| How careless default credentials impact to massive account takeover |
|
|
|
| How I hacked hackers in Voorivex Hunt Event |
|
|
|
| A Big company Admin Panel takeover $4500 |
|
|
|
| Account Take Over (Via an API) |
|
|
|
| How I was able to change password of any corporate user |
|
|
|
| Steal authentication token with one-click on misconfigured WebView. |
|
|
|
| Post Account Takeover? Account Takeover of Internal Tesla Accounts |
|
|
|
| Simple Bugs 0x01: Password Changing to Account Takeover! |
|
|
|
| BingBang: The AAD misconfiguration that led to Bing.com results manipulation and account takeover explained |
|
|
|
| Hacking Admin Panel & Getting free subscription |
|
|
|
| Story of a Beautiful Account Takeover. |
|
|
|
| Account Takeover with rate limit bypass |
|
|
|
| How I chained multiple High-impact vulnerabilities to create a critical one. |
|
|
|
| OAuth 2.0 Authentication Misconfiguration |
|
|
|
| Bypassing Character Limit - XSS Using Spanned Payload |
|
|
|
| How I Leak Other’s Access Token by Exploiting Evil Deeplink Flaw |
|
|
|
| Account Takeover: An Epic Bug Bounty Story |
|
|
|
| Clipchamp ( Microsoft Office Product) - Google IAP Authorization bypass allowed access to Internal Environment Leading to Zero Interaction Account takeover |
|
|
|
| CVE-2022-36413 Unauthorized Reset Password of Zoho ManageEngine ADSelfService Plus |
|
|
|
| The story of becoming a Super Admin |
|
|
|
| [Account Takeover] Don’t Send a Message to anyone Before Reading This [External Audit] |
|
|
|
| Unauthorized access to Codespace secrets in GitHub |
|
|
|
| Traveling with OAuth - Account Takeover on Booking.com |
|
|
|
| How a simple IDOR impacted the data of thousands of customers of an Indian automotive giant |
|
|
|
| How I Earned $1800 for finding a (Business Logic) Account Takeover Vulnerability? |
|
|
|
writeups.xyz
/
Account Takeover