Open in app

Sign In

Write

Sign In

Naveenroy
Naveenroy

82 Followers

Home

About

Apr 12, 2022

Broken session control leads to access the admin panel even after revoking the access!! — #ZOHO

Hey Guy’s Every IT Guy Know about the Zoho people plus, it is mostly used by the employees in the companies. Recently i found a vulnerability in Zoho people plus, the interesting thing is even after revoking the admin access, a user can still able to make changes on the…

Bug Bounty

2 min read

Broken session control leads to access the admin panel even after revoking the access!! — #ZOHO
Broken session control leads to access the admin panel even after revoking the access!! — #ZOHO
Bug Bounty

2 min read


Mar 20, 2022

Broken session control leads to access private videos using the shared link even after revoking the access for specific time!! — #GoogleVRP

A lot of people might know how to share the private video and can access that video but here the interesting thing is now this vulnerability can be used to see private video after revoking the access. For example: Let’s assume a scenario suppose you have uploaded a private video…

Bug Bounty

2 min read

Broken session control leads to access private videos using the shared link even after revoking the…
Broken session control leads to access private videos using the shared link even after revoking the…
Bug Bounty

2 min read


Aug 1, 2021

XSS Attacks via SVG images

Hola Guys!!! I was doing hunting on website it is private site let’s take as redacted.com, …

Bug Bounty

2 min read

XSS Attacks via SVG images
XSS Attacks via SVG images
Bug Bounty

2 min read


Nov 22, 2020

How To Be Completely Anonymous Like A Hackers?

Hello guys, today am sharing a method on how to be completely anonymous.. These steps is used by a black hat hackers .(Only for educational purpose) Always remember, only VPN won’t make you anonymous:( So let's get started: Requirements: Computer/Laptop, Brain, Basic knowledge of computer and some tools we will…

Hacking

2 min read

Hacking

2 min read


Jun 8, 2020

How to write a Bug Bounty report

7 Terms Should be in Mind While Writing A Report Description is the introduction part of the report. This can be considered as a short explanation of the report title, where the reporter gives general information of the vulnerable endpoint or component, followed by the type and causes of the vulnerability found. Reproduction is the most important part of the…

Bug Bounty

8 min read

How to write a Bug Bounty report
How to write a Bug Bounty report
Bug Bounty

8 min read


May 24, 2020

How To Test Android Application Security Using Drozer?

Hey….! Hackers We all have remember the time when we used to create a bunch of applications to check for vulnerabilities in Android applications. Then Drozer came into existence, an open source all in one combination to check your application against known vulnerabilities….! To know about installation and set up…

Bug Bounty

3 min read

Bug Bounty

3 min read


May 19, 2020

Bug Bounty Methodology…Just Have a Look.!

Some of the most common questions out there in the industry are “what is your methodology?” or “how do you look for bugs”? This post will be an attempt to answer that from the point of view of an average and continuously learning bug hunter. This has certainly evolved over…

Bugbounting

7 min read

Bugbounting

7 min read


Jan 27, 2020

Open redirect Vulnerability

Summary: There is an Open Redirect on https://redacted.com/exit.php?url= due to the application not checking the value passed by the user to the “url” parameter. Description: Unchecked redirects occur when an application redirects to a destination controlled by attackers. This often occurs in functionality returning users to a previous page, e.g…

Bug Bounty

1 min read

Bug Bounty

1 min read


Jan 27, 2020

Tale of a Misconfiguration in Password Reset

This post is about a misconfiguration in password reset I found on a popular help desk software sometimes ago where they were leaking the reset token. And guess what? This was not in the Referer header :D but right in the response of the request itself. In this case one…

Bug Bounty

2 min read

Bug Bounty

2 min read


Jan 27, 2020

Unrestricted file upload vulnerability

Hi guys whatsup! This is Naveen an security researcher . Here im presenting my research on unrestricted file upload vulnerablities. In this article , we are going to learn about what is unrestricted file upload vulnerability ? what we can do with this? Types of filters and filter bypass techniques …

Bug Bounty

2 min read

Bug Bounty

2 min read

Naveenroy

Naveenroy

82 Followers

Red teamer, Security Researcher

Following
  • mrhavit

    mrhavit

  • Swapmaurya

    Swapmaurya

  • Hagen Hübel

    Hagen Hübel

  • 7h3h4ckv157

    7h3h4ckv157

  • SlowMist

    SlowMist

See all (173)

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech

Teams