banner
LightNews LightNews
securitycipher.bsky.social
Securitycipher
@securitycipher.bsky.social
140 followers 8 following 4.8K posts
📃 Write-ups and Resources 🚀 related to Bug Bounty💲 #bugbounty #bugbountytips
Posts Media Videos Starter Packs
securitycipher.bsky.social
Securitycipher @securitycipher.bsky.social · 14m
How I Made Over $10,000 Just by Chaining Multiple IDORs in a Single Web App (All from the Share…

https://medium.com/@ferdusalam_65023/how-i-made-over-10-000-just-by-chaining-multiple-idors-in-a-single-web-app-all-from-the-share-4d425a15aa37?source=rss------bug_bounty-5
securitycipher.bsky.social
Securitycipher @securitycipher.bsky.social · 1h
SAML Configuration Exposure to Low-Privilege Team Members Due to Missing Server-Side RBAC

https://medium.com/@ibra1905ylmz/saml-configuration-exposure-to-low-privilege-team-members-due-to-missing-server-side-rbac-04d907860433?source=rss------bug_bounty-5
securitycipher.bsky.social
Securitycipher @securitycipher.bsky.social · 3h
How I Hacked JWT Tokens and Became Everyone on the Internet (Temporarily)

https://infosecwriteups.com/how-i-hacked-jwt-tokens-and-became-everyone-on-the-internet-temporarily-1e05f961048d?source=rss------bug_bounty-5
securitycipher.bsky.social
Securitycipher @securitycipher.bsky.social · 4h
When Client-Side Validation Isn’t Enough — Porsche Contact Form Logic Bypass

https://medium.com/@ethan_hunt/when-client-side-validation-isnt-enough-porsche-contact-form-logic-bypass-91f2451015e3?source=rss------bug_bounty-5
securitycipher.bsky.social
Securitycipher @securitycipher.bsky.social · 6h
How I Got My first Private Invite in Bug Bounty

https://medium.com/activated-thinker/how-i-got-my-first-private-invite-in-bug-bounty-f51ea01e03a7?source=rss------bug_bounty-5
securitycipher.bsky.social
Securitycipher @securitycipher.bsky.social · 7h
Basic SQL injection Methodology

https://medium.com/@raihan408548/basic-sql-injection-methodology-9c606115eddb?source=rss------bug_bounty-5
securitycipher.bsky.social
Securitycipher @securitycipher.bsky.social · 7h
XSS Explained: A Simple, Powerful Guide

https://medium.com/@0xMuhammedAsfan/xss-explained-a-simple-powerful-guide-d87dadb92736?source=rss------bug_bounty-5
securitycipher.bsky.social
Securitycipher @securitycipher.bsky.social · 10h
Silence After Security.txt: When a Promise to Report Is Ignored

https://medium.com/@d.johnston_19172/silence-after-security-txt-when-a-promise-to-report-is-ignored-9efc2741f7a4?source=rss------bug_bounty-5
securitycipher.bsky.social
Securitycipher @securitycipher.bsky.social · 13h
How to Find Your First Database Vulnerability in 48 Hours

https://medium.com/@ibtissamhammadi1/how-to-find-your-first-database-vulnerability-in-48-hours-2738e70cd979?source=rss------bug_bounty-5
securitycipher.bsky.social
Securitycipher @securitycipher.bsky.social · 15h
IDOR lead to unauthorized Access Organizations function

https://medium.com/@HBlackGhost/idor-lead-to-unauthorized-access-organizations-function-0dc707011dd1?source=rss------bug_bounty-5
securitycipher.bsky.social
Securitycipher @securitycipher.bsky.social · 18h
Application Level DoS - Large Markdown Payload in Reply Section Leading to Resource Exhaustion

https://hackerone.com/reports/3058919
securitycipher.bsky.social
Securitycipher @securitycipher.bsky.social · 19h
Chrome Extension for Temp Emails (For Bug Bounty Hunters & Cybersecurity Researchers )

https://medium.com/@shubhammpawar7438/chrome-extension-for-temp-emails-for-bug-bounty-hunters-cybersecurity-researchers-af25360ad2e1?source=rss------bug_bounty-5
securitycipher.bsky.social
Securitycipher @securitycipher.bsky.social · 20h
Step-by-Step Guide: Practical Docker Enumeration and Container Escape Techniques

https://medium.com/@verylazytech/step-by-step-guide-practical-docker-enumeration-and-container-escape-techniques-986e1d6a6919?source=rss------bug_bounty-5
securitycipher.bsky.social
Securitycipher @securitycipher.bsky.social · 23h
The Delete Button Anyone Could Press: How I Wiped a Store’s Catalog and Brought Products Back from…

https://medium.com/@redaabdelrhman169/the-delete-button-anyone-could-press-how-i-wiped-a-stores-catalog-and-brought-products-back-from-3eb8df9390a2?source=rss------bug_bounty-5
securitycipher.bsky.social
Securitycipher @securitycipher.bsky.social · 1d
Master Passive Recon in Web Pentesting

https://medium.com/@whx4zyjbefvr25ekfr8f/master-passive-recon-in-web-pentesting-aabff9645121?source=rss------bug_bounty-5
securitycipher.bsky.social
Securitycipher @securitycipher.bsky.social · 1d
Unauthorized Access to Enterprise Policies Management: $500 BAC Bug

https://medium.com/@a13h1/unauthorized-access-to-enterprise-policies-management-500-bac-bug-60f04419fed4?source=rss------bug_bounty-5
securitycipher.bsky.social
Securitycipher @securitycipher.bsky.social · 1d
Unescaped HTML in Email Templates — How I Turned a Simulator into a Phishing Vector

https://xormium.medium.com/unescaped-html-in-email-templates-how-i-turned-a-simulator-into-a-phishing-vector-82e8fb19a70d?source=rss------bug_bounty-5
securitycipher.bsky.social
Securitycipher @securitycipher.bsky.social · 1d
The Broken Gate — A07: Identification and Authentication Failures | OWASP Top 10 |10 Days with Me|…

https://infyra.medium.com/the-broken-gate-a07-identification-and-authentication-failures-owasp-top-10-10-days-with-me-ef670f9f743f?source=rss------bug_bounty-5
securitycipher.bsky.social
Securitycipher @securitycipher.bsky.social · 1d
OWASP Mobile Top 10 — M9: Insecure Data Storage (“Writing your love letters on sticky notes and…

https://medium.com/@bithowl/owasp-mobile-top-10-m9-insecure-data-storage-writing-your-love-letters-on-sticky-notes-and-6783217f1273?source=rss------bug_bounty-5
securitycipher.bsky.social
Securitycipher @securitycipher.bsky.social · 1d
Phishing via Error Message — When UI Messages Become Attack Surfaces

https://medium.com/@ethan_hunt/phishing-via-error-message-when-ui-messages-become-attack-surfaces-1eca838fea3f?source=rss------bug_bounty-5
securitycipher.bsky.social
Securitycipher @securitycipher.bsky.social · 1d
Burp Suite: 15 Pro Tips You’ll Wish You Knew Sooner

https://medium.com/@Iampreth/burp-suite-15-pro-tips-youll-wish-you-knew-sooner-f4dd4b9a701c?source=rss------bug_bounty-5
securitycipher.bsky.social
Securitycipher @securitycipher.bsky.social · 1d
Blu-ray Disc Java Sandbox Escape via two vulnerabilities

https://hackerone.com/reports/3104356
securitycipher.bsky.social
Securitycipher @securitycipher.bsky.social · 1d
Complete Guide to Dnsx for Mass DNS Resolution and Bug Bounty

https://medium.com/@jpablo13/complete-guide-to-dnsx-for-mass-dns-resolution-and-bug-bounty-f8bed1598770?source=rss------bug_bounty-5
securitycipher.bsky.social
Securitycipher @securitycipher.bsky.social · 1d
How I Found 2 Medium Bugs That Broke Business Logic♦️

https://infosecwriteups.com/how-i-found-2-medium-bugs-that-broke-business-logic-%EF%B8%8F-8a6fbdcef287?source=rss------bug_bounty-5
securitycipher.bsky.social
Securitycipher @securitycipher.bsky.social · 1d
Presentación de mi Masterclass de Bug Bounty — este fin de semana en Discord

https://gorkaaa.medium.com/presentaci%C3%B3n-de-mi-masterclass-de-bug-bounty-este-fin-de-semana-en-discord-4327b9953240?source=rss------bug_bounty-5