This vulnerability is one of my best finding till date. It has severity of P2 according to Bugcrowd VRT.
So, the story begins like this, I was testing on this target and found that there was an application wide CSRF in the domain. Now, as per bugcrowd this vulnerability alone has severity of P2. But when I reported it, as usual, it got duplicated.
But yet the vulnerability was present so I thought if I chain this bug with some other bug I might find something interesting.
I immediately fired up my Burpsuite and started looking for some…
This is my first bug bounty writeup on finding an HTML Injection Vulnerability and escalating it to XSS.
It started as my friend found a potential 2FA bypass in the application but somehow was not able to escalate it. So he and I started working on finding a valid eploit for it. But later realized that it was actually not a bypass but just a misconfigured 2FA(That’s story for some other day).
Now , I started hunting on the target in bugcrowd, which is actually a very old target and I started with the main landing page, which…
Hello, let me first introduce myself. I am a programmer that is completely fascinated about technology and money. This is my second blog so please bear me.
Let’s start. As I said I am a programmer and I work as a “Computer Vision Scientist” (not as fancy at it sounds) in a fin-tech startup. Today at work I was given a pretty simple task, I was to extract out the stamps from images and thresholding the image to get the background as white and the stamp as black colored.
I started thinking about the problem. As there…
Artificial Intelligence today have became one of the leading technology around the globe and it’s being estimated that with the advent of 2030 it will be popularized all over the world. For one to become an Artificial Intelligence Researcher must have an sound knowledge of mathematics ,specially statistics and probability. Why these two are so important? I mean there are a lot more in mathematics but why only these two are more frequently heard while talking about AI or Machine Learning(ML) . We will discuss statistics some other day on some other post. Today we are going to touch the…