This is a short write-up of how I progressed from discovering a Jenkins instance to getting shells on 8 Adobe Experience Manager servers and gaining edit access to a company’s main sites....
Recently I came across an Atlassian Crowd application while I was doing recon. If you’re not familiar with Crowd, it is a centralized identity management application that...
This is a vulnerability I found while participating in a bug-bounty program earlier this year. It affects Prince, a software that converts “HTML, XHTML, or one of the...
I’ve seen some fantastic research done by Linus Särud and by Bo0oM on how Safari’s handling of special characters could be abused.
This is a write-up of how I chained two vulnerabilities (an XSS and a CORS misconfiguration) that allowed me to steal contacts from a victim’s contact book. This data included: names,...
This is a write-up of an SSRF I accidentally found in HackerTarget and leveraged to get access to internal services! Please note that they don’t have an active bug bounty program.
To get started, I’ll give a bit of backstory behind this. I found this bug back in January of 2017 and was one of the first reports I made to...
Recently, HackerOne hosted their second Hack The World competition. During this time I decided to take a look at Yahoo’s bug bounty program because I have heard good things about them and also due to...