Uncovering Vulnerabilities Through Swagger UI Directory Enumeration: https://hackersatty.medium.com/uncovering-vulnerabilities-through-swagger-ui-directory-enumeration-49e6b43558cd?source=rss------bug_bounty-5
Medium
Uncovering Vulnerabilities Through Swagger UI Directory Enumeration
About Me
❤1
Easy 100$ in public Hackerone program under 3 minutes: https://medium.com/@loayahmed686/easy-100-in-public-hackerone-program-under-3-minutes-69b20e185d3b?source=rss------bug_bounty-5
Medium
Easy 100$ in public Hackerone program under 3 minutes
بسم الله الرحمن الرحيم
❤1
403 Bypass changing http method only: https://rahman0x01.medium.com/403-bypass-changing-http-method-only-f0a32b43a3c8?source=rss------bug_bounty-5
Medium
403 Bypass changing http method only
rahman0x01
❤1
Successfully Gained Full Admin Access and Changed the Password Through Token Manipulation ⚔️: https://medium.com/@momenrezkk90/successfully-gained-full-admin-access-and-changed-the-password-through-token-manipulation-%EF%B8%8F-fe91fc0d9a0f?source=rss------bug_bounty-5
Medium
TAHNK YOU 🫡
https://www.linkedin.com/posts/momen-rezk_full-admin-access-through-token-manipulation-activity-7254084044886331393-_kmU?utm_source=share&ut…
❤1
Useful Wordlists for Bug Bounty Hunters: https://medium.com/@iamshafayat/useful-wordlists-for-bug-bounty-hunters-09f9b3cd2344?source=rss------bug_bounty-5
Medium
Useful Wordlists for Bug Bounty Hunters
Bug bounty hunting requires skill, patience, and the right tools. One of the essential elements of a successful bug bounty journey is using…
❤1
Best python scripts for cybersecurity analyst: https://medium.com/@paritoshblogs/best-python-scripts-for-cybersecurity-analyst-d5ebc91b4cdb?source=rss------bug_bounty-5
Medium
Best python scripts for cybersecurity analyst
When looking for the best Python scripts for a cybersecurity analyst, it’s important to consider scripts that cover a broad range of tasks…
❤1👍1
Subdomain Takeover guides, methodology and exploit POCs: https://aditya-narayan.medium.com/subdomain-takeover-guides-methodology-and-exploit-pocs-9f5dd632c175?source=rss------bug_bounty-5
Medium
Subdomain Takeover guides, methodology and exploit POCs
Another day in Bug Bounty journey, today I learned about Subdomain TakeOver vulnerability.
❤1
Beginners Guide for Exploiting Race Conditions: https://bitpanic.medium.com/beginners-guide-for-exploiting-race-conditions-ab73c843b44a?source=rss------bug_bounty-5
Medium
How It Works:
Way to mastering Race Conditions...
❤1
LFI: Identify the vulnerable endpoint and exploit that by reading
the “/etc/passwd” file.: https://medium.com/@aburayhan01734_18069/lfi-identify-the-vulnerable-endpoint-and-exploit-that-by-reading-the-etc-passwd-file-a9d0586f85c9?source=rss------bug_bounty-5
the “/etc/passwd” file.: https://medium.com/@aburayhan01734_18069/lfi-identify-the-vulnerable-endpoint-and-exploit-that-by-reading-the-etc-passwd-file-a9d0586f85c9?source=rss------bug_bounty-5
Medium
LFI: Identify the vulnerable endpoint and exploit that by reading
the “/etc/passwd” file.
the “/etc/passwd” file.
Description: After trying too many times, I finally identified a Local File Inclusion vulnerability. This
vulnerability occurs when a file…
vulnerability occurs when a file…
❤1
CSRF On Delete Profile: High Severity(7.1) HackerOne: https://medium.com/@josuofficial327/csrf-on-delete-profile-high-severity-7-1-hackerone-33bdb598ef67?source=rss------bug_bounty-5
Medium
CSRF On Delete Profile: High Severity(7.1) HackerOne
👨🏽💻
❤1
Blind XXE with OOB Interaction via XML Parameter Entities: https://osintteam.blog/blind-xxe-with-oob-interaction-via-xml-parameter-entities-97244bf2b85e?source=rss------bug_bounty-5
Medium
Blind XXE with OOB Interaction via XML Parameter Entities
Today, we’ll be learning about a vulnerability that is more like the real-world — a vulnerability that is blind.
❤1
From Comments to Command Execution: How an E-Book Platform Gave Me RCE: https://imooaaz.medium.com/from-comments-to-command-execution-how-an-e-book-platform-gave-me-rce-f27a079ca584?source=rss------bug_bounty-5
Medium
From Comments to Command Execution(RCE)
From Stored XSS to RCE via Unrestricted file upload.
❤1
Simple ATO in private program.: https://medium.com/@oXnoOneXo/simple-ato-in-private-program-890cd1485675?source=rss------bug_bounty-5
Medium
Simple ATO in private program.
Hello Friend. I’m gonna talk about a simple Account Takeover vulnerability I found in a private program at Bugcrowd so grab your coffee and…
❤1
SQL Injection via ORDER BY Parameter: https://medium.com/@mfthylmaz/sql-injection-via-order-by-parameter-a7cb7d04017f?source=rss------bug_bounty-5
Medium
SQL Injection via ORDER BY Parameter
Hi Guys In this blog post, I’ll share the details of an SQL Injection vulnerability I discovered while exploring a web application.
❤2
Mastering 403 Forbidden Bypass Techniques ✨: https://medium.com/@kumawatabhijeet2002/mastering-403-forbidden-bypass-techniques-4ab1482afe49?source=rss------bug_bounty-5
Medium
Mastering 403 Forbidden Bypass Techniques ✨
Are you tired of encountering frustrating 403 Forbidden errors that block your testing progress? Don’t worry! This guide will explore…
❤1
Get the hash of favicon of website (by url or file) and search it in Shodan, Censys and Virustotal.
favihash.com
favihash.com
👍5