of bob218

XSS on OAuth callback URL. Weaponizing the issue allowed zero-click account takeover.

As a penetration tester or bug bounty hunter, you know the importance of having the right tools at your disposal. ChatGPT is a powerful AI…

Story:

In this blog, we will explore two significant security vulnerabilities: Broken Object Level Authorization (BOLA) and Broken Functionality…

Master DVWA SQL injection on low-security with our Burp Suite tutorial. Dive into efficient cybersecurity techniques today.

Hello fellas, in this write-up, I’m gonna talk about disclosing email address of any WordPress user by using an another service within…

Welcome to my blog! In this post, I will be discussing my experience in the security testing of an application’s implementation of…

Penetration testing often involves encountering fully restricted machines within the target network. How to build a gateway inside…

Hi, Fellow Hunters, Ram Ram Bhyi Sarya Ne

Hello Lovely People! How’s everything going? I hope everything great. So, back with another one. Let’s Go!

Recently, while hunting on a private bug bounty program I got full API Access to target’s Auth0 Management API. This was my first comeback…

Welcome to the Bug Bounty series where we explore the exciting world of ethical hacking. In this blog post, we will dive into the…

Explore the story of a $1120 Twitter bug, I found — a security flaw that allowed attackers to seize full control of accounts without…

Few ISP might allocate single IP to multiple persons or allocate IP’s dynamically. (In these cases this technique might not work correctly) Okay, what can a attacker accomplish by knowing public ip…

In the name of God

Top-tier Security Researchers are actively adopting ChatGPT in Cybersecurity. Let’s explore the most common ChatGPT prompts for Bug Bounty.

Recently, I received a bounty for a vulnerability discovered on an e-commerce site allowing the personal information — including the…

In this article, I share my views mixed with Justin’s ideas in his video

This is the problem faced by most bug hunters in the beginning

The critical skill of many top tier bug bounty hunters is to select the right program and dedicate their time.