Sep 10Finding Loose Comparison in the wild (Unga Bunga Bugs Part-1)In the name of Allah, I begin. Bug Bounty is like JoJo’s Bizarre Adventure. You will find unexpected bugs in unexpected places and bugs from CTF Challenges that normally shouldn’t exist in real life. My ‘Unga Bunga Bugs’ series will be completely about these bugs that I found in the…Bug Bounty3 min readBug Bounty3 min read
Jul 28, 2021How I found my first IDOR in HackerOneIn the name of Almighty, Allah, i begin. This write up is about how I found my first IDOR in HackerOne and got my first swag. Recently I got BugBountyHunter subscription and so I tried to test what I learnt from there in h1 programs. Normally, I create two account…Infosec2 min readInfosec2 min read
May 25, 2021Chaining XSS with authentication issues to turn it into full account takeoverIn the name of Allah, i begin Recently I started hunting on Bugcrowd. As a complete beginner on cyber security platform, I only looked for bugs only in subdomains and searched for only low hanging fruits. One of my friend suggested me [this video](https://www.youtube.com/watch?v=-PkK9DP5nec) by Sean (zseano) and told me…Infosec3 min readInfosec3 min read
May 7, 2021How I found my first valid Bug!In the name of Allah, i begin. Hi. I am Orin from Bangladesh. I am a medical student. for last couple of months I have been trying to get atleast one of my bug triaged but all I have been getting is duplicate. But finally one of my bug got…Csrf1 min readCsrf1 min read
Jan 27, 2021HackThisSite Stego Mission 13 writeupHackThisSite Stego Mission 13 writeup For this solution, we need to understand how the signature of a file works. First, we need to open the file in a hex editor like HxD, and it will show something like this when we will open the image in hex editor. The first…3 min read3 min read
