Web
2026
MCP Servers Explained: The New AI Attack Surface
·1582 words·8 mins
2025
IDOR Leads to Unauthorized Deletion: How I Earned $500 in Bug Bounty
·1178 words·6 mins
How I Found an Account Takeover Bug in the Forgot Password Flow
·801 words·4 mins
How I Found a $3000 IDOR Vulnerability in a Delivery App
·1045 words·5 mins
2024
Exploiting DOM for Open Redirect Attacks
·1735 words·9 mins
HTTP Parameter Pollution vs Mass Assignment
·1176 words·6 mins