Recent Posts

Two Years of Bug Bounty Hunting

7 minute read

Two years ago this month, I created my first bug bounty account on Bugcrowd. I decided to try my hand at bug bounty hunting for a number of months. As outlin...

XXE Case Studies

4 minute read

As it has been some time since my last blog post, I decided I would set aside some time to write one now. The topic of this blog post is inspired by a bug I ...

OSEP & PEN-300 Course Review

8 minute read

I am proud to have completed Offensive Security’s Evasion Techniques and Breaching Defenses (PEN-300) course. After successfully passing the 48-hour exam, I ...

Bug Hunting Thoughts & Statistics

2 minute read

Today marks a huge personal milestone in my bug bounty hunting career. I have achieved an all-time ranking of top 100 on Bugcrowd. This accomplishment comes ...

CVE-2020-6637

2 minute read

OpenSIS v7.3 is vulnerable to unauthenticated SQL injection via the ‘username’ field, this allows for remote database compromise as well as authentication by...