//Hello World//

Welcome to

Nothing much to see here yet!, please come back again.


Connect me on twitter: @admin

Retrieving etc/passwd or etc/hosts using LFI is critical severity or high severity? Anyone help me to chose please? #BugBounty (Image added for attention garbing purpose only) 🙂

Another P1. None ➡️ P1. I almost gaveup explaining the possible bug, thankfully at the end, the triager convenced and escalate the priority to P1 #BugBounty #RCE #SOLR

CVE-2020-11110 (Grafana 6.7.x stored XSS) in a biggest drinks maker's monitoring system. Funny that they still run tens of vulnerable apps. So, closing the day with a Critical finding. #BugBounty #Grafana #XSS


Never expected to receive these two bounties +points knowing companies treat HTML injection and Open -redirection as low severity. I normally don't report open redirection or HTML injection unless there's a possible XSS, but these two reports proved me wrong!!! #BugBounty

Load More...