Published inInfoSec Write-upsHubSpot Full Account Takeover in Bug BountyHi everybody, our story today will be about how I was able to get a Full account takeover on HubSpot Public Bug Bounty Program at Bugcrowd…Feb 11, 2023A response icon40Feb 11, 2023A response icon40
Published inInfoSec Write-upsCVE-2022-38627: A journey through SQLite Injection to compromise the whole enterprise buildingIntroduction:Dec 30, 2022A response icon2Dec 30, 2022A response icon2
Published inInfoSec Write-upsCVE-2022-42710: A journey through XXE to Stored-XSSHi everybody, I will share with you in this article in detail how I was able to find CVE-2022–42710 through static analysisDec 16, 2022A response icon1Dec 16, 2022A response icon1
Published inInfoSec Write-upsFull Company Building TakeoverHello everybody, Most of the time you read about account takeover or Infrastructure takeover but did you heard before about Company…Oct 6, 2022A response icon16Oct 6, 2022A response icon16
Published inInfoSec Write-upsOrange Arbitrary Command ExecutionHi everybody Omar Hashem is here, I will share with you how I was able to achieve more than 10 RCE in different companies using the same…Sep 29, 2022A response icon4Sep 29, 2022A response icon4
Published inInfoSec Write-upsHow I Found Multiple SQL Injections in 5 Minutes in Bug BountyHi everybody, SQL Injection is one of the most critical vulnerabilities that can be found in web applications I will show you today how I…Sep 22, 2022A response icon11Sep 22, 2022A response icon11
Published inInfoSec Write-upsHow I abused the file upload function to get a high severity vulnerability in Bug BountyHello everyone, one of the most interesting functions is file uploading, vulnerabilities in file uploads usually lead you to critical or…Sep 14, 2022A response icon16Sep 14, 2022A response icon16
Published inInfoSec Write-upsHow I found 3 RXSS on Lululemon bug bounty programHi everybody, today i will show you how can simple technique lead you to find multiple series vulnerabilities across the whole subdomainsSep 7, 2022A response icon7Sep 7, 2022A response icon7
Published inInfoSec Write-upsHow to prevent more than 200 million users from using Google servicesHi Folks,May 16, 2021May 16, 2021
