XSS
Read More
XSS WAF Bypass Techniques
We all hate web application firewall! Most likely you have encountered those while testing for cross-site-scripting. If you manage to
Tag: Bug bounty
Bug bounty tips
Read More
Jump Over Firewall Finding Origin IP
Web application firewalls are the most annoying when you know that there is vulnerability out there! Usually, it’s old, not
Google dorking
Read More
Recon on Steroids – Discover EVEN MORE Subdomains
Won’t you love to find the website or asset that nobody else has found, test it, and find some serious
Infosec tools
Read More
Port Scanning for Bug Bounties
Are you using the same port scanning techniques as everybody else and not getting desirable results? It’s time to change
Blog
Read More
Mastering Shodan Search Engine
Let’s explore the depths of Shodan Dorking to level up your security testing. While Google can find many websites, Shodan
Bug bounty tips
Read More
DNS Bruteforce using AXIOM
Are you interested in getting a lot of subdomains of big targets? Using tools like amass or subfinder is not
Bug bounty tips
Read More
Hunting Blind XSS on the Large Scale — Practical Techniques
In this article, I will reveal the techniques for detecting Blind Cross-Site Scripting at scale. We will dive into the
Infosec tools
Read More
Hunting Blind XSS on the Large Scale — Initial Setup
The Blind Cross-Site Scripting is a pretty serious client-side vulnerability with serious consequences. This type of vulnerability enables attackers to
Blog
Read More
Mass Hunting for Leaked Sensitive Documents
Significant portion of crucial data and documents is now stored online as the paper documents are becoming less popular. There
Google dorking
Read More
Taking Bug Bounty to the Next Level: Mass Google Dorking Techniques
Many things have changed over the years, and the Google search engine is not the same anymore. It does not