HarishPRE-ACCOUNT TAKEOVER through Oauth misconfiguration on a mailing websiteAbout the vulnerability:2d ago12d ago1
HarishinOSINT Team5 unique Lesser-known methods to find vulnerabilities for bug bounty huntersWelcome back people. I’m Harish, a budding bug bounty hunter. In this blog, I discuss about unique and peculiar methods to find…Sep 222Sep 222
HarishinOSINT TeamBeware of fake bug bounty programs, my real life experienceIntroduction:This blog gives mitigation from wasting your time on fake bug bounty websitesAug 24Aug 24
HarishinOSINT TeamInvitation link hijacking on a bug bounty programIntroduction: Only invited emails should be able to added to the project. Unauthenticated users able to join the project using invited linkAug 201Aug 201
HarishinOSINT TeamI found a simple but rare misconfiguration and got $200 on a hackerone programHi bug bounty hunters. I’m Harish, a budding bug bounty hunter. This is my third valid bug on hackerone platform. Lets dive into the blog.Apr 261Apr 261