Recent searches

No recent searches

Search options

Only available when logged in.
mastodon.world is one of the many independent Mastodon servers you can use to participate in the fediverse.
Generic Mastodon server for anyone to use.

Administered by:

Server stats:

8.1K
active users

mastodon.world: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.4.2

#bugbountywriteup

0 posts0 participants0 posts today
2rZiKKbOU3nTafniR2qMMSE0gwZThe Auth Apocalypse: Broken Authentication &amp; Session Management Explored. Episode 1: How One Cookie Can Compromise Everything — The Dangers of Session Fixation Continue reading on InfoSec...<br><br><a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/penetration-testing" target="_blank">#penetration-testing</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/bug-bounty-writeup" target="_blank">#bug-bounty-writeup</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/ethical-hacking" target="_blank">#ethical-hacking</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/broken-authentication" target="_blank">#broken-authentication</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/cybersecurity" target="_blank">#cybersecurity</a><br><br><a href="https://infosecwriteups.com/the-auth-apocalypse-broken-authentication-session-management-explored-ff4642c376e2?source=rss----7b722bfd1b8d---4" rel="nofollow noopener" target="_blank">Origin</a> | <a href="https://awakari.com/sub-details.html?id=2rZiKKbOU3nTafniR2qMMSE0gwZ" rel="nofollow noopener" target="_blank">Interest</a> | <a href="https://awakari.com/pub-msg.html?id=Kg2cOUU294J12Mv2UJsSfJA67RA&amp;interestId=2rZiKKbOU3nTafniR2qMMSE0gwZ" rel="nofollow noopener" target="_blank">Match</a>
2rZiKKbOU3nTafniR2qMMSE0gwZEpisode 7: Server-Side Includes Injection — The Quiet Danger Lurking in Legacy Code Hello everyone, I hope you’re doing well and staying curious. &nbsp;Welcome back to my Medium series, The Inj...<br><br><a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/penetration-testing" target="_blank">#penetration-testing</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/bug-bounty-writeup" target="_blank">#bug-bounty-writeup</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/cybersecurity" target="_blank">#cybersecurity</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/ethical-hacking" target="_blank">#ethical-hacking</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/injection-vulnerabilities" target="_blank">#injection-vulnerabilities</a><br><br><a href="https://infosecwriteups.com/episode-7-server-side-includes-injection-the-quiet-danger-lurking-in-legacy-code-51002a88fb88?source=rss----7b722bfd1b8d---4" rel="nofollow noopener" target="_blank">Origin</a> | <a href="https://awakari.com/sub-details.html?id=2rZiKKbOU3nTafniR2qMMSE0gwZ" rel="nofollow noopener" target="_blank">Interest</a> | <a href="https://awakari.com/pub-msg.html?id=09yq2PJOLjqUbynRaumc7SaXf3g&amp;interestId=2rZiKKbOU3nTafniR2qMMSE0gwZ" rel="nofollow noopener" target="_blank">Match</a>
2rZiKKbOU3nTafniR2qMMSE0gwZThe Thumbnail Trap: An Unpatched Google Docs Vulnerability That Risks Your Privacy What if the content you deleted before sharing a Google Doc was still visible to the recipient? For at least three...<br><br><a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/writeup" target="_blank">#writeup</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/security" target="_blank">#security</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/hacking" target="_blank">#hacking</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/bug-bounty-writeup" target="_blank">#bug-bounty-writeup</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/cybersecurity" target="_blank">#cybersecurity</a><br><br><a href="https://infosecwriteups.com/the-thumbnail-trap-an-unpatched-google-docs-vulnerability-e68911384e6e?source=rss----7b722bfd1b8d---4" rel="nofollow noopener" target="_blank">Origin</a> | <a href="https://awakari.com/sub-details.html?id=2rZiKKbOU3nTafniR2qMMSE0gwZ" rel="nofollow noopener" target="_blank">Interest</a> | <a href="https://awakari.com/pub-msg.html?id=FJlXJqObfSHz6j5QlMzYCTEoROK&amp;interestId=2rZiKKbOU3nTafniR2qMMSE0gwZ" rel="nofollow noopener" target="_blank">Match</a>
2rZiKKbOU3nTafniR2qMMSE0gwZThe Thumbnail Trap: An Unpatched Google Docs Vulnerability That Risks Your Privacy What if the content you deleted before sharing a Google Doc was still visible to the recipient? For at least three...<br><br><a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/writeup" target="_blank">#writeup</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/security" target="_blank">#security</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/hacking" target="_blank">#hacking</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/bug-bounty-writeup" target="_blank">#bug-bounty-writeup</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/cybersecurity" target="_blank">#cybersecurity</a><br><br><a href="https://infosecwriteups.com/the-thumbnail-trap-an-unpatched-google-docs-vulnerability-e68911384e6e?source=rss----7b722bfd1b8d---4" rel="nofollow noopener" target="_blank">Origin</a> | <a href="https://awakari.com/sub-details.html?id=2rZiKKbOU3nTafniR2qMMSE0gwZ" rel="nofollow noopener" target="_blank">Interest</a> | <a href="https://awakari.com/pub-msg.html?id=IPDKXLfkJP7rlntfSrQdfojgctM&amp;interestId=2rZiKKbOU3nTafniR2qMMSE0gwZ" rel="nofollow noopener" target="_blank">Match</a>
2rZiKKbOU3nTafniR2qMMSE0gwZHow I found my first Critical SSRF (and how you can too) SSRF (Server Side Request Forgery) is a web vulnerability that allows an attacker to cause the server to send requests to a malicious addres...<br><br><a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/bug-bounty" target="_blank">#bug-bounty</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/ssrf" target="_blank">#ssrf</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/bug-bounty-tips" target="_blank">#bug-bounty-tips</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/cybersecurity" target="_blank">#cybersecurity</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/bug-bounty-writeup" target="_blank">#bug-bounty-writeup</a><br><br><a href="https://systemweakness.com/how-i-found-my-first-critical-ssrf-and-how-you-can-too-b0f5fb1bd62b?source=rss----f20a9840e177---4" rel="nofollow noopener" target="_blank">Origin</a> | <a href="https://awakari.com/sub-details.html?id=2rZiKKbOU3nTafniR2qMMSE0gwZ" rel="nofollow noopener" target="_blank">Interest</a> | <a href="https://awakari.com/pub-msg.html?id=B1FlQywNJVRCFzOJiYMUj4NuhKC&amp;interestId=2rZiKKbOU3nTafniR2qMMSE0gwZ" rel="nofollow noopener" target="_blank">Match</a>
2rZiKKbOU3nTafniR2qMMSE0gwZWhen One Google Account Isn’t Enough: Breaking Identity Boundaries via SSO Confusion Bug Bounty Writeup | Identity Management Flaw | Persistent Authentication | SSO&nbsp;Misuse 🚨 Summary During an...<br><br><a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/freelancing" target="_blank">#freelancing</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/cybersecurity" target="_blank">#cybersecurity</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/bug-bounty-tips" target="_blank">#bug-bounty-tips</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/bug-bounty-writeup" target="_blank">#bug-bounty-writeup</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/bug-bounty" target="_blank">#bug-bounty</a><br><br><a href="https://systemweakness.com/when-one-google-account-isnt-enough-breaking-identity-boundaries-via-sso-confusion-10e4f8381a44?source=rss----f20a9840e177---4" rel="nofollow noopener" target="_blank">Origin</a> | <a href="https://awakari.com/sub-details.html?id=2rZiKKbOU3nTafniR2qMMSE0gwZ" rel="nofollow noopener" target="_blank">Interest</a> | <a href="https://awakari.com/pub-msg.html?id=RRDBTfdEWQVGRf2VwvapL6fc3Ae&amp;interestId=2rZiKKbOU3nTafniR2qMMSE0gwZ" rel="nofollow noopener" target="_blank">Match</a>
linux️ Beyond /etc/passwd: LFI Bypass, The Ultimate Guide By Shah kaif | “Inclusion isn’t just about files. It’s about control.” |&nbsp; LinkedIn What is Local File Inclusion (LFI)? Local File Inc...<br><br><a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/bug-bounty-tips" target="_blank">#bug-bounty-tips</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/lfi" target="_blank">#lfi</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/bug-bounty-writeup" target="_blank">#bug-bounty-writeup</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/bugbounty-writeup" target="_blank">#bugbounty-writeup</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/bug-bounty" target="_blank">#bug-bounty</a><br><br><a href="https://systemweakness.com/%EF%B8%8F-beyond-etc-passwd-lfi-bypass-the-ultimate-guide-5829d1efb600?source=rss----f20a9840e177---4" rel="nofollow noopener" target="_blank">Origin</a> | <a href="https://awakari.com/sub-details.html?id=linux" rel="nofollow noopener" target="_blank">Interest</a> | <a href="https://awakari.com/pub-msg.html?id=LDn3U0NJYkctT9MTUtQL2V4XXH6&amp;interestId=linux" rel="nofollow noopener" target="_blank">Match</a>
2rZiKKbOU3nTafniR2qMMSE0gwZUnauthenticated API Endpoint Exposes SMS Account Balance — An Information Disclosure Story Written by Gouri Sankar A Continue reading on Medium » <br><br><a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/writing" target="_blank">#writing</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/cybersecurity" target="_blank">#cybersecurity</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/bug-bounty" target="_blank">#bug-bounty</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/bug-bounty-writeup" target="_blank">#bug-bounty-writeup</a><br><br><a href="https://medium.com/@gourisankara357/unauthenticated-api-endpoint-exposes-sms-account-balance-an-information-disclosure-story-23b16b83cdef?source=rss------writing-5" rel="nofollow noopener" target="_blank">Origin</a> | <a href="https://awakari.com/sub-details.html?id=2rZiKKbOU3nTafniR2qMMSE0gwZ" rel="nofollow noopener" target="_blank">Interest</a> | <a href="https://awakari.com/pub-msg.html?id=33fTMKodFbaNz3wdqW6CJ747IJs&amp;interestId=2rZiKKbOU3nTafniR2qMMSE0gwZ" rel="nofollow noopener" target="_blank">Match</a>
2rZiKKbOU3nTafniR2qMMSE0gwZOne-Click Account Vulnerability: How I Discovered a Dangerous Authentication Flaw in a Global… 💬 Subtitle Continue reading on InfoSec Write-ups » <br><br><a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/hacking" target="_blank">#hacking</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/pentesting" target="_blank">#pentesting</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/cybersecurity" target="_blank">#cybersecurity</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/bug-bounty-writeup" target="_blank">#bug-bounty-writeup</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/bug-bounty" target="_blank">#bug-bounty</a><br><br><a href="https://infosecwriteups.com/one-click-account-vulnerability-how-i-discovered-a-dangerous-authentication-flaw-in-a-global-1cbc9a39e206?source=rss----7b722bfd1b8d---4" rel="nofollow noopener" target="_blank">Origin</a> | <a href="https://awakari.com/sub-details.html?id=2rZiKKbOU3nTafniR2qMMSE0gwZ" rel="nofollow noopener" target="_blank">Interest</a> | <a href="https://awakari.com/pub-msg.html?id=7yeX4ppyT9ArnqJNpxRsz7Cnz60&amp;interestId=2rZiKKbOU3nTafniR2qMMSE0gwZ" rel="nofollow noopener" target="_blank">Match</a>
FunctionalProgrammingEasy $150: Misconfigured SSO Led to Account Takeover Akwaaba! once again my people. In this piece, I will quickly talk about a vulnerability I recently discovered and got paid for. Check out my pre...<br><br><a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/hackerone" target="_blank">#hackerone</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/bug-bounty-writeup" target="_blank">#bug-bounty-writeup</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/account-takeover" target="_blank">#account-takeover</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/single-sign-on" target="_blank">#single-sign-on</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/sso" target="_blank">#sso</a><br><br><a href="https://infosecwriteups.com/easy-150-misconfigured-sso-led-to-account-takeover-4e2b83b72395?source=rss----7b722bfd1b8d---4" rel="nofollow noopener" target="_blank">Origin</a> | <a href="https://awakari.com/sub-details.html?id=FunctionalProgramming" rel="nofollow noopener" target="_blank">Interest</a> | <a href="https://awakari.com/pub-msg.html?id=GPamFs50umJWoAS8shcmKfOgxX6&amp;interestId=FunctionalProgramming" rel="nofollow noopener" target="_blank">Match</a>
2rZiKKbOU3nTafniR2qMMSE0gwZ️ Stop API Key Leaks Before They Cost You — Meet KeySentry 🛡️ Stop API Key Leaks Before They Cost You — Meet KeySentry KeySentry — Find leaked API keys &amp; secrets in any...<br><br><a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/bug-bounty" target="_blank">#bug-bounty</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/bug-bounty-tips" target="_blank">#bug-bounty-tips</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/cybersecurity" target="_blank">#cybersecurity</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/bug-bounty-writeup" target="_blank">#bug-bounty-writeup</a> <a rel="nofollow noopener" class="mention hashtag" href="https://mastodon.social/tags/api-key" target="_blank">#api-key</a><br><br><a href="https://infosecwriteups.com/%EF%B8%8F-stop-api-key-leaks-before-they-cost-you-meet-keysentry-5521f6c75ab0?source=rss----7b722bfd1b8d---4" rel="nofollow noopener" target="_blank">Origin</a> | <a href="https://awakari.com/sub-details.html?id=2rZiKKbOU3nTafniR2qMMSE0gwZ" rel="nofollow noopener" target="_blank">Interest</a> | <a href="https://awakari.com/pub-msg.html?id=EpCwduB5PfIXHPLLpMTw2dvINOq&amp;interestId=2rZiKKbOU3nTafniR2qMMSE0gwZ" rel="nofollow noopener" target="_blank">Match</a>
MongoDB
️ 100 Web App Bugs You Should Be Hunting From IDORs to SSRFs — A Mega List to Supercharge Your Hunting In this post, I’m sharing 100 web app exploit ideas that you can explore during you...

#penetration-testing #bug-bounty-writeup #hacking #bug-bounty #infosec

Origin | Interest | Match
InfoSec Write-ups · 🕷️ 100 Web App Bugs You Should Be Hunting 💥 - InfoSec Write-upsBy Swarnim Bandekar
#penetrationtesting#bugbountywriteup#bugbounty
2rZiKKbOU3nTafniR2qMMSE0gwZ
Exposure Protocol: Information Disclosure in the Wild [Part 1] When Servers Overshare: Sniping Apache Struts with a Simple String Injection Author: Aditya Bhatt Category: Web App Hacking | Recon | ...

#cybersecurity #disclosure #information #bug-bounty #bug-bounty-writeup

Origin | Interest | Match
InfoSec Write-ups · Exposure Protocol: Information Disclosure in the Wild [Part 1]By Aditya Bhatt
#bugbounty#bugbountywriteup
SearchEngine
How a Simple RECON Earned Me ₹XX,000 Security bugs aren’t always flashy. Sometimes, you don’t need to pop a shell or find an RCE to make an impact. Sometimes… all you need is a little curio...

#infosec #bug-bounty-writeup #hacking #penetration-testing #bug-bounty

Origin | Interest | Match
InfoSec Write-ups · 💰 How a Simple RECON Earned Me ₹XX,000 - InfoSec Write-upsBy Swarnim Bandekar
#bugbountywriteup#penetrationtesting#bugbounty
2rZiKKbOU3nTafniR2qMMSE0gwZ
Business Logic Flaws: A Bug Hunter’s Handbook Business logic flaws, also known as application logic flaws, occur when an application’s legitimate functionality is misused in ways the developers...

#bug-bounty #bug-bounty-tips #bug-bounty-writeup #business-logic #cybersecurity

Origin | Interest | Match
InfoSec Write-ups · Business Logic Flaws: A Bug Hunter’s Handbook - InfoSec Write-upsBy Gr3yG05T
#bugbounty#bugbountytips#bugbountywriteup
TrendingLive feeds
About