Open in app

Sign In

Write

Sign In

Shrirang Diwakar
Shrirang Diwakar

745 Followers

Home

About

Pinned

Bypassing 403s like a PRO! ($2,100): Broken Access control

Hello hunters, hope you’re doing well, and apologies for the huge gap in posting articles. This article highlights my way of dealing with 403s and how I managed to get a P1 in minutes!😍 Excited to share this story with you all. Let’s get started!😁 Let's Begin A Broken access control…

Bug Bounty

3 min read

Bypassing 403s like a PRO! ($2,100): Broken Access control
Bypassing 403s like a PRO! ($2,100): Broken Access control
Bug Bounty

3 min read


Pinned

How I turned 0000 into $600: Phone Verification Bypass

Hello Hunters, This is a Tale of how I decoded the Verification flow of a well-known web application & bypassed the Phone Verification process because of the Initial code set at the Backend ❤ Damn Excited! Can’t wait to share this…😍 Let’s Begin The Web Application was a Server Hosting Management System…

Cybersecurity

3 min read

How I turned 0000 into $600: Phone Verification Bypass
How I turned 0000 into $600: Phone Verification Bypass
Cybersecurity

3 min read


Pinned

Encrypted Payload -> Decrypted Execution ($600) : Stored XSS

Hello Hunters, This is a Tale of how I used an Application’s feature against itself to give rise to a Stored Cross Site Scripting Vulnerability. So relax and Enjoy the article ❤ Damn Excited to share this story…..😍 Let’s Begin Cross site scripting (XSS) is a common attack vector that injects malicious…

Cybersecurity

3 min read

Encrypted Payload -> Decrypted Execution ($600) : Stored XSS
Encrypted Payload -> Decrypted Execution ($600) : Stored XSS
Cybersecurity

3 min read


Aug 1, 2021

How a simple “Hey!” can turn into your worst Nightmare: Stored XSS

Hello Hunters, Hope you’re doing well. Ever thought about what can happen if you read any stranger’s “Hey!” message? Nothing will happen, right?! 🤔 Let me prove you wrong!! So relax and let me explain how a simple “Hey!” can turn into your worst nightmare!! 👻 I’m sure this would…

Ethical Hacking

3 min read

How a simple “Hey!” can turn into your worst Nightmare: Stored XSS
How a simple “Hey!” can turn into your worst Nightmare: Stored XSS
Ethical Hacking

3 min read


Jan 6, 2021

My First 4 Digit Bounty Tragedy ($1125) : Stored XSS

Hello Hunters, This is my FIRST Medium Article covering the Story of my FIRST 4 Digit bounty which was FIRST marked as a Duplicate but later found out to be a Unique submission after a long span of 25 days and also got gifted with a PentesterLab Pro Subscription for…

Ethical Hacking

4 min read

My First 4 Digit Bounty Tragedy ($1125) : Stored XSS
My First 4 Digit Bounty Tragedy ($1125) : Stored XSS
Ethical Hacking

4 min read

Shrirang Diwakar

Shrirang Diwakar

745 Followers

Security Engineer at Security Innovation | Bug Bounty Hunter | Content Creator

Following
  • Chirag Agrawal

    Chirag Agrawal

  • Harsh Bothra

    Harsh Bothra

  • Keyur Dasarwar

    Keyur Dasarwar

  • Nividita Kelapure

    Nividita Kelapure

  • Ankit Sharma

    Ankit Sharma

See all (7)

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech

Teams