Sakshi from KushoAIsoftware-deep-dives.hashnode.dev·Dec 4, 2024Modern Security Vulnerabilities: Lessons from Recent BreachesThis blog is written by Jeremy Rivera at KushoAI. We're building the fastest way to test your APIs. It's completely free and you can sign up here. In recent years, big tech has witnessed a series of high-profile security incidents that serve as cruci...#cybersecurity
0xryzn1ghtm4r3.hashnode.dev·Nov 26, 2024Bug Bounty Cartel Stories - November EditionIntroduction Time flies—it’s already been a month since the last edition! Welcome to the November edition of The Bug Bounty Cartel Stories. This month has been particularly rewarding for me as a bug hunter. In fact, it’s shaping up to be my best mont...95 readsThe Bug Bounty Cartel Stories#cybersecurity
Sayaan Alamblog.sayaan.in·Nov 22, 2024From Template to Threat: Exploiting Freemarker SSTI for Remote Code ExecutionHi Readers! I hope you all are doing well, In this post, I want to discuss a specific type of vulnerability I've encountered: Server-Side Template Injection (SSTI) in Freemarker that can lead to Remote Code Execution (RCE). This vulnerability is part...1.7K readsbug bounty
Bhuwan Bhetwalblog.bhuwanbhetwal.com.np·Nov 16, 2024Connecting android/emulator to your Burp suite via OpenVPNThis is a simple blog for connecting the Genymotion and the Burpsuite for Android Pentesing using OpenVPN. I use Genymotion (Google Pixel 3 — Android Version 9) and Kali Linux Let’s start the configuration. Make sure you save this two scripts. Githu...40 readsBurpsuite
Yash Shirsathyashashirsath.hashnode.dev·Nov 9, 2024A Bug Hunter's Journey - Discovering and Reporting Bugs on an E-commerce PlatformToday, I’m sharing my experience with bug hunting on a demo e-commerce site (LINK). As a Data and Business Analyst, I’m venturing into Quality Assurance (QA) and software testing for the first time, using tools like BrowserStack to test cross-browser...1 likeBugs and Errors
Harshal Shahdelvingwithharshal.hashnode.dev·Oct 17, 2024Protecting Your Systems: A Guide to XML External Entity AttacksWhat is XML External Entity (XXE)? Before diving into XXE attacks, let’s first understand XML (Extensible Markup Language). XML is a markup language that structures and stores data in a format readable by both humans and machines. Originally develope...Fortify and Defend: Navigating the Cybersecurity Landscapexml external entity
Xotl Mistxotlmist.hashnode.dev·Sep 23, 2024Getting into Cyber Security with Bug bounty | Day ZerØThere are many ways to get into the security realm, the traditional degree and certification pathway is one of them, but we’re going to talk about more accessible ways to get into security, sometimes you can’t afford a degree, which could be in terms...2 likesbug bounty
prasanna darkb0ts.hashnode.dev·Jul 16, 2024Hunting Bugs with GAU and HTTPX: A Step-by-Step GuideBug bounty hunting is a thrilling field where security enthusiasts and professionals test their skills against live systems, seeking vulnerabilities that can be reported for rewards. In this guide, we'll explore how to use two powerful tools, GAU (Ge...bug bounty
Omrootaccess.hashnode.dev·May 28, 2024How To Stay Ahead of 99% Of Bug Bounty HuntersHello Everyone, We know that bug bounty is growing popular day by day and many people are getting into this field which is great for the community but it also increases competition within the bug bounty hunters, and thus makes it harder to find bugs ...3 likeshacking
Sergio Medeirosgrumpz.net·May 4, 2024Finding a Basic RCE Vulnerability on a Prominent News ChannelUsually, when newcomers approach me in the bug bounty field, they often ask about the tools, methods, and any other "secret sauce" I use when searching for vulnerabilities in bug bounty programs. I'm sure many of them might feel I sound arrogant or c...13 likes·508 readsMy Security Researchhacking