infosec-write-ups-medium
feeds.twtxt.netNo description provided.
$20,000 Bounty: How a Leaked Session Cookie Led to Account Takeover on HackerOne
How one accidental copy-paste exposed sensitive data and what you can learn to find similar bugs
[Continue rea … ⌘ Read more
Strengthening Web service security with Apache2: Best practices for 2025
Keeping your Apache2 web services safe: What you need to know this year
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/ … ⌘ Read more
Bypassing Login via NoSQL Operator Injection: A MongoDB Authentication Hack ⌘ Read more
Build Your Own AI SOC — Part 6 Daily AI-Powered Threat Briefings With n8n + GPT
Introduction: Information Without Overload
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/buil … ⌘ Read more
** Redirect Roulette: How Poor OAuth Redirect Handling Gave Me Account Takeover **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/redirect-roulette-how-poor-oauth-red … ⌘ Read more
5 Linux Commands You’ve Probably Never Heard Of
In this article, I will show you five Linux commands you’ve probably never heard of. They’re simple, practical, and designed to make your…
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.c … ⌘ Read more
Here’s everything you need to know about ARP Poisoning. ⌘ Read more
$750 Bounty: for HTTP Request Smuggling on Data.gov
How a cleverly crafted desync attack revealed a hidden path to client-side compromise, JS injection and potential cookie theft
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/ … ⌘ Read more
The Most Dangerous Bug I’ve Ever Found (And No One Was Looking)
👉Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/the-most-dangerous-bug-ive-ever-found-and-no-one-was-looking-2e96e5079a01? … ⌘ Read more
Sharpening Command Injections to get Full RCE
Uncommon Bash tricks to Bypass WAF and achieve Remote Code Execution (RCE)
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/sharpening-command-injections-to-get-full-rce-e4cf257d2c66?source= … ⌘ Read more
**Token of Misfortune: How a Refresh Token Leak Let Me Regenerate Unlimited Sessions **
Free Link 🎈
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/token-of-misfortune … ⌘ Read more
IPinfo Free Geolocation API: Tools, Setup & Use Cases ⌘ Read more
$10,500 Bounty: A Grammarly Account Takeover Vector
When a Space Breaks the System: How Improper Entity Validation Led to a Full SSO Denial and Potential Account Takeovers
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/10-500- … ⌘ Read more
How I Gained Root Access on a Vulnerable Web Server: From Reconnaissance to Privilege Escalation
Web Server Exploitation & Privilege Escalation - Full Walkthr … ⌘ Read more
0 to First Bug: What I’d Do Differently If I Started Bug Bounty Today
Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/0-to-first-bug-what-id-do-differently-if-i-started-bug … ⌘ Read more
I Built a Tool to Hack AI Models — Here’s What It Uncovered
A few months ago, I was auditing a chatbot deployed inside a financial services platform. It used a mix of retrieval-augmented generation…
[Continue reading on InfoSec Write-ups »](http … ⌘ Read more
**Caching Trouble: The Public Cache That Leaked Private User Data **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/caching-trouble-the-public-cache-that-leaked-private-user-data-0d410af5cb4c … ⌘ Read more
$500 Bounty: A Referer Leak in Brave’s Private Tor Window
When Anonymity Isn’t Anonymous: $500 Bounty for Revealing a Brave Referer Exposure
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/500-bounty-a-referer-leak-in … ⌘ Read more
Instagram API Documentation: Key Concepts Explained for Developers ⌘ Read more
Get Geocoding API Key: Step-by-Step Guide for Developers ⌘ Read more
Part-2️♂️Bug Bounty Secrets They Don’t Tell You: Tricks From 100+ Reported Bugs
✨Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwri … ⌘ Read more
$500 Bounty: Race Condition in Hacker101 CTF Group Join
$500 for discovering a timing flaw in Hacker101’s invite system that let users join the same team multiple times
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/50 … ⌘ Read more
Secret to find bugs in five minutes. Juicy reality. ⌘ Read more
Securing MCP Servers: Key Lessons from a Vulnerable Project ⌘ Read more
Microsoft Goes Passwordless: What You Need to Know ⌘ Read more
** NoSQL Injection Detection — A hands-on Exploitation Walkthrough** ⌘ Read more
How a Simple Logic Flaw Led to a $3,250 Bounty
Claiming Unclaimed Restaurants on Zomato via OTP Manipulation
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-a-simple-logic-flaw-led-to-a-3-250-bounty-476d747bf57a?source=rss—-7b722 … ⌘ Read more
From 0 to $$$: Finding Rate Limit Bypasses Like a Pro ⌘ Read more
** Blog Title: Not Your File: How Misconfigured MIME Types Let Me Upload Evil Scripts **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/blog-title-not-your … ⌘ Read more
☕Best Tool for Analyzing Java Files (90% of Hackers Don’t Know This)
Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/best-tool-for-analyzing-java-files-90-of-hackers-dont-know-this- … ⌘ Read more
Application Security Checklist: From Idea to Production ⌘ Read more
How to Pitch at RSA Innovation Sandbox, Black Hat Startup Spotlight, and GISEC Cyberstars ⌘ Read more
Expose & Explore: Discover misconfigured service protocols and ports using Linux
Internet Assigned Numbers Authority (IANA) is the organisation responsible for managing and assigning port number … ⌘ Read more
Hacking With No Tools: How to Break Web Apps Using Just Your Browser ️♂️
Hacking With No Tools: How to Break Web Apps Using Just Your Browser 🕵️♂️
[Continue reading on In … ⌘ Read more
Breaking In Through the Backdoor: Password Reset Gone Wrong
Imagine being able to take over any user’s account on a platform — even without their interaction. No phishing, no social engineering, and…
[Continue reading on InfoSec Wr … ⌘ Read more
** JWT Exploitation: How I Forged Tokens and Took Over Accounts**
🔐Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/jwt-exploitation-how-i-forged-tokens-and-took-over-accounts-2e7ab1cf4df8?sour … ⌘ Read more
Top 8 Best Vulnerability Scanning Tools (2025 Guide) ⌘ Read more
HTB Zephyr Lab Explained: Real-World Red Team Operator Strategies for OSEP ⌘ Read more
How I Found a Way to Prolong Password Reset Code Expiry
Free Article Link: Click for free!
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-i-found-a-way-to-prolong-password-reset-code-expiry-6214391023de?source=rss—-7b7 … ⌘ Read more
How I Deleted Any User’s Account— No Interaction Needed
Free Article Link: Click for free!
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-i-deleted-any-users-account-no-interaction-needed-faae0442ff4f?source=rss—-7b722bfd1 … ⌘ Read more
**Forget Me Not: How Broken Logout Functionality Let Me Ride Sessions Forever **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/forget-me-not-how-broken-logout-function … ⌘ Read more
I Broke Authentication — Without Exploiting Anything ⌘ Read more
$256 Bounty : XSS via Web Cache Poisoning in Discourse
How Injecting Headers and Poisoning Cache Led to Stored Cross-Site Scripting
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/256-bounty-xss-via-web-cache-poisoning-in-d … ⌘ Read more
The Human Firewall: Why Your Employees Are Both Your Greatest Vulnerability and Asset
In the high-stakes world of cybersecurity, organizations invest millions in sophisticated technologic … ⌘ Read more
DCShadow Attacks: Subverting Active Directory Replication for Stealthy Persistence
Technique that allows adversaries to manipulate directory data by simulating the behavior of a legitimate Doma … ⌘ Read more
Part 1: How to Become a Pentester in 2025: Free & Affordable Online Labs ⌘ Read more
Logic Flaw: Using Invitation Function to Block Other Accounts ⌘ Read more
Bug Chain: pre-auth takeover to permanent access. ⌘ Read more
How I was able to delete a production backend server in my first finding. ⌘ Read more
Business logic: I can order anything from your account without paying for it ⌘ Read more
OSINT Writeups — MIST Cyber Drill 2025 ⌘ Read more
** How Hackers Bypass Login Pages with SQL, Logic Flaws, and Headers **
Welcome to the underworld of cybersecurity! 🌐 In this blog, we dive deep into how hackers bypass login pages — the digital gatekeepers of…
[Continue rea … ⌘ Read more
SameSite? SameMess: How I Bypassed Cookie Protections to Hijack Sessions ️♂️
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/samesi … ⌘ Read more
Master CRLF Injection: The Underrated Bug with Dangerous Potential
Learn how attackers exploit CRLF Injection to manipulate HTTP responses, hijack headers and unlock hidden vulnerabilities in modern web…
[Continue rea … ⌘ Read more
Compress-a-thon — CSP Bypass via Redirection — Pentathon 2025
Compress-a-thon is a “web exploitation” challenge that was featured in Pentathon 2025 Finale Jeopardy CTF Round. This challenge involved…
[Continue reading on InfoSec Write-ups »](https://inf … ⌘ Read more
SSRF via PDF Generator? Yes, and It Led to EC2 Metadata Access
👨💻Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/ssrf-via-pdf-generator-yes-and-it-led-to-ec2-metadata-access-39b8e5b41840 … ⌘ Read more
Shadow Credentials in Active Directory: When the Exploit Doesn’t Work — Until It Does ⌘ Read more
**The Hidden Language: Exploiting GraphQL for Unauthorized Data Dump **
Free Link🎈
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/the-hidden-language-exploiting-graphql-for-unauthorized-data-dump-8 … ⌘ Read more
Bug Hunting in JS Files: Tricks, Tools, and Real-World POCs
✅Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/bug-hunting-in-js-files-tricks-tools-and-real-world-pocs-b4d43dd41d8e?source=rss—-7 … ⌘ Read more
Bug Bounty Race: Exploiting Race Conditions for Infinite Discounts ⌘ Read more
**Top 5 Easiest Bugs for Beginners in Bug Bounty **
Top 5 Easiest Bugs for Beginners in Bug Bounty 🐞
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/top-5-easiest-bugs-for-beginners-in-bug-bounty-45dd81c49e03?source=rss—-7b722bfd1b8d- … ⌘ Read more
$10,000 Bounty: HackerOne Report Comments Leak via “Export as .zip”
How a new export feature unintentionally exposed private discussions in limited disclosure reports
[Continue reading on InfoSec Write-ups »](https://infose … ⌘ Read more
Understanding Stealer Logs and Their Role in Security Testing: A Focus on Asset Discovery- Part 2 ⌘ Read more
Understanding Stealer Logs and Their Role in Security Testing — Part 1 ⌘ Read more
API Key Exposure in NASA GitHub Repository Leads to Unauthorized Access to Academic Data
🔓Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteu … ⌘ Read more
Subdomain Takeover: My $450 Win & How You Can Do It Too
Free Article Link: Click for free!
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/subdomain-takeover-my-450-win-how-you-can-do-it-too-3337ca0513b6?source=rss—-7b722 … ⌘ Read more
How I Found SSTI in a Search Bar ⌘ Read more
How Backups Can Break End-to-End Encryption (E2EE) ⌘ Read more
Hidden HackerOne & Bugcrowd Programs: How to Get Private Invites
“Private programs are where the real gold lies… but no one tells you how to get there. Let me break it down for you — with secrets most…
[Continue reading on In … ⌘ Read more
** CSP? More Like Can’t Stop Payloads — Bypassing CSP to XSS Like a Pro**
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/csp-more-like-cant-stop-payloads-bypassing-csp-to-xss-like-a-pro-9 … ⌘ Read more
Tackling Conditional Blind SQLi Like a Pro: OSWE Prep Powered by Burp Suite ⌘ Read more
UUIDs: A False Sense Of Security
Hi Hunters, would you like to learn about a broken access control vulnerability that I discovered recently for a client.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/uuids-a-false-sense-of-security-10467497daae?source=rss—-7b7 … ⌘ Read more
$50,000 Bounty: GitHub Access Token
How a hidden token in a desktop app could have compromised one of the world’s biggest e-commerce platforms
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/50-000-bounty-github-access-token-c29cb6f00182?source=rss—-7b722bf … ⌘ Read more
️Recon Automation Like a Pro: My 5-Stage System to Catch More Bugs
✅Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/%EF%B8%8Frecon-automation-like-a-pro-my-5-sta … ⌘ Read more
Top 10 Ways Hackers Exploit Web Applications (and How to Prevent Them)
Hackers don’t wait for big websites. They look for easy mistakes. Let’s fix them before they find yours.
[Continue reading on InfoSec Write- … ⌘ Read more
Open Redirect Vulnerability: What It Is and Why It Matters ⌘ Read more
Wazuh: The Free SIEM That Fights Like a Paid One ⌘ Read more
HACK-ERA CTF — Phase 1 Walkthrough ⌘ Read more
$840 Bounty: How I Stole OAuth Tokens from Twitter
A critical OAuth misconfiguration allowed stealing tokens with just a click
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/840-bounty-how-i-stole-oauth-tokens-from-twitter-733f8 … ⌘ Read more
Plug, Boot, Vanish: How I Turned a USB Stick into a Portable Privacy Fortress ⌘ Read more
Bug Hunting in JS Files: Tricks, Tools, and Real-World POCs
🗝️Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/bug-hunting-in-js-files-tricks-tools-and-real-world-pocs-70406e3eb72e?source=rss—-7 … ⌘ Read more
Building a Secure Home Network in 2025: Practical Tips ⌘ Read more
A Guide to SQL Injection Attacks: Hackers Don’t Want You to Know This!
Imagine your website as a big toy box filled with treasures — like user info, passwords, or blog posts — and you’ve got a robot helper…
[Contin … ⌘ Read more
Privilege Escalation with Docker Container ⌘ Read more
Tool Review — TraceWeb.io Extension ⌘ Read more
$100 Bounty: How a Spoofed Email Could Change Any Username on HackerOne
A simple email spoofing trick could let anyone hijack your HackerOne username and profile link
[Continue reading on InfoSec Write-ups »] … ⌘ Read more
️♂️ Unlisted but Not Unseen: How I Found the Admin Panel in a JavaScript Comment
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteu … ⌘ Read more
Mastering Linux Part 3: A Beginner’s Guide to APT and YUM Package Management
A Beginner’s Guide to APT and YUM Package Management
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com … ⌘ Read more
How to setup a Monthly Free VPS for Bug Hunting
In this article, I explained how to setup and use (GitHub CodeSpaces) for bug hunting
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-to-setup-a-monthly-free-vps-for-bug-hunting-d4 … ⌘ Read more