Published inInfoSec Write-upsPRE-ACCOUNT TAKEOVER through Oauth misconfiguration on a mailing websiteAbout the vulnerability:Nov 111Nov 111
Published inOSINT Team5 unique Lesser-known methods to find vulnerabilities for bug bounty huntersWelcome back people. I’m Harish, a budding bug bounty hunter. In this blog, I discuss about unique and peculiar methods to find…Sep 222Sep 222
Published inOSINT TeamBeware of fake bug bounty programs, my real life experienceIntroduction:This blog gives mitigation from wasting your time on fake bug bounty websitesAug 24Aug 24
Published inOSINT TeamInvitation link hijacking on a bug bounty programIntroduction: Only invited emails should be able to added to the project. Unauthenticated users able to join the project using invited linkAug 201Aug 201
Published inOSINT TeamI found a simple but rare misconfiguration and got $200 on a hackerone programHi bug bounty hunters. I’m Harish, a budding bug bounty hunter. This is my third valid bug on hackerone platform. Lets dive into the blog.Apr 261Apr 261