Rattibha

It's Steiner254

18 Tweets 8 reads Nov 15, 2022

Day 0⃣5⃣/2⃣0⃣ -- [Web Application Profile/Dashboard Hacking]
➡️ Day 5, Profile Update/Dashboard Vulnerabilities & References.
➡️ Below are Tips & References (Feel Free To Share)🧵🧵👇👇
#BugBounty
#bugbountytips
#cybersecuritytips

1/n
IDOR on the dashboard
youtube.com

2/n
Instagram IDOR
youtube.com

3/n
OS Command Injection
youtube.com

4/n
Stored XSS on profile dashboard POC
youtube.com

5/n
Stored XSS Filter bypass on dashboard
youtube.com

6/n
Remote Command Execution(RCE) Vulnerability PoC
youtube.com

7/n
CSRF while adding an Address Book
youtube.com

8/n
Hot to test for CSRF
youtube.com

9/n
Change Email & Password CSRF
youtube.com

10/n
CSRF while adding a payment method
youtube.com

11/n
PayPal CSRF that leads to adding a donate button
youtube.com

12/n
Application Layer DDOS while adding an Address/Manage Address Book
youtube.com

13/n
RCE via File Upload in MartDevelopers-Inc/KEA-Hotel-ERP
youtube.com

14/n
Tesla Lack Of Password/Authentication When Disabling 2FA.
youtube.com

15/n
Email Change Confirmation Bypass
youtube.com

16/n
EXIF Geolocation Data Not Stripped From Uploaded Images
@souravnewatia/exif-geolocation-data-not-stripped-from-uploaded-images-794d20d2fa7d" target="_blank" rel="noopener" onclick="event.stopPropagation()">medium.com

medium.com

n/n
Practice Makes Perfect!
Happy Hacking :)
See you here same time tomorrow!

Loading suggestions...

Categories

More from this author

Related Threads

Popular Threads

Categories

More from this author

Related Threads

Popular Threads

Unroll Thread