105 followers
Hi, I am Vikrant. I do bug bounties, security research and exploit dev.
Subscribe to my newsletter and never miss my upcoming articles
TLDR; This is a write up with no images and only one video in the end. The write up starts from explaining the burnout from bug bounties to greybox testing to a thorough explanation and coordinated disclosure of CVE-2021-27902 and CVE-2021-27903 that...
Many newcomers as well as leets focusing on XSS seems to miss out one simple yet powerful thing: data URLs. While finding an XSS, hackers test the vulnerability with some hosted solution like xss.rocks or host their own files. But most of the time, y...
Web Application Firewalls like cloudflare are pretty good at protecting websites by tunneling the traffic through their secure servers. But if the underlying IP address is leaked, such protection is usually bypassed and the attacker can directly targ...
Summary This bug in Flattr was a low impact Open Redirect that allowed attacker to redirect the victim after authorizing Twitter. PoC https://flattr.com/settings/connect/twitter?redirect=https://hackberry.xyz Timeline Found vulnerability - 5th June,...
I am such a procrastinator that I often end up having multiple plans, todo lists and projects. I have used almost all to-do lists available on play store, maintained todo lists on a notebook, and even meditated to stay focused. I have read a lot of p...