Security Articles

A huge collection at https://github.com/djadmin/awesome-bug-bounty

Deserialization

• Java Deserialization in manager.paypal.com by Michael Stepankin

• Instagram’s Million Dollar Bug by Wesley Wineberg

• (Ruby Cookie Deserialization RCE on facebooksearch.algolia.com by Michiel Prins (michiel)

• Java deserialization by meals

Race Condition

• Race conditions on Facebook, DigitalOcean and others (fixed) by Josip Franjković

• Race Conditions in Popular reports feature in HackerOne by Fábio Pires (shmoo)

Business Logic Flaw

• Facebook simple technical hack to see the timeline by Ashish Padelkar

• How I Could Steal Money from Instagram, Google and Microsoft by Arne Swinnen

• How I could have removed all your Facebook notes

• Facebook – bypass ads account’s roles vulnerability 2015 by POUYA DARABI

• Uber Ride for Free by anand praka

• Uber Eat for Free by

Authentication Bypass

• OneLogin authentication bypass on WordPress sites via XMLRPC in Uber by Jouko Pynnönen (jouko)

• 2FA PayPal Bypass by henryhoggard

• SAML Bug in Github worth 15000

• Authentication bypass on Airbnb via OAuth tokens theft

• Uber Login CSRF + Open Redirect -> Account Takeover at Uber

• [http://c0rni3sm.blogspot.hk/2017/08/accidentally-typo-to-bypass.html?m=1](Administrative Panel Access) by c0rni3sm

• Uber Bug Bounty: Gaining Access To An Internal Chat System by mishre

• User Account Takeover via Signup by Muhammad Khizer Javed

HTTP Header Injection

• Twitter Overflow Trilogy in Twitter by filedescriptor

• Twitter CRLF by filedescriptor

• Adblock Plus and (a little) more in Google

• $10k host header by Ezequiel Pereira

Email Related

• This domain is my domain – G Suite A record vulnerability

• I got emails – G Suite Vulnerability

• How I snooped into your private Slack messages [Slack Bug bounty worth $2,500]

• Reading Uber’s Internal Emails [Uber Bug Bounty report worth $10,000]

• Slack Yammer Takeover by using TicketTrick by Inti De Ceukelaire

• How I could have mass uploaded from every Flickr account!

Money Stealing

• Round error issue -> produce money for free in Bitcoin Site by 4lemon

Others

• Payment Flaw in Yahoo

• Bypassing Google Email Domain Check to Deliver Spam Email on Google’s Behalf

• When Server Side Request Forgery combine with Cross Site Scripting

• SAML Pen Test Good Paper

• A list of FB writeup collected by phwd by phwd

• NoSQL Injection by websecurify

• CORS in action

• CORS in Fb messenger

• Web App Methodologies

• XXE Cheatsheet

• The road to hell is paved with SAML Assertions, Microsoft Vulnerability

• Study this if you like to learn Mongo SQL Injection by cirw

• Mongo DB Injection again by websecrify

• w3af speech about modern vulnerability by w3af

• Web cache attack that lead to account takeover

• A talk to teach you how to use SAML Raider

• XSS Checklist when you have no idea how to exploit the bug

• CTF write up, Great for Bug Bounty

• It turns out every site uses jquery mobile with Open Redirect is vulnerable to XSS by sirdarckcat

• Bypass CSP by using google-analytics

• Payment Issue with Paypal

• Browser Exploitation in Chinese

• XSS bypass filter

• Markup Impropose Sanitization

• Breaking XSS mitigations via Script Gadget

• X41 Browser Security White Paper

• Improper Input Validation | Add Custom Text and URLs In SMS send by Snapchat By Muhammad Khizer Javed

• Exploiting Insecure Firebase Database! By Muhammad Khizer Javed

• Using Inspect Element to Bypass Security restrictions By Muhammad Khizer Javed

Information Disclosure

• Hacking SMS API Service Provider of a Company |Android App Static Security Analysis By Muhammad Khizer Javed

• Vine User Private information disclosure

• The feature works as intended, but what’s in the source? By zseano

• How Our Co-Founder Earned $10.6K in just 10 Hours By Tensecure Systems

So these were some common issues that one should get a grip on and learn more and more about Following is a list of some Attacks Topics that You Should do some research and read the Blogs/reports on them.