bug-bounty490
google398
microsoft329
xss293
facebook288
rce199
exploit191
apple187
malware173
cve127
account-takeover113
bragging-post101
csrf86
privilege-escalation85
phishing81
browser80
supply-chain67
writeup66
dos66
stored-xss64
react64
authentication-bypass62
reflected-xss57
cloudflare56
node55
reverse-engineering53
ssrf51
aws51
docker50
input-validation48
access-control47
cross-site-scripting46
oauth46
smart-contract45
web345
ethereum43
defi42
sql-injection42
lfi41
web-security40
info-disclosure40
cloud39
web-application39
race-condition38
pentest37
ctf36
idor35
burp-suite35
vulnerability-disclosure34
html-injection33
0
2/10
Bishop Fox's Mexico team won first place at both HackMex Finals and EkoParty Red Team Space in 2025 by leveraging web exploitation, infrastructure compromise, and AWS attack techniques.
Bishop Fox
HackMex
EkoParty
HackMex Finals
EkoParty Red Team Space
0
7/10
bug-bounty
Researcher discovered a subdomain takeover technique by exploiting an improperly configured S3 bucket that allowed unauthenticated write access via AWS CLI. By uploading a malicious _redirect.html file with proper ACL permissions, the attacker could execute arbitrary content on the victim subdomain without exploiting a traditional subdomain takeover vulnerability.
s3-bucket-misconfiguration
subdomain-takeover
aws-security
cloud-storage
access-control
file-upload
aws-cli
bucket-policy
bug-bounty
AWS
Amazon S3
MuhammadKhizerJaved
HackerOne
Bugcrowd