CertificateFinder: A Game-Changer for All Hidden Subdomains(freeGUI tool)Free Upgraded version of crt.sh. Take your Bu Bounty to Next level. 🛠️.Jan 22Jan 22
Mastering JavaScript ReconDescription This is a simple guide to perform javascript recon in the bugbountyJan 13Jan 13
Learning Android Security in 1 read!Hello everyone, This is my first android blog post. Many of my friends suggested me to get into Android Security. I started learning…Jan 13Jan 13
Zero Click Account TakeoverHere I noticed that the application allowed users to create an account using Social Logins like Facebook, Google, Apple, etc.Jan 21Jan 21
Mastering XSS in a single read!Cross-site scripting is a type of security vulnerability typically found in web applications. XSS attacks enable attackers to inject…Dec 31, 20241Dec 31, 20241
Dalfox: Parameter Analysis & XSS Scanning ToolDalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on Golang.Dec 30, 2024Dec 30, 2024
Triaging an LFI Vulnerability ReportThe report landed in my queue late in the evening, and at first glance, it seemed like a straightforward Local File Inclusion (LFI)…Dec 30, 2024Dec 30, 2024
Cross-Domain Referrer Leakage (Bug Bounty)I was checking a reporter's report and saw the bugs, I thought its a informative but then tried following the steps.Dec 29, 2024Dec 29, 2024
How to find SSRF, Bypass Cloudflare, and extract AWS metadataI was working on a program and since I have no permission to disclose the name of the target, let’s call it redacted.com.Dec 29, 2024Dec 29, 2024
