Server Side Request Forgery is a vulnerability that allows attacker to make server request to attacker controlled network location/path. While analyzing requests in Burp for Skype for Web, found a endpoint at *.*.skype.com/path?url=https://example.com …

I started with usual subdomain recon of a google acquisition(VirusTotal).This time I used a online subdomain finder service https://subdomainfinder.c99.nl/ for finding subdomains quickly. Then I found a subdomain grafana.internal.virustotal.com ,The word internal in the subdomain made me visit that page due to my curiousity. But unfortunately ,It’s only for authorized…

Twitter doesn’t allow making tweets of same content in relatively near time frame. But same content can be there in tweet which is made as reply to another tweet.

I usually track acquisitions of websites for which I am hunting bugs regularly. I knew that Fitbit acquisition has been completed by Google and is eligible for bounty in GoogleVRP platform. But, I previously remember that, Fitbit was also part of some other bugbounty platform before Google’s acquisition, So wanted…

I found a 2fa bypass recently in a responsible disclosure program — pickmycareer.in . The vulnerability allows an attacker to register any mobile number with his account bypassing OTP verifications. The process is very simple during registration process, attacker gives his own mobile number and receives OTP, enters correct OTP…

First of all, I am not a complete beginner in infosec/cyber security community. I have been doing bugbounty for past 3 years and also my current job role is related to security engineer. So, I haven’t prepared much as I already use most of the tools frequently at my workplace/CTFs/BugBounty. …

I was looking for blogs on GoogleVRP reports as well as noting down it’s popular aquisitions. Then I found a blog (https://tutorgeeks.blogspot.com/2018/08/misconfigured-jira-setting-apigee.html ) which talks about unauthenticated Jira instance leaking dashboard name ,project title and user profile picture by applying filters. It also mentions ,the website supports only logging in…

This is one of the easiest bug that I have found in a private bugbounty program. The program had two of it’s browsers in it’s scope. I was testing for RTLO related bugs,I found that the downloads section of the browser was rendering the rtlo characters in the improper way. …

This is a story of CORS bug that I found in one of Google’s aquisition -Kaggle,Where I got rewarded for CORS bug in 404 page. One fine day I was looking at one of the aquisitions of Google-(Kaggle),Kaggle is used worldwide by Machine Learning community and is pretty famous. I…