Published inInfoSec Write-upsHow I chained Host header Injection to Password Reset Link Poisoning to XSS and Account Takeover.Hello Cyber Security world, I trust you all are doing well from your side of the screen .Jun 11, 20231Jun 11, 20231
Published inInfoSec Write-upsHow I detected Open Redirect on a WhatsApp MessageHello world, Today I share how I detected a $$$$ Open Redirect Bug from a simple WhatsApp message. This can be detected on other platforms…Apr 19, 2023Apr 19, 2023
Published inInfoSec Write-upsBug Bounty Manual Recon GuideEver felt like you need a specific guide / approach to your bug bounty targets so that you do not miss anything during the hunt? Well…Feb 26, 2023Feb 26, 2023
Published inInfoSec Write-upsApproaching Login,Signup Pages and Change Password Instances for Bug Bounty HuntingDetailed approach to bug bounty hunting on Login Pages, Sign up pages and Password Change InstancesFeb 23, 2023Feb 23, 2023
Published inInfoSec Write-upsAccount Pre-Takeover Bug BountyWhat is account Pre-takeover in Bug Bounty? The chain of bugs leading to account pre-takeover.Feb 19, 2023Feb 19, 2023
Published inInfoSec Write-upsWhy WordPress should abandon Old PHP Password encryption algorithms.As a hardening issue on WordPress, It’s time to evolve the PHP.Dec 19, 20221Dec 19, 20221
