PinnedXSS + OAuth Misconfigs = Token Theft and ATOHi all, In this blog post, I will walk through finding an ATO via OAuth misconfigurations and stealing Auth Tokens through collaborative…Sep 302Sep 302
Account Takeover for Google SSO UsersHi all, In this blog post, I will walk through finding an ATO for Google SSO Users through collaborative work with my friend Refaat.Nov 72Nov 72
How Disabling 2FA Could End with a Bug?In 2023, I focused on hunting on HackerOne and found many logical flaws, resulting in achieving the 5th rank in the HackerOne program for…Oct 81Oct 81
How I Got $5,000 for Out-of-Scope XSSA few months ago, I received an invitation to a private bug bounty program on HackerOne. Initially, I did my usual testing and I discovered…Feb 2413Feb 2413
Turning Self-XSS to Exploitable XSSIn this write-up, I will explain two cases of Self-XSS where I managed to escalate them into something impactful. Let’s jump right into the…Sep 25, 20235Sep 25, 20235