IntroThis blog post is a more general one than my usual posts. I'll try and cover two things; an SSRF bug in an API, and a cool productivity system I use. SSRF with Secondary Context Path TraversalThis writeup presents another thing to test for when you have a full-or-partial-read SSRF.…
OverviewThis writeup details a series of vulnerabilities I encountered a few months ago on a single private program. The company did specify that they would like to read the writeup before publication to approve it first. Unfortunately, the private program has since been shut down, and the email account that…
Note: I updated my Ghost instance but forgot to back up images, so all of the images that were on this blog are now gone forever. cries but anyway The Story And Some NotesIn September, I was fortunate enough to be selected as a team member of Team Ireland. I…
I participated in the H@cktivityCon 2021 CTF alongside some talented hackers - we placed 57th out of over 2,000 participating teams. My contributions weren't that big - but I did learn a lot. Most of the challenges I solved were easy. Bad Words The general aim of Bad…
Given that this vulnerability is still in triage, I will give a vague overview of the bug chain. Whilst working on my automation, I was investigating various interesting subdomains that it had found. One given subdomain was owned by a SaaS bug bounty program. I was reading the HTML source…