Pwning the portal: from database dump to session hijacking

Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities

How Almost Sacrificing a University Group Project led to a Microsoft Bug Bounty

Directory Traversal, SQL Injection and Server-Side Request Forgery

Self-XSS to ATO via Site Features

How 100% Manual Hacking (Without Even Kali And Burp) Led To 2 Medium Vulnerabilities On YesWeHack