$10000 Facebook SSRF (Bug Bounty)

1) Subdomains Enumeration

2) Javascript File Bruteforcing

3) Code Review of Home.js

Exploitation:

POC:

Timeline:

--

--

--

Entrepreneur & cyber security enthusiast doing bug bounty for fun.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

HALO Network — January 2022 — Week 1 Report

Daily Operational Newsletter from ZKSwap Team

Vulnserver BOF

6 best internet security suites for your online business in 2021

Best Internet Security Suites

It’s True! There Really Are Cookie Monsters

Privacy remains consumers’ biggest fears about connected devices

{UPDATE} Sea Animal Coloring Book Hack Free Resources Generator

The $SCY IDO Process on SolRazr

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Amine Aboud

Amine Aboud

Entrepreneur & cyber security enthusiast doing bug bounty for fun.

More from Medium

My Pentest Log -1 — (Fuzzing + Information Disclosure)

Full account takeover(AT0)-A tale of two bugs

XSS Attacks

Interesting Stored XSS