The most insightful stories about Bug Bounty Writeup - Medium

Bug Bounty Writeup

Bug Bounty Tips

Penetration Testing

Ethical Hacking

Bug Bounty Hunter

Bug Bounty Writeup

Topic

·

5.1K followers

·

1.3K stories

Recommended stories

Escalating an HTML Injection into 1-Click Account Takeover

Escalating an HTML Injection into 1-Click Account Takeover

Hello everyone, I am Marx Chryz and I’m a HTB CWEE, CPTS, and CBBH passer. I will show you a write up about a vulnerability I found…

3d ago

A Critical Bug Let Me Become an Admin on an External Bug Bounty Program

A Critical Bug Let Me Become an Admin on an External Bug Bounty Program

Introduction

6d ago

In

by

How to Find P1 Bugs using Google in your Target — (Part-1)

Earn rewards with this simple method.

1d ago

1d ago

(LLM injection) Bypass payment in Chat GPT

Hello everyone, This vulnerability was discovered while I was exploring the same issue in Google Gemini. However, I was hesitant to…

Jul 7

Jul 7

Bug Bounty Diaries: How a Leaked appsettings.json Became a High-Impact Find

Every bug bounty hunter dreams of that perfect Remote Code Execution or a critical SQL Injection. But often, the path to a high-impact…

3d ago

3d ago

Escalating an HTML Injection into 1-Click Account Takeover

Escalating an HTML Injection into 1-Click Account Takeover

Escalating an HTML Injection into 1-Click Account Takeover

Hello everyone, I am Marx Chryz and I’m a HTB CWEE, CPTS, and CBBH passer. I will show you a write up about a vulnerability I found…

3d ago

A Critical Bug Let Me Become an Admin on an External Bug Bounty Program

A Critical Bug Let Me Become an Admin on an External Bug Bounty Program

A Critical Bug Let Me Become an Admin on an External Bug Bounty Program

Introduction

6d ago

How to Find P1 Bugs using Google in your Target — (Part-1)

In

by

How to Find P1 Bugs using Google in your Target — (Part-1)

Earn rewards with this simple method.

1d ago

(LLM injection) Bypass payment in Chat GPT

(LLM injection) Bypass payment in Chat GPT

Hello everyone, This vulnerability was discovered while I was exploring the same issue in Google Gemini. However, I was hesitant to…

Jul 7

Bug Bounty Diaries: How a Leaked appsettings.json Became a High-Impact Find

Bug Bounty Diaries: How a Leaked appsettings.json Became a High-Impact Find

Every bug bounty hunter dreams of that perfect Remote Code Execution or a critical SQL Injection. But often, the path to a high-impact…

3d ago

How I Found a $3,000 Bug Using Just Recon As a penetration tester, I’ve learned that the most critical phase of any engagement — or bug bounty hunt — is reconnaissance. It’s where the quiet magic happens. Sometimes, you don’t need exploits, brute force, or fuzzers. Just patience, curiosity, and a methodical eye.

How I Found a $3,000 Bug Using Just Recon

How I Found a $3,000 Bug Using Just Recon

Jul 26

💉 SSRF on Steroids: How I Turned a PDF Generator Into a Cloud Data Firehose

💉 SSRF on Steroids: How I Turned a PDF Generator Into a Cloud Data Firehose

Hey there!😁

3d ago

Privilege Escalation: Member Role Can Change Organization Name and Photo

Privilege Escalation: Member Role Can Change Organization Name and Photo

لَقَدْ مَنَنَّا عَلَيْكَ مَرَّةً أُخْرَىٰٓ

5d ago

See more recommended stories