Yasin Saffarisymbolexe.xyz·Apr 24, 2024VulnersX ToolVulnersX VulnersX is a powerful tool for efficiently searching and analyzing software vulnerabilities. It provides comprehensive results with both SQLite database and text file outputs, ensuring flexibility and ease of use for security professionals ...Discuss#cybersecurity
Yasin Saffarisymbolexe.xyz·Apr 24, 2024SHIFU ToolSHIFU is a comprehensive and powerful toolkit designed to streamline the process of finding detailed information about Common Vulnerabilities and Exposures (CVEs). Introduction SHIFU is a comprehensive and powerful toolkit designed to streamline the ...Discuss#cybersecurity
Yasin Saffarisymbolexe.xyz·Apr 24, 2024OOGWAY ToolOOGWAY is a powerful command-line utility designed to streamline the search for vulnerabilities and details regarding Common Vulnerabilities and Exposures (CVEs). Overview OOGWAY simplifies the process of searching for vulnerabilities and accessing C...Discuss#cybersecurity
Sergio Medeirosgrumpz.net·Apr 22, 2024Uncovering an SSRF Vulnerability in PDFMyURL Affecting Numerous UsersWhile enumerating the scope of a target on a private bug bounty program, I came across a subdomain used for generating PDF files. However, it seemed out-of-scope as they were simply white labeling a service called PDFMyURL, which lets you convert any...Discuss·10 likes·640 readsMy Security Researchbugbounty
MadiSecblog.huntcon.ir·Apr 20, 2024Domain discovery in bug bounty.Hi there, today I want to talk about Domain discovery in wide recon for bug hunters. Summary As a matter of fact, there are many different kinds of Domain discovery methodology. but, I want to write my methodology for this wide recon part. So, let's...Discuss·2 likesBug Bountybugbounty
Lohith Gowda Mblog.lohigowda.in·Apr 18, 2024Securing the Cloud: From S3 Credentials to RDS Database AccessI recently went on a bit of adventure with an application used for webinar and 1:1 meetings. It's a start-up based in Bangalore, and guess what? It ended with me accessing the RDS database! Let me take you through how it all happened. Discovering the...Discuss·5 likes·376 readsbugbounty
Prasun Rayprasunray477.hashnode.dev·Apr 10, 2024The Bug Bounty ChroniclesIntroduction to web servers, web applications, and their configurations. What is a "Web Server"A web server is the core software/hardware that stores websites and facilitates the client-server communication required to view web pages over the interne...Discuss·10 likesbugbounty
Patrick Peng0reg.dev·Mar 26, 2024$900 of $5870: From Path-traversals to RCE.Recently, I been dedicating my time to bug hunting of large OSS Projects, which is both a time and brain consuming job with these complex architecture and these intricating X-referencing and API calls. Nevertheless, these hardworks paid off (In my wo...Discussbugbounty
Ryan Bonnerroll4combat.hashnode.dev·Mar 7, 2024Finding My Way In CybersecurityMy Journey from Discontent to Discovery Two and a half years ago, I found myself at a crossroads. My career path was a patchwork of sales and odd jobs—from pest control to driving for Uber to moving people's houses. These roles paid the bills, but no...Discuss·10 likes·614 readshacking
Mohammad ZaheriforVoorivex's Teamblog.voorivex.team·Mar 5, 2024$20,300 Bounties from a 200 Hour Hacking ChallengeBack to July 2023, Mohammad Nikouei and I decided to dedicate 100 hours to working on the public BB program on BugCrowd. We worked on the program part-time, spending 4 to 6 hours per day on it each. The program we chose was a famous and big company, ...Hossein Golzari and 1 other are discussing this2 people are discussing thisDiscuss·88 likes·7.2K readsbugbounty