Security Breached Blog

One step at a time There's no need to rush It's like learning to fly!

Tag: BugBounty POC

Hey Guys,   So This blog is a short blog about a P1 issue i found in a site it was a really simple and maybe a common issue, So I got invited to a site and the first thing i mostly do is to check github.com for issues related to that site & also […]

Hey Guys,   So This Blog is Basically About an issue i found in a web where a missing file and an Unsecured S3 Bucket connected to that website gave me a way to takeover that subdomain without a Subdomain Takeover Vulnerability, So Let’s begin   So I was testing a private program when i […]

About 2 Months ago a friend gave me his wetransfer.com account to send a 15GB file to a friend as he was using WeTransfer Plus subscription that he bought for $120/year i’ve decided to test WeTransfer for any possible vulnerability that can result of me bypassing their payment system or getting a Plus subscription for […]

Just “XSS” it Hello to all my brothers and friends. First i would like to thank @knowledge_2014 (ak1t4 z3n) for his support and @IfrahIman_ (Ifrah Iman) for helping to write this article. My name is Emad Shanab from Egypt. I am a lawyer by occupation but I love to find bugs in websites as a hobby. […]

Hi All, So Last month i decided to test Uber for Fun & Profit, So while scanning for subdomains to target i found a subdomain “design.uber.com” While navigating to the subdomain it redirected me to another domain Owned By Uber That was https://www.uber.design/ so The domain was new for me as i haven’t seen that before […]

What virtual hosts (or vhosts)? A single web server can be configured to run multiple websites at once, under different domain names. These are the virtual hosts (or vhosts) and they are usually found in shared hosting environments. Why you need to Enumerate? The host name discovery phase is an information gathering act to get […]