| Tue, 30 Jun 2026 18:25:48 GMT |
Fools guide to illict crypto miners via Langflow RCE exploit |
cybersecurity |
Yes |
Yes |
| Tue, 30 Jun 2026 18:24:11 GMT |
100 Days of Change: Day 2 — Mastering the Engine |
cybersecurity |
Yes |
Yes |
| Tue, 30 Jun 2026 18:24:43 GMT |
I Finally Understood the Data Link Layer — Here’s the Simples... |
cybersecurity |
Yes |
Yes |
| Tue, 30 Jun 2026 18:36:09 GMT |
WhatsApp Users Are Attacked by VBScripts |
cybersecurity, cyber-security-awareness |
Yes |
Yes |
| Tue, 30 Jun 2026 18:02:40 GMT |
Lista de compras ou tese de risco? |
information-security |
Yes |
Yes |
| Tue, 30 Jun 2026 17:33:18 GMT |
The Linux Command Every Hacker Runs First — And Most SOC Teams ... |
information-security |
Yes |
Yes |
| Tue, 30 Jun 2026 18:54:32 GMT |
Why Professional Office Security Matters for Modern Businesses |
security |
Yes |
Yes |
| Tue, 30 Jun 2026 18:23:59 GMT |
pentest-ai: The Open Source Pentest Tool That Proves Every Findin... |
penetration-testing, application-security |
Yes |
Yes |
| Tue, 30 Jun 2026 19:07:33 GMT |
“The XSS Cheat Sheet That Keeps Me Up at Night� |
cybersecurity |
Yes |
Yes |
| Tue, 30 Jun 2026 17:41:01 GMT |
Your IT Provider Patches Windows. Nobody Patches the Tool They Us... |
hacking, infosec |
Yes |
Yes |
| Tue, 30 Jun 2026 18:48:59 GMT |
Reverse Engineering a SaaS Product: From User Click to Production |
cybersecurity |
Yes |
Yes |
| Tue, 30 Jun 2026 17:23:51 GMT |
From SQL Injection to Remote Code Execution (RCE): A Practical Wa... |
web-security, ethical-hacking |
Yes |
Yes |
| Tue, 30 Jun 2026 18:03:16 GMT |
Active Directory Attacks — AdminSDHolder Abuse |
penetration-testing |
Yes |
Yes |
| Tue, 30 Jun 2026 18:42:42 GMT |
AI Data Security Protocol Best Practices: Your Company’s Surviv... |
security |
Yes |
Yes |
| Tue, 30 Jun 2026 19:08:24 GMT |
What a SIEM Actually Does (And Why It Needs AI to Keep Up) |
cybersecurity |
Yes |
Yes |
| Tue, 30 Jun 2026 19:03:35 GMT |
Month 2 Complete: My Journey into Governance, Risk & Compliance |
cybersecurity, information-security |
Yes |
Yes |
| Tue, 30 Jun 2026 18:34:40 GMT |
TuesdayTool 47: AMASS — Discovering Your Hidden Attack Surface ... |
cybersecurity, cybersecurity-tools |
Yes |
Yes |
| Tue, 30 Jun 2026 19:01:01 GMT |
What an Agent Remembers, and Cannot Forget |
cybersecurity |
Yes |
Yes |
| Tue, 30 Jun 2026 11:28:48 GMT |
IT — Quick-reference guide |
information-technology |
|
Yes |
| Tue, 30 Jun 2026 08:40:30 GMT |
Application Security & DevSecOps: Building Secure Software from C... |
application-security |
|
Yes |
| Tue, 30 Jun 2026 15:44:13 GMT |
NEVER FULLY SEEN |
vulnerability |
|
Yes |
| Tue, 30 Jun 2026 09:18:23 GMT |
5 Authorization Mistakes I Keep Finding During Manual Application... |
pentesting, application-security |
|
Yes |
| Tue, 30 Jun 2026 16:36:32 GMT |
Model Denial of Service: The Costly Loop Bug Quietly Draining LLM... |
ethical-hacking |
|
Yes |
| Tue, 30 Jun 2026 12:24:19 GMT |
Lab: Authentication bypass via encryption oracle ( Business logic... |
hacking |
|
Yes |
| Tue, 30 Jun 2026 17:00:54 GMT |
Password Reset Broken Logic |
bug-bounty, web-security |
|
Yes |
| Tue, 30 Jun 2026 15:53:54 GMT |
Simulacra: Vulnerability-Shaped Honeypots and the Blessed Relief ... |
vulnerability |
|
Yes |
| Tue, 30 Jun 2026 15:41:08 GMT |
How to Choose a VPN for Turkey: 6 Things iPhone Users Should Chec... |
security |
|
Yes |
| Tue, 30 Jun 2026 14:18:11 GMT |
ISO 27001 for Small SaaS Companies: What You Actually Need Before... |
information-security |
|
Yes |
| Tue, 30 Jun 2026 11:22:19 GMT |
You Can Work Anywhere: What That Rhetoric Actually Means for LIS ... |
information-technology |
|
Yes |
| Tue, 30 Jun 2026 11:38:36 GMT |
I let strangers run any code on the page. They still couldn’t d... |
web-security |
|
Yes |
| Tue, 30 Jun 2026 13:37:20 GMT |
TryHackMe Series #1 — Solving “Hidden Deep Into My Heart� |
penetration-testing, web-security, ethical-hacking |
|
Yes |
| Tue, 30 Jun 2026 13:37:10 GMT |
Metrodata Electronics: Dari Distributor Hardware Menuju Pelopor S... |
information-technology |
|
Yes |
| Tue, 30 Jun 2026 07:21:25 GMT |
How Hackers Exploit File Upload Vulnerabilities in Web Applicatio... |
vulnerability |
|
Yes |
| Tue, 30 Jun 2026 16:26:59 GMT |
The Phantom Price Glitch: How I Hacked ¥750,000 From a Japanese ... |
bug-bounty |
|
Yes |
| Tue, 30 Jun 2026 17:13:33 GMT |
PortSwigger Lab: SQL Injection #6 — SQL injection UNION attack,... |
web-security |
|
Yes |
| Tue, 30 Jun 2026 07:36:20 GMT |
The Psychology of Social Engineering: Why Smart People Still Clic... |
infosec |
|
Yes |
| Tue, 30 Jun 2026 16:18:55 GMT |
How I Would Learn Ethical Hacking in 2026 If I Started From Zero. |
penetration-testing, infosec, ethical-hacking |
|
Yes |
| Tue, 30 Jun 2026 10:56:13 GMT |
NTLMv2 Hash Capture sans Interaction Utilisateur |
hacking |
|
Yes |
| Tue, 30 Jun 2026 17:04:12 GMT |
Moving beyond Git — towards a new System of Record for Software... |
security |
|
Yes |
| Tue, 30 Jun 2026 14:38:47 GMT |
Prompt Injection + Missing Authentication: How I Turned an AI Tra... |
bug-bounty |
|
Yes |
| Tue, 30 Jun 2026 11:16:23 GMT |
CISSP Chapter 5 — Part 3: Protection Is Not Always Encryption. |
infosec, cyber-security-awareness |
|
Yes |
| Tue, 30 Jun 2026 16:26:33 GMT |
Reverse Engineering 101: Solving CrackMe Using Ghidra |
bug-bounty, penetration-testing |
|
Yes |
| Tue, 30 Jun 2026 08:57:07 GMT |
What the Stryker Breach Teaches us about Cloud Identity Architect... |
infosec |
|
Yes |
| Tue, 30 Jun 2026 11:31:00 GMT |
Subdomain Takeover — Claiming Forgotten Assets |
vulnerability, hacking, hackerone, subdomain-takeover |
|
Yes |
| Tue, 30 Jun 2026 11:11:25 GMT |
“Cross-Site Scripting in Practice: 5 PortSwigger Labs Broken Do... |
xss-attack |
|
Yes |
| Tue, 30 Jun 2026 15:50:52 GMT |
Locking Down Against Bad USB: Detection and Defense Strategies |
information-security |
|
Yes |
| Tue, 30 Jun 2026 14:25:21 GMT |
The Biggest Security Risk in Most Companies Doesn’t Have a CVE |
penetration-testing, information-security, ethical-hacking |
|
Yes |
| Tue, 30 Jun 2026 11:56:21 GMT |
Need to Know: Networking Layers (OSI Layers 1–7) |
information-technology |
|
Yes |
| Tue, 30 Jun 2026 13:50:46 GMT |
The Complete Web Application Penetration Testing Guide (2026) —... |
penetration-testing, information-security |
|
Yes |
| Tue, 30 Jun 2026 06:39:30 GMT |
Vulnerability Assessment vs Penetration Testing: Understanding th... |
vulnerability, vapt |
|
Yes |
| Tue, 30 Jun 2026 10:49:47 GMT |
Persistent × Nagarro: Why the Market Got the Headline Right and ... |
information-technology |
|
Yes |
| Tue, 30 Jun 2026 12:06:35 GMT |
Forget the Rubik’s Cube, Meet the McCumber Cube |
cyber-security-awareness |
|
Yes |
| Tue, 30 Jun 2026 10:15:25 GMT |
Building a VAPT Home Lab: A Hands-On Walkthrough from Initial Acc... |
vapt |
|
Yes |
| Tue, 30 Jun 2026 16:51:00 GMT |
How I Discovered a Business Logic Vulnerability That Bypassed a P... |
bug-bounty, web-security, bug-bounty-tips, hackerone, bug-bounty-writeup |
|
Yes |
| Tue, 30 Jun 2026 05:13:55 GMT |
Post auth RCE in GeoSIG seismological equipment (GMSplus) |
pentesting, pentest |
|
Yes |
| Tue, 30 Jun 2026 12:49:24 GMT |
The Impossible Challenge (THM) Tryhackme Medium Challenge |
hacking |
|
Yes |
| Tue, 30 Jun 2026 13:01:01 GMT |
How a Simple Search Bar Turns Into a Security Nightmare |
cyber-security-awareness |
|
Yes |
| Tue, 30 Jun 2026 08:06:10 GMT |
Content Security Policy’yi Sıfırdan Yazarken Yapılan Yaygın... |
web-security |
|
Yes |
| Tue, 30 Jun 2026 00:09:23 GMT |
GOAD-Light Walkthrough |
pentesting |
|
Yes |
| Tue, 30 Jun 2026 09:58:41 GMT |
I Asked a Security Researcher to Break My Embedded Device. He Did... |
hacking, pentesting |
|
Yes |
| Tue, 30 Jun 2026 10:38:20 GMT |
VAPT Series Part 2: Reconnaissance and Information Gathering — ... |
pentesting, vapt |
|
Yes |
| Tue, 30 Jun 2026 13:16:01 GMT |
The Most Valuable Company in 2040 May Look Nothing Like a Company... |
information-technology |
|
Yes |
| Tue, 30 Jun 2026 10:28:26 GMT |
From a Slow Repeater to a CVE: A Crossover Into Hardware Hacking |
hacking |
|
Yes |
| Tue, 30 Jun 2026 17:01:03 GMT |
Our buggiest update yet is here | Super Natural (v2.2) |
bugs |
|
Yes |
| Tue, 30 Jun 2026 11:17:01 GMT |
She Called Him at 3 AM |
vulnerability |
|
Yes |
| Tue, 30 Jun 2026 16:05:28 GMT |
AirDrop Quick Share Flaws: Critical Nearby Attack Risks |
hacking, infosec |
|
Yes |
| Tue, 30 Jun 2026 16:17:51 GMT |
Jobs Abroad |
security |
|
Yes |
| Tue, 30 Jun 2026 01:23:18 GMT |
Tuesday Morning Threat Report: Jun 30, 2026 |
vulnerability |
|
Yes |
| Tue, 30 Jun 2026 11:16:00 GMT |
How an Unchecked Server-Side Parameter Injection Earned a $6,500 ... |
pentesting, bug-bounty-writeup |
|
Yes |
| Tue, 30 Jun 2026 17:20:40 GMT |
Why Linux Doesn’t Have a C: Drive A Human-Friendly Guide to the... |
cyber-security-awareness |
|
Yes |
| Tue, 30 Jun 2026 14:49:54 GMT |
Server-1: Vulnerable Job Portal — Path Traversal Walkthrough (5... |
bug-bounty |
|
Yes |
| Tue, 30 Jun 2026 12:19:57 GMT |
Blind OS Command Injection with Time Delays |
web-security, application-security |
|
Yes |
| Tue, 30 Jun 2026 13:11:34 GMT |
RootMe — TryHackMe Write-Up |
penetration-testing, infosec |
|
Yes |
| Tue, 30 Jun 2026 16:34:19 GMT |
four months later |
information-technology |
|
Yes |
| Tue, 30 Jun 2026 12:35:55 GMT |
00`CyberRKSha |
information-security |
|
Yes |
| Tue, 30 Jun 2026 12:15:47 GMT |
AI Agent Security Best Practices: Building Secure Autonomous Syst... |
cyber-security-awareness |
|
Yes |
| Tue, 30 Jun 2026 15:01:11 GMT |
“I Will Start Dating Again Once I’ve Healed� |
vulnerability |
|
Yes |
| Tue, 30 Jun 2026 08:05:16 GMT |
??? |
vulnerability |
|
Yes |
| Tue, 30 Jun 2026 17:08:36 GMT |
Mastering Living off the Land (LotL): Advanced File Transfer Tech... |
penetration-testing, infosec, ethical-hacking |
|
Yes |
| Tue, 30 Jun 2026 16:12:43 GMT |
I Asked My Mentor to Show Me Real Hacking. |
bug-bounty, infosec, ethical-hacking |
|
Yes |
| Tue, 30 Jun 2026 10:18:13 GMT |
Vulnerability Assessment vs Penetration Testing: Why the Differen... |
pentesting, vapt |
|
Yes |
| Tue, 30 Jun 2026 14:38:18 GMT |
I Found an Unauthenticated File Disclosure Bug in a WordPress Plu... |
hacking, bugbounty-writeup |
|
Yes |
| Tue, 30 Jun 2026 15:36:35 GMT |
Sensors, Not Servers: The Real Attack Surface of Modern Vehicles |
hacking |
|
Yes |
| Tue, 30 Jun 2026 16:26:44 GMT |
Why Some Emotions trust a blank paper more than a person |
vulnerability |
|
Yes |
| Tue, 30 Jun 2026 15:17:56 GMT |
Quishing |
cyber-security-awareness |
|
Yes |
| Tue, 30 Jun 2026 15:40:48 GMT |
The Real Reasons Bug Bounty Reports Get Rejected |
bug-bounty, bug-bounty-tips, bug-bounty-writeup |
|
Yes |
| Tue, 30 Jun 2026 12:11:15 GMT |
El toro de Wall Street ya está en WhiteBIT |
bounty-program |
|
Yes |
| Tue, 30 Jun 2026 08:21:00 GMT |
I Could Only Create Low-Privileged Users — Until One API Let Me... |
pentesting, vapt |
|
Yes |
| Tue, 30 Jun 2026 10:48:47 GMT |
Closing the Supplier Security Gap: How a US Manufacturer Cut Thir... |
cyber-security-awareness |
|
Yes |
| Tue, 30 Jun 2026 16:19:44 GMT |
I built a free CLI that catches the security holes your AI leaves... |
security |
|
Yes |
| Tue, 30 Jun 2026 13:01:01 GMT |
CVE-2026–10691: How a Sneaky Regex Bug Could Crash Your AI Desk... |
cve |
|
Yes |
| Tue, 30 Jun 2026 16:49:26 GMT |
Salesforce’s New Passkey Requirement (2026 Guide for Admins & D... |
cyber-security-awareness |
|
Yes |
| Tue, 30 Jun 2026 17:14:33 GMT |
Intigriti June 2026 Bonus Challenge — LeakyJar Writeup |
bug-bounty, penetration-testing, ethical-hacking |
|
Yes |
| Tue, 30 Jun 2026 15:47:03 GMT |
Keep Your Home Safe During Summer Vacation |
security |
|
Yes |
| Tue, 30 Jun 2026 13:53:21 GMT |
How I Built an Ecommerce Sales Dashboard Using MySQL and Power BI |
information-technology |
|
Yes |
| Tue, 30 Jun 2026 00:09:08 GMT |
Intigriti June Bonus Challenge 2026 — Leaky Jar Write-up |
bug-bounty-writeup |
|
Yes |
| Tue, 30 Jun 2026 11:00:35 GMT |
The Warning Signs of Cyberbullying Most Schools Miss |
cyber-security-awareness |
|
Yes |
| Tue, 30 Jun 2026 13:04:50 GMT |
The Reconnaissance Checklist I Wish I Learned Earlier |
ethical-hacking |
|
Yes |
| Tue, 30 Jun 2026 15:55:34 GMT |
Corridor CTF Walkthrough (TryHackMe) |
web-security |
|
Yes |
| Tue, 30 Jun 2026 13:06:32 GMT |
Penetration Testing Frameworks |
pentesting, information-security |
|
Yes |
| Tue, 30 Jun 2026 13:22:59 GMT |
Inside a Telecom VAPT Engagement: What Actually Gets Tested |
vapt |
|
Yes |
| Tue, 30 Jun 2026 16:52:30 GMT |
# A 4-Line HTML File Stole the Admin’s Secret — Intigriti Lea... |
bug-bounty, web-security, ethical-hacking |
|
Yes |
| Tue, 30 Jun 2026 10:41:00 GMT |
Network Penetration Testing — Breaking Into the Infrastructure ... |
vapt |
|
Yes |
| Tue, 30 Jun 2026 10:13:24 GMT |
From URL Preview to Full Cloud Takeover: Deep Dive into Advanced ... |
infosec |
|
Yes |
| Tue, 30 Jun 2026 09:45:39 GMT |
NERD |
cybersecurity-tools |
|
Yes |
| Tue, 30 Jun 2026 06:17:16 GMT |
DevSecOps Security Testing UAE: Secure CI/CD, APIs, Cloud and App... |
application-security |
|
Yes |
| Tue, 30 Jun 2026 12:10:16 GMT |
Seedance 2.5 Isn’t Just Another AI Video Update |
information-technology |
|
Yes |
| Tue, 30 Jun 2026 15:41:10 GMT |
OverTheWire Bandit Walkthrough — Level 26 → 27 | 30-Day Cybe... |
security, information-security |
|
Yes |
| Tue, 30 Jun 2026 16:57:42 GMT |
Security Belongs on the Blueprint |
security |
|
Yes |
| Tue, 30 Jun 2026 16:01:58 GMT |
My agent kept reading data it wasn’t allowed to. The prompt was... |
security |
|
Yes |
| Fri, 26 Jun 2026 17:06:53 GMT |
TryHackMe Penetration Testing Frameworks (versão em português) |
pentest |
|
|
| Sun, 14 Jun 2026 12:09:22 GMT |
How a Simple Google Dork Earned Me My First Bounty from Bugcrowdâ... |
bugcrowd |
|
|
| Mon, 22 Jun 2026 19:36:13 GMT |
# Chaining Subdomain Takeovers with CORS Misconfigurations for Se... |
hackerone |
|
|
| Sat, 04 Apr 2026 09:10:35 GMT |
We’ve messed up, a lot. Here’s Why Scribble Still Exists to c... |
bounties |
|
|
| Mon, 29 Jun 2026 16:27:37 GMT |
Well, That Escalated Quickly… |
bugs |
|
|
| Mon, 15 Jun 2026 03:18:06 GMT |
How I Escalated Privileges in a File-Sharing Platform by Changing... |
bugcrowd |
|
|
| Tue, 18 Nov 2025 18:12:40 GMT |
Dork Labs Awarded AWS Activate Startup Grant |
dorks |
|
|
| Sat, 25 Oct 2025 12:23:25 GMT |
How to find leaks on GitHub as a beginner. Logic is main key |
github-dorking |
|
|
| Tue, 23 Jun 2026 07:06:16 GMT |
Bug Bounty Recon Mastery →Advanced Reconnaissance and Attack Su... |
subdomain-enumeration |
|
|
| Fri, 17 Apr 2026 19:01:54 GMT |
The Ultimate Guide to Wayback Machine Dorking for Deleted Leaks |
dorking |
|
|
| Thu, 25 Jun 2026 11:41:22 GMT |
BOLA(Broken Object Level Authorization) |
idor |
|
|
| Tue, 09 Jun 2026 07:00:48 GMT |
Costa Rica Beaches: Which Ones Are Worth the Drive |
directory-listing |
|
|
| Thu, 04 Jun 2026 06:54:59 GMT |
OpenRouter’dan Api Key Nasıl Alabiliriz (2026) |
api-key |
|
|
| Wed, 20 May 2026 20:47:25 GMT |
FINDING INFORMATION QUICKLY AND ACCURATELY WITH GOOGLE DORK |
google-dorking, google-dork, github-dorking |
|
|
| Wed, 17 Jun 2026 16:57:29 GMT |
Unauthenticated IDOR on NASA’s GitLab Instance — From Recon t... |
bugcrowd |
|
|
| Thu, 02 Oct 2025 06:59:46 GMT |
Endless Cashback Glitch:How I Unlocked Unlimited Free Orders with... |
bug-bounty-program |
|
|
| Fri, 05 Jun 2026 04:49:28 GMT |
Price Manipulation in Payment Gateway / Shopping Cart |
vdp |
|
|
| Mon, 29 Jun 2026 03:20:06 GMT |
CVE-2026–50521 | Microsoft Edge (Chromium-based) Remote Code E... |
remote-code-execution |
|
|
| Sat, 27 Jun 2026 11:31:01 GMT |
Authentication Bypass Tricks |
bug-bounty-tips, hackerone |
|
|
| Thu, 14 May 2026 15:38:47 GMT |
NGINX Rift (CVE-2026-42945): The Bug That’s Been Hiding Since 2... |
remote-code-execution |
|
|
| Wed, 17 Dec 2025 09:57:30 GMT |
The Mother Lode: Hacking with GitHub Dorking |
github-dorking |
|
|
| Sun, 28 Jun 2026 10:28:00 GMT |
Understanding Timing Vulnerabilities: A Real Bug Hunting Experien... |
security-research |
|
|
| Mon, 13 Apr 2026 03:31:01 GMT |
Google Dorks Google Ko Bana Do Apna Hacking Tool: Free Mein Bugs ... |
google-dork, github-dorking |
|
|
| Mon, 27 Jan 2025 16:51:28 GMT |
The man who suffered 11 years in hell for freedom has now been fr... |
web-pentest |
|
|
| Tue, 14 Apr 2026 13:07:05 GMT |
My “Gemini� Is Named Mike |
dorks |
|
|
| Fri, 26 Jun 2026 06:46:44 GMT |
How Google Dorking Can Streamline Your SEO Research Process |
google-dorking |
|
|
| Thu, 18 Jun 2026 15:55:40 GMT |
Writeup — Exploiting XXE to Perform SSRF Attacks |
ssrf |
|
|
| Sat, 27 Jun 2026 03:05:54 GMT |
PortSwigger : Reflected XSS into a JavaScript String with Angle B... |
cross-site-scripting |
|
|
| Thu, 19 Feb 2026 12:53:45 GMT |
Lab: Web cache poisoning via HTTP/2 request tunnelling | Portswi... |
web-cache-poisoning |
|
|
| Fri, 19 Sep 2025 07:40:16 GMT |
How I Tracked Our Clients’ Device Versions Without Direct Repor... |
zoomeye |
|
|
| Tue, 23 Jun 2026 11:42:13 GMT |
Where Are You Storing Your API Keys? (And Why Slack Isn’t It) |
api-key |
|
|
| Fri, 01 May 2026 09:40:56 GMT |
Excessive Data Exposure Leading to Unauthorized Access to Paid Fe... |
vulnerability-disclosure |
|
|
| Wed, 22 Oct 2025 14:11:32 GMT |
Mastering Subdomain Enumeration: A Beginner’s Guide to Expandin... |
subdomain-enumeration |
|
|
| Wed, 17 Jun 2026 07:53:43 GMT |
Operation Liwanag: The Same Map a Chinese Intelligence Asset Drew... |
shodan, censys |
|
|
| Tue, 19 May 2026 14:13:53 GMT |
Guildford to Box Hill |
dorking |
|
|
| Tue, 23 Jun 2026 15:16:00 GMT |
I Found Google’s Blind Spot. They Called It “Not a Vulnerabil... |
information-disclosure |
|
|
| Wed, 10 Jun 2026 19:17:14 GMT |
TuesdayTool 46: InfoSec Suite: Turning Claude Code into an Autono... |
cybersecurity-tools |
|
|
| Sat, 20 Jun 2026 14:51:32 GMT |
Building DropWire: local file transfer from a browser, no account... |
file-upload |
|
|
| Fri, 19 Jun 2026 17:40:08 GMT |
How to Get a Private Bug Bounty Invite on HackerOne — Without S... |
hackerone, bugcrowd |
|
|
| Sun, 28 Jun 2026 21:37:46 GMT |
السلام عليكم |
bugs, bug-bounty-writeup |
|
|
| Sun, 28 Jun 2026 17:44:39 GMT |
RCE via Gemini Live AI Voice Session Misconfiguration. |
bugbounty-writeup, rce |
|
|
| Thu, 11 Jun 2026 04:44:15 GMT |
AtDork dorking tools |
google-dork |
|
|
| Sat, 20 Jun 2026 07:25:20 GMT |
PortSwigger: Information Disclosure ( on debug page) |
information-disclosure |
|
|
| Sun, 15 Feb 2026 09:26:13 GMT |
TryHackMe Walkthrough -Subdomain Enumeration |
subdomain-enumeration |
|
|
| Sun, 21 Jun 2026 00:32:02 GMT |
Insecure Direct Object Reference (IDOR) — TryHackMe IDOR Room |
idor |
|
|
| Sun, 21 Jun 2026 00:45:05 GMT |
Atdork |
google-dorking, google-dork |
|
|
| Mon, 04 May 2026 23:53:49 GMT |
Break The Syntax CTF — Web Challenge 2 Writeup |
lfi |
|
|
| Mon, 29 Jun 2026 06:09:38 GMT |
It’s a Trap: Defeating Android Native Library Hijacking |
application-security |
|
|
| Fri, 26 Jun 2026 17:09:50 GMT |
How to Upload Files in Chunks with FilePond and Laravel | Mindwa... |
file-upload |
|
|
| Thu, 25 Jun 2026 07:51:30 GMT |
Meet CVE.Tools: The Missing Interface for CVEs |
cve |
|
|
| Mon, 29 Jun 2026 14:10:33 GMT |
Bypassing Enterprise SSO via a Forgotten Source Map: A Bug Bounty... |
bugs, bug-bounty-writeup |
|
|
| Tue, 10 Feb 2026 23:04:46 GMT |
Effective Dorking Tools |
dorking |
|
|
| Wed, 10 Jun 2026 08:19:20 GMT |
How I Dealt with an Exposed API Key on GitHub |
api-key |
|
|
| Thu, 25 Jun 2026 15:31:16 GMT |
Lab 4#: Exploiting a mass assignment vulnerability |
bug-bounty-tips |
|
|
| Thu, 25 Jun 2026 22:08:54 GMT |
PortSwigger : DOM XSS in jQuery Selector Sink Using a Hashchange ... |
cross-site-scripting |
|
|
| Sun, 26 Apr 2026 16:31:24 GMT |
��♂� How I Find Critical Data Leaks Using Just Google Sea... |
google-dork |
|
|
| Sat, 06 Jun 2026 16:15:29 GMT |
Complete Guide: Network Reconnaissance and Exploiting MS17–010 ... |
exploit |
|
|
| Mon, 22 Jun 2026 23:28:22 GMT |
Broken Access Control in an API Allowed Unauthorized Access to Us... |
idor |
|
|
| Fri, 17 Apr 2026 04:53:23 GMT |
How I Found an Exposed Google Maps API Key on a Global Brand’s ... |
vdp |
|
|
| Wed, 16 Jul 2025 12:07:42 GMT |
Hackers Love This 1979 Protocol (Because It Can’t Defend Itself... |
censys |
|
|
| Wed, 29 Apr 2026 14:14:58 GMT |
Part 2Â : Cross-Site Scripting (XSS) |
xss-bypass |
|
|
| Mon, 22 Jun 2026 11:30:28 GMT |
Anatomy of a Full Compromise: From Information Disclosure to Remo... |
remote-code-execution |
|
|
| Sun, 28 Jun 2026 11:11:00 GMT |
How a Flawed CORS Policy on an API Gateway Led to a $13,000 Priva... |
bug-bounty-writeup |
|
|
| Sat, 13 Jun 2026 20:31:30 GMT |
I Found a Vulnerability on a Government Web Portal. Here’s What... |
information-disclosure |
|
|
| Fri, 26 Jun 2026 06:25:44 GMT |
Costa Rica Canopy Tours: Choosing Experiences That Match Your Com... |
directory-listing |
|
|
| Fri, 19 Jun 2026 01:45:58 GMT |
How I Found a Server-Side Entitlement Issue That Allowed Free Use... |
hackerone |
|
|
| Wed, 24 Jun 2026 19:59:01 GMT |
From an Informational Finding to a Valuable Lesson: My IDOR Disco... |
bugcrowd, idor |
|
|
| Tue, 23 Jun 2026 10:14:49 GMT |
DOM-Based XSS via Controllable JSONP Data Source |
bugbounty-writeup |
|
|
| Tue, 02 Jun 2026 08:35:29 GMT |
Lab: Authentication bypass via information disclosure |
information-disclosure |
|
|
| Thu, 09 Apr 2026 17:39:27 GMT |
From 401 to BAC: How a Refresh Broke Workspace Authorization |
vulnerability-disclosure |
|
|
| Thu, 11 Jun 2026 05:41:48 GMT |
Shodan: The Search Engine Hackers Don’t Want You to Know About |
shodan |
|
|
| Sun, 28 Jun 2026 13:54:38 GMT |
The Most Expensive Line of Code Is the One That Compiles |
bugs |
|
|
| Sun, 28 Jun 2026 02:18:34 GMT |
# Stored Credential Theft via Malicious Shared Connector Leading ... |
hackerone |
|
|
| Sat, 27 Jun 2026 17:47:55 GMT |
How a Single Google Dork Exposed 17 WordPress Users — and What ... |
bug-bounty-tips |
|
|
| Mon, 29 Jun 2026 00:27:49 GMT |
A Dropdown Value Is Still User Input: SQL Injection in WooCommerc... |
bug-bounty-writeup, cve |
|
|
| Mon, 29 Jun 2026 08:56:42 GMT |
Public PoC Released for Critical libssh2 Flaw That Could Enable R... |
rce |
|
|
| Sat, 09 May 2026 02:26:22 GMT |
How I Discovered a Reflected XSS Vulnerability on a Major German ... |
xss-bypass |
|
|
| Mon, 27 Apr 2026 07:12:30 GMT |
One Weird Query String That Let Anyone Hijack Any Account in Roc... |
bounties |
|
|
| Mon, 13 Apr 2026 22:31:01 GMT |
The Cost of Trusting My Own Fingers |
bounties |
|
|
| Thu, 18 Jun 2026 11:31:01 GMT |
Broken Access Control — 2026’s #1 Bug |
bugcrowd |
|
|
| Wed, 11 Feb 2026 21:37:40 GMT |
From Course Notes to CVE: How a GXPN Study Session Uncovered a 40... |
vulnerability-disclosure |
|
|
| Sun, 21 Jun 2026 18:54:02 GMT |
From Hydra to RCE: Breaking Down TryHackMe’s Support Machine |
web-pentest |
|
|
| Wed, 10 Jun 2026 02:01:02 GMT |
CVE-2026–48778 分�:Notepad++�洞�許攻擊者執行任... |
rce |
|
|
| Fri, 17 Apr 2026 15:39:41 GMT |
Bug Bounty 2026: Why the “End of the World� is Actually a $50... |
bounties |
|
|
| Thu, 09 Apr 2026 15:25:42 GMT |
The Real AI Concern Is Not Art or Jobs, It Is Cybersecurity |
cyber-sec |
|
|
| Tue, 23 Jun 2026 12:08:49 GMT |
My First Valid Bug Bounty Report: One JS Scan, One Hidden API Key... |
bugbounty-writeup |
|
|
| Wed, 06 May 2026 11:36:01 GMT |
Google Dorking |
google-dorking, dorking |
|
|
| Mon, 29 Jun 2026 17:57:27 GMT |
Pentest on Port 25 |
pentest |
|
|
| Wed, 10 Jun 2026 19:48:50 GMT |
Visita inesperada. |
recon |
|
|
| Fri, 12 Jun 2026 12:39:46 GMT |
[Nvidia AI API] Nvidia �費AI API 申請 |
api-key |
|
|
| Tue, 23 Jun 2026 17:44:04 GMT |
Still Doing Recon Manually? You’re Wasting Time — Recon Smart... |
bug-bounty-hunter |
|
|
| Sat, 13 Jun 2026 11:31:00 GMT |
Reflected XSS Made Stupidly Simple |
bugcrowd |
|
|
| Wed, 17 Jun 2026 19:02:16 GMT |
TryHackMe Lo-Fi Writeup |
lfi |
|
|
| Wed, 11 Mar 2026 08:12:14 GMT |
The Bug Bounty Hunter Roadmap (2026): From Curious Beginner to Re... |
bug-bounty-hunting |
|
|
| Mon, 29 Jun 2026 18:05:45 GMT |
TryHackMe Passive Reconnaissance (versão em português) |
pentest |
|
|
| Mon, 22 Jun 2026 20:01:51 GMT |
TryHackMe Cyber Kill Chain (versão em português) |
pentest |
|
|
| Fri, 19 Jun 2026 18:00:09 GMT |
Atacar para defender |
pentest |
|
|
| Mon, 29 Jun 2026 23:19:13 GMT |
From Deep Link to Shell: Easy $3000 Android Crits. |
hackerone, rce |
|
|
| Sun, 24 Aug 2025 20:18:55 GMT |
How I found an Account Lockout Vulnerability Without Any Tools |
bug-bounty-program |
|
|
| Tue, 16 Jun 2026 15:54:37 GMT |
READING The JavaScript Gave Me a Cross-Tenant Write + SSRF |
ssrf |
|
|
| Thu, 28 May 2026 07:15:06 GMT |
¡Únete y hazte con uno de los más de 400 premios! |
bounty-program |
|
|
| Fri, 12 Jun 2026 21:45:49 GMT |
TryHackMe Walkthrough: Support |
local-file-inclusion |
|
|
| Sat, 27 Jun 2026 10:57:52 GMT |
DVWA SQL Injection(Blind) |
cve |
|
|
| Sun, 19 Apr 2026 15:57:12 GMT |
XSS Bypass urlparse filter evasion in Python |
xss-bypass |
|
|
| Mon, 04 May 2026 14:48:00 GMT |
I Found 150+ Vulnerabilities in DeFi Protocols. Here’s Why I C... |
bounties |
|
|
| Sun, 24 May 2026 17:16:28 GMT |
A Secret Key in Plain Sight: How I Earned My First $200 Finding a... |
api-key |
|
|
| Fri, 12 Jun 2026 12:24:10 GMT |
Watcher (THM) Tryhackme Medium Challenge |
local-file-inclusion |
|
|
| Wed, 19 Nov 2025 19:44:02 GMT |
The Pulse of Liquidity: How DorkFi’s Interest Rates Adapt in Re... |
dorks |
|
|
| Sun, 21 Jun 2026 14:43:25 GMT |
TryHackMe Guided Pentest: Infrastructure (versão em português) |
pentest |
|
|
| Sun, 31 May 2026 06:49:51 GMT |
Subdomain Takeover: The Silent Killer of Web Security — Tryhack... |
subdomain-takeover |
|
|
| Fri, 08 May 2026 09:52:18 GMT |
When Bug Bounty Hunting Hit Me Back: How Losing $500 Led Me to a ... |
web-cache-poisoning |
|
|
| Fri, 06 Feb 2026 06:33:08 GMT |
5 Ways to Bypass Email Verification Without Using Any Tool |
bug-bounty-program |
|
|
| Tue, 28 Apr 2026 11:47:05 GMT |
What Tools Do Cyber Security Experts Actually Use Every Day? (And... |
cybersecurity-tools |
|
|
| Thu, 20 Nov 2025 09:45:04 GMT |
Timber Doors in Surrey: Style, Durability, and Value Explained |
dorking |
|
|
| Sun, 15 Mar 2026 16:45:35 GMT |
Web Security Series #4 — Discovering Unauthorized Resources via... |
bug-bounty-hunting |
|
|
| Sat, 20 Apr 2024 17:20:58 GMT |
TryHackMe — Brute Walkthrough | TheHiker |
log-poisoning |
|
|
| Wed, 10 Jun 2026 11:31:00 GMT |
Recon Is Everything — Where Real Bugs Actually Hide |
recon |
|
|
| Wed, 20 May 2026 11:18:33 GMT |
Me Before Digiss vs Me Now in Digiss: How My Cybersecurity Learni... |
cyber-sec |
|
|
| Sun, 12 Apr 2026 10:48:18 GMT |
Ubah Keterampilan Anda Menjadi ALPH: Panduan Hadiah Alphland |
bounty-program |
|
|
| Sun, 23 Feb 2025 11:17:25 GMT |
$1000-$10k worth Leaks via Github Secret Dorks |
github-dorking |
|
|
| Wed, 06 May 2026 11:30:53 GMT |
How Local Business Directory Listing Helps Attract Local Customer... |
directory-listing |
|
|
| Thu, 25 Jun 2026 11:02:53 GMT |
XSS The $5k Bug That Runs Code in Their Browser |
xss-attack |
|
|
| Fri, 12 Jun 2026 11:04:39 GMT |
Why Your Subdomain Takeover Reports Keep Getting Closed as N/A (A... |
bugcrowd, subdomain-takeover |
|
|
| Mon, 25 May 2026 09:49:05 GMT |
Guided Pentest: Web | TryHackMe |
remote-code-execution |
|
|
| Fri, 19 Jun 2026 10:41:20 GMT |
My Cybersecurity Learning Journey at TECHRISE (LEARN FACTORY) |
cybersecurity-tools |
|
|
| Fri, 12 Jun 2026 17:55:13 GMT |
SSRF Prevention: How You Actually Close This Off |
ssrf |
|
|
| Thu, 18 Jun 2026 15:00:04 GMT |
Bore-dom, IP Pools, and a Nation’s Water Control: How I Breache... |
cyber-sec |
|
|
| Tue, 16 Jun 2026 11:22:14 GMT |
Review AtDork: Tool Dorking Python Terbaik 2026? |
dorking |
|
|
| Wed, 25 Feb 2026 01:47:45 GMT |
How I Found a Path Traversal in the Rancher Dashboard via HAR Rep... |
web-pentest |
|
|
| Fri, 17 Apr 2026 16:11:01 GMT |
Mirage (LFI) WebVerse |
lfi |
|
|
| Fri, 28 Jun 2024 14:51:14 GMT |
X-Forwarded HTTP header-ləri : Qısa izah |
log-poisoning |
|
|
| Thu, 14 Aug 2025 10:54:38 GMT |
Unlocking the Hidden Power of Search Engines |
censys |
|
|
| Fri, 29 May 2026 17:22:37 GMT |
Cracking SameSite for a $2,000 Web Cache Deception |
web-cache-poisoning |
|
|
| Tue, 16 Jun 2026 13:11:38 GMT |
Build an IDOR Vulnerability Lab: Why WHERE Clauses Don’t Protec... |
idor |
|
|
| Tue, 16 Jun 2026 02:05:28 GMT |
How to Find More Subdomains Than Everyone Else |
recon |
|
|
| Tue, 23 Jun 2026 20:10:54 GMT |
CVE-2026–42530: Critical Integer Overflow in NGINX HTTP/3 Opens... |
rce |
|
|
| Sun, 24 May 2026 15:03:53 GMT |
Support | TryHackMe | Walkthrough |
local-file-inclusion |
|
|
| Sat, 18 Apr 2026 05:07:38 GMT |
We’re About to Stop Trusting What We See Online — And AI Is t... |
cyber-sec |
|
|
| Sat, 30 May 2026 18:19:20 GMT |
Admin Dashboard Accessible Without Authentication |
vulnerability-disclosure |
|
|
| Mon, 11 Dec 2023 18:17:01 GMT |
Exploiting a Log Poisoning. |
log-poisoning |
|
|
| Tue, 23 Jun 2026 14:32:52 GMT |
Authentication Bypass & Information Disclosure in a Fortune 500 C... |
vdp |
|
|
| Tue, 21 Apr 2026 13:33:52 GMT |
Kioptrix: 2014 — VulnHub Walkthrough pChart LFI + PhpTax RCE to... |
lfi |
|
|
| Tue, 16 Jun 2026 13:09:40 GMT |
File Delivery 101 for Faster CDN Downloads at Scale |
file-upload |
|
|
| Fri, 19 Jun 2026 07:59:45 GMT |
Still in the DOM: My Fourth XSS Lab on PortSwigger |
xss-vulnerability |
|
|
| Thu, 16 Apr 2026 11:14:18 GMT |
Finance in Nigeria Just Moved to WhatsApp |
bounty-program |
|
|
| Tue, 21 Apr 2026 14:42:50 GMT |
Web Security Series # 16— Exploiting Local File Inclusion (LFI) |
file-inclusion |
|
|
| Wed, 17 Jun 2026 18:22:29 GMT |
Why 90% of Bug Bounty Hunters Fail in Their First 3 Months (And H... |
bug-bounty-hunter, recon |
|
|
| Fri, 26 Jun 2026 12:31:18 GMT |
Reconnaissance & Information Gathering: The Foundation of Every V... |
vapt |
|
|
| Thu, 04 Jun 2026 11:54:28 GMT |
Vulnerability Management: Identifying and Fixing Security Weaknes... |
vulnerability-scanning |
|
|
| Fri, 19 Jun 2026 07:03:40 GMT |
InvoiceHub CTF:HIVE CONSULT |
information-disclosure |
|
|
| Wed, 03 Jun 2026 14:55:44 GMT |
Recruit | TryHackMe | Walkthrough |
local-file-inclusion |
|
|
| Fri, 13 Mar 2026 14:55:26 GMT |
Web Security Series #2 — Bypassing Authentication via MFA Tampe... |
bug-bounty-hunting |
|
|
| Mon, 18 May 2026 14:37:14 GMT |
File Inclusion - Challenge Part | TryHackMe Walkthrough |
file-inclusion |
|
|
| Sat, 25 Apr 2026 14:46:05 GMT |
File Inclusion— Skills Assesment (HTB) |
file-inclusion |
|
|
| Sat, 09 May 2026 10:01:40 GMT |
Shodan.io | TryHackMe |
shodan |
|
|
| Tue, 15 Jul 2025 12:15:58 GMT |
“Secure� OPC UA Setups Are Being Hacked — Here’s Why |
censys |
|
|
| Thu, 25 Jun 2026 22:23:14 GMT |
PortSwigger : Reflected XSS into Attribute with Angle Brackets HT... |
cross-site-scripting |
|
|
| Thu, 11 Jun 2026 05:26:16 GMT |
START HERE, MANIFESTO |
dorks |
|
|
| Mon, 17 Nov 2025 23:45:18 GMT |
DorkFi: The Triumph of a Team You Can Trust |
dorks |
|
|
| Sat, 20 Jun 2026 06:11:01 GMT |
From Zero to Security Researcher: How I Found a Critical IDOR Vul... |
security-research |
|
|
| Thu, 11 Jun 2026 04:45:57 GMT |
Discover printers during an internal penetration testing engageme... |
recon |
|
|
| Sun, 17 May 2026 02:56:19 GMT |
The 3 Bug Hunting Habits That Made Me Go From $0 to $5k (And None... |
bug-bounty-program |
|
|
| Fri, 26 Jun 2026 20:18:00 GMT |
Chrome 149 Critical Update: RCE Flaws Require Immediate Patching |
rce |
|
|
| Sun, 14 Jun 2026 22:00:33 GMT |
La sémantique de l’esquive : Analyse lexicologique du discours... |
lfi |
|
|
| Sat, 20 Dec 2025 18:21:40 GMT |
N0aziXss SubSpectre: Advanced Subdomain Discovery with Intelligen... |
subdomain-enumeration |
|
|
| Mon, 22 Jun 2026 18:06:14 GMT |
Next-Generation Bug Hunting with Burp MCP and Cursor AI |
security-research |
|
|
| Tue, 16 Jun 2026 16:56:08 GMT |
How Parameter Tampering Exposed 4,700 Agents and Tons of PII |
information-disclosure, xss-vulnerability |
|
|
| Mon, 22 Jun 2026 07:48:39 GMT |
Still Confused by Amass or Can’t Understand Its Results, This I... |
recon |
|
|
| Wed, 24 Jun 2026 11:31:00 GMT |
CSRF Explained Like You’re Five |
hackerone, bugcrowd |
|
|
| Wed, 24 Jun 2026 19:12:15 GMT |
The Invisible Threats: Why Logic Flaws Are Your Biggest Blind Spo... |
vulnerability-scanning |
|
|
| Tue, 16 Jun 2026 16:16:56 GMT |
How to Find IDOR Vulnerabilities in a Laravel App |
idor |
|
|
| Sat, 14 Mar 2026 18:06:12 GMT |
Web Security Series #3 — Discovering Credentials Using Cluster ... |
bug-bounty-hunting |
|
|
| Wed, 17 Jun 2026 11:30:30 GMT |
A walk-through of a High-severity cross-company account-takeover ... |
idor |
|
|
| Sun, 28 Jun 2026 15:54:47 GMT |
Why alert(1) Isn't Enough to Prove XSS Anymore |
xss-attack |
|
|
| Mon, 22 Jun 2026 01:55:36 GMT |
PortSwigger : Stored XSS into Anchor href Attribute with Double Q... |
cross-site-scripting |
|
|
| Sun, 17 May 2026 15:50:44 GMT |
Web Cache Poisoning |
web-cache-poisoning |
|
|
| Sat, 06 Jun 2026 02:38:40 GMT |
How To Increase the Maximum File Upload Size in WordPress (Step-b... |
file-upload |
|
|
| Sat, 27 Jun 2026 17:01:35 GMT |
When Missing Rate Limiting Leads to a Critical Authentication Fin... |
bug-bounty-tips, bug-bounty-hunter |
|
|
| Fri, 05 Jun 2026 18:20:04 GMT |
CVE-2026-11332: How I found an Argument Injection in Ansible, lea... |
remote-code-execution |
|
|
| Tue, 05 May 2026 22:10:53 GMT |
LFI Prevention: How to Actually Fix File Inclusion Vulnerabilitie... |
local-file-inclusion |
|
|
| Sat, 20 Jun 2026 07:49:44 GMT |
From GraphQL Introspection to Critical Data Exposure: Discovering... |
security-research |
|
|
| Fri, 01 Aug 2025 06:17:06 GMT |
15,000 Critical Systems Are Exposed — Thanks to This Outdat... |
censys |
|
|
| Mon, 22 Jun 2026 15:59:24 GMT |
Breaking Out of a JavaScript String: My Ninth XSS Lab on PortSwig... |
xss-attack |
|
|
| Wed, 18 Feb 2026 21:56:48 GMT |
Chapter 14: Subdomain Takeover |
subdomain-takeover |
|
|
| Sun, 14 Jun 2026 13:21:02 GMT |
Subdomain Enumeration: A Core Technique Every Bug Hunter Must Mas... |
subdomain-enumeration, recon |
|
|
| Mon, 29 Jun 2026 08:49:54 GMT |
Why Choosing the Right Cyber Security Company in Hyderabad Matter... |
application-security |
|
|
| Mon, 25 May 2026 09:26:41 GMT |
Web Önbelleği Zehirlenmesi |
web-cache-poisoning |
|
|
| Thu, 13 Mar 2025 18:09:56 GMT |
How I Found Sensitive Information using Github Dorks in Bug Bount... |
github-dorking |
|
|
| Tue, 24 Mar 2026 17:48:00 GMT |
The Ultimate Bug Bounty Course: From Zero to Advanced Hacker 1 |
bug-bounty-hunting |
|
|
| Mon, 08 Jun 2026 09:48:02 GMT |
XSS WAF Bypass: The Ultimate Deep Dive |
xss-vulnerability, xss-bypass |
|
|
| Wed, 13 May 2026 07:37:16 GMT |
How to Find Subdomains Using Shodan and the Favicon Hash Trick |
subdomain-enumeration, shodan |
|
|
| Fri, 26 Jun 2026 17:34:18 GMT |
The Ultimate Guide to Embroidery Machine File Formats |
file-upload |
|
|
| Sat, 27 Jun 2026 19:44:05 GMT |
Stealing the Keys to the Agentic Cloud: Critical Authorization Fl... |
cve |
|
|
| Fri, 11 Jul 2025 16:20:24 GMT |
PC WORX: The Hidden Risk in Your Industrial Network |
censys |
|
|
| Wed, 24 Jun 2026 11:59:51 GMT |
I Made OpenID Connect Stop Checking Signatures (And Got Paid €0... |
bugbounty-writeup |
|
|
| Wed, 18 Mar 2026 10:03:26 GMT |
Web Security Series #7 — Exploiting Blind SQL Injection via Ses... |
bug-bounty-hunting |
|
|
| Mon, 13 Apr 2026 06:37:51 GMT |
File Inclusion on DVWA |
file-inclusion |
|
|
| Fri, 26 Jun 2026 19:52:32 GMT |
When 65,536 HTTP Headers Become Zero |
security-research |
|
|
| Fri, 26 Jun 2026 20:19:37 GMT |
Real Recon Starts Before the First Packet Hits the Target |
bug-bounty-tips |
|
|
| Wed, 05 Nov 2025 12:42:46 GMT |
How I Hacked Bank’s Admin Portal |
vdp |
|
|
| Tue, 17 Mar 2026 09:18:53 GMT |
Web Security Series #6 — Exploiting SQL Injection to Extract Se... |
bug-bounty-hunting |
|
|
| Tue, 14 Apr 2026 17:24:57 GMT |
PAM Cleanup in Practice: Discovery, Risk Triage and Lifecycle Gov... |
cyber-sec |
|
|
| Wed, 24 Jun 2026 13:16:22 GMT |
innerHTML vs textContent: The Difference That Could Get Your User... |
xss-attack |
|
|
| Tue, 16 Jun 2026 13:11:36 GMT |
Understanding Web Cache Poisoning via Unkeyed Headers: A PortSwig... |
web-cache-poisoning |
|
|
| Sun, 31 May 2026 04:19:43 GMT |
Vigolium: The Open Source Vulnerability Scanner Bringing AI Power... |
vulnerability-scanning |
|
|
| Fri, 27 Mar 2026 03:29:10 GMT |
TryHackMe — File Inclusion (Walkthrough) |
file-inclusion |
|
|
| Sun, 28 Jun 2026 05:21:37 GMT |
Behind the Architecture of Beldex Hardfork 21: Deep Dive into the... |
exploit |
|
|
| Mon, 16 Feb 2026 08:42:31 GMT |
Lab: Exploiting HTTP request smuggling to perform web cache poiso... |
web-cache-poisoning |
|
|
| Sun, 21 Jun 2026 11:31:00 GMT |
BOLA — The API Version of IDOR |
idor |
|
|
| Wed, 10 Jun 2026 19:29:41 GMT |
File Upload API Patterns for Production-Ready Apps |
file-upload |
|
|
| Tue, 23 Jun 2026 19:14:19 GMT |
I Found a 0-Day in Nextcloud… But Couldn’t Find One in a Fake... |
hackerone |
|
|
| Fri, 26 Jun 2026 04:49:11 GMT |
Why C++ Sanitizers Can’t Save Your Telecom Stack (And Where The... |
bugs |
|
|
| Mon, 25 May 2026 08:02:31 GMT |
Lock Down Your APIs: A Guide to API Key Authentication |
api-key |
|
|
| Sun, 21 Jun 2026 18:31:00 GMT |
Can You Build a Career on Bugcrowd? I’m Going to Test It. (Day ... |
bugcrowd, bounty-program |
|
|
| Fri, 12 Jun 2026 13:17:45 GMT |
Blind vs Out-of-Band Vulnerabilities: Understanding the Differenc... |
bug-bounty-hunter |
|
|
| Sat, 11 Apr 2026 14:24:38 GMT |
â� SOC287 — Arbitrary File Read on Checkpoint Security Gateway... |
lfi |
|
|
| Tue, 23 Jun 2026 17:45:57 GMT |
CSRF Validation Bypass: How I Tested Swiggy’s API Security |
security-research |
|
|
| Tue, 23 Jun 2026 16:59:56 GMT |
The Internet Never Forgets : A Beginner’s Guide to OSINT |
recon |
|
|
| Sat, 13 Jun 2026 15:28:09 GMT |
Cómo detectar sitios gubernamentales comprometidos con Spam SEO ... |
google-dork |
|
|
| Tue, 05 May 2026 22:06:03 GMT |
LFI Automated Scanning: Finding and Fuzzing with ffuf |
local-file-inclusion |
|
|
| Sat, 20 Jun 2026 16:54:28 GMT |
AI Red Teaming Will Need Qualified Human Pentester |
pentest |
|
|
| Tue, 21 Apr 2026 15:05:26 GMT |
Web Security Series #17 — Exploiting Local File Inclusion (LFI)... |
file-inclusion |
|
|
| Mon, 22 Jun 2026 04:22:38 GMT |
Subdomain Takeover: A Complete Guide from Beginner to Advanced |
subdomain-takeover |
|
|
| Sun, 21 Jun 2026 13:02:27 GMT |
PortSwigger: Information Disclosure (Authentication bypass via in... |
information-disclosure |
|
|
| Wed, 06 May 2026 23:46:09 GMT |
HTB File Inclusion Skills Assessment — From LFI to RCE (Full Wa... |
local-file-inclusion |
|
|
| Tue, 11 Nov 2025 16:43:14 GMT |
Beyond Google: Navigating the Hidden Internet with Shodan and Cen... |
censys |
|
|
| Wed, 24 Jun 2026 12:02:37 GMT |
The Bouncer Who Frisked Everyone and Forgot to Lock the Door |
bugbounty-writeup |
|
|
| Tue, 18 Nov 2025 13:26:47 GMT |
GitHub Dorking: The Hunter’s Guide to Finding Secrets in Public... |
github-dorking |
|
|
| Mon, 18 May 2026 07:01:05 GMT |
InterLink Migration Vote Begins | Active Bounty Season 3 |
bounty-program |
|
|
| Sun, 28 Jun 2026 15:32:08 GMT |
Breaking the Same XSS Twice: Stored XSS in a Welcome Banner — B... |
bug-bounty-tips, bug-bounty-writeup |
|
|
| Sun, 28 Jun 2026 10:12:59 GMT |
Understanding Reflected XSS: A Walkthrough of HTML Context Inject... |
xss-attack |
|
|
| Fri, 19 Jun 2026 22:47:46 GMT |
How I Found CVE-2026–50131: An Incomplete SSRF Fix in Fedify |
ssrf |
|
|
| Mon, 29 Jun 2026 06:52:04 GMT |
My First Cross-Site Scripting (XSS) Vulnerability: A Journey of P... |
xss-vulnerability, xss-bypass |
|
|
| Thu, 11 Jun 2026 17:29:29 GMT |
Free AI API Keys: How to Get Them Without a Credit Card |
api-key |
|
|
| Tue, 12 May 2026 17:55:36 GMT |
Wild Bounty Showdown PG Soft: Rahsia Maxwin Cowboy & Pola Gacor T... |
bounties |
|
|
| Tue, 16 Jun 2026 05:42:45 GMT |
ColdFusion XSS Vulnerability in Form Input: Causes, Fixes & Best ... |
xss-vulnerability |
|
|
| Thu, 25 Jun 2026 23:07:07 GMT |
AI Hallucinations might not be a Bug: They could be the price of ... |
bugs |
|
|
| Wed, 17 Jun 2026 08:46:50 GMT |
Amazon Prime for Young Adults — Why Every College Soccer Fan Ne... |
bounties |
|
|
| Fri, 12 Jun 2026 05:01:01 GMT |
Flutter File Uploads Made Easy: Working with Multipart APIs |
file-upload |
|
|
| Thu, 27 Mar 2025 23:46:11 GMT |
Make Break and Betrayal |
web-pentest |
|
|
| Mon, 18 May 2026 13:05:18 GMT |
Subdomain Takeover |
subdomain-takeover |
|
|
| Sat, 20 Jun 2026 11:04:15 GMT |
Scanning: The Second Stage of Penetration Testing — Turning Inf... |
vulnerability-scanning |
|
|
| Mon, 04 May 2026 17:36:51 GMT |
The Complete Guide to Managed Cyber Defense: Protecting Your Busi... |
cyber-sec |
|
|
| Sat, 13 Jun 2026 10:44:47 GMT |
Passive Vulnerability Assessment of a Government Enterprise Web A... |
information-disclosure |
|
|
| Sun, 14 Dec 2025 06:37:06 GMT |
My Bug Bounty Diary |
subdomain-enumeration |
|
|
| Thu, 25 Jun 2026 15:42:57 GMT |
Thm Room —Intro to Cross-Site Scripting |
cross-site-scripting, xss-vulnerability |
|
|
| Fri, 12 Dec 2025 06:49:56 GMT |
How Variable Data Technology is Transforming Postcard & Brochure ... |
vdp |
|
|
| Mon, 04 May 2026 07:35:39 GMT |
CPDoS via Content Negotiation Mechanism |
web-cache-poisoning |
|
|
| Sun, 28 Jun 2026 04:33:32 GMT |
Remote Coding Agent Approval Workflow: Keep Agents Moving Without... |
remote-code-execution |
|
|
| Sat, 20 Jun 2026 11:14:22 GMT |
Exploiting the Event Listener: My Sixth XSS Lab on PortSwigger |
xss-vulnerability |
|
|
| Mon, 29 Jun 2026 02:51:59 GMT |
Mastering Web Security: Exploiting Stored XSS into HTML Context |
xss-attack |
|
|
| Sat, 20 Jun 2026 07:44:22 GMT |
Ağınız Dışarıdan Nasıl Görünüyor? Shodan İle Kurumsal ... |
shodan |
|
|
| Sun, 07 Jun 2026 18:38:23 GMT |
Visualizing Physical Attack Surface Exposure with Python, WiGLE, ... |
shodan |
|
|
| Sun, 26 Jan 2025 19:08:11 GMT |
Matrix strike’s back against honesty from a power stance |
web-pentest |
|
|
| Tue, 02 Jun 2026 19:48:50 GMT |
From False Positive to Hall of Fame: Exploiting Web Cache Poisoni... |
web-cache-poisoning |
|
|
| Mon, 25 May 2026 22:43:37 GMT |
Support Writeup for Jr.Pentester Path — TryHackMe/THM |
local-file-inclusion |
|
|
| Thu, 20 Nov 2025 17:16:47 GMT |
The Health Factor: How DorkFi Keeps Your Position Safe |
dorks |
|
|
| Mon, 29 Jun 2026 14:59:47 GMT |
The Infinite Loop: Deconstructing WSHRAT’s Fileless Injection a... |
security-research |
|
|
| Sat, 09 May 2026 01:31:00 GMT |
Your Server Is Showing Everything It Shouldn’t -The Apache Dire... |
directory-listing |
|
|
| Wed, 03 Jun 2026 17:17:42 GMT |
Nmap Basics: A Beginner’s Guide to Network Scanning in Cybersec... |
vulnerability-scanning |
|
|
| Thu, 02 Apr 2026 17:35:36 GMT |
How I Found a Subdomain Takeover via BetterUptime |
subdomain-takeover |
|
|
| Mon, 15 Jun 2026 09:03:06 GMT |
The Comment That Handed Me a Secret Key |
bug-bounty-hunter |
|
|
| Sun, 28 Jun 2026 17:51:20 GMT |
How I Found an Unauthenticated IDOR in a Government College Websi... |
idor |
|
|
| Tue, 24 Mar 2026 07:41:00 GMT |
How I Built a Directory Listing Site (ToolIndex.net) and What I L... |
directory-listing |
|
|
| Sun, 21 Sep 2025 07:02:30 GMT |
Affordable but Vulnerable? The Dark Side of CMORE HMI |
censys |
|
|
| Mon, 16 Feb 2026 14:31:00 GMT |
BOUNTY | HTB | Windows |Walkthrough | Write up |
bounties |
|
|
| Thu, 04 Jun 2026 18:05:56 GMT |
<Casual Thoughts on MCP Server Security — Part 2> |
exploit |
|
|
| Fri, 26 Jun 2026 11:31:01 GMT |
Open Redirect — Tiny Bug, Real Reward |
bug-bounty-tips |
|
|
| Mon, 29 Jun 2026 15:59:50 GMT |
ChatGPT: Guardrail Bypass to LFI Vulnerability POC |
application-security |
|
|
| Fri, 24 Jan 2025 09:34:52 GMT |
A new Holistic temple opening InLeeds |
web-pentest |
|
|
| Sat, 06 Jun 2026 07:18:44 GMT |
Update: The Ending of My $500 Loss and Web Cache Poisoning Story. |
web-cache-poisoning |
|
|
| Mon, 15 Jun 2026 08:03:09 GMT |
How Building My Own Linktree Clone Led Me to a CSS Injection Disc... |
exploit |
|
|
| Mon, 08 Jun 2026 10:33:04 GMT |
How a Routine XSS Hunt Led to an Unexpected Database Information ... |
vulnerability-disclosure |
|
|
| Wed, 17 Jun 2026 17:45:44 GMT |
GCUP V2 Writeup: Bookstore |
rce |
|
|
| Thu, 21 May 2026 15:16:28 GMT |
How to Bypass LinkedIn Commercial Use Limit in 2026 (Without Payi... |
google-dorking |
|
|
| Wed, 03 Jun 2026 15:20:33 GMT |
Most Businesses in Costa Rica Are Easier to Find Than You Think, ... |
directory-listing |
|
|
| Thu, 04 Dec 2025 04:45:36 GMT |
What is Google Dorking? |
dorking |
|
|
| Fri, 26 Jun 2026 10:02:53 GMT |
What Is Remote Code Execution? The Hack That Lets Strangers Run C... |
rce |
|
|
| Tue, 09 Jun 2026 18:06:16 GMT |
Gaadi Info — Check Vehicle Details, RC Status & Challan |
rce |
|
|
| Tue, 05 Dec 2023 07:54:40 GMT |
LFI via SMTP log poisoning |
log-poisoning |
|
|
| Fri, 26 Jun 2026 15:39:44 GMT |
Can We Define Fair and Ethical Use of AI? |
information-disclosure |
|
|
| Thu, 28 May 2026 15:59:28 GMT |
File Inclusion Vulnerability Assessment |
file-inclusion |
|
|
| Sun, 21 Jun 2026 15:02:18 GMT |
Cross-site scripting 6 (APPRENTICE) |
cross-site-scripting |
|
|
| Tue, 18 Nov 2025 08:33:41 GMT |
A Chain of Vulnerabilities Leading to Critical Information Disclo... |
bug-bounty-program |
|
|
| Tue, 09 Jun 2026 20:32:47 GMT |
Your Software Is Already Under Attack |
exploit |
|
|
| Mon, 29 Jun 2026 01:52:10 GMT |
DirtyClone: Linux Çekirdeğinde Root Erişimi Sağlayan Yeni Bir... |
security-research |
|
|
| Sat, 02 Aug 2025 14:15:23 GMT |
The Silent Risk in Your ICS: Why S7 Protocol Needs Security Atten... |
censys |
|
|
| Sat, 27 Jun 2026 17:05:53 GMT |
Stored XSS via SVG File Upload in a Project Management Applicatio... |
xss-attack, file-upload, xss-vulnerability |
|
|
| Fri, 06 Jun 2025 15:47:21 GMT |
��♂� GitHub Dorking for Bug Bounty: Hackers' Hidden Playg... |
github-dorking |
|
|
| Mon, 29 Jun 2026 21:04:53 GMT |
IDOR in a Session Replay API: One Sequential ID From Wiping Any C... |
idor |
|
|
| Fri, 10 Nov 2023 03:38:01 GMT |
Apache error.log advanced Log poisoning RCE |
log-poisoning |
|
|
| Tue, 28 Apr 2026 07:09:41 GMT |
owockibot: The Bounty Board Powering the Agent Economy |
bounty-program |
|
|
| Sun, 22 Oct 2023 19:57:30 GMT |
Performing a Log Poisoning Attack |
log-poisoning |
|
|
| Tue, 05 May 2026 09:32:07 GMT |
Google Dorks — Advanced Search |
google-dorking, google-dork |
|
|
| Mon, 29 Jun 2026 04:40:40 GMT |
We Stopped Vulnerable Code from Reaching Production with Snyk. He... |
vulnerability-scanning |
|
|
| Wed, 24 Jun 2026 13:40:07 GMT |
SOC Tools Explained for Beginners: SIEM, EDR, NDR & SOAR — A Si... |
cybersecurity-tools |
|
|
| Mon, 25 May 2026 14:19:37 GMT |
Look at this, we created this |
bounties |
|
|
| Wed, 17 Jun 2026 15:20:59 GMT |
From N/A to ##,###$: How I Turned One Overlooked Bug Into a Major... |
ssrf |
|
|
| Thu, 18 Jun 2026 11:52:47 GMT |
¿Usas Intercambio? |
bounty-program |
|
|
| Sun, 28 Jun 2026 22:40:33 GMT |
Básico Exploits Linux — Parte 1 |
exploit |
|
|
| Tue, 22 Apr 2025 10:38:20 GMT |
Trump’s Tariffs Cut Out Censys — ZoomEye Steps In Strong! |
zoomeye |
|
|
| Thu, 18 Jun 2026 18:29:00 GMT |
5 Docker Mistakes That Are Killing Your Laptop’s Battery |
bug-bounty-hunter |
|
|
| Fri, 24 Jan 2025 00:08:47 GMT |
A majestic temple opportunity of wellbeing and wellness |
web-pentest |
|
|
| Tue, 28 Apr 2026 13:18:20 GMT |
25 Open-Source Cybersecurity Tools That Work Even When Your Budge... |
cybersecurity-tools |
|
|
| Mon, 29 Jun 2026 11:44:13 GMT |
Cybersecurity Practice Lab 3 |
cross-site-scripting |
|
|
| Wed, 24 Jun 2026 22:28:18 GMT |
interesting Logic idor that allowed me to Access User Data and Pr... |
bugbounty-writeup |
|
|
| Fri, 12 Jun 2026 10:04:19 GMT |
ATDORK |
google-dork |
|
|
| Wed, 01 Apr 2026 18:43:56 GMT |
Lab: SQL injection attack, listing the database contents on Oracl... |
web-pentest |
|
|
| Sat, 13 Jun 2026 17:04:51 GMT |
The $500,000 Prompt: How an AI-Driven Hack Penetrated Google’s ... |
exploit |
|
|
| Thu, 13 Feb 2025 03:29:37 GMT |
ZoomEye Meets DeepSeek: AI-Powered Cyberspace Intelligence |
zoomeye |
|
|
| Sun, 28 Jun 2026 12:31:00 GMT |
O bug passou para produção… e agora? |
bugs |
|
|
| Mon, 29 Jun 2026 08:14:44 GMT |
I Got Tired of the Same VAPT Findings. So I Built an Open-Source ... |
vapt |
|
|
| Wed, 27 May 2026 19:50:08 GMT |
Why Your Directory Listing Service Isn’t Working — And the Fr... |
directory-listing |
|
|
| Mon, 01 Jun 2026 19:46:00 GMT |
When a Routine Pentest Becomes a CVE: XSS to Admin in Rock RMS |
xss-vulnerability |
|
|
| Wed, 03 Jun 2026 14:56:57 GMT |
Eksploitasi Jembatan Alephium: Laporan On-Chain |
exploit |
|
|
| Tue, 26 May 2026 23:44:37 GMT |
Intigriti May 2026 Challenge: XSS via Stored Payload & SCA Shield... |
xss-bypass |
|
|
| Sat, 02 May 2026 14:24:34 GMT |
Analytic Tools |
cyber-sec |
|
|
| Wed, 17 Jun 2026 18:28:32 GMT |
I Started Bug Bounty With ₹0 Savings and a ₹15,000 Laptop. Ye... |
bug-bounty-hunter |
|
|
| Mon, 17 Nov 2025 09:27:29 GMT |
200 reports, 11 valid bugs, 0 critical issues. Here’s everythin... |
vdp |
|
|
| Tue, 16 Jun 2026 04:26:17 GMT |
How to Install Nuclei on Your Machine The Open-Source Vulnerabili... |
vulnerability-scanning |
|
|
| Mon, 29 Jun 2026 23:49:40 GMT |
Burp Suite Beyond the Interface |
pentesting |
|
|
| Wed, 10 Jun 2026 11:54:28 GMT |
The Zero-Day Exploit Clock Is Ticking |
exploit |
|
|
| Wed, 24 Jun 2026 16:01:02 GMT |
How a composer install Becomes Remote Code Execution: Inside CVE-... |
remote-code-execution, cve |
|
|
| Sat, 06 Dec 2025 23:06:15 GMT |
Big News from DorkFi — PreFi Rewards Drop + Contest Live! |
dorks |
|
|
| Wed, 12 Feb 2025 22:46:35 GMT |
https://www.express.co.uk/life-style/property/2012927/cleaning-ch... |
web-pentest |
|
|
| Tue, 23 Jun 2026 15:09:51 GMT |
Cuando el atacante encuentra más de lo que deberÃa |
vulnerability-scanning |
|
|
| Tue, 28 Apr 2026 20:00:52 GMT |
Official Blind XSS Platform Update (2026) |
xss-bypass |
|
|
| Mon, 06 Apr 2026 21:45:53 GMT |
Cookie(Çerez) Türleri ve Pentest Açısından Önemi |
web-pentest |
|
|
| Wed, 24 Jun 2026 19:30:37 GMT |
CVE-2025–65640: Escalating a Stored XSS to Account Takeover in ... |
xss-attack, cve |
|
|
| Thu, 18 Jun 2026 18:45:38 GMT |
Cross-site scripting 9 (APPRENTICE) |
cross-site-scripting |
|
|
| Tue, 13 Jan 2026 13:27:13 GMT |
Hacking “Time�: When Critical Infrastructure Forgets to Set a... |
vulnerability-disclosure |
|
|
| Mon, 08 Jun 2026 08:50:12 GMT |
Huggingface’den Api Key Alma İçeriği (2026) |
api-key |
|
|
| Tue, 16 Jun 2026 09:34:58 GMT |
SSRF by encoding |
bug-bounty-hunter |
|
|
| Mon, 18 May 2026 00:04:46 GMT |
GOOGLE DORK Ä°LE BÄ°LGÄ°YÄ° HIZLI VE DOÄžRU BULMA |
google-dorking, google-dork, github-dorking |
|
|
| Fri, 01 May 2026 20:23:15 GMT |
Shodan Facet Searches That Read Like Threat Intel Poetry |
shodan |
|
|
| Sun, 07 Jun 2026 16:46:16 GMT |
METASPOITABLE 2 |
vulnerability-scanning |
|
|
| Wed, 23 Jul 2025 15:15:01 GMT |
TryHackMe Include walkthrough: SSRF, log poisoning & LFI2RCE, wit... |
log-poisoning |
|
|
| Sat, 11 Apr 2026 09:59:14 GMT |
The Symmetry of Recon: Active vs. Passive Discovery in Bug Bounty |
shodan |
|
|
| Tue, 03 Feb 2026 17:12:47 GMT |
My First Week: 3 Business Logic Bugs in Major E-Commerce |
bug-bounty-program |
|
|
| Mon, 18 May 2026 18:07:32 GMT |
SYMFONOS: 1 |
local-file-inclusion |
|
|
| Mon, 22 Jun 2026 06:51:54 GMT |
Find exposed sensitive data in AWS, Google Cloud, and other platf... |
dorks |
|
|
| Thu, 30 Apr 2026 15:04:04 GMT |
I Almost Scrolled Past This URL… Then I Got Curious |
lfi |
|
|
| Mon, 22 Jun 2026 05:21:26 GMT |
Well, It’s Okay to Start Over! |
pentest |
|
|
| Sat, 27 Jun 2026 04:26:59 GMT |
CVE’s: Cataloging the Cracks in Our Code |
cve |
|
|
| Fri, 24 Apr 2026 10:26:01 GMT |
¿Estás emocionado por el próximo partido entre FC Barcelona y ... |
bounty-program |
|
|
| Sat, 27 Jun 2026 14:35:54 GMT |
Chaining a DOM XSS Sink, WAF Bypass, Cross-Origin Smuggling, and ... |
xss-attack, bugbounty-writeup |
|
|
| Wed, 13 May 2026 16:01:01 GMT |
Mapleton (LFI to RCE) WebVerse |
lfi |
|
|
| Fri, 19 Jun 2026 10:37:59 GMT |
Cybersecurity training in kphb |
cybersecurity-tools |
|
|
| Thu, 02 Apr 2026 18:59:50 GMT |
File Inclusion (LFI/RFI) — Extracting Sensitive Data from confi... |
file-inclusion |
|
|
| Fri, 26 Jun 2026 15:36:09 GMT |
The Perfect Distraction |
bugs |
|
|
| Thu, 09 Oct 2025 18:33:05 GMT |
0-click Account Takeover via Punycode |
bug-bounty-program |
|
|
| Sun, 14 Jun 2026 14:19:24 GMT |
How to Fix Image Upload Issues in WordPress Media Library (Step-b... |
file-upload |
|
|
| Sun, 13 Jul 2025 16:32:21 GMT |
ProConOS Exposed: What ICS Security Teams Need to Know |
censys |
|
|
| Sun, 15 Mar 2026 17:49:52 GMT |
TryHackMe — Takeover Writeup |
subdomain-takeover |
|
|
| Sat, 20 Jun 2026 00:52:29 GMT |
API Fuzzing for Bug Bounty — Part 2b: Injection, Bypasses & Out... |
bug-bounty-hunter |
|
|
| Mon, 29 Jun 2026 01:03:39 GMT |
Belajar tentang File Inclusion dalam Penetration Testing |
local-file-inclusion, file-inclusion |
|
|
| Wed, 25 Mar 2026 08:34:09 GMT |
Improper Input Handling Leading to Client Side Code Execution and... |
vulnerability-disclosure |
|
|
| Fri, 19 Jun 2026 06:15:12 GMT |
PortSwigger: Information Disclosure (in error messages) |
information-disclosure |
|
|
| Fri, 19 Jun 2026 14:32:09 GMT |
RCE Backdoor: I Almost Got Owned by a Fake Metatheory Job Intervi... |
remote-code-execution |
|
|
| Wed, 17 Jun 2026 00:00:50 GMT |
When the main app is clean, go count the URL fetchers |
ssrf |
|
|
| Mon, 04 May 2026 12:56:26 GMT |
Beyond alert(1): Advanced XSS Payload Crafting, Filter Bypasses &... |
xss-bypass |
|
|
| Mon, 29 Jun 2026 13:01:20 GMT |
Cache Poisoning at the Edge: How Cloudflare Workers & Vercel Edge... |
bugbounty-writeup |
|
|
| Thu, 18 Jun 2026 10:17:41 GMT |
PortSwigger : DOM XSS in innerHTML Sink Using Source location.sea... |
cross-site-scripting |
|
|
| Mon, 29 Jun 2026 05:16:56 GMT |
Day 1 of Bug Hunting Learning : XSS Made Me Question Everything |
bug-bounty-writeup |
|
|
| Fri, 08 May 2026 22:01:34 GMT |
AI Is Breaking the Two Rules That Kept the Internet Safe — And ... |
vulnerability-disclosure |
|
|
| Mon, 16 Mar 2026 14:32:42 GMT |
Web Security Series #5 — Exploiting Broken Access Control via T... |
bug-bounty-hunting |
|
|
| Thu, 28 Sep 2023 23:05:39 GMT |
Archangel — TryHackMe |
log-poisoning |
|
|
| Fri, 19 Jun 2026 07:59:04 GMT |
Diving into the DOM: My Third XSS Lab on PortSwigger |
xss-vulnerability |
|
|
| Fri, 19 Jun 2026 20:02:36 GMT |
TryHackMe: Support Ops Platform Walkthrough |
lfi |
|
|
| Thu, 25 Jun 2026 17:37:36 GMT |
Spring Boot 4.1’s New SSRF Filter Never Touched My Feign Calls ... |
ssrf |
|
|
| Mon, 29 Jun 2026 19:52:58 GMT |
Finding Hidden GraphQL Endpoints | Hacking GraphQL APIs — Part... |
application-security |
|
|
| Fri, 12 Jun 2026 12:04:09 GMT |
The Print Button That Handed Me Your Account: Stored XSS to Full ... |
xss-bypass |
|
|
| Wed, 13 May 2026 23:11:19 GMT |
The Lethal Trifecta: How AI Agents With Tool Access Turn Prompt I... |
cyber-sec |
|
|
| Mon, 29 Jun 2026 11:37:28 GMT |
CVE-2026–39904: How I Crashed an Entire Server Using Nothing bu... |
cve |
|
|
| Sun, 22 Mar 2026 10:40:15 GMT |
DVWA: File Inclusion Vulnerability (Low Security) |
file-inclusion |
|
|
| Fri, 17 Apr 2026 15:51:57 GMT |
The 2026 Shodan Dork Bible: Finding Exposed Jenkins, Grafana, and... |
google-dork, shodan |
|
|
| Mon, 22 Jun 2026 01:16:21 GMT |
PortSwigger : DOM XSS in jQuery Anchor href Attribute Sink Using ... |
cross-site-scripting |
|
|
| Thu, 07 May 2026 08:48:21 GMT |
Driving Operational Value Through Multi Agent Orchestration |
cybersecurity-tools |
|
|
| Thu, 11 Jun 2026 11:42:27 GMT |
AWS CloudGoat EC2_SSRF Lab Walkthrough: Step-by-Step Manual Confi... |
ssrf |
|
|
| Fri, 31 May 2024 13:29:16 GMT |
Map of the worlds best URLs 2025 |
log-poisoning |
|
|
| Mon, 15 Jun 2026 09:21:49 GMT |
Why Most Bug Bounty Beginners Fail — And How to Avoid It |
bug-bounty-hunter |
|
|
| Thu, 30 Apr 2026 22:03:21 GMT |
How to learn Autopsy quickly to pass any exams |
cybersecurity-tools |
|
|
| Mon, 29 Jun 2026 10:46:38 GMT |
Costa Rica Canopy Tours: Choosing Experiences That Match Your Com... |
directory-listing |
|
|
| Wed, 22 Apr 2026 23:39:11 GMT |
Authentication bypass via unauthenticated JWT generation on a tel... |
shodan |
|
|
| Sat, 30 May 2026 11:25:12 GMT |
Cross-Site Scripting (XSS) via Client-Side Filter Bypass |
xss-bypass |
|
|
| Fri, 26 Jun 2026 13:02:05 GMT |
Severity vs Priority in Bugs |
bugs |
|
|
| Wed, 20 May 2026 14:26:33 GMT |
Your Agent Doesn’t Need an API Key |
api-key |
|
|
| Thu, 28 May 2026 16:33:00 GMT |
CONTENT DISCOVERY-TRYHACKME WALKTHROUGH |
google-dorking |
|
|
| Tue, 19 May 2026 17:44:55 GMT |
Day 5: Footprinting & Reconnaissance -How Attackers Know Everythi... |
google-dorking |
|
|
| Tue, 02 Jun 2026 14:45:40 GMT |
Web/Mobil Uygulamalarda Business Logic Zafiyetler ve Örnek Bir U... |
exploit |
|
|
| Wed, 27 May 2026 08:42:26 GMT |
Open Source Transparency Was a Moat — AI Is Turning It Into a L... |
vulnerability-disclosure |
|
|
| Mon, 22 Jun 2026 14:38:16 GMT |
Remote Code Execution via Custom JS Function in Flowise |
remote-code-execution, security-research |
|
|
| Thu, 12 Mar 2026 18:11:47 GMT |
A Simple P4 Bug That Ended as Duplicate |
bug-bounty-hunting |
|
|
| Fri, 22 May 2026 21:10:59 GMT |
Recruit TryHackMe walkthrough |
lfi |
|
|
| Mon, 30 Mar 2026 06:03:13 GMT |
Why Business Directory Listings Are the Secret Weapon of Off-Page... |
directory-listing |
|
|
| Sun, 08 Mar 2026 11:01:01 GMT |
I Paid $500 for AI Directory Listings. Here Is My Honest ROI Brea... |
directory-listing |
|
|
| Fri, 26 Jun 2026 17:25:10 GMT |
CVE-2026–46331 — pedit COW Zafiyeti |
security-research |
|
|
| Thu, 07 May 2026 06:41:01 GMT |
Github Dorking |
dorking, github-dorking |
|
|
| Mon, 22 Jun 2026 20:02:14 GMT |
TryHackMe Dive Into Pentesting (versão em português) |
pentest |
|
|
| Mon, 22 Jun 2026 17:59:47 GMT |
How I Recon a Target, Part Two: Now We Poke It |
recon |
|
|
| Mon, 11 May 2026 04:25:50 GMT |
Google Dorking for Beginners: Ghosting the Network |
google-dorking |
|
|
| Sun, 05 Apr 2026 20:11:41 GMT |
I Tried Logging In… and Accidentally Did Responsible Disclosure... |
vdp |
|
|
| Wed, 17 Jun 2026 09:53:34 GMT |
Solving YWH Dojo #51 — DeadBolt: From Zip Slip to Remote Code E... |
rce |
|
|
| Tue, 05 Aug 2025 00:19:11 GMT |
Breaking Recon with AMASS |
subdomain-enumeration |
|
|
| Thu, 25 Jun 2026 12:39:22 GMT |
Cisco Unified CM CVE-2026–20230 SSRF Actively Exploited |
ssrf, cve |
|
|
| Fri, 19 Jun 2026 18:59:43 GMT |
SSRF Explained Like You Are Five (For Bug Bounty Beginners) |
ssrf |
|
|
| Thu, 11 Sep 2025 22:20:14 GMT |
It’s Coming: DorkFi Delivers PreFi Rewards Surge |
dorking |
|
|
| Thu, 25 Jun 2026 12:26:00 GMT |
How an Unsigned JWT Parameter Led to a $10,500 Full Account Takeo... |
bug-bounty-tips |
|
|