29+ Blogs

A collection of blogs from bug bounty hunters and security researchers to help you learn from real-world experiences, stay updated on the latest vulnerabilities, and improve your hacking skills with practical insights.

If you want to add your blog to this collection, please email the blog or its link to [email protected]

The 30000$ Bounty Affair

The 30000$ Bounty Affair

Gokul SK

Gokul SK

May 28, 2023

Social Engineering - A 50 Euro Bug

Social Engineering - A 50 Euro Bug

Jerry Shah

Jerry Shah

Jun 22, 2022

Open Redirection - QR Code Magic

Open Redirection - QR Code Magic

Jerry Shah

Jerry Shah

Dec 11, 2021

Business Logic Errors - A Logic Destruction

Business Logic Errors - A Logic Destruction

Jerry Shah

Jerry Shah

Oct 16, 2021

$5K Misconfigured Reset password that leads to Account Takeover (No user Interaction ATO)

$5K Misconfigured Reset password that leads to Account Takeover (No user Interaction ATO)

Aditya Sharma

Aditya Sharma

Aug 24, 2021

Bypassing LFI (Local File Inclusion)

Bypassing LFI (Local File Inclusion)

Abhishek

Abhishek

Jun 3, 2021

Account Takeover - Smoking with 'null'

Account Takeover - Smoking with 'null'

Jerry Shah

Jerry Shah

Feb 25, 2021

Duplicate Registration - The Twinning Twins

Duplicate Registration - The Twinning Twins

Jerry Shah

Jerry Shah

Feb 8, 2021

RCE via LFI Log Poisoning - The Death Potion

RCE via LFI Log Poisoning - The Death Potion

Jerry Shah

Jerry Shah

Dec 6, 2020

SQL Injection & Remote Code Execution - Double P1

SQL Injection & Remote Code Execution - Double P1

Jerry Shah

Jerry Shah

Sep 13, 2020

Password reset poisoning to ATO and OTP bypass

Password reset poisoning to ATO and OTP bypass

Abhishek

Abhishek

Aug 2, 2020

HTTP Parameter Pollution - It’s Contaminated

HTTP Parameter Pollution - It’s Contaminated

Jerry Shah

Jerry Shah

Jul 24, 2020