Feb 7, 2022How We “Forced” Our Client To Fix A Low Severity Security Bug And Still Got Appreciated!We at DefCore Security intend to provide great visibility to clients while working on the pentest engagement. We give our clients the freedom to oversee every stage of testing activity. …Cyber Security3 min readCyber Security3 min read
Jul 28, 2019Chaining Cache Poisoning To Stored XSSOne of the benefits of being a developer is that you can guess how stuff is working at the server end. …Bug Bounty3 min readBug Bounty3 min read
Jan 27, 2019Chaining Tricky OAuth Exploitation To Stored XSSHey everyone, hope you all are having a great 2019 so far. I found this cool bug and wanted to share, so here it goes. So after going through a private program on hackerone, i found a Self-XSS[AngularJS Template Injection] and a misconfigured OAuth implementation with low impacts. …Oauth4 min readOauth4 min read
Jan 20, 2019A Simple CORS Misconfig Leaked Private Post Of Twitter, Facebook & InstagramHey Everyone, this is my first story on Medium(one of my friend told me how easy and productive Medium is). If you want to read my previous ones, have a look here at my personal blog. So you might have reached here thinking it’s a big & complex hack but…Bug Bounty3 min readBug Bounty3 min read
