Blog
Read More
XSS WAF Bypass Techniques
We all hate web application firewall! Most likely you have encountered those while testing for cross-site-scripting. If you manage to
Tag: bug bounty hunting
Blog
Read More
Jump Over Firewall Finding Origin IP
Web application firewalls are the most annoying when you know that there is vulnerability out there! Usually, it’s old, not
Google dorking
Read More
Recon on Steroids – Discover EVEN MORE Subdomains
Won’t you love to find the website or asset that nobody else has found, test it, and find some serious
Infosec tools
Read More
Port Scanning for Bug Bounties
Are you using the same port scanning techniques as everybody else and not getting desirable results? It’s time to change
Bug bounty tips
Read More
Mastering Shodan Search Engine
Let’s explore the depths of Shodan Dorking to level up your security testing. While Google can find many websites, Shodan
Bug bounty tips
Read More
DNS Bruteforce using AXIOM
Are you interested in getting a lot of subdomains of big targets? Using tools like amass or subfinder is not
Bug bounty tips
Read More
Mass Hunting for Leaked Sensitive Documents
Significant portion of crucial data and documents is now stored online as the paper documents are becoming less popular. There
Blog
Read More
Taking Bug Bounty to the Next Level: Mass Google Dorking Techniques
Many things have changed over the years, and the Google search engine is not the same anymore. It does not
AXIOM
Read More
Mass Hunting For Misconfigured S3 Buckets
In this publication, I would like to cover how it is possible to efficiently check millions of misconfigured S3 buckets