Muhammad Khizer Javed

SQL Injection Vulnerability bootcamp.nutanix.com | Bug Bounty POC

Muhammad Khizer Javed 6 years ago

Hey Guys,   So Another Concise Report about an SQLi I recently Found One day i was just going through some Twitter posts and saw one of my friend replied…

Muhammad Khizer Javed

RCE Unsecure Jenkins Instance | Bug Bounty POC

Muhammad Khizer Javed 6 years ago

Hi Guys, Honestly i was just getting bored and the blog wasn’t updated ina while so i decided to write this  (Will share some more recent issues in a few…

Edmodo official number for custom text messages to any number around the world!

Edmodo official number for custom text messages to any number around the world!

6 years ago

Hello 1337s, I hope you all are doing good and hunting websites. Today I’m going to tell you about a very interesting finding which was very simple and I never…

Muhammad Khizer Javed
IOS 11.4 Siri Auth Bypass | CVE-2018-4238

IOS 11.4 Siri Auth Bypass | CVE-2018-4238

Muhammad Khizer Javed 6 years ago

So this year in March i was just testing different settings of my iPhone that was running the latest IOS that time it was IOS 11.2.6 and i came across…

Muhammad Khizer Javed

How I was able to get subscription of $120/year For Free | Bug Bounty POC

Muhammad Khizer Javed 6 years ago

About 2 Months ago a friend gave me his wetransfer.com account to send a 15GB file to a friend as he was using WeTransfer Plus subscription that he bought for…

How I found IDOR on Twitter’s Acquisition – Mopub.com

6 years ago

Hello everyone, Jay Jani noob here with another noobish finding. As 2k18 has started, I thought to hunt down Twitter for gaining reputation on HackerOne. I tried to find a bug…

Hunting Insecure Direct Object Reference Vulnerabilities for Fun and Profit (PART-1)

6 years ago

Hello Guys!! This is my first Blog post and i am starting with IDOR Vulnerability. In this Post you will know about many endpoints to test IDOR vulnerability! Hope you…

How I was able to Bypass XSS Protection on HackerOne’s Private Program

6 years ago

Hello friends, This is Jay Jani here and First of all frankly I would like to tell you all that I am completely a noob so I did some noobish things…

How  I was able to Download Any file from Web server!

How I was able to Download Any file from Web server!

6 years ago

Hello to all Masters and Learners, I hope you all are doing well and spending most of your time in hunting and learning. Where most of us spend time to…

KNOXSS for Dummies! A new Detailed Guide to use KNOXSS Pro in real world

KNOXSS for Dummies! A new Detailed Guide to use KNOXSS Pro in real world

6 years ago

Just “XSS” it Hello to all my brothers and friends. First i would like to thank @knowledge_2014 (ak1t4 z3n) for his support and @IfrahIman_ (Ifrah Iman) for helping to write this…