Marx Chryz Del MundoEscalating an HTML Injection into 1-Click Account TakeoverHello everyone, I am Marx Chryz and I’m a HTB CWEE, CPTS, and CBBH passer. I will show you a write up about a vulnerability I found…1d agoA response icon1
Ln0ragA Critical Bug Let Me Become an Admin on an External Bug Bounty ProgramIntroduction4d agoA response icon2
Iski💉 SSRF on Steroids: How I Turned a PDF Generator Into a Cloud Data FirehoseHey there!😁1d agoA response icon11d agoA response icon1
John CruiseHow I Found a $3,000 Bug Using Just ReconHow I Found a $3,000 Bug Using Just ReconJul 26A response icon13Jul 26A response icon13
Dipu BasakBug Bounty Diaries: How a Leaked appsettings.json Became a High-Impact FindEvery bug bounty hunter dreams of that perfect Remote Code Execution or a critical SQL Injection. But often, the path to a high-impact…1d ago1d ago
Marx Chryz Del MundoEscalating an HTML Injection into 1-Click Account TakeoverHello everyone, I am Marx Chryz and I’m a HTB CWEE, CPTS, and CBBH passer. I will show you a write up about a vulnerability I found…1d agoA response icon1
Ln0ragA Critical Bug Let Me Become an Admin on an External Bug Bounty ProgramIntroduction4d agoA response icon2
Iski💉 SSRF on Steroids: How I Turned a PDF Generator Into a Cloud Data FirehoseHey there!😁1d agoA response icon1
John CruiseHow I Found a $3,000 Bug Using Just ReconHow I Found a $3,000 Bug Using Just ReconJul 26A response icon13
Dipu BasakBug Bounty Diaries: How a Leaked appsettings.json Became a High-Impact FindEvery bug bounty hunter dreams of that perfect Remote Code Execution or a critical SQL Injection. But often, the path to a high-impact…1d ago
InSystem WeaknessbyVedavyasan S (@ved4vyasan)My $$$$$ Blind Xss Tips.🧿This tips are from my blind xss journey. Sep 21A response icon1
Abhishek sharmaExtending Free Trials with Just a Clock Change: A Subscription Bypass StoryA Subscription Bypass Story1d ago
InSystem WeaknessbyAppsec.ptHow I found my first Critical SSRF (and how you can too)SSRF (Server Side Request Forgery) is a web vulnerability that allows an attacker to cause the server to send requests to a malicious…Jul 21A response icon1