2021
- 19 Jun Full Local File Read via Error Based XXE using XLIFF File
- 19 May SSRF in PDF Renderer using SVG
2020
- 04 Dec From Git Folder Disclosure to Remote Code Execution
- 14 Jun From Unvalidated Redirect and Parameter Tampering to Account Takeover
- 18 Jan How I accidentally found Bug in Google Search Console
2019
- 29 Oct XSS to Account Takeover - Bypassing CSRF Header Protection and HTTPOnly Cookie
- 22 Sep Exploiting Cookie Based XSS by Finding RCE
- 21 Aug AWS Metadata Disclosure via "Hardcoded Host" Download Function
- 11 Jun Reflected XSS on Error Page
- 11 Jan How I Found Multiple Vulnerabilities on antihack.me
2018