List: Bug Bounty Hunting | Curated by Satya Prakash

Aug 16, 2023
104 stories
8 saves
Bug Bounty Hunting
In
InfoSec Write-ups
by
Krishna Kumar
Stored XSS Filter Bypass in the Skills sectionInspired by my recent post on LinkedIn, I’m excited to share my first-ever write-up on Medium. In this article, I’ll take you through my…
Aug 16, 2023
7
Aug 16, 2023
7
Ahmad A Abdulla
AI helped me get $500 bounty with just one line of codeOne of the special HackerOne programs invited me. I worked on it for more than a week and couldn’t find any bugs. Although it had a very…
Aug 11, 2023
1
Aug 11, 2023
1
Utkarsh Agrawal
Cookie-based-injection XSS making exploitable with-out exploiting other Vulns.Hi all,
Oct 22, 2018
Oct 22, 2018
In
Geek Culture
by
Thexssrat
Fingerprinting a webserver + finding new web applicationsTools, methodology and thoughts
Jun 27, 2021
1
Jun 27, 2021
1
Aakash Rathee
Subdomain TakeOvers by iamaakashratheeIntroduction:
Apr 2, 2023
2
Apr 2, 2023
2
Pawan Chhabria
How I chained multiple bugs to maximize the impact (Default Credentials -> Reverse Connection->…Hello All, In the previous blog post, we saw how basic recon on Shodan helped us in finding tomcat service which was running on port 8082…
Apr 1, 2023
1
Apr 1, 2023
1
Abdelrahman Khaled
From phpinfo page to many P1 bugs and RCE. [Symfony][Symfony]: is a set of reusable PHP components and a PHP framework to build web applications, APIs, microservices and web services
Sep 16, 2021
Sep 16, 2021
Ravaan
Revealing my Private tool for Instant Bounties[Find Sensitive Info]What is this all about?
Apr 6, 2023
3
Apr 6, 2023
3
Manas Harsh
Hacking with cURL: Unleash the CLI beastCurl, or client URL is a command line tool that enables data exchange between a device and a server through a terminal. We can use this…
Jan 19, 2023
Jan 19, 2023
In
InfoSec Write-ups
by
0xLittleSpidy
India’s Aadhar card source code disclosure via exposed .svn/wc.dbHi Guys, I recently found a .svn/wc.db folder exposed on a resident.uidai.gov.in, and used it to reconstruct the Web app’s source code. I…
Jan 2, 2023
2
Jan 2, 2023
2
In
InfoSec Write-ups
by
CyberSec_Sai
How I Earned My First Bug Bounty Reward of $1000In this article, I want to discuss about my journey of making $1000 dollars from Bug Bounty program and the lessons I learned through this…
Dec 28, 2022
11
Dec 28, 2022
11
Ravaan
How I hacked 100s of pedophiles. (Warning: Explicit)So a bit of background. Pedophiles are people who are sexually attracted to children. I don’t need any more explanation to make you…
Dec 3, 2021
4
Dec 3, 2021
4
Ravaan
Adobe bug bounty using IDOR, Confidential data leaksI hacked adobe using IDOR, and got this
Mar 18, 2022
3
Mar 18, 2022
3
In
System Weakness
by
Ravaan
United Nations bug bounty[writeup]Let’s get to the point, how can you hack the UN and get your name featured in the prestigious hall of fame? Lemme show you a guaranteed…
Apr 15, 2022
5
Apr 15, 2022
5
Ravaan
My Blackhat stories- How I hacked a college and paid my friend's feesIntro:
May 25, 2022
12
May 25, 2022
12
Satya Prakash
Top 10 Exploited Vulnerabilities in 2022All the below-mentioned are the top 10 vulnerabilities exploited in recent years and attracted all other security researchers and bug…
Dec 10, 2022
Dec 10, 2022
Thexssrat
XSS made easy for testers, developers and managersLet’s explore XSS but in a way that everyone can understand
May 5, 2021
May 5, 2021
In
InfoSec Write-ups
by
Chirag Soni
Email Verification Bypass- A Strange Case!Hey, What’s Up Fellow Hackers, hope you are staying safe and utilizing this (WFH or Online Classes ) time to increase your knowledge. So…
Apr 30, 2021
2
Apr 30, 2021
2
Ahmed Alwardani
Pentest AWS Credentials That Had Been LeakedAWS Credentials That Had Been Leaked
Sep 14, 2020
Sep 14, 2020
Vasuyadav
Weak Cryptography to Account Takeover’sHello Everyone,
Nov 15, 2020
1
Nov 15, 2020
1