox
Cross-Site Scripting (XSS) vulnerability
XSS WAF Character limitation bypass like a boss
Cross-Site Scripting (XSS) vulnerability
Self XSS to Account Takeover
Cross-Site Scripting (XSS) vulnerability
Cross Site Request Forgery (CSRF)
42 writeupsHow a simple CSRF attack turned into a P1
Cross-Site Request Forgery (CSRF)
How I exploited the json csrf with method override technique
Cross-Site Request Forgery (CSRF)
How I found CSRF(my first bounty)
Cross-Site Request Forgery (CSRF)
Site wide CSRF on popular program
Cross-Site Request Forgery (CSRF)
Using CSRF I got weird account takeover
Cross-Site Request Forgery (CSRF)
CSRF CSRF CSRF
Cross-Site Request Forgery (CSRF)
Google Bugbounty CSRF in learndigital.withgoogle.com
Cross-Site Request Forgery (CSRF)
2FA bypass via CSRF attack
Cross-Site Request Forgery (CSRF)
Stored iframe injection CSRF account takeover
Cross-Site Request Forgery (CSRF)
Instagram delete media CSRF
Cross-Site Request Forgery (CSRF)
Clickjacking
16 writeupsGoogle Bug bounty Clickjacking on Google payment
Clickjacking (UI Redressing)
Google APIs Clickjacking worth 1337$
Clickjacking (UI Redressing)
1800 worth Clickjacking
Clickjacking (UI Redressing)
Account takeover with clickjacking
Account Takeover (ATO) vulnerability
Clickjacking on google CSE
Clickjacking (UI Redressing)
How I accidentally found clickjacking in Facebook
Clickjacking (UI Redressing)
Clickjacking on google myaccount worth 7500
Clickjacking (UI Redressing)
Clickjacking in google docs and void typing feature
Clickjacking (UI Redressing)
binary.com clickjacking vulnerability exploiting HTML5 security features
Clickjacking (UI Redressing)
Yet another Google Clickjacking
Clickjacking (UI Redressing)
Local File Inclusion (LFI)
12 writeupsRFI LFI Writeup
Local File Inclusion (LFI)
My first LFI
Local File Inclusion (LFI)
Bug bounty LFI at Google.com
Local File Inclusion (LFI)
Google LFI on production servers in redacted.google.com
Local File Inclusion (LFI)
LFI to 10 server pwn
Local File Inclusion (LFI)
LFI in apigee portals
Local File Inclusion (LFI)
Chain the bugs to pwn an organisation LFI unrestricted file upload to RCE
Remote Code Execution (RCE) vulnerability
How we got LFI in apache drill recom like a boss
Local File Inclusion (LFI)
Bugbounty journey from LFI to RCE
Remote Code Execution (RCE) vulnerability
LFI to RCE on deutche telekom bugbounty
Remote Code Execution (RCE) vulnerability
Subdomain Takeover
22 writeupsHow I bought my way to subdomain takeover on tokopedia
Subdomain Takeover vulnerability
Subdomain Takeover via pantheon
Subdomain Takeover vulnerability
Subdomain takeover : a unique way
Subdomain Takeover vulnerability
Escalating subdomain takeover to steal sensitive stuff
Subdomain Takeover vulnerability
Subdomain takeover awarded 200
Subdomain Takeover vulnerability
Subdomain takeover via wufoo service
Subdomain Takeover vulnerability
Subdomain takeover via Hubspot
Subdomain Takeover vulnerability
Souq.com subdomain takeover
Subdomain Takeover vulnerability
Subdomain takeover : new level
Subdomain Takeover vulnerability
Subdomain takeover due to misconfigured project settings for custom domain
Subdomain Takeover vulnerability
Denial of Service (DOS)
11 writeupsLong String DOS
Denial of Service (DoS)
AIRDOS
Denial of Service (DoS)
Denial of Service DOS vulnerability in script loader (CVE-2018-6389)
Denial of Service (DoS)
Github actions DOS
Denial of Service (DoS)
Application level denial of service
Denial of Service (DoS)
Banner grabbing to DOS and memory corruption
Denial of Service (DoS)
DOS across Facebook endpoints
Denial of Service (DoS)
DOS on WAF protected sites
Denial of Service (DoS)
DOS on Facebook android app using zero width no break characters
Denial of Service (DoS)
Whatsapp DOS vulnerability on android and iOS
Denial of Service (DoS)
Authentication Bypass
10 writeupsTouch ID authentication Bypass on evernote and dropbox iOS apps
Security or Authentication Bypass
Oauth authentication bypass on airbnb acquistion using wierd 1 char open redirect
Security or Authentication Bypass
Two factor authentication bypass
Security or Authentication Bypass
Instagram multi factor authentication bypass
Security or Authentication Bypass
Authentication bypass in nodejs application
Security or Authentication Bypass
Symantec authentication Bypass
Security or Authentication Bypass
Authentication bypass in CISCO meraki
Security or Authentication Bypass
Slack SAML authentocation bypass
Security or Authentication Bypass
Authentication Bypass on airbnb via oauth tokens theft
Security or Authentication Bypass
Inspect element leads to stripe account lockout authentication Bypass
Security or Authentication Bypass
SQL Injection (SQLi)
32 writeupsTricky oracle SQLI situation
SQL Injection (SQLi) vulnerability
Exploiting “Google BigQuery” SQLI
SQL Injection (SQLi) vulnerability
SQLI via stopping the redirection to a login page
SQL Injection (SQLi) vulnerability
Finding SQLI with white box analysis a recent bug example
SQL Injection (SQLi) vulnerability
Bypassing a crappy WAF to exploit a blind SQLI
SQL Injection (SQLi) vulnerability
SQL Injection in private-site.com/login.php
SQL Injection (SQLi) vulnerability
Exploiting tricky blind SQLI
SQL Injection (SQLi) vulnerability
SQLI in forget password fucntion
SQL Injection (SQLi) vulnerability
SQLI Bug Bounty
SQL Injection (SQLi) vulnerability
File Upload blind SQLI
SQL Injection (SQLi) vulnerability
Insecure Direct Object Reference (IDOR)
5 writeupsDisclose Private Dashboard Chart's name and data in Facebook Analytics
Security research and bug bounty writeup
Disclosing privately shared gaming clips of any user
Security research and bug bounty writeup
Adding anyone including non-friend and blocked people as co-host in personal event!
Security research and bug bounty writeup
Page analyst could view job application details
Security research and bug bounty writeup
Deleting Anyone's Video Poll
Security research and bug bounty writeup
2FA Bypass
10 writeups2FA Bypass via logical rate limiting Bypass
Security or Authentication Bypass
Bypass 2FA in a website
Security or Authentication Bypass
Weird and simple 2FA bypass
Security or Authentication Bypass
How I cracked 2FA with simple factor bruteforce
Remote Code Execution (RCE) vulnerability
Instagram account is reactivated without entering 2FA
Security research and bug bounty writeup
How to bypass 2FA with a HTTP header
Security or Authentication Bypass
How I hacked 40k user accounts of microsoft using 2FA bypass outlook
Security or Authentication Bypass
How I abused 2FA to maintain persistence after password recovery change google microsoft instragram
Security research and bug bounty writeup
Bypass hackerone 2FA
Security or Authentication Bypass
Facebook Bug bounty : How I was able to enumerate instagram accounts who had enabled 2FA
Security research and bug bounty writeup
CORS Misconfiguration
13 writeupsCORS bug on google's 404 page (rewarded)
CORS Misconfiguration
CORS misconfiguration leading to private information disclosure
CORS Misconfiguration
CORS misconfiguration account takeover out of scope to grab items in scope
Account Takeover (ATO) vulnerability
Chrome CORS
CORS Misconfiguration
Bypassing CORS
Security or Authentication Bypass
An unexploited CORS misconfiguration reflecting further issues
CORS Misconfiguration
Think outside the scope advanced cors exploitation techniques
CORS Misconfiguration
A simple CORS misconfiguration leaked private post of twitter facebook instagram
CORS Misconfiguration
Explpoiting CORS misconfiguration
CORS Misconfiguration
Full account takeover through CORS with connection sockets
Account Takeover (ATO) vulnerability
Server Side Request Forgery (SSRF)
27 writeupsExploiting an SSRF trials and tribulations
Server-Side Request Forgery (SSRF)
SSRF on PDF generator
Server-Side Request Forgery (SSRF)
Google VRP SSRF in Google cloud platform stackdriver
Server-Side Request Forgery (SSRF)
Vimeo upload function SSRF
Server-Side Request Forgery (SSRF)
SSRF via ffmeg processing
Server-Side Request Forgery (SSRF)
My first SSRF using DNS rebinding
Server-Side Request Forgery (SSRF)
Bugbounty simple SSRF
Server-Side Request Forgery (SSRF)
SSRF reading local files from downnotifier server
Server-Side Request Forgery (SSRF)
SSRF vulnerability
Server-Side Request Forgery (SSRF)
Gain adfly SMTP access with SSRF via gopher protocol
Server-Side Request Forgery (SSRF)
Race Condition
12 writeupsExploiting a Race condition vulnerabililty
Security research and bug bounty writeup
Race condition that could result to RCE a story with an app
Remote Code Execution (RCE) vulnerability
Creating thinking is our everything : Race condition and business logic
Security research and bug bounty writeup
Chaining improper authorization to Race condition to harvest credit card details
Security research and bug bounty writeup
A Race condition bug in Facebook chat groups
Security research and bug bounty writeup
Race condition bypassing team limit
Security or Authentication Bypass
Race condition on web
Security research and bug bounty writeup
Race condition bugs on Facebook
Security research and bug bounty writeup
Hacking Banks With Race Conditions
Security research and bug bounty writeup
Race Condition Bug In Web App: A Use Case
Security research and bug bounty writeup
Remote Code Execution (RCE)
64 writeupsMicrosoft RCE bugbounty
Remote Code Execution (RCE) vulnerability
OTP bruteforce account takeover
Remote Code Execution (RCE) vulnerability
Attacking helpdesk RCE chain on deskpro with bitdefender
Remote Code Execution (RCE) vulnerability
Remote image upload leads to RCE inject malicious code
Remote Code Execution (RCE) vulnerability
Finding a p1 in one minute with shodan.io RCE
Remote Code Execution (RCE) vulnerability
From recon to optimizing RCE results simple story with one of the biggest ICT company
Remote Code Execution (RCE) vulnerability
Uploading backdoor for fun and profit RCE DB creds P1
Remote Code Execution (RCE) vulnerability
Responsible Disclosure breaking out of a sandboxed editor to perform RCE
Remote Code Execution (RCE) vulnerability
Wordpress design flaw leads to woocommerce RCE
Remote Code Execution (RCE) vulnerability
Path traversal while uploading results in RCE
Remote Code Execution (RCE) vulnerability
Buffer Overflow
6 writeupsBuffer Overflow Attack Book pdf
Security research and bug bounty writeup
Github Repository on Buffer Overflow Attack
Security research and bug bounty writeup
Stack-Based Buffer Overflow Attacks: Explained and Examples
Security research and bug bounty writeup
How Buffer Overflow Attacks Work
Security research and bug bounty writeup
Binary Exploitation: Buffer Overflows
Security research and bug bounty writeup
WHAT IS A BUFFER OVERFLOW? LEARN ABOUT BUFFER OVERRUN VULNERABILITIES, EXPLOITS & ATTACKS
Security research and bug bounty writeup
Android Pentesting
1 writeupAndroid Pentesting Lab (Step by Step guide for beginners!)
Mobile Application Security
