Portal is a fairly new HTML element that is currently supported only in Chrome Canary behind the #enable-portals flag. Their main objective is to enable seamless transitions to the web by pre-rendering content in an iframe-like element that can be then “promoted”…

Introduction

Note before you start.

I have heard a lot about GraphQL but never got time to understand due to time constraints. Recently, I got an application to pentest with…

Hi Folks, hope you are all fine, so this writeup is about exploiting JSONP to extract private data from API endpoints and bypassing the…

AppSecure is an offensive cybersecurity company, works with businesses across the world to protect their data, reputation, and brand.

Intigriti Hackademy. This is the landing page for Intigriti's learning platform, where you can dive into multiple vulnerability classes.

Hacking Facebook for fun and profit: It’s not that hard, apparently (exclusive) - Symbo1/facebook-bug-bounties

NOTE:I may be wrong in my analysis in many way but hope it would be helpful.Please donot leave comment below ,but you can DM me or tweet me in twitter.



Initially when I started Bug bounty in 2015  I used to try to upload SVG for stored xss after reading…

REDIRECTING TO THE NEW BLOG ... Hello Hunters,                         This time I am writing about a Vulnerability found in another ...

بسم الله الرحمن الرحيم

Modern penetration tests and calm bug bounty programs for startups.

Hello guys,

Today I‘ll share with you a interesting XSS in Yahoo. My favorite target is Yahoo, because they have a big scope, so let’s start.

Offensive website security Bug bounty Ethical hacking

JavaScript has become one of the most ubiquitous technologies in the modern web browsers. Applications built using client-side JavaScript…

This actually worked on the first site we tested! 🤯 P.S.: Legacy or unimplemented OAuth flows often contain vulnerabilities that can lead to account takeover. 😈 Thanks for the #BugBountyTip, @ngalongc!

I got invite for private program on bugcrowd. Program do not have huge scope , just a single app with lots of features to test. I usually…