Collection of the bug that specifically found at web application
The Story of How Allah Allowed Us to Obtain Super Admin Access Through a Chain of Vulnerabilities (Including the Use of a Data Leak Monitoring Platform)....
A simple story when Allah allowed me to successfully achieve P1 through a broken access control issue using an unexpected master ID of “0”. In the...
A simple story when Allah allowed me to get P1 by combining several issues, one of which was related to “weak credentials”. In the name of...
A story when Allah willed me to tried to optimize my findings in the Points-Only program to be able to get 6 paid P1 issues in...
A story about how I Finally could use an AD account that unenrolled to MFA, by using an EWS Misconfiguration to Access Email Inbox and (Having...
A story about how I got several simple bugs (1 P2, 1 P3, and 2 P4s) on a target (that just allow Specific Country Code to...
How I Finally could Got into an Internal Network (and could accessing all of their internal assets) at One of the Biggest ICT company in the...
In the name of Allah, the Most Gracious, the Most Merciful. – Part I from (hopefully) IV Parts – Update I: Added a “Reference” Section. Update...
In the name of Allah, the Most Gracious, the Most Merciful. Please kindly visit this simple paper directly to looking this release in simple:[English Version] IDOR...
In the name of Allah, the Most Gracious, the Most Merciful. Please kindly visit this simple paper directly to looking this release in simple:[English Version] Ribose — IDOR...