Bug Bounty Content

Architecture – GRPC

Architecture – Kubernetes

Architecture – Web Cache

Architecture – Web Requests

Architecture – Web Service And API Attacks

Architecture – Websockets

Authentication – JSON Web Token

Authentication – Oauth

Authentication – Session Puzzling

Authentication – Session Security

Authorization – 403 Bypass

Business Logic – Logic Bugs

Business Logic – Race Conditions

Client Side – CORS Misconfigurations

Client Side – CSRF Token Bypass

Client Side – CSRF

Client Side – Execution After Redirect

Client Side – Same Origin Policy

Client Side – XSS Attacks

Client Side – XSS

Injection – Command Injections

Injection – Django SSTI

Injection – Jinja2 SSTI

Injection – Time Based Blind SQLi

Injection – Union SQL Injection

Injection – XSLT

Reports – Broken Access Control

Reports – Bussines Logic

Reports – CORS

Reports – IDOR

Reports – Info Disclosure

Reports – OSINT

Reports – Open Redirect

Reports – Path Traversal

Reports – Race Conditions

Reports – SQLi

Reports – SSRF

Reports – WAF Bypass

Reports – XSS

Server Side – DNS Rebinding

Server Side – Havoc SSRF With RCE

Server Side – SSRF

Server Side – Server Side Attacks