Sign in

A Tale of my ATOs

Hi fellow hackers, I’m mechboy. This is my first write-up. In this blog, I will share, how I was able to hack a popular website. Ok, let’s start…….

P1 in 10 minutes

It was hackerone private program so I can’t disclose its name. Let’s assume it as “redacted.com”. That Program had very small scope so I decide to hunt in the main domain. Actually, I won’t do recon but not now. So directly I jumped for testing. Just powered up my burp and browser to monitor the requests. While looking users dashboard there was an option to change email…

mechboy

learn anything which gives the feel of learning

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store