bug-bounty473
google371
microsoft318
facebook271
xss267
rce184
apple178
malware177
exploit165
cve122
account-takeover110
bragging-post102
phishing85
csrf85
privilege-escalation83
browser71
supply-chain69
stored-xss65
authentication-bypass64
dos64
react58
reflected-xss57
cloudflare52
reverse-engineering50
access-control48
node48
input-validation48
aws48
cross-site-scripting48
writeup47
docker46
ssrf45
smart-contract45
ethereum44
web-security43
sql-injection43
defi43
web343
oauth41
web-application41
lfi38
info-disclosure37
pentest37
race-condition37
idor35
burp-suite35
auth-bypass35
vulnerability-disclosure34
cloud34
html-injection33
0
3/10
Article discusses techniques and tools for bypassing HTTP 403 Forbidden responses to discover hidden endpoints during bug bounty hunting, using a tool called 403Bypasser.
403-bypass
forbidden-response
access-control-bypass
hidden-endpoints
http-status-codes
endpoint-discovery
bug-bounty
403Bypasser
0
6/10
A researcher discovered a URI-based XSS vulnerability in a redirect parameter (example.com/social?redirect=) using Google dorking to find hidden endpoints, exploiting javascript:// protocol handling to execute arbitrary JavaScript when users logged in after being redirected to a malicious URL.
xss
uri-based-xss
google-dorking
reconnaissance
open-redirect
javascript-protocol
parameter-tampering
hidden-endpoints
bug-bounty
hackerone
cookie-stealing
phishing
Jatin Nandwana
HackerOne
Google Hacking Database
Exploit-DB