One of the more challenging tasks in web app pentesting is approaching an application that has limited interaction. It’s very…
When I’m not doing bug bounty or studying for school I’ll often be playing Counter-Strike: Global Offensive or PLAYERUNKNOWN’S BATTLEGROUNDS. Both of…
To preface this article I’d like to give a huge shout out to Yahoo’s paranoids and everyone involved in their…
The following article details the successful exploitation of a server sided request forgery vulnerability in Yahoo’s small business platform. If…
If you decided to go out and spontaneously develop a content management system one of the most crucial and necessary…
On the night of May 20th I had begun to develop a small headache and neck pains after spending days…
Thinking back to old forum days I can specifically remember an event where attackers modified their avatars to be invalid…
When looking at bug bounty programs that have existed for a long time it’s often beneficial to assume that every…