Usama Varikkottil
Usama Varikkottil

Usama Varikkottil

Usama Varikkottil

Usama Varikkottil

13 followers

Security Analyst, Bug bounty hunter, full-stack web developer

Pinned article

Two account takeover bugs worth $4300 ๐ŸŽ

Aug 29, 202111 min read 8.5K views

Making some weird API requests resulted in full user account takeovers, which paid me the highest reward of two bug bounty programs. Account takeovers...

Two account takeover bugs worth $4300 ๐ŸŽ
How to fix XSS vulnerabilities in Node.js and expressJS
How to exploit a basic SSRF vulnerability?
How I got $400 for my first SSRF bug?