PinnedPublished inInfoSec Write-upsPushing yourself through hard hunting days: A bug hunter perspectiveToday I am going to talk about the period when you don’t find bugs for several days, weeks or even months. This talk is going to be…May 9, 20205May 9, 20205
Exploiting PostMessage for cool XSS vulnerabilitiesA lot of people who love to find XSS, usually miss PostMessage XSS even though there uses to be a possibility. So I thought to cover this…Apr 22Apr 22
Interview essentials for a Pentester role: How to land your first job in SecurityWelcome to another, knowledgeable blog! This is for people who want to get into a pentesting job and they are searching for a right…Mar 21, 2023Mar 21, 2023
Hacking with cURL: Unleash the CLI beastCurl, or client URL is a command line tool that enables data exchange between a device and a server through a terminal. We can use this…Jan 19, 2023Jan 19, 2023
Published inInfoSec Write-upsA great weekend hack(worth $8k)This post is a writeup of my recent findings on Synack which got me $8k for 5 bugs, on a single day.Nov 26, 20224Nov 26, 20224
Published inSystem WeaknessThe prerequisites: Things you need to learn before getting into Web hacking/bug bountiesBug bounties or web hacking is something which fascinates a lot of people. I mean, who doesn't want to earn money that also while hacking…Oct 9, 2022Oct 9, 2022
Published inInfoSec Write-upsHacking Nginx: Best waysNginx is being used in the wild since a while now. We all have seen NGINX name somewhere while coding/hacking. NGINX has always been a…Jun 6, 20222Jun 6, 20222
Published inInfoSec Write-upsGoing beyond the surface: Vulns that pay wellThese days bug bounty hunters have been finding many low-hanging fruits and a lot of them want to go beyond those bugs. This blog is for…Mar 6, 20221Mar 6, 20221
Weapons in my quiver: Tools and extension I use in bountiesAs this blog already describes, I will be putting some info about tools and extensions which I use daily in my bounties. For an early…Dec 27, 20212Dec 27, 20212