The Walt Disney Company started its program on Hackerone in March 2022. Last week, I reported 3 highs and 1 critical on their program. This is the story of an IDOR report due to improper authorization. Authentication and Authorization Authentication: When a user logs into a site or app, this
Introduction/ Background Here’s the write-up for the report I wrote 3 months ago on a Private Program on Hackerone. The bug was present in the chat system where the app is keeping the personal data of the users even after deletion. Privacy Violation Privacy Violation means wrongful disclosure, theft,
Hi, I am Inderjeet Singh. A bug bounty hunter, ethical hacker, penetration tester, and also a cybersecurity investigator privately. I have 2 years of experience now, and with this article, I will share a pathway that anyone can follow to get into the subspace of ethical hacking. The RoadMap 1.