PinnedBypassing 403s like a PRO! ($2,100): Broken Access controlHello hunters, hope you’re doing well, and apologies for the huge gap in posting articles. This article highlights my way of dealing with 403s and how I managed to get a P1 in minutes!😍 Excited to share this story with you all. Let’s get started!😁 Let's Begin A Broken access control…Bug Bounty3 min readBug Bounty3 min read
PinnedHow I turned 0000 into $600: Phone Verification BypassHello Hunters, This is a Tale of how I decoded the Verification flow of a well-known web application & bypassed the Phone Verification process because of the Initial code set at the Backend ❤ Damn Excited! Can’t wait to share this…😍 Let’s Begin The Web Application was a Server Hosting Management System…Cybersecurity3 min readCybersecurity3 min read
PinnedEncrypted Payload -> Decrypted Execution ($600) : Stored XSSHello Hunters, This is a Tale of how I used an Application’s feature against itself to give rise to a Stored Cross Site Scripting Vulnerability. So relax and Enjoy the article ❤ Damn Excited to share this story…..😍 Let’s Begin Cross site scripting (XSS) is a common attack vector that injects malicious…Cybersecurity3 min readCybersecurity3 min read
Aug 1, 2021How a simple “Hey!” can turn into your worst Nightmare: Stored XSSHello Hunters, Hope you’re doing well. Ever thought about what can happen if you read any stranger’s “Hey!” message? Nothing will happen, right?! 🤔 Let me prove you wrong!! So relax and let me explain how a simple “Hey!” can turn into your worst nightmare!! 👻 I’m sure this would…Ethical Hacking3 min readEthical Hacking3 min read
Jan 6, 2021My First 4 Digit Bounty Tragedy ($1125) : Stored XSSHello Hunters, This is my FIRST Medium Article covering the Story of my FIRST 4 Digit bounty which was FIRST marked as a Duplicate but later found out to be a Unique submission after a long span of 25 days and also got gifted with a PentesterLab Pro Subscription for…Ethical Hacking4 min readEthical Hacking4 min read
