Chain of hacks leading to Database Compromise!

IIS welcome page to source code review to LFI!

Directory Traversal, SQL Injection and Server-Side Request Forgery

The Hunt for XXE to LFI: How I Uncovered CVE-2019–9670 in a Bug Bounty Program

$15k RCE Through Monitoring Debug Mode

NTLM Credential Theft in Python Windows Applications