Daily Bug Bounty Writeups by @Piyush Kumawat
This repository contains Bug Bounty writeups
-
💯December 16, 2025 - Breaking the Web (Part 7): Security Misconfigurations — When Defaults Become Dangerous
-
💯December 16, 2025 - 10 OSINT Tools Every Cybersecurity Professional Should Know (Before Hackers Do) ️‍♂️
-
đź’ŻDecember 16, 2025 - $200 Bounty: XSS via X-Forwarded-Host Header That Also Triggered an Open Redirect
-
💯December 16, 2025 - API10–2023: Unsafe Consumption of APIs — Explotación y Mitigación
-
đź’ŻDecember 15, 2025 - How I Used an IDOR to Trigger XSS and Take Over All Accounts
-
💯December 15, 2025 - The CGI Script That Should Have Stayed Hidden — How a Forgotten Diagnostic File Exposed an…
-
💯December 15, 2025 - ⚡ The Reflected XSS Hidden Inside a Login Page — And How a Single Parameter Became a Security Weak…
-
đź’ŻDecember 15, 2025 - Buried in JavaScript: How One Comment Led Me to a Production API Key
-
💯December 15, 2025 - A Hacker’s Christmas: Bug Bounties by Candlelight
-
đź’ŻDecember 15, 2025 - Recon Dorking: The Art of Advanced Information Gathering for Cybersecurity