BugBounties on

The Phantom Subdomain: How I Found Slack’s Forgotten Backdoor

Sat, 14 Sep 2024 00:00:00 +0000

Prologue — The Digital Graveyard
#

Midnight. The glow of my monitor painted the walls a faint blue as I scrolled through Slack’s sprawling domain records.

3 AM & Phantom Requests: My Blind SSRF Journey Through Shopify's PDF Underworld

Thu, 23 May 2024 00:00:00 +0000

Prologue — The Accidental Discovery
#

2:03 AM — My third espresso was long cold. The glow of the Shopify admin panel lit up my desk like a scene out of a low-budget cyber thriller.

Coffee, Curiosity & an API – JWT 'alg:none' Exploit in HealthTrack

Mon, 19 Feb 2024 00:00:00 +0000

Prologue: Coffee, Curiosity & an API
#

It was one of those quiet February evenings. No caffeine left in the mug, but my curiosity was wide awake. The glow from the screen illuminated my desk, casting a soft digital haze. I was drifting through recon mode—scrolling API docs, poking endpoints, intercepting calls like I was casually flipping through a dusty book in a forgotten archive.

LocalNews and the Whispering Header - SQLi in a Forgotten Log

Sat, 17 Feb 2024 00:00:00 +0000

Prologue — When Headers Speak
#

10:47 PM — Rain tapped against the window while Burp Suite ran idle. I was deep into recon on a small CMS platform called LocalNews. The payout was modest, the target obscure—but that’s the beauty of it. Quiet places often hide loud bugs.

The Anatomy of a Clickjacking Vulnerability: A Trello Deep Dive

Wed, 15 Nov 2023 00:00:00 +0000

An exploration of a clickjacking vulnerability found in Trello’s public boards, examining the technical details, potential impacts, and broader security lessons about proper header configurations.

TaskMaster – How an Avatar Became a Cookie Monster

Thu, 05 Oct 2023 00:00:00 +0000

Prologue — Of Avatars and Curiosity
#

It started with a profile page.

Late one night in October, I was sipping on reheated coffee and casually poking around the “TaskMaster” app — a tidy little task management platform listed on YesWeHack. On the surface, it was clean, minimal, maybe even a bit charming.

Silent Payloads: DOM-Based XSS in PayPal’s Checkout

Mon, 24 Jul 2023 00:00:00 +0000

Silent Payloads: DOM-Based XSS in PayPal’s Checkout
#

How a routine evening review of postMessage logic in third-party iframes spiraled into a silent, weaponizable DOM XSS — tucked neatly within a trusted payment flow.

12:57 AM and a Concurrency Fault: How I Exploited Uber’s Coupon Redemption Logic

Tue, 13 Jun 2023 00:00:00 +0000

Prologue: 12:57 AM
#

The apartment was quiet. I was not hunting vulnerabilities or replaying traffic with aggressive fuzzing. It was more observational – that rare and quiet mindset that often reveals misbehavior where others only see clean execution.

Broken Authentication: Uncovering Twitter's OAuth Vulnerability

Fri, 07 Apr 2023 00:00:00 +0000

A technical deep dive into an authentication vulnerability in Twitter’s legacy API that allowed bypassing signature validation, exposing user data through inconsistent OAuth enforcement.

"PetCare" – CSRF in the Admin Panel: When One Click Made You an Admin

Wed, 15 Feb 2023 00:00:00 +0000

A simple POST request without CSRF protection allowed me to trick a PetCare admin into granting me admin privileges. This writeup dives into the exploitation steps, mental process, root cause, and patching of a high-risk vulnerability in their internal panel.

Curiosity & file_id=187: My First Bug Bounty Journey with FileSharePro

Thu, 09 Feb 2023 00:00:00 +0000

Prologue — A New Hunter’s First Spark
#

They always say your first bounty feels different.
For me, it started with a file URL. Not a secret admin panel or a vulnerable upload endpoint. Just a link:
https://filesharepro.com/download?file_id=123