Back to directory
WRITEUP #4231

Optimizing Hunting Results in VDP for use in Bug Bounty Programs - From Sensitive Information Disclosure to Accessing Hidden APIs which can be used to Retrieve Customer Data

ReconInformation disclosureBroken Access ControlIDORSQL injection
by@YokoAcc(YoKo Kho)
Bounty
4,750
Program
-
Published
Nov 15, 2020
Added to HackDex
Sep 15, 2022
Read Full Writeuphttp://www.firstsight.me/2020/11/optimizing-hunting-results-in-vdp-for-use-in-bug-bounty-programs-from-sensitive-information-disclosure-to-accessing-hidden-apis-which-can-be-used-to-retrieve-customer-data/
RELATED WRITEUPS
P3 (Medium) : How I Gain Access To NASA's Internal Workspace?!
ReconInformation disclosure
How I Got Bugs From Google Dorks
ReconInformation disclosure
How I can easily get four P1 at NASA using Simple Google Dorking.
ReconInformation disclosure
How 1 Exposed Honeywell API Gave us Control Over an Internal Engineering System
ReconMissing authentication
$1600 Bounty on a Main Domain
ReconSession fixation

Built with ❤️ by Shubham Rawat