Collection of Bug Hunting Activity
The Story of How Allah Allowed Us to Obtain Super Admin Access Through a Chain of Vulnerabilities (Including the Use of a Data Leak Monitoring Platform)....
A simple story when Allah allowed me to successfully achieve P1 through a broken access control issue using an unexpected master ID of “0”. In the...
A simple story when Allah allowed me to get P1 by combining several issues, one of which was related to “weak credentials”. In the name of...
A story when Allah willed me to tried to optimize my findings in the Points-Only program to be able to get 6 paid P1 issues in...
A story about how I Finally could use an AD account that unenrolled to MFA, by using an EWS Misconfiguration to Access Email Inbox and (Having...
A story about how I got several simple bugs (1 P2, 1 P3, and 2 P4s) on a target (that just allow Specific Country Code to...
How I Finally could Got into an Internal Network (and could accessing all of their internal assets) at One of the Biggest ICT company in the...
CVE-2019–18653 & CVE-2019–18654: The story when Reflected XSS was triggered from the SSID Name (It also affected AVG AntiVirus because basically the product codes were mostly...
The story of when you download a file that looks “legitimate”, but changes when you run the file. In the name of Allah, the Most Gracious,...
In the name of Allah, the Most Gracious, the Most Merciful. – Part I from (hopefully) IV Parts – Update I: Added a “Reference” Section. Update...