Amirabbas Ataei

598 posts

Amirabbas Ataei

@ImAyrix

Bug Hunter & Web Application Pentester

Katılım Eylül 2021

474 Takip Edilen4.2K Takipçiler

Amirabbas Ataei retweetledi

YS@YShahinzadeh·21 Mar

I published one of the techniques that I've been using against OAuth providers, honetly, it's led me to discover many flaws, and recently I used it to find a 1-click ATO on one of the most widely visited websites,I hope you find it useful :-) blog.voorivex.team/story-of-abusi…

English

119

647

28.3K

Amirabbas Ataei retweetledi

YS@YShahinzadeh·19 Mar

Feb 24, 2026 08:35PM ➜ submited Feb 24, 2026 10:46PM ➜ report was triaged Feb 25, 2026 12:23PM ➜ bug patched Mar 17, 2026 02:55PM ➜ bounty awarded

English

708

23.3K

Amirabbas Ataei@ImAyrix·24 Şub

@YShahinzadeh On Top 🔥❤️

English

413

YS@YShahinzadeh·24 Şub

two more bugs on Google triaged I have two more that I haven’t reported YET, but I’m finalizing them. one is critical, I believe :]

English

269

8.9K

Amirabbas Ataei@ImAyrix·23 Şub

@YShahinzadeh @omidxrz 🔥🔥🔥

QME

309

Amirabbas Ataei retweetledi

YS@YShahinzadeh·23 Şub

It's time for sharing, this is not a simple write-up, we are sharing our methodology and reasoning, detailing how we approached and hunted the flaw, I hope you like it :] blog.voorivex.team/uxss-on-samsun…

Omid Rezaei@omidxrz

We got permission from the Samsung Security team to disclose this uXSS that we found in Samsung Browser, it was assigned a CVE (CVE-2025-58485) and patched. Here is the PoC, expect the write-up in the next upcoming days.

English

330

23.8K

Amirabbas Ataei retweetledi

Omid Rezaei@omidxrz·20 Şub

YS@YShahinzadeh

20 days ago I found a uXSS and reported, it got triaged now, I'll publish a blog post after fix and vendor permission, it's my first bug that I'm not happy with due to recent H1 situation 🖤

English

240

35.5K

Amirabbas Ataei@ImAyrix·20 Şub

Both challenges were interesting Thanks for sharing.

YS@YShahinzadeh

Yousef (@samm0uda) gave me a challenge few days ago, it's a redesign of Amir's recent challenge, the solution is quite interesting, I was able to solve it in 10 minutes as I'd previously debugged QS library it, I highly RECOMMEND it, the source code: gist.github.com/samm0uda/91efe…

English

2.3K

Amirabbas Ataei@ImAyrix·11 Şub

@AmirMSafari 🔥🔥🔥🔥

QME

171

Amirabbas Ataei retweetledi

AmirMohammad Safari@AmirMSafari·10 Şub

Thanks for participating in this challenge! I analyzed the qs parser source code and wrote about the inconsistency between the backend and frontend query parsers, along with two possible solutions. Hope you enjoy it! blog.voorivex.team/when-two-parse…

AmirMohammad Safari@AmirMSafari

Can you spot the XSS vulnerability? 👀 Test it out live at: pwnbox.xyz

English

183

13.9K

Amirabbas Ataei@ImAyrix·10 Şub

@garethheyes @AmirMSafari 🔥👌🏼

QME

389

$Gareth Heyes \u2028$

Gareth Heyes \u2028@garethheyes·10 Şub

New geolocation-based XSS vectors just landed in our XSS cheat sheet. Huge thanks to @AmirMSafari for the great submission. See the reply for the full details and the other vectors...

$Gareth Heyes \u2028 tweet media$

English

169

12K

Amirabbas Ataei@ImAyrix·4 Şub

@AmirMSafari @YShahinzadeh 🔥🔥🔥

QME

238

Amirabbas Ataei retweetledi

AmirMohammad Safari@AmirMSafari·3 Şub

I recently discovered several vulnerabilities in MCP servers across different attack scenarios (DOM XSS, Stored XSS, SSRF, etc.) and decided to publish a blog post to share my knowledge. Hope you enjoy it! :D blog.voorivex.team/shaking-the-mc…

English

233

14.6K

Amirabbas Ataei@ImAyrix·17 Ara

@YShahinzadeh On Top 🔥❤️

English

239

YS@YShahinzadeh·17 Ara

they decreased the bounty amount, I replies with my reasons and asked for a review, since it was a conditional RCE, they should have paid higher :]

English

148

14.4K

YS@YShahinzadeh·19 Kas

Another one on Google VRP. this one is an old-buggy-pettern storing data as an object in State parameter and processing it in OAuth callback. I couldn't manipulate final url using attacker/domain or attacker@domain, but with attacker\u002fdomain. I expect 20k or 13k for this ;]

English

646

58.7K

Amirabbas Ataei@ImAyrix·9 Ara

After filtering for the most common ones, it became a really useful part of my workflow. Definitely worth a try if you're looking to enhance your fuzzing lists.

English

2.5K

Amirabbas Ataei@ImAyrix·9 Ara

For the past year, I've been using a private wordlist generated from actual bug bounty reports. I grabbed disclosed report texts by simply appending .json to the report URLs (as shown below) and fed them into fallparams to mine parameters from the included requests and snippets.

English

291

19.8K

Amirabbas Ataei@ImAyrix·8 Ara

blog.voorivex.team/not-so-dirty-d…

ZXX

523

Amirabbas Ataei@ImAyrix·8 Ara

A great article from Hamid about GIS SDK challenges He explains how he escalated a DOM XSS into a full Account Takeover. Definitely worth your time 👇

English

709

Amirabbas Ataei@ImAyrix·5 Ara

@Kian_mehrr @CSa6an @DanialXray @voorivex Congrats ❤️

English

129

Kianmehr@Kian_mehrr·3 Ara

Locked in for the past ~1.5–2 months, grinding full-focus on hunting with my great friends @CSa6an and @DanialXray . We dove deep into a big program (and some of its subsets), and the results were worth every hour. More bugs, more learning, more experience. 🚀 @voorivex

English

271

9.5K

Amirabbas Ataei@ImAyrix·25 Kas

@BourAbdelhadi Nice tool, thanks for sharing! ❤️

English

249

Bour Abdelhadi@BourAbdelhadi·23 Kas

Hey everyone! I’ve been building rep+, a lightweight HTTP Repeater inside Chrome DevTools. No proxy setup or certificates. Just open DevTools and start poking requests. It also has built-in AI for explanations and attack ideas. I’ll share one rep+ feature every day. Try it 👇

English

153

950

86K

Keşfet

@YShahinzadeh @omidxrz @AmirMSafari @garethheyes @elonmusk @BarackObama @taylorswift13 @cristiano