bug-bounty496
xss255
rce132
bragging-post119
google109
account-takeover107
authentication-bypass94
privilege-escalation92
open-source92
facebook86
csrf83
malware83
microsoft76
access-control75
stored-xss75
ai-agents67
web-security64
reflected-xss63
exploit62
phishing59
cve55
information-disclosure52
input-validation52
sql-injection51
smart-contract49
defi48
cross-site-scripting48
privacy47
tool46
ethereum46
reverse-engineering45
ssrf44
api-security44
vulnerability-disclosure40
web-application38
ai-security38
burp-suite37
opinion37
llm37
dos36
writeup36
apple36
automation35
responsible-disclosure35
cloudflare34
remote-code-execution33
web333
infrastructure33
html-injection33
smart-contract-vulnerability33
0
5/10
bug-bounty
A bug bounty writeup demonstrating SSRF exploitation on a job posting URL field by enumerating open/closed ports on localhost (127.0.0.1) using HTTP/HTTPS requests and observing different HTTP response codes (201 vs 400) to detect port status, leading to internal network reconnaissance.
ssrf
port-scanning
server-side-request-forgery
bug-bounty
url-schemes
burp-collaborator
localhost-bypass
http-protocol
web-security
Deepak Holani
Burp Collaborator
HackerOne