Exploiting IDOR in a Support Portal Chatbot
Sometimes, I avoid testing support or help portals, assuming they might be hosted on third-party platforms like Jira or Zendesk, to save ...
Jan 15, 2025 / Read More
How a Unique Combination Opened the Door to an IDOR
Checkout my previous write-ups in this series
Nov 10, 2024 / Read More
Phishing using Google Sheets for Red Team Engagements
This method which you will see will be very useful when you are engaged in a red team assessment or any kind of social engineering assess...
Jan 17, 2024 / Read More
Unveiling a Bug: Paying $1 and Receiving $100 (or Any Amount) in Return
Hi everyone, this write-up is about a vulnerability I discovered in a private bug bounty program. Due to privacy & legal concerns, I will...
Jun 23, 2023 / Read More
IDOR Vulnerability that exposed 17 Million user data (IDOR Diaries)
For those who are new or aren’t familiar with what an IDOR vulnerability is, here’s are some links to learn more and test it yourself.
May 26, 2023 / Read More
OpenAI ChatGPT for Cyber Security
OpenAI’s new solutions are being trending all over in the internet and one of it’s most useful Tool is “ChatGPT” .
Dec 13, 2022 / Read More
$$ Bounties for Unauthenticated file read in Cisco ASA CVE-2020–3452
Hey Friends back again with a write-up, I’m bit lazy in writing Bug Bounty write-ups but here i am !!.
Aug 23, 2020 / Read More
From XSS to a Directory Traversal
Hey Guys!! This is my first write up for a bug bounty. So Pardon me if I made any mistakes and also feel fee to express your idea below. ...
May 22, 2020 / Read More