Articles in this series
Pre-Auth Takeover of Build Pipelines in GoCD. · While doing some basic recon, and digging through subdomains on various targets on different bug bounty...
This is my journey on hunting and finding my first 0day as a security researcher. CVE-2023-31045. · Since I began my journey of becoming a professional...
A bug bounty story by GRuMPz. · While enumerating the scope of a target on a private bug bounty program, I came across a subdomain used for generating...
Inspiring new bug bounty hunters with a simple RCE vulnerability discovery. · Usually, when newcomers approach me in the bug bounty field, they often ask...
How I Found Several Stored XSS Bugs in Rocket LMS Version 1.9 in Under 10 Minutes · It was late at night, and I was starting to burn out from hunting...
How I Quickly Found a Stored XSS 0day in the QDOCS Smart School 7.0.0 · Late in the evening, I decided to explore some PHP applications focused on...