How to dominate in bug bounties Hello Security Researchers & Hackers In this article I will talk about the mindset of hacking and how you can achieve a degree of success in bug bounty and maximizing your profit Most of people ask the questions like , how do I get bounty , how to choose…

Easiest IDOR ever ?! — Hello Security Researchers In this writeup I will talk how I was able to find an IDOR in one of the largest Russian Company nothing other than Mail.ru So approaching targets with huge scope can be frustrating sometimes since you don’t know where to start For me I started looking in…

Thinking outside the box — Hello Security Researchers & Hackers In this writeup I will explain how I was able to find RCE in Mail.ru which is considered the world largest internet company, Before starting to hack I was wondering on how I should approach the target and what most people would miss in the program…

Burp-suite Collaborator — Hello Security Researchers & Hackers In this article I will talk about how you can get your Own Private Collaborator without the needs to buy a new domain or use any other tool Pr-requirements All you need is BurpSuite Pro / VPS 5$ is enough , you can get yourself one…

Approaching a target from all angles Hello Security Researchers,Hackers In this write-up, I want to share with you a finding that I discovered in a public bug bounty program that ended up paying me 1K just using a single command on the terminal I won’t be able to disclose the name of the…

Automation helps get easy $$$ rXSS — Hello Security Researcher and Hackers In this writeup I will explain how I was able to get 2 rXSS in Angular using automation and simple payloads in Github First of all I will explain my recon automation and how I was able to detect the XSS in those 2 subdomains…