All Stories

Souq.com Subdomain Takeover via jazzhr.com service

Program : Souq Vulnerability : Subdomain Takeover Impact : High jobs.souq.com was vulnerable to subdomain takeover via jazzhr.com Service When I visit jobs.souq.com it...
m7mdharon
27 sec read

HerokuDNS can’t be Takeover any more ( Edge Case…

In jan 2019 Heroku have update all DNS of Domains and Subdomains for all users. Last years in Heroku when you try to add...
Admin
39 sec read

HTTP PUT method Enable Vulnerability

Exaplain on Report at Hackerone Hackerone report #487656 by Wyethman Piter Affected Site was ratelimited.me Wyethman Piter Found on HTTP PUT sites enabled on...
Admin
1 min read

How I Found and Reporting Vulnerabilities to AntiHack.me by…

ABSTRACT AntiHack.me is a Singaporean Bug Bounty Platform site. After seeing this platform well known, I decided to create an account there. After successfully...
Admin
2 min read

Subdomain Takeover vulnerability in Arabic lang

السلام عليكم ورحمه الله وبركاته ان شاء الله هشرح بطريقه بسيطه Subdomain Takeovers vulnerability الايرور اللي بظهر ليك بيكون شكله مميز ومعروف  مثال :...
Admin
15 sec read

Aquatone Subdomain Takeover Finder

AQUATONE Aquatone is a tool for visual inspection of websites across a large amount of hosts and is convenient for quickly gaining an overview...
Admin
3 min read

Resources for Beginner Bug-Bounty Hunters By NahamSec

Resources-for-Beginner-Bug-Bounty-Hunters Intro There are number of new hackers joining the community on regular basis and this raises the question of “How do I get...
Admin
1 min read

A .DS_Store file disclosure exploit

**A .DS_Store file disclosure exploit ** A .DSStore file disclosure exploit. It parse .DSStore file and download files recursively. Usage: python ds_store_exp.py http://www.example.com/.DS_Store Example...
Admin
47 sec read

test gate

Test Gate On your world
Admin
1 sec read