A Case Study of API Vulnerabilities

OverviewThis writeup details a series of vulnerabilities I encountered a few months ago on a single private program. The company did specify that they would like to read the writeup before publication to approve it first. Unfortunately, the private program has since been shut down, and the email account that…

Oauth client secret leak and possible IDOR leading to PII Disclosure

Given that this vulnerability is still in triage, I will give a vague overview of the bug chain. Whilst working on my automation, I was investigating various interesting subdomains that it had found. One given subdomain was owned by a SaaS bug bounty program. I was reading the HTML source…

January 2021 - My first bounty

The first bounty is a milestone that many hope to hit. It marks the starting line for a lot of bug bounty hunters today. Mine was interesting. For privacy's sake, I won't disclose the company. My first bug was an IDOR. IDOR stands for Insecure Direct Object Reference - that…