Heyyy Everyoneeee, A couple of months ago I found an upload endpoint which was vulnerable to csrf ,but when I started with creating the poc for it . I realized that it’s not going to be that easy as it looks. It was a Hackerone program, I asked them for…

Heyyy Everyoneee, In this blog, I will be discussing the solution for the Intigriti’s August XSS challenge. This will be a step by step walkthrough how I was able to find the xss vulnerability. Opening the challenge url, we can see that this endpoint https://challenge-0821.intigriti.io/challenge/cooking.html …

Heyyy Everyoneeee, I know it’s been a quite long time since I shared any of my findings sorry about that, I am back now don’t worry :) In this writeup I will be talking about some of my valid bugs which I submitted to Google VRP , as they are…

Heyy Everyoneee, I hope everyone one of you is doing good, recently @bugpoc shared a xss challenge , I was getting bored so I thought to give it a try .This …

Heyyy Everyoneee, I hope everyone is doing good , it’s been a while since I haven’t shared any writeup of my finding’s. This blog post is going to be about a reflected xss bug affecting Facebook mirror websites. I will be explaining the whole process how I found the vulnerable…

Heyyy Everyoneee, I hope you all are doing good, this year is about to end. So I thought I should share a last writeup about some of the bugs which I have found this year.This is going to be a little long.I …

Heyy Everyoneee, Hope you all are doing good.In this writeup I am going to tell you how I was able to takeover a domain which was owned by Facebook. Short Story After my final exams got over,I setup some goals in which fb hof was one of them.Had to go through some…

Heyy Everyonee,hope you all are doing good. I am back with another blog, probably you’re wondering that this blog is also going to be about xss, well you’re right.But …

Heyy Everyonee, In this writeup I am going to tell you how I was able to get xss in Zomato. I will tell the whole story how I found the vulnerable parameter. Actually at that time I was reading a book “Mastering Modern Web Penetration Testing” (You can get it…