Hello everyone, I would like to share a riveting issue regarding XSS (Cross-Site Scripting ) I endured a few months ago. Cross-site scripting (XSS) is a type of security vulnerability…

I hope you are having a great time, I would like to share an issue which i discovered in less than 10 minutes and got rewarded $XXXX bounty within 24…

I discovered Cross-Site Request Forgery (CSRF) issue in one of the bug bounty programs but limited to some easy and simple actions only. After spending a few minutes by browsing…

I have seen most of the peoples searching for No rate limiting issue at endpoints like password reset resulting into mass email triggering, SMS triggering or sometimes abusing it for…

When it comes regarding API pentesting, I am always eager to test it even though I don’t succeed to find critical issues. It was one of the private programs from…

Until and unless an issue or loophole present in the application is not exploited and made impactful in a real-life scenario, the term “vulnerability” doesn’t suit as the perfect noun…

I still remember that exhausting day full of failures which are common for bug bounty hunters whenever you don’t find issues in the application. It was one of the public…