Mahendra Purbia (Mah3Sec)

Published in InfoSec Write-ups

·Pinned

How an Open Redirection Leads to an Account Takeover?

Hey folks, I’m here to share one of my old finding. In which i found a unique way of an open redirection which leads to an account takeover. So the Web App i testing was a Trading Platform. Let’s call it target.com for the demonstration purpose. So there is a…

Bug Bounty

2 min read

How an Open Redirection Leads to an Account Takeover?

Bug Bounty

2 min read

Published in InfoSec Write-ups

·Pinned

BUG HUNTING METHODOLOGY FOR BEGINNERS

In this write up I am going to describe the path I walked through the bug hunting from the beginner level. This write-up is purely for new comers to the bug bounty community. And I hope this will help you to understand that how a researcher or bug hunter find…

Bug Bounty

6 min read

Bug Bounty

6 min read

Published in InfoSec Write-ups

·Pinned

P1: Easy Access to Grafana Dashboard

Hey folks, I’m here to share one of my old findings. In which accessed the grafana dashboard with default credentials, which lead to sensitive information about the server’s analytics and other information on resource utilization. You all must be thinking about the need to write this easy finding even beginners…

Hacker

3 min read

Hacker

3 min read