0xrzforVoorivex's Teamblog.voorivex.team·Nov 17, 2023Hijacking OAuth Code via Reverse Proxy for Account TakeoverRecon: The target scope I had selected was fixed to the main application: 1377.targetstaging.app In the first phase of my narrow recon approach, I utilized various services like Archive, Google, and Yahoo to extract endpoints and different paths. Ho...62 likes·6.3K readsbugbountyAdd a thoughtful commentNo comments yetBe the first to start the conversation.