PinnedStealing from scammers using SQL Injection | Ethical Hacking Payback — Part 1Have you ever heard about these loot box gambling sites where you can bet the items you won playing games (like CS:GO), and get better…Nov 13, 20223Nov 13, 20223
PinnedHow I became a millionaire in 3h | Fintech Bug Bounty — Part 1Lately, I’ve been doing some pentesting on a bank. It’s not like they hired me, but I felt curious about their infrastructure and asked…Jul 28, 20222Jul 28, 20222
Running a MITM on a Google Play App | Fintech Bug Bounty — Part 3This article is the 3rd part of the “Fintech Bug Bounty” series.Feb 4Feb 4
GraphQL Exploitation Techniques | Fintech Bug Bounty — Part 2This article is the 2nd part of the “Fintech Bug Bounty” series.Dec 11, 2022Dec 11, 2022
Google SSO misconfiguration leading to Account TakeoverI’m a technical guy. However, this post doesn’t contain any technical details, but that’s because this bug doesn’t require any. I need to…Oct 14, 20221Oct 14, 20221
(XSS) Account takeover using SteamThis story begins a couple of years ago. I was navigating through a gambling website (which I cannot disclose) when I decided I would…May 1, 2022May 1, 2022