Apr 6 · 8 min read · The Bug This blog post outlines the chains of multiple gadgets to achieve a full read ssrf on a target. Open Dynamic client registration on the MCP server to create an open redirect gadget Path norm
Join discussion
Feb 16 · 7 min read · Background I had a very interesting JavaScript-heavy target I was working on, which was built using a microservice architecture. The main domain contains a lot of sub-apps, so doing subdomain enumeration did not result in any significant success othe...
Join discussion
Feb 7 · 6 min read · The Bug The bug is a server-side request forgery vulnerability in a PDF generation feature that enabled me to read data from internal domains that are not publicly reachable The Journey I’ve been working on this application for three months now, and ...
Join discussion
Oct 28, 2025 · 7 min read · Starting with what I’m comfortable at I have been testing this particular app for close to three months before I found a valid bug in it The app was mainly used for creating notes and collaborating, so when I started testing, I mainly focused on brok...
Join discussion
Sep 7, 2025 · 7 min read · Recently, I was reading a blog titled “Don’t Fear The AI Reaper: Using LLMs to Hack Better and Faster” which was explaining how hackers can hack better with the help of AI. The blog talked about how AI can often generate vulnerable code, and it linke...
Join discussion