From Recon via Censys and DNSdumpster, to Getting P1 by Login Using Weak Password – “password”
A simple story when Allah allowed me to get P1 by combining several issues, one of which was related to “weak credentials”. In the name of...
Collection of the bug that specifically found at web application
A simple story when Allah allowed me to get P1 by combining several issues, one of which was related to “weak credentials”. In the name of...
A story when Allah willed me to tried to optimize my findings in the Points-Only program to be able to get 6 paid P1 issues in...
A story about how I Finally could use an AD account that unenrolled to MFA, by using an EWS Misconfiguration to Access Email Inbox and (Having...
A story about how I got several simple bugs (1 P2, 1 P3, and 2 P4s) on a target (that just allow Specific Country Code to...
How I Finally could Got into an Internal Network (and could accessing all of their internal assets) at One of the Biggest ICT company in the...
In the name of Allah, the Most Gracious, the Most Merciful. – Part I from (hopefully) IV Parts – Update I: Added a “Reference” Section. Update...
In the name of Allah, the Most Gracious, the Most Merciful. Please kindly visit this simple paper directly to looking this release in simple:[English Version] IDOR...
In the name of Allah, the Most Gracious, the Most Merciful. Please kindly visit this simple paper directly to looking this release in simple:[English Version] Ribose — IDOR...
In the name of Allah, the Most Gracious, the Most Merciful. Please kindly visit this simple paper directly to looking this release (December, 2017 Article):[English Version]...
In the name of Allah, the Most Gracious, the Most Merciful. Please kindly visit this simple paper directly to looking this release:[English Version] PayPal – Information...