Author | Lightnews

Securitycipher @securitycipher.bsky.social · 1h

Unauthorized Access to Internal Nginx Status Page via X-Forwarded-For Header

https://medium.com/@bytewreaker/unauthorized-access-to-internal-nginx-status-page-via-x-forwarded-for-header-31de9e8b4e28?source=rss------bug_bounty-5

Securitycipher @securitycipher.bsky.social · 5h

GitHub Dorking for Bug Bounty — A Beginner’s Guide (Guaranteed Bounty)

https://kd-200.medium.com/github-dorking-for-bug-bounty-a-beginners-guide-guaranteed-bounty-ea699b648561?source=rss------bug_bounty-5

Securitycipher @securitycipher.bsky.social · 7h

How I earned ₹₹₹₹₹ by reporting API key to massive payment company

https://medium.com/@deepk007/how-i-earned-by-reporting-api-key-to-massive-payment-company-f02e85fdbdab?source=rss------bug_bounty-5

Securitycipher @securitycipher.bsky.social · 8h

Privilege Escalation in snapshat ADS$

https://medium.com/@abderrahmaneaksoum/privilege-escalation-in-snapshat-ads-cb83569536e5?source=rss------bug_bounty-5

Securitycipher @securitycipher.bsky.social · 9h

Mastering Hidden Backups & Old Versions: Step-by-Step Guide for Pentesters and Bug Hunters

https://medium.com/@verylazytech/mastering-hidden-backups-old-versions-step-by-step-guide-for-pentesters-and-bug-hunters-e1b0b077999f?source=rss------bug_bounty-5

Securitycipher @securitycipher.bsky.social · 10h

How I Stay Active in Bug Bounty While Working 9–5

https://shaifsec.medium.com/how-i-stay-active-in-bug-bounty-while-working-9-5-7ab95e853c7a?source=rss------bug_bounty-5

Securitycipher @securitycipher.bsky.social · 13h

️‍♂️ All About Scanning in Bug Bounty (2025 Edition)- Earning 2$$

https://medium.com/@xmxa-tech/%EF%B8%8F-%EF%B8%8F-all-about-scanning-in-bug-bounty-2025-edition-earning-2-b758c69746bb?source=rss------bug_bounty-5

Securitycipher @securitycipher.bsky.social · 16h

RustScan Guide for Ultra-Fast Port Scanning

https://medium.com/@jpablo13/rustscan-guide-for-ultra-fast-port-scanning-77a7aa3cac21?source=rss------bug_bounty-5

Securitycipher @securitycipher.bsky.social · 18h

Race condition vulnerability occurs when websites process requests concurrently.

https://medium.com/@ebrahimmagdy735/race-condition-vulnerability-occurs-when-websites-process-requests-concurrently-43f3e3cd2350?source=rss------bug_bounty-5

Securitycipher @securitycipher.bsky.social · 20h

How I Got a Four-Digit Bug Bounty From Grammarly

https://hexaphp.medium.com/how-i-got-a-four-digit-bug-bounty-from-grammarly-187038396843?source=rss------bug_bounty-5

Securitycipher @securitycipher.bsky.social · 22h

How I Found a Hidden Data Leak and Won a Bounty — The Practical Guide to Detecting Data…

https://medium.com/@zoningxtr/how-i-found-a-hidden-data-leak-and-won-a-bounty-the-practical-guide-to-detecting-data-fafba9fc6266?source=rss------bug_bounty-5

Securitycipher @securitycipher.bsky.social · 23h

No Confirmation Email For Email Change

https://hackerone.com/reports/268221

Securitycipher @securitycipher.bsky.social · 1d

The Ultimate Bug Hunter’s Recon workflow: From Subdomains to Critical Vulnerabilities

https://medium.com/@manojxshrestha/the-ultimate-bug-hunters-recon-workflow-from-subdomains-to-critical-vulnerabilities-befcef19307f?source=rss------bug_bounty-5

Securitycipher @securitycipher.bsky.social · 1d

Google Dorking for Test Environments

https://medium.com/@cybersecplayground/google-dorking-for-test-environments-ae70958fa112?source=rss------bug_bounty-5

Securitycipher @securitycipher.bsky.social · 1d

HTTP Methods: The Core of Web Communication

https://infyra.medium.com/http-methods-the-core-of-web-communication-33c28c826850?source=rss------bug_bounty-5

Securitycipher @securitycipher.bsky.social · 1d

Buffer over-read,, Missing NUL termination in addvariable() causes undefined behavior

https://hackerone.com/reports/3406123

Securitycipher @securitycipher.bsky.social · 1d

How I Uncover Hidden Vulnerabilities With Simple Recon

https://medium.com/@ibtissam1/how-i-uncover-hidden-vulnerabilities-with-simple-recon-f3cd5a2a91f2?source=rss------bug_bounty-5

Securitycipher @securitycipher.bsky.social · 1d

HTML injection in snapshat email form$$

https://medium.com/@abderrahmaneaksoum/html-injection-in-snapshat-email-form-318fc1ac0a9c?source=rss------bug_bounty-5

Securitycipher @securitycipher.bsky.social · 1d

Unauthenticated access to “Confidential — licensed users” PDF (found with Google dork)

https://ousski.medium.com/unauthenticated-access-to-confidential-licensed-users-pdf-found-with-google-dork-867dd2f5e462?source=rss------bug_bounty-5

Securitycipher @securitycipher.bsky.social · 1d

Master Stealth Logging Bypass on Linux Systems: Step-by-Step Tactics for Ethical Hackers

https://medium.com/@verylazytech/master-stealth-logging-bypass-on-linux-systems-step-by-step-tactics-for-ethical-hackers-cd2112ef944a?source=rss------bug_bounty-5

Securitycipher @securitycipher.bsky.social · 1d

At Rock Bottom, I Found My Way Back To Cybersecurity

https://medium.com/@cosmicbyt3/at-rock-bottom-i-found-my-way-back-to-cybersecurity-4068aed6bb34?source=rss------bug_bounty-5

Securitycipher @securitycipher.bsky.social · 1d

All About Recon — Bug Bounty

https://medium.com/@xmxa-tech/all-about-recon-bug-bounty-2ec869fcbe45?source=rss------bug_bounty-5

Securitycipher @securitycipher.bsky.social · 1d

When Error Messages Leak More Than Logs: ORMs, Frameworks, and the Quiet Reconnaissance Problem

https://medium.com/@cameronbardin/when-error-messages-leak-more-than-logs-orms-frameworks-and-the-quiet-reconnaissance-problem-cfb336ce1117?source=rss------bug_bounty-5

Securitycipher @securitycipher.bsky.social · 1d

Guía Completa de RustScan: Escaneo de Puertos Ultrarrápido

https://medium.com/@jpablo13/gu%C3%ADa-completa-de-rustscan-escaneo-de-puertos-ultrarr%C3%A1pido-da6ab7b7fed7?source=rss------bug_bounty-5

Securitycipher @securitycipher.bsky.social · 1d

Hacking APIs: HTTP Parameter Pollution

https://iaraoz.medium.com/hacking-apis-http-parameter-pollution-fba389e55ada?source=rss------bug_bounty-5