@omidrezaei
About
Nothing here yet.
Available for
Nothing here yet.
Nothing here yet.
Nothing here yet.
Nov 22, 2024 · 7 min read · A few months ago, I was working on a public bug bounty program, and there was an OAuth implementation for users to log in and sign up. Introduction First of all, before you start reading this blog post, you should be familiar with some concepts: Happ...
MTIFMakbeyound and 3 more commented
Oct 23, 2024 · 6 min read · Roughly 5 months ago, YShahinzadeh and I found an XSS vulnerability that had a weird CSP bypass leading to Account Takeover and received a $3500 bounty. The journey was quite interesting to me as it involved deep recon, reading many documents of the ...
Llinkssfan commented
Nov 17, 2023 · 5 min read · Recon: The target scope I had selected was fixed to the main application: 1377.targetstaging.app In the first phase of my narrow recon approach, I utilized various services like Archive, Google, and Yahoo to extract endpoints and different paths. Ho...
ANasdawd commented
Oct 21, 2023 · 12 min read · Intro Hello, I'm Omid, a 22-year-old enthusiast diving into the world of web application hacking for nearly a year and a half now. I'm currently hunting for the Voorivex team, a group of people like me who have the same interests. You can read my fir...
ASMICRedwanur and 9 more commented
