Writeups Bug Bounty hackerone

5 minute read

Information Disclosure

subdomain takeover

AWS

Host Header Injection

Open Redirect

XSS

Server Side Template Injection

CORS

SQL

CRLF injection

Command Injection

XPath

LDAP

GraphQL injection

CSRF

SSRF

Remote File Inclusion

Local File Inclusion

Path Traversal

XXE

Session hijacking

Session Fixation

IDOR

default credentials

oauth

JWT

SAML

2FA

Race Conditions

Type Juggling

rate limiting

HTTP parameter pollution

Web cache deception

HTTP request Smuggling

RCE

Clickjacking

Deserialization

Mass Assignment Vulnerability

websocket

Account Takeover