Hacking a Company Through help desk – Ticket Trick | Bug Bounty POC
Hey, So First of all before i start writing about this issue i want you guys to read the blog about Ticket Trick it was written by Inti De Ceukelaire (Thanks to him...
BugBounty POC
P1 Like a Boss | Information Disclosure via Github leads to Employee Account Takeover | Bug Bounty POC
Hey Guys, So This blog is a short blog about a P1 issue i found in a site it was a really simple and maybe a common issue, So...
Subdomain Takeover via Unsecured S3 Bucket Connected to the Website
Hey Guys, So This Blog is Basically About an issue i found in a web where a missing file and an Unsecured S3 Bucket connected to that website gave...
SQL Injection Vulnerability bootcamp.nutanix.com | Bug Bounty POC
Hey Guys, So Another Concise Report about an SQLi I recently Found One day i was just going through some Twitter posts and saw one of my friend replied...
RCE Unsecure Jenkins Instance | Bug Bounty POC
Hi Guys, Honestly i was just getting bored and the blog wasn’t updated ina while so i decided to write this (Will share some more recent issues in a few...
IOS 11.4 Siri Auth Bypass | CVE-2018-4238
So this year in March i was just testing different settings of my iPhone that was running the latest IOS that time it was IOS 11.2.6 and i came across...
How I was able to get subscription of $120/year For Free | Bug Bounty POC
About 2 Months ago a friend gave me his wetransfer.com account to send a 15GB file to a friend as he was using WeTransfer Plus subscription that he bought for...
KNOXSS for Dummies! A new Detailed Guide to use KNOXSS Pro in real world
Just “XSS” it Hello to all my brothers and friends. First i would like to thank @knowledge_2014 (ak1t4 z3n) for his support and @IfrahIman_ (Ifrah Iman) for helping to write this...
Unrestricted File Upload to RCE | Bug Bounty POC
Hey Guys, Hope all of you guys are doing well, I’m an Active Bug Bounty participant, & also sometimes work as a Freelancer for some extra pocket money :p So...
UBER Wildcard Subdomain Takeover | BugBounty POC
Hi All, So Last month i decided to test Uber for Fun & Profit, So while scanning for subdomains to target i found a subdomain “design.uber.com” While navigating to the...