Hey, I’m Abhisek. Back with another write up. This write up is based upon my bug hunting tactics of increasing impact of information disclosure. With no further delay, Let’s start *_*
Hello guys, Hope all are doing good. I’m Abhisek, here’s a small write up on CSRF vulnerability I found in a Bug Bounty program. Don’t worry new people, Its beginner friendly.
Since I’m not supposed to disclose the site, Let’s take redacted[dot]com as our target. Okay, moving ahead.
First of all, What does Cross-Site Request Forgery (CSRF) mean? On simple words. It is kind of a one click attack, where a malicious request is submitted by the victim without his/her knowledge which may lead to occurrence of sensitive actions. …
Recently I was been working on Facebook Whitehat program and I wanted to explain a bug which I found — OPEN REDIRECT
Hey, hope all are good. I’m Abhisek here
Disclaimer: This is for educational purposes only. I’m not in any way liable for any misuse.
When I was looking for low hanging bugs on Facebook, open redirect was the one which attracted me. So quickly launched Facebook and looked the requests sent during the process of redirection.
Security Researcher | Google VRP | OWASP SASTRA University Chapter Lead | Bughunter | Backend Developer