The results are in! After 51 nominations whittled down to 15 finalists by a community vote, an expert panel consisting of Nicolas Grégoire, Soroush Dalili, Filedescriptor, and myself have conferred, v

Amazon S3 joins to the LeakLooker family, now tool looks for exposed buckets and potential takeovers.

INTRODUCTION:

hello my fellow hunters! im here to share(Sharing is caring) a new bug i found in a program let’s call it as redacted.com

So one day I was doing some work with my friend and visited PayPal to get a Pay with PayPal button. I logged in to PayPal and moved to…

While doing spidering on silvergoldbull site I noticed a strange request to https://silvergoldbull.de/bt.html with following request:

Bug Bounty Hunting Tip #1- Always read the Source Code

A lot of new hackers do not utilize the power of automation but once you get used to it there is no turning back.

Finding bugs in popular websites can be tough sometimes, but luckily this is not always the case.

Hello guys, I’m here with a new blog post on account takeover vulnerabilities which have been reported by me. I’ve started bug bounty in…

Contribute to m4xx101/FinDir development by creating an account on GitHub.

In this article, we will discuss IDOR vulnerability, how to find one and present 25 disclosed reports based on this issue.

How I Finally could Got into an Internal Network (and could accessing all of their internal assets) by Using Various Vulnerabilities.

Decode All Bases - Base Scheme Decoder. Contribute to mufeedvh/basecrack development by creating an account on GitHub.

Last October I dived into the world of Jira Software (version 8.4.1) in the hope of discovering new vulnerabilities. Initially, I came…