P1 Like a Boss | Information Disclosure via Github leads to Employee Account Takeover | Bug Bounty POC

Hey Guys,   So This blog is a short blog about a P1 issue i found in a site it was a really simple and maybe a common issue, So I got invited to a site and the first thing i mostly do is to check github.com for issues related to that site & also…


Privilege Escalation like a Boss

Hello guys, This is Jay Jani and after a long time, I am back with one of my finding. This one is simple Privilege Escalation on a private program of HackerOne.   PS : This post is for Noobs like me so Leets please ignore the post :/   So I was invited to participate…


Subdomain Takeover via Unsecured S3 Bucket Connected to the Website

Hey Guys,   So This Blog is Basically About an issue i found in a web where a missing file and an Unsecured S3 Bucket connected to that website gave me a way to takeover that subdomain without a Subdomain Takeover Vulnerability, So Let’s begin   So I was testing a private program when i…


IDOR User Account Takeover By Connecting My Facebook Account with victims Account

Hey Guys Its Me Khizer again So This Blog is about an IDOR issue i found in a Web where changing the User ID in Facebook auth callback linking request actually connects my Facebook Account to the Victims Site Account so By this i could get complete access to User Account. So Let’s start what…


Authentication Bypass Using SQL Injection AutoTrader Webmail – Bug Bounty POC

Hey guys Me again with a Short POC about Login Bypass Using SQL Injection to get Access to AutoTraders Webmail so lets begain the POC will be short. What happened was i was working on AutoTraders Bug Bounty Program and had reported a couple of issues but all were Duplicate so i was checking subdomains…


ZOL Zimbabwe Authentication Bypass to XSS & SQLi Vulnerability – Bug Bounty POC

Hey Guys! Me Back with a New Post This One is about an Authentication Bypass Vulnerability in one of the subdomains of https://zol.co.zw/ ZOL Zimbabwe and Then got an XSS following with an SQLi in that Control Panel. So The Main Focus of this Blog Post will be on How i got access to the…


SQL Injection Vulnerability bootcamp.nutanix.com | Bug Bounty POC

Hey Guys,   So Another Concise Report about an SQLi I recently Found One day i was just going through some Twitter posts and saw one of my friend replied to a tweet about a Swag pack   As Some of you guys already know How Attractive such Tweets are so i decided to Test…


RCE Unsecure Jenkins Instance | Bug Bounty POC

Hi Guys, Honestly i was just getting bored and the blog wasn’t updated ina while so i decided to write this  (Will share some more recent issues in a few days 🙂 )   So i want this Write Up to be concise.. to Let’s Just say I was checking subdomains of a site and …


Edmodo official number for custom text messages to any number around the world!

Hello 1337s, I hope you all are doing good and hunting websites. Today I’m going to tell you about a very interesting finding which was very simple and I never expected that it could really exist there. I was hunting Edmodo nine months back and after various tests and techniques, I was unable to find…


IOS 11.4 Siri Auth Bypass | CVE-2018-4238

So this year in March i was just testing different settings of my iPhone that was running the latest IOS that time it was IOS 11.2.6 and i came across a setting under Settings > Siri > WhatsApp>”Use With Siri” I turned it on and locked my iPhone just to see if i can use…