Security Articles & Resources

Discover the latest cybersecurity articles, tutorials, and resources from around the web.

Popular Tags

Bug Bounty Hacking Cybersecurity Bug Bounty Tips Pentesting Hackerone Ssrf Bug Bounty Writeup Bugbounty Writeup Infosec

Active Filters

Tag: Security
Clear All Filters

Showing 10 of 14 articles

Full-Blown SSRF to Gain Access to Millions of Users’ Records and Multiple Internal Panels

Full-Blown SSRF to Gain Access to Millions of Users’ Records and Multiple Internal Panels

This write-up details an SSRF vulnerability that allowed unauthorized access to millions of sensitive data and internal services.

Skyer
May 31, 2025 1 min read
Bug Bounty Cybersecurity Hacking +2
Grafana CVE-2025–4123: Full Read SSRF & Account Takeover

Grafana CVE-2025–4123: Full Read SSRF & Account Takeover

An open redirect happens when a web application takes a URL parameter and redirects the user to the specified URL without validating it. This might not seem dangerous on its own, but this type of bug…

Alvaro Balada
May 31, 2025 1 min read
Cybersecurity Bug Bounty Infosec +1
Kubernetes Security Basics: From a Pentester’s Point of View

Kubernetes Security Basics: From a Pentester’s Point of View

Explore Kubernetes security from a pentester's point of view. Follow a hands-on walkthrough from reconnaissance to root access, focusing on network packet analysis, exploitation techniques, and cluster misconfigurations.

Bhavik Kanejiya
May 30, 2025 1 min read
Kubernetes Security
Facebook bug: A Journey from Code Execution to S3 Data Leak
Featured

Facebook bug: A Journey from Code Execution to S3 Data Leak

A Tale of Two Threats: OS Command Injection and Data Leak in Meta’s (formerly Facebook) Careers Platform

Bipin Jitiya
May 27, 2025 1 min read
Cybersecurity Technology Programming +2
Stealing First Party Access Token of Facebook Users: Meta Bug Bounty

Stealing First Party Access Token of Facebook Users: Meta Bug Bounty

Hi, I am Saugat Pokharel from Kathmandu, Nepal. I am going to talk about one of my findings on Facebook. The vulnerability led to the…

Saugat Pokharel
May 27, 2025 1 min read
Bug Bounty Cybersecurity Hacking +2
Why JWTs Valid After Logout: A Pentester’s Guide to Testing and Securing Tokens

Why JWTs Valid After Logout: A Pentester’s Guide to Testing and Securing Tokens

Discover why JWTs stay valid after logout and how refresh tokens keep apps secure. A pentester’s clear guide to testing and fixing tokens.

Sid Joshi
May 27, 2025 1 min read
Jwt Exploitation Bug Bounty Pentesting +2
MQTT Pentesting: Authentication, Authorization & Availability Attacks

MQTT Pentesting: Authentication, Authorization & Availability Attacks

Introduction:

Vaishali Nagori
May 27, 2025 1 min read
Iot Security Mqtt Pentesting +2
SSTI in mblog 3.5.1 - A tale of a glorified RCE (CVE-2024-28713) - vsociety

SSTI in mblog 3.5.1 - A tale of a glorified RCE (CVE-2024-28713) - vsociety

Write a blog analysis for a CVE

Shivam Bathla
May 26, 2025 1 min read
vsociety vicarius vulnerabilities +5
How I made $64k from deleted files — a bug bounty story
Featured

How I made $64k from deleted files — a bug bounty story

TL;DR — I built an automation that cloned and scanned tens of thousands of public GitHub repos for leaked secrets. For each repository I…

Sharon Brizinov
May 26, 2025 1 min read
Bug Bounty Github Hacking +1
Account verification code bypass lead to a $4000 bounty

Account verification code bypass lead to a $4000 bounty

Hello reader,

Mohsin khan
May 26, 2025 1 min read
Bugbounting Bugbounty Writeup Bugbounty Poc +2
Showing page 1 of 2 (14 total articles)