FB OAuth MisconfigurationHello everyone, in this blog post, I would like to discuss the Facebook OAuth Misconfiguration vulnerability I discovered.Nov 17, 20241Nov 17, 20241
Heroku Subdomain TakeoverHello everyone, in this blog post, I would like to discuss the Subdomain Takeover vulnerability I discovered.Nov 16, 2024Nov 16, 2024
3 reflected XSS in one programHello everyone, in this blog post, I would like to discuss the Reflected XSS vulnerability I discovered.Nov 15, 2024Nov 15, 2024
CSRF leads to delete accountHello everyone! Hello everyone, in this blog post I would like to talk about the CSRF (Cross-site request forgery) vulnerability I…Nov 15, 2024Nov 15, 2024
A simple IDOR worth $400.In this blog post, I will tell you about my simple but effective story of finding the IDOR vulnerability.Jun 2, 20246Jun 2, 20246
My first bugs in 2024Hello everyone, In this article, I will explain how I found 4 bugs from a program in bugbounter in the first days of 2024.Jan 5, 20247Jan 5, 20247
Kaynak kodu ile XSS’i nasıl buldum ?Herkese merhaba ! Bir önceki yazıda IDOR ile Hesap Devralma Hikayemden bahsetmiştim .Nov 27, 20231Nov 27, 20231
IDOR ile Hesap Devralma HikayemUzun bir aradan sonra herkese merhaba ! Bir önceki yazıda subdomain devralma ile ilgili nuclei kullanımına göz atmıştık .Oct 15, 2023Oct 15, 2023
Nuclei — Subdomain TakeoverUzun bir aradan sonra herkese merhaba ! Bir önceki yazıda subdomain tespiti ile ilgili araçların kullanımlarına göz atmıştık .Jul 29, 2023Jul 29, 2023