How I found a Critical 0-click ATO using only information from waybackurlsHello everyone! Today, I’d like to share an interesting discovery I made recently using information obtained through waybackurls, where I…Feb 16, 2024A response icon2Feb 16, 2024A response icon2
$1000 Bounty: How I scaled a Self-Redirect to an XSS in a web 3.0 system at HackenproofHello everyone, in this article, I will share how I scaled from a self-redirect that redirected only to a link containing the host itself…Nov 16, 2023A response icon4Nov 16, 2023A response icon4
How I found an XSS via multiple parametersHello everyone, after receiving a generous reward at Bugcrowd for an XSS, I would like to share a discovery from a Bug Bounty I found a…Nov 7, 2023A response icon1Nov 7, 2023A response icon1
Como fui de um range de IP até um RCE via SQL Injection — Bug BountyEstarei compartilhando o processo que percorri em um dos meus últimos bug bounties para chegar a tão aclamada falha de RCE. Onde fui de um…Dec 16, 2022A response icon1Dec 16, 2022A response icon1
