19 followers
Security Analyst, Bug bounty hunter, full-stack web developer
A step-by-step guide on how I find security vulnerabilities that others miss · Making some weird API requests resulted in full user account takeovers,...
What is XSS? Simply we can say that XSS (Cross-site scripting) is a JavaScript code injection on web applications. Attackers use the vulnerable web...
The challenge in this writeup is from Portswigger's web security academy lab. You can access it here for Free. The challenge We need to access the...
An easy-to-exploit SSRF vulnerability. · A story about my first SSRF finding on a bug bounty target web app, where I further exploited the SSRF bug into...
var and let These are two keywords used to declare variables in Javascript. Even though most beginners know these two keywords exist, we struggle with...
