bug hunting 11
- Full Local File Read via Error Based XXE using XLIFF File Jun 19, 2021
- SSRF in PDF Renderer using SVG May 19, 2021
- From Git Folder Disclosure to Remote Code Execution Dec 4, 2020
- From Unvalidated Redirect and Parameter Tampering to Account Takeover Jun 14, 2020
- How I accidentally found Bug in Google Search Console Jan 18, 2020
- XSS to Account Takeover - Bypassing CSRF Header Protection and HTTPOnly Cookie Oct 29, 2019
- Exploiting Cookie Based XSS by Finding RCE Sep 22, 2019
- AWS Metadata Disclosure via "Hardcoded Host" Download Function Aug 21, 2019
- Reflected XSS on Error Page Jun 11, 2019
- How I Found Multiple Vulnerabilities on antihack.me Jan 11, 2019
- Blind XSS on Internal Panel Tokopedia (Bahasa) Oct 4, 2018