Securitycipher
@securitycipher.bsky.social
📃 Write-ups and Resources 🚀 related to Bug Bounty💲 #bugbounty #bugbountytips
How I Took Down an Entire Application Using google.com and Earned a $2,000 Bounty
https://medium.com/@oksuzkayra16/how-i-took-down-an-entire-application-using-google-com-and-earned-a-2-000-bounty-4f23c626b06e?source=rss------bug_bounty-5
https://medium.com/@oksuzkayra16/how-i-took-down-an-entire-application-using-google-com-and-earned-a-2-000-bounty-4f23c626b06e?source=rss------bug_bounty-5
December 2, 2025 at 8:10 PM
How I Took Down an Entire Application Using google.com and Earned a $2,000 Bounty
https://medium.com/@oksuzkayra16/how-i-took-down-an-entire-application-using-google-com-and-earned-a-2-000-bounty-4f23c626b06e?source=rss------bug_bounty-5
https://medium.com/@oksuzkayra16/how-i-took-down-an-entire-application-using-google-com-and-earned-a-2-000-bounty-4f23c626b06e?source=rss------bug_bounty-5
Similar Tools XAttacker called BurnWP Framework Advanced Exploit System in Real time
https://medium.com/@drcrypter.io/similar-tools-xattacker-called-burnwp-framework-advanced-exploit-system-in-real-time-76dd41fdde19?source=rss------bug_bounty-5
https://medium.com/@drcrypter.io/similar-tools-xattacker-called-burnwp-framework-advanced-exploit-system-in-real-time-76dd41fdde19?source=rss------bug_bounty-5
December 2, 2025 at 7:10 PM
Similar Tools XAttacker called BurnWP Framework Advanced Exploit System in Real time
https://medium.com/@drcrypter.io/similar-tools-xattacker-called-burnwp-framework-advanced-exploit-system-in-real-time-76dd41fdde19?source=rss------bug_bounty-5
https://medium.com/@drcrypter.io/similar-tools-xattacker-called-burnwp-framework-advanced-exploit-system-in-real-time-76dd41fdde19?source=rss------bug_bounty-5
Reflected XSS in div tag
https://medium.com/@mahmoud.amin.mohamed02/reflected-xss-in-div-tag-97159f77462b?source=rss------bug_bounty-5
https://medium.com/@mahmoud.amin.mohamed02/reflected-xss-in-div-tag-97159f77462b?source=rss------bug_bounty-5
December 2, 2025 at 6:15 PM
How I Discovered 1,400+ Users’ PII Through a GraphQL Query — and Uncovered 5 More Bugs Using the…
https://ayaa101.medium.com/how-i-discovered-1-400-users-pii-through-a-graphql-query-and-uncovered-5-more-bugs-using-the-389d8e7d8deb?source=rss------bug_bounty-5
https://ayaa101.medium.com/how-i-discovered-1-400-users-pii-through-a-graphql-query-and-uncovered-5-more-bugs-using-the-389d8e7d8deb?source=rss------bug_bounty-5
December 2, 2025 at 5:13 PM
How I Discovered 1,400+ Users’ PII Through a GraphQL Query — and Uncovered 5 More Bugs Using the…
https://ayaa101.medium.com/how-i-discovered-1-400-users-pii-through-a-graphql-query-and-uncovered-5-more-bugs-using-the-389d8e7d8deb?source=rss------bug_bounty-5
https://ayaa101.medium.com/how-i-discovered-1-400-users-pii-through-a-graphql-query-and-uncovered-5-more-bugs-using-the-389d8e7d8deb?source=rss------bug_bounty-5
Potential SQL Injection when annotating FilteredRelation on PostgreSQL
https://hackerone.com/reports/3417967
https://hackerone.com/reports/3417967
December 2, 2025 at 4:19 PM
Potential SQL Injection when annotating FilteredRelation on PostgreSQL
https://hackerone.com/reports/3417967
https://hackerone.com/reports/3417967
Supply Chain Attacks Explained Simply: How Hackers Abuse Trusted Software
https://medium.com/@natarajanck2/supply-chain-attacks-explained-simply-how-hackers-abuse-trusted-software-06c2f15896a8?source=rss------bug_bounty-5
https://medium.com/@natarajanck2/supply-chain-attacks-explained-simply-how-hackers-abuse-trusted-software-06c2f15896a8?source=rss------bug_bounty-5
December 2, 2025 at 2:10 PM
Supply Chain Attacks Explained Simply: How Hackers Abuse Trusted Software
https://medium.com/@natarajanck2/supply-chain-attacks-explained-simply-how-hackers-abuse-trusted-software-06c2f15896a8?source=rss------bug_bounty-5
https://medium.com/@natarajanck2/supply-chain-attacks-explained-simply-how-hackers-abuse-trusted-software-06c2f15896a8?source=rss------bug_bounty-5
Whitebox Pentesting: The VS Code + Burp Workflow That Finds RCE Black-Box Tests Miss
https://medium.com/@nebty/whitebox-pentesting-secrets-the-vs-code-burp-workflow-that-finds-bugs-black-box-tests-miss-3f87903039f7?source=rss------bug_bounty-5
https://medium.com/@nebty/whitebox-pentesting-secrets-the-vs-code-burp-workflow-that-finds-bugs-black-box-tests-miss-3f87903039f7?source=rss------bug_bounty-5
December 2, 2025 at 9:15 AM
Whitebox Pentesting: The VS Code + Burp Workflow That Finds RCE Black-Box Tests Miss
https://medium.com/@nebty/whitebox-pentesting-secrets-the-vs-code-burp-workflow-that-finds-bugs-black-box-tests-miss-3f87903039f7?source=rss------bug_bounty-5
https://medium.com/@nebty/whitebox-pentesting-secrets-the-vs-code-burp-workflow-that-finds-bugs-black-box-tests-miss-3f87903039f7?source=rss------bug_bounty-5
4. Master the Basics, Break the Web: Browser Fundamentals
https://abineshm.medium.com/4-master-the-basics-break-the-web-browser-fundamentals-f6447ac9f5cf?source=rss------bug_bounty-5
https://abineshm.medium.com/4-master-the-basics-break-the-web-browser-fundamentals-f6447ac9f5cf?source=rss------bug_bounty-5
December 2, 2025 at 8:14 AM
4. Master the Basics, Break the Web: Browser Fundamentals
https://abineshm.medium.com/4-master-the-basics-break-the-web-browser-fundamentals-f6447ac9f5cf?source=rss------bug_bounty-5
https://abineshm.medium.com/4-master-the-basics-break-the-web-browser-fundamentals-f6447ac9f5cf?source=rss------bug_bounty-5
The Bug That Bled the Internet
https://medium.com/@iamakkii20/the-bug-that-bled-the-internet-0360d3a09988?source=rss------bug_bounty-5
https://medium.com/@iamakkii20/the-bug-that-bled-the-internet-0360d3a09988?source=rss------bug_bounty-5
December 2, 2025 at 6:15 AM
The Bug That Bled the Internet
https://medium.com/@iamakkii20/the-bug-that-bled-the-internet-0360d3a09988?source=rss------bug_bounty-5
https://medium.com/@iamakkii20/the-bug-that-bled-the-internet-0360d3a09988?source=rss------bug_bounty-5
OWASP (API6:2023) Unrestricted Access to Sensitive Business Flows: Metodología de Caza y Reporte
https://medium.com/@jpablo13/owasp-api6-2023-unrestricted-access-to-sensitive-business-flows-metodolog%C3%ADa-de-caza-y-reporte-fdf41ae2ac23?source=rss------bug_bounty-5
https://medium.com/@jpablo13/owasp-api6-2023-unrestricted-access-to-sensitive-business-flows-metodolog%C3%ADa-de-caza-y-reporte-fdf41ae2ac23?source=rss------bug_bounty-5
December 2, 2025 at 12:46 AM
OWASP (API6:2023) Unrestricted Access to Sensitive Business Flows: Metodología de Caza y Reporte
https://medium.com/@jpablo13/owasp-api6-2023-unrestricted-access-to-sensitive-business-flows-metodolog%C3%ADa-de-caza-y-reporte-fdf41ae2ac23?source=rss------bug_bounty-5
https://medium.com/@jpablo13/owasp-api6-2023-unrestricted-access-to-sensitive-business-flows-metodolog%C3%ADa-de-caza-y-reporte-fdf41ae2ac23?source=rss------bug_bounty-5
Ehxb | Inside the Filesystem: The Truth Behind LFI & RFI
https://ehxb.medium.com/ehxb-inside-the-filesystem-the-truth-behind-lfi-rfi-2b3626ed3ad7?source=rss------bug_bounty-5
https://ehxb.medium.com/ehxb-inside-the-filesystem-the-truth-behind-lfi-rfi-2b3626ed3ad7?source=rss------bug_bounty-5
December 1, 2025 at 10:08 PM
Ehxb | Inside the Filesystem: The Truth Behind LFI & RFI
https://ehxb.medium.com/ehxb-inside-the-filesystem-the-truth-behind-lfi-rfi-2b3626ed3ad7?source=rss------bug_bounty-5
https://ehxb.medium.com/ehxb-inside-the-filesystem-the-truth-behind-lfi-rfi-2b3626ed3ad7?source=rss------bug_bounty-5
How to Know If Your Phone Has Been Hacked (And What to Do)
https://medium.com/@gallagherliam/how-to-know-if-your-phone-has-been-hacked-and-what-to-do-56ef52cb3429?source=rss------bug_bounty-5
https://medium.com/@gallagherliam/how-to-know-if-your-phone-has-been-hacked-and-what-to-do-56ef52cb3429?source=rss------bug_bounty-5
December 1, 2025 at 9:07 PM
How to Know If Your Phone Has Been Hacked (And What to Do)
https://medium.com/@gallagherliam/how-to-know-if-your-phone-has-been-hacked-and-what-to-do-56ef52cb3429?source=rss------bug_bounty-5
https://medium.com/@gallagherliam/how-to-know-if-your-phone-has-been-hacked-and-what-to-do-56ef52cb3429?source=rss------bug_bounty-5
Bugcrowd for Ethical Hackers: A Complete Framework to Build Reputation, Earn Trust, and Master…
https://medium.com/@penoughcyber/bugcrowd-for-ethical-hackers-a-complete-framework-to-build-reputation-earn-trust-and-master-3cbe77180eac?source=rss------bug_bounty-5
https://medium.com/@penoughcyber/bugcrowd-for-ethical-hackers-a-complete-framework-to-build-reputation-earn-trust-and-master-3cbe77180eac?source=rss------bug_bounty-5
December 1, 2025 at 8:09 PM
Bugcrowd for Ethical Hackers: A Complete Framework to Build Reputation, Earn Trust, and Master…
https://medium.com/@penoughcyber/bugcrowd-for-ethical-hackers-a-complete-framework-to-build-reputation-earn-trust-and-master-3cbe77180eac?source=rss------bug_bounty-5
https://medium.com/@penoughcyber/bugcrowd-for-ethical-hackers-a-complete-framework-to-build-reputation-earn-trust-and-master-3cbe77180eac?source=rss------bug_bounty-5
Your Smart Speaker is Dumber Than You Think: How I Made Alexa’s Sister Spill the Tea
https://infosecwriteups.com/your-smart-speaker-is-dumber-than-you-think-how-i-made-alexas-sister-spill-the-tea-7582eb42195f?source=rss------bug_bounty-5
https://infosecwriteups.com/your-smart-speaker-is-dumber-than-you-think-how-i-made-alexas-sister-spill-the-tea-7582eb42195f?source=rss------bug_bounty-5
December 1, 2025 at 6:15 PM
Your Smart Speaker is Dumber Than You Think: How I Made Alexa’s Sister Spill the Tea
https://infosecwriteups.com/your-smart-speaker-is-dumber-than-you-think-how-i-made-alexas-sister-spill-the-tea-7582eb42195f?source=rss------bug_bounty-5
https://infosecwriteups.com/your-smart-speaker-is-dumber-than-you-think-how-i-made-alexas-sister-spill-the-tea-7582eb42195f?source=rss------bug_bounty-5
Hi there I’m phisher a security resercher
https://medium.com/@fahd.99441/hi-there-im-phisher-a-security-resercher-95e0eb945f54?source=rss------bug_bounty-5
https://medium.com/@fahd.99441/hi-there-im-phisher-a-security-resercher-95e0eb945f54?source=rss------bug_bounty-5
December 1, 2025 at 5:11 PM
Hi there I’m phisher a security resercher
https://medium.com/@fahd.99441/hi-there-im-phisher-a-security-resercher-95e0eb945f54?source=rss------bug_bounty-5
https://medium.com/@fahd.99441/hi-there-im-phisher-a-security-resercher-95e0eb945f54?source=rss------bug_bounty-5
Bug Bounty Hunting — Complete Guide (Part-153)
https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-153-ee62a3f886de?source=rss------bug_bounty-5
https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-153-ee62a3f886de?source=rss------bug_bounty-5
December 1, 2025 at 4:13 PM
Bug Bounty Hunting — Complete Guide (Part-153)
https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-153-ee62a3f886de?source=rss------bug_bounty-5
https://medium.com/@rafid19/bug-bounty-hunting-complete-guide-part-153-ee62a3f886de?source=rss------bug_bounty-5
How I Made $45,000 from a Single Bug Bounty Report
https://medium.com/@ibtissam1/how-i-made-45-000-from-a-single-bug-bounty-report-038a6c0074c3?source=rss------bug_bounty-5
https://medium.com/@ibtissam1/how-i-made-45-000-from-a-single-bug-bounty-report-038a6c0074c3?source=rss------bug_bounty-5
December 1, 2025 at 1:27 PM
How I Made $45,000 from a Single Bug Bounty Report
https://medium.com/@ibtissam1/how-i-made-45-000-from-a-single-bug-bounty-report-038a6c0074c3?source=rss------bug_bounty-5
https://medium.com/@ibtissam1/how-i-made-45-000-from-a-single-bug-bounty-report-038a6c0074c3?source=rss------bug_bounty-5
Tek Bir Güncel Olmayan Joomla Eklentisi, Nokia.com’un Veritabanına erişim (Derin Teknik Analiz)
https://medium.com/@agdepeozan/tek-bir-g%C3%BCncel-olmayan-joomla-eklentisi-nokia-comun-veritaban%C4%B1na-eri%C5%9Fim-derin-teknik-analiz-37f275109857?source=rss------bug_bounty-5
https://medium.com/@agdepeozan/tek-bir-g%C3%BCncel-olmayan-joomla-eklentisi-nokia-comun-veritaban%C4%B1na-eri%C5%9Fim-derin-teknik-analiz-37f275109857?source=rss------bug_bounty-5
December 1, 2025 at 12:19 PM
Tek Bir Güncel Olmayan Joomla Eklentisi, Nokia.com’un Veritabanına erişim (Derin Teknik Analiz)
https://medium.com/@agdepeozan/tek-bir-g%C3%BCncel-olmayan-joomla-eklentisi-nokia-comun-veritaban%C4%B1na-eri%C5%9Fim-derin-teknik-analiz-37f275109857?source=rss------bug_bounty-5
https://medium.com/@agdepeozan/tek-bir-g%C3%BCncel-olmayan-joomla-eklentisi-nokia-comun-veritaban%C4%B1na-eri%C5%9Fim-derin-teknik-analiz-37f275109857?source=rss------bug_bounty-5
Join My Cybersec Community (WhatsApp Group)
https://infosecwriteups.com/join-my-cybersec-community-whatsapp-group-a44117e0b997?source=rss------bug_bounty-5
https://infosecwriteups.com/join-my-cybersec-community-whatsapp-group-a44117e0b997?source=rss------bug_bounty-5
December 1, 2025 at 11:09 AM
Join My Cybersec Community (WhatsApp Group)
https://infosecwriteups.com/join-my-cybersec-community-whatsapp-group-a44117e0b997?source=rss------bug_bounty-5
https://infosecwriteups.com/join-my-cybersec-community-whatsapp-group-a44117e0b997?source=rss------bug_bounty-5
[my.stripo.email] Blind SSRF Vulnerability in Stripo App Export via Missing Endpoints Export Email Message to Zapier
https://hackerone.com/reports/2932960
https://hackerone.com/reports/2932960
December 1, 2025 at 9:20 AM
[my.stripo.email] Blind SSRF Vulnerability in Stripo App Export via Missing Endpoints Export Email Message to Zapier
https://hackerone.com/reports/2932960
https://hackerone.com/reports/2932960
Bug Bounty Hunters: Use Plain Text Leaks To Turn Recon Into High-Impact Reports
https://medium.com/@alexandrevandammepro/bug-bounty-hunters-use-plain-text-leaks-to-turn-recon-into-high-impact-reports-b59286cedf61?source=rss------bug_bounty-5
https://medium.com/@alexandrevandammepro/bug-bounty-hunters-use-plain-text-leaks-to-turn-recon-into-high-impact-reports-b59286cedf61?source=rss------bug_bounty-5
December 1, 2025 at 9:16 AM
Bug Bounty Hunters: Use Plain Text Leaks To Turn Recon Into High-Impact Reports
https://medium.com/@alexandrevandammepro/bug-bounty-hunters-use-plain-text-leaks-to-turn-recon-into-high-impact-reports-b59286cedf61?source=rss------bug_bounty-5
https://medium.com/@alexandrevandammepro/bug-bounty-hunters-use-plain-text-leaks-to-turn-recon-into-high-impact-reports-b59286cedf61?source=rss------bug_bounty-5
December 1, 2025 at 8:21 AM
Detecting Deepfake Phishing Calls: 10 Tools Every Cybersecurity Pro Should Master
https://medium.com/@verylazytech/detecting-deepfake-phishing-calls-10-tools-every-cybersecurity-pro-should-master-c36d8f760585?source=rss------bug_bounty-5
https://medium.com/@verylazytech/detecting-deepfake-phishing-calls-10-tools-every-cybersecurity-pro-should-master-c36d8f760585?source=rss------bug_bounty-5
December 1, 2025 at 7:13 AM
Detecting Deepfake Phishing Calls: 10 Tools Every Cybersecurity Pro Should Master
https://medium.com/@verylazytech/detecting-deepfake-phishing-calls-10-tools-every-cybersecurity-pro-should-master-c36d8f760585?source=rss------bug_bounty-5
https://medium.com/@verylazytech/detecting-deepfake-phishing-calls-10-tools-every-cybersecurity-pro-should-master-c36d8f760585?source=rss------bug_bounty-5
$1,000 |critical Critical Log4Shell Vulnerability
https://medium.com/@aminefarah802/2-000-critical-critical-log4shell-vulnerability-2d55129c9c1b?source=rss------bug_bounty-5
https://medium.com/@aminefarah802/2-000-critical-critical-log4shell-vulnerability-2d55129c9c1b?source=rss------bug_bounty-5
December 1, 2025 at 6:16 AM
$1,000 |critical Critical Log4Shell Vulnerability
https://medium.com/@aminefarah802/2-000-critical-critical-log4shell-vulnerability-2d55129c9c1b?source=rss------bug_bounty-5
https://medium.com/@aminefarah802/2-000-critical-critical-log4shell-vulnerability-2d55129c9c1b?source=rss------bug_bounty-5
3. Master the Basics, Break the Web: Cookies & Sessions
https://abineshm.medium.com/3-master-the-basics-break-the-web-cookies-sessions-3b284c456e98?source=rss------bug_bounty-5
https://abineshm.medium.com/3-master-the-basics-break-the-web-cookies-sessions-3b284c456e98?source=rss------bug_bounty-5
December 1, 2025 at 4:39 AM
3. Master the Basics, Break the Web: Cookies & Sessions
https://abineshm.medium.com/3-master-the-basics-break-the-web-cookies-sessions-3b284c456e98?source=rss------bug_bounty-5
https://abineshm.medium.com/3-master-the-basics-break-the-web-cookies-sessions-3b284c456e98?source=rss------bug_bounty-5