# Security Articles A huge collection at **Deserialization** * [Java Deserialization in manager.paypal.com](http://artsploit.blogspot.hk/2016/01/paypal-rce.html) by Michael Stepankin * [Instagram’s Million Dollar Bug](http://www.exfiltrated.com/research-Instagram-RCE.php) by Wesley Wineberg * [(Ruby Cookie Deserialization RCE on facebooksearch.algolia.com](https://hackerone.com/reports/134321) by Michiel Prins (michiel) * [Java deserialization](https://seanmelia.wordpress.com/2016/07/22/exploiting-java-deserialization-via-jboss/) by meals #### Race Condition * [Race conditions on Facebook, DigitalOcean and others (fixed)](http://josipfranjkovic.blogspot.hk/2015/04/race-conditions-on-facebook.html) by Josip Franjković * [Race Conditions in Popular reports feature in HackerOne](https://hackerone.com/reports/146845) by Fábio Pires (shmoo) #### Business Logic Flaw * [Facebook simple technical hack to see the timeline](http://ashishpadelkar.com/index.php/2015/09/23/facebook-simple-technical-bug-worth-7500/) by Ashish Padelkar * [How I Could Steal Money from Instagram, Google and Microsoft](https://www.arneswinnen.net/2016/07/how-i-could-steal-money-from-instagram-google-and-microsoft/) by Arne Swinnen * [How I could have removed all your Facebook notes](http://www.anandpraka.sh/2015/12/summary-this-blog-post-is-about.html) * [Facebook – bypass ads account’s roles vulnerability 2015](http://blog.darabi.me/2015/03/facebook-bypass-ads-account-roles.html) by POUYA DARABI * [Uber Ride for Free](http://www.anandpraka.sh/2017/03/how-anyone-could-have-used-uber-to-ride.html) by anand praka * [Uber Eat for Free](https://t.co/MCOM7j2dWX) by #### Authentication Bypass * [OneLogin authentication bypass on WordPress sites via XMLRPC in Uber](https://hackerone.com/reports/138869) by Jouko Pynnönen (jouko) * [2FA PayPal Bypass](https://henryhoggard.co.uk/blog/Paypal-2FA-Bypass) by henryhoggard * [SAML Bug in Github worth 15000](http://www.economyofmechanism.com/github-saml.html) * [Authentication bypass on Airbnb via OAuth tokens theft](https://www.arneswinnen.net/2017/06/authentication-bypass-on-airbnb-via-oauth-tokens-theft/) * [Uber Login CSRF + Open Redirect -> Account Takeover at Uber](http://ngailong.com/uber-login-csrf-open-redirect-account-takeover/) * \[ Panel Access) by c0rni3sm * [Uber Bug Bounty: Gaining Access To An Internal Chat System](http://blog.mish.re/index.php/2017/09/06/uber-bug-bounty-gaining-access-to-an-internal-chat-system/) by mishre * [User Account Takeover via Signup](https://blog.securitybreached.org/2020/01/22/user-account-takeover-via-signup-feature-bug-bounty-poc/) by Muhammad Khizer Javed #### HTTP Header Injection * [Twitter Overflow Trilogy in Twitter](https://blog.innerht.ml/overflow-trilogy/) by filedescriptor * [Twitter CRLF](https://blog.innerht.ml/twitter-crlf-injection/) by filedescriptor * [Adblock Plus and (a little) more in Google](https://adblockplus.org/blog/finding-security-issues-in-a-website-or-how-to-get-paid-by-google) * [$10k host header](https://sites.google.com/site/testsitehacking/10k-host-header) by Ezequiel Pereira ### Email Related * [This domain is my domain – G Suite A record vulnerability](http://blog.pentestnepal.tech/post/156959105292/this-domain-is-my-domain-g-suite-a-record) * [I got emails – G Suite Vulnerability](http://blog.pentestnepal.tech/post/156707088037/i-got-emails-g-suite-vulnerability) * [How I snooped into your private Slack messages \[Slack Bug bounty worth $2,500\]](http://blog.pentestnepal.tech/post/150381068912/how-i-snooped-into-your-private-slack-messages) * [Reading Uber’s Internal Emails \[Uber Bug Bounty report worth $10,000\]](http://blog.pentestnepal.tech/post/149985438982/reading-ubers-internal-emails-uber-bug-bounty) * [Slack Yammer Takeover by using TicketTrick](https://medium.com/@intideceukelaire/how-i-hacked-hundreds-of-companies-through-their-helpdesk-b7680ddc2d4c) by Inti De Ceukelaire * [How I could have mass uploaded from every Flickr account!](https://ret2got.wordpress.com/2017/10/05/how-i-could-have-mass-uploaded-from-every-flickr-account/) ### Money Stealing * [Round error issue -> produce money for free in Bitcoin Site](https://hackerone.com/reports/176461) by 4lemon ### Others * [Payment Flaw in Yahoo](http://ngailong.com/abusing-multistage-logic-flaw-to-buy-anything-for-free-at-hk-deals-yahoo-com/) * [Bypassing Google Email Domain Check to Deliver Spam Email on Google’s Behalf](http://ngailong.com/bypassing-google-email-domain-check-to-deliver-spam-email-on-googles-behalf/) * [When Server Side Request Forgery combine with Cross Site Scripting](http://ngailong.com/what-could-happen-when-server-side-request-forgery-combine-with-cross-site-scripting/) * [SAML Pen Test Good Paper](http://research.aurainfosec.io/bypassing-saml20-SSO/) * [A list of FB writeup collected by phwd](https://www.facebook.com/notes/phwd/facebook-bug-bounties/707217202701640) by phwd * [NoSQL Injection](http://blog.websecurify.com/2014/08/hacking-nodejs-and-mongodb.html) by websecurify * [CORS in action](http://www.geekboy.ninja/blog/exploiting-misconfigured-cors-cross-origin-resource-sharing/) * [CORS in Fb messenger](http://www.cynet.com/blog-facebook-originull/) * [Web App Methodologies](https://blog.zsec.uk/ltr101-method-to-madness/) * [XXE Cheatsheet](https://www.silentrobots.com/blog/2015/12/14/xe-cheatsheet-update/) * [The road to hell is paved with SAML Assertions, Microsoft Vulnerability](http://www.economyofmechanism.com/office365-authbypass.html#office365-authbypass) * [Study this if you like to learn Mongo SQL Injection](https://cirw.in/blog/hash-injection) by cirw * [Mongo DB Injection again](http://blog.websecurify.com/2014/08/hacking-nodejs-and-mongodb.html) by websecrify * [w3af speech about modern vulnerability](https://www.youtube.com/watch?v=GNU0_Uzyvl0) by w3af * [Web cache attack that lead to account takeover](http://omergil.blogspot.co.il/2017/02/web-cache-deception-attack.html) * [A talk to teach you how to use SAML Raider](https://www.usenix.org/conference/usenixsecurity12/technical-sessions/presentation/somorovsky) * [XSS Checklist when you have no idea how to exploit the bug](http://d3adend.org/xss/ghettoBypass) * [CTF write up, Great for Bug Bounty](https://ctftime.org/writeups?tags=web200\&hidden-tags=web%2cweb100%2cweb200) * [It turns out every site uses jquery mobile with Open Redirect is vulnerable to XSS](http://sirdarckcat.blogspot.com/2017/02/unpatched-0day-jquery-mobile-xss.html) by sirdarckcat * [Bypass CSP by using google-analytics](https://hackerone.com/reports/199779) * [Payment Issue with Paypal](https://hackerone.com/reports/219215) * [Browser Exploitation in Chinese](http://paper.seebug.org/) * [XSS bypass filter](https://t.co/0Kpzo52ycb) * [Markup Impropose Sanitization](https://github.com/ChALkeR/notes/blob/master/Improper-markup-sanitization.md) * [Breaking XSS mitigations via Script Gadget](https://www.blackhat.com/docs/us-17/thursday/us-17-Lekies-Dont-Trust-The-DOM-Bypassing-XSS-Mitigations-Via-Script-Gadgets.pdf) * [X41 Browser Security White Paper](https://browser-security.x41-dsec.de/X41-Browser-Security-White-Paper.pdf) * [Improper Input Validation | Add Custom Text and URLs In SMS send by Snapchat](https://blog.securitybreached.org/2020/01/26/improper-input-validation-add-custom-text-and-urls-in-sms-send-by-snapchat-bug-bounty-poc/) By Muhammad Khizer Javed * [Exploiting Insecure Firebase Database!](https://blog.securitybreached.org/2020/02/04/exploiting-insecure-firebase-database-bugbounty/) By Muhammad Khizer Javed * [Using Inspect Element to Bypass Security restrictions](https://blog.securitybreached.org/2020/06/30/using-inspect-element-to-bypass-security-restrictions-bug-bounty-poc/) By Muhammad Khizer Javed ### Information Disclosure * [Hacking SMS API Service Provider of a Company |Android App Static Security Analysis](https://blog.securitybreached.org/2020/02/19/hacking-sms-api-service-provider-of-a-company-android-app-static-security-analysis-bug-bounty-poc/) By Muhammad Khizer Javed * [Vine User Private information disclosure](https://bugbountypoc.com/vine-user-private-information-disclosure/) * [The feature works as intended, but what’s in the source?](https://medium.com/@zseano/the-feature-works-as-intended-but-whats-in-the-source-d29f9401bcf6) By zseano * [How Our Co-Founder Earned $10.6K in just 10 Hours](https://medium.com/@tensecure/how-our-co-founder-earned-10-6k-in-just-10-hours-ea323e2f06b1) By Tensecure Systems So these were some common issues that one should get a grip on and learn more and more about Following is a list of some Attacks Topics that You Should do some research and read the Blogs/reports on them.