Let’s Talk About Encryption And IDORs(Yes, IDOR,s Again)— @bxmbnImagine a system designed to protect sensitive user data — like insurance policies — only to have a single misstep turn it into an open…Feb 234Feb 234
Hijacking Sessions with IDOR and XSS— @bxmbnPicture a platform designed to handle sensitive documentation — think insurance claims or identity verification — turning into a goldmine…Feb 237Feb 237
Bank offer IDOR Fix Bypassed: How I Accessed Unauthorized Offers and Secured a $10,000 Bounty —…Feb 234Feb 234
I received a Bank offer in my mailbox and discovered an IDOR vulnerability - $5,000 bounty - @bxmbnIn October 2023, I opened a bank account with the hope of uncovering any vulnerabilities. I had tested this bank program before, however I…Jan 5, 20249Jan 5, 20249
How I Prevented a Mass Data Breach - $15,000 bounty - @bxmbnIn July 2023, I received an invite of a significant bug bounty program, with massive assets in-scope, my approach mirrored what I typicallyJan 5, 202412Jan 5, 202412
Ultimate Tips And Tricks To Find More Cross-Site Scripting Vulnerabilities@bxmbnJul 21, 20227Jul 21, 20227
Published inInfoSec Write-upsHow I Made +$16,500 Hacking CDN Caching Servers — Part 3@bxmbnJan 29, 20223Jan 29, 20223
Published inInfoSec Write-upsHow I Made +$16,500 Hacking CDN Caching Servers — Part 2@bxmbnJan 29, 20223Jan 29, 20223
