Category: Mix

Back in February of this year I hacked with members of BugBountyHunter.com on a public bug bounty program and we…

Proof of concept. The username of the database user starts with ‘hema’. BackgroundThese days almost every website uses a database….

GovTech’s Cyber Security Group recently organised the STACK the Flags Cybersecurity Capture-the-Flag (CTF) competition from 4th to 6th December 2020….

Hello all! Its been a while since my last write up. As a-lot of you know, last year I joined…

Over the last year I’ve taken a step away from my usual bug bounty work to focus more on building…

This write-up is the collective efforts of collaborating with various hackers on exploring and furthering research that was presented by…

The Story of a Novel Supply Chain Attack Continue reading on Medium » Source link

How to turn bugs into a “passive” income stream! ft Detectify’s Almroot Source link

When is copy-paste payloads not self-XSS? When it’s stored XSS. Recently, I reviewed Zoom’s code to uncover an interesting attack…

On May 27th, I reported a handful of security vulnerabilities to VMWare impacting their vRealize Operations Management Suite (vROps) appliance….

  Motivations I recently made a video on how to find hidden files and folders on IIS through the use…

About four or five years ago, friend and fellow bug bounty hunter Sam Curry asked if I had “ever thought…