The Secrets Behind EC2 TakeoversHave you heard of what a subdomain takeover is? Do you know the impact it has? Well, if you haven’t, I will shortly summarize it for you.May 12, 20233May 12, 20233
What VPS to choose?There are tons of cloud providers that offer different types of servers with a lot of different options. I will talk about the ones I…Apr 20, 2022Apr 20, 2022
SSRF to fetch AWS credentials with full access to various servicesThis is a post about how I found a simple yet really critical vulnerability in a bug bounty program. It was the most critical bug I have…Feb 27, 2021Feb 27, 2021
Bug Bounty — Beginner’s guideThere are lots of guides on how to start into Bug Bounty Hunting but I will share my personal experience of getting into bug bounty…Jun 22, 20203Jun 22, 20203
IDOR in session cookie leading to Mass Account TakeoverIf you are familiar with what IDOR is, you will know that it can be anywhere from url, request body, GET or POST requests and yes, in…May 29, 20201May 29, 20201