Blake JacobsforDorki - Blogdorki.hashnode.dev·May 28, 2024How I Discovered a Critical Path Traversal Vulnerability Using DorkiIn this article, I detail my journey of discovering a critical vulnerability using Secondary Context Path Traversal. By leveraging Dorki for passive reconnaissance, I identified an Apache Tomcat-hosted web app and exploited its path normalization fla...Discuss·939 readshacking
Sergio Medeirosgrumpz.net·May 21, 2024CVE-2024-34240: Latest Stored XSS 0day Vulnerability UnveiledLate in the evening, I decided to explore some PHP applications focused on Student Information Systems, inspired by my recent success in finding systemic stored XSS vulnerabilities in a private bug bounty program. I visited my favorite source for PHP...Discuss·11 likes·600 readsMy Security ResearchBugs and Errors
Md HasanforDorki - Blogdorki.hashnode.dev·May 19, 2024Unauthorized API endpoint Access Leads to Mass PII LeakageHello, my name is Mohd Hasan Ansari, a 19-year-old web security enthusiast who goes by the username Jerry1319 on most social networks. I have been actively involved in web application security for approximately a year and a half. At the moment. So Wi...Discuss·1 like·644 readsbugbounty
Sergio Medeirosgrumpz.net·May 17, 2024CVE-2024-34241: A Step-by-Step Discovery GuideIt was late at night, and I was starting to burn out from hunting bugs in a few bug bounty programs I am active on. I still had that hacker itch I wanted to scratch, so I decided to look at a few web applications to see if I could find any easy "0day...Discuss·10 likes·637 readsMy Security ResearchBugs and Errors
Blake JacobsforDorki - Blogdorki.hashnode.dev·May 16, 2024Become a Search Ninja: Enhance Your Skills with Dorki.ioIntroduction In this blog post, we explore the art of Google Dorking and introduce Dorki.io, a powerful tool that enhances search capabilities. We cover advanced strategies for finding components and assets in Adobe Experience Manager (AEM), extract...Discuss·641 reads#cybersecurity
Rushikesh Patiloffensivebytes.com·May 5, 2024Peeling Back the Layers: Unmasking Hidden Secrets in JavaScript CodeHey there! Today, let's go on a little adventure into the world of website secrets. Imagine this: if you add ?_debug=1 to the end of a JavaScript(.js) page's address, it's like unlocking a hidden door. We'll explore a cool security trick that makes a...Discuss·28 readsbugbounty
Sergio Medeirosgrumpz.net·May 4, 2024Finding a Basic RCE Vulnerability on a Prominent News ChannelUsually, when newcomers approach me in the bug bounty field, they often ask about the tools, methods, and any other "secret sauce" I use when searching for vulnerabilities in bug bounty programs. I'm sure many of them might feel I sound arrogant or c...Discuss·12 likes·430 readsMy Security Researchhacking
Sergio Medeirosgrumpz.net·Apr 22, 2024Uncovering an SSRF Vulnerability in PDFMyURL Affecting Numerous UsersWhile enumerating the scope of a target on a private bug bounty program, I came across a subdomain used for generating PDF files. However, it seemed out-of-scope as they were simply white labeling a service called PDFMyURL, which lets you convert any...Discuss·10 likes·1.1K readsMy Security Researchbugbounty
Panagiotis Vasilikossecuringbits.com·Jan 17, 2024UUID Sandwich AttacksIf you're using UUIDs (version 1) to implement security features in your application, you may be vulnerable to Sandwich Attacks. Solution: switch to version 4 UUIDs instead.Discuss·2 likes·138 readsApplication Security
Bhavesh aka ShellbreakerforShellbreakershellbreaker.hashnode.dev·Dec 19, 2023Duplicate CSRF… Leads to $$$$Introduction Hey everyone, Bhavesh aka Shellbreaker here! Cybersecurity is my passion, both at work as a security engineer and after hours as a bug bounty hunter. Join me on this adventure as I uncover vulnerabilities and explore the fascinating worl...Discuss·301 readsbugbounty