This article was originally published at BePractical INTRODUCTION A lot of bug bounty hunters usually just reports the vulnerability that they found directly to the program without understanding the impact of it. Although this is completely fine, but sometimes it restricts you to get the bounty you deserve. For example, If…

This article was originally published at BePractical INTRODUCTION Do you know that you can earn up to $1000 by finding open redirect vulnerabilities? Well, it turns out that most people underestimate open redirect vulnerabilities because of its nature. For those who doesn’t know about open redirect vulnerability, It is a web…

This article was originally published at BePractical Learn everything about dns spoof attack from basics to advanced INTRODUCTION Hi everyone! Suppose you are in your WiFi network and trying to book a movie ticket online. You opened the website there is no sign of phishing and everything seems nice. You buy…

This article was originally posted on bepractical.tech INTRODUCTION Hi everyone! In this article, you will learn about how to craft blind xss payloads to get yourself bounties. Before we dive deep in this article, let us first learn about some few things: What is XSS(Cross Site Scripting)? In simple terms, It…

INTRODUCTION Hey everyone! Do you want to learn all about account takeover from scratch? If yes, then welcome to this amazing course “The Ultimate Guide to Hunt Account Takeover” that will teach you everything from basic to advance. Curriculum

Introduction Hi everyone, In this article I am going to show you how i got google’s hall of fame by finding security vulnerability in one of their acquisition. So, let’s get started!

Introduction Do you know that an account takeover bug can give you as much as $1000 to $100,000? But unfortunately, most of the beginner bug hunters don’t know how to look for these type of vulnerabilities. As a result, most of the beginner bug hunters don’t test for these vulnerabilities. If…

To read full article, click here. INTRODUCTION Hi everyone, I hope you all are doing good. In this Browser in the Browser Attack Tutorial, We are going to talk about a latest phishing technique i.e Browser in the Browser attack. …

INTRODUCTION Hey everyone! I hope you all are doing good. In this article i am going to show you that how i was able to find a store cross site scripting vulnerability by diving deep into the target. Before we jump into this article, if you guys are not familiar…