This blog post is about how a hacker could have Hacked 100k+ Loyalty Programs to get free points & redeem them for free stuff or coupons.
The blog post describes how I was able to bypass subscription plans to get access to paid services for free. Hope you guys are doing good, I haven’t published a blog in a while so I decided to make use of the blog and share some of my new findings with you guys, So this […]
Hey guys so this blog post is about bug bounty report, I was able to Bypass Security restrictions by using inspect element and use Paid Features. About the Issue: The issue is really simple to execute. I was looking for a way to use the service for free and managed to find it so easily […]
Hey guys so this blog post is about RCE issue reported to Microsoft bug bounty program, Remote Code execution issue existed in microsoft.com subdomain running Apache Solr. I’ll try to be as simple as possible. Participated in Microsoft Bug Bounty Program first time.. About the RCE: While doing some recon on microsoft.com website i […]
Hey guys so this blog post is about Exploiting Insecure Firebase Databases, due to Improper set security rules one can write data to the database in certain conditions here’s a Short POC tutorial of the issue. A few days ago i was doing static analysis of an Android app on a bug bounty target, as […]
Hey, So First of all before i start writing about this issue i want you guys to read the blog about Ticket Trick it was written by Inti De Ceukelaire (Thanks to him for sharing this and help us work on it to secure more companies ). This blog is just about my experience with this issue and […]
Hello Guys!! This is my first Blog post and i am starting with IDOR Vulnerability. In this Post you will know about many endpoints to test IDOR vulnerability! Hope you will like it. Arbaz Hussain get invitation to test one private program and find vulnerabilities with his team mates but he was busy with his […]
Hi All, So I decide to write about the Love story between Bug Bounties & Recon. First of all I’m not much of an Expert so I’m just sharing my opinion. This blog post will be focusing on recon & where to look for bugs In a Bug Bounty Program, This is not a guide […]