Soft Deletion of Resources - [Privacy Violation]
API Excessive Data Exposure: Why Devs? Why?
5500$ Bug Story - Ezzy 2FA Bypass
Default OTP: Account Takeover
Bypassing Okta SSO=> HTTPS/HTTP
Pwning Admin Panel To Change Movie Ticket Prices at Disney
Slides: GraphQL Hacking
[1->2->3] or [2->3]: Bypassing Authentication Barriers
Why Shift to Manual Hacking?
Writeup: Delete Replies on LinkedIn Learning
Guide to Parameter Enumeration
ffuf - Fuzz The Web
Puredns - Bruteforce Domains
How do I approach exploiting access control bugs?
Exposing Users Table From a Leaky GraphQL Query
Hacking GraphQL API Using Suggestions
Guide to Permutations Subdomain Enumeration
How do I enumerate more root domain names than others?
How I fuzz and hack APIs?
How I Pwned 10 Admin Panels and got rewarded 8000$+?