xAbraham
67 posts

xAbraham
@Exploit_000
Security Researcher | Bug Bounty Hunter | Competitive Programmer
Katılım Mart 2024
128 Takip Edilen31 Takipçiler

@Exploit_000 @garethheyes can I get a free copy please gareth
English

Huge thanks to @garethheyes . If you want to build confidence with WAF bypasses and better understand client-side vulnerabilities, this book is a must-read. I recently got rewarded for a Stored XSS, and the knowledge from this book definitely helped. Highly recommended!

English

@Exploit_000 @garethheyes Thanks for the reminder I need to pick one of these up too. I'm pretty sure Ars0n aka rs0n_live one of my mentors recommended it during one of his trainings.
English

@Exploit_000 Really pleased it helped you thanks for the shout out!
English

Sometimes the difference between authorized and unauthorized is just changing a parameter from true to false. Access control bugs never get old .
Reported. Let's see how it goes ⏳
#bugbounty #hackerone

English
xAbraham retweetledi

Found an interesting bug where a single PUT request led to multiple operational BOLA vulnerabilities, while also exposing sensitive user information such as email addresses and phone numbers.
#BugBounty

English

Update: The Stored XSS has been fixed and rewarded.
Alhamdulillah :)
#Bugbounty

xAbraham@Exploit_000
Another Stored XSS 👀 javascript: and alert() were blocked, but javascript:confirm() slipped through 😶 #BugBounty #XSS #StoredXSS
English

@DarthKermi72747 We all know these systems are terrible when it comes to security, but don't post such sensitive information leaks. It involves the sensitive data of thousands of people. We all know black hats are faster than the fixing team :) they'll reach it first
English

JEE Advanced 2026 candidate/result infrastructure (cdata.jeeadv.ac.in/result2026/) had a public cloud storage misconfiguration exposing bulk candidate data without auth.
This exposed ~179.6k result records and ~187.3k admit-card PDFs, including candidate names, DOBs and mobile numbers.


English

You're melting in 41°C and the only thing hotter is your duplicate notification :()

xAbraham@Exploit_000
A single POST request exposes all tenant user emails, and with hundreds of publicly accessible tenants. Reported, let’s see :)
English

Another Stored XSS 👀
javascript: and alert() were blocked, but javascript:confirm() slipped through 😶
#BugBounty #XSS #StoredXSS

English

Browser normalizes javascript: URLs meaning [\t,\n,r] can be inserted between ANY two letters of the word and the browser still treats it as a valid
protocol.
So instead of javascript:alert(1) you can write-
j%09a%09v%09a%09s%09c%09r%09i%09p%09t%09:alert(1) ✅
#BugBounty #XSS

English








