Publications

My First Bounty and How Did I get it?

On the way to 2nd Bounty, XSS and Apache Server

For the first Bounty, it takes a few challenging months, but only a few days for the second.

Not Validating the session may Leads to Account Deletion.

My first IDOR on hackerone

Bypassing WAF and got XSS in DOD

Finally, that’s Blind XSS