https://members.bugbountyexplained.com/what-it-takes-to-be-good-at-bug-bounty-hunting-defcamp-2021/2022-04-22T12:57:21+00:00https://members.bugbountyexplained.com/qa-about-source-code-review-and-debugging/2022-04-22T12:57:14+00:00https://members.bugbountyexplained.com/a-surprising-quirk-of-regexes-in-javascript/2022-04-22T12:57:08+00:00https://members.bugbountyexplained.com/reading-rfcs-for-bug-bounty-hunters/2022-04-22T12:56:59+00:00https://members.bugbountyexplained.com/writing-sqlmap-tamper-scripts/2022-04-22T12:56:54+00:00https://members.bugbountyexplained.com/debugging-a-java-application-with-decompiled-source-code/2022-04-22T12:56:42+00:00https://members.bugbountyexplained.com/web3-learning-corner-3-the-first-ctfs/2022-04-22T12:56:46+00:00https://members.bugbountyexplained.com/escaping-iframe-in-headless-browser-for-ssrf/2022-04-22T12:56:33+00:00https://members.bugbountyexplained.com/top-7-hacking-technique-2021-json-interoperability-bugs/2022-04-22T12:56:14+00:00https://members.bugbountyexplained.com/bypassing-url-blocklists-in-java/2022-04-22T12:56:27+00:00https://members.bugbountyexplained.com/escaping-shell-arguments-for-command-injection-bugs/2022-04-22T12:55:58+00:00https://members.bugbountyexplained.com/nuclei-burp-plugin/2022-04-22T12:55:48+00:00https://members.bugbountyexplained.com/web3-learning-corner-2/2022-04-22T12:55:30+00:00https://members.bugbountyexplained.com/oauth-postmessage-bug-account-takeover/2022-04-22T12:55:25+00:00https://members.bugbountyexplained.com/solving-a-ctf-task-by-ascii-only-jar-webshell/2022-04-22T12:55:09+00:00https://members.bugbountyexplained.com/instead-of-leads-to-an-rce/2022-04-22T12:54:53+00:00https://members.bugbountyexplained.com/finding-source-code-bugs-with-codeql-the-easy-way/2022-04-21T14:37:05+00:00https://members.bugbountyexplained.com/hacking-google-drive-integrations/2022-04-22T12:54:40+00:00https://members.bugbountyexplained.com/blockchain-learning-corner-1/2022-04-21T14:37:05+00:00https://members.bugbountyexplained.com/how-much-bounties-google-paid-in-2021/2022-04-21T14:37:05+00:00https://members.bugbountyexplained.com/approaching-small-scope-programs/2022-04-21T14:37:05+00:00https://members.bugbountyexplained.com/bigquery-sql-injection-cheat-sheet/2022-04-22T12:54:21+00:00https://members.bugbountyexplained.com/burp-plugin-for-scanning-sso-authentication/2022-04-21T14:37:05+00:00https://members.bugbountyexplained.com/burps-turbo-intruder/2022-04-21T14:37:05+00:00https://members.bugbountyexplained.com/several-critical-vulnerabilities-in-github-actions/2022-04-21T14:37:05+00:00https://members.bugbountyexplained.com/finding-web2-bugs-on-nft-websites/2022-04-21T14:37:05+00:00https://members.bugbountyexplained.com/prototype-pollution-in-an-xml-based-format/2022-04-21T14:37:05+00:00https://members.bugbountyexplained.com/python-as-an-http-client-for-hacking/2022-04-28T10:50:22+00:00https://members.bugbountyexplained.com/trufflehog-v3/2022-04-21T14:36:55+00:00https://members.bugbountyexplained.com/web3-learning-corner-3-preparing-a-bbre-video/2022-04-22T12:54:05+00:00https://members.bugbountyexplained.com/finding-a-ruby-deserialization-gadget/2022-04-21T14:36:55+00:00https://members.bugbountyexplained.com/hacking-github-actions/2022-04-21T14:36:55+00:00https://members.bugbountyexplained.com/cross-origin-does-not-mean-cross-site/2022-04-21T14:36:55+00:00https://members.bugbountyexplained.com/most-interesting-bugs-from-rails-18-years-of-history/2022-04-21T14:36:55+00:00https://members.bugbountyexplained.com/csrf-in-graphql/2022-04-22T12:53:49+00:00https://members.bugbountyexplained.com/step-by-step-process-of-writing-codeql-queries/2022-04-21T14:36:55+00:00https://members.bugbountyexplained.com/comparing-site-maps-in-burp/2022-04-21T14:36:55+00:00https://members.bugbountyexplained.com/top-10-web-hacking-techniques-of-2021/2022-04-21T14:36:55+00:00https://members.bugbountyexplained.com/sql-injection-in-todays-web/2022-04-21T14:36:55+00:00https://members.bugbountyexplained.com/is-bug-bouny-hunter-lifestyle-healthy/2022-04-21T14:36:55+00:00https://members.bugbountyexplained.com/10-burp-shortcuts-that-will-help-you-hack-quicker/2022-04-21T14:36:55+00:00https://members.bugbountyexplained.com/common-env-variables-with-sensitive-information/2022-04-22T12:53:29+00:00https://members.bugbountyexplained.com/websocket-security-scanner/2022-04-22T12:53:22+00:00https://members.bugbountyexplained.com/120-days-of-hunting/2022-04-21T14:36:54+00:00https://members.bugbountyexplained.com/attacks-on-ci-cd-pipelines/2022-04-22T12:53:14+00:00https://members.bugbountyexplained.com/10-address-bypass-tricks/2022-04-22T12:53:07+00:00https://members.bugbountyexplained.com/tricks-used-to-find-ssrfs-in-websphere-portal/2022-04-22T12:53:00+00:00https://members.bugbountyexplained.com/web-cache-poisoning-part-2-examples/2022-04-22T12:52:55+00:00https://members.bugbountyexplained.com/community-vote-launched-for-top-10-web-hacking-techniques-of-2021/2022-04-21T14:36:47+00:00https://members.bugbountyexplained.com/cloud-security-breaches-and-vulnerabilities-2021-in-review/2022-04-21T14:36:47+00:00https://members.bugbountyexplained.com/break-into-smart-contract-hacking/2022-04-22T12:52:39+00:00https://members.bugbountyexplained.com/finding-postmessage-bugs-with-dom-invader/2022-04-22T12:52:26+00:00https://members.bugbountyexplained.com/strategy-to-become-a-pentester/2022-04-21T14:36:47+00:00https://members.bugbountyexplained.com/web-cache-poisoning-part-1-basics/2022-04-22T12:52:16+00:00https://members.bugbountyexplained.com/recon-roadmap-of-an-experienced-hunter/2022-04-21T14:36:47+00:00https://members.bugbountyexplained.com/installing-burp-collaborator-instance/2022-04-21T14:36:47+00:00https://members.bugbountyexplained.com/interesting-bugs-in-hubspot-and-instapage/2022-04-21T14:36:47+00:00https://members.bugbountyexplained.com/bonus-the-best-way-to-prove-the-impact%f0%9f%98%82/2022-04-22T12:51:55+00:00https://members.bugbountyexplained.com/finding-dom-xss-with-dom-invader/2022-04-21T14:36:47+00:00https://members.bugbountyexplained.com/10-security-pitfalls-of-python/2022-04-21T14:36:46+00:00https://members.bugbountyexplained.com/dealing-with-difficulties-in-bug-bounties/2022-04-21T14:36:46+00:00https://members.bugbountyexplained.com/grafana-path-traversal/2022-04-21T14:36:46+00:00https://members.bugbountyexplained.com/cryptography-bugs-explained-without-complex-maths/2022-04-22T12:51:35+00:00https://members.bugbountyexplained.com/kubernetes-security-resources/2022-04-21T14:36:46+00:00https://members.bugbountyexplained.com/learning-path-for-mastering-containers/2022-04-21T14:36:46+00:00https://members.bugbountyexplained.com/how-to-debug-source-code-to-find-bugs/2022-04-22T12:51:26+00:00https://members.bugbountyexplained.com/bypassing-samesite-cookies/2022-04-21T14:36:46+00:00https://members.bugbountyexplained.com/abandon-an-idea-as-soon-as-you-can/2022-04-21T14:36:30+00:00https://members.bugbountyexplained.com/writing-custom-semgrep-rules/2022-04-21T14:36:30+00:00https://members.bugbountyexplained.com/wordpress-confusion/2022-04-21T14:36:30+00:00https://members.bugbountyexplained.com/dependency-confusion-poc/2022-04-22T12:51:10+00:00https://members.bugbountyexplained.com/which-cves-are-the-hottest/2022-04-21T14:36:30+00:00https://members.bugbountyexplained.com/session-tokens-resources/2022-04-21T14:36:30+00:00https://members.bugbountyexplained.com/race-condition-rces/2022-04-21T14:36:30+00:00https://members.bugbountyexplained.com/how-to-identify-impact-of-leaked-private-key/2022-04-22T12:50:56+00:00https://members.bugbountyexplained.com/the-best-no-bullst-advice-for-getting-into-cybersec/2022-04-21T14:36:29+00:00https://members.bugbountyexplained.com/bug-hunter-recorded-himself-finding-10k-ssrf-in-google/2022-04-22T12:50:46+00:00https://members.bugbountyexplained.com/predicting-mongodb-ids-for-idors/2022-04-21T14:36:29+00:00https://members.bugbountyexplained.com/discovery-and-exploitation-of-rce-via-deserialization/2022-04-21T14:36:29+00:00https://members.bugbountyexplained.com/prototype-pollution-writeups/2022-04-21T14:36:29+00:00https://members.bugbountyexplained.com/grpc-and-protobuf-what-is-this-all-about/2022-04-21T14:36:29+00:00https://members.bugbountyexplained.com/million-from-bug-bounty-in-4-years/2022-04-21T14:36:29+00:00https://members.bugbountyexplained.com/speed-up-your-dorking/2022-04-21T14:36:29+00:00https://members.bugbountyexplained.com/turbo-intruder-observedwords/2022-04-21T14:36:29+00:00https://members.bugbountyexplained.com/ci-cd-pipeline-threat-matrix/2022-04-21T14:36:29+00:00https://members.bugbountyexplained.com/http-2-request-smuggling-labs/2022-04-22T12:50:33+00:00https://members.bugbountyexplained.com/metaskills/2022-04-21T14:36:29+00:00https://members.bugbountyexplained.com/prototype-pollution/2022-04-22T12:39:19+00:00https://members.bugbountyexplained.com/bypassing-verification-with-arrays/2022-04-22T12:39:44+00:00https://members.bugbountyexplained.com/extracting-words-specific-to-a-target/2022-04-22T12:39:57+00:00https://members.bugbountyexplained.com/a-ridiculous-way-to-bypass-aws-waf/2022-04-22T12:40:14+00:00https://members.bugbountyexplained.com/a-few-ssh-commands-that-youll-certainly-use/2022-04-22T12:40:31+00:00https://members.bugbountyexplained.com/reverse-engineering-a-cve/2022-04-22T12:50:13+00:00https://members.bugbountyexplained.com/proxying-flutter-apps-through-burp/2022-04-22T12:41:20+00:00https://members.bugbountyexplained.com/8-non-obvious-burp-intruder-tricks/2022-04-22T12:41:52+00:00https://members.bugbountyexplained.com/get-cves-by-hacking-wordpress-plugins/2022-04-22T12:42:36+00:00https://members.bugbountyexplained.com/creating-wordlists/2022-04-22T12:42:45+00:00https://members.bugbountyexplained.com/overlooked-vulnerability-classes/2022-04-22T12:42:53+00:00https://members.bugbountyexplained.com/approaching-graphql-with-turned-off-introspection/2022-04-22T12:43:09+00:00https://members.bugbountyexplained.com/hack-your-resume/2022-04-22T12:43:23+00:00https://members.bugbountyexplained.com/fuzzing-websockets-messages/2022-04-22T12:43:37+00:00https://members.bugbountyexplained.com/meditation/2022-04-22T12:43:45+00:00https://members.bugbountyexplained.com/how-to-access-company-com-email-address/2022-04-22T12:47:39+00:00https://members.bugbountyexplained.com/client-side-path-traversal/2022-04-22T12:48:23+00:00https://members.bugbountyexplained.com/5-year-bug-bounty-journey/2022-04-22T12:48:33+00:00https://members.bugbountyexplained.com/client-side-secret-scanner/2022-04-22T12:48:55+00:00https://members.bugbountyexplained.com/using-codeql-to-hunt-for-dom-xss-idea-for-a-series/2022-04-22T12:49:35+00:00https://members.bugbountyexplained.com/gcp-and-aws-commands-cheat-sheet/2022-04-22T12:49:13+00:00https://members.bugbountyexplained.com/a-topic-that-we-must-discuss-more/2022-04-22T12:49:45+00:00https://members.bugbountyexplained.com/how-i-found-thousands-of-criticals-and-all-i-got-was-100/2022-04-28T09:10:50+00:00https://members.bugbountyexplained.com/api-security-cheat-sheet/2022-04-28T09:10:50+00:00https://members.bugbountyexplained.com/exploiting-e-mail-systems/2022-04-28T09:10:50+00:00https://members.bugbountyexplained.com/escalating-blind-ssrfs/2022-04-28T09:10:49+00:00https://members.bugbountyexplained.com/strategy-for-a-year-of-bug-bounties/2022-04-28T09:10:49+00:00https://members.bugbountyexplained.com/saml-security/2022-04-28T09:10:49+00:00https://members.bugbountyexplained.com/processing-urls-in-terminal/2022-04-28T09:10:49+00:00https://members.bugbountyexplained.com/i-have-no-time-or-do-i/2022-04-28T09:10:49+00:00https://members.bugbountyexplained.com/parsing-html-responses-with-python/2022-04-28T10:50:19+00:00https://members.bugbountyexplained.com/new-xss-vectors/2022-04-27T20:09:37+00:00https://members.bugbountyexplained.com/how-to-start-reviewing-code/2022-04-27T20:10:23+00:00https://members.bugbountyexplained.com/how-to-get-better-at-hacking/2022-04-27T20:10:40+00:00https://members.bugbountyexplained.com/web3-learning-corner-4/2022-04-27T20:10:53+00:00https://members.bugbountyexplained.com/finally-a-useful-db-with-cves/2022-04-27T20:11:10+00:00https://members.bugbountyexplained.com/finding-companies-aws-attack-surface/2022-04-27T20:11:24+00:00https://members.bugbountyexplained.com/how-to-do-code-review-and-where-to-find-the-code/2022-05-04T06:58:48+00:00https://members.bugbountyexplained.com/all-you-need-to-know-about-reverse-proxies/2022-05-04T06:58:50+00:00https://members.bugbountyexplained.com/cross-site-websocket-hijacking/2022-07-16T10:00:50+00:00https://members.bugbountyexplained.com/10-tips-for-beginner-bug-bounty-hunters/2022-05-04T06:58:52+00:00https://members.bugbountyexplained.com/finding-bugs-in-regexes-even-if-you-dont-know-them-well/2022-05-04T06:58:52+00:00https://members.bugbountyexplained.com/mistakes-pentesters-do-in-bug-bounty/2022-05-04T06:58:53+00:00https://members.bugbountyexplained.com/codeql-and-bugs-in-nsas-application/2022-05-04T06:58:54+00:00https://members.bugbountyexplained.com/hotspots/2022-05-04T06:58:55+00:00https://members.bugbountyexplained.com/exploiting-differences-in-parsers/2022-05-04T07:03:25+00:00https://members.bugbountyexplained.com/http-2-request-smuggling/2022-05-04T07:03:27+00:00https://members.bugbountyexplained.com/how-to-get-started-in-bug-bounty-feat-stok-and-nahamsec/2022-05-04T07:03:27+00:00https://members.bugbountyexplained.com/how-to-hack-apis-in-2021/2022-05-04T07:03:28+00:00https://members.bugbountyexplained.com/a-tool-to-find-blind-xss/2022-05-04T07:03:29+00:00https://members.bugbountyexplained.com/exploiting-cors-in-local-applications/2022-05-04T07:03:30+00:00https://members.bugbountyexplained.com/a-tool-for-grepping-the-internet/2022-05-04T07:03:31+00:00https://members.bugbountyexplained.com/how-i-always-remember-about-things-to-do/2022-05-04T07:03:31+00:00https://members.bugbountyexplained.com/unicode-normalization-vulnerabilities/2022-05-04T07:11:14+00:00https://members.bugbountyexplained.com/how-zseano-approaches-a-new-target/2022-05-04T07:11:16+00:00https://members.bugbountyexplained.com/is-bug-bounty-good-as-a-full-time-job/2022-05-04T07:11:17+00:00https://members.bugbountyexplained.com/aws-security-labs/2022-05-04T07:11:18+00:00https://members.bugbountyexplained.com/thoughts-about-a-triage/2022-05-04T07:11:19+00:00https://members.bugbountyexplained.com/salesforce-lightning-components-security/2022-05-04T07:11:20+00:00https://members.bugbountyexplained.com/do-you-allow-yourself-to-rest/2022-05-04T07:11:21+00:00https://members.bugbountyexplained.com/20000-rce-in-gitlab-via-0day-in-exiftool/2022-05-04T07:12:06+00:00https://members.bugbountyexplained.com/dns-takeover-vulnerability/2022-05-04T07:12:08+00:00https://members.bugbountyexplained.com/browsing-files-from-your-vps-using-visual-studio-code/2022-05-04T07:12:09+00:00https://members.bugbountyexplained.com/should-you-stop-using-alert-in-xss/2022-05-04T07:12:10+00:00https://members.bugbountyexplained.com/collaborating-in-bounties/2022-05-04T07:12:10+00:00https://members.bugbountyexplained.com/the-book-of-secret-knowledge/2022-05-04T07:12:11+00:00https://members.bugbountyexplained.com/examples-of-dangerous-code-in-java-net-php-and-ruby/2022-05-04T07:12:12+00:00https://members.bugbountyexplained.com/how-to-identify-an-unknown-secret/2022-05-04T07:12:14+00:00https://members.bugbountyexplained.com/why-you-should-fail-more/2022-05-04T07:12:15+00:00https://members.bugbountyexplained.com/from-0-to-top7-hackerone-in-2-years/2022-05-04T07:12:47+00:00https://members.bugbountyexplained.com/how-xss-experts-bypass-csp/2022-05-04T07:12:49+00:00https://members.bugbountyexplained.com/finding-dom-xss-with-untrusted-types/2022-05-04T07:12:50+00:00https://members.bugbountyexplained.com/50-ssrfs-found-in-coldfusion/2022-05-04T07:12:51+00:00https://members.bugbountyexplained.com/many-struggled-for-hours-he-did-it-in-57-minutes/2022-05-04T07:12:51+00:00https://members.bugbountyexplained.com/testing-ios-apps-without-physical-device/2022-05-04T07:12:52+00:00https://members.bugbountyexplained.com/how-to-not-plan-the-day/2022-05-04T07:12:53+00:00https://members.bugbountyexplained.com/generating-a-web-application/2022-05-04T07:12:54+00:00https://members.bugbountyexplained.com/free-dns-tool/2022-05-04T07:14:23+00:00https://members.bugbountyexplained.com/over-200-public-pentest-reports/2022-05-04T07:14:25+00:00https://members.bugbountyexplained.com/everything-about-2fa/2022-05-04T07:14:26+00:00https://members.bugbountyexplained.com/piece-of-glass-plastic-and-metal-that-distracts-you/2022-05-04T07:14:27+00:00https://members.bugbountyexplained.com/10-burp-repeater-tricks/2022-05-04T07:17:22+00:00https://members.bugbountyexplained.com/exploiting-x-forwarded-for-xss-by-poisoning-the-cache/2022-05-04T07:17:24+00:00https://members.bugbountyexplained.com/how-to-use-burp-macros/2022-05-04T07:17:25+00:00https://members.bugbountyexplained.com/hacking-and-exercising/2022-05-04T07:17:26+00:00https://members.bugbountyexplained.com/idor-cheat-sheet/2022-05-04T07:34:39+00:00https://members.bugbountyexplained.com/single-most-time-saving-terminal-trick/2022-05-04T07:34:41+00:00https://members.bugbountyexplained.com/how-to-write-a-burp-extension/2022-05-04T07:34:42+00:00https://members.bugbountyexplained.com/ios-hacking-videos/2022-05-04T07:34:43+00:00https://members.bugbountyexplained.com/maybe-our-times-are-not-that-bad-after-all%f0%9f%a4%94/2022-05-04T07:34:44+00:00https://members.bugbountyexplained.com/single-tasking-vs-multi-tasking/2022-05-04T07:40:35+00:00https://members.bugbountyexplained.com/gitlab-rce-via-metadata/2022-05-04T07:40:37+00:00https://members.bugbountyexplained.com/oauth-security-guide/2022-05-04T07:40:38+00:00https://members.bugbountyexplained.com/the-best-place-with-open-source-exploits/2022-05-04T07:40:40+00:00https://members.bugbountyexplained.com/635387-47-made-in-1590-days-from-336-bugs/2022-05-04T07:43:20+00:00https://members.bugbountyexplained.com/live-recon-with-tomnomnom/2022-05-04T07:43:22+00:00https://members.bugbountyexplained.com/gravcms-arbitrary-yaml-write-leads-to-code-execution-cve-2021-21425/2022-05-04T07:43:23+00:00https://members.bugbountyexplained.com/productivity-tip-energy-waves/2022-05-04T07:43:24+00:00https://members.bugbountyexplained.com/something-to-relax-lego/2022-05-04T07:43:25+00:00https://members.bugbountyexplained.com/shopify-token-leakage-in-electron-application/2022-05-07T05:24:33+00:00https://members.bugbountyexplained.com/homebrew-rce/2022-05-07T05:24:33+00:00https://members.bugbountyexplained.com/gcp-ssrf-labs/2022-05-07T05:24:44+00:00https://members.bugbountyexplained.com/using-headless-browser-with-python-2/2022-05-10T06:34:43+00:00https://members.bugbountyexplained.com/6-tricks-that-i-used-to-solve-all-web-tasks-from-nahamcon-ctf/2022-05-10T06:34:45+00:00https://members.bugbountyexplained.com/inconsistencies-in-major-url-standard-specs/2022-05-10T06:34:45+00:00https://members.bugbountyexplained.com/code-review-hotspots-with-semgrep/2022-05-10T06:34:46+00:00https://members.bugbountyexplained.com/how-to-pick-a-bug-bounty-program/2022-05-10T06:34:47+00:00https://members.bugbountyexplained.com/copyright-based-recon/2022-05-10T06:34:48+00:00https://members.bugbountyexplained.com/smart-contract-security-checklist/2022-05-10T06:34:49+00:00https://members.bugbountyexplained.com/finding-bugs-that-others-miss/2022-05-24T09:13:28+00:00https://members.bugbountyexplained.com/pentest-mindset-vs-bug-bounty-mindset-my-thoughts-so-far/2022-05-24T09:13:30+00:00https://members.bugbountyexplained.com/deserialisation-explained/2022-05-24T09:13:31+00:00https://members.bugbountyexplained.com/trailing-dot-domain-bypasses/2022-05-24T09:13:33+00:00https://members.bugbountyexplained.com/finding-swagger-ui-xss-at-scale/2022-05-24T09:13:34+00:00https://members.bugbountyexplained.com/javas-fantastic-url-class/2022-05-24T09:13:35+00:00https://members.bugbountyexplained.com/a-tool-to-find-bugs-in-wordpress-plugins/2022-05-24T09:13:36+00:00https://members.bugbountyexplained.com/how-to-actually-find-a-dns-rebinding-ssrf/2022-06-08T05:30:09+00:00https://members.bugbountyexplained.com/exploiting-xss-without-content-type-header/2022-06-08T05:30:10+00:00https://members.bugbountyexplained.com/csrfs-and-preflight-requests/2022-06-08T05:30:11+00:00https://members.bugbountyexplained.com/nahamsec-talks-are-on-youtube/2022-06-08T05:30:12+00:00https://members.bugbountyexplained.com/how-do-i-deal-with-the-impostor-syndrome/2022-06-08T05:30:13+00:00https://members.bugbountyexplained.com/confluence-blind-ognl-injection/2022-06-08T05:30:14+00:00https://members.bugbountyexplained.com/web3-learning-corner-5-more-ctfs-and-some-real-smart-contracts/2022-06-08T05:30:15+00:00https://members.bugbountyexplained.com/using-turbo-intruder-in-listen-and-attack-mode/2022-06-08T05:30:16+00:00https://members.bugbountyexplained.com/advanced-search-in-vs-code/2022-06-21T17:53:20+00:00https://members.bugbountyexplained.com/bypassing-csp-with-dangling-markup-or-wordpress/2022-06-21T17:53:22+00:00https://members.bugbountyexplained.com/learning-graphql-1-basics/2022-08-09T11:06:04+00:00https://members.bugbountyexplained.com/bugcrowd-researcher-templates/2022-06-21T17:53:24+00:00https://members.bugbountyexplained.com/web3-learning-corner-6-a-120000-clickjacking/2022-06-21T17:53:27+00:00https://members.bugbountyexplained.com/google-cloud-platform-gcp-prize-2021/2022-06-21T17:53:27+00:00https://members.bugbountyexplained.com/burpsuite-project-file-parser/2022-06-21T17:53:29+00:00https://members.bugbountyexplained.com/bypassing-client-side-xss-filters/2022-07-07T14:28:18+00:00https://members.bugbountyexplained.com/escalating-admin-access-to-rces-in-common-software/2022-07-07T14:28:20+00:00https://members.bugbountyexplained.com/web3-learning-corner-7-the-hourly-rate-of-a-top-smart-contract-auditor/2022-07-07T14:28:21+00:00https://members.bugbountyexplained.com/svg-cheatsheet/2022-07-07T14:28:22+00:00https://members.bugbountyexplained.com/salesforce-soql-injection-resources/2022-07-07T14:28:23+00:00https://members.bugbountyexplained.com/gitlab-security-amas/2022-07-07T14:28:24+00:00https://members.bugbountyexplained.com/reversing-patches-and-creating-exploits/2022-07-19T09:04:30+00:00https://members.bugbountyexplained.com/is-hacking-legal/2022-07-19T09:04:33+00:00https://members.bugbountyexplained.com/modern-oauth-account-takeovers/2022-07-19T09:04:34+00:00https://members.bugbountyexplained.com/finding-rces-jvm-based-languages/2022-07-19T09:04:35+00:00https://members.bugbountyexplained.com/secrets-of-automation-kings-in-bug-bounty/2022-07-19T09:04:36+00:00https://members.bugbountyexplained.com/xnlinkfinder/2022-07-19T09:04:38+00:00https://members.bugbountyexplained.com/mark-dowd-how-do-you-actually-find-bugs/2022-08-01T12:31:23+00:00https://members.bugbountyexplained.com/2022-style-oauth-account-takeover-on-facebook-45000-bug-bounty/2022-08-01T12:31:26+00:00https://members.bugbountyexplained.com/learning-graphql-2-mutations/2022-11-19T04:10:08+00:00https://members.bugbountyexplained.com/dom-clobbering/2022-08-01T12:31:32+00:00https://members.bugbountyexplained.com/second-order-subdomain-takeovers-and-unusual-dos/2022-08-01T12:31:35+00:00https://members.bugbountyexplained.com/bug-bounty-isnt-a-get-rich-quick-scheme/2022-08-01T12:31:38+00:00https://members.bugbountyexplained.com/browser-security-resources/2022-08-01T12:31:40+00:00https://members.bugbountyexplained.com/cloud-learning-resource/2022-08-01T12:31:42+00:00https://members.bugbountyexplained.com/mass-assignment-vulnerabilities/2022-08-09T11:03:54+00:00https://members.bugbountyexplained.com/burps-comparer-inside-repeater/2022-08-09T11:03:57+00:00https://members.bugbountyexplained.com/learning-graphql-3-subscriptions/2023-06-12T15:08:35+00:00https://members.bugbountyexplained.com/why-are-there-so-many-http-request-smuggling-false-positives/2022-08-09T11:04:02+00:00https://members.bugbountyexplained.com/an-undervalued-burp-extension-with-enormous-possibilities/2022-08-09T11:04:04+00:00https://members.bugbountyexplained.com/scraping-the-bottom-of-the-cors-barrel-part-1/2022-08-09T11:04:06+00:00https://members.bugbountyexplained.com/real-world-cache-poisoning-examples/2022-08-09T11:04:08+00:00https://members.bugbountyexplained.com/twitch-internal-security-tools/2022-08-09T11:04:10+00:00https://members.bugbountyexplained.com/10000-reddit-oauth-account-takeover-explained/2022-08-30T19:58:38+00:00https://members.bugbountyexplained.com/hacking-apis/2022-08-30T19:37:58+00:00https://members.bugbountyexplained.com/learning-graphql-4-rest-api-as-a-data-source-and-path-traversals-in-docs/2022-08-31T17:11:00+00:00https://members.bugbountyexplained.com/live-hacking-events-what-do-top-hunters-focus-on/2022-08-30T19:38:02+00:00https://members.bugbountyexplained.com/a-niche-with-good-bugs-to-be-discovered/2022-08-30T19:38:05+00:00https://members.bugbountyexplained.com/funny-origin-of-an-auth-bypass-in-iis/2022-08-30T19:38:08+00:00https://members.bugbountyexplained.com/preparing-a-technical-presentations/2022-08-30T19:38:10+00:00https://members.bugbountyexplained.com/a-tool-to-get-a-usa-phone-number/2022-08-30T19:38:13+00:00https://members.bugbountyexplained.com/pause-based-desync-attacks-explained/2022-09-13T04:38:06+00:00https://members.bugbountyexplained.com/100k-in-bounties-and-gitlab-top4-in-16-months/2022-09-13T04:38:09+00:00https://members.bugbountyexplained.com/bypassing-server-side-xss-sanitizers/2022-09-13T04:38:12+00:00https://members.bugbountyexplained.com/escalating-an-unauthenticated-cookie-based-xss/2022-09-13T04:38:14+00:00https://members.bugbountyexplained.com/bypassing-aws-sns-webhook-verification/2022-09-13T04:38:16+00:00https://members.bugbountyexplained.com/modsecurity-waf-bypasses/2022-09-13T04:38:18+00:00https://members.bugbountyexplained.com/a-single-codesearch-worth-thousands-of-bugs/2022-09-28T04:12:25+00:00https://members.bugbountyexplained.com/the-mindset-to-improve-in-bug-bounty/2022-09-28T04:12:29+00:00https://members.bugbountyexplained.com/learning-graphql-4-batching-attacks/2022-09-28T04:19:04+00:00https://members.bugbountyexplained.com/default-credentials-cheat-sheet-with-3445-products/2022-09-28T04:12:34+00:00https://members.bugbountyexplained.com/codeql-learning-path/2022-09-28T04:19:40+00:00https://members.bugbountyexplained.com/bitbucket-pre-auth-rce/2022-09-28T04:12:40+00:00https://members.bugbountyexplained.com/prototype-related-bugs/2022-09-28T04:12:42+00:00https://members.bugbountyexplained.com/setup-for-testing-authorization-bugs/2022-10-10T15:18:00+00:00https://members.bugbountyexplained.com/the-hardest-ctf-task-ive-ever-done/2022-10-10T15:18:06+00:00https://members.bugbountyexplained.com/rfc-induced-ssrf/2022-10-10T15:18:09+00:00https://members.bugbountyexplained.com/hiding-parameters-from-modsecurity-waf/2022-10-10T15:18:12+00:00https://members.bugbountyexplained.com/submitting-high-quality-bug-bounty-reports-tips-from-behind-the-curtain/2022-10-10T15:18:14+00:00https://members.bugbountyexplained.com/a-tool-for-nginx-bugs-and-misconfigs/2022-10-10T15:18:17+00:00https://members.bugbountyexplained.com/preparing-a-resume/2022-10-10T15:18:19+00:00https://members.bugbountyexplained.com/hacking-google/2022-10-10T15:18:21+00:00https://members.bugbountyexplained.com/ssrf-case-study-of-124-bug-bounty-reports/2025-03-06T21:59:09+00:00https://members.bugbountyexplained.com/how-to-avoid-being-overwhelmed-when-reviewing-the-code/2022-11-08T14:25:10+00:00https://members.bugbountyexplained.com/excellent-bug-bounty-tips-from-rhynorater/2022-11-08T14:25:15+00:00https://members.bugbountyexplained.com/3-cool-bugs-from-0xlupins-hcktivitycon-talk/2022-11-08T14:25:19+00:00https://members.bugbountyexplained.com/recon-tools-for-wildcard-scope-vs-open-scope/2022-11-08T14:25:22+00:00https://members.bugbountyexplained.com/you-dont-need-a-vps-to-expose-your-server-to-the-internet/2022-11-08T14:25:25+00:00https://members.bugbountyexplained.com/def-con-30-presentations/2022-11-08T14:25:27+00:00https://members.bugbountyexplained.com/connection-contamination/2022-11-08T14:25:30+00:00https://members.bugbountyexplained.com/tips-for-working-with-obfuscated-javascript-js-map-files/2022-11-23T12:36:35+00:00https://members.bugbountyexplained.com/how-much-money-i-made-in-my-first-year-of-bug-bounty/2022-11-23T12:39:21+00:00https://members.bugbountyexplained.com/how-to-make-notes-about-a-target-my-notion-template/2022-11-23T12:36:40+00:00https://members.bugbountyexplained.com/a-surprising-characteristic-of-a-connection-header-and-scaling-0days/2022-11-23T12:36:42+00:00https://members.bugbountyexplained.com/justcatthefish-ctf-writeups/2022-11-23T12:36:45+00:00https://members.bugbountyexplained.com/xss-case-study-of-174-reports/2025-03-06T21:57:14+00:00https://members.bugbountyexplained.com/exploiting-open-graph-and-oembed-protocols/2022-12-20T14:41:19+00:00https://members.bugbountyexplained.com/abusing-http-hop-by-hop-request-headers/2022-12-20T14:41:22+00:00https://members.bugbountyexplained.com/when-frameworks-say-one-thing-but-they-mean-another/2022-12-20T14:41:24+00:00https://members.bugbountyexplained.com/finding-waf-bypass-step-by-step/2022-12-20T14:41:26+00:00https://members.bugbountyexplained.com/the-basics-of-csp-bypasses/2022-12-20T14:41:29+00:00https://members.bugbountyexplained.com/intis-research-on-phone-numbers-rfc3966/2022-12-20T14:41:31+00:00https://members.bugbountyexplained.com/hacking-popular-car-manufacturers/2022-12-20T14:41:33+00:00https://members.bugbountyexplained.com/web3-security-library/2022-12-20T14:41:35+00:00https://members.bugbountyexplained.com/4-scenarios-where-csrfs-you-can-still-find-csrfs-in-2023/2023-01-16T20:56:30+00:00https://members.bugbountyexplained.com/1-mln-bounty-in-aurora-blockchain-for-no-input-sanitisation-bug/2023-01-16T20:56:34+00:00https://members.bugbountyexplained.com/dos-and-donts-i-would-tell-my-younger-self-before-starting-bug-bounty/2023-01-16T20:56:37+00:00https://members.bugbountyexplained.com/why-copypaste-xsses-work-and-interesting-regex-bypass/2023-01-16T20:56:41+00:00https://members.bugbountyexplained.com/finding-bugs-by-reading-rfcs/2023-01-16T21:00:07+00:00https://members.bugbountyexplained.com/what-advice-would-top-hackers-give-to-beginners/2023-01-16T20:56:48+00:00https://members.bugbountyexplained.com/4-part-series-about-hacking-github-actions-workflows/2023-01-16T20:56:50+00:00https://members.bugbountyexplained.com/google-osv-scanner/2023-01-16T20:56:53+00:00https://members.bugbountyexplained.com/sqli-case-study/2025-03-06T21:56:21+00:00https://members.bugbountyexplained.com/i-compared-the-most-popular-recon-tools-here-are-the-results-part-1-passive-enumeration/2023-02-14T12:29:46+00:00https://members.bugbountyexplained.com/top-10-web-hacking-techniques-of-2022/2023-02-14T12:29:49+00:00https://members.bugbountyexplained.com/fuzzing-the-web-for-mysterious-bugs-by-0xacb/2023-02-14T12:29:52+00:00https://members.bugbountyexplained.com/how-to-be-an-ethical-hacker-2023-edition/2023-02-14T12:29:55+00:00https://members.bugbountyexplained.com/web-hacking-takeaways-from-dicectf/2023-02-14T12:29:58+00:00https://members.bugbountyexplained.com/simple-and-easy-javascript-analysis/2023-02-14T12:30:01+00:00https://members.bugbountyexplained.com/rce-in-aspera-and-approaching-rails-source-code-review/2023-02-14T12:30:09+00:00https://members.bugbountyexplained.com/from-finding-the-target-the-bug-through-getting-the-cve-up-to-my-first-codeql-bounty/2023-02-27T14:58:15+00:00https://members.bugbountyexplained.com/preventing-xxes-in-java-is-hard-analysis-of-10-classes/2023-02-27T14:58:19+00:00https://members.bugbountyexplained.com/learning-a-new-challenging-concept/2023-02-27T14:58:21+00:00https://members.bugbountyexplained.com/triage-from-the-other-side-improve-your-reporting/2023-02-27T14:58:24+00:00https://members.bugbountyexplained.com/safely-detect-server-side-prototype-pollution/2023-02-27T14:58:26+00:00https://members.bugbountyexplained.com/ssrfs-caused-by-sni-proxy-misconfigurations/2023-02-27T14:58:28+00:00https://members.bugbountyexplained.com/how-to-make-money-with-idors-idor-case-study/2025-03-06T21:55:32+00:00https://members.bugbountyexplained.com/the-ultimate-cvss-guide-for-bug-bounty/2023-03-28T13:18:32+00:00https://members.bugbountyexplained.com/turning-arbitrary-file-write-into-an-rce/2023-03-28T13:18:35+00:00https://members.bugbountyexplained.com/nuclei-foundation-series/2023-03-28T13:18:37+00:00https://members.bugbountyexplained.com/github-security-labs-10-bugs-in-datahub-with-vulnerable-code-snippets/2023-03-28T13:18:40+00:00https://members.bugbountyexplained.com/two-sides-of-cautiousness-when-looking-for-cache-poisoning/2023-03-28T13:18:43+00:00https://members.bugbountyexplained.com/booking-com-oauth-account-takeover-writeup/2023-03-28T13:18:46+00:00https://members.bugbountyexplained.com/digitalocean-droplet-proxy-burp-suite-extension/2023-03-28T13:18:49+00:00https://members.bugbountyexplained.com/secure-code-game/2023-04-14T10:13:01+00:00https://members.bugbountyexplained.com/repository-with-visual-explanations-of-hundereds-of-formats/2023-04-14T10:13:06+00:00https://members.bugbountyexplained.com/nahamsec-videos-and-nahamcon2023/2023-04-14T10:13:09+00:00https://members.bugbountyexplained.com/critical-thinking-podcast-and-going-full-time-bug-bounty/2023-04-14T10:13:12+00:00https://members.bugbountyexplained.com/how-to-write-a-new-codeql-query-and-maximise-payout-rce-via-zipslip-query/2023-04-14T10:13:15+00:00https://members.bugbountyexplained.com/is-gpt-good-enough-already-to-find-bugs-for-you/2023-04-14T10:13:18+00:00https://members.bugbountyexplained.com/top-tier-bug-bounty-hunter-mindset/2023-04-14T10:13:20+00:00https://members.bugbountyexplained.com/how-to-maximise-payouts-for-file-disclosure-bugs-file-disclosure-case-study/2025-03-06T21:54:30+00:00https://members.bugbountyexplained.com/good-web-security-course-for-beginners/2023-05-12T07:59:43+00:00https://members.bugbountyexplained.com/xss-attacks-via-content-sniffing/2023-05-12T07:59:45+00:00https://members.bugbountyexplained.com/ultimate-401-and-403-bypass-methods/2023-05-12T07:59:48+00:00https://members.bugbountyexplained.com/reconaizer-optimize-your-recon-with-gpt/2023-05-12T07:59:51+00:00https://members.bugbountyexplained.com/hackers-are-shifting-left-too-spaceraccoonsec/2023-05-12T07:59:54+00:00https://members.bugbountyexplained.com/where-to-start-ai-hacking/2023-05-12T08:08:53+00:00https://members.bugbountyexplained.com/how-to-win-arguments-in-bug-bounty-reports/2023-05-12T08:00:00+00:00https://members.bugbountyexplained.com/crazy-client-side-bug-chain-by-jub0bs/2023-05-24T14:38:05+00:00https://members.bugbountyexplained.com/boost-your-productivity-with-text-replacements/2023-05-24T14:38:10+00:00https://members.bugbountyexplained.com/state-of-dns-rebinding-in-2023/2023-05-24T14:38:13+00:00https://members.bugbountyexplained.com/the-ai-attack-surface-map/2023-05-24T14:38:16+00:00https://members.bugbountyexplained.com/bug-bounty-on-steroids-by-hussein98d/2023-05-24T14:38:22+00:00https://members.bugbountyexplained.com/burp-extension-to-visualise-flows/2023-05-24T14:38:27+00:00https://members.bugbountyexplained.com/little-known-technique-to-exploit-self-xss-with-a-serious-impact/2023-05-24T14:38:33+00:00https://members.bugbountyexplained.com/account-takeover-case-study-checklist-that-will-help-you-find-them/2025-03-06T21:53:21+00:00https://members.bugbountyexplained.com/ios-deeplink-attacks/2023-06-20T03:51:03+00:00https://members.bugbountyexplained.com/ai-canaries/2023-06-20T03:51:06+00:00https://members.bugbountyexplained.com/story-of-an-rce-on-apple-through-hot-jar-swapping-by-frans-rosen/2023-06-20T03:51:08+00:00https://members.bugbountyexplained.com/hacking-root-epp-servers-to-take-control-of-zones/2023-06-20T03:51:11+00:00https://members.bugbountyexplained.com/tips-and-tricks-for-burp-suite-pro-by-agarri_fr/2023-12-05T08:04:38+00:00https://members.bugbountyexplained.com/cookie-bugs-smuggling-injection/2023-06-20T03:51:16+00:00https://members.bugbountyexplained.com/source-code-review-catching-low-hanging-fruit/2023-06-20T03:51:19+00:00https://members.bugbountyexplained.com/portswigger-graphql-labs/2023-07-10T13:26:06+00:00https://members.bugbountyexplained.com/hacking-salesforce-backed-webapps/2023-07-10T13:26:11+00:00https://members.bugbountyexplained.com/abusing-client-side-desync-on-werkzeug/2023-07-10T13:26:13+00:00https://members.bugbountyexplained.com/llm-owasp-top-10/2023-07-10T13:26:16+00:00https://members.bugbountyexplained.com/hacking-proprietary-icalendar-properties-by-eugene-lim/2023-07-10T13:26:19+00:00https://members.bugbountyexplained.com/how-to-choose-a-security-research-topic/2023-07-10T13:26:22+00:00https://members.bugbountyexplained.com/devtools-1-elements-console-and-network-tabs/2023-08-15T14:24:15+00:00https://members.bugbountyexplained.com/hunting-for-nginx-alias-traversals-in-the-wild/2023-07-20T07:23:26+00:00https://members.bugbountyexplained.com/encrypted-doesnt-mean-authenticated-sharefile-rce/2023-07-20T07:23:39+00:00https://members.bugbountyexplained.com/sql-injection-despite-using-prepared-statements/2023-07-20T07:23:48+00:00https://members.bugbountyexplained.com/an-interesting-behaviour-of-nonce-based-csps/2023-07-20T07:23:58+00:00https://members.bugbountyexplained.com/devtools-2-types-of-breakpoints-and-11-ways-to-set-them/2023-08-15T14:24:05+00:00https://members.bugbountyexplained.com/applying-a-growth-mindset-in-bug-bounty/2023-07-20T07:24:24+00:00https://members.bugbountyexplained.com/practical-cache-key-injection/2023-07-20T07:24:40+00:00https://members.bugbountyexplained.com/devtools-3-debugging-client-side-javascript/2024-08-19T18:28:50+00:00https://members.bugbountyexplained.com/exploiting-http-parsers-inconsistencies/2023-08-15T14:08:29+00:00https://members.bugbountyexplained.com/whose-input-is-it-anyways-by-rael-sasiak-rushby/2023-08-15T14:08:33+00:00https://members.bugbountyexplained.com/jsluice-extract-urls-paths-secrets-and-more-from-js-files/2023-08-15T14:08:36+00:00https://members.bugbountyexplained.com/the-trail-of-bits-testing-handbook/2023-08-15T14:08:39+00:00https://members.bugbountyexplained.com/even-more-ways-to-bypass-url-validation/2023-08-15T14:08:43+00:00https://members.bugbountyexplained.com/public-office-hours-by-louis-nyffenegger/2023-08-15T14:08:46+00:00https://members.bugbountyexplained.com/devtools-4-but-where-to-actually-set-breakpoints/2024-08-19T18:29:05+00:00https://members.bugbountyexplained.com/smashing-the-state-machine-the-true-potential-of-web-race-conditions/2023-08-31T12:21:47+00:00https://members.bugbountyexplained.com/effectively-transform-your-data-to-hundreds-of-formats-with-cyberchef/2023-08-31T12:21:51+00:00https://members.bugbountyexplained.com/unminify-js-with-ai/2023-08-31T12:21:56+00:00https://members.bugbountyexplained.com/xss-with-script-csp-bypass/2023-08-31T12:22:00+00:00https://members.bugbountyexplained.com/almost-19k-for-bugs-in-browser-extensions/2023-08-31T12:22:04+00:00https://members.bugbountyexplained.com/who-should-worry-about-prompt-injections/2023-08-31T12:22:13+00:00https://members.bugbountyexplained.com/how-to-make-money-for-dos-bugs-dos-case-study/2025-03-06T21:51:40+00:00https://members.bugbountyexplained.com/novel-ways-of-http-request-splitting/2023-09-28T07:43:30+00:00https://members.bugbountyexplained.com/client-side-javascript-instrumentation/2023-09-28T07:43:38+00:00https://members.bugbountyexplained.com/sources-to-sinks-or-sinks-to-sources-which-approach-works-better-when/2023-09-28T07:43:41+00:00https://members.bugbountyexplained.com/api-security-testing-using-ai-in-postman/2023-09-28T07:43:45+00:00https://members.bugbountyexplained.com/csrfing-vs-codes-debug-adapter-protocol/2023-09-28T07:43:49+00:00https://members.bugbountyexplained.com/finding-vulnerabilities-with-mrva-codeql/2023-09-28T07:43:53+00:00https://members.bugbountyexplained.com/client-side-vs-server-side-bugs/2023-09-28T07:43:57+00:00https://members.bugbountyexplained.com/the-true-potential-of-web-race-conditions/2023-10-17T15:31:24+00:00https://members.bugbountyexplained.com/xss-exploits-made-easy-and-super-cool/2023-10-17T15:31:28+00:00https://members.bugbountyexplained.com/shortcuts-that-speed-up-my-hacking-every-day/2023-10-17T15:31:38+00:00https://members.bugbountyexplained.com/ejs-vulnerabilities/2023-10-17T15:31:44+00:00https://members.bugbountyexplained.com/graphql-wordlists/2023-10-17T15:31:48+00:00https://members.bugbountyexplained.com/mtls-when-certificate-authentication-done-wrong/2023-10-17T15:31:51+00:00https://members.bugbountyexplained.com/content-type-shenanigans/2023-10-17T15:31:55+00:00https://members.bugbountyexplained.com/rce-where-to-look-for-them-rce-case-study/2025-03-06T21:50:06+00:00https://members.bugbountyexplained.com/severe-http-request-smuggling-bug-chain/2023-11-16T14:37:48+00:00https://members.bugbountyexplained.com/hacking-google-bard-from-prompt-injection-to-data-exfiltration/2023-11-16T14:37:56+00:00https://members.bugbountyexplained.com/bounty-of-an-insecure-webview-xss-but-with-steroids/2023-11-16T14:38:03+00:00https://members.bugbountyexplained.com/hunting-for-amazon-cognito-security-misconfigurations-by-yassineaboukir/2023-11-16T14:38:08+00:00https://members.bugbountyexplained.com/caido-catching-more-traction/2023-11-16T14:38:13+00:00https://members.bugbountyexplained.com/4-dos-and-donts-for-writing-quality-reports/2023-11-16T14:38:18+00:00https://members.bugbountyexplained.com/js-monitoring-implementation/2023-12-06T13:08:23+00:00https://members.bugbountyexplained.com/cttb-the-og-bug-bounty-king-frans-rosen/2023-12-06T13:08:26+00:00https://members.bugbountyexplained.com/fuzzing-xss-sanitizers-for-fun-and-profit-tomanthonyseo/2023-12-06T13:08:31+00:00https://members.bugbountyexplained.com/new-free-ssrf-testing-tool/2023-12-06T13:08:36+00:00https://members.bugbountyexplained.com/50-shades-of-vulnerabilities-uncovering-flaws-in-open-source-vulnerability-disclosures/2023-12-06T13:08:39+00:00https://members.bugbountyexplained.com/web-appsec-interview-questions/2023-12-06T13:08:42+00:00https://members.bugbountyexplained.com/execution-of-arbitrary-javascript-in-android-application/2023-12-06T13:08:45+00:00https://members.bugbountyexplained.com/how-to-find-csrfs-despite-samesite-cookies-csrf-case-study/2025-03-06T21:48:23+00:00https://members.bugbountyexplained.com/3-nginx-tricks-for-auth-bypass/2024-01-10T16:28:18+00:00https://members.bugbountyexplained.com/xss-with-hoisting/2024-01-10T16:28:23+00:00https://members.bugbountyexplained.com/gunnar-andrews-how-i-built-recon-to-scale-with-serverless-architecture/2024-01-10T16:28:33+00:00https://members.bugbountyexplained.com/the-find-command-by-tomnomnom/2024-01-10T16:28:36+00:00https://members.bugbountyexplained.com/blind-xss-in-apples-website-leads-to-a-harry-potter-quote/2024-01-10T16:28:41+00:00https://members.bugbountyexplained.com/nists-document-about-ai-security/2024-01-10T16:28:44+00:00https://members.bugbountyexplained.com/how-to-use-burps-bambda-mode-examples/2024-01-25T11:23:04+00:00https://members.bugbountyexplained.com/reversing-and-tooling-a-signed-request-hash-in-obfuscated-javascript/2024-01-25T11:23:10+00:00https://members.bugbountyexplained.com/migrating-my-js-monitoring-script-to-aws/2024-01-25T11:23:16+00:00https://members.bugbountyexplained.com/such-a-cool-self-xss-%e2%86%92-ato-on-yelp/2024-01-25T11:23:21+00:00https://members.bugbountyexplained.com/top-10-web-hacking-techniques-of-2023-the-voting-is-on/2024-01-25T11:23:25+00:00https://members.bugbountyexplained.com/an-overview-of-snakeyaml-deserialization-vulnerabilities/2024-01-25T11:23:29+00:00https://members.bugbountyexplained.com/37c3-breaking-drm-in-polish-trains/2024-01-25T11:23:33+00:00https://members.bugbountyexplained.com/websecurity-academy-web-llm-attacks/2024-01-25T11:27:24+00:00https://members.bugbountyexplained.com/useful-tricks-to-debug-an-app-inside-docker/2024-02-13T15:56:04+00:00https://members.bugbountyexplained.com/chatgpt-account-takeover-wildcard-web-cache-deception/2024-02-09T13:54:44+00:00https://members.bugbountyexplained.com/forging-signed-commits-on-github/2024-02-09T13:54:47+00:00https://members.bugbountyexplained.com/popping-wordpress-plugins-methodology-brain-dump/2024-02-09T13:54:52+00:00https://members.bugbountyexplained.com/cvemap-from-projectdiscovery/2024-02-09T13:54:57+00:00https://members.bugbountyexplained.com/a-recipe-for-scaling-security-from-google/2024-02-09T13:55:00+00:00https://members.bugbountyexplained.com/mobile-hacking-resources-and-interview-with-joel-margolis/2024-02-09T13:55:05+00:00https://members.bugbountyexplained.com/breaking-http-parsers-using-http-garden/2024-02-23T15:26:06+00:00https://members.bugbountyexplained.com/top-10-web-hacking-techniques-of-2023/2024-02-23T15:26:14+00:00https://members.bugbountyexplained.com/exploiting-hardened-net-deserialization-by-piotr-bazydlo/2024-02-23T15:26:22+00:00https://members.bugbountyexplained.com/3-unauth-rces-in-lucee-and-20k-bounty-from-apple/2024-02-23T15:26:30+00:00https://members.bugbountyexplained.com/csp-bypasses-on-portswigger-and-twitter/2024-02-23T15:26:36+00:00https://members.bugbountyexplained.com/json-crack-visual-json-editor/2024-02-23T15:26:45+00:00https://members.bugbountyexplained.com/json-crack-visual-json-editor-2/2024-02-23T15:32:30+00:00https://members.bugbountyexplained.com/back-to-the-clipboard-with-microsoft-whiteboard-and-excalidraw-in-meta-cve-2023-26140/2024-02-23T15:32:34+00:00https://members.bugbountyexplained.com/request-smuggling-case-study-what-more-to-do-other-than-running-existing-tools/2025-03-06T21:47:09+00:00https://members.bugbountyexplained.com/alb-auth-bypass-by-using-untrusted-jwt-token/2024-04-02T12:38:26+00:00https://members.bugbountyexplained.com/how-not-to-train-your-hack-bot-dos-and-donts-of-building-offensive-gpts/2024-04-02T12:38:28+00:00https://members.bugbountyexplained.com/using-form-hijacking-to-bypass-csp/2024-04-02T12:42:28+00:00https://members.bugbountyexplained.com/they-hacked-google-a-i-for-50000/2024-04-02T12:38:34+00:00https://members.bugbountyexplained.com/you-can-not-simply-publicly-access-private-secure-links-can-you/2024-04-02T12:38:37+00:00https://members.bugbountyexplained.com/oauth-redirect-uri-research-paper/2024-04-02T12:38:38+00:00https://members.bugbountyexplained.com/go-go-xss-gadgets-chaining-a-dom-clobbering-exploit-in-the-wild/2024-04-02T12:38:43+00:00https://members.bugbountyexplained.com/oauth-1-how-does-it-even-work/2024-06-26T14:18:38+00:00https://members.bugbountyexplained.com/attacking-internal-hosts-for-bug-bounty/2024-04-24T11:32:27+00:00https://members.bugbountyexplained.com/burps-automatic-comments-with-gql-operation-names/2024-04-24T11:32:30+00:00https://members.bugbountyexplained.com/npm-search-rce-escape-sequence-injection/2024-04-24T11:32:33+00:00https://members.bugbountyexplained.com/bug-bounty-stats-for-the-first-8-months/2024-04-24T11:32:35+00:00https://members.bugbountyexplained.com/dont-force-yourself-to-become-a-bug-bounty-hunter/2024-04-24T11:32:37+00:00https://members.bugbountyexplained.com/bug-bounty-and-the-5-aspects-of-motivation/2024-05-07T08:45:59+00:00https://members.bugbountyexplained.com/oauth-2-csrfs-and-the-state/2024-06-26T14:18:37+00:00https://members.bugbountyexplained.com/ruby-send-leads-to-disclosing-1220-github-env-variables/2024-05-07T08:46:05+00:00https://members.bugbountyexplained.com/secrets-leaked-in-postman-collections/2024-05-07T08:46:11+00:00https://members.bugbountyexplained.com/pretalx-vulnerabilities-how-to-get-accepted-at-every-conference/2024-05-07T08:46:13+00:00https://members.bugbountyexplained.com/discovering-ssrf-by-cross-protocol-redirection/2024-05-07T08:46:15+00:00https://members.bugbountyexplained.com/oauth-3-response_mode/2024-08-19T18:27:30+00:00https://members.bugbountyexplained.com/magic-tricks-with-iframes-and-windows/2024-05-21T13:36:10+00:00https://members.bugbountyexplained.com/beating-html-sanitisers/2024-05-21T13:36:15+00:00https://members.bugbountyexplained.com/looking-back-at-the-past-4-months/2024-05-21T13:36:19+00:00https://members.bugbountyexplained.com/digging-for-ssrf-in-nextjs-apps/2024-05-21T13:36:22+00:00https://members.bugbountyexplained.com/github-actions-cache-poisoning/2024-05-21T13:36:29+00:00https://members.bugbountyexplained.com/oauth-4-exchanging-the-code/2024-06-26T14:18:36+00:00https://members.bugbountyexplained.com/things-you-wish-you-didnt-need-to-know-about-s3/2024-06-26T14:05:05+00:00https://members.bugbountyexplained.com/js-files-are-your-friends-zseano/2024-06-26T14:05:14+00:00https://members.bugbountyexplained.com/oauth-secrets-my-nahamcon-talk/2024-06-26T14:05:18+00:00https://members.bugbountyexplained.com/signsaboteur-forge-signed-web-tokens-with-ease/2024-06-26T14:05:21+00:00https://members.bugbountyexplained.com/hacking-millions-of-modems-and-investigating-who-hacked-sams-modem/2024-06-26T14:05:32+00:00https://members.bugbountyexplained.com/how-to-exploit-android-deeplinks/2024-06-26T14:05:34+00:00https://members.bugbountyexplained.com/the-secret-to-finding-many-criticals-alex-chapman-bbrd-podcast-14/2024-06-26T14:09:45+00:00https://members.bugbountyexplained.com/bypassing-admin-checks-and-more-privilege-escalation-case-study/2025-03-06T10:21:06+00:00https://members.bugbountyexplained.com/the-3-biggest-lessons-from-my-first-lhe/2024-08-20T12:47:52+00:00https://members.bugbountyexplained.com/confusion-attacks-exploiting-hidden-semantic-ambiguity-in-apache-http-server/2024-08-20T12:47:58+00:00https://members.bugbountyexplained.com/a-tool-for-domain-bitflips-and-typosquats/2024-08-20T12:48:16+00:00https://members.bugbountyexplained.com/encoding-differentials-why-charset-matters/2024-08-20T12:48:18+00:00https://members.bugbountyexplained.com/listen-to-the-whispers-web-timing-attacks-that-actually-work/2024-08-20T12:48:21+00:00https://members.bugbountyexplained.com/splitting-the-email-atom-exploiting-parsers-to-bypass-access-controls/2024-08-20T13:15:29+00:00https://members.bugbountyexplained.com/gotta-cache-em-all-bending-the-rules-of-web-cache-exploitation/2024-08-20T13:15:35+00:00https://members.bugbountyexplained.com/use-lemma-to-run-your-tools-with-a-click-from-the-browser/2024-09-03T14:17:18+00:00https://members.bugbountyexplained.com/the-x-correlation-between-frans-rce-research-drop-fransrosen-ctbbpodcast/2024-09-03T14:17:27+00:00https://members.bugbountyexplained.com/monkes-guide-to-bug-bounty-methodology/2024-09-03T14:17:31+00:00https://members.bugbountyexplained.com/chaining-three-bugs-to-access-all-your-servicenow-data/2024-09-03T14:17:36+00:00https://members.bugbountyexplained.com/universal-code-execution-by-chaining-messages-in-browser-extensions/2024-09-03T14:17:41+00:00https://members.bugbountyexplained.com/next-js-and-cache-poisoning-a-quest-for-the-black-hole/2024-09-03T14:17:47+00:00https://members.bugbountyexplained.com/tldr-every-ai-talk-from-bsideslv-black-hat-and-def-con-2024/2024-09-03T14:17:57+00:00https://members.bugbountyexplained.com/5-things-that-skyrocketed-by-bug-bounty-progress-in-2024/2024-10-03T14:10:28+00:00https://members.bugbountyexplained.com/content-type-research/2024-10-03T14:10:32+00:00https://members.bugbountyexplained.com/automating-xxe-hunt-with-ai/2024-10-03T14:10:36+00:00https://members.bugbountyexplained.com/beyond-xss-explore-the-web-front-end-security-universe/2024-10-03T14:10:39+00:00https://members.bugbountyexplained.com/using-youtube-to-steal-your-files/2024-10-03T14:10:41+00:00https://members.bugbountyexplained.com/the-website-with-known-csp-bypasses/2024-10-03T14:10:44+00:00https://members.bugbountyexplained.com/a-guide-to-subdomain-takeovers-2-0/2024-10-03T14:10:46+00:00https://members.bugbountyexplained.com/find-local-rces-and-other-bugs-with-no-memory-corruption-skills/2024-10-17T13:42:30+00:00https://members.bugbountyexplained.com/1-bug-50000-in-bounties-how-zendesk-intentionally-left-a-backdoor-in-hundreds-of-fortune-500-companies/2024-10-17T13:42:34+00:00https://members.bugbountyexplained.com/from-easy-wins-to-epic-challenges-bounty-hunter-edition/2024-10-17T13:42:36+00:00https://members.bugbountyexplained.com/ruby-saml-gitlab-authentication-bypass-cve-2024-45409/2024-10-17T13:42:38+00:00https://members.bugbountyexplained.com/class-pollution-in-ruby-a-deep-dive-into-exploiting-recursive-merges/2024-10-17T13:42:41+00:00https://members.bugbountyexplained.com/insecurity-through-censorship-vulnerabilities-caused-by-the-great-firewall/2024-10-17T13:42:43+00:00https://members.bugbountyexplained.com/practical-exploitation-of-dos-in-bug-bounty-roni-lupin-carta/2024-11-14T14:30:17+00:00https://members.bugbountyexplained.com/cookies-caching-attacking-chrome-extensions-with-matanber-ct-9596/2024-11-14T14:32:11+00:00https://members.bugbountyexplained.com/200k-in-2-weeks-a-clickbait-title-but-hopefully-valuable-advice/2024-11-14T14:32:20+00:00https://members.bugbountyexplained.com/paranoids-vulnerability-research-netiq-imanager-security-alerts/2024-11-14T14:32:26+00:00https://members.bugbountyexplained.com/heroctf-v6-writeups/2024-11-14T14:51:16+00:00https://members.bugbountyexplained.com/arc-browser-uxss-local-fil-read-arbitrary-file-creation-and-path-traversal-to-rce/2024-11-14T14:51:20+00:00https://members.bugbountyexplained.com/oh-sht-bug-bounty-moments/2024-11-14T14:51:23+00:00https://members.bugbountyexplained.com/switching-from-pentesting-to-bug-bounty-6-things-i-had-to-change/2024-11-27T14:33:55+00:00https://members.bugbountyexplained.com/from-an-android-hook-to-rce-5000-bounty/2024-11-27T14:34:03+00:00https://members.bugbountyexplained.com/breaking-the-most-popular-web-application-firewalls-in-the-market/2024-11-27T14:34:07+00:00https://members.bugbountyexplained.com/exploring-the-dompurify-library-bypasses-and-fixes/2024-11-27T14:34:11+00:00https://members.bugbountyexplained.com/story-of-a-cloud-architecture-diagramming-tool-gone-wrong/2024-11-27T14:34:13+00:00https://members.bugbountyexplained.com/breaking-down-multipart-parsers-file-upload-validation-bypass/2024-11-27T14:34:16+00:00https://members.bugbountyexplained.com/oauth-5-oauth-recon/2024-12-11T09:07:58+00:00https://members.bugbountyexplained.com/handling-cookies-is-a-minefield/2024-12-11T09:00:58+00:00https://members.bugbountyexplained.com/bypassing-wafs-with-the-phantom-version-cookie/2024-12-11T09:01:02+00:00https://members.bugbountyexplained.com/predictable-patterns-pii-leakages-using-ai-to-mass-leak-data/2024-12-11T09:01:08+00:00https://members.bugbountyexplained.com/cross-site-post-requests-without-a-content-type-header/2024-12-11T09:01:15+00:00https://members.bugbountyexplained.com/compromising-openwrt-supply-chain-via-truncated-sha-256-collision-and-command-injection/2024-12-11T09:01:18+00:00https://members.bugbountyexplained.com/how-a-top-hunter-figures-out-a-complex-target/2025-01-02T13:56:13+00:00https://members.bugbountyexplained.com/how-dday-became-the-most-valuable-hacker/2025-01-02T13:56:17+00:00https://members.bugbountyexplained.com/hackvector-web/2025-01-02T13:56:23+00:00https://members.bugbountyexplained.com/red-blue-and-purple-ai-jason-haddix/2025-01-02T13:56:27+00:00https://members.bugbountyexplained.com/worstfit-unveiling-hidden-transformers-in-windows-ansi/2025-01-02T13:56:30+00:00https://members.bugbountyexplained.com/oauth-6-oauth-server-side-account-takeovers/2025-01-02T13:59:54+00:00https://members.bugbountyexplained.com/sql-injection-isnt-dead-smuggling-queries-at-the-protocol-level/2025-01-17T13:27:15+00:00https://members.bugbountyexplained.com/top-ten-new-web-hacking-techniques-of-2024-voting-open/2025-01-17T13:27:20+00:00https://members.bugbountyexplained.com/signature-verification-bypass-in-nuclei/2025-01-17T13:27:24+00:00https://members.bugbountyexplained.com/bypassing-file-upload-restrictions-to-exploit-client-side-path-traversal/2025-01-17T13:27:26+00:00https://members.bugbountyexplained.com/server-side-prototype-pollution-gadget-collection/2025-01-17T13:27:30+00:00https://members.bugbountyexplained.com/doubleclickjacking-a-new-era-of-ui-redressing/2025-01-17T13:27:37+00:00https://members.bugbountyexplained.com/inside-the-fbis-secret-encrypted-phone-company-anom-joseph-cox/2025-01-17T13:27:40+00:00https://members.bugbountyexplained.com/xxe-case-study/2025-04-30T11:01:07+00:00https://members.bugbountyexplained.com/graphql-case-study-theres-so-much-more-than-idors/2025-06-16T14:07:44+00:00https://members.bugbountyexplained.com/mobile-case-study/2025-09-10T12:12:28+00:00