Djinn

A few months ago, I found a Prompt Injection vulnerability on Google Tasks. It was simple, yet tricky. Google rewarded me with a $15,000 bounty for it. Here's the full story:

🤭🤭

This might be the best IDOR I achieved so far with $$$$ 1- I tried every possible way to access, edit, or delete the target object but nothing works because the team implemented the proper authorization mechanism for that ----

If the admin panel you targeted has a username enumeration , you can brute-force using a wordlist. This has worked many times for me in this case, the username was "admin" My password wordlists: Basic: raw.githubusercontent.com/danielmiessler… Advance: raw.githubusercontent.com/mrtc0/honeylog… Usernames wordlist: raw.githubusercontent.com/jeanphorn/word… #bugbountytips #bugbounty

Finding Critical Bugs in Adobe Experience Manager (AEM) muhammadwaseem29.tech/blog/aem

$500 bounty on @Hacker0x01. Found with Claude Code Added a triage step in my prompt that spawns a new agent with no existing context to verify the finding. False positives have dropped a lot got this idea from someone's tweet, can't remember who. If it was you, thanks

Two bounties on @intigriti. $3000 + $100 Both bypasses of previously resolved reports 1 year ago: ChatGPT + a lot of manual work to find one of these Today: gave the old reports to Claude Code, it confirmed the fixes and found bypasses for both. Fully automated Workflow has changed completely Old writeup: medium.com/bugbountywrite… Old tweet: x.com/arshadkazmi42/…

@damian_89_ I’ve built a script yesterday for running deepseek 4 pro on a full source code, to do code review I can share the results today with you when it’s done 👍, so far working well

Found that just using a user ID could generate a valid session token, leading to account creation without proper authentication. Simple but high impact → triaged as P1. Good reminder: auth & session logic needs deep testing 🔍 #BugBounty #CyberSecurity #AppSec #AuthBypass #P1

Second Write up: Yeah I got my second bonus $$$ on a public bug bounty program. (EASY Tecnic). Steps To Reproduce: 1/n 1.Identify multiple contact forms & Observe that all forms are protected by CAPTCHA. 2. The full endpoint /_vcp/test/_test/contactprocess/

I had published a new Writeup about my recent Critical Vulnerability Report on a Private Bug Bounty Program at Hackerone. Enjoy reading:- wadgamaraldeen.medium.com/critical-zero-… #CyberSecurtiy #BugBountyTips #AppSec #AccountTakeover

الحمد و الشكر لله الذي بنعمته تتم الصالحات♥️ I got a ~$1,450 bounty for reporting a Critical JWT Authentication Design Flaw leading to potential Zero Click Account Takeover. Writeup soon. #BugBounty #AppSec #CyberSecurity #JWT #Standoff365 #SecurityResearch

Bounty : 250 Euro Well admin can only invite admin and low level user. POST /api/users/invite/ Expected : role":"admin" Changed to : role":"SuperAdmin" I got invited as superadmin. Got Fixed and rewarded in 8 hours haha

HTTP Request Smuggling -> Auth Bypass POC -> 1. Found mismatch in frontend & backend parsing 2. Crafted request with conflicting headers 3. Backend processed hidden request 4. Bypassed authentication controls\ #infosec #bugbounty #bugbountytips

Delete highlight cover IDOR bug in Instagram $3000 Bug Bounty PoC Write-up: adragos.ro/idor-bug-insta…

Critical IDOR Vulnerability Leads to User Information Disclosure on Chat Box @guptasameer756/critical-idor-vulnerability-leads-to-user-information-disclosure-on-chat-box-ffed210f3ddb?source=rss------bug_bounty-5" target="_blank" rel="nofollow noopener">medium.com/@guptasameer75… #bugbounty #bugbountytips #bugbountytip

Super nice write ….

For years, Google API keys (AIza...) had little to no real-world impact. But recently, many of them unexpectedly gained access to Google Gemini. curl "generativelanguage.googleapis.com/v1/models?key=…" This appears to be a widespread misconfiguration that can be hunted in the wild.

I've been in the bug bounty scene for over a decade now. $2M in bounties later, I figured it was time to sit down and talk about everything I've learned! 👉🏼 youtube.com/watch?v=pbu7El…

I just Posted My Current Methodology For Discovering Account Takeover via Password Rest Flows at LinkedIn :- linkedin.com/posts/wadgamar… #bugbountytips #Cybersecurity #AccountTakeover