Archives
All the articles I've archived.
-
Gift List - Admin Code Recipient Manipulation
Writeup for the Gift List challenge on Bugforge.io
-
Cheesy Does It - Broken Logic in the Refund Request
Writeup for the "Cheesy Does It" daily challenge on Bugforge.io demonstrating a Broken Logic vulnerability in the refund request functionality.
-
CopyPasta - Broken Access Control Vulnerability in Password Reset Functionality
Writeup for the "CopyPasta" daily challenge on Bugforge.io - Broken Access Control vulnerability in the password reset functionality
-
Tanuki - IDOR Vulnerability
Writeup for the "Tanuki" daily challenge on Bugforge.io - IDOR vulnerability
-
Cheesy Does It - Broken Logic in Payment Processing
Writeup for the "Cheesy Does It" daily challenge on Bugforge.io demonstrating a Broken Logic vulnerability in payment processing.
-
APICrash - Race Condition Vulnerability
Writeup for the APICrash challenge on YesWeHack demonstrating a Race Condition vulnerability in a GraphQL API.
-
Ghost Whisper - Command Injection via Unicode Normalization
Writeup for the Ghost Whisper challenge on YesWeHack demonstrating a Command Injection vulnerability via Unicode normalization bypass.
-
AppSecMaster - Blind XSS to Privilege Escalation
Writeup documenting a Blind XSS vulnerability in a mini blog application from AppSecMaster, leading to privilege escalation.
-
JinjaCare - Server-Side Template Injection
Writeup for the Very Easy JinjaCare HTB Challenge demonstrating Server-Side Template Injection in Jinja2.
-
Cybersecurity Learning Resources
A curated collection of resources, tools, and guides for aspiring security researchers and bug bounty hunters.