Downloading Private Files from ProjectSend - An IDOR Vulnerability
In a previous post I explained that my research into security vulnerabilities in Pi-hole led to me to discovering a more severe vulnerability in another proj...
Posts by Tag
vulnerability
Finding a ‘harmless’ Pi-hole vulnerability
In my journey as a bug bounty hunter, one of the things that I do all the time is pentesting web applications without access to the source code. This is know...
grc
Implementing NIST CSF 2.0 in a homelab environment
In the over 6 years I’ve worked in the field of cybersecurity, I am still surprised by the many threats and vulnerabilities that are out there. As a bug boun...