Sometimes, when visiting a website, we find a link to download files from that site. The downloaded file can be a guide, tutorial, or another document. When hunting private programs on Bugcrowd,...
Reflected XSS on Error Page
Sometimes to exploit an XSS (specifically Reflected XSS), we are focused on finding input pages such as Search Columns, etc to find out is that form has an XSS vulnerability or not. Not infrequent...
How I Found Multiple Vulnerabilities on antihack.me
AntiHack is a Singaporean Bug Bounty Platform site. After reading some information of this site, I decided to create an account there. After successfully creating an account, the user will be provi...
Blind XSS on Internal Panel Tokopedia (Bahasa)
Belakangan ini saya sedang fokus mempelajari salah satu jenis kerentanan XSS yang disebut Blind XSS. Kerentanan ini menarik karena tidak seperti XSS pada umumnya, payload yang dikirim akan ter-ekse...