Recon is the main part of a Bug Bounty process where everything begins. It basically consists in, given a scope, let’s say a domain/group of domains like… Leer más “Thank you for all, manual recon”
Etiqueta: bugbounty
Help me, i’m Blind (XSS) !!!
Have you ever heard about Blind XSS?. What is it about?. Where does it happen?. After looking for vulnerabilities in a subdomain for some days and failed,… Leer más “Help me, i’m Blind (XSS) !!!”
Javascript, i love you !!!
The art of bug bounty comprises a lot of things to check and sometimes no all of them are check, but you should have in mind one… Leer más “Javascript, i love you !!!”
Dot Dot Semicolon RCE
The world of bug bounty is somewhat complex since you have to know numerous tools as well as techniques to identify vulnerabilities. Many times, the urge to… Leer más “Dot Dot Semicolon RCE”
To: eventListener # From: postMessage
In this post, we are going to see what is window.postMessage and how we can send data accross domains in a safe way. WHAT IS POSTMESSAGE? window,postMessage… Leer más “To: eventListener # From: postMessage”