WhoAmI: I am a twenty-year-old who has been in the bug bounty scene since 2018. Most of my time is on HackerOne, and I specialize
What are JWTs? JSON web tokens (JWTs) are a standardized format for sending cryptographically signed JSON data between systems. Theoretically, they can contain any kind
Tl;dr : a subdomain of tokopedia’s website is pointed to an expired Top-Level-Domain available to buy, so obviously I go ahead and buy it. Assalamualaikum
I mostly wanted to share this post not because it’s a novel and unique attack, but to show the thought process of attacking this particular
Hii hunters ! I’m again with another story. I love 2FA, not because it provide extra security. Because of satisfaction to bypass them. Stay tuned
Hey hackers! These are our favorite resources shared by pentesters and bug hunters last week.This issue covers the week from 25 of January to 01
Introduction *All GIFs contained within this post can be watched in HD for clearer viewing, Medium unfortunately does not allow this to be set by
Hello World, today I am going to share one of my recent interesting finding that is RFI to LFI vulnerability. It was a private program,
Cross-site Request Forgery is easy to lookout for. However, if there are security measures in place to prevent CSRF attacks, they can be exciting (yet
Hey all 🙂 Hope you guys are good as always. As you asked for on twitter (make sure to follow me @DaherMohamed4 ) Here is how I
