OSWE | OSCP | CRT -

Justin Gardner and gr3pme talk about his journey with Bug Bounty. We cover LHEs, tips for picking and unlocking targets, how to approach a target and a bunch of bugs ranging from ATO in a fintech...

OSWE | OSCP | CRT -

Mathias is back with some fresh HTMX research, including CSP bypass using HTMX triggers, converting client-side response header injection to XSS, and bypassing HTMX disable. Some cool behaviour in...

Frans Rosen and Justin sit down to discuss and drop gold on X-correlation injection, with impacts and POCs ranging from JSON injection to RCE.

Using Cursor for POC creation, fresh research with some SQLi, encryption Oracles, file upload content types for XSS and a $5k clickjacking bounty on Google with a bunch of neat gadgets. Check it out...

In this HackerNotess, Justin and Roni Carta (@0xLupin) discuss their MVH win at the recent Google LHE, and drop some valuable takeaways from the event.

HackerNotes is back with some tasty exploit writeups, HackerOne AWC news and some match & replace tips for your next bug hunt.

Jhaddix returns on the pod covering: The Bug Hunters Methodology, target hunts, recon techniques, going deep on apps and more.

We're back and ready to deliver a bunch of new research including a new cheat sheet for URL validation bypass from Portswigger, the introduction of Sanic DNS as a high-speed DNS resolver, xsstools,...

The team are back with a whole bunch of tips and tricks off of the back of the research dropped at Defcon.

Weekly security research, WAF bypasses and better reporting. Check it out in this HackerNotes post.

The guys deep-dive on the topic of Vulnerability Disclosure Programs (VDPs) and whether they are beneficial or not. We also touch on the topic of leaderboard accuracy, and some methods of bypassing...

CSP Bypasses in GitHub, GitLab Pipeline Criticals, Tips for Full-Time Bug Bounty, and a Browser Behavior Gadget with Johan Carls

Youssef and the guys sit down during the LHE to discuss all things ATO and client-side madness.

The guys cover the YesWeHack Louis Vuitton LHE, browser market shares and browser behaviours, OAuth redirect_uri bypasses, documented bug bounty journeys and Googles intent to ship features.

This episode is all about the Portswigger top 10 research of 2023. We’ve done our own spin on this, the HackerNotes top 5.

Justin and Joel are back with some additional research resources that didn’t make the Portswigger Top-Ten: HTML quirks, CSS injection, XSS, and JS analysis.

The guys sit down with Sam Curry to discuss the ethical boundaries of research, his methdology and approach to his research, and a bunch of other cool bugs he's found.

Novel BXSS techniques, a 40k desktop RCE writeup, and NahamSec's tips for bug bounty success

Justin is joined by Jasmin Landry to share some cool exploit chains, OAuth bugs and unexpected configuration file injection.

The guys drop some useful gadgets they look for when hunting, along with gadgets that get their hacker intuition firing.

Exploiting .NET Remoting, Dom Purify Bypass, JS Deobfuscation, Delivering Impactful POCs, and Cloudflares CDN-CGI: Insights from Justin and Joel

Justin and Joel Drop the Pod While Attending Capital One's LHE and Have Some Valuable Takeaways from the Event.

Content from NahamCon, WAF Bypasses, iFrame research and more!

HackerNotes Goes Live, Joel scrapes H1 Bounty Data, Critical Gitlab CVE Leads to ATO, LLM Attacks and Code Review Tips

Metas' bug bounty program, NahamCon, CI/CD security and CSP bypasses.

Using Data Science to Win Bug Bounty With Mayonaise (aka Jon Colston)

Organizations: HackerOne's Platform Standards for assessing rewards for a report