24 Stories A Hacker’s Tale Ahoy, fellow digital adventurers! Today, we’re embarking on an exciting journey through the vast seas of web applications. Our quest? To uncover hidden treasures, or in this case, vulnerabilities! 1. Setting Sail – Understanding the Scope Before we embark on our hacking adventure, it’s essential to know the lay of…
Tag: bugbounty
Navigating the Bounty Seas with Open Bug Bounty
A Hacker’s Tale – Part 2 Welcome back, cyber adventurers, to our world of ethical hacking! In Part One, we set sail on the vast ocean of cybersecurity, armed with knowledge on identifying features, functions, and technologies used in web applications. Now, as we continue our quest for digital treasures, we delve into the fascinating…
Guarding the Cosmos: Securing Your WordPress {wp-config.php}
Prepare for liftoff, fellow space explorers of the digital galaxy! In the boundless expanse of cyberspace, your WordPress website is akin to a spacecraft on an interstellar voyage. At the core of this cosmic vessel lies a vault of unimaginable value—the wp-config.php file. But beware, for this cosmic treasure, if intercepted, can lead to the…
The Time Machine — Weaponizing WaybackUrls for Recon, BugBounties , OSINT, Sensitive Endpoints and what not
You must have heard about time travel in movies, series and comics. Well here we are Nah i’m not joking you can travel back in time and can fetch the endpoints from web applications to do further exploitation, don’t believe me xD You will after Travelling from TheTimeMachine, PS Doesn’t work offline you need internet…
Easy XSS On Mostly Educational Websites Via Moodle
Many educational websites are using Moodle which is vulnerable to RXSS and according to shodan more than 50K websites are using this technology. Moodle is a learning platform designed to provide educators, administrators, and learners with a single robust, secure and integrated system to create personalized learning environments. This was founded by @PewGrand
A Story of IDOR To Account Takeover
Hello Guys ! I am Pramod Yadav a Security Researcher and a Bug Hunter. This Is My First Bug Bounty Writeup. We are Going to See A Story of IDOR and How Could I Have Taken Over Your Account Through It. Before Getting into Details Let’s See What is An IDOR. What is an IDOR?…
Happy bug hunting in 2020, let’s make Web secure with Open Bug Bounty!
Hitachi Incident Response Team (HIRT)
Hitachi HIRT xss reflected
Pwnie Express – Cross-site Scripting (XSS)
Everything about XSS is in this source!
My name is Ismail Tasdelen. As a security researcher. In this article, I created a resource for you to get better information about xss. There are many xss bypass payloads in this resource, and there are a lot of technical sources. I hope that will be useful.