Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- https://blog.detectify.com/2019/01/29/hacking-isnt-an-exact-science/
- https://blog.securitybreached.org/2020/01/22/user-account-takeover-via-signup-feature-bug-bounty-poc/
- https://blog.teddykatz.com/2019/11/05/github-oauth-bypass.html
- https://blog.usejournal.com/sql-injection-via-stopping-the-redirection-to-a-login-page-52b0792d5592
- https://fellchase.blogspot.com/2019/12/authorization-bug-that-every-bug-hunter-missed-on-a-popular-program.html
- https://geleta.eu/2020/a-tale-of-verbose-error-message-and-jwt-token/
- https://medium.com/@Asm0d3us/facebook-bug-sending-messages-as-a-page-with-jobmanager-permission-763dc0d8e32c
- https://medium.com/@aayushpokhrel/how-i-made-my-first-from-finding-a-bug-in-facebook-da3b11e550f0
- https://medium.com/@baibhavanandjha/sending-message-as-page-being-an-analyst-advertiser-eb0317376f43
- https://medium.com/@bhaveshthakur2015/complete-information-disclosure-using-broken-access-control-269368af7043
- https://medium.com/@dekeeu/reposted-2019-hacking-youtube-for-fun-and-profit-8685dd475e30
- https://medium.com/@evan.connelly/hunting-tesla-model-y-secrets-in-the-parts-catalog-2f453f853dd8
- https://medium.com/@godofdarkness.msf/tumblr-bug-bounty-200-2051ba54e981
- https://medium.com/@hariharan21/restriction-is-not-a-promise-privilege-escalation-on-google-2a35104ded5a
- https://medium.com/@hazzaazi31/a-malicious-editor-of-a-page-can-support-to-a-community-action-which-cant-be-unsupported-by-the-f568c3762042
- https://medium.com/@johnssimon_6607/getting-access-to-disabled-hidden-features-with-the-help-of-burp-match-and-replace-e1d7b70d131e
- https://medium.com/@np20121996/how-was-i-able-to-find-privilege-escalation-b13366b97706
- https://medium.com/@raushanraj_65039/adding-a-malicious-notebook-to-be-treated-like-a-trusted-notebook-in-google-colab-1337-b84353a9f77
- https://medium.com/@rohitcoder/bypassing-fix-of-domain-blocking-feature-in-business-manager-41949a18460c
- https://medium.com/@rohitcoder/private-dashboards-were-accessible-by-other-admins-in-analytics-dashboard-558010a379ab
- https://medium.com/@rohitcoder/whitehat-test-accounts-can-act-as-hidden-admin-with-business-manager-ad-accounts-ce75ead5ffff
- https://medium.com/@sansyrox/hacking-tinders-premium-model-43f9f699d44
- https://medium.com/@satboy.fb/a-short-tale-of-account-verification-bypass-22045b38a8b1
- https://medium.com/@sushiwushi2/hijacking-shared-report-links-in-google-data-studio-75eab320c391
- https://medium.com/@tarekmohamed_20773/add-new-user-with-admin-permission-and-takeover-the-organization-6318ee10154a
- https://medium.com/@timpaxerror/page-admin-disclosure-via-an-upgraded-page-post-57863fb02c50
- https://medium.com/bugbountywriteup/account-hijack-using-authorization-bypass-which-made-me-richer-by-ba9dace72682
- https://medium.com/bugbountywriteup/bug-bounty-broken-api-authorization-d30c940ccb42
- https://medium.com/bugbountywriteup/bypassing-the-fix-of-my-previous-instagram-bug-49ece4ea7e1d
- https://medium.com/bugbountywriteup/dank-writeup-on-broken-access-control-on-an-indian-startup-d29132a1ecd
- https://medium.com/bugbountywriteup/facebook-bug-bounty-reading-whatsapp-contacts-list-without-unlocking-the-device-a40e9c660a42
- https://medium.com/bugbountywriteup/how-i-found-a-simple-bug-in-facebook-without-any-test-3bc8cf5e2ca2
- https://medium.com/bugbountywriteup/page-admin-disclosure-facebook-bug-bounty-2019-ee9920e768eb
- https://medium.com/nassec-cybersecurity-writeups/bypassing-brand-collabs-manager-eligibility-7d26523da816
- https://noobe.io/articles/2020-01/how-i-found-bug-google-search-console
- https://pankajupadhyay.in/2020/05/01/ok-google-bypass-flag-secure/
- https://philippeharewood.com/add-users-to-roles-on-facebook-pages-without-an-invitation-consent/
- https://philippeharewood.com/create-living-room-polls-as-a-facebook-page-analyst/
- https://philippeharewood.com/generate-valid-signatures-for-fbcdn-urls/
- https://philippeharewood.com/get-page-inbox-notifications-for-any-facebook-page/
- https://philippeharewood.com/subscribe-to-the-list-of-requesters-to-join-a-facebook-live-video-using-mqtt/
- https://philippeharewood.com/subscribe-to-typing-notifications-for-any-instagram-user/
- https://philippeharewood.com/toggle-group-rules-agreement-as-a-non-member/
- https://philippeharewood.com/view-the-ranked-messenger-users-for-any-page/
- https://pwnsec.ninja/2019/06/28/facebook-bugbounty-short-story-on-page-admin-disclosure/
- https://pwnsec.ninja/2020/03/04/bug-bounty-catches-part-1/
- https://websecblog.com/vulns/leoexpress-personal-data/
- https://www.symbo1.com/articles/2019/01/11/fb-pageanalyst-could-add-oneself-as-moderator-on-group.html
- https://www.symbo1.com/articles/2019/01/25/fb-change-product-availability-as-pageanalyst.html
- https://ysamm.com/?p=281
- https://ysamm.com/?p=30
- https://ysamm.com/?p=314
- https://ysamm.com/?p=404
- https://ysamm.com/?p=50
- https://ysamm.com/?p=68
Add Comment
Please, Sign In to add comment