💪Bug Bounty Challenge

I made this list for me from this awsome Bug BOunty Writeups List

https://github.com/krishanthan4/Awesome-Bugbounty-Writeupsgithub.com

Week 1

• Day 1 = CORS bug on google's 404 page (rewarded)

• Day 2 = Google Bug bounty Clickjacking on Google payment

• Day 3 = From P5 to P2 to 100 BXSS

• Day 4 = How a simple CSRF attack turned into a P1

• Day 5 = Disclose Private Dashboard Chart's name and data in Facebook Analytics

• Day 6 = How I bought my way to subdomain takeover on tokopedia

• Day 7 = Touch ID authentication Bypass on evernote and dropbox iOS apps

Week 2

• Day 1 = RFI LFI Writeup

• Day 2 = 2FA Bypass via logical rate limiting Bypass

• Day 3 = Long String DOS

• Day 4 = Exploiting a Race condition vulnerabililty

• Day 5 = Exploiting an SSRF trials and tribulations

• Day 6 = Tricky oracle SQLI situation

• Day 7 = Microsoft RCE bugbounty

Week 3

• Day 1 = CORS misconfiguration leading to private information disclosure

• Day 2 = Google APIs Clickjacking worth 1337$

• Day 3 = Google Acquisition XSS (Apigee)

• Day 4 = How I exploited the json csrf with method override technique

• Day 5 = Disclosing privately shared gaming clips of any user

• Day 6 = Subdomain Takeover via pantheon

• Day 7 = Oauth authentication bypass on airbnb acquistion using wierd 1 char open redirect

Week 4

• Day 1 = My first LFI

• Day 2 = Bypass 2FA in a website

• Day 3 = AIRDOS

• Day 4 = Race condition that could result to RCE a story with an app

• Day 5 = SSRF on PDF generator

• Day 6 = Exploiting “Google BigQuery” SQLI

• Day 7 = OTP bruteforce account takeover