bug-bounty538
xss263
rce163
google145
bragging-post120
microsoft107
malware106
account-takeover102
facebook99
exploit91
open-source91
privilege-escalation84
cve81
csrf80
authentication-bypass75
stored-xss72
access-control65
phishing65
ai-agents63
reflected-xss61
web-security53
input-validation53
apple51
sql-injection49
cross-site-scripting48
reverse-engineering47
ssrf46
smart-contract46
tool46
ethereum45
defi45
privacy44
dos44
web-application43
supply-chain42
cloudflare39
information-disclosure39
writeup39
web338
responsible-disclosure37
llm37
browser36
opinion35
burp-suite35
api-security35
automation34
vulnerability-disclosure34
idor33
machine-learning32
denial-of-service31
0
7/10
bug-bounty
A detailed writeup of discovering and exploiting an SSRF vulnerability through a proxy endpoint, highlighting the methodical approach to bypassing domain whitelists by discovering that the filter was *company.com instead of *.company.com, enabling exploitation via attacker-controlled AWS infrastructure.
ssrf
server-side-request-forgery
whitelist-bypass
open-redirect
subdomain-takeover
url-parser
aws
s3
xss
bug-bounty
methodology
Burp Collaborator
Findomain
httprobe
Waybackurls
AWS
S3
EC2
Flask
neemacompany.com