How I escalated default credentials to Remote Code Execution Hello All, We all know Recon is very important to get P1 bugs. Shodan and Censys are probably the be... 2023-4-3 10:54:54 | 阅读: 17 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com malicious 8082 username filtered navigated

Unveiling the Secrets: My Journey of Hacking Google’s OSS - August 22, 2022Let’s dive into it!Dear Infosec,I am excited to share with you my experience of dis... 2023-3-31 20:44:27 | 阅读: 15 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com payload security victim malicious software

CVE-2023–1410 : Stored XSS in the Graphite Function Description tooltip Hello everyone, Do you know about Graphite, a popular tool for monitoring metrics?If that’s the case... 2023-3-26 18:35:18 | 阅读: 22 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com graphite attacker tooltip

The Ultimate XSS PoC with ChatGPT-4 2023-3-26 18:33:55 | 阅读: 39 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com username chacked placeholder

How to become a successful bug bounty hunter https://lexica.art/prompt/1d473bad-3f6b-4a1c-8fb7-92228cf77a70Do Your ResearchThe first step in beco... 2023-3-26 18:33:11 | 阅读: 38 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com identify hunters facial approaches

CVE-2020–10965 : Unauthenticated Admin Password Reset Hello folks,A vulnerability was identified in the default admin account’s Login/ResetAdminPassword f... 2023-3-24 23:45:43 | 阅读: 41 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com attacker resets

Account Takeover Via Poising Forget Password Port in ASDA Hi amazing researcher, Welcome to another review of the vulnerability discovery on ASDA. Today I wan... 2023-3-23 21:31:36 | 阅读: 34 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com attacker poisoning php victim dangling

Default Credentials on Sony- Swag Time Hi Guys, Again I'm here to review another of my finding on the Sony program, This write-up is about... 2023-3-23 20:28:57 | 阅读: 22 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com sony cidrs asns python 8443

Unauthorized Access To Admin Panel via Swagger Hi guys, My name is Arman and you know me as M7arm4n. Today I want to talk about how I was able to a... 2023-3-23 20:28:51 | 阅读: 26 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com coca swagger cup ffuf cola

Zero Click To Account Takeover (IDOR + XSS) Hello dear friends, This write-up is about one of my findings on BugCrowd’s programs that lead attac... 2023-3-23 20:28:46 | 阅读: 22 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com victim idor mi

Understanding CVE-2023–23397: The Microsoft Outlook Vulnerability You Need to Know About undraw.coA critical vulnerability in Microsoft Outlook, CVE-2023–23397, has recently been identified... 2023-3-21 23:53:47 | 阅读: 31 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com microsoft 23397 malicious security sounds

Reflected XSS on Admin Login Page Hi! I’m Aswin,security researcher and a penetration tester.Here we are discussing reflected XSS in a... 2023-3-21 23:52:59 | 阅读: 18 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com payload attacker a6 mirrored aswin

A Game-Changing Tool for Bug Bounty Hunters and Security Researchers https://github.com/projectdiscovery/nucleiIn the ever-evolving landscape of cybersecurity, staying a... 2023-3-20 13:11:43 | 阅读: 12 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com nuclei security

Stripe’s Two-Factor Authentication (2FA) Bypass Hello Everyone,Two-factor authentication (2FA) is a particular kind of multi-factor authentication (... 2023-3-20 13:9:35 | 阅读: 31 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com attacker stripe security

Anatomy of a Reflected XSS: My Discovery on a Microsoft’s Subdomain A few days ago, while browsing the website visualstudio.microsoft.com[1], I performed some tests on... 2023-3-17 17:33:30 | 阅读: 14 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com security 2nd microsoft encodings regional

How I Got Free Travel on Namma Metro As someone who uses public transportation regularly, I rely on it to get me where I need to go quick... 2023-3-17 17:32:13 | 阅读: 17 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com metro namma qr passengers lohigowda

Bypassing Character Limit — XSS Using Spanned Payload Hello, I am Syed Mushfik Hasan Tahsin aka SMHTahsin33, an 18 Y/O Cyber Security Enthusiast from Bang... 2023-3-16 03:20:52 | 阅读: 20 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com popup quotation exfiltrate payload

Zero to Hero: DOM XSS This is the first blog of my series “Zero to Hero”. I am a beginner bug bounty hunter and have repor... 2023-3-14 19:23:12 | 阅读: 24 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com malicious invader waybackurls victim rgipt

How I Leak Other’s Access Token by Exploiting Evil Deeplink Flaw Deep linking has become a crucial aspect of modern mobile app development, allowing for seamless nav... 2023-3-13 17:32:3 | 阅读: 20 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com deeplink str4 c0965a subredacted str2

Subdomain takeover on open.itu.edu via Shopify Hello everyone! This article was originally written around December of 2022. After writing the draft... 2023-3-13 16:8:48 | 阅读: 47 | 收藏 | Bug Bounty in InfoSec Write-ups on Medium - infosecwriteups.com subdomain itu github shopify