Skip to content

rix4uni/medium-writeups

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

46,952 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Time Title Feed IsNew IsToday
Fri, 17 Jul 2026 22:55:59 GMT #The .come Typo: PancakeSwap’s Terms of Service Email a Domain ... security Yes Yes
Fri, 17 Jul 2026 23:02:58 GMT Can we identify the human behind a digital identity — even when... cybersecurity Yes Yes
Fri, 17 Jul 2026 18:10:42 GMT I Ignored the Lab Instructions and Solved It My Own Way -Here’s... bug-bounty, security, infosec Yes
Fri, 17 Jul 2026 21:00:51 GMT I Funded a Stranger’s Bank Card With My Own Money; and That’s... cybersecurity, ethical-hacking Yes
Fri, 17 Jul 2026 13:43:49 GMT External Network Penetration Test penetration-testing Yes
Fri, 17 Jul 2026 08:35:06 GMT The Hackers Labs Writeup — MindKeep (Spanish) pentesting Yes
Fri, 17 Jul 2026 17:07:04 GMT From SOC to GRC Engineering: Part 1 information-security Yes
Fri, 17 Jul 2026 07:09:47 GMT Lab Walkthrough: Exploiting Username Enumeration via Different Re... bug-bounty Yes
Fri, 17 Jul 2026 04:19:09 GMT File Upload Bypass On Indrive bug-bounty-writeup Yes
Fri, 17 Jul 2026 21:49:45 GMT AWS Networking for IR — VPCs, Flow Logs, and the Load Balancer ... cybersecurity Yes
Fri, 17 Jul 2026 20:10:21 GMT Top 5 Security Risks Facing Toronto Businesses in 2026 security Yes
Fri, 17 Jul 2026 16:12:47 GMT ClickFix: When Phishing Stops Being About Clicking information-security, cyber-security-awareness Yes
Fri, 17 Jul 2026 10:53:17 GMT You are outsourcing the wrong IT work information-technology Yes
Fri, 17 Jul 2026 16:44:23 GMT Your Password Is Probably on a List Somewhere Right Now hacking Yes
Fri, 17 Jul 2026 14:56:40 GMT The Terminal Trick That Changed My Entire Workflow ethical-hacking Yes
Fri, 17 Jul 2026 14:08:59 GMT โน้ตบุ๊คคุณชาร์จไปà¸�ี่à¸... information-technology Yes
Fri, 17 Jul 2026 15:18:20 GMT WHAT IS TCP/IP ? hacking Yes
Fri, 17 Jul 2026 14:30:27 GMT Data Is Cash information-security Yes
Fri, 17 Jul 2026 20:23:15 GMT Four NLP Terms a Security Analyst Should Understand security Yes
Fri, 17 Jul 2026 05:50:16 GMT Authentication Security Testing Checklist for Security Researcher... web-security Yes
Fri, 17 Jul 2026 15:52:04 GMT Understanding Active Directory: A Beginner’s Guide with Common ... information-security, ethical-hacking Yes
Fri, 17 Jul 2026 11:50:28 GMT Guarded Past the Point of Luck vulnerability Yes
Fri, 17 Jul 2026 09:54:55 GMT Android Infostealer Malware Analysis | Let’sDefend Walkthrough penetration-testing Yes
Fri, 17 Jul 2026 11:55:22 GMT Why Your SAP Integration Project Is Failing information-technology Yes
Fri, 17 Jul 2026 07:04:09 GMT Finding Reflected XSS Parameters Fast: A Deep Dive into RefleX web-security Yes
Fri, 17 Jul 2026 10:22:23 GMT Cybersecurity Risk of the User Registration Page penetration-testing Yes
Fri, 17 Jul 2026 04:07:15 GMT IDOR simple way with no burpsuite banged P3 bugs, idor Yes
Fri, 17 Jul 2026 12:23:15 GMT CAN YOU BE TRUSTED WITH THE NAKEDNESS OF MEN? vulnerability Yes
Fri, 17 Jul 2026 15:42:09 GMT Who Protects Organizations from Cyber Attacks? cyber-security-awareness Yes
Fri, 17 Jul 2026 16:56:29 GMT CTF: Archangel TryhackMe Room local-file-inclusion Yes
Fri, 17 Jul 2026 15:48:26 GMT Broken access control penetration-testing Yes
Fri, 17 Jul 2026 12:50:49 GMT Privacy Toolkit for Everyone information-technology Yes
Fri, 17 Jul 2026 17:26:36 GMT Turning Your VPN On Isn’t Enough: Here’s What Most People Mis... cyber-security-awareness Yes
Fri, 17 Jul 2026 07:22:47 GMT Web Pentester’s Guide to Thinking Like an IoT Pentester pentesting, vapt Yes
Fri, 17 Jul 2026 07:04:02 GMT Lab 2 : Information Disclosure on a Debug Page information-disclosure Yes
Fri, 17 Jul 2026 22:47:44 GMT Blinding the State Informant: How Axiom Shield Weaponizes Client-... cybersecurity Yes
Fri, 17 Jul 2026 20:38:31 GMT My eJPT Experience: First Offensive Security Certificate penetration-testing, infosec, ethical-hacking Yes
Fri, 17 Jul 2026 12:54:15 GMT Windows Command Line: Navigating and Managing Endpoints with the ... infosec Yes
Fri, 17 Jul 2026 09:18:44 GMT The Unseen Share: How I Downloaded Every File on 9 Tail Fox bug-bounty, idor Yes
Fri, 17 Jul 2026 13:59:17 GMT FREE COMMUNITY SESSION: FILE UPLOAD ATTACKS — NULL BYTE INJECTI... infosec, web-security, ethical-hacking Yes
Fri, 17 Jul 2026 19:19:44 GMT Beyond Installation: Engineering a SIEM Lab for Real-World Threat... information-security Yes
Fri, 17 Jul 2026 16:01:18 GMT Reproducing Certifried (CVE-2022–26923) vulnerability Yes
Fri, 17 Jul 2026 02:32:13 GMT Your AI Agent Has Browser, Filesystem, and Terminal Access. Whoâ€... application-security Yes
Fri, 17 Jul 2026 18:04:07 GMT I Found a CSRF-Style Bug in Proton and Earned a $200 Bounty. bug-bounty, bug-bounty-writeup Yes
Fri, 17 Jul 2026 02:43:20 GMT APKLeaks: A Mobile Security Tool vapt Yes
Fri, 17 Jul 2026 16:37:21 GMT The Website You Log Into Every Day Doesn’t Know Your Password security Yes
Fri, 17 Jul 2026 13:53:49 GMT OWASP Top 10: Broken Access Control Understanding One of the Most... ethical-hacking Yes
Fri, 17 Jul 2026 00:49:39 GMT Malware Analysis and Domain Investigation: Following the Trail fr... cybersecurity-tools Yes
Fri, 17 Jul 2026 12:39:48 GMT From User to Admin: The Story of Privilege Escalation bug-bounty, penetration-testing, web-security Yes
Fri, 17 Jul 2026 20:01:48 GMT Modern Cyberattacks Target Both Technology and Human Psychology cyber-security-awareness Yes
Fri, 17 Jul 2026 17:42:37 GMT The Hidden Struggle: Why Infidelity Persists in Christian Marriag... hacking Yes
Fri, 17 Jul 2026 13:26:01 GMT Vulnerability Is Another Word For Confidence, And Women Love It vulnerability Yes
Fri, 17 Jul 2026 08:55:35 GMT Website Security Mistakes That Can Destroy Your Business (2026 Gu... web-security Yes
Fri, 17 Jul 2026 10:41:01 GMT Can AI write secure code? I audited 50 AI-Generated snippets infosec Yes
Fri, 17 Jul 2026 22:18:20 GMT Somebody Is Botting a Dead Card Game (and the Data Shows Exactly ... cybersecurity Yes
Fri, 17 Jul 2026 14:22:40 GMT Don’t Panic: Your Secrets Are Not Secret hacking Yes
Fri, 17 Jul 2026 20:29:11 GMT Every team building on AI ships the same feature. A lot of them s... security Yes
Fri, 17 Jul 2026 15:00:25 GMT THE BREACH FILES hacking Yes
Fri, 17 Jul 2026 18:36:07 GMT “You should have told me you were coming.â€� The short story â€... vulnerability Yes
Fri, 17 Jul 2026 08:29:42 GMT Setting up Windows 10 on your Oracle VirtualBox pentesting Yes
Fri, 17 Jul 2026 14:42:21 GMT KUDANKULAM NUCLEAR POWER PLANT LEAK: AN ACCIDENTAL DISCLOSURE hacking, infosec Yes
Fri, 17 Jul 2026 19:44:08 GMT Breaking CCTV Manager — Solving YesWeHack Dojo #43 hacking Yes
Fri, 17 Jul 2026 16:44:00 GMT The Cost of Playing It Safe vulnerability Yes
Fri, 17 Jul 2026 07:57:49 GMT Konsep Dasar Bug, Error, Defect, dan Failure dalam Software Quali... bugs Yes
Fri, 17 Jul 2026 09:15:13 GMT Broken Access Control & Authentication Misconfiguration Led to In... bug-bounty, web-security Yes
Fri, 17 Jul 2026 13:36:01 GMT The Night Claude Found a Critical IDOR and Deleted the Test Accou... bug-bounty, idor Yes
Fri, 17 Jul 2026 16:38:33 GMT Hunting Local AI Tools on Windows with Microsoft Defender for End... security Yes
Fri, 17 Jul 2026 11:12:57 GMT Active Directory Attacks — Force Change Password pentesting Yes
Fri, 17 Jul 2026 09:52:43 GMT Bypassing Authentication Gates: SQL Injection (Auth Bypass) on Lo... bug-bounty Yes
Fri, 17 Jul 2026 17:49:03 GMT Your AI Agent Did 400 Things Last Night. Can You Prove Any of The... security Yes
Fri, 17 Jul 2026 08:08:51 GMT Managing a Million Security Profiles at the Edge web-security Yes
Fri, 17 Jul 2026 16:21:30 GMT Contrabando (THM) Tryhackme Hard Challenge hacking Yes
Fri, 17 Jul 2026 18:30:55 GMT Why Multi-Factor Authentication (MFA) Is Essential for Online Sec... information-security Yes
Fri, 17 Jul 2026 11:15:29 GMT Active Directory Attacks — GPO Abuse pentesting Yes
Fri, 17 Jul 2026 12:50:18 GMT Verbose— A Structured Web Application Penetration Test penetration-testing, infosec, ethical-hacking Yes
Fri, 17 Jul 2026 22:51:01 GMT Fast Forward information-technology Yes
Fri, 17 Jul 2026 12:30:00 GMT The Rise of Deepfake Social Engineering: A New Frontier in Cyber ... cyber-security-awareness Yes
Fri, 17 Jul 2026 05:47:51 GMT A 65,529-Sample Lie: How a Tiny TIFF Fooled GDAL Into Asking for ... cve Yes
Fri, 17 Jul 2026 08:15:48 GMT DockerLabs Writeup — ApkAdmin (Spanish) pentesting Yes
Fri, 17 Jul 2026 17:05:53 GMT Cara Saya Menemukan Celah User Enumeration & Missing Rate Limitin... web-security, information-security, bug-bounty-writeup Yes
Fri, 17 Jul 2026 13:19:09 GMT The Age of Digital Deception — Deepfakes, Cybersecurity, and th... cyber-security-awareness Yes
Fri, 17 Jul 2026 17:56:25 GMT Best Free WhatsApp Spy App for Android and iPhone infosec Yes
Fri, 17 Jul 2026 06:28:36 GMT Room 8 Is Live: Why Server-Side Request Forgery Still Challenges ... web-security Yes
Fri, 17 Jul 2026 15:06:17 GMT Mastering AWS IAM: The Foundation of Cloud Security Every AppSec ... application-security Yes
Fri, 17 Jul 2026 14:22:55 GMT The Vulnerability Management Answer That Fails Most Cybersecurity... information-technology, infosec, information-security Yes
Fri, 17 Jul 2026 13:27:03 GMT I Built a Bug Bounty Recon Tool That Automates the Boring Parts (... bug-bounty, bug-bounty-writeup Yes
Fri, 17 Jul 2026 18:57:46 GMT I Built the Automation. Then Someone Asked Me to Explain the Perm... information-security Yes
Fri, 17 Jul 2026 21:16:54 GMT Why Defense & Space Organizations Are Rethinking Cybersecurity cybersecurity Yes
Fri, 17 Jul 2026 09:08:40 GMT My Learning Journey with Bug Bounty Bootcamp book… bug-bounty, pentesting, bug-bounty-writeup Yes
Fri, 17 Jul 2026 06:20:03 GMT When -1 Crossed a Library Boundary: How libvips Hardened Its TIFF... cve Yes
Fri, 17 Jul 2026 07:05:37 GMT Lab 3 : Source code disclosure via backup files information-disclosure Yes
Fri, 17 Jul 2026 17:01:12 GMT Guardians of Our Digital Hearth: Why Cybersecurity Matters cyber-security-awareness Yes
Fri, 17 Jul 2026 22:38:13 GMT When the Voice Note Isn’t Theirs: Deepfake and AI Scams Facing ... cybersecurity Yes
Fri, 17 Jul 2026 16:01:09 GMT What do you do when you feel lonely? vulnerability Yes
Fri, 17 Jul 2026 17:11:38 GMT Troubleshooting OWASP Broken Web Apps Environment pentesting, ethical-hacking Yes
Fri, 17 Jul 2026 06:53:37 GMT Information Disclosure in Version Control History information-disclosure Yes
Fri, 17 Jul 2026 19:40:20 GMT Microsoft Patch Tuesday — July 2026: How SOCFortress Vuln Opera... vulnerability Yes
Fri, 17 Jul 2026 09:42:41 GMT COM Oversimplified: Understanding The Windows Technology Behind C... infosec, pentesting Yes
Fri, 17 Jul 2026 15:46:30 GMT Being a Guest on the Biting Lemons Podcast… in the Bathtub. vulnerability Yes
Fri, 17 Jul 2026 19:20:57 GMT Enumeration & Brute Force TryHackMe Room Walkthrough penetration-testing Yes
Fri, 17 Jul 2026 18:14:00 GMT Cloud Computing : Turning computing power into a utility information-technology Yes
Fri, 17 Jul 2026 19:51:02 GMT What the Paper Says: We Have Known Why Digital Transformations Fa... information-technology Yes
Fri, 17 Jul 2026 14:18:13 GMT How Hackers Use AI to Steal Data and How We Fight Back hacking Yes
Fri, 17 Jul 2026 21:01:01 GMT Grok Build CLI Was Quietly Uploading Entire Codebases to Google C... cybersecurity Yes
Fri, 17 Jul 2026 17:59:12 GMT Passive Network Reconnaissance | JR Penetration Tester | TryHac... penetration-testing Yes
Fri, 17 Jul 2026 15:59:43 GMT DEF CON (bio)hacker dreaming hacking Yes
Fri, 17 Jul 2026 16:01:03 GMT Trust in Automation — A publicity movie information-technology Yes
Fri, 17 Jul 2026 05:04:13 GMT Broken brute-force protection, IP block web-security Yes
Fri, 17 Jul 2026 13:44:31 GMT Authentication as Structural Barrier: Two-Factor Verification and... information-security Yes
Fri, 17 Jul 2026 21:37:17 GMT Hidden AI: The Risk Already Inside Your Firm, and the Rules That ... cybersecurity Yes
Fri, 17 Jul 2026 09:29:07 GMT Heard of the BONK DAO Exploit? | A Funny, Straightforward One exploit Yes
Fri, 17 Jul 2026 22:05:04 GMT AI Wrote a Ransomware… security, cybersecurity Yes
Fri, 17 Jul 2026 14:32:13 GMT From a Text Box to a RCE: Breaking picoCTF’s SSTI1 cyber-security-awareness Yes
Fri, 17 Jul 2026 13:11:38 GMT AI Speeds Cybercrime: How Incident Response (IR) Can Tackle the M... cyber-security-awareness Yes
Fri, 17 Jul 2026 17:55:53 GMT TP-Link Kasa EC70 & EC71 Vulnerabilities: Complete Technical Anal... security, vulnerability Yes
Fri, 17 Jul 2026 13:01:02 GMT CVE-2026-10119: Integer Overflow in Poppler’s PDF Rendering Eng... ethical-hacking Yes
Fri, 17 Jul 2026 15:38:32 GMT What My Own Codex Usage Data Says About the Company I’m Buildin... application-security Yes
Fri, 17 Jul 2026 13:31:01 GMT THM Simple CTF cyber-security-awareness Yes
Thu, 02 Jul 2026 12:21:10 GMT OffSec PG: Amaterasu Walkthrough pentest
Wed, 15 Jul 2026 16:10:56 GMT How a Simple S3 Bucket Misconfiguration Turned into a Security As... bug-bounty-tips
Sat, 11 Jul 2026 08:08:11 GMT I Was Broke, Bored, and Curious About Hacking — Then I Found Ou... hackerone
Sun, 12 Jul 2026 19:11:01 GMT Building a File Upload Scanning Pipeline for Laravel and S3 vulnerability-scanning
Sun, 14 Jun 2026 13:21:02 GMT Subdomain Enumeration: A Core Technique Every Bug Hunter Must Mas... subdomain-enumeration, recon
Thu, 14 Aug 2025 10:54:38 GMT Unlocking the Hidden Power of Search Engines censys
Fri, 29 May 2026 17:22:37 GMT Cracking SameSite for a $2,000 Web Cache Deception web-cache-poisoning
Wed, 24 Jun 2026 19:12:15 GMT The Invisible Threats: Why Logic Flaws Are Your Biggest Blind Spo... vulnerability-scanning
Tue, 21 Apr 2026 15:05:26 GMT Web Security Series #17 — Exploiting Local File Inclusion (LFI)... file-inclusion
Mon, 29 Jun 2026 11:44:13 GMT Cybersecurity Practice Lab 3 cross-site-scripting
Wed, 15 Jul 2026 11:30:22 GMT TryHackMe | Google Dorking google-dorking
Thu, 11 Jun 2026 04:44:15 GMT AtDork dorking tools google-dork
Thu, 19 Feb 2026 12:53:45 GMT Lab: Web cache poisoning via HTTP/2 request tunnelling | Portswi... web-cache-poisoning
Thu, 16 Jul 2026 09:05:51 GMT Why Application Vulnerability Testing Should Start Before Product... vapt
Wed, 15 Jul 2026 12:40:12 GMT UMANG App Vulnerability: Why Responsible Disclosure Matters More ... vapt
Fri, 12 Jun 2026 12:04:09 GMT The Print Button That Handed Me Your Account: Stored XSS to Full ... xss-bypass
Sat, 09 May 2026 02:26:22 GMT How I Discovered a Reflected XSS Vulnerability on a Major German ... xss-bypass
Mon, 06 Jul 2026 14:14:46 GMT Writing Effective Bug Bounty Reports: A Practical Guide for Bug B... bugbounty-writeup
Wed, 08 Jul 2026 22:58:24 GMT SAP Penetration Testing Guide pentest
Tue, 21 Apr 2026 14:42:50 GMT Web Security Series # 16— Exploiting Local File Inclusion (LFI) file-inclusion
Sat, 02 Aug 2025 14:15:23 GMT The Silent Risk in Your ICS: Why S7 Protocol Needs Security Atten... censys
Thu, 02 Apr 2026 17:35:36 GMT How I Found a Subdomain Takeover via BetterUptime subdomain-takeover
Thu, 16 Jul 2026 18:46:00 GMT Password Reset Vulnerabilities List application-security
Thu, 16 Jul 2026 03:28:39 GMT Nexus — HackTheBox Writeup cve
Wed, 15 Jul 2026 06:30:21 GMT Vulnerable and Outdated Components: The Silent Killer in Your Dep... cve
Wed, 17 Jun 2026 08:46:50 GMT Amazon Prime for Young Adults — Why Every College Soccer Fan Ne... bounties
Wed, 01 Jul 2026 05:23:05 GMT Broken Authentication Vulnerability That Allowed Unauthorized Use... bugcrowd
Fri, 24 Jan 2025 00:08:47 GMT A majestic temple opportunity of wellbeing and wellness web-pentest
Sun, 14 Jun 2026 22:00:33 GMT La sémantique de l’esquive : Analyse lexicologique du discours... lfi
Wed, 18 Mar 2026 10:03:26 GMT Web Security Series #7 — Exploiting Blind SQL Injection via Ses... bug-bounty-hunting
Fri, 10 Nov 2023 03:38:01 GMT Apache error.log advanced Log poisoning RCE log-poisoning
Wed, 10 Jun 2026 11:31:00 GMT Recon Is Everything — Where Real Bugs Actually Hide recon
Sun, 21 Jun 2026 18:54:02 GMT From Hydra to RCE: Breaking Down TryHackMe’s Support Machine web-pentest
Fri, 12 Jun 2026 12:24:10 GMT Watcher (THM) Tryhackme Medium Challenge local-file-inclusion
Mon, 16 Mar 2026 14:32:42 GMT Web Security Series #5 — Exploiting Broken Access Control via T... bug-bounty-hunting
Mon, 06 Jul 2026 09:42:54 GMT The xss0r Referral Program is now live! xss-vulnerability
Mon, 13 Jul 2026 08:48:39 GMT Censys 是什麼?和 Shodan 常被拿來比較,兩者實際å·... censys
Tue, 14 Jul 2026 10:58:28 GMT Trying to Bypass Root Detection in Android Applications Using Ker... application-security
Tue, 18 Nov 2025 13:26:47 GMT GitHub Dorking: The Hunter’s Guide to Finding Secrets in Public... github-dorking
Wed, 01 Jul 2026 15:52:58 GMT Critical File Upload Vulnerability: Web Shell Upload via Content-... rce
Tue, 07 Jul 2026 06:16:01 GMT How to Report Bugs & Earn PIF Rewards On TheBenefactor.Net bug-bounty-hunter
Mon, 06 Jul 2026 07:31:35 GMT From Testing File Uploads to Discovering Remote Code Execution (R... remote-code-execution
Tue, 14 Jul 2026 02:38:44 GMT What Is YARA? The Tool Security Researchers Use to Spot Malware P... cybersecurity-tools
Fri, 19 Jun 2026 10:41:20 GMT My Cybersecurity Learning Journey at TECHRISE (LEARN FACTORY) cybersecurity-tools
Fri, 19 Sep 2025 07:40:16 GMT How I Tracked Our Clients’ Device Versions Without Direct Repor... zoomeye
Tue, 14 Jul 2026 17:10:47 GMT File Inclusion Challenge (TryHackMe) file-inclusion
Sun, 12 Jul 2026 09:08:06 GMT Android Pentesting in 2026: The Only Guide You’ll Need to Go Fr... bugs
Mon, 22 Jun 2026 01:55:36 GMT PortSwigger : Stored XSS into Anchor href Attribute with Double Q... cross-site-scripting
Wed, 15 Jul 2026 09:47:21 GMT Organization Without Owner hackerone
Sun, 05 Jul 2026 11:31:00 GMT Google Dorking for Bug Hunters google-dork
Tue, 05 May 2026 09:32:07 GMT Google Dorks — Advanced Search google-dork
Wed, 03 Jun 2026 14:55:44 GMT Recruit | TryHackMe | Walkthrough local-file-inclusion
Wed, 15 Jul 2026 15:14:54 GMT The Endpoint Everyone Ignored Just Took Down a Server hackerone
Sun, 24 May 2026 15:03:53 GMT Support | TryHackMe | Walkthrough local-file-inclusion
Tue, 18 Nov 2025 18:12:40 GMT Dork Labs Awarded AWS Activate Startup Grant dorks
Fri, 28 Jun 2024 14:51:14 GMT X-Forwarded HTTP header-ləri : Qısa izah log-poisoning
Sat, 02 May 2026 14:24:34 GMT Analytic Tools cyber-sec
Tue, 14 Jul 2026 12:56:04 GMT How I Demoted a Project Owner to Viewer Using Just Burp Suite —... hackerone
Tue, 18 Nov 2025 08:33:41 GMT A Chain of Vulnerabilities Leading to Critical Information Disclo... bug-bounty-program
Thu, 09 Jul 2026 23:38:38 GMT AtDork 1.3.9.6? 180,000 Dorks free open source google-dork, dorks
Wed, 13 May 2026 16:01:01 GMT Mapleton (LFI to RCE) WebVerse lfi
Tue, 30 Jun 2026 09:45:39 GMT Why I Rejected Existing Hacking Tools to Program My Own cybersecurity-tools
Wed, 08 Jul 2026 13:01:02 GMT CVE-2026–10107: SSRF in MoviePilot v2 Image Proxy Endpoint ssrf
Thu, 18 Jun 2026 11:31:01 GMT Broken Access Control — 2026’s #1 Bug bugcrowd
Fri, 12 Dec 2025 06:49:56 GMT How Variable Data Technology is Transforming Postcard & Brochure ... vdp
Mon, 29 Jun 2026 14:59:47 GMT The Infinite Loop: Deconstructing WSHRAT’s Fileless Injection a... security-research
Sat, 04 Jul 2026 14:44:26 GMT Behind the Screen Name: Cybersecurity in cyber-sec
Mon, 08 Jun 2026 10:33:04 GMT How a Routine XSS Hunt Led to an Unexpected Database Information ... vulnerability-disclosure
Thu, 02 Jul 2026 03:47:13 GMT Cambodia Cyber Arena 2026: Web — My Assistant — Writeup rce
Fri, 12 Jun 2026 11:04:39 GMT Why Your Subdomain Takeover Reports Keep Getting Closed as N/A (A... subdomain-takeover
Wed, 17 Jun 2026 16:57:29 GMT Unauthenticated IDOR on NASA’s GitLab Instance — From Recon t... bugcrowd
Tue, 23 Jun 2026 17:44:04 GMT Still Doing Recon Manually? You’re Wasting Time — Recon Smart... bug-bounty-hunter
Wed, 29 Apr 2026 14:14:58 GMT Part 2 : Cross-Site Scripting (XSS) xss-bypass
Fri, 24 Jan 2025 09:34:52 GMT A new Holistic temple opening InLeeds web-pentest
Thu, 16 Jul 2026 09:29:01 GMT Deepseek’den Api Key Nasıl Alınır (2026) api-key
Fri, 10 Jul 2026 23:26:18 GMT Reflected XSS into HTML context with most tags and attributes blo... xss-attack
Tue, 07 Jul 2026 19:44:00 GMT The 403 That Wasn’t: How I Ended Up Accessing 100K Azure AD Use... bugbounty-writeup
Fri, 03 Jul 2026 14:09:25 GMT TryHackMe Reconhecimento ativo (versão em português) pentest
Tue, 22 Apr 2025 10:38:20 GMT Trump’s Tariffs Cut Out Censys — ZoomEye Steps In Strong! zoomeye
Wed, 15 Jul 2026 21:37:37 GMT 5 Bugs My Paying Customers Found Before I Did bugs
Sun, 21 Jun 2026 18:31:00 GMT Can You Build a Career on Bugcrowd? I’m Going to Test It. (Day ... bugcrowd, bounty-program
Thu, 16 Jul 2026 10:15:10 GMT Breaking Down LegacyHive exploit
Tue, 30 Jun 2026 05:13:55 GMT Post auth RCE in GeoSIG seismological equipment (GMSplus) pentest
Thu, 09 Jul 2026 19:09:36 GMT Engineering a Zero-Trust Document Upload Pipeline: Implementing C... file-upload
Wed, 24 Jun 2026 16:01:02 GMT How a composer install Becomes Remote Code Execution: Inside CVE-... remote-code-execution
Fri, 03 Jul 2026 15:01:17 GMT AI Skills Developers Must Learn in 2026: Practical Roadmap, Tools... api-key
Thu, 16 Jul 2026 15:11:23 GMT A Newsletter Confirmation Link That Doubled as a Permanent, Non-E... bug-bounty-tips, bug-bounty-writeup
Sun, 15 Mar 2026 16:45:35 GMT Web Security Series #4 — Discovering Unauthorized Resources via... bug-bounty-hunting
Wed, 15 Jul 2026 13:44:51 GMT Trust the Caller, Trust the Output: Six CVEs in the AI Tooling Bo... cve
Thu, 09 Jul 2026 12:43:47 GMT The Easy Bug Series | #01 bounty-program
Thu, 09 Apr 2026 17:39:27 GMT From 401 to BAC: How a Refresh Broke Workspace Authorization vulnerability-disclosure
Tue, 07 Jul 2026 09:20:14 GMT The Path of the Serpent: How I Turned a P5 Open Redirect into a ... rce
Tue, 14 Jul 2026 07:22:51 GMT Information Disclosure vulnerabilities: Information Disclosure on... vapt
Thu, 13 Feb 2025 03:29:37 GMT ZoomEye Meets DeepSeek: AI-Powered Cyberspace Intelligence zoomeye
Fri, 26 Jun 2026 06:46:44 GMT How Google Dorking Can Streamline Your SEO Research Process google-dorking
Thu, 02 Apr 2026 18:59:50 GMT File Inclusion (LFI/RFI) — Extracting Sensitive Data from confi... file-inclusion
Sat, 20 Apr 2024 17:20:58 GMT TryHackMe — Brute Walkthrough | TheHiker log-poisoning
Fri, 03 Jul 2026 19:09:36 GMT CVE_2026_44963 Veeam RCE rce
Thu, 25 Jun 2026 22:08:54 GMT PortSwigger : DOM XSS in jQuery Selector Sink Using a Hashchange ... cross-site-scripting
Fri, 03 Jul 2026 07:26:00 GMT The June 2026 Vulnerability Surge: Why Your Perimeter Defenses Ar... remote-code-execution
Thu, 16 Jul 2026 05:12:23 GMT When -1 Becomes a Heap Write: A libtiff TIFFReadAndRealloc() Vuln... cve
Wed, 17 Jun 2026 18:22:29 GMT Why 90% of Bug Bounty Hunters Fail in Their First 3 Months (And H... recon
Wed, 01 Jul 2026 11:02:50 GMT Bounty Hacker bounties
Thu, 16 Jul 2026 13:05:15 GMT A Hacker Built Self-Updating Bug Bounty Skills From 2,000 Reports bug-bounty-tips, hackerone
Sat, 11 Jul 2026 15:30:56 GMT Your Data Pipeline Succeeded. The Data Was Still Wrong. Here Are ... bugs
Sun, 05 Jul 2026 12:32:24 GMT How to Pick a Directory Listing Service That Actually Works directory-listing
Mon, 06 Jul 2026 20:12:41 GMT When Changing an Email Isn’t Enough: Discovering a Persistent A... hackerone
Fri, 01 May 2026 09:40:56 GMT Excessive Data Exposure Leading to Unauthorized Access to Paid Fe... vulnerability-disclosure
Wed, 13 May 2026 07:37:16 GMT How to Find Subdomains Using Shodan and the Favicon Hash Trick subdomain-enumeration, shodan
Tue, 17 Mar 2026 09:18:53 GMT Web Security Series #6 — Exploiting SQL Injection to Extract Se... bug-bounty-hunting
Wed, 23 Jul 2025 15:15:01 GMT TryHackMe Include walkthrough: SSRF, log poisoning & LFI2RCE, wit... log-poisoning
Wed, 20 May 2026 11:18:33 GMT Me Before Digiss vs Me Now in Digiss: How My Cybersecurity Learni... cyber-sec
Thu, 16 Jul 2026 16:12:07 GMT How I Discovered a Weak Login Function Over HTTP That Exposed Use... bug-bounty-writeup
Sun, 05 Apr 2026 20:11:41 GMT I Tried Logging In… and Accidentally Did Responsible Disclosure... vdp
Sun, 12 Jul 2026 11:54:51 GMT Lab: Authentication bypass via information disclosure (Informatio... information-disclosure
Thu, 11 Jun 2026 04:45:57 GMT Discover printers during an internal penetration testing engageme... recon
Wed, 01 Jul 2026 11:46:00 GMT Convierte acciones sencillas en recompensas reales bounty-program
Mon, 29 Jun 2026 10:46:38 GMT Costa Rica Canopy Tours: Choosing Experiences That Match Your Com... directory-listing
Mon, 15 Jun 2026 03:18:06 GMT How I Escalated Privileges in a File-Sharing Platform by Changing... bugcrowd
Thu, 16 Jul 2026 05:04:57 GMT Recreating the Capital One Breach in My Own Azure Lab vapt
Sat, 04 Jul 2026 10:36:33 GMT Basic Pentesting: 2 pentest
Fri, 03 Jul 2026 13:17:38 GMT Unauthenticated Stored XSS in NEX-Forms Express WP Form Builder (... security-research
Tue, 12 May 2026 17:55:36 GMT Wild Bounty Showdown PG Soft: Rahsia Maxwin Cowboy & Pola Gacor T... bounties
Mon, 13 Apr 2026 22:31:01 GMT The Cost of Trusting My Own Fingers bounties
Mon, 22 Jun 2026 01:16:21 GMT PortSwigger : DOM XSS in jQuery Anchor href Attribute Sink Using ... cross-site-scripting
Thu, 09 Jul 2026 08:16:01 GMT Bug Bounty — Bypassing Access Controls: How a Single Boolean Fl... bug-bounty-hunter
Tue, 14 Jul 2026 21:31:00 GMT OWASP Top 10 Labs Series #10 - SSRF: Two Labs, Two Ways a Server ... ssrf
Sat, 09 May 2026 01:31:00 GMT Your Server Is Showing Everything It Shouldn’t -The Apache Dire... directory-listing
Thu, 04 Jun 2026 06:54:59 GMT OpenRouter’dan Api Key Nasıl Alabiliriz (2026) api-key
Wed, 08 Jul 2026 21:58:01 GMT The $0 IDOR That Was Worth More Than a $12,500 P1 hackerone, idor
Fri, 10 Jul 2026 16:39:15 GMT Using Game Cheat PoC Code to Exploit Userland Processes. (Part 1)... exploit
Tue, 09 Jun 2026 06:35:46 GMT From LFI to Database Takeover and the RCE That Almost Was lfi
Mon, 29 Jun 2026 18:05:45 GMT TryHackMe Passive Reconnaissance (versão em português) pentest
Sun, 12 Jul 2026 21:01:01 GMT Why move_uploaded_file() Doesn't Validate Anything You Think It D... file-upload
Thu, 02 Jul 2026 14:00:04 GMT Methodology over Automation: Deconstructing E-commerce Checkout L... hackerone
Thu, 02 Jul 2026 15:26:09 GMT Billing — TryHackMe rce
Thu, 09 Jul 2026 12:57:30 GMT Essential Cybersecurity Tools Every Small Business Needs In 2026 cybersecurity-tools
Mon, 18 May 2026 14:37:14 GMT File Inclusion - Challenge Part | TryHackMe Walkthrough file-inclusion
Sat, 11 Jul 2026 23:03:09 GMT Finding Reflected XSS Through Persistence xss-attack
Sat, 30 May 2026 18:19:20 GMT Admin Dashboard Accessible Without Authentication vulnerability-disclosure
Thu, 02 Jul 2026 15:36:00 GMT How I Found a Local File Inclusion in DHL security-research
Wed, 06 May 2026 11:36:01 GMT Google Dorking google-dorking, dorking
Fri, 22 May 2026 21:10:59 GMT Recruit TryHackMe walkthrough lfi
Wed, 24 Jun 2026 13:40:07 GMT SOC Tools Explained for Beginners: SIEM, EDR, NDR & SOAR — A Si... cybersecurity-tools
Sun, 15 Mar 2026 17:49:52 GMT TryHackMe — Takeover Writeup subdomain-takeover
Thu, 28 Sep 2023 23:05:39 GMT Archangel — TryHackMe log-poisoning
Fri, 01 May 2026 20:23:15 GMT Shodan Facet Searches That Read Like Threat Intel Poetry shodan
Wed, 10 Jun 2026 08:19:20 GMT How I Dealt with an Exposed API Key on GitHub api-key
Thu, 16 Jul 2026 07:26:30 GMT Business logic vulnerabilities: Excessive Trust in Client-Side Co... vapt
Mon, 22 Jun 2026 04:22:38 GMT Subdomain Takeover: A Complete Guide from Beginner to Advanced subdomain-takeover
Tue, 07 Jul 2026 21:04:57 GMT Captcha Bypass bugbounty-writeup
Mon, 04 May 2026 07:35:39 GMT CPDoS via Content Negotiation Mechanism web-cache-poisoning
Tue, 03 Feb 2026 17:12:47 GMT My First Week: 3 Business Logic Bugs in Major E-Commerce bug-bounty-program
Mon, 13 Jul 2026 15:55:24 GMT Lab: Information disclosure in version control history (Informati... information-disclosure
Mon, 29 Jun 2026 03:20:06 GMT CVE-2026–50521 | Microsoft Edge (Chromium-based) Remote Code E... remote-code-execution
Thu, 28 May 2026 15:59:28 GMT File Inclusion Vulnerability Assessment file-inclusion
Mon, 30 Mar 2026 06:03:13 GMT Why Business Directory Listings Are the Secret Weapon of Off-Page... directory-listing
Sun, 26 Jan 2025 19:08:11 GMT Matrix strike’s back against honesty from a power stance web-pentest
Sat, 04 Jul 2026 15:01:30 GMT Sistemin Anahtarını Ele Geçirmek: RCE Injection ve Gelişmiş ... rce, remote-code-execution
Wed, 15 Jul 2026 18:22:14 GMT How I Built a Standalone AI Prompt Firewall: Architectural Insigh... cve
Fri, 10 Jul 2026 00:24:26 GMT Stored DOM XSS — PortSwingger xss-vulnerability
Sun, 12 Jul 2026 19:41:39 GMT Account Takeover via Open Redirect XSS xss-attack
Sun, 17 May 2026 02:56:19 GMT The 3 Bug Hunting Habits That Made Me Go From $0 to $5k (And None... bug-bounty-program
Tue, 10 Feb 2026 23:04:46 GMT Effective Dorking Tools dorking
Mon, 22 Jun 2026 17:59:47 GMT How I Recon a Target, Part Two: Now We Poke It recon
Fri, 12 Jun 2026 12:39:46 GMT [Nvidia AI API] Nvidia �費AI API 申請 api-key
Wed, 24 Jun 2026 19:59:01 GMT From an Informational Finding to a Valuable Lesson: My IDOR Disco... bugcrowd
Thu, 28 May 2026 16:33:00 GMT CONTENT DISCOVERY-TRYHACKME WALKTHROUGH google-dorking
Mon, 29 Jun 2026 08:56:42 GMT Public PoC Released for Critical libssh2 Flaw That Could Enable R... rce
Thu, 28 May 2026 07:15:06 GMT ¡Únete y hazte con uno de los más de 400 premios! bounty-program
Mon, 04 May 2026 14:48:00 GMT I Found 150+ Vulnerabilities in DeFi Protocols. Here’s Why I C... bounties
Tue, 19 May 2026 17:44:55 GMT Day 5: Footprinting & Reconnaissance -How Attackers Know Everythi... google-dorking
Sat, 20 Dec 2025 18:21:40 GMT N0aziXss SubSpectre: Advanced Subdomain Discovery with Intelligen... subdomain-enumeration
Tue, 30 Jun 2026 18:34:40 GMT TuesdayTool 47: AMASS — Discovering Your Hidden Attack Surface ... cybersecurity-tools
Mon, 13 Jul 2026 20:58:53 GMT IDOR & Bypass Techniques: A Practical Methodology for Security Te... idor
Fri, 31 May 2024 13:29:16 GMT Map of the worlds best URLs 2025 log-poisoning
Wed, 25 Feb 2026 01:47:45 GMT How I Found a Path Traversal in the Rancher Dashboard via HAR Rep... web-pentest
Fri, 05 Jun 2026 04:49:28 GMT Price Manipulation in Payment Gateway / Shopping Cart vdp
Fri, 17 Apr 2026 04:53:23 GMT How I Found an Exposed Google Maps API Key on a Global Brand’s ... vdp
Thu, 20 Nov 2025 17:16:47 GMT The Health Factor: How DorkFi Keeps Your Position Safe dorks
Sat, 20 Jun 2026 07:44:22 GMT Ağınız Dışarıdan Nasıl Görünüyor? Shodan İle Kurumsal ... shodan
Mon, 13 Jul 2026 11:04:30 GMT Cache Poisoning: From Cache Hits to Bounty web-cache-poisoning
Mon, 06 Jul 2026 11:47:49 GMT UK Business Directory: Strategic Visibility for Local Market Succ... directory-listing
Sun, 12 Jul 2026 02:55:50 GMT DOM XSS in AngularJS expression with angle brackets and double qu... xss-vulnerability
Sat, 30 May 2026 11:25:12 GMT Cross-Site Scripting (XSS) via Client-Side Filter Bypass xss-bypass
Thu, 02 Oct 2025 06:59:46 GMT Endless Cashback Glitch:How I Unlocked Unlimited Free Orders with... bug-bounty-program
Tue, 14 Jul 2026 06:46:00 GMT Critical Security Alert: Understanding the Adobe ColdFusion CVE-... application-security
Fri, 06 Jun 2025 15:47:21 GMT ��♂� GitHub Dorking for Bug Bounty: Hackers' Hidden Playg... github-dorking
Fri, 10 Jul 2026 13:08:56 GMT How I Found a Stored XSS Vulnerability While Testing for Self-XSS... security-research
Wed, 15 Jul 2026 07:43:13 GMT CVE-2025–59475: Jenkins Missing Permission Check Vulnerability cve
Mon, 18 May 2026 13:05:18 GMT Subdomain Takeover subdomain-takeover
Thu, 20 Nov 2025 09:45:04 GMT Timber Doors in Surrey: Style, Durability, and Value Explained dorking
Sun, 23 Feb 2025 11:17:25 GMT $1000-$10k worth Leaks via Github Secret Dorks github-dorking
Tue, 14 Jul 2026 09:31:20 GMT How Convenience Over Security Exposed 160K+ Citizens: An IDOR Bre... idor
Tue, 05 Dec 2023 07:54:40 GMT LFI via SMTP log poisoning log-poisoning
Mon, 22 Jun 2026 07:48:39 GMT Still Confused by Amass or Can’t Understand Its Results, This I... recon
Wed, 15 Jul 2026 12:56:40 GMT I Just Wanted a Cold Coffee. Instead I Found a Master Key to a Ve... vdp
Mon, 06 Jul 2026 13:01:03 GMT CVE-2026–10100: Stored XSS in Simple Custom Login Page WordPres... xss-vulnerability
Sun, 31 May 2026 06:49:51 GMT Subdomain Takeover: The Silent Killer of Web Security — Tryhack... subdomain-takeover
Sat, 18 Apr 2026 05:07:38 GMT We’re About to Stop Trusting What We See Online — And AI Is t... cyber-sec
Thu, 25 Jun 2026 15:42:57 GMT Thm Room —Intro to Cross-Site Scripting cross-site-scripting
Fri, 03 Jul 2026 19:50:32 GMT : … remote-code-execution
Sat, 04 Jul 2026 14:50:11 GMT Dosya Sistemine Sızış: Directory Traversal ve LFI Zafiyetlerin... local-file-inclusion
Fri, 26 Jun 2026 17:09:50 GMT How to Upload Files in Chunks with FilePond and Laravel | Mindwa... file-upload
Thu, 11 Jun 2026 05:41:48 GMT Shodan: The Search Engine Hackers Don’t Want You to Know About shodan
Sun, 19 Apr 2026 15:57:12 GMT XSS Bypass urlparse filter evasion in Python xss-bypass
Thu, 18 Jun 2026 11:52:47 GMT ¿Usas Intercambio? bounty-program
Wed, 15 Jul 2026 02:01:03 GMT ��脅情資】從 Java RCE 到內網橫�:��� Defend... rce
Sun, 14 Dec 2025 06:37:06 GMT My Bug Bounty Diary subdomain-enumeration
Sat, 11 Jul 2026 03:01:04 GMT Achieving Zero-Downtime AI for Security Research: Guide to Settin... security-research
Sat, 04 Jul 2026 16:38:19 GMT Fools Mate — TryHackMe Writeup security-research
Wed, 08 Jul 2026 19:28:06 GMT CRLF Injection — Understanding the Vulnerability ( P 1/3 ) : bugbounty-writeup
Mon, 11 May 2026 04:25:50 GMT Google Dorking for Beginners: Ghosting the Network google-dorking
Sat, 11 Jul 2026 11:14:08 GMT Lab: Information disclosure on debug page (Information Disclosure... information-disclosure
Tue, 09 Jun 2026 07:00:48 GMT Costa Rica Beaches: Which Ones Are Worth the Drive directory-listing
Thu, 16 Jul 2026 13:45:43 GMT One-Click Full Account Takeover: How an Unauthenticated OAuth End... bug-bounty-tips
Sat, 04 Jul 2026 04:40:06 GMT The Festival Phantom: How I Found a Ghost in Germany’s Anubis ... vdp
Tue, 05 Aug 2025 00:19:11 GMT Breaking Recon with AMASS subdomain-enumeration
Thu, 02 Jul 2026 05:01:30 GMT The Midnight Exam: How I Secured Russia’s Night Raid Academy vdp
Fri, 10 Jul 2026 21:08:54 GMT “screenshot� | CyberTalents | Bypass SSRF filters using PHP... ssrf
Fri, 03 Jul 2026 21:44:21 GMT CVE-2026–48493: Privilege Escalation via Permission Bypass in S... security-research
Tue, 14 Jul 2026 18:01:00 GMT The Parameter That Redirects Nowhere: HTML Injection via redirect... bug-bounty-tips
Mon, 13 Jul 2026 06:46:58 GMT How I Discovered a Premium Bypass Vulnerability in Spotify — An... hackerone
Wed, 20 May 2026 20:47:25 GMT FINDING INFORMATION QUICKLY AND ACCURATELY WITH GOOGLE DORK google-dorking, google-dork, github-dorking
Mon, 29 Jun 2026 23:19:13 GMT From Deep Link to Shell: Easy $3000 Android Crits. rce
Tue, 14 Jul 2026 16:44:08 GMT TuesdayTool 48: OSINTLeak — A Modern OSINT Platform for Digital... cybersecurity-tools
Sun, 07 Jun 2026 18:38:23 GMT Visualizing Physical Attack Surface Exposure with Python, WiGLE, ... shodan
Sat, 11 Jul 2026 13:01:01 GMT Here’s your Medium article on CVE-2026–10112 xss-attack, xss-vulnerability
Wed, 19 Nov 2025 19:44:02 GMT The Pulse of Liquidity: How DorkFi’s Interest Rates Adapt in Re... dorks
Tue, 24 Mar 2026 17:48:00 GMT The Ultimate Bug Bounty Course: From Zero to Advanced Hacker 1 bug-bounty-hunting
Sat, 11 Jul 2026 12:12:35 GMT HACKING JULY DAY 10:JUICE-SHOP XSS xss-vulnerability
Tue, 28 Apr 2026 07:09:41 GMT owockibot: The Bounty Board Powering the Agent Economy bounty-program
Mon, 13 Jul 2026 21:52:49 GMT I Found Critical Vulnerabilities in a Shark Tank Brand’s Websit... bugs
Sat, 11 Jul 2026 10:55:02 GMT Lab: Information disclosure in error messages (Information Disclo... information-disclosure
Wed, 11 Mar 2026 08:12:14 GMT The Bug Bounty Hunter Roadmap (2026): From Curious Beginner to Re... bug-bounty-hunting
Wed, 17 Jun 2026 07:53:43 GMT Operation Liwanag: The Same Map a Chinese Intelligence Asset Drew... shodan, censys
Wed, 15 Jul 2026 18:31:01 GMT Best Security Practices in Software Development for Web Applicati... application-security
Fri, 17 Apr 2026 19:01:54 GMT The Ultimate Guide to Wayback Machine Dorking for Deleted Leaks dorking
Tue, 21 Apr 2026 13:33:52 GMT Kioptrix: 2014 — VulnHub Walkthrough pChart LFI + PhpTax RCE to... lfi
Thu, 04 Jun 2026 11:54:28 GMT Vulnerability Management: Identifying and Fixing Security Weaknes... vulnerability-scanning
Tue, 26 May 2026 23:44:37 GMT Intigriti May 2026 Challenge: XSS via Stored Payload & SCA Shield... xss-bypass
Sat, 20 Jun 2026 14:51:32 GMT Building DropWire: local file transfer from a browser, no account... file-upload
Fri, 26 Jun 2026 06:25:44 GMT Costa Rica Canopy Tours: Choosing Experiences That Match Your Com... directory-listing
Tue, 11 Nov 2025 16:43:14 GMT Beyond Google: Navigating the Hidden Internet with Shodan and Cen... censys
Sat, 04 Jul 2026 14:47:14 GMT AI is built into apps now. What does that mean for data security? cyber-sec
Mon, 13 Jul 2026 08:03:56 GMT I Spent 5 Days Looking for a Bug That Didn’t Exist: NASA bugbounty-writeup
Tue, 14 Jul 2026 08:38:02 GMT Infrastructure Takeover: How Leaked MailWizz API Keys Allowed Byp... information-disclosure
Tue, 16 Jun 2026 13:11:36 GMT Understanding Web Cache Poisoning via Unkeyed Headers: A PortSwig... web-cache-poisoning
Thu, 13 Mar 2025 18:09:56 GMT How I Found Sensitive Information using Github Dorks in Bug Bount... github-dorking
Mon, 13 Jul 2026 09:49:39 GMT Why “In QA� Isn’t Always the Right Status bugs
Wed, 24 Jun 2026 11:31:00 GMT CSRF Explained Like You’re Five bugcrowd
Thu, 16 Jul 2026 03:53:11 GMT How a ~3 KB TIFF Can Make libtiff Ask for 16 GB of Memory cve
Sat, 09 May 2026 10:01:40 GMT Shodan.io | TryHackMe shodan
Fri, 19 Jun 2026 17:40:08 GMT How to Get a Private Bug Bounty Invite on HackerOne — Without S... bugcrowd
Mon, 22 Jun 2026 14:38:16 GMT Remote Code Execution via Custom JS Function in Flowise remote-code-execution
Wed, 15 Jul 2026 06:04:21 GMT How I Turned a Database Import Feature into an Internal Network S... ssrf
Mon, 06 Jul 2026 20:43:42 GMT Active Directory Certificate Services Exploitation 9–16 pentest
Sun, 12 Jul 2026 16:33:11 GMT Understanding Host Header Injection xss-vulnerability
Sat, 11 Jul 2026 03:37:30 GMT Memburu Celah Keamanan di Situs Besar: Eksplorasi CVE-2021–4118... xss-vulnerability
Thu, 16 Jul 2026 16:38:37 GMT Stored XSS via SVG File Upload Leading to Account Takeover in an ... bug-bounty-tips
Wed, 15 Jul 2026 20:00:20 GMT Stop Buying Cleaning Spray — Do This Instead For generation... bugs
Thu, 02 Jul 2026 12:34:12 GMT TryHackMe: NoScope — Finding RCE remote-code-execution
Fri, 06 Feb 2026 06:33:08 GMT 5 Ways to Bypass Email Verification Without Using Any Tool bug-bounty-program
Fri, 10 Jul 2026 09:19:11 GMT How I Bypassed a Mandatory 2FA Enforcement Just by Dropping One R... bugbounty-writeup
Thu, 16 Jul 2026 07:24:50 GMT Information Disclosure vulnerabilities: Source Code Disclosure vi... vapt
Mon, 04 May 2026 23:53:49 GMT Break The Syntax CTF — Web Challenge 2 Writeup lfi
Tue, 14 Jul 2026 12:52:09 GMT Server-Side Request Forgery: Exploiting and Fixing the SSRF Vulne... ssrf
Wed, 08 Jul 2026 10:12:49 GMT Deep Dive into Modern Web Vulnerabilities: Advanced API Exploitat... ssrf
Sat, 25 Apr 2026 14:46:05 GMT File Inclusion— Skills Assesment (HTB) file-inclusion
Thu, 09 Jul 2026 05:17:08 GMT Identifying Publicly Leaked OpenAI and Anthropic API Keys api-key
Tue, 14 Jul 2026 06:36:00 GMT Why Your AI Coding Agent Keeps Repeating the Same Bug bugs
Tue, 14 Jul 2026 11:11:49 GMT Exposing the Shadowy World of Student Proxy Exploits: 148 npm Pac... exploit
Thu, 16 Jul 2026 14:20:32 GMT Ostium Exploit — $18M Drained exploit
Wed, 22 Oct 2025 14:11:32 GMT Mastering Subdomain Enumeration: A Beginner’s Guide to Expandin... subdomain-enumeration
Wed, 03 Jun 2026 15:20:33 GMT Most Businesses in Costa Rica Are Easier to Find Than You Think, ... directory-listing
Fri, 10 Jul 2026 15:09:02 GMT Two AI Concepts That Were Much Simpler Than I Expected api-key
Thu, 09 Jul 2026 21:27:37 GMT TryHackMe Protocols and Servers 2 (versão em português) pentest
Fri, 10 Jul 2026 19:19:48 GMT From a 100 MB Error to Git LFS: What I Learned file-upload
Fri, 27 Mar 2026 03:29:10 GMT TryHackMe — File Inclusion (Walkthrough) file-inclusion
Wed, 13 May 2026 23:11:19 GMT The Lethal Trifecta: How AI Agents With Tool Access Turn Prompt I... cyber-sec
Thu, 02 Jul 2026 16:02:56 GMT Strengthening Web3 Trust with Blockchain Incident Response & Fore... bug-bounty-program
Tue, 07 Jul 2026 06:11:00 GMT Unmasking CVE-2026–26128: The New Windows SMB & NTLM Reflection... exploit
Sat, 11 Jul 2026 12:55:00 GMT How to Replace AWS S3 with MinIO in Development (Without Changing... file-upload
Mon, 06 Jul 2026 17:10:06 GMT I Built a Great Ctrl + V Screenshot Upload Feature. Why Wasn’t ... file-upload
Sun, 21 Sep 2025 07:02:30 GMT Affordable but Vulnerable? The Dark Side of CMORE HMI censys
Tue, 14 Jul 2026 07:18:23 GMT Information Disclosure vulnerabilities: Information Disclosure in... vapt
Thu, 11 Jun 2026 05:26:16 GMT START HERE, MANIFESTO dorks
Thu, 16 Jul 2026 18:52:16 GMT From a URL Parameter to Full System Access: Logslinger CTF lfi
Thu, 12 Mar 2026 18:11:47 GMT A Simple P4 Bug That Ended as Duplicate bug-bounty-hunting
Tue, 30 Jun 2026 12:11:15 GMT El toro de Wall Street ya está en WhiteBIT bounty-program
Mon, 06 Jul 2026 09:03:08 GMT CVE-2025–43807: Stored Cross-Site Scripting (XSS) Vulnerability... cross-site-scripting
Fri, 12 Jun 2026 10:04:19 GMT ATDORK google-dork
Mon, 13 Apr 2026 03:31:01 GMT Google Dorks Google Ko Bana Do Apna Hacking Tool: Free Mein Bugs ... github-dorking
Tue, 16 Jun 2026 02:05:28 GMT How to Find More Subdomains Than Everyone Else recon
Fri, 08 May 2026 22:01:34 GMT AI Is Breaking the Two Rules That Kept the Internet Safe — And ... vulnerability-disclosure
Mon, 18 May 2026 18:07:32 GMT SYMFONOS: 1 local-file-inclusion
Mon, 25 May 2026 14:19:37 GMT Look at this, we created this bounties
Thu, 16 Jul 2026 21:38:15 GMT Direct $MFT Parsing pentesting
Sat, 06 Jun 2026 07:18:44 GMT Update: The Ending of My $500 Loss and Web Cache Poisoning Story. web-cache-poisoning
Mon, 29 Jun 2026 01:03:39 GMT Belajar tentang File Inclusion dalam Penetration Testing local-file-inclusion, file-inclusion
Thu, 09 Oct 2025 18:33:05 GMT 0-click Account Takeover via Punycode bug-bounty-program
Fri, 17 Apr 2026 15:51:57 GMT The 2026 Shodan Dork Bible: Finding Exposed Jenkins, Grafana, and... shodan
Tue, 07 Jul 2026 21:06:39 GMT Session Fixation bugbounty-writeup
Mon, 13 Jul 2026 15:01:02 GMT How to Build High-Performance DevOps (via Accelerate) bugs
Wed, 16 Jul 2025 12:07:42 GMT Hackers Love This 1979 Protocol (Because It Can’t Defend Itself... censys
Mon, 27 Apr 2026 07:12:30 GMT One Weird Query String That Let Anyone Hijack Any Account in Roc... bounties
Wed, 17 Dec 2025 09:57:30 GMT The Mother Lode: Hacking with GitHub Dorking github-dorking
Tue, 14 Jul 2026 19:59:03 GMT LetsDefend: SOC169 — Possible IDOR Attack Detected (Walkthrough... idor
Tue, 14 Apr 2026 17:24:57 GMT PAM Cleanup in Practice: Discovery, Risk Triage and Lifecycle Gov... cyber-sec
Wed, 15 Jul 2026 01:58:14 GMT API Fuzzing for Bug Bounty — Part 3: GraphQL Security — The C... bug-bounty-tips, bug-bounty-writeup
Thu, 16 Jul 2026 04:28:38 GMT How to Install GAU (GetAllURLs) Tool on Kali Linux — Complete G... hackerone, bugcrowd
Wed, 01 Jul 2026 11:07:22 GMT Archangel TryHackMe Walkthrough | LFI, Log Poisoning & Linux Pri... local-file-inclusion
Sun, 15 Feb 2026 09:26:13 GMT TryHackMe Walkthrough -Subdomain Enumeration subdomain-enumeration
Wed, 22 Apr 2026 23:39:11 GMT Authentication bypass via unauthenticated JWT generation on a tel... shodan
Sat, 11 Jul 2026 19:12:59 GMT Breaking CSPs xss-attack
Thu, 25 Jun 2026 22:23:14 GMT PortSwigger : Reflected XSS into Attribute with Angle Brackets HT... cross-site-scripting
Thu, 21 May 2026 15:16:28 GMT How to Bypass LinkedIn Commercial Use Limit in 2026 (Without Payi... google-dorking
Sat, 14 Mar 2026 18:06:12 GMT Web Security Series #3 — Discovering Credentials Using Cluster ... bug-bounty-hunting
Fri, 26 Jun 2026 17:34:18 GMT The Ultimate Guide to Embroidery Machine File Formats file-upload
Wed, 15 Jul 2026 01:50:24 GMT Breaking CORS : Hunting CORS Misconfigurations For Bug Bounty bug-bounty-tips
Thu, 16 Jul 2026 12:52:09 GMT (IDOR)Allows Deletion of OpenAPI Specification Files Across Organ... bug-bounty-writeup
Fri, 19 Jun 2026 20:02:36 GMT TryHackMe: Support Ops Platform Walkthrough lfi
Fri, 10 Jul 2026 18:20:51 GMT Hello World! First post, first CVE security-research
Tue, 15 Jul 2025 12:15:58 GMT “Secure� OPC UA Setups Are Being Hacked — Here’s Why censys
Tue, 13 Jan 2026 13:27:13 GMT Hacking “Time�: When Critical Infrastructure Forgets to Set a... vulnerability-disclosure
Thu, 09 Jul 2026 11:31:00 GMT How I Found My First Critical Bug (An IDOR Story) idor
Thu, 16 Jul 2026 13:47:10 GMT From Source Code Leak to Full Session Forgery: How Hardcoded Secr... information-disclosure
Tue, 07 Jul 2026 04:44:54 GMT How to Get USCSI® Certified: A Complete Step-by-Step Guide cybersecurity-tools
Sun, 12 Jul 2026 04:43:16 GMT A Critical Vulnerability in PraisonAI: What You Need to Know remote-code-execution
Fri, 12 Jun 2026 21:45:49 GMT TryHackMe Walkthrough: Support local-file-inclusion
Mon, 22 Jun 2026 06:51:54 GMT Find exposed sensitive data in AWS, Google Cloud, and other platf... dorks
Fri, 10 Jul 2026 09:31:00 GMT From PortSwigger Labs to my First Real-World Bounty: How a Stored... xss-vulnerability
Thu, 11 Jun 2026 17:29:29 GMT Free AI API Keys: How to Get Them Without a Credit Card api-key
Sat, 27 Jun 2026 17:01:35 GMT When Missing Rate Limiting Leads to a Critical Authentication Fin... bug-bounty-hunter
Thu, 27 Mar 2025 23:46:11 GMT Make Break and Betrayal web-pentest
Thu, 16 Jul 2026 01:54:10 GMT RoguePlanet (CVE-2026–50656): I Didn’t Touch System32 — Def... exploit
Mon, 08 Jun 2026 09:48:02 GMT XSS WAF Bypass: The Ultimate Deep Dive xss-bypass
Thu, 09 Jul 2026 17:27:50 GMT When CPUs Betray Us: Understanding Spectre exploit
Sat, 20 Jun 2026 11:04:15 GMT Scanning: The Second Stage of Penetration Testing — Turning Inf... vulnerability-scanning
Tue, 23 Jun 2026 16:59:56 GMT The Internet Never Forgets : A Beginner’s Guide to OSINT recon
Thu, 11 Sep 2025 22:20:14 GMT It’s Coming: DorkFi Delivers PreFi Rewards Surge dorking
Wed, 01 Apr 2026 18:43:56 GMT Lab: SQL injection attack, listing the database contents on Oracl... web-pentest
Mon, 25 May 2026 09:26:41 GMT Web Önbelleği Zehirlenmesi web-cache-poisoning
Mon, 13 Jul 2026 17:17:30 GMT Understanding Server-Side Request Forgery (SSRF): A Complete Guid... ssrf
Sun, 12 Jul 2026 01:21:50 GMT XSS as a Password Stealer : A very overlooked XSS attack vector xss-attack, cross-site-scripting
Sun, 26 Apr 2026 16:31:24 GMT ��♂� How I Find Critical Data Leaks Using Just Google Sea... google-dork
Sun, 14 Jun 2026 12:09:22 GMT How a Simple Google Dork Earned Me My First Bounty from Bugcrowdâ... bugcrowd
Sat, 13 Jun 2026 15:28:09 GMT Cómo detectar sitios gubernamentales comprometidos con Spam SEO ... google-dork
Tue, 23 Jun 2026 14:32:52 GMT Authentication Bypass & Information Disclosure in a Fortune 500 C... vdp
Sun, 05 Jul 2026 18:57:05 GMT TryHackMe Protocols and Servers (versão em português) pentest
Sat, 04 Jul 2026 14:22:08 GMT XML External Entity (XXE) Injection — Arbitrary Local File Disc... security-research
Mon, 04 May 2026 12:56:26 GMT Beyond alert(1): Advanced XSS Payload Crafting, Filter Bypasses &... xss-bypass
Thu, 07 May 2026 06:41:01 GMT Github Dorking dorking, github-dorking
Thu, 30 Apr 2026 15:04:04 GMT I Almost Scrolled Past This URL… Then I Got Curious lfi
Sat, 27 Jun 2026 17:05:53 GMT Stored XSS via SVG File Upload in a Project Management Applicatio... file-upload
Tue, 07 Jul 2026 05:08:35 GMT SSRF exploit
Wed, 27 May 2026 08:42:26 GMT Open Source Transparency Was a Moat — AI Is Turning It Into a L... vulnerability-disclosure
Wed, 06 May 2026 11:30:53 GMT How Local Business Directory Listing Helps Attract Local Customer... directory-listing
Fri, 10 Jul 2026 03:06:06 GMT I Attacked a Vulnerable Web App and Then Fixed It — A Security ... cross-site-scripting
Thu, 16 Jul 2026 12:20:24 GMT Smali By bithowl: Chapter 2 Why Every Android Hacker Needs Smali bugbounty-writeup
Wed, 15 Jul 2026 18:58:06 GMT The Security Team Is Not a Gate application-security
Mon, 27 Jan 2025 16:51:28 GMT The man who suffered 11 years in hell for freedom has now been fr... web-pentest
Sat, 11 Jul 2026 07:14:07 GMT From Hidden API to Paywall Bypass: Finding an Authorization Vulne... idor
Sun, 12 Jul 2026 13:23:09 GMT Common Authentication Attacks and How I Improved Security in My V... xss-attack
Sun, 05 Jul 2026 05:37:58 GMT The Recon Habit Most Hunters Skip (And Pay For Later) bug-bounty-hunter
Tue, 23 Jun 2026 15:09:51 GMT Cuando el atacante encuentra más de lo que debería vulnerability-scanning
Tue, 23 Jun 2026 11:42:13 GMT Where Are You Storing Your API Keys? (And Why Slack Isn’t It) api-key
Sat, 25 Oct 2025 12:23:25 GMT How to find leaks on GitHub as a beginner. Logic is main key github-dorking
Mon, 29 Jun 2026 04:40:40 GMT We Stopped Vulnerable Code from Reaching Production with Snyk. He... vulnerability-scanning
Fri, 17 Apr 2026 15:39:41 GMT Bug Bounty 2026: Why the “End of the World� is Actually a $50... bounties
Tue, 23 Jun 2026 07:06:16 GMT Bug Bounty Recon Mastery →Advanced Reconnaissance and Attack Su... subdomain-enumeration
Tue, 28 Apr 2026 20:00:52 GMT Official Blind XSS Platform Update (2026) xss-bypass
Tue, 19 May 2026 14:13:53 GMT Guildford to Box Hill dorking
Fri, 03 Jul 2026 21:44:30 GMT Unauthenticated RCE in CKFinder via Null Byte Injection Vulnerabi... rce
Sun, 28 Jun 2026 04:33:32 GMT Remote Coding Agent Approval Workflow: Keep Agents Moving Without... remote-code-execution
Mon, 25 May 2026 22:43:37 GMT Support Writeup for Jr.Pentester Path — TryHackMe/THM local-file-inclusion
Tue, 14 Apr 2026 13:07:05 GMT My “Gemini� Is Named Mike dorks
Wed, 17 Jun 2026 19:02:16 GMT TryHackMe Lo-Fi Writeup lfi
Tue, 14 Jul 2026 10:10:25 GMT Vulnerability Assessment and Penetration Testing Services in Indi... vapt
Sun, 12 Jul 2026 14:23:31 GMT Hacking the Hacker’s Assistant: How I Found a Critical Stored X... xss-attack, bugbounty-writeup, xss-vulnerability
Sat, 04 Jul 2026 06:12:12 GMT How I Discovered a Critical Data Leak Starting with a Small Clue bug-bounty-hunter
Wed, 01 Jul 2026 10:16:28 GMT Auth Bypass is it? bug-bounty-hunter
Tue, 14 Jul 2026 13:01:37 GMT The Docket: RabbitMQ Shows Message Brokers Are Identity Boundarie... application-security
Mon, 18 May 2026 00:04:46 GMT GOOGLE DORK İLE BİLGİYİ HIZLI VE DOĞRU BULMA google-dorking, google-dork, github-dorking
Sun, 17 May 2026 15:50:44 GMT Web Cache Poisoning web-cache-poisoning
Sun, 13 Jul 2025 16:32:21 GMT ProConOS Exposed: What ICS Security Teams Need to Know censys
Tue, 30 Jun 2026 11:31:00 GMT Subdomain Takeover — Claiming Forgotten Assets subdomain-takeover
Wed, 18 Feb 2026 21:56:48 GMT Chapter 14: Subdomain Takeover subdomain-takeover
Tue, 07 Jul 2026 05:50:15 GMT How to Get USCSI® Certified: A Step-by-Step Guide cybersecurity-tools
Mon, 06 Apr 2026 21:45:53 GMT Cookie(Çerez) Türleri ve Pentest Açısından Önemi web-pentest
Mon, 13 Jul 2026 21:52:24 GMT How I Exposed a Critical SIEM Vulnerability — And Why Your Infr... exploit
Mon, 18 May 2026 07:01:05 GMT InterLink Migration Vote Begins | Active Bounty Season 3 bounty-program
Mon, 04 May 2026 17:36:51 GMT The Complete Guide to Managed Cyber Defense: Protecting Your Busi... cyber-sec
Wed, 12 Feb 2025 22:46:35 GMT https://www.express.co.uk/life-style/property/2012927/cleaning-ch... web-pentest
Wed, 11 Feb 2026 21:37:40 GMT From Course Notes to CVE: How a GXPN Study Session Uncovered a 40... vulnerability-disclosure
Wed, 01 Jul 2026 16:21:55 GMT When Productivity Becomes a Threat: Malicious Claude Skills security-research
Sun, 22 Oct 2023 19:57:30 GMT Performing a Log Poisoning Attack log-poisoning
Mon, 08 Jun 2026 08:50:12 GMT Huggingface’den Api Key Alma İçeriği (2026) api-key
Tue, 07 Jul 2026 12:59:00 GMT BUG Bounty — The Upload Was Protected, But the File Was Public. bug-bounty-hunter
Mon, 13 Jul 2026 19:28:20 GMT Vulnerability Scanning vs. Autonomous Pentesting: Why Scanners Ar... vulnerability-scanning
Thu, 16 Jul 2026 15:34:38 GMT Workflow Bypass Leading to Unauthorized Access to Sensitive Recor... bug-bounty-tips, bug-bounty-writeup, bug-bounty-hunter
Sat, 27 Jun 2026 03:05:54 GMT PortSwigger : Reflected XSS into a JavaScript String with Angle B... cross-site-scripting
Thu, 09 Jul 2026 14:29:41 GMT One Wildcard Character — $88,337 from Google: How brutecat Brok... bugbounty-writeup
Mon, 29 Jun 2026 06:52:04 GMT My First Cross-Site Scripting (XSS) Vulnerability: A Journey of P... xss-bypass
Sun, 07 Jun 2026 16:46:16 GMT METASPOITABLE 2 vulnerability-scanning
Wed, 15 Jul 2026 20:16:01 GMT A Worm Just Forged a Valid Security Attestation. cve
Tue, 07 Jul 2026 02:35:59 GMT Search Skills: Mastering Cyber Security Research & OSINT shodan
Tue, 02 Jun 2026 19:48:50 GMT From False Positive to Hall of Fame: Exploiting Web Cache Poisoni... web-cache-poisoning
Fri, 13 Mar 2026 14:55:26 GMT Web Security Series #2 — Bypassing Authentication via MFA Tampe... bug-bounty-hunting
Wed, 27 May 2026 19:50:08 GMT Why Your Directory Listing Service Isn’t Working — And the Fr... directory-listing
Sun, 12 Jul 2026 02:44:51 GMT DOM XSS in document.write sink using source location.search insid... xss-attack
Tue, 14 Jul 2026 07:49:57 GMT Your Android app probably doesn’t check whether something is dr... application-security
Wed, 01 Jul 2026 14:16:27 GMT Four IDORs, One Target: Broken Access Control in a Gaming Platfor... pentest
Sun, 21 Jun 2026 00:45:05 GMT Atdork google-dorking, google-dork
Sat, 06 Dec 2025 23:06:15 GMT Big News from DorkFi — PreFi Rewards Drop + Contest Live! dorks
Thu, 18 Jun 2026 15:00:04 GMT Bore-dom, IP Pools, and a Nation’s Water Control: How I Breache... cyber-sec
Thu, 04 Dec 2025 04:45:36 GMT What is Google Dorking? dorking
Sun, 12 Jul 2026 11:04:39 GMT Lab: Source code disclosure via backup files (Information Disclos... information-disclosure
Wed, 15 Jul 2026 01:51:32 GMT I Asked the Frontend for Secrets, and It Said Yes bug-bounty-tips, bug-bounty-hunter
Tue, 16 Jun 2026 11:22:14 GMT Review AtDork: Tool Dorking Python Terbaik 2026? dorking
Wed, 15 Jul 2026 17:34:03 GMT SSRF in Simple | Server Side Request Forgery | Cybersecurity Le... ssrf
Mon, 13 Apr 2026 06:37:51 GMT File Inclusion on DVWA file-inclusion
Tue, 16 Jun 2026 04:26:17 GMT How to Install Nuclei on Your Machine The Open-Source Vulnerabili... vulnerability-scanning
Mon, 11 Dec 2023 18:17:01 GMT Exploiting a Log Poisoning. log-poisoning
Fri, 08 May 2026 09:52:18 GMT When Bug Bounty Hunting Hit Me Back: How Losing $500 Led Me to a ... web-cache-poisoning
Wed, 10 Jun 2026 19:48:50 GMT Visita inesperada. recon
Fri, 24 Apr 2026 10:26:01 GMT ¿Estás emocionado por el próximo partido entre FC Barcelona y ... bounty-program
Fri, 01 Aug 2025 06:17:06 GMT 15,000 Critical Systems Are Exposed — Thanks to This Outdat... censys
Sat, 04 Apr 2026 09:10:35 GMT We’ve messed up, a lot. Here’s Why Scribble Still Exists to c... bounties