Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
4874How I was able to Bypass XSS Protection on HackerOne’s Private Program XSS NA Jay Jani (@JayJani007) Bug Bounty2018-02-022023-06-13
4869How I found IDOR on Twitter’s Acquisition – Mopub.com IDOR Twitter Jay Jani (@JayJani007) Bug Bounty2018-02-052023-06-13
4776Stealing money from one account to another account Logic flaw NA Ajay Gautam (@evilboyajay) Bug Bounty2018-05-022023-06-13
4510Privilege Escalation like a Boss IDOR NA Jay Jani (@JayJani007) Bug Bounty2018-10-272023-06-13
4368Workplace Logo ID to workplace owner name Disclosure Facebook Bug Bounty IDOR Meta / Facebook Ajay Gautam (@evilboyajay) Bug Bounty2019-01-112023-06-13
4208Multiple xss in *.skype.com XSS Microsoft Jayateertha Guruprasad (@JayateerthaG) Bug Bounty2019-04-102023-06-13
4081Page Admin Disclosure | Facebook Bug Bounty 2019 Authorization flaw Meta / Facebook Ajay Gautam (@evilboyajay) Bug Bounty2019-06-222023-06-13
4049Story of my Biggest Bounty ever : Command Execution on Jenkins RCE Exposed Jenkins instance NA Jay Jani (@JayJani007) Bug Bounty2019-07-112023-06-13
3949Shodan is your friend!!! If you ignore him you will lose many… SQL injection Authentication bypass NA Vijaysimha Reddy Bathini (@fatratfatrat) Bug Bounty2019-08-282023-06-13
3917Google Referer Leak Bug Referer leakage Information disclosure Google Jayateertha Guruprasad (@JayateerthaG) Bug Bounty2019-09-152023-06-13
3865Session Expiration Bypass in Facebook Creator App Session expiration issue Meta / Facebook Ajay Gautam (@evilboyajay) Bug Bounty2019-10-242023-06-13
3761Airbnb : Steal Earning of Airbnb hosts by Adding Bank Account/Payment Method (IDOR) IDOR Airbnb Vijay Kumar (@IndoAppSec) Bug Bounty2019-12-242023-06-13
3753Bypassing Brand Collabs Manager Eligibility on Facebook Authorization flaw Meta / Facebook Ajay Gautam (@evilboyajay) Bug Bounty2019-12-262023-06-13
3709How I was able to take over any users account with host header injection Host header injection NA Ajay Gautam (@evilboyajay) Bug Bounty2020-01-232023-06-13
3696How I was able to takeover the company’s LinkedIn Page Broken link hijacking NA Vijaysimha Reddy Bathini (@fatratfatrat) Bug Bounty2020-01-292023-06-13
3685How, I dumped crypto data by chaining directory listing to open S3 Bucket AWS misconfiguration Directory listing Information disclosure NA Ddigvijay Bug Bounty2020-02-052023-06-13
3653Tale of Account Takeovers (Part-1) Account takeover HTTP parameter pollution Password reset OTP bypass NA Vijaysimha Reddy Bathini (@fatratfatrat) Bug Bounty2020-02-222023-06-13
3536CORS bug on GOOGLE’s 404 page REWARDED!!! CORS misconfiguration Google Jayateertha Guruprasad (@JayateerthaG) Bug Bounty2020-04-212023-06-13
3482How I got my first swag on Edmodo with a simple XSS. Stored XSS Edmodo Sanjay Verdu (@codersanjay) Bug Bounty2020-05-162023-06-13
3475Tale of Account Takeovers (Part-2) Account takeover NA Vijaysimha Reddy Bathini (@fatratfatrat) Bug Bounty2020-05-172023-06-13
3467How I got 200$ in 5 minutes – Sensitive data leak Information disclosure NA Sanjay Verdu (@codersanjay) Bug Bounty2020-05-192023-06-13
3459How Source code reading helped me find an IDOR IDOR Information disclosure NA Sanjay Verdu (@codersanjay) Bug Bounty2020-05-222023-06-13
3419Local file read via XSS using PDF generate functionality XSS LFI NA Sanjay Singh Jhala (@lordjerry0x01) Bug Bounty2020-06-052023-06-13
3392How to Secure AWS ServerLess Lambda from ReDoS(Regular Expression Denial-of-Service) & Resultant Financial Impact ReDoS NA Ddigvijay (@itsdig) Bug Bounty2020-06-142023-06-13
3229How I was able to find page/personal account disclosure on Instagram Information disclosure Meta / Facebook Ajay Gautam (@evilboyajay) Bug Bounty2020-08-112023-06-13