Securitycipher
@securitycipher.bsky.social
📃 Write-ups and Resources 🚀 related to Bug Bounty💲 #bugbounty #bugbountytips
Find Real Bugs by Simply Reading JavaScript Files
https://medium.com/meetcyber/find-real-bugs-by-simply-reading-javascript-files-bdd4f825081b?source=rss------bug_bounty-5
https://medium.com/meetcyber/find-real-bugs-by-simply-reading-javascript-files-bdd4f825081b?source=rss------bug_bounty-5
November 27, 2025 at 9:08 PM
Find Real Bugs by Simply Reading JavaScript Files
https://medium.com/meetcyber/find-real-bugs-by-simply-reading-javascript-files-bdd4f825081b?source=rss------bug_bounty-5
https://medium.com/meetcyber/find-real-bugs-by-simply-reading-javascript-files-bdd4f825081b?source=rss------bug_bounty-5
Zero-Click Account Takeover via OAuth
https://medium.com/@amrqansow/zero-click-account-takeover-via-oauth-8c229a3f45d1?source=rss------bug_bounty-5
https://medium.com/@amrqansow/zero-click-account-takeover-via-oauth-8c229a3f45d1?source=rss------bug_bounty-5
November 27, 2025 at 8:08 PM
Zero-Click Account Takeover via OAuth
https://medium.com/@amrqansow/zero-click-account-takeover-via-oauth-8c229a3f45d1?source=rss------bug_bounty-5
https://medium.com/@amrqansow/zero-click-account-takeover-via-oauth-8c229a3f45d1?source=rss------bug_bounty-5
How I Accidentally Got My First CVE (While Looking for Something Else Entirely)
https://medium.com/@rkvb/how-i-accidentally-got-my-first-cve-while-looking-for-something-else-entirely-c8baddbc90b9?source=rss------bug_bounty-5
https://medium.com/@rkvb/how-i-accidentally-got-my-first-cve-while-looking-for-something-else-entirely-c8baddbc90b9?source=rss------bug_bounty-5
November 27, 2025 at 7:07 PM
How I Accidentally Got My First CVE (While Looking for Something Else Entirely)
https://medium.com/@rkvb/how-i-accidentally-got-my-first-cve-while-looking-for-something-else-entirely-c8baddbc90b9?source=rss------bug_bounty-5
https://medium.com/@rkvb/how-i-accidentally-got-my-first-cve-while-looking-for-something-else-entirely-c8baddbc90b9?source=rss------bug_bounty-5
How a Simple ZIP Upload Revealed a Critical Remote Code Execution Flaw
https://medium.com/@harshtalavaniya05/how-a-simple-zip-upload-revealed-a-critical-remote-code-execution-flaw-042c375cdee7?source=rss------bug_bounty-5
https://medium.com/@harshtalavaniya05/how-a-simple-zip-upload-revealed-a-critical-remote-code-execution-flaw-042c375cdee7?source=rss------bug_bounty-5
November 27, 2025 at 4:11 PM
How a Simple ZIP Upload Revealed a Critical Remote Code Execution Flaw
https://medium.com/@harshtalavaniya05/how-a-simple-zip-upload-revealed-a-critical-remote-code-execution-flaw-042c375cdee7?source=rss------bug_bounty-5
https://medium.com/@harshtalavaniya05/how-a-simple-zip-upload-revealed-a-critical-remote-code-execution-flaw-042c375cdee7?source=rss------bug_bounty-5
I Found an Admin Account Anyone Could Create
https://medium.com/@ibtissam1/i-found-an-admin-account-anyone-could-create-b9d19b2d40b0?source=rss------bug_bounty-5
https://medium.com/@ibtissam1/i-found-an-admin-account-anyone-could-create-b9d19b2d40b0?source=rss------bug_bounty-5
November 27, 2025 at 1:24 PM
I Found an Admin Account Anyone Could Create
https://medium.com/@ibtissam1/i-found-an-admin-account-anyone-could-create-b9d19b2d40b0?source=rss------bug_bounty-5
https://medium.com/@ibtissam1/i-found-an-admin-account-anyone-could-create-b9d19b2d40b0?source=rss------bug_bounty-5
My First Valid Bug: IDOR in E-commerce Website
https://medium.com/@atharvchawna/my-first-valid-bug-idor-in-e-commerce-website-5789e974af62?source=rss------bug_bounty-5
https://medium.com/@atharvchawna/my-first-valid-bug-idor-in-e-commerce-website-5789e974af62?source=rss------bug_bounty-5
November 27, 2025 at 12:18 PM
My First Valid Bug: IDOR in E-commerce Website
https://medium.com/@atharvchawna/my-first-valid-bug-idor-in-e-commerce-website-5789e974af62?source=rss------bug_bounty-5
https://medium.com/@atharvchawna/my-first-valid-bug-idor-in-e-commerce-website-5789e974af62?source=rss------bug_bounty-5
Bug Bounty Reality Check (What They Don’t Tell You)
https://medium.com/meetcyber/bug-bounty-reality-check-what-they-dont-tell-you-5730d0557ce0?source=rss------bug_bounty-5
https://medium.com/meetcyber/bug-bounty-reality-check-what-they-dont-tell-you-5730d0557ce0?source=rss------bug_bounty-5
November 27, 2025 at 11:08 AM
Bug Bounty Reality Check (What They Don’t Tell You)
https://medium.com/meetcyber/bug-bounty-reality-check-what-they-dont-tell-you-5730d0557ce0?source=rss------bug_bounty-5
https://medium.com/meetcyber/bug-bounty-reality-check-what-they-dont-tell-you-5730d0557ce0?source=rss------bug_bounty-5
️ Critical Flaw: The “Secret Instruction” Hack in Django ORM (CVE-2025–64459)
https://medium.com/@MuhammedAsfan/%EF%B8%8F-critical-flaw-the-secret-instruction-hack-in-django-orm-cve-2025-64459-2dfc899a165d?source=rss------bug_bounty-5
https://medium.com/@MuhammedAsfan/%EF%B8%8F-critical-flaw-the-secret-instruction-hack-in-django-orm-cve-2025-64459-2dfc899a165d?source=rss------bug_bounty-5
November 27, 2025 at 9:10 AM
️ Critical Flaw: The “Secret Instruction” Hack in Django ORM (CVE-2025–64459)
https://medium.com/@MuhammedAsfan/%EF%B8%8F-critical-flaw-the-secret-instruction-hack-in-django-orm-cve-2025-64459-2dfc899a165d?source=rss------bug_bounty-5
https://medium.com/@MuhammedAsfan/%EF%B8%8F-critical-flaw-the-secret-instruction-hack-in-django-orm-cve-2025-64459-2dfc899a165d?source=rss------bug_bounty-5
Pentest → Incident Response: 10 Tools That Saved the Day (and How to Use Them)
https://medium.com/@verylazytech/pentest-incident-response-10-tools-that-saved-the-day-and-how-to-use-them-ebcef94dbb7e?source=rss------bug_bounty-5
https://medium.com/@verylazytech/pentest-incident-response-10-tools-that-saved-the-day-and-how-to-use-them-ebcef94dbb7e?source=rss------bug_bounty-5
November 27, 2025 at 8:14 AM
Pentest → Incident Response: 10 Tools That Saved the Day (and How to Use Them)
https://medium.com/@verylazytech/pentest-incident-response-10-tools-that-saved-the-day-and-how-to-use-them-ebcef94dbb7e?source=rss------bug_bounty-5
https://medium.com/@verylazytech/pentest-incident-response-10-tools-that-saved-the-day-and-how-to-use-them-ebcef94dbb7e?source=rss------bug_bounty-5
How I Bypassed Enterprise File Restrictions with Just One Character
https://medium.com/@default_Ox/how-i-bypassed-enterprise-file-restrictions-with-just-one-character-f514080bed2f?source=rss------bug_bounty-5
https://medium.com/@default_Ox/how-i-bypassed-enterprise-file-restrictions-with-just-one-character-f514080bed2f?source=rss------bug_bounty-5
November 27, 2025 at 7:11 AM
How I Bypassed Enterprise File Restrictions with Just One Character
https://medium.com/@default_Ox/how-i-bypassed-enterprise-file-restrictions-with-just-one-character-f514080bed2f?source=rss------bug_bounty-5
https://medium.com/@default_Ox/how-i-bypassed-enterprise-file-restrictions-with-just-one-character-f514080bed2f?source=rss------bug_bounty-5
Apple Developer Stored XSS — $5,000 Bounty | Writeup 2025
https://medium.com/@ZombieHack/apple-developer-stored-xss-5-000-bounty-writeup-2025-cc34a030a5bf?source=rss------bug_bounty-5
https://medium.com/@ZombieHack/apple-developer-stored-xss-5-000-bounty-writeup-2025-cc34a030a5bf?source=rss------bug_bounty-5
November 27, 2025 at 3:38 AM
Apple Developer Stored XSS — $5,000 Bounty | Writeup 2025
https://medium.com/@ZombieHack/apple-developer-stored-xss-5-000-bounty-writeup-2025-cc34a030a5bf?source=rss------bug_bounty-5
https://medium.com/@ZombieHack/apple-developer-stored-xss-5-000-bounty-writeup-2025-cc34a030a5bf?source=rss------bug_bounty-5
How I do Recon on my target.com which gave me walkthrough to the bugbounty
https://medium.com/@shakthisv90/how-i-do-recon-on-my-target-com-which-gave-me-walkthrough-to-the-bugbounty-880c07c3f07d?source=rss------bug_bounty-5
https://medium.com/@shakthisv90/how-i-do-recon-on-my-target-com-which-gave-me-walkthrough-to-the-bugbounty-880c07c3f07d?source=rss------bug_bounty-5
November 27, 2025 at 2:23 AM
How I do Recon on my target.com which gave me walkthrough to the bugbounty
https://medium.com/@shakthisv90/how-i-do-recon-on-my-target-com-which-gave-me-walkthrough-to-the-bugbounty-880c07c3f07d?source=rss------bug_bounty-5
https://medium.com/@shakthisv90/how-i-do-recon-on-my-target-com-which-gave-me-walkthrough-to-the-bugbounty-880c07c3f07d?source=rss------bug_bounty-5
How to Fix Wireshark Errors on Linux (The Complete Guide)
https://medium.com/bug-bounty-hunting-a-comprehensive-guide-in/how-to-fix-wireshark-errors-on-linux-the-complete-guide-7ea25af0305d?source=rss------bug_bounty-5
https://medium.com/bug-bounty-hunting-a-comprehensive-guide-in/how-to-fix-wireshark-errors-on-linux-the-complete-guide-7ea25af0305d?source=rss------bug_bounty-5
November 27, 2025 at 12:44 AM
How to Fix Wireshark Errors on Linux (The Complete Guide)
https://medium.com/bug-bounty-hunting-a-comprehensive-guide-in/how-to-fix-wireshark-errors-on-linux-the-complete-guide-7ea25af0305d?source=rss------bug_bounty-5
https://medium.com/bug-bounty-hunting-a-comprehensive-guide-in/how-to-fix-wireshark-errors-on-linux-the-complete-guide-7ea25af0305d?source=rss------bug_bounty-5
Deploy Self-Hosted WAF for your Homelab and Web Applications using SafeLine.
https://pwndecoco.medium.com/deploy-self-hosted-waf-for-your-homelab-and-web-applications-using-safeline-42979d364cb4?source=rss------bug_bounty-5
https://pwndecoco.medium.com/deploy-self-hosted-waf-for-your-homelab-and-web-applications-using-safeline-42979d364cb4?source=rss------bug_bounty-5
November 26, 2025 at 11:08 PM
Deploy Self-Hosted WAF for your Homelab and Web Applications using SafeLine.
https://pwndecoco.medium.com/deploy-self-hosted-waf-for-your-homelab-and-web-applications-using-safeline-42979d364cb4?source=rss------bug_bounty-5
https://pwndecoco.medium.com/deploy-self-hosted-waf-for-your-homelab-and-web-applications-using-safeline-42979d364cb4?source=rss------bug_bounty-5
How I Discovered an IDOR Vulnerability in a Parent/Child Management API
https://infosecwriteups.com/how-i-discovered-an-idor-vulnerability-in-a-parent-child-management-api-445c9471d23b?source=rss------bug_bounty-5
https://infosecwriteups.com/how-i-discovered-an-idor-vulnerability-in-a-parent-child-management-api-445c9471d23b?source=rss------bug_bounty-5
November 26, 2025 at 10:08 PM
How I Discovered an IDOR Vulnerability in a Parent/Child Management API
https://infosecwriteups.com/how-i-discovered-an-idor-vulnerability-in-a-parent-child-management-api-445c9471d23b?source=rss------bug_bounty-5
https://infosecwriteups.com/how-i-discovered-an-idor-vulnerability-in-a-parent-child-management-api-445c9471d23b?source=rss------bug_bounty-5
Business Logic Vulnerabilities — Hands-On Lab Series (PortSwigger Academy)
https://medium.com/@fatimahasan022/business-logic-vulnerabilities-hands-on-lab-series-portswigger-academy-e92b54210aeb?source=rss------bug_bounty-5
https://medium.com/@fatimahasan022/business-logic-vulnerabilities-hands-on-lab-series-portswigger-academy-e92b54210aeb?source=rss------bug_bounty-5
November 26, 2025 at 9:08 PM
Business Logic Vulnerabilities — Hands-On Lab Series (PortSwigger Academy)
https://medium.com/@fatimahasan022/business-logic-vulnerabilities-hands-on-lab-series-portswigger-academy-e92b54210aeb?source=rss------bug_bounty-5
https://medium.com/@fatimahasan022/business-logic-vulnerabilities-hands-on-lab-series-portswigger-academy-e92b54210aeb?source=rss------bug_bounty-5
Comprehensive Cross Site Scripting Assessment From Reflective Payloads to Persistent Exploits and…
https://kizerh.medium.com/comprehensive-cross-site-scripting-assessment-from-reflective-payloads-to-persistent-exploits-and-db48c8d88b8a?source=rss------bug_bounty-5
https://kizerh.medium.com/comprehensive-cross-site-scripting-assessment-from-reflective-payloads-to-persistent-exploits-and-db48c8d88b8a?source=rss------bug_bounty-5
November 26, 2025 at 8:10 PM
Comprehensive Cross Site Scripting Assessment From Reflective Payloads to Persistent Exploits and…
https://kizerh.medium.com/comprehensive-cross-site-scripting-assessment-from-reflective-payloads-to-persistent-exploits-and-db48c8d88b8a?source=rss------bug_bounty-5
https://kizerh.medium.com/comprehensive-cross-site-scripting-assessment-from-reflective-payloads-to-persistent-exploits-and-db48c8d88b8a?source=rss------bug_bounty-5
HackerOne for Aspiring Ethical Hackers: An Advanced, Practical Roadmap to Start, Hunt, and Grow
https://medium.com/@penoughcyber/hackerone-for-aspiring-ethical-hackers-an-advanced-practical-roadmap-to-start-hunt-and-grow-c11200da41dc?source=rss------bug_bounty-5
https://medium.com/@penoughcyber/hackerone-for-aspiring-ethical-hackers-an-advanced-practical-roadmap-to-start-hunt-and-grow-c11200da41dc?source=rss------bug_bounty-5
November 26, 2025 at 7:07 PM
HackerOne for Aspiring Ethical Hackers: An Advanced, Practical Roadmap to Start, Hunt, and Grow
https://medium.com/@penoughcyber/hackerone-for-aspiring-ethical-hackers-an-advanced-practical-roadmap-to-start-hunt-and-grow-c11200da41dc?source=rss------bug_bounty-5
https://medium.com/@penoughcyber/hackerone-for-aspiring-ethical-hackers-an-advanced-practical-roadmap-to-start-hunt-and-grow-c11200da41dc?source=rss------bug_bounty-5
November 26, 2025 at 3:13 PM
How i earned $100 in one minute
https://medium.com/@pawanparmar/how-i-earned-100-in-one-minute-b1b52d5bbf41?source=rss------bug_bounty-5
https://medium.com/@pawanparmar/how-i-earned-100-in-one-minute-b1b52d5bbf41?source=rss------bug_bounty-5
November 26, 2025 at 2:09 PM
How i earned $100 in one minute
https://medium.com/@pawanparmar/how-i-earned-100-in-one-minute-b1b52d5bbf41?source=rss------bug_bounty-5
https://medium.com/@pawanparmar/how-i-earned-100-in-one-minute-b1b52d5bbf41?source=rss------bug_bounty-5
I Automated My Bug Hunting With Google
https://medium.com/@ibtissam1/i-automated-my-bug-hunting-with-google-1dd5e5938b39?source=rss------bug_bounty-5
https://medium.com/@ibtissam1/i-automated-my-bug-hunting-with-google-1dd5e5938b39?source=rss------bug_bounty-5
November 26, 2025 at 1:27 PM
I Automated My Bug Hunting With Google
https://medium.com/@ibtissam1/i-automated-my-bug-hunting-with-google-1dd5e5938b39?source=rss------bug_bounty-5
https://medium.com/@ibtissam1/i-automated-my-bug-hunting-with-google-1dd5e5938b39?source=rss------bug_bounty-5
The 150-Day Blueprint: From Zero to $7,650 in Bug Bounties
https://medium.com/@Aacle/the-150-day-blueprint-from-zero-to-7-650-in-bug-bounties-51c6f24c3b9f?source=rss------bug_bounty-5
https://medium.com/@Aacle/the-150-day-blueprint-from-zero-to-7-650-in-bug-bounties-51c6f24c3b9f?source=rss------bug_bounty-5
November 26, 2025 at 12:18 PM
The 150-Day Blueprint: From Zero to $7,650 in Bug Bounties
https://medium.com/@Aacle/the-150-day-blueprint-from-zero-to-7-650-in-bug-bounties-51c6f24c3b9f?source=rss------bug_bounty-5
https://medium.com/@Aacle/the-150-day-blueprint-from-zero-to-7-650-in-bug-bounties-51c6f24c3b9f?source=rss------bug_bounty-5
Write-up: SQL injection vulnerability in WHERE clause allowing retrieval of hidden data
https://medium.com/@hydra88948/write-up-sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-a76afba68d95?source=rss------bug_bounty-5
https://medium.com/@hydra88948/write-up-sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-a76afba68d95?source=rss------bug_bounty-5
November 26, 2025 at 11:08 AM
Write-up: SQL injection vulnerability in WHERE clause allowing retrieval of hidden data
https://medium.com/@hydra88948/write-up-sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-a76afba68d95?source=rss------bug_bounty-5
https://medium.com/@hydra88948/write-up-sql-injection-vulnerability-in-where-clause-allowing-retrieval-of-hidden-data-a76afba68d95?source=rss------bug_bounty-5
November 26, 2025 at 10:15 AM
Directory Listing: How a simple misconfiguration exposed an Application’s Wechat access tokens and…
https://medium.com/@duncanochieng682/directory-listing-how-a-simple-misconfiguration-exposed-an-applications-wechat-access-tokens-and-4b3e45328d44?source=rss------bug_bounty-5
https://medium.com/@duncanochieng682/directory-listing-how-a-simple-misconfiguration-exposed-an-applications-wechat-access-tokens-and-4b3e45328d44?source=rss------bug_bounty-5
November 26, 2025 at 10:10 AM
Directory Listing: How a simple misconfiguration exposed an Application’s Wechat access tokens and…
https://medium.com/@duncanochieng682/directory-listing-how-a-simple-misconfiguration-exposed-an-applications-wechat-access-tokens-and-4b3e45328d44?source=rss------bug_bounty-5
https://medium.com/@duncanochieng682/directory-listing-how-a-simple-misconfiguration-exposed-an-applications-wechat-access-tokens-and-4b3e45328d44?source=rss------bug_bounty-5