#BugBounty_—_API_keys_leakage,Source_code_disclosure_in_India’slargest.pdf
313.9 KB
Back with a long pending vulnerability that I found during my bug bounty hunt, though a late blog but I found it worth sharing. I have found this vulnerability in India’s largest online health platform website.
By this vulnerability, I was able to read source code of the application , sensitive les like webcong where I got APIs key of mail server, sms, payment gateway etc and further I was also able to use these mail server key to send mail from thei..
By this vulnerability, I was able to read source code of the application , sensitive les like webcong where I got APIs key of mail server, sms, payment gateway etc and further I was also able to use these mail server key to send mail from thei..
🦑How to become a bug bounty hunter ?
#BugBounty
https://undercode.help/how-to-become-a-bug-bounty-hunter/
#BugBounty
https://undercode.help/how-to-become-a-bug-bounty-hunter/
🦑Bug Bounty Hunter: How to the Find your First Bug ?
#BugBounty
https://undercode.help/bug-bounty-hunter-how-to-the-find-your-first-bug/
#BugBounty
https://undercode.help/bug-bounty-hunter-how-to-the-find-your-first-bug/
Forwarded from UNDERCODE TESTING
🦑Reduce Noise in Burp Suite with This Simple Trick! 🔥
💡 Just add the following patterns in Burp Suite under Proxy > Options > TLS Pass Through:
.*\.google\.com
.*\.gstatic\.com
.*\.googleapis\.com
.*\.pki\.goog
.*\.mozilla\..*
hashtag#bugbounty hashtag#bugbountytip
Ref: Het VikamHet Vikam
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
💡 Just add the following patterns in Burp Suite under Proxy > Options > TLS Pass Through:
.*\.google\.com
.*\.gstatic\.com
.*\.googleapis\.com
.*\.pki\.goog
.*\.mozilla\..*
hashtag#bugbounty hashtag#bugbountytip
Ref: Het VikamHet Vikam
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
Forwarded from UNDERCODE TESTING
Forwarded from UNDERCODE TESTING