Open in app

Sign in

Write

Sign in

bombon
bombon

2.1K Followers

Home

About

Dec 1, 2022

Cache Deception Allows Poisoning

@bxmbn This is the second part of my previous Write-Up So, way back in July, I started testing an app, I noticed the app was behind Akamai, I then created an account and noticed there was a Self-XSS when updating the name So, to exploit this I just needed to…

Cache Poisoning

2 min read

Cache Deception Allows Cache Poisoning
Cache Deception Allows Cache Poisoning
Cache Poisoning

2 min read


Jul 21, 2022

Ultimate Tips And Tricks To Find More Cross-Site Scripting Vulnerabilities

@bxmbn I get a lot of questions on how I Find XSS, What is My “Methodology” , What Tools I use, etc. I want to start by saying that all my Hunting is 100% Manual, I don’t use Automated Tools or Anything of the Nature. If you are a Beginner…

Bug Bounty

2 min read

Ultimate Tips And Tricks To Find More Cross-Site Scripting Vulnerabilities
Ultimate Tips And Tricks To Find More Cross-Site Scripting Vulnerabilities
Bug Bounty

2 min read


Jul 21, 2022

How I Test For Web Cache Vulnerabilities + Tips And Tricks

@bxmbn I will be sharing my “Methodology” from start to end when looking for Cache Issues, then I will share recent Real-Cases Scenarios with their respective Bounties. It is worth sharing that I don’t use Automated tools to find these issues. …

Bug Bounty

5 min read

How I Test For Web Cache Vulnerabilities + Tips And Tricks
How I Test For Web Cache Vulnerabilities + Tips And Tricks
Bug Bounty

5 min read


Published in

InfoSec Write-ups

·Jan 29, 2022

How I Made $16,500 Hacking CDN Caching Servers — Part 3

@bxmbn — Cache Poisoning DoS Via X-Forwarded-Scheme Header Bounty: 3,000 I didn’t know this was a thing, until i saw @iustinBB ’s a blog about their research on Cache Poisoning Cache Poisoning at Scale Sending the x-forwarded-scheme: http header would result into a 301 redirect to the same location. If the response was cached by a CDN…

Bug Bounty

2 min read

How I Made +$16,500 Hacking CDN Caching Servers — Part 3
How I Made +$16,500 Hacking CDN Caching Servers — Part 3
Bug Bounty

2 min read


Published in

InfoSec Write-ups

·Jan 29, 2022

How I Made $16,500 Hacking CDN Caching Servers — Part 2

@bxmbn — A Nice Way To Hide XSS Bounty: $2,000 While Google Dorking, i found a particular URL, but this time, was not being cached, but if i added an cacheable extension file (.js , .css) at the end of URL, it would cache the response. Now, all i needed was to found a XSS. I found an…

Bug Bounty

2 min read

How I Made +$16,500 Hacking CDN Caching Servers — Part 2
How I Made +$16,500 Hacking CDN Caching Servers — Part 2
Bug Bounty

2 min read


Published in

InfoSec Write-ups

·Jan 29, 2022

How I Made $16,500 Hacking CDN Caching Servers — Part 1

@bxmbn — Cache Poisoning To Stored XSS Bounty: $6,300 This was actually my first Cache Poisoning, I initially reported it as a cache Deception issue, because that is all i knew about caching exploits at that time, and the reason how and why this ended up being triaged and awarded as a Cache Poisoning to Stored XSS…

Bug Bounty

2 min read

How I Made $16,500+ By Hacking Caching Servers — Part 1
How I Made $16,500+ By Hacking Caching Servers — Part 1
Bug Bounty

2 min read

bombon

bombon

2.1K Followers

Help

Status

About

Careers

Blog

Privacy

Terms

Text to speech

Teams