Securitycipher
@securitycipher.bsky.social
📃 Write-ups and Resources 🚀 related to Bug Bounty💲 #bugbounty #bugbountytips
Why I Stopped Using Kali Linux (And Why You Should Too)
https://sudoaman.medium.com/why-i-stopped-using-kali-linux-and-why-you-should-too-ef6fdbeb2a8f?source=rss------bug_bounty-5
https://sudoaman.medium.com/why-i-stopped-using-kali-linux-and-why-you-should-too-ef6fdbeb2a8f?source=rss------bug_bounty-5
December 5, 2025 at 2:29 AM
Why I Stopped Using Kali Linux (And Why You Should Too)
https://sudoaman.medium.com/why-i-stopped-using-kali-linux-and-why-you-should-too-ef6fdbeb2a8f?source=rss------bug_bounty-5
https://sudoaman.medium.com/why-i-stopped-using-kali-linux-and-why-you-should-too-ef6fdbeb2a8f?source=rss------bug_bounty-5
CTF MetaRed 2025 (Web)
https://medium.com/@0RedX_/ctf-metared-2025-web-dc66d8178a60?source=rss------bug_bounty-5
https://medium.com/@0RedX_/ctf-metared-2025-web-dc66d8178a60?source=rss------bug_bounty-5
December 4, 2025 at 9:09 PM
Leaked API Key to Full Calendar Control
https://medium.com/@yehiatawfeeek224/leaked-api-key-to-full-calendar-control-7561333ceacb?source=rss------bug_bounty-5
https://medium.com/@yehiatawfeeek224/leaked-api-key-to-full-calendar-control-7561333ceacb?source=rss------bug_bounty-5
December 4, 2025 at 7:09 PM
Leaked API Key to Full Calendar Control
https://medium.com/@yehiatawfeeek224/leaked-api-key-to-full-calendar-control-7561333ceacb?source=rss------bug_bounty-5
https://medium.com/@yehiatawfeeek224/leaked-api-key-to-full-calendar-control-7561333ceacb?source=rss------bug_bounty-5
Certificate Transparency: A Technical Overview and OSINT Toolkit ️
https://medium.com/@MuhammedAsfan/certificate-transparency-a-technical-overview-and-osint-toolkit-%EF%B8%8F-30d4f556f7f8?source=rss------bug_bounty-5
https://medium.com/@MuhammedAsfan/certificate-transparency-a-technical-overview-and-osint-toolkit-%EF%B8%8F-30d4f556f7f8?source=rss------bug_bounty-5
December 4, 2025 at 6:15 PM
Certificate Transparency: A Technical Overview and OSINT Toolkit ️
https://medium.com/@MuhammedAsfan/certificate-transparency-a-technical-overview-and-osint-toolkit-%EF%B8%8F-30d4f556f7f8?source=rss------bug_bounty-5
https://medium.com/@MuhammedAsfan/certificate-transparency-a-technical-overview-and-osint-toolkit-%EF%B8%8F-30d4f556f7f8?source=rss------bug_bounty-5
How I Discovered a $50,000 Web3 Vulnerability That Exposed Thousands
https://medium.com/@MohaseenK/how-i-discovered-a-50-000-web3-vulnerability-that-exposed-thousands-6e9e8125050f?source=rss------bug_bounty-5
https://medium.com/@MohaseenK/how-i-discovered-a-50-000-web3-vulnerability-that-exposed-thousands-6e9e8125050f?source=rss------bug_bounty-5
December 4, 2025 at 5:13 PM
How I Discovered a $50,000 Web3 Vulnerability That Exposed Thousands
https://medium.com/@MohaseenK/how-i-discovered-a-50-000-web3-vulnerability-that-exposed-thousands-6e9e8125050f?source=rss------bug_bounty-5
https://medium.com/@MohaseenK/how-i-discovered-a-50-000-web3-vulnerability-that-exposed-thousands-6e9e8125050f?source=rss------bug_bounty-5
How I Hacked & Gained Admin Privileges to a Reading Application Through a Critical Vulnerability
https://medium.com/@m0rph3us/how-i-gained-administrative-access-to-a-reading-application-through-a-critical-vulnerability-3f90ed62e368?source=rss------bug_bounty-5
https://medium.com/@m0rph3us/how-i-gained-administrative-access-to-a-reading-application-through-a-critical-vulnerability-3f90ed62e368?source=rss------bug_bounty-5
December 4, 2025 at 4:13 PM
How I Hacked & Gained Admin Privileges to a Reading Application Through a Critical Vulnerability
https://medium.com/@m0rph3us/how-i-gained-administrative-access-to-a-reading-application-through-a-critical-vulnerability-3f90ed62e368?source=rss------bug_bounty-5
https://medium.com/@m0rph3us/how-i-gained-administrative-access-to-a-reading-application-through-a-critical-vulnerability-3f90ed62e368?source=rss------bug_bounty-5
How I Found My First Bug in Just 12 Hours: A Beginner’s Journey
https://medium.com/@moganti.nehanth2007/how-i-found-my-first-bug-in-just-12-hours-a-beginners-journey-64d10810b6fc?source=rss------bug_bounty-5
https://medium.com/@moganti.nehanth2007/how-i-found-my-first-bug-in-just-12-hours-a-beginners-journey-64d10810b6fc?source=rss------bug_bounty-5
December 4, 2025 at 3:11 PM
How I Found My First Bug in Just 12 Hours: A Beginner’s Journey
https://medium.com/@moganti.nehanth2007/how-i-found-my-first-bug-in-just-12-hours-a-beginners-journey-64d10810b6fc?source=rss------bug_bounty-5
https://medium.com/@moganti.nehanth2007/how-i-found-my-first-bug-in-just-12-hours-a-beginners-journey-64d10810b6fc?source=rss------bug_bounty-5
Hardcoded Secrets Strike Again: How a Telegram Bot Token Exposed Customer Support and PII
https://medium.com/@cameronbardin/hardcoded-secrets-strike-again-how-a-telegram-bot-token-exposed-customer-support-and-pii-cb412551239b?source=rss------bug_bounty-5
https://medium.com/@cameronbardin/hardcoded-secrets-strike-again-how-a-telegram-bot-token-exposed-customer-support-and-pii-cb412551239b?source=rss------bug_bounty-5
December 4, 2025 at 2:10 PM
Hardcoded Secrets Strike Again: How a Telegram Bot Token Exposed Customer Support and PII
https://medium.com/@cameronbardin/hardcoded-secrets-strike-again-how-a-telegram-bot-token-exposed-customer-support-and-pii-cb412551239b?source=rss------bug_bounty-5
https://medium.com/@cameronbardin/hardcoded-secrets-strike-again-how-a-telegram-bot-token-exposed-customer-support-and-pii-cb412551239b?source=rss------bug_bounty-5
6. Master the Basics, Break the Web: Input & Output Basics
https://abineshm.medium.com/6-master-the-basics-break-the-web-input-output-basics-2ec7d1d38bb7?source=rss------bug_bounty-5
https://abineshm.medium.com/6-master-the-basics-break-the-web-input-output-basics-2ec7d1d38bb7?source=rss------bug_bounty-5
December 4, 2025 at 1:28 PM
6. Master the Basics, Break the Web: Input & Output Basics
https://abineshm.medium.com/6-master-the-basics-break-the-web-input-output-basics-2ec7d1d38bb7?source=rss------bug_bounty-5
https://abineshm.medium.com/6-master-the-basics-break-the-web-input-output-basics-2ec7d1d38bb7?source=rss------bug_bounty-5
SMTP Protocol Injection via CRLF in CURLOPT_MAIL_FROM leading to Email Spoofing
https://hackerone.com/reports/3451305
https://hackerone.com/reports/3451305
December 4, 2025 at 12:30 PM
SMTP Protocol Injection via CRLF in CURLOPT_MAIL_FROM leading to Email Spoofing
https://hackerone.com/reports/3451305
https://hackerone.com/reports/3451305
Ehxb | Inside the Filesystem: The Truth Behind LFI & RFI II
https://infosecwriteups.com/ehxb-inside-the-filesystem-the-truth-behind-lfi-rfi-ii-46fd781aa4ec?source=rss------bug_bounty-5
https://infosecwriteups.com/ehxb-inside-the-filesystem-the-truth-behind-lfi-rfi-ii-46fd781aa4ec?source=rss------bug_bounty-5
December 4, 2025 at 11:09 AM
Ehxb | Inside the Filesystem: The Truth Behind LFI & RFI II
https://infosecwriteups.com/ehxb-inside-the-filesystem-the-truth-behind-lfi-rfi-ii-46fd781aa4ec?source=rss------bug_bounty-5
https://infosecwriteups.com/ehxb-inside-the-filesystem-the-truth-behind-lfi-rfi-ii-46fd781aa4ec?source=rss------bug_bounty-5
AI-Powered Attacks: 15 Tools Changing Pentesting Forever (With Step-by-Step Guides)
https://medium.com/@verylazytech/ai-powered-attacks-15-tools-changing-pentesting-forever-with-step-by-step-guides-861d5e3aeb54?source=rss------bug_bounty-5
https://medium.com/@verylazytech/ai-powered-attacks-15-tools-changing-pentesting-forever-with-step-by-step-guides-861d5e3aeb54?source=rss------bug_bounty-5
December 4, 2025 at 7:12 AM
AI-Powered Attacks: 15 Tools Changing Pentesting Forever (With Step-by-Step Guides)
https://medium.com/@verylazytech/ai-powered-attacks-15-tools-changing-pentesting-forever-with-step-by-step-guides-861d5e3aeb54?source=rss------bug_bounty-5
https://medium.com/@verylazytech/ai-powered-attacks-15-tools-changing-pentesting-forever-with-step-by-step-guides-861d5e3aeb54?source=rss------bug_bounty-5
Meta Bug Bounty: “Only Me” Workplace Disclosure
https://medium.com/infosec-insights/meta-bug-bounty-only-me-workplace-disclosure-e80eda0c66bb?source=rss------bug_bounty-5
https://medium.com/infosec-insights/meta-bug-bounty-only-me-workplace-disclosure-e80eda0c66bb?source=rss------bug_bounty-5
December 4, 2025 at 6:15 AM
Meta Bug Bounty: “Only Me” Workplace Disclosure
https://medium.com/infosec-insights/meta-bug-bounty-only-me-workplace-disclosure-e80eda0c66bb?source=rss------bug_bounty-5
https://medium.com/infosec-insights/meta-bug-bounty-only-me-workplace-disclosure-e80eda0c66bb?source=rss------bug_bounty-5
AI-Driven Cyber Attacks: The New Normal (2025 Edition)
https://medium.com/@paritoshblogs/ai-driven-cyber-attacks-the-new-normal-2025-edition-b3da62a1337f?source=rss------bug_bounty-5
https://medium.com/@paritoshblogs/ai-driven-cyber-attacks-the-new-normal-2025-edition-b3da62a1337f?source=rss------bug_bounty-5
December 4, 2025 at 4:19 AM
AI-Driven Cyber Attacks: The New Normal (2025 Edition)
https://medium.com/@paritoshblogs/ai-driven-cyber-attacks-the-new-normal-2025-edition-b3da62a1337f?source=rss------bug_bounty-5
https://medium.com/@paritoshblogs/ai-driven-cyber-attacks-the-new-normal-2025-edition-b3da62a1337f?source=rss------bug_bounty-5
The Story of How I Hacked an Event Management Platform
https://osintteam.blog/the-story-of-how-i-hacked-an-event-management-platform-5a719250042c?source=rss------bug_bounty-5
https://osintteam.blog/the-story-of-how-i-hacked-an-event-management-platform-5a719250042c?source=rss------bug_bounty-5
December 4, 2025 at 3:45 AM
The Story of How I Hacked an Event Management Platform
https://osintteam.blog/the-story-of-how-i-hacked-an-event-management-platform-5a719250042c?source=rss------bug_bounty-5
https://osintteam.blog/the-story-of-how-i-hacked-an-event-management-platform-5a719250042c?source=rss------bug_bounty-5
Run a Free Domain Leak Check Before Your Next Security Review
https://medium.com/@alexandrevandammepro/run-a-free-domain-leak-check-before-your-next-security-review-62beca53b00f?source=rss------bug_bounty-5
https://medium.com/@alexandrevandammepro/run-a-free-domain-leak-check-before-your-next-security-review-62beca53b00f?source=rss------bug_bounty-5
December 4, 2025 at 12:46 AM
Run a Free Domain Leak Check Before Your Next Security Review
https://medium.com/@alexandrevandammepro/run-a-free-domain-leak-check-before-your-next-security-review-62beca53b00f?source=rss------bug_bounty-5
https://medium.com/@alexandrevandammepro/run-a-free-domain-leak-check-before-your-next-security-review-62beca53b00f?source=rss------bug_bounty-5
Privilege Escalation Allows Low-Privilege Users to View Sensitive Role Data
https://medium.com/@HBlackGhost/access-control-bypass-allows-low-privilege-users-to-view-sensitive-role-data-c3dc2ffd62ef?source=rss------bug_bounty-5
https://medium.com/@HBlackGhost/access-control-bypass-allows-low-privilege-users-to-view-sensitive-role-data-c3dc2ffd62ef?source=rss------bug_bounty-5
December 3, 2025 at 9:08 PM
Privilege Escalation Allows Low-Privilege Users to View Sensitive Role Data
https://medium.com/@HBlackGhost/access-control-bypass-allows-low-privilege-users-to-view-sensitive-role-data-c3dc2ffd62ef?source=rss------bug_bounty-5
https://medium.com/@HBlackGhost/access-control-bypass-allows-low-privilege-users-to-view-sensitive-role-data-c3dc2ffd62ef?source=rss------bug_bounty-5
Reflected XSS in OAuth Callback Endpoint
https://infosecwriteups.com/reflected-xss-in-oauth-callback-endpoint-77ef41c0b011?source=rss------bug_bounty-5
https://infosecwriteups.com/reflected-xss-in-oauth-callback-endpoint-77ef41c0b011?source=rss------bug_bounty-5
December 3, 2025 at 8:11 PM
Reflected XSS in OAuth Callback Endpoint
https://infosecwriteups.com/reflected-xss-in-oauth-callback-endpoint-77ef41c0b011?source=rss------bug_bounty-5
https://infosecwriteups.com/reflected-xss-in-oauth-callback-endpoint-77ef41c0b011?source=rss------bug_bounty-5
The Best Version of Wireshark for Ubuntu 24.04 (And the Fastest Way to Install It)
https://medium.com/bug-bounty-hunting-a-comprehensive-guide-in/the-best-version-of-wireshark-for-ubuntu-24-04-and-the-fastest-way-to-install-it-77fd6b4634a8?source=rss------bug_bounty-5
https://medium.com/bug-bounty-hunting-a-comprehensive-guide-in/the-best-version-of-wireshark-for-ubuntu-24-04-and-the-fastest-way-to-install-it-77fd6b4634a8?source=rss------bug_bounty-5
December 3, 2025 at 7:09 PM
The Best Version of Wireshark for Ubuntu 24.04 (And the Fastest Way to Install It)
https://medium.com/bug-bounty-hunting-a-comprehensive-guide-in/the-best-version-of-wireshark-for-ubuntu-24-04-and-the-fastest-way-to-install-it-77fd6b4634a8?source=rss------bug_bounty-5
https://medium.com/bug-bounty-hunting-a-comprehensive-guide-in/the-best-version-of-wireshark-for-ubuntu-24-04-and-the-fastest-way-to-install-it-77fd6b4634a8?source=rss------bug_bounty-5
Identity Theft Is Exploding: Here’s What It Really Means and How You Can Protect Yourself
https://medium.com/@paritoshblogs/identity-theft-is-exploding-heres-what-it-really-means-and-how-you-can-protect-yourself-e292b9ac0fcc?source=rss------bug_bounty-5
https://medium.com/@paritoshblogs/identity-theft-is-exploding-heres-what-it-really-means-and-how-you-can-protect-yourself-e292b9ac0fcc?source=rss------bug_bounty-5
December 3, 2025 at 6:14 PM
Identity Theft Is Exploding: Here’s What It Really Means and How You Can Protect Yourself
https://medium.com/@paritoshblogs/identity-theft-is-exploding-heres-what-it-really-means-and-how-you-can-protect-yourself-e292b9ac0fcc?source=rss------bug_bounty-5
https://medium.com/@paritoshblogs/identity-theft-is-exploding-heres-what-it-really-means-and-how-you-can-protect-yourself-e292b9ac0fcc?source=rss------bug_bounty-5
Blind-XSS Escalated from HTMLi
https://medium.com/@most54244/blind-xss-escalated-from-htmli-4c7658660151?source=rss------bug_bounty-5
https://medium.com/@most54244/blind-xss-escalated-from-htmli-4c7658660151?source=rss------bug_bounty-5
December 3, 2025 at 5:13 PM
Blind-XSS Escalated from HTMLi
https://medium.com/@most54244/blind-xss-escalated-from-htmli-4c7658660151?source=rss------bug_bounty-5
https://medium.com/@most54244/blind-xss-escalated-from-htmli-4c7658660151?source=rss------bug_bounty-5
Beyond IDOR: The Guide to Advanced Broken Access Control
https://medium.com/@Aacle/beyond-idor-the-guide-to-advanced-broken-access-control-85b7a201baa7?source=rss------bug_bounty-5
https://medium.com/@Aacle/beyond-idor-the-guide-to-advanced-broken-access-control-85b7a201baa7?source=rss------bug_bounty-5
December 3, 2025 at 4:13 PM
Beyond IDOR: The Guide to Advanced Broken Access Control
https://medium.com/@Aacle/beyond-idor-the-guide-to-advanced-broken-access-control-85b7a201baa7?source=rss------bug_bounty-5
https://medium.com/@Aacle/beyond-idor-the-guide-to-advanced-broken-access-control-85b7a201baa7?source=rss------bug_bounty-5
5. Master the Basics, Break the Web: Authentication & Authorization Basics
https://abineshm.medium.com/5-master-the-basics-break-the-web-authentication-authorization-basics-1703446109a4?source=rss------bug_bounty-5
https://abineshm.medium.com/5-master-the-basics-break-the-web-authentication-authorization-basics-1703446109a4?source=rss------bug_bounty-5
December 3, 2025 at 2:10 PM
5. Master the Basics, Break the Web: Authentication & Authorization Basics
https://abineshm.medium.com/5-master-the-basics-break-the-web-authentication-authorization-basics-1703446109a4?source=rss------bug_bounty-5
https://abineshm.medium.com/5-master-the-basics-break-the-web-authentication-authorization-basics-1703446109a4?source=rss------bug_bounty-5
Co-Hosts can prevent Hosts from accessing the “About” tab in Facebook Events
https://medium.com/@th3_pr0t3ct0r/co-hosts-can-prevent-hosts-from-accessing-the-about-tab-in-facebook-events-fdbc324c6bfb?source=rss------bug_bounty-5
https://medium.com/@th3_pr0t3ct0r/co-hosts-can-prevent-hosts-from-accessing-the-about-tab-in-facebook-events-fdbc324c6bfb?source=rss------bug_bounty-5
December 3, 2025 at 1:28 PM
Co-Hosts can prevent Hosts from accessing the “About” tab in Facebook Events
https://medium.com/@th3_pr0t3ct0r/co-hosts-can-prevent-hosts-from-accessing-the-about-tab-in-facebook-events-fdbc324c6bfb?source=rss------bug_bounty-5
https://medium.com/@th3_pr0t3ct0r/co-hosts-can-prevent-hosts-from-accessing-the-about-tab-in-facebook-events-fdbc324c6bfb?source=rss------bug_bounty-5
How I Turned a 403 Error into a $200 API Key Leak Bounty
https://infosecwriteups.com/how-i-turned-a-403-error-into-a-200-api-key-leak-bounty-96faba78dfc4?source=rss------bug_bounty-5
https://infosecwriteups.com/how-i-turned-a-403-error-into-a-200-api-key-leak-bounty-96faba78dfc4?source=rss------bug_bounty-5
December 3, 2025 at 12:18 PM
How I Turned a 403 Error into a $200 API Key Leak Bounty
https://infosecwriteups.com/how-i-turned-a-403-error-into-a-200-api-key-leak-bounty-96faba78dfc4?source=rss------bug_bounty-5
https://infosecwriteups.com/how-i-turned-a-403-error-into-a-200-api-key-leak-bounty-96faba78dfc4?source=rss------bug_bounty-5