Hey, I’m Abhisek. Back with another write up. This write up is based upon my bug hunting tactics of increasing impact of information disclosure. With no further delay, Let’s start *_*
Hello guys, Hope all are doing good. I’m Abhisek, here’s a small write up on CSRF vulnerability I found in a Bug Bounty program. Don’t worry new people, Its beginner friendly.
Since I’m not supposed to disclose the site, Let’s take redacted[dot]com as our target. Okay, moving ahead.
First of all, What does Cross-Site Request Forgery (CSRF) mean? On simple words. It is kind of a one click attack, where a malicious request is submitted by the victim without his/her knowledge which may lead to occurrence of sensitive actions. …
Recently I was been working on Facebook Whitehat program and I wanted to explain a bug which I found — OPEN REDIRECT
Hey, hope all are good. I’m Abhisek here
Disclaimer: This is for educational purposes only. I’m not in any way liable for any misuse.
When I was looking for low hanging bugs on Facebook, open redirect was the one which attracted me. So quickly launched Facebook and looked the requests sent during the process of redirection.