All About SSRF (“Server-Side Request Forgery”)Are you curious how to find SSRF vulnerabilities yourself? If so, lets take a look at what SSRF really is and go over many details of SSRF…Jan 30, 2023Jan 30, 2023
Finding Reflected XSS In A Strange WayToday I will be talking about how I foua reflected XSS (“Cross Site Scripting”) vulnerability in a very popular bug bounty program and…Nov 11, 2022Nov 11, 2022
Privilege Escalation in Linux SystemsLooking for a way to gain root access after establishing the initial foothold in Linux systems? Here are some things to look for to…Oct 26, 2022Oct 26, 2022
SSRF Bug Leads To AWS Metadata ExposureHow can you leverage an SSRF (“Server Side Request Forgery”) vulnerability to evade filters and leak internal AWS credentials on a web…Oct 26, 20221Oct 26, 20221
Stored XSS To Cookie ExfiltrationToday I will be explaining an XSS (“Cross Site Scripting”) vulnerability I found in a private bug bounty program that allowed me to…Oct 26, 20221Oct 26, 20221
SSRF & LFI In Uploads FeatureHello fellow hackers, today I will discuss how I found a Server-Side Request Forgery (SSRF) which lead to a Local File Inclusion (LFI) that…Oct 24, 2022Oct 24, 2022
How I Found A Simple Stored XSSThis is the story of how I found my first Stored XSS (“Cross Site Scripting”) vulnerability in a bug bounty program and a walk through on…Oct 24, 20223Oct 24, 20223