Reconnaissance is an important phase in bug bounty and in pentesting in general. As every target is unique and as we often do not have access to the code base, we'd need to come up with unique methods...

Hello All,  Today, I will share an important write-up I found on a private bug bounty on Bugcrowd.  I will refer to my victim target as…

The first step to attacking any target is conducting reconnaissance, or simply put, gathering information about the target. Reconnaissance…

So i been looking for 403 bypass for so long on a website game

Today, we’ll be walking through my step-by-step methodology as I approach an Oauth vulnerability. This is part of my Methodology…

Introduction:

Hello, my name is Jonas Dias Rebelo, I am currently 21 years old, born in Portugal and now residing in the USA (United States of America).

Story of P1 Bug that turned out to be ?

Hello All,

Introduction بسم الله الرحمن الرحيم و الصلاة و السلام على أشرف المرسلين Hello! My name is Adham Heinrich, and this is my second write-up…

This article explores 10 security vulnerabilities found in a web application, called app.target.me for privacy. Each issue is described along with its impact and suggested fixes. The vulnerabilities…

Understand the Basics of Race Conditon

WIRE TOR — The Ethical Hacking Services

Ok, time to check them skillz on File Inclusion — We’re presented with an IP and Port to test and just one question:

Companies often provide various login methods for users to authenticate their accounts.

I’m excited to share a unique vulnerability journey with you — a race condition that transformed into an Account Takeover (ATO) exploit

In the ever-evolving landscape of cybersecurity, efficiency and automation are key to successful reconnaissance and vulnerability…

APIs control how users interact with applications. Rate limiting stops users from sending too many requests in a short time. It’s a way to…

ShadowJS: A JavaScript File Discovery Tool for Security Researchers