HTTP
2025
IDOR Leads to Unauthorized Deletion: How I Earned $500 in Bug Bounty
·1178 words·6 mins
How I Found an Account Takeover Bug in the Forgot Password Flow
·801 words·4 mins
2024
Bypassing Rate Limit in GraphQL
·1526 words·8 mins
Exploiting DOM for Open Redirect Attacks
·1735 words·9 mins
HTTP Parameter Pollution vs Mass Assignment
·1176 words·6 mins