Security Breached Blog

Security Breached | Latest Cyber News, Exploits, Tools & Tutorials | Securitybreached.org

    Author: Muhammad Khizer Javed

    1. Home
    2. Author: Muhammad Khizer Javed
    September 10, 2018

    Authentication Bypass Using SQL Injection AutoTrader Webmail – Bug Bounty POC

    Hey guys Me again with a Short POC about Login Bypass Using SQL Injection to get Access to AutoTraders Webmail so lets begain the POC will be short. What happened was i was working on AutoTraders Bug Bounty Program and had reported a couple of issues but all were Duplicate so i was checking subdomains when i landed on a […]

    Read More
    Muhammad Khizer Javed BugBounty POC 3
    September 9, 2018

    ZOL Zimbabwe Authentication Bypass to XSS & SQLi Vulnerability – Bug Bounty POC

    Hey Guys! Me Back with a New Post This One is about an Authentication Bypass Vulnerability in one of the subdomains of https://zol.co.zw/ ZOL Zimbabwe and Then got an XSS following with an SQLi in that Control Panel. So The Main Focus of this Blog Post will be on How i got access to the CP and then How i […]

    Read More
    Muhammad Khizer Javed BugBounty POC 1
    September 8, 2018

    SQL Injection Vulnerability bootcamp.nutanix.com | Bug Bounty POC

    Hey Guys,   So Another Concise Report about an SQLi I recently Found One day i was just going through some Twitter posts and saw one of my friend replied to a tweet about a Swag pack   As Some of you guys already know How Attractive such Tweets are so i decided to Test the Site that give him […]

    Read More
    Muhammad Khizer Javed BugBounty POC 3
    September 7, 2018

    RCE Unsecure Jenkins Instance | Bug Bounty POC

    Hi Guys, Honestly i was just getting bored and the blog wasn’t updated ina while so i decided to write this  (Will share some more recent issues in a few days 🙂 )   So i want this Write Up to be concise.. to Let’s Just say I was checking subdomains of a site and  found a subdomain jenkins-thor.dosomething.org so By […]

    Read More
    Muhammad Khizer Javed BugBounty POC 1
    IOS 11.4 Siri Auth Bypass | CVE-2018-4238
    May 22, 2018

    IOS 11.4 Siri Auth Bypass | CVE-2018-4238

    So this year in March i was just testing different settings of my iPhone that was running the latest IOS that time it was IOS 11.2.6 and i came across a setting under Settings > Siri > WhatsApp>”Use With Siri” I turned it on and locked my iPhone just to see if i can use WhatsApp to send a Message […]

    Read More
    Muhammad Khizer Javed BugBounty POC 0
    May 18, 2018

    How I was able to get subscription of $120/year For Free | Bug Bounty POC

    About 2 Months ago a friend gave me his wetransfer.com account to send a 15GB file to a friend as he was using WeTransfer Plus subscription that he bought for $120/year i’ve decided to test WeTransfer for any possible vulnerability that can result of me bypassing their payment system or getting a Plus subscription for completely free well for this […]

    Read More
    Muhammad Khizer Javed BugBounty POC 8
    Security Researcher saved Careem from a Data Breach
    December 19, 2017

    Security Researcher saved Careem from a Data Breach

    Careem App is a car booking platform based in UAE which offers traveling services by which people can book a car on their doorstep in a couple of minutes. Careem App is known for its pick and drop service with the most comfortable and safe environment all over UAE, PAKISTAN, AFRICA and more countries. But, what if this multinational organization […]

    Read More
    Muhammad Khizer Javed News 1
    Unrestricted File Upload to RCE | Bug Bounty POC
    December 19, 2017

    Unrestricted File Upload to RCE | Bug Bounty POC

    Hey Guys, Hope all of you guys are doing well, I’m an Active Bug Bounty participant, & also sometimes work as a Freelancer for some extra pocket money :p So I got a Project to test a site for possible security issues, while working on the Project i was able to bypass the file Upload functionality to Upload a shell […]

    Read More
    Muhammad Khizer Javed BugBounty POC 3
    My Guide to Basic Recon? | Bug Bounties + Recon | Amazing Love story.
    November 25, 2017

    My Guide to Basic Recon? | Bug Bounties + Recon | Amazing Love story.

    Hi All, So I decide to write about the Love story between Bug Bounties & Recon. First of all I’m not much of an Expert so I’m just sharing my opinion. This blog post will be focusing on recon & where to look for bugs In a Bug Bounty Program, This is not a guide on how to find bugs […]

    Read More
    Muhammad Khizer Javed Tutorials 7
    November 20, 2017

    UBER Wildcard Subdomain Takeover | BugBounty POC

    Hi All, So Last month i decided to test Uber for Fun & Profit, So while scanning for subdomains to target i found a subdomain “design.uber.com” While navigating to the subdomain it redirected me to another domain Owned By Uber That was https://www.uber.design/ so The domain was new for me as i haven’t seen that before that domain is a static […]

    Read More
    Muhammad Khizer Javed BugBounty POC 10

    Posts navigation

    « Previous 1 2 3 Next »

    Categories

    • BugBounty POC
    • News
    • Tutorials
    • Uncategorized

    Blog Stats

    • 171,433 hits

    Security Breached

    Security Breached

    Follow me on Twitter

    My Tweets

    UserOnline

    2 Users Online

      Copyright ©2021 Security Breached Blog . All rights reserved. Powered by WordPress & Designed by Cyclone Themes