Wondering what happened this week in #BugBounty and pentesting? Procrastinating on twitter and want to pretend to be productive? Let's check out this weeks #BugBytes
PS: did you notice that the write ups and tutorials are now separated? If you're looking for more advanced security research or grow your skills!
1⃣@NahamSec talks about 2 months of bug hunting, the luck, approach and choosing a program and also burn out
That's not all folks, if you want to see all the hacking goodness you can check out the full post below or subscribe so you get it in your email inbox 😉👇 blog.intigriti.com/2023/05/17/bug…
• • •
Missing some Tweet in this thread? You can try to
force a refresh
Let's understand CSRF vulnerabilities first before moving on to the exploitation part.
Cross-Site Request Forgery (CSRF) vulnerabilities arise when a malicious actor is able to trick the victim's browser into conducting any unauthorized action on his behalf.
There are multiple vulnerabilities present. Can you spot them all?
We've made a list of 6 of the most common price manipulation vulnerabilities found in the checkout process 👇️
Skip ahead to the exploitation part if you already know what price manipulation vulnerabilities are! 👇
Imagine this:
Your laptop' screen suddenly turns off...
You don't know why but when you try to turn your pc back on
You see that the screen doesn't work anymore! 😱
So... this means no more bug bounty for the rest of the week? Of course not!
As you have already repaired some basic parts in a pc before, you decided to take the matter into your own hands! ✊
Were you able to spot the vulnerability in yesterday's code snippet? 🕵️♂️
✅ Yes? Nicely done!
❌ No? Don't worry. This is your chance to learn, so let's take a look at the writeup 👇
🧵 Be sure to keep reading this thread for more resources and the winner of our swag!
Want to take a closer look at the vulnerable code snippet? 👩💻