Heyy Everyoneeee, I hope everyone had a good hacking year, I didn’t shared any writeups this year so I thought I should do one writeup where I will be discussing most of the bugs which I found this year mainly on the Hackerone platform. …

Heyyy Everyoneeee, A couple of months ago I found an upload endpoint which was vulnerable to csrf ,but when I started with creating the poc for it . I realized that it’s not going to be that easy as it looks. It was a Hackerone program, I asked them for…

Heyyy Everyoneee, In this blog, I will be discussing the solution for the Intigriti’s August XSS challenge. This will be a step by step walkthrough how I was able to find the xss vulnerability. Opening the challenge url, we can see that this endpoint https://challenge-0821.intigriti.io/challenge/cooking.html …

Heyyy Everyoneeee, I know it’s been a quite long time since I shared any of my findings sorry about that, I am back now don’t worry :) In this writeup I will be talking about some of my valid bugs which I submitted to Google VRP , as they are…

Heyy Everyoneee, I hope everyone one of you is doing good, recently @bugpoc shared a xss challenge , I was getting bored so I thought to give it a try .This …

Heyyy Everyoneee, I hope everyone is doing good , it’s been a while since I haven’t shared any writeup of my finding’s. This blog post is going to be about a reflected xss bug affecting Facebook mirror websites. …

Heyyy Everyoneee, I hope you all are doing good, this year is about to end. So I thought I should share a last writeup about some of the bugs which I have found this year.This is going to be a little long.I …

Heyy Everyoneee, Hope you all are doing good.In this writeup I am going to tell you how I was able to takeover a domain which was owned by Facebook. Short Story After my final exams got over,I setup some goals in which fb hof was one of them.Had to go through some…

Heyy Everyonee,hope you all are doing good. I am back with another blog, probably you’re wondering that this blog is also going to be about xss, well you’re right.But …