Skip to main content

Posts

Featured

Account takeover on A Google Acquisitions apigee.com

Hii gyes.. So back in the summer I decided to get a HoF in Google cause it was my one of the most wanted Dreams.. So I started searching for new stuffs of Google then heard about Google acquisitions and thought to try my luck on one of the Google Acquisitions apigee.com . First let me tell you about Google Acquisitions. Actually i am not telling you here about it if you want to Know about it visit this . Back to the Topic!! So after doing a Recon. I came to do manual testing and almost 10 min later I discovered a open redirect but the bad thing was that Google don't accept Open redirect and I was like... Then I try to do a XSS by this payload javascript:alert(1) and it worked I was so happy then i thought to report it like a high impact issue so rapidly I started searching for the stuffs done with an XSS and found a blog-post to steal the cookies of a user through XSS so tried it but it didn't worked for me because of wrong payload entry so I decided to first study

Latest posts

Information discloser on Mixmax.com

Broken Authentication and Session Management

A very hard way of a BugHunter to start in this community.

Clickjacking on OLX , Mixmax , Formassembly and Chalk.

Session Hijacking on Spotify and Lifeinvader.com

Content Spoofing on Instagram;)

SilverPoision's Github