🎨
Findings
  • Discovered Vulnerabilities
  • Finding Security Vulnerabilities in Android Applications
  • API Endpoints lead to Sensitive Information Disclosure and PII leakage of Employees
  • HTTP Dangerous Methods Enabled - P1
  • Subdomain Takeover
    • Subdomain Takeover
  • XSS
    • XSS on error page
    • Interesting XSS
  • 2FA Bypass
    • Brute-force Protection Bypass
    • Response Manipulation
  • Crazy Account Highjack
  • OAuth Misconfiguration
  • Open Redirect
    • Open Redirect >> XSS
    • Automation
Powered by GitBook
On this page

Was this helpful?

Discovered Vulnerabilities

Writeups of a few interesting security vulnerabilities found by me.

NextFinding Security Vulnerabilities in Android Applications

Last updated 3 years ago

Was this helpful?

Hi there 👋

This is a compilation of few of the interesting bugs that I have found so far in my Penetration Tests & bug bounty journey.

This is my way of giving back to the community that I learnt so much from.

This is a work in progress so I have only included the interesting bugs so far and these are categorized by bug types.

Hope you enjoy it 😄. Feedbacks are always welcomed.

Contents:

  1. Finding Security Vulnerabilities in Android Applications

  2. API Endpoints lead to Sensitive Information Disclosure and PII leakage of Employees

  3. HTTP Dangerous Methods Enabled - P1

  4. Subdomain Takeover

  5. Cross Site Scripting

  6. 2FA bypass - Bruteforce Protection Bypass & Response Manipulation

  7. Account Highjack

  8. OAuth Misconfiguration

  9. Open Redirect - Manual & Automated detection

🙂