Web Security | Bug hunting

6.32K views16:03

https://medium.com/@vedanttekale20/story-of-the-best-vulnerability-ive-found-so-far-5e3b0e02b47e

Story of the best vulnerability I’ve found so far…

Hello all the amazing hackers and cyber security enthusiasts. My name is Vedant and I’m an aspiring bug bounty hunter and a cyber security…

6.91K views22:18

Web Security | Bug hunting

https://rafipiun.medium.com/how-i-got-easy-for-sql-injection-bug-7ff622236e4c

Medium

How i got easy $$$ for SQL Injection Bug

7.58K views22:29

Web Security | Bug hunting

https://vivekps143.medium.com/facebook-bug-bounty-finding-the-hidden-members-of-the-private-events-977dc1784ff9

Medium

Facebook bug Bounty -Finding the hidden members of the private events.

Hi All,

8.02K views03:51

Web Security | Bug hunting

https://www.youtube.com/watch?v=XJdxvvjelfQ

YouTube

Hacking 1Password | Episode 4 - Two Simple Bugs that Worth $3,300

This time Ron talks about two bugs he found in 1Password that worth $3,300, at the end of the video, he also shares three bug bounty tips to improve your hacking skills.

This video is sponsored by Intigriti. Join Intigriti to become an ethical hacker today:…

9.39K views05:20

Web Security | Bug hunting

https://www.youtube.com/watch?v=t54N4x2uIPs

YouTube

I hacked Outlook and could've read all of your EMAILS!

In this video, Ron Chan talks about a $20,000 bug that could've allowed attackers to read anyone's outlook email.

10.4K views05:21

Web Security | Bug hunting

https://orwaatyat.medium.com/your-full-map-to-github-recon-and-leaks-exposure-860c37ca2c82

Medium

Your Full Map To Github Recon And Leaks Exposure

Hello My Name Orwa Atyat

12K views22:59

Web Security | Bug hunting

https://github.com/reddelexc/hackerone-reports/blob/d4dda0320a177f891f5f965e6ee217234229beb6/tops_by_bug_type/TOPRCE.md

GitHub

hackerone-reports/tops_by_bug_type/TOPRCE.md at d4dda0320a177f891f5f965e6ee217234229beb6 · reddelexc/hackerone-reports

Top disclosed reports from HackerOne. Contribute to reddelexc/hackerone-reports development by creating an account on GitHub.

13.7K views00:37

Web Security | Bug hunting

14.8K views22:15

Web Security | Bug hunting

https://gosecure.github.io/xxe-workshop

gosecure.github.io

Advanced XXE Exploitation

Workshop on XML External Entity attacks. 5 exercises with different techniques and tricks to reach RCE.

17.1K views19:19

Web Security | Bug hunting

https://www.darabi.me/2020/12/create-invisible-post-on-any-facebook.html?m=1

Dynamic World

Create post on any Facebook page

Create a post on any Facebook page Vulnerability

18.6K views23:38

Web Security | Bug hunting

https://bugs.xdavidhu.me/google/2021/01/11/stealing-your-private-videos-one-frame-at-a-time/?fbclid=IwAR0qRB2SOawhbZntnGPIN26jYG6BoPo0SLfeiNrAGTMNKMzQyLrymqxpy0w

bugs.xdavidhu.me

Stealing Your Private YouTube Videos, One Frame at a Time

David Schütz's bug bounty writeups

22.1K views06:44

Web Security | Bug hunting

https://blog.cloudflare.com/october-2021-facebook-outage

The Cloudflare Blog

Understanding how Facebook disappeared from the Internet

Today at 1651 UTC, we opened an internal incident entitled "Facebook DNS lookup returning SERVFAIL" because we were worried that something was wrong with our DNS resolver 1.1.1.1. But as we were about to post on our public status page we realized something…

19K views23:28

Web Security | Bug hunting

https://fares7elsadek.medium.com/my-first-bug-how-i-was-able-to-bypass-the-waf-and-uncover-a-reflected-xss-e0534b6f05e4

Medium

My First Bug: How I Was Able to Bypass the WAF and Uncover a Reflected XSS

Hello everyone, I’m Fares. Today, I’ll share the story of how I successfully identified a reflected XSS vulnerability within a public bug…

9.26K views14:35

Web Security | Bug hunting

https://blog.azuki.vip/csrf/

8.64K views11:38

Web Security | Bug hunting

https://bugbountyguide.org/wp-content/uploads/2023/08/hackerone-Reports.pdf

7.88K views11:53

Web Security | Bug hunting

https://portswigger.net/research/server-side-prototype-pollution

PortSwigger Research

Server-side prototype pollution: Black-box detection without the DoS

Server-side prototype pollution is hard to detect black-box without causing a DoS. In this post, we introduce a range of safe detection techniques, which we've also implemented in an open source Burp

7.65K views19:00

Web Security | Bug hunting

https://infosecwriteups.com/how-i-escalated-a-time-based-sql-injection-to-rce-bbf0d68cb398

Medium

How I Escalated a Time-Based SQL Injection to RCE

Good day everyone! I hope all of you are doing well.

7.74K views00:09

Web Security | Bug hunting

https://medium.com/@moon_osint/how-to-find-the-administrator-of-an-onion-site-89d176b0061a

Medium

How to find the administrator of an onion site?

In this article, I will talk about how administrators of resources in the Tor Network, i.e. the Darkweb, are identified.

12.5K views15:26

Web Security | Bug hunting

https://waf-bypass.com/

Waf-Bypass

Web application firewalls bypasses collection and testing tools – How to test, evaluate, compare, and bypass web application and…

Web application firewalls bypasses collection and testing tools. How to test, evaluate, compare, and bypass web application and API security solutions like WAF, NGWAF, RASP, and WAAP.

11.1K views13:55

Web Security | Bug hunting

https://www.youtube.com/watch?v=90AdmqqPo1Y

YouTube

Bug Bounty | $2000 for SSRF bypass using DNS rebinding

This how I was able to bypass SSRF protection after too many failed attempts using DNS rebinding, if you don't know what is DNS rebinding, don't worry, I will briefly explain it and then we will go through the python exploit that I wrote to pull off the attack…

11.7K views18:47

About

Blog

Apps

Platform