PinnedWhy You Should Always Check The Audit Log [Medium] — $500In this write-up, I will discuss how I was able to find sensitive information through the Audit Log on a well-known CyberSecurity Company.May 20, 20231May 20, 20231
PinnedPrivilege Escalation from Improper Access Control [Medium] — $700I will be discussing how I was able to leverage an Improper Access Control Vulnerability to a Privilege Escalation Vulnerability on one…Feb 23, 20211Feb 23, 20211
Strict Rate Limiting Policy Leads to Massive DoSI will be discussing an interesting observation on how policies implemented on Auth Endpoint could backfire and turn into massive DoS…Feb 8, 2021Feb 8, 2021
Stored XSS on Product Description [HIGH] — $400In this writeup, I will be explaining to you readers how I was able to find a Stored XSS on one of the biggest E-commerce sites in Asia…Jan 6, 2021Jan 6, 2021
Choosing the ‘Right’ Bug Bounty ProgramThe bug bounty industry can be considered as one of the most competitive industries. The combination of evolving technologies as well as…Dec 27, 2020Dec 27, 2020
Cross-Site Request Forgery (CSRF) Complete Guide with ExamplesCross-Site Request Forgery (CSRF) was one of the first vulnerabilities that I learned at the beginning of my Bug Bounty journey. Combined…Oct 8, 20201Oct 8, 20201
First Valid Bug Bounty Submission — Information LeakageIntroduction to Bug Bounty along with First Valid SubmissionAug 26, 2020Aug 26, 2020