Medium Content Spoofing Leads to XSS

Last week, I found a content spoofing bug in Medium’s jobs site, which can lead to stroed XSS. Introduction I was not looking for bugs there neither a job, I... Read more »

The Sorting Challenge

I started a challenge to some javascript folks last month, and here is the write-up. Challenge I gave them this array [5,23,87,3,58,7,2,1,9], and asked them to sort it increasingly. It’s... Read more »

Hello World Post

Welcome all :) In this new blog I will write about my findings, thoughts, tools, programming, and much more! This blog had been made using Jekyll which is a great... Read more »

Leak Private Videos [Vimeo Bug Bounty]

Today, I’ll talk about one of my worst experiences in bug bounty programs with Vimeo’s security team. First, if you don’t know Vimeo: Vimeo (/ˈvɪmioʊ/[3]) is a video-sharing website in... Read more » XSS Challenge | Solution

Back in June 10, 2016, I published an XSS challenge on platform I called Small Youtube XSS . If you are here just for solution and not interested in write-up, here’s a... Read more »

Vine Re-auth Bypass [Twitter Bug Bounty]

Today I’d like to share an old bug that I found in 2014 at  Introduction I was exploring Twitter when I saw @0xSobky’s tweet saying that he found an XSS by... Read more »