Discovered Vulnerabilities

Writeups of a few interesting security vulnerabilities found by me.

Hi there 👋

This is a compilation of few of the interesting bugs that I have found so far in my Penetration Tests & bug bounty journey.

This is my way of giving back to the community that I learnt so much from.

This is a work in progress so I have only included the interesting bugs so far and these are categorized by bug types.

Hope you enjoy it 😄. Feedbacks are always welcomed🙂.

Contents:

1. Finding Security Vulnerabilities in Android Applications

2. API Endpoints lead to Sensitive Information Disclosure and PII leakage of Employees

3. HTTP Dangerous Methods Enabled - P1

4. Subdomain Takeover

5. Cross Site Scripting

6. 2FA bypass - Bruteforce Protection Bypass & Response Manipulation

7. Account Highjack

8. OAuth Misconfiguration

9. Open Redirect - Manual & Automated detection