Zero Click Account TakeoverHere I noticed that the application allowed users to create an account using Social Logins like Facebook, Google, Apple, etc.5d ago5d ago
Mastering XSS in a single read!Cross-site scripting is a type of security vulnerability typically found in web applications. XSS attacks enable attackers to inject…Dec 31, 20241Dec 31, 20241
Dalfox: Parameter Analysis & XSS Scanning ToolDalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on Golang.Dec 30, 2024Dec 30, 2024
Triaging an LFI Vulnerability ReportThe report landed in my queue late in the evening, and at first glance, it seemed like a straightforward Local File Inclusion (LFI)…Dec 30, 2024Dec 30, 2024
Cross-Domain Referrer Leakage (Bug Bounty)I was checking a reporter's report and saw the bugs, I thought its a informative but then tried following the steps.Dec 29, 2024Dec 29, 2024
How to find SSRF, Bypass Cloudflare, and extract AWS metadataI was working on a program and since I have no permission to disclose the name of the target, let’s call it redacted.com.Dec 29, 2024Dec 29, 2024
403/401 Bypass Methods + Bash Automation + Your Support ;)4-ZERO-3 Tool to bypass 403/401. This script contains all the possible techniques to do the same.Dec 28, 2024Dec 28, 2024
The Bug Bounty Reconnaissance Framework (BBRF)The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices. For more…Dec 28, 2024Dec 28, 2024
