File Upload - Upload. Intercept. Exploit.As a penetration tester, I often come across interesting security issues during assessments. One such case involved a file upload feature…Nov 181Nov 181
XSS - Weaponization ATOHi fellow hunters, In this write-up I will detail the discovery of a reflected cross-site scripting bug and the subsequent escalation that…Nov 28, 20231Nov 28, 20231
SQLi - US Gov DatadumpHi fellow hunters, in this write-up, I will explain how I founded SQL Injection Vulnerability and was able to dump data from the US…Aug 18, 20232Aug 18, 20232
RXSS - Story of $2000Hi fellow hunters, in this write-up, I will explain how I found a reflected cross-site scripting bug and showed multiple attack scenarios.Feb 10, 20235Feb 10, 20235
RCE - The TelerikHi folks, Usually I don't do writeups or share anything related to bug bounty. From now I will be sharing my experience and knowledge &…Feb 9, 20235Feb 9, 20235