| Exploiting iOS app for fun and profit |
|
|
|
| Takeover seller accounts worth billions & millions |
|
|
|
| Stealing cookies from subdomain leads to takeover user accounts at redacted.com |
|
|
|
| Deleting account via support ticket |
|
|
|
| Bug Bounty catches part -1 |
|
|
|
| How I found a simple and weird Account takeover bug |
|
|
|
| Facebook BugBounty: Tale of an Instagram bug disclosing user’s phone number via checkpoint |
|
|
|
| Facebook BugBounty : Short story on Page admin disclosure |
|
|
|
| How I was able to get private ticket response panel and FortiGate web panel via blind XSS |
|
|
|
writeups.xyz
/
Bijan Murmu (@0xBijan)