A tale of critical account take over

Hello everyone I hope everyone is healthy and safe taking precautions as well

So , I am going to share my latest finding which I have found on private program let’s get started !!

So first thing i do is check login with google and Facebook feature on program and I had this feature in my program

How does that work :

1) click on login with google

2) enter you email id and password

Simple right ?? Wait for twist

we all know vulnerability like changing email with other user email that…


A Story of Rs.10k Bounty within minutes

Hello everyone i hope you guys are doing great in this quarantine i decided to write small blog post about my months older bug please have a look

So it was normie day no college decided to hunt ask my friend if he got any program ?

got to know about program its indian program so will kept this as private ( dnt want to get sue by them :xD)

As usual started with passive recon on github, trello, repl.it …


From publicly available database leak to high impact business logic error

Hello everyone this is my first writeup I hope you guys will like it let’s get started :)

My target is private so will call it target ,it is tech giant company with many subsidiaries

Usually i start with passive recon I started with normal GitHub recon like

target “api” , target “token” etc

Had no success with that so I remembered best writeup from Prateek Tiwari where he mentioned about scribd.com

what is scribd ?

Scribd is an American e-book and audiobook subscription service that includes one million…

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store