PinnedHackerone got hacked! How can I steal your POC? 🥷🏻Story of my experience how to get critical bugs directly upstream (Hackerone) as a bug bounty platform.Apr 29, 20245Apr 29, 20245
Reflected XSS bypass WAF & Page notfoundIt was hard for me to finally bypass this.Dec 22, 20242Dec 22, 20242
From exam to hackingThe story begins with an error message that inspires me to do some hacking (SQL-I, RCE, Source Code Exposed, Privilege escalation).Oct 6, 2023Oct 6, 2023
One-click Account Takeover & IDOR leaks all user informationThe story of how I took over someone's account by resetting their password.Sep 18, 2023Sep 18, 2023
Subdomain takeover via teamwork.comExploiting Subdomain Takeover Vulnerabilities via teamwork.comSep 16, 2023Sep 16, 2023
Introduction & How to use vulnshot.com 🪲If you need to manage the Nuclei CLI output which was previously only limited to chat lines on Telegram, Discord, and others, with VulnShot…Sep 12, 2023Sep 12, 2023
Subdomain takeover via Frill.coExploiting subdomain takeover via Frill (A Customer feedback, Roadmap and Announcements tool).Sep 9, 2023Sep 9, 2023
Again? Subdomain takeover via ideanote.ioExploiting subdomain takeover Ideanote, Ideanote is a new way to work with ideas. It’s faster, more efficient, and lets you build a fully…Sep 6, 20231Sep 6, 20231
Subdomain takeover via nolt.ioExploit subdomain takeover via Nolt. Nolt is a beautiful, collaborative place for all your user requests — no more outdated spreadsheets…Sep 5, 2023Sep 5, 2023
$100 under 1 hour: Subdomain takeover via firstpromoter.comExploiting subdomain takeover via firstpromoter, is Affiliate and referral tracking for SaaS.Aug 31, 2023Aug 31, 2023
