Collection of real-world bug hunting writeups and security research articles
Mastering Advanced SQLMap Techniques with Proxychains and tamper scripts Against Cloudflare and ModSecurity
Read on InfoSec WriteupsStep-by-Step mass hunting Authorization Bypass by Middleware in next.js: A Complete Exploit Walkthrough
Read on InfoSec WriteupsFrom Recon to full Exploitation: The XML-RPC Attack Path
Read on InfoSec WriteupsLearn how to properly configure WSL to route all traffic through Burp Suite for effective penetration testing
Read on InfoSec WriteupsComplete methodology for finding and exploiting open redirect vulnerabilities in modern web applications
Read on InfoSec WriteupsAn advanced tool for discovering hidden endpoints and vulnerabilities through passive fuzzing techniques
Read on InfoSec WriteupsTechniques and methodologies for identifying misconfigured Amazon S3 buckets during security assessments
Read on InfoSec WriteupsA comprehensive guide to essential browser extensions that enhance your bug hunting workflow
Read on InfoSec WriteupsMaster the powerful FFUF fuzzing tool for discovering hidden endpoints, parameters, and vulnerabilities
Read on OSINT TeamCustom Nuclei templates that have led to successful bug bounty reports and vulnerability discoveries
Read on MediumAdvanced techniques for leveraging Internet Archive's Wayback Machine in your bug hunting methodology
Read on InfoSec WriteupsA detailed case study of discovering and responsibly reporting a critical SQL Injection vulnerability
Read on InfoSec WriteupsAnalysis and exploitation guide for the critical code execution vulnerability in Mozilla's PDF.js library
Read on InfoSec WriteupsTechniques for identifying the true origin IP address of servers protected by web application firewalls
Read on InfoSec WriteupsRapid methodology for identifying Cross-Site Scripting vulnerabilities in web applications
Read on OSINT TeamTechniques for discovering credentials, API keys, and other sensitive information in client-side JavaScript
Read on OSINT Team