InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties…

Follow publication

Member-only story

Hacking Swagger UI - 101

A Hands-on practical guide to earning rewards.

RivuDon
InfoSec Write-ups
Published in
6 min read4 days ago
Dall-E + Photoshop.

📩 Read for Free CLICK HERE.

Hi, I’m Rivek Raj Tamang (RivuDon), a Security Researcher, Bug Hunter, and an Ethical Hacker currently pursuing a Master’s in Cybersecurity. I have secured many companies, received bounties, and numerous Hall of Fames mentions and Letter of Appreciation / Recognition.

Feel free to connect with me! You can find out more about me on my LinkedIn, I am active there.

⚠️ Disclaimer: This is for educational purposes only. Always get permission before testing systems. Hack responsibly!

Hi readers, this write-up is a hands-on practical guide to hacking Swagger UI which leads to DOM XSS, Resource Injection, Account Takeovers, Credential Harvesting, Phishing and many other Attack vectors. I have provided all my research study resources below along with steps to reproduce and POCS.

So, without further ado let's get straight to it!

Swagger UI

Swagger UI Webpage

Create an account to read the full story.

The author made this story available to Medium members only.
If you’re new to Medium, create a new account to read this story on us.

Or, continue in mobile web

Already have an account? Sign in

Published in InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. Subscribe to our weekly newsletter for the coolest infosec updates: https://weekly.infosecwriteups.com/

Written by RivuDon

Cyber Security | Bug Hunter | Hacker | Tech | Lifestyle LinkedIn: @RivekRajTamang

Responses (2)

Write a response