Let’s Talk About Encryption And IDORs(Yes, IDOR,s Again)— @bxmbnImagine a system designed to protect sensitive user data — like insurance policies — only to have a single misstep turn it into an open…Feb 23A response icon4Feb 23A response icon4
Hijacking Sessions with IDOR and XSS— @bxmbnPicture a platform designed to handle sensitive documentation — think insurance claims or identity verification — turning into a goldmine…Feb 23A response icon9Feb 23A response icon9
Bank offer IDOR Fix Bypassed: How I Accessed Unauthorized Offers and Secured a $10,000 Bounty —…Feb 23A response icon4Feb 23A response icon4
I received a Bank offer in my mailbox and discovered an IDOR vulnerability - $5,000 bounty - @bxmbnIn October 2023, I opened a bank account with the hope of uncovering any vulnerabilities. I had tested this bank program before, however I…Jan 5, 2024A response icon9Jan 5, 2024A response icon9
How I Prevented a Mass Data Breach - $15,000 bounty - @bxmbnIn July 2023, I received an invite of a significant bug bounty program, with massive assets in-scope, my approach mirrored what I typicallyJan 5, 2024A response icon12Jan 5, 2024A response icon12
Ultimate Tips And Tricks To Find More Cross-Site Scripting Vulnerabilities@bxmbnJul 21, 2022A response icon7Jul 21, 2022A response icon7
How I Test For Web Cache Vulnerabilities + Tips And Tricks@bxmbnJul 21, 2022A response icon18Jul 21, 2022A response icon18
Published inInfoSec Write-upsHow I Made +$16,500 Hacking CDN Caching Servers — Part 3@bxmbnJan 29, 2022A response icon3Jan 29, 2022A response icon3
Published inInfoSec Write-upsHow I Made +$16,500 Hacking CDN Caching Servers — Part 2@bxmbnJan 29, 2022A response icon3Jan 29, 2022A response icon3
